Secure Vehicular Communication System: Design & Implementation - - PowerPoint PPT Presentation

secure vehicular communication
SMART_READER_LITE
LIVE PREVIEW

Secure Vehicular Communication System: Design & Implementation - - PowerPoint PPT Presentation

Dec 18, 2023 39 likes •520 views

Secure Vehicular Communication System: Design & Implementation of VPKI (Providing Credential Management in a Secure VANET) Supervisor: MSc Thesis: Prof. Panos Papadimitratos Mohammad Khodaei LCN KTH October, 2012 1 / 38 Outline

slide-1
SLIDE 1

MSc Thesis: Mohammad Khodaei

Secure Vehicular Communication System: Design & Implementation of VPKI

(Providing Credential Management in a Secure VANET)

Supervisor:

  • Prof. Panos Papadimitratos

LCN – KTH October, 2012

1 / 38

slide-2
SLIDE 2

Outline

  • Introduction
  • Problem Statement
  • Contribution
  • Key Concepts
  • Security Requirements
  • Adversary Model
  • Protocol Design
  • Performance Evaluation
  • Conclusion
  • Future Direction

2 / 38

slide-3
SLIDE 3

Outline

  • Introduction
  • Problem Statement
  • Contribution
  • Key Concepts
  • Security Requirements
  • Adversary Model
  • Protocol Design
  • Performance Evaluation
  • Conclusion
  • Future Direction

3 / 38

slide-4
SLIDE 4

Introduction

  • The life cycle of vehicles is pretty long
  • Security has to be put in place
  • Many attacks which could jeopardize the

system performance from security point of view

  • Mitigating unknown threats and upcoming

attacks

4 / 38

slide-5
SLIDE 5

Problem

  • The lack of an infrastructure
  • Exposed to different threats and attacks
  • Staging attacks to jeopardize users’ privacy

and disclose confidential information

  • Exploiting the vulnerabilities
  • Violating the VC system security policy
  • What to do to thwart the threats and make

the system operations secure?

5 / 38

slide-6
SLIDE 6

Contribution

  • Research Purpose
  • Design and Implementation of VPKI for the secure VC system
  • An infrastructure called VPKI, to enable entities communicate

securely

  • Providing Credential Management in a Secure VC system
  • PKI is considered as an essential requirement to provide

security services

  • Goal
  • Build an artifact, using the currently available open-source

PKI, OpenCA, equiped with extra protocols for VANET

  • Methodology
  • Designing and Implementation of extra protocols for VANET
  • Using Open-Source OpenCA

6 / 38

slide-7
SLIDE 7

Key Concepts

7 / 38

slide-8
SLIDE 8

Key Algorithms and Size

Entities Algorithm

PCA RSA, key size: 1024-bit

ECDSA, key size: 256-bit

LTCA RSA, key size: 1024-bit

ECDSA, key size: 256-bit

PRA RSA, key size: 1024-bit

ECDSA, key size: 256-bit

Police RSA, key size: 1024-bit

ECDSA, key size: 256-bit

Vehicle RSA, key size: 1024-bit

ECDSA, key size: 256-bit

8 / 38

slide-9
SLIDE 9

Why not normal PKI?

  • Pseudonymity
  • Unlinkability
  • Unobservability
  • User's Privacy

9 / 38

slide-10
SLIDE 10

Security Requirements

  • Message Authentication and Integrity
  • Message Non-Repudiation
  • Privacy
  • Anonymity
  • Unlinkability and Unobservability
  • Pseudonym Resolution
  • Liability Identification, Forensics Investigation
  • Message Confidentiality
  • Availability, Fault-Tolerant and Robustness
  • Scalability and Performance

10 / 38

slide-11
SLIDE 11

Adversary Model

  • Localized and Selective Denial of Communication
  • Internal Active Adversaries
  • a. Modification and Tampering
  • b. Forgery
  • c. Recollecting Past Messages
  • d. Multiple Adversarial Nodes
  • Bounded Adversarial Presence
  • Input-Controlling Adversary
  • Other Adversary Models (Byzantine, Dolev-Yao (DY))

11 / 38

slide-12
SLIDE 12

Related Work

  • V-Tokens for Conditional Pseudonymity in

VANETs

  • Resolution information is embedded in pseudonyms
  • Vehicle signs using its current valid pseudonym
  • Pseudonym information is encrypted with PK_PR
  • Uses separation of duties
  • Cooperation of a subset of RAs is required to perform

pseudonym resolution

12 / 38

slide-13
SLIDE 13

Outline

  • Introduction
  • Problem Statement
  • Contribution
  • Key Concepts
  • Security Requirements
  • Adversary Model
  • Protocols Design
  • Performance Evaluation
  • Conclusion
  • Future Direction

13 / 38

slide-14
SLIDE 14

Protocol Design

  • How to Request for Pseudonymous

Certificates

  • How to Request the Latest Pseudonym

CRL

  • How to Perform Pseudonym Resolution

14 / 38

slide-15
SLIDE 15

Obtaining Pseudonym Cert.

