An Improved and Privacy-Preserving Mutual Authentication Scheme with Forward Secrecy in VANETs (original) (raw)
Related papers
Mutual Authentication Protocol for Secure VANET Data Exchanges
Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, 2021
The initial signaling and data exchanges over open wireless transmission channels in vehicular ad hoc networks (VANETs) renders these networks susceptible to security and privacy violation attacks such as impersonation and packet replays. To curb this, a number of protocols have been proposed such as Public Key Infrastructure (PKI) based schemes, identity (ID) based schemes, anonymity based approaches and password or biometric based schemes. However, PKI based schemes have high computational overheads while ID based schemes are vulnerable to denial of service attacks (DoS). On the other hand, password and biometric based schemes employ the long term shared secrets stored in tamper proof devices (TPD) as the sole authentication factor, rendering them vulnerable to side-channel attacks. On their part, anonymity based approaches employ either digital certificates, pseudonyms or group signatures. However, these schemes do not offer trajectory privacy, conventional signature signing and verification is inefficient, and certificate storage or revocation leads to high storage and computation costs. In this paper, a multi-factor mutual authentication protocol that addressed some of these attacks is proposed. This scheme eliminates the requirement for long term storage of secret keys on TPD and remained secure even in the face of on-broad unit (OBU) active physical attack. Simulation results showed that the proposed protocol is robust against attacks such as privileged insider, masquerade and packet replay. It also preserved backward key secrecy, forward key secrecy, password secrecy and anonymity. Its performance evaluation revealed that it exhibited average computation and communication overheads, in addition to average beacon generation and verification latencies.
EFFICIENT PRIVACY PRESERVING AUTHENTICATION FOR VEHICULAR AD-HOC NETWORKS
Vehicular networks are a fast developing research topic which is useful for the area like traffic efficiency enhancement and safety application. VANET (Vehicular Ad-Hoc Network) is considered as an intelligent transport system where in the vehicles can able to communicate with each other and also with the road side infrastructure. Since the message exchange between two vehicles are ad-hoc in nature and the driver behavior and high mobility of the vehicle, there is a chance of privacy and security problems and also the authentication is an another issue for any secured interactions due to the VANET has a unsecured and untrusted nature. The paper reviews various existing authentication protocols used for efficient privacy preserving authentication in the VANET.
A secure mutual authentication scheme with non-repudiation for vehicular ad hoc networks
International Journal of Communication Systems, 2015
Vehicular Ad Hoc networks (VANETs) have been a research focus in recent years. VANETs are not only used to enhance the road safety and reduce the traffic accidents earlier, but also conducted more researches in network value-added service. As one of the results, the security requirements of vehicle communication are given more attention. In order to prevent the security threat of VANETs, the security requirements, such as the message integrity, availability and confidentiality are needed to be guaranteed further. Therefore, a secured and efficient verification scheme for VANETs is proposed to satisfy these requirements and reduce the computational cost by combining the asymmetric and symmetric cryptology, certificate, digital signature, and session key update mechanism. In addition, our proposed scheme can resist malicious attacks or prevent illegal users' access via security and performance analysis. In summary, the proposed scheme is proved to achieve the requirements of resist known attacks, non-repudiation, authentication, availability, integrity, and confidentiality.
Symmetry
The security and privacy issues in vehicular ad hoc networks (VANETs) are often addressed with schemes based on either public key infrastructure, group signature, or identity. However, none of these schemes appropriately address the efficient verification of multiple VANET messages in high-density traffic areas. Attackers could obtain sensitive information kept in a tamper-proof device (TPD) by using a side-channel attack. In this paper, we propose an identity-based conditional privacy-preserving authentication scheme that supports a batch verification process for the simultaneous verification of multiple messages by each node. Furthermore, to thwart side-channel attacks, vehicle information in the TPD is periodically and frequently updated. Finally, since the proposed scheme does not utilize the bilinear pairing operation or the Map-To-Point hash function, its performance outperforms other schemes, making it viable for large-scale VANETs deployment.
