A fuzzy-based trust evaluation framework for efficient privacy preservation and secure authentication in VANET

Vehicular Ad Hoc Network (VANET) offers various services to users. Misusing such network could cause destructive consequences. A perfect user authentication scheme is necessary to secure the VANET system. Use of biometrics in authentication can overcome the limitations of existing random key based authentication techniques. A combination of face and finger print biometrics provide more accurate recognition of users. Here we propose, A novel approach for enhancing the security of User Authentication in VANETs based on biometrics. It concentrates on enhancing the security of Vehicle-to-Infrastructure (V2I) communication in VANET.

Recently the security in vehicular ad hoc networks (VANETs) draws attention because of increasing vehicular applications. One of the main challenges of secured communication in VANET is multicast source authentication which essentially guarantees that the received data in communication is genuinely sent from the source and not modified by impersonators. Although much research has been focused on message authentication, there are no general accepted solutions widely used for source authentication in VANET because of its dynamic network topology and complicated membership management. In this paper we proposed a Group-based Source Authentication protocol (GSA) to handle the message authenticity in VANETs. Many VANET applications have natural group property and VANET nodes follow the similar moving pattern. GSA makes use of group attributes as dynamic group key to protect data transmission in intra-group communication, which is dynamic changing with real-time environment and consistently updates among group members. Then GSA deploys the promising TESLA scheme to perform source authentication in inter-group communication. The results from our implementation show that GSA can guarantee multicast source authenticity and significantly enhance the efficiency of authentication for multicast communication in VANETs, and our implementation testbed also shows that GSA scheme can be easily deployed in real VANET environment.

Several group signature or identity schemes have been proposed for addressing the issues of security in a vehicular ad hoc network (VANET). Nonetheless, none of these schemes suitably cope with the performance efficient during the signing and verifying safety-messages. Furthermore, adversaries could acquire sensitive data stored in a tamper-proof device (TPD) by utilizing side-channel attacks. An efficient conditional privacy-preserving authentication scheme is proposed for the prevention of side-channel attacks and reducing the performance efficiency of the system in this paper. Moreover, to resist side-channel attacks, critical data stored in the TPD is frequently and periodically updated. Lastly, due to our work employs the one-way hash function and the elliptic curve cryptography, its performance evaluation has lower computation and communication cost compared to other schemes.

Communications between nodes in Vehicular Ad-Hoc Networks (VANETs) are inherently vulnerable to security attacks, which may mean disruption to the system. Therefore, the security and privacy issues in VANETs are entitled to be the most important. To address these issues, the existing Conditional Privacy-Preserving Authentication (CPPA) schemes based on either public key infrastructure, group signature, or identity have been proposed. However, an attacker could impersonate an authenticated node in these schemes for broadcasting fake messages. Besides, none of these schemes have satisfactorily addressed the performance efficiency related to signing and verifying safety traffic-related messages. For resisting impersonation attacks and achieving better performance efficiency, a Secure and Efficient Conditional Privacy-Preserving Authentication (SE-CPPA) scheme is proposed in this paper. The proposed SE-CPPA scheme is based on the cryptographic hash function and bilinear pair cryptography for the signing and verifying of messages. Through security analysis and comparison, the proposed SE-CPPA scheme can accomplish security goals in terms of formal and informal analysis. More precisely, to resist impersonation attacks, the true identity of the vehicle stored in the tamper-proof device (TPD) is frequently updated, having a short period of validity. Since the MapToPoint hash function and a large number of cryptography operations are not employed, simulation results show that the proposed SE-CPPA scheme outperforms the existing schemes in terms of computation and communication costs. Finally, the proposed SE-CPPA scheme reduces the computation costs of signing the message and verifying the message by 99.95% and 35.93%, respectively. Meanwhile, the proposed SE-CPPA scheme reduces the communication costs of the message size by 27.3%.

A forward-secure and efficient authentication protocol through lattice-based group signature in VANETs scenarios

The security and privacy issues in vehicular ad hoc networks (VANETs) are often addressed with schemes based on either public key infrastructure, group signature, or identity. However, none of these schemes appropriately address the efficient verification of multiple VANET messages in high-density traffic areas. Attackers could obtain sensitive information kept in a tamper-proof device (TPD) by using a side-channel attack. In this paper, we propose an identity-based conditional privacy-preserving authentication scheme that supports a batch verification process for the simultaneous verification of multiple messages by each node. Furthermore, to thwart side-channel attacks, vehicle information in the TPD is periodically and frequently updated. Finally, since the proposed scheme does not utilize the bilinear pairing operation or the Map-To-Point hash function, its performance outperforms other schemes, making it viable for large-scale VANETs deployment.

