Vehicular ad hoc networks (VANETs) enable vehicles to exchange safety-related messages in order to raise drivers' awareness about surrounding traffic and roads conditions. Nevertheless, since these messages have a crucial effect on people's lives and as we cannot disregard the probability of attackers intending to subvert the proper operation of these networks, stringent security support should be applied on these messages before they can be relied on. Authenticating these messages before considering them is one of the key security requirements since it enables the receiver to make sure of the received message's integrity and the genuineness of its originator. This chapter presents a conditional privacy-preserving authentication scheme for VANETs.
TopIntroduction
Vehicular Ad hoc NETworks (VANETs) are advanced instances of Mobile Ad hoc NETworks (MANETs) with the intention of providing a wide variety of services, ranging from safety-related warning systems to improved navigation mechanisms as well as information and entertainment applications (Tripathi & Venkaeswari, 2015). Communications between vehicles, V2V, and between vehicles and installed Road Side Units (RSUs), V2I, helped designing these applications (Younes & Boukerche, 2015). Both types of communications are controlled by a short-range wireless communication protocol, called the Dedicated Short-Range Communication (DSRC) protocol (He et al., 2015). Using VANETs, vehicles become able to exchange safety related messages in order to raise drivers’ awareness. These messages include safety beaconing and warning messages. Beacon messages are periodically broadcasted by vehicles: they contain the current speed, heading, breaking use, etc. of the sender vehicle (De Fuentes, Gonzalez-Tablas & Ribagorda, 2011). Warning messages are sent to alert vehicles about critical situations such as accidents, traffic congestions, etc. Since it is clear that these messages are of a perilous nature due to their direct impact on people’s lives and as it is not realistic to neglect the possibility of the existence of attackers aiming at abusing the network, securing these messages becomes a mandatory requirement. One of the essential security requirements is message authentication as it enables the receiver to make sure of the integrity of a received message as well as the genuineness of its originator. However, in VANETs context, this should be done while preserving the privacy of the real identity of the sending vehicle to protect this latter from several attacks: for instance the illegal tracking attack. In addition, in liability-related cases, legal authorities should be able to identify misbehaving vehicles. These latter should then be evicted from the network to prevent them from causing further damages.
To cope with the security needs mentioned above, we propose a scheme that uses temporary tickets to enable vehicles to communicate with each other while conditionally maintaining their privacy. An identity-based signature technique that does not include the time-consuming bilinear pairing and map-to-point hash functions is used for authentication. The proposal is built upon five phases. The first phase is the network initialization phase during which the Trusted Authority (TA) initializes the network. The second phase is the authentication phase during which a mutual authentication takes place between a vehicle and its current RSU whenever the vehicle enters into a new domain and/or the validity period of the present ticket of the vehicle expires. The third phase is the signature generation and verification phase in which vehicles sign their outgoing safety related messages and authenticate received ones. The fourth phase, the traceability phase, is conducted in order to recover, by the TA, the real identity of a misbehaving vehicle. And the final phase is the revocation phase which is performed to isolate, by RSUs, misbehaving vehicles from the network. An in-depth security analysis is provided to prove the efficiency of our scheme in terms of message authentication, non-repudiation, identity privacy preservation, short-term linkability, long-term unlinkability, traceability, identity revocation and resistance to multiple types of attacks. A formal validation using the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool (Armando et al., 2005) is also achieved in order to confirm more the fulfillment of security goals. In fact, our proposal is validated based on two cases: the first one is the mutual authentication between an RSU and a vehicle during the authentication phase, while the second one is the authentication of a sending vehicle by a receiving vehicle during the signature generation and verification phase.
The remainder of the paper is organized as follows: Section 2 reviews some related works. In section 3, the scheme overview is presented. Section 4 describes the proposed scheme. In section 5, the security analysis is fulfilled. Section 6 illustrates the formal validation using AVISPA tool. Finally, section 7 concludes the chapter.