Certificating Vehicle Public Key with Vehicle Attributes A (periodical) Licensing Routine, Against Man-in-the-Middle Attacks and Beyond

Vehicular networks are used to coordinate actions among vehicles in traffic by the use of wireless transceivers. Unfortunately, the wireless communication among vehicles is vulnerable to security threats that may lead to very serious safety hazards. In this work we propose a viable solution for coping with Man-in-the-Middle attacks. To the best of our knowledge, this is the first work that propose to certify both the public key and out-of-band sense-able attributes to enable mutual authentication of the communicating vehicles. Vehicle owners are bound to preprocess (periodically) a certificate for both a public key and a list of fixed unchangeable attributes of the vehicle.

[1]  Weijia Jia,et al.  A Man-in-the-Middle Attack on 3G-WLAN Interworking , 2010, 2010 International Conference on Communications and Mobile Computing.

[2]  Hervé Guyennet,et al.  Wireless Sensor Network Attacks and Security Mechanisms: A Short Survey , 2010, 2010 13th International Conference on Network-Based Information Systems.

[3]  Hugo Krawczyk,et al.  HMQV: A High-Performance Secure Diffie-Hellman Protocol , 2005, CRYPTO.

[4]  Mario Gerla,et al.  Vehicular networks and the future of the mobile internet , 2011, Comput. Networks.

[5]  Miroslaw Kutylowski,et al.  Mutual Chip Authentication , 2013, 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications.

[6]  Miroslaw Kutylowski,et al.  Mutual Restricted Identification , 2013, EuroPKI.

[7]  Colin Boyd,et al.  On Forward Secrecy in One-Round Key Exchange , 2011, IMACC.

[8]  Karim Djouani,et al.  SPIN-Based Verification of Authentication Protocols in WiMAX Networks , 2012, 2012 IEEE Vehicular Technology Conference (VTC Fall).

[9]  Zhiyi Fang,et al.  Securing Vehicular Ad Hoc Networks , 2007, 2007 2nd International Conference on Pervasive Computing and Applications.

[10]  Nitesh Saxena,et al.  Efficient Device Pairing Using "Human-Comparable" Synchronized Audiovisual Patterns , 2008, ACNS.

[11]  Christian Bonnet,et al.  Mobility models for vehicular ad hoc networks: a survey and taxonomy , 2009, IEEE Communications Surveys & Tutorials.

[12]  Adrian Perrig,et al.  Flexible, extensible, and efficient VANET authentication , 2009, Journal of Communications and Networks.

[13]  Oliver W. W. Yang,et al.  Vehicular telematics over heterogeneous wireless networks: A survey , 2010, Comput. Commun..

[14]  Stig Fr. Mjølsnes,et al.  A Vulnerability in the UMTS and LTE Authentication and Key Agreement Protocols , 2012, MMM-ACNS.

[15]  Antonella Molinaro,et al.  Multichannel communications in vehicular Ad Hoc networks: a survey , 2013, IEEE Communications Magazine.

[16]  René Mayrhofer,et al.  Spontaneous mobile device authentication based on sensor data , 2008, Inf. Secur. Tech. Rep..

[17]  Karen A. Scarfone,et al.  Guide to Securing Legacy IEEE 802.11 Wireless Networks , 2008 .

[18]  Xin-Wen Wu,et al.  A novel dynamic user authentication scheme , 2012, 2012 International Symposium on Communications and Information Technologies (ISCIT).

[19]  Kristin E. Lauter,et al.  Stronger Security of Authenticated Key Exchange , 2006, ProvSec.

[20]  Hugo Krawczyk,et al.  SIGMA: The 'SIGn-and-MAc' Approach to Authenticated Diffie-Hellman and Its Use in the IKE-Protocols , 2003, CRYPTO.

[21]  Bernt Schiele,et al.  Smart-Its Friends: A Technique for Users to Easily Establish Connections between Smart Artefacts , 2001, UbiComp.

[22]  Dong Hoon Lee,et al.  One-Round Protocols for Two-Party Authenticated Key Exchange , 2004, ACNS.

[23]  Desmond Loh Chin Choong,et al.  Identifying unique devices through wireless fingerprinting , 2008, WiSec '08.

