Vehicular Ad Hoc Network Security and Privacy E-Book

IEEE Press445 Hoes Lane Piscataway, NJ 08854

IEEE Press Editorial BoardTariq Samad, Editor in Chief

George W. Arnold

    Vladimir Lumelsky

    Linda Shafer

Dmitry Goldgof

    Pui-In Mak

    Zidong Wang

Ekram Hossain

    Jeffrey Nanzer

    MengChu Zhou

Mary Lanzerotti

    Ray Perez

    George Zobrist

Kenneth Moore, Director of IEEE Book and Information Services (BIS)

Technical Reviewer

Jelena Misic, Ryerson University, Canada

VEHICULAR AD HOC NETWORK SECURITY AND PRIVACY

Copyright © 2015 by The Institute of Electrical and Electronics Engineers, Inc.

Published by John Wiley & Sons, Inc., Hoboken, New Jersey. All rights reserved. Published simultaneously in Canada.

No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning, or otherwise, except as permitted under Section 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, Inc., 222 Rosewood Drive, Danvers, MA 01923, (978) 646-8400, fax (978) 750-4470, or on the web at www.copyright.com. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permission.

Limit of Liability/Disclaimer of Warranty: While the publisher and author have used their best efforts in preparing this book, they make no representations or warranties with respect to the accuracy or completeness of the contents of this book and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives or written sales materials. The advice and strategies contained herein may not be suitable for your situation. You should consult with a professional where appropriate. Neither the publisher nor the author shall be liable for any loss of profit or any other commercial damages, including but not limited to special, incidental, consequential, or other damages.

For general information on our other products and services or for technical support, please contact our Customer Care Department within the United States at (800) 762-2974, outside the United States at (317) 572-3993 or fax (317) 572-4002.

Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic formats. For more information about Wiley products, visit our web site at www.wiley.com.

Library of Congress Cataloging-in-Publication Data is available.

ISBN: 978-1-118-91390-1

Contents

Acronyms

Preface

Chapter 1: Introduction

1.1 Background

1.2 DSRC and VANET

1.3 Security and Privacy Threats

1.4 Security and Privacy Requirements

1.5 Challenges and Prospects

1.6 Standardization and Related Activities

1.7 Security Primitives

1.8 Outline of the Book

References

Chapter 2: GSIS: Group Signature and ID-based Signature-Based Secure and Privacy-Preserving Protocol

2.1 Introduction

2.2 Preliminaries and Background

2.3 Proposed Secure and Privacy-Preserving Protocol

2.4 Performance Evaluation

2.5 Concluding Remarks

References

Notes

Chapter 3: ECPP: Efficient Conditional Privacy Preservation Protocol

3.1 Introduction

3.2 System Model and Problem Formulation

3.3 Proposed ECPP Protocol

3.4 Analysis on Conditional Privacy Preservation

3.5 Performance Analysis

3.6 Concluding Remarks

References

Chapter 4: Pseudonym-Changing Strategy for Location Privacy

4.1 Introduction

4.2 Problem Definition

4.3 Proposed PCS Strategy for Location Privacy

4.4 Performance Evaluation

4.5 Concluding Remarks

References

Notes

Chapter 5: RSU-Aided Message Authentication

5.1 Introduction

5.2 System Model and Preliminaries

5.3 Proposed RSU-Aided Message Authentication Scheme

5.4 Performance Evaluation

5.5 Security Analysis

5.6 Concluding Remarks

References

Notes

Chapter 6: TESLA-based Broadcast Authentication

6.1 Introduction

6.2 Timed Efficient and Secure Vehicular Communication Scheme

6.3 Security Analysis

6.4 Performance Evaluation

6.5 Concluding Remarks

References

Notes

Chapter 7: Distributed Cooperative Message Authentication

7.1 Introduction

7.2 Problem Formulation

7.3 Basic Cooperative Authentication Scheme

7.4 Secure Cooperative Authentication Scheme

7.5 Security Analysis

7.6 Performance Evaluation

7.7 Concluding Remarks

References

Chapter 8: Context-aware Cooperative Authentication

8.1 Introduction

8.2 Message Trustworthiness in VANETs

8.3 System Model and Design Goal

8.4 Preliminaries

8.5 Proposed AEMAT Scheme

8.6 Security Discussion

8.7 Performance Evaluation

8.8 Concluding Remarks

References

Chapter 9: Fast Handover Authentication Based on Mobility Prediction

9.1 Introduction

9.2 Vehicular Network Architecture

9.3 Proposed Fast Handover Authentication Scheme Based on Mobility Prediction

9.4 Security Analysis

9.5 Performance Evaluation

9.6 Concluding Remarks

References

Index

IEEE Press Series on Information and Communication Networks Security (ICNS)

