Smart cities involve the provision of advanced services for road traffic users. Vehicular ad hoc networks (VANETs) are a promising communication technology in this regard. Preservation of privacy is crucial in these services to foster their acceptance. Previous approaches have mainly focused on PKI-based or ID-based cryptography. However, these works have not fully addressed the minimum information disclosure principle. Thus, questions such as how to prove that a driver is a neighbour of a given zone, without actually disclosing his identity or real address, remain unaddressed. A set of techniques, referred to as Attribute-Based Credentials (ABCs), have been proposed to address this need in traditional computation scenarios. In this paper, we explore the use of ABCs in the vehicular context. For this purpose, we focus on a set of use cases from European Telecommunications Standards Institute (ETSI) Basic Set of Applications, specially appropriate for the early development of smart cities. We assess which ABC techniques are suitable for this scenario, focusing on three representative ones-Idemix, U-Prove and VANETupdated Persiano systems. Our experimental results show that they are feasible in VANETs considering state-of-theart technologies, and that Idemix is the most promising technique for most of the considered use cases.
Vehicular Ad-Hoc NETworks (VANETs) improve road safety by preventing and reducing traffic accidents, but VANETs also raise important security and privacy issues. A common approach widely adopted in VANETs is the use of Public Key Infrastructures (PKI) and digital certificates in order to enable authentication and confidentiality, usually relying on a large set of regional Certification Authorities (CAs). Despite the advantages of the latter approach, it raises new problems related with the secure interoperability among the different –and usually unknown- issuing CAs. This paper addresses authentication and interoperability issues in vehicular communications, considering an interregional scenario where mutual authentication between all the nodes is needed. The use of an Authentication Service (AS) is proposed, which supplies vehicles with a trusted set of authentication credentials by implementing a near real-time certificate status service via the well-known Online Certificate Status Protocol (OCSP). The proposed AS also implements a mechanism to quantitatively evaluate the trust level of a CA, in order to decide on-the-fly if an interoperability relationship can be created. The feasibility and performance of the proposed mechanisms are demonstrated via simulations and quantitative analyses by providing a set of communication measurements considering an urban scenario.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.