SPECS: Secure and privacy enhancing communications schemes for VANETs

This journal issue entitled: Advances in Ad Hoc Networks (I)Vehicular ad hoc network (VANET) is an emerging type of networks which facilitates vehicles on roads to communicate for driving safety. The basic idea is to allow arbitrary vehicles to broadcast ad hoc messages (e.g. traffic accidents) to other vehicles. However, this raises the concern of security and privacy. Messages should be signed and verified before they are trusted while the real identity of vehicles should not be revealed, but traceable by authorized party. Existing solutions either rely heavily on a tamper-proof hardware device, or cannot satisfy the privacy requirement and do not have an effective message verification scheme. In this paper, we provide a software-based solution which makes use of only two shared secrets to satisfy the privacy requirement (with security analysis) and gives lower message overhead and at least 45% higher successful rate than previous solutions in the message verification phase using the bloom filter and the binary search techniques (through simulation study). We also provide the first group communication protocol to allow vehicles to authenticate and securely communicate with others in a group of known vehicles. © 2010 Elsevier B.V. All rights reserved.postprin

VSPN: VANET-based Secure and Privacy-preserving Navigation

postprin

PASS: Privacy-preserving authentication scheme for smart grid network

A smart grid power system is capable of adjusting the amount of electricity generated based on real-time requests from the smart meters of customers, thus avoiding excess electricity generation and facilitating reliable and effective transmission of electricity. To ensure that requests are sent from a valid user, all request messages must be authenticated. On the other hand, by analyzing the electricity usage pattern of a customer, the daily habit of the customer, such as when he is away, may be revealed. Thus, a proper privacy preserving mechanism has to be adopted. This paper attempts to develop a scheme to address these two seemingly contradicting requirements efficiently. By using a tamper-resistant device at the smart appliance and pseudo identities, we derive a privacy preserving authentication scheme to solve the problem. The authentication process is made very efficient by means of Hash-based Message Authentication Code (HMAC). Through simulation, we show that with our scheme, the transmission and signature verification delay induced are very small and the message overhead is only 20 bytes per request message. With our efficient verification process, even under attack, the substation can effectively drop all attack messages, allowing 6 times more valid messages to reach the control center when compared to the case without any verification. Thus our scheme is both efficient and effective. © 2011 IEEE.published_or_final_versionThe 2nd IEEE International Conference on Smart Grid Communications (SmartGridComm 2011), Brussels, Belgium, 17-20 October 2011. In Proceedings of the 2nd Smartgridcomm, 2011, p. 196-20

MLAS: Multiple level authentication scheme for VANETs

The vehicular ad hoc network (VANET) is an emerging type of network which enables vehicles on roads to inter-communicate for driving safety. The basic idea is to allow arbitrary vehicles to broadcast ad hoc messages (e.g. traffic accidents) to other vehicles. However, this raises the concern of security and privacy. Messages should be signed and verified before they are trusted while the real identity of vehicles should not be revealed, but traceable by authorized party. Existing solutions either rely too heavily on a tamper-proof hardware device, or do not have an effective message verification scheme. In this paper, we propose a multiple level authentication scheme which still makes use of tamper-proof devices but the strong assumption that a long-term system master secret is preloaded into all tamper-proof devices is removed. Instead the master secret can be updated if needed to increase the security level. On the other hand, messages sent by vehicles are classified into two types - regular messages and urgent messages. Regular messages can be verified by neighboring vehicles by means of Hash-based Message Authentication Code (HMAC) while urgent messages can only be verified with the aid of RSUs nearby by means of a conditional privacy-preserving authentication scheme. Copyright 2011 ACM.postprintThe 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2011), Hong Kong, China, 22-24 March 2011. In Proceedings of 6th ACM ASIACCS, 2011, p. 471-47

Privacy-preserving advance power reservation

Smart grid is considered to be the next generation power system. Integrating information and communication technology, power electronics, and power system technologies, smart grid reduces excess power generation by better matching power generation with customer demands, and facilitates renewable power generation by closely monitoring renewable energy source status. Such a large-scale network may be subject to various attacks. In particular, authentication and user privacy preservation are considered two major security concerns. In this article, we first highlight the importance of smart grid security. Next we introduce a new power request paradigm in which a customer is allowed to submit a power usage plan in advance. We then propose a secure and privacy-preserving power request scheme as a solution to this problem. To achieve the privacy-preserving property, our scheme employs two cryptographic techniques: anonymous credential and blind signature. We conclude this article by discussing the security and performance issues of our proposed scheme. © 1979-2012 IEEE.published_or_final_versio

