Group-based Source Authentication in VANETs You Lu, Biao Zhou, Fei Jia, Mario Gerla UCLA {youlu, zhb, feijia,

Slides:



Advertisements
Similar presentations
1 Security for Ad Hoc Network Routing. 2 Ad Hoc Networks Properties Mobile Wireless communication Medium to high bandwidth High variability of connection.
Advertisements

Efficient Secure Aggregation in VANETs Maxim Raya, Adel Aziz, and Jean-Pierre Hubaux Laboratory for computer Communications and Applications (LCA) EPFL.
Giuseppe Bianchi Lecture 6.1: Extras: Merkle Trees.
Security and Privacy over the Internet Chan Hing Wing, Anthony Mphil Yr. 1, CSE, CUHK Oct 19, 1998.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 6. Security in Mobile Ad-Hoc Networks.
Off-the-Record Communication, or, Why Not To Use PGP
Urban Multi-Hop Broadcast Protocol for Inter-Vehicle Communication Systems Δημόκας Νικόλαος Data Engineering Laboratory, Aristotle University of Thessaloniki.
Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)
LOGO Multi-user Broadcast Authentication in Wireless Sensor Networks ICU Myunghan Yoo.
Secure Vehicular Communications Speaker: Xiaodong Lin University of Waterloo
Network Access Control for Mobile Ad Hoc Network Pan Wang North Carolina State University.
Secure and Efficient Key Management in Mobile Ad Hoc Networks Bing Wu, Jie Wu, Eduardo B. Fernandez, Mohammad Ilyas, Spyros Magliveras Department of Computer.
LAAC: A Location-Aware Access Control Protocol YounSun Cho, Lichun Bao and Michael T. Goodrich IWUAC 2006.
Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
Security Issues In Sensor Networks By Priya Palanivelu.
Wired Equivalent Privacy (WEP)
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Timed Efficient Stream Loss-Tolerant Authentication. (RFC 4082) Habib Moukalled 1/29/08.
Key Distribution in Sensor Networks (work in progress report) Adrian Perrig UC Berkeley.
Security & Efficiency in Ad- Hoc Routing Protocol with emphasis on Distance Vector and Link State. Ayo Fakolujo Wichita State University.
Multicast Security May 10, 2004 Sam Irvine Andy Nguyen.
SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, J.D. Tygar Research Topics in Security in the context.
TinySec: Link Layer Security Chris Karlof, Naveen Sastry, David Wagner University of California, Berkeley Presenter: Todd Fielder.
SPINS: Security Protocols for Sensor Networks Adrian Perrig Robert Szewczyk Victor Wen David Culler Doug TygarUC Berkeley.
ITIS 6010/8010: Wireless Network Security Weichao Wang.
1 Timed Efficient Stream Loss-tolerant Authentication.
Computer Science CSC 774 Adv. Net. SecurityDr. Peng Ning1 CSC 774 Advanced Network Security Topic 4. Broadcast Authentication.
Mitigating DoS Attacks against Broadcast Authentication in Wireless Sensor Networks Peng Ning, An Liu North Carolina State University and Wenliang Du Syracuse.
Mobile IP: Introduction Reference: “Mobile networking through Mobile IP”; Perkins, C.E.; IEEE Internet Computing, Volume: 2 Issue: 1, Jan.- Feb. 1998;
SAT: Situation Aware Trust Architecture for Vehicular Networks Xiaoyan Hong, Univ of Alabama Dijiang Huang, Arizona State Univ Mario Gerla, UCLA Zhen Cao,
Secure Cell Relay Routing Protocol for Sensor Networks Xiaojiang Du, Fengiing Lin Department of Computer Science North Dakota State University 24th IEEE.
An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks Authors: A. Boukerche, K. El-Khatib, L. Xu, L. Korba.
GZ06 : Mobile and Adaptive Systems A Secure On-Demand Routing Protocol for Ad Hoc Networks Allan HUNT Wandao PUNYAPORN Yong CHENG Tingting OUYANG.
November 4, 2003APOC 2003 Wuhan, China 1/14 Demand Based Bandwidth Assignment MAC Protocol for Wireless LANs Presented by Ruibiao Qiu Department of Computer.
