Security in hybrid ITS networks

Dissertação para obtenção do Grau de Mestre em Engenharia Informática e de ComputadoresSistemas de Transportes Inteligentes e Cooperativos (C-ITS) visam melhorar a segurança e a sustentabilidade dos transportes. No entanto, a comunicação dos sistemas Vehicleto-Everything é inerentemente aberta, levando a vulnerabilidades que atacantes podem explorar. Isto é uma ameaça a todos os utilizadores rodoviários, pois falhas de segurança podem levar a violações de privacidade ou a fatalidades. Além disso, elevadas taxas de mortalidade estão correlacionadas com utilizadores de mobilidade suave. Logo, no desenvolvimento de sistemas C-ITS, é crucial considerar, além dos veículos conectados, os utilizadores de mobilidade suave e os veículos sem a devida tecnologia. Este estudo apresenta uma nova abordagem desenvolvida no contexto emergente das redes híbridas, combinando tecnologias ITS-G5 e celulares. Dois protocolos, MFSPV e DLAPP, foram implementados e avaliados para introduzir garantias de segurança (como privacidade e integridade) nas comunicações dentro do ambiente híbrido C-ITS desenvolvido. Assim, este trabalho integra, com segurança, estações ITS conectadas por G5 e utilizadores de mobilidade suave, através de uma aplicação móvel via redes celulares. Para tal, utilizou-se equipamentos reais, incluindo on-board e roadside units. Tempos computacionais, de latência e de ponta-a-ponta (E2E) foram usados para avaliar o desempenho do sistema. O protocolo MFSPV supera o DLAPP em eficiência computacional, mas o DLAPP atinge uma latência de rede ligeiramente menor. No entanto, ambos introduzem apenas um atraso adicional de 11% nas comunicações híbridas E2E. A comunicação híbrida impõe, em média, 28.29ms extra de tempo E2E. A proposta mostra-se promissora, visto que atinge tempos de E2E abaixo dos requisitos de latência impostos na maioria dos casos de utilização do C-ITS.Cooperative Intelligent Transport Systems (C-ITS) continue to be developed to enhance transportation safety and sustainability. However, the communication of Vehicle-to-Everything systems is inherently open, leading to vulnerabilities that attackers can exploit.This represents a threat to all road users, as security failures can lead to privacy violations or even fatalities. Moreover, a high fatality rate is correlated with softmobility road users. So, in the development of C-ITS systems, it is crucial to broaden the perspective beyond connected vehicles to soft-mobility users and legacy vehicles. This study presents a novel approach developed in the context of emerging hybrid networks, combining ITS-G5 and cellular technologies. Two protocols, MFSPV and DLAPP, were implemented and evaluated to introduce security guarantees (such as privacy and integrity) in communications within the developed C-ITS hybrid environment. As a result, this work securely integrates G5-connected ITS stations and softmobility users through a smartphone application via cellular networks. Real equipment was utilised for this goal, including on-board and roadside units. Computational, latency and end-to-end times were used to assess the system performance.MFSPV outperforms DLAPP in computational efficiency, but DLAPP achieves a slightly lower network latency. Nevertheless, both only introduce an additional 11% delay in hybrid end-to-end communications. Hybrid communication imposes, on average, an extra 28.29ms of end-to-end time. The proposal shows promise as it reaches end-to-end times below the latency requirements imposed in most C-ITS use cases.N/

Location Privacy in VANETs: Improved Chaff-Based CMIX and Privacy-Preserving End-to-End Communication

VANETs communication systems are technologies and defined policies that can be formed to enable ITS applications to provide road traffic efficacy, warning about such issues as environmental dangers, journey circumstances, and in the provision of infotainment that considerably enhance transportation safety and quality. The entities in VANETs, generally vehicles, form part of a massive network known as the Internet of Vehicles (IoV). The deployment of large-scale VANETs systems is impossible without ensuring that such systems are themselves are safe and secure, protecting the privacy of their users. There is a risk that cars might be hacked, or their sensors become defective, causing inaccurate information to be sent across the network. Consequently, the activities and credentials of participating vehicles should be held responsible and quickly broadcast throughout a vast VANETs, considering the accountability in the system. The openness of wireless communication means that an observer can eavesdrop on vehicular communication and gain access or otherwise deduce users' sensitive information, and perhaps profile vehicles based on numerous factors such as tracing their travels and the identification of their home/work locations. In order to protect the system from malicious or compromised entities, as well as to preserve user privacy, the goal is to achieve communication security, i.e., keep users' identities hidden from both the outside world and the security infrastructure and service providers. Being held accountable while still maintaining one's privacy is a difficult balancing act. This thesis explores novel solution paths to the above challenges by investigating the impact of low-density messaging to improve the security of vehicle communications and accomplish unlinkability in VANETs. This is achieved by proposing an improved chaff-based CMIX protocol that uses fake messages to increase density to mitigate tracking in this scenario. Recently, Christian \etall \cite{vaas2018nowhere} proposed a Chaff-based CMIX scheme that sends fake messages under the presumption low-density conditions to enhance vehicle privacy and confuse attackers. To accomplish full unlinkability, we first show the following security and privacy vulnerabilities in the Christian \etall scheme: linkability attacks outside the CMIX may occur due to deterministic data-sharing during the authentication phase (e.g., duplicate certificates for each communication). Adversaries may inject fake certificates, which breaks Cuckoo Filters' (CFs) updates authenticity, and the injection may be deniable. CMIX symmetric key leakage outside the coverage may occur. We propose a VPKI-based protocol to mitigate these issues. First, we use a modified version of Wang \etall's \cite{wang2019practical} scheme to provide mutual authentication without revealing the real identity. To this end, a vehicle's messages are signed with a different pseudo-identity “certificate”. Furthermore, the density is increased via the sending of fake messages during low traffic periods to provide unlinkability outside the mix-zone. Second, unlike Christian \etall's scheme, we use the Adaptive Cuckoo Filter (ACF) instead of CF to overcome the effects of false positives on the whole filter. Moreover, to prevent any alteration of the ACFs, only RUSs distribute the updates, and they sign the new fingerprints. Third, mutual authentication prevents any leakage from the mix zones' symmetric keys by generating a fresh one for each communication through a Diffie–Hellman key exchange. As a second main contribution of this thesis, we focus on the V2V communication without the interference of a Trusted Third Party (TTP)s in case this has been corrupted, destroyed, or is out of range. This thesis presents a new and efficient end-to-end anonymous key exchange protocol based on Yang \etall's \cite{yang2015self} self-blindable signatures. In our protocol, vehicles first privately blind their own private certificates for each communication outside the mix-zone and then compute an anonymous shared key based on zero-knowledge proof of knowledge (PoK). The efficiency comes from the fact that once the signatures are verified, the ephemeral values in the PoK are also used to compute a shared key through an authenticated Diffie-Hellman key exchange protocol. Therefore, the protocol does not require any further external information to generate a shared key. Our protocol also does not require interfacing with the Roadside Units or Certificate Authorities, and hence can be securely run outside the mixed-zones. We demonstrate the security of our protocol in ideal/real simulation paradigms. Hence, our protocol achieves secure authentication, forward unlinkability, and accountability. Furthermore, the performance analysis shows that our protocol is more efficient in terms of computational and communications overheads compared to existing schemes.Kuwait Cultural Offic