Escolar Documentos
Profissional Documentos
Cultura Documentos
TECH DISSERTATION ON
Presented By
UPASANA SINGH Roll No.- 09M502 M.Tech, CSE Department NIT Hamirpur
DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING NATIONAL INSTITUTE OF TECHNOLOGY HAMIRPUR-177005, HP (INDIA) August, 2011
OUTLINE
Introduction
Applications Attacks
of VANETs
Security
Motivation
Problem
Literature System
Model
Proposed Analysis
Solution
and results
Conclusion References
INTRODUCTION
Vehicular networks is a technology that uses moving cars as nodes in a network to create a mobile network. It turns every participating car into a wireless router or node. It enables vehicles to communicate with each other via Vehicle-to-Vehicle (V2V) as well as with roadside base stations via Vehicle-toInfrastructure Communication (V2I). Vehicular networks have received attention for their potential in traffic efficiency, road safety, infotainment, Internet access. Especially, the new emerging infotainment applications demand vehicular networks to support multimedia and real-time services [8]. Therefore, provisioning of seamless mobility is essential for next generation vehicular networks.
INTRODUCTION (CONT.)
The unique characteristics of VANETs are [9]:
APPLICATIONS OF VANET
Active Safety
Public Service
1. Emergency response 2. Support for authorities
2. Traffic Efficiency
Mobile Business and Entertainment 1. Vehicle Maintenance 2. Mobile Services 3. Enterprise solutions 4. E-Payment
Insider vs. Outsider Malicious vs. Rational Active vs. Passive Local vs. Extended
Types of attacks:
Denial of Service
Masquerading
Level 2
Level 3
Yes
Yes
Yes
Yes
No
Yes
MOTIVATION
Since security and privacy protection are mutually conflicting, so a large number of proposed schemes had to compromise between these two requirements and reaching a good compromise state results in computing, communications and storage overhead. VANETs use asymmetric key cryptography for authentication purpose and symmetric key cryptography for communication purpose. With the use of pseudoidentities the overhead of asymmetric key cryptography could also be reduced with the symmetric key solutions. Still very less work is done in this direction.
LITERATURE SURVEY
Ref. No.
1.
Publication / year
IEEE Journal on Security and Privacy, 2004.
Remarks
-Recognized the need for conditional privacy. - Introduced the concept of Electronic License Plates. - Also focused on location verification. -Symmetric key based authentication using short lived pseudonyms. - Less reliant on availability of bandwidth.
Limitations
Does not provide any solution to provide privacy.
2.
J.Y. Choi, M. Jakobsson, S. Wetzel, Balancing Auditability and Privacy in Vehicular Networks.
Vehicles authenticate each other via a base station, which is undesirable for inter-vehicle communications Conditional anonymity claimed applies only to the vehicles amongst the peer. Also implementation of two protocols is a tedious job
3.
X. Lin, X. Sun, P.H. Ho, X. Shen, GSIS: A Secure and Privacy-Preserving Protocol for Vehicular Communications.
-Uses group signatures and ID-Based cryptography. - Developed two different algorithms for V2V and V2I communication.
Ref. No.
4.
Publication year
IEEE Conference ISADS , 2007.
Remarks
-Uses symmetric random key set. - Uses different identity at different RSU. -Focused on improving handover latency by decreasing authentication latency. - Uses EAP for authentication purpose. -Group based scheme using asymmetric cryptography.
Limitations
Suffers from authentication traffic and RTT (Round Trip Time) latency. EAP is not developed for vehicular networks.
5.
6.
Difficulty in election of group leader , also there may be too few Cars to create a group. Suffers from computational overhead.
7.
K. Xue, P. Hong, X. Tie, Using Security Context Pre-Transfer to Provide Security Handover Optimization for Vehicular Ad Hoc Networks.
- Handover is also discussed along with the authentication. - Based on asymmetric cryptography and hash chain anchor.
SYSTEM MODEL
ASSUMPTIONS
The Tamper proof device on the board of each vehicle have computational power to calculate keys. It could be reconfigured by downloading data from the Authentication Server. For Internet access FMIPv6 is considered. Since we are using FMIPv6 for Internet access, during the solution we will use term mobile node for vehicle and Access router for the Roadside Units for the ease of understanding. We assume that only TA and the vehicle know the real identity and the password (symmetric key).
