1 / 48

Secure pseudonym generation for efficient broadcast authentication in VANETs

Secure pseudonym generation for efficient broadcast authentication in VANETs. Deepak N Ananth and Manjusha Gadiraju CSC / ECE 774. Broadcast Authentication in VANETs. Outline: Introduction to VANET Technology Security requirements in VANET technology Privacy protection in VANET

rae
Download Presentation

Secure pseudonym generation for efficient broadcast authentication in VANETs

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Secure pseudonym generation for efficient broadcast authentication in VANETs Deepak N Ananth and Manjusha Gadiraju CSC / ECE 774

  2. Broadcast Authentication in VANETs • Outline: • Introduction to VANET Technology • Security requirements in VANET technology • Privacy protection in VANET • The proposed Protocol • Fast Authentication in VANET • Implementation and Future Work • References

  3. Why VANET? - Motivation • Increase traveler safety • 10.8 million vehicle crashes from 1990 to 2009 • 36,000 fatalities in 2009 only • 24,000 of these due to collision with other vehicles / objects. • Costs more than $100 billion per year • Boost on-board luxury Source: US Census Bureau : www.census.gov

  4. Broadcast Authentication in VANETs • Outline: • Introduction to VANET Technology • Security requirements in VANET technology • Privacy protection in VANET • The proposed Protocol • Fast Authentication in VANET • Implementation and Future Work • References

  5. What is Vehicular Ad-Hoc Network ? m : <x,y> , loc, Tv S(m) : ECDSA signature cert : Public key certificate Higher Authority RSU <m, S(m), cert> OBU

  6. Communication in VANET Vehicular communication Vehicle-Infrastructure Vehicle-Vehicle Hybrid Single-hop Multi-hop

  7. VANET Applications

  8. VANET Characteristics • The main characteristics of VANETs • High mobility of nodes • Rapidly changing network topology (predictable to some extent) • Unbounded network size • Potential support from infrastructure • Real time , time-sensitive data exchange • Crucial effect of security and privacy

  9. Broadcast Authentication in VANETs • Outline: • Introduction to VANET Technology • Security in VANET technology • Privacy protection in VANET • The proposed Protocol • Broadcast Authentication in VANET • References

  10. Security Requirements • Authentication • Privacy protection • Non-repudiation • Real-time constraints • Availability

  11. Security Requirements (contd)

  12. Outline • Introduction to VANET Technology • Security requirements in VANET technology • Privacy protection in VANET • The Proposed Protocol • Fast Authentication in VANET • Security Analysis • Implementation and Future Work • References

  13. We Need Privacy Privacy – Important for VANETs • Cars = Personal Devices • Tracking of vehicles based on communication messages < m , S(m) , cert > • The feeling of permanently being monitored by an arbitrary authority

  14. Examples: Privacy threat • A private investigator can easily follow a car without being noticed by extracting position information from the messages sent by the car. • An employer is overhearing the communications from cars on the company parking lot.

  15. How to provide Privacy ??? • Enter “pseudonyms” • aliases which hide the real identity • Can be implemented using random numbers • Set of pseudonyms used during communication must be mapped to real-world identities in special situations Trusted Authority

  16. How to use pseudonyms? • Single pseudonym all the time • Easy to map alias with real identity • Messages can be related • Store pseudonyms on the OBU and use over a long period of time • How many pseudonyms to load ? • Compromised node ?

  17. Broadcast Authentication in VANETs • Outline • Introduction to VANET Technology • Security requirements in VANET technology • Privacy protection in VANET • The Proposed Protocol • Fast Authentication in VANET • Security Analysis • Implementation and Future Work • References

  18. Protocol Overview • Privacy protection for local broadcast messages. • Short time on-the-fly pseudonym generation. • Estimate the number of pseudonyms required. • Local broadcast via Enhanced Fast Authentication

  19. System Model

  20. System Components • Central Authority (CA) : Centralized authority which registers the vehicles before they are allowed to operate on the road. E.g.: DMV Cannot be compromised • Roadside Authority (RA): Authorized all road-side units. Cannot be compromised. • Road Side Units (RSU) : Infrastructure nodes installed Road side. Susceptible to compromise • Vehicular nodes: Nodes which transmit the messages. Susceptible to compromise

  21. Assumption Model • Each vehicle V when registered with the CA is provided a public / private key pair and CApub • The RA periodically pulls information from the CA to get the latest up to date CRL’s and registered vehicles information. • Each RA maintains a topological overview of the entire area under its coverage • Attacker can compromise at most one RSU under a RA’s range. • At any time in the network there are more number of benign nodes than the compromised nodes.

