Elsevier

Computer Communications

Volume 93, 1 November 2016, Pages 52-67
Computer Communications

Optical PUF for Non-Forwardable Vehicle Authentication

https://doi.org/10.1016/j.comcom.2016.05.016Get rights and content

Highlights

  • We provide a single round (per party) protocol for the Authenticated Key Exchange (AKE) among peer parties.

  • Physically Unclonable Functions (PUF) have been used to provide auxiliary optical channel communication for the peer vehicle location binding.

  • We emphasize the need of location binding property vs non-forwardable authentication with respect to security applications and present a sophisticated attack scenario (to improve the security settings in IEEE 1609.2) as a part of problem statement.

  • We provide auxiliary means of optical fingerprint identification as a compensation for the reduced number of exponentiations per party.

Abstract

Modern vehicles are configured to exchange warning messages through IEEE 1609 Dedicated Short Range Communication over IEEE 802.11p Wireless Access in Vehicular Environment. Essentially, these warning messages must associate an authentication factor such that the verifier authenticates the message origin via visual binding. Interestingly, the existing vehicle communication incorporates the message forward-ability as a requested feature for numerous applications. On the contrary, a secure vehicular communication relies on a message authentication with respect to the sender identity. Currently, the vehicle security infrastructure is vulnerable to message forwarding in a way that allows an incorrect visual binding with the malicious vehicle, i.e., messages seem to originate from a malicious vehicle due to non-detectable message relaying instead of the actual message sender. We introduce the non-forwardable authentication to avoid an adversary coalition attack scenario. These messages should be identifiable with respect to the immediate sender at every hop. According to a coalition attack scenario, the group of adversaries in coalition adopt the fabricated attributes of a target vehicle and resembles it to be alike. The adversaries in coalition then reroute the eavesdropped messages in order to impersonate the target vehicle. We propose to utilize immediate optical response verification in association with the authenticated key exchange over radio channel. These optical response are generated through hardware means, i.e., a certified Physically Unclonable Function device embedded on the front and rear of the vehicle. To the best of our knowledge, this is the first work proposing a solution based on physically unclonable function for a secure non-forwardable vehicle to vehicle authentication. In addition a formal correctness sketch is derived using Strand Space methodology.

Introduction

Vehicle networks [21], [24], [50] provide safe and efficient maneuvering among the vehicles and across the road. Smart vehicles are equipped with wireless radio devices and comply with the Dedicated Short Range Communication (DSRC) IEEE 1609 [1], [9] and Wireless Access in Vehicular Environment (WAVE) 802.11p [61]. Furthermore, vehicles are customized to predict a crash event ahead of time through ultrasonic and infrared radars, detection vs ranging optical-sensors, and a night vision camera [59]. A decentralized multi-channel communication [80] is standardized in IEEE 1609.4 [8]. Our protocol is secure to create an information rich map of the surrounding vehicles and correspondingly attribute these messages (arriving through the radio) to the correct vehicle in the map. Such an up-to-date map would assist in real-time decision making, e.g., accelerating, decelerating, or lane changing. Once the vehicle has established a secure session with a near-by vehicle the map can be updated using the information received over the radio channel, thereby, attributing the responsibility of any malfunctioning.

Wireless radio communication is widely supported by the portable user devices. There exists a sufficient number of Authenticated Key Exchange (AKE) protocols for a secure wireless communication. Interestingly, the majority of these AKE protocols are implemented over the radio channel for identifying a valid public key holder and establishing a session key. However, these approaches do not suffice for a more sophisticated form of a coalition attack. In order to avoid such attacks a correct mapping to the actual vehicle in secret session is necessary. Subsequently, a location-information rich map can provide a precise identification of the original source. Recently, authors in [62] have presented a far proximity identification approach by measuring overall multipath propagation effect, although it estimates that a specific target is at least a certain distance away (conceptually quite opposite to the existing distance bounding protocols [6]); however, the source of signal origination is still unidentifiable and seems to comply with the certified credentials. In particular, the dispersed nature of the radio signals might impose an incorrect binding between the session messages and the actual source of the message. Our scheme promises a correct binding between the session messages (over a wireless radio channel) and correspondingly identifiable source of the message (certified attribute holder).