Wireless LAN Security. Security Basics Three basic tools – Hash function. SHA-1, SHA-2, MD5… – Block Cipher. AES, RC4,… – Public key / Private key. RSA.
Evoting using collaborative clustering Justin Gray Osama Khaleel Joey LaConte Frank Watson.
Security on Sensor Networks Presented by Min-gyu Cho SPINS: Security Protocol for Sensor Networks TinySec: Security for TinyOS SPINS: Security Protocol.
Dr. Reuven Aviv, Nov 2008 Conventional Encryption 1 Conventional Encryption & Message Confidentiality Acknowledgements for slides Henric Johnson Blekinge.
Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.
An Overview and Evaluation of Web Services Security Performance Optimizations Robert van Engelen & Wei Zhang Department of Computer Science Florida State.
Digital Signatures, Message Digest and Authentication Week-9.
Computer Science CSC 774 Adv. Net. Security1 Presenter: Tong Zhou 11/21/2015 Practical Broadcast Authentication in Sensor Networks.
Computer Science 1 TinySeRSync: Secure and Resilient Time Synchronization in Wireless Sensor Networks Speaker: Sangwon Hyun Acknowledgement: Slides were.
Shambhu Upadhyaya 1 Ad Hoc Networks – Network Access Control Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 20)
User authentication schemes with pseudonymity for ubiquitous sensor network in NGN Authors: Binod Vaidya, Joel J. Rodrigues and Jong Hyuk Park Source:
Network Security Continued. Digital Signature You want to sign a document. Three conditions. – 1. The receiver can verify the identity of the sender.
UCLA ENGINEERING Computer Science RobustGeo: a Disruption-Tolerant Geo-routing Protocol Ruolin Fan, Yu-Ting Yu *, Mario Gerla UCLA, Los Angeles, CA, USA.
Efficient and Secure Source Authentication for Multicast 報告者 : 李宗穎 Proceedings of the Internet Society Network and Distributed System Security Symposium.
KAIS T AO2P: Ad Hoc On-Demand Position- Based Private Routing Protocol IEEE Transactions on Mobile Computing Vol.4, No. 3, May 2005 Xiaoxin Wu
Security for Broadcast Network
Author: Na Ruan, Yoshiaki Hori Published in:
Security Review Q&A Session May 1. Outline  Class 1 Security Overview  Class 2 Security Introduction  Class 3 Advanced Security Constructions  Class.
SAT: Situation Aware Trust Architecture for Vehicular Networks Xiaoyan Hong, Univ of Alabama Dijiang Huang, Arizona State Univ Mario Gerla, UCLA Zhen Cao,
S E A D Secure Efficient Distance Vector Routing for Mobile Wireless Ad Hoc Networks Yih-Chun Hu,David B.Johnson, Adrian Perrig.
Presented by: Reut Barazani Limor Levy. Contents Introduction Digital signature broadcast message authentication TESLA broadcast message authentication.
 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.
29/Jul/2009 Young Hoon Park.  M.Bellare, D.Micciancio, B.Warinschi, Foundations of Group Signatures: Formal Definitions, Simplified Requirements, and.
An Efficient and Practical Authenticated Communication Scheme for Vehicular Ad Hoc Networks Source: IEEE Transactions on Vehicular Technology, Reviewing.
Introduction Wireless devices offering IP connectivity
Packet Leashes: Defense Against Wormhole Attacks
The TESLA Broadcast Authentication Protocol CS 218 Fall 2017
Ariadne A Secure On-Demand Routing Protocol for Ad Hoc Networks
SPINS: Security Protocols for Sensor Networks
BROADCAST AUTHENTICATION
You Lu, Zhiyang Wang, Yu-Ting Yu, Mario Gerla
Data Integrity: Applications of Cryptographic Hash Functions
SPINS: Security Protocols for Sensor Networks
Outline A. Perrig, R. Szewczyk, V. Wen, D. Culler, and J. D. Tygar. SPINS: Security protocols for sensor networks. In Proceedings of MOBICOM, 2001 Sensor.
Presentation transcript:

Group-based Source Authentication in VANETs You Lu, Biao Zhou, Fei Jia, Mario Gerla UCLA {youlu, zhb, feijia,

VANET slide VANET Scenario

The problem: authentication VANET broadcast messages: – Beacons for safe driving, surveillance, situation etc Problem: malicious sources can generate bogus messages – Attack models Critical issue we address here: – Sender authentication (within group) – Not addressed here: Non repudiation Privacy protection, Secret delivery to selected group (e.g. police agents, taxi cabs, coalition members), etc

Existing Authent. solutions PKI – a bit too expensive TESLA – cheaper, but..slow (Toyota et al)

TESLA: One Way Hash Chain In TESLA a source generate a one way chain of length L by randomly picking the last element S L of the chain S and by repeatedly applying the Hash function F( ) to get the next values one after the other. After creating the one way chain, the source stamps each packet with the chain values in reverse order. The receiver can verify S i+1 only after it receives S i from the source. At this time, the receiver also verifies the source authenticity

TESLA overview (cont) TESLA (Time efficient stream loss tolerant authentication) – Assumption: 2- time slot delay in authentication Packet P1 received in slot 5; K5 received in slot 7 – Authentication of P1: Verify K5 from K4 pr K3 (explain how) MAC(K5, P1) = Verify MAC – Pros: Robust to packet loss; Data all in plain text. – Con: delayed authentication.

Exploit Group Motion to reduce latency Group Scenario – Nodes move in groups – Each group is a closed broadcast group: Military peace keeping patrols; police agents in a mission; presidential motorcade. – Group nodes acquire SECRET initial group attribute, and initial mobility counter before joining Our Goal: reduce the key disclosure delay in group broadcast

Group-based Source Authentication (GSA) Basic Idea:

Protocol Design – How to define a group? Group Identifier, such as group name, group ID… Dynamic Attributes, such location intersection, group speed etc Must be better explained Initial Group property is shared by the same group. – How to ensure disclosure key cannot be captured and replayed by attacker? Encrypt the disclosure key with secret group ID. External nodes cannot get K7, secret group ID never transmitted in plain text. Proactively updated dynamic attributed for extra security Encrypt (K7, secret group ID) Group-based Source Authentication (GSA)

Group Authentication Phase – The sender broadcasts nonce with own GID and requests receivers in the group to authenticate themselves – Each Receiver R uses individual TESLA reverse hash chain. Receiver Packet: Time interval 3 – After key disclosure delay period, each receiver sends K3 – Sender checks if R is in the same group as itself. Same Group member – Now all group members are authenticated and “in synch” – Periodically authenticate group membership after timeout Step 1: Group Authentication

Data Transfer Phase – Inter-group Use conventional TESLA-like scheme (large latency) – Intra-group Instant KEY disclosure Packet sent at time i: Group members: – decrypt K_i using group_property key – verify Packet_i immediately using decrypted K_i. Step 2: Group-based Source Authentication (GSA)

Evaluation

Experiments Average End-to-End Latency: Testbed: 7 Laptops with Intel M740 processor, 1.73 Ghz Number of active GSA Sessions: from 5 to 500

Experiments (cont) CPU and Memory Usage:

Experiments (cont) MAC Average Computing Time:

Experiments (cont) Performance Comparison of GSA and TESLA for single session: GSA guarantees efficient, safe delivery of vehicular alarms within a group MAC Compute TimeEnd-to-End DelayVerification Time TESLA11ms186ms2.3s GSA10ms195ms0.44ms

Conclusions GSA is applicable in the following scenarios: – Nodes move in group – Group nodes know initial group secret and initial mobility attributes – Incremental addition of attributes supported Experiment results: – In TESLA, large latency due to key disclosure delay – GSA reduces key disclosure delay to significant groups (e.g., vehicles in the same convoy) Future work: – Dynamic Group ID certificates to short lived urban vehicle platoons – Safety improvement resulting from of reduced latency – Secret content to selected groups (e.g., police) – Privacy preservation

Thanks Q & A

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.