D.David Neels Ponkumar 1, Janeshwari.S 2, Gomathi Sankari.A 3

Transcription

1 Fast and Secure Countermand Verification Process Using MAP in VANET D.David Neels Ponkumar 1, Janeshwari.S 2, Gomathi Sankari.A 3 1 Profeesor, Einstein College of Engineering, david26571@gmail.com 2 PG Student, Einstein College of Engineering,smjanesh@gmail.com 3 PG Student, Einstein College of Engineering,sanmathi.ee@gmail.com Abstract Vehicular ad-hoc networks (VANETs) are a promising communication scenario. Several new applications are envisioned, which will improve traffic management and safety. As VANETs present some unique features (e.g. high mobility of nodes, geographic extension, etc.) traditional security mechanisms are not always suitable. The main intention of this network is to send and receive messages from the vehicles. VANETs follow the concept of Public Key Infrastructure (PKI) and Certificate Revocation Lists (CRL) for enhancing security. It can be achieved by intensifying the process carried out in Message Authentication Code (MAC). Through this, it is obvious that the security can be made efficient and processed faster than the existing schemes. Keywords Vehicular communication; security; CRL; MAC; revocation 1. Introduction VANET is a technology that uses moving cars as nodes to create a mobile network. VANETs are a subset of MANETs (Mobile Ad-hoc NETworks) in which communication nodes are vehicles. In VANETs, vehicles can communicate each other such as Vehicle-to-Vehicle communications (V2V). Moreover, they can connect to an infrastructure Vehicle-to-Infrastructure (V2I). This infrastructure is located along the roads. VANETs consist of network entities, mainly including vehicles and Road-Side Units (RSUs). Due to the open medium nature of wireless communications and the high-speed mobility of a large number of vehicles in spontaneous vehicular communications, entity authentication, message integrity, non-repudiation, and privacy preservation are identified as primary security requirements. A security attack on VANETs can have severe harmful or fatal consequences to legitimate users. Consequently, ensuring secure vehicular communications is a must before any VANET application can be put into practice. Much research work is under process regarding security issues in vehicular networks. In the US, the FCC has allocated a bandwidth of 75 MHz for these applications, usually referred to as DSRC (Dedicated Short Range Communications) [J. J. Haas, et al,2009]. In this paper, the PKI and enhanced MAC are combinely performed to provide an entire security along with unique identity using message authentication protocol. The proposed enhanced version of MAC can overwhelm the security issues as well as delay. A well renowned solution to secure VANETs is to deploy the Public Key Infrastructure (PKI), and to use Certificate Revocation Lists (CRLs) for managing the revoked certificates. 1

2 Figure 1. VANET Architecture In PKI, each entity in the network holds an authentic certificate, and every message should be digitally signed before its transmission. A CRL, usually issued by a Trusted Authority (TA), is a list containing all the revoked certificates. The CRL is always issued by the certificate authority (CA) which issues the corresponding certificates. All CRLs have a lifetime during which they are valid. First of all, a system is modeled based on the specified constraints. Then the system is set for execution by implementing the algorithm in which On board Units (OBU) is carried out with the help of Dedicated Short Range Communication (DSRC). It plays a significant role in transferring the message under specific time interval. Thus the provided security is analyzed by comparing with common attacks to show its successful improvement. The rest of the paper is organized as follows. Section 2 presents a description about the previous works. Section 3 involves the detailed description about the proposed method. Section 4 presents the performance analysis. This paper concludes in Section Related Work This section deals with the works related to privacy, authentication and secured communication. Maxim Raya and Jean-Pierre propose a detailed threat analysis and devise appropriate security architecture. It also describes some major design decisions still to be made, which in some cases have more than mere technical implications. It provides a set of security protocols. The paper has also identified the major threats [M.Raya, et.al, 2007]. Yipin Sun et al., submits an efficient pseudonymous authentication scheme with strong privacy preservation, named PASS, for vehicular communications. Unlike traditional pseudonymous authentication schemes, the size of Certificate Revocation List (CRL) in PASS is linear with the number of revoked vehicles and irrelated to how many pseudonymous certificates are held by the revoked vehicles. Finally, it has proven that to reduce the revocation cost and the certificate updating overhead significantly[y.sun,et.al,2010]. Jason J. Haas et al presents a lightweight mechanism for revoking security certificates appropriate for the limited bandwidth and hardware cost constraints of a VANET. A Certificate Authority (CA) issues certificates to trusted nodes, i.e., vehicles. If the CA looses trust in a node (e.g., due to evidence of malfunction or malicious behaviour), the CA must promptly revoke the certificates of the distrusted node. It has been found to achieve the goals of reduced CRL size, a computationally efficient mechanism for determining if a certificate is on the CRL, and a lightweight mechanism for exchanging CRL updates [J. J. Haas, et al,2009]. Kenneth P. Laberteaux et al analyzes a method for car-to-car epidemic distribution of certificate revocation lists which is quick and efficient. Large-scale simulations based on realistic mobility traces show that this epidemic model significantly outperforms methods that only employ road side unit distribution points[5]. Dan Boneh et al 2