We utilize the (inherently) directed nature of optical channel to produce optical fingerprints in association with a secure radio channel. Optical communication (or an equivalent technology for a clear geographic mapping and to identify communicating vehicle monolithically-coupled with the information received) is an important ingredient in our proposed scheme. The directed nature of the optical communication channel eliminates the possibility of an adversary, present in the line of sight between mutually authenticated vehicles. However, the optical communication or directed microwaves alone are not sufficient and requires additional assumptions to enable the existing DSRC IEEE 1609.2 [2] infrastructure immune against a coalition attack, as presented in this paper. Vehicles authenticate a peer vehicle over radio channel to be the same vehicle as visually identified over the optical channel. Our Physically Unclonable Function (PUF) based solution can withstand more sophisticated adversarial coalition attacks than in previous works [11], [12], [13], [15].

We propose to achieve a secure binding property with respect to vehicles and corresponding communication channels. Essentially, vehicles that identify themselves on an auxiliary channel establish a secure communication over another channel, i.e., an optical and radio channel, respectively. A formal definition 2 of binding property is given in Section 4. The designed protocol consider both the secure key exchange and the coupled message integrity (ciphered through the verified key). In spite of performing these two different verifications on two different channels, the proposed protocol assure a monolithic binding between the two parameters and also that they belong to the same visible credential holder. The optical speckles should be grasped as an optical version of unpredictable responses, i.e. one of the primary characteristic of PUF, also is a sufficient and necessary assumption to ensure the non-forwardability. Moreover, the abstract level of understanding for the proposed protocol (how to ensure the non-forwardable authentication) relies on PUF traits such as unclonability vs unpredictability regarding the responses (irrespective of the optical speckle or electrical medium). There is considerably negligible gap between the response generation (via authentic PUF) and response observation (via photodiode), therefore, PUF is less vulnerable to response relaying as opposed to PUF modeling attacks presented in [22], [48].

Problem statement. In this paper, we consider an adversary coalition attack scenario [11], [15] in vehicle networks. Accordingly, adversaries forward the messages between the intended sender and receiver, without decrypting the messages. Sender and receiver verifies the visual attributes and the location. However, it is difficult to identify whether the intended sender and receiver are present within the communication range or not. Apparently, messages are routed through a group of malicious vehicles that looks similar as the intended sender/receiver. The malicious vehicle might communicate over a separate communication channel. Therefore, the intended sender and receiver that own a valid certificate (binding vehicle attributes and public key) are actually far away from the communication range still connected through an adversary coalition channel. The term adversary coalition denotes the fact that adversary is allowed to forward and re-route messages towards a second adversary via separate channel. Interestingly, the static [13] and dynamic attribute [11], [15] based authentication is not sufficient to avoid the coalition attack scenario.

Evidently, a non-forwardable authentication property must be augmented to expand more upfront schemes based on static and dynamic attributes. Specifically, the technique should prevent the verifier to visually misidentify the attacker (that only forwards messages) with the original authenticator (that actually produced the authentication messages).

Apparently, some ad-hoc solutions such as timing analysis, radio fingerprinting, regular mirror and holographic mirror identification, potentially seems to immune against the coalition attack scenario. We further elaborate these solutions with respect to the inapplicability against a coalition attack scenario. It must be noticed that the coalition attack is unavoidable within the existing state of vehicle to vehicle security standards IEEE 1609.2 [2]. Interestingly, neither the wireless radio nor the optical communication channel, individually is enough to provide a complete solution against the coalition attack scenario. We require a dynamic scheme for immediate commitment verification that would not remain static for a long time. Our goal is to couple the communicating vehicles within the scope of multiple channels such as an optical and radio channel. An optical channel is essential during the authentication phase and the radio channel resumes beyond the authentication phase for the authenticated message exchange. Optical PUF assisted unforgeable fingerprints provide a robust vehicle identification. The proposed authentication approach utilizes a non-forwardable fingerprint from the peer vehicle. A PUF [41] device is used to produce these output responses and a supplementary optical communication is used to convey PUF input and verify PUF output. Initially, PUF is assumed to be untrained such that it is undefined in terms of challenge-response pairs or underlying mathematical description. It is only after a sufficient number of rounds of PUF stimulation that this deterministic PUF property is revealed in terms of challenges and paired responses. A more formal definition of PUF is given in Section 3.