[24]  Maxim Raya,et al.  The security of VANETs , 2005, VANET '05.

[25]  Michael Sirivianos,et al.  Loud and Clear: Human-Verifiable Authentication Based on Audio , 2006, 26th IEEE International Conference on Distributed Computing Systems (ICDCS'06).

[26]  N. Asokan,et al.  Secure device pairing based on a visual channel , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[27]  Panagiotis Papadimitratos,et al.  Secure vehicular communication systems: design and architecture , 2008, IEEE Communications Magazine.

[28]  Yueh-Min Huang,et al.  A novel secure communication scheme in vehicular ad hoc networks , 2008, Comput. Commun..

[29]  Srdjan Capkun,et al.  Integrity Codes: Message Integrity Protection and Authentication over Insecure Channels , 2006, IEEE Transactions on Dependable and Secure Computing.

[30]  Rolf Oppliger Certification Authorities Under Attack: A Plea for Certificate Legitimation , 2014, IEEE Internet Computing.

[31]  Adi Shamir,et al.  How to expose an eavesdropper , 1984, CACM.

[32]  Je Hong Park,et al.  Authenticated Key Exchange Secure under the Computational Diffie-Hellman Assumption , 2008, IACR Cryptol. ePrint Arch..

[33]  Kristin E. Lauter,et al.  Security Analysis of KEA Authenticated Key Exchange Protocol , 2006, IACR Cryptol. ePrint Arch..

[34]  Michel Barbeau,et al.  Detecting Impersonation Attacks in Future Wireless and Mobile Networks , 2005, MADNES.

[35]  Srdjan Capkun,et al.  Key Agreement in Peer-to-Peer Wireless Networks , 2006, Proceedings of the IEEE.

[36]  Dawn Song,et al.  The TESLA Broadcast Authentication Protocol , 2002 .

[37]  Azzedine Boukerche,et al.  Preventing a DoS threat in vehicular ad-hoc networks using adaptive group beaconing , 2012, Q2SWinet '12.

[38]  Matti Valovirta,et al.  Experimental Security Analysis of a Modern Automobile , 2011 .

[39]  Marco Gruteser,et al.  Detecting Identity Spoofs in IEEE 802.11e Wireless Networks , 2009, GLOBECOM 2009 - 2009 IEEE Global Telecommunications Conference.

[40]  Karen A. Scarfone,et al.  SP 800-48 Rev. 1. Guide to Securing Legacy IEEE 802.11 Wireless Networks , 2008 .

[41]  René Mayrhofer,et al.  Shake Well Before Use: Authentication Based on Accelerometer Data , 2007, Pervasive.

[42]  Preeti Nagrath,et al.  Wormhole attacks in wireless adhoc networks and their counter measurements: A survey , 2011, 2011 3rd International Conference on Electronics Computer Technology.

[43]  Diana K. Smetters,et al.  Talking to Strangers: Authentication in Ad-Hoc Wireless Networks , 2002, NDSS.

[44]  Frank Stajano,et al.  The Resurrecting Duckling: security issues for ubiquitous computing , 2002, S&P 2002.

[45]  Michael K. Reiter,et al.  Seeing-is-believing: using camera phones for human-verifiable authentication , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[46]  Hugo Krawczyk,et al.  Okamoto-Tanaka Revisited: Fully Authenticated Diffie-Hellman with Minimal Overhead , 2010, ACNS.

[47]  Dennis Kügler,et al.  "Man in the Middle" Attacks on Bluetooth , 2003, Financial Cryptography.

[48]  Yang Xiao,et al.  Security services and enhancements in the IEEE 802.15.4 wireless sensor networks , 2005, GLOBECOM '05. IEEE Global Telecommunications Conference, 2005..

[49]  Adrian Perrig,et al.  TESLA Broadcast Authentication , 2003 .

[50]  Haitao Li,et al.  Research on Man-in-the-Middle Denial of Service Attack in SIP VoIP , 2009, 2009 International Conference on Networks Security, Wireless Communications and Trusted Computing.

[51]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[52]  Hassan M. Elkamchouchi,et al.  An efficient protocol for authenticated key agreement , 2011, 2011 28th National Radio Science Conference (NRSC).