SlideShare uma empresa Scribd logo

Towards Privacy Aware Pseudonymless Strategy for Avoiding Profile Generation in Vehicular Ad Hoc Networks

Innopolis University
Innopolis University

Presented at WISA 2009 conference.

EducaçãoTecnologiaNotícias e política
1 de 22
Baixar para ler offline
Towards Privacy Aware Pseudonymless Strategy for Avoiding Profile Generation in VANET 1Rasheed Hussain, 2Sangjin Kim, and 1Heekuck Oh 1Hanyang University, Department of Computer Science and Engineering 2Korea University of Technology and Education, School of Information and Media Engineering, Republic of Korea 26-08-2009 © Information Security & Privacy Laboratory Hanyang University
Agenda Motivation Profile Generations and Pseudonyms Multiple Pseudonyms Proposed Pseudonymless Scheme Grouping Updating keys and groups Evaluation © Information Security & Privacy Laboratory -2- Hanyang University
Motivation[1/2] Application requirement in VANET: vehicle sends beacons every 100-300 ms Due to security requirements, beacons are normally digitally signed Signing cost is high Verification cost is high Scheuer et al. suggested using symmetric key for noncritical messages (beacons) and necessary security through TRH (Tamper-resistant Hardware) For fast revocation, pseudonyms were used © Information Security & Privacy Laboratory -3- Hanyang University
Motivation[2/2] Side effects of pseudonyms (specially single pseudonym for each vehicle) Profile generation Remedy: mix zone, silent periods, GTTP Multiple pseudonyms: (pseudonym, key) pairs Extension of the framework outlined in * * “A privacy aware and efficient security infrastructure for vehicular ad hoc networks,” by K. Plobi and H. Federrath, Computer Standards & Interfaces, 2008 © Information Security & Privacy Laboratory -4- Hanyang University
Framework * Figure from Plobi et al.’s Scheme © Information Security & Privacy Laboratory -5- Hanyang University
TRH We assume that every vehicle is equipped with TRH Stored information Root CA’s certificate, TRH’s certificate(CertTRH), vehicle’s individual symmetric key K vi ), vehicle’s VRI (Vehicle-related ( Identitiy), common symmetric key (Kall) and group ID (Gid) Part of operations of TRH, keys may be updated inside TRH by requesting TTP and using “key and group ID updating protocol” Only authentic configuration is possible for the owner of the car at initialization or when the car is sold All messages are assembled inside TRH Keys are kept secure inside TRH (at least until TRH is removed or replaced by new one) © Information Security & Privacy Laboratory -6- Hanyang University
Multiple Pseudonyms[1/2] Remedy within frame of pseudonymity How about Multiple Pseudonyms? Timestamp Speed & Position PAi HMAC1 with Encrypted with K MACPA i HMAC2 with K all Kc Using Multiple Pseudonyms overcome some of the deficiencies of using single pseudonym Downside! Bad effects on space requirement Inefficient Bootstrapping Requires periodically refill strategy © Information Security & Privacy Laboratory -7- Hanyang University
Multiple Pseudonyms[2/2] GTTP (Geographically distributed Trusted Third Party): responsible for revocation of a VRI if it is required but with CA(GTA (Government Transportation Authority)) The main threat for Profiling is the ‘identities’ Do we have certain mechanism in which we don’t need to use identities, anonymously send beacons and the functionality of the entities is still maintained? We should think of a ‘Pseudonymless’ strategy © Information Security & Privacy Laboratory -8- Hanyang University
Proposed Pseudonymless Scheme We don’t use any identity in beacons ‘GTTP’ will brute-forcely search the node if it needs to be revoked Cost will be O(n) where n is the number of users that are currently entertained by GTTP Beacon Format Timestamp is for Freshness K viis vehicle’s individual secret key that keeps on changing after a specified amount of time (how?) and Kall is the common key This beacon has no identity © Information Security & Privacy Laboratory -9- Hanyang University
Is ‘No identity beacon’ practical? Pseudonyms used for Privacy and anonymity But they cause Profilation Notion of insiders and outsiders Encryption may be essential Need of Mixed Zones and Silent Period and their effect on services provided by VANET Message size and Security overhead is increased with Pseudonymous strategy How often GTTP will need to revoke the VRI? No-Pseudonym strategy may be practical © Information Security & Privacy Laboratory -10- Hanyang University
Why not single TTP? Till now we used the term ‘GTTP’ With Pseudonymous strategy, GTTP were used which covered relatively small area Handled pseudonym operations and encryption functions Reduces search space in case of revocation A compromise if any, is localized In our scheme By Grouping, no need of GTTP to reduce revocation cost To limit the amount of disclosed information in case of compromise, we update the keys Use of single TTP for key distribution, management and revocation Replication for ‘easy to access’, efficiency and interconnect through RSUs © Information Security & Privacy Laboratory -11- Hanyang University
Reducing the cost! With ‘No Pseudonym’ the cost for search was O(n) What if TTP organize the vehicles to groups somehow? There must be limitation on group size! Cost will be reduced to O(g) instead of O(n) Group size should be trade-off between efficiency of TTP and privacy of vehicle © Information Security & Privacy Laboratory -12- Hanyang University
Grouping[1/2] Group secret key: Group Secret key (Kg) is used for calculating HMAC1 Where Gid is group ID and we included VRI in HMAC1 Kg is the group secret key used for HMAC1 Compromise of group key effects the whole group! © Information Security & Privacy Laboratory -13- Hanyang University
Grouping[2/2] Individual secret key: Individual Secret key ( K v ) is used for calculating HMAC1 i K vi is the individual secret key used for HMAC1 Inclusion of VRI in HMAC1 is not needed Revocation cost is still O(g) Compromise of secret key effects only single vehicle! © Information Security & Privacy Laboratory -14- Hanyang University
Grouping strategy Sequential Method TTP assigns the entering vehicles, same group id up to certain amount of time At an instant of time, only one group will be growing Threat for privacy in long term depending upon traffic density! Random Method TTP assigns the group ids to entering vehicles randomly At an instant of time, every group will be populating equally Random fashion preserves privacy and anonymity! Our scheme uses individual secret key with random grouping © Information Security & Privacy Laboratory -15- Hanyang University
Key and Group Updation[1/2] The amount of information disclosed in case of a key compromise is reduced by changing the keys periodically Vehicles switch between groups Requirements Mutual Authentication between TTP and TRH Confidentiality Integrity of updated Key ( K'Vi ) Availability of TTP Tamper Resistance of TRH Both the group ID and individual secret keys keep changing according to the counter maintained in TRH © Information Security & Privacy Laboratory -16- Hanyang University
Key and Group Updation[2/2] KTRH-TTP is assumed to be established securely (may be by using secure Diffie-Hellman method) K'Vi is the updated individual secret key for vehicle (TRH) Gid is the new group id and Rn is the random number We assume that the encrypted message provides integrity of inner content of the message TTP updates the database only if the acknowledgment is received © Information Security & Privacy Laboratory Hanyang University
Evaluation[1/2] Security (beacon message and key updating protocol) Beacon require integrity, privacy and revocation We do not consider the confidentiality No need for strong authentication Integrity is provided by calculating HMAC2 Integrity and confidentiality of updated key K'Vi depends upon the security of session key protocol Compromise of Kall and K vi ! Severe problem will arise if compromised Kall is used for injecting bogus information (e.g. false position) to the beacon Assumptions on TRH take care of that! © Information Security & Privacy Laboratory -18- Hanyang University
Evaluation[2/2] Privacy HMAC1 provides privacy No other party can revoke the message until K v is obtained i if we remove the possibility of identifying vehicles using HMAC1, there is no information in beacon by which vehicle can be identified Our scheme provides conditional anonymity Efficiency With SHA-256 (192bit key) for HMAC and AES (192bit key) Security overhead in terms of size is ( 2 x 256 + 16 ) = 66 bytes Beacon size is 366* bytes and security overhead is 18% TRH calculates only 2 HMACs for beaconing * Supposing that 300 bytes are reasonable for beacon, alarm and warning © Information Security & Privacy Laboratory -19- Hanyang University
Comparison with other schemes Comparison with other schemes H means HMAC calculation and E means Symmetric encryption © Information Security & Privacy Laboratory -20- Hanyang University
Merits of our system Profile generation is avoided GTTP, Mix Zones or silent period is NOT required Better efficiency with respect to Computational and Bandwidth cost Space requirements are less than that of Scheuer et al.’s scheme © Information Security & Privacy Laboratory -21- Hanyang University
© Information Security & Privacy Laboratory -22- Hanyang University

