Secure Vehicular Communication Systems: Implementation, Performance, and Research Challenges

Vehicular Communication (VC) systems are on the verge of practical deployment. Nonetheless, their security and privacy protection is one of the problems that have been addressed only recently. In order to show the feasibility of secure VC, certain implementations are required. In [1] we discuss the design of a VC security system that has emerged as a result of the European SeVeCom project. In this second paper, we discuss various issues related to the implementation and deployment aspects of secure VC systems. Moreover, we provide an outlook on open security research issues that will arise as VC systems develop from today's simple prototypes to full-fledged systems

On the Performance of Secure Vehicular Communication Systems

Vehicular communication (VC) systems are developed primarily to enhance transportation safety and efficiency. Vehicle-to-vehicle communication, in particular frequent cooperative awareness messages or safety beacons, have been considered over the past years as a main approach. Meanwhile, the need to provide security and safeguard the users privacy have been well understood, and security architectures for VC systems have been proposed. Although technical approaches to secure VC have several commonalities and a consensus has formed, there are critical questions that have remained largely unanswered: Are proposed security and privacy schemes practical? Can the secured VC systems support the VC-enabled applications as effectively as unsecured VC would? How should security be designed so that its integration into a VC system has the least impact on the system performance? In this paper, we provide answers to these questions, investigating the joint effect of a set of system parameters and components. We consider the stateof-the-art approach in secure VC, and we evaluate analytically and through simulations interdependencies among components and system characteristics. Overall, we identify the key design choices to deploy efficient and effective secure VC

SECMACE: Scalable and Robust Identity and Credential Management Infrastructure in Vehicular Communication Systems

Several years of academic and industrial research efforts have converged to a common understanding on fundamental security building blocks for the upcoming Vehicular Communication (VC) systems. There is a growing consensus towards deploying a special-purpose identity and credential management infrastructure, i.e., a Vehicular Public-Key Infrastructure (VPKI), enabling pseudonymous authentication, with standardization efforts towards that direction. In spite of the progress made by standardization bodies (IEEE 1609.2 and ETSI) and harmonization efforts (Car2Car Communication Consortium (C2C-CC)), significant questions remain unanswered towards deploying a VPKI. Deep understanding of the VPKI, a central building block of secure and privacy-preserving VC systems, is still lacking. This paper contributes to the closing of this gap. We present SECMACE, a VPKI system, which is compatible with the IEEE 1609.2 and ETSI standards specifications. We provide a detailed description of our state-of-the-art VPKI that improves upon existing proposals in terms of security and privacy protection, and efficiency. SECMACE facilitates multi-domain operations in the VC systems and enhances user privacy, notably preventing linking pseudonyms based on timing information and offering increased protection even against honest-but-curious VPKI entities. We propose multiple policies for the vehicle-VPKI interactions, based on which and two large-scale mobility trace datasets, we evaluate the full-blown implementation of SECMACE. With very little attention on the VPKI performance thus far, our results reveal that modest computing resources can support a large area of vehicles with very low delays and the most promising policy in terms of privacy protection can be supported with moderate overhead.Comment: 14 pages, 9 figures, 10 tables, IEEE Transactions on Intelligent Transportation System

Data-centric Misbehavior Detection in VANETs

Detecting misbehavior (such as transmissions of false information) in vehicular ad hoc networks (VANETs) is very important problem with wide range of implications including safety related and congestion avoidance applications. We discuss several limitations of existing misbehavior detection schemes (MDS) designed for VANETs. Most MDS are concerned with detection of malicious nodes. In most situations, vehicles would send wrong information because of selfish reasons of their owners, e.g. for gaining access to a particular lane. Because of this (\emph{rational behavior}), it is more important to detect false information than to identify misbehaving nodes. We introduce the concept of data-centric misbehavior detection and propose algorithms which detect false alert messages and misbehaving nodes by observing their actions after sending out the alert messages. With the data-centric MDS, each node can independently decide whether an information received is correct or false. The decision is based on the consistency of recent messages and new alert with reported and estimated vehicle positions. No voting or majority decisions is needed, making our MDS resilient to Sybil attacks. Instead of revoking all the secret credentials of misbehaving nodes, as done in most schemes, we impose fines on misbehaving nodes (administered by the certification authority), discouraging them to act selfishly. This reduces the computation and communication costs involved in revoking all the secret credentials of misbehaving nodes.Comment: 12 page

Analisis Perbandingan Penggunaan Kali Linux pada Windows Subsystem for Linux (WSL) dan VirtualBox terhadap OpenSSL Benchmark Testing

In the context of the evolution of information technology, the integration of Linux operating systems within the Windows environment has become increasingly crucial. Windows Subsystem for Linux (WSL) and VirtualBox are two main approaches that offer solutions for running Linux on the Windows operating system. In the context of information security, performance testing of OpenSSL sign and verify becomes crucial. This research aims to compare the usage of each approach with a focus on the performance testing of OpenSSL sign and verify. The research method involves the implementation of the Phoronix Test Suite to measure the speed of Kali Linux in executing OpenSSL sign and verify within the WSL and VirtualBox environments. The results of the analysis indicate that in the OpenSSL sign and verify testing, WSL demonstrates superior performance compared to VirtualBox. WSL achieves faster execution times in running this test, suggesting that WSL can be a more effective choice in the context of performance, especially in tasks related to OpenSSL sign and verify. This research provides practical guidance for users aiming for maximum performance when running OpenSSL sign and verify tasks in the Kali Linux environment within the Windows operating system