vanets
DESCRIPTION
VANETs. CSE 681- Information Security Dr. Huriong Fu By Navya Pondicherry Nahed Alnahash. Agenda. System Model → What is VANETs? → Why VANETs? Threats Proposed Protocol → AOSA → SPCP → PARROTS Evaluation → Entropy - PowerPoint PPT PresentationTRANSCRIPT
VANETs
CSE 681- Information SecurityDr. Huriong Fu
ByNavya Pondicherry
Nahed Alnahash
Agenda System Model
→ What is VANETs?→ Why VANETs?
Threats
Proposed Protocol→ AOSA→ SPCP→ PARROTS
Evaluation→ Entropy→ Anonymity Set→ Tracking Probability
Conclusion
System Model VANETs are wireless networks where vehicles are both network hosts and routers
They are involved in traffic and safety management. By using V2I and V2Vcomuunicatiobs
A typical VANETs consists of
a. Road Side Unitsb. Administration and application serversc. Location based Serviced. Proxye. Vehiclesf. Group leader (depending on the model)g. Registration authority
Communication through road side units in VANETs can be used to track the location of the vehicles
System ModelSystem Model
This is an example showing the vehicles communicating with the traffic lights
As the VANETs uses the identifiers to communicate to the RSU through which it communicates to the LBS, this may affect the privacy of the vehicle.
As people with access to these identifiers may be :
1) Administrators of network infrastructure
2) Administrators of LBS
3) Big Brother (quoted by George)
4) Hackers
The anonymity of the message sender is also under risk
Threats
AOSA : Anonymous Online Service Access
SPCP : Synchronized Pseudonym Changing Protocol
PARROTS: Position Altered Random Repetition Of Transportation Signature
Proposed Models
In this protocol the concept of frequently changing anonymous keys is proposed to protect anonymity and location privacy.
It is based on the concept of forming groups among neighbors.
This model is based on two phases
First Phase : All the vehicles and service providers register with the RA
Here the vehicles dynamically form groups and short group signatures are used to handle all the group keys and signatures
All the group members listen to the group leaders notifications
Group members join the group based on the verification of the credentials of the group leader
AOSA
Second Phase: In this when a vehicle needs to access the service.
The steps followed in this procedure are :
Step 1 : Vi sends to GL the signed service request, m, represented by V−i(m)
and his digital certificate, C(Vi) encrypted by the service provider’s public key, S+ and by a previously established secret key, GLi
S. This is represented as GLi
S[S+(V−i(m), C(Vi))] = Gli
S[Mv].
Step 2: GL decrypts Mv and adds the GL’s location, LocGL, and GL's digital certificate C(GL), then signs the message with the GL’s private key, GL−, resulting in MGL = GL−(Mv), C(GL), LocGL. GL then forwards to the roadside unit, RSU.
i
AOSA
Step 3 : RSU relays message to Proxy.
Step 4 : Proxy verifies GL’s certificate and forwards request to App. Server, AS .
Step 5: AS (a) decrypts the message with its private key, (b) verifies the vehicle's identity and (c) verifies the vehicle's authority for
the service requested. If all is satisfactory, service provider sends a reply, R, which includes session key, ASi
S for communication between the vehicle and service provider. This results in a reply message encrypted with the vehicle’s public key, then with GL’s public key, or GL+(V+
gi (R)).
AOSA
Step 6 : Proxy verifies AS’s certificate and forwards reply to RSU.
Step 7: RSU forwards reply to GL.
Step 8: Finally, the GL forwards reply to vehicle using group secret key. The final reply may be represented as Gli
S[V+gi(R)].
AOSA
Vehiclei
1
8 2
7 6
3
5 4
5
4 5
4
RSU Proxy
Server
App. Server
App. Server
App. Server GL
Initialization Phase :In addition to pseudonyms public/private keys and public key certificates, Certification Authority (CA) generates and uploads each vehicle a set of parameters that is required.
Group management is divided between the CA and the temporary group leaders.
Group Formation Phase : If there is no group, then it forms its own group before it changes the current pseudonym.
Group joining phase : Group leader verifies the members CA certificate.
Member vehicles receive member secret key.
SPCP
Signature of any group member can be verified using group public key.
Group Operations Phase : Each member uses its temporary identification, group private key, group public key and public key certificate issued by CA.
Leader and member listen to each other continuously. If not heard it is understood that the member left.
Pseudonym Changing Phase : group leader decides the time to change the pseudonyms.
