Hardware limitations to secure C-ITS: experimental evaluation and solutions

Cooperative Intelligent Transportation Systems (C-ITS) improve driving experience and safety through secure Vehicular Ad-hoc NETworks (VANETs) that satisfy strict security and performance constraints. Relevant standards, such as the IEEE 1609.2, prescribe network-efficient cryptographic protocols to reduce communication latencies through a combination of the Elliptic Curve Qu-Vanstone (ECQV) implicit certificate scheme and the Elliptic Curve Digital Signature Algorithm (ECDSA). However, literature lacks open implementations and performance evaluations for vehicular systems. This paper assesses the applicability of IEEE 1609.2 and of ECQV and ECDSA schemes to C-ITSs. We release an open implementation of the standard ECQV scheme to benchmark its execution time on automotive-grade hardware. Moreover, we evaluate its performance in real road and traffic scenarios and show that compliance with strict latency requirements defined for C-ITS requires computational resources that are not met by many automotive-grade embedded hardware platforms. As a final contribution, we propose and evaluate novel heuristics to reduce the number of signatures to be verified in real C-ITS scenarios

Securing the Internet of Things Communication Using Named Data Networking Approaches

The rapid advancement in sensors and their use in devices has led to the drastic increase of Internet-of-Things (IoT) device applications and usage. A fundamental requirement of an IoT-enabled ecosystem is the device’s ability to communicate with other devices, humans etc. IoT devices are usually highly resource constrained and come with varying capabilities and features. Hence, a host-based communication approach defined by the TCP/IP architecture relying on securing the communication channel between the hosts displays drawbacks especially when working in a highly chaotic environment (common with IoT applications). The discrepancies between requirements of the application and the network supporting the communication demands for a fundamental change in securing the communication in IoT applications. This research along with identifying the fundamental security problems in IoT device lifecycle in the context of secure communication also explores the use of a data-centric approach advocated by a modern architecture called Named Data Networking (NDN). The use of NDN modifies the basis of communication and security by defining data-centric security where the data chunks are secured directly and retrieved using specialized requests in a pull-based approach. This work also identifies the advantages of using semantically-rich names as the basis for IoT communication in the current client-driven environment and reinforces it with best-practices from the existing host-based approaches for such networks. We present in this thesis a number of solutions built to automate and securely onboard IoT devices; encryption, decryption and access control solutions based on semantically rich names and attribute-based schemes. We also provide the design details of solutions to sup- port trustworthy and conditionally private communication among highly resource constrained devices through specialized signing techniques and automated certificate generation and distribution with minimal use of the network resources. We also explore the design solutions for rapid trust establishment and vertically securing communication in applications including smart-grid operations and vehicular communication along with automated and lightweight certificate generation and management techniques. Through all these design details and exploration, we identify the applicability of the data-centric security techniques presented by NDN in securing IoT communication and address the shortcoming of the existing approaches in this area

PQCMC: Post-Quantum Cryptography McEliece-Chen Implicit Certificate Scheme

In recent years, the elliptic curve Qu-Vanstone (ECQV) implicit certificate scheme has found application in security credential management systems (SCMS) and secure vehicle-to-everything (V2X) communication to issue pseudonymous certificates. However, the vulnerability of elliptic-curve cryptography (ECC) to polynomial-time attacks posed by quantum computing raises concerns. In order to enhance resistance against quantum computing threats, various post-quantum cryptography methods have been adopted as standard (e.g. Dilithium) or candidate standard methods (e.g. McEliece cryptography), but state of the art has proven to be challenging to implement implicit certificates using lattice-based cryptography methods. Therefore, this study proposes a post-quantum cryptography McEliece-Chen (PQCMC) based on an efficient random invertible matrix generation method to issue pseudonymous certificates with less computation time. The study provides mathematical models to validate the key expansion process for implicit certificates. Furthermore, comprehensive security evaluations and discussions are conducted to demonstrate that distinct implicit certificates can be linked to the same end entity. In experiments, a comparison is conducted between the certificate length and computation time to evaluate the performance of the proposed PQCMC. This study demonstrates the viability of the implicit certificate scheme based on PQC as a means of countering quantum computing threats