3 propound a fully functional identity-based encryption scheme (IBE). The scheme has chosen ciphertext security in the random oracle model. This system is based on bilinear maps between groups[6]. Sencun Zhu et al initiates GKMPAN, an efficient and scalable group rekeying protocol for secure multicast in ad hoc networks. This protocol exploits the property of ad hoc networks that each member of a group is both a host and a router, and distributes the group key to member nodes via a secure hop-by-hop propagation scheme. A probabilistic scheme based on pre-deployed symmetric keys is used for implementing secure channels between members for group key distribution. GKMPAN also includes a distributed scheme for efficiently updating the pre-deployed key[s.lin,et.al,2007]. Charles Harsch et al brought forward a scheme that secures geographic position-based routing, which has been widely accepted as the appropriate one for VC. Moreover, it focuses mainly on the scheme currently chosen and evaluated in the Car2Car Communication Consortium (C2C-CC). Here security mechanisms are integrated to protect the position-based routing functionality and services (beaconing, multi-hop forwarding, and geo-location discovery), and enhance the network robustness. M. Raya et al., addresses the problem of lacking an omnipresent infrastructure in VNs. It may unacceptably delay the retrieval of the most recent and relevant revocation information. So to solve this difficulty it proposes protocols, as components of a framework, for the identification and local containment of misbehaving or faulty nodes and then for their eviction from the system. It is observed from the results that it can efficiently and effectively isolate misbehaving and faulty nodes[k.plobi.et.al,2008]. Chun-Ta Li et al., moves the security issues to next level by implementing a lightweight authenticated key establishment scheme with privacy preservation to secure the communications between mobile vehicles and roadside infrastructure in a VANET, which is called SECSPP. Moreover the proposed scheme not only accomplishes vehicle-to-vehicle and vehicle-to-roadside infrastructure authentication and key establishment for communication between members, but also incorporates blind signature techniques into the scheme in allowing mobile vehicles to anonymously interact with the services of roadside infrastructure. It has been shown that it is efficient in its implementation on mobile vehicles in comparison with other related proposals. This scheme clearly depicts that computational costs of involved nodes are lower and can be reduced further. As a result, it has found to be suitable for various ad hoc networks and privacy-vital applications in pervasive computing environments since it ensures and provides security, reliability, and efficiency[h.chan.et.al,2003]. 3. Proposed Protocol 3.1 System Model The system model is created based on specific constraints and can be classified into three categories: authorities, road side infrastructure, and nodes. Authorities are responsible for key generation and malicious vehicle judgement. Authorities have powerful firewalls and other security protections. Therefore, they have the highest security level. Road side infrastructure consists of RSUs deployed at the road sides which are in charge of key management. Traffic lights or road signs can be used as RSUs after renovation. RSUs communicate with authorities through wired network. The trusted platform module is equipped in each RSU. It can resist software attacks but not sophisticated hardware tampering. The cost of a trusted platform module is only a few tens of dollars which is affordable [1]. RSUs are semi-trust with the medium security level. Nodes are ordinary vehicles on the road that can communicate with each other and RSUs through radio. Assume that each vehicle is equipped with a GPS receiver using DGPS with accuracy on the order of centimetres and an on board unit (OBU) which is in charge of all communication and computation tasks. Nodes have the lowest security level.obu is solely responsible for performing all the cryptographic operations like message verification, updation of keys, etc. 3.2 Authentication In this section, the proposed message authentication protocol which augments the basic short group signature protocol by mitigating the computation overhead in the regular broadcast phase. The verification time for short group signature is 11ms with a 3 GHz Pentium IV system. In a typical public safety application, each vehicle broadcasts safety messages every 300 ms, which shows that each vehicle can at most process messages from 27 other vehicles in a stable system. Each vehicle maintains two processes which are verifiers selection process, authentication process, a neighbourhood list, a process queue and a buffer. The verifiers selection 3

