SEROSA: SERvice oriented security architecture for Vehicular Communications

Gisdakis, Stylianos; Laganà, Marcello; Giannetsos, Thanassis; Papadimitratos, Panos

doi:10.1109/vnc.2013.6737597

Cited by 34 publications

(65 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In this case, the RA coordinates with the PP, CA and Top-level CA requesting the resolution of the given pseudonym's long-term identifier (Steps 10-11) which is then disseminated to other vehicles using (for example) CRLs. However, as described in the previous section, such schemes have been shown to suffer from scalability issues [7] [9] and privacy weaknesses of varying pseudonym re-usage and revocation policies [10]; especially against scenarios where the (trusted) authorities collude with each other to link vehicles' actions or completely de-anonymize their identity.…”

Section: Vehicular Communication Backgroundmentioning

confidence: 99%

“…Vehicular Communication systems are susceptible to both outsider and insider adversaries [9] [33]. The former are unauthorized entities (i.e., no credentials or trust relationships with other system entities) that seek to compromise the system and disrupt its operation.…”

Section: A Threat and Adversary Modelmentioning

confidence: 99%

“…Various properties are of interest with a particular focus on pseudonym generation, revocation and network latency; the latter can be induced by vehicular mobility so as to better assess the revocation protocol under volatile network connectivity. The goal is to provide strong evidence on the efficient provision of security-related services in vehicular networking environments against existing architectures [9] [36].…”

Section: B Security Analysismentioning

confidence: 99%

“…Secondly, many researchers have demonstrated the privacy weaknesses of varying pseudonym re-usage policies; even in the case of unconditional anonymity where frequently changing pseudonyms (one per message) has been proposed for a vehicle to avoid being tracked, it has been shown to be ineffective due to the timing information of changing pseudonyms [8]. Thirdly, in the context of revocation policies for removing misbehaving nodes from the network, this can only be achieved when the employed pseudonym scheme supports the resolution of participants' long-term identities from their pseudonyms [9] [10]. In this case, information about the revocation of a vehicle's longterm credentials, is disseminated to other participants through Certificate Revocation Lists (CRLs) or other means.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Privacy-enhanced capabilities for VANETs using direct anonymous attestation

Whitefield

Chen

Giannetsos

et al. 2017

2017 IEEE Vehicular Networking Conference (VNC)

Self Cite

View full text Add to dashboard Cite

Abstract-In this paper, we propose a novel secure and privacypreserving solution for V2X systems leveraging widely accepted trusted computing technologies. Our approach systematically addresses all key aspects, i.e., security, privacy and accountability (revocation). By reflecting on state-of-the-art pseudonym architectures, we identify their limitations focusing on pseudonym reusage policies and revocation mechanisms. We propose the use of Direct Anonymous Attestation (DAA) algorithms to enhance existing V2X security architectures. The novelty of our proposed solution is its decentralized approach in shifting trust from the infrastructure to vehicles. Applying DAA in V2X enables enhanced privacy protection than is possible in current architectures through user-controlled linkability. The paper presents the incorporation of DAA algorithms within V2X together with rigorous security and privacy arguments.

show abstract

Section: Vehicular Communication Backgroundmentioning

confidence: 99%

Section: A Threat and Adversary Modelmentioning

confidence: 99%

Section: B Security Analysismentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Privacy-enhanced capabilities for VANETs using direct anonymous attestation

Whitefield

Chen

Giannetsos

et al. 2017

2017 IEEE Vehicular Networking Conference (VNC)

Self Cite

View full text Add to dashboard Cite

show abstract

“…The industry, academia, and standardization bodies [24], [25] have converged to the use of pseudonymous authentication for protecting the location privacy of vehicles [24], [26]- [31]. These ephemeral identities are public/private key pairs, used for identifying and authenticating vehicles both in the context of vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communications [32].…”

Section: B Security and Privacy Issuesmentioning

confidence: 99%

Secure and Privacy-Preserving Smartphone-Based Traffic Information Systems

Gisdakis

Manolopoulos

Tao

et al. 2015

IEEE Trans. Intell. Transport. Syst.

Self Cite

View full text Add to dashboard Cite

Increasing smartphone penetration, combined with the wide coverage of cellular infrastructures, renders smartphonebased traffic information systems (TISs) an attractive option. The main purpose of such systems is to alleviate traffic congestion that exists in every major city. Nevertheless, to reap the benefits of smartphone-based TISs, we need to ensure their security and privacy and their effectiveness (e.g., accuracy). This is the motivation of this paper: We leverage state-of-the-art cryptographic schemes and readily available telecommunication infrastructure. We present a comprehensive solution for smartphone-based traffic estimation that is proven to be secure and privacy preserving. We provide a full-blown implementation on actual smartphones, along with an extensive assessment of its accuracy and efficiency. Our results confirm that smartphone-based TISs can offer accurate traffic state estimation while being secure and privacy preserving.

show abstract

Hierarchical Attribute-Based Signatures

Drăgan

Gardham

Manulis

2018

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Attribute-based Signatures (ABS) are a powerful tool allowing users with attributes issued by authorities to sign messages while also proving that their attributes satisfy some policy. ABS schemes provide a flexible and privacy-preserving approach to authentication since the signer's identity and attributes remain hidden within the anonymity set of users sharing policy-conform attributes. Current ABS schemes exhibit some limitations when it comes to the management and issue of attributes. In this paper we address the lack of support for hierarchical attribute management, a property that is prevalent in traditional PKIs where certification authorities are organised into hierarchies and signatures are verified along roots of trust. Hierarchical Attribute-based Signatures (HABS) introduced in this work support delegation of attributes along paths from the top-level authority down to the users while also ensuring that signatures produced by these users do not leak their delegation paths, thus extending the original privacy guarantees of ABS schemes. Our generic HABS construction also ensures unforgeability of signatures in the presence of collusion attacks and contains an extended traceability property allowing a dedicated tracing authority to identify the signer and reveal its attribute delegation paths. We include a public verification procedure for the accountability of the tracing authority. We anticipate that HABS will be useful for privacy-preserving authentication in applications requiring hierarchical delegation of attribute-issuing rights and where knowledge of delegation paths might leak information about signers and their attributes, e.g., in intelligent transport systems where vehicles may require certain attributes to authenticate themselves to the infrastructure but remain untrackable by the latter.

show abstract

SEROSA: SERvice oriented security architecture for Vehicular Communications

Cited by 34 publications

References 19 publications

Privacy-enhanced capabilities for VANETs using direct anonymous attestation

Privacy-enhanced capabilities for VANETs using direct anonymous attestation

Secure and Privacy-Preserving Smartphone-Based Traffic Information Systems

Hierarchical Attribute-Based Signatures

Contact Info

Product

Resources

About