A Secure and Privacy-Preserved Road Condition Monitoring System

Abstract

Connected vehicular cloud computing (CVCC), a combination of VANETs and cloud computing, is recently emerged as a promising paradigm for road condition monitoring task. However, for the efficient utilization of the advantages of CVCC, there is a necessity to look into the security and privacy requirements of this system. A vehicle needs to be authenticated for the genuinity of its road condition monitoring report. Also, there is a need to preserve privacy against the trusted but curious agents of the cloud server. Wang et al. recently proposed a cloud-based road condition monitoring scheme, and attempted to tackle these issues. Unfortunately, we discovered that this scheme has critical security and privacy issues that must be addressed. Since, the Roadside Units (RSUs) that have been used in their scheme are trusted but curious, they may collude with each other and successfully reveal some sensitive information like the trajectory of the vehicle user. Moreover, their scheme fails to provide anonymity and unlinkability for the vehicle user. Furthermore, an attacker can be successful to induce forged emergency case through replay attack. Apart from these security and privacy issues, the cloud server in their scheme cannot segregate a threshold number of current reports, from a threshold number of the combination of old and current reports. This paper proposes a secure and privacy-preserved road condition monitoring system. The security analysis of the proposed system is performed, which ensures that the proposed system is secure.