Strawman solutions. Interestingly, the wireless radio and the optical communication, individually is not enough to provide a complete solution against the coalition attack scenario. The following native solutions might seem to solve the problem but only to a certain extent.

Timing analysis: Optical communication channels have been used recently to measure the dynamic primitives [40], [83] of any moving target. Moreover, a round trip delay measurement for the optical beam is another estimate that assists to verify the partner in communication. Accordingly, the sender estimates that the receiver is not farther then few meters away and therefore should not take more than the threshold time to access. In the existing literature this concept is also known as distance bounding and round trip delay estimation [7]. Thus, the sender and receiver might be assured that the communication is uninterrupted and also point-to-point (in case of optical communication). However, the underlying communication protocols suffer packet loss, congestion and delay over the wireless radio channel. Therefore, the packet round trip time estimation might lead to an incorrect distance estimation. A sufficient number of security protocols are available that might prevent the adversary to fake a lower latency, still, the adversary can fake a larger distance or round trip latency by intentionally delaying the message forwarding. Therefore, it might lead to an incorrect delay or distance estimation among the actual sender and receiver.

Radio fingerprinting: According to the property of wireless radio fingerprinting, radio signals generated at every device must incorporate an unique distinguishable property [5], [51], [52]. Therefore, the radio waves generated at a particular vehicle retains these consistent and unique traits during every communication interaction. However, the radio fingerprinting approach does not ensure the non-forwardable authentication due to the lack of point-to-point communication. The communicating vehicles might not be able to create a mutual visual binding with respect to fingerprints received over the radio channel. Our approach provides this worthy combination of unforgeable fingerprints and visual bindings with the sender of those fingerprints.

Regular mirrors: An optical communication channel such as laser beam can be used to convey the commitment data through beam modulations. The receiving vehicle must be configured with a reflective mirror on which the laser beam modulations are received and interpreted. Therefore, the commitment data conveyed through point-to-point beam modulation seems to be secure and confidential to the recipient vehicle. However, the reflective mirror does not contribute beyond the beam modulation decoding. In addition, a recipient vehicle cannot distinguish between the beam reflection originated at intended sender or the reflection-of-reflection (reflection originated at the middle adversary, mimicking the original reflection from the intended sender). An adversary nearby can record the laser beam modulations originated from the other vehicle and might also generate the same modulations. Therefore, the beam modulations and the commitment data is vulnerable to subliminal message rerouting and forwarding. Furthermore, there is no binding between the optical and wireless radio channel and is not a complete solution against an adversary coalition attack scenario.

Holograms: A hologram can be installed at the vehicle front and rear surface. The hologram is subjected to an optical beam in order to verify the validity of the hologram and the corresponding vehicle identity. A specific certified hologram would generate a correspondingly unique reflection for every vehicle identity. Apparently, the solutions based on a certified hologram response verification resolves the true vehicle identity and appears to be a quite relevant solution for the attack scenarios into consideration. However, in this solution the hologram retains and processes a specified Challenge Response Pair (CRP) only and the pairing remains fixed for every verification round. Furthermore, a mighty adversary can reveal the CRP by analyzing it over a period of time because the response remains static irrespective of the static and dynamic attributes of the vehicle.

The problem requires a dynamic solution for the immediate commitment verification in which CRPs are not static. Our solution proposed in this paper verifies the immediate processing of an optical beam through an unclonable device known as PUF [17], [19], [41], [42], [58]. PUFs are hardware devices that are configured to produce a unique response corresponding to a unique and sufficiently diverse challenge. The verifier compares these PUF generated response patterns against the certified response received over the wireless radio channel. PUF generated spontaneous wireless signatures enable a secure binding between the optical and wireless radio communication channel. Evidently, our PUF based solution is rigorous and resistant towards the above mentioned coalition attack scenario.

