Vehicle authentication via monolithically certified public key and attributes

AbstractVehicular networks are used to coordinate actions among vehicles in traffic by the use of wireless transceivers (pairs of transmitters and receivers). Unfortunately, the wireless communication among vehicles is vulnerable to security threats that may lead to very serious safety hazards. In this work, we propose a viable solution for coping with Man-in-the-Middle attacks. Conventionally, Public Key Infrastructure is utilized for a secure communication with the pre-certified public key. However, a secure vehicle-to-vehicle communication requires additional means of verification in order to avoid impersonation attacks. To the best of our knowledge, this is the first work that proposes to certify both the public key and out-of-band sense-able static attributes to enable mutual authentication of the communicating vehicles. Vehicle owners are bound to preprocess (periodically) a certificate for both a public key and a list of fixed unchangeable attributes of the vehicle. Furthermore, the proposed approach is shown to be adaptable with regards to the existing authentication protocols. We illustrate the security verification of the proposed protocol using a detailed proof in Spi calculus.

[1]  Hervé Guyennet,et al.  Wireless Sensor Network Attacks and Security Mechanisms: A Short Survey , 2010, 2010 13th International Conference on Network-Based Information Systems.

[2]  Michael Segal,et al.  Dynamic attribute based vehicle authentication , 2014, 2014 IEEE 13th International Symposium on Network Computing and Applications.

[3]  Otfried Georg Global System for Mobile Communications (GSM) , 2000 .

[4]  Yueh-Min Huang,et al.  A novel secure communication scheme in vehicular ad hoc networks , 2008, Comput. Commun..

[5]  Srdjan Capkun,et al.  Integrity Codes: Message Integrity Protection and Authentication over Insecure Channels , 2006, IEEE Transactions on Dependable and Secure Computing.

[6]  Athanasios V. Vasilakos,et al.  Reliable Multicast with Pipelined Network Coding Using Opportunistic Feeding and Routing , 2014, IEEE Transactions on Parallel and Distributed Systems.

[7]  Athanasios V. Vasilakos,et al.  DTRAB: Combating Against Attacks on Encrypted Protocols Through Traffic-Feature Analysis , 2010, IEEE/ACM Transactions on Networking.

[8]  Roger Frost,et al.  International Organization for Standardization (ISO) , 2004 .

[9]  Masatoshi Ishikawa,et al.  A networked high-speed vision system for vehicle tracking , 2014, 2014 IEEE Sensors Applications Symposium (SAS).

[10]  Athanasios V. Vasilakos,et al.  A security and trust framework for virtualized networks and software-defined networking , 2016, Secur. Commun. Networks.

[11]  Athanasios V. Vasilakos,et al.  Backpressure-based routing protocol for DTNs , 2010, SIGCOMM '10.

[12]  M. Dave,et al.  Stability Based Routing Scheme for Vehicular Networks , 2012, 2012 Fourth International Conference on Computational Intelligence and Communication Networks.

[13]  Je Hong Park,et al.  Authenticated Key Exchange Secure under the Computational Diffie-Hellman Assumption , 2008, IACR Cryptol. ePrint Arch..

[14]  Kristin E. Lauter,et al.  Stronger Security of Authenticated Key Exchange , 2006, ProvSec.

[15]  Christian Bonnet,et al.  Mobility models for vehicular ad hoc networks: a survey and taxonomy , 2009, IEEE Communications Surveys & Tutorials.

[16]  Hugo Krawczyk,et al.  SIGMA: The 'SIGn-and-MAc' Approach to Authenticated Diffie-Hellman and Its Use in the IKE-Protocols , 2003, CRYPTO.

[17]  Xiaolei Dong,et al.  Security and privacy for storage and computation in cloud computing , 2014, Inf. Sci..

[18]  René Mayrhofer,et al.  Shake Well Before Use: Authentication Based on Accelerometer Data , 2007, Pervasive.

