Dynamic attribute based vehicle authentication

Abstract

Modern vehicles are proficient in establishing a spontaneous connection over a wireless radio channel, synchronizing actions and information. Security infrastructure is most important in such a sensitive scope of vehicle communication for coordinating actions and avoiding accidents on the road. One of the first security issues that need to be established is authentication via IEEE 1609.2 security infrastructure. According to our preliminary work, vehicle owners are bound to preprocess a certificate from the certificate authority. The certificate carries vehicle static attributes (e.g., licence number, brand and color) certified together with the vehicle public key in a monolithic manner. Nevertheless, a malicious vehicle might clone the static attributes to impersonate a specific vehicle. Therefore, in this paper we consider a resource expensive attack scenario involving multiple malicious vehicles with identical visual static attributes. Apparently, dynamic attributes (e.g., location and direction) can uniquely define a vehicle and can be utilized to resolve the true identity of the vehicle. However, unlike static attributes, dynamic attributes cannot be signed by a trusted authority beforehand. We propose an approach to verify the coupling between non-certified dynamic attributes and certified static attributes on an auxiliary communication channel, for example, a modulated laser beam. Furthermore, we illustrate that the proposed approach can be used to facilitate the usage of existing authentication protocols such as NAXOS, in the new scope of ad-hoc vehicle networks. We use BAN logic to verify the security claims of the protocol against the passive and active interception.