Physically Unclonable Function (PUF). PUF was first introduced in [41] as a hardware analogous to the one-way hash functions. We denote the function instated inside the hardware PUF device as ℘. Essentially, a PUF is a hardware primitive that represents physical hash functions due to unique physical characteristics. There is no instantiation of any PUF, at least as much intuitive as a mathematical description, except a random oracle model. Specifically, every instantiation of PUF is considered as another instantiation of a random oracle model. PUF devices are characterized with micro-structural variations. These perplexed structural variations are enforced during the production process, therefore, it is hard to clone the same structural variations. Furthermore, PUFs can be used perfectly in a challenge-response verification protocol. These PUFed responses are correspondingly unique to the paired challenges and are extremely difficult to predict without accessing the original PUF device itself. The essential properties [36], [54] of a basic PUF (including the underlying function (℘) specific properties) are:

  • Unique: PUF output is unpredictable due to the unique micro-structural variations. In the existing literature, a PUF device is termed as a physical one-way hash function [41]. Inherently, the CRPs produced by a PUF are uniquely paired and sufficiently diverse to distinguish.

  • Unclonable: No two PUFs could ever produce same output via cloning. Due to micro-structural variations it is infeasible to physically clone a PUF. Therefore, the inevitable structural randomness avoids PUF cloning attacks.

  • Unpredictable: It is infeasible to predict the consistent response for a random challenge given a set of pre-recorded CRPs. An adversary might stimulate a passive PUF device for a random set of challenges (c1, c2, ...c) and retrieves corresponding responses as (r1, r2, ...r), still it is infeasible to predict a correct response r+1 corresponding to an unqueried input challenge c+1.

  • One-way: Given a decoded numeric response ri and the certified PUF still it is infeasible to recover the paired challenge ci that triggered PUF to generate ri.

  • Tamper evident: Any attempt to recover the structural traits of PUF would deviate the original structure of underlying function ℘ and consequently, the original challenge-response pairing.

Previous work. According to a PUF authentication scheme [47], an initiator measures PUFed responses. The responder transmits a shuffled response string that initiator verifies through substring matching. The paper [44] presented a PUF based protocol for secure private-public key pair generation and distribution between Certificate Authority (CA) and vehicles. The authors in [53] presented a challenge-response method to identify the paired device, while both devices are assumed to have a session key. The sender measures the response and receives the same response encrypted with the secret key from the receiver in order to cross verify the measured response. Furthermore, a pseudonym refill protocol for vehicular environment has been given in [90], [91] that provides on-demand certificate restore via road side units. However, to the best of our knowledge, none of these previous works have considered the vehicle coalition attack scenario as a problem. We assume the existence of an out-of-band communication channel [38] to verify the certified static attributes. In [13] a novel vehicle authentication scheme has been proposed which is based on the certified and monolithically-coupled vehicle attributes with the public key. The following work [11], [15] have used a laser communication for additional verification of dynamic attributes is presented. The utility of an auxiliary laser based communication channel regarding the secure device pairing can be found in [30], [37], [39]. It is practically feasible for high speed vehicles to operate laser beams for tracking [40], [82], [83] and secret key establishment [37], [43].

PUF was first introduced in [41] as a hardware analogous to the one-way hash functions. There are several types of PUFs discussed in literature [18], [19], [20], [42] such as Strong PUFs [19], [42], Controlled PUFs [18], Weak PUFs [20]. There are number of candidates for Strong PUFs implemented on integrated circuits, however, the enhancement in this area is still evolving due to modeling attacks [48]. The proposed scheme utilizes optical PUF as they are secure against cloning [22] and modeling attacks [48]. PUFs are also referred to as Physical Random Functions [17], [19] or Physical One-Way Functions [41], [42], have been used for key establishment [42], [58], identification [42] and authentication [19], [58]. The state-of-art research [87], [88], [89] that ensures the property of unclonability is given in [36], [54], [74]. Moreover, the work in [4] presents PUF assisted formal security features. A broadcast encryption scheme based on PUF devices is given in [29]. Furthermore, the authors in [45] presented an optical PUF based scheme for challenge-response verification through a manufacturers 2D barcode signature embedded over PUF device.