[19]  Michael Segal,et al.  Certificating Vehicle Public Key with Vehicle Attributes A (periodical) Licensing Routine, Against Man-in-the-Middle Attacks and Beyond , 2013, ASCoMS@SAFECOMP.

[20]  Adi Shamir,et al.  How to expose an eavesdropper , 1984, CACM.

[21]  Athanasios V. Vasilakos,et al.  SecCloud: Bridging Secure Storage and Computation in Cloud , 2010, 2010 IEEE 30th International Conference on Distributed Computing Systems Workshops.

[22]  Athanasios V. Vasilakos,et al.  Security of the Internet of Things: perspectives and challenges , 2014, Wireless Networks.

[23]  Bernt Schiele,et al.  Smart-Its Friends: A Technique for Users to Easily Establish Connections between Smart Artefacts , 2001, UbiComp.

[24]  Athanasios V. Vasilakos,et al.  Routing for disruption tolerant networks: taxonomy and design , 2010, Wirel. Networks.

[25]  Dong Hoon Lee,et al.  One-Round Protocols for Two-Party Authenticated Key Exchange , 2004, ACNS.

[26]  Dawn Song,et al.  The TESLA Broadcast Authentication Protocol , 2002 .

[27]  Elyse Rosenbaum,et al.  Full-Component Modeling and Simulation of Charged Device Model ESD , 2016, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[28]  V. ANNAPOORANI,et al.  SPATIAL REUSABILITY-AWARE ROUTING IN MULTI-HOP WIRELESS NETWORKS , 2016 .

[29]  David S. Hurwitz,et al.  Guidelines for the Use of Mobile LIDAR in Transportation Applications , 2013 .

[30]  N. Asokan,et al.  Secure device pairing based on a visual channel , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[31]  Panagiotis Papadimitratos,et al.  Secure vehicular communication systems: design and architecture , 2008, IEEE Communications Magazine.

[32]  Weijia Jia,et al.  A Man-in-the-Middle Attack on 3G-WLAN Interworking , 2010, 2010 International Conference on Communications and Mobile Computing.

[33]  Hassan M. Elkamchouchi,et al.  An efficient protocol for authenticated key agreement , 2011, 2011 28th National Radio Science Conference (NRSC).

[34]  Athanasios V. Vasilakos,et al.  ReTrust: Attack-Resistant and Lightweight Trust Management for Medical Sensor Networks , 2012, IEEE Transactions on Information Technology in Biomedicine.

[35]  Athanasios V. Vasilakos,et al.  Toward Incentivizing Anti-Spoofing Deployment , 2014, IEEE Transactions on Information Forensics and Security.

[36]  Long Nguyen,et al.  ISO/IEC 9798−6. Information technology – Security techniques – Entity authentication – Part 6: Mechanisms using manual data transfer , 2010 .

[37]  Hugo Krawczyk,et al.  Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels , 2001, EUROCRYPT.

[38]  Shusen Yang,et al.  A survey on the ietf protocol suite for the internet of things: standards, challenges, and opportunities , 2013, IEEE Wireless Communications.

[39]  Adrian Perrig,et al.  Flexible, extensible, and efficient VANET authentication , 2009, Journal of Communications and Networks.

[40]  Daqiang Zhang,et al.  VCMIA: A Novel Architecture for Integrating Vehicular Cyber-Physical Systems and Mobile Cloud Computing , 2014, Mobile Networks and Applications.

[41]  Athanasios V. Vasilakos,et al.  Distributed Media Services in P2P-Based Vehicular Networks , 2011, IEEE Transactions on Vehicular Technology.

[42]  Athanasios V. Vasilakos,et al.  Passive IP Traceback: Disclosing the Locations of IP Spoofers From Path Backscatter , 2015, IEEE Transactions on Information Forensics and Security.

[43]  Athanasios V. Vasilakos,et al.  Delay Tolerant Networks: Protocols and Applications , 2011 .

[44]  Athanasios V. Vasilakos,et al.  Provably secure three-party authenticated key agreement protocol using smart cards , 2014, Comput. Networks.

