Enhancing Security on Vehicular Adhoc Networks using EMAP-HMAC

Transcription

1 ISSN (ONLINE): , ISSN (PRINT): Page No.: Volume-5, Issue-2, April-2015 International Journal of Engineering and Management Research Enhancing Security on Vehicular Adhoc Networks using EMAP-HMAC C.Bala 1, R. S. Chitra 2, J. Naskath 3 1,2,3 Research Scholars, National Engineering College, INDIA ABSTRACT- Vehicular ad hoc networks (VANETs) adopt the Public Key Infrastructure (PKI) and Certificate Revocation Lists (CRLs) for their security. In any PKI system, the message authentication is performed by checking if the certificate of the sender is included in the current CRL, and verifying the authenticity of the certificate and signature of the sender. In this paper, we propose an Expedite Message Authentication Protocol (EMAP) for VANETs, which replaces the time-consuming CRL checking process by an efficient revocation checking process. The revocation check process in EMAP uses a keyed Hash Message Authentication Code (HMAC), where the key used in calculating the HMAC is shared only between non-revoked OBUs. In addition, EMAP uses a novel probabilistic key distribution, which enables non-revoked OBUs to securely share and update a secret key. EMAP can significantly decrease the message loss ratio due to the message verification delay compared with the conventional authentication methods employing CRL. Keywords Vehicular Ad hoc network, Public Key Infrastructure, Certificate Revocation List, Hash Key Message Authentication Code. I. INTRODUCTION VANETs consist of On-Board Units (OBUs) and Road-Side Units (RSUs).Vehicle-to-Vehicle (V2V) and Vehicle-to-Infrastructure (V2I) communications are the two communication modes, which, respectively, allow OBUs to communicate with each other and with the infrastructure RSUs. Since vehicles communicate through wireless channels, many attacks such as injecting false information, modifying and replaying the disseminated messages can be easily launched. A security attack on VANETs can have severe harmful effect to legitimate users. A popular solution to secure VANET is use of Public Key Infrastructure (PKI), and Certificate Revocation Lists (CRLs) for managing the revoked certificates. In PKI, each entity in the network holds an authentic certificate, and every message should be digitally signed before its transmission. A CRL, usually issued by a Trusted Authority (TA), is a list containing all the revoked certificates. In a PKI system, the authentication of any message is performed by first checking if the sender s certificate is included in the current CRL, i.e. checking its revocation status then verifying the sender s and finally verifying the sender s signature on the received message. Security in VANET is crucial to take care before it is actually deploying into real time. The paper proposes an EMAP protocol for secure communication in VANETS. EMAP uses a keyed Hash Message Authentication Code (HMAC) where the hash key is used in calculating the HMAC to provide security in vehicular communication. The first part of authentication, which checks the revocation status of the sender in a CRL may incur long delay depending on CRL size and the employed mechanism for searching the CRL. The CRL size in VANET is expected to be very large For the following reason:1) To preserve the privacy of drivers i.e., to decline leakage of real identities and location information of drivers from any attackers, each OBU should be preloaded with a set of anonymous digital certificates, where the OBU has to frequently change its anonymous certificate to mislead attackers.2) The scale of VANETS is very large. According to the Dedicated Short Range Communication (DSRC) where, each OBU has to broadcast a message about its location, velocity and other information. In such scenario, each OBU may receive a large number of messages, and it has to check the current 704 Copyright Vandana Publications. All Rights Reserved.

