V2X Application Server and Vehicle Centric Distribution of Commitments for V2V Message Authentication

Abstract

Safety applications, such as intersection collision warnings and emergency brake warnings, enhance road safety and traffic efficiency through periodic broadcast messages by vehicles and roadside infrastructure. While the Elliptic Curve Digital Signature Algorithm (ECDSA) is a widely used security approach, its performance limitations make it unsuitable for time-critical safety applications. As such, a symmetric cryptography-based technique called Timed Efficient Stream Loss-tolerant Authentication (TESLA) offers a viable alternative. However, applying standard TESLA in the context of vehicle-to-vehicle (V2V) communications has its own challenges. One challenge is the difficulty of distributing authentication information called commitments in the highly dynamic V2V environment. In this paper, we propose two novel solutions to this problem, namely, V2X Application Server (VAS)-centric and vehicle-centric. The former is an application-level solution that involves selective unicasting of commitments to vehicles by a central server, the VAS, and the latter is a reactive scheme that involves the periodic broadcast of commitments by the vehicles themselves. Extensive simulations are conducted using representatives of the real V2V environment to evaluate the performance of these approaches under different traffic situations; as well as performance comparison with a state-of-the-art distribution solution. The simulation results indicate that the VAS-centric solution is preferable for use in a TESLA-like V2V security scheme. It demonstrates desirable features, including timely delivery of commitments and high distribution efficiency, with over 95% of commitments sent by the VAS are associated with relevant safety messages when compared with the vehicle-centric and state-of-the-art solutions. Formal security analysis, conducted using the Random Oracle Model (ROM), proves the correctness of our proposed distribution schemes. Additionally, an informal security analysis shows the resilience of the proposed schemes against various attacks, including impersonation, replay, and bogus commitment messages.