Presentation is loading. Please wait.

Presentation is loading. Please wait.

MSc Thesis: Mohammad Khodaei Supervisor: Prof. Panos Papadimitratos

Published byDaisy Lauren Pope Modified over 6 years ago

Similar presentations

Presentation on theme: "MSc Thesis: Mohammad Khodaei Supervisor: Prof. Panos Papadimitratos"— Presentation transcript:

1 MSc Thesis: Mohammad Khodaei Supervisor: Prof. Panos Papadimitratos
Secure Vehicular Communication System: Design & Implementation of VPKI (Providing Credential Management in a Secure VANET) MSc Thesis: Mohammad Khodaei Supervisor: Prof. Panos Papadimitratos LCN – KTH October, 2012 1 / 38

2 Outline Introduction Protocol Design Performance Evaluation Conclusion
Problem Statement Contribution Key Concepts Security Requirements Adversary Model Protocol Design Performance Evaluation Conclusion Future Direction 2 / 38

3 Outline Introduction Protocol Design Performance Evaluation Conclusion
Problem Statement Contribution Key Concepts Security Requirements Adversary Model Protocol Design Performance Evaluation Conclusion Future Direction 3 / 38

4 Introduction The life cycle of vehicles is pretty long
Security has to be put in place Many attacks which could jeopardize the system performance from security point of view Mitigating unknown threats and upcoming attacks The life cycle of vehicles is long and when it comes to design and implement an infrustucture for such a system, many different aspects should be considers. Security is important since it directly affects on human safety and without it, it could jeopadize the entities. 4 / 38

5 Problem The lack of an infrastructure
Exposed to different threats and attacks Staging attacks to jeopardize users’ privacy and disclose confidential information Exploiting the vulnerabilities Violating the VC system security policy What to do to thwart the threats and make the system operations secure? 5 / 38

6 Contribution Research Purpose Goal Methodology
Design and Implementation of VPKI for the secure VC system An infrastructure called VPKI, to enable entities communicate securely Providing Credential Management in a Secure VC system PKI is considered as an essential requirement to provide security services Goal Build an artifact, using the currently available open-source PKI, OpenCA, equiped with extra protocols for VANET Methodology Designing and Implementation of extra protocols for VANET Using Open-Source OpenCA 6 / 38

7 Key Concepts 7 / 38

8 Key Algorithms and Size
Entities Algorithm PCA RSA, key size: 1024-bit ECDSA, key size: 256-bit LTCA PRA Police Vehicle 8 / 38

9 Why not normal PKI? Pseudonymity Unlinkability Unobservability
User's Privacy 9 / 38

10 Security Requirements
Message Authentication and Integrity Message Non-Repudiation Privacy Anonymity Unlinkability and Unobservability Pseudonym Resolution Liability Identification, Forensics Investigation Message Confidentiality Availability, Fault-Tolerant and Robustness Scalability and Performance 10 / 38

11 Adversary Model Localized and Selective Denial of Communication
Internal Active Adversaries Modification and Tampering Forgery Recollecting Past Messages Multiple Adversarial Nodes Bounded Adversarial Presence Input-Controlling Adversary Other Adversary Models (Byzantine, Dolev-Yao (DY)) 11 / 38

12 Related Work V-Tokens for Conditional Pseudonymity in VANETs
Resolution information is embedded in pseudonyms Vehicle signs using its current valid pseudonym Pseudonym information is encrypted with PK_PR Uses separation of duties Cooperation of a subset of RAs is required to perform pseudonym resolution 12 / 38

13 Outline Introduction Protocols Design Performance Evaluation
Problem Statement Contribution Key Concepts Security Requirements Adversary Model Protocols Design Performance Evaluation Conclusion Future Direction 13 / 38

14 Protocol Design How to Request for Pseudonymous Certificates
How to Request the Latest Pseudonym CRL How to Perform Pseudonym Resolution 14 / 38

15 Obtaining Pseudonym Cert.
Two Steps: Obtain a Token Vehicle queries LTCA LTCA issues an encrypted Token with PCA’s Public key, if it is a legitimate vehicle Vehicle stores the Token for the second step Obtain Pseudonymous Certificates Vehicle sends the Token to PCA PCA verified the Token locally PCA issues short-term certificate 15 / 38

16 Obtaining a Token The idea is similar to SAML Assertion and Kerberos 16 / 38

17 Obtaining Pseudonym Cert.
PCA and LTCA are assumed to be online All the communication is SSL-based 17 / 38

18 Obtaining Pseudonym CRL
Vehicle queries PCA PCA verifies its authenticity PCA sends the latest pseudonym CRL Vehicle stores if this is a newer version 18 / 38

19 Pseudonym Resolution 19 / 38
Identify the real identity of a pseudonym certificate, issued by a PCA 19 / 38

20 Token & Pseudonym Format
Token Format Token-Type Token-Serial No. Token-Identifiable-Key LTCA-Id, PCA-Id Maximum Number of Pseudonym Certificates Token Start-Time Token Expiry-Time Pseudonym Start-Time Pseudonym Expiry-Time Signature Pseudonym Cert. Format Serial No. Pseudonym Cert. Identifiable Key Signer-ID Valid-From Valid-To EC Public key Signature 20 / 38