2 CRL for all the received certificates, which may take long authentication delay depending on the CRL size and the number of certificates received. The remaining paper is organized as follows. The related works are discussed in section II. The proposed EMAP is presented in section III. performance evaluation presented in section IV. and Section V concludes the paper. II. RELATED WORK In VANETs, the primary security requirements are identified as entity authentication, message integrity, nonrepudiation, and privacy preservation. The PKI is the most viable technique to achieve these security requirements [4], [12]. PKI employs CRLs to efficiently manage the revoked certificates. Since the CRL size is expected to be very large, the delay of checking the revocation status of a certificate included in a received message is expected to be long. In [12], Hubaux identify the specific issues of security and privacy challenges in VANETs, and indicate that a PKI should be well deployed to protect the transited messages and to mutually authenticate network entities. In [4], Raya and Hubaux use a classical PKI to provide secure and privacy preserving communications to VANETs. In this approach, each vehicle needs to preload a huge pool of anonymous certificates. The number of the loaded certificates in each vehicle should be large enough to provide security and privacy preservation for a long time, e.g., one year. Each vehicle can update its certificates from a central authority during the annual inspection of the vehicle. In this approach, revoking one vehicle implies revoking the huge number of certificates loaded in it. In [13], Studer et al. propose an efficient authentication and revocation scheme called TACK. TACK adopts a hierarchy system architecture consisting of a central trusted authority and regional authorities (RAs) distributed all over the network. The authors adopted group signature where the trusted authority acts as the group manager and the vehicles act as the group members. Upon entering a new region, each vehicle must update its certificate from the RA dedicated for that region. The vehicle sends a request certificate, and finally verifying the sender s signature on the received message. The first part of the authentication, which checks the revocation status of the sender in a CRL, may incur long delay depending on the CRL size and the employed mechanism for searching the CRL. Unfortunately, the CRL size in VANETs is expected to be large for the following reasons: 1) To preserve the privacy of the drivers, i.e., to abstain the leakage of the real identities and location information of the drivers from any external eavesdropper [1], [2], [3], each OBU should be preloaded with a set of anonymous digital certificates, where the OBU has to periodically change its anonymous certificate to mislead attackers [4], [5], [6]. Consequently, a revocation of an OBU results in revoking all the certificates carried by that OBU leading to a large increase in the CRL size. 2) The scale of VANET is very large. According to the United States Bureau of Transit Statistics, there are approximately 251 million OBUs in the Unites States in 2006 [7]. Since the number of the OBUs is huge and each OBU has a set of certificates, the CRL size will increase dramatically if only a small portion of the OBUs is revoked. To have an idea of how large the CRL size can be, consider the case where only 100 OBUs are revoked, and each OBU has 25,000 certificates [8]. In this case, the CRL contains 2.5 million revoked certificates. According to the employed mechanism for searching a CRL, the Wireless Access in Vehicular Environments (WAVE) standard [9] does not state that either a non optimized search algorithm, e.g., linear search, or some sort of optimized search algorithm such as binary search, will be used for searching a CRL. In this paper, we consider both non optimized and optimized search algorithms. According to the Dedicated Short Range Communication (DSRC) [10], which is part of the WAVE standard, each OBU has to broadcast a message every 300 msec about its location, velocity, and other telematic information. In such scenario, each OBU may receive a large number of messages every 300 msec, and it has to check the current which will trigger a false positive. Although this solution can minimize the false positives, it cannot to completely prevent them, which limits their advantages, especially, in safety-related VANETs applications.the probabilistic approach is a promising technique for the key management in ad hoc networks [14], [15]. Zhu et al. introduce the GKMPAN protocol [16], which adopts a probabilistic key distribution approach based on pre deployed symmetric keys. The GKMPAN is efficient and scalable for wireless mobile networks, because it takes the node mobility into consideration. In [17], a probabilistic random key distribution is proposed to achieve efficient privacypreserving group communication protocol for VANETs. Employing a probabilistic random key distribution and a secret key sharing threshold scheme, an efficient distributed revocation protocol for VANET is designed in [18]. In this paper, we propose an Expedite Message Authentication Protocol (EMAP) to overcome the problem of the long delay incurred in checking the revocation status of a certificate using a CRL. EMAP employs keyed Hash Message Authentication Code (HMAC) in the revocation checking process, where the key used in calculating the HMAC for each message is shared only between unrevoked OBUs. In addition, EMAP is free from the false positive property which is common for lookup hash table as it will be indicated in the next section. III. PROPOSED SYSTEM An Expedite Message Authentication Protocol (EMAP) for VANETs that replaces the time-consuming CRL checking process by an efficient revocation checking process. Revocation check process in EMAP uses a keyed 705 Copyright Vandana Publications. All Rights Reserved.

