Flexible Authentication in Vehicular Ad hoc Networks

A Vehicular Ad-Hoc Network (VANET) is a form of Mobile ad-hoc network, to provide communications among nearby vehicles and between vehicles and nearby fixed roadside equipment. The key operation in VANETs is the broadcast of messages. Consequently, the vehicles need to make sure that the information has been sent by an authentic node in the network. VANETs present unique challenges such as high node mobility, real-time constraints, scalability, gradual deployment and privacy. No existent technique addresses all these requirements. In particular, both inter-vehicle and vehicle-to-roadside wireless communications present different characteristics that should be taken into account when defining node authentication services. That is exactly what is done in this paper, where the features of inter-vehicle and vehicle-to-roadside communications are analyzed to propose differentiated services for node authentication, according to privacy and efficiency needs

Secure Position-Based Routing for VANETs

Vehicular communication (VC) systems have the potential to improve road safety and driving comfort. Nevertheless, securing the operation is a prerequisite for deployment. So far, the security of VC applications has mostly drawn the attention of research efforts, while comprehensive solutions to protect the network operation have not been developed. In this paper, we address this problem: we provide a scheme that secures geographic position-based routing, which has been widely accepted as the appropriate one for VC. Moreover, we focus on the scheme currently chosen and evaluated in the Car2Car Communication Consortium (C2C-CC). We integrate security mechanisms to protect the position-based routing functionality and services (beaconing, multi-hop forwarding, and geo-location discovery), and enhance the network robustness. We propose defense mechanisms, relying both on cryptographic primitives, and plausibility checks mitigating false position injection. Our implementation and initial measurements show that the security overhead is low and the proposed scheme deployable

Secure and robust multi-constrained QoS aware routing algorithm for VANETs

Secure QoS routing algorithms are a fundamental part of wireless networks that aim to provide services with QoS and security guarantees. In Vehicular Ad hoc Networks (VANETs), vehicles perform routing functions, and at the same time act as end-systems thus routing control messages are transmitted unprotected over wireless channels. The QoS of the entire network could be degraded by an attack on the routing process, and manipulation of the routing control messages. In this paper, we propose a novel secure and reliable multi-constrained QoS aware routing algorithm for VANETs. We employ the Ant Colony Optimisation (ACO) technique to compute feasible routes in VANETs subject to multiple QoS constraints determined by the data traffic type. Moreover, we extend the VANET-oriented Evolving Graph (VoEG) model to perform plausibility checks on the exchanged routing control messages among vehicles. Simulation results show that the QoS can be guaranteed while applying security mechanisms to ensure a reliable and robust routing service

An attribute-based framework for secure communications in vehicular ad hoc networks

In this paper, we introduce an attribute-based framework to achieve secure communications in vehicular ad hoc networks (VANETs), which enjoys several advantageous features. The proposed framework employs attribute-based signature (ABS) to achieve message authentication and integrity and protect vehicle privacy, which greatly mitigates the overhead caused by pseudonym/private key change or update in the existing solutions for VANETs based on symmetric key, asymmetric key, and identity-based cryptography and group signature. In addition, we extend a standard ABS scheme with traceability and revocation mechanisms and seamlessly integrate them into the proposed framework to support vehicle traceability and revocation by a trusted authority, and thus, the resulting scheme for vehicular communications does not suffer from the anonymity misuse issue, which has been a challenge for anonymous credential-based vehicular protocols. Finally, we implement the proposed ABS scheme using a rapid prototyping tool called Charm to evaluate its performance

Protocols and Architecture for Privacy-preserving Authentication and Secure Message Dissemination in Vehicular Ad Hoc Networks

