secmace scalable and robust identity and credential
play

SECMACE: Scalable and Robust Identity and Credential Management - PowerPoint PPT Presentation

Mar 16, 2023 •44 likes •464 views

KTH ROYAL INSTITUTE OF TECHNOLOGY SECMACE: Scalable and Robust Identity and Credential Management Infrastructure in Vehicular Communication Systems M. Khodaei, H. Jin and P . Papadimitratos Networked Systems Security Group (NSS) In IEEE

  1. KTH ROYAL INSTITUTE OF TECHNOLOGY SECMACE: Scalable and Robust Identity and Credential Management Infrastructure in Vehicular Communication Systems M. Khodaei, H. Jin and P . Papadimitratos Networked Systems Security Group (NSS) In IEEE Transactions on Intelligent Transportation Systems (April 2018)

  2. Outline Secure Vehicular Communication (VC) Systems Problem Statement System Model Security and Privacy Analysis Performance Evaluation Summary of Contributions and Future Steps 2/42

  3. Vehicular Communication (VC) Systems Figure: Photo Courtesy of the Car2Car Communication Consortium (C2C-CC) 3/42

  4. Security and Privacy for VC Systems 1 Basic Requirements ◮ Message authentication & integrity ◮ Message non-repudiation ◮ Access control ◮ Entity authentication ◮ Accountability ◮ Privacy protection Vehicular Public-Key Infrastructure (VPKI) ◮ Pseudonymous authentication ◮ Trusted Third Party (TTP): ◮ Certification Authority (CA) ◮ Issues credentials & binds users to their pseudonyms 1P . Papadimitratos, et al. “Securing Vehicular Communications - Assumptions, Require- ments, and Principles,” in ESCAR, Berlin, Germany, pp. 5-14, Nov. 2006. 4/42 P . Papadimitratos, et al. “Secure Vehicular Communication Systems: Design and Architec- ture,” in IEEE Communications Magazine, vol. 46, no. 11, pp. 100-109, Nov. 2008.

  5. Security and Privacy for VC Systems (cont’d) ◮ Sign packets with the private key, corresponding to the current valid pseudonym ◮ Verify packets with the valid pseudonym ◮ Cryptographic operations in a Hardware Security Module (HSM) 5/42

  6. State-of-the-art Standardization and harmonization efforts ◮ IEEE 1609.2 [1], ETSI [2] and C2C-CC [3] ◮ VC related specifications for security and privacy-preserving architectures Projects ◮ SEVECOM, EVITA, PRECIOSA, OVERSEE, DRIVE-C2X, Safety Pilot, PRESERVE, CAMP-VSC3 Proposals ◮ V-Token, CoPRA, SCMS , SEROSA, PUCA 6/42

  7. Outline Secure Vehicular Communication (VC) Systems Problem Statement System Model Security and Privacy Analysis Performance Evaluation Summary of Contributions and Future Steps 7/42

  8. Problem Statement and Motivation The design of a VPKI ◮ Resilience ◮ Stronger adversarial model (than fully-trustworthy entities) ◮ User privacy protection against “honest-but-curious” entities ◮ User privacy enhancement and service unlinkability (inference of service provider or time) ◮ Pseudonym acquistion policies ◮ How should each vehicle interact with the VPKI, e.g., how frequently and for how long? ◮ Should each vehicle itself determine the pseudonym lifetime? ◮ Operation across multiple domains, thus a scalable design ◮ Efficiency and robustness 8/42

  9. Security and Privacy Requirements for the VPKI Protocols ◮ Authentication, communication integrity and confidentiality ◮ Authorization and access control ◮ Non-repudiation, accountability and eviction (revocation) ◮ Privacy ◮ Anonymity (conditional) ◮ Unlinkability ◮ Thwarting Sybil-based misbehavior ◮ Availability 9/42

  10. Adversarial Model External adversaries Internal adversaries Stronger adversarial model Protection against honest-but-curious VPKI entities ◮ Correct execution of protocols but motivated to profile users ◮ Concealing pseudonym provider identity and acquisition time, and reducing pseudonyms linkability (inference based on time) Multiple VPKI entities could collude 10/42

