Draft:Autonomous Key Management

Submission declined on 2 April 2025 by CF-501 Falcon (talk). This submission is not adequately supported by reliable sources. Reliable sources are required so that information can be verified. If you need help with referencing, please see Referencing for beginners and Citing sources. All four citations are written by the same author. The submitters username would make me think they are connected. If you would like to continue working on the submission, click on the "Edit" tab at the top of the window. If you have not resolved the issues listed above, your draft will be declined again and potentially deleted. If you need extra help, please ask us a question at the AfC Help Desk or get live help from experienced editors. Please do not remove reviewer comments or this notice until the submission is accepted. Where to get help If you need help editing or submitting your draft, please ask us a question at the AfC Help Desk or get live help from experienced editors. These venues are only for help with editing and the submission process, not to get reviews. If you need feedback on your draft, or if the review is taking a lot of time, you can try asking for help on the talk page of a relevant WikiProject. Some WikiProjects are more active than others so a speedy reply is not guaranteed. How to improve a draft Wikipedia:Contributing to Wikipedia – a basic overview on how to edit Wikipedia. Help:Wikitext – how to use the markup Help:Referencing for beginners – how to include references Wikipedia:Article development – how to develop your article Wikipedia:Writing better articles – how to improve your article Wikipedia:Verifiability – make sure your article includes reliable third-party sources You can also browse Wikipedia:Featured articles and Wikipedia:Good articles to find examples of Wikipedia's best writing on topics similar to your proposed article. Improving your odds of a speedy review To improve your odds of a faster review, tag your draft with relevant WikiProject tags using the button below. This will let reviewers know a new draft has been submitted in their area of interest. For instance, if you wrote about a female astronomer, you would want to add the Biography, Astronomy, and Women scientists tags. Add tags to your draft Editor resources Easy tools: Citation bot (help) | Advanced: Fix bare URLs Declined by CF-501 Falcon 7 hours ago. Last edited by CF-501 Falcon 7 hours ago. Reviewer: Inform author. Resubmit Please note that if the issues are not fixed, the draft will be declined again.

• Comment: Please add sources written by people other than Jon Shields. CF-501 Falcon (talk · contribs) 19:41, 2 April 2025 (UTC)

Autonomous Key Management (AKM) is a decentralized, distributed, ledger-based key management system and multi-point communication security protocol layer, designed primarily for internal automotive vehicle communication. It was created in response to the identified security challenges within the automotive industry in 2014.

AKM was developed to address security concerns in automotive vehicle networks, which are considered a microcosm of complex, mission-critical, and safety-critical IoT closed systems. The need for AKM was identified in 2014, driven by the open and unencrypted nature of the automotive bus at the time. AKM aimed to provide a more secure alternative to the then-existing solutions, which were often watered-down implementations of Public Key Infrastructure (PKI).

The primary goals of AKM were to simplify the security process within vehicles, eliminate asymmetric key exchange, reduce implementation and maintenance costs, enable shared security credentials among nodes to form a cryptographic trust relationship, and refresh security credentials frequently. These goals were translated into specific requirements, including simplifying authentication, ensuring unique security credentials for each AKM Trust Relationship (ATR), achieving zero-knowledge authentication without a third party, minimizing latency, automating credential refresh, and eliminating common attacks such as Man-in-the-Middle (MITM) and Replay Attacks.

AKM operates as a decentralized, distributed, ledger-based key management system and can be implemented on top of UDP and/or TCP, directly on a physical layer driver with a proprietary transport layer, or within the MAC layer. It uses a broadcast architecture to support true multi-point end-to-end encryption, making it a potential drop-in replacement for PKI + TLS.

AKM offers a range of features, including:

Maintenance-free operation once an AKM Trust Relationship (ATR) is provisioned.

Real-time data analytics on a per-frame basis.

Built-in intrusion detection and automatic breach recovery and re-provisioning.

Secure boot with device authentication using AKM Protocol Identifiers and hardware secure elements.

Anti-spoofing and network authorization through unique device association and automatic ATR updates.

Replay attack protection via a replay counter in every frame.

Perfect forward secrecy through the use of a Parameter Data Vector (PDV) for calculating security credentials.

Security credentials that are re-generated rather than derived, ensuring unpredictability.

Enterprise-grade entropy with a minimum PDV size of 128 and a subset size of 15.

Scalability at IoT scale with no limitation on the number of nodes or size of an ATR.

Unlimited AKM Trust Relationships (ATRs) that can coexist on the same node.

Low-power and energy-efficient operation using linear hashing functions and symmetric encryption.

Low-overhead with minimal latency and a small digital footprint.

True multipoint end-to-end encryption for any number of nodes.

Quantum resilience due to the absence of public keys and shared secrets.

Limited threat surface through secure credential storage and the isolation of breaches to individual nodes.

Crypto-agility, allowing for easy replacement of cryptographic components.

AKM is designed to be versatile and can operate on virtually any type of device, network configuration, and operating system, requiring only a minimalist transport layer. It has been implemented in the past on top of a link-layer driver within a minimalist embedded RTOS.

Public Key Infrastructure

Transport Layer Security

Internet of Things

Automotive security

1. Shields, Jon (1 March 2017). "Autonomous Key Management (AKM): A Decentralized, Distributed, Ledger-Based Approach to Automotive Security". SAE International Journal of Connected and Automated Vehicles. 1 (2017–01–2101): 1–11. doi:10.4271/2017-01-2101. ISSN 2688-5577. {{cite journal}}: Check |issn= value (help)

2. US 10382208, Shields, Jon, "Secure communications using organically derived synchronized processes", published 13 August 2019 

3. US 10382196, Shields, Jon, "System and method for secure communications based on locally stored values", published 13 August 2019 

4. US 10263777, Shields, Jon, "Systems and methods for secure communications using organically derived synchronized encryption processes", published 16 April 2019 

Category:Computer security Category:Automotive security Category:Internet of Things