Short-term Linkable Group Signatures with Categorized Batch Verification

Similar documents
Message Authentication Scheme for Vehicular Ad-Hoc Wireless Networks without RSU

Pseudonym Based Security Architecture for Wireless Mesh Network

Introduction to VANET

Efficient Authentication and Congestion Control for Vehicular Ad Hoc Network

Sybil Attack Detection with Reduced Bandwidth overhead in Urban Vehicular Networks

Safety and Privacy in Vehicular Communications

Enhanced Management of Certificate Caching and Revocation Lists in VANET

A Study of Privacy Preserving Authentication for Safety Message Communication in VANET

DYNAMIC PRIVACY PROTECTING SHORT GROUP SIGNATURE SCHEME

ATCS: A Novel Anonymous and Traceable Communication Scheme for Vehicular Ad Hoc Networks

A Light-Weight Group Signature Scheme for Wireless Networks Based-on BBS Short Group Signature

Scalable privacy-enhanced traffic monitoring in vehicular ad hoc networks

Enhancing Security on Vehicular Adhoc Networks using EMAP-HMAC

SURVEY: Reputation and Trust Management in VANETs

Dr. Panos Papadimitratos

E-Ticketing scheme for mobile devices with exculpability

EXPEDITE MESSAGE AUTHENTICATION PROTOCOL FOR VANETs USING DATA AGGREGATION

An Implementation of a Pairing-Based Anonymous Credential System with Constant Complexity

Improving Energy Efficiency of VANET based Secure and Privacy Preserving Navigation Scheme using LTE

Privacy-preserving Communication for VANETs with Conditionally Anonymous Ring Signature

Blocking of Mischievous Users in Anonymizing Networks using Nymble System Srikanth Chintala, I.L. Narsimha Rao

Privacy in Vehicular Ad-hoc Networks. Nikolaos Alexiou, LCN, EE KTH

Cooperative ITS Corridor Joint Deployment

Security and Privacy in Car2Car Adhoc Networks

Security of vehicular communications. Vehicular communication (VC) systems

A Scalable and Secure Key Distribution Scheme for Group Signature based Authentication in VANET. Kiho Lim, Kastuv M. Tuladhar, Xiwei Wang, Weihua Liu

Privacy-Enabled Probabilistic Verification in Broadcast Authentication for Vehicular Networks

TACKing Together Efficient Authentication, Revocation, and Privacy in VANETs

A Secure and Efficient Authentication Technique for Vehicular Ad-Hoc Networks

International Journal of Computer Science Trends and Technology (IJCS T) Volume 4 Issue 3, May - Jun 2016

Public Key Infrastructure and Crypto Agility Concept for Intelligent Transportation Systems

New Lightweight Security Protocol for VANET by Using Registration Identity and Group Certificate

Towards Secure Virtual Machine Migration in Vehicular Cloud Environment

Improvements on an authentication scheme for vehicular sensor networks

ISSN Vol.03,Issue.36 November-2014, Pages:

Attribute-based Credentials on Smart Cards

MLAS: Multiple level authentication scheme for VANETs

Penang, Malaysia 1 3 * School of Computer Science, Universiti Sains Malaysia. Penang, Malaysia 2

D.David Neels Ponkumar 1, Janeshwari.S 2, Gomathi Sankari.A 3

Privacy in VANET using Shared Key Management

Enhancing Reliability and Scalability in Dynamic Group System Using Three Level Security Mechanisms

Conditional privacy-preserving authentication using registration list in vehicular ad hoc networks.

ABSTRACT

Securing Distributed Computation via Trusted Quorums. Yan Michalevsky, Valeria Nikolaenko, Dan Boneh

Proxy Signature-based RSU Message Broadcasting in VANETs

Source Anonymous Message Authentication and Source Privacy using ECC in Wireless Sensor Network

Accepted Manuscript. An efficient protocol for authenticated and secure message delivery in vehicular ad hoc networks. Kiho Lim, D.

An RSU Aided Distributed Certificate Update Scheme In Vehicular Networking Environment. Sunil Solanki * *

IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY, VOL. 57, NO. 6, NOVEMBER /$ IEEE

Boston University College of Engineering Department of Electrical and Computer Engineering. Secure Cooperative Accident Avoidance for Vehicles

STRONGER SECURITY NOTIONS FOR DECENTRALIZED TRACEABLE ATTRIBUTE-BASED SIGNATURES AND MORE EFFICIENT CONSTRUCTIONS

Overview of Challenges in VANET

COOPERATIVE DATA SHARING WITH SECURITY IN VEHICULAR AD-HOC NETWORKS

Efficient Compilers for Authenticated Group Key Exchange

SECURE TRUSTWORTHY SERVICE EVALUATION IN SOCIAL NETWORKS

Securing the Frisbee Multicast Disk Loader

Wireless Network Security Spring 2014

IEEE networking projects

TACKing Together Efficient Authentication, Revocation, and Privacy in VANETs

Privacy Preserving Authentication Approaches in VANET: Existing Challenges and Future Directions

Sybil Attack Detection in Mobile Adhoc Network

Network Security: Broadcast and Multicast. Tuomas Aura T Network security Aalto University, Nov-Dec 2011

Mitigating the Effects of Position-Based Routing Attacks in Vehicular Ad Hoc Networks

An Efficient Data Transmission in VANET Using Clustering Method

PMAP: Precipitate Message Authentication Protocol for Vehicular Ad Hoc Networks

On the Revocation of U-Prove Tokens

Revocation for Certificateless Authentication in VANETs

Ad-hoc Trusted Information Exchange Scheme for Location Privacy in VANET

Secure Path-Key Revocation for Symmetric Key Pre-distribution Schemes in Sensor Networks

Identity Mixer: From papers to pilots and beyond. Gregory Neven, IBM Research Zurich IBM Corporation

GRAS: A Group Reliant Authentication Scheme for V2V communication in VANET

International Journal of Engineering Research-Online A Peer Reviewed International Journal Articles available online

Blockchain for Enterprise: A Security & Privacy Perspective through Hyperledger/fabric

Design and Implementation of a RFC3161-Enhanced Time-Stamping Service

Attribute Based Encryption with Privacy Protection in Clouds

Privacy-Preserving Real-Time Navigation System Using Vehicular Crowdsourcing

Adaptive Privacy-Preserving Authentication in Vehicular Networks (Invited Paper)

Cryptanalysis of a Markov Chain Based User Authentication Scheme

A DEFENSE TECHNIQUE AGAINST MISBEHAVIOR IN VANETs BASED ON THRESHOLD AUTHENTICATION

APPA: Aggregate Privacy-Preserving Authentication in Vehicular Ad Hoc Networks

Securable Message Authentication System in Vehicular Ad Hoc Networks by using Trusted Authority

Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls

Sybil attack in VANET

Introduction to Network Security Missouri S&T University CPE 5420 Data Integrity Algorithms

On Reputation and Data-centric Misbehavior Detection Mechanisms for VANET

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L

Direct Anonymous Attestation

APPLICATIONS AND PROTOCOLS. Mihir Bellare UCSD 1

Privacy-Preserving Data Forwarding in VANETs: A Personal-Social Behavior Based Approach

EMAP: Expedite Message Authentication Protocol for Vehicular Ad Hoc Networks

NYMBLE: Blocking Misbehaving Users in Anonymizing Networks

Computer Based Image Algorithm For Wireless Sensor Networks To Prevent Hotspot Locating Attack

Network Security: Broadcast and Multicast. Tuomas Aura T Network security Aalto University, Nov-Dec 2010

Cryptography and Network Security Chapter 14

Formal Methods for Assuring Security of Computer Networks

Automotive Security An Overview of Standardization in AUTOSAR

EXTENDED NYMBLE: METHOD FOR TRACKING MISBEHAVING USERS ANONYMOSLY WHILE BLOCKING

COOPERATIVE ITS SECURITY STANDARDIZATION AND ACTIVITIES ON EUROPEAN C ITS TRUST MODEL AND POLICY

Unlinkable Attribute-Based Credentials with Practical Revocation on Smart-Cards

Design and Implementation of TARF: A Trust-Aware Routing Framework for WSNs

Transcription:

Short-term Linkable Group Signatures with Categorized Batch Verification Lukas Malina 1, Jordi Castella-Rocà 2, Arnau Vives-Guasch 2, Jan Hajny 1 1 Department of Telecommunications Faculty of Electrical Engineering and Communication Brno University of Technology Czech Republic 2 Department of Computer Engineering and Mathematics Universitat Rovira i Virgili Catalonia (Spain) Malina et al. Short-term Linkable Group Signatures with Categorized Batch Verification FPS 2012 1 / 20

Outline 1 Introduction 2 Our Solution 3 Evaluation 4 Conclusion Malina et al. Short-term Linkable Group Signatures with Categorized Batch Verification FPS 2012 2 / 20

