Effective Security as an ill-defined Problem in

Vehicular Ad hoc Networks (VANETs)

Presented by Patrice Seuwou

Centre for Information Systems and Management

Department of Informatics,

London South Bank University,

London SE1 0AA

{Seuwoup, dilip, prothed, ubakang}@lsbu.ac.uk

June 22, 2012

Presentation outline

DECADE OF ACTION FOR ROAD SAFETY 2011-2020

Overview of VANET

Security Analysis

Paradoxes and contradictions

Effective Security for VANETs

A modern vehicle

Forward radar

Computing platform

Event data recorder (EDR)

Positioning system

Rear radar

Communication facility

Display

(GPS)

Human-Machine Interface

Figure 1. A modern vehicle is a network of sensors/actuators on wheels

What is a VANET?

Figure 2. A graphical depiction of a Vehicular Ad hoc NETwork (VANET). The unloading vehicle

blocks a route and the surrounding vehicles can adopt alternative routes to avoid disruption. (Image

Extracted from CAR 2 CAR Communication Consortium at www.car-to-car.org/).

What is a VANET (Vehicular Ad hoc NETwork)?

Roadside

base station

Inter-vehicle

communications

Vehicle-to-roadside

communications

Emergency

event

Figure 3. Communication

Figure 4. Ad hoc communication

Scenario 1

Figure 5. Ad hoc communication

Scenario 2

A Gap in VANETs Security

• Plethora of publication in VANETs Security

• None of the published solution guaranty

utmost security (Dok et al, 2010).

• “Securing a vehicular network is an ill-defined

problem, and most systems available for the

VANET do not combine efficiency, security and

traceability…”(Choi et al, 2011)

The Plan

Road safety management

Safer roads and mobility

Safer vehicles Safer road

users Post –crash response

Pillars of the Plan

Attackers Raya et Hubaux (2007) characterise an attacker by

(Membership.Motivation.method.Scope).

• Insider or outsider – Insider – valid user

– Outsider – Intruder, limited attack options

• Malicious or rational – Malicious – No personal benefit, intends to harm other users

– Rational – seeks personal benefits, more predictable attack

• Active or passive – Active: Generates packets, participates in the network

– Passive: Eavesdrop, track users

• Local or Extended – Local: Control several entities (vehicles and base stations) in a confined area.

– Extended: Control several entities scattered across the network.

Groups of attacks

Threats

Threats to Availability

Threats to Confidentiality

Threats to Authentication

• Malware

• Spamming

• Denial of Service (DoS) Attack

• Distributed DoS Attacks

• Black Hole Attacks

• Broadcast Tampering

The most prominent attack in VANETs

in terms of confidentiality is:

Eavesdropping

(Cruz-Cunha et al, 2010).

• Replay Attack

• Position Faking

• Certificate Replication

• Message Tampering / Manipulation

• Global Positioning System (GPS) Spoofing

• Tunneling

Broad categories of Attacks in

VANETs

Figure 6. Broad categories of Attacks in VANETs

Broad categories of Security in

VANETs

VANET Security

Figure 7. Broad categories of Security in VANETs

Certificate Authority

≈ 100 bytes ≈ 140 bytes

Safety

message

Cryptographic

material

{Position, speed,

acceleration, direction,

time, safety events}

{Signer’s digital signature,

Signer’s public key PK,

CA’s certificate of PK}

Authenticated

message

Data verification

Secure positioning

Tamper-

proof device

Event data

recorder

Secure multihop routing

Services (e.g., toll

payment or

infotainment)

Figure 8. Security Architecture

Examples security Mechanisms in

VANETs

• TESLA (Timed Efficient Stream Los-Tolerant Authentication) • Symmetric Cryptography

• Non – repudiation is impossible

• Fails to support efficient multi-hop communication

• TESLA++ (Modified version of TESLA) • Provide broadcast authentication using symmetric cryptography and delayed key disclosure.

(Like TESLA).

• Because it also uses symmetric, does not provide non-repudiation or efficient multi-hop

authentication.

• Fails to provide all of the properties necessary for a VANET authentication framework.

• Lacks non-repudiation and multi-hop authentication.

• VAST (VANET Authentication using Signatures and TESLA++)

(Studer et al, 2008)

Paradoxes and contradictions

• Authentication is stronger using Digital signature

• Symmetric ciphers are typically much faster than

asymmetric ciphers.

• Asymmetric ciphers are also used for digital

signatures.

• Using symmetric cryptography makes Non-

repudiation impossible

• Speeds can vary significantly by algorithm

Security Requirements

Confidentiality

Integrity

Authentication

Access Control

Availability

Privacy

Trust

Real-time

Guarantee

Verification of data

consistency

Multi-hop

communication

Law enforcement

Governmental

Transportation

Authorities

Police

Security

Traceability Efficiency

Figure 9. Security Requirement in VANETs

Security

Traceability Efficiency

Broad categories of Attacks Security Requirement

Contribution

Figure 10. Proposed Model for an Effective security system in VANETs.

Broad categories of Security

Figure 11. Proposed Model for an Effective security system in VANETs.

Intersection Point

Contribution

Conclusion

• We identify and analyse current security limitations in VANETs.

• An effort is made to show that effective security should combine (Efficiency, Security and

Traceability).

• Therefore the most suitable way to achieve this goal is by identifying the intersection point connecting these values while considering both physical and Logical aspects.

References Car2Car Communication Comsortium (2012) Mission and Objectives. Available at: http//www.car-to-car.org.

Choi, H.,K., Kim, I., H. And Yoo, J., C.(2011) Secure and Efficient Protocol for Vehicular Ad Hoc Network with Privacy Preservation,

EURASIP Journal on Wireless Communications and Networking, Hindawi Publishing Corporation, Vol. 2011, Article ID 716794, pp. 1-

15

Hubaux, J.-P., Capkun, S. and Luo, J. (2004) ‘The Security and Privacy of Smart Vehicles’. IEEE Security and Privacy magazine,

2(3), 49-55.

Studer, A., Bai, F., Bellur, B. and Perrig, A. (2008) Flexible, extensible, and efficient VANET authentication, 6 th Conference on

Embedded Security in Cars (Escar) Hamburg, Germany, pp. 22.

Sumra, I., A., Ahmad, I., Hasbullah, bin Ab Manan, J.-L. (2011) ‘Behavior of Attacker and Some New Possible Attacks in Vehicular Ad

hoc Network (VANET)’, Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT), 3rd International

Congress.

Dok, H., Fu, H., Echevarria, R. And Weerasinghe, H. (2010) Privacy Issues of Vehicular Ad-Hoc Networks, International Journal of

Futur Generation Communication and Networking, Vol. 3, No.1, pp. 17-31.

Questions?

Patrice Seuwou MBCS

Business Faculty

Department of Informatics

seuwoup@lsbu.ac.uk