Recomendados

Cluster Based Misbehaviour Detection and Authentication Using Threshold Crypt...
Cluster Based Misbehaviour Detection and Authentication Using Threshold Crypt...Cluster Based Misbehaviour Detection and Authentication Using Threshold Crypt...
Cluster Based Misbehaviour Detection and Authentication Using Threshold Crypt...CSCJournals
 
IRJET-A Survey On Opportunistic Piggyback Marking For IP Trace Back
IRJET-A Survey On Opportunistic Piggyback Marking For IP Trace BackIRJET-A Survey On Opportunistic Piggyback Marking For IP Trace Back
IRJET-A Survey On Opportunistic Piggyback Marking For IP Trace BackIRJET Journal
 
Reliability and-efficient-protocol-for-position-based-routing-in-vehicular-ad...
Reliability and-efficient-protocol-for-position-based-routing-in-vehicular-ad...Reliability and-efficient-protocol-for-position-based-routing-in-vehicular-ad...
Reliability and-efficient-protocol-for-position-based-routing-in-vehicular-ad...Ijcem Journal
 
Probabilistic Random Range Technique for Securing Text Over Mobile Adhoc Network
Probabilistic Random Range Technique for Securing Text Over Mobile Adhoc NetworkProbabilistic Random Range Technique for Securing Text Over Mobile Adhoc Network
Probabilistic Random Range Technique for Securing Text Over Mobile Adhoc NetworkIRJET Journal
 
Hybrid Solution to Portfolio Management
Hybrid Solution to Portfolio ManagementHybrid Solution to Portfolio Management
Hybrid Solution to Portfolio ManagementBen Esget
 
Phrasal verbs oficina flir
Phrasal verbs oficina flirPhrasal verbs oficina flir
Phrasal verbs oficina flirMary Aby
 
Hogyan dolgozunk
Hogyan dolgozunkHogyan dolgozunk
Hogyan dolgozunkdeluxergrafika
 
Topic (2)
Topic (2)Topic (2)
Topic (2)kmyce
 

Recomendados

Cluster Based Misbehaviour Detection and Authentication Using Threshold Crypt...
Cluster Based Misbehaviour Detection and Authentication Using Threshold Crypt...Cluster Based Misbehaviour Detection and Authentication Using Threshold Crypt...
Cluster Based Misbehaviour Detection and Authentication Using Threshold Crypt...CSCJournals
 
IRJET-A Survey On Opportunistic Piggyback Marking For IP Trace Back
IRJET-A Survey On Opportunistic Piggyback Marking For IP Trace BackIRJET-A Survey On Opportunistic Piggyback Marking For IP Trace Back
IRJET-A Survey On Opportunistic Piggyback Marking For IP Trace BackIRJET Journal
 
Reliability and-efficient-protocol-for-position-based-routing-in-vehicular-ad...
Reliability and-efficient-protocol-for-position-based-routing-in-vehicular-ad...Reliability and-efficient-protocol-for-position-based-routing-in-vehicular-ad...
Reliability and-efficient-protocol-for-position-based-routing-in-vehicular-ad...Ijcem Journal
 
