VANETs
Agenda System Model → What is VANETs? → Why VANETs? Threats Proposed Protocol → AOSA → SPCP → PARROTS Evaluation → Entropy → Anonymity Set → Tracking Probability Conclusion
System Model VANETs are wireless networks where vehicles are both network hosts and routers They are involved in traffic and safety management. By using V2I and V2Vcomuunicatiobs A typical VANETs consists of a. Road Side Units b. Administration and application servers c. Location based Service d. Proxy e. Vehicles f. Group leader (depending on the model) g. Registration authority Communication through road side units in VANETs can be used to track the location of the vehicles
System Model This is an example showing the vehicles communicating with the traffic lights
As the VANETs uses the identifiers to communicate to the RSU through which it communicates to the LBS, this may affect the privacy of the vehicle. As people with access to these identifiers may be : 1) Administrators of network infrastructure 2) Administrators of LBS 3) Big Brother (quoted by George) 4) Hackers The anonymity of the message sender is also under risk Threats
AOSA : Anonymous Online Service Access SPCP : Synchronized Pseudonym Changing Protocol PARROTS: Position Altered Random Repetition Of Transportation Signature Proposed Models
In this protocol the concept of frequently changing anonymous keys is proposed to protect anonymity and location privacy. It is based on the concept of forming groups among neighbors. This model is based on two phases First Phase : All the vehicles and service providers register with the RA Here the vehicles dynamically form groups and short group signatures are used to handle all the group keys and signatures All the group members listen to the group leaders notifications Group members join the group based on the verification of the credentials of the group leader AOSA
Second Phase: In this when a vehicle needs to access the service. The steps followed in this procedure are : Step 1 : V i sends to GL the signed service request, m, represented by V − i (m) and his digital certificate, C(V i ) encrypted by the service provider’s public key, S + and by a previously established secret key, GL i S. This is represented as GL i S [S + (V − i (m), C(V i ))] = Gl i S [Mv]. Step 2: GL decrypts Mv and adds the GL’s location, Loc GL, and GL's digital certificate C(GL), then signs the message with the GL’s private key, GL −, resulting in M GL = GL − (Mv), C(GL), Loc GL. GL then forwards to the roadside unit, RSU. i AOSA
Step 3 : RSU relays message to Proxy. Step 4 : Proxy verifies GL’s certificate and forwards request to App. Server, AS. Step 5: AS (a) decrypts the message with its private key, (b) verifies the vehicle's identity and (c) verifies the vehicle's authority for the service requested. If all is satisfactory, service provider sends a reply, R, which includes session key, AS i S for communication between the vehicle and service provider. This results in a reply message encrypted with the vehicle’s public key, then with GL’s public key, or GL + (V + gi (R)). AOSA
Step 6 : Proxy verifies AS’s certificate and forwards reply to RSU. Step 7: RSU forwards reply to GL. Step 8: Finally, the GL forwards reply to vehicle using group secret key. The final reply may be represented as Gl i S [V + gi (R)]. AOSA
Initialization Phase :In addition to pseudonyms public/private keys and public key certificates, Certification Authority (CA) generates and uploads each vehicle a set of parameters that is required. Group management is divided between the CA and the temporary group leaders. Group Formation Phase : If there is no group, then it forms its own group before it changes the current pseudonym. Group joining phase : Group leader verifies the members CA certificate. Member vehicles receive member secret key. SPCP
Signature of any group member can be verified using group public key. Group Operations Phase : Each member uses its temporary identification, group private key, group public key and public key certificate issued by CA. Leader and member listen to each other continuously. If not heard it is understood that the member left. Pseudonym Changing Phase : group leader decides the time to change the pseudonyms. SPCP
Step 1: V gi sends to GL the signed service request, m, represented by V − i (m) and V + gi (m), C(V i ) encrypted by the service provider’s public key, S + and by a previously established secret key, GL i S. This is represented as GL i S [S + (V − i (m), V + gi (m), C(V i ))] = Gl i S [Mv]. Step 2 :GL decrypts Mv and adds the GL’s location, Loc GL, C(GL), then signs the message with the GL’s private key, GL −, resulting in M GL = GL − (Mv), C(GL), Loc GL. GL then forwards to the roadside unit, RSU. Step 3: RSU relays message to Proxy. SPCP
Step 4 :Proxy verifies GL’s certificate and forwards request to App. Server, AS Step 5: AS (a) decrypts the message with its private key, (b) verifies the vehicle's identity and (c) verifies the vehicle's authority for the service requested. If all is satisfactory, service provider sends a reply, R, which includes session key, AS i S for communication between the vehicle and service provider. This results in a replymessage encrypted with the vehicle’s public key, then with GL’s public key, or GL + (V + gi (R)). Step 6 : Proxy verifies AS’s certificate and forwards reply to RSU. Step 7: RSU forwards reply to GL. SPCP
Step 8: Finally, the GL forwards reply to vehicle using group secret key. The final reply may be represented as Gl i S [V + gi (R)]. SPCP
The parrots model alters the perceived posotion, hence the term “position altered” has been given. Here the message is repeated hence, the term “random repetition” has been given. The term “transportation signature is formualted as pseudo-identity is used to track the vehicle. In this model term “parrotee” is given to a vehicle that is willing to obfuscate its location. The term “parroter” is given to a vehicle that is willing to obfuscate another vehicle's location. PARROTS
PARROTS
AOSA/SPCP PARROTS
Anonymity Set Size : sum of all anonymity set values. Tracking Probability :no of vehicles with anonymity set size = 1/ total no of vehicles. Entropy : entropy + math.log(anonymity[vi],2)/total number of vehicles EVALUATION
In AOSA and SPCP the group leaders location is not secured, but using the PARROTS the group leaders location can also be secured. AOSA is a good model and has its own advantages such as securing the other group members and also enhancing the unlink ability by using the group identifiers. In any of the above models it is quite evident that higher density gives higher privacy In PARROTS concept multiple parrotee's per parroter can be implemented. In PARROTS the anonymity set i.e. how many are using the same location id is difficult to find. Including user choice could be the future direction for PARROTS. CONCLUSION AND FUTURE WORK
References 1.Weerasinghe H, Fu H, Leng S (2010) Anonymous service access for Vehicular Ad hoc Networks, 2010 Sixth International Conference on Information Assurance and Security (IAS), pp , Weerasinghe H, Fu H, Leng S, Zhu Y (2011) Enhancing unlink ability in Vehicular Ad Hoc Networks, 2011 IEEE International Conference on Intelligence and Security Informatics (ISI), pp Sampigethaya K, Huang L, Li M, Poovendran R, Matsuura K, and Sezaki K (2005) CARAVAN: Providing location privacy for VANET, Proceedings of the Workshop on Embedded Security in Cars (ESCAR) 4.Sampigethaya K, Li M, Huang L, Poovendran R (2007) AMOEBA: Robust Location Privacy Scheme for VANET, IEEE Journal on Selected Areas in Communications, vol.25, no.8, pp George Corser,Fu H, Pondicherry N, Alnahash N PARROTS(Position Altered Random Repetition of Transportation signature).
Thanks for your help and support throughout the semester Dr.Huirong Fu And George Corser ACKNOOWLEDGMENTS