EULA

List of Tables

Chapter 1

Table 1.1

Chapter 2

Table 2.1

Table 2.2

Table 2.3

Table 2.4

Table 2.5

Chapter 3

Table 3.1

Table 3.2

Table 3.3

Table 3.4

Table 3.5

Chapter 4

Table 4.1

Chapter 5

Table 5.1

Chapter 6

Table 6.1

Table 6.2

Table 6.3

Chapter 8

Table 8.1

Chapter 9

Table 9.1

Guide

Cover

Table of Contents

Preface

Pages

xvii

xviii

xix

xx

xxi

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

37

38

39

40

41

42

43

45

46

47

48

49

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

91

92

93

94

95

96

97

98

99

100

101

102

103

104

105

106

107

109

110

111

112

113

114

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

Acronyms

ABS

Antilock braking system

AES

Advanced Encryption Standard

AP

Access point; augmented packet

ASS

Anonymity set size

ATM

Automated teller machine

BLS

Boneh–Lynn–Shacham

CA

Certificate authority

CRL

Certificate revocation list

CRS

Certificate revocation system

CRT

Certificate revocation tree

CWBS

Collision warning with brake support

DoS

Denial of service

DRP

Distributed Revocation Protocol

DSA

Digital signature algorithm

DSRC

Dedicated short-range communication

EBL

Extended brake light

ECC

Elliptic curve cryptography

ECDSA

Elliptic curve digital signature algorithm

ECIES

Elliptic curve integrated encryption scheme

EMS

Emergency medical services

EMSS

Efficient multichained stream signature

ETC

Electronic toll collection

FCC

Federal Communications Commission

GPRS

General packet radio service

GPS

Global Positioning System

HIPAA

Health Insurance Portability and Accountability Act (of 1996)

IBC

Identity-based cryptography

ITS

Intelligent transportation systems

IVC

Intervehicle communication

KPSD

Key-insulated pseudonym self-delegation

LPR

License plate recognition

MAC

Message authentication code

MANET

Mobile ad hoc network

MM

Membership manager

MTO

Ministry of Transportation

OBU

Onboard unit

OCSP

Online Certificate Status Protocol

PCS

Pseudonyms changing at social spots

PD

Packet delay

PKI

Public key infrastructure

PLR

Packet loss ratio

QoP

Quality of privacy

RC2RL

Revocation using Compressed Certificate Revocation Lists

RFID

Radiofrequency identification

RL

Revocation list

RSU

Roadside unit

RTPD

Revocation of the Tamper-Proof Device

RVC

Roadside-to-vehicle (or RSU-to-vehicle) communication

SER

secure emergency report

SeVeCom

Secure vehicular communication

SUV

Sport utility vehicle

TA

Trusted authority

TCP

Transmission Control Protocol

TESLA

Timed efficient stream loss-tolerant authentication

TIGER

Topologically integrated geographic encoding and referencing

TLS

Transport layer security

TM

Tracing manager

TPD

Tamperproof device

TRC

Transportation regulation center

TTL

Time to live

USDOT

United States Department of Transportation

V2I

Vehicle-to-infrastructure

V2V

Vehicle-to-vehicle

VANET

Vehicular ad hoc network

VIN

Vehicle identification number

VLR

Verifier-local revocation

VSC

Vehicle safety communications

VSCC

Vehicle Safety Communications (VSC) Consortium

VSS

V2X Security Subsystem

WAVE

Wireless access in vehicular environment

Preface

Road safety has been drawing increasing public attention, and there has been extensive effort in both industry and academia to mitigate the impact of traffic accidents. Recent advances in wireless technology bring promising new ways to facilitate road safety and traffic management, in which each vehicle, equipped with wireless communication devices [referred to as onboard units (OBUs)], is allowed to communicate with vehicles, other as well as with roadside units (RSUs), which are located at critical sections of the road, such as traffic lights and stop signs.

With OBUs and RSUs, a self-organized network called a vehicular ad hoc network (VANET) can be formed. Recently, this has emerged as a promising approach toward increasing road safety and efficiency, as well as improving driving experience. These goals will be accomplished through a wide variety of vehicle applications enabled by communication between vehicles, such as emergency braking warning. While society experiences tremendous benefits from adopting the new technologies, we also continue to face challenges; the biggest challenge is always how to address security and privacy issues that may be caused by the adoption of a new technology. The attractive features of VANETs will inevitably incur higher risks for abuse, if we do not take security and privacy issues into consideration before the wide deployment of such networks.

Being a special implementation of wireless ad hoc networks or mobile ad hoc networks (MANETs), a VANET has many unique features and applications. First, the connectivity among nodes (vehicles and RSUs) can often be highly transient and a one-time event; two vehicles may remain within their transmission ranges, or within a few wireless hops, for only a very limited period of time. As a result, vehicular network topology is highly dynamic. Further, a VANET is a huge network, which can potentially consist of millions of nodes (on-road vehicles and RSUs). Such size makes it very challenging to guarantee security and privacy in VANETs, particularly regarding message authenticity and integrity, as well as protecting user-related privacy information, such as the driver’s name and the car's license plate, model, and traveling route. Unfortunately, existing studies on (and solutions for) communication security and privacy preservation cannot work effectively in VANETs, since they do not take the scalability and communication overhead into consideration. Message authentication is a common tool for ensuring information reliability, but it faces a challenge in VANETs. Particularly when a vehicle receives a large number of messages, traditional authentication mechanisms may generate unaffordable computational overhead on the vehicles, and bring unacceptable delay to time-critical applications (e.g., accident warning). Another challenge is the privacy concerns of vehicular communication, where the identity, position, and movement track of a specific vehicle should not be obtained by an unauthorized third party. We will refer to the combined concepts of message authenticity and privacy as anonymous message authentication.

In this book, we focus on message authentication and privacy issues in VANETs. We first provide an overview of security and privacy issues in VANETs, as well as the challenges facing VANETs in addressing these issues.

Chapter 2 identifies the unique security and privacy requirements of communications between different types of communication devices, including OBUs and RSUs in VANETs. We determined the most suitable cryptographic primitives and designed a secure and privacy-preserving protocol, which utilizes a combination of group signature and identity (ID)-based signature techniques to addresses these unique security and privacy requirements for vehicular communications.

Chapter 3 further exploits the unique challenges in privacy-preserving VANETs, i.e., how to efficiently deal with the growing revocation list while achieving conditional traceability. Based on the on-the-fly short-term anonymous key generation between OBUs and RSUs, we proposed an efficient conditional privacy preservation protocol, which is characterized by providing the conditional privacy preservation, improving efficiency in terms of the minimized anonymous key storage at each OBU and fast verification on safety messages.

Chapter 4 discusses the pseudonym changing strategy for location privacy in VANETs, as even though an OBU holds a large number of pseudonyms in VANETs, if the pseudonym does not change at the right time and right place, location privacy could still be violated. To enable vehicles to achieve high-level location privacy, we proposed an efficient pseudonym changing at social spots (PCS) strategy, where the social spots are the places where many vehicles temporarily gather.

