1 / 25

A privacy aware and efficient security infrastructure for vehicular ad hoc networks

A privacy aware and efficient security infrastructure for vehicular ad hoc networks. Presented By: Ankit Deshmukh ankitdes@buffalo.edu Navinder Singh Mehrok navinder@buffalo.edu Uday Deep Singh udaydeep@buffalo.edu. By: Klaus Plößl and Hannes Federrath.

bruis
Download Presentation

A privacy aware and efficient security infrastructure for vehicular ad hoc networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A privacy aware and efficient security infrastructurefor vehicular ad hoc networks Presented By: • AnkitDeshmukhankitdes@buffalo.edu • Navinder Singh Mehrok navinder@buffalo.edu • Uday Deep Singh udaydeep@buffalo.edu By: Klaus Plößland HannesFederrath

  2. VANETs(Vehicular Ad-hoc Network)

  3. Presentation Outline • Introduction to VANETs • Goal • Challenges • Related Works • System requirements • Proposal • Evaluation • Conclusion • References

  4. Introduction • VANET - used for a subgroup of mobile ad hoc networks which are formed mainly by vehicles like cars, trucks, buses and motorcycles. • The node movement is restricted and therefore makes the assumption obvious that the VANET is supported by some fixed infrastructure that assists with some services and can provide access to stationary networks • As the nodes are mobile there can be no centralized administration or control methods. • American DSRC standard that employs the IEEE 802.11p standard for wireless communication • Vehicles are not subject to the strict energy, space and computing capabilities • To allow communication with participants out of radio range, messages have to be forwarded by other nodes which is multi-hop communication.

  5. Challenges • More challenging is the potentially very high speed of the nodes (up to 250 km/h) hence the network is very dynamic. • Secondly large dimension and size of the VANET.

  6. GOAL • VANET's goal is to increase road safety. To achieve this, the vehicles act as sensors and exchange warnings or – more generally – telematicsinformation (like current speed, location or ESP activity) that enables the drivers to react early to abnormal and potentially dangerous situations like accidents, traffic jams or glaze • In addition, authorized entities like police or fire fighters should be able to send alarm signals and instructions e.g. to clear their way or stop other road users • Besides that, the VANET should increase comfort by means of value-added services like location based services or Internet on the road

  7. Related Works • Much work is done in the following research projects partially funded by government: Network on Wheels (NOW) , Sevecom, PReVENT/WILLWARN , and GST . • In Europe standardization is done by Car 2 Car Communication Consortium (C2CCC), a consortium formed by major European car manufacturers. • Similarly in U.S. is cumulated in the U.S. Department of Transportation (USDOT) Intelligent Transportation Systems (ITS) Standards Program . Within this program VANETs are addressed by the IEEE 1609 family of standards for wireless access in vehicular environments (WAVE) that employs DSRC and IEEE 802.11p for wireless communication. • Each vehicle is allowed to request certificates from a CA. These certificates are used to digitally sign messages in the VANET. it also uses a PKI and digitally signs each message. Each vehicle gets an electronic identity called an Electronic License Plate (ELP) issued by a government, or alternatively an Electronic Chassis Number (ECN) issued by the vehicle manufacturer.

  8. Related Works Continued • Instead of using certificate revocation lists (CRLs) three more efficient revocation methods are suggested [13]: – RTPD — revocation protocol of the tamper-proof device: CA revokes all keys of a vehicle by sending a revocation message to the vehicle. Other VANET participants do not have to know about the revocation. After receiving the revocation message TPD of the vehicle erases all keys, sends an acknowledgment to CA, and stops signing messages. This means no more valid messages can be generated by this vehicle. – RCCRL — revocation protocol using compressed certificate revocation lists: Compressed CRLs (CCRLs) are used if TPD does not send an acknowledgment or if only a subset of keys should be revoked. It mainly works like an ordinary revocation list i.e. after receiving a message the recipient has to use the CCRL to check if the certificate of the sender is valid. To be able to do so the CCRL has to b e distributed in the VANET. – DRP — distributed revocation protocol: If the neighbours of a vehicle observe misbehaviour they warn each other not to trust messages of the suspect vehicle. If there is enough evidence they contact CA that decides if the corresponding vehicle's ELP should be revoked permanently. DRP therefore is more a warning protocol than a revocation protocol. The paper does not talk about the detection of misbehaviour but mentions as a good starting point for this

  9. Related Work Continued • An event data recorder (EDR) stores messages exchanged in critical situations Giving this messages to CA allows it to decide if it should revoke an ELP and/or reveal the true identity of a VANET participant. Author suggests a PKI called PKI+ based on a new elliptic curve cryptography scheme that allows the participants to generate their own pseudonymous certificates. • PKI+ has five stages: (i) CA setup: CA determines the desired security strength, selects appropriate elliptic curves, private key and public key. (ii) Vehicle setup: After this user gets his master key and master certificate from the CA. (iii) Pseudonym generation: The user can generate pseudonyms and appropriate certificates by using his master key, master certificate and public CA key. (iv) Pseudonym revelation: CA uses its database, private key, and information from the vehicle setup to reveal the real identity (v) Key revocation: CA recomputes some private information, publishes a new public key, and increases version information on the public key.. Then signatures done with pseudonyms of an older version are discarded. • Vehicle Safety Communication Consortium (VSCC) suggested a completely anonymous PKI.] suggests a system based on symmetric cryptography and extensive usage of fixed infrastructure. The system works as follows: Each vehicle gets an identification number, a seed, and a set of long-term pseudonyms (handles) from the CA (called ombudsman).