Probabilistic Random Range Technique for Securing Text Over Mobile Adhoc Network
Probabilistic Random Range Technique for Securing Text Over Mobile Adhoc NetworkProbabilistic Random Range Technique for Securing Text Over Mobile Adhoc Network
Probabilistic Random Range Technique for Securing Text Over Mobile Adhoc NetworkIRJET Journal
 
Hybrid Solution to Portfolio Management
Hybrid Solution to Portfolio ManagementHybrid Solution to Portfolio Management
Hybrid Solution to Portfolio ManagementBen Esget
 
Phrasal verbs oficina flir
Phrasal verbs oficina flirPhrasal verbs oficina flir
Phrasal verbs oficina flirMary Aby
 
Hogyan dolgozunk
Hogyan dolgozunkHogyan dolgozunk
Hogyan dolgozunkdeluxergrafika
 
Topic (2)
Topic (2)Topic (2)
Topic (2)kmyce
 
Putu Wahyuni Utari Dewi - 3249 - IT Teaching Media
Putu Wahyuni Utari Dewi - 3249 - IT Teaching MediaPutu Wahyuni Utari Dewi - 3249 - IT Teaching Media
Putu Wahyuni Utari Dewi - 3249 - IT Teaching Mediayuniutari
 
Applying to b school in a few years
Applying to b school in a few yearsApplying to b school in a few years
Applying to b school in a few yearsAmerasia Consulting Group
 
Kolekcija "Lietuvos ginklo pergalė"
Kolekcija "Lietuvos ginklo pergalė"Kolekcija "Lietuvos ginklo pergalė"
Kolekcija "Lietuvos ginklo pergalė"Monetų namai
 
How to Create an Effective PowerPoint
How to Create an Effective PowerPointHow to Create an Effective PowerPoint
How to Create an Effective PowerPointu1024811
 
BigData in Marketing. GroupM TYNY 2015
BigData in Marketing. GroupM TYNY 2015BigData in Marketing. GroupM TYNY 2015
BigData in Marketing. GroupM TYNY 2015Shukhrat Yakubov
 
Jovenes emprendedores
Jovenes emprendedoresJovenes emprendedores
Jovenes emprendedoresrockeritho
 
Gangland PowerPoint
Gangland PowerPointGangland PowerPoint
Gangland PowerPointu1024811
 
Plant tissues & organs
Plant tissues & organsPlant tissues & organs
Plant tissues & organsAnne Kaw
 
HR and Efficency Solutions
HR and Efficency SolutionsHR and Efficency Solutions
HR and Efficency Solutionsbaryonssoftsolutions
 
Daughters Without Dads Inc
Daughters Without Dads IncDaughters Without Dads Inc
Daughters Without Dads Incarmstrongdoresa
 
Tips for maximizing your business school visits
Tips for maximizing your business school visitsTips for maximizing your business school visits
Tips for maximizing your business school visitsAmerasia Consulting Group
 
Everyone relax hbs' third essay really just a 400-word chill pill (email)
Everyone relax hbs' third essay really just a 400-word chill pill (email)Everyone relax hbs' third essay really just a 400-word chill pill (email)
Everyone relax hbs' third essay really just a 400-word chill pill (email)Amerasia Consulting Group
 
Reapplying to business school
Reapplying to business schoolReapplying to business school
Reapplying to business schoolAmerasia Consulting Group
 
2010臺北國際花卉博覽會
2010臺北國際花卉博覽會2010臺北國際花卉博覽會
2010臺北國際花卉博覽會chiminglo
 
06 20-13 brian freedom economics 02
06 20-13 brian freedom economics 0206 20-13 brian freedom economics 02
06 20-13 brian freedom economics 02Brian Sear
 
Mother teresa of calcutta copia
Mother teresa of calcutta copiaMother teresa of calcutta copia
Mother teresa of calcutta copialupatric8
 
Digades Firmenpräsentation 2013
Digades Firmenpräsentation 2013Digades Firmenpräsentation 2013
Digades Firmenpräsentation 2013Digades GmbH
 
IRJET- A Study Paper on Homomorphic Encryption in Cloud Computing
IRJET- A Study Paper on Homomorphic Encryption in Cloud ComputingIRJET- A Study Paper on Homomorphic Encryption in Cloud Computing
IRJET- A Study Paper on Homomorphic Encryption in Cloud ComputingIRJET Journal
 
IRJET- Schemes for Securing Cloud Data when the Cryptographic Material is Exp...
IRJET- Schemes for Securing Cloud Data when the Cryptographic Material is Exp...IRJET- Schemes for Securing Cloud Data when the Cryptographic Material is Exp...
IRJET- Schemes for Securing Cloud Data when the Cryptographic Material is Exp...IRJET Journal
 
Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...
Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...
Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...IRJET Journal
 
IRJET- An Implementation of Secured Data Integrity Technique for Cloud Storag...
IRJET- An Implementation of Secured Data Integrity Technique for Cloud Storag...IRJET- An Implementation of Secured Data Integrity Technique for Cloud Storag...
IRJET- An Implementation of Secured Data Integrity Technique for Cloud Storag...IRJET Journal
 
Symmetric Key Encryption Decryption Technique Using Image Based Key Generation
Symmetric Key Encryption Decryption Technique Using Image Based Key GenerationSymmetric Key Encryption Decryption Technique Using Image Based Key Generation
Symmetric Key Encryption Decryption Technique Using Image Based Key GenerationIRJET Journal
 

Mais conteúdo relacionado

Destaque

Putu Wahyuni Utari Dewi - 3249 - IT Teaching Media
Putu Wahyuni Utari Dewi - 3249 - IT Teaching MediaPutu Wahyuni Utari Dewi - 3249 - IT Teaching Media
Putu Wahyuni Utari Dewi - 3249 - IT Teaching Mediayuniutari
 
Kolekcija "Lietuvos ginklo pergalė"
Kolekcija "Lietuvos ginklo pergalė"Kolekcija "Lietuvos ginklo pergalė"
Kolekcija "Lietuvos ginklo pergalė"Monetų namai
 