Security and privacy issues for inter-vehicle communications in VANETs

Vehicular ad hoc network (VANET) is an emerging type of networks to allow vehicles on roads to communicate for driving safety. An vehicle can broadcast messages (e.g. accident information) to other vehicles. These messages may have impact on other vehicles as well as the traffic control system, so all messages must be signed and authenticated. On the other hand, privacy should be enforced while the real identity of the sender should be traceable by authorized party. In this poster, we first discuss the limitations of existing solutions. In particular, we describe an impersonation attack to one of the schemes, highlight the problem of communications overhead, and effectiveness of the message verification procedure. Then, we present the main ideas of our proposed scheme which can be shown to be secure and more effective than existing schemes.published_or_final_versionThe 6th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks Workshops (SECON Workshops '09), Rome, Italy, 22-26 June 2009. In Proceedings of the 6th IEEE SECON Workshops, 2009, p. 1-

OPQ: OT-based private querying in VANETs

We consider the querying service (e.g., location-based query service) in vehicular ad hoc networks (VANETs). Querying service has been studied in various kinds of networks such as traditional mobile phone networks and other mobile ad hoc networks. However, existing schemes are either not suitable for VANETs due to their highly dynamic environment or do not provide a privacy-preserving solution. In this paper, we first discuss the security concerns of providing a querying service that ensures that a query will not be linkable to the querier. Then, we briefly highlight the characteristics of VANETs, which make the problem different from other types of networks. Finally, we propose a solution for solving the problem by using techniques of pseudoidentity, indistinguishable credentials, and oblivious transfer. We show that, although all infrastructure units collude, it is still impossible to link the real identity of the user to a query. Based on our simulation study, we show that our scheme is effective in terms of processing delay, message overhead, and success rate. © 2011 IEEE.published_or_final_versio

Non-Transferable Proxy Re-Encryption Scheme

SEC8: Selected topics in Information SecurityA proxy re-encryption (PRE) scheme allows a proxy to re-encrypt a ciphertext for Alice (delegator) to a ciphertext for Bob (delegatee) without seeing the underlying plaintext. However, existing PRE schemes generally suffer from at least one of the followings. Some schemes fail to provide the non-transferable property in which the proxy and the delegatee can collude to further delegate the decryption right to anyone. This is the main open problem left for PRE schemes. Other schemes assume the existence of a fully trusted private key generator (PKG) to generate the re-encryption key to be used by the proxy for re-encrypting a given ciphertext for a target delegatee. But this poses two problems in PRE schemes if the PKG is malicious: the PKG in their schemes may decrypt both original ciphertexts and re-encrypted ciphertexts (referred as the key escrow problem); and the PKG can generate reencryption key for arbitrary delegatees without permission from the delegator (we refer to it as the PKG despotism problem). In this paper, we propose the first non-transferable proxy re-encryption scheme which successfully achieves the nontransferable property. We show that the new scheme solved the PKG despotism problem and key escrow problem as well. © 2012 IEEE.published_or_final_versio

SPCS: Secure and Privacy-Preserving Charging-Station Searching using VANET

Electric vehicle has attracted more and more attention all around the world in recent years because of its many advan- tages such as low pollution to the environment. However, due to the limitation of current technology, charging remains an important issue. In this paper, we study the problem of finding and making reservation on charging stations via a vehicular ad hoc network (VANET). Our focus is on the privacy concern as drivers would not like to be traced by knowing which charging stations they have visited. Technically, we make use of the property of blind signature to achieve this goal. In brief, an electric vehicle first generates a set of anonymous credentials on its own. A trusted au- thority then blindly signs on them after verifying the identity of the vehicle. After that, the vehicle can make charging station searching queries and reservations by presenting those signed anonymous credentials. We implemented the scheme and show that the credential signing process (expected to be the most time consuming step) can be completed within reasonable time when the parameters are properly set. In particular, the process can be completed in 5 minutes when 1024 bits of RSA signing key is used. Moreover, we show that our scheme is secure in terms of authentication and privacy-preserving.published_or_final_versio

Weighted average problem revisited under hybrid and malicious model

It is getting more common for two or more parties to jointly compute some statistics, say for marketing, by combining information on their private databases without disclosing the private data to the others. The core problem is usually known as secure multi-party computation (SMC). A number of solutions have been proposed. However, almost all of them assume a semi-honest model which is unrealistic. On the other hand, protocols that work under the malicious model (all participating parties can be malicious) are usually complicated and expensive in terms of communication and computation. In this paper, we try to consider a more reasonable model, the hybrid security model, in which at least one party is semi-honest. We want to make sure that the malicious parties will not get the correct final result if they perform malicious behaviors. We propose a scheme to solve the two-party weighted average problem (WAP) under this hybrid security model. We also show that the scheme can be extended to work under the malicious model using any fair exchange scheme. We formally show that our schemes are secure. We also implemented the schemes and showed that our scheme under the hybrid security model is reasonably fast and efficient for practical use. © 2012 AICIT.published_or_final_versio