Our contribution. In order to mitigate this coalition attack scenario as mentioned in problem-statement and detailed in Section 2, we plan to utilize PUF devices for a non-forwardable message authentication that provides:

  • Unique identification: Vehicles create a visual binding over optical channel through PUF. The physical challenge stimulus c is processed over an authentic PUF and spontaneously produces a correspondingly original response r. Therefore, a communicating vehicle can be uniquely identified via PUF verification.

  • Vehicle authentication: The AKE execution via certified attributes and the public key over a securely coupled radio channel is an important ingredient in our scheme. Moreover, in this work radio communication is securely coupled with the preliminary optical communication. Thus, the peer vehicle authentication is twofold secure.

In [69], [70], [71] multiple pseudonym-certificate based privacy-preserving approach has been proposed. However, considering the authentication as a prime objective we adapt the multiple certificate assumption, specifically the long-term certificate storage and re-activation. In contrast to [69], [70], [71] we ensure a physical-disorder based non-forwardable authentication via additional security assumptions and zero infrastructure.

  • Non-forwardability: An adversary cannot forward the messages on behalf of another sender such as without being detected. Specifically, the privilege that adversary is deprived of is the ability to mimic unpredictable PUF response even after forwarding the current active challenge in place of a third party (which again is a secure credential known only to an original holder). The sender and the receiver are in direct communication with each other, therefore, the message integrity is ensured.

  • Channel binding: The sender and receiver, first create a visual binding through optical communication verification and then establish a secure binding between the wireless radio and optical communication channel. Moreover, the associated AKE protocol enables a secure message exchange over the wireless radio channel.

The laser equipped vehicles [35], [56] are feasible for diverse applications such as driver safety, traffic navigation, vehicle identification, warning dissemination and night vision. The laser detection and ranging have recently been used for real time parking space locator in [65], [67]. The authors in [66] presented a novel approach for the target vehicle information acquisition through a 2d-reflecting code on the front and rear of the vehicle. Similarly, in [68] a vehicle equipped with inward and outward facing cameras for outside traffic monitoring. Recently, a major automotive giant has released a laser equipped prototype [59] that increases the night vision effectively. Moreover, it might appear cumbersome to find a suitable place for a moderate size laser device inside the vehicle front without requiring in-vehicle weight re-distribution. Therefore, the usage of fiber optics allows the placement of laser device anywhere within the vehicle, effectively propagating the output to the vehicle front. It is important to mention that the vehicle tracking through the laser beam pointing and scanning is feasible for moving vehicles [81], [82], [83]. Laser communication in vehicular networks has been primarily used for distance and velocity estimation [77], [79]. In [75], [78], laser pointers are used for spontaneous ping among the hand held devices. In [76], the authors suggest the transmission of the shared secret key through the laser modulation.

Along with the laser integration into modern vehicles PUF integration has also been considered as a feasible solution [63], [64]. Furthermore, PUF integration is closely related to the ideal model of physical-disorder based low cost authentication [74]. The cost might vary from an elaborated laboratory setup to a thinly sprayed light reflecting sheet. However, the random distribution of these light reflecting particles would generate unique interference response and therefore it is expensive to reproduce the exactly similar light response. Moreover, the CRP space is assumed to be large enough in order to realize PUF unpredictability property, therefore it would require an exponential (to the number of challenge bits) time interval to disclose the whole set of possible challenges.

Outline. Section 2 explains the adversary coalition attack scenario in vehicle to vehicle communication. A detailed description of PUF assisted vehicle authentication approach is given in Section 3. Security discussion is given in Section 4. A formal correctness proof using Strand Space methodology is given in Section 5. The Section 6 highlights the concluding remarks.

