Privacy-enhanced capabilities for VANETs using direct anonymous attestation

Whitefield, Jorden; Chen, Liqun; Giannetsos, Thanassis; Schneider, Steve; Treharne, Helen

doi:10.1109/vnc.2017.8275615

Cited by 33 publications

(41 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The PUCA architecture builds upon the C2C-CC pseudonym scheme and the REWIRE revocation protocol by using anonymous credentials between vehicles and pseudonym certificate authorities to provide 'full anonymity for honest users' [32]. In further developments, Direct Anonymous Attestation (based on group signatures) has been applied to remove the pseudonym certificate authority altogether by allowing vehicles to generate their own pseudonyms [33]. Both REWIRE and PUCA assume that the vehicle trusted computing platform cannot be compromised, and that the vehicle computer will reliably deliver revocation messages to the trusted platform, as they decentralise trust from the certificate authorities to the vehicles.…”

Section: B Related Workmentioning

confidence: 99%

“…IFAL defines a certificate change strategy that is less susceptible to impersonation attacks [34] than the C2C-CC pseudonym certificate pooling approach [24] adopted by the US standards [6]. Lastly, IFAL retains the centralised control over vehicle revocation which is lost by some of the more privacy-friendly and less standards-compliant architectures [32], [33].…”

Section: B Related Workmentioning

confidence: 99%

See 1 more Smart Citation

IFAL: Issue First Activate Later Certificates for V2X

Verheul

Hicks

Garcia

2019

2019 IEEE European Symposium on Security and Privacy (EuroS&P)

View full text Add to dashboard Cite

This paper presents IFAL, a provably secure and privacy conscious scheme for Vehicle-to-Vehicle and Vehicleto-Infrastructure (V2X) communication. Issue First Activate Later (IFAL) is a practical and secure improvement to the leading European candidate for V2X (ETSI) and one that also merits over the leading US standard. IFAL incorporates a novel cryptographic mechanism that both avoids the need for certificate revocation and which supports vehicles with limited and intermittent connectivity. We introduce a new construction that is equivalent to symmetric key diversification in the public key setting with short, time-delayed activation. We also present a new formalisation of V2X security and privacy which we apply to IFAL to show that it is a provably secure and privacy conscious V2X scheme. IFAL is ETSI compliant and ready for integration into the standard. 2792019 IEEE European Symposium on Security and Privacy (EuroS&P)

show abstract

Section: B Related Workmentioning

confidence: 99%

Section: B Related Workmentioning

confidence: 99%

IFAL: Issue First Activate Later Certificates for V2X

Verheul

Hicks

Garcia

2019

2019 IEEE European Symposium on Security and Privacy (EuroS&P)

View full text Add to dashboard Cite

show abstract

“…Six decades since the start of the computer revolution, four decades since the invention of the micro-processor, and two decades into the rise of modern Internet, all of the technology required to transform industries through software has finally matured and can be widely delivered at a global scale. No part of the industry is untouched by this transformation; be it automotive [1], [2], smart factories, smart grids [3] or healthcare [4]. And with the advent of Internet of Things (IoT), we have just begun reaping the benefits of this evolution that, however, also brings a number of new challenges (or rather makes old unsolved challenges urgent to be tackled with); with security, resilience and operational assurance being some of the major concerns at both logical extremes of a network, namely the edge and the cloud.…”

Section: Introductionmentioning

confidence: 99%

“…A key component in building such trusted computing systems is a highly secure anchor (either software-or hardwarebased) that can serve as root-of-trust towards providing cryptographic functions, measuring and reporting the behaviour of the running software, and computing platform, and storing data securely. Prominent examples include Trusted Execution Environments (TEEs like TrustZone) [8], Trusted Platform Modules (TPMs) [2] or more lightweight secure components that require minimal hardware features and assumptions (better suited to operate in resource-constrained devices) such as SMART, Intel's TrustLite [9] and ARM's TrustZone-M.…”

Section: Introductionmentioning

confidence: 99%

Secure Edge Computing with Lightweight Control-Flow Property-based Attestation

Koutroumpouchos

Ntantogian

Menesidou

et al. 2019

2019 IEEE Conference on Network Softwarization (NetSoft)

Self Cite

View full text Add to dashboard Cite

The Internet of Things (IoT) is rapidly evolving, while introducing several new challenges regarding security, resilience and operational assurance. In the face of an increasing attack landscape, it is necessary to cater for the provision of efficient mechanisms to collectively verify software-and deviceintegrity in order to detect run-time modifications. Towards this direction, remote attestation has been proposed as a promising defense mechanism. It allows a third party, the verifier, to ensure the integrity of a remote device, the prover. However, this family of solutions do not capture the real-time requirements of industrial IoT applications and suffer from scalability and efficiency issues. In this paper, we present a lightweight dynamic control-flow property-based attestation architecture (CFPA) that can be applied on both resource-constrained edge and cloud devices and services. It is a first step towards a new line of security mechanisms that enables the provision of control-flow attestation of only those specific, critical software components that are comparatively small, simple and limited in function, thus, allowing for a much more efficient verication. Our goal is to enhance run-time software integrity and trustworthiness with a scalable and decentralized solution eliminating the need for federated infrastructure trust. Based on our findings, we posit open issues and challenges, and discuss possible ways to address them, so that security do not hinder the deployment of intelligent edge computing systems.

show abstract

“…When referring to ad delivery and targeted ad placement, we are not only referring to smartphones, smart homes or smart appliances but to the wider spectrum of IoT applications; e.g., Intelligent Transportation Systems [5,6]. Such smart vehicles and respectively their drivers, will be part of such aggressive data collection methods being utilized by advertising networks.…”

Section: Introductionmentioning

confidence: 99%

CrowdLED: Towards Crowd-Empowered and Privacy-Preserving Data Sharing Using Smart Contracts

Pouyioukka

Giannetsos

Meng

2019

IFIP Advances in Information and Communication Technology

Self Cite

View full text Add to dashboard Cite

In this research paper, we explore how Blockchain technologies and Smart Contracts can be used to fairly reward users for the data they share with advertising networks without compromising anonymity and user privacy. The novelty of using Blockchains alongside such systems is to understand and investigate how a proper and fair exchange of data can ensure that participating users can be kept secure and eliminate aggressive data collection by ad libraries; libraries that are embedded inside the code of smart-phones and web applications for monetization. There are a lot of privacy issues regarding mobile and online advertising: Advertising networks mostly rely on data collection, similar to a crowdsensing system, but in most cases, neither consent has been granted by the user for the data collection nor a reward has been given to the user as compensation. Making a comparison between the problems identified in mobile and online advertising and the positives of the approach of using Blockchain, we propose "CrowdLED", a holistic system to address the security and privacy issues discussed throughout the paper.

show abstract

Privacy-enhanced capabilities for VANETs using direct anonymous attestation

Cited by 33 publications

References 26 publications

IFAL: Issue First Activate Later Certificates for V2X

IFAL: Issue First Activate Later Certificates for V2X

Secure Edge Computing with Lightweight Control-Flow Property-based Attestation

CrowdLED: Towards Crowd-Empowered and Privacy-Preserving Data Sharing Using Smart Contracts

Contact Info

Product

Resources

About