Implementation of a pseudonym-based signature scheme with bilinear pairings on Android

Privacy preservation is of paramount importance in the emerging smart city scenario, where numerous and diverse online services will be accessed by users through their mobile or wearable devices. In this scenario, service providers or eavesdroppers can track users’ activities, location, and interactions with other users, which may discourage citizens from accessing smart city services. Pseudonym-based systems have been proposed as an efficient solution to provide identity confidentiality, and more concretely pseudonym-based signature schemes have been suggested as an effective means to authenticate entities and messages privately. In this paper we describe our implementation of a pseudonym-based signature scheme, based on bilinear-pairings. Concretely, our implementation consists of an Android application that enables users to authenticate messages under self-generated pseudonyms, while still enabling anonymity revocation by a trusted third party in case of misbehavior. The paper presents a description of the implementation, performance results, and it also describes the use cases for which it was designed

Location Privacy in VANETs: Improved Chaff-Based CMIX and Privacy-Preserving End-to-End Communication

VANETs communication systems are technologies and defined policies that can be formed to enable ITS applications to provide road traffic efficacy, warning about such issues as environmental dangers, journey circumstances, and in the provision of infotainment that considerably enhance transportation safety and quality. The entities in VANETs, generally vehicles, form part of a massive network known as the Internet of Vehicles (IoV). The deployment of large-scale VANETs systems is impossible without ensuring that such systems are themselves are safe and secure, protecting the privacy of their users. There is a risk that cars might be hacked, or their sensors become defective, causing inaccurate information to be sent across the network. Consequently, the activities and credentials of participating vehicles should be held responsible and quickly broadcast throughout a vast VANETs, considering the accountability in the system. The openness of wireless communication means that an observer can eavesdrop on vehicular communication and gain access or otherwise deduce users' sensitive information, and perhaps profile vehicles based on numerous factors such as tracing their travels and the identification of their home/work locations. In order to protect the system from malicious or compromised entities, as well as to preserve user privacy, the goal is to achieve communication security, i.e., keep users' identities hidden from both the outside world and the security infrastructure and service providers. Being held accountable while still maintaining one's privacy is a difficult balancing act. This thesis explores novel solution paths to the above challenges by investigating the impact of low-density messaging to improve the security of vehicle communications and accomplish unlinkability in VANETs. This is achieved by proposing an improved chaff-based CMIX protocol that uses fake messages to increase density to mitigate tracking in this scenario. Recently, Christian \etall \cite{vaas2018nowhere} proposed a Chaff-based CMIX scheme that sends fake messages under the presumption low-density conditions to enhance vehicle privacy and confuse attackers. To accomplish full unlinkability, we first show the following security and privacy vulnerabilities in the Christian \etall scheme: linkability attacks outside the CMIX may occur due to deterministic data-sharing during the authentication phase (e.g., duplicate certificates for each communication). Adversaries may inject fake certificates, which breaks Cuckoo Filters' (CFs) updates authenticity, and the injection may be deniable. CMIX symmetric key leakage outside the coverage may occur. We propose a VPKI-based protocol to mitigate these issues. First, we use a modified version of Wang \etall's \cite{wang2019practical} scheme to provide mutual authentication without revealing the real identity. To this end, a vehicle's messages are signed with a different pseudo-identity “certificate”. Furthermore, the density is increased via the sending of fake messages during low traffic periods to provide unlinkability outside the mix-zone. Second, unlike Christian \etall's scheme, we use the Adaptive Cuckoo Filter (ACF) instead of CF to overcome the effects of false positives on the whole filter. Moreover, to prevent any alteration of the ACFs, only RUSs distribute the updates, and they sign the new fingerprints. Third, mutual authentication prevents any leakage from the mix zones' symmetric keys by generating a fresh one for each communication through a Diffie–Hellman key exchange. As a second main contribution of this thesis, we focus on the V2V communication without the interference of a Trusted Third Party (TTP)s in case this has been corrupted, destroyed, or is out of range. This thesis presents a new and efficient end-to-end anonymous key exchange protocol based on Yang \etall's \cite{yang2015self} self-blindable signatures. In our protocol, vehicles first privately blind their own private certificates for each communication outside the mix-zone and then compute an anonymous shared key based on zero-knowledge proof of knowledge (PoK). The efficiency comes from the fact that once the signatures are verified, the ephemeral values in the PoK are also used to compute a shared key through an authenticated Diffie-Hellman key exchange protocol. Therefore, the protocol does not require any further external information to generate a shared key. Our protocol also does not require interfacing with the Roadside Units or Certificate Authorities, and hence can be securely run outside the mixed-zones. We demonstrate the security of our protocol in ideal/real simulation paradigms. Hence, our protocol achieves secure authentication, forward unlinkability, and accountability. Furthermore, the performance analysis shows that our protocol is more efficient in terms of computational and communications overheads compared to existing schemes.Kuwait Cultural Offic

Pairing-based authentication protocol for V2G networks in smart grid

[EN] Vehicle to Grid (V2G) network is a very important component for Smart Grid (SG), as it offers new services that help the optimization of both supply and demand of energy in the SG network and provide mobile distributed capacity of battery storage for minimizing the dependency of non-renewable energy sources. However, the privacy and anonymity of users¿ identity, confidentiality of the transmitted data and location of the Electric Vehicle (EV) must be guaranteed. This article proposes a pairing-based authentication protocol that guarantees confidentiality of communications, protects the identities of EV users and prevents attackers from tracking the vehicle. Results from computing and communications performance analyses were better in comparison to other protocols, thus overcoming signaling congestion and reducing bandwidth consumption. The protocol protects EVs from various known attacks and its formal security analysis revealed it achieves the security goals.Roman, LFA.; Gondim, PRL.; Lloret, J. (2019). Pairing-based authentication protocol for V2G networks in smart grid. Ad Hoc Networks. 90:1-16. https://doi.org/10.1016/j.adhoc.2018.08.0151169

Managing and Complementing Public Key Infrastructure for Securing Vehicular Ad Hoc Networks

Recently, vehicular ad-hoc network (VANET) has emerged as an excellent candidate to change the life style of the traveling passengers along the roads and highways in terms of improving the safety levels and providing a wide range of comfort applications. Due to the foreseen impact of VANETs on our lives, extensive attentions in industry and academia are directed towards bringing VANETs into real life and standardizing its network operation. Unfortunately, the open medium nature of wireless communications and the high-speed mobility of a large number of vehicles in VANETs pose many challenges that should be solved before deploying VANETs. It is evident that any malicious behavior of a user, such as injecting false information, modifying and replaying the disseminated messages, could be fatal to other legal users. In addition, users show prime interest in protecting their privacy. The privacy of users must be guaranteed in the sense that the privacy-related information of a vehicle should be protected to prevent an observer from revealing the real identities of the users, tracking their locations, and inferring sensitive data. From the aforementioned discussion, it is clear that security and privacy preservation are among the critical challenges for the deployment of VANETs. Public Key Infrastructure (PKI) is a well-recognized solution to secure VANETs. However, the traditional management of PKI cannot meet the security requirements of VANETs. In addition, some security services such as location privacy and fast authentication cannot be provided by the traditional PKI. Consequently, to satisfy the security and privacy requirements, it is prerequisite to elaborately design an efficient management of PKI and complementary mechanisms for PKI to achieve security and privacy preservation for practical VANETs. In this thesis, we focus on developing an efficient certificate management in PKI and designing PKI complementary mechanisms to provide security and privacy for VANETs. The accomplishments of this thesis can be briefly summarized as follows. Firstly, we propose an efficient Distributed Certificate Service (DCS) scheme for vehicular networks. The proposed scheme offers a flexible interoperability for certificate service in heterogeneous administrative authorities, and an efficient way for any On-Board Units (OBUs) to update its certificate from the available infrastructure Road-Side Units (RSUs) in a timely manner. In addition, the DCS scheme introduces an aggregate batch verification technique for authenticating certificate-based signatures, which significantly decreases the verification overhead. Secondly, we propose an Efficient Decentralized Revocation (EDR) protocol based on a novel pairing-based threshold scheme and a probabilistic key distribution technique. Because of the decentralized nature of the EDR protocol, it enables a group of legitimate vehicles to perform fast revocation of a nearby misbehaving vehicle. Consequently, the EDR protocol improves the safety levels in VANETs as it diminishes the revocation vulnerability window existing in the conventional Certificate Revocation Lists (CRLs). Finally, we propose complementing PKI with group communication to achieve location privacy and expedite message authentication. In specific, the proposed complemented PKI features the following. First, it employs a probabilistic key distribution to establish a shared secret group key between non-revoked OBUs. Second, it uses the shared secret group key to perform expedite message authentication (EMAP) which replaces the time-consuming CRL checking process by an efficient revocation checking process. Third, it uses the shared secret group key to provide novel location privacy preservation through random encryption periods (REP) which ensures that the requirements to track a vehicle are always violated. Moreover, in case of revocation an OBU can calculate the new group key and update its compromised keys even if the OBU missed previous rekeying process. For each of the aforementioned accomplishments, we conduct security analysis and performance evaluation to demonstrate the reliable security and efficiency of the proposed schemes