The Function used to create the pseudoidentity of the vehicle is known to the TA and is inbuilt in the OBU of the vehicle.
(CONT.)
OBUs can create random numbers with strong randomness even though they have limited computational capabilities. The random numbers used in the key establishment protocol are generated through a pseudorandom function that takes a counter together with the key as input.
Random_number = Fkey (counter) The counter is incremented after every use. The function F can be implemented as a hash-keyed message authentication code.
PROPOSED SOLUTION
System Setup:
Before entering VANET, all RSUs, and OBUs must get registered by TA. Each vehicle is given a unique identity UID and password PSW by the TA. When the vehicle enters a network it enters UID and PSW in the OBU which generates a pseudoidentity IDA as; IDA= (UID PSW)
When entering the VANET, the vehicle V first needs to mutually authenticate and establish a secure master key with the AAA server. All the RSUs are also authenticated by the AAA server. Whenever a vehicle comes in contact with a RSU their ID are verified for legitimacy through Challenge-Response method. If returning yes, the RSU and the vehicle will setup a handover key.
AAA
Computes n= p.q, where p and q two secret numbers
JA = f(IDA)
Chooses a secret s such that 1sthan computes v= (JA .s)2 mod n and makes it public
AAA and V choose respective secret no.s a and b such that 1a and bg-2 each co-prime to g-1. they respectively compute a-1 mod g-1 and b-1 mod g-1 Chooses a secret k such that 1kg-1, and computes (k.a) mod g (k.a)mod g
(k.a.b)mod g (k.b)mod g
Master key k mod g is generated between the Vehicle and the AAA server.
2.
Server generates a unique Handover Encryption key using the MK and delivers it to the corresponding AR.
HEK = H(MK, IDAR || IDMN)
VERIFICATION PHASE
V (MN) RSU (NAR)
x =(JA.r)2 mod n
IDA, x Selects challenge bit e (e=0 /1)
Challenge bit e
If e = 0; y = (IDA.r)mod n If e =1; y = (IDA.r.s)mod n
HANDOVER PHASE
V (MN) PAR (RSU) NAR (RSU) AAA Server
HMK & HEK1
HMK HEK1
Mutual Authentication
HEK1
RtSolPr PrRtAdv
Handover Phase
FBack
HANDOVER PHASE
The MN transmits a RtSolPr (Router Solicitation for Proxy) message to the PAR connected. After receiving RtSolPr message, PAR transmits a PrRtAdv (Proxy Router Advertisement) message. When the MN selects new AR to which it wants to connect and it sends Msg1 to NAR along with the verification request. Msg1= HEK( IDMN, IDPAR, IDNAR, NonceMN), H(HEK, IDMN || IDPAR || IDNAR || NonceMN) .
NAR on receiving Msg1 from MN firstly verifies the MN and than responds with Msg2. Msg2= HEK(IDMN, IDPAR, IDNAR, NonceMN, NonceNAR), H(HEK, IDMN ||IDPAR || IDNAR || NonceMN || NonceNAR) .
(CONT.)
MN transmit a FBU via Msg3 to PAR. Msg3=FBU, H(HK, NCoA , NonceNAR) PAR then sends HI via Msg4 o NAR. Msg4 = HI, H(HK, NCoA, NonceMN) NAR generates HK and verifies it. If verification is successful, NAR send Hack. PAR transmits FBack. MN on attaching to the NAR transmits FNA .
