kth.sePublikationer KTH
EnglishSvenskaNorsk
Ändra sökning
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Towards deploying a scalable & robust vehicular identity and credential management infrastructure
KTH, Skolan för elektro- och systemteknik (EES), Kommunikationsnät. (Networked Systems Security)ORCID-id: 0000-0003-1778-1416
KTH, Skolan för elektro- och systemteknik (EES), Kommunikationsnät. (Networked Systems Security)ORCID-id: 0000-0003-2022-3976
KTH, Skolan för elektro- och systemteknik (EES), Kommunikationsnät.ORCID-id: 0000-0002-3267-5374
2014 (Engelska)Ingår i: 2014 IEEE Vehicular Networking Conference (VNC), IEEE conference proceedings, 2014, Vol. 2015-January, nr -, s. 33-40, artikel-id 7013306Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

- Several years of academic and industrial research efforts have converged to a common understanding on fundamental security building blocks for the upcoming Vehicular Communication (VC) systems. There is a growing consensus towards deploying a Vehicular Public-Key Infrastructure (VPKI) enables pseudonymous authentication, with standardization efforts in that direction. However, there are still significant technical issues that remain unresolved. Existing proposals for instantiating the VPKI either need additional detailed specifications or enhanced security and privacy features. Equally important, there is limited experimental work that establishes the VPKI efficiency and scalability. In this paper, we are concerned with exactly these issues. We leverage the common VPKI approach and contribute an enhanced system with precisely defined, novel features that improve its resilience and the user privacy protection. In particular, we depart from the common assumption that the VPKI entities are fully trusted and we improve user privacy in the face of an honest-but-curious security infrastructure. Moreover, we fully implement our VPKI, in a standard-compliant manner, and we perform an extensive evaluation. Along with stronger protection and richer functionality, our system achieves very significant performance improvement over prior systems - contributing the most advanced VPKI towards deployment.
Ort, förlag, år, upplaga, sidor
IEEE conference proceedings, 2014. Vol. 2015-January, nr -, s. 33-40, artikel-id 7013306
Serie
IEEE Vehicular Networking Conference, VNC, ISSN 2157-9857 ; 2015-January
Nationell ämneskategori
Kommunikationssystem
Identifikatorer
URN: urn:nbn:se:kth:diva-161908DOI: 10.1109/VNC.2014.7013306ISI: 000786760400005Scopus ID: 2-s2.0-84936889570OAI: oai:DiVA.org:kth-161908DiVA, id: diva2:796358
Konferens
IEEE Vehicular Networking Conference (VNC),3-5 Dec. 2014 , Paderborn, Germany
Anmärkning

QC 20220922

Part of proceedings: ISBN 978-147997660-7

Tillgänglig från: 2015-03-18 Skapad: 2015-03-18 Senast uppdaterad: 2024-03-18Bibliografiskt granskad
Ingår i avhandling
1. Secure and Privacy Preserving Vehicular Communication Systems: Identity and Credential Management Infrastructure
Öppna denna publikation i ny flik eller fönster >>Secure and Privacy Preserving Vehicular Communication Systems: Identity and Credential Management Infrastructure
2016 (Engelska)Licentiatavhandling, sammanläggning (Övrigt vetenskapligt)
Abstract [en]

