The central building block of secure and privacy-preserving Vehicular Communication (VC) systems is a Vehicular Public Key Infrastructure (VPKI), which provides vehicles with multiple anonymized credentials, termed pseudonyms. These pseudonyms are used to ensure VC message authenticity and integrity while preserving vehicle (thus passenger) privacy. In the light of emerging large-scale multi-domain VC environments, the efficiency of the VPKI and, more broadly, its scalability are paramount. By the same token, preventing misuse of the credentials, in particular, Sybil-based misbehavior, and managing "honest-but-curious" VPKI entities are other facets of a challenging problem. In this paper, we leverage the state-of-the-art VPKI system and enhance its functionality towards a highly-available, dynamically-scalable, and resilient design; this ensures that the system remains operational in the presence of benign failures or resource depletion attacks, and that it dynamically scales out, or possibly scales in, according to request arrival rates. Our full-blown implementation on the Google Cloud Platform shows that deploying large-scale and efficient VPKI can be cost-effective: the processing latency to issue 100 pseudonyms is approximately 56 ms. More so, our experiments show that our VPKI system dynamically scales out or scales in according to the rate of pseudonyms requests. We formally assess the achieved security and privacy properties for the credential acquisition process. Overall, our scheme is a comprehensive solution that complements standards and can catalyze the deployment of secure and privacy-protecting VC systems.

Cooperative Adaptive Cruise Control (CACC), a promising Vehicular Ad-hoc Network (VANET) application, automates transportation and improves efficiency. Vehicles form a platoon, following a leader, with their controllers automatically adjusting velocity, based on messages by other vehicles, to keep appropriate distances for safety. Towards deploying secure CACC, several proposals in academia and standardization leave significant questions unanswered. Thwarting adversaries is hard: cryptographic protection ensures access control (authentication and authorization) but falsified kinematic information by faulty insiders (platoon members with credentials, even the platoon leader) can cause platoon instability or vehicle crashes. Filtering out such adversarial data is challenging (computational cost and high false positive rates) but, most important, state-of-the-art misbehavior detection algorithms completely fail during platoon maneuvering. In this paper, we systematically investigate how and to what extent controllers for existing platooning applications are vulnerable, mounting a gamut of attacks, ranging from falsification attacks to jamming and collusion;  including two novel attacks during maneuvering. We show how the existing middle-join and leave processes are vulnerable to falsification or 'privilege escalation' attacks. We mitigate such vulnerabilities and enable vehicles joining and exiting from any position (middle-join and middle-exit). We propose a misbehavior detection system that achieves an F₁ score of ≈87 on identifying attacks throughout the lifetime of the platoon formation, including maneuvers. Our cyberphysical simulation framework can be extended to assess any other driving automation functionality in the presence of attackers.

Vehicular communications disclose rich information about the vehicles and their whereabouts. Pseudonymous authentication secures communication while enhancing user privacy. To enhance location privacy, cryptographic mix zones were proposed to facilitate vehicles covertly transition to new ephemeral credentials. The resilience to (syntactic and semantic) pseudonym linking (attacks) highly depends on the geometry of the mix zones, mobility patterns, vehicle density, and arrival rates. We introduce a tracking algorithm for linking pseudonyms before and after a cryptographically protected mix zone. Our experimental results show that an eavesdropper, leveraging standardized vehicular communication messages and road layout, could successfully link ≈73% of pseudonyms during nonrush hours and ≈62% of pseudonyms during rush hours after vehicles change their pseudonyms in a mix zone. To mitigate such inference attacks, we present a novel cooperative mix zone scheme that enhances user privacy regardless of the vehicle mobility patterns, vehicle density, and arrival rate to the mix zone. A subset of vehicles, termed relaying vehicles, is selected to be responsible for emulating nonexisting vehicles. Such vehicles cooperatively disseminate decoy traffic without affecting safety-critical operations: with 50% of vehicles as relaying vehicles, the probability of linking pseudonyms (for the entire interval) drops from ≈68% to ≈18%. On average, this imposes 28 ms extra computation overhead, per second, on the roadside unit (RSU) and 4.67 ms extra computation overhead, per second, on the (relaying) vehicle side; it also introduces 1.46 kB/s extra communication overhead by (relaying) vehicles and 45 kB/s by RSUs for the dissemination of decoy traffic. Thus, user privacy is enhanced at the cost of low computation and communication overheads.

In spite of progress in securing Vehicular Communication (VC) systems, there is no consensus on how to distribute Certificate Revocation Lists (CRLs). The main challenges lie exactly in (i) crafting an efficient and timely distribution of CRLs for numerous anonymous credentials, pseudonyms, (ii) maintaining strong privacy for vehicles prior to revocation events, even with honest-but-curious system entities, (iii) and catering to computation and communication constraints of on-board units with intermittent connectivity to the infrastructure. Relying on peers to distribute the CRLs is a double-edged sword: abusive peers could "pollute" the process, thus degrading the timely CRLs distribution. In this paper, we propose a vehicle-centric solution that addresses all these challenges and thus closes a gap in the literature. Our scheme radically reduces CRL distribution overhead: each vehicle receives CRLs corresponding only to its region of operation and its actual trip duration. Moreover, a "fingerprint" of CRL 'pieces' is attached to a subset of (verifiable) pseudonyms for fast CRL 'piece' validation (while mitigating resource depletion attacks abusing the CRL distribution). Our experimental evaluation shows that our scheme is efficient, scalable, dependable, and practical: with no more than 25 KB/s of traffic load, the latest CRL can be delivered to 95% of the vehicles in a region (15 x 15 KM) within 15s, i.e., more than 40 times faster than the state-of-the-art. Overall, our scheme is a comprehensive solution that complements standards and can catalyze the deployment of secure and privacy-protecting VC systems.

