Presentation is loading. Please wait.

Presentation is loading. Please wait.

 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.

Published byCaroline Ellis Modified over 8 years ago

Similar presentations

Presentation on theme: " Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates."— Presentation transcript:

1

2  Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates

3

4  Bogus information attack Adversaries send bogus information to influence decisions of other drivers.  Disrupt the VANET (Denial of Service) Attacker sends too many messages and jams the wireless channel.  Vehicle Tracking  Masquerading Attacker pretends to be another driver by using fake identities with malicious objectives.

5 Attacker reports a non-existing jam for better driving condition to himself

6 Attacker track another vehicle for malicious objectives

7

8  Time sensitivity & dynamic topology Vehicles move at a fast rate.  Scalability and high density Extremely large amount of network entities  Adaptive privacy Diverse privacy degrees. Users can choose their own privacy degree.  Real-time response

9  Some users misbehave or have malfunctioning equipment  Such entities should be EXCLUDED from the network in order to limit the damage caused by them

10  signatures authentication › Stops malicious parties from impersonating OBUs or RSUs › Identifies misbehaving or malfunctioning vehicles  signatures verification › Prevent creation of fake vehicles › Easy removal of destroyed or misbehaving OBUs

11  vehicle registration and certificate issuance  key distribution  key renewal  vehicle revocation

12  Tamper-Proof Device (TPD): possesses cryptographic processing capabilities. Main responsible: 1: store cryptographic material. 2: perform cryptographic procedure. 3: sign and verify safety messages. Tamper-proof device Vehicle sensors (GPS, speed and acceleration,…) On-board CPU Transmission system ((( )))

13

14 Symmetric Approach  Online central server required  each communication require a session establishment Due to lack of a reliable online connection this approach is not suitable for VANET - messages are standalone & large scale

15 Public Key Approach binding public keys to corresponding identities using certificate authority Each message should :  signed with a digital signature  achieve mutual authentication without involving a server Public Key Infrastructure is the answer…….

16  Safety data should be bound to vehicles certificates, In order to distinct trusted vehicles and exclude untrusted vehicles  The goal of a certificate Invalidation is to remove an untrusted vehicle. - This process is called revocation. * Multiple certificates can be bound to one vehicle

17

18  Certificate Authorities (CAs)  CA issues certified public/private key pairs to vehicles.  The different CAs should be synchronized. Vehicles from different countries or  The preferred way: Nodes generate the key pairs and provide only the public key to CA, which will issue a certificate

19 Car A Car B Governmental Transportation Authorities  Governments control certification  Long certificate chain  Keys are re-certified on borders to ensure mutual certification  OBUs near each other update simultaneously  OBU needs to update its key to operate in a new region

20 Car A Car B Manuf. 1 Manuf. 2 Manufacturers Authorities  Vehicle manufacturers can be trusted  Only one certificate is needed  Each car has to store the keys of all vehicle manufacturers

21

22

23  To authenticate each other, vehicles will sign each message with their private key and attach the corresponding CA’s certificate.  When another vehicle receives this message, it verifies the key used to sign the message and once this is done correctly, it verifies the message.

24

25

26

27

28  A certificate is a vehicle’s public key and ID, signed by the CA:  Certificate = Sig-CA (PK || ID), PK, ID

29  There are 4 parts:  1: message header;  2: the certificate;  3: message payload;  4:the signature of the signed message.

30  Security protocols adds overhead to data transferred  Certificate are twice as large as signatures  Optimizing the distribution mechanism is a proper means of considerably reducing the over-the-air bandwidth overhead

31  1–1 : Two communicating nodes will possibly establish a session. - certificates exchanged during session setup  1–n : Single node broadcasts to many nodes, without establishing a session - receiver needs to obtain the sender’s certificate before verifying the message - Sender attach its certificate to each message.

32  a unique digest that can easily be computed, by applying a hash function to the certificate. When received a certificate : 1. Check If received the certificate digest in the past 2. If not : Verify Certificate 3. If verified: Store Certificate digest

33  Periodic Broadcast certificate is sent in a piggy-back fashion together with a message  Certificate on demand send certificate only when not stored locally on the receiver’s side  Hybrid Certificate broadcast certificate on demand by default, until no certificate is demanded for a certain amount of time

34

Download ppt " Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates."

Similar presentations

Wenmao Liu Harbin Institute of Technology China. Outline ITS & VANETs Security Issues and Solutions An autonomous architecture Conclusion.

Wenmao Liu Harbin Institute of Technology China. Outline ITS & VANETs Security Issues and Solutions An autonomous architecture Conclusion.
Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.

Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
By Md Emran Mazumder Ottawa University Student no: 6282845.

By Md Emran Mazumder Ottawa University Student no:
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.

 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.
Securing Vehicular Communications Author : Maxim Raya, Panos Papadimitratos, and Jean-Pierre Hubaux From : IEEE Wireless Communications Magazine, Special.

Securing Vehicular Communications Author : Maxim Raya, Panos Papadimitratos, and Jean-Pierre Hubaux From : IEEE Wireless Communications Magazine, Special.
Chapter 11: Cryptography

Chapter 11: Cryptography
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.

Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
Lecture 2: Security Rachana Ananthakrishnan Argonne National Lab.

Lecture 2: Security Rachana Ananthakrishnan Argonne National Lab.
Public Key Management and X.509 Certificates

Public Key Management and X.509 Certificates
1 Key Management for Vehicular Networks Maxim Raya and Jean-Pierre Hubaux Secure Vehicular Communications Workshop EPFL - 19/05/2015.

1 Key Management for Vehicular Networks Maxim Raya and Jean-Pierre Hubaux Secure Vehicular Communications Workshop EPFL - 19/05/2015.
WAP Public Key Infrastructure CSCI 5939.02 – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

Similar presentations

Ads by Google