Title: New Card Based Scheme to Ensure Security and Trust in Vehicular Communications
1New Card Based Scheme to Ensure Security and
Trust in Vehicular Communications
2- Introduction
- Authentication Requirement in VANET
- Related Work
- Trusted Security Module in VANET
- Proposed Card-based Scheme
- Conclusion
- References
- QA
OVERVIEW
2
3- Vehicular ad-hoc network is a special kind of
network in which nodes (Vehicles) can communicate
with each other on the road and with its
Infrastructure.
V2I
3
4VANET APPLICATIONS
- Safety Applications
- Non Safety Applications
Work Zone Warning!!!
Work Zone Warning!!!
Work in Progress Plz! use Alt. route
Shopping MALL
Parking Slot Available!!!
Parking Slot Available!!!
RSU
4
5VANET Security requirement
Authentication
Integrity
Confidentiality
Availability
5
6VANET User requirement
Security
Privacy
Trust
6
7trust
- an entity can be trusted if it always behaves in
the expected manner for intended purpose. - all components of the network (vehicles and
infrastructure) are behaving in an - expected manner
- (secure communication between the components) and
serve the users and save human lives.
7
8authentication requirement in VANET
- Authentication is an open issue and key security
requirement in vehicular network and all
applications are required to be authenticated. - Authentication is needed for most tasks for
sending critical messages to other vehicle or
getting some services from the network. - Authentication is required in two different
cases. - if users send or receive safety messages in
network, it should be authenticated first by a
valid user. - when user needs any service from service
providers (SP), they should check the user
information from its own billing server which
later charges the users for the use of any sort
of services/resources.
8
9RELATED WORK
- Authentications types in VANET
- Message Authentication
- Broadcast Message Authentication
- Pairwise Message Authentication
- GroupWise Message Authentication
- Vehicle Authentication
- Road Side Unit (RSU) Authentication
- Authentication requirement for Business
Transaction - Prepaid Package (Pay before use)
- Post-paid Package (use After pay)
9
10Trusted security module
- Trusted Platform module (TPM) is a hardware chip
and it is the core component of the Trusted
Computing Group (TCG). - TPM provides cryptographic functions, secures
storage of secret data and provides the basis to
fulfil major security requirements.
10
11TPM functionalities
- Low Cost
- TPM is a low cost security module as compared to
temper proof device (TPD) - Resist Software Attacks
- TPM can resist software attacks but it cannot
control hardware tempering. - Ownership
- TPM_takeownership command creates ownership of
the vehicle. Whenever user buys new vehicle, the
authority will assign it to be the owner of that
particular vehicle. When the vehicle is sold out
then we need to change ownership to the new user.
- Cryptographic Functions TPM provides
cryptographic function and also ensures the data
integrity in the network through cryptographic
components (SHA-1 Engine, RSA and Random Number
Generator). - Root of Trust
- Root of trust for measurement (RTM)
- Root of trust for Reporting (RTR)
- Root of Trust for Storage (RTS)
11
12Proposed Card-based Scheme
- Authentication is more complex task in vehicular
network compared to any fixed network due to
dynamic nature of its topology. Our scheme is
based on fixed infrastructure which is called
vehicular Service Providers (VSP). - VSP issues secret cards with different time
durations like one month, two month, and six
month. When the users need to do is only to enter
a 16 digits secret code into the vehicle unit and
then communicate with vehicular Service Providers
server. - The VSP server will verify the secret code
through an integrity verification process and
after verification has been completed, it will
activate the PCA at the user vehicle to generate
certificates for some specific time duration. - Objective of this propose scheme to solve the
problem of authentication and users should be
authentic while they join network on road and
taking services.
12
Proposed Card Based Scheme
1316 Digit Secret Code
- First 8 digit uses for PCA is taken from a smart
card inserted to the vehicle unit by this way, we
eliminate the need for connecting with the PCA
and sending request for certificate and key for
singing the messages. - In this scenario, a vehicle A signs a message
with TPM signing (SK) key, attach valid AIK
certificate and signature inside the VPS security
tag and broadcast this message to other vehicles.
- Every other vehicle checks this message that
comes with security VPS tag. If VPS tag is exist
with message, its means this message is secure
and properly signs with TPM signing key (SK). - Every time TPM generates one signing key and
sends request to storage area for AIK
certificate. By frequently changing the signing
key and AIK, it maintains the security in the
system.
First Part
Second Part
16 digit secret codes
13
Process mechanism of Card-based Scheme
14Secure communication
First Part
- shows the authentic warning message with security
tag. Because of the VPS signature certificate, it
can be seen that it would be difficult for an
attacker to change the security tag. - shows how an ideal secure and trusted
communication between the vehicles would take
place using the proposed scheme.
Safety message with VPS Security Tag
Secure communication between the vehicles
14
15Secure Business Communication
Second Part
- Next 8 digit secret codes is used for business
related applications such as taking some services
and paying money for these services like
telephone and internet services on road. - vehicle A sends request for internet access on
road, so authentication and billing sever
authenticates the user together with its billing
information. After that the VPS server gathers
some more parameters such as speed, position and
direction of the requesting vehicle. - If the user of the vehicle fulfils all
requirements, the VSP server provides required
road services. Another vehicle C may also sends
request for any other services, and the same
procedure will be followed for serving the
required services.
15
Authentication in Business Communication
16unique features of proposed scheme
- It is based on card which has 16 digit secret
code that provides security based on trusted
platform module (TPM) for signing safety messages
and for business transactions. - The storage area is proposed inside vehicle for
saving security keys and billing information. It
eliminates the dependency on external storage
device(memory stick) that should not use for the
storage of users information. - Users do not depend on external party for
authentication in dynamic topology vehicular
communication network. - Message tag contains signature and certificate
that make difficult for attackers to alter the
tag. - proposed scheme is based on TPM and it is low
cost security device and develop the chain of
trust in vehicular network.
16
17Conclusion
- Security and trust are two main users
requirements for trusted vehicular network. - In vehicular communications, when user receives
any safety message, it should be authentic, and
that the requesting source is valid. - In vehicular communications, when user receives
any safety message or non safety message, it
should be authentic. - Authentication is require for sending and
messages and also for business transaction. - Proposed scheme are based on TPM and provides
user authentication requirement in network while
communicating with other vehicle and also taking
service from any service providers. - We hope proposed scheme will be helpful for
solving the problem of authentication in high
speed vehicular environment.
17
18Thank you..
18
19Conference Paper
- Saudi International Electronics, Communications
and Photonics Conference (SIECPC)- 2011 - Complete paper is available on IEEE and Research
gate. - Please download complete research paper from
research gate.
19