How to Create an Effective PowerPoint
How to Create an Effective PowerPointHow to Create an Effective PowerPoint
How to Create an Effective PowerPointu1024811
 
BigData in Marketing. GroupM TYNY 2015
BigData in Marketing. GroupM TYNY 2015BigData in Marketing. GroupM TYNY 2015
BigData in Marketing. GroupM TYNY 2015Shukhrat Yakubov
 
Jovenes emprendedores
Jovenes emprendedoresJovenes emprendedores
Jovenes emprendedoresrockeritho
 
Gangland PowerPoint
Gangland PowerPointGangland PowerPoint
Gangland PowerPointu1024811
 
Plant tissues & organs
Plant tissues & organsPlant tissues & organs
Plant tissues & organsAnne Kaw
 
Daughters Without Dads Inc
Daughters Without Dads IncDaughters Without Dads Inc
Daughters Without Dads Incarmstrongdoresa
 
Tips for maximizing your business school visits
Tips for maximizing your business school visitsTips for maximizing your business school visits
Tips for maximizing your business school visitsAmerasia Consulting Group
 
Everyone relax hbs' third essay really just a 400-word chill pill (email)
Everyone relax hbs' third essay really just a 400-word chill pill (email)Everyone relax hbs' third essay really just a 400-word chill pill (email)
Everyone relax hbs' third essay really just a 400-word chill pill (email)Amerasia Consulting Group
 
2010臺北國際花卉博覽會
2010臺北國際花卉博覽會2010臺北國際花卉博覽會
2010臺北國際花卉博覽會chiminglo
 
06 20-13 brian freedom economics 02
06 20-13 brian freedom economics 0206 20-13 brian freedom economics 02
06 20-13 brian freedom economics 02Brian Sear
 
Mother teresa of calcutta copia
Mother teresa of calcutta copiaMother teresa of calcutta copia
Mother teresa of calcutta copialupatric8
 
Digades Firmenpräsentation 2013
Digades Firmenpräsentation 2013Digades Firmenpräsentation 2013
Digades Firmenpräsentation 2013Digades GmbH
 

Destaque (17)

Putu Wahyuni Utari Dewi - 3249 - IT Teaching Media
Putu Wahyuni Utari Dewi - 3249 - IT Teaching MediaPutu Wahyuni Utari Dewi - 3249 - IT Teaching Media
Putu Wahyuni Utari Dewi - 3249 - IT Teaching Media
 
Applying to b school in a few years
Applying to b school in a few yearsApplying to b school in a few years
Applying to b school in a few years
 
Kolekcija "Lietuvos ginklo pergalė"
Kolekcija "Lietuvos ginklo pergalė"Kolekcija "Lietuvos ginklo pergalė"
Kolekcija "Lietuvos ginklo pergalė"
 
How to Create an Effective PowerPoint
How to Create an Effective PowerPointHow to Create an Effective PowerPoint
How to Create an Effective PowerPoint
 
BigData in Marketing. GroupM TYNY 2015
BigData in Marketing. GroupM TYNY 2015BigData in Marketing. GroupM TYNY 2015
BigData in Marketing. GroupM TYNY 2015
 
Jovenes emprendedores
Jovenes emprendedoresJovenes emprendedores
Jovenes emprendedores
 
Gangland PowerPoint
Gangland PowerPointGangland PowerPoint
Gangland PowerPoint
 
Plant tissues & organs
Plant tissues & organsPlant tissues & organs
Plant tissues & organs
 
HR and Efficency Solutions
HR and Efficency SolutionsHR and Efficency Solutions
HR and Efficency Solutions
 
Daughters Without Dads Inc
Daughters Without Dads IncDaughters Without Dads Inc
Daughters Without Dads Inc
 
Tips for maximizing your business school visits
Tips for maximizing your business school visitsTips for maximizing your business school visits
Tips for maximizing your business school visits
 
Everyone relax hbs' third essay really just a 400-word chill pill (email)
Everyone relax hbs' third essay really just a 400-word chill pill (email)Everyone relax hbs' third essay really just a 400-word chill pill (email)
Everyone relax hbs' third essay really just a 400-word chill pill (email)
 
Reapplying to business school
Reapplying to business schoolReapplying to business school
Reapplying to business school
 
2010臺北國際花卉博覽會
2010臺北國際花卉博覽會2010臺北國際花卉博覽會
2010臺北國際花卉博覽會
 
06 20-13 brian freedom economics 02
06 20-13 brian freedom economics 0206 20-13 brian freedom economics 02
06 20-13 brian freedom economics 02
 
Mother teresa of calcutta copia
Mother teresa of calcutta copiaMother teresa of calcutta copia
Mother teresa of calcutta copia
 
Digades Firmenpräsentation 2013
Digades Firmenpräsentation 2013Digades Firmenpräsentation 2013
Digades Firmenpräsentation 2013
 

Semelhante a Towards Privacy Aware Pseudonymless Strategy for Avoiding Profile Generation in Vehicular Ad Hoc Networks

IRJET- A Study Paper on Homomorphic Encryption in Cloud Computing
IRJET- A Study Paper on Homomorphic Encryption in Cloud ComputingIRJET- A Study Paper on Homomorphic Encryption in Cloud Computing
IRJET- A Study Paper on Homomorphic Encryption in Cloud ComputingIRJET Journal
 
IRJET- Schemes for Securing Cloud Data when the Cryptographic Material is Exp...
IRJET- Schemes for Securing Cloud Data when the Cryptographic Material is Exp...IRJET- Schemes for Securing Cloud Data when the Cryptographic Material is Exp...
IRJET- Schemes for Securing Cloud Data when the Cryptographic Material is Exp...IRJET Journal
 
Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...
Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...
Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...IRJET Journal
 
IRJET- An Implementation of Secured Data Integrity Technique for Cloud Storag...
IRJET- An Implementation of Secured Data Integrity Technique for Cloud Storag...IRJET- An Implementation of Secured Data Integrity Technique for Cloud Storag...
IRJET- An Implementation of Secured Data Integrity Technique for Cloud Storag...IRJET Journal
 