ABSTRACTIntelligent transportation systems (ITS) can improve the efficiency and safety of transportation. Vehicular Ad Hoc Networks (VANETs) are an important foundation of ITS. However, before being deployed on a large scale, VANETs should resolve the security and privacy issues generated from wireless communication. Digital signature has been used in VANETs to construct anonymous authentication schemes which can realize authentication and privacy preservation. Many previous anonymous authentication schemes have preloaded the master private key into a tamper-proof devices (TPD) which generate the pseudo identity and signature for each vehicle. However, tamper-proof devices cannot defend against side channel attacks. In order to realize better security, this paper takes advantage of lattice-based cryptography to design an anonymous authentication scheme without tamper-proof devices, which achieves security and privacy desired by VANETs. Furthermore, the anonymous authentication scheme lattice based also can defend against quantum computer attack. Finally, the security of this lattice-based anonymous authentication scheme is proven.

With the establishment of the intelligent transportation system (ITS), the vehicular ad hoc networks (VANETs) play a significant role for improving traffic safety and efficiency. In order to avoid malicious attack and resource abuse in VANETs, the use of digital signature scheme is widely regarded as the first line of defense to achieve a secure VANETs system. However, it is still a challenging task to design a conditional privacy preserving authentication scheme, to resolve security and privacy-preserving problems in VANETs and to improve the utilization ratio of information resources. In addition, the relevant researches show that the tamper-proof device (TPD) is vulnerable to side channel attacks. If the sensitive parameters stored in TPD are extracted, the system would be totally broken. To address these issues, this paper introduces a conditional privacy-preserving authentication scheme with double-insurance supporting batch verification (CPPA-D) for VANETs, which is constructed in cyclic groups on elliptic curves. Either the master private key or the vehicle private key is leaked, it is impossible to forge a valid authenticated message to deceive the recipients, which achieves double-insurance for private keys. When multiple messages are received, our CPPA-D scheme allows the receiver to perform batch verification to improve the efficiency. Security analysis shows that our CPPA-D scheme not only can resist traditional attacks but also can solve the security problems caused by private key stolen in the TPD under side channel attack. There is also a certain advantage in computation overhead according to efficiency analysis and comparison.

Intelligent transportation systems are an emerging technology that facilitates real-time vehicle-to-everything communication. Hence, securing and authenticating data packets for intra- and inter-vehicle communication are fundamental security services in vehicular ad-hoc networks (VANETs). However, public-key cryptography (PKC) is commonly used in signature-based authentication, which consumes significant computation resources and communication bandwidth for signatures generation and verification, and key distribution. Therefore, physical layer-based secret key extraction has emerged as an effective candidate for key agreement, exploiting the randomness and reciprocity features of wireless channels. However, the imperfect channel reciprocity generates discrepancies in the extracted key, and existing reconciliation algorithms suffer from significant communication costs and security issues. In this paper, PKC-based authentication is used for initial legitimacy detection and exchanging authenticated probing packets. Accordingly, we propose a blockchain-based reconciliation technique that allows the trusted third party (TTP) to publish the correction sequence of the mismatched bits through a transaction using a smart contract. The smart contract functions enable the TTP to map the transaction address to vehicle-related information and allow vehicles to obtain the transaction contents securely. The obtained shared key is then used for symmetric key cryptography (SKC)-based authentication for subsequent transmissions, saving significant computation and communication costs. The correctness and security robustness of the scheme are proved using Burrows–Abadi–Needham (BAN)-logic and Automated Validation of Internet Security Protocols and Applications (AVISPA) simulator. We also discussed the scheme’s resistance to typical attacks. The scheme’s performance in terms of packet delay and loss ratio is evaluated using the network simulator (OMNeT++). Finally, the computation analysis shows that the scheme saves ∼99% of the time required to verify 1000 messages compared to existing PKC-based schemes.

In this paper, we propose a distributed key management framework based on group signature to provision privacy in vehicular ad hoc networks (VANETs). Distributed key management is expected to facilitate the revocation of malicious vehicles, maintenance of the system, and heterogeneous security policies, compared with the centralized key management assumed by the existing group signature schemes. In our framework, each road side unit (RSU) acts as the key distributor for the group, where a new issue incurred is that the semi-trust RSUs may be compromised. Thus, we develop security protocols for the scheme which are able to detect compromised RSUs and their colluding malicious vehicles. Moreover, we address the issue of large computation overhead due to the group signature implementation. A practical cooperative message authentication protocol is thus proposed to alleviate the verification burden, where each vehicle just needs to verify a small amount of messages. Details of possible attacks and the corresponding solutions are discussed. We further develop a medium access control (MAC) layer analytical model and carry out NS2 simulations to examine the key distribution delay and missed detection ratio of malicious messages, with the proposed key management framework being implemented over 802.11 based VANETs.

