Presentation is loading. Please wait.

Presentation is loading. Please wait.

Implementation and Evaluation of Certificate Revocation List Distribution for Vehicular Ad-hoc Networks Petra Ardelean Advisor: Panos Papadimitratos.

Published byBeverly Dalton Modified over 9 years ago

Similar presentations

Presentation on theme: "Implementation and Evaluation of Certificate Revocation List Distribution for Vehicular Ad-hoc Networks Petra Ardelean Advisor: Panos Papadimitratos."— Presentation transcript:

1 Implementation and Evaluation of Certificate Revocation List Distribution for Vehicular Ad-hoc Networks Petra Ardelean Advisor: Panos Papadimitratos

2 Vehicular Ad-hoc Network (VANET) Designed to provide safety and comfort for passengers Using asymmetric cryptography  Certificate Authority (CA) issues certificates  Signature verification using the public key 2

3 Problem description CRLs are needed for  Excluding compromised, faulty or illegitimate nodes  Preventing the use of compromised cryptographic material How to distribute large CRLs in a reasonable time with low bandwidth utilization? 3

4 State of the art (1) Papadimitratos et al, Certificate Revocation List Distribution in Vehicular Communication Systems [1]  The CA uses the infrastructure (RSUs) to send the CRLs to the vehicles  Use encoding mechanisms for redundancy 4

5 State of the art (2) K. Laberteaux et al, Security Certificate Revocation List Distribution for VANET [2]  RSUs used as the first phase of the dissemination  Vehicles broadcast CRL updates to other vehicles 5

6 State of the art (3) P. Papadimitratos et al, Secure Vehicular Communications: Design and Architecture [3]  Revocation Protocol of the Tamper-Proof Device (RTPD)  Revocation Protocol using Compressed Certificate Revocation (RCCRL)  Distributed Revocation Protocol (DRP) 6

7 General concept CRL Distribution System RSU3RSU2RSU1 Random encoded pieces 7

8 CRL Distribution System CA (1) Generate CRL (2) Encode the CRL (3) Sign each piece from (2) Network Communication (1)Compute how many pieces from (3) should be sent to each RSU (2)Send the pieces to the RSUs 8

9 The Encoding … CRLM parts CRL version Time stamp Sequence number CA ID Encoded CRL piece Signature CA private key Packet format sent to the RSUs … Rabin’s algorithm N pieces, N > M Encoded CRL 9

10 Packet format sent to the RSUs 1. Verify signature 2. Store CRL piece 3. If enough pieces stored, decode, i.e. reconstruct the CRL CRL version Time stamp Sequence number CA ID Encoded CRL piece Signature CA private key 10 Vehicle – Receiving CRLs

11 Implementation C++ implementation Using openSSL cryptographic library for  Generating the CRLs  Signing and verifying the encoded pieces Using Rabin’s algorithm as an erasure code 11

12 Implementation Network Communication Configuration file with the RSUs IP addresses Source routing to send random pieces to each RSU Encoded pieces sent in UDP packets 12

13 Rabin’s algorithm - Encoding 13 MMMM B NxM A X = N x L W M x L CRL

14 Rabin’s algorithm - Decoding 14 W’ M x L A’ M x M X = B M x L CRL

15 Evaluation Settings (1) 15 random encoded pieces CRL Distribution System RSU

16 Evaluation Settings (2) 16 Laptop configuration CPUIntel 1.8 GHz Operating SystemLinux LibraryOpenSSL 0.9.8g Compilergcc 4.1.2 Wireless card802.11b AP configuration Bit rate5.5 Mbps

17 Evaluation Purposes Examine the system performance by  varying the CRL size  varying the encoding vectors number and length 17

18 Evaluation Results (1) Figures  show 95% confidence intervals  100 iteration for each experiment M and N variations  M Є [25,100], increasing by 25  N chosen as the redundancy factor is r = N / M is 1.5 Velocity 3 km/h 18

19 Evaluation Results (2) 19

20 Evaluation Results (2) 20

21 Evaluation Results (2) The encoding vectors should be chosen in concordance with the CRL size 21

22 Evaluation Results (3) 22

23 Evaluation Results (3) The time to reconstruct the original CRL is inverse proportional with the redundancy factor 23

24 Conclusion First implementation of a CRL distribution system for VANET Performance measurements conducted on the system 24

25 Further work Compare the experimental results with simulation results Integrate the CRL Distribution system into the Vehicular Communication project 25

26 Thank you Questions? 26

27 Bibliography [1]P. Papadimitratos, G. Mezzour, and J.-P. Hubaux, Certificate Revocation List Distribution in Vehicular Communication Systems, short paper, ACM VANET 2008, San Francisco, CA, USA, September 2008 [2]K. Laberteaux, J. Haas, and Y-C Hu, Security Certicate Revocation List Distribution for VANET, ACM VANET, San Francisco, CA, USA, September 2008 [3]P. Papadimitratos, L. Buttyan, T. Holczer, E. Schoch, J. Freudiger, M. Raya, Z. Ma, F. Kargl, A. Kung, and J.-P. Hubaux, Secure Vehicular Communications: Design and Architecture, IEEE Communications Magazine, November 2008 27

Download ppt "Implementation and Evaluation of Certificate Revocation List Distribution for Vehicular Ad-hoc Networks Petra Ardelean Advisor: Panos Papadimitratos."

