Change search
Refine search result
1 - 17 of 17
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 1.
    Alexiou, Nikolaos
    et al.
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Laganá, Marcello
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Gisdakis, Stylianos
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Khodaei, Mohammad
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Papadimitratos, Panagiotis
    KTH, School of Electrical Engineering (EES), Communication Networks.
    VeSPA: Vehicular security and privacy-preserving architecture2013In: HotWiSec 2013: Proceedings of the 2013 ACM Workshop on Hot Topics on Wireless Network Security and Privacy, 2013, p. 19-23Conference paper (Refereed)
    Abstract [en]

    Vehicular Communications (VC) are reaching a near deploment phase and will play an important role in improving road safety, driving efficiency and comfort. The industry and the academia have reached a consensus for the need of a Public Key Infrastructure (PKI), in order to achieve security, identity management, vehicle authentication, as well as preserve vehicle privacy. Moreover, a gamut of proprietary and safety applications, such as location-based services and pay-as-you-drive systems, are going to be offered to the vehicles. The emerging applications are posing new challenges for the existing Vehicular Public Key Infrastructure (VPKI) architectures to support Authentication, Authorization and Accountability (AAA), without exposing vehicle privacy. In this work we present an implementation of a VPKI that is compatible with the VC standards. We propose the use of tickets as cryptographic tokens to provide AAA and also preserve vehicle privacy against adversaries and the VPKI. Finally, we present the efficiency results of our implementation to prove its applicability.

  • 2.
    Jin, Hongyu
    et al.
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Khodaei, Mohammad
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Papadimitratos, Panos
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Security and Privacy in Vehicular Social Networks2016In: Vehicular Social Networks, Taylor & Francis Group, 2016Chapter in book (Other academic)
  • 3.
    Khodaei, Mohammad
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Secure and Privacy Preserving Vehicular Communication Systems: Identity and Credential Management Infrastructure2016Licentiate thesis, comprehensive summary (Other academic)
    Abstract [en]

    Vehicular Communication (VC) systems can greatly enhance road safety and transportation efficiency. Vehicles are equipped with sensors to sense their surroundings and the internal Controller Area Network (CAN) bus. Hence, vehicles are becoming part of a large-scale network, the so-called Internet of Vehicles (IoV). Deploying such a large-scale VC system cannot materialize unless the VC systems are secure and do not expose their users’ privacy. Vehicles could be compromised or their sensors become faulty, thus disseminating erroneous information across the network. Therefore, participating vehicles should be accountable for their actions. Moreover, user privacy is at stake: vehicles should disseminate spatio-temporal information frequently. Due to openness of the wireless communication, an observer can eavesdrop the communication to infer users’ sensitive information, thus profiling users. The objective is to secure the communication, i.e., prevent malicious or compromised entities from affecting the system operation, and ensure user privacy, i.e., keep users anonymous to any external observer but also for security infrastructure entities and service providers.In this thesis, we focus on the identity and credential management infrastructure for VC systems, taking security, privacy, and efficiency into account. We begin with a detailed investigation and critical survey of the standardization and harmonization efforts. We point out the remaining challenges to be addressed in order to build a Vehicular Public-Key Infrastructure (VPKI). We provide a VPKI design that improves upon existing proposals in terms of security and privacy protection and efficiency. More precisely, our scheme facilitates multi-domain operations in VC systems and enhances user privacy, notably preventing linking of pseudonyms based on timing information and offering increased protection in the presence of honest-but-curious VPKI entities. We further extensively evaluate the performance of the full-blown implementation of our VPKI for a large-scale VC deployment. Our results confirm the efficiency, scalability and robustness of our VPKI.