Privacy and anonymity have become a critical issue for the deployment of vehicular ad hoc networks (VANETs). Pseudonym certificates are the state-of-the-art approach for secure and privacy-friendly message authentication in VANETs. However, most proposed schemes focus on the strategy of pseudonym changing and the privacy among vehicles. Privacy towards certificate authorities is usually neglected, which puts the users’ privacy at risk, if the certificate authorities are not fully trusted. In this paper, we develop a new approach to generate pseudonym credentials anonymously in VANETs. By using ring signatures and one-way accumulator, we propose an effective pseudonym generating scheme which enhancing the privacy and anonymity for honest vehicles. Our scheme provides unconditional anonymous credentials for authentication with trusted third parties and can also track the disputed vehicle.

Message authentication, to ensure the receiving message is true and coming from the claimed source, is a key issue in vehicular ad hoc network (VANET) because the message may be life-critical, traffic information, or emergence message transmitted by the strange sources. Due to the nature of realtime and high mobility in VANET message, the traditional PKI security schemes are not suitable for VANET. Aiding of roadside unit (RSU) make message authentication in VANET easily, but it is still embedded some problems: how to authenticate the message transmitted from different RSU range, and to process the vehicle’s message hand-off among different RSU communication range. This paper proposes a comprehensive message authentication scheme which enables the message authentication in intra and inter RSU range, and the hand-off within the different RSUs. The proposed scheme makes the balance in the overhead of computation and communication, and the security against the attacking. The results of efficiency analysis and comparison with the related works show the proposed scheme is a superior message authentication method in VANET.

Owing to the development of wireless communication technology and the increasing number of automobiles, vehicular ad hoc networks (VANETs) have become essential tools to secure traffic safety and enhance driving convenience. It is necessary to design a conditional privacy-preserving authentication (CPPA) scheme for VANETs because of their vulnerability and security requirements. Traditional CPPA schemes have two deficiencies. One is that the communication or storage overhead is not sufficiently low, but the traffic emergency message requires an ultra-low transmission delay. The other is that traditional CPPA schemes do not consider updating the system secret key (SSK), which is stored in an unhackable Tamper Proof Device (TPD), whereas side-channel attack methods and the wide usage of the SSK increase the probability of breaking the SSK. To solve the first issue, we propose a CPPA signature scheme based on elliptic curve cryptography, which can achieve message recovery and be reduced to elliptic curve discrete logarithm assumption, so that traffic emergency messages are secured with ultra-low communication overhead. To solve the second issue, we design an SSK updating algorithm, which is constructed on Shamir's secret sharing algorithm and secure pseudo random function, so that the TPDs of unrevoked vehicles can update SSK securely. Formal security proof and analysis show that our proposed scheme satisfies the security and privacy requirements of VANETs. Performance analysis demonstrates that our proposed scheme requires less storage size and has a lower transmission delay compared with related schemes.

A key-insulated secure multi-server authenticated key agreement protocol for edge computing-based VANETs

This paper adapts a new group signature (GS) scheme to the specific needs of a vehicular ad hoc network (VANET). We modify the Groth GS in order to meet a restricted, but arguably sufficient set of privacy properties. Note that Groth GS is secure in the dynamic group signature model of Bellare, Shi, and Zhang (BSZ) without relying on random oracle Model (ROM). Although some authentication schemes using GS are proposed for VANET, none of them satisfy all the desirable security and privacy properties. Either they follow GSs that rely on ROM, or unable to satisfy potential VANET application requirements. In particular, link management which allows any designated entities (e.g., RSUs in VANET) to link messages, whether they are coming from the same vehicle or a certain group of vehicles, without evealing their identities. Besides that opening soundness property prevents malicious accusations by the opener against some honest member of the group. By using this property, we propose a new secure application framework for value-added service providers (VSPs) in VANET. Meanwhile, a real-world VANET deployment must provide a mean to revoke system privileges from fraudulent vehicles like the traditional Public Key infrastructure (PKI). However, in order to achieve the aforementioned security properties together in VANET, we propose a new GS model where link ability, sound opening and revocability properties are assembled in a single scheme. The novelty of our proposal stems from extending the Groth GS by relaxing strong privacy properties to a scheme with a lightly lesser privacy in order to fit an existing VANET application requirements. In addition, we partially minimize the Groth GS scheme to expedite efficiency.