3 Hash Message Authentication Code HMAC in which the key used in calculating the HMAC is shared only between non-revoked On-Board Units (OBUs). Also, EMAP uses a novel probabilistic key distribution that enables non revoked OBUs to securely share and update a secret key. With the conventional authentication methods employing CRL. EMAP is demonstrated to be secure and efficient by conducting performance evaluation. The proposed method can reduce the CRL checking to two pairing operations. Though, this solution is based on fixing some parameters in the group signature attached to every certificate request that reduces the privacy preservation of TACK and renders the tracking of a vehicle possible. 3.1 Design Implementation A fast HMAC function is used by the proposed EMAP protocol. Also a novel key sharing scheme employing probabilistic random key distribution is used here too. In VANETs, the primary security requirements are identified as entity authentication, message integrity, non repudiation and privacy preservation. A well recognized solution to secure VANETs was Public Key Infrastructure (PKI), and to use Certificate Revocation Lists (CRLs) for managing the revoked certificates. In PKI, each entity in the network holds an authentic certificate, and every message should be digitally signed before its transmission. A CRL, usually issued by a Trusted Authority (TA), is a list containing all the revoked certificates. In a PKI system, the authentication of any message is performed by first checking if the sender s certificate is included in the current CRL, i.e., checking its revocation status, then, verifying the sender s certificate, and finally verifying the sender s signature on the received message. Since the CRL size is expected to be very large, the delay of checking the revocation status of a certificate included in a received message is expected to be long. The assumptions for the system model design contain A Trusted Authority, Roadside units and OBUs as described below: 3.2 Communication in Vanet In VANETS vehicles are moving in high speed and the duration of connection link between nodes depends on the radio range between them. VANET consists of two types of communications, V2V- Vehicular to Vehicular Communications and V2I- Vehicular to Infrastructure communications. The main elements of VANETs are TA- Trusted Authority RSU-Road Side Units OBU-On Board Units TA is the central authority which issues valid certificates for OBUs and contains CRL-Certificate Revocation List. For the secure communication of VANET PKI- Public Key Infrastructure is used. Every node will be having one public key and one private key which are issued by the TA.. When one OBU sends message to another OBU, it can be done through either V2V or V2I mode. The receiver accepts the message only if the sender OBU is non revoked OBU and the message is authenticated. Fig 1. Vanet Architecture CRL contains information about the certificates of revoked and non-revoked OBUs. TA returns the validity information to receiver OBU through intermediate RSU. If many OBUs want to communicate at the same time, it will result in a queue for message authentication. This will lead to message authentication delay in VANET and increases the workload of TA. To overcome this we can use an EMAP method to overcome the problem of the long delay incurred in checking the revocation status of a certificate using a CRL, and it employs keyed Hash Message Authentication Code (HMAC) in the revocation checking process, where the key used in calculating the HMAC for each message is shared only between unrevoked OBUs and so the queues for the message authentication is reduced. Since the key used in calculating the HMAC for each message is shared only between unrevoked OBUs the workload of TA is also reduced and hence the performance of the entire system is increased by reducing the delay and workload. V2V infrastructure consists of direct contact between OBUs. But in V2I, one OBU contact another OBU through RSU. OBU requests certificate to TA through RSU. TA in return updates the keys and certificate of OBU through RSU. When an OBU receives message from another OBU, it checks the authorization of the message by contacting TA through RSU. When one OBU leaves the coverage of current RSU and it enters the coverage of a new RSU it updates its location information. OBUs accepts message from authorized OBUs only. The Trusted Authority TA contains a public key, a private key, CRL List, RSU List and OBU list. Public and Private keys of TA, RSUs and OBUs are calculated using key RSA algorithm. CRL List contains list of revoked OBUs. When an OBU s time validity becomes zero, TA will revoke it and its name will be entered into the CRL List. If revoked OBU is requesting for key renewal, that OBU will be taken away from CRL List. When any of one OBU becomes invalid, all other OBUs common key will be renewed (same common key for all valid OBUs) by the TA. RSU List contains names of all created RSUs. OBU List includes all OBUs names. 706 Copyright Vandana Publications. All Rights Reserved.