Vehicular Communication (VC) systems can greatly enhance road safety and transportation efficiency. Vehicles are equipped with sensors to sense their surroundings and the internal Controller Area Network (CAN) bus. Hence, vehicles are becoming part of a large-scale network, the so-called Internet of Vehicles (IoV). Deploying such a large-scale VC system cannot materialize unless the VC systems are secure and do not expose their users’ privacy. Vehicles could be compromised or their sensors become faulty, thus disseminating erroneous information across the network. Therefore, participating vehicles should be accountable for their actions. Moreover, user privacy is at stake: vehicles should disseminate spatio-temporal information frequently. Due to openness of the wireless communication, an observer can eavesdrop the communication to infer users’ sensitive information, thus profiling users. The objective is to secure the communication, i.e., prevent malicious or compromised entities from affecting the system operation, and ensure user privacy, i.e., keep users anonymous to any external observer but also for security infrastructure entities and service providers.In this thesis, we focus on the identity and credential management infrastructure for VC systems, taking security, privacy, and efficiency into account. We begin with a detailed investigation and critical survey of the standardization and harmonization efforts. We point out the remaining challenges to be addressed in order to build a Vehicular Public-Key Infrastructure (VPKI). We provide a VPKI design that improves upon existing proposals in terms of security and privacy protection and efficiency. More precisely, our scheme facilitates multi-domain operations in VC systems and enhances user privacy, notably preventing linking of pseudonyms based on timing information and offering increased protection in the presence of honest-but-curious VPKI entities. We further extensively evaluate the performance of the full-blown implementation of our VPKI for a large-scale VC deployment. Our results confirm the efficiency, scalability and robustness of our VPKI.
Ort, förlag, år, upplaga, sidor
Stockholm: KTH Royal Institute of Technology, 2016. s. 40
Serie
TRITA-EE, ISSN 1653-5146 ; 2016:159
Nyckelord
Vehicular Communications, Security, Privacy, Access Control, Identity and Credential Management, Vehicular PKI
Nationell ämneskategori
Elektroteknik och elektronik
Forskningsämne
Elektro- och systemteknik
Identifikatorer
urn:nbn:se:kth:diva-193030 (URN)978-91-7729-134-3 (ISBN)
Presentation
2016-11-01, Q2, Osquldas Väg 10, Stockholm, 15:30 (Engelska)
Opponent
Handledare
Anmärkning

QC 20160927

Tillgänglig från: 2016-09-27 Skapad: 2016-09-26 Senast uppdaterad: 2024-09-23Bibliografiskt granskad
2. The Key to Intelligent Transportation Systems: Identity and Credential Management for Secure and Privacy-Preserving Vehicular Communication Systems
Öppna denna publikation i ny flik eller fönster >>The Key to Intelligent Transportation Systems: Identity and Credential Management for Secure and Privacy-Preserving Vehicular Communication Systems
2020 (Engelska)Doktorsavhandling, sammanläggning (Övrigt vetenskapligt)
Abstract [en]

Vehicular Communication (VC) systems can greatly enhance road safety and transportation efficiency and enable a variety of applications providing traffic efficiency, environmental hazards, road conditions and infotainment. Vehicles are equipped with sensors and radars to sense their surroundings and external environment, as well as with an internal Controller Area Network (CAN) bus. Hence, vehicles are becoming part of a large-scale network, the so-called Internet of Vehicles (IoV). Deploying such a large-scale VC system cannot materialize unless the VC systems are secure and do not expose their users’ privacy. On the one hand, vehicles could be compromised or their sensors become faulty, thus disseminating erroneous information across the network. Therefore, participating vehicles should be held accountable for their actions and credentials (their Long Term Certificates (LTCs) and their pseudonyms) can be efficiently revoked and disseminated in a timely manner throughout a large-scale (multi-domain) VC system. On the other hand, user privacy is at stake: according to standards, vehicles should disseminate spatio-temporal information frequently, e.g., location and velocity. Due to the openness of the wireless communication, an observer can eavesdrop the vehicular communication to infer users’ sensitive information, and possibly profile users based on different attributes, e.g., trace their commutes and identify home/work locations. The objective is to secure the communication, i.e., prevent malicious or compromised entities from affecting the system operation, and ensure user privacy, i.e., keep users anonymous to any external observer but also for security infrastructure entities and service providers. This is not very straightforward because accountability and privacy, at the same time, appear contradictory. 

In this thesis, we first focus on the identity and credential management infrastructure for VC systems, taking security, privacy, and efficiency into account. We begin with a detailed investigation and critical survey of the standardization and harmonization efforts, along with industrial projects and proposals. We point out the remaining challenges to be addressed in order to build a central building block of secure and privacy-preserving VC systems, a Vehicular Public-Key Infrastructure (VPKI). Towards that, we provide a secure and privacy-preserving VPKI design that improves upon existing proposals in terms of security and privacy protection and efficiency. More precisely, our scheme facilitates multi-domain operations in VC systems and enhances user privacy, notably preventing linking of pseudonyms based on timing information and offering increased protection in the presence of honest-but-curious VPKI entities. We further extensively evaluate the performance, i.e., scalability, efficiency, and robustness, of the full-blown implementation of our VPKI for a large-scale VC deployment. We provide tangible evidence that it is possible to support a large area of vehicles by investing in modest computing resources for the VPKI entities. Our results confirm the efficiency, scalability and robustness of our VPKI.

As a second main contribution of this thesis, we focus on the distribution of Certificate Revocation Lists (CRLs) in VC systems. The main challenges here lie exactly in (i) crafting an efficient and timely distribution of CRLs for numerous anonymous credentials, pseudonyms, (ii) maintaining strong privacy for vehicles prior to revocation events, even with honest-but-curious system entities, (iii) and catering to computation and communication constraints of on-board units with intermittent connectivity to the infrastructure. Relying on peers to distribute the CRLs is a double-edged sword: abusive peers could "pollute" the process, thus degrading the timely CRLs distribution. We propose a vehicle-centric solution that addresses all these challenges and thus closes a gap in the literature. Our scheme radically reduces CRL distribution overhead: each vehicle receives CRLs corresponding only to its region of operation and its actual trip duration. Moreover, a "fingerprint" of CRL ‘pieces’ is attached to a subset of (verifiable) pseudonyms for fast CRL ‘piece’ validation (while mitigating resource depletion attacks abusing the CRL distribution). Our experimental evaluation shows that our scheme is efficient, scalable, dependable, and practical: with no more than 25 KB/s of traffic load, the latest CRL can be delivered to 95% of the vehicles in a region (15x15 KM) within 15s, i.e., more than 40 times faster than the state-of-the-art. Overall, our scheme is a comprehensive solution that complements standards and can catalyze the deployment of secure and privacy-protecting VC systems. 

As the third main contribution of the thesis, we focus on enhancing location privacy protection: vehicular communications disclose rich information about the vehicles and their whereabouts. Pseudonymous authentication secures communication while enhancing user privacy. To enhance location privacy, cryptographic mix-zones were proposed to facilitate vehicles covertly transition to new ephemeral credentials. The resilience to (syntactic and semantic) pseudonym linking (attacks) highly depends on the geometry of the mix-zones, mobility patterns, vehicle density, and arrival rates. Our experimental results show that an eavesdropper could successfully link 73% of pseudonyms (during non-rush hours) and 62% of pseudonyms (during rush hours) after vehicles change their pseudonyms in a mix-zone. To mitigate such inference attacks, we present a novel cooperative mix-zone scheme that enhances user privacy regardless of the vehicle mobility patterns, vehicle density, and arrival rate to the mix-zone. A subset of vehicles, termed relaying vehicles, are selected to be responsible for emulating non-existing vehicles. Such vehicles cooperatively disseminate decoy traffic without affecting safety-critical operations: with 50% of vehicles as relaying vehicles, the probability of linking pseudonyms (for the entire interval) drops from 68% to 18%. On average, this imposes 28 ms extra computation overhead, per second, on the Roadside Units (RSUs) and 4.67 ms extra computation overhead, per second, on the (relaying) vehicle side; it also introduces 1.46 KB/sec extra communication overhead by (relaying) vehicles and 45 KB/sec by RSUs for the dissemination of decoy traffic. Thus, user privacy is enhanced at the cost of low computation and communication overhead.
Abstract [sv]

Fordonskommunikationssystem (FKS) kan förbättra transportsäkerhet och effektivitet genom att möjliggöra många applikationer, till exempel inom trafikflöde och risker i omgivning. Fordonen utrustas med sensorer och radar och blir därmed en del av ett storskaligt nätverk, så kallade Fordonens internet. När system som FKS impementeras måste användarens säkerhet och integritet säkerställas. Å ena sidan kan fordons sensorer bli felaktiga, vilket kan leda till att falsk information sprids i nätverket. Å andra sidan kan användarens integritet sättas i fara eftersom fordonen enligt standarder måste dela information, t.ex. position, fart, och riktning. Eftersom trådlös kommunikation används så kan betraktare avlyssna fordons kommunikation, vilket kan leda till att viktig information avslöjas. På det visat kan användarna profileras baserat på olika attribut, t.ex. individer som pendlar kan spåras och det gör så att deras hem och arbetsplats kan lokaliseras. För att implementera FKS är det avgörande att säkra kommunikationen och garantera användarnas integritet, dvs. att användarna förblir anonyma. 