Symmetric Key Encryption Decryption Technique Using Image Based Key Generation
Symmetric Key Encryption Decryption Technique Using Image Based Key GenerationSymmetric Key Encryption Decryption Technique Using Image Based Key Generation
Symmetric Key Encryption Decryption Technique Using Image Based Key GenerationIRJET Journal
 
THE ESSENTIAL ELEMENT OF YOUR SECURITY
THE ESSENTIAL ELEMENT OF YOUR SECURITYTHE ESSENTIAL ELEMENT OF YOUR SECURITY
THE ESSENTIAL ELEMENT OF YOUR SECURITYETDAofficialRegist
 
Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Ulf Mattsson
 
IRJET- Homomorphic Encryption Scheme in Cloud Computing for Security and Priv...
IRJET- Homomorphic Encryption Scheme in Cloud Computing for Security and Priv...IRJET- Homomorphic Encryption Scheme in Cloud Computing for Security and Priv...
IRJET- Homomorphic Encryption Scheme in Cloud Computing for Security and Priv...IRJET Journal
 
IRJET- Secure and Efficient Transmission Mechanism for Emergency Data in ...
IRJET- Secure and Efficient Transmission Mechanism for Emergency Data in ...IRJET- Secure and Efficient Transmission Mechanism for Emergency Data in ...
IRJET- Secure and Efficient Transmission Mechanism for Emergency Data in ...IRJET Journal
 
IEEE Final Year Projects 2011-2012 :: Elysium Technologies Pvt Ltd::Networkse...
IEEE Final Year Projects 2011-2012 :: Elysium Technologies Pvt Ltd::Networkse...IEEE Final Year Projects 2011-2012 :: Elysium Technologies Pvt Ltd::Networkse...
IEEE Final Year Projects 2011-2012 :: Elysium Technologies Pvt Ltd::Networkse...sunda2011
 
A New Scheme of Group-based AKA for Machine Type Communication over LTE Netwo...
A New Scheme of Group-based AKA for Machine Type Communication over LTE Netwo...A New Scheme of Group-based AKA for Machine Type Communication over LTE Netwo...
A New Scheme of Group-based AKA for Machine Type Communication over LTE Netwo...IJECEIAES
 
WESPr 18 presentation slides CAV Taguchi
WESPr 18 presentation slides CAV TaguchiWESPr 18 presentation slides CAV Taguchi
WESPr 18 presentation slides CAV TaguchiKenji Taguchi
 
Implementing High Grade Security in Cloud Application using Multifactor Auth...
Implementing High Grade Security in Cloud Application using Multifactor Auth...Implementing High Grade Security in Cloud Application using Multifactor Auth...
Implementing High Grade Security in Cloud Application using Multifactor Auth...IJwest
 
Performance Analysis in MANET Routing Protocol using Machine Learning Algorit...
Performance Analysis in MANET Routing Protocol using Machine Learning Algorit...Performance Analysis in MANET Routing Protocol using Machine Learning Algorit...
Performance Analysis in MANET Routing Protocol using Machine Learning Algorit...IRJET Journal
 
IEEE Projects 2012-2013 Network Security
IEEE Projects 2012-2013 Network SecurityIEEE Projects 2012-2013 Network Security
IEEE Projects 2012-2013 Network SecuritySBGC
 
Journey to the Center of Security Operations
Journey to the Center of Security OperationsJourney to the Center of Security Operations
Journey to the Center of Security Operations♟Sergej Epp
 
Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...
Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...
Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...SBGC
 
Reliability and-efficient-protocol-for-position-based-routing-in-vehicular-ad...
Reliability and-efficient-protocol-for-position-based-routing-in-vehicular-ad...Reliability and-efficient-protocol-for-position-based-routing-in-vehicular-ad...
Reliability and-efficient-protocol-for-position-based-routing-in-vehicular-ad...Ijcem Journal
 
IRJET- A Survey: Data Security in Cloud using Cryptography and Steganography
IRJET- A Survey: Data Security in Cloud using Cryptography and SteganographyIRJET- A Survey: Data Security in Cloud using Cryptography and Steganography
IRJET- A Survey: Data Security in Cloud using Cryptography and SteganographyIRJET Journal
 

Semelhante a Towards Privacy Aware Pseudonymless Strategy for Avoiding Profile Generation in Vehicular Ad Hoc Networks (20)

IRJET- A Study Paper on Homomorphic Encryption in Cloud Computing
IRJET- A Study Paper on Homomorphic Encryption in Cloud ComputingIRJET- A Study Paper on Homomorphic Encryption in Cloud Computing
IRJET- A Study Paper on Homomorphic Encryption in Cloud Computing
 
IRJET- Schemes for Securing Cloud Data when the Cryptographic Material is Exp...
IRJET- Schemes for Securing Cloud Data when the Cryptographic Material is Exp...IRJET- Schemes for Securing Cloud Data when the Cryptographic Material is Exp...
IRJET- Schemes for Securing Cloud Data when the Cryptographic Material is Exp...
 
Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...
Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...
Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...
 
IRJET- An Implementation of Secured Data Integrity Technique for Cloud Storag...
IRJET- An Implementation of Secured Data Integrity Technique for Cloud Storag...IRJET- An Implementation of Secured Data Integrity Technique for Cloud Storag...
IRJET- An Implementation of Secured Data Integrity Technique for Cloud Storag...
 
Symmetric Key Encryption Decryption Technique Using Image Based Key Generation
Symmetric Key Encryption Decryption Technique Using Image Based Key GenerationSymmetric Key Encryption Decryption Technique Using Image Based Key Generation
Symmetric Key Encryption Decryption Technique Using Image Based Key Generation
 
THE ESSENTIAL ELEMENT OF YOUR SECURITY
THE ESSENTIAL ELEMENT OF YOUR SECURITYTHE ESSENTIAL ELEMENT OF YOUR SECURITY
THE ESSENTIAL ELEMENT OF YOUR SECURITY
 
Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...
 