Scope In ad hoc wireless networks like Vehicular ad hoc Network (VANETs) or Wireless Sensor Networks (WSN), data confidentiality is usually a minor requirement contrary to data authenticity and integrity. Messages broadcasted from a node to other nodes should be authentic but also keep user s privacy in plenty scenarios working with personal data. Appropriate schemes: Group Signatures (GS). Malina et al. Short-term Linkable Group Signatures with Categorized Batch Verification FPS 2012 3 / 20

Scenario n-4 Street C Street D n-5 II. route accident Destination of n-1car Street C Street A I. route n-6 B. 3 A. 2 1 Street B Street D n-2 n-3 Street B C. n-1 A.warning message (accident) B.warning message (traffic jam) Street A n C.bogus message (nonsense) Malina et al. Short-term Linkable Group Signatures with Categorized Batch Verification FPS 2012 4 / 20

Security Requirements in VANETs Data integrity Authenticity Non-repudation Privacy Efficiency Malina et al. Short-term Linkable Group Signatures with Categorized Batch Verification FPS 2012 5 / 20

Problems in VANET Security The current solutions have practical drawbacks: Expensive tamper-proof hardwares. Computation bottlenecks of the verification and revocation phases. Complicated certificate distribution/revocation. Omitting important properties like a short-term linkability demanded in several applications, e.g. change lanes of vehicles in VANET. Malina et al. Short-term Linkable Group Signatures with Categorized Batch Verification FPS 2012 6 / 20

Requirements and Cryptographic Background Security properties of our solution: Non-repudiation, message integrity and authenticity, user privacy (revocable anonymity), traceability. Used cryptography: ECDSA signature scheme, probabilistic ElGamal encryption, group signatures based on q-sdh problem and Decision Linear problem (BBS04 scheme [1]). Malina et al. Short-term Linkable Group Signatures with Categorized Batch Verification FPS 2012 7 / 20

Pairing-based Group Signatures We employ Group Signatures (GS) based on the BBS04 scheme [1]. General properties: Message integrity, authenticity and non-repudiation, anonymity, unlinkability, traceability. Pros of GS: Only 1 public key (suitable for VANETs, WSN, WBSN...), shorter security overhead than solutions using certificates, providing user privacy. Cons of GS: Expensive due to pairing operations, growing a revocation list, vulnerability against several attacks, e.g. Denial of Services (DoS). Malina et al. Short-term Linkable Group Signatures with Categorized Batch Verification FPS 2012 8 / 20

How to Reduce the Drawbacks of GS? Expensive due to pairing operations. Minimize the number of pairings in verification due to a batch verification. Reduce pairings in signing. Redesign scheme. Growing a revocation list. Use time restrictions of pseudonyms. Recompute the secret keys. Vulnerability against several attacks. Check the hashes of signatures. Apply the time stamps (against replay attack). Sort out the potential honest/bogus messages due to a short-linkability and categorized verification. Malina et al. Short-term Linkable Group Signatures with Categorized Batch Verification FPS 2012 9 / 20

Advanced Properties of Our Solution Short-linkability: more efficient signing (reducing the pairing operations), possible sorting of the messages, no harming the privacy in long term (long-term unlinkability). Categorized Batch Verification: sorts out potentially honest and bogus messages due to linkability, less errors in the 1. batch O(1), robust against the Sybil and Denial of Services attacks. Malina et al. Short-term Linkable Group Signatures with Categorized Batch Verification FPS 2012 10 / 20

The Parties in Our Model Trusted Authority TA: Issues certified pseudonyms, generates cryptographic parameters, reveals ID of a user. Group Manager GM: Generates group member secret keys, traces and opens malicious message. User V: A driver with the certified pseudonym, uses devices with VANET applications, signs, sends and verifies messages. Malina et al. Short-term Linkable Group Signatures with Categorized Batch Verification FPS 2012 11 / 20

Communication Pattern TA RSU 2-GM2 GM 2 I2I RSU 1-GM2 V2I I2I RSU 3-GM1 RSU 1-GM1 V 1 V2V GM 1 V 2 RSU 2-GM1 Malina et al. Short-term Linkable Group Signatures with Categorized Batch Verification FPS 2012 12 / 20

Our Scheme Setup Set(0, 1) l parameters establishing cryptographic parameters, setting keys of TA and GMs. Registration Reg(ID Vi ) π Vi a driver V i is authenticated by TA (ECDSA, ElGamal), TA issues pseudonym π Vi to V i. Join Join(π Vi ) gsk Vi V i with π Vi is anonymously authenticated by GM i (ECDSA, ElGamal), V i obtains a group member secret key gsk Vi from the GM i. Malina et al. Short-term Linkable Group Signatures with Categorized Batch Verification FPS 2012 13 / 20

