2,075 research outputs found
"On the Road" - Reflections on the Security of Vehicular Communication Systems
Vehicular communication (VC) systems have recently drawn the attention of
industry, authorities, and academia. A consensus on the need to secure VC
systems and protect the privacy of their users led to concerted efforts to
design security architectures. Interestingly, the results different project
contributed thus far bear extensive similarities in terms of objectives and
mechanisms. As a result, this appears to be an auspicious time for setting the
corner-stone of trustworthy VC systems. Nonetheless, there is a considerable
distance to cover till their deployment. This paper ponders on the road ahead.
First, it presents a distillation of the state of the art, covering the
perceived threat model, security requirements, and basic secure VC system
components. Then, it dissects predominant assumptions and design choices and
considers alternatives. Under the prism of what is necessary to render secure
VC systems practical, and given possible non-technical influences, the paper
attempts to chart the landscape towards the deployment of secure VC systems
Flexible Authentication in Vehicular Ad hoc Networks
A Vehicular Ad-Hoc Network (VANET) is a form of Mobile ad-hoc network, to
provide communications among nearby vehicles and between vehicles and nearby
fixed roadside equipment. The key operation in VANETs is the broadcast of
messages. Consequently, the vehicles need to make sure that the information has
been sent by an authentic node in the network. VANETs present unique challenges
such as high node mobility, real-time constraints, scalability, gradual
deployment and privacy. No existent technique addresses all these requirements.
In particular, both inter-vehicle and vehicle-to-roadside wireless
communications present different characteristics that should be taken into
account when defining node authentication services. That is exactly what is
done in this paper, where the features of inter-vehicle and vehicle-to-roadside
communications are analyzed to propose differentiated services for node
authentication, according to privacy and efficiency needs
SECMACE: Scalable and Robust Identity and Credential Management Infrastructure in Vehicular Communication Systems
Several years of academic and industrial research efforts have converged to a
common understanding on fundamental security building blocks for the upcoming
Vehicular Communication (VC) systems. There is a growing consensus towards
deploying a special-purpose identity and credential management infrastructure,
i.e., a Vehicular Public-Key Infrastructure (VPKI), enabling pseudonymous
authentication, with standardization efforts towards that direction. In spite
of the progress made by standardization bodies (IEEE 1609.2 and ETSI) and
harmonization efforts (Car2Car Communication Consortium (C2C-CC)), significant
questions remain unanswered towards deploying a VPKI. Deep understanding of the
VPKI, a central building block of secure and privacy-preserving VC systems, is
still lacking. This paper contributes to the closing of this gap. We present
SECMACE, a VPKI system, which is compatible with the IEEE 1609.2 and ETSI
standards specifications. We provide a detailed description of our
state-of-the-art VPKI that improves upon existing proposals in terms of
security and privacy protection, and efficiency. SECMACE facilitates
multi-domain operations in the VC systems and enhances user privacy, notably
preventing linking pseudonyms based on timing information and offering
increased protection even against honest-but-curious VPKI entities. We propose
multiple policies for the vehicle-VPKI interactions, based on which and two
large-scale mobility trace datasets, we evaluate the full-blown implementation
of SECMACE. With very little attention on the VPKI performance thus far, our
results reveal that modest computing resources can support a large area of
vehicles with very low delays and the most promising policy in terms of privacy
protection can be supported with moderate overhead.Comment: 14 pages, 9 figures, 10 tables, IEEE Transactions on Intelligent
Transportation System
Privacy in Inter-Vehicular Networks: Why simple pseudonym change is not enough
Inter-vehicle communication (IVC) systems disclose rich location information about vehicles. State-of-the-art security architectures are aware of the problem and provide privacy enhancing mechanisms, notably pseudonymous authentication. However, the granularity and the amount of location information IVC protocols divulge, enable an adversary that eavesdrops all traffic throughout an area, to reconstruct long traces of the whereabouts of the majority of vehicles within the same area. Our analysis in this paper confirms the existence of this kind of threat. As a result, it is questionable if strong location privacy is achievable in IVC systems against a powerful adversary.\u
- …