4 The Road Side Units After TA is created RSUs has to be created one by one by entering the distance and range values for each RSU. If the distance value of one RSU is 50m and its range is 40m, its coverage will be between 10m-90m from the initial point for example from zero point. Similarly like TA, RSUs also have public and private keys. Other RSU elements are distance value, range value and OBU List. Whenever an OBU is created under the range of this particular RSU, that OBU name will appear in the OBU list of the corresponding RSU. As the OBU is assumed to be moving continuously, based on its coverage variation, OBU name will be entered and taken away from the OBU list of that RSU. The On Board Units The OBU is DRSC transceiver generally installed in or on a vehicle; OBU can communicate either with other OBUs through Vehicle-to-Vehicle (V2V) communications or with the infrastructure RSUs through Vehicle-to- Infrastructure (V2I) communications. Each OBU is equipped with a Global Positioning Service (GPS) receiver which contains the geographical coordinates of the RSUs. 3.3 EMAP System Model Creation A Trusted Authority responsible for providing anonymous certificates and distributing secret keys to all OBUs in the network. The Roadside units (RSUs) that are fixed units are distributed all over the network. RSUs can communicate securely with the TA and OBUs are embedded in vehicles. All the OBUs can communicate either with other OBUs through V2V communications or with RSUs through V2I communications. System Initialization Message Authentication Revocation System Initialization Vehicles are initialized by creation and registration process. The vehicles are first created in the network and get registered to the TA using the information Vehicle id (Vid) and signature id (Sig id). The signature id is created using the algorithm DSA. After registration; TA issues the following parameters to each vehicle. 1. Public Key (PKU ), Private Key (PRu), which is used for both encryption and decryption purposes using RSA algorithm. Fig 2. Registration of vehicles 2. Secret Key (Kg), which is used for generating MAC code to ensure message integrity and authentication generated using the algorithm MD5. 3. Shared Key, which is used for secure communication between vehicles. 4. Time Stamp, denotes the time when the vehicles are registered to the network. 5. Certificate, owned for each vehicle that binds the public key.finally TA stores the information such as Vehicle id,signature id and Time stamp for each vehicle. Message Authentication Message Authentication involves two processes such as:- 1. Message Signing 2. Message Verification OBU which is installed in each vehicle performs all the cryptographic operations such storing the keys, certificates and performing message encryption and decryption. Before starting the process of communication, shared key is exchanged between vehicles for the purpose of secure communication. After sharing the key, the vehicles can disseminate the safety-related message to other vehicles such as vehicle s speed, acceleration, deceleration, velocity and so on. 1. Message Signing: The source vehicle, OBUU broadcast its safety relatedmessage to the other nearby vehicles along the 707 Copyright Vandana Publications. All Rights Reserved.

5 roadside. Before broadcasting, the OBUU calculates a REV Check i.e. HMAC using the secret key and the message to be sent. The MAC which is generated ensures message integrity and the authentication services.revcheck= HMAC(Kg; PIDuk II Tstamp) After calculating the REV Check, OBUu broadcast the message by encrypting with public key. Finally the message is broadcasted to other nearby vehicles. 2. Message Verification The destination vehicle, OBUY before receiving the message checks CRL status that the certificate of the intended OBUU is revoked or not. After verification, if the certificate is nonrevoked OBUY receives the message and decrypt it using the public key since asymmetric key cryptosystem is used. certificates can be accepted only when they are in state of non-revoked else it is considered as revoked and the safety-related message that is broadcasted is no more accepted by the destination vehicle OBU. The CRL verification is performed using the concept of hash chain. RSU, a fixed infrastructure unit on the roadside. Each OBU belongs to their corresponding RSUs depending upon their timestamp value, the time when they get registered to the network. The certificate update is performed through a Trusted Authority (TA), which sends the updated certificate to the requesting OBU through the available RSUs on the Roads. RSU does this verification rather than by TA in a timely manner since RSU can securely communicate with TA. Due to this communication overhead is reduced. Thus, the EMAP scheme offers a distributed certification services. Finally, when a certificate is found to be revoked it must progress the non-revocation process. Thereby ensuring fast revocation verifying process without any delay. Batch Verification Considering the requirement for each vehicle to verify a large number of messages in a timely manner, EMAP introduces an efficient batch verification technique, which enables any vehicle to simultaneously verify a mass of messages. The verification is done by using Secure Hash algorithm (SHA-1). Therefore, the EMAP can meet the security and efficiency requirements for certificate service in vehicular communications. Fig 3. Message Verification Else progress the revocation process. After decrypting, the OBU generates a REV Check by itself using the secret key and the message. It then verifies the generated REV check and the received REV Check matches or not. If match occurs, the message