  10. System Requirements Integrity • Security infrastructure should detect message modification • For Alarms signals: • Instructions from authority nodes have to be obeyed(police cars, ambulances etc) • Authenticity, Integrity and authorization of sender must be provable instantly • For Warnings and informational messages: • Plausibility check can be done in car sensors or messages received from the VANET nodes • Unique identity is required, anonymous participation not allowed • Multilateral security, which takes the interest of all parties into account • Law enforcement agencies: to prosecute each law violation • Interest of citizens : Not to be monitored, regardless of whether a suspicion exists • Integration of correct time and position in order to protect against replay and position spoofing attacks(infrastructure like Galileo take care of it)

  11. Confidentiality • It vary between different categories of messages • Confidentiality of alarm signals is negligible • While that corresponding to services subject to cost is crucial • Infrastructure need to support different level of confidentiality • Data Administrative messages like routing protocol info or cryptographic messages need to be protected against eavesdropping • Cryptographic info held by participants need to be protected against unauthorized access

  12. Availability • Most messages are related to driving condition and road safety, real time processing of messages is crucial • For integrity and confidentiality VANET nodes need to carry additional cryptographic operation that extend message processing • To satisfy these real time constraints the security infrastructure need to be as efficient as possible in terms of computation and bandwidth needs • Action must be taken in order to complicate the denial of service attacks thus increase availability

  13. Proposal • Goal is to design security infrastructure to be • efficient in terms of computing and bandwidth capabilities • Fulfill the security and privacy requirements • After once only initialization, it applies cryptography as follows: • Asymmetric cryptography • Within public key infrastructure(PKI) • For road safety messages • Symmetric cryptography • System employs the symmetric cryptography • Much faster than the asymmetric • Protects privacy of participants better than Asymmetric

  14. Emergency Scenario

  15. Outline and asymmetric part • We employ with vehicle related identities(VRI) by private key and corresponding certificate • Certificate is issued by Certification authority(CA) which should be operated by governmental transportation authority(GTA) • Why GTA should issue VRI’s? • License plate is pseudonym for owner of vehicle • Only GTA can link the pseudonym with actual owner of vehicle • GTA trusted by citizens, so VRI can be checked and registered at registration time which is cost and time effective

  16. Each vehicle store its VRI and at least root certificate of the country in temper resistant hardware(TRH) • For warnings the Digital signature and sending node’s certificates ensures the integrity and authenticity • Recipient can check the signature and identity of sender including the certificate • As warnings are generated rarely and distributed in small region, so cannot be used to create movement profiles • Thus digital signing of warnings doesn’t harm the privacy of the driver

  17. How a vehicle broadcasts the messages ? • Special privilege vehicles like police cars get individual related information in form of private keys and corresponding certificate stored on a smart card • To send the alarm signals, first the certificate and digital signature of sending vehicle need to be submitted to the CA. • After checking CA issues certificate(Key pair) granting alarm send instruction rights which is valid for 8 hours • Recipients can check integrity and authorization of sender instantly • Considering performance and privacy, not desirable to digitally sign all messages vehicle certificate.

  18. Initialization • Each vehicle is equipped with TRH at manufacturing • Root CERT and symmetric key are installed for the particular GTA the car is sold to • Symmetric key saved onto a smart card • To initialize, customer connects smart card to TRH • TRH checks compatibility, generates two asymmetric keys pairs and stores in: 1. TRH ( PKTRH and SKTRH) 2. Smart Card (PKSCand SKSC) • Smart card pair is digitally signed with the TRH pair • Smart card pair authenticates the user • Fuse is melted to ensure no more TRH pairs can be generated

  19. Symmetric part • Node A uses a challenge response protocol to authenticate to local GTTP • GTTP issues a pseudonym PA and an associated symmetric key kMac(PA) • GTTP then issues kMAC(all) and Kc which are common for all • TRH ensures that the symmetric keys are secret • The exchange of symmetric keys has to be encrypted, with say Diffie Hellman after mutual authentication

  20. Exchange of keys • Messages are assembled inside TRH • MAC1 computed with kMAC(PA) is added • MAC2 computed with kMAC(ALL) is added • Whole message encrypted with kc • Encryption prevents profile generation and eavesdropping • Also, GTTPs can issue multiple psuedonyms and short-lived psedunyms for added security • TRH deciphers messages using kc and checks integrity using MAC2 • Ex-Post accountability maintained using MAC1 • Only TRH knows the confirmation of this authenticity • So, TRH is designed to self destruct on manipulation

  21. Protection against surveillence • Accomplished using independent GTTPs following strict procedures before revealing VRI associated with a pseudonym • VRI is crucial to finding owner of vehicle using GTA register • Thus, • GTTPs don’t know real identity of vehicle owner • GTA doesn’t know link between VRI and pseodonym

  22. Evaluation - Security • Message integrity achieved using Digital signatures and MAC2 • Immediate sender authentication ensured using short time certificates • Ex post accountability maintained by adding a Digital Signature based on VR1/MAC1 • Profile generation prevented by changing pseudonyms • Automated surveillance avoided by independent GTTPs • Confidentiality achieved by encryption using VR1 certificates or symmetric keys • Security infrastructure protected by encrypting all key management messages and employing TRH

  23. Evaluation - Efficiency • Assume message length = 300 bytes • Let asymmetric part use RSA with SHA 256 (2048 bit key) • Let symmetric part use HMAC SHA 256 (192 bit keys) and AES (192 bit keys) • Security assurance comes to be till 2020

  24. Conclusion • Discussed security infrastructure requirements in a VANET • Discussed message integrity and non-repudiation needs • Discussed proposal that uses symmetric and asymmetric cryptography and tamper resistant hardware • Discussed privacy architecture for VANET • Discussed Efficiency of the model

  25. References • Klaus Ploil and HannesFederrath. 2008. A privacy aware and efficient security infrastructure for vehicular ad hoc networks. Comput. Stand. Interfaces 30, 6 (August 2008)

More Related