  • 4.
    Khodaei, Mohammad
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Jin, Hongyu
    KTH, School of Electrical Engineering and Computer Science (EECS), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Papadimitratos, Panagiotis
    KTH, School of Electrical Engineering and Computer Science (EECS), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    SECMACE: Scalable and Robust Identity and Credential Management Infrastructure in Vehicular Communication Systems2018In: IEEE transactions on intelligent transportation systems (Print), ISSN 1524-9050, E-ISSN 1558-0016, Vol. 19, no 5, p. 1430-1444Article in journal (Refereed)
    Abstract [en]

    Several years of academic and industrial research efforts have converged to a common understanding on fundamental security building blocks for the upcoming vehicular communication (VC) systems. There is a growing consensus toward deploying a special-purpose identity and credential management infrastructure, i.e., a vehicular public-key infrastructure (VPKI), enabling pseudonymous authentication, with standardization efforts toward that direction. In spite of the progress made by standardization bodies (IEEE 1609.2 and ETSI) and harmonization efforts [Car2Car Communication Consortium (C2C-CC)], significant questions remain unanswered toward deploying a VPKI. Deep understanding of the VPKI, a central building block of secure and privacy-preserving VC systems, is still lacking. This paper contributes to the closing of this gap. We present SECMACE, a VPKI system, which is compatible with the IEEE 1609.2 and ETSI standards specifications. We provide a detailed description of our state-of-the-art VPKI that improves upon existing proposals in terms of security and privacy protection, and efficiency. SECMACE facilitates multi-domain operations in the VC systems and enhances user privacy, notably preventing linking pseudonyms based on timing information and offering increased protection even against honest-but-curious VPKI entities. We propose multiple policies for the vehicle-VPKI interactions and two large-scale mobility trace data sets, based on which we evaluate the full-blown implementation of SECMACE. With very little attention on the VPKI performance thus far, our results reveal that modest computing resources can support a large area of vehicles with very few delays and the most promising policy in terms of privacy protection can be supported with moderate overhead.

  • 5.
    Khodaei, Mohammad
    et al.
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Jin, Hongyu
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Papadimitratos, Panos
    KTH, School of Electrical Engineering (EES), Communication Networks.
    SECMACE: Scalable and Robust Identity and Credential Management Infrastructure in Vehicular Communication SystemsManuscript (preprint) (Other academic)
    Abstract [en]

    Several years of academic and industrial research efforts have converged to a common understanding on fundamental security building blocks for the upcoming Vehicular Communication (VC) systems. There is a growing consensus towards deploying a special-purpose identity and credential management infrastructure, i.e., a Vehicular Public-Key Infrastructure (VPKI), enabling pseudonymous authentication, with standardization efforts towards that direction. In spite of the progress made by standardization bodies (IEEE 1609.2 and ETSI) and harmonization efforts (Car2Car Communication Consortium (C2C-CC)), significant questions remain unanswered towards deploying a VPKI. The precise understanding of the VPKI, a central building block of secure and privacy-preserving VC systems, is still lacking. This paper contributes to the closing of this gap. We present SECMACE, a VPKI system, which is compatible with the IEEE 1609.2 and ETSI standards specifications. We provide a detailed description of our state-of-the-art VPKI that improves upon existing proposals in terms of security and privacy protection, and efficiency. SECMACE facilitates multi-domain operations in the VC systems and enhances user privacy, notably preventing linking pseudonyms based on timing information and offering increased protection even against honest-but-curious VPKI entities. We propose multiple policies for the vehicle-VPKI interactions based on which and two large mobility traces, we evaluate the full-blown implementation of SECMACE. With very little attention on the VPKI performance thus far, our results reveal that modest computing resources can support a large area of vehicles with very low delays and the most promising policy in terms of privacy protection can be supported with moderate overhead.

