An Efficient and Practical Authenticated Communication Scheme for Vehicular Ad Hoc Networks Source: IEEE Transactions on Vehicular Technology, Reviewing Presenter: Yung-Chih Lu ( 呂勇志 ) Date: 2011/03/04

Outline 2  Introduction  Proposed Scheme  Security Analysis  Performance Analysis  Conclusion  Comment

Introduction (1/3)  Goal  Message Authentication & Message Encryption  Against attack  Replay attack  Impersonation attack  Outsider attack  Saving resource  computation cost 3

Introduction (2/3) 4  Vehicular Ad Hoc Network (VANET) RSC: Road Side Unit

Introduction (3/3)  The Functions of Proposed Scheme  Traffic control schemes  Message Authentication  Entertainment service scheme  Message Encryption 5

 Vehicle-RSU-Vehicle Communication Proposed Scheme for Traffic Control (1/2) 6 V : Vehicular M: Message T Vi : Timestamp K vi : A pre-shared key x: RSU’s private key t: Random number H(): one way hash function Q: base point over Elliptic Curve X = x ． Q Vi (ID Vi, ID Vj, M, T Vi, K vi ⊕ H(M||T Vi )) VjRSU 1.Computes K’ Vi =H(ID Vi || x) 2. Decrypts K vi ⊕ H(M||T Vi ) 3. 4.Checks M,T vi 5. Selects t ∈ Z * n 6. Computes T= t ． Q = (x 1,y 1 ) r= x 1 mod n s= t -1 ． [H(M||T R )+x ． t] 7.Broadcast (ID R, ID Vj, M, (r,s), T R ) 1.Computes (s -1 ． H(M||T R )) ． Q+s -1 ． r ． X)= (x 1 ’,y 1 ’ ) 2. Verifies r’ = r r’= x 1 ’ mod n

 CSESPP Scheme Proposed Scheme for Entertainment Service (2/2) 7 V : Vehicular Reg: Request message T Vi : Timestamp K vi : A pre-shared key ES: Entertainment Service R: Random number H(): one way hash function CSESPP: Communication Scheme for Entertainment Services with Privacy Preservation Vi (ID Vi, Reg, T Vi, H(K vi ||T Vi )) RSU 1.Computes K’ Vi =H(K vi ||T Vi ) 2. Verifies H(K’ vi ||T Vi ) =H(K vi ||T Vi ) 3. R ∈ Z * n 4. Computes SK i = H(K vi ||R) {E SKi (ES,R),R} 1.Computes SK i =H(K vi ||R) 2. Decrypts E SKi (ES,R) 3. Check R K’ Vi =H(ID Vi || x)

Security Analysis (1/1)  Against attack  Outsider attack  Secret key  Impersonation attack  Secret key  Replay attack  Timestamp 8

Performance Analysis (1/1) 9  Comparisons Table T EC_Mul : the operation time of point multiplication on the elliptic curve function T exp : the operation time of the modular exponentiation T mul : the operation time of the modular multiplication

Conclusion 10  A vehicle only needs to share one session key with RSU to communicate with the other vehicles.  The proposed scheme is more efficient than other scheme.

Comment (1/2) 11  本文主要貢獻簡述 ：  所有認證與加密工作皆透過公認第三方 (RSU) 來進行, 搭 配 ECDSA 簽章，降低 Computation cost 。  優點：  提出橢圓曲線的 point multiplication 比 modular exponentiation 更有效率的概念，來降低 computation cost 。  缺點：  錯字都集中在 proposed scheme 。  Security Analysis 缺乏證明。  當 Vehicular 周圍無 RSU 時，則無法進行 authentication 及 encryption 。

Comment (2/2)  作者需進一步說明 :  請解釋在 Entertainment Service 中，使用隨機值 R 的用意。  明顯錯誤 ( 含 typos):  Page6, 倒數第 3 行 S 應改成 M  Page16, Figure1, 第 8 行 H’(ID Vi ||x) = ⊕ H(ID Vi ||x) 應改成 H’(M||T Vi ) =H(M||T Vi )  Page16, Figure1, 第 13 行 x ． t 應改成 x ． r  Page18, Figure2, 第 5 行 K’ Vi =H(K vi ||T Vi ) 應改成 K’ Vi =H(ID Vi || x) 12

Li et al.’s Scheme for Traffic Control (1/2) 13 ViVj 1.Computes 1.Decrypts the message by H t (SK) 2.Computes 3.check  Vehicle-to-Vehicle Communication