Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Vanet by Sujata Tiwari


Published on

Read it out guys it might help u out.

Published in: Education, Technology, Business
  • Be the first to comment

Vanet by Sujata Tiwari

  1. 1. Security in Vehicular Ad hoc Networks (VANETs) Sujata Tiwari B.Tech (ICT) 2nd year
  2. 2. Acknowledgements  Presentation based on:  Maxim Raya and Jean-Pierre Hubaux, “The security of vehicular ad hoc networks”, SASN 2005.  Bryan Parno and Adrian Perrig, “Challenges in securing vehicular networks”, SECON 2005.  Some slides courtesy above authors.
  3. 3. Presentation outline  What is a VANET?  VANET applications  Adversaries  Security threats and attacks  Security primitives for attack prevention or handling strategies
  4. 4. A modern vehicle F o r w a r d r a d a r C o m p u t i n g p l a t f o r m E v e n t d a t a r e c o r d e r ( E D R ) P o s i t i o n i n g s y s t e m R e a r r a d a r C o m m u n i c a t i o n f a c i l i t y D i s p l a y (GPS) Human-Machine Interface A modern vehicle is a network of sensors/actuators on wheels !A modern vehicle is a network of sensors/actuators on wheels !
  5. 5. What is a VANET (Vehicular Ad hoc NETwork)? • Communication: typically over the Dedicated Short Range Communications (DSRC) (5.9 GHz) • Example of protocol: IEEE 802.11p
  6. 6. Motivation for VANET  Increase safety Hundreds of thousands of people are killed world-wide due to road accidents yearly. Many more are injured.  Traffic optimization Congestion/traffic jams cost time and fuel. Both these problems can be solved or mitigated by giving timely information to the drivers!
  7. 7. Differences from MANET  Large scale – potentially billion  Fleeting contact with other vehicles  Nodes not as constrained in terms of energy, storage and computation.
  8. 8. VANET applications 1. Safety alerts a. Requirement: Bounded latency b. Primary Issue: Broadcast storm 2. Congestion warning a. Requirement: Message persistence b. Primary Issue: Disconnected network 3. Infotainment a. Requirement: End-to-end connectivity b. Primary Issue: Disconnection due to high mobility
  9. 9. Application-1 : Congestion Detection  Vehicles detect congestion when: # Vehicles > Threshold 1 Speed < Threshold 2  Relay congestion information Hop-by-hop message forwarding Other vehicles can choose alternate routes
  10. 10. Application-2 : Deceleration Warning  Prevent pile-ups when a vehicle decelerates rapidly
  11. 11. Attackers  Insider or outsider  Insider – valid user  Outsider – Intruder, limited attack options  Malicious or rational  Malicious – No personal benefit, intends to harm other users  Rational – seeks personal benefits, more predictable attack  Active or passive  Active: Generates packets, participates in the network  Passive: Eavesdrop, track users
  12. 12. Security Attacks Goals ExecutionActions Congestion Creation/ avoidance Cause accidents or pile-ups Track individuals Denial of service Insert bogus congestion warnings Misrepresent Location of accident Message suppression Aggressive insertion of messages/jamming Single Single, multiple Entities (Sybil) Multiple Independent Colluding
  13. 13. Security Requirements  Authentication:  React only to legitimate events. Authenticate senders of messages.  Verification of data consistency  Legitimate senders can send false data (attack/unintentional). Can cause immense damage even fatalities.  Availability  Network should be available under jamming attacks  Non-repudiation  Drivers causing accidents should be reliably identified  Privacy (conflicts with authentication)  Privacy of drivers against unauthorized observers.  Real-time constraints  High speed means constraints on time
  14. 14. Security Architecture
  15. 15. Key Management  Key distribution How will the key be distributed ?  Key certification Who will certify the keys ?  Key revocation When the key is compromised, what is the revocation procedure ?
  16. 16. Tamper-proof device  Each vehicle carries a tamper-proof device  Contains the secrets of the vehicle itself  Has its own battery  Has its own clock (notably in order to be able to sign timestamps)  Is in charge of all security operations  Is accessible only by authorized personnel Tamper-proof device Vehicle sensors (GPS, speed and acceleration,…) On-board CPU Transmission system ((( )))
  17. 17. Digital signatures  Symmetric cryptography is not suitable: messages are standalone, large scale, non-repudiation requirement  Hence each message should be signed with a DS  Liability-related messages should be stored in the EDR
  18. 18. VPKI (Vehicular PKI)  Each vehicle carries in its Tamper-Proof Device (TPD):  A unique and certified identity: Electronic License Plate (ELP)  A set of certified anonymous public/private key pairs  Before a vehicle sends a safety message, it signs it with its private key and includes the CA’s certificate.  Mutual authentication can be done without involving a server  Authorities (national or regional) are cross-certified
  19. 19. The CA hierarchy: two options Country 1 Region 1 Region 2 District 1 District 2 Car A Car B Car A Car B Manuf. 1 Manuf. 2 1. Governmental Transportation Authorities 2. Manufacturers  The governments control certification  Long certificate chain  Keys should be recertified on borders to ensure mutual certification  Vehicle manufacturers are trusted  Only one certificate is needed  Each car has to store the keys of all vehicle manufacturers
  20. 20. Key revocation  All cryptographic material of a vehicle is compromised: CA sends revocation message to the TPD.  A particular key is compromised: CA sends revocation message to the TPD for each revoked key. High overhead. Short key certificate lifetimes. Large storage required.
  21. 21. Security primitives  Authenticated localization of message origin Option 1:  Beacons broadcast location with timestamp and signature. Include this packet in all messages.  Requires infrastructure. Option 2: Use relative localization
  22. 22. Security primitives Contd.  Anonymization service Attempt to balance authentication and privacy Option 1:  Key changing algorithm that adapts to vehicle speed  A large set of keys needs to be stored in the vehicle and periodically renewed (during regular vehicle maintenance visits) Option 2:  Drivers authenticate to a service with their permanent Id and receive a temporary Id that cannot be traced back to the driver.  Infrastructure required.
  23. 23. Security primitives Contd.  Secure aggregation Vehicle count the number of vehicles it passes and reports the sum. Receiving vehicle authenticates the information and is able to estimate the amount of traffic ahead.
  24. 24. Questions?