Assessment of attribute-based credentials for privacy-preserving road traffic services in smart cities

Smart cities involve the provision of advanced services for road traffic users. Vehicular ad hoc networks (VANETs) are a promising communication technology in this regard. Preservation of privacy is crucial in these services to foster their acceptance. Previous approaches have mainly focused on PKI-based or ID-based cryptography. However, these works have not fully addressed the minimum information disclosure principle. Thus, questions such as how to prove that a driver is a neighbour of a given zone, without actually disclosing his identity or real address, remain unaddressed. A set of techniques, referred to as Attribute-Based Credentials (ABCs), have been proposed to address this need in traditional computation scenarios. In this paper, we explore the use of ABCs in the vehicular context. For this purpose, we focus on a set of use cases from European Telecommunications Standards Institute (ETSI) Basic Set of Applications, specially appropriate for the early development of smart cities. We assess which ABC techniques are suitable for this scenario, focusing on three representative ones—Idemix, U-Prove and VANET-updated Persiano systems. Our experimental results show that they are feasible in VANETs considering state-of-the-art technologies, and that Idemix is the most promising technique for most of the considered use cases.This work was supported by the MINECO grant TIN2013-46469-R (SPINY: Security and Privacy in the Internet of You); the CAM grant S2013/ICE-3095 (CIBERDINE: Cybersecurity, Data, and Risks) and by the MINECO grant TIN2016-79095-C2-2-R (SMOG-DEV - Security mechanisms for fog computing: advanced security for devices). Jose Maria de Fuentes and Lorena Gonzalez were also supported by the Programa de Ayudas para la Movilidad of Carlos III University of Madrid

Practical secure and privacy-preserving scheme for value-added applications in VANETs

DOI: 10.1016/j.comcom.2015.08.005 URL: http://www.sciencedirect.com/science/article/pii/S014036641500290XAdvances in mobile networking and information processing technologies have triggered vehicular ad hoc networks (VANETs) for traffic safety and value-added applications. Most efforts have been made to address the security concerns while little work has been done to investigate security and privacy for value-added applications in VANETs. To fill this gap, we propose a secure and privacy-preserving scheme for value-added applications in VANETs; specifically, a vehicular secure and privacy-preserving location-based service (LBS). For each LBS transaction, the scheme provides authentication, integrity and non-repudiation for both the service provider and the vehicle. A vehicle can obtain the service in an anonymous way and hence vehicle privacy is well protected. However, if a vehicle maliciously uses the service, a tracing procedure can be invoked to find the malicious vehicle, thereby efficiently preventing vehicles from abusing the anonymity provided by the system. These features are achieved by efficiently exploiting the available infrastructure of VANETs and without requiring cooperation from other vehicles, which might be reluctant to cooperate or otherwise unavailable. Although public-key cryptosystems are employed as building blocks, no complicated certificate management is required by our system