Denna doktorsavhandling fokuserar på infrastruktur för förvaltning av identitet- och behörighetsuppgifter och tar hänsyn till säkerhet, integritet, och effektivitet. Utmaningar identifieras för att skapa den viktigaste delen av säkra och integritetsbevarande FKS, så kallade Vehicular Public-Key Infrastructure (VPKI). Vårt system underlättar en säker och integritetsbevarande FKS, och utgör en förbättring över befintliga förslag i säkerhet, skydd av integritet samt effektivitet. Vi utvärderar vårt systems prestanda på ett omfattande sätt. Vårt resultat bekräftar effektiviteten, skalbarheten och robustheten av vårt system. 
Ort, förlag, år, upplaga, sidor
Stockholm: KTH Royal Institute of Technology, 2020. s. 111
Serie
TRITA-EECS-AVL ; 2020:32
Nyckelord
Security, Privacy, Vehicular PKI, VPKI, Identity and Credential Management; Vehicular Communications, VANETs; Availability, Scalability, Resilient, Efficiency, Micro-service, Container Orchestration, Cloud; Certificate Revocation List; Location Privacy, Mix-zones, Pseudonymity,  Anonymity, Untraceability, Pseudonym Transition, Pseudonym Unlinkability., Säkerhet, personlig integritet, identitet- och behörighetsuppgifter, tillgänglighet, skalbarhet, motståndskraftig, effektivitet, moln, pseudonymitet, anonymitet, ospårbarhet.
Nationell ämneskategori
Kommunikationssystem
Forskningsämne
Elektro- och systemteknik
Identifikatorer
urn:nbn:se:kth:diva-273636 (URN)978-91-7873-564-8 (ISBN)
Disputation
2020-06-15, https://kth-se.zoom.us/webinar/register/WN_xnk7oJcxSp6kuPMLXuFHqA, Stockholm, 14:00 (Engelska)
Opponent
Handledare
Anmärkning

QC 20200525

Tillgänglig från: 2020-05-25 Skapad: 2020-05-24 Senast uppdaterad: 2022-06-26Bibliografiskt granskad

Open Access i DiVA

ieee-vnc-published-khodaei(441 kB)498 nedladdningar
Filinformation
Filnamn FULLTEXT01.pdfFilstorlek 441 kBChecksumma SHA-512
f64d1af2cfc0d920a7fee7f94932fd5a7744903d664ef634d9743b50b8fc456030a21832d2a075918a7d0f26210abbfe05b864a662df72fc499786bffd4f4427
Typ fulltextMimetyp application/pdf

Övriga länkar

Förlagets fulltextScopusIEEEXplore

Person

Khodaei, MohammadJin, HongyuPapadimitratos, Panos

Sök vidare i DiVA

Av författaren/redaktören
Khodaei, MohammadJin, HongyuPapadimitratos, Panos
Av organisationen
Kommunikationsnät
Kommunikationssystem

Sök vidare utanför DiVA

GoogleGoogle Scholar
Totalt: 500 nedladdningar
Antalet nedladdningar är summan av nedladdningar för alla fulltexter. Det kan inkludera t.ex tidigare versioner som nu inte längre är tillgängliga.

doi
urn-nbn

Altmetricpoäng

doi
urn-nbn
Totalt: 558 träffar
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
v. 2.47.0
|
WCAG
|
KTH Bibliotek
|
DiVA support
|
Registrera i DiVA
|
Spikning av avhandling
|
SwePub
|
Om öppen tillgång