A secure anonymous communication scheme in vehicular ad hoc networks from pairings

Security and efficiency are two crucial issues in vehicular ad hoc networks. Many researches have devoted to these issues. However, we found that most of the proposed protocols in this area are insecure and can’t satisfy the anonymous property. Due to this observation, we propose a secure and anonymous method based on bilinear pairings to resolve the problems. After analysis, we conclude that our scheme is the most secure when compared with other protocols proposed so far

Privacy Preserving Cryptographic Protocols for Secure Heterogeneous Networks

Disertační práce se zabývá kryptografickými protokoly poskytující ochranu soukromí, které jsou určeny pro zabezpečení komunikačních a informačních systémů tvořících heterogenní sítě. Práce se zaměřuje především na možnosti využití nekonvenčních kryptografických prostředků, které poskytují rozšířené bezpečnostní požadavky, jako je například ochrana soukromí uživatelů komunikačního systému. V práci je stanovena výpočetní náročnost kryptografických a matematických primitiv na různých zařízeních, které se podílí na zabezpečení heterogenní sítě. Hlavní cíle práce se zaměřují na návrh pokročilých kryptografických protokolů poskytujících ochranu soukromí. V práci jsou navrženy celkově tři protokoly, které využívají skupinových podpisů založených na bilineárním párování pro zajištění ochrany soukromí uživatelů. Tyto navržené protokoly zajišťují ochranu soukromí a nepopiratelnost po celou dobu datové komunikace spolu s autentizací a integritou přenášených zpráv. Pro navýšení výkonnosti navržených protokolů je využito optimalizačních technik, např. dávkového ověřování, tak aby protokoly byly praktické i pro heterogenní sítě.The dissertation thesis deals with privacy-preserving cryptographic protocols for secure communication and information systems forming heterogeneous networks. The thesis focuses on the possibilities of using non-conventional cryptographic primitives that provide enhanced security features, such as the protection of user privacy in communication systems. In the dissertation, the performance of cryptographic and mathematic primitives on various devices that participate in the security of heterogeneous networks is evaluated. The main objectives of the thesis focus on the design of advanced privacy-preserving cryptographic protocols. There are three designed protocols which use pairing-based group signatures to ensure user privacy. These proposals ensure the protection of user privacy together with the authentication, integrity and non-repudiation of transmitted messages during communication. The protocols employ the optimization techniques such as batch verification to increase their performance and become more practical in heterogeneous networks.

Still Wrong Use of Pairings in Cryptography

Several pairing-based cryptographic protocols are recently proposed with a wide variety of new novel applications including the ones in emerging technologies like cloud computing, internet of things (IoT), e-health systems and wearable technologies. There have been however a wide range of incorrect use of these primitives. The paper of Galbraith, Paterson, and Smart (2006) pointed out most of the issues related to the incorrect use of pairing-based cryptography. However, we noticed that some recently proposed applications still do not use these primitives correctly. This leads to unrealizable, insecure or too inefficient designs of pairing-based protocols. We observed that one reason is not being aware of the recent advancements on solving the discrete logarithm problems in some groups. The main purpose of this article is to give an understandable, informative, and the most up-to-date criteria for the correct use of pairing-based cryptography. We thereby deliberately avoid most of the technical details and rather give special emphasis on the importance of the correct use of bilinear maps by realizing secure cryptographic protocols. We list a collection of some recent papers having wrong security assumptions or realizability/efficiency issues. Finally, we give a compact and an up-to-date recipe of the correct use of pairings.Comment: 25 page

Flexible Authentication in Vehicular Ad hoc Networks

A Vehicular Ad-Hoc Network (VANET) is a form of Mobile ad-hoc network, to provide communications among nearby vehicles and between vehicles and nearby fixed roadside equipment. The key operation in VANETs is the broadcast of messages. Consequently, the vehicles need to make sure that the information has been sent by an authentic node in the network. VANETs present unique challenges such as high node mobility, real-time constraints, scalability, gradual deployment and privacy. No existent technique addresses all these requirements. In particular, both inter-vehicle and vehicle-to-roadside wireless communications present different characteristics that should be taken into account when defining node authentication services. That is exactly what is done in this paper, where the features of inter-vehicle and vehicle-to-roadside communications are analyzed to propose differentiated services for node authentication, according to privacy and efficiency needs

Research on security and privacy in vehicular ad hoc networks

Los sistemas de redes ad hoc vehiculares (VANET) tienen como objetivo proporcionar una plataforma para diversas aplicaciones que pueden mejorar la seguridad vial, la eficiencia del tráfico, la asistencia a la conducción, la regulación del transporte, etc. o que pueden proveer de una mejor información y entretenimiento a los usuarios de los vehículos. Actualmente se está llevando a cabo un gran esfuerzo industrial y de investigación para desarrollar un mercado que se estima alcance en un futuro varios miles de millones de euros. Mientras que los enormes beneficios que se esperan de las comunicaciones vehiculares y el gran número de vehículos son los puntos fuertes de las VANET, su principal debilidad es la vulnerabilidad a los ataques contra la seguridad y la privacidad.En esta tesis proponemos cuatro protocolos para conseguir comunicaciones seguras entre vehículos. En nuestra primera propuesta empleamos a todas las unidades en carretera (RSU) para mantener y gestionar un grupo en tiempo real dentro de su rango de comunicación. Los vehículos que entren al grupo de forma anónima pueden emitir mensajes vehículo a vehículo (V2V) que inmediatamente pueden ser verificados por los vehículos del mismo grupo (y grupos de vecinos). Sin embargo, en la primera fase del despliegue de este sistema las RSU pueden no estar bien distribuídas. Consecuentemente, se propone un conjunto de mecanismos para hacer frente a la seguridad, privacidad y los requisitos de gestión de una VANET a gran escala sin la suposición de que las RSU estén densamente distribuidas. La tercera propuesta se centra principalmente en la compresión de las evidencias criptográficas que nos permitirán demostrar, por ejemplo, quien era el culpable en caso de accidente. Por último, investigamos los requisitos de seguridad de los sistemas basados en localización (LBS) sobre VANETs y proponemos un nuevo esquema para la preservación de la privacidad de la localización en estos sistemas sobre dichas redes.Vehicular ad hoc network (VANET) systems aim at providing a platform for various applications that can improve traffic safety and efficiency, driver assistance, transportation regulation, infotainment, etc. There is substantial research and industrial effort to develop this market. It is estimated that the market for vehicular communications will reach several billion euros. While the tremendous benefits expected from vehicular communications and the huge number of vehicles are strong points of VANETs, their weakness is vulnerability to attacks against security and privacy.In this thesis, we propose four protocols for secure vehicle communications. In our first proposal, we employ each road-side unit (RSU) to maintain and manage an on-the-fly group within its communication range. Vehicles entering the group can anonymously broadcast vehicle-to-vehicle (V2V) messages, which can be instantly verified by the vehicles in the same group (and neighbor groups). However, at the early stage of VANET deployment, the RSUs may not be well distributed. We then propose a set of mechanisms to address the security, privacy, and management requirements of a large-scale VANET without the assumption of densely distributed RSUs. The third proposal is mainly focused on compressing cryptographic witnesses in VANETs. Finally, we investigate the security requirements of LBS in VANETs and propose a new privacy-preserving LBS scheme for those networks