The rapid development in the automotive industry and wireless communication technologies have enhanced the popularity of Vehicular ad hoc networks (VANETs). Today, the automobile industry is developing sophisticated sensors that can provide a wide range of assistive features, including accident avoidance, automatic lane tracking, semi-autonomous driving, suggested lane changes, and more. VANETs can provide drivers a safer and more comfortable driving experience, as well as many other useful services by leveraging such technological advancements. Even though this networking technology enables smart and autonomous driving, it also introduces a plethora of attack vectors. However, the main issues to be sorted out and addressed for the widespread deployment/adoption of VANETs are privacy, authenticating users, and the distribution of secure messages. These issues have been addressed in this dissertation, and the contributions of this dissertation are summarized as follows: Secure and privacy-preserving authentication and message dissemination in VANETs: Attackers can compromise the messages disseminated within VANETs by tampering with the message content or sending malicious messages. Therefore, it is crucial to ensure the legitimacy of the vehicles participating in the VANETs as well as the integrity and authenticity of the messages transmitted in VANETs. In VANET communication, the vehicle uses pseudonyms instead of its real identity to protect its privacy. However, the real identity of a vehicle must be revealed when it is determined to be malicious. This dissertation presents a distributed and scalable privacy-preserving authentication and message dissemination scheme in VANET. Low overhead privacy-preserving authentication scheme in VANETs: The traditional pseudonym-based authentication scheme uses Certificate Revocation Lists (CRLs) to store the certificates of revoked and malicious entities in VANETs. However, the size of CRL increases significantly with the increased number of revoked entities. Therefore, the overhead involved in maintaining the revoked certificates is overwhelming in CRL-based solutions. This dissertation presents a lightweight privacy-preserving authentication scheme that reduces the overhead associated with maintaining CRLs in VANETs. Our scheme also provides an efficient look-up operation for CRLs. Efficient management of pseudonyms for privacy-preserving authentication in VANETs: In VANETs, vehicles change pseudonyms frequently to avoid the traceability of attackers. However, if only one vehicle out of 100 vehicles changes its pseudonym, an intruder can easily breach the privacy of the vehicle by linking the old and new pseudonym. This dissertation presents an efficient method for managing pseudonyms of vehicles. In our scheme, vehicles within the same region simultaneously change their pseudonyms to reduce the chance of linking two pseudonyms to the same vehicle

Secure Authentication and Privacy-Preserving Techniques in Vehicular Ad-hoc NETworks (VANETs)

In the last decade, there has been growing interest in Vehicular Ad Hoc NETworks (VANETs). Today car manufacturers have already started to equip vehicles with sophisticated sensors that can provide many assistive features such as front collision avoidance, automatic lane tracking, partial autonomous driving, suggestive lane changing, and so on. Such technological advancements are enabling the adoption of VANETs not only to provide safer and more comfortable driving experience but also provide many other useful services to the driver as well as passengers of a vehicle. However, privacy, authentication and secure message dissemination are some of the main issues that need to be thoroughly addressed and solved for the widespread adoption/deployment of VANETs. Given the importance of these issues, researchers have spent a lot of effort in these areas over the last decade. We present an overview of the following issues that arise in VANETs: privacy, authentication, and secure message dissemination. Then we present a comprehensive review of various solutions proposed in the last 10 years which address these issues. Our survey sheds light on some open issues that need to be addressed in the future