21 Pseudonym CRL Format Pseudonym CRL Format Pseudonym-CRL Serial No.
CRL Version PCA-Id Revoked Pseudonym-Cert. No. Revoked Pseudonym-Cert. Serial No. Time-Stamp Signature 21 / 38

22 Binding Token to Pseudo- Cert.
LTCA: Token-Identifiable-Key = hash(Vehicle Long- Term Certificate Serial No. || Time-Stamp || Nonce) PCA: PseuCertIdentifiableKey = hash(Token- Identifiable-Key || Pseudo-Public Key || Time- Stamp || Nonce) 22 / 38

23 Outline Introduction Protocols Design Performance Evaluation
Problem Statement Contribution Key Concepts Security Requirements Adversary Model Protocols Design Performance Evaluation Conclusion Future Direction 23 / 38

24 Network Topology 24 / 38

25 Servers & Client Spec. Servers: Client: Processor Model Name
Intel(R), Dual-Core, Xeon(TM), CPU 3.40GHz Bogomips RAM 8 GB Processor Model Name Intel(R), Dual-Core(TM), CPU 3.00 GHz Bogomips RAM 2 GB 25 / 38

26 Obtaining Token from LTCA
26 / 38

27 Time Interval to Obtain 10 Pseudonyms
27 / 38

28 Time Intervals for Different Operations to Obtain Pseudonym Certificates
28 / 38

29 Time Interval to Obtain 20,000 Pseudonyms from PCA
29 / 38

30 Time Intervals for Different Operations to Obtain Pseudonym CRL
30 / 38

31 Pseudonym CRL File Size
No. of Revoked Pseudonyms in CRL Size in bytes 1 778 bytes (778 bytes) 10 1.36 KB (1,398 bytes) 100 7.33 KB (7,507 bytes) 1000 67.1 KB (68,723 bytes) 10,000 664 KB (680,718 bytes) 20,000 1.29 MB (1,360,714 bytes) 100,000 6.48 MB (6,800,715 bytes) 31 / 38

32 Outline Introduction Protocols Design Performance Evaluation
Problem Statement Contribution Key Concepts Security Requirements Adversary Model Protocols Design Performance Evaluation Conclusion Future Direction 32 / 38

33 Conclusion Three protocols are integrated into OpenCA to provide security functionality for VANETs Improvement in compare with similar projects Linkability Privacy Pseudonym Resolution Performance evaluation shows reasonable time to obtain pseudonyms, CRL and pseudonym resolution Experiments should be done on a vehicle for a more precise result 33 / 38

34 Future Direction Providing a PKI Trust Model in VANETs
Introducing a new PCA, LTCA and PRA Foreign Pseudonym Certificates Integrating Short-Term CRLs from Different PCAs Token Should be Used Only Once Mitigate the Threat of Sybil Attack resource testing techniques, social networking approaches, radio testing, trusted certification 34 / 38

35 Future Direction Cont. Token Verification by any PCA to Enhance Privacy Performing Reverse Pseudonym Resolution Resolving Multiple Pseudonyms in a Request Using FastCGI instead of CGI Performance and Efficiency for VANETs 35 / 38

36 Acknowledgement 36 / 38

37 References Secure Vehicular Communication Systems: Design and Architecture Sevecom - Secure Vehicle Communication Efficient and Robust Pseudonymous Authentication in VANET Securing Vehicular Communications - Assumptions, Requirements, and Principles V-Tokens for Conditional Pseudonymity in VANETs Intelligent Transport Systems (ITS), Security, Stage 3 mapping for IEEE V0.0.6 "On the Road" - Reflections on the Security of Vehicular Communication Systems Secure Vehicular Communication Systems: Implementation, Performance, and Research Challenges 37 / 38

38 Thanks for your attention!
Questions Thanks for your attention! 38 / 38

39 Obtaining Pseudonym Cert.
PCA and LTCA are assumed to be online All the communication is SSL-based 39

40 OpenCA Written in C Two packages: Uses Open-SSL Libraries
openca-base openca-tools Uses Open-SSL Libraries Support Open-LDAP Web-based Interface With an Apache-style license 40

41 Pseudonym Cert. No. Request
Token Req-Res Format Token Request Token Response Req. Type X509 VLTC Length X509 VLTC Pseudonym Cert. No. Request LTCA-Id PCA-Id Nonce Time-Stamp Signature Token Size Token Max No. Pseudonym Cert. Error-Info 41

42 Pseudonym Req-Res Format
Pseudonym Request Pseudonym Response Req. Type Token Size Token LTCA-Id PCA-Id Location Pseudonym Cert. No Pseudonym Public-Key(s) Nonce Time-Stamp Req. Identification Pseudonym Cert No Pseudonym Cert. Error-Info Signature 42