Afterward, we take a cooperative approach toward addressing the technology’s challenges of complex anonymous message authentication. Cooperation on anonymous message authentication in VANETs can be defined as vehicles and RSUs working together to ensure the integrity of messages received by each individually, as well as verifying that messages are indeed from legitimate users. Cooperation can take many forms and occur in many ways in VANETs, for example, either between vehicles and RSUs, or only among vehicles. Cooperation can also occur in many different ways, based on the roles of vehicles and RSUs in groups. For example, the resource-rich RSUs are usually seen as trusted entities in VANETs, since RSUs are usually deployed by governments or service providers, and their locations are fixed. As a result, a straightforward approach for message authentication in VANETs is to leverage the vast resources of RSUs and take advantage of their fixed locations. RSUs can be used to assist vehicles to authenticate messages received by the vehicles, largely by allowing resource-rich and trustworthy RSUs take the lead processing role in message authentication. In the case of cooperation only among vehicles, which will be very common in the early stages of VANET adoption (due to a lack of RSUs), each vehicle can probabilistically validate a certain percentage of its received messages in accordance with its own computing capacity, and report any invalid message detected. When work all units together, redundant effort in message authentication and verification can be minimized, if not entirely eliminated. Further, cooperation can occur by taking into consideration the context of messages transmitted over the vehicular networks. For example, of all vehicle communication network applications, dissemination of emergency messages to the vehicles in a specific area is one of the most crucial. The fast propagation of emergency and local warning messages to the approaching vehicles will be helpful for preventing secondary accidents, especially in conditions where visibility is impeded, such as fog. In most cases, a VANET performs such an emergency message propagation in a multihop transmission manner, particularly in the suburban areas where fewer RSUs are installed. Given any emergency, it is expected that multiple sensing vehicles in the area could detect the same common event, and therefore, taking advantage of this property to cross-validate the emergency event could possibly serve as a promising approach toward enhancing the overall security level of VANETs. Such a method of cross-checking the emergency event by collecting the feedback of witnesses is defined as a voting mechanism, which was originally used to detect the misbehaving nodes in a distributed ad hoc network without any centralized security authority. This kind of cooperation is often applied to deal with special types of messages, such as emergency messages, and the mechanism can be migrated to VANETs to enhance the overall security of emergency events authentication.

We classify cooperative authentication mechanisms in VANETs into four categories: RSU-aided authentication (Chapter 5), TESLA-based authentication (Chapter 6), distributed cooperative authentication (Chapter 7), and context-aware cooperative authentication (Chapter 8). For each category, we introduce a corresponding protocol for message authentication, and will also analyze security, efficiency, and effectiveness of these proposed cooperative authentication protocols. Both theoretical analysis and simulation results show that cooperative authentication is a promising and effective way to achieve secure message authentication for vehicular communications.

Because of the movement of the vehicles, the vehicles can roam among RSUs deployed along the roadsides. The final chapter looks into the challenges in realizing seamless mobility in VANETs. By considering some intrinsic features of vehicular communication networking, such as predictable vehicle movement, we introduce a seamless authentication scheme based on mobility prediction to achieve fast authentication and reduce the authentication delay.

The book primarily presents our research results of anonymous message authentication in VANETs, but also provides a comprehensive survey of existing challenges and solutions in security and privacy in VANETs.

We wish to thank many people whose insightful comments and suggestions have helped us significantly improve our research work. In particular, we would like to acknowledge the following researchers who have collaborated with us on this exciting research topic described in the book: Prof. Xuemin (Sherman) Shen, Prof. Pin-Han Ho, Prof. Haojin Zhu, Dr. Chenxi Zhang, Xiaoting Sun, Dr. Xiaoyu Wang, Dr. Xiaohui Liang, Dr. Tom H. Luan, and Dr. Xu Li. Our discussions and collaboration with them provide a critical foundation for the current book. Also, we would like to thank the IEEE for allowing us to use our IEEE-copyrighted work.

XIAODONG LIN

University of Ontario Institute of Technology, Canada

RONGXING LU

Nanyang Technological University, Singapore

Chapter 1Introduction

1.1 Background

Impaired driving, traffic congestion, and treacherous driving conditions have caused numerous accidents every year all over the world, leading to great suffering of people in different ways such as great anguish, fatal injuries, and horrendous loss of human lives. There were nearly 6,420,000 auto accidents in the United States in 2005, where 2.9 million people were injured and 42,636 people killed, which caused a financial loss of more than 230 billion dollars. Statistically, about five people die each hour in traffic accidents in the United States, that is, one death every 12 minutes [1]. Under such circumstances, how to improve the driving safety has been drawing increasing attention in the public and has been subject to extensive efforts from both industry and academia in mitigating the impact of traffic accidents and injuries. For example, car manufacturers have made great efforts to improve the safety of their vehicles by developing “passive” vehicle safety systems, such as seat belts, air bag systems, and crumple zones, to minimize postcrash driver and passenger injury, as well as by accommodating “active” vehicle safety systems that explore precollision accident avoidance, such as the antilock braking system (ABS), blind-spot safety, roll stability control, active steering systems, collision warning with brake support (CWBS), lane departure warning system, and Mazda precrash safety system [2]. Although the aforementioned safety technologies have led to enormous improvements on driving safety over the last few decades, we still witness tremendous loss on the roads. Hence, it is crucial to explore the new techniques to improve road safety.

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!