DoS-resilient cooperative beacon verification for vehicular communication systems

Jin, Hongyu; Papadimitratos, Panos

doi:10.1016/j.adhoc.2018.10.003

Cited by 8 publications

(6 citation statements)

References 27 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Beyond vehicle sharing security and privacy, vehicular communications security and privacy received extensive attention over the years [46], [87], [88]. Recent results focus, for example, on scalable systems, notably for credential management [46], [89], [90], pseudonymous certificates for vehicle tracking protection [91], and decentralized cooperative defenses [92], [93]. Moreover, Qi et al [94] proposed an enhanced scheme of [95], namely, DUBI, a decentralized and privacy-preserving usage-based insurance scheme built on the blockchain technology to address privacy concerns for pay-asyou-drive insurances using zero-knowledge proofs and smart contracts.…”

Section: Related Workmentioning

confidence: 99%

HERMES: Scalable, Secure, and Privacy-Enhancing Vehicular Sharing-Access System

Symeonidis

Rotaru²,

Mustafa

et al. 2022

IEEE Internet Things J.

Self Cite

View full text Add to dashboard Cite

We propose HERMES, a scalable, secure, and privacy-enhancing system for users to share and access vehicles. HERMES securely outsources operations of vehicle access token (AT) generation to a set of untrusted servers. It builds on an earlier proposal, namely, SePCAR, and extends the system design for improved efficiency and scalability. To cater to system and user needs for secure and private computations, HERMES utilizes and combines several cryptographic primitives with secure multiparty computation (MPC) efficiently. It conceals secret keys of vehicles and transaction details from the servers, including vehicle booking details, AT information, and user and vehicle identities. It also provides user accountability in case of disputes. Besides, we provide semantic security analysis and prove that HERMES meets its security and privacy requirements. Last but not least, we demonstrate that HERMES is efficient and, in contrast to SePCAR, scales to a large number of users and vehicles, making it practical for real-world deployments. We build our evaluations with two different MPC protocols: 1) HtMAC-MiMC and 2) CBC-MAC-AES. Our results demonstrate that HERMES is in the range of milliseconds for generating an AT, whether it operates for a single-vehicle owner or a large rental-company branch with over 1000 vehicles; handling 546 and 84 AT generations per second, respectively. As a result, HERMES is an order of magnitude faster compared to SePCAR. Specifically, it delivers 696 (with HtMAC-MiMC) and 42 (with CBC-MAC-AES) more ATs compared to in SePCAR for a single-vehicle owner AT generation. Furthermore, we show that HERMES is practical on the vehicle side, too, as AT operations performed on a prototype vehicle on-board unit take only ≈ 62 ms.

show abstract

Section: Related Workmentioning

confidence: 99%

HERMES: Scalable, Secure, and Privacy-Enhancing Vehicular Sharing-Access System

Symeonidis

Rotaru²,

Mustafa

et al. 2022

IEEE Internet Things J.

Self Cite

View full text Add to dashboard Cite

show abstract

“…The creation and verification of a digital signature for each beacon would introduce significant overhead due to the relatively high beacon rate (≈ 10 beacon s −1 ). This would be costly for the APs and not sustainable for constrained mobile devices, enabling clogging or resource depletion Denial of Service (DoS) attacks [31].…”

Section: Safeguarding Time-based Gnss Verificationmentioning

confidence: 99%

Authenticated time for detecting GNSS attacks

Spanghero,

Zhang,

Papadimitratos

2022

Preprint

View full text Add to dashboard Cite

Information cross-validation can be a powerful tool to detect manipulated, dubious GNSS data. A promising approach is to leverage time obtained over networks a mobile device can connect to, and detect discrepancies between the GNSSprovided time and the network time. The challenge lies in having reliably both accurate and trustworthy network time as the basis for the GNSS attack detection. Here, we provide a concrete proposal that leverages, together with the network time servers, the nearly ubiquitous IEEE 802.11 (Wi-Fi) infrastructure. Our framework supports application-layer, secure and robust real time broadcasting by Wi-Fi Access Points (APs), based on hash chains and infrequent digital signatures verification to minimize computational and communication overhead, allowing mobile nodes to efficiently obtain authenticated and rich time information as they roam. We pair this method with Network Time Security (NTS), for enhanced resilience through multiple sources, available, ideally, simultaneously. We analyze the performance of our scheme in a dedicated setup, gauging the overhead for authenticated time data (Wi-Fi timestamped beacons and NTS). The results show that it is possible to provide security for the external to GNSS time sources, with minimal overhead for authentication and integrity, even when the GNSS-equipped nodes are mobile, and thus have short interactions with the Wi-Fi infrastructure and possibly intermittent Internet connectivity, as well as limited resources.

show abstract

“…It is computationally expensive to verify the broadcast messages and the scheme is vulnerable to denial of service attacks. The authors of [13] adopted periodic broadcasts of commitment keys at a fixed time intervals in their cooperative message verification scheme. However, they did not evaluate its performance and did not provide the time interval that should be used for the periodic distribution.…”

Section: Related Workmentioning

confidence: 99%

Efficient Distribution of Key Chain Commitments for Broadcast Authentication in V2V Communications

Muhammad

Kearney

Aneiba

et al. 2020

2020 IEEE 92nd Vehicular Technology Conference (VTC2020-Fall)

View full text Add to dashboard Cite

Road safety applications such as intersection collision warning, emergency brake warnings, etc., rely on the periodic broadcast of messages by vehicles and roadside infrastructure. PKI-based approaches ensuring the integrity of messages and the legitimacy of the sender are computationally expensive and result in long messages. Approaches based on hashed key chains such as Timed Efficient Stream Loss-tolerant Authentication (TESLA) offer an alternative solution. Because they use symmetric-key cryptography, the messages are shorter and less expensive to verify. However, they bring their own challenges. This paper focuses on one challenge, the problem of distributing key chain commitments required for message verification. We propose and evaluate two techniques, respectively involving periodic broadcast of commitment keys by the vehicles themselves and selective unicasting by a central V2X Application Server (VAS). We find that the VAS-centric solution has advantages over the vehicle-centric solution and a related solution proposed by other researchers.

show abstract

DoS-resilient cooperative beacon verification for vehicular communication systems

Cited by 8 publications

References 27 publications

HERMES: Scalable, Secure, and Privacy-Enhancing Vehicular Sharing-Access System

HERMES: Scalable, Secure, and Privacy-Enhancing Vehicular Sharing-Access System

Authenticated time for detecting GNSS attacks

Efficient Distribution of Key Chain Commitments for Broadcast Authentication in V2V Communications

Contact Info

Product

Resources

About