integrity is verified. Else it specifies that false information or replay attacks has been involved and indicates that integrity is lost. Once the integrity is verified,the safety-related message is accepted and displayed.otherwise the message is ignored. RSU - Aided Verification The CRL consists of list of revoked certificates. The certificate which belongs to the identity of each vehicle is revoked due to the reasons like certificate expiration or any other validation problems. The Fig 4.RSU aided verification Revocation The revocation process is carried out by altering the revoked certificate into a non-revoked. Once the certificate has been non-revoked it can used further by the OBUs for disseminating the safety-related message without ignorance. The process can be performed by gathering the revoked OBU s secret key which is used for secure communication and the hash value from the hash chain. Update both the secret key and the hash value and finally redistributed. The updated CRL is now distributed by the RSU to the all other OBUs. IV. PERFORMANCE EVALUATION 708 Copyright Vandana Publications. All Rights Reserved.

6 A. Computation Complexity of Revocation Status Checking We are interested in the computation complexity of the revocation status checking process which is defined as the number of comparison operations required to check the revocation status of an OBU. Let N rev denote the total number of revoked certificates in a CRL. To check the revocation status of an OBU u using the linear search algorithm, an entity has to compare the certificate identity of OBU u with every certificate of the N rev certificates in the CRL, i.e., the entity performs one-to-one checking process. Consequently, the computation complexity of employing the linear search algorithm to perform a revocation status checking for an OBU is O (N rev). In the binary search algorithm, the certificate identity of OBU u is compared to the certificate identity in the middle of the sorted CRL. If the certificate identity of OBU u is greater than that of the entry in the middle, then half of the CRL with identities lower than that of OBU u are discarded from the upcoming comparisons. If the certificate identity of OBU u is lower than that of the entry in the middle, then half of the CRL with identities higher than that of OBU u are discarded. The checking process is repeated until a match is found or the CRL is finished. It can be seen that at each step in the binary search method half of the entries considered in the search is discarded. Thus, the computation complexity of the binary search algorithm to perform a revocation status checking for an OBU is O (log N rev ). In EMAP, the revocation checking process requires only one comparison between the calculated and received values of REV check. As a result, the computation complexity of EMAP is O (1), which is constant and independent of the number of revoked certificates. In other words, EMAP has the lowest computation complexity compared with the CRL checking processes employing linear and binary search algorithms. B. Authentication Delay We compare the message authentication delay employing the CRL with that employing EMAP to check the revocation status of an OBU. As stated earlier, the authentication of any message is performed by three consecutive phases: checking the sender s revocation status, verifying the sender s certificate, and verifying the sender s signature. Fig 5.a. Authentication delay per message For EMAP, we adopt the Secure Hash Algorithm 1 SHA-1 as the HMAC functions. We consider the PID of OBU and the time stamp (T stamp ) having equal lengths of 8 bytes. We adopt the Crypto++ library for calculating the delay of the HMAC functions, where it is compiled on Intel Core2Duo 2 GHz machine. The delay incurred by using SHA-1 to calculate the revocation check (REV check = HMAC(K g ; PID u T stamp)) is 0.23 and 0:42 _sec, respectively. Also, we have simulated the linear and binary CRL checking process using C++ programs compiled on the same machine. The linear CRL checking program performs progressive search on a text file containing the unsorted identities of the revoked certificates, while the binary CRL checking program performs a binary search on a text file containing the sorted identities of the revoked certificates. For the second and third authentication phases, we employ Elliptic Curve Digital Signature Algorithm (ECDSA) [19] to check the authenticity of the certificate and the signature of the sender. ECDSA is the digital signature method chosen by the WAVE standard. In ECDSA, a signature verification takes 2T mul, where T mul denotes the time required to perform a point multiplication on an elliptic curve. Consequently, the verification of a certificate and message signature takes 4T mul. In, T mul is found for a supersingular curve with embedding degree k = 6 to be equal to 0.6 msec. Fig. 5.a shows a comparison between the authentication delay per message using EMAP, linear CRL checking process, and binary CRL checking process versus the number of the revoked certificates, where the number of the revoked certificates is an indication of the CRL size. It can be seen that the authentication delay using the linear CRL checking process increases with the number of revoked certificates, i.e., with the size of the CRL. Also, the authentication delay using the binary CRL checking process is almost constant. This can be explained as follows: the number of revoked certificates in the conducted simulation ranges from 10,000 to 50,000 revoked certificates; This is, respectively, corresponding to 14 to 16 comparison operations. Since the range of the number of the 709 Copyright Vandana Publications. All Rights Reserved.