  • 6.
    Khodaei, Mohammad
    et al.
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Jin, Hongyu
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Papadimitratos, Panos
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Towards deploying a scalable & robust vehicular identity and credential management infrastructure2014In: Vehicular Networking Conference (VNC), 2014 IEEE, IEEE conference proceedings, 2014, Vol. -, no -, p. 33-40Conference paper (Refereed)
    Abstract [en]

    - Several years of academic and industrial research efforts have converged to a common understanding on fundamental security building blocks for the upcoming Vehicular Communication (VC) systems. There is a growing consensus towards deploying a Vehicular Public-Key Infrastructure (VPKI) enables pseudonymous authentication, with standardization efforts in that direction. However, there are still significant technical issues that remain unresolved. Existing proposals for instantiating the VPKI either need additional detailed specifications or enhanced security and privacy features. Equally important, there is limited experimental work that establishes the VPKI efficiency and scalability. In this paper, we are concerned with exactly these issues. We leverage the common VPKI approach and contribute an enhanced system with precisely defined, novel features that improve its resilience and the user privacy protection. In particular, we depart from the common assumption that the VPKI entities are fully trusted and we improve user privacy in the face of an honest-but-curious security infrastructure. Moreover, we fully implement our VPKI, in a standard-compliant manner, and we perform an extensive evaluation. Along with stronger protection and richer functionality, our system achieves very significant performance improvement over prior systems - contributing the most advanced VPKI towards deployment.

  • 7.
    Khodaei, Mohammad
    et al.
    KTH, School of Electrical Engineering (EES), Network and Systems engineering.
    Messing, Andreas
    KTH, School of Computer Science and Communication (CSC).
    Papadimitratos, Panagiotis
    KTH, School of Electrical Engineering (EES), Network and Systems engineering.
    RHyTHM: A Randomized Hybrid Scheme To Hide in the Mobile Crowd2017In: IEEE Vehicular Networking Conference (VNC) 2017, IEEE, 2017, p. 155-158Conference paper (Refereed)
    Abstract [en]

    Any on-demand pseudonym acquisition strategy is problematic should the connectivity to the credential management infrastructure be intermittent. If a vehicle runs out of pseudonyms with no connectivity to refill its pseudonym pool, one solution is the on-the-fly generation of pseudonyms, e.g., leveraging anonymous authentication. However, such a vehicle would stand out in the crowd: one can simply distinguish pseudonyms, thus signed messages, based on the pseudonym issuer signature, link them and track the vehicle. To address this challenge, we propose a randomized hybrid scheme, RHyTHM, to enable vehicles to remain operational when disconnected without compromising privacy: vehicles with valid pseudonyms help others to enhance their privacy by randomly joining them in using on-the-fly self-certified pseudonyms along with aligned lifetimes. This way, the privacy of disconnected users is enhanced with a reasonable computational overhead. 

  • 8.
    Khodaei, Mohammad
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Network and Systems engineering.
    Noroozi, Hamid
    KTH, School of Electrical Engineering and Computer Science (EECS), Network and Systems engineering.
    Papadimitratos, Panagiotis
    KTH, School of Electrical Engineering and Computer Science (EECS), Network and Systems engineering.
    Privacy Preservation through Uniformity2018In: Proceedings of the ACM Conference on Security and Privacy in Wireless & Mobile Networks (WiSec), Stockholm, Sweden, June 2018., ACM Digital Library, 2018Conference paper (Refereed)
    Abstract [en]

    Inter-vehicle communications disclose rich information about vehicle whereabouts. Pseudonymous authentication secures communication while enhancing user privacy thanks to a set of anonymized certificates, termed pseudonyms. Vehicles switch the pseudonyms (and the corresponding private key) frequently; we term this pseudonym transition process. However, exactly because vehicles can in principle change their pseudonyms asynchronously, an adversary that eavesdrops (pseudonymously) signed messages, could link pseudonyms based on the times of pseudonym transition processes. In this poster, we show how one can link pseudonyms of a given vehicle by simply looking at the timing information of pseudonym transition processes. We also propose "mix-zone everywhere": time-aligned pseudonyms are issued for all vehicles to facilitate synchronous pseudonym update; as a result, all vehicles update their pseudonyms simultaneously, thus achieving higher user privacy protection.