On the Performance of Secure Vehicular Communication Systems

Vehicular communication (VC) systems are developed primarily to enhance transportation safety and efficiency. Vehicle-to-vehicle communication, in particular frequent cooperative awareness messages or safety beacons, have been considered over the past years as a main approach. Meanwhile, the need to provide security and safeguard the users privacy have been well understood, and security architectures for VC systems have been proposed. Although technical approaches to secure VC have several commonalities and a consensus has formed, there are critical questions that have remained largely unanswered: Are proposed security and privacy schemes practical? Can the secured VC systems support the VC-enabled applications as effectively as unsecured VC would? How should security be designed so that its integration into a VC system has the least impact on the system performance? In this paper, we provide answers to these questions, investigating the joint effect of a set of system parameters and components. We consider the stateof-the-art approach in secure VC, and we evaluate analytically and through simulations interdependencies among components and system characteristics. Overall, we identify the key design choices to deploy efficient and effective secure VC

Data-centric trust in ephemeral networks

New network types require new security concepts. Surprisingly, trust – the ultimate goal of security – has not evolved as much as other concepts. In particular, the traditional notion of building trust in entities seems inadequate in an ephemeral environment where contacts among nodes are often short-lived and non-recurrent. It is actually the trustworthiness of the data that entities generate that matters most in these ephemeral networks. And what makes things more interesting is the continuous "humanization" of devices, by making them reflect more closely their owners' preferences, including the human sense of costs. Hence, in this thesis we study the notion of data-centric trust in an ephemeral network of rational nodes. The definition of a new notion requires specifying the corresponding basis, measures, and raison d'être. In the following chapters, we address these issues. We begin by defining the system and security models of an example ephemeral network, namely a vehicular network. Next, we delve into the subject of revocation in vehicular networks, before creating and analyzing a game-theoretic model of revocation, where the notion of cost-aware devices makes its first appearance in this thesis. This model not only makes possible the comparison of different revocation mechanisms in the literature, but also leads to the design of an optimal solution, the RevoGame protocol. With the security architecture in place, we formally define data-centric trust and compare several mechanisms for evaluating it. Notably, we apply the Dempster-Shafer Theory to cases of high uncertainty. Last but not least, we show that data-centric trust can reduce the privacy loss resulting from the need to establish trust. We first create a model of the trust-privacy tradeoff and then analyze it with game theory, in an environment of privacy-preserving entities. Our analysis shows that proper incentives can achieve this elusive tradeoff

Mobile Ad-Hoc Networks

Being infrastructure-less and without central administration control, wireless ad-hoc networking is playing a more and more important role in extending the coverage of traditional wireless infrastructure (cellular networks, wireless LAN, etc). This book includes state-of the-art techniques and solutions for wireless ad-hoc networks. It focuses on the following topics in ad-hoc networks: vehicular ad-hoc networks, security and caching, TCP in ad-hoc networks and emerging applications. It is targeted to provide network engineers and researchers with design guidelines for large scale wireless ad hoc networks