Similar presentations

Efficient Secure Aggregation in VANETs Maxim Raya, Adel Aziz, and Jean-Pierre Hubaux Laboratory for computer Communications and Applications (LCA) EPFL.

Efficient Secure Aggregation in VANETs Maxim Raya, Adel Aziz, and Jean-Pierre Hubaux Laboratory for computer Communications and Applications (LCA) EPFL.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.

 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.
Survey of Vehicular Network Security Jonathan Van Eenwyk.

Survey of Vehicular Network Security Jonathan Van Eenwyk.
Securing Vehicular Communications Author : Maxim Raya, Panos Papadimitratos, and Jean-Pierre Hubaux From : IEEE Wireless Communications Magazine, Special.

Securing Vehicular Communications Author : Maxim Raya, Panos Papadimitratos, and Jean-Pierre Hubaux From : IEEE Wireless Communications Magazine, Special.
A Survey of Secure Wireless Ad Hoc Routing

A Survey of Secure Wireless Ad Hoc Routing
Comp 361, Spring 20056:Basic Wireless 1 Chapter 6: Basic Wireless (last updated 02/05/05) r A quick intro to CDMA r Basic 802.11.

Comp 361, Spring 20056:Basic Wireless 1 Chapter 6: Basic Wireless (last updated 02/05/05) r A quick intro to CDMA r Basic
1 Key Management for Vehicular Networks Maxim Raya and Jean-Pierre Hubaux Secure Vehicular Communications Workshop EPFL - 19/05/2015.

1 Key Management for Vehicular Networks Maxim Raya and Jean-Pierre Hubaux Secure Vehicular Communications Workshop EPFL - 19/05/2015.
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
Security Improvement for Ad Hoc Wireless Network Visal Kith ECE 695 05/05/2006.

Security Improvement for Ad Hoc Wireless Network Visal Kith ECE /05/2006.
A Mobile Infrastructure Based VANET Routing Protocol in the Urban Environment School of Electronics Engineering and Computer Science, PKU, Beijing, China.

A Mobile Infrastructure Based VANET Routing Protocol in the Urban Environment School of Electronics Engineering and Computer Science, PKU, Beijing, China.
WAP Public Key Infrastructure CSCI 5939.02 – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
Secure and Efficient Key Management in Mobile Ad Hoc Networks Bing Wu, Jie Wu, Eduardo B. Fernandez, Mohammad Ilyas, Spyros Magliveras Department of Computer.

Secure and Efficient Key Management in Mobile Ad Hoc Networks Bing Wu, Jie Wu, Eduardo B. Fernandez, Mohammad Ilyas, Spyros Magliveras Department of Computer.
Mini-Project 2007 On Location Privacy in Vehicular Mix-Networks Julien Freudiger IC-29 Self-Organised Wireless and Sensor Networks Tutors: Maxim Raya Márk.

Mini-Project 2007 On Location Privacy in Vehicular Mix-Networks Julien Freudiger IC-29 Self-Organised Wireless and Sensor Networks Tutors: Maxim Raya Márk.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Securing Vehicular Commuinications – Assumptions, Requirements, and Principles P. Papadimitratos, EPFL, Lausanne, Switzerland V. Gligor, University of.

Securing Vehicular Commuinications – Assumptions, Requirements, and Principles P. Papadimitratos, EPFL, Lausanne, Switzerland V. Gligor, University of.
An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.

An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.
Mini-Project 2006 Secure positioning in vehicular networks based on map sharing with radars Mini-Project IC-29 Self-Organized Wireless and Sensor Networks.

Mini-Project 2006 Secure positioning in vehicular networks based on map sharing with radars Mini-Project IC-29 Self-Organized Wireless and Sensor Networks.
An Efficient and Spontaneous Privacy-Preserving Protocol for Secure Vehicular Communications Hu Xiong, Konstantin Beznosov, Zhiguang Qin, Matei Ripeanu.

An Efficient and Spontaneous Privacy-Preserving Protocol for Secure Vehicular Communications Hu Xiong, Konstantin Beznosov, Zhiguang Qin, Matei Ripeanu.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Similar presentations

Ads by Google