Novel vehicular applications, such as remote driving, platooning, and autonomous driving systems are increasing the complexity of networked vehicular systems. These Vehicle-toVehicle (V2V) and Vehicle-to-Infrastructure (V2I) (V2X) use-cases require strong security (and privacy) guarantees, authentication, integrity, and non-repudiation. Standardization bodies and harmonization efforts provide complex data structures for basic safety messages, mandated to be digitally signed and validated. Due to the complex data structures, the multiplicity of use-cases, the rapid deployment, as well as the need for interoperability among Original Equipment Manufacturers (OEMs), developing the code needed to provide security becomes a more challenging, error prone, and time consuming task; even more so as the scale of Vehicular Communication (VC) systems grow. In order to tackle this challenge, we propose SecProtobuf, a novel security framework to automate the signature generation and validation procedures for any VC safety and non-safety data structures. Our framework facilitates the serialisation and deserialisation processes for arbitrarily complex data types, thus, mitigating potential security defect risks and catalyzing the deployment. In order to ensure the correct usage of the framework by developers, SecProtobuf is provided with a static code analysis (linter).

The central building block of secure and privacy-preserving Vehicular Communication (VC) systems is a Vehicular Public-Key Infrastructure (VPKI), which provides vehicles with multiple anonymized credentials, termed pseudonyms. These pseudonyms are used to ensure message authenticity and integrity while preserving vehicle (thus passenger) privacy. In the light of emerging large-scale multi-domain VC environments, the efficiency of the VPKI and, more broadly, its scalability are paramount. By the same token, preventing misuse of the credentials, in particular, Sybil-based misbehavior, and managing “honest-but-curious” insiders are other facets of a challenging problem. In this paper, we leverage the state-of-the-art VPKI system and enhance its functionality towards a highly-available, dynamically-scalable, and resilient design; this ensures that the system remains operational in the presence of benign failures or resource depletion attacks, and that it dynamically scales out, or possibly scales in, according to request arrival rates. Our full-blown implementation on the Google Cloud Platform shows that deploying large-scale and efficient VPKI can be cost-effective.

In spite of progress in securing Vehicular Communication (VC) systems, there is no consensus on how to distribute Certificate Revocation Lists (CRLs). The main challenges lie exactly in (i) crafting an efficient and timely distribution of CRLs for numerous anonymous credentials, pseudonyms, (ii) maintaining strong privacy for vehicles prior to revocation events, even with honest-but-curious system entities, (iii) and catering to computation and communication constraints of on-board units with intermittent connectivity to the infrastructure. Relying on peers to distribute the CRLs is a double-edged sword: abusive peers could "pollute" the process, thus degrading the timely CRLs distribution. In this paper, we propose a vehicle-centric solution that addresses all these challenges and thus closes a gap in the literature. Our scheme radically reduces CRL distribution overhead: each vehicle receives CRLs corresponding only to its region of operation and its actual trip duration. Moreover, a "fingerprint" of CRL 'pieces' is attached to a subset of (verifiable) pseudonyms for fast CRL 'piece' validation (while mitigating resource depletion attacks abusing the CRL distribution). Our experimental evaluation shows that our scheme is efficient, scalable, dependable, and practical: with no more than 25 KB/s of traffic load, the latest CRL can be delivered to 95% of the vehicles in a region (50x50 KM) within 15s, i.e., more than 40 times faster than the state-of-the-art. Overall, our scheme is a comprehensive solution that complements standards and can catalyze the deployment of secure and privacy-protecting VC systems.

In spite of progress in securing Vehicular Communication (VC) systems, there is no consensus on how to distribute Certificate Revocation Lists (CRLs). The main challenges lie exactly in (i) crafting an efficient and timely distribution of CRLs for numerous anonymous credentials, pseudonyms, (ii) maintaining strong privacy for vehicles prior to revocation events, even with honest-but-curious system entities, (iii) and catering to computation and communication constraints of on-board units with intermittent connectivity to the infrastructure. Relying on peers to distribute the CRLs is a double-edged sword: abusive peers could ‘‘pollute’’ the process, thus degrading the timely CRLs distribution. In this paper, we propose a vehicle-centric solution that addresses all these challenges and thus closes a gap in the literature. Our scheme radically reduces CRL distribution overhead: each vehicle receives CRLs corresponding only to its region of operation and its actual trip duration. Moreover, a ‘‘fingerprint’’ of CRL ‘pieces’ is attached to a subset of (verifiable) pseudonyms for fast CRL ‘piece’ validation (while mitigating resource depletion attacks abusing the CRL distribution). Our experimental evaluation shows that our scheme is efficient, scalable, dependable, and practical: with no more than 25 KB/s of traffic load, the latest CRL can be delivered to 95% of the vehicles in a region (50×50 KM) within 15s, i.e., more than 40 times faster than the state-of-the-art. Overall, our scheme is a comprehensive solution that complements standards and can catalyze the deployment of secure and privacy-protecting VC systems.