Section snippets

Adversary Coalition Scenario

We provided a solution for the coalition attack scenario as discussed in [11], [15] (see Figure 1). According to the coalition attack scenario, there exists two or more malicious vehicles between the intended sender, S and the receiver, R. One of these malicious vehicles impersonates the sender, AS and the other impersonates the receiver, AR by carrying exactly similar static attributes. Moreover, these malicious vehicles communicate over a separate communication channel to relay the acquired

Physical Unclonable Function Assisted Authentication

As explained earlier PUF assisted authentication requires specific hardware settings. A broad categorization would be to incorporate a PUF stimulating setup and PUF reading setup. Moreover, the PUF training must be done during a confidential pre-processing phase. We further highlight the sequential integration of these processing phases as given below:

Regular setup. In a regular setup the optical PUF can have a form of a user card with a transparent film. The film itself is neither

Security Discussion

Considering the uncertain factors of the future communication technology and potential physical attacks that might not be feasible currently, we model the adversarial activity from a future point of view. For example an adversary having access over PUF device can stimulate it against random challenges. Furthermore, assuming that a mighty adversary retrieves certified challenges that is valid for a future interval tval. Then extracts PUF’ed responses corresponding to these retrieved challenges

Correctness

In this section we present a formal induction proof using Strand Space methodology [16], [55]. The Strand Space methodology has been used earlier for the verification of Diffie-Hellman protocol [23], multi channel security protocol [57]. Accordingly, the verification of security properties such as authentication and secrecy is based on the analysis of mutual interaction between the valid and invalid strands in a specific protocol run.

Formalization The Strand Space model analyzes a legal trace

Conclusion

In this work, we propose to resolve vehicle to vehicle authentication for adversary coalition attack scenario. The conventional radio communication does not support the location binding and our solution provides this binding via an auxiliary optical channel. We utilize the inherent directed nature of optical communication to stimulate a Physical Unclonable Function (PUF) device. The unique PUF responses are used to verify the vehicle identity. Specifically, initiator vehicle visualize and

References (91)

  • 2014, ANSI X9.62 and FIPS 186-3 Elliptic Curve Digital Signature...
  • F. Armknecht et al.

    A formalization of the security features of physical functions

    IEEE Symposium on Security and Privacy (SP)

    (2011)
  • K.B. Rasmussen et al.

    Implications of radio fingerprinting on the security of sensor networks

    3rd International Conference on Security and Privacy in Communications Networks and the Workshops, SecureComm

    (2007)
  • S. Brands et al.

    Distance-bounding protocols

    Advances in Cryptology EUROCRYPT, volume 765

    (1994)
  • M. Cagalj et al.

    Key agreement in peer-to-peer wireless networks

    Proceedings of the IEEE

    (2006)
  • C. Campolo et al.

    Multichannel communications in vehicular ad hoc networks: a survey

    IEEE Communications Magazine

    (2013)
  • Q. Chen et al.

    IEEE 1609.4 DSRC multi-channel operations and its implications on vehicle safety communications

    IEEE Vehicular Networking Conference (VNC)

    (2009)
  • W. Diffie et al.

    New directions in cryptography

    IEEE Transactions on Information Theory

    (1976)
  • S. Dolev et al.

    Dynamic attribute based vehicle authentication

    Wireless Networks

    (2016)
  • S. Dolev et al.

    Vehicle to vehicle authentication

    17th International Symposium on Stabilization, Safety, and Security of Distributed Systems

    (2015)
  • S. Dolev et al.

    Vehicle authentication via monolithically certified public key and attributes

    Wireless Networks

    (2015)
  • S. Dolev et al.

    Optical PUF for non-forwardable vehicle authentication

    14th IEEE International Symposium on Network Computing and Applications

    (2015)
  • S. Dolev et al.

    Dynamic attribute based vehicle authentication

    13th IEEE International Symposium on Network Computing and Applications

    (2014)
  • F.J.T. Fábrega et al.

    Strand spaces: Proving security protocols correct

    Journal of Computer Security

    (1999)
  • B. Gassend

    Physical Random Functions

    (2003)
  • B. Gassend et al.

    Controlled physical random functions

    Proceedings of the 18th Annual Computer Security Applications Conference

    (2002)
  • B. Gassend et al.

    Silicon physical random functions

    ACM Conference on Computer and Communications Security

    (2002)
  • J. Guajardo et al.

    FPGA intrinsic pufs and their use for ip protection

    CHES

    (2007)
  • H. Hartenstein et al.

    A tutorial survey on vehicular ad hoc networks

    Communications Magazine, IEEE

    (2008)
  • C. Helfmeier et al.

