vanets. agenda system model → what is vanets? → why vanets? threats proposed protocol → aosa...

VANETs

CSE 681- Information SecurityDr. Huriong Fu

ByNavya Pondicherry

Nahed Alnahash

Agenda System Model

→ What is VANETs?→ Why VANETs?

Threats

Proposed Protocol→ AOSA→ SPCP→ PARROTS

Evaluation→ Entropy→ Anonymity Set→ Tracking Probability

Conclusion

System Model VANETs are wireless networks where vehicles are both network hosts and routers

They are involved in traffic and safety management. By using V2I and V2Vcomuunicatiobs

A typical VANETs consists of

a. Road Side Unitsb. Administration and application serversc. Location based Serviced. Proxye. Vehiclesf. Group leader (depending on the model)g. Registration authority

Communication through road side units in VANETs can be used to track the location of the vehicles

System ModelSystem Model

This is an example showing the vehicles communicating with the traffic lights

As the VANETs uses the identifiers to communicate to the RSU through which it communicates to the LBS, this may affect the privacy of the vehicle.

As people with access to these identifiers may be :

1) Administrators of network infrastructure

2) Administrators of LBS

3) Big Brother (quoted by George)

4) Hackers

The anonymity of the message sender is also under risk

Threats

AOSA : Anonymous Online Service Access

SPCP : Synchronized Pseudonym Changing Protocol

PARROTS: Position Altered Random Repetition Of Transportation Signature

Proposed Models

In this protocol the concept of frequently changing anonymous keys is proposed to protect anonymity and location privacy.

It is based on the concept of forming groups among neighbors.

This model is based on two phases

First Phase : All the vehicles and service providers register with the RA

Here the vehicles dynamically form groups and short group signatures are used to handle all the group keys and signatures

All the group members listen to the group leaders notifications

Group members join the group based on the verification of the credentials of the group leader

AOSA

Second Phase: In this when a vehicle needs to access the service.

The steps followed in this procedure are :

Step 1 : Vi sends to GL the signed service request, m, represented by V−i(m)

and his digital certificate, C(Vi) encrypted by the service provider’s public key, S+ and by a previously established secret key, GLi

S. This is represented as GLi

S[S+(V−i(m), C(Vi))] = Gli

S[Mv].

Step 2: GL decrypts Mv and adds the GL’s location, LocGL, and GL's digital certificate C(GL), then signs the message with the GL’s private key, GL−, resulting in MGL = GL−(Mv), C(GL), LocGL. GL then forwards to the roadside unit, RSU.

i

AOSA

Step 3 : RSU relays message to Proxy.

Step 4 : Proxy verifies GL’s certificate and forwards request to App. Server, AS .

Step 5: AS (a) decrypts the message with its private key, (b) verifies the vehicle's identity and (c) verifies the vehicle's authority for

the service requested. If all is satisfactory, service provider sends a reply, R, which includes session key, ASi

S for communication between the vehicle and service provider. This results in a reply message encrypted with the vehicle’s public key, then with GL’s public key, or GL+(V+

gi (R)).

AOSA

Step 6 : Proxy verifies AS’s certificate and forwards reply to RSU.

Step 7: RSU forwards reply to GL.

Step 8: Finally, the GL forwards reply to vehicle using group secret key. The final reply may be represented as Gli

S[V+gi(R)].

AOSA

Vehiclei

1

8 2

7 6

3

5 4

5

4 5

4

RSU Proxy

Server

App. Server

App. Server

App. Server GL

Initialization Phase :In addition to pseudonyms public/private keys and public key certificates, Certification Authority (CA) generates and uploads each vehicle a set of parameters that is required.

Group management is divided between the CA and the temporary group leaders.

Group Formation Phase : If there is no group, then it forms its own group before it changes the current pseudonym.

Group joining phase : Group leader verifies the members CA certificate.

Member vehicles receive member secret key.

SPCP

Signature of any group member can be verified using group public key.

Group Operations Phase : Each member uses its temporary identification, group private key, group public key and public key certificate issued by CA.

Leader and member listen to each other continuously. If not heard it is understood that the member left.

Pseudonym Changing Phase : group leader decides the time to change the pseudonyms.

