Efficient HMAC-based secure communication for VANETs

Vehicular Ad Hoc Network (VANET) is an emerging type of network which facilitates vehicles on roads to communicate for driving safety. It requires a mechanism to help authenticate messages, identify valid vehicles, and remove malevolent vehicles which do not obey the rules. Most existing solutions either do not have an effective message verification scheme, or use the public key infrastructure (PKI). In this network, vehicles are able to broadcast messages to other vehicles and a group of known vehicles can also communicate securely among themselves. So group communication is necessary for the network. However, most existing solutions either do not consider this or use pairing operation to realize this. They are either not secure or not effective. In this paper, we provide a more comprehensive set of secure schemes with Hash-based Message Authentication Code (HMAC) in VANETs to overcome their shortcomings. Of course, we still need to use Pairing operation in some place. Our scheme is composed of three schemes: (1) Communications between Vehicles and Road-Side Units (RSUs), (2) One to One Communications within a Group, (3) One to One Communications without a Group. Based on our simulation study, we show that our schemes are effective and the delay caused is much lower. The average delay caused by our first scheme is nearly thousands of times lower than prior schemes. The average delay caused by our second scheme is 0.312 ms, while the delay caused by prior scheme is 12.3 ms. Meanwhile the average delay caused by our third scheme is 0.312 ms, and the delay caused by prior scheme is about 9 s. © 2012 Elsevier B.V. All rights reserved.postprin

MobileTrust: Secure Knowledge Integration in VANETs

Vehicular Ad hoc NETworks (VANET) are becoming popular due to the emergence of the Internet of Things and ambient intelligence applications. In such networks, secure resource sharing functionality is accomplished by incorporating trust schemes. Current solutions adopt peer-to-peer technologies that can cover the large operational area. However, these systems fail to capture some inherent properties of VANETs, such as fast and ephemeral interaction, making robust trust evaluation of crowdsourcing challenging. In this article, we propose MobileTrust—a hybrid trust-based system for secure resource sharing in VANETs. The proposal is a breakthrough in centralized trust computing that utilizes cloud and upcoming 5G technologies to provide robust trust establishment with global scalability. The ad hoc communication is energy-efficient and protects the system against threats that are not countered by the current settings. To evaluate its performance and effectiveness, MobileTrust is modelled in the SUMO simulator and tested on the traffic features of the small-size German city of Eichstatt. Similar schemes are implemented in the same platform to provide a fair comparison. Moreover, MobileTrust is deployed on a typical embedded system platform and applied on a real smart car installation for monitoring traffic and road-state parameters of an urban application. The proposed system is developed under the EU-founded THREAT-ARREST project, to provide security, privacy, and trust in an intelligent and energy-aware transportation scenario, bringing closer the vision of sustainable circular economy

Protocols and Architecture for Privacy-preserving Authentication and Secure Message Dissemination in Vehicular Ad Hoc Networks

The rapid development in the automotive industry and wireless communication technologies have enhanced the popularity of Vehicular ad hoc networks (VANETs). Today, the automobile industry is developing sophisticated sensors that can provide a wide range of assistive features, including accident avoidance, automatic lane tracking, semi-autonomous driving, suggested lane changes, and more. VANETs can provide drivers a safer and more comfortable driving experience, as well as many other useful services by leveraging such technological advancements. Even though this networking technology enables smart and autonomous driving, it also introduces a plethora of attack vectors. However, the main issues to be sorted out and addressed for the widespread deployment/adoption of VANETs are privacy, authenticating users, and the distribution of secure messages. These issues have been addressed in this dissertation, and the contributions of this dissertation are summarized as follows: Secure and privacy-preserving authentication and message dissemination in VANETs: Attackers can compromise the messages disseminated within VANETs by tampering with the message content or sending malicious messages. Therefore, it is crucial to ensure the legitimacy of the vehicles participating in the VANETs as well as the integrity and authenticity of the messages transmitted in VANETs. In VANET communication, the vehicle uses pseudonyms instead of its real identity to protect its privacy. However, the real identity of a vehicle must be revealed when it is determined to be malicious. This dissertation presents a distributed and scalable privacy-preserving authentication and message dissemination scheme in VANET. Low overhead privacy-preserving authentication scheme in VANETs: The traditional pseudonym-based authentication scheme uses Certificate Revocation Lists (CRLs) to store the certificates of revoked and malicious entities in VANETs. However, the size of CRL increases significantly with the increased number of revoked entities. Therefore, the overhead involved in maintaining the revoked certificates is overwhelming in CRL-based solutions. This dissertation presents a lightweight privacy-preserving authentication scheme that reduces the overhead associated with maintaining CRLs in VANETs. Our scheme also provides an efficient look-up operation for CRLs. Efficient management of pseudonyms for privacy-preserving authentication in VANETs: In VANETs, vehicles change pseudonyms frequently to avoid the traceability of attackers. However, if only one vehicle out of 100 vehicles changes its pseudonym, an intruder can easily breach the privacy of the vehicle by linking the old and new pseudonym. This dissertation presents an efficient method for managing pseudonyms of vehicles. In our scheme, vehicles within the same region simultaneously change their pseudonyms to reduce the chance of linking two pseudonyms to the same vehicle

Certificate Based Scheme and Expedite Message Authentication Protocol for Vehicular Ad Hoc Networks

VANET security is major issue for researcher. Thus Ad-Hoc Networks embrace the Public Key Infrastructure (PKI) and Certificate Revocation Lists (CRLs) for their security purpose. EMAP was presented to overcome the problem of the long delay incurred in checking the revocation status of a certificate using a CRL. From the experimental analysis it was observed that it is resistant to common attacks while performing the authentication techniques. Therefore, EMAP can significantly decrease the message-loss ratio due to message verification delay as compared to the conventional authentication methods employing CRL checking. Thus to further address these issues along with EMAP protocol, new EMAP method is presented called as CEMAP (certificate based EMAP) which is intended to overcome the authentication delay in message processing by reducing the complexity in Authentication process. CEMAP authentication protocol is constructed based on the combination of the new signature scheme and EMAP. The proposed algorithm reduces the delay by 10% than EMAP. DOI: 10.17762/ijritcc2321-8169.15023

Towards Cyber Security for Low-Carbon Transportation: Overview, Challenges and Future Directions

In recent years, low-carbon transportation has become an indispensable part as sustainable development strategies of various countries, and plays a very important responsibility in promoting low-carbon cities. However, the security of low-carbon transportation has been threatened from various ways. For example, denial of service attacks pose a great threat to the electric vehicles and vehicle-to-grid networks. To minimize these threats, several methods have been proposed to defense against them. Yet, these methods are only for certain types of scenarios or attacks. Therefore, this review addresses security aspect from holistic view, provides the overview, challenges and future directions of cyber security technologies in low-carbon transportation. Firstly, based on the concept and importance of low-carbon transportation, this review positions the low-carbon transportation services. Then, with the perspective of network architecture and communication mode, this review classifies its typical attack risks. The corresponding defense technologies and relevant security suggestions are further reviewed from perspective of data security, network management security and network application security. Finally, in view of the long term development of low-carbon transportation, future research directions have been concerned.Comment: 34 pages, 6 figures, accepted by journal Renewable and Sustainable Energy Review

Secure Location-Aided Routing Protocols With Wi-Fi Direct For Vehicular Ad Hoc Networks

