21-09-2016, 10:52 AM
1455523377-seminar2ieeepaper.pdf (Size: 2.38 MB / Downloads: 9)
Abstract—In vehicular networks, broadcast communications are critically important, as many safety-related applications rely on
single-hop beacon messages broadcast to neighbor vehicles. However, it becomes a challenging problem to design a broadcast
authentication scheme for secure vehicle-to-vehicle communications. Especially when a large number of beacons arrive in a short
time, vehicles are vulnerable to computation-based Denial of Service (DoS) attacks that excessive signature verification exhausts
their computational resources. In this paper, we propose an efficient broadcast authentication scheme called Prediction-based
Authentication (PBA) to not only defend against computation-based DoS attacks, but also resist packet losses caused by high
mobility of vehicles. In contrast to most existing authentication schemes, our PBA is an efficient and lightweight scheme since
it is primarily built on symmetric cryptography. To further reduce the verification delay for some emergency applications, PBA is
designed to exploit the sender vehicle’s ability to predict future beacons in advance. In addition, to prevent memory-based DoS
attacks, PBA only stores shortened re-keyed Message Authentication Codes (MACs) of signatures without decreasing security.
We analyze the security of our scheme and simulate PBA under varying vehicular network scenarios. The results demonstrate
that PBA fast verifies almost 99% messages with low storage cost not only in high-density traffic environments but also in lossy
wireless environments.
INTRODUCTION
V
EHICULAR ad hoc networks (VANETs) have recently
attracted extensive attentions as a promising
approach to enhancing road safety, as well as
improving driving experience. By using a Dedicated
Short-Range Communications (DSRC) [1] technique,
vehicles equipped with wireless On-Board
Units (OBUs) can communicate with other vehicles
and fixed infrastructure, e.g., Road-Side Units (RSUs),
located at critical points of the road [2]. Therefore,
Vehicle-to-Vehicle (V2V) and Vehicle-to-Infrastructure
(V2I) communications are regarded as two basic types
of communications in VANETs.
Once VANETs become available, numerous safe,
commercial and convenient services can be deployed
through a variety of vehicular applications. These
applications mostly rely on vehicles’ OBUs to broadcast
outgoing beacon messages and validate incoming
ones. The broadcast beacons often contain information
about position, current time, speed, direction, driving
status, etc. For example, by frequently broadcasting
and receiving beacons, drivers are better aware of
obstacles and collision scenarios. They may act early
to avoid any possible damage, or to assign a new
route in case of a traffic accident in the existing route However, before implementing these attractive applications,
particularly safety-related ones, we must first
address and resolve VANET-related security issues
[3], [4], [5].
To secure vehicular networks, an authentication
scheme is indispensable to ensure messages are sent
by legitimate vehicles and not altered during transmissions.
Otherwise, an attacker can easily disrupt
the normal function of VANETs by injecting bogus
messages. Therefore, vehicles should broadcast each
message with a digital signature. However, the current
VANET signature standard [6] using Elliptic
Curve Digital Signature Algorithm (ECDSA) would
cause high computational overhead on the standard
OBU hardware, which has limited resources for cost
constraints. Prior work has shown that one ECDSA
signature verification requires 20 milliseconds on a
typical OBU with a 400 MHz processor [7]. When a
large number of signed messages are received in a
short time period, an OBU cannot process them before
their dedicated deadline. In this paper, we define
this attack as computation-based Denial of Service (DoS)
attacks. Even without any malice, the computationbased
DoS attacks can be easily initiated in a highdensity
traffic scenario. For example, when trafficrelated
messages (beacons) are sent 10 times per
second as suggested by the DSRC protocol [1], [6], a
vehicle is overwhelmed with more than five neighbors
within its radio range. To defend against such attacks,
most existing schemes [8], [9], [10] make use of the
technology of identity-based batch verification [11] or
aggregate signature [12] built on asymmetric cryptography
to improve the efficiency of verification. In their schemes, the computational cost is mainly dominated
by a few operations of pairing and a number of
operations of point multiplication over the elliptic
curve [13]. It is affordable for RSUs, but expensive
for OBUs to verify the messages [14]. Furthermore, if
attackers inject false beacons, the receiver is hard to
locate them so that these schemes are also vulnerable
to the computation-based DoS attacks [15]. Therefore,
designing an effective authentication scheme under
high-density traffic scenarios is a big challenge for
V2V communications.
