privacy in vehicular ad hoc networks
play

Privacy in Vehicular Ad-hoc Networks Nikolaos Alexiou, LCN, EE KTH - PowerPoint PPT Presentation

Nov 05, 2023 •270 likes •703 views

Privacy in Vehicular Ad-hoc Networks Nikolaos Alexiou, LCN, EE KTH alexiou@kth.se 2/10/2012 Outline Introduction VANETs: an overview VANET privacy - Anonymity - Location Privacy - VPKI Privacy Attacks Countermeasures

  1. Privacy in Vehicular Ad-hoc Networks Nikolaos Alexiou, LCN, EE KTH alexiou@kth.se 2/10/2012

  2. Outline •Introduction •VANETs: an overview •VANET privacy - Anonymity - Location Privacy - VPKI •Privacy Attacks •Countermeasures •Conclusion 2012-10-04 Illustrations from Car2Car Consortium, unless specified otherwise

  3. VANETs: An overview 2012-10-04

  4. VANETs: An overview (cont'd) •V2V Communications: - Safety applications - Location Based Services - Proprietary Applications •Two types of messages: - Cooperative Awareness Messages (CAM) - Decentralized Enviromental Notification Messages (DENM) 2012-10-04

  5. VANETs: An overview (cont'd) •CAM messages: - Beacons, periodically sent - Basic status information (speed, location, acceleration, vehicle identifier ) - Very important for safety applications - A vehicle's neighborhood receives these messages •DENM messages: - Report information related with events - Sent on event detection - Contain: event location, timestamp etc - Usually distributed to many vehicles over a large area 2012-10-04

  6. VANETs: An overview (Cont'd) •V2I Communications: - Vehicle to RSU (Road Side Units) - VANET Services: • Location based Safety Applications • • Proprietary: eg Tolling Systems - Privacy Services - 802.11p / LTE 2012-10-04

  7. Privacy & threats?

  8. V2V/V2I communications •V2V and V2I communications expose sensitive data: - To other vehicles - Eavesdroppers - To infrastructure •[1] CAM messages contain information such as: - Direction to be taken - Vehicle length - Vehicle width - Occupancy (passengers as percentage) •Anonymity: conceal identity •Location Privacy: position cannot be systematically recorded [1]ETSI TS 102 637-2 V1.2.1 (2011-03) Picture:P. Papadimitratos, L. Buttyan, T. Holczer, E. Schoch, J. Freudiger, M. Raya, Z. Ma, F. Kargl, A. Kung, 2012-10-04 and J.-P. Hubaux, "Secure Vehicular Communication Systems: Design and Architecture," IEEE Communications Magazine, November 2008.

  9. Authentication in VANETs •Each vehicle should be identifiable - To develop services and applications - To issue tickets - To resolve accidents •Vehicle authentication can be achieved using a PKI → the Vehicular PKI (VPKI) •Each vehicle will store: - private keys to sign packets - public keys signed by a CA (eg the car manufacturer) • Certificates For other vehicles and infrastructure to verify packets • 2012-10-04

  10. VANET Privacy (Cont'd) image: P. Papadimitratos, L. Buttyan, T. Holczer, E. Schoch, J. Freudiger, M. Raya, Z. Ma, F. Kargl, A. Kung, J.-P. Hubaux, 2012-10-04 Secure Vehicular Communication Systems: Design and Architecture

  11. Generally about privacy: Why? •If you have nothing to hide, why do you need privacy? •If I have nothing to hide, you have no cause to watch me. •Who defines what is wrong behavior or not? Bruce Schneier on Security, Chapter 4: Privacy and Surveillance 2012-10-04

  12. So far we know: •V2V/V2I communications leak information •Privacy threat - Anonymity - Location Privacy •VPKI needed to authenticate vehicles - Certificates from a trusted CA •The next question is... 2012-10-04

  13. How to protect privacy in VANETs?

  14. Pseudonyms: Anonymity •Pseudonyms to provide anonymity •Where and how to store pseudonyms at the car? - Hardware Security Module (HSM) - Tamper-Proof crypto device - Corner stone of in-vehicle security •How to obtain pseudonyms? •How to protect location privacy? •Why need many pseudonyms? 2012-10-04

  15. Pseudonyms: Location Privacy Each pseudonym is valid for a specific period of time 2012-10-04

  16. The VANET Architecture •Vehicular Public Key Infrastructure - pseudonyms signed by CA Pseudonym Certification • Authority (PCA) - Why? Trust in signatures • •PCA per manufacturer? •Hierarchical VPKI - Cross-certification between countries 2012-10-04

