Privacy-Enabled Probabilistic Verification in Broadcast Authentication for Vehicular Networks

Abstract

Vehicular Ad hoc Networks (VANETs) possess an extremely dynamic nature accompanying the high mobility feature. In VANETs, each vehicle sends out safety messages at regular intervals of 100-300 ms. Since the purpose of VANETs is to ensure the safety of human life on the road, therefore, it becomes extremely important to secure these messages. IEEE 1609.2 security standard for VANETs recommend the use of secure Elliptic Curve Digital Signature Algorithm (ECDSA) signatures for authenticating broadcast messages.

ECDSA is a digital signature based on elliptic curve cryptography such that the elliptic curve is defined over a finite field of a prime number. It is considered to be very secure because solving its discrete logarithmic is hard, with primes of sizes 224, 256-bits and greater. Yet, ECDSA is computationally expensive, an ECDSA signature generation takes 4 milliseconds while the verification takes 22 milliseconds on a 400 Mhz processor. Besides, when all vehicles will be broadcasting messages at a frequency of 10 Hz, the verification queue size will increase at a rapid rate. Since the messages are valid only for a certain time period, some of them will time out waiting to be verified. Malicious vehicles can take advantage of this fact by increasing signature verification time through signature flooding of fake messages.

Therefore, smart verification strategy is required. Hence, we design a probabilistic verification method using highly secure ECDSA. At the same time, we make available a privacy controlled mechanism, where Registering Authorities (RA) are the entities responsible for disclosing the original identities of the vehicles communicating with pseudonyms. In accordance, with the early deployment stages of VANETs, our solution does not require a strong backbone of the infrastructure entities RA. Another advantage of our solution is that the vehicles use the information available in the broadcasts to compute the probability. Thus, it does not increase the communication overhead of the broadcasts.

Our V2I communication for privacy controlled mechanism is a lightweight mutual authentication mechanism such that it guarantees the authenticity of both the infrastructure and vehicles. Our V2V communication employs a one-by-one verification approach to support the dynamism in vehicular ad hoc networks. Our method is based on the distance and direction of the communicating vehicles with respect to each other, i.e., whether the vehicles are coming close or moving away. All our simulations are performed on realistic VANET scenarios, generated with the help of urban mobility model SUMO on real city map and Nakagami propagation model. Therefore, this work presents a practical privacy enabled probabilistic signature verification solution for realistic VANET scenario.

This approach integrates security and privacy of vehicles in VANET, such that the vehicles cannot be compromised by an outsider and messages cannot be forged by an attacker. We enlist the harmful attacks for VANETs and analyze our scheme to make sure that all the discussed attacks are prevented. We also develop a reactive and adaptive channel hopping countermeasure for DoS jamming attack, which uses weight based channel selection, such that the weight of detected jammed channel(s) is reduced while increasing the weight and hence probability of selection of un-jammed channels.

We implemented the proposed scheme in an event based network simulator, ns2. We compare its performance with IEEE Std. 1609.2 and two most widely used broadcast authentication algorithms, TESLA and Signature Amortization. Our results show that our scheme has an average of 68% reduction in message loss caused by delay in the verification queue. We also obtain a high packet processing ratio as the number of in-range broadcasting vehicles is varied. When packet error rate is introduced in the network, an average of 80% improvement such that the minimum average improvement is 46% is obtained by our scheme.