Two Steps:

  • a. Obtain a Token
  • i. Vehicle queries LTCA
  • ii. LTCA issues an encrypted Token with PCA’s

Public key, if it is a legitimate vehicle

  • iii. Vehicle stores the Token for the second step
  • b. Obtain Pseudonymous Certificates
  • i. Vehicle sends the Token to PCA
  • ii. PCA verified the Token locally
  • iii. PCA issues short-term certificate

15 / 38

slide-16
SLIDE 16

Obtaining a Token

16 / 38

slide-17
SLIDE 17

Obtaining Pseudonym Cert.

17 / 38

slide-18
SLIDE 18

Obtaining Pseudonym CRL

18 / 38

slide-19
SLIDE 19

Pseudonym Resolution

19 / 38

slide-20
SLIDE 20

Token & Pseudonym Format

20 / 38

Pseudonym Cert. Format Serial No. Pseudonym Cert. Identifiable Key Signer-ID Valid-From Valid-To EC Public key Signature

Token Format

Token-Type Token-Serial No. Token-Identifiable-Key LTCA-Id, PCA-Id Maximum Number of Pseudonym Certificates Token Start-Time Token Expiry-Time Pseudonym Start-Time Pseudonym Expiry-Time Signature

slide-21
SLIDE 21

Pseudonym CRL Format

21 / 38

Pseudonym CRL Format

Pseudonym-CRL Serial No. CRL Version PCA-Id Revoked Pseudonym-Cert. No. Revoked Pseudonym-Cert. Serial No. Time-Stamp Signature

slide-22
SLIDE 22

Binding Token to Pseudo- Cert.

  • LTCA:
  • Token-Identifiable-Key = hash(Vehicle Long-

Term Certificate Serial No. || Time-Stamp || Nonce)

  • PCA:
  • PseuCertIdentifiableKey = hash(Token-

Identifiable-Key || Pseudo-Public Key || Time- Stamp || Nonce)

22 / 38

slide-23
SLIDE 23

Outline

  • Introduction
  • Problem Statement
  • Contribution
  • Key Concepts
  • Security Requirements
  • Adversary Model
  • Protocols Design
  • Performance Evaluation
  • Conclusion
  • Future Direction

23 / 38

slide-24
SLIDE 24

Network Topology

24 / 38

slide-25
SLIDE 25

Servers & Client Spec.

25 / 38

Processor Model Name Intel(R), Dual-Core, Xeon(TM), CPU 3.40GHz Bogomips 6782.71 RAM 8 GB Processor Model Name Intel(R), Dual-Core(TM), CPU 3.00 GHz Bogomips 5960.58 RAM 2 GB

  • Servers:
  • Client:
slide-26
SLIDE 26

Obtaining Token from LTCA

26 / 38

slide-27
SLIDE 27

Time Interval to Obtain 10 Pseudonyms

27 / 38

slide-28
SLIDE 28

Time Intervals for Different Operations to Obtain Pseudonym Certificates

28 / 38

slide-29
SLIDE 29

Time Interval to Obtain 20,000 Pseudonyms from PCA

29 / 38

slide-30
SLIDE 30

Time Intervals for Different Operations to Obtain Pseudonym CRL

30 / 38

slide-31
SLIDE 31

Pseudonym CRL File Size

  • No. of Revoked Pseudonyms in CRL

Size in bytes

1 778 bytes (778 bytes) 10 1.36 KB (1,398 bytes) 100 7.33 KB (7,507 bytes) 1000 67.1 KB (68,723 bytes) 10,000 664 KB (680,718 bytes) 20,000 1.29 MB (1,360,714 bytes) 100,000 6.48 MB (6,800,715 bytes)

31 / 38

slide-32
SLIDE 32

Outline

  • Introduction
  • Problem Statement
  • Contribution
  • Key Concepts
  • Security Requirements
  • Adversary Model
  • Protocols Design
  • Performance Evaluation
  • Conclusion
  • Future Direction