Secure routing protocols are proposed for the vehicular ad hoc networks. The protocolsintegrate the security authentication process with the Location-Aided Routing (LAR) protocol to supportWi-Fi Direct communications between the vehicles. The methods are robust against various security threats.The security authentication process adopts a modified Diffie-Hellman key agreement protocol. The Diffie-Hellman protocol is used with a short authentication string (SAS)-based key agreement over Wi-Fi Directout-of-band communication channels. It protects the communication from any man-in-the-middle securitythreats. In particular, the security process is integrated into two LAR routing schemes, i.e., the request-zoneLAR scheme and the distance-based LAR scheme.We conduct extensive simulations with different networkparameters such as the vehicular node density, the number of the malicious nodes, and the speed of thenodes. Simulation results show that the proposed routing protocols provide superior performance in securedata delivery and average total packet delay. Also, the secure distance-based LAR protocol outperforms thesecure request-zone LAR protocol

Design of secure mobile payment protocols for restricted connectivity scenarios

The emergence of mobile and wireless networks made posible the extensión of electronic commerce to a new area of research: mobile commerce called m-commerce, which includes mobile payment), that refers to any e-commerce transaction made from a mobile device using wireless networks. Most of the mobile payment systems found in the literatura are based on the full connectivity scenario where all the entities are directly connected one to another but do not support business models with direct communication restrictions between the entities of the system is not a impediment to perform comercial transactions. It is for this reason that mobile payment systems that consider those situations where direct communications between entities of the system is not posible (temporarily or permanently) basically due to the impossibility of one of the entities connected to the Internet are required. In order to solve the current shortage in the scientific world of previous research works that address the problema of on-line payment from mobile devices in connectivity restricted scenarios, in this thesis we propose a set of secure payment protocols (that use both symmetric and non-traditional asymmetric cryptography), which have low computational power requirements, are fit for scenarios with communications restrictions (where at least two of the entities of the system cannot exchange information in a direct way and must do it through another entity) and offer the same security capabilities as those protocols designed for full connectivity scenarios. The proposed protocols are applicable to other types of networks, such as vehicular ad hoc network (VANETs), where services exist which require on-line payment and scenarios with communication restrictions.On the other hand, the implementation (in a multiplatform programming language) of the designed protocols shows that their performance is suitable for devices with limited computational power.Postprint (published version

Secure Authentication and Privacy-Preserving Techniques in Vehicular Ad-hoc NETworks (VANETs)

In the last decade, there has been growing interest in Vehicular Ad Hoc NETworks (VANETs). Today car manufacturers have already started to equip vehicles with sophisticated sensors that can provide many assistive features such as front collision avoidance, automatic lane tracking, partial autonomous driving, suggestive lane changing, and so on. Such technological advancements are enabling the adoption of VANETs not only to provide safer and more comfortable driving experience but also provide many other useful services to the driver as well as passengers of a vehicle. However, privacy, authentication and secure message dissemination are some of the main issues that need to be thoroughly addressed and solved for the widespread adoption/deployment of VANETs. Given the importance of these issues, researchers have spent a lot of effort in these areas over the last decade. We present an overview of the following issues that arise in VANETs: privacy, authentication, and secure message dissemination. Then we present a comprehensive review of various solutions proposed in the last 10 years which address these issues. Our survey sheds light on some open issues that need to be addressed in the future

ESPR: Efficient Security Scheme for Position-Based Routing in Vehicular Ad Hoc Networks

Vehicular Ad hoc Network (VANET) is a promising emerging technology that enables road safety, traffic management, and passengers and drivers comfort applications. Many applications require multi-hop routing; position-based routing (PBR) is a well-recognized routing paradigm that performs well in the vehicular context to enable these applications. However, there are many security challenges and various routing attacks which may prevent the deployment of PBR protocols. In this study, we propose a novel security scheme called ESPR to secure PBR protocols in VANETs. ESPR considers both digital signature and keyed Hash Message Authentication Code (HMAC) to meet the unique requirements of PBR. In ESPR, all legitimate members share a secret key. ESPR scheme applies a novel probabilistic key distribution to allow unrevoked members to update the shared secret key. Furthermore, it defines a set of plausibility checks that enables network members to detect and avoid PBR attacks autonomously. By conducting security analysis and performance evaluation, ESPR scheme demonstrated to outperform its counterparts in terms of communication overhead and delay while achieving robust and secure operation