  11. Outline Secure Vehicular Communication (VC) Systems Problem Statement System Model Security and Privacy Analysis Performance Evaluation Summary of Contributions and Future Steps 11/42

  12. Secure VC System RCA A certifies B A B Cross-certification Communication link Message dissemination Domain A Domain B Domain C RA RA LTCA RA LTCA LTCA ◮ Root Certification Authority (RCA) X-Cetify PCA PCA PCA ◮ LDAP LDAP Long Term CA (LTCA) ◮ Pseudonym CA (PCA) 3/4/5G RSU {Msg} (P iv ) , {P i v } (PCA) ◮ Resolution Authority (RA) ◮ Lightweight Directory Access Protocol (LDAP) {Msg} (P iv ) , {P i v } (PCA) B ◮ Roadside Unit (RSU) ◮ Trust established with RCA, or through cross Figure: VPKI Overview certification 12/42

  13. System Model A certifies B A B RCA Communication link Home Domain (A) Foreign Domain (B) LDAP RA RA F-LTCA H-LTCA I. f-tkt req. PCA PCA 1. LTC 2. n-tkt II. f-tkt III. n-tkt 3. psnym req. IV. psnym req. 4. psnyms acquisition V. psnyms acquisition Figure: VPKI Architecture 13/42

  14. Pseudonym Acquisition Policies t start t end Unused Trip Duration Pseudonyms User-controlled policy (P1) } } } } } τ P τ P τ P τ P τ P Γ P2 Γ P2 Oblivious policy (P2) } } } } } } τ P τ P τ P τ P τ P τ P Γ P3 Γ P3 Γ P3 Expired Pseudonym Universally fixed policy (P3) } } } } } } } } τ P τ P τ P τ P τ P τ P τ P τ P System Time ◮ P1 & P2: Requests could act as user “fingerprints” ; the exact time 14/42 of requests and all subsequent requests until the end of trip could

  15. Vehicle Registration and Long Term Certificate (LTC) Update V H - LT CA 1 . LK v , Lk v 2 . ( LK v ) σ Lkv , N, t 3 . Cert ( LT C ltca , LK v ) 4 . LT C v , N + 1 , t 15/42

  16. Ticket Acquisition Protocols Protocol 2 Issuing a Ticket (by the LTCA) Protocol 1 Ticket Request (from the LTCA) 1: procedure I SSUE T ICKET ( ( msg ) σ v , LTC v , N , t now ) 1: procedure R EQ T ICKET ( P x , Γ Px , t s , t e , t date ) Verify ( LTC v , ( msg ) σ v ) 2: if P x = P 1 then 2: IK tkt ← H ( LTC v || t s || t e || Rnd IK tkt ) 3: ( t s , t e ) ← ( t s , t e ) 3: ζ ← ( SN , H ( Id PCA � Rnd tkt ) , IK tkt , Rnd IK tkt , 4: else if P x = P 2 then 4: t s , t e , Exp tkt ) ( t s , t e ) ← ( t s , t s + Γ P 2 ) 5: ( tkt ) σ ltca ← Sign ( Lk ltca , ζ ) 5: else if P x = P 3 then 6: return (( tkt ) σ ltca , N + 1 , t now ) 6: P 3 ) , t date + Γ i + 1 ( t s , t e ) ← ( t date + Γ i P 3 ) 7: 7: end procedure end if 8: ζ ← ( Id tkt - req , H ( Id PCA � Rnd tkt ) , t s , t e ) 9: ◮ “ticket identifiable key” ( IK tkt ) binds a ticket to the ( ζ ) σ v ← Sign ( Lk v , ζ ) 10: return (( ζ ) σ v , LTC v , N , t now ) 11: corresponding LTC 12: end procedure ◮ Preventing a compromised LTCA from mapping a ◮ Run over Transport Layer Security (TLS) with mutual different LTC during resolution process authentication 16/42

