International Journal of Computer Science & Network Security

International Journal of Computer Science & Network Security (국제컴퓨터통신보호논문지학회)
권호 표지
DOI QR코드

DOI QR Code

Certificate Revocation in Connected Vehicles

  • Sami S. Albouq (Faculty of Computer Science and Engineering, Islamic University of Madinah)
  • Received : 2023.05.05
  • Published : 2023.05.30
Download PDF
⟨ Previous Next ⟩

Abstract

In connected vehicles, drivers are exposed to attacks when they communicate with unauthenticated peers. This occurs when a vehicle relies on outdated information resulting in interactions with vehicles that have expired or revoked certificates claiming to be legitimate nodes. Vehicles must frequently receive or query an updated revoked certificate list to avoid communicating with suspicious vehicles to protect themselves. In this paper, we propose a scheme that works on a highway divided into clusters and managed by roadside units (RSUs) to ensure authenticity and preserve hidden identities of vehicles. The proposed scheme includes four main components each of which plays a major role. In the top hierarchy, we have the authority that is responsible for issuing long-term certificates and managing and controlling all descending intermediate authorities, which cover specific regions (e.g., RSUs) and provide vehicles with short-term pseudonyms certificates to hide their identity and avoid traceability. Every certificate-related operation is recorded in a blockchain storage to ensure integrity and transparency. To regulate communication among nodes, security managers were introduced to enable authorization and access right during communications. Together, these components provide vehicles with an immediately revoked certificate list through RSUs, which are provided with publish/subscribe brokers that enable a controlled messaging infrastructure. We validate our work in a simulated smart highway environment comprising interconnected RSUs to demonstrate our technique's effectiveness.

Keywords

References

  1. 2008. new jersey traffic and revenue study. state of new jersey department of treasury state house. 
  2. Yves Christian Elloh Adja, Badis Hammi, Ahmed Serhrouchni, and Sherali Zeadally. A blockchain-based certificate revocation management and status verification system. Computers & Security, 104:102209, 2021. 
  3. Sami S Albouq and Erik M Fredericks. Detection and avoidance of wormhole attacks in connected vehicles. In Proceedings of the 6th ACM Symposium on Development and Analysis of Intelligent Vehicular Networks and Applications, pages 107-116, 2017. 
  4. Philip Asuquo, Haitham Cruickshank, Jeremy Morley, Chibueze P Anyigor Ogah, Ao Lei, Waleed Hathal, Shihan Bao, and Zhili Sun. Security and privacy in location-based services for vehicular and mobile communications: an overview, challenges, and countermeasures. IEEE Internet of Things Journal, 5(6):4778-4802, 2018.  https://doi.org/10.1109/JIOT.2018.2820039
  5. Intelligent Transportation Systems Committee et al. Ieee standard for wireless access in vehicular environments-security services for applications and management messages. IEEE Std, pages 1609-2, 2013. 
  6. David Cooper, Stefan Santesson, Stephen Farrell, Sharon Boeyen, Russell Housley, and William Polk. Internet x. 509 public key infrastructure certificate and certificate revocation list (crl) profile. Technical report, 2008. 
  7. Mahdi Dibaei, Xi Zheng, Kun Jiang, Sasa Maric, Robert Abbas, Shigang Liu, Yuexin Zhang, Yao Deng, Sheng Wen, Jun Zhang, et al. An overview of attacks and defences on intelligent connected vehicles. arXiv preprint arXiv:1907.07455, 2019. 
  8. Pengfei Fan, Yazhen Liu, Jiyang Zhu, Xiongfei Fan, and Liping Wen. Identity management security authentication based on blockchain technologies. Int. J. Netw. Secur., 21(6):912-917, 2019.
  9. Matthias Gerlach, Andreas Festag, Tim Leinmuller, Gabriele Goldacker, and Charles Harsch. Security architecture for vehicular communication. In Workshop on intelligent transportation, 2007. 
  10. Dominique Guegan. Public blockchain versus private blockhain. 2017. 
  11. Sourav Sen Gupta. Blockchain. IBM Onlone (http://www.IBM.COM), 2017. 
  12. Hamssa Hasrouny, Abed Ellatif Samhat, Carole Bassil, and Anis Laouiti. Vanet security challenges and solutions: A survey. Vehicular Communications, 7:7-20,
  13. R Housley. Public key infrastructure certificate and certificate revocation list (crl) profile. RFC 3280-Internet X. 509, 2002. 
  14. Paul C Kocher. On certificate revocation and validation. In International conference on financial cryptography, pages 172-177. Springer, 1998. 
  15. Xie Kun, Wen Ji-Gang, Zhang Da-Fang, and Xie Gao-Gang. Bloom filter query algorithm. 2009. 
  16. Ao Lei, Yue Cao, Shihan Bao, Dasen Li, Philip Asuquo, Haitham Cruickshank, and Zhili Sun. A blockchain based certificate revocation scheme for vehicular communication systems. Future Generation Computer Systems, 110:892-903, 2020.  https://doi.org/10.1016/j.future.2019.03.039
  17. Ning Lu, Nan Cheng, Ning Zhang, Xuemin Shen, and Jon W Mark. Connected vehicles: Solutions and challenges. IEEE internet of things journal, 1(4):289-299, 2014.  https://doi.org/10.1109/JIOT.2014.2327587
  18. Zaigham Mahmood. Connected Vehicles in the Internet of Things. Springer, 2020. 
  19. Mark Manulis, Nils Fleischhacker, Felix Gunther, Franziskus Kiefer, and Bertram Poettrering. Group signatures: Authentication with privacy. Bundesamt fur Sicherheit in der Informationstechnik, Bonn, Germany, Tech. Rep, 2012. 
  20. Michael Nofer, Peter Gomber, Oliver Hinz, and Dirk Schiereck. Blockchain. Business & Information Systems Engineering, 59(3):183- 187, 2017.  https://doi.org/10.1007/s12599-017-0467-3
  21. Panos Papadimitratos, Arnaud De La Fortelle, Knut Evenssen, Roberto Brignolo, and Stefano Cosenza. Vehicular communication systems: Enabling technologies, applications, and future outlook on intelligent transportation. IEEE communications magazine, 47(11):84-95, 2009. 
  22. Giovanni Rigazzi, Andrea Tassi, Robert J Piechocki, Theo Tryfonas, and Andrew Nix. Optimized certificate revocation list distribution for secure v2x communications. In 2017 IEEE 86th Vehicular Technology Conference (VTC-Fall), pages 1-7. IEEE, 2017. 
  23. Jun Shao, Xiaodong Lin, Rongxing Lu, and Cong Zuo. A threshold anonymous authentication protocol for vanets. IEEE Transactions on Vehicular Technology, 65(3):1711-1720, 2016.  https://doi.org/10.1109/TVT.2015.2405853
  24. Ahren Studer, Elaine Shi, Fan Bai, and Adrian Perrig. Tacking together efficient authentication, revocation, and privacy in vanets. In 2009 6th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks, pages 1-9. IEEE, 2009. 
  25. Albert Wasef and Xuemin Shen. Edr: Efficient decentralized revocation protocol for vehicular ad hoc networks. IEEE Transactions on Vehicular Technology, 58(9):5214-5224, 2009.  https://doi.org/10.1109/TVT.2009.2023662
  26. Lei Zhang, Qianhong Wu, Agusti Solanas, and Josep Domingo-Ferrer. A scalable robust authentication protocol for secure vehicular communications. IEE