Congestion-based Certificate Omission in VANETs

Telematic awareness of nearby vehicles is a basic foundation of electronic safety applications in Vehicular Ad hoc Networks (VANETs). This awareness is achieved by frequently broadcasting beacon messages to nearby vehicles that announce a vehicle's location and other data like heading and speed. Such safety-related beacons require strong integrity protection and high availability, two properties that are hard to combine because the communication and computation overhead introduced by security mechanisms affects reliability. This applies especially to the signatures and certificates needed for authentication. We propose a mechanism to reduce the communication overhead of secure safety beacons by adaptively omitting the inclusion of certificates in messages. In contrast to similar earlier proposals, we control the omission rate based on channel congestion. A simulation study underlines the advantages of the congestion-based certificate omission scheme compared to earlier approaches. Moreover, we show that the benefits of certificate omission outweigh the negative effect of cryptographically unverifiable beacons

An evaluation framework for pre-distribution strategies of certificates in VANETs

Security and privacy in vehicular communication are expected to be ensured by the pervasive use of pseudonymous certificates and signed messages. The design and establishment of necessary public key infrastructure and hierarchies of cer- tificate authorities is ongoing in industry consortia, such as the Car-to-Car Communication Consortium. The privacy pre- serving dissemination of pseudonymous certificates is however still expected to be limited to single-hop exchanges between vehicles. This limitation to one-hop strategies might not be ideal, especially considering the importance of ensuring trustworthy stateless information exchange upon reception of the very first communication packets. We propose to investigate multi-hop pre- distribution strategies for certificates to significantly reduce this first encounter problem

Design of an adaptive congestion control protocol for reliable vehicle safety communication

[no abstract

Analyzing Attacks on Cooperative Adaptive Cruise Control (CACC)

Cooperative Adaptive Cruise Control (CACC) is one of the driving applications of vehicular ad-hoc networks (VANETs) and promises to bring more efficient and faster transportation through cooperative behavior between vehicles. In CACC, vehicles exchange information, which is relied on to partially automate driving; however, this reliance on cooperation requires resilience against attacks and other forms of misbehavior. In this paper, we propose a rigorous attacker model and an evaluation framework for this resilience by quantifying the attack impact, providing the necessary tools to compare controller resilience and attack effectiveness simultaneously. Although there are significant differences between the resilience of the three analyzed controllers, we show that each can be attacked effectively and easily through either jamming or data injection. Our results suggest a combination of misbehavior detection and resilient control algorithms with graceful degradation are necessary ingredients for secure and safe platoons.Comment: 8 pages (author version), 5 Figures, Accepted at 2017 IEEE Vehicular Networking Conference (VNC

Research on security and privacy in vehicular ad hoc networks

Los sistemas de redes ad hoc vehiculares (VANET) tienen como objetivo proporcionar una plataforma para diversas aplicaciones que pueden mejorar la seguridad vial, la eficiencia del tráfico, la asistencia a la conducción, la regulación del transporte, etc. o que pueden proveer de una mejor información y entretenimiento a los usuarios de los vehículos. Actualmente se está llevando a cabo un gran esfuerzo industrial y de investigación para desarrollar un mercado que se estima alcance en un futuro varios miles de millones de euros. Mientras que los enormes beneficios que se esperan de las comunicaciones vehiculares y el gran número de vehículos son los puntos fuertes de las VANET, su principal debilidad es la vulnerabilidad a los ataques contra la seguridad y la privacidad.En esta tesis proponemos cuatro protocolos para conseguir comunicaciones seguras entre vehículos. En nuestra primera propuesta empleamos a todas las unidades en carretera (RSU) para mantener y gestionar un grupo en tiempo real dentro de su rango de comunicación. Los vehículos que entren al grupo de forma anónima pueden emitir mensajes vehículo a vehículo (V2V) que inmediatamente pueden ser verificados por los vehículos del mismo grupo (y grupos de vecinos). Sin embargo, en la primera fase del despliegue de este sistema las RSU pueden no estar bien distribuídas. Consecuentemente, se propone un conjunto de mecanismos para hacer frente a la seguridad, privacidad y los requisitos de gestión de una VANET a gran escala sin la suposición de que las RSU estén densamente distribuidas. La tercera propuesta se centra principalmente en la compresión de las evidencias criptográficas que nos permitirán demostrar, por ejemplo, quien era el culpable en caso de accidente. Por último, investigamos los requisitos de seguridad de los sistemas basados en localización (LBS) sobre VANETs y proponemos un nuevo esquema para la preservación de la privacidad de la localización en estos sistemas sobre dichas redes.Vehicular ad hoc network (VANET) systems aim at providing a platform for various applications that can improve traffic safety and efficiency, driver assistance, transportation regulation, infotainment, etc. There is substantial research and industrial effort to develop this market. It is estimated that the market for vehicular communications will reach several billion euros. While the tremendous benefits expected from vehicular communications and the huge number of vehicles are strong points of VANETs, their weakness is vulnerability to attacks against security and privacy.In this thesis, we propose four protocols for secure vehicle communications. In our first proposal, we employ each road-side unit (RSU) to maintain and manage an on-the-fly group within its communication range. Vehicles entering the group can anonymously broadcast vehicle-to-vehicle (V2V) messages, which can be instantly verified by the vehicles in the same group (and neighbor groups). However, at the early stage of VANET deployment, the RSUs may not be well distributed. We then propose a set of mechanisms to address the security, privacy, and management requirements of a large-scale VANET without the assumption of densely distributed RSUs. The third proposal is mainly focused on compressing cryptographic witnesses in VANETs. Finally, we investigate the security requirements of LBS in VANETs and propose a new privacy-preserving LBS scheme for those networks

