Implementation and Evaluation of Certificate Revocation List Distribution for Vehicular Ad-hoc Networks - PowerPoint PPT Presentation

1 / 27
About This Presentation
Title:

Implementation and Evaluation of Certificate Revocation List Distribution for Vehicular Ad-hoc Networks

Description:

Excluding compromised, faulty or illegitimate nodes ... T. Holczer, E. Schoch, J. Freudiger, M. Raya, Z. Ma, F. Kargl, A. Kung, and J. ... – PowerPoint PPT presentation

Number of Views:39
Avg rating:3.0/5.0
Slides: 28
Provided by: me6272
Category:

less

Transcript and Presenter's Notes

Title: Implementation and Evaluation of Certificate Revocation List Distribution for Vehicular Ad-hoc Networks


1
Implementation and Evaluation of Certificate
Revocation List Distribution for Vehicular Ad-hoc
Networks
  • Petra Ardelean
  • Advisor Panos Papadimitratos

2
Vehicular Ad-hoc Network (VANET)
  • Designed to provide safety and comfort for
    passengers
  • Using asymmetric cryptography
  • Certificate Authority (CA) issues certificates
  • Signature verification using the public key

3
Problem description
  • CRLs are needed for
  • Excluding compromised, faulty or illegitimate
    nodes
  • Preventing the use of compromised cryptographic
    material
  • How to distribute large CRLs in a reasonable time
    with low bandwidth utilization?

4
State of the art (1)
  • Papadimitratos et al, Certificate Revocation List
    Distribution in Vehicular Communication Systems
    1
  • The CA uses the infrastructure (RSUs) to send the
    CRLs to the vehicles
  • Use encoding mechanisms for redundancy

5
State of the art (2)
  • K. Laberteaux et al, Security Certificate
    Revocation List Distribution for VANET 2
  • RSUs used as the first phase of the dissemination
  • Vehicles broadcast CRL updates to other vehicles

6
State of the art (3)
  • P. Papadimitratos et al, Secure Vehicular
    Communications Design and Architecture 3
  • Revocation Protocol of the Tamper-Proof Device
    (RTPD)
  • Revocation Protocol using Compressed Certificate
    Revocation (RCCRL)
  • Distributed Revocation Protocol (DRP)

7
General concept
CRL Distribution System
RSU3
RSU2
RSU1
8
CRL Distribution System
CA (1) Generate CRL (2) Encode the CRL (3) Sign
each piece from (2)
  • Network Communication
  • Compute how many pieces from (3) should be sent
    to each RSU
  • Send the pieces to the RSUs

9
The Encoding
10
Vehicle Receiving CRLs
Packet format sent to the RSUs
CRL version
Time stamp
Sequence number
CA ID
Encoded CRL piece
Signature CA private key
1. Verify signature
2. Store CRL piece
3. If enough pieces stored, decode, i.e.
reconstruct the CRL
11
Implementation
  • C implementation
  • Using openSSL cryptographic library for
  • Generating the CRLs
  • Signing and verifying the encoded pieces
  • Using Rabins algorithm as an erasure code

12
ImplementationNetwork Communication
  • Configuration file with the RSUs IP addresses
  • Source routing to send random pieces to each RSU
  • Encoded pieces sent in UDP packets

13
Rabins algorithm - Encoding
CRL
N x L
B
W
M x L
14
Rabins algorithm - Decoding
-1
W
M x L
A
M x M
B
M x L
CRL
15
Evaluation Settings (1)
random encoded pieces
RSU
random encoded pieces
RSU
CRL Distribution System
random encoded pieces
RSU
16
Evaluation Settings (2)
Laptop configuration
CPU Intel 1.8 GHz
Operating System Linux
Library OpenSSL 0.9.8g
Compiler gcc 4.1.2
Wireless card 802.11b
AP configuration
Bit rate 5.5 Mbps
17
Evaluation Purposes
  • Examine the system performance by
  • varying the CRL size
  • varying the encoding vectors number and length

18
Evaluation Results (1)
  • Figures
  • show 95 confidence intervals
  • 100 iteration for each experiment
  • M and N variations
  • M ? 25,100, increasing by 25
  • N chosen as the redundancy factor is r N/M is
    1.5
  • Velocity 3 km/h

19
Evaluation Results (2)
20
Evaluation Results (2)
21
Evaluation Results (2)
  • The encoding vectors should be chosen in
    concordance with the CRL size

22
Evaluation Results (3)
23
Evaluation Results (3)
  • The time to reconstruct the original CRL is
    inverse proportional with the redundancy factor

24
Conclusion
  • First implementation of a CRL distribution system
    for VANET
  • Performance measurements conducted on the system

25
Further work
  • Compare the experimental results with simulation
    results
  • Integrate the CRL Distribution system into the
    Vehicular Communication project

26
Thank you
  • Questions?

27
Bibliography
  • 1 P. Papadimitratos, G. Mezzour, and J.-P.
    Hubaux, Certificate Revocation List Distribution
    in Vehicular Communication Systems, short paper,
    ACM VANET 2008, San Francisco, CA, USA, September
    2008
  • 2 K. Laberteaux, J. Haas, and Y-C Hu, Security
    Certicate Revocation List Distribution for VANET,
    ACM VANET, San Francisco, CA, USA, September 2008
  • 3 P. Papadimitratos, L. Buttyan, T. Holczer, E.
    Schoch, J. Freudiger, M. Raya, Z. Ma, F. Kargl,
    A. Kung, and J.-P. Hubaux, Secure Vehicular
    Communications Design and Architecture, IEEE
    Communications Magazine, November 2008
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Implementation and Evaluation of Certificate Revocation List Distribution for Vehicular Ad-hoc Networks" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!