New Card Based Scheme to Ensure Security and Trust in Vehicular Communications Irshad Ahmed Sumra,Halabi Hasbullah,Iftikhar Ahmad Computer and Information Sciences Department Universiti Teknologi PETRONAS Bandar Seri Iskandar 31750, Tronoh, Perak, Malaysia.
[email protected],
[email protected],
[email protected] Abstract — Potential safety and non safety applications of vehicular network provide solutions to current traffic system. Dynamic topology of the vehicular communication network and high speed of the vehicles make it a challenging task of authenticating the users. Researchers have proposed different types of authentication mechanisms for secure vehicular communication. We propose a new and practical card-based scheme to make it possible for authentication of users and at the same time enable transactions with vehicle Service Provider (SP). Our proposed scheme provides secure communication environment while vehicle communicating with other vehicles (V2V) or communicating with road site unit (V2R). The SP is key module in vehicular business model in that it provides non safety services to vehicular users during their journey. Our proposed scheme will help solve the security and trust issues in authentication of the users while taking service from service providers. Keywords - Vehicular Ad hoc Network (VANET),Safety Applications, authentication, Card basd Scheme, Service Provider (SP).
I.
INTRODUCTION
Road accident is one of the major problems in current traffic system and one of the reasons for this is that drivers are not fully aware of its current driving environment. Vehicular ad hoc network (VANET) takes responsibility to deliver right information to drivers and by doing so helps reduce the rate of accidents. Safety and non safety applications [1] help focuses the drivers’ and passengers’ requirements on highways in vehicle to vehicle (V2V) and vehicle to road side unit (RSU) communication. Dedicated Short Range Communication (DSRC) is a communication medium that provides support to implement these safety and non safety applications [2]. Before preparing to do implementation of attractive and interactive applications, we must resolve security and privacy issue in this network [3]. Among the various security requirements in VANET, message authentication and data integrity are the two most important security requirements. In this paper, we discuss these issues and propose a solution to reduce its impact. In vehicular environment, message integrity means the content of the message should not be altered while in motion between a sender to a receiver. VANET applications require the message integrity most because life critical information should not be
This work is funded by Universiti Teknologi PETRONAS Postgraduate Assistantship scheme in collaboration with MIMOS Berhad.
Jamalul-lail bin Ab Manan Advanced Information Security Cluster MIMOS Berhad Technology Park Malaysia Kuala Lumpur, Malaysia
[email protected]
changed by any attackers at all. User privacy (driver name, license plate number, location, vehicle speed and travelling route) is another key user’s requirement especially when communicating with other vehicles or with road side unit (RSU) [4]. The rest of paper is divided into four sections; Section II explains the importance of authentication in the field of vehicular network. Section III describes the some related work in the area of vehicular authentication for applications as for as business transactions. Section IV explains some of the security hardware modules needed in a VANET vehicle. Trusted platform module (TPM) is the key trusted security module which is used in vehicle and plays a vital role to provide security and trust in VANET communication environment. In Section V we propose card based scheme to ensure security and trust, and also explain in detail how this scheme is more practical for authentication of messages as well as for authentication of business transactions. We conclude the paper in Section VI. II.
AUTHENTICATION REQUIREMENT IN VANET
Authentication is an open issue key and security requirement in vehicular network and all applications are required to be authenticated. Authentication is needed for most tasks for sending critical messages to other vehicle or getting some services from the network. Large number of high speed vehicles and dynamic topology of the vehicular network are some of the key factors which makes authentication task difficult. Attackers are dynamic in nature and they not only create problems in network by sending wrong messages or alteration of safety messages but also can seriously affect service provider network. Authentication is required in two different cases. For the first case, if users send or receive safety messages in network, it should be authenticated first by a valid user. For the second case, when user needs any service from service providers (SP), they should check the user information from its own billing server which later charges the users for the use of any sort of services/resources. Figure 1 shows an example of a VANET communication in different zones. In this scenario, the Zone1 and the Zone 2 has same numbers of vehicles but the traffic is flowing in two different directions. Vehicles in both zones are communicating with each other and also with the VANET infrastructure. It can
be seen that it would be very difficult to check the authenticity of each vehicle and maintain security keys, especially when the network topology is dynamic. Furthermore, the scenario will become more complex if vehicles take business services from service providers (SP) such as internet or mobile telephone services. This can lead to the challenging task to authenticate each subscriber and at the same serve request for services.