  • 9.
    Khodaei, Mohammad
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Communication Systems, CoS.
    Noroozi, Hamid
    KTH, School of Electrical Engineering and Computer Science (EECS), Communication Systems, CoS.
    Papadimitratos, Panagiotis
    KTH, School of Electrical Engineering and Computer Science (EECS), Communication Systems, CoS.
    Scaling Pseudonymous Authentication for Large Mobile Systems2019In: WiSec 2019 - Proceedings of the 2019 Conference on Security and Privacy in Wireless and Mobile Networks, Miami, FL, USA, 2019, p. 174-185Conference paper (Refereed)
    Abstract [en]

    The central building block of secure and privacy-preserving Vehicular Communication (VC) systems is a Vehicular Public-Key Infrastructure (VPKI), which provides vehicles with multiple anonymized credentials, termed pseudonyms. These pseudonyms are used to ensure message authenticity and integrity while preserving vehicle (thus passenger) privacy. In the light of emerging large-scale multi-domain VC environments, the efficiency of the VPKI and, more broadly, its scalability are paramount. By the same token, preventing misuse of the credentials, in particular, Sybil-based misbehavior, and managing “honest-but-curious” insiders are other facets of a challenging problem. In this paper, we leverage the state-of-the-art VPKI system and enhance its functionality towards a highly-available, dynamically-scalable, and resilient design; this ensures that the system remains operational in the presence of benign failures or resource depletion attacks, and that it dynamically scales out, or possibly scales in, according to request arrival rates. Our full-blown implementation on the Google Cloud Platform shows that deploying large-scale and efficient VPKI can be cost-effective.

  • 10.
    Khodaei, Mohammad
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Network and Systems engineering.
    Papadimitratos, Panagiotis
    KTH, School of Electrical Engineering and Computer Science (EECS), Network and Systems engineering.
    A Cooperative Location Privacy Protection Scheme for Vehicular Ad-hoc Networks2019Report (Other academic)
  • 11.
    Khodaei, Mohammad
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Network and Systems engineering.
    Papadimitratos, Panagiotis
    KTH, School of Electrical Engineering and Computer Science (EECS), Network and Systems engineering.
    Efficient, Scalable, and Resilient Vehicle-Centric Certificate Revocation List Distribution in VANETs2018In: Proceedings of the ACM Conference on Security and Privacy in Wireless & Mobile Networks (WiSec), Stockholm, Sweden, June 2018., 2018Conference paper (Refereed)
    Abstract [en]

    In spite of progress in securing Vehicular Communication (VC) systems, there is no consensus on how to distribute Certificate Revocation Lists (CRLs). The main challenges lie exactly in (i) crafting an efficient and timely distribution of CRLs for numerous anonymous credentials, pseudonyms, (ii) maintaining strong privacy for vehicles prior to revocation events, even with honest-but-curious system entities, (iii) and catering to computation and communication constraints of on-board units with intermittent connectivity to the infrastructure. Relying on peers to distribute the CRLs is a double-edged sword: abusive peers could ‘‘pollute’’ the process, thus degrading the timely CRLs distribution. In this paper, we propose a vehicle-centric solution that addresses all these challenges and thus closes a gap in the literature. Our scheme radically reduces CRL distribution overhead: each vehicle receives CRLs corresponding only to its region of operation and its actual trip duration. Moreover, a ‘‘fingerprint’’ of CRL ‘pieces’ is attached to a subset of (verifiable) pseudonyms for fast CRL ‘piece’ validation (while mitigating resource depletion attacks abusing the CRL distribution). Our experimental evaluation shows that our scheme is efficient, scalable, dependable, and practical: with no more than 25 KB/s of traffic load, the latest CRL can be delivered to 95% of the vehicles in a region (50×50 KM) within 15s, i.e., more than 40 times faster than the state-of-the-art. Overall, our scheme is a comprehensive solution that complements standards and can catalyze the deployment of secure and privacy-protecting VC systems.