ACPC: Efficient revocation of pseudonym certificates using activation codes

Vehicular communication (V2X) technologies allow vehicles to exchange information about the road conditions and their own status, and thereby enhance transportation safety and efficiency. For broader deployment, however, such technologies are expected to address security and privacy concerns, preventing abuse by users and by the system\u27s entities. In particular, the system is expected to enable the revocation of malicious vehicles, e.g., in case they send invalid information to their peers or to the roadside infrastructure; it should also prevent the system from being misused for tracking honest vehicles.Both features are enabled by Vehicular Public Key Infrastructure (VPKI) solutions such as Security Credential Management Systems (SCMS), one of the leading candidates for protecting V2X communication in the United States. Unfortunately, though, SCMS\u27s original revocation mechanism can lead to large Certification Revocation Lists (CRLs), which in turn impacts the bandwidth usage and processing overhead of the system. In this article, we propose a novel design called Activation Codes for Pseudonym Certificates (ACPC), which can be integrated into SCMS to address this issue. Our proposal is based on activation codes, short bitstrings without which certificates previously issued to a vehicle cannot be used by the latter, which are periodically distributed to non-revoked vehicles using an efficient broadcast mechanism. As a result, the identifiers of the corresponding certificates do no need to remain on the CRL for a long time, reducing the CRLs\u27 size and streamlining their distribution and verification of any vehicle\u27s revocation status. Besides describing ACPC in detail, we also compare it to similar-purpose solutions such as Issue First Activate Later (IFAL) and Binary Hash Tree based Certificate Access Management (BCAM).This analysis shows that our proposal not only brings security improvements (e.g., in terms of resilience against colluding system authorities), but also leads to processing and bandwidth overheads that are orders of magnitude smaller than those observed in the state of the art

A reputation-based scheme for announcement messages in vehicular networks

English: Vehicular Ad-Hoc Networks (VANETs) are shaping up as the next step to provide information and safety services to vehicles. These networks are characterized for being variable in terms of connectivity and delay due to continuous changes in the topology. These conditions are acceptable for developing best effort information systems, no bounded in delay or rate. However, when dealing with critical safety applications, as emergency accident reports, some improvements are needed in terms of reliability and security. In this thesis, we present and classify the incoming VANETs services and the techniques to enable nodes to trust their neighbours'announcements in an efficient and secure manner. To overcome the limitations, we propose a reputation-aware system for VANETs based on digital credentials conveying the reputation value assigned to users. Finally we evaluate the costs and accuracy of this new proposal by itself and combined with the existing ones based on revocation lists.Castellano: Las redes vehiculares ad-hoc (VANET) se perfilan como el próximo paso para proporcionar información y servicios de seguridad en vehículos. Estas redes se caracterizan por ser variables en términos de conectividad y latencia debido sobre todo a los continuos cambios de topología. Estas condiciones son aceptables para el desarrollo de sistemas de información sin calidad predeterminada ó 'Best-Effort', sin limitación en el retraso o en la tasa con la que se intercambian los datos. Sin embargo, cuando se trata de aplicaciones críticas de seguridad, como los avisos de emergencia en caso de accidente, se hacen necesarias algunas mejoras en términos de fiabilidad y seguridad. En esta tesis, vamos a presentar y clasificar los servicios VANET incipientes y las técnicas para que los nodos puedan confiar en los anuncios de sus vecinos de un modo eficiente y seguro. Para superar estas limitaciones, se propone un sistema de reputación para las VANET sobre la base de credenciales digitales conteniendo el valor de reputación asignado al usuario. Finalmente, evaluamos los costes y la exactitud de esta nueva propuesta en sí misma y en combinación con las ya existentes basadas en listas de revocación.Català: Les xarxes vehiculars Ad-hoc (VANET) es perfilan com el proper pas per proporcionar informació i serveis de seguretat als vehicles. Aquestes xarxes es caracteritzen per ser variables en termes de connectivitat i de retard a causa dels continus canvis de topologia. Aquestes condicions són acceptables per al desenvolupament de sistemes de informació del tipus 'Best Effort', no limitats en terms de retard o taxa de dades. No obstant això, quan es tracta d'aplicacions crítiques de seguretat, com son els informes d'accidents d'emergència, algunes millores són necessàries en termes de fiabilitat i seguretat. En aquesta tesi, presentarem i classificarem els propers serveis per les VANET i les tècniques per permetrán que els nodes tingin confiança quan es comuniquin ambs els seus veïns d'una manera eficient i segura. Per superar les limitacions, es proposa un sistema de reputació, tant per VANET sobre la base de les credencials digitals que transmetin el valor assignat a la reputació dels usuaris. Finalment, avaluarem els costos i la precisió d'aquesta nova proposta en si mateixa i en combinació amb les ja existents sobre la base de les llistes de revocació

Security Improvements for the Automatic Identification System

The Automatic Identification System (AIS) is used aboard the vast majority of sea-going vessels in the world as a collision avoidance tool. Currently, the AIS operates without any security features, which make it vulnerable to exploits such as spoofing, hijacking, and replay attacks by malicious parties. This paper examines the work that has been done so far to improve AIS security, as well as the approaches taken on similar problems in the aircraft and vehicular mobile ad-hoc network (MANET) industries. The first major contribution of this paper is the implementation of a Software Defined Radio (SDR) AIS transmitter and receiver which can be used to conduct vulnerability analysis and test the implementation of new security features. The second contribution is the design of a novel authentication protocol which overcomes the existing vulnerabilities in the AIS system. The proposed protocol uses time-delayed hash-chain key disclosures as part of a message authentication code (MAC) appended to automatic position reports to verify the authenticity of a user. This method requires only one additional time slot for broadcast authentication compared to the existing standard and is a significant reduction in message overhead requirements compared to alternative approaches that solely rely on public key infrastructure (PKI). Additionally, there is an embedded time stamp, a feature lacking in the existing system, which makes this protocol resistant to replay attacks. A test implementation of the proposed protocol indicates that it can be deployed as a link layer software update to existing AIS transceivers and can be deployed within the current AIS technical standards as an expanded message set

Secure identity management in structured peer-to-peer (P2P) networks

Structured Peer-to-Peer (P2P) networks were proposed to solve routing problems of big distributed infrastructures. But the research community has been questioning their security for years. Most prior work in security services was focused on secure routing, reputation systems, anonymity, etc. However, the proper management of identities is an important prerequisite to provide most of these security services. The existence of anonymous nodes and the lack of a centralized authority capable of monitoring (and/or punishing) nodes make these systems more vulnerable against selfish or malicious behaviors. Moreover, these improper usages cannot be faced only with data confidentiality, nodes authentication, non-repudiation, etc. In particular, structured P2P networks should follow the following secure routing primitives: (1) secure maintenance of routing tables, (2) secure routing of messages, and (3) secure identity assignment to nodes. But the first two problems depend in some way on the third one. If nodes’ identifiers can be chosen by users without any control, these networks can have security and operational problems. Therefore, like any other network or service, structured P2P networks require a robust access control to prevent potential attackers joining the network and a robust identity assignment system to guarantee their proper operation. In this thesis, firstly, we analyze the operation of the current structured P2P networks when managing identities in order to identify what security problems are related to the nodes’ identifiers within the overlay, and propose a series of requirements to be accomplished by any generated node ID to provide more security to a DHT-based structured P2P network. Secondly, we propose the use of implicit certificates to provide more security and to exploit the improvement in bandwidth, storage and performance that these certificates present compared to explicit certificates, design three protocols to assign nodes’ identifiers avoiding the identified problems, while maintaining user anonymity and allowing users’ traceability. Finally, we analyze the operation of the most used mechanisms to distribute revocation data in the Internet, with special focus on the proposed systems to work in P2P networks, and design a new mechanism to distribute revocation data more efficiently in a structured P2P network.Las redes P2P estructuradas fueron propuestas para solventar problemas de enrutamiento en infraestructuras de grandes dimensiones pero su nivel de seguridad lleva años siendo cuestionado por la comunidad investigadora. La mayor parte de los trabajos que intentan mejorar la seguridad de estas redes se han centrado en proporcionar encaminamiento seguro, sistemas de reputación, anonimato de los usuarios, etc. Sin embargo, la adecuada gestión de las identidades es un requisito sumamente importante para proporcionar los servicios mencionados anteriormente. La existencia de nodos anónimos y la falta de una autoridad centralizada capaz de monitorizar (y/o penalizar) a los nodos hace que estos sistemas sean más vulnerables que otros a comportamientos maliciosos por parte de los usuarios. Además, esos comportamientos inadecuados no pueden ser detectados proporcionando únicamente confidencialidad de los datos, autenticación de los nodos, no repudio, etc. Las redes P2P estructuradas deberían seguir las siguientes primitivas de enrutamiento seguro: (1) mantenimiento seguro de las tablas de enrutamiento, (2) enrutamiento seguro de los mensajes, and (3) asignación segura de las identidades. Pero la primera de los dos primitivas depende de alguna forma de la tercera. Si las identidades de los nodos pueden ser elegidas por sus usuarios sin ningún tipo de control, muy probablemente aparecerán muchos problemas de funcionamiento y seguridad. Por lo tanto, de la misma forma que otras redes y servicios, las redes P2P estructuradas requieren de un control de acceso robusto para prevenir la presencia de atacantes potenciales, y un sistema robusto de asignación de identidades para garantizar su adecuado funcionamiento. En esta tesis, primero de todo analizamos el funcionamiento de las redes P2P estructuradas basadas en el uso de DHTs (Tablas de Hash Distribuidas), cómo gestionan las identidades de sus nodos, identificamos qué problemas de seguridad están relacionados con la identificación de los nodos y proponemos una serie de requisitos para generar identificadores de forma segura. Más adelante proponemos el uso de certificados implícitos para proporcionar más seguridad y explotar las mejoras en consumo de ancho de banda, almacenamiento y rendimiento que proporcionan estos certificados en comparación con los certificados explícitos. También hemos diseñado tres protocolos de asignación segura de identidades, los cuales evitan la mayor parte de los problemas identificados mientras mantienen el anonimato de los usuarios y la trazabilidad. Finalmente hemos analizado el funcionamiento de la mayoría de los mecanismos utilizados para distribuir datos de revocación en Internet, con especial interés en los sistemas propuestos para operar en redes P2P, y hemos diseñado un nuevo mecanismo para distribuir datos de revocación de forma más eficiente en redes P2P estructuradas.Postprint (published version