  17. Pseudonyms Acquisition Protocols Protocol 3 Pseudonym Request (from the PCA) Protocol 4 Issuing Pseudonyms (by the PCA) 1: procedure R EQ P SNYMS ( t s , t e , ( tkt ) σ ltca ) 1: procedure I SSUE P SNYMS ( psnymReq ) for i:=1 to n do psnymReq → ( Id req , Rnd tkt , t s , t e , ( tkt ) σ ltca , 2: 2: { ( K 1 v , ..., ( K n Begin v ) σ k 1 v ) σ kn v } , N , t now ) 3: Generate ( K i v , k i v ) 4: Verify ( LTC ltca , ( tkt ) σ ltca ) 3: ( K i v ← Sign ( k i v , K i H ( Id this - PCA � Rnd tkt ) ? v ) σ ki v ) 5: = H ( Id PCA � Rnd tkt ) 4: [ t s , t e ] ? End 6: = ([ t s , t e ]) tkt 5: psnymReq ← ( Id req , Rnd tkt , t s , t e , ( tkt ) σ ltca , 7: for i:=1 to n do 6: { ( K 1 v , ..., ( K n v ) σ k 1 v ) σ kn v } , N , t now ) Begin 7: Verify ( K i v , ( K i v ) σ ki v ) 8: return psnymReq 8: IK P i ← H ( IK tkt || K i v || t i s || t i 9: end procedure e || Rnd IK i v ) 9: ζ ← ( SN i , K i v , t i s , t i 10: v , IK P i , Rnd IK i e ) ◮ Run over TLS with unidirectional (server-only) ( P i v ) σ pca ← Sign ( Lk pca , ζ ) 11: End 12: authentication return ( { ( P 1 v ) σ pca , . . . , ( P n v ) σ pca } , N +1 , t now ) 13: 14: end procedure ◮ “pseudonym identifiable key” ( IK Pi ) binds a pseudonym to the corresponding ticket ◮ Preventing a compromised PCA from mapping a different ticket during resolution process 17/42

  18. Ticket and Pseudonym Acquisition V H-LTCA PCA 1 . H ( PCA ID � Rnd 256 ) , t s , t e , LT C v , N, t 2 . Cert ( LT C ltca , tkt ) 3 . tkt, N + 1 , t 4 . tkt, Rnd 256 , t s ′ , t e ′ , { ( K 1 v , ..., ( K n v ) σ k 1 v ) σ kn v } , N ′ , t 5 . Cert ( LT C pca , P i v ) v } , N ′ + 1 , t 6 . { P 1 v , . . . , P n 18/42

  19. Roaming User: Foreign Ticket Authentication V LDAP H - LT CA 1 . LDAP Req. 2 .LDAP Search 3 . LDAP Res. 4 . H ( F - LT CA ID � Rnd 256 ) , t s , t e , LT C v , N, t 5 . Cert ( LT C ltca , f - tkt ) 6 . f - tkt, N + 1 , t 19/42

  20. Native Ticket and Pseudonym Acquisition in the Foreign Domain V F - LT CA PCA 1 . f - tkt, H ( PCA ID || Rnd ′ 256 ) , Rnd 256 , N, t 2 .Cert ( LT C ltca , n - tkt ) 3 . n - tkt, N + 1 , t 256 , t s ′ , t e ′ , { ( K 1 v , ..., ( K n 4 . n - tkt, Rnd ′ v ) σ k 1 v ) σ kn v } , N ′ , t 5 . Cert ( LT C pca , P i v ) v } , N ′ + 1 , t 6 . { P 1 v , . . . , P n 20/42

  21. Pseudonym Revocation and Resolution RA PCA LT CA 1 . P i , N, t 2 .Update CRL 3 . tkt, N + 1 , t 4 .SN tkt , N ′ , t 5 .Resolve LT C v 6 .LT C v , N ′ + 1 , t 21/42