[45]  Miroslaw Kutylowski,et al.  Mutual Chip Authentication , 2013, 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications.

[46]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[47]  Oliver W. W. Yang,et al.  Vehicular telematics over heterogeneous wireless networks: A survey , 2010, Comput. Commun..

[48]  Stig Fr. Mjølsnes,et al.  A Vulnerability in the UMTS and LTE Authentication and Key Agreement Protocols , 2012, MMM-ACNS.

[49]  Antonella Molinaro,et al.  Multichannel communications in vehicular Ad Hoc networks: a survey , 2013, IEEE Communications Magazine.

[50]  Kristin E. Lauter,et al.  Security Analysis of KEA Authenticated Key Exchange Protocol , 2006, IACR Cryptol. ePrint Arch..

[51]  Michel Barbeau,et al.  Detecting Impersonation Attacks in Future Wireless and Mobile Networks , 2005, MADNES.

[52]  Srdjan Capkun,et al.  Key Agreement in Peer-to-Peer Wireless Networks , 2006, Proceedings of the IEEE.

[53]  Athanasios V. Vasilakos,et al.  Routing Metrics of Cognitive Radio Networks: A Survey , 2014, IEEE Communications Surveys & Tutorials.

[54]  Athanasios V. Vasilakos,et al.  A survey on trust management for Internet of Things , 2014, J. Netw. Comput. Appl..

[55]  Athanasios V. Vasilakos,et al.  Directional routing and scheduling for green vehicular delay tolerant networks , 2012, Wireless Networks.

[56]  Xiaolei Dong,et al.  4S: A secure and privacy-preserving key management scheme for cloud-assisted wireless body area network in m-healthcare social networks , 2015, Inf. Sci..

[57]  Nitesh Saxena,et al.  Efficient Device Pairing Using "Human-Comparable" Synchronized Audiovisual Patterns , 2008, ACNS.

[58]  Athanasios V. Vasilakos,et al.  Flooding-limited and multi-constrained QoS multicast routing based on the genetic algorithm for MANETs , 2011, Math. Comput. Model..

[59]  René Mayrhofer,et al.  Spontaneous mobile device authentication based on sensor data , 2008, Inf. Secur. Tech. Rep..

[60]  Azzedine Boukerche,et al.  Preventing a DoS threat in vehicular ad-hoc networks using adaptive group beaconing , 2012, Q2SWinet '12.

[61]  Matti Valovirta,et al.  Experimental Security Analysis of a Modern Automobile , 2011 .

[62]  Marco Gruteser,et al.  Detecting Identity Spoofs in IEEE 802.11e Wireless Networks , 2009, GLOBECOM 2009 - 2009 IEEE Global Telecommunications Conference.

[63]  Karen A. Scarfone,et al.  SP 800-48 Rev. 1. Guide to Securing Legacy IEEE 802.11 Wireless Networks , 2008 .

[64]  Jianhua Ma,et al.  P2P soft security: On evolutionary dynamics of P2P incentive mechanism , 2011, Comput. Commun..

[65]  Martín Abadi,et al.  A calculus for cryptographic protocols: the spi calculus , 1997, CCS '97.

[66]  Colin Boyd,et al.  On Forward Secrecy in One-Round Key Exchange , 2011, IMACC.

[67]  Athanasios V. Vasilakos,et al.  SeDaSC: Secure Data Sharing in Clouds , 2017, IEEE Systems Journal.

[68]  Xin-Wen Wu,et al.  A novel dynamic user authentication scheme , 2012, 2012 International Symposium on Communications and Information Technologies (ISCIT).

[69]  N. Govinda Rao,et al.  GLOBAL SYSTEM FOR MOBILE COMMUNICATION (GSM) , 2014 .

[70]  Desmond Loh Chin Choong,et al.  Identifying unique devices through wireless fingerprinting , 2008, WiSec '08.

[71]  Maxim Raya,et al.  The security of VANETs , 2005, VANET '05.

