Design and analysis of a lightweight certificate revocation mechanism for VANET

In this paper, we propose a lightweight mechanism for revoking security certificates appropriate for the limited bandwidth and hardware cost constraints of a VANET. A Certificate Authority (CA) issues certificates to trusted nodes, i.e., vehicles. If the CA looses trust in a node (e.g., due to evidence of malfunction or malicious behavior), the CA must promptly revoke the certificates of the distrusted node. To distribute revocation information quickly even during incremental deployment, we propose CAs use Certificate Revocation Lists (CRLs). The CRL should be composed in a secure manner, and it should be exchanged in a way such that the CRL is both quickly and widely distributed. Laberteaux et al. proposed a mechanism for the quick distribution of CRL updates that also covers a wide area by using car-to-car (C2C) communication. However, this revocation process, which involves both the CA and VANET nodes, must conform to the aforementioned bandwidth and hardware restrictions. In this paper, we present mechanisms that achieve the goals of reduced CRL size, a computationally efficient mechanism for determining if a certificate is on the CRL, and a lightweight mechanism for exchanging CRL updates. Additionally, we present a formal proof of the security of our mechanism for reducing the size of CRLs.

[1]  Ted R. Miller,et al.  THE ECONOMIC IMPACT OF MOTOR VEHICLE CRASHES, 2000 , 2002 .

[2]  Yih-Chun Hu,et al.  Security certificate revocation list distribution for vanet , 2008, VANET '08.

[3]  Adrian Perrig,et al.  Challenges in Securing Vehicular Networks , 2005 .

[4]  Marco Gruteser,et al.  Location Privacy in Wireless Networks , 2011, Encyclopedia of Cryptography and Security.

[5]  Michael K. Reiter,et al.  Two-party generation of DSA signatures , 2001, International Journal of Information Security.

[6]  염흥렬,et al.  [서평]「Applied Cryptography」 , 1997 .

[7]  C. Eckert,et al.  Secure Revocable Anonymous Authenticated Inter-Vehicle Communication ( SRAAC ) , 2006 .

[8]  Maxim Raya,et al.  The security of vehicular ad hoc networks , 2005, SASN '05.

[9]  Arthur A. Carter The Status of Vehicle-to-Vehicle Communications as a Means of Improving Crash Prevention Performance , 2005 .

[10]  Hugo Krawczyk,et al.  Robust Threshold DSS Signatures , 1996, Inf. Comput..

[11]  Burton H. Bloom,et al.  Space/time trade-offs in hash coding with allowable errors , 1970, CACM.

[12]  Markus Jakobsson,et al.  Distributed "Magic Ink" Signatures , 1997, EUROCRYPT.

[13]  Jessica Staddon,et al.  Detecting and correcting malicious data in VANETs , 2004, VANET '04.

[14]  Raja Sengupta,et al.  Vehicle-to-vehicle safety messaging in DSRC , 2004, VANET '04.

[15]  Li Fan,et al.  Summary cache: a scalable wide-area web cache sharing protocol , 2000, TNET.

[16]  Panagiotis Papadimitratos,et al.  Eviction of Misbehaving and Faulty Nodes in Vehicular Networks , 2007, IEEE Journal on Selected Areas in Communications.

[17]  Eylem Ekici,et al.  Urban multi-hop broadcast protocol for inter-vehicle communication systems , 2004, VANET '04.

[18]  Panagiotis Papadimitratos,et al.  Scalable & Resilient Vehicle-Centric Certificate Revocation List Distribution in Vehicular Communication Systems , 2020, IEEE Transactions on Mobile Computing.

[19]  J. Goldberg Economic impact of motor vehicle crashes. , 2002, Annals of Emergency Medicine.

[20]  David A. Cooper A more efficient use of delta-CRLs , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.