43 Pseudonym CRL Res-Res Format
Pseudonym CRL Request Pseudonym CRL Response Req. Type Current CRL Version PCA-Id Region-Id Pseudonym Cert. Length Pseudonym Cert. Nonce Time-Stamp Signature CRL Size CRL Error-Info 43

44 Obtaining Pseudonyms from PCA
44

45 Obtaining Pseudonym CRL
45

46 Percentage of Different Operations to Obtain 20000 Pseudonyms
46

47 Implementation C++ OpenCA as the base implementation
Installed and configured PCA , LTCA and PRA on Different Servers Libraries: OpenSSL Xmlrpc MySQL Boost-Serialization 47

48 Time Intervals to Obtain a Token from LTCA
Operations Latency in ms Preparing Token Request 4.95 ms Issuing the Token (Server Side) 8.75 ms Entire Communication 83.6 ms Verification and Storage of the Token 3.65 ms Entire Operations ms Token Size 477 bytes Pseudonym Certificate Size 2.0 KB (2078 bytes) Pseudonym Private-Key File Size 5.0 KB (5153 bytes) 48

Download ppt "MSc Thesis: Mohammad Khodaei Supervisor: Prof. Panos Papadimitratos"

Similar presentations

Smart Certificates: Extending X.509 for Secure Attribute Service on the Web October 1999 Joon S. Park, Ph.D. Center for Computer High Assurance Systems.

Smart Certificates: Extending X.509 for Secure Attribute Service on the Web October 1999 Joon S. Park, Ph.D. Center for Computer High Assurance Systems.
Wenmao Liu Harbin Institute of Technology China. Outline ITS & VANETs Security Issues and Solutions An autonomous architecture Conclusion.

Wenmao Liu Harbin Institute of Technology China. Outline ITS & VANETs Security Issues and Solutions An autonomous architecture Conclusion.
Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.

 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.
Securing Vehicular Communications Author : Maxim Raya, Panos Papadimitratos, and Jean-Pierre Hubaux From : IEEE Wireless Communications Magazine, Special.

Securing Vehicular Communications Author : Maxim Raya, Panos Papadimitratos, and Jean-Pierre Hubaux From : IEEE Wireless Communications Magazine, Special.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Kerberos and PKI Cooperation Daniel Kouřil, Luděk Matyska, Michal Procházka Masaryk University AFS & Kerberos Best Practices Workshop 2006.

Kerberos and PKI Cooperation Daniel Kouřil, Luděk Matyska, Michal Procházka Masaryk University AFS & Kerberos Best Practices Workshop 2006.
Securing Vehicular Commuinications – Assumptions, Requirements, and Principles P. Papadimitratos, EPFL, Lausanne, Switzerland V. Gligor, University of.

Securing Vehicular Commuinications – Assumptions, Requirements, and Principles P. Papadimitratos, EPFL, Lausanne, Switzerland V. Gligor, University of.
APPLAUS: A Privacy-Preserving Location Proof Updating System for Location-based Services Zhichao Zhu and Guohong Cao Department of Computer Science and.

APPLAUS: A Privacy-Preserving Location Proof Updating System for Location-based Services Zhichao Zhu and Guohong Cao Department of Computer Science and.
Copyright, 1996 © Dale Carnegie & Associates, Inc. Digital Certificates Presented by Sunit Chauhan.

Copyright, 1996 © Dale Carnegie & Associates, Inc. Digital Certificates Presented by Sunit Chauhan.
TrustPort Public Key Infrastructure. WWW.TRUSTPORT.COM Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
MASY: Management of Secret keYs in Mobile Federated Wireless Sensor Networks Jef Maerien IBBT DistriNet Research Group Department of Computer Science Katholieke.

MASY: Management of Secret keYs in Mobile Federated Wireless Sensor Networks Jef Maerien IBBT DistriNet Research Group Department of Computer Science Katholieke.
Security in Virtual Laboratory System Jan Meizner Supervisor: dr inż. Marian Bubak Consultancy: dr inż. Maciej Malawski Master of Science Thesis.

Security in Virtual Laboratory System Jan Meizner Supervisor: dr inż. Marian Bubak Consultancy: dr inż. Maciej Malawski Master of Science Thesis.
Implementation and Evaluation of Certificate Revocation List Distribution for Vehicular Ad-hoc Networks Petra Ardelean Advisor: Panos Papadimitratos.

Implementation and Evaluation of Certificate Revocation List Distribution for Vehicular Ad-hoc Networks Petra Ardelean Advisor: Panos Papadimitratos.
02/22/2005 Joint Seminer Satoshi Koga Information Technology & Security Lab. Kyushu Univ. A Distributed Online Certificate Status Protocol with Low Communication.

02/22/2005 Joint Seminer Satoshi Koga Information Technology & Security Lab. Kyushu Univ. A Distributed Online Certificate Status Protocol with Low Communication.
Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian.

Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian.

Similar presentations

Ads by Google