IRJET- Homomorphic Encryption Scheme in Cloud Computing for Security and Priv...
IRJET- Homomorphic Encryption Scheme in Cloud Computing for Security and Priv...IRJET- Homomorphic Encryption Scheme in Cloud Computing for Security and Priv...
IRJET- Homomorphic Encryption Scheme in Cloud Computing for Security and Priv...
 
IRJET- Secure and Efficient Transmission Mechanism for Emergency Data in ...
IRJET- Secure and Efficient Transmission Mechanism for Emergency Data in ...IRJET- Secure and Efficient Transmission Mechanism for Emergency Data in ...
IRJET- Secure and Efficient Transmission Mechanism for Emergency Data in ...
 
IEEE Final Year Projects 2011-2012 :: Elysium Technologies Pvt Ltd::Networkse...
IEEE Final Year Projects 2011-2012 :: Elysium Technologies Pvt Ltd::Networkse...IEEE Final Year Projects 2011-2012 :: Elysium Technologies Pvt Ltd::Networkse...
IEEE Final Year Projects 2011-2012 :: Elysium Technologies Pvt Ltd::Networkse...
 
A New Scheme of Group-based AKA for Machine Type Communication over LTE Netwo...
A New Scheme of Group-based AKA for Machine Type Communication over LTE Netwo...A New Scheme of Group-based AKA for Machine Type Communication over LTE Netwo...
A New Scheme of Group-based AKA for Machine Type Communication over LTE Netwo...
 
WESPr 18 presentation slides CAV Taguchi
WESPr 18 presentation slides CAV TaguchiWESPr 18 presentation slides CAV Taguchi
WESPr 18 presentation slides CAV Taguchi
 
Implementing High Grade Security in Cloud Application using Multifactor Auth...
Implementing High Grade Security in Cloud Application using Multifactor Auth...Implementing High Grade Security in Cloud Application using Multifactor Auth...
Implementing High Grade Security in Cloud Application using Multifactor Auth...
 
Performance Analysis in MANET Routing Protocol using Machine Learning Algorit...
Performance Analysis in MANET Routing Protocol using Machine Learning Algorit...Performance Analysis in MANET Routing Protocol using Machine Learning Algorit...
Performance Analysis in MANET Routing Protocol using Machine Learning Algorit...
 
50120140502015
5012014050201550120140502015
50120140502015
 
IEEE Projects 2012-2013 Network Security
IEEE Projects 2012-2013 Network SecurityIEEE Projects 2012-2013 Network Security
IEEE Projects 2012-2013 Network Security
 
Journey to the Center of Security Operations
Journey to the Center of Security OperationsJourney to the Center of Security Operations
Journey to the Center of Security Operations
 
Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...
Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...
Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...
 
Reliability and-efficient-protocol-for-position-based-routing-in-vehicular-ad...
Reliability and-efficient-protocol-for-position-based-routing-in-vehicular-ad...Reliability and-efficient-protocol-for-position-based-routing-in-vehicular-ad...
Reliability and-efficient-protocol-for-position-based-routing-in-vehicular-ad...
 
IRJET- A Survey: Data Security in Cloud using Cryptography and Steganography
IRJET- A Survey: Data Security in Cloud using Cryptography and SteganographyIRJET- A Survey: Data Security in Cloud using Cryptography and Steganography
IRJET- A Survey: Data Security in Cloud using Cryptography and Steganography
 

Último

Measures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped dataMeasures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped dataBabyAnnMotar
 
4.11.24 Poverty and Inequality in America.pptx
4.11.24 Poverty and Inequality in America.pptx4.11.24 Poverty and Inequality in America.pptx
4.11.24 Poverty and Inequality in America.pptxmary850239
 
Textual Evidence in Reading and Writing of SHS
Textual Evidence in Reading and Writing of SHSTextual Evidence in Reading and Writing of SHS
Textual Evidence in Reading and Writing of SHSMae Pangan
 
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxQ4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxlancelewisportillo
 
Scientific Writing :Research Discourse
Scientific Writing :Research DiscourseScientific Writing :Research Discourse
Scientific Writing :Research DiscourseAnita GoswamiGiri
 
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptx
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptxBIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptx
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptxSayali Powar
 
4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptxmary850239
 
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfGrade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfJemuel Francisco
 
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...DhatriParmar
 
Expanded definition: technical and operational
Expanded definition: technical and operationalExpanded definition: technical and operational
Expanded definition: technical and operationalssuser3e220a
 
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...DhatriParmar
 
4.11.24 Mass Incarceration and the New Jim Crow.pptx
4.11.24 Mass Incarceration and the New Jim Crow.pptx4.11.24 Mass Incarceration and the New Jim Crow.pptx
4.11.24 Mass Incarceration and the New Jim Crow.pptxmary850239
 
Unraveling Hypertext_ Analyzing Postmodern Elements in Literature.pptx
Unraveling Hypertext_ Analyzing Postmodern Elements in Literature.pptxUnraveling Hypertext_ Analyzing Postmodern Elements in Literature.pptx
Unraveling Hypertext_ Analyzing Postmodern Elements in Literature.pptxDhatriParmar
 
ICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdfICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdfVanessa Camilleri
 
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnvESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnvRicaMaeCastro1
 
Reading and Writing Skills 11 quarter 4 melc 1
Reading and Writing Skills 11 quarter 4 melc 1Reading and Writing Skills 11 quarter 4 melc 1
Reading and Writing Skills 11 quarter 4 melc 1GloryAnnCastre1
 
Decoding the Tweet _ Practical Criticism in the Age of Hashtag.pptx
Decoding the Tweet _ Practical Criticism in the Age of Hashtag.pptxDecoding the Tweet _ Practical Criticism in the Age of Hashtag.pptx
Decoding the Tweet _ Practical Criticism in the Age of Hashtag.pptxDhatriParmar
 
