ABSTRACT
We investigate privacy-preserving Public-Key Infrastructures (PKIs) with additional security, privacy, and performance requirements meant to support vehicular networks. While conventional PKIs are a cornerstone for identity management in certain security applications, they do not offer the privacy properties that vehicular networks demand. Over the last few years, there have been efforts to generalize conventional PKIs to meet these new privacy and security demands. One particular example is the class of multiple certificate PKIs where each vehicle is given multiple short-lived and anonymous certificates that can function as credentials until the vehicle is due for, say, the next inspection or dealership visit. While such PKIs offer attractive security and privacy properties, achieving acceptable performance has remained an open problem thus questioning their practicality.
In this paper, we formally define and investigate the efficient certificate revocation list (CRL) search problem for multiple certificate PKIs, which asks whether it is possible to efficiently test CRL membership of a given certificate in the same order of computational complexity as in conventional PKIs (that is, by a simple and fast binary search over the set of revoked PKI members). Any solution to this problem is of particular interest when it does not introduce unacceptable compromises on other important properties such as security and privacy. We start by formally defining vehicular networks and a number of security, privacy and performance requirements for them. Then we demonstrate that for PKIs based on general classes of efficient algorithms, containing binary search over totally ordered sets and approximate nearest neighbor search over metric spaces, a solution to the efficient CRL search problem can be used to violate privacy. Finally, we present and analyze new solutions that simultaneously solve the efficient cRL search problem and satisfy privacy requirements by allowing all vehicles to locally (i.e., with minimal help from the CA) and consistently (i.e., with the same results across all vehicles) manage their CRLs. Using these ideas, we can maintain security and privacy properties while reducing the CRL membership testing time to logarithmic in the number of revoked vehicles, which is essentially the same performance that one obtains with conventional PKIs where privacy is not required.
- }}http://ivc.ep.ch/.Google Scholar
- }}http://en.wikipedia.org/wiki/Vehicle-infrastructure-integration.Google Scholar
- }}http://www.traficviolationlawfirms.com/Statistics.cfm.Google Scholar
- }}Bibliography on secure vehicular communications. http://bbcr.uwaterloo.ca/ rxlu/sevecombib.htm.Google Scholar
- }}M. Bellare, R. Canetti, and H. Krawczyk. Keying hash functions for message authentication. In CRYPTO, pages 1--15, 1996. Google ScholarDigital Library
- }}J. Y. Choi, M. Jakobsson, and S. Wetzel. Balancing auditability and privacy in vehicular networks. In Q2SWinet, pages 79--87, 2005. Google ScholarDigital Library
- }}G. DiCrescenzo, T. Zhang, and S. Pietrowicz. Anonymity notions for public-key infrastructures in vehicular networks. In IEEE International Conference on Mobile, Ad-hoc and Sensor Systems (MASS), pages 1--6, 2007.Google Scholar
- }}W. Diffle and M. Hellmann. New directions in cryptography. IEEE Transactions on Information Theory, IT-22(6), 1976.Google Scholar
- }}R. H. Eric Rescorla, John Kelsey and D. Whiting. Vehicle safety communications consortium, final report to national highway traffic safety administration of the us department of transportation, appendix h: Wave/dsrc security. April 2006.Google Scholar
- }}O. Goldreich. Foundations of cryptography: a primer. Found. Trends Theor. Comput. Sci., 1(1):1--116, 2005. Google ScholarDigital Library
- }}O. Goldreich, S. Goldwasser, and S. Micali. How to construct random functions. J. ACM, 33(4):792--807, 1986. Google ScholarDigital Library
- }}F. Kargl, P. Papadimitratos, L. Buttyán, M. Muter, B. Wiedersheim, E. Schoch, T.-V. Thong, G. Calandriello, A. Held, A. Kung, and J.-P. Hubaux. Secure vehicular communication systems: Implementation, performance, and research challenges. CoRR, abs/0912.5393, 2009.Google Scholar
- }}X. Lin, R. Lu, C. Zhang, H. Zhu, P.-H. Ho, and X. S. Shen. Security in vehicular ad hoc networks. IEEE Communications Magazine, April 2008. Google ScholarDigital Library
- }}G. T. M. El Zarki, S. Mehrotra and N. Venkatasubramanian. Security issues in a future vehicular network. In European Wireless, February 2002.Google Scholar
- }}P. Papadimitratos and A. Kung. Privacy and identity management for vehicular communication systems: A position paper. In In Proceedings of Workshop on Standards for Privacy in User-Centric Identity Management, 2006.Google Scholar
- }}S. Pietrowicz, H. Shim, G. DiCrescenzo, and T. Zhang. Vdtls - providing secure communications in vehicle networks. In IEEE Infocom Workshops, pages 1--6, 2008.Google ScholarCross Ref
- }}M. Raya and J.-P. Hubaux. The security of vehicular ad hoc networks. In ACM CCS SASN Workshop, pages 11--21, 2005. Google ScholarDigital Library
- }}M. Raya and J.-P. Hubaux. Securing vehicular ad hoc networks. Journal of Computer Security, 15(1):39--68, 2007. Google ScholarCross Ref
- }}B. Schneier. Applied cryptography (2nd ed.): protocols, algorithms, and source code in C. John Wiley & Sons, Inc., New York, NY, USA, 1995. Google ScholarDigital Library
- }}R. G. White, S. Pietrowicz, E. van den Berg, G. DiCrescenzo, D. Mok, R. Ferrer, T. Zhang, and H. Shim. Privacy and scalability analysis of vehicular combinatorial certificate schemes. In 6th IEEE Conference on Consumer Communications and Networking Conference, pages 624--628, 2009. Google ScholarDigital Library
Index Terms
- Efficient CRL search in vehicular network PKIS
Recommendations
Efficient Certificate Revocation List Organization and Distribution
In this paper, we propose a lightweight mechanism for revoking security certificates that is appropriate for the limited bandwidth and hardware cost constraints of a VANET. A Certificate Authority (CA) issues certificates to trusted nodes, i.e., ...
Optimizing Pseudonym Updation in Vehicular Ad-Hoc Networks
Transactions on Computational Science IVA vehicle can be tracked by monitoring the messages broadcast from it. The broadcast by a source contains its current identity and also allows estimation of its location by receivers. This mapping between the physical entity and the estimated location ...
Performance evaluation on CRL distribution using flooding in mobile ad hoc networks (MANETs)
ACM-SE 43: Proceedings of the 43rd annual Southeast regional conference - Volume 2In PKI (Public Key Infrastructure), certificate revocation list (CRL) carries important information of the revoked certificates. Users need to check with this CRL frequently to make sure that the certificate in consideration is still valid and has not ...
Comments