339 0

LIGHTWEIGHT AUTHENTICATION APPROACHES FOR SECURE AND PRIVACY AWARE VANET

Title
LIGHTWEIGHT AUTHENTICATION APPROACHES FOR SECURE AND PRIVACY AWARE VANET
Other Titles
경량 인증 접근법을 통한 보안 및 프라이버시 인지형 VANET
Author
Ubaidullah
Alternative Author(s)
우바이둘라
Advisor(s)
Heekuck Oh
Issue Date
2017-08
Publisher
한양대학교
Degree
Doctor
Abstract
Due to the growth of road traffic all over the world, road traffic safety is becoming increasingly crucial as well as challenging. The rising number of road traffic accidents caused by traffic congestion, negligence of drivers, violation of traffic rules and insufficient road information necessitate an efficient, autonomous system that can increase the road safety and cope with the challenge of traffic congestion. Over the last few years, Mobile Ad hoc Networks (MANETs) have been extensively studied in this domain to address the traffic related issues. Especially, a type of MANET, called Vehicular Ad hoc Networks (VANETs) that inherits many of the features of MANETs and facilitates spontaneous creation of a wireless network for data exchange among vehicles, is an actively researched area for improving road safety, navigation, and other roadside services. While VANETs support a wide range of applications in intelligent transportation, the inter-vehicular communication in VANETs takes place in an open-access environment, making the security and privacy of the shared information prone to be compromised. An unauthorized access to this information may be used maliciously and may result in catastrophic consequences. Hence, authenticated communication is one of the prime requirements of a VANET. Although, the authenticated communication in VANETs is a well studied area, the privacy protection still remains an intricate issue. The process of authentication does ascertain the legitimate entries in the network, yet it reveals a vehicle’s identity and location in the network, jeopardizing its privacy and exposing it to malicious attacks. Therefore, an authentication process, coupled with a privacy protection technique, is required. A particular aspect of this privacy protected authentication should be the provision of conditional anonymity, i.e., a user’s privacy is preserved until he does not violate the stipulated rules. Additionally, in case of a security and/or privacy breach, the malicious access must be traceable. At the same time, the solution proposed in this context should be simple and computationally efficient for real-time implementation. The research carried out in this dissertation pertains to developing efficient privacy preserving authentication schemes for VANETs. This work is motivated by combining the useful features of two extensively used techniques in this domain, namely pseudonym-based and group signature-based techniques, while addressing their respective drawbacks. Our hierarchical pseudonym technique of privacy preserving authentication in VANETs not only provides an efficient mechanism of reliable authentication in VANETs while preserving privacy, but also alleviates certain overheads on the vehicles, e.g., managing a certificate revocation list, and group management, etc. Our protocol proposes a hierarchy of pseudonyms based on the time period of their usage. We propose the idea of primary pseudonyms with relatively longer expiration time that are used to communicate with semi- trusted authorities and secondary pseudonyms with a shorter life time that are used to communicate with other vehicles. A frequently changing pseudo-identity inside the secondary pseudonym provides the conditional anonymity, making it nearly impossible for an attacker to track the user. At the same time, the secondary pseudonym serves as a trapdoor and guarantees the prompt detection of a malicious activity and taking a punitive action. In order to lower the communication overhead and for a non-pervasive Roadside Unit (RSU) deployment, this dissertation further propose an improved and efficient hybrid privacy preserving authentication scheme. The scheme proposes a modular architecture that acts as a trusted Certification Authority (CA). The modular architecture is proposed by keeping the benefits of cloud computing paradigm in mind. The CA modules perform a number of tasks by assuming the responsibility of vehicle enrollment, distribution/verification of vehicles’ and region credentials. The proposed approach also deviates from the traditional approach of using vehicle-based grouping and introduce the idea of regional groups, managed by the CA, where a vehicle becomes the part of a group while entering a particular area. The use of similar group credentials provides anonymity, making it extremely hard for a malicious access to distinguish the identity of a particular vehicle from others. Our hybrid scheme utilizes efficient and light-weight pseudonyms that are not only used for message authentication, but also serve as a trapdoor in order to provide conditional anonymity. However, the similar looking pseudonyms make it nearly impossible for an attacker to differentiate two messages. The light-weight credentials can be downloaded from the CA directly or by using the non-pervasive deployed (RSUs) which only serve as relays in our proposed scheme. The scheme also provides prevention from varying types of security threats on beacons such as attacks on message authentication, data integrity and non-repudiation. The dissertation presents an extensive evaluation of the proposed approaches in a number of attack scenarios. The security analysis presented in this dissertation demonstrates the resilience of our proposed approaches against various security and privacy threats. We also provide the analysis of computational and communication overhead shows the efficiency of the proposed techniques. Additionally, extensive simulations are carried out in order to present a detailed network performance analysis. The results also show the robustness of the proposed approaches in terms of end-to-end delay and packet delivery ratio.
URI
http://hdl.handle.net/20.500.11754/33697http://hanyang.dcollection.net/common/orgView/200000430994
Appears in Collections:
GRADUATE SCHOOL[S](대학원) > COMPUTER SCIENCE & ENGINEERING(컴퓨터공학과) > Theses (Master)
Files in This Item:
There are no files associated with this item.
Export
RIS (EndNote)
XLS (Excel)
XML


qrcode

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.

BROWSE