  22. Attacker Model • External Attacker: Such an attacker is limited in the diversity of attacks he can mount. However, he can eavesdrop on all the messages transferred. • Inside Attacker: The attacker can be an authenticated member of the network; such an attacker can communicate with other members of the network. E.g: Compromised RSUs and vehicles

  23. Pseudonym generation - Step 1 RA RSU-IDA RSU-IDB RSU -> * {RSUID, CertDMV (RSUpub ||RApub), RSUloc}

  24. Pseudonym generation - Step 2 RA V -> RSU: {ID, RSUID, TV, (k + t)} RApub

  25. Pseudonym generation - Step 3 CRL List RA < VID , RSUID, (k + i), Ni > < V’ID , RSUID, (k + i)’, N’i > RA -> RSU: {H(ID,Ni), Vpub, (k+t), Tv} 26

  26. Pseudonym generation - Step 4 RA RSU –> V:{SKv1, SKv2… SKvk+I ,Cert (PKv1 ||H(ID, Ni)), Cert (PKv2|| H(ID, Ni)) ...Cert (PKvk+i- H(ID, Ni))}Vpub, Tv

  27. Revocation Protocol • Malicious vehicles need to be isolated from the network • Revocation of vehicles should be done progressively. • Neighboring vehicles report the violation and the pseudonym used to the next RA via the nearest RSU • RA determines the severity of the violation and forwards the pseudonym to the Central Authority

  28. Contd.. • CA obtains the mapping of the pseudonym and the vehicle’s identity • Puts the vehicle in the Revocation List • Distributes a copy of the Revocation list to all the RA’s • Takes appropriate action on the malicious vehicle

  29. Broadcast Authentication in VANETs • Outline: • Introduction to VANET Technology • Security requirements in VANET technology • Privacy protection in VANET • The proposed Protocol • Fast Authentication in VANET • Security Analysis • Implementation and Future Work • References

  30. Enhanced Fast Authentication • First proposed in “Flooding-Resilient Broadcast Authentication for VANETs” • Secures single-hop periodic messages. • Replaces expensive digital signature technique with efficient hash operations.

  31. Step 1: Location prediction • Predict location information (<x,y>) over the next “I” beacons • Construct a prediction table for each beacon.

  32. Step 2: One Time Signatures • Makes use of Huffman coding for generating OTS. • Construct Huffman binary tree for each beacon. • Chain the “ I ” Huffman trees for the “ I ” beacons to form a Chained Huffman tree (CHT). • The root of the CHT is the one time signature for the authentication of the “ I ” beacons.

  33. Step 2: One Time Signatures

  34. Step 3: Signature Broadcast • Commitment of the tree Pkots must be authenticated to all receivers via the generated pseudonyms. • Send first beacon B0 = {m0,S(m0), cert} where , m0 = {T0,L0,PKots,Dx,Dy} • After commitment is authenticated, send “mi” and off-path values of the CHT as the signature.

  35. Enhanced Pseudonym usage • Construct a Huffman tree for “I” beacons and include the commitment in first beacon B0 • Vehicles cannot authenticate messages if B0 is not received. • Send PKots every “ k ” beacons. (k < I). • Include “ k ” when requesting for pseudonyms. • In addition always maintain “t” minimum pseudonyms in OBU. • “ t “ can be varied according to the network conditions.

  36. Foreseen Advantages • Parallelize the process of pseudonym generation and beacon prediction. • The vehicle can make the request for the pseudonyms and perform the beacon prediction and PKots generation. • Lesser signature operations. • Not vulnerable to RSU attacks.

  37. Broadcast Authentication in VANETs • Outline: • Introduction to VANET Technology • Security requirements in VANET technology • Privacy protection in VANET • The proposed Protocol • Fast Authentication in VANET • Security Analysis • Implementation and Future Work • References

  38. Security Analysis • The protocol is secure against DoS attacks: • Each vehicle spends a ltd. amount of time in RSU range. • Vehicle accepts only the pre-calculated no. of pseudonyms it requested for. • RA and RSU have very high computation power.

  39. The protocol is secure against replay attacks: • Vehicles and the nodes are tightly synchronized. • Include Tv in the message • The protocol is secure against vehicular impersonation attacks: • Ensure that the vehicle ID is never revealed in the open. • TPD ensures that the keys are not revealed to user.

  40. The protocol is secure against RSU impersonation: • RA can determine RSU compromise based on the complaints received. • An RSU compromise affects communication only in the range of the particular RSU

  41. Broadcast Authentication in VANETs • Outline: • Introduction to VANET Technology • Security requirements in VANET technology • Privacy protection in VANET • The proposed Protocol • Fast Authentication in VANET • Security Analysis • Implementation and Future Work • References

  42. Simulations in VANET • VANET simulations require both networking component and mobility component. • Usually represented by two different simulators. • Mobility simulator generates the mobility of vehicles • Network simulator provides feedback and modifies trace files accordingly.

  43. Our Simulation: Mobility simulation • Simulation of Urban Mobility (SUMO) • Have developed XML scripts to define the topology and the vehicular movement in SUMO.

  44. Our Simulation: Network simulation • Use Omnet ++ for network simulation • Veins simulation environment interface between the network simulation and mobility. • INET framework to simulate wireless transmissions

  45. Future Work • Continue working on network simulation part for performance evaluation. • Optimize the protocol and enhance the bandwidth efficiency and robustness of this scheme

  46. References [1] Hsiao, H.-C., Studer, A., Chen, C., Perrig, A., Bai, F., Bellur, B., Iyer, A.:"Flooding- Resilient Broadcast Authentication for VANETs". [2] Z. Li, Z. Wang, and C. Chigan, “Security of Vehicular Ad Hoc Networks in Intelligent Transportation Systems,”   [3] http://www.car-to-car.org – Nice videos [3] http://veins.car2x.org/

  47. Thank You

More Related