In this paper, we propose an effective broadcast
authentication scheme: Prediction-based Authentication
(PBA) to defend against computation-based DoS
attacks for V2V communications. Unlike most of existing
schemes based on asymmetric cryptography [8],
[9], [10], [15], [16], [17], [18], [19], [20], our PBA is
primarily implemented on symmetric cryptography,
whose verification is more than 22 times faster than
ECDSA. In addition, PBA resists packet losses naturally.
Similar to mobile wireless networks, packet
losses are common in VANETs. Especially, Bai et al.
have shown that the packet loss rate can reach 30%
in a benign network, and nearly 60% in a congestion
network [21]. We design our PBA on the TESLA
scheme [22], [23], [24], which is proposed to secure
lossy multicast streams with hash chains. With TESLA
signatures piggyback, PBA operates smoothly even
when the packet loss rate is high.
PBA also aims at improving the efficiency of authentication.
Certain vehicular applications may require
receivers to verify urgent messages immediately.
To support instant verification, we exploit the
property of predictability of a future beacon, constructing
a Merkle Hash Tree (MHT) [25] to generate
a common public key or predication outcome for
the beacon. With the prediction outcome known in
advance, receivers can instantly verify the incoming
beacon. Furthermore, we examine the storage
overhead brought by our authentication scheme. If a
mechanism brings a large storage burden, an attacker
would initiate memory-based DoS attacks where an OBU
is overwhelmed by storing a large number of unverified
signatures. To defend against such attacks, PBA
records shortened re-keyed Message Authentication
Codes (MACs) instead of storing all the received
signatures.
We design PBA with an objective of providing
effective, efficient, scalable broadcast authentication
and also non-repudiation in VANETs. To the best of
our knowledge, prior authentication schemes for V2V
communications either lack non-repudiation, or fail
to operate in high packet loss or high-density traffic
scenarios. The main contributions of this work are:
• First, we analyze the security requirements for
broadcast authentication in VANETs, and design
a lightweight authentication scheme called PBA
for V2V communications. Without the participation of RSUs or other vehicles, PBA is a distributed
scheme and operated independently.
• Second, PBA is designed to minimize the computational
cost and storage overhead of authentication.
Lightweight MAC and hash operations
are mostly performed in PBA to defend against
computation-based DoS attacks. To reduce the
storage overhead, PBA exploits a local secret key
to construct new shortened MACs of signatures
without sacrificing security.
• Third, PBA enables instant verification. With the
predictability of a vehicle’s position, we construct
a MHT to commit all the possible results of
the vehicle’s movements between successive two
beacons. Signature verification can be instantly
performed based on prediction outcomes from
MHTs integrated into beacons in advance.
• Finally, analytical and empirical validations are
done to evaluate our PBA scheme. We prove
PBA is secure, and use Markov chains to analyze
the effect of packet losses on the authentication
delay and storage cost. Extensive simulations also
indicate that PBA achieves excellent performance
while incurring low delay and storage cost.
The rest of the paper is organized as follows. Section
2 introduces background on VANET settings and
cryptographic primitives. Section 3 describes the security
requirement and threat model. In Section 4, we
present the construction of PBA. A detailed analysis
of PBA is provided in Section 5. In Section 6, we
present our evaluation results. Section 7 summarizes
related work on authentication in VANETs. Finally, we
conclude our work in Section 8. A preliminary version
of parts of this paper was reported in [26].