Our Scheme Signing Sig(M, gsk Vi, gpk) σ using the modified group signature scheme (BBS04 [1]), V i signs M and outputs a group signature σ. Verification Ver(M, gpk, σ) valid/invalid sorting the signed messages to 3 levels of credibility, batch verification of group signatures. Trace Trace(M, σ, gmsk) gsk Vi, π Vi bogus signatures can be opened by GM i, GM i reveals the part of pseudonym π Vi from database. Revocation Rev(π Vi ) ID Vi the cooperation of GM i and TA, TA reveals ID Vi from π Vi. Malina et al. Short-term Linkable Group Signatures with Categorized Batch Verification FPS 2012 14 / 20

The Performance Evaluation - Signing In Signing, pairing operations are reduced 3 0, exponentiations 10 9 and multiplication 14 9. V2V scheme: Our scheme WLZ [4] GSIS [3] & Zhang et al. [5] & Ferrara et al. [2] Short-term linkability: yes no no The performance of Signing, excluding the first message Pairings 0 3 3 Exponentiation 9 10 12 Multiplication 9 14 12 Malina et al. Short-term Linkable Group Signatures with Categorized Batch Verification FPS 2012 15 / 20

The Performance Evaluation - Verification In Categorized batch verification, pairing operations are reduced 5n 2 (n - number of messages in one batch) V2V scheme: Our GSIS [3] Zhang et Ferrara et scheme al. [5] al. [2] & WLZ scheme[4] Batch: yes no yes yes Length of signature: 5G 1, G T, 5Z p (2380 bits) 3G 1, 6Z p (1500 bits) 7G 1, G T, 5Z p (2570 bits) 3G 1, G T, 6Z p (2032 bits) Performance of batch verification Pairings 2 5n 2 2 Exponentiation 11n 12n 14n 13n Multiplication 11n+1 8n 17n 10n+1 Performance of individual verification Pairings 5 5 5 5 Exponentiation 10 12 12 12 Multiplication 9 8 8 8 Malina et al. Short-term Linkable Group Signatures with Categorized Batch Verification FPS 2012 16 / 20

Experimental Implementation A proof of concept implementation in JAVA. Properties: the Java Pairing Based Cryptography (jpbc) Library, MNT curves type D with the embedding degree k = 6, 171 b order curve, the implementation of signing, verification and batch verification. - Our scheme BBS schemes Signing 60 ms 160 ms Single Verification 207 ms 224 ms Verification of 10 messages 500 ms (batch) 2240 ms Tested on machine: Intel(R) Xeon(R) CPU X3440 @ 2.53GHz, 4 GB Ram. Malina et al. Short-term Linkable Group Signatures with Categorized Batch Verification FPS 2012 17 / 20

Conclusion Contribution Practical and secure registration, join and revocation of members. Secure and anonymous inter-vehicle communication. Using short-term linkability more efficient performance in Signing. Categorized batch verification protection against DoS attacks in Verification. Future work The investigation of categorized batch verification and short-term linkability in dense urban traffic. The determination of parameters. Malina et al. Short-term Linkable Group Signatures with Categorized Batch Verification FPS 2012 18 / 20

. Thank you for your attention. Malina et al. Short-term Linkable Group Signatures with Categorized Batch Verification FPS 2012 19 / 20

References D. Boneh, X. Boyen, and H. Shacham. Short group signatures. In Proc. Adv. Cryptology-Crypto 04, ser. LNCS 3152, pages 41 55. Springer-Verlag, 2004. A. L. Ferrara, M. Green, S. Hohenberger, and M. Ø. Pedersen. Practical short signature batch verification. In Topics in Cryptology - The Cryptographers Track at the RSA Conference, volume 5473, pages 309 324. Springer, April 2009. X. Lin, X. Sun, P. han Ho, and X. Shen. Gsis: A secure and privacy preserving protocol for vehicular communications. In IEEE Transactions on Vehicular Technology, volume 56, pages 3442 3456, 2007. L. Wei, J. Liu, and T. Zhu. On a group signature scheme supporting batch verification for vehicular networks. In International Conference on Multimedia Information Networking and Security, pages 436 440, Los Alamitos, CA, USA, 2011. IEEE. L. Zhang, Q. Wu, A. Solanas, and J. Domingo-Ferrer. A scalable robust authentication protocol for secure vehicular communications. In IEEE Transactions on Vehicular Technology 59(4), pages 1606 1617, 2010. Malina et al. Short-term Linkable Group Signatures with Categorized Batch Verification FPS 2012 20 / 20

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback