1609 2 viic poc report
This presentation is the property of its rightful owner.
Sponsored Links
1 / 10

1609.2: VIIC POC Report PowerPoint PPT Presentation


  • 91 Views
  • Uploaded on
  • Presentation posted in: General

1609.2: VIIC POC Report. William Whyte, NTRU. Overview. Secured Messages Secured WSMs Secured WSAs Certificate Management Anonymity V-HIP / V-DTLS. VII POC Security Team. NTRU, Security Libraries Telcordia, Certificate Management / V-DTLS Technocom, Crypto Hardware Accelerator / V-HIP

Download Presentation

1609.2: VIIC POC Report

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


1609 2 viic poc report

1609.2: VIIC POC Report

William Whyte, NTRU


Overview

Overview

  • Secured Messages

  • Secured WSMs

  • Secured WSAs

  • Certificate Management

  • Anonymity

  • V-HIP / V-DTLS


Vii poc security team

VII POC Security Team

  • NTRU, Security Libraries

  • Telcordia, Certificate Management / V-DTLS

  • Technocom, Crypto Hardware Accelerator / V-HIP

  • Escrypt, Crypto Hardware IP Core

  • Scott Andrews

  • A cast of thousands


Secured messages

Secured Messages

  • Implementation in general followed 1609.2

  • Implemented modification of 1609.2 that uses PSID rather than ACID / ACM

  • Modification to EncryptedMessage – moved EncryptedContentType inside the block that gets encrypted (to support cert management)


Secured wsms

Secured WSMs

  • Encapsulated SecuredMessage within WSM rather than using SecuredWSM

  • Architecture was simpler – WSMs are constructed by radio but keys are owned by application

  • In light of move from ACID/ACM to PSID, bandwith savings from SecuredWSM were minimal

  • TBD if this should be propagated back into standard


Secured wsas

Secured WSAs

  • Implemented without message format changes


Certificate management

Certificate Management

  • Greatly expanded – thanks to Telcordia

    • Cert requests are encrypted

    • Cert responses are encrypted (improved support for anonymity)

    • Added Cert Request Error message

    • Added CRL Request message

  • WW intends to submit comment recommending that 1609.2 incorporates these changes


Anonymous certs

Anonymous Certs

  • Implemented “combinatorial” method

    • Pool of N (~ 10,000) certs

    • Each vehicle has n (~ 5) from that pool

    • Change cert periodically

    • Misbehaviour  a cert is revoked  all OBEs with that cert apply for new cert

    • Large numbers of applications for new cert  called in for extra processing

  • Detailed analysis performed by Telcordia

  • Need to review requirements / linking with MAC anonymity / synchronization with European approach


V dtls v hip

V-DTLS, V-HIP

  • Not currently in 1609.2

  • V-HIP supports secure mobile access (prolonged comm session with remote server)

  • V-DTLS supports secure sessions between User and local Provider

    • Less setup overhead than V-HIP

  • Both provide useful functionality

  • Seem appropriate for inclusion in 1609.2 subject to review, WG consensus


Other possible enhancements

Other possible enhancements

  • MAC layer security

  • Generic requirement for OBE to authenticate to RSE before being granted internet access

  • CRL handling

  • Platform assurance

    • How to ensure that an application behaves correctly

    • How to ensure that a platform only installs an application that behaves correctly

    • How and to what level to ensure a platform’s behavior against hw /sw attacks


  • Login