    Cloning physically unclonable functions

    IEEE International Symposium on Hardware-Oriented Security and Trust (HOST)

    (2013)
  • J. Herzog

    The diffie-hellman key-agreement scheme in the strand-space model

    16th IEEE Computer Security Foundations Workshop

    (2003)
  • H. Krawczyk

    Sigma: The sign-and-mac approach to authenticated Diffie-Hellman and its use in the ike-protocols

    Advances in Cryptology-CRYPTO

    (2003)
  • L. Law et al.

    An efficient protocol for authenticated key agreement

    Designs, Codes and Cryptography

    (2003)
  • H. Krawczyk

    HMQV A high-performance secure diffie-hellman protocol

    Advances in Cryptology-CRYPTO, 3621

    (2005)
  • D. Boneh et al.

    Short signatures from the weil pairing

    Journal of Cryptology

    (2004)
  • Ł. Krzywiecki et al.

    Coalition resistant anonymous broadcast encryption scheme based on puf

    Trust and Trustworthy Computing

    (2011)
  • B. LaMacchia et al.

    Stronger security of authenticated key exchange

    Provable Security

    (2007)
  • L. Law et al.

    An efficient protocol for authenticated key agreement

    Designs, Codes and Cryptography

    (2003)
  • J. Lee et al.

    Authenticated key exchange secure under the computational Diffie-Hellman assumption

    IACR Cryptology ePrint Archive

    (2008)
  • G. Lowe

    A hierarchy of authentication specifications

    10th IEEE Computer Security Foundations Workshop

    (1997)
  • R. MacLachlan et al.

    Tracking of moving objects from a moving vehicle using a scanning laser rangefinder

    IEEE Intelligent Transportation Systems Conference

    (2006)
  • R. Maes et al.

    Physically unclonable functions: A study on the state of the art and future research directions

    Towards Hardware-Intrinsic Security

    (2010)
  • R. Mayrhofer et al.

    A human-verifiable authentication protocol using visible laser light

    Availability, Reliability and Security

    (2007)
  • J. McCune et al.

    Seeing-is-believing: Using camera phones for human-verifiable authentication

    IEEE Symposium on Security and Privacy

    (2005)
  • L.H. Nguyen et al.

    Authentication protocols based on low-bandwidth unspoofable channels: A comparative survey

    Journal of Computer Security

    (2011)
  • Cited by (14)

    • Schnorr-like identification scheme resistant to malicious subliminal setting of ephemeral secret

      2020, Computer Networks
      Citation Excerpt :

      Maliciously injected data may realistically endanger lives. There are multiple higher-level protocols that use the underlying hardware layer to provide secure authentication between V2X parties, such as [2,10,23,29,37]. Bitcoin [25] is by far the most popular cryptocurrency.

    • Survey on existing authentication issues for cellular-assisted V2X communication

      2018, Vehicular Communications
      Citation Excerpt :

      Performance evaluation using ProVerif tool shows that their protocol achieve low key generation time and robust against MiM attack, node impersonation, as compared to other schemes in the literature. In another approach, a novel physically unclonable function (PuF)-assisted vehicle authentication technique was proposed in [50]. The authors try to mitigate coalition attacks present in DSRC-based V2V communication using optical PuF mechanism.

    • Next Generation Vehicles, Safety, and Cybersecurity - The CMX Framework

      2024, IEEE Transactions on Intelligent Transportation Systems
    View all citing articles on Scopus

    A preliminary version of this paper has appeared in proceedings of the 14th IEEE International Symposium on Network Computing and Applications (IEEE NCA) 2015 [14].

    1

    Partially supported by the Lynne and William Frankel Center for Computer Sciences, Rita Altura Trust Chair in Computer Sciences, Ben-Gurion University of the Negev and Israel Science Foundation (Grant Number 428/11); the Israeli-Italian Scientific & Technological Cooperation grant; the Israel-Taiwan Scientific Research Cooperation grant and Israel Prime Minister Office, BGU Cyber Center.

    2

    The research was financed by the Polish National Science Centre decision (DEC-2013/08/M/ST6/00928), project HARMONIA.

    View full text