7 comparison operations is very small, the authentication delay is almost constant. The authentication delay using EMAP is constant and independent of the number of revoked certificates. Moreover, the authentication delay using the EMAP outperforms that using the linear and binary CRL checking processes. For example, the authentication delay per message using the linear CRL checking process, the binary CRL checking process, and EMAP (SHA-1) for a CRL including 20,000 revoked certificates are 21.4, 4.62, and msec, respectively. Consequently, EMAP (SHA-1) expedites the message authentication by and percent compared to that using the linear and binary CRL checking process, respectively. linear CRL checking, and binary CRL checking, respectively. In the simulation, we consider CRLs containing 30,000 revoked certificates, and the OBUs density as the number of OBUs per km2. Fig 6.End-to-End Delay Fig 5.b. Total authentication delay vs. the number of the received messages Fig 5.b shows the total authentication delay in msec versus the number of messages to authenticated using EMAP and the linear and binary CRL checking process. It can be seen that as the CRL size increases the number of messages that can be verified within a specific period is significantly decreased using the linear CRL checking process. Also, for a constant authentication delay, EMAP outperforms the linear and binary CRL checking process. The maximum number of messages that can be verified simultaneously in 300 msec is 14, 64,and 124 messages for message authentication employing linear CRL checking, binary CRL checking, and EMAP, respectively, where the considered CRL includes 20,000 certificates. The number of messages that can be verified using EMAP within 300 msec is greater than that using linear and binary CRL checking by 88.7 and percent, respectively. C. End-to-End Delay We are interested in the end-to-end delay, which is defined as the time to transmit a message from the sender to the receiver. Fig 6.shows the end-to-end delay in msec versus the OBUs density, by employing authentication using the proposed EMAP (SHA-1), the It can be seen that the end-to-end delay increases with the OBUs density because the number of the received packets increases with the OBUs density resulting in longer waiting time for the packets to be processed by the application layer in each OBU. In addition, the end-to-end delay tends to be constant for high OBUs densities as the number of received packets reaches the maximum number of packets an OBU can verify within a specific duration. The end-to-end delay also increases with the number of revoked certificates included in the CRL for the linear CRL checking process. However, the end-to-end delay is almost constant with the CRL size using the binary checking process as the number of comparison operations needed to check CRLs with 20,000 and 30,000 certificates is almost the same. From Fig.6, employing the proposed EMAP in authentication reduces the end-to-end delay compared with that using either the linear or the binary CRL checking process. V. CONCLUSION This paper proposed EMAP for VANETs, which expedites message authentication by replacing the timeconsuming CRL checking process with a fast revocation checking process employing HMAC function. The proposed EMAP uses a novel key sharing mechanism which allows an OBU to update its compromised keys even if it previously missed some revocation messages. In addition, EMAP has a modular feature rendering it integrable with any PKI system. Furthermore, it is resistant to common attacks while outperforming the authentication techniques employing the conventional CRL. Therefore, EMAP can significantly decrease the message loss ratio 710 Copyright Vandana Publications. All Rights Reserved.