Q-Factor HISPOL Quiz-6th April 2024, Quiz Club NITW
Q-Factor HISPOL Quiz-6th April 2024, Quiz Club NITWQ-Factor HISPOL Quiz-6th April 2024, Quiz Club NITW
Q-Factor HISPOL Quiz-6th April 2024, Quiz Club NITWQuiz Club NITW
 

Último (20)

Measures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped dataMeasures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped data
 
4.11.24 Poverty and Inequality in America.pptx
4.11.24 Poverty and Inequality in America.pptx4.11.24 Poverty and Inequality in America.pptx
4.11.24 Poverty and Inequality in America.pptx
 
Textual Evidence in Reading and Writing of SHS
Textual Evidence in Reading and Writing of SHSTextual Evidence in Reading and Writing of SHS
Textual Evidence in Reading and Writing of SHS
 
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxQ4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
 
Scientific Writing :Research Discourse
Scientific Writing :Research DiscourseScientific Writing :Research Discourse
Scientific Writing :Research Discourse
 
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptx
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptxBIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptx
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptx
 
4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx
 
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfGrade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
 
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...
 
Expanded definition: technical and operational
Expanded definition: technical and operationalExpanded definition: technical and operational
Expanded definition: technical and operational
 
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...
 
4.11.24 Mass Incarceration and the New Jim Crow.pptx
4.11.24 Mass Incarceration and the New Jim Crow.pptx4.11.24 Mass Incarceration and the New Jim Crow.pptx
4.11.24 Mass Incarceration and the New Jim Crow.pptx
 
prashanth updated resume 2024 for Teaching Profession
prashanth updated resume 2024 for Teaching Professionprashanth updated resume 2024 for Teaching Profession
prashanth updated resume 2024 for Teaching Profession
 
INCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptx
INCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptxINCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptx
INCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptx
 
Unraveling Hypertext_ Analyzing Postmodern Elements in Literature.pptx
Unraveling Hypertext_ Analyzing Postmodern Elements in Literature.pptxUnraveling Hypertext_ Analyzing Postmodern Elements in Literature.pptx
Unraveling Hypertext_ Analyzing Postmodern Elements in Literature.pptx
 
ICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdfICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdf
 
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnvESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
 
Reading and Writing Skills 11 quarter 4 melc 1
Reading and Writing Skills 11 quarter 4 melc 1Reading and Writing Skills 11 quarter 4 melc 1
Reading and Writing Skills 11 quarter 4 melc 1
 
Decoding the Tweet _ Practical Criticism in the Age of Hashtag.pptx
Decoding the Tweet _ Practical Criticism in the Age of Hashtag.pptxDecoding the Tweet _ Practical Criticism in the Age of Hashtag.pptx
Decoding the Tweet _ Practical Criticism in the Age of Hashtag.pptx
 
Q-Factor HISPOL Quiz-6th April 2024, Quiz Club NITW
Q-Factor HISPOL Quiz-6th April 2024, Quiz Club NITWQ-Factor HISPOL Quiz-6th April 2024, Quiz Club NITW
Q-Factor HISPOL Quiz-6th April 2024, Quiz Club NITW
 

Towards Privacy Aware Pseudonymless Strategy for Avoiding Profile Generation in Vehicular Ad Hoc Networks