Security and privacy issues in some special-puropse networks

This thesis is about providing security and privacy to new emergent applications which are based on special-purpose networks. More precisely, we study different aspects regarding security and privacy issues related to sensor networks, mobile ad hoc networks, vehicular ad hoc networks and social networks.Sensor networks consist of resource-constrained wireless devices with sensor capabilities. This emerging technology has a wide variety of applications related to event surveillance like emergency response, habitat monitoring or defense-related networks.Ad hoc networks are suited for use in situations where deploying an infrastructure is not cost effective or is not possible for any other reason. When the nodes of an ad hoc network are small mobile devices (e.g. cell phones or PDAs), such a network is called mobile ad hoc network. One of many possible uses of MANETs is to provide crisis management services applications, such as in disaster recovery, where the entire communication infrastructure is destroyed and reestablishing communication quickly is crucial. Another useful situation for MANETs is a scenario without fixed communication systems where there is the need for any kind of collaborative computing. Such situation can occur in both business and military environments.When the mobile nodes of a MANET are embedded in cars, such a network is called Vehicular Ad hoc Network (VANET). This kind of networks can be very useful to increase the road traffic safety and they will be deployed for real use in the forthcoming years. As a proof of that, eight important European vehicle manufacturers have founded the CAR 2 CAR Communication Consortium. This non-profit organisation is dedicated to the objective of further increasing traffic safety and efficiency by means of inter-vehicle communications.Social networks differ from the special-purpose networks commented above in that they are not physical networks. Social networks are applications that work through classic networks. They can be defined as a community of web users where each user can publish and share information and services. Social networks have become an object of study both in computer and social sciences, with even dedicated journals and conferences.The special-purpose networks described above provide a wide range of new services and applications. Even though they are expected to improve the society in several ways, these innovative networks and their related applications bring also security and privacy issues that must be addressed.This thesis solves some security and privacy issues related to such new applications and services. More specifically, it focuses on:·Secure information transmission in many-to-one scenarios with resource-constrained devices such as sensor networks.·Secure and private information sharing in MANETs.·Secure and private information spread in VANETs.·Private resource access in social networks.Results presented in this thesis include four contributions published in ISI JCR journals (IEEE Transactions on Vehicular Technology, Computer Networks (2) and Computer Communications) and two contributions published in two international conferences (Lecture Notes in Computer Science).Esta tesis trata diversos problemas de seguridad y privacidad que surgen al implantar en escenarios reales novedosas aplicaciones basadas en nuevos y emergentes modelos de red. Estos nuevos modelos de red difieren significativamente de las redes de computadores clásicas y son catalogadas como redes de propósito especial. Específicamente, en este trabajo se estudian diferentes aspectos relacionados con la seguridad de la información y la privacidad de los usuarios en redes de sensores, redes ad hoc móviles (MANETs), redes ad hoc vehiculares (VANETs) y redes sociales.Las redes de sensores están formadas por dispositivos inalámbricos muy limitados a nivel de recursos (capacidad de computación y batería) que detectan eventos o condiciones del entorno donde se instalan. Esta tecnología tiene una amplia variedad de aplicaciones entre las que destacan la detección de emergencias o la creación de perímetros de seguridad. Una MANET esta formada por nodos móviles conectados entre ellos mediante conexiones inalámbricas y de forma auto-organizada. Este tipo de redes se constituye sin la ayuda de infraestructuras, por ello son especialmente útiles en situaciones donde implantar una infraestructura es inviable por ser su coste demasiado elevado o por cualquier otra razón. Una de las muchas aplicaciones de las MANETs es proporcionar servicio en situaciones críticas (por ejemplo desastres naturales) donde la infraestructura de comunicaciones ha sido destruida y proporcionar conectividad rápidamente es crucial. Otra aplicación directa aparece en escenarios sin sistemas de comunicación fijos donde existe la necesidad de realizar algún tipo de computación colaborativa entre diversas máquinas. Esta situación se da tanto en ámbitos empresariales como militares.Cuando los nodos móviles de una MANET se asocian a vehículos (coches, camiones.), dicha red se denomina red ad hoc vehicular o VANET. Este tipo de redes pueden ser muy útiles para incrementar la seguridad vial y se espera su implantación para uso real en los próximos años. Como prueba de la gran importancia que tiene esta tecnología, los ocho fabricantes europeos más importantes han fundado la CAR 2 CAR Communication Consortium. Esta organización tiene como objetivo incrementar la seguridad y la eficiencia del tráfico mediante el uso de comunicaciones entre los vehículos.Las redes sociales se diferencian de las redes especiales descritas anteriormente en que éstas no son redes físicas. Las redes sociales son aplicaciones que funcionan a través de las redes de computadores clásicas. Una red de este tipo puede ser definida como una comunidad de usuarios web en donde dichos usuarios pueden publicar y compartir información y servicios. En la actualidad, las redes sociales han adquirido gran importancia ofreciendo un amplio abanico de posibilidades a sus usuarios: trabajar de forma colaborativa, compartir ficheros, búsqueda de nuevos amigos, etc.A continuación se resumen las aplicaciones en las que esta tesis se centra según el tipo de red asociada:·Transmisión segura de información en escenarios muchos-a-uno (múltiples emisores y un solo receptor) donde los dispositivos en uso poseen recursos muy limitados. Este escenario es el habitual en redes de sensores.·Distribución de información de forma segura y preservando la privacidad de los usuarios en redes ad hoc móviles.·Difusión de información (con el objeto de incrementar la seguridad vial) fidedigna preservando la privacidad de los usuarios en redes ad hoc vehiculares.·Acceso a recursos en redes sociales preservando la privacidad de los usuarios. Los resultados de la tesis incluyen cuatro publicaciones en revistas ISI JCR (IEEE Transactions on Vehicular Technology, Computer Networks (2) y Computer Communications) y dos publicaciones en congresos internacionales(Lecture Notes in Computer Science)

Proposal: An Efficient Security and Privacy Scheme based on Elliptic Curve Cryptography (ECC) for Vehicular Ad hoc Network (VANET)

Vehicles in a vehicular ad-hoc network (VANET) broadcast information about the driving environment in the road. Due to the open-access environment, this means that the VANET is susceptible to security and privacy issues. However, none of the related works satisfies all security and privacy requirements. Besides, their proposed has huge overhead in terms of computation and communication. To address the above issues, we will propose the security and privacy scheme based on Elliptic Curve Cryptography (ECC) and one secure hash function. Hence the reliability of each message being signed and checked has been improved. The main aim of this work is to satisfy all aspect requirements of security and privacy and reduce the computational complexity of the system