1 / 23

Security in Vehicular Ad hoc Networks VANETs

Acknowledgements. Presentation based on:Maxim Raya and Jean-Pierre Hubaux, ?The security of vehicular ad hoc networks", SASN 2005.Bryan Parno and Adrian Perrig, ?Challenges in securing vehicular networks", SECON 2005.Some slides courtesy above authors.. Presentation outline. What is a VANET?VA

zyta
Download Presentation

Security in Vehicular Ad hoc Networks VANETs

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

    1. Security in Vehicular Ad hoc Networks (VANETs) Jayanthi Rao CSE 825: Course presentation March 10, 2008

    2. Acknowledgements Presentation based on: Maxim Raya and Jean-Pierre Hubaux, “The security of vehicular ad hoc networks”, SASN 2005. Bryan Parno and Adrian Perrig, “Challenges in securing vehicular networks”, SECON 2005. Some slides courtesy above authors.

    3. Presentation outline What is a VANET? VANET applications Adversaries Security threats and attacks Security primitives for attack prevention or handling strategies

    4. A modern vehicle

    5. What is a VANET (Vehicular Ad hoc NETwork)?

    6. Motivation for VANET Increase safety Hundreds of thousands of people are killed world-wide due to road accidents yearly. Many more are injured. Traffic optimization Congestion/traffic jams cost time and fuel.

    7. Differences from MANET Large scale – potentially billion Fleeting contact with other vehicles Nodes not as constrained in terms of energy, storage and computation.

    8. VANET applications Safety alerts Requirement: Bounded latency Primary Issue: Broadcast storm Congestion warning Requirement: Message persistence Primary Issue: Disconnected network Infotainment Requirement: End-to-end connectivity Primary Issue: Disconnection due to high mobility

    9. Application-1 : Congestion Detection Vehicles detect congestion when: # Vehicles > Threshold 1 Speed < Threshold 2 Relay congestion information Hop-by-hop message forwarding Other vehicles can choose alternate routes

    10. Application-2 : Deceleration Warning Prevent pile-ups when a vehicle decelerates rapidly 2004, over 2,300 deaths from rear-end collisions2004, over 2,300 deaths from rear-end collisions

    11. Attackers Insider or outsider Insider – valid user Outsider – Intruder, limited attack options Malicious or rational Malicious – No personal benefit, intends to harm other users Rational – seeks personal benefits, more predictable attack Active or passive Active: Generates packets, participates in the network Passive: Eavesdrop, track users

    13. Security Requirements Authentication: React only to legitimate events. Authenticate senders of messages. Verification of data consistency Legitimate senders can send false data (attack/unintentional). Can cause immense damage even fatalities. Availability Network should be available under jamming attacks Non-repudiation Drivers causing accidents should be reliably identified Privacy (conflicts with authentication) Privacy of drivers against unauthorized observers. Real-time constraints High speed means constraints on time

    14. Security Architecture

    15. Key Management Key distribution How will the key be distributed ? Key certification Who will certify the keys ? Key revocation When the key is compromised, what is the revocation procedure ?

    16. Tamper-proof device Each vehicle carries a tamper-proof device Contains the secrets of the vehicle itself Has its own battery Has its own clock (notably in order to be able to sign timestamps) Is in charge of all security operations Is accessible only by authorized personnel

    17. Digital signatures Symmetric cryptography is not suitable: messages are standalone, large scale, non-repudiation requirement Hence each message should be signed with a DS Liability-related messages should be stored in the EDR

    18. VPKI (Vehicular PKI)

    19. The CA hierarchy: two options

    20. Key revocation All cryptographic material of a vehicle is compromised: CA sends revocation message to the TPD. A particular key is compromised: CA sends revocation message to the TPD for each revoked key. High overhead. Short key certificate lifetimes. Large storage required.

    21. Security primitives Authenticated localization of message origin Option 1: Beacons broadcast location with timestamp and signature. Include this packet in all messages. Requires infrastructure. Option 2: Use relative localization

    22. Security primitives Contd. Anonymization service Attempt to balance authentication and privacy Option 1: Key changing algorithm that adapts to vehicle speed A large set of keys needs to be stored in the vehicle and periodically renewed (during regular vehicle maintenance visits) Option 2: Drivers authenticate to a service with their permanent Id and receive a temporary Id that cannot be traced back to the driver. Infrastructure required.

    23. Security primitives Contd. Secure aggregation Vehicle count the number of vehicles it passes and reports the sum. Receiving vehicle authenticates the information and is able to estimate the amount of traffic ahead.

    24. Questions?

More Related