  • 1. Towards Privacy Aware Pseudonymless Strategy for Avoiding Profile Generation in VANET 1Rasheed Hussain, 2Sangjin Kim, and 1Heekuck Oh 1Hanyang University, Department of Computer Science and Engineering 2Korea University of Technology and Education, School of Information and Media Engineering, Republic of Korea 26-08-2009 © Information Security & Privacy Laboratory Hanyang University
  • 2. Agenda Motivation Profile Generations and Pseudonyms Multiple Pseudonyms Proposed Pseudonymless Scheme Grouping Updating keys and groups Evaluation © Information Security & Privacy Laboratory -2- Hanyang University
  • 3. Motivation[1/2] Application requirement in VANET: vehicle sends beacons every 100-300 ms Due to security requirements, beacons are normally digitally signed Signing cost is high Verification cost is high Scheuer et al. suggested using symmetric key for noncritical messages (beacons) and necessary security through TRH (Tamper-resistant Hardware) For fast revocation, pseudonyms were used © Information Security & Privacy Laboratory -3- Hanyang University
  • 4. Motivation[2/2] Side effects of pseudonyms (specially single pseudonym for each vehicle) Profile generation Remedy: mix zone, silent periods, GTTP Multiple pseudonyms: (pseudonym, key) pairs Extension of the framework outlined in * * “A privacy aware and efficient security infrastructure for vehicular ad hoc networks,” by K. Plobi and H. Federrath, Computer Standards & Interfaces, 2008 © Information Security & Privacy Laboratory -4- Hanyang University
  • 5. Framework * Figure from Plobi et al.’s Scheme © Information Security & Privacy Laboratory -5- Hanyang University
  • 6. TRH We assume that every vehicle is equipped with TRH Stored information Root CA’s certificate, TRH’s certificate(CertTRH), vehicle’s individual symmetric key K vi ), vehicle’s VRI (Vehicle-related ( Identitiy), common symmetric key (Kall) and group ID (Gid) Part of operations of TRH, keys may be updated inside TRH by requesting TTP and using “key and group ID updating protocol” Only authentic configuration is possible for the owner of the car at initialization or when the car is sold All messages are assembled inside TRH Keys are kept secure inside TRH (at least until TRH is removed or replaced by new one) © Information Security & Privacy Laboratory -6- Hanyang University
  • 7. Multiple Pseudonyms[1/2] Remedy within frame of pseudonymity How about Multiple Pseudonyms? Timestamp Speed & Position PAi HMAC1 with Encrypted with K MACPA i HMAC2 with K all Kc Using Multiple Pseudonyms overcome some of the deficiencies of using single pseudonym Downside! Bad effects on space requirement Inefficient Bootstrapping Requires periodically refill strategy © Information Security & Privacy Laboratory -7- Hanyang University
  • 8. Multiple Pseudonyms[2/2] GTTP (Geographically distributed Trusted Third Party): responsible for revocation of a VRI if it is required but with CA(GTA (Government Transportation Authority)) The main threat for Profiling is the ‘identities’ Do we have certain mechanism in which we don’t need to use identities, anonymously send beacons and the functionality of the entities is still maintained? We should think of a ‘Pseudonymless’ strategy © Information Security & Privacy Laboratory -8- Hanyang University
  • 9. Proposed Pseudonymless Scheme We don’t use any identity in beacons ‘GTTP’ will brute-forcely search the node if it needs to be revoked Cost will be O(n) where n is the number of users that are currently entertained by GTTP Beacon Format Timestamp is for Freshness K viis vehicle’s individual secret key that keeps on changing after a specified amount of time (how?) and Kall is the common key This beacon has no identity © Information Security & Privacy Laboratory -9- Hanyang University
  • 10. Is ‘No identity beacon’ practical? Pseudonyms used for Privacy and anonymity But they cause Profilation Notion of insiders and outsiders Encryption may be essential Need of Mixed Zones and Silent Period and their effect on services provided by VANET Message size and Security overhead is increased with Pseudonymous strategy How often GTTP will need to revoke the VRI? No-Pseudonym strategy may be practical © Information Security & Privacy Laboratory -10- Hanyang University
  • 11. Why not single TTP? Till now we used the term ‘GTTP’ With Pseudonymous strategy, GTTP were used which covered relatively small area Handled pseudonym operations and encryption functions Reduces search space in case of revocation A compromise if any, is localized In our scheme By Grouping, no need of GTTP to reduce revocation cost To limit the amount of disclosed information in case of compromise, we update the keys Use of single TTP for key distribution, management and revocation Replication for ‘easy to access’, efficiency and interconnect through RSUs © Information Security & Privacy Laboratory -11- Hanyang University
  • 12. Reducing the cost! With ‘No Pseudonym’ the cost for search was O(n) What if TTP organize the vehicles to groups somehow? There must be limitation on group size! Cost will be reduced to O(g) instead of O(n) Group size should be trade-off between efficiency of TTP and privacy of vehicle © Information Security & Privacy Laboratory -12- Hanyang University
  • 13. Grouping[1/2] Group secret key: Group Secret key (Kg) is used for calculating HMAC1 Where Gid is group ID and we included VRI in HMAC1 Kg is the group secret key used for HMAC1 Compromise of group key effects the whole group! © Information Security & Privacy Laboratory -13- Hanyang University
  • 14. Grouping[2/2] Individual secret key: Individual Secret key ( K v ) is used for calculating HMAC1 i K vi is the individual secret key used for HMAC1 Inclusion of VRI in HMAC1 is not needed Revocation cost is still O(g) Compromise of secret key effects only single vehicle! © Information Security & Privacy Laboratory -14- Hanyang University
  • 15. Grouping strategy Sequential Method TTP assigns the entering vehicles, same group id up to certain amount of time At an instant of time, only one group will be growing Threat for privacy in long term depending upon traffic density! Random Method TTP assigns the group ids to entering vehicles randomly At an instant of time, every group will be populating equally Random fashion preserves privacy and anonymity! Our scheme uses individual secret key with random grouping © Information Security & Privacy Laboratory -15- Hanyang University
  • 16. Key and Group Updation[1/2] The amount of information disclosed in case of a key compromise is reduced by changing the keys periodically Vehicles switch between groups Requirements Mutual Authentication between TTP and TRH Confidentiality Integrity of updated Key ( K'Vi ) Availability of TTP Tamper Resistance of TRH Both the group ID and individual secret keys keep changing according to the counter maintained in TRH © Information Security & Privacy Laboratory -16- Hanyang University
  • 17. Key and Group Updation[2/2] KTRH-TTP is assumed to be established securely (may be by using secure Diffie-Hellman method) K'Vi is the updated individual secret key for vehicle (TRH) Gid is the new group id and Rn is the random number We assume that the encrypted message provides integrity of inner content of the message TTP updates the database only if the acknowledgment is received © Information Security & Privacy Laboratory Hanyang University
  • 18. Evaluation[1/2] Security (beacon message and key updating protocol) Beacon require integrity, privacy and revocation We do not consider the confidentiality No need for strong authentication Integrity is provided by calculating HMAC2 Integrity and confidentiality of updated key K'Vi depends upon the security of session key protocol Compromise of Kall and K vi ! Severe problem will arise if compromised Kall is used for injecting bogus information (e.g. false position) to the beacon Assumptions on TRH take care of that! © Information Security & Privacy Laboratory -18- Hanyang University
  • 19. Evaluation[2/2] Privacy HMAC1 provides privacy No other party can revoke the message until K v is obtained i if we remove the possibility of identifying vehicles using HMAC1, there is no information in beacon by which vehicle can be identified Our scheme provides conditional anonymity Efficiency With SHA-256 (192bit key) for HMAC and AES (192bit key) Security overhead in terms of size is ( 2 x 256 + 16 ) = 66 bytes Beacon size is 366* bytes and security overhead is 18% TRH calculates only 2 HMACs for beaconing * Supposing that 300 bytes are reasonable for beacon, alarm and warning © Information Security & Privacy Laboratory -19- Hanyang University
  • 20. Comparison with other schemes Comparison with other schemes H means HMAC calculation and E means Symmetric encryption © Information Security & Privacy Laboratory -20- Hanyang University
  • 21. Merits of our system Profile generation is avoided GTTP, Mix Zones or silent period is NOT required Better efficiency with respect to Computational and Bandwidth cost Space requirements are less than that of Scheuer et al.’s scheme © Information Security & Privacy Laboratory -21- Hanyang University
  • 22. © Information Security & Privacy Laboratory -22- Hanyang University