4 process includes selecting verifiers, neighbourhood list and maintenance of process queue. The authentication process controls message authentication and sending of warning messages. In other words, verifiers selection process fills the process queue while authentication process clears it up after verifications. The neighbourhood list contains neighbour vehicles geographic information. The Messages which will not be processed are stored in the buffer. When a vehicle receives a regular broadcast message (RBM), it extracts information of the location, speed, direction and acceleration of the sending vehicle and decides whether to verify the message or not according to geographic information. If a verifier finds an invalid RBM then it will broadcast one-hop warning information, which is termed as authentication messages (AM), to inform others. A non-verifier resorts to the AM broadcasted by other vehicles to authenticate RBM. In our protocol, each vehicle only needs to verify a very small amount of RBM. Our protocol ensures that each RBM will be verified by 2M vehicles on average. In practice, the number of verifiers may fluctuate around 2M due to randomness. Our scheme is equipped with an authentication mode switch mechanism to ensure that the modified MAP is activated only when enough vehicles and thus verifiers exist; otherwise the message-by message protocol is activated. The authentication process verifies messages in the processing queue one by one. If the message is valid, it will be accepted. If a RBM is invalid, it will be dropped. An invalid RBM will be informed to others by the tagged vehicle. In the AM, there is no signature to guarantee the validity of the whole message. There are several reasons. 1) The vehicle will always check the validity of the RBM by itself after they receive a AM. Hence, the signature of AM only wastes computing ability of the OBU. 2) A smart attacker would not attach the valid signature to the AM if it tries to cheat. Note that messages whose lifetime exceed the verification period will be accepted if there is no AM about it. 3.3 Regular Broadcast Phase If vehicles collude with each other, for example, verifiers are all accomplices of a sender, and then all invalid messages that are sent by the sender will not be notified although the proportion of malicious vehicles may be not high. Or a malicious vehicle may launch a sybil attack by creating fictitious vehicles to act as its verifiers. Vehicles travel on the road with high velocities, so it is not easy for accomplice vehicles to get all verifiers positions at the same time. Hereby, it is more difficult to launch the attack when the number of verifiers increases. Another way to defend collusion attack is choosing verifiers from the other side of the road. It would be difficult for an adversary to have colluding vehicles on both directions. 3.4 CRL Verification A certificate revocation list (CRL) is a list of certificate identification numbers that are no longer valid prior to the expiration date of the certificate. The lists can be generated and issued by either the actual CA or an entity authorized by the CA. Since the CRL is cryptographically signed by the CA or authorized entity, the communication channel and storage medium do not need to be secure due to the modification to the CRL during transmission or by other nodes will result in signature validation failure. The CRL is published publicly at a time interval specified by the particular revocation policy. This time interval may be regular, such as hourly, weekly or monthly or it may be based on measures other than time such as a certain number of revocations. The information contained in a CRL includes the expiration date of the CRL, the next time the CRL will be published, and the list of revoked certificates. Each user maintains the CRL and checks the list as part of the message verification process. 3.5 Revocation Process The process of invalidating the certificate is termed as certificate revocation. The revocation process is carried out by altering the revoked certificate into a non-revoked. Once the certificate has been non-revoked it can used further by the OBUs for disseminating the safety-related message without ignorance. The process can be performed by gathering the revoked OBU s secret key which is used secure communication and the hash value from the hash chain. Update both the secret key and the hash value and at last redistributed. The updated CRL is now distributed by the RSU to the all other OBUs. Revocation occurs when a certificate needs to be invalidated before the expiration date of the certificate. Revocation notifies a user attempting to validate a public key that the private key associated with the public key is no longer valid. Other reasons for revocation 4

