1 / 28

Security in vehicular Ad-hoc networks

Explore the challenges and solutions for securing Vehicular Ad-hoc Networks (VANETs) using RSU-Aided Certificate Revocation with conditional privacy preservation techniques like group signatures. Learn about IEEE standards, threats faced, and simulation results.

freeland
Download Presentation

Security in vehicular Ad-hoc networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security in vehicular Ad-hoc networks Presented By: NagadeeshNagaraja Authors: XiaodongLin RongxingLu ChenxiZhang Univ. of Waterloo, Waterloo

  2. Introduction • What is a vehicular Ad-hoc network (VANET)? • What communication protocol is used in a VANET? • What are the security issues faced in a VANET? • How can we securely communicate and improve its performance? • How well do they perform?

  3. VANET • Vehicular Ad-hoc Network • Sub category of MANET (Mobile Ad-hoc Network) • IEEE 802.11-based communication + DSRC • Inherits all the known and unknown security weaknesses associated with a MANET

  4. Safety in VANET • Is VANET a safety critical communication? • Threat to Authenticity • Threat to Confidentiality • Malicious Threats • Comparable to MANET? • More severe and challenging. • Number of entities involved. • High speed and mobility. • Direct impact on the life of a person. • Real time impact in case of compromise. • Any standard /protocol established? •  IEEE 1609.2

  5. Copy rights: Fox Broadcasting Company Source: http://globecom2008.ieee-globecom.org/downloads/DD/DD03M2%20WAVE%20I/DD03M3_TWeil.pdf

  6. IEEE 1609.2 • IEEE Standard for Wireless Access in Vehicular Environments--Security Services for Applications and Management Messages • How does it work? • Public-key encryption • certificate-based authentications

  7. Any potential problems? Source: http://globecom2008.ieee-globecom.org/downloads/DD/DD03M2%20WAVE%20I/DD03M3_TWeil.pdf

  8. Potential Solution? (1) • Revocation Using Compressed Certificate Revocation Lists (RC2 RL) • Data on the entity involved in malicious activity is lost, cannot track and identify the problem. Might repeat the behavior by requesting new certificate. • Vastness and the dynamics of the VANET makes centralized CRL almost impossible for real time.

  9. Potential Solution? (2) • Distributed Revocation Protocol (DRP) • Infeasible to assume that each vehicle can check the revocation status of the certificates they are using. Furthermore, storing all CRL is impractical on an embedded system.

  10. Better solution? • RSU-Aided Certificate Revocation!

  11. Any utilizable property of VANET? • The movement of a vehicle can be predicted based on its broadcasted traffic-related messages. • IVC communications are performed locally, where a vehicle is more interested in the driving environment around it by listening to the broadcast messages from its neighboring vehicles.

  12. RSU-Aided Certificate Revocation • The CA manages the RSUs, and both of them are assumed to be trustworthy • The RSUs are connected to the Internet using any networking technology. • Both CA ,RSU and Communication between them is considered trustworthy. • CA allocates the secret key to RSU. Corresponding Public key is used to identify the RSU physically.

  13. RSU-Aided Certificate Revocation • When a new revocation is executed by CA, it will broadcast a certificate revocation notification to all the RSUs. • Each RSU then checks the status of the certificates contained in all the messages broadcast by the passing vehicles. • If a certificate has been confirmed as revoked, the RSU will broadcast a warning message.

  14. RSU-Aided Certificate Revocation • Vehicles can update their CRLs and avoid communicating with the compromised vehicle. • Vehicles can communicate with one another to make the new CRL reach throughout the network, as soon as possible. • In case of silent attack (No broadcasting while passing an RSU). The certificate will expire, unless updated by the RSU. • Thus, the security and safety of the VANET in terms of resisting compromised vehicles can be achieved with the least amount of effort.

  15. Conditional Privacy Preservation • Conditional privacy means providing the necessary privacy to the users, and also keep track of the information and use it when there is malicious activity.

  16. Potential solution (1) • Security protocol based on anonymous key pairs • Maintain a large number of short term anonymous key pairs, example ( 40,000). • Randomly selecting one of them to sign each message. • Issue: huge over head, CA needs to keep track of all the list of key pairs for each vehicle to identify the malicious vehicle.

  17. Better solution? • group signature and identity-based signature (GSIS)!

  18. Evaluation • Using NS2 simulator (open source simulator). • 2 most common road scenarios considered. • City roads ( speed range 30-70 mph. +/-5) • Highways ( speed range 100 mph. +/-10) • Topologically Integrated Geographic Encoding and Referencing (TIGER) to simulate traffic scenarios. • Transmission range of 300m.

  19. Parameter for results • Average message delay • Average message loss ratio.

  20. Simulation Results

  21. Traffic load vs Avg. delay and Loss ratio

  22. Avg. message delay varies by about 22ms, which is within acceptable range (100ms). • Avg. loss ratio reaches as high as 68 percent when the traffic load is up to 150.  • Typical during severe traffic jam. Acceptable due to repetitive data. • Normal traffic conditions experience traffic load of 50, where 20 percent loss ratio is achieved. • Shows reasonable insensitivity towards road environment.

  23. Signature Complexity vs delay and Loss ratio

  24. Experimented with constant traffic load of 60. • Shows insensitivity towards road environment. • Avg. delay increase linearly, and Avg. Loss ration increase exponentially.

  25. Conclusion • Comprehensive review and state-of-the-art progress on industry standardization for security assurance and privacy preservation in VANETs have been presented • The solutions for achieving secure certificate revocation and conditional privacy preservation based on the PKI have been provided

  26. THANK YOU

  27. Reference • http://ieeexplore.ieee.org.gate.lib.buffalo.edu/document/4481346/ • http://ieeexplore.ieee.org.gate.lib.buffalo.edu/document/7813797/ • http://ieeexplore.ieee.org.gate.lib.buffalo.edu/document/7426684/?part=2%7Csec8#sec8 • http://www.networkworld.com/article/2226498/infrastructure-management/simply-put-how-does-certificate-based-authentication-work.html • http://csrc.nist.gov/groups/ST/ssr2016/documents/presentation-tue-whyte-invited.pdf • https://en.wikipedia.org/wiki/Public-key_cryptography#Examples • http://gsi.nist.gov/global/docs/sit/2010/its/GConoverFriday.pdf • http://globecom2008.ieee-globecom.org/downloads/DD/DD03M2%20WAVE%20I/DD03M3_TWeil.pdf • https://medium.com/@vrypan/explaining-public-key-cryptography-to-non-geeks-f0994b3c2d5 • https://en.wikipedia.org/wiki/Dedicated_short-range_communications • http://www.ece.mtu.edu/ee/faculty/cchigan/EE5723-Security/lecture5-2-Key-Distribution.pdf

More Related