8 due to message verification delay compared to the conventional authentication methods employing CRL checking. REFERENCES [1] P. Papadimitratos, A. Kung, J.P. Hubaux, and F. Kargl, Privacy and Identity Management for Vehicular Communication Systems: A Position Paper, Proc. Workshop Standards for Privacy in User-Centric Identity Management, July [2] K. Sampigethaya, L. Huang, M. Li, R. Poovendran, K. Matsuura, and K. Sezaki, CARAVAN: Providing Location Privacy for VANET, Proc. Embedded Security in Cars (ESCAR) Conf., Nov [3] A. Wasef, Y. Jiang, and X. Shen, DCS: An Efficient Distributed Certificate Service Scheme for Vehicular Networks, IEEE Trans. Vehicular Technology, vol. 59, no. 2 pp , Feb [4] M. Raya and J.-P. Hubaux, Securing Vehicular Ad Hoc Net-works, J. Computer Security, vol. 15, no. 1, pp , [5] Y. Sun, R. Lu, X. Lin, X. Shen, and J. Su, An Efficient Pseudonymous Authentication Scheme with Strong Privacy Preservation for Vehicular Communications, IEEE Trans. Vehicular Technology, vol. 59, no. 7, pp , Sept [6] R. Lu, X. Lin, H. Luan, X. Liang, and X. Shen, Pseudonym Changing at Social Spots: An Effective Strategy for Location Privacy in Vanets, IEEE Trans. Vehicular Technology, vol. 61, no. 1, 86-96, Jan [7] US Bureau of Transit Statistics, Passenger_vehicles_in_the_United_States, [8] J.J. Haas, Y. Hu, and K.P. Laberteaux, Design and Analysis of a Lightweight Certificate Revocation Mechanism for VANET, Proc. Sixth ACM Int l Workshop VehiculAr InterNETworking, pp , [9] IEEE Std , IEEE Trial-Use Standard for Wireless Access in Vehicular Environments - Security Services for Applications and Management Messages, IEEE, [10] 5.9 GHz DSRC, index.html, [11] A. Wasef and X. Shen, MAAC: Message Authentication Accel-eration Protocol for Vehicular Ad Hoc Networks, Proc. IEEE GlobeCom, [12] J.P. Hubaux, The Security and Privacy of Smart Vehicles, IEEE Security and Privacy, vol. 2, no. 3, pp , May/June [13] A. Studer, E. Shi, F. Bai, and A. Perrig, TACKing Together Efficient Authentication, Revocation, and Privacy in VANETs, Proc. IEEE CS Sixth Ann. Conf. Sensor, Mesh and Ad Hoc Comm. and Networks (SECON 09), pp. 1-9, [14] H. Chan, A. Perrig, and D. Song, Random Key Predistribution Schemes for Sensor Networks, Proc. IEEE Symp. Security and Privacy, pp , [15] L. Eschenauer and V.D. Gligor, A Key- Management Scheme for Distributed Sensor Networks, Proc. ACM Conf. Computer and Comm. Security, pp , [16] S. Zhu, S. Setia, S. Xu, and S. Jajodia, GKMPAN: An Efficient Group Rekeying Scheme for Secure Multicast in Ad-Hoc Net-works, J. Computer Security, vol. 14, pp , [17] A. Wasef and X. Shen, PPGCV: Privacy Preserving Group Communications Protocol for Vehicular Ad Hoc Networks, Proc. IEEE Int l Conf. Comm. (ICC 08), pp , [18] A. Wasef and X. Shen, EDR: Efficient Decentralized Revocation Protocol for Vehicular Ad Hoc Networks, IEEE Trans. Vehicular Technology, vol. 58, no. 9, pp , Nov [19] D. Johnson, A. Menezes, and S. Vanstone, The Elliptic Curve Digital Signature Algorithm (ECDSA), Int l J. Information Security, vol. 1, no. 1, pp , [20] William Stallings "Cryptography and Network Security"4 th Ed.Pearson Education, Copyright Vandana Publications. All Rights Reserved.