  • 12.
    Khodaei, Mohammad
    et al.
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Papadimitratos, Panos
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Evaluating On-demand Pseudonym Acquisition Policies in Vehicular Communication Systems2016Conference paper (Refereed)
    Abstract [en]

    Standardization and harmonization efforts have reached a consensus towards using a special-purpose Vehicular Public-Key Infrastructure (VPKI) in upcoming Vehicular Communication (VC) systems. However, there are still several technical challenges with no conclusive answers; one such an important yet open challenge is the acquisition of shortterm credentials, pseudonym: how should each vehicle interact with the VPKI, e.g., how frequently and for how long? Should each vehicle itself determine the pseudonym lifetime? Answering these questions is far from trivial. Each choice can affect both the user privacy and the system performance and possibly, as a result, its security. In this paper, we make a novel systematic effort to address this multifaceted question. We craft three generally applicable policies and experimentally evaluate the VPKI system performance, leveraging two large-scale mobility datasets. We consider the most promising, in terms of efficiency, pseudonym acquisition policies; we find that within this class of policies, the most promising policy in terms of privacy protection can be supported with moderate overhead. Moreover, in all cases, this work is the first to provide tangible evidence that the state-of-the-art VPKI can serve sizable areas or domain with modest computing resources.

  • 13.
    Khodaei, Mohammad
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Network and Systems engineering.
    Papadimitratos, Panos
    KTH, School of Electrical Engineering and Computer Science (EECS), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Poster: Mix-Zones Everywhere: A Dynamic Cooperative Location Privacy Protection Scheme2018In: 2018 IEEE Vehicular Networking Conference, (VNC) / [ed] Altintas, O Tsai, HM Lin, K Boban, M Wang, CY Sahin, T, IEEE, 2018, article id 8628340Conference paper (Refereed)
    Abstract [en]

    Inter-vehicle communications disclose rich information about vehicle whereabouts. Pseudonymous authentication secures communication while enhancing user privacy. To enhance location privacy, cryptographic mix-zones are proposed where vehicles can covertly update their credentials. But, the resilience of such schemes against linking attacks highly depends on the geometry of the mix-zones, mobility patterns, vehicle density, and arrival rates. In this poster, we propose "mix-zones everywhere",a cooperative location privacy protection scheme to mitigate linking attacks during pseudonym transition. Time-aligned pseudonyms are issued for all vehicles to facilitate synchronous pseudonym updates. Our scheme thwarts Sybil-based misbehavior, strongly maintains user privacy in the presence of honest-but-curious system entities, and is resilient against misbehaving insiders.

  • 14.
    Khodaei, Mohammad
    et al.
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Papadimitratos, Panos
    KTH, School of Electrical Engineering (EES), Communication Networks.
    The Key to Intelligent Transportation: Identity and Credential Management in Vehicular Communication Systems2015In: IEEE Vehicular Technology Magazine, ISSN 1556-6072, E-ISSN 1556-6080, Vol. 10, no 4, p. 63-69, article id 1556-6072Article in journal (Refereed)
    Abstract [en]

    Vehicular Communication (VC) systems will greatly enhance intelligent transportation systems. But their security and the protection of their users’ privacy are a prerequisite for deployment. Efforts in industry and academia brought forth a multitude of diverse proposals. These have now converged to a common view, notably on the design of a security infrastructure, a Vehicular Public Key Infrastructure (VPKI) that shall enable secure conditionally anonymous VC. Standardization efforts and industry readiness to adopt this approach hint to its maturity. However, there are several open questions remaining, and it is paramount to have conclusive answers before deployment. In this article, we distill and critically survey the state of the art for identity and credential management in VC systems, and we sketch a roadmap for addressing a set of critical remaining security and privacy challenges.

  • 15.
    Noroozi, Hamid
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Network and Systems engineering.
    Khodaei, Mohammad
    KTH, School of Electrical Engineering and Computer Science (EECS), Network and Systems engineering.
    Papadimitratos, Panagiotis
    KTH, School of Electrical Engineering and Computer Science (EECS), Network and Systems engineering.
    VPKIaaS: A highly-available and dynamically-scalable vehicular public-key infrastructure2018In: WiSec 2018 - Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks, Association for Computing Machinery, Inc , 2018, p. 302-304Conference paper (Refereed)
    Abstract [en]

    The central building block of secure and privacy-preserving Vehicular Communication (VC) systems is a Vehicular Public-Key Infrastructure (VPKI), which provides vehicles with multiple anonymized credentials, termed pseudonyms. These pseudonyms are used to ensure message authenticity and integrity while preserving vehicle (and thus passenger) privacy. In the light of emerging large-scale multi-domain VC environments, the efficiency of the VPKI and, more broadly, its scalability are paramount. In this extended abstract, we leverage the state-of-the-art VPKI system and enhance its functionality towards a highly-available and dynamically-scalable design; this ensures that the system remains operational in the presence of benign failures or any resource depletion attack, and that it dynamically scales out, or possibly scales in, according to the requests' arrival rate. Our full-blown implementation on the Google Cloud Platform shows that deploying a VPKI for a large-scale scenario can be cost-effective, while efficiently issuing pseudonyms for the requesters.

  • 16.
    Noroozi, Hamid
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Khodaei, Mohammad
    KTH, School of Electrical Engineering and Computer Science (EECS), Network and Systems Engineering.
    Papadimitratos, Panos
    KTH, School of Electrical Engineering and Computer Science (EECS), Communication Systems, CoS.
    VPKIaaS: Towards Scaling Pseudonymous Authentication for Large Mobile Systems2019Report (Other academic)
  • 17.
    Vaas, Christian
    et al.
    Univ Oxford, Syst Secur Lab, Oxford, England..
    Khodaei, Mohammad
    KTH, School of Electrical Engineering and Computer Science (EECS), Network and Systems engineering.
    Papadimitratos, Panos
    KTH, School of Electrical Engineering and Computer Science (EECS), Network and Systems engineering.
    Martinovic, Ivan
    Univ Oxford, Syst Secur Lab, Oxford, England..
    Nowhere to hide?: Mix-Zones for Private Pseudonym Change using Chaff Vehicles2018In: 2018 IEEE Vehicular Networking Conference (VNC) / [ed] Altintas, O Tsai, HM Lin, K Boban, M Wang, CY Sahin, T, Institute of Electrical and Electronics Engineers (IEEE), 2018Conference paper (Refereed)
    Abstract [en]

    In vehicular communication systems, cooperative awareness messages provide contextual information required for transportation safety and efficiency applications. However, without the appropriate design, these messages introduce a new attack vector to compromise passenger privacy. The use of ephemeral credentials - pseudonyms - was therefore proposed, essentially to split a journey into unlinkable segments. To protect segment transitions, encrypted mix-zones provide regions where vehicles can covertly change their pseudonyms. While previous work focused on the placement, shape, and protocols for mix-zones, attacks that correlate vehicles entering and existing these zones still remain a problem. Furthermore, existing schemes have only considered homogeneous traffic, disregarding variations in vehicle density due to differences in driver population, road layout, and time of day. Without realistic experimental results, any conclusion on real-world applicability is precarious. In this paper, we address this challenge and present a novel scheme that works independent of vehicles' mobility patterns. More precisely, our system generates fictive chaff vehicles when needed and broadcasts their traces, while it remains unobtrusive if sufficiently many vehicles are present. This greatly improves privacy protection in situations with inherently low traffic density, e.g., suburban areas, and during low traffic periods. Our scheme ensure that an external attacker cannot distinguish between real and chaff vehicles, while legitimate vehicles can recognize chaff messages; this is important, because chaff vehicles (and messages) must not affect the operation of safety applications. In our evaluation, we compare our chaff-based approach with an existing cryptographic mix-zone scheme. Our results under realistic traffic conditions show that by introducing fictive vehicles, traffic flow variations can be smoothed and privacy protection can be enhanced up to 76%.

1 - 17 of 17
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf