Embed Size (px)
DESCRIPTION
An Efficient and Spontaneous Privacy-Preserving Protocol for Secure Vehicular Communications. Hu Xiong, Konstantin Beznosov , Zhiguang Qin , Matei Ripeanu presented by Jiaqi Gui. Networked Systems Laboratory Electrical and Computer Engineering Department. Types of Applications. - PowerPoint PPT Presentation
Citation preview
An Efficient and SpontaneousPrivacy-Preserving Protocol for Secure Vehicular CommunicationsHu Xiong, Konstantin Beznosov, Zhiguang Qin, Matei Ripeanu
presented by Jiaqi Gui
Networked Systems LaboratoryElectrical and ComputerEngineering Department
An Efficient and Spontaneous Privacy-Preserving Protocol [email protected] 2
Life-critical alerting and monitoring functionality during
intersection crossing, lane merging, etc.
Value-added enhancing drivers’ traveling experience by providing
convenient Internet access, navigation, toll payment services, etc.
2
Types of Applications
An Efficient and Spontaneous Privacy-Preserving Protocol [email protected] 3
Life-critical alerting and monitoring functionality during
intersection crossing, lane merging, etc. Security is critical!
Think of the damage a malicious attack could do
Value-added enhancing drivers’ traveling experience by providing
convenient Internet access, navigation, toll payment services, etc.
3
Types of Applications
An Efficient and Spontaneous Privacy-Preserving Protocol [email protected] 4
Life-critical alerting and monitoring functionality during
intersection crossing, lane merging, etc. Security is critical!
Think of the damage a malicious attack could do
Value-added enhancing drivers’ traveling experience by providing
convenient Internet access, navigation, toll payment services, etc.
4
Types of Applications
An Efficient and Spontaneous Privacy-Preserving Protocol [email protected] 5
Wireless communication devices installed on vehicles (On-Board Units - OBUs)
Road-side access points (RSUs)
Transportation Regulation Center (TRC)
5
Structure of Proposed Infrastructure for Vehicular Networks
Vehicular networks
IEEE 802.11pCommunication Technology
Transportation Regulation Center
An Efficient and Spontaneous Privacy-Preserving Protocol [email protected] 6
Conditional privacy preservation Spontaneous Efficient
Security Requirements for a Vehicular Communication Protocol
An Efficient and Spontaneous Privacy-Preserving Protocol [email protected] 7
Conditional privacy preservation The identity of vehicles should be protected However, incident investigation may require revealing
identities of participating vehicles Offline Only by authorized parties
Spontaneous Efficient
Security Requirements …
An Efficient and Spontaneous Privacy-Preserving Protocol [email protected] 8
Conditional privacy preservation Spontaneous
Protocol should not require communication between cooperating vehicles in the critical path before sending each new message
Protocol should not require support from the RSUs RSUs may not cover all road segments at least in the initial
deployment stages,
Efficient
Security Requirements …
An Efficient and Spontaneous Privacy-Preserving Protocol [email protected] 9
Conditional privacy preservation Spontaneous Efficient
Low communication overheads Low storage overhead
Should not rely on a large storage space at each vehicle, or updating the group public key and private key at all
unrevoked vehicles in case of a growing revocation list Low computational requirements
Security Requirements …
An Efficient and Spontaneous Privacy-Preserving Protocol [email protected] 10
Existing/Proposed Solutions
Spontaeous Efficiency Storage Overhead Verification Overh.
Solutions using a large numbers of anonymous keys (LAB)
Yes High Low
Solutions based on pure group signature (GSB)
Yes Low High
Solutions based on using the roadside infrastructure (RSUB)
No (RSU aided)
Low Low
Proposed solution (based on revocable ring signature)
Yes Low Low
[LAB] M. Raya, J. P. Hubaux, Securing Vehicular Ad Hoc Networks, Journal of Computer Security, 15(1), 2007.[GSB] X. Lin et al., GSIS: A Secure and Privacy-Preserving Protocol for Vehicular Communications, IEEE Trans on Vehicular Technology,
56(6), 2007.[RSUB] R. Lu et al., ECPP: Efficient Conditional Privacy Preservation Protocol for Secure Vehicular Communications, INFOCOM 2008
(Note: only solutions that provide conditional privacy are presented)
An Efficient and Spontaneous Privacy-Preserving Protocol [email protected] 11
Introduction & Motivation Past Solutions The Proposed Solution Analysis Conclusions
Outline
An Efficient and Spontaneous Privacy-Preserving Protocol [email protected] 12
Key Ingredients Public/private keys.
Ring signature [Rivest et al. 2001] Provides:
Anonymity: attacker can not infer which member of a group has signed.
