An Efficient Identity-based Batch Verification Scheme for Vehicular Sensor Networks

Chenxi Zhang, Rongxing Lu, Xiaodong Lin, Pin-Han Ho, and Xuemin (Sherman) Shen

Outline
Introduction Motivation The proposed Scheme Analysis Conclusions

An Efficient Identity-based Batch Verification Scheme for Vehicular Sensor Networks.

University of Waterloo

Introduction
Vehicular networks
Vehicles are equipped wireless-enable devices Vehicles communicate with each other Vehicles can also communicate with roadside units Roadside units can connect with application servers that provide specific applications
An Efficient Identity-based Batch Verification Scheme for Vehicular Sensor Networks.

Fig. Vehicular networks

Introduction

Applications
Safety related Applications
Hard braking warning, sharp curving warning, crashes report, etc.

Infotainment applications
Digital data downloading/uploading (Email, mp3, video), location-aware Information requiring (map, the nearest restaurant/gas station/plaza, etc. )

To probe further

An Efficient Identity-based Batch Verification Scheme for Vehicular Sensor Networks

Introduction -- Applications

Vehicular sensor networks

Sensors are equipped in vehicles
Vehicular sensor networks

More applications
Road weather monitoring Intelligent traffic light system
Roadside units periodically collect information from sensors (vehicles) In order to achieve real-time monitoring, we employ DSRC protocol, in which the broadcast period is 100-300 ms Roadside units give the collected data to Application servers. Than, application servers do corresponding responds
An Efficient Identity-based Batch Verification Scheme for Vehicular Sensor Networks

Introduction -- Vehicular sensor networks

Outline
Introduction Motivation The proposed Scheme Analysis Conclusions

An Efficient Identity-based Batch Verification Scheme for Vehicular Sensor Networks.

University of Waterloo

Motivation
Security requirment
Fast verify speed
In a high density traffic scenario, the number of vehicles in the communication range of a roadside unit could be nearly 200 It is a challenge for a roadside unit to verify all messages sent by vehicles in 100-300 ms

Conditional privacy preserving

The identity information of vehicles should be protected In case an abuse happens, a trust authority is able to trace the real identity of the adversary.

Low communication overhead

An Efficient Identity-based Batch Verification Scheme for Vehicular Sensor Networks. Motivation

Outline
Introduction Motivation The proposed Scheme Analysis Conclusions

An Efficient Identity-based Batch Verification Scheme for Vehicular Sensor Networks.

University of Waterloo

Batch verification
To accelerate verify speed, we do verification on a batch of signatures once.

M1, Sig(M1)

M2, Sig(M2)

Mn, Sig(Mn)

RSU

Accelerate the speed of verifying multiple signatures

Batch: Sig(M1)+Sig(M2)++Sig(Mn), then verify the summation

An Efficient Identity-based Batch Verification Scheme for Vehicular Sensor Networks.

The proposed scheme --Batch verification

The Tamper-proof device design

We employ a tamper-proof device
A tamper-proof device is secure against any compromise attempt. An attacker cannot extract any data stored in the device including key material, data, and code.

Authentication enhancing

Change real ID to pseudo ID

Use pseudo ID to generate private key

The proposed scheme --The tamper-proof device design

An Efficient Identity-based Batch Verification Scheme for Vehicular Sensor Networks.

10

An ID-based Batch verification scheme

Public parameters {G, GT,q,P,Ppub1, Ppub1} Public key ID={ID1,ID2} Private key SK={SK1,SK2} Sign: Verify:
= SK1+h(m)SK2 where Ppub1=s1p, Ppub1=s2p. {s1,s2} is preloaded to a tamper-proof device

Our verification algorithm is based on [CHP07]. But it is not identity based.

*CHP07+ J. Camenisch, S. Hohenberger, and M.O. Pedersen, Batch verification of short signatures, in Proc. EUROCRYPT, 2007.
An Efficient Identity-based Batch Verification Scheme for Vehicular Sensor Networks.

The proposed scheme --An ID-based Batch verification scheme

11

An ID-based Batch verification scheme

Verify a single signature
(,P) ?= (ID1, Ppub1) (h(m)H(ID1||ID2), Ppub2) 3 pairing operations

Verify multiple signature

(i , P) ?= (IDi1, Ppub1) ( h(mi)H(IDi1||IDi2), Ppub2) Still need 3 pairing operations i can also be used as an aggregate signature
An Efficient Identity-based Batch Verification Scheme for Vehicular Sensor Networks.

The proposed scheme --An ID-based Batch verification scheme

12

Outline
Introduction Motivation The proposed Scheme Analysis Conclusions

An Efficient Identity-based Batch Verification Scheme for Vehicular Sensor Networks.

University of Waterloo

13

Conditional privacy preserving

Pseudo identities
Each message contains a distinct pseudo identity An adversary cannot discover the real identity from pseudo identities In case a vehicle sent bogus messages A trust authority can recover the real identity of the vehicle ElGamal Decryption
An Efficient Identity-based Batch Verification Scheme for Vehicular Sensor Networks. Analysis -- Conditional privacy preserving

Retrieve real identities

14

Verify speed

We compare our scheme with BLS signature and ECDSA signature The larger the total number of signature is, the faster the whole verify speed is
An Efficient Identity-based Batch Verification Scheme for Vehicular Sensor Networks. Analysis -- Verify speed

15

Communication overhead

Since our scheme is identity-based, a message does not included a certificate Here, 30,000 corresponds to the number of messages sent by 150 vehicles in 1 minute
An Efficient Identity-based Batch Verification Scheme for Vehicular Sensor Networks. Analysis -- Communication overhead

16

Outline
Introduction Motivation The proposed Scheme Analysis Conclusions

An Efficient Identity-based Batch Verification Scheme for Vehicular Sensor Networks.

University of Waterloo

17

Conclusions The proposed ID-based batch verification scheme is efficient to address both scalability and conditional privacy issues In addition, our scheme also reduce communication overhead

An Efficient Identity-based Batch Verification Scheme for Vehicular Sensor Networks.

Conclusions

18

An Efficient Identity-based Batch Verification Scheme for Vehicular Sensor Networks

Thanks