1,781 research outputs found
Formal Analysis of V2X Revocation Protocols
Research on vehicular networking (V2X) security has produced a range of
security mechanisms and protocols tailored for this domain, addressing both
security and privacy. Typically, the security analysis of these proposals has
largely been informal. However, formal analysis can be used to expose flaws and
ultimately provide a higher level of assurance in the protocols.
This paper focusses on the formal analysis of a particular element of
security mechanisms for V2X found in many proposals: the revocation of
malicious or misbehaving vehicles from the V2X system by invalidating their
credentials. This revocation needs to be performed in an unlinkable way for
vehicle privacy even in the context of vehicles regularly changing their
pseudonyms. The REWIRE scheme by Forster et al. and its subschemes BASIC and
RTOKEN aim to solve this challenge by means of cryptographic solutions and
trusted hardware.
Formal analysis using the TAMARIN prover identifies two flaws with some of
the functional correctness and authentication properties in these schemes. We
then propose Obscure Token (OTOKEN), an extension of REWIRE to enable
revocation in a privacy preserving manner. Our approach addresses the
functional and authentication properties by introducing an additional key-pair,
which offers a stronger and verifiable guarantee of successful revocation of
vehicles without resolving the long-term identity. Moreover OTOKEN is the first
V2X revocation protocol to be co-designed with a formal model.Comment: 16 pages, 4 figure
Reducing Message Collisions in Sensing-based Semi-Persistent Scheduling (SPS) by Using Reselection Lookaheads in Cellular V2X
In the C-V2X sidelink Mode 4 communication, the sensing-based semi-persistent
scheduling (SPS) implements a message collision avoidance algorithm to cope
with the undesirable effects of wireless channel congestion. Still, the current
standard mechanism produces high number of packet collisions, which may hinder
the high-reliability communications required in future C-V2X applications such
as autonomous driving. In this paper, we show that by drastically reducing the
uncertainties in the choice of the resource to use for SPS, we can
significantly reduce the message collisions in the C-V2X sidelink Mode 4.
Specifically, we propose the use of the "lookahead," which contains the next
starting resource location in the time-frequency plane. By exchanging the
lookahead information piggybacked on the periodic safety message, vehicular
user equipments (UEs) can eliminate most message collisions arising from the
ignorance of other UEs' internal decisions. Although the proposed scheme would
require the inclusion of the lookahead in the control part of the packet, the
benefit may outweigh the bandwidth cost, considering the stringent reliability
requirement in future C-V2X applications.Comment: Submitted to MDPI Sensor
- …