Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
SECMACE: Scalable and Robust Identity and Credential Management Infrastructure in Vehicular Communication Systems
KTH, School of Electrical Engineering (EES), Communication Networks. (Networked Systems Security)ORCID iD: 0000-0003-1778-1416
KTH, School of Electrical Engineering (EES), Communication Networks. (Networked Systems Security)ORCID iD: 0000-0003-1778-1416
KTH, School of Electrical Engineering (EES), Communication Networks.ORCID iD: 0000-0002-3267-5374
(English)Manuscript (preprint) (Other academic)
Abstract [en]

Several years of academic and industrial research efforts have converged to a common understanding on fundamental security building blocks for the upcoming Vehicular Communication (VC) systems. There is a growing consensus towards deploying a special-purpose identity and credential management infrastructure, i.e., a Vehicular Public-Key Infrastructure (VPKI), enabling pseudonymous authentication, with standardization efforts towards that direction. In spite of the progress made by standardization bodies (IEEE 1609.2 and ETSI) and harmonization efforts (Car2Car Communication Consortium (C2C-CC)), significant questions remain unanswered towards deploying a VPKI. The precise understanding of the VPKI, a central building block of secure and privacy-preserving VC systems, is still lacking. This paper contributes to the closing of this gap. We present SECMACE, a VPKI system, which is compatible with the IEEE 1609.2 and ETSI standards specifications. We provide a detailed description of our state-of-the-art VPKI that improves upon existing proposals in terms of security and privacy protection, and efficiency. SECMACE facilitates multi-domain operations in the VC systems and enhances user privacy, notably preventing linking pseudonyms based on timing information and offering increased protection even against honest-but-curious VPKI entities. We propose multiple policies for the vehicle-VPKI interactions based on which and two large mobility traces, we evaluate the full-blown implementation of SECMACE. With very little attention on the VPKI performance thus far, our results reveal that modest computing resources can support a large area of vehicles with very low delays and the most promising policy in terms of privacy protection can be supported with moderate overhead.

Keyword [en]
Vehicular Communications, Security, Privacy, Identity and Credential Management, Vehicular PKI
National Category
Communication Systems
Research subject
Information and Communication Technology
Identifiers
URN: urn:nbn:se:kth:diva-193027OAI: oai:DiVA.org:kth-193027DiVA: diva2:974407
Note

QC 20160928

Available from: 2016-09-26 Created: 2016-09-26 Last updated: 2017-08-02Bibliographically approved
In thesis
1. Secure and Privacy Preserving Vehicular Communication Systems: Identity and Credential Management Infrastructure
Open this publication in new window or tab >>Secure and Privacy Preserving Vehicular Communication Systems: Identity and Credential Management Infrastructure
2016 (English)Licentiate thesis, comprehensive summary (Other academic)
Abstract [en]

Vehicular Communication (VC) systems can greatly enhance road safety and transportation efficiency. Vehicles are equipped with sensors to sense their surroundings and the internal Controller Area Network (CAN) bus. Hence, vehicles are becoming part of a large-scale network, the so-called Internet of Vehicles (IoV). Deploying such a large-scale VC system cannot materialize unless the VC systems are secure and do not expose their users’ privacy. Vehicles could be compromised or their sensors become faulty, thus disseminating erroneous information across the network. Therefore, participating vehicles should be accountable for their actions. Moreover, user privacy is at stake: vehicles should disseminate spatio-temporal information frequently. Due to openness of the wireless communication, an observer can eavesdrop the communication to infer users’ sensitive information, thus profiling users. The objective is to secure the communication, i.e., prevent malicious or compromised entities from affecting the system operation, and ensure user privacy, i.e., keep users anonymous to any external observer but also for security infrastructure entities and service providers.In this thesis, we focus on the identity and credential management infrastructure for VC systems, taking security, privacy, and efficiency into account. We begin with a detailed investigation and critical survey of the standardization and harmonization efforts. We point out the remaining challenges to be addressed in order to build a Vehicular Public-Key Infrastructure (VPKI). We provide a VPKI design that improves upon existing proposals in terms of security and privacy protection and efficiency. More precisely, our scheme facilitates multi-domain operations in VC systems and enhances user privacy, notably preventing linking of pseudonyms based on timing information and offering increased protection in the presence of honest-but-curious VPKI entities. We further extensively evaluate the performance of the full-blown implementation of our VPKI for a large-scale VC deployment. Our results confirm the efficiency, scalability and robustness of our VPKI.

Place, publisher, year, edition, pages
Stockholm: KTH Royal Institute of Technology, 2016. 40 p.
Series
TRITA-EE, ISSN 1653-5146 ; 2016:159
Keyword
Vehicular Communications, Security, Privacy, Access Control, Identity and Credential Management, Vehicular PKI
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
Research subject
Electrical Engineering
Identifiers
urn:nbn:se:kth:diva-193030 (URN)978-91-7729-134-3 (ISBN)
Presentation
2016-11-01, Q2, Osquldas Väg 10, Stockholm, 15:30 (English)
Opponent
Supervisors
Note

QC 20160927

Available from: 2016-09-27 Created: 2016-09-26 Last updated: 2016-10-28Bibliographically approved

Open Access in DiVA

fulltext(4535 kB)16 downloads
File information
File name FULLTEXT02.pdfFile size 4535 kBChecksum SHA-512
75d7d2c9940e6ee2b254895c6d463de6e61a62e1b8773869266867a68b25df031f6165a1a3795ee6ef39ca089d254351f23d406ef77ed44131844c794dc34b97
Type fulltextMimetype application/pdf

Authority records BETA

Khodaei, MohammadJin, HongyuPapadimitratos, Panos

Search in DiVA

By author/editor
Khodaei, MohammadJin, HongyuPapadimitratos, Panos
By organisation
Communication Networks
Communication Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 18 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 460 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf