vespa vehicular security and privacy preserving
play

VeSPA: Vehicular Security and Privacy-preserving architecture N. - PowerPoint PPT Presentation

Introduction Future Challenges for VC VeSPA Analysis of VeSPA Future Work VeSPA: Vehicular Security and Privacy-preserving architecture N. Alexiou M. Lagan` a S. Gisdakis M. Khodaei P. Papadimitratos School of Electrical Engineering,


  1. Introduction Future Challenges for VC VeSPA Analysis of VeSPA Future Work VeSPA: Vehicular Security and Privacy-preserving architecture N. Alexiou M. Lagan` a S. Gisdakis M. Khodaei P. Papadimitratos School of Electrical Engineering, KTH, Sweden surname@kth.se HotWiSec13’ April 19, 2013 1 / 20

  2. Introduction Future Challenges for VC VeSPA Analysis of VeSPA Future Work Table of Contents Introduction Status and current Directions for VC Future Challenges for VC List of Future Challenges VeSPA Architecture & Operation Analysis of VeSPA Efficiency & Privacy Improvements Future Work Ongoing Work and Future Directions 2 / 20

  3. Introduction Future Challenges for VC VeSPA Analysis of VeSPA Future Work Vehicular Communications • Vehicular Communications (VC) • Vehicles propagate information for Safe-Driving • Location, Velocity, angle • Hazardous warnings • Emergency break etc. • Cooperative awareness through beaconed status messages and event-triggered warnings • ..Security in VC? • Assure legitimate vehicles propagate information • Secure integrity of information Image source: C2C-CC 3 / 20

  4. Introduction Future Challenges for VC VeSPA Analysis of VeSPA Future Work Digital Signatures for VC • Vehicles hold Private-Public Key pair • Unique pair to each vehicle • Digital Signature of the messages • Authentication • Integrity • Non-repudiation • Vehicular Public Key Infrastructure (VPKI) • To assign credentials • Propagate trust Image Source: Secure Vehicular Communication Systems: Design and Architecture, P. Papadimitratos et al 4 / 20

  5. Introduction Future Challenges for VC VeSPA Analysis of VeSPA Future Work Privacy in VC • Packets signed using same credentials can be trivially linked • Solution: • Offer multiple short-lived credentials (Pseudonyms (PS)) • Pseudonyms valid for unique time periods • Sign packets with valid pseudonyms • Cryptographic operations in a Hardware Security Module • Extend the VPKI to support Pseudonyms 5 / 20

  6. Introduction Future Challenges for VC VeSPA Analysis of VeSPA Future Work Current Status: Overview • Credential management in Vehicular Communications (VC) • Long-term Credentials for accountability and Authentication • Short-lived Pseudonyms for anonymity and Location Privacy • A VPKI to support credential management • VPKI Architecture: • LTCA: Issuer of Long-term Credentials • PCA: Issuer of Pseudonymous Credentials • RA: Resolution Authority • VPKI Protocols: • Pseudonym provision: Refresh pool of pseudonyms • Pseudonym Resolution: De-anonymize misbehaving vehicles • Car accident, violation of traffic regulation, police request • Pseudonym revocation: Revoke the misbehaving pseudonyms • Main Suspects: SEVECOM, C2C-CC, PRESERVE, 1609 family of standards WAVE, ETSI 6 / 20

  7. Introduction Future Challenges for VC VeSPA Analysis of VeSPA Future Work Table of Contents Introduction Status and current Directions for VC Future Challenges for VC List of Future Challenges VeSPA Architecture & Operation Analysis of VeSPA Efficiency & Privacy Improvements Future Work Ongoing Work and Future Directions 7 / 20

  8. Introduction Future Challenges for VC VeSPA Analysis of VeSPA Future Work Future Challenges for VC • Implement an efficient VPKI prototype according to the standard • How to enhance privacy towards the infrastructure • Envision support for future vehicular services • Safety as a service, not the target application • Location based services, Pay-as-you-drive systems • Enhance current VPKI to support vehicular services • AAA solution with current VPKI architecture as the starting point • Authentication: Legitimate part of the system • Authorization: Right to access a service • Accountability: Track of consumption 8 / 20

  9. Introduction Future Challenges for VC VeSPA Analysis of VeSPA Future Work Table of Contents Introduction Status and current Directions for VC Future Challenges for VC List of Future Challenges VeSPA Architecture & Operation Analysis of VeSPA Efficiency & Privacy Improvements Future Work Ongoing Work and Future Directions 9 / 20

  10. Introduction Future Challenges for VC VeSPA Analysis of VeSPA Future Work VeSPA: Vehicular Security and Privacy-preserving Architecture • “Kerberized” version of a VPKI • Efficient VPKI Credential Management Architecture • Enhanced VPKI design with respect to privacy • Cryptographic tickets to support AAA • Tickets: • tkt = Sig LTCA([ te ] , { S 1 } , . . . , { Sn } ) • Carrier of service subscription information • Anonymous proof of access to obtain pseudonyms • Authorization and Authentication to the PCA • Limited lifetime dependent on vehicle subscription to the service • Revocable upon misbehavior 10 / 20

  11. Introduction Future Challenges for VC VeSPA Analysis of VeSPA Future Work VeSPA: Operation • AAA check at LTCA • LTCA issues ticket • 73 , 5 msec /ticket • Ticket per service/access • Increased anonymity set • Low overhead introduced • Ticket received • Request for new pseudonyms • Communication over TLS (one-way authentication) 11 / 20

  12. Introduction Future Challenges for VC VeSPA Analysis of VeSPA Future Work VeSPA: Protocols Pseudonym Provision: Resolution Protocol: • V − • RA − → PCA : Sig RA ( P i → LTCA : Sig kv ( t 1 , Request) � LT v v , t 1 ) • LTCA − • PCA − → V : tkt → RA : Sig PCA ( tkt , t 2 ) • V − • RA − → PCA : t 3 , tkt , { K 1 v ,..., K n v } → LTCA : Sig RA ( tkt , t 3 ) • PCA − • LTCA − → V : t 4 , { Ps 1 v ,..., Ps n v } → RA : Sig LTCA ( LT v , t 4 ) 12 / 20

  13. Introduction Future Challenges for VC VeSPA Analysis of VeSPA Future Work Table of Contents Introduction Status and current Directions for VC Future Challenges for VC List of Future Challenges VeSPA Architecture & Operation Analysis of VeSPA Efficiency & Privacy Improvements Future Work Ongoing Work and Future Directions 13 / 20

  14. Introduction Future Challenges for VC VeSPA Analysis of VeSPA Future Work Implementation Details • OpenCA for cryptographic operations • ECC-256 keys for digital certificates • 1609.2 standard compatible • Separate machines for each entity: • Intel Xeon 3.4 GHz, 8 GB RAM • System scales up with more machines or.. • stronger equipment • Communications over encrypted TLS channel (one-way authentication) • Authentication of server • Confidentiality 14 / 20

  15. Introduction Future Challenges for VC VeSPA Analysis of VeSPA Future Work Increased Privacy against the VPKI 15 / 20

  16. Introduction Future Challenges for VC VeSPA Analysis of VeSPA Future Work Privacy against the Infrastructure 16 / 20

  17. Introduction Future Challenges for VC VeSPA Analysis of VeSPA Future Work Pseudonym Provision Efficiency 18 Preparing the Request 16 Entire Operations on the Server Entire Communication Verification and Storage 14 Latency [seconds] 12 10 8 6 4 2 0 1 10 20 50 100 200 500 1000 Number of Pseudonyms Infrastructure, Vehicle, Communications Efficiency vs number of requested pseudonyms 17 / 20

  18. Introduction Future Challenges for VC VeSPA Analysis of VeSPA Future Work Pseudonym Revocation Efficiency 3600 Preparing the Request Entire Operations on the Server 3200 Entire Communication Verification and Storage 2800 Latency [milliseconds] 2400 2000 1600 1200 800 400 0 1 10 100 1000 10,000 100,000 Number of Revoked Pseudonyms in CRL Infrastructure, Vehicle, Communications Efficiency vs number of revoked pseudonyms 18 / 20

  19. Introduction Future Challenges for VC VeSPA Analysis of VeSPA Future Work Table of Contents Introduction Status and current Directions for VC Future Challenges for VC List of Future Challenges VeSPA Architecture & Operation Analysis of VeSPA Efficiency & Privacy Improvements Future Work Ongoing Work and Future Directions 19 / 20

  20. Introduction Future Challenges for VC VeSPA Analysis of VeSPA Future Work Overview & Future Work VeSPA: • Efficient VPKI Prototype according to the standards • Increased Privacy to towards the infrastructure • Enhanced VPKI with AAA capabilities • A VPKI able to support vehicular services Ongoing Work: • Integration of Anonymous Authentication Mechanisms • Extensions to support multi-Domain VPKI architectures 20 / 20

Recommend


More recommend