32 / 38

slide-33
SLIDE 33

Conclusion

  • Three protocols are integrated into OpenCA to

provide security functionality for VANETs

  • Improvement in compare with similar projects
  • Linkability
  • Privacy
  • Pseudonym Resolution
  • Performance evaluation shows reasonable time

to obtain pseudonyms, CRL and pseudonym resolution

  • Experiments should be done on a vehicle for a

more precise result

33 / 38

slide-34
SLIDE 34

Future Direction

  • Providing a PKI Trust Model in VANETs
  • Introducing a new PCA, LTCA and PRA
  • Foreign Pseudonym Certificates
  • Integrating Short-Term CRLs from Different PCAs
  • Token Should be Used Only Once
  • Mitigate the Threat of Sybil Attack
  • resource testing techniques, social networking approaches,

radio testing, trusted certification

34 / 38

slide-35
SLIDE 35

Future Direction Cont.

  • Token Verification by any PCA to Enhance

Privacy

  • Performing Reverse Pseudonym Resolution
  • Resolving Multiple Pseudonyms in a Request
  • Using FastCGI instead of CGI
  • Performance and Efficiency for VANETs

35 / 38

slide-36
SLIDE 36

Acknowledgement

36 / 38

slide-37
SLIDE 37

References

  • Secure Vehicular Communication Systems: Design and

Architecture

  • Sevecom - Secure Vehicle Communication
  • Efficient and Robust Pseudonymous Authentication in VANET
  • Securing Vehicular Communications - Assumptions, Requirements,

and Principles

  • V-Tokens for Conditional Pseudonymity in VANETs
  • Intelligent Transport Systems (ITS), Security, Stage 3 mapping for

IEEE 1609.2. V0.0.6

  • "On the Road" - Reflections on the Security of Vehicular

Communication Systems

  • Secure Vehicular Communication Systems: Implementation,

Performance, and Research Challenges

37 / 38

slide-38
SLIDE 38

Questions

Thanks for your attention!

38 / 38

slide-39
SLIDE 39

Obtaining Pseudonym Cert.

39

slide-40
SLIDE 40

OpenCA

  • Written in C
  • Two packages:
  • openca-base
  • openca-tools
  • Uses Open-SSL Libraries
  • Support Open-LDAP
  • Web-based Interface
  • With an Apache-style license

40

slide-41
SLIDE 41

Token Req-Res Format

Token Request Token Response

  • Req. Type

X509 VLTC Length X509 VLTC Pseudonym Cert. No. Request LTCA-Id PCA-Id Nonce Time-Stamp Signature

  • Req. Type

Token Size Token Max No. Pseudonym Cert. LTCA-Id PCA-Id Nonce Time-Stamp Error-Info Signature

41

slide-42
SLIDE 42

Pseudonym Req-Res Format

Pseudonym Request Pseudonym Response

  • Req. Type

Token Size Token LTCA-Id PCA-Id Location Pseudonym Cert. No Pseudonym Public-Key(s) Nonce Time-Stamp

  • Req. Type
  • Req. Identification

LTCA-Id PCA-Id Pseudonym Cert No Pseudonym Cert. Nonce Time-Stamp Error-Info Signature

42

slide-43
SLIDE 43

Pseudonym CRL Res-Res Format

Pseudonym CRL Request Pseudonym CRL Response

  • Req. Type

Current CRL Version PCA-Id Region-Id Pseudonym Cert. Length Pseudonym Cert. Nonce Time-Stamp Signature

  • Req. Type

PCA-Id CRL Size CRL Nonce Time-Stamp Error-Info Signature

43

slide-44
SLIDE 44

Obtaining Pseudonyms from PCA

44

slide-45
SLIDE 45

Obtaining Pseudonym CRL

45

slide-46
SLIDE 46

Percentage of Different Operations to Obtain 20000 Pseudonyms

46

slide-47
SLIDE 47

Implementation

  • C++
  • OpenCA as the base implementation
  • Installed and configured PCA , LTCA and

PRA on Different Servers

  • Libraries:
  • OpenSSL
  • Xmlrpc
  • MySQL
  • Boost-Serialization

47

slide-48
SLIDE 48

Time Intervals to Obtain a Token from LTCA

Operations Latency in ms Preparing Token Request 4.95 ms Issuing the Token (Server Side) 8.75 ms Entire Communication 83.6 ms Verification and Storage of the Token 3.65 ms Entire Operations 100.75 ms

48

Token Size 477 bytes

Pseudonym Certificate Size 2.0 KB (2078 bytes) Pseudonym Private-Key File Size 5.0 KB (5153 bytes)