Protocol Version (1 Byte)
Types (1 Byte)
69 Bytes
Message (67 Bytes)
Certificate (125 Bytes)
Signature (56 Bytes)
181 Bytes
Figure 2. Format of sign message
There is another reference which discusses some types of message authentication in [7].
Figure 1. VANET Communication in different zones
III.
RELATED WORK
It is describes different types of authentication mechanism in vehicular communication. The following section describes some types of VANET authentications which have been discussed in different studies [4, 5 and 6]. Vehicle Authentication: the vehicle is the basic entity to communicate with other entities on highway. An attacker vehicle will place itself as part of this network and our responsibility is to differentiate it from other authentic vehicles in the network. Authentic vehicles must work properly and play important positive role of sending and receiving safety and non safety messages. Road Side Unit (RSU) Authentication: RSU communicates with users; it should be authentic and can send right information at any time. Hence, availability of the network is also crucial and when users communicate, RSU provides services for the users in that specific region. Denial of Service (DOS) is one of the attacks that can affect VANET environment, whereby two authentic parties (vehicles and RSU) cannot perform their task through jamming the communication medium or by consuming the resource of the network. Message Authentication: Next level is to authenticate the message that is received from other vehicles or from RSU. When any vehicle receives any kind of message then it should verify message integrity and verify that the content is safe from source to destination. It is necessary for user to authenticate any warning message and execute it before sending to other users of the network. There will be a serious security breach if for example, a vehicle is authentic and send right message but contents are changed an attacker. Figure 2 shows the format of the sign message and in this format 125 bytes are used for digital certificate whereby 56 bytes are allocated for Elliptic curve digital signature algorithm (ECDSA). Certificate and signature are important part of the whole packet and it occupies a significant portion of total packet size and may create cryptographic overhead [4].
Broadcast Message Authentication: The first mechanism of message authentications is called broadcast message authentication, in which one single vehicle authenticates a message (safety or non safety) and many other vehicles (n) verify the message. The main purpose of broadcast message is to provide security services. For example if vehicle A finds an accident on location X then, vehicle A will immediately generate a broadcast message for other users to be aware of the incoming danger ahead of them. VANET practically uses this default mechanism and it is also part of the IEEE P1609.2 Standard. The advantage of this mechanism is that there is no need for session establishment between sender and receiver and nature of message is standalone. Information messages, safety messages, vehicles’ beacon messages and RSU safety messages are the four message types that are used for broadcast message authentication. Relationship between vehicles in broadcast authentication mechanism is one-to-many vehicles. Figure 3 shows the basic broadcast message algorithm.
Figure 3. Broadcast Message Authentication algorithm
Pairwise Message Authentication: The second mechanism is based on peer to peer message authentication and it is only useful if there is a respected interaction between the vehicles. Pairwise message authentication uses symmetric message authentication code (MAC). Computing of MAC is several orders faster compared to generating digital signature. MAC algorithm is based on hash algorithm and so MAC family is HMAC-SHA algorithm. Vehicle A and Vehicle B share a common secret key in pairwise communication which is denoted by K and message authentication code (MAC) algorithm is shown in Figure 4.
Figure 4. Message Authentication Code (MAC) algorithm
GroupWise Message Authentication: Last mechanism is similar to pairwise message authentication, but the difference is that a group of vehicles communicate with one vehicle. A group of vehicles use common secret key K and key agreement scheme needs to be executed. This scheme is useful if group
member exchange several messages before break up or regroup of vehicles. This mechanism works within the group and making and managing groups is relatively a very difficult task due to the vehicle speed and dynamic nature topology of the network. MAC algorithm is used in groupwise message authentication but the mechanism is different and here the communication is performed in specific group. One group leader sends authentication message to many users of the group. Authentication requirement for Business Transaction VANET provides a big opportunity for business people; they provide services along highway about hotels shopping malls and also restaurants. Authentication is also a big challenge for business transaction where business community spend a lot of money for establishes their business near the highway. It is required for business parties to verify the users before service the particular services. There are two types of services which are provided by the business party near the road. Telephone and Internet services are provided by third party. Moustafa et al [8] has mentioned two types of business models which are given below. • •
•
Client/Service provides mutual authentication at entry point of the network. Service provider authorize every client and provide require service during journey.
•
Client/client authentication and secure communication
•
Access point (AP)/client authentication and secure data transfer.
However, the main drawback of this solution would happen at entry point where client and service provider authentication task performed; it would be congested when number of users increasing on highway. IV.
TRUSTED SECURITY MODULE
“Trust” is the key element in creating a trusted VANET environment which would help promote security in vehicular network. Trusted Computing Group (TCG) [9] has proposed a new generation of computing platform whose purpose is to improve the security and trust in IT system. Trusted Platform module (TPM) is a hardware chip and it is the core component of the TCG. In principle, TPM provides cryptographic functions, secures storage of secret data and provides the basis to fulfil major security requirements.
Prepaid Package (Pay before use) Post-paid Package (use before pay)
In Prepaid Package, users pay money to service provider before taking specific services and billing has been fixed on the monthly basis. If users do not take services within a specific time period the billing will still charge to users. Post paid package is the opposite of prepaid package, in which users send request to network authority for particular services. This authentication usually happens at the entry points of highway. Figure 6. TPM architecture
In summary, TPM provides the following features [10]:
Figure 5. AAA Architecture design
Access network, wireless mobile ad hoc network and 802.11 WLAN (AP) are three main entities of the proposed architecture in Figure 5. This architecture works in two ways; it provides communication between vehicle to vehicle and vehicle to infrastructure in order to achieve offered services. The proposed architecture design by Moustafa [8] is based on 802.11i and provides solution to for vehicular user. Authentication, authorization and accounting (AAA) mechanism are used to properly authenticate and encrypt data between the parties while taking services. They explained three issues with their proposed solution as follows:
•
Support high bandwidth communication
•
Require cryptographic coprocessor to speed up cryptographic operations that are used in encryption and decryption and signature generation.
•
Provides secure storage for private and secret keys
•
Cryptographic data store in permanent memory location.
The use of TPM functionalities will meet the security requirements in vehicle environment which are listed as follows: •
Low Cost: TPM is a low cost security module as compared to temper proof device (TPD). The cost of TPD is high; about several thousand dollars [11, 12] that makes the overall cost of the vehicle.
•
Ownership: TPM_takeownership command [] creates ownership of the vehicle. Whenever user buys new vehicle, the authority will assign it to be the owner of
that particular vehicle. When the vehicle is sold out then we need to change ownership to the new user. Police or law enforcement agencies can identify the vehicle even if the vehicle is stolen or used in crime activity. •
Cryptographic Functions: TPM provides cryptographic function and also ensures the data integrity in the network through cryptographic components (SHA-1 Engine, RSA and Random Number Generator).
•
Resist Software Attacks: TPM can resist software attacks but it cannot control hardware tempering.
•
Root of Trust: Root of trust for measurement (RTM), root of trust for Reporting (RTR) and Root of Trust for Storage (RTS) are the three types of ROOT of TRUST which are provided for developing the chain of trust inside the TPM.
The VSP server is connected to the PCA of participating vehicle and also to the billing server. When user sends request to VSP sever then it sends the 16 digit code (number), assigned keys and account balance. These balances are used for those services which is not free like telephonic services. After the 16 digit code verification, the user will be served according to their particular requests. Most applications offered by VSP are free of charge.
TPM KEYS Endorsement Key (EK): EK [13] is embedded non migratable decryption key inside the each TPM device. It is generated in the process of TPM manufacture time and later cannot be changed or removed. EK is never used for signing the data or encryption of the data. Attestation Identity Keys (AIK): It is non migratable attestation signing key that are used to sign data which is locally created by TPM [14]. PCA and DAA the two protocols that use AIK for attestation purposes. Storage Root Key (SRK): SRK is a asymmetric key and is used to encrypt data and also other TPM keys. It is used to wrap TPM protected keys and it is embedded into TPM. It is stored outside the TPM and is generated during the process of taking logical ownership of the platform. Signing Key: This is asymmetric general purpose keys and use for signing the applications data and message. Singing key can be migratable or non migratable nature and can be imported and exported between TPM devices. Integrity of the message depends on key that is used to generate the signature. V.
PROPOSED CARD-BASED SCHEME
Authentication is more complex task in vehicular network compared to any fixed network due to dynamic nature of its topology. Our scheme is based on fixed infrastructure which is called vehicular Service Providers (VSP).VSP issues secret cards with different time durations like one month, two month, and six month. When the users need to do is only to enter a 16 digits secret code into the vehicle unit and then communicate with vehicular Service Providers server. The VSP server will verify the secret code through an integrity verification process and after verification has been completed, it will activate the PCA at the user vehicle to generate certificates for some specific time duration. Objective of this propose scheme to solve the problem of authentication and users should be authentic while they join network on road and taking services. Figure 7 shown the propose scheme mechanism.
Figure 7. Propose Card Based Scheme with Vehicular Service Provider (VSP)
Before getting the services however, attestation keys are the second part after verification of the code. These keys will be used for attestation between the two platforms, using application and messages (safety of non safety). Attestation Keys are related to time domain, for example its expiry by months or year as well as the billing information. The format of the secret code has two major parts as shown in Figure 8.
XXXXXXXXYYYYYYYY 8 Digits
8 Digits
Figure 8. 16 digit secret codes
The parts of the 16 Digit Secret Code is as described below. FIRST PART: First 8 digit uses for PCA is taken from a smart card inserted to the vehicle unit by this way, we eliminate the need for connecting with the PCA and sending request for certificate and key for singing the messages. In this scheme, keys will be created based time duration like one month or two months. Figure 9 explains whole process of this new scheme. In this scenario, a vehicle A signs a message with TPM signing (SK) key, attach valid AIK certificate and signature inside the VPS security tag and broadcast this message to other vehicles. So every other vehicle checks this message that comes with security VPS tag. If VPS tag is exist with message, its means this message is secure and properly signs with TPM signing key (SK). Every time TPM generates one signing key and sends request to storage area for AIK certificate. By frequently changing the signing key and AIK, it maintains the security in the system.
Backbone Network
Secret 16 digits Code
PCA
Vehicle
Billing
VSP Server
VSP
TPM
Keys
Billing Server
Storage Area
Figure 9. Process mechanism of Card-based Scheme
Figure 10 shows the authentic warning message with security tag. Because of the VPS signature certificate, it can be seen that it would be difficult for an attacker to change the security tag. Figure 11 shows how an ideal secure and trusted communication between the vehicles would take place using the proposed scheme. Message
VPS Signature Certificate
Figure 10. Safety message with VPS Security Tag
TPM functionalities are used to provide security and it is used inside the vehicle. Privacy Certification Authority (PCA) is trusted third party and its purpose is to issue the certificate for AIK and verify the AIK which are used in different types of applications in the network. Guette and Heen [16] proposed the memory stick (USB) for saving AIK certificates. Drawback of this approach is that the communications with PCA and USB was depending on PC and need internet connection for connecting the Certification Authority. G. Guette [16] argued that quantitative aspects of increasing the number of certified AIK in TPM may cause scalability issues. He discussed the usage of the AIK with respect to its travelling duration and time interval of the valid certificate AIK. For example, one vehicle use same AIK 500 meters and this vehicle travel 2500km per year, then 50,000 AIK certificate needed for this particular users within one year. It would be very difficult for TPM to generate approximately 250,000 AIK certificates and for the PCA to verify this entire certificate. So in our approach we have also considered this problem and provide solution to generate valid AIK certificate inside the vehicle itself. In this approach we do not depend on PCA for generating the AIK certificate and we have time interval and in this time interval we may generate enough certificates and sign the messages. Every time we generate a new certificate for new applications. Some unique features of the proposed scheme are given below. •
It is based on card which has 16 digit secret code that provids security based on trusted platform module (TPM) for signing safety messages and for business transactions.
•
The storage area is proposed inside vehicle for saving security keys and billing information. It eliminates the dependancy on external storage device(memory stick) that should not use for the storage of users information.
•
Users do not depend on exernal party for authnetication in dynamic topology vehicular communciation network.
•
Message tag contains signature and certificate that make difficult for attackers to alter the tag.
•
If user sends incorrect messages in network then VPS server takes vehicle number and blocks the communciation.
•
The proposed scheme is based on TPM as it is low cost security device and used in PC and laptops [17]. TPM cryptographic components perform encrytion and decryption tasks and develop the chain of trust in vehicular network.