A secure and efficient message authentication protocol for VANETs with privacy preservation
2011
In this paper, a secure and efficient protocol for vehicular ad hoc networks has been proposed that ensures both message authentication and privacy preservation. As safety related message may contain life critical information, it is a necessity that the sender as well as the message are authentic. The proposed scheme is based on a secure elliptic curve digital signature algorithm approach. The proposed scheme supports conditional privacy, where the user's location can be revealed at the willingness of the user. Apart from this, the scheme is secure against attacks like DoS, Sybil and Grey/Black Hole attacks. From the comparison with previously proposed schemes, it is found that the proposed scheme as based on elliptic curve discrete logarithmic problem, outperforms existing algorithms based on integer factoring and discrete logarithmic problem.
A Secure and Efficient Authentication Technique for Vehicular Ad-Hoc Networks
IEEE Transactions on Vehicular Technology
Vehicular ad-hoc networks (VANETs) have been emerging due to the recent technologies in wireless and network communications. The most fundamental part in VANETs is to enable message authentications between vehicles and roadside units. Message authentication using proxy vehicles has been proposed to reduce the computational overhead of roadside units significantly. In this type of message authentication schemes, proxy vehicles with verifying multiple messages at the same time improve computational efficiency of roadside units when there are a large number of vehicles in their coverage areas. In this paper, first we show that the only proxy-based authentication scheme (PBAS) presented for this goal by Liu et al. cannot achieve authenticity of messages, and also it is not resistant against impersonation and modification attacks and false acceptance of batching invalid signatures. Next, we propose a new identitybased message authentication using proxy vehicles (ID-MAP). Then, to guarantee that it can satisfy message authentication requirement, existential unforgeability of underlying signature against adaptively chosen-message and identity attack is proved under Elliptic Curve Discrete Logarithm Problem in the random oracle model. It should be highlighted that ID-MAP not only is more efficient than PBAS since it is pairing-free and does not use map-to-point hash functions, but also it satisfies security and privacy requirements of vehicular ad hoc networks. Furthermore, analysis shows that the required time to verify 3000 messages in ID-MAP is reduced by 76% compared to that of PBAS.
IEEE Access
Vehicular ad-hoc networks (VANETs) can substantially improve traffic safety and efficiency by providing a communication platform between vehicles and roadside units (RSUs) to share real-time information on traffic and road conditions. Two essential security requirements for VANETS are data authentication and the preservation of the privacy of vehicle owners. Conditional privacy-preserving authentication (CPPA) schemes address both of these security requirements. The existing CPPA schemes either require a tamper-resistant device (TRD), which is vulnerable to key exposure based on physical attacks, or require continuous communications of vehicles with RSUs, which significantly increases the communication overhead. This paper addresses both of these problems by proposing a provable secure, and efficient CPPA scheme. We prove the privacy-preserving property of our scheme in the random oracle model and show that it offers anonymity, unlinkability, and tamper detection even if a physical attacker succeeds in compromising an individual OBU. Moreover, the performance analysis of our scheme shows a substantial improvement in communication cost, especially in comparison with RSU-aided schemes that require continuous vehicle communication with roadside units and a Trusted Authority (TA). INDEX TERMS Vehicular ad-hoc networks, privacy-preserving schemes, provable security, authentication, physically secure, fail-stop signature. I. INTRODUCTION 16 Many road accidents are caused by the lack of timely infor-17 mation to the vehicle's drivers, resulting in inappropriate 18 or delayed responses to unexpected situations. Vehicular 19 Ad-hoc NETworks (VANETs) can increase safety by trans-20 mitting relevant information to drivers in a timely way. 21 Four entities are involved in these networks: drivers (users), 22 On-Board Units (OBU) in vehicles, RoadSide Units (RSU), 23 and a Trusted Authority (TA) [1]. A Tamper Resistant 24 The associate editor coordinating the review of this manuscript and approving it for publication was Zijian Zhang. Device (TRD) or Trusted Platform Module (TPM) can be 25 embedded in OBUs. Vehicle drivers are authenticated with 26 a password, a smart card, or a security token (e.g., stored 27 on a smartphone). OBUs and RSUs can establish Vehicle-28 to-Vehicle (V-2-V) and Vehicle-to-RSU (V-2-R) communi-29 cations, and RSUs can communicate with the TA over the 30 internet (Figure 1). Each vehicle acts as a node in these 31 networks and sends the information to its closest neighbors. 32 One of the major concerns in these networks is how 33 to authenticate the sender while protecting the anonymity 34 of vehicles and their drivers. The existing authentication 35 schemes for vehicular ad-hoc networks can be categorized 36