[72]  Michael Sirivianos,et al.  Loud and Clear: Human-Verifiable Authentication Based on Audio , 2006, 26th IEEE International Conference on Distributed Computing Systems (ICDCS'06).

[73]  Athanasios V. Vasilakos,et al.  A Survey of Security Challenges in Cognitive Radio Networks: Solutions and Future Research Directions , 2012, Proceedings of the IEEE.

[74]  V. Vinoth Kumar,et al.  Security and Privacy for Storage and Computation in Cloud Computing , 2015 .

[75]  Guillermo Acosta-Marum,et al.  Wave: A tutorial , 2009, IEEE Communications Magazine.

[76]  Yang Xiao,et al.  Security services and enhancements in the IEEE 802.15.4 wireless sensor networks , 2005, GLOBECOM '05. IEEE Global Telecommunications Conference, 2005..

[77]  Alagan Anpalagan,et al.  Routing in Opportunistic Networks , 2013 .

[78]  Adrian Perrig,et al.  TESLA Broadcast Authentication , 2003 .

[79]  Haitao Li,et al.  Research on Man-in-the-Middle Denial of Service Attack in SIP VoIP , 2009, 2009 International Conference on Networks Security, Wireless Communications and Trusted Computing.

[80]  Athanasios V. Vasilakos,et al.  Security in cloud computing: Opportunities and challenges , 2015, Inf. Sci..

[81]  Preeti Nagrath,et al.  Wormhole attacks in wireless adhoc networks and their counter measurements: A survey , 2011, 2011 3rd International Conference on Electronics Computer Technology.

[82]  Diana K. Smetters,et al.  Talking to Strangers: Authentication in Ad-Hoc Wireless Networks , 2002, NDSS.

[83]  Athanasios V. Vasilakos,et al.  CodePipe: An opportunistic feeding and routing protocol for reliable multicast with pipelined network coding , 2012, 2012 Proceedings IEEE INFOCOM.

[84]  Xiaolei Dong,et al.  Securing m-healthcare social networks: challenges, countermeasures and future directions , 2013, IEEE Wireless Communications.

[85]  Hugo Krawczyk,et al.  HMQV: A High-Performance Secure Diffie-Hellman Protocol , 2005, CRYPTO.

[86]  Jiafu Wan,et al.  A survey on position-based routing for vehicular ad hoc networks , 2015, Telecommunication Systems.

[87]  Mario Gerla,et al.  Vehicular networks and the future of the mobile internet , 2011, Comput. Networks.

[88]  Michael K. Reiter,et al.  Seeing-Is-Believing: using camera phones for human-verifiable authentication , 2009, Int. J. Secur. Networks.

[89]  Hong Liu,et al.  Modeling and characterization of GPS spoofing , 2013, 2013 IEEE International Conference on Technologies for Homeland Security (HST).

[90]  Halim Yanikomeroglu,et al.  Device-to-device communication in 5G cellular networks: challenges, solutions, and future directions , 2014, IEEE Communications Magazine.

[91]  Rose Qingyang Hu,et al.  An energy efficient and spectrum efficient wireless heterogeneous network framework for 5G systems , 2014, IEEE Communications Magazine.

[92]  Miroslaw Kutylowski,et al.  Mutual Restricted Identification , 2013, EuroPKI.

[93]  Karim Djouani,et al.  SPIN-Based Verification of Authentication Protocols in WiMAX Networks , 2012, 2012 IEEE Vehicular Technology Conference (VTC Fall).

[94]  Zhiyi Fang,et al.  Securing Vehicular Ad Hoc Networks , 2007, 2007 2nd International Conference on Pervasive Computing and Applications.

[95]  Frank Stajano,et al.  The Resurrecting Duckling: security issues for ubiquitous computing , 2002, S&P 2002.

[96]  Hugo Krawczyk,et al.  Okamoto-Tanaka Revisited: Fully Authenticated Diffie-Hellman with Minimal Overhead , 2010, ACNS.

[97]  Dennis Kügler,et al.  "Man in the Middle" Attacks on Bluetooth , 2003, Financial Cryptography.