SPCP

Step 1: Vgi sends to GL the signed service request, m, represented by

V−i(m) and V+

gi (m), C(V

i) encrypted by the service provider’s public key,

S+ and by a previously established secret key, GLiS. This is represented

as GLiS[S+(V−

i(m), V+

gi (m), C(V

i))] = Gl

iS[Mv].

Step 2 :GL decrypts Mv and adds the GL’s location, LocGL

, C(GL), then signs the message with the GL’s private key, GL−,

resulting in MGL

= GL−(Mv), C(GL), LocGL

. GL then forwards to the roadside unit, RSU.

Step 3: RSU relays message to Proxy.

SPCP

Step 4 :Proxy verifies GL’s certificate and forwards request to App. Server, AS

Step 5: AS (a) decrypts the message with its private key, (b) verifies the vehicle's identity and (c) verifies the vehicle's authority for

the service requested. If all is satisfactory, service provider sends a reply, R, which includes session key, ASi

S for communication between the vehicle and service provider. This results in a replymessage encrypted with the vehicle’s public key, then with GL’s public key, or GL+(V+

gi (R)).

Step 6 : Proxy verifies AS’s certificate and forwards reply to RSU.

Step 7: RSU forwards reply to GL.

SPCP

Step 8: Finally, the GL forwards reply to vehicle using group secret key. The final reply may be represented as Gli

S[V+gi(R)].

SPCP

The parrots model alters the perceived posotion, hence the term “position altered” has been given.

Here the message is repeated hence, the term “random repetition” has been given .

The term “transportation signature is formualted as pseudo-identity is used to track the vehicle.

In this model term “parrotee” is given to a vehicle that is willing to obfuscate its location.

The term “parroter” is given to a vehicle that is willing to obfuscate another vehicle's location.

PARROTS

PARROTS

AOSA/SPCP

PARROTS

Anonymity Set Size : sum of all anonymity set values.

Tracking Probability :no of vehicles with anonymity set size = 1/ total no of vehicles.

Entropy : entropy + math.log(anonymity[vi],2)/total number of vehicles

EVALUATION

0 50 100 150 200 250 300 350 400 4500

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1Tracking Probability

SPCPAOSAPARROTS

No of Vehicles

Trac

king

Pro

babi

lity

0 50 100 150 200 250 300 350 400 4500

0.5

1

1.5

2

2.5Entropy

SPCPAOSAPARROTS

No of Vehicles

Entr

opy

0 50 100 150 200 250 300 350 400 4500

500

1000

1500

2000

2500

3000Anonymity Set Size

SPCPAOSAPARROTS

No of Vehicles

Anon

ymity

Set

siz

e

In AOSA and SPCP the group leaders location is not secured, but using the PARROTS the group leaders location can also be secured.

AOSA is a good model and has its own advantages such as securing the other group members and also enhancing the unlink ability by using the group identifiers.

In any of the above models it is quite evident that higher density gives higher privacy

In PARROTS concept multiple parrotee's per parroter can be implemented.

In PARROTS the anonymity set i.e. how many are using the same location id is difficult to find.

Including user choice could be the future direction for PARROTS.

CONCLUSION AND FUTURE WORK

References

1. Weerasinghe H, Fu H, Leng S (2010) Anonymous service access for Vehicular Ad hoc Networks, 2010 Sixth International Conference on Information Assurance and Security (IAS), pp.173-178, 23-25 .2. Weerasinghe H, Fu H, Leng S, Zhu Y (2011) Enhancing unlink ability in Vehicular Ad Hoc Networks, 2011 IEEE International Conference on Intelligence and Security Informatics (ISI), pp.161-166 .3. Sampigethaya K, Huang L, Li M, Poovendran R, Matsuura K, and Sezaki K (2005) CARAVAN: Providing location privacy for VANET, Proceedings of the Workshop on Embedded Security in Cars (ESCAR)4. Sampigethaya K, Li M, Huang L, Poovendran R (2007) AMOEBA: Robust Location Privacy Scheme for VANET, IEEE Journal on Selected Areas in Communications, vol.25, no.8, pp.1569-1589 .5. George Corser,Fu H, Pondicherry N, Alnahash N PARROTS(Position Altered Random Repetition of Transportation signature).

Thanks for your help and support throughout the semester

Dr.Huirong FuAnd

George Corser

ACKNOOWLEDGMENTS