  17. How to generate pseudonyms? •Each vehicle can generate a set of: - Private/Public keys in the HSM - A large set of keys (e.g to be enough for a week) - Short life-time • Each needed for a limited number of beacons •Public keys need to be signed by a CA - Send over wireless to be signed •Private keys stay in the HSM •Pseudonymous Certificates: A signature of a CA over each of the public keys 2012-10-04

  18. A first bad VPKI architecture example

  19. Pseudonymous Certificates PCA EPuKpca{Sigv(Alexiou, KBZ 5567,t),Certv(PuKv)}* EPuKv{Sigpca(Sheldon1)...Sigpca(Sheldonx)}* *This is just an illustration example 2012-10-04

  20. Pseudonymous Certificates (Cont'd) PCA EPuKpca{Sigv(Alexiou, KBZ 5567,t),Certv(PuKv)}* EPuKv{Sigpca(Sheldon1)...Sigpca(Sheldonx)}* Preserves location privacy and anonymity for V2V The PCA knows who (alexiou) and which (pseudonyms) 2012-10-04

  21. Pseudonymous Certificates (Cont'd) •The vehicle should be protected against the infrastructure •The PCA must NOT learn the identity of the vehicle or the driver •To achieve that, another authority is needed •Long Term Certification Authority (LTCA) - Holds real information of the vehicle (and possibly the drivers) •The new architecture - LTCA: knows only real identities - PCA: knows only pseudonyms 2012-10-04

  22. A better VPKI architecture example

  23. Pseudonymous Certificates (Cont'd) PCA EPuKpca{EPuKLTCA(Alexiou, KBZ 5567,t),Certv(PuKv)}* LTCA EpuK_ltca(Alexiou,KBZ5567,t) OK (You can grant pseudonyms) EPuKv{Sigpca(Sheldon1)...Sigpca(Sheldonx)}* SK_pca PuK_pca SK_ltca PuK_ltca 2012-10-04

  24. Pseudonymous Certificates (Cont'd) PCA EPuKpca{EPuKLTCA(Alexiou, KBZ 5567,t),Certv(PuKv)}* LTCA EpuK_ltca(Alexiou,KBZ5567,t) OK (You can grant pseudonyms) EPuKv{Sigpca(Sheldon1)...Sigpca(Sheldonx)}* SK_pca PuK_pca Doesn't know who SK_ltca PuK_ltca Doesn't know which 2012-10-04

  25. Pseudonymous Certificates (Cont'd) PCA EPuKpca{EPuKLTCA(Alexiou, KBZ 5567,t),Certv(PuKv)}* LTCA EpuK_ltca(Alexiou,KBZ5567,t) OK (You can grant pseudonyms) EPuKv{Sigpca(Sheldon1)...Sigpca(Sheldonx)}* SK_pca PuK_pca Doesn't know who SK_ltca PuK_ltca Doesn't know which A possible threat?? 2012-10-04

  26. Pseudonym Resolution Resolution Authority Tell me which? PCA EPuKpca{EPuKLTCA(Alexiou, KBZ 5567,t),Certv(PuKv)}* LTCA EpuK_ltca(Alexiou,KBZ5567,t) OK (You can grant pseudonyms) EPuKv{Sigpca(Sheldon1)...Sigpca(Sheldonx)}* SK_pca PuK_pca Doesn't know who SK_ltca PuK_ltca Doesn't know which 2012-10-04

  27. Pseudonym Resolution Resolution Authority Tell me who? PCA EPuKpca{EPuKLTCA(Alexiou, KBZ 5567,t),Certv(PuKv)}* LTCA EpuK_ltca(Alexiou,KBZ5567,t) OK (You can grant pseudonyms) EPuKv{Sigpca(Sheldon1)...Sigpca(Sheldonx)}* SK_pca PuK_pca Doesn't know who SK_ltca PuK_ltca Doesn't know which 2012-10-04

  28. Pseudonym Resolution •When does the resolution happen? - Accidents - Misbehavior •Alternative resolution methods exist - [2]: encrypting vehicle's identity with Res. CA's PuK - Others: additional CA's for: • Misbehavior, Grant of Access, Legal Aspects [2] Kargl, F. ; Zhendong Ma ; Weber, M. , V-Tokens for Conditional Pseudonymity in VANETs 2012-10-04

  29. Pseudonym Revocation •Certificates will eventually expire •Vehicles may - Misbehave - Destroyed - Retired •Revocation of pseudonym certificates to prevent malicious behavior 2012-10-04

  30. Other Pseudonymous Schemes •Group Signatures - Hide the identity within a group of vehicles - Each vehicle stores: • A group secret key • A group public key Tokens for revocation • •Problems: - Efficiency - More difficult to handle revocations - Difficult to handle dynamic groups 2012-10-04

  31. Attacks against location privacy

  32. Tracking attacks: Location Privacy •Each beacon contains the vehicle's location/direction etc •Adversaries can collect the beacons •LP is highly dependable on the anonymity set - E.g. how many cars on the road? •Cannot assume that vehicles can change pseudonyms for each packet transmitted 2012-10-04

  33. Tracking attacks: Location Privacy •Change pseudonyms to avoid tracking •Beacon frequency e.g. 10Hz •Given that there are many cars on the road: - It should be very difficult to track a vehicle •Is this the case? - Multi-hypothesis testing, kalman filters 2012-10-04

  34. Multi-Hypothesis testing: An overview •Tracking as data association problem - Position & velocity •For each measurement a new set of data association hypothesis - Essentially guessing the next state •New measurements arrive •Probability of association of the guess to the measurement •Higher probability is chosen 2012-10-04

  35. Tracking Results Images: B. Wiedersheim, F. Kargl, Z. Ma, and P. Papadimitratos, 2012-10-04 “Privacy in Inter-Vehicular Networks: Why simple pseudonym change is not enough”

  36. Reasoning about Location Privacy •How to increase: - Increasing pseudonym changing frequency - Spatial noise • Impact on safety? •Adversarial models - Eavesdropper: needs many devices - Internal: is the most dangerous one •What else could be done? - Mixing zones 2012-10-04

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Security and Privacy in Vehicular Social Networks Hongyu Jin, Mohammad Khodaei, and Panos

Security and Privacy in Vehicular Social Networks Hongyu Jin, Mohammad Khodaei, and Panos

KTH ROYAL INSTITUTE OF TECHNOLOGY Security and Privacy in Vehicular Social Networks Hongyu Jin, Mohammad Khodaei, and Panos Papadimitratos Networked Systems Security Group (NSS) www.eecs.kth.se/nss Security and Privacy for Vehicular

385 views • 16 slides
Privacy in Wireless Networks privacy notions and metrics; privacy in RFID systems; location

Privacy in Wireless Networks privacy notions and metrics; privacy in RFID systems; location

Mobile Networks - Module H2 Privacy in Wireless Networks privacy notions and metrics; privacy in RFID systems; location privacy in vehicular networks; privacy preserving routing in ad hoc networks; Slides adapted from Security and

909 views • 55 slides
Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in

Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in

Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in vehicular networks; Security and Cooperation in Wireless Networks Georg-August University Gttingen Chapter outline 1 Important privacy related

1.12k views • 33 slides
>>>CLICK HERE<<< Vehicular Ad Hoc Networks Powerpoint Presentation New York

>>>CLICK HERE<<< Vehicular Ad Hoc Networks Powerpoint Presentation New York

Vehicular Ad Hoc Networks Powerpoint Presentation Vehicular ad hoc networks powerpoint presentation Fresno need someone to make my dissertation hypothesis on nursing philosophy now customewritting service write creative writing on divorce cheap.

165 views • 5 slides
An Ontology-Based Model for Vehicular Ad-hoc Networks Adrian Groza, Anca Marginean and Vlad

An Ontology-Based Model for Vehicular Ad-hoc Networks Adrian Groza, Anca Marginean and Vlad

Vehicular Ad-Hoc Networks Engineering the Vehicular Network Ontology Car Overtaking Scenario Conclusions An Ontology-Based Model for Vehicular Ad-hoc Networks Adrian Groza, Anca Marginean and Vlad Muresan Intelligent Systems Group Department

504 views • 24 slides
Breadcrumb Routing: Query-Response Geocast for Mobile Originators in Vehicular Networks IEEE

Breadcrumb Routing: Query-Response Geocast for Mobile Originators in Vehicular Networks IEEE

Institute of Operating Systems and Computer Networks Breadcrumb Routing: Query-Response Geocast for Mobile Originators in Vehicular Networks IEEE Vehicular Networking Conference 2014 Julian Timpner, Mario Wozenilek, Lars Wolf, December 3, 2014