5 may include changing of vehicle ownership from car sales, thefts, or rentals. While there is a change in vehicle ownership, the revocation cannot be triggered when VANETs are implemented. 3.6 Enhanced MAC The proposed protocol uses the special and efficient Enhanced Message Authentication Code (EMAC) to reduce the delay occurred during checking of revocation list. The EMAC uses a Keyed Hash message authentication. This standard defines a MAC that uses a cryptographic hash function in conjunction with a secret key. Providing a way to check the integrity of information transmitted over or stored in an unreliable medium is a prime necessity in the world of open computing and communications. Systems that provide such integrity checks based on a secret key are traditionally called message authentication codes (MACs). Typically, message authentication codes are used between two parties that share a secret key in order to authenticate information transmitted between these parties. Hash Functions require a cryptographic hash value denote by H, and a secret key K. Assume H to be a cryptographic hash function where data is hashed by iterating a basic compression function on blocks of data, B as the byte-length of blocks and L as the byte-length of hash outputs. The authentication key K can be of any length up to B, the block length of the hash function. Applications that utilize keys higher than B bytes will first hash the key using H and then use the resultant L byte string as the actual key to keyed hash message authentication code. To compute authentication code over the data text is H (K XOR opad, H (K XOR ipad, text)). 4. Performance Evaluation In this section, the NS2 simulator is used to evaluate the performance of proposed protocol in terms of the packet delivery ratio, the message end-to-end delay, and the communication overhead respectively, compared with the group signature scheme in [6,12]. The traffic scenario is simulated with a high vehicle density. RSUs are located at an intersection. The distance limit for Inter Vehicle Communication and Road Vehicle Communication is 300m and 600 m, respectively. Inter-vehicle Messages are sent every 300 ms at each vehicle. IEEE a is used to simulate the medium access control layer transmission protocol.the bandwidth of the channel is 6 Mb/s. All possible cryptographic time intervals are represented as equal time delays in the simulation. 4.1 Packet Delivery Ratio Packet Delivery Ratio (PDR) is a very significant factor to measure the performance of routing protocol in any network. The performance of the protocol depends on various parameters chosen for the simulation. Packet size, No of nodes, Transmission range and the Structure of any networks are the most important parameters to be considering.packet delivery ratio is the ratio of number of packets received at the destination to the number of packets sent from the source. 5

6 Figure 2. Vehicle Density versus Packet Delivery Ratio The performance is better when packet delivery ratio is high. Figure 2 shows the connection between the message delay and the traffic load. The packet delivery ratio of group signature scheme [S.Lin,et.al,2007] is compared with the proposed Message authentication protocol. The PDR under proposed is higher than that under the protocol in [S.Lin, et.al, 2007].The smaller collision probability and a higher PDR are results from the smaller number of verifiers. The better network utilization and security performance are obtained by the higher PDR. 4.2 Message End To End Delay Message End-to-end delay is the time taken by a packet to reach through the network from a source to its destination. End to End delay somewhat depends on the packet delivery ratio. The probability of packet drop increases as the distance between source and destination increases. The average end-to-end delay includes all achievable delays in the network i.e. buffering route discovery latency, retransmission delays at the MAC, and propagation and transmission delay. Figure 3 shows the end-to-end delay in msec vs. the OBUs density i.e Vehicle density, by employing authentication using the proposed authentication protocol. It can be viewed that the number of the received packets increases with the OBUs density resulting in longer waiting time for the packets to be processed in each OBU that results in higher end to end delay. In addition, for high OBUs densities as the number of received packets reaches the maximum number of packets an OBU can verify within a specific duration the end-to-end delay tends to be constant. The proposed work is compared with the group signature scheme that has the highest message delay. The reason behind the high delay is that it used to verify a message signature every time. The message delay can be reduced by decreasing the time interval i.e release of packets at the expense of increasing the communication overhead and bringing more conflicts to the medium access control layer wireless communications. 6