  22. Outline Secure Vehicular Communication (VC) Systems Problem Statement System Model Security and Privacy Analysis Performance Evaluation Summary of Contributions and Future Steps 22/42

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

SECMACE: Scalable and Robust Identity and Credential Infrastructure in Vehicular Communication

SECMACE: Scalable and Robust Identity and Credential Infrastructure in Vehicular Communication

SECMACE: Scalable and Robust Identity and Credential Infrastructure in Vehicular Communication IEEE Transactions on Intelligent Transportation Systems (IEEE ITS), vol. 19, no. 5, May 2018 Mohammad Khodaei, Hongyu Jin, and Panos Papadimitratos

689 views • 54 slides
Towards Deploying a Scalable & Robust Vehicular Identity and Credential Management

Towards Deploying a Scalable & Robust Vehicular Identity and Credential Management

Towards Deploying a Scalable & Robust Vehicular Identity and Credential Management Infrastructure M. Khodaei, H. Jin, and P. Papadimitratos Networked Systems Security Group www.ee.kth.se/nss Royal Institute of Technology (KTH) Stockholm,

302 views • 26 slides
Secure and Privacy Preserving Vehicular Communication Systems: Identity and Credential Management

Secure and Privacy Preserving Vehicular Communication Systems: Identity and Credential Management

KTH ROYAL INSTITUTE OF TECHNOLOGY Secure and Privacy Preserving Vehicular Communication Systems: Identity and Credential Management Infrastructure Mohammad Khodaei Networked Systems Security Group (NSS) November 1, 2016 July 2, 2018

1.03k views • 38 slides
The Key to Intelligent Transportation: Identity and Credential Management in Vehicular

The Key to Intelligent Transportation: Identity and Credential Management in Vehicular

The Key to Intelligent Transportation: Identity and Credential Management in Vehicular Communication Systems Mohammad Khodaei and Panos Papadimitratos Networked Systems Security Group Dec, 2015 M. Khodaei and P. Papadimitratos (KTH) LCN

260 views • 12 slides
These slides: https: / / www.grc.com/ sqrl-presentation.pdf Robust Pseudonymous Identity for the

These slides: https: / / www.grc.com/ sqrl-presentation.pdf Robust Pseudonymous Identity for the

These slides: https: / / www.grc.com/ sqrl-presentation.pdf Robust Pseudonymous Identity for the Internet (A Practical Username & Password Replacement) S Q R L S ecure Q uick R eliable L ogin A simple, straightforward, open, intellectual

668 views • 51 slides
Identity management and security Could an IdP be considered an OES? www.law.kuleuven.be/citip

Identity management and security Could an IdP be considered an OES? www.law.kuleuven.be/citip

Identity management and security Could an IdP be considered an OES? www.law.kuleuven.be/citip What is an Identity provider (IdP)? 2 Proprietary IdM and PKI IdM e.g. e.g. Belgian eID Facebook IdP IdP Verifies Issues Issues credential

517 views • 22 slides
Robust Pseudonymous Identity for the Internet (A Practical Username & Password Replacement) S

Robust Pseudonymous Identity for the Internet (A Practical Username & Password Replacement) S

Robust Pseudonymous Identity for the Internet (A Practical Username & Password Replacement) S Q R L S ecure Q uick R eliable L ogin A simple, straightforward, open, intellectual property unencumbered, easily explained, provably secure,

898 views • 41 slides
SINGLE SUBJECT PROFESSIONAL DEVELOPMENT DAY FALL 2017 Credential Center Staff: Kit Van Wyk,

SINGLE SUBJECT PROFESSIONAL DEVELOPMENT DAY FALL 2017 Credential Center Staff: Kit Van Wyk,

SINGLE SUBJECT PROFESSIONAL DEVELOPMENT DAY FALL 2017 Credential Center Staff: Kit Van Wyk, Director Dora Apodaca, Credential Analyst Evelyn Martinez, Office Coordinator Leah Sosnowski, Credential Analyst Meredith West, Credential Analyst