Quality of Service in Vehicular Ad Hoc Networks: Methodical Evaluation and Enhancements for ITS-G5

After many formative years, the ad hoc wireless communication between vehicles has become a vehicular technology available in mass production cars in 2020. Vehicles form spontaneous Vehicular Ad Hoc Networks (VANETs), which enable communication whenever vehicles are nearby without need for supportive infrastructure. In Europe, this communication is standardised comprehensively as Intelligent Transport Systems in the 5.9 GHz band (ITS-G5). This thesis centres around Quality of Service (QoS) in these VANETs based on ITS-G5 technology. Whilst only a few vehicles communicate, radio resources are plenty, and channel congestion is a minor issue. With progressing deployment, congestion control becomes crucial to preserve QoS by preventing high latencies or foiled information dissemination. The developed VANET simulation model, featuring an elaborated ITS-G5 protocol stack, allows investigation of QoS methodically. It also considers the characteristics of ITS-G5 radios such as the signal attenuation in vehicular environments and the capture effect by receivers. Backed by this simulation model, several enhancements for ITS-G5 are proposed to control congestion reliably and thus ensure QoS for its applications. Modifications at the GeoNetworking (GN) protocol prevent massive packet occurrences in a short time and hence congestion. Glow Forwarding is introduced as GN extension to distribute delay-tolerant information. The revised Decentralized Congestion Control (DCC) cross-layer supports low-latency transmission of event-triggered, periodic and relayed packets. DCC triggers periodic services and manages a shared duty cycle budget dedicated to packet forwarding for this purpose. Evaluation in large-scale networks reveals that this enhanced ITS-G5 system can reliably reduce the information age of periodically sent messages. The forwarding budget virtually eliminates the starvation of multi-hop packets and still avoids congestion caused by excessive forwarding. The presented enhancements thus pave the way to scale up VANETs for wide-spread deployment and future applications

VANET-enabled eco-friendly road characteristics-aware routing for vehicular traffic

There is growing awareness of the dangers of climate change caused by greenhouse gases. In the coming decades this could result in numerous disasters such as heat-waves, flooding and crop failures. A major contributor to the total amount of greenhouse gas emissions is the transport sector, particularly private vehicles. Traffic congestion involving private vehicles also causes a lot of wasted time and stress to commuters. At the same time new wireless technologies such as Vehicular Ad-Hoc Networks (VANETs) are being developed which could allow vehicles to communicate with each other. These could enable a number of innovative schemes to reduce traffic congestion and greenhouse gas emissions. 1) EcoTrec is a VANET-based system which allows vehicles to exchange messages regarding traffic congestion and road conditions, such as roughness and gradient. Each vehicle uses the messages it has received to build a model of nearby roads and the traffic on them. The EcoTrec Algorithm then recommends the most fuel efficient route for the vehicles to follow. 2) Time-Ants is a swarm based algorithm that considers not only the amount of cars in the spatial domain but also the amoumt in the time domain. This allows the system to build a model of the traffic congestion throughout the day. As traffic patterns are broadly similar for weekdays this gives us a good idea of what traffic will be like allowing us to route the vehicles more efficiently using the Time-Ants Algorithm. 3) Electric Vehicle enhanced Dedicated Bus Lanes (E-DBL) proposes allowing electric vehicles onto the bus lanes. Such an approach could allow a reduction in traffic congestion on the regular lanes without greatly impeding the buses. It would also encourage uptake of electric vehicles. 4) A comprehensive survey of issues associated with communication centred traffic management systems was carried out

Location Privacy in VANETs: Improved Chaff-Based CMIX and Privacy-Preserving End-to-End Communication