Figure 11. Secure communication between the vehicles
SECOND PART: Next 8 digit secret codes is used for business related applications such as taking some services and paying money for these services like telephone and internet services on road. As shown in Figure 12, vehicle A sends request for internet access on road, so authentication and billing sever authenticates the user together with its billing information. After that the VPS server gathers some more parameters such as speed, position and direction of the requesting vehicle. If the user of the vehicle fulfils all requirements, the VSP server provides required road services. Another vehicle C may also sends request for any other services, and the same procedure will be followed for serving the required services. Web Server
Authentication & Billing Server
Other services
RSU
A B
D C
VI. E
Figure 12. Authentiction in Business Communication
CONCULISION AND FUTURE WORK
Security and trust are two main users’ requirements for trusted vehicular network. While we need authentication as the basic security requirement in this life saving vehicular network,
we also need to ensure that the vehicle platform and infrastructure are trusted. In vehicular communications, when user receives any safety message, it should be authentic, and that the requesting source is valid. Our proposed scheme provides the required authentication of vehicular users while communicating with vehicle service providers. A trusted vehicle uses many types of embedded sensors inside the vehicle, and a trusted chip called TPM is used in the vehicle to develop trust among entities within the network. In our proposed scheme for vehicular communications, we used TPM functions for signing safety and non safety messages. REFERENCES [1]
[2]
[3] [4]
[5]
[6]
[7]
[8]
[9]
[10] [11] [12] [13] [14]
[15]
[16] [17]
D. Jiang, V. Taliwal, A. Meier,W. Holfelder,R. Herrtwich“Design of 5.9 GHz DSRC-based vehicular safety communication “Wireless Communications IEEE Vol. 13, No. 5. (2006), pp. 36-43. H.Moustafa & G. Bourdon,”Vehicular Networks Deployment View: Applications, Deployment Architectures and Security Means”, Ubiquitous Computing and Communication Journal, Publishing Date: 3/24/2008. J.P.Hubaux,S.Capkun,J.Luo “The Security and Privacy of Smart Vehicles” Published by the IEEE Computer Society.May/June 2004. C.Zhang, X.Lin, R.Lu, P. Han Ho & X.Shen, “An Efficient Message Authentication Scheme for Vehicular Communications”, IEEE Transactions On Vehicular Technology, Vol. 57, No. 6, Nov. 2008. A.Studer, F. Bai, B.Bellur & A.Perrig, “Flexible, Extensible, and Efficient VANET Authentication” Proceedings of IEEE Intelligent Transportation Systems. Conference (ITSC), 2006. E. Coronado & S. Cherkaoui,”An AAA Study for Service Provisioning in Vehicular Networks”, LCN ‘07 Proceedings 32nd IEEE Conference on Local Computer Networks.IEEE computer society. H.Hartenstein & K..P.Laberteaux,”VANET:vehicular applications and Inter-Networking Technologies”,CH.No.9,Page No.329. Publisher Name:WILEY. H.Moustafa, G. Bourdon & Y.Gourhant, “Providing Authentication and Access Control in Vehicular Network Environment “,IFIP International Federation for Information Processing, 2006. AR. Sadeghi, M.Selhorst, C. Stuble, C.Wachsmann and M.Winandy, “TCG inside?: a note on TPM specification compliance”, Proceeding STC '06 Proceedings of the first ACM workshop on Scalable trusted computing. A.Kung,”Security architecture and mechanisms for V2V/V2I”, Project name: Sevecom, date 31 august 2007. M. Raya,J. Pierre, Hubaux,”Securing vehicular ad hoc Networks” Journal of Computer Security,vol.15,Issue no.1 January 2007, pp: 39-68. A.Stampoulis, Z.Chai ”A Survey of Security in Vehicular Networks” Trusted Platform Module Basics Using TPM in Embedded Systems by Steven Kinney Chapter No.04, Endorsement Key (EK), pp No.32. A. Reza Sadeghi,”Trusted Computing-Special Aspects and Challenges”, Lecture Notes Horst-Gortz-Institute(HGI) for ITSecurity, RuhaUniversity Bochum, Germany 2007. G. Guett, C. Bryce,” Using TPMs to Secure Vehicular Ad-Hoc Networks (VANETs)” IFIP 2008, WISTP 2008, LNCS 5019, pp.106116. G.Guette and O.Heen,”A TPM-based Architecture for improved secuirty and Anonoymity in vehicular ad hoc networks”,IRIS France. I.Ahmed sumra,H.Hasbullah,Jamalul-lail,”Comparative study of security hardware modules (EDR, TPD and TPM) in VANET”,3rd National Information Technology Symposium(NITS2011), Mar 6, 2011 Riyadh, Saudi Arabia.