820 views • 37 slides
Upcoming Wireless Networks and New Challenges Generalities Mesh networks Vehicular

Upcoming Wireless Networks and New Challenges Generalities Mesh networks Vehicular

Upcoming Wireless Networks and New Challenges Generalities Mesh networks Vehicular networks Security and Cooperation in Wireless Networks Georg-August University Gttingen Introduction Upcoming wireless networks: Personal

904 views • 42 slides
Vehicular Urban Sensing: Dissemination and Vehicular Urban Sensing: Dissemination and Retrieval

Vehicular Urban Sensing: Dissemination and Vehicular Urban Sensing: Dissemination and Retrieval

Vehicular Urban Sensing: Dissemination and Vehicular Urban Sensing: Dissemination and Retrieval UC Irvine, May 21, 2009 Mario Gerla Computer Science Dept, UCLA www.cs.ucla.edu/NRL Outline Vehicular Ad Hoc Networks (VANETs)

785 views • 59 slides
Location-Aware Protocols in Vehicular Networks Marco Gruteser WINLAB @ Rutgers University IAB

Location-Aware Protocols in Vehicular Networks Marco Gruteser WINLAB @ Rutgers University IAB

Location-Aware Protocols in Vehicular Networks Marco Gruteser WINLAB @ Rutgers University IAB Spring 2006 1 Intelligent Transportation System Applications Automotive safety Vehicular networks likely driver Key Applications

290 views • 18 slides
Modeling the Stream Rate of Vehicular Networks for Predictable Auto-Scaling of Edge-Cloud Systems

Modeling the Stream Rate of Vehicular Networks for Predictable Auto-Scaling of Edge-Cloud Systems

Modeling the Stream Rate of Vehicular Networks for Predictable Auto-Scaling of Edge-Cloud Systems Edgar ROMO, NDS Laboratory, CIC-IPN KerData Team, INRIA Introduction Context: Vehicular Networks connected to the Cloud Resources for APP x

304 views • 19 slides
A Privacy-preserving Pseudonym Acquisition Scheme for Vehicular Communication Systems Andreas

A Privacy-preserving Pseudonym Acquisition Scheme for Vehicular Communication Systems Andreas

A Privacy-preserving Pseudonym Acquisition Scheme for Vehicular Communication Systems Andreas Messing amessing@kth.se 1 Vehicular Communication Systems Smart Cities Self-driving Transportation Systems Vehicle-to-Vehicle

198 views • 19 slides
Geographic Centroid Routing for Vehicular Networks Effects of GPS Error on Geographic Routing

Geographic Centroid Routing for Vehicular Networks Effects of GPS Error on Geographic Routing

Geographic Centroid Routing for Vehicular Networks Effects of GPS Error on Geographic Routing Dr. Justin P. Rohrer jprohrer@nps.edu Naval Postgraduate School TaNCAD Lab ( https://tancad.net ) VEHICULAR June 25, 2018 Abstract Geographic

924 views • 48 slides
Secure and Privacy Preserving Vehicular Communication Systems: Identity and Credential Management

Secure and Privacy Preserving Vehicular Communication Systems: Identity and Credential Management

KTH ROYAL INSTITUTE OF TECHNOLOGY Secure and Privacy Preserving Vehicular Communication Systems: Identity and Credential Management Infrastructure Mohammad Khodaei Networked Systems Security Group (NSS) November 1, 2016 July 2, 2018

1.03k views • 38 slides
Temporal Privacy in Wireless Sensor Networks Temporal Privacy in Wireless Sensor Networks

Temporal Privacy in Wireless Sensor Networks Temporal Privacy in Wireless Sensor Networks

Temporal Privacy in Wireless Sensor Networks Temporal Privacy in Wireless Sensor Networks Pandurang Kamat, Wenyuan Xu, Wade Trappe and Yanyong Zhang WINLAB Rutgers University 1 Temporal Privacy in Sensor Networks Temporal Privacy in Sensor

280 views • 14 slides
Mobile Networks Module I Part 2 Securing Vehicular Networks Prof. J.-P. Hubaux 1 Outline

Mobile Networks Module I Part 2 Securing Vehicular Networks Prof. J.-P. Hubaux 1 Outline

Mobile Networks Module I Part 2 Securing Vehicular Networks Prof. J.-P. Hubaux 1 Outline Motivation Threat model and specific attacks Security architecture Security analysis Certificate revocation

751 views • 43 slides
VeSPA: Vehicular Security and Privacy-preserving architecture N. Alexiou M. Lagan` a S.