573 views • 14 slides
MULTIPLE SUBJECT PROFESSIONAL DEVELOPMENT DAY FALL 2017 Credential Center Staff: Kit Van Wyk,

MULTIPLE SUBJECT PROFESSIONAL DEVELOPMENT DAY FALL 2017 Credential Center Staff: Kit Van Wyk,

MULTIPLE SUBJECT PROFESSIONAL DEVELOPMENT DAY FALL 2017 Credential Center Staff: Kit Van Wyk, Director Dora Apodaca, Credential Analyst Evelyn Martinez, Office Coordinator Leah Sosnowski, Credential Analyst Meredith West, Credential Analyst

502 views • 14 slides
Adaptive Diffusions for Scalable and Robust Learning over Graphs ICASSP2017 Georgios B.

Adaptive Diffusions for Scalable and Robust Learning over Graphs ICASSP2017 Georgios B.

Adaptive Diffusions for Scalable and Robust Learning over Graphs ICASSP2017 Georgios B. Giannakis A. N. Nikolakopoulos D. K. Berberidis Dept. of ECE and Digital Tech. Center, University of Minnesota Acknowledgments: NSF 1500713,1711471, NIH

277 views • 23 slides
A Method for Remote Initial Vetting of Identity with PKI

A Method for Remote Initial Vetting of Identity with PKI

A Method for Remote Initial Vetting of Identity with PKI Credential International Symposium on Grids & Clouds 2017 9 March 2017 Academia Sinica, Taipei, Taiwan

689 views • 17 slides
Implementation of a robust and scalable consensus protocol for blockchain Raphal Dunant DEDIS

Implementation of a robust and scalable consensus protocol for blockchain Raphal Dunant DEDIS

Implementation of a robust and scalable consensus protocol for blockchain Raphal Dunant DEDIS lab Supervisors: Linus Gasser, Eleftherios Kokoris-Kogias Responsible: Prof. Bryan Ford Proposal cosigning Time or timestamp services

582 views • 15 slides
Introduction to Intl Credential Evaluation 10/30/2013 Introduction to International Credential

Introduction to Intl Credential Evaluation 10/30/2013 Introduction to International Credential

Introduction to Intl Credential Evaluation 10/30/2013 Introduction to International Credential Evaluation Shelby L. Cearley Texas Tech University Office of Graduate & International Admissions Todays Session Agenda A brief roadmap

372 views • 5 slides
Robust and Scalable Models of Microbiome Dynamics for Bacteriotherapy Design Travis E. Gibson 1

Robust and Scalable Models of Microbiome Dynamics for Bacteriotherapy Design Travis E. Gibson 1

Robust and Scalable Models of Microbiome Dynamics for Bacteriotherapy Design Travis E. Gibson 1 Georg K. Gerber 1 , 2 1 Massachusetts Host Microbiome Center Brigham and Womens Hospital and Harvard Medical School 2 Health Sciences and Technology

339 views • 13 slides
Scalable and Robust Bayesian Inference via the Median Posterior CS 584: Big Data Analytics

Scalable and Robust Bayesian Inference via the Median Posterior CS 584: Big Data Analytics

Scalable and Robust Bayesian Inference via the Median Posterior CS 584: Big Data Analytics Material adapted from David Dunsons talk (http://bayesian.org/sites/default/files/Dunson.pdf) & Lizhen Lins ICML talk

638 views • 35 slides
Optimizing MPC for robust and scalable integer and floating-point arithmetic Liisi Kerik * Peeter

Optimizing MPC for robust and scalable integer and floating-point arithmetic Liisi Kerik * Peeter

Optimizing MPC for robust and scalable integer and floating-point arithmetic Liisi Kerik * Peeter Laud * Jaak Randmets * * Cybernetica AS University of Tartu, Institute of Computer Science January 30, 2016 Introduction Secure

588 views • 23 slides
INDONESIA Arriya Mungsunti Andy Sumner Arief Yusuf The Developers Dilemma: Structural