7 Figure 3. Vehicle Density versus Delay 4.3 Communication Overhead The proportion of authentication messages over the total traffic is termed as communication overhead. The comparison is done between the communications overhead under the proposed MAP against that under the group signature. Figure 4. Vehicle Density versus Communication Overhead (%) Each OBU broadcasts a signed message to its neighbouring OBUs. A signed message contains the certificate of the sender, a time stamp, and the signature of the sender on the transmitted message. The additional communication overhead incurred is mainly due to revocation check. The revocation length depends on the employed hash function. 7

8 5. Conclusion In this paper, a newer fast and secure verification process using Message Authentication Protocol was proposed. With this the authenticity of the messages verification sent by vehicles are done at On Board Units. Extensive simulation shows that the proposed work has highest packet delivery ratio and communication overhead than the group signature based schemes without losing the desired security and privacy requirements. It is clear that the proposed work contributes to an effective and efficient security along with reduction in delay of authentication messages. Future work will be focus on making the RSUs responsible for verifying the authenticity of messages sent from vehicles and for informing the results back to vehicles that decreases the number of certificates verification every time done at OBU of the vehicles. References [1] M. Raya and J.-P. Hubaux,2007, "Securing vehicular ad hoc networks," Journal of Computer Security, vol. 15, pp [2] Rongxing Lu, Xiaodong Lin, Xiaohui Liang, and Xuemin Shen, 2012, A Dynamic Privacy-Preserving Key Management Scheme for Location-Based Services in VANETs, IEEE Transactions On Intelligent Transportation Systems,Vol. 13, No. 1. [3] Y. Sun, et al., 2010"An efficient pseudonymous authentication scheme with strong privacy preservation for vehicular communications," Vehicular Technology, IEEE Transactions on, vol. 59, pp [4] J. J. Haas, et al., 2009,"Design and analysis of a lightweight certificate revocation mechanism for VANET," in Proceedings of the sixth ACM international workshop on VehiculAr InterNETworking, pp [5] K. Sampigethaya, et al.,2005 "CARAVAN: Providing location privacy for VANET," DTIC Document. [6] M. Raya, et al.,2007 "Eviction of misbehaving and faulty nodes in vehicular networks," Selected Areas in Communications, IEEE Journal on, vol. 25, pp [7] C.-T. Lia, et al., 2008"A secure and efficient communication scheme with authenticated key establishment and privacy preserving for vehicular ad hoc networks q," Computer Communications, vol. 31, pp [8] X. Lin, X. Sun, P.-H. Ho, and X. Shen,2007 GSIS: a secure and privacy preserving protocol for vehicular communications IEEE Transaction on Vehicular Technology, Vol. 56, No. 6, pp [9] N.-W. Wang, et al.,2008 "A novel secure communication scheme in vehicular ad hoc networks," Computer Communications, vol.,31, pp [10] K. Plobi and H. Federrath,2008, "A privacy aware and efficient security infrastructure for vehicular ad hoc networks," Computer Standards & Interfaces, vol. 30, pp [11] H. Chan, et al.,2003 "Random key predistribution schemes for sensor networks," in Security and Privacy, Proceedings Symposium, pp A Brief Author Biography D.David Neels PonKumar was born in India, in He became a member in IEEE in He is a life member of ISTE. He completed his B.E degree in ECE in 1992 and M.E degree in Digital Communication and Networking through Anna University Chennai in He has submitted his PhD thesis in Wireless Networks through Anna University Chennai. He has ten years of Industrial experience in India and in gulf countries apart from 10 years of teaching experience at various cadres in India and Singapore. Presently he is working as professor in ECE department, at Einstein college of Engineering, Tirunelveli, India. He has 15 publications in International journals and presented 10 papers in International and National conferences. Networking is his area of interest. S.Janeshwari was born in India in She received B.E degree in Electronics and Communication Engineering through Anna University Chennai in 2012 and currently she is pursuing M.E degree degree in Applied Electronics through Anna University Chennai in She presented papers in National conferences and International Conferences. Her research interest is Wireless Networks and Wireless Communication. 8

9 A.Gomathi Sankari was born in India, in She completed B.E degree in Electrical and Electronics through Anna University Trichirapalli in 2011and pursuing M.E degree in Applied Electronics through Anna University Chennai in She has presented Papers in International conferences. She has an IEEE student membership in And her Area of interest is digital signal processing and wireless communication. Currently her research is in the domain of Cognitive Radio. 9