Security and Privacy in Vehicle Communications

 

Summary:  Vehicle networks (VNETs) are expected to be one of the next wave of information technology, which will transform people’s experiences on the wheel through information services relating to driving safety and other appealing applications. The success of VNETs heavily relies on solving the security and privacy issues in car-to-car or car-to-roadside communications. Our research in this area has been addressing a few most important yet challenging issues. The challenges come from unique VNET characteristics, including: short connection time due to high speed, large amount of participating vehicles, a distinctive variety of applications, and a various security threats.  The research efforts are summarized below.

1. Secure and privacy-preserving protocol design.   

In many cases, security may bear opposite goals as privacy. For examples, authentication may conflict with the user’s identity privacy; a series authentication and association may reveal the trajectory of the cars, violating location privacy; location verification of the reported events and the transmitting venues may conflict with location privacy as well. To address the need for both security and privacy, we took an approach that considers jointly the two conflicting requirements in protocol design. This has resulted in the following novel pieces of work. 

(a) We developed a privacy-preserving quick authentication architecture and three schemes using different security primitives in realizing the architecture.  The architecture shifts the common paradigm of authentication that goes back to home networks to a new paradigm of authentication that performs at the access points at roadsides. This allows the architecture to reduce the number of authentication messages, leading to one-third shorter authentication response time when roaming, which gives data traffic more time in using the short connection time.  This architecture assumes background security check of roadside APs. Analysis on the security and privacy properties of the three schemes can provide security guarantees under some strong security threats with strengthened privacy and reduced authentication time.

(b) We developed a secure relative location protocol to prevent the adversary from tracking a vehicle’s motion. There are two reasons we used relative location. One is that GPS data is less useful for fast moving cars, also GPS system can be unavailable or vulnerable to malicious attacks. The other is that the nodes’ relative locations among surrounding vehicles can provide equivalent functions as GPS does, e.g., to help verifying a message source, making them a good alternative to GPS information.  The key protocol development is to solve the security issues in determining the relationship in neighborhood topology, and defending malicious attacks. Our analysis and simulation results show a few more advantages, e.g., lightweight, resistant to fake location claims, and decentralized.

 

2. Secure trustworthy communication architecture.

A proactive approach can be essential in pursuing the prediction and prevention that aims at delivering timely security support for safe driving application. With collaborators, we took a new look at the distinctive VNET situations and quick changes between the situations, and  developed a novel concept called situation aware trust (SAT) and an architecture to realize it. Among many components in the SAT architecture, one key component is the policy groups in corresponding to the security and privacy requirements and configurations for the situations in order to achieve both communication security and data correctness. The policy group can be constructed flexibly to generate corresponding keys.  The attribute based cryptography enables keys to be calculated and distrusted, either off-line or on-line, wining the time for emergency and situation changes. This architecture not only greatly reduces the trust management overhead in VNETs, but also includes components to transform trust from Internet social communities and to handle exceptional infrastructure failure situations.

Lei Tang*, Xiaoyan Hong, Phillip Bradford, “Privacy-preserving Secure Relative Localization in Vehicular Networks". Security and Communication Networks, Special Issue on  Security and Privacy in Vehicular Networks, John Wiley and Sons Ltd., to appear, 2008.

Xiaoyan Hong, Dijiang Huang, Mario Gerla, Zhen Cao, “SAT: Building New Trust Architecture for Vehicular Networks", The Third International Workshop on Mobility in the Evolving Internet Architecture (MobiArch'08), ACM SIGCOMM workshop, Seattle, WA. August 22, 2008.

Lei Tang*, Xiaoyan Hong, Phillip G. Bradford, “Secure Relative Location Determination In Vehicular Network,” in Proceedings of 2nd International Conference on Mobile Ad-hoc and Sensor Networks (MSN 2006),  Hong Kong, China, Dec 2006.   

Jun Liu*, Xiaoyan Hong, Qunwei Zheng*, Lei Tang*, “Privacy-Preserving Quick Authentication in Fast Roaming Networks”, in Proceedings of IEEE Conference on Local Computer Networks (LCN), Workshop on Network Security, Tampa, FL, Nov. 14-17,  2006.