Vehicular Ad hoc network (VANET) is an essential element of intelligent transportation system, which improves traffic safety and efficiency by allowing vehicles, road side infrastructure , and transport management authority to securely and collaboratively communicate. To address the security and privacy challenges in VANETs, several conditional privacy-preserving authentication (CPPA) schemes based on bilinear pairing and using a tamper-proof device have been proposed. However, bilinear operation is known to be one of the most complex cryptographic operations and tamper-proof device is expensive with a very strong security assumption. In this work, we propose a CPPA scheme for VANETs without using bilin-ear pairing or any special device. The proposed scheme employs pseudo-identity-based time-bound signature and transport management center (TMC) to achieve CPPA with scala-bility in VANETs. The security analysis shows that the scheme not only satisfies all the security and privacy requirements of VANETs, but solves private key compromise problem and provides countermeasure against privilege escalation. Compared with most recent CPPA schemes for VANETs, the computation cost of message signing, single message verification and batch verification in the proposed scheme improved by 91.39%, 94.55%, and 99.60% respectively. Moreover, analysis shows that the proposed scheme has better performance in terms of communication cost than existing CPPA schemes in VANETs.
Privacy preserving broadcast message authentication protocol for VANETs
Journal of Network and Computer Applications, 2013
Vehicular Ad-hoc Networks (VANETs) will start becoming deployed within the next decade. Among other benefits, it is expected that VANETs will support applications and services targeting the increase of safety on the road, and assist in improving the efficiency of the road transportation network. However, several serious challenges remain to be solved before efficient and secure VANET technology becomes available, one of them been efficient authentication of messages in a VANET. There is a significant body of research work addressing this issue, however, while progress has been made, the challenge is still far from having been resolved and reliable and secure systems ready for deployment becoming available. In this paper, we propose the Privacy Preserving Broadcast Message Authentication (PPBMA) scheme, which, instead of performing asymmetric verification, uses Message Authentication Code (MAC) functionality and HASH operations to authenticate messages. Moreover, we use two-level key hash chain, which assists avoiding message losses. Simulation results demonstrate that PPBMA has superior performances in terms of packet loss rate and message delivery latency when compared to existing solutions. Due to this advantage, it can support emergency and routine messages alike, while existing solutions can only support routine messages.
Secure Message Transmission for V2V Based on Mutual Authentication for VANETs
Wireless Communications and Mobile Computing
The advancements in Vehicular Ad Hoc Networks (VANETs) require more intelligent security protocols that ultimately provide unbreakable security to vehicles and other components of VANETs. VANETs face various types of security pitfalls due to the openness characteristics of the VANET communication infrastructure. Researchers have recently proposed different mutual authentication schemes that address security and privacy issues in vehicle-to-vehicle (V2V) communication. However, some V2V security schemes suffer from inadequate design and are hard to implement practically. In addition, some schemes face vehicle traceability and lack anonymity. Hence, this paper’s primary goal is to enhance privacy preservation through mutual authentication and to achieve better security and performance. Therefore, this article first describes the vulnerabilities of a very recent authentication scheme presented by Vasudev et al. Our analysis proves that the design of Vasudev et al.’s scheme is incorrect...