INDONESIA Arriya Mungsunti Andy Sumner Arief Yusuf The Developers Dilemma: Structural

Kyunghoon Kim INDONESIA Arriya Mungsunti Andy Sumner Arief Yusuf The Developers Dilemma: Structural Transformation, Inequality Dynamics, and Inclusive Growth UNU-WIDER Workshop, 10 th /September/2019, Bangkok, Thailand BACKGROUND: STEADY

521 views • 19 slides
comparison of methods for clustering citation networks Lovro Nees Jan van Eck Ludo Waltman

comparison of methods for clustering citation networks Lovro Nees Jan van Eck Ludo Waltman

comparison of methods for clustering citation networks Lovro Nees Jan van Eck Ludo Waltman Subelj Leiden University Leiden University University of Ljubljana Centre for Science and Centre for Science and Faculty of Computer and

394 views • 15 slides
Social Computing: Principles, Platforms, and Applications Amit K. Chopra University of Trento

Social Computing: Principles, Platforms, and Applications Amit K. Chopra University of Trento

Social Computing: Principles, Platforms, and Applications Amit K. Chopra University of Trento Workshop on Requirements Engineering for Social Computing, 2011 Aug 29, Trento Chopra (chopra@disi.unitn.it) Social Computing Aug 29, Trento 1 /

531 views • 20 slides
2020 Si 2020 Site V Visit C Chair W Webinar Facilitated by: Shawn Flanigan, COPRA Member San

2020 Si 2020 Site V Visit C Chair W Webinar Facilitated by: Shawn Flanigan, COPRA Member San

2020 Si 2020 Site V Visit C Chair W Webinar Facilitated by: Shawn Flanigan, COPRA Member San Diego State University WEL WELCOM OME! E! Thank you for chairing and supporting our programs - we cant do this without you! Goal: to

477 views • 8 slides
RHyTHM: A Randomized Hybrid Scheme To Hide in the Mobile Crowd Mohammad Khodaei, Andreas Messing,

RHyTHM: A Randomized Hybrid Scheme To Hide in the Mobile Crowd Mohammad Khodaei, Andreas Messing,

RHyTHM: A Randomized Hybrid Scheme To Hide in the Mobile Crowd Mohammad Khodaei, Andreas Messing, and Panos Papadimitratos Networked Systems Security Group (NSS) www.ee.kth.se/nss Royal Institute of Technology (KTH) Stockholm, Sweden Nov. 28,

361 views • 15 slides
Investigating the OpenPGP Web of Trust Alexander Ulrich, Ralph Holz , Peter Hauck, Georg Carle

Investigating the OpenPGP Web of Trust Alexander Ulrich, Ralph Holz , Peter Hauck, Georg Carle

Investigating the OpenPGP Web of Trust Alexander Ulrich, Ralph Holz , Peter Hauck, Georg Carle Diskrete Mathematik Universit at T ubingen Netzarchitekturen und Netzdienste Technische Universit at M unchen ESORICS 2011 Alexander

1.31k views • 55 slides
Tagging modality in Oceanic languages of Melanesia Annika Tjuka, Lena Weimann, and Kilu von

Tagging modality in Oceanic languages of Melanesia Annika Tjuka, Lena Weimann, and Kilu von

MelaTAMP project Data Method Inter-annotator agreement Conclusion Tagging modality in Oceanic languages of Melanesia Annika Tjuka, Lena Weimann, and Kilu von Prince August 1 st , 2019 1 / 23 The 13 th Linguistic Annotation Workshop

515 views • 28 slides
Community Detection: From Plain to Attributed Complex Networks Martin Atzmueller Universit y of

Community Detection: From Plain to Attributed Complex Networks Martin Atzmueller Universit y of

Community Detection: From Plain to Attributed Complex Networks Martin Atzmueller Universit y of Kassel, Research Cent er for Informat ion S yst em Design Ubiquit ous Dat a Mining Team, Chair for Knowledge and Dat a Engineering Web S cience

1.5k views • 99 slides

More recommend