425 research outputs found
"On the Road" - Reflections on the Security of Vehicular Communication Systems
Vehicular communication (VC) systems have recently drawn the attention of
industry, authorities, and academia. A consensus on the need to secure VC
systems and protect the privacy of their users led to concerted efforts to
design security architectures. Interestingly, the results different project
contributed thus far bear extensive similarities in terms of objectives and
mechanisms. As a result, this appears to be an auspicious time for setting the
corner-stone of trustworthy VC systems. Nonetheless, there is a considerable
distance to cover till their deployment. This paper ponders on the road ahead.
First, it presents a distillation of the state of the art, covering the
perceived threat model, security requirements, and basic secure VC system
components. Then, it dissects predominant assumptions and design choices and
considers alternatives. Under the prism of what is necessary to render secure
VC systems practical, and given possible non-technical influences, the paper
attempts to chart the landscape towards the deployment of secure VC systems
Evaluating On-demand Pseudonym Acquisition Policies in Vehicular Communication Systems
Standardization and harmonization efforts have reached a consensus towards
using a special-purpose Vehicular Public-Key Infrastructure (VPKI) in upcoming
Vehicular Communication (VC) systems. However, there are still several
technical challenges with no conclusive answers; one such an important yet open
challenge is the acquisition of shortterm credentials, pseudonym: how should
each vehicle interact with the VPKI, e.g., how frequently and for how long?
Should each vehicle itself determine the pseudonym lifetime? Answering these
questions is far from trivial. Each choice can affect both the user privacy and
the system performance and possibly, as a result, its security. In this paper,
we make a novel systematic effort to address this multifaceted question. We
craft three generally applicable policies and experimentally evaluate the VPKI
system performance, leveraging two large-scale mobility datasets. We consider
the most promising, in terms of efficiency, pseudonym acquisition policies; we
find that within this class of policies, the most promising policy in terms of
privacy protection can be supported with moderate overhead. Moreover, in all
cases, this work is the first to provide tangible evidence that the
state-of-the-art VPKI can serve sizable areas or domain with modest computing
resources.Comment: 6 pages, 7 figures, IoV-VoI'1
Secure Position-Based Routing for VANETs
Vehicular communication (VC) systems have the potential to improve road safety and driving comfort. Nevertheless, securing the operation is a prerequisite for deployment. So far, the security of VC applications has mostly drawn the attention of research efforts, while comprehensive solutions to protect the network operation have not been developed. In this paper, we address this problem: we provide a scheme that secures geographic position-based routing, which has been widely accepted as the appropriate one for VC. Moreover, we focus on the scheme currently chosen and evaluated in the Car2Car Communication Consortium (C2C-CC). We integrate security mechanisms to protect the position-based routing functionality and services (beaconing, multi-hop forwarding, and geo-location discovery), and enhance the network robustness. We propose defense mechanisms, relying both on cryptographic primitives, and plausibility checks mitigating false position injection. Our implementation and initial measurements show that the security overhead is low and the proposed scheme deployable
RHyTHM: A Randomized Hybrid Scheme To Hide in the Mobile Crowd
Any on-demand pseudonym acquisition strategy is problematic should the
connectivity to the credential management infrastructure be intermittent. If a
vehicle runs out of pseudonyms with no connectivity to refill its pseudonym
pool, one solution is the on-the-fly generation of pseudonyms, e.g., leveraging
anonymous authentication. However, such a vehicle would stand out in the crowd:
one can simply distinguish pseudonyms, thus signed messages, based on the
pseudonym issuer signature, link them and track the vehicle. To address this
challenge, we propose a randomized hybrid scheme, RHyTHM, to enable vehicles to
remain operational when disconnected without compromising privacy: vehicles
with valid pseudonyms help others to enhance their privacy by randomly joining
them in using on-the-fly self-certified pseudonyms along with aligned
lifetimes. This way, the privacy of disconnected users is enhanced with a
reasonable computational overhead.Comment: 4 pages, 4 figures, IEEE Vehicular Networking Conference (VNC),
November 27-29, 2017, Torino, Ital
SECMACE: Scalable and Robust Identity and Credential Management Infrastructure in Vehicular Communication Systems
Several years of academic and industrial research efforts have converged to a
common understanding on fundamental security building blocks for the upcoming
Vehicular Communication (VC) systems. There is a growing consensus towards
deploying a special-purpose identity and credential management infrastructure,
i.e., a Vehicular Public-Key Infrastructure (VPKI), enabling pseudonymous
authentication, with standardization efforts towards that direction. In spite
of the progress made by standardization bodies (IEEE 1609.2 and ETSI) and
harmonization efforts (Car2Car Communication Consortium (C2C-CC)), significant
questions remain unanswered towards deploying a VPKI. Deep understanding of the
VPKI, a central building block of secure and privacy-preserving VC systems, is
still lacking. This paper contributes to the closing of this gap. We present
SECMACE, a VPKI system, which is compatible with the IEEE 1609.2 and ETSI
standards specifications. We provide a detailed description of our
state-of-the-art VPKI that improves upon existing proposals in terms of
security and privacy protection, and efficiency. SECMACE facilitates
multi-domain operations in the VC systems and enhances user privacy, notably
preventing linking pseudonyms based on timing information and offering
increased protection even against honest-but-curious VPKI entities. We propose
multiple policies for the vehicle-VPKI interactions, based on which and two
large-scale mobility trace datasets, we evaluate the full-blown implementation
of SECMACE. With very little attention on the VPKI performance thus far, our
results reveal that modest computing resources can support a large area of
vehicles with very low delays and the most promising policy in terms of privacy
protection can be supported with moderate overhead.Comment: 14 pages, 9 figures, 10 tables, IEEE Transactions on Intelligent
Transportation System
- …