The Key to Intelligent Transportation: Identity and Credential Management in Vehicular Communication Systems

Khodaei, Mohammad; Papadimitratos, Panos

doi:10.1109/mvt.2015.2479367

Cited by 54 publications

(29 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We assume that each vehicle is registered only with its Home-LTCA (H-LTCA), the policy decision and enforcement point, reachable by the registered vehicles. Without loss of generality, a domain can be defined as a set of vehicles in a region, registered with the H-LTCA, subject to the same administrative regulations and policies [50]. There can be several PCAs, each active in one or more domains.…”

Section: System Model and Assumptionsmentioning

confidence: 99%

Scalable & Resilient Vehicle-Centric Certificate Revocation List Distribution in Vehicular Communication Systems

Khodaei

Papadimitratos

2021

IEEE Trans. on Mobile Comput.

Self Cite

View full text Add to dashboard Cite

In spite of progress in securing Vehicular Communication (VC) systems, there is no consensus on how to distribute Certificate Revocation Lists (CRLs). The main challenges lie exactly in (i) crafting an efficient and timely distribution of CRLs for numerous anonymous credentials, pseudonyms, (ii) maintaining strong privacy for vehicles prior to revocation events, even with honest-but-curious system entities, (iii) and catering to computation and communication constraints of on-board units with intermittent connectivity to the infrastructure. Relying on peers to distribute the CRLs is a double-edged sword: abusive peers could "pollute" the process, thus degrading the timely CRLs distribution. In this paper, we propose a vehicle-centric solution that addresses all these challenges and thus closes a gap in the literature. Our scheme radically reduces CRL distribution overhead: each vehicle receives CRLs corresponding only to its region of operation and its actual trip duration. Moreover, a "fingerprint" of CRL 'pieces' is attached to a subset of (verifiable) pseudonyms for fast CRL 'piece' validation (while mitigating resource depletion attacks abusing the CRL distribution). Our experimental evaluation shows that our scheme is efficient, scalable, dependable, and practical: with no more than 25 KB/s of traffic load, the latest CRL can be delivered to 95% of the vehicles in a region (15×15 KM) within 15s, i.e., more than 40 times faster than the state-of-the-art. Overall, our scheme is a comprehensive solution that complements standards and can catalyze the deployment of secure and privacy-protecting VC systems.

show abstract

Section: System Model and Assumptionsmentioning

confidence: 99%

Scalable & Resilient Vehicle-Centric Certificate Revocation List Distribution in Vehicular Communication Systems

Khodaei

Papadimitratos

2021

IEEE Trans. on Mobile Comput.

Self Cite

View full text Add to dashboard Cite

show abstract

“…We assume that each vehicle is registered only with its Home-LTCA (H-LTCA), the policy decision and enforcement point, reachable by the registered vehicles. Without loss of generality, a domain can be defined as a set of vehicles in a region, registered with the H-LTCA, subject to the same administrative regulations and policies [61,70]. There can be several PCAs, each active in one or more domains; any legitimate, i.e., registered, vehicle is able to obtain pseudonyms from any PCA, the pseudonym provider (as long as there is a trust established between the two CAs).…”

Section: System Model and Objectives 31 Overview And Assumptionsmentioning

confidence: 99%

Scaling pseudonymous authentication for large mobile systems

Khodaei¹,

Noroozi²,

Papadimitratos³

2019

Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks

Self Cite

View full text Add to dashboard Cite

The central building block of secure and privacy-preserving Vehicular Communication (VC) systems is a Vehicular Public-Key Infrastructure (VPKI), which provides vehicles with multiple anonymized credentials, termed pseudonyms. These pseudonyms are used to ensure message authenticity and integrity while preserving vehicle (thus passenger) privacy. In the light of emerging largescale multi-domain VC environments, the efficiency of the VPKI and, more broadly, its scalability are paramount. By the same token, preventing misuse of the credentials, in particular, Sybil-based misbehavior, and managing "honest-but-curious" insiders are other facets of a challenging problem. In this paper, we leverage a stateof-the-art VPKI system and enhance its functionality towards a highly-available, dynamically-scalable, and resilient design; this ensures that the system remains operational in the presence of benign failures or resource depletion attacks, and that it dynamically scales out, or possibly scales in, according to request arrival rates. Our full-blown implementation on the Google Cloud Platform shows that deploying large-scale and efficient VPKI can be cost-effective.

show abstract

“…Sybil resilience in VSNs remains an open challenge in the absence of consensus because the standardization bodies [16], [30] and harmonization efforts do not have conclusive views on that front. For example, Car2Car Communication Consortium (C2C-CC) [10] proposes to issue pseudonyms with overlapping lifetimes in order to keep the safety applications operational at any given point in time [34], while [44], [33] (works in the context of SeVeCom [35] and PRESERVE EU project [50] respectively) proposes to issue pseudonyms with non-overlapping lifetimes in order to eliminate the possibility of equipping a vehicle with multiple simultaneously valid short-term identities. However, beyond enforcing this constraint within a domain, malicious users could exploit the existence of multiple domains [1], [26], [18] to obtain simultaneously valid pseudonyms from different domains, depending on the pseudonym usage policies.…”

Section: A Resilience Considerationsmentioning

confidence: 99%

“…Facilitating cross domain operations is one of the main operational challenges in VC systems [34]. Similar to VC systems, trust establishment has to be taken into consideration before deploying a secure and privacy-preserving multidomain VSN.…”

Section: Operational Challenges In Identity Managementmentioning

confidence: 99%