PERFORMANCE ANALYSIS
Computational parameters [11]: Operation Thash Time (ms) 0.5
Tsym
Tasym Trandom Tmul Tinv
8.7
100Tsym 0.5 0.5 19Tmul
SECURITY ANALYSIS
Mutual Authentication: MN and NAR are authenticated mutually via HK. Secrecy: Msg1 and Msg2 exchanged between MN and NAR are kept secret from an adversary. HK is only shared between MN and NAR. Neighbour ARs can not derive HK. Moreover, the key is kept secret
CONCLUSION
The most important point in securing the vehicular communication is to provide both security and privacy while reducing the computational and storage overhead. Our proposed scheme uses a secret shared key between the vehicle and the roadside infrastructure which is further used during the handover for computing the handover keys and communicating securely. Verification of a vehicle as a legitimate node is done at the roadside infrastructure itself and no communication with the server is required. Our scheme promises mutual authentication, secrecy, and privacy of the specifics of the vehicle. It also reduces the authentication latency by carrying out pre-authentication at the vehicle and the server. The proposed protocol is analyzed to be secure through the security simulator AVISPA. Also through the analysis of our protocol shows that it indeed has desirable properties of a security scheme for a vehicular network and is safe against several attacks. The performance analysis shows that the symmetric key cryptography based protocols have an improvement of almost about 50% in the computational overhead.
REFERENCES
1.
J.P. Hubaux, S.C. Apkun, J. Luo, The Security and Privacy of Smart Vehicles, IEEE Journal on Security and Privacy, Vol. 2, Issue 3, pp. 49 55, 2004. J.Y. Choi, M. Jakobsson, S. Wetzel, Balancing Auditability and Privacy in Vehicular Networks, Q2SWinet '05, 2005. X. Lin, X. Sun, P.H. Ho, X. Shen, GSIS: A Secure and Privacy-Preserving Protocol for Vehicular Communications, IEEE Transactions on Vehicular Technology, Vol. 56, Issue 6, pp. 3442-3456, 2007. Y. Xi, K. Sha, W. Shi, L. Schwiebert, Enforcing Privacy Using Symmetric Random Key-Set in Vehicular Networks, IEEE Conference ISADS 2007, 2007. S.H. Lee, J.Y. Choi, N.S. Park, FMIPv6 based Secure Binding Update Authentication in Wireless Vehicular Networks, IEEE conference ISWPC 2009, pp. 1-5, 2009. J. Chen, J. Wu, Cooperative Anonymity Authentication in Vehicular Networks, IEEE Conference MOBHOC 2009, pp. 1018-1023, 2009.
2.
3.
4.
5.
6.
7.
K. Xue, P. Hong, X. Tie, Using Security Context Pre-Transfer to Provide Security Handover Optimization for Vehicular Ad Hoc Networks, IEEE conference on Vehicular Technology (VTC 2010-Fall), pp. 1-5, 2010.
Q. Mussabbir, W. Yao, Z. Niu, X. Fu, Optimized FMIPv6 Using IEEE 802.21 MIH Services in Vehicular Networks, IEEE Transactions on Vehicular Technology, Vol. 56, No. 6, Nov. 2007.
8.
9.
Z. Li, Z. Wang, C. Chigan, Security of Vehicular Ad Hoc Networks in Intelligent Transportation Systems, Wireless Technologies for Intelligent Transportation Systems, Nova Science Publishers, 2009.
E. Schoch, F. Kargl, M. Weber, T. Leinmller, Communication Patterns in VANETs, IEEE Journal Communications Magazine, Vol. 46, Issue 11, pp. 119-125, 2008.
10.
11.
J. S. Lee, C. C. Chang, Secure communications for cluster-based ad hoc networks using node identities, Journal of Network and Computer Applications, Vol.30, No.4, pp.1377-1396, 2007.
PUBLICATIONS
Upasana Singh, Pardeep Singh, Security and Privacy Enabling Lightweight Solution for Vehicular Networks, International Journal of Advances in Computer Networks and its Security, Vol. 1, No. 1, pp. 281-285, 2011 . Upasana Singh, Pardeep Singh, Privacy Providing Solution for Vehicular Communication, International Journal of Engineering Research and Applications (IJERA), Vol. 1, No. 2, pp. 363-368, 2011. Upasana Singh, Pardeep Singh, Security and Privacy Enabling Solution for Vehicular Networks, International Conference on Advances in Information Technology and Communication AIT 2011, Springer LNICST . (In Press) Upasana Singh, Pardeep Singh, Review of Solutions for securing the Vehicular Networks, International Journal of Computer Technology and Applications. (Accepted)
THANK YOU