VeSPA: Vehicular Security and Privacy-preserving architecture N. Alexiou M. Lagan` a S.

Introduction Future Challenges for VC VeSPA Analysis of VeSPA Future Work VeSPA: Vehicular Security and Privacy-preserving architecture N. Alexiou M. Lagan` a S. Gisdakis M. Khodaei P. Papadimitratos School of Electrical Engineering,

641 views • 20 slides
V2x wireless channel modeling for connected cars Taimoor Abbas Volvo Car Corporations

V2x wireless channel modeling for connected cars Taimoor Abbas Volvo Car Corporations

V2x wireless channel modeling for connected cars Taimoor Abbas Volvo Car Corporations taimoor.abbas@volvocars.com V2X Terminology Background I2N P2N P2I V2N V2I V2P V2V 6/12/2018 SUMMER SCHOOL ON 5G V2X COMMUNICATIONS -

1.78k views • 37 slides
Principles of Millimeter Wave Communications for V2X Stefano Buzzi University of Cassino and

Principles of Millimeter Wave Communications for V2X Stefano Buzzi University of Cassino and

Principles of Millimeter Wave Communications for V2X Stefano Buzzi University of Cassino and Southern Lazio, Cassino, Italy London, June 11th, 2018 About myself and the University of Cassino... - Associate Professor at the University of Cassino

1.59k views • 95 slides
The Radiative Return at - and B -Meson Factories KARLSRUHEKATOWICEVALENCIA J. H. K

The Radiative Return at - and B -Meson Factories KARLSRUHEKATOWICEVALENCIA J. H. K

The Radiative Return at - and B -Meson Factories KARLSRUHEKATOWICEVALENCIA J. H. K uhn I Basic Idea II Monte Carlo Generators: Status & Perspectives III Charge Asymmetry and Radiative -Decays ( H. Czy z) IV Nucleon

1.15k views • 28 slides
Grammatical Induction and Recognition of the Documentary Form of Records William Underwood

Grammatical Induction and Recognition of the Documentary Form of Records William Underwood

Grammatical Induction and Recognition of the Documentary Form of Records William Underwood Sheila Isbell and Matthew Underwood Digital Curation Symposium, Chapel Hill, NC April 19-20, 2007 GTRI_B-1 Filename - 1 Documentary Forms:

458 views • 20 slides
Local Density Estimation for Contention Window Adaptation in Vehicular Networks Razvan Stanica,

Local Density Estimation for Contention Window Adaptation in Vehicular Networks Razvan Stanica,

Local Density Estimation for Contention Window Adaptation in Vehicular Networks Razvan Stanica, Emmanuel Chaput, Andr-Luc Beylot University of Toulouse Institut de Recherche en Informatique de Toulouse 22 nd Annual IEEE International Symposium

316 views • 20 slides
Adaptive Carrier Sense Mechanism in Safety Vehicular Ad-hoc Networks Razvan Stanica, Emmanuel

Adaptive Carrier Sense Mechanism in Safety Vehicular Ad-hoc Networks Razvan Stanica, Emmanuel

Adaptive Carrier Sense Mechanism in Safety Vehicular Ad-hoc Networks Razvan Stanica, Emmanuel Chaput, Andr-Luc Beylot University of Toulouse Institut de Recherche en Informatique de Toulouse IVN Exploratory Seminar INRIA Rocquencourt - 15

449 views • 33 slides
Moving your Virtual Machines to oVirt with ease Arik Hadas Senior Software Engineer Red Hat

Moving your Virtual Machines to oVirt with ease Arik Hadas Senior Software Engineer Red Hat

Moving your Virtual Machines to oVirt with ease Arik Hadas Senior Software Engineer Red Hat FOSDEM, 31/1/15 FOSDEM, Jan 2015 How do you run Virtual Machines? T h e r e a r e m a n y w a y s t o r u n a V M D i

440 views • 30 slides
Introduction I Can use a directed graph as a flow network to model: Computer Science &

Introduction I Can use a directed graph as a flow network to model: Computer Science &

Introduction I Can use a directed graph as a flow network to model: Computer Science & Engineering 423/823 I Data through communication networks, water/oil/gas through pipes, Design and Analysis of Algorithms assembly lines, etc. Lecture 11

304 views • 6 slides

More recommend