Spontaneity: any member of a group can sign without additional setup
Revocable ring signature [Liu et al. 2007] Provides conditional anonymity: an authority can reveal the
identity of the real signer
An Efficient and Spontaneous Privacy-Preserving Protocol [email protected] 13
Outline of the Proposed Solution
Actual MessageSigner
Vehicle initialized with:
• Its own public/private key pair: (xi,y
i)
• The public key of TRC: yTRC
• Constants of the signature protocol
An Efficient and Spontaneous Privacy-Preserving Protocol [email protected] 14
Outline of the Proposed Solution
y1 y2yn…
Actual MessageSigner
Vehicles encountered in the past y
k – public keys
Vehicle initialized with:
• Its own public/private key pair: (xi,y
i)
• The public key of TRC: yTRC
• Constants of the signature protocol
An Efficient and Spontaneous Privacy-Preserving Protocol [email protected] 15
Outline of the Proposed Solution
y1 y2yn…
Actual MessageSigner
Vehicles encountered in the past
Vehicle initialized with:
• Its own public/private key pair: (xi,y
i)
• The public key of TRC: yTRC
• Constants of the signature protocol
Vehicle collects public keys of other vehicles encountered in the past
An Efficient and Spontaneous Privacy-Preserving Protocol [email protected] 16
Outline of the Proposed Solution
y1 y2yn…
Actual MessageSigner
Message Generation: (y1+y2+…+yn, M,yTRC ,xi)
Vehicle generates the revocable ring signature using:
• Its own private key: xi
• A set of public keys of other N vehicles: y1,y2,…yn
• The public key of TRC: yTRC
• The message M
Vehicles encountered in the past
An Efficient and Spontaneous Privacy-Preserving Protocol [email protected] 17
Introduction & Motivation Past Solutions Outline of the Proposed Solution Analysis Conclusions
Outline
An Efficient and Spontaneous Privacy-Preserving Protocol [email protected] 18
Identity privacy preservation Given a valid ring signature of a message, it is
computationally difficult to identify the actual signer by any adversary
Property provided by ring signatures
Tracing to a real identity Given the signature, the TRC who knows xTRC,
can reveal the real identity of a message sender
Conditional Privacy Preservation
An Efficient and Spontaneous Privacy-Preserving Protocol [email protected] 19
Spontaneity The vehicle can specify the ring (the set of
vehicles) needed to generate the signature arbitrarily (i.e., without any new interaction with other vehicles or RSUs)
[Additional property] Multi-level privacy Each vehicle can select the degree of privacy
that fits its own requirements by choosing the number of public keys used in the message generation phase.
Spontaneous and Multi-Level
An Efficient and Spontaneous Privacy-Preserving Protocol [email protected] 20
Comparing Overheads to Existing/Proposed Solutions
Spontaeous Efficiency Storage Overhead Verification Overh.
Solutions using a large numbers of anonymous keys (LAB)
Yes High Low
Solutions based on pure group signature (GSB)
Yes Low High
Solutions based on using the roadside infrastructure (RRUB)
No (RSU aided)
Low Low
Proposed solution (RSUB)(based on revocable ring signature)
Yes Low Low
[LAB] M. Raya, J. P. Hubaux, Securing Vehicular Ad Hoc Networks, Journal of Computer Security, 15(1), 2007.[GSB] X. Lin et al., GSIS: A Secure and Privacy-Preserving Protocol for Vehicular Communications, IEEE Trans on Vehicular Technology,
56(6), 2007.[RSUB] R. Lu et al., ECPP: Efficient Conditional Privacy Preservation Protocol for Secure Vehicular Communications, INFOCOM 2008
Hundreds or thousands of keys for each vehicle
(all others schemes have one key pair
per vehicle)
An Efficient and Spontaneous Privacy-Preserving Protocol [email protected] 21
Comparing Overheads to Existing/Proposed Solutions
Spontaeous Efficiency Storage Overhead Verification Overh.
Solutions using a large numbers of anonymous keys (LAB)
Yes High Low
Solutions based on pure group signature (GSB)
Yes Low High
Solutions based on using the roadside infrastructure (RRUB)
No (RSU aided)
Low Low
Proposed solution (RSUB)(based on revocable ring signature)
Yes Low Low
[LAB] M. Raya, J. P. Hubaux, Securing Vehicular Ad Hoc Networks, Journal of Computer Security, 15(1), 2007.[GSB] X. Lin et al., GSIS: A Secure and Privacy-Preserving Protocol for Vehicular Communications, IEEE Trans on Vehicular Technology,
56(6), 2007.[RSUB] R. Lu et al., ECPP: Efficient Conditional Privacy Preservation Protocol for Secure Vehicular Communications, INFOCOM 2008
Grows linearly with the number of revoked keys
An Efficient and Spontaneous Privacy-Preserving Protocol [email protected] 22
Introduction Motivation The proposed Scheme Analysis Conclusion
Outline
An Efficient and Spontaneous Privacy-Preserving Protocol [email protected] 23
The proposed protocol provides conditional privacy, improves efficiency in terms of the
number of keys stored at each vehicle, and complexity of sender authentication and verification.
does not require support from the roadside infrastructure
provides multi-level privacy
Conclusions
For more information:http://NetSysLab.ECE.UBC.ca
Thank you
