916 research outputs found
SECMACE: Scalable and Robust Identity and Credential Management Infrastructure in Vehicular Communication Systems
Several years of academic and industrial research efforts have converged to a
common understanding on fundamental security building blocks for the upcoming
Vehicular Communication (VC) systems. There is a growing consensus towards
deploying a special-purpose identity and credential management infrastructure,
i.e., a Vehicular Public-Key Infrastructure (VPKI), enabling pseudonymous
authentication, with standardization efforts towards that direction. In spite
of the progress made by standardization bodies (IEEE 1609.2 and ETSI) and
harmonization efforts (Car2Car Communication Consortium (C2C-CC)), significant
questions remain unanswered towards deploying a VPKI. Deep understanding of the
VPKI, a central building block of secure and privacy-preserving VC systems, is
still lacking. This paper contributes to the closing of this gap. We present
SECMACE, a VPKI system, which is compatible with the IEEE 1609.2 and ETSI
standards specifications. We provide a detailed description of our
state-of-the-art VPKI that improves upon existing proposals in terms of
security and privacy protection, and efficiency. SECMACE facilitates
multi-domain operations in the VC systems and enhances user privacy, notably
preventing linking pseudonyms based on timing information and offering
increased protection even against honest-but-curious VPKI entities. We propose
multiple policies for the vehicle-VPKI interactions, based on which and two
large-scale mobility trace datasets, we evaluate the full-blown implementation
of SECMACE. With very little attention on the VPKI performance thus far, our
results reveal that modest computing resources can support a large area of
vehicles with very low delays and the most promising policy in terms of privacy
protection can be supported with moderate overhead.Comment: 14 pages, 9 figures, 10 tables, IEEE Transactions on Intelligent
Transportation System
Recommended from our members
MobileTrust: Secure Knowledge Integration in VANETs
Vehicular Ad hoc NETworks (VANET) are becoming popular due to the emergence of the Internet of Things and ambient intelligence applications. In such networks, secure resource sharing functionality is accomplished by incorporating trust schemes. Current solutions adopt peer-to-peer technologies that can cover the large operational area. However, these systems fail to capture some inherent properties of VANETs, such as fast and ephemeral interaction, making robust trust evaluation of crowdsourcing challenging. In this article, we propose MobileTrust—a hybrid trust-based system for secure resource sharing in VANETs. The proposal is a breakthrough in centralized trust computing that utilizes cloud and upcoming 5G technologies to provide robust trust establishment with global scalability. The ad hoc communication is energy-efficient and protects the system against threats that are not countered by the current settings. To evaluate its performance and effectiveness, MobileTrust is modelled in the SUMO simulator and tested on the traffic features of the small-size German city of Eichstatt. Similar schemes are implemented in the same platform to provide a fair comparison. Moreover, MobileTrust is deployed on a typical embedded system platform and applied on a real smart car installation for monitoring traffic and road-state parameters of an urban application. The proposed system is developed under the EU-founded THREAT-ARREST project, to provide security, privacy, and trust in an intelligent and energy-aware transportation scenario, bringing closer the vision of sustainable circular economy
Randomized and Efficient Authentication in Mobile Environments
In a mobile environment, a number of users act as a network nodes and communicate with one another to acquire location based information and services. This emerging paradigm has opened up new business opportunities and enables numerous applications such as road safety enhancement, service recommendations and mobile entertainment. A fundamental issue that impacts the success of these applications is the security and privacy concerns raised regarding the mobile users. In that, a malicious user or service provider can track the locations of a user traveled so that other malicious act can be carried out more effectively against the user. Therefore, the challenge becomes how to authenticate mobile users while preserving their actual identity and location privacy. In this work, we propose a novel randomized or privacy-preserving authentication protocol based on homomorphic encryption. The protocol allows individual users to self generate any number of authenticated identities to achieve full anonymity in mobile environment. The proposed protocol prevents users being tracked by any single party including peer users, service providers, authentication servers, and other infrastructure. Meanwhile, our protocol also provides traceability in case of any dispute. We have conducted experimental study which demonstrates the efficiency of our protocol. Another advantage of the proposed protocol is lightweight computation and storage requirement, particularly suitable for any mobile devices with limited computation power and storage space
A Review of Research on Privacy Protection of Internet of Vehicles Based on Blockchain
Numerous academic and industrial fields, such as healthcare, banking, and supply chain management, are rapidly adopting and relying on blockchain technology. It has also been suggested for application in the internet of vehicles (IoV) ecosystem as a way to improve service availability and reliability. Blockchain offers decentralized, distributed and tamper-proof solutions that bring innovation to data sharing and management, but do not themselves protect privacy and data confidentiality. Therefore, solutions using blockchain technology must take user privacy concerns into account. This article reviews the proposed solutions that use blockchain technology to provide different vehicle services while overcoming the privacy leakage problem which inherently exists in blockchain and vehicle services. We analyze the key features and attributes of prior schemes and identify their contributions to provide a comprehensive and critical overview. In addition, we highlight prospective future research topics and present research problems
Formal Analysis of V2X Revocation Protocols
Research on vehicular networking (V2X) security has produced a range of
security mechanisms and protocols tailored for this domain, addressing both
security and privacy. Typically, the security analysis of these proposals has
largely been informal. However, formal analysis can be used to expose flaws and
ultimately provide a higher level of assurance in the protocols.
This paper focusses on the formal analysis of a particular element of
security mechanisms for V2X found in many proposals: the revocation of
malicious or misbehaving vehicles from the V2X system by invalidating their
credentials. This revocation needs to be performed in an unlinkable way for
vehicle privacy even in the context of vehicles regularly changing their
pseudonyms. The REWIRE scheme by Forster et al. and its subschemes BASIC and
RTOKEN aim to solve this challenge by means of cryptographic solutions and
trusted hardware.
Formal analysis using the TAMARIN prover identifies two flaws with some of
the functional correctness and authentication properties in these schemes. We
then propose Obscure Token (OTOKEN), an extension of REWIRE to enable
revocation in a privacy preserving manner. Our approach addresses the
functional and authentication properties by introducing an additional key-pair,
which offers a stronger and verifiable guarantee of successful revocation of
vehicles without resolving the long-term identity. Moreover OTOKEN is the first
V2X revocation protocol to be co-designed with a formal model.Comment: 16 pages, 4 figure
Flexible Authentication in Vehicular Ad hoc Networks
A Vehicular Ad-Hoc Network (VANET) is a form of Mobile ad-hoc network, to
provide communications among nearby vehicles and between vehicles and nearby
fixed roadside equipment. The key operation in VANETs is the broadcast of
messages. Consequently, the vehicles need to make sure that the information has
been sent by an authentic node in the network. VANETs present unique challenges
such as high node mobility, real-time constraints, scalability, gradual
deployment and privacy. No existent technique addresses all these requirements.
In particular, both inter-vehicle and vehicle-to-roadside wireless
communications present different characteristics that should be taken into
account when defining node authentication services. That is exactly what is
done in this paper, where the features of inter-vehicle and vehicle-to-roadside
communications are analyzed to propose differentiated services for node
authentication, according to privacy and efficiency needs
- …