SPCP
Step 1: Vgi sends to GL the signed service request, m, represented by
V−i(m) and V+
gi (m), C(V
i) encrypted by the service provider’s public key,
S+ and by a previously established secret key, GLiS. This is represented
as GLiS[S+(V−
i(m), V+
gi (m), C(V
i))] = Gl
iS[Mv].
Step 2 :GL decrypts Mv and adds the GL’s location, LocGL
, C(GL), then signs the message with the GL’s private key, GL−,
resulting in MGL
= GL−(Mv), C(GL), LocGL
. GL then forwards to the roadside unit, RSU.
Step 3: RSU relays message to Proxy.
SPCP
Step 4 :Proxy verifies GL’s certificate and forwards request to App. Server, AS
Step 5: AS (a) decrypts the message with its private key, (b) verifies the vehicle's identity and (c) verifies the vehicle's authority for
the service requested. If all is satisfactory, service provider sends a reply, R, which includes session key, ASi
S for communication between the vehicle and service provider. This results in a replymessage encrypted with the vehicle’s public key, then with GL’s public key, or GL+(V+
gi (R)).
Step 6 : Proxy verifies AS’s certificate and forwards reply to RSU.
Step 7: RSU forwards reply to GL.
SPCP
Step 8: Finally, the GL forwards reply to vehicle using group secret key. The final reply may be represented as Gli
S[V+gi(R)].
SPCP
The parrots model alters the perceived posotion, hence the term “position altered” has been given.
Here the message is repeated hence, the term “random repetition” has been given .
The term “transportation signature is formualted as pseudo-identity is used to track the vehicle.
In this model term “parrotee” is given to a vehicle that is willing to obfuscate its location.
The term “parroter” is given to a vehicle that is willing to obfuscate another vehicle's location.
PARROTS
PARROTS
AOSA/SPCP
PARROTS
Anonymity Set Size : sum of all anonymity set values.
Tracking Probability :no of vehicles with anonymity set size = 1/ total no of vehicles.
Entropy : entropy + math.log(anonymity[vi],2)/total number of vehicles
EVALUATION
0 50 100 150 200 250 300 350 400 4500
0.1
0.2
0.3
0.4
0.5
0.6
0.7
0.8
0.9
1Tracking Probability
SPCPAOSAPARROTS
No of Vehicles
Trac
king
Pro
babi
lity
0 50 100 150 200 250 300 350 400 4500
0.5
1
1.5
2
2.5Entropy
SPCPAOSAPARROTS
No of Vehicles
Entr
opy
0 50 100 150 200 250 300 350 400 4500
500
1000
1500
2000
2500
3000Anonymity Set Size
SPCPAOSAPARROTS
No of Vehicles
Anon
ymity
Set
siz
e
In AOSA and SPCP the group leaders location is not secured, but using the PARROTS the group leaders location can also be secured.
AOSA is a good model and has its own advantages such as securing the other group members and also enhancing the unlink ability by using the group identifiers.
In any of the above models it is quite evident that higher density gives higher privacy
In PARROTS concept multiple parrotee's per parroter can be implemented.
In PARROTS the anonymity set i.e. how many are using the same location id is difficult to find.
Including user choice could be the future direction for PARROTS.
CONCLUSION AND FUTURE WORK
References
1. Weerasinghe H, Fu H, Leng S (2010) Anonymous service access for Vehicular Ad hoc Networks, 2010 Sixth International Conference on Information Assurance and Security (IAS), pp.173-178, 23-25 .2. Weerasinghe H, Fu H, Leng S, Zhu Y (2011) Enhancing unlink ability in Vehicular Ad Hoc Networks, 2011 IEEE International Conference on Intelligence and Security Informatics (ISI), pp.161-166 .3. Sampigethaya K, Huang L, Li M, Poovendran R, Matsuura K, and Sezaki K (2005) CARAVAN: Providing location privacy for VANET, Proceedings of the Workshop on Embedded Security in Cars (ESCAR)4. Sampigethaya K, Li M, Huang L, Poovendran R (2007) AMOEBA: Robust Location Privacy Scheme for VANET, IEEE Journal on Selected Areas in Communications, vol.25, no.8, pp.1569-1589 .5. George Corser,Fu H, Pondicherry N, Alnahash N PARROTS(Position Altered Random Repetition of Transportation signature).
Thanks for your help and support throughout the semester
Dr.Huirong FuAnd
George Corser
ACKNOOWLEDGMENTS