VANETs communication systems are technologies and defined policies that can be formed to enable ITS applications to provide road traffic efficacy, warning about such issues as environmental dangers, journey circumstances, and in the provision of infotainment that considerably enhance transportation safety and quality. The entities in VANETs, generally vehicles, form part of a massive network known as the Internet of Vehicles (IoV). The deployment of large-scale VANETs systems is impossible without ensuring that such systems are themselves are safe and secure, protecting the privacy of their users. There is a risk that cars might be hacked, or their sensors become defective, causing inaccurate information to be sent across the network. Consequently, the activities and credentials of participating vehicles should be held responsible and quickly broadcast throughout a vast VANETs, considering the accountability in the system. The openness of wireless communication means that an observer can eavesdrop on vehicular communication and gain access or otherwise deduce users' sensitive information, and perhaps profile vehicles based on numerous factors such as tracing their travels and the identification of their home/work locations. In order to protect the system from malicious or compromised entities, as well as to preserve user privacy, the goal is to achieve communication security, i.e., keep users' identities hidden from both the outside world and the security infrastructure and service providers. Being held accountable while still maintaining one's privacy is a difficult balancing act. This thesis explores novel solution paths to the above challenges by investigating the impact of low-density messaging to improve the security of vehicle communications and accomplish unlinkability in VANETs. This is achieved by proposing an improved chaff-based CMIX protocol that uses fake messages to increase density to mitigate tracking in this scenario. Recently, Christian \etall \cite{vaas2018nowhere} proposed a Chaff-based CMIX scheme that sends fake messages under the presumption low-density conditions to enhance vehicle privacy and confuse attackers. To accomplish full unlinkability, we first show the following security and privacy vulnerabilities in the Christian \etall scheme: linkability attacks outside the CMIX may occur due to deterministic data-sharing during the authentication phase (e.g., duplicate certificates for each communication). Adversaries may inject fake certificates, which breaks Cuckoo Filters' (CFs) updates authenticity, and the injection may be deniable. CMIX symmetric key leakage outside the coverage may occur. We propose a VPKI-based protocol to mitigate these issues. First, we use a modified version of Wang \etall's \cite{wang2019practical} scheme to provide mutual authentication without revealing the real identity. To this end, a vehicle's messages are signed with a different pseudo-identity “certificate”. Furthermore, the density is increased via the sending of fake messages during low traffic periods to provide unlinkability outside the mix-zone. Second, unlike Christian \etall's scheme, we use the Adaptive Cuckoo Filter (ACF) instead of CF to overcome the effects of false positives on the whole filter. Moreover, to prevent any alteration of the ACFs, only RUSs distribute the updates, and they sign the new fingerprints. Third, mutual authentication prevents any leakage from the mix zones' symmetric keys by generating a fresh one for each communication through a Diffie–Hellman key exchange. As a second main contribution of this thesis, we focus on the V2V communication without the interference of a Trusted Third Party (TTP)s in case this has been corrupted, destroyed, or is out of range. This thesis presents a new and efficient end-to-end anonymous key exchange protocol based on Yang \etall's \cite{yang2015self} self-blindable signatures. In our protocol, vehicles first privately blind their own private certificates for each communication outside the mix-zone and then compute an anonymous shared key based on zero-knowledge proof of knowledge (PoK). The efficiency comes from the fact that once the signatures are verified, the ephemeral values in the PoK are also used to compute a shared key through an authenticated Diffie-Hellman key exchange protocol. Therefore, the protocol does not require any further external information to generate a shared key. Our protocol also does not require interfacing with the Roadside Units or Certificate Authorities, and hence can be securely run outside the mixed-zones. We demonstrate the security of our protocol in ideal/real simulation paradigms. Hence, our protocol achieves secure authentication, forward unlinkability, and accountability. Furthermore, the performance analysis shows that our protocol is more efficient in terms of computational and communications overheads compared to existing schemes.Kuwait Cultural Offic

A Communications-Oriented Perspective on Traffic Management Systems for Smart Cities: Challenges and Innovative Approaches

The growing size of cities and increasing population mobility have determined a rapid increase in the number of vehicles on the roads, which has resulted in many challenges for road traffic management authorities in relation to traffic congestion, accidents, and air pollution. Over the recent years, researchers from both industry and academia have been focusing their efforts on exploiting the advances in sensing, communication, and dynamic adaptive technologies to make the existing road traffic management systems (TMSs) more efficient to cope with the aforementioned issues in future smart cities. However, these efforts are still insufficient to build a reliable and secure TMS that can handle the foreseeable rise of population and vehicles in smart cities. In this survey, we present an up-to-date review of the different technologies used in the different phases involved in a TMS and discuss the potential use of smart cars and social media to enable fast and more accurate traffic congestion detection and mitigation. We also provide a thorough study of the security threats that may jeopardize the efficiency of the TMS and endanger drivers' lives. Furthermore, the most significant and recent European and worldwide projects dealing with traffic congestion issues are briefly discussed to highlight their contribution to the advancement of smart transportation. Finally, we discuss some open challenges and present our own vision to develop robust TMSs for future smart cities

Rate-Adaptation Based Congestion Control for Vehicle Safety Communications

This thesis deals with the scalability of Vehicle Safety Communications (VSC), where vehicles exchange periodic status messages to support future driver assistance applications. We systematically develop a design methodology for congestion control in VSC and present a resulting protocol named PULSAR. While previous works typically focused on controlling channel load only, we thereby integrate a concept which allows the adaptation to operate within the limits defined by safety applications