Browse > Article
http://dx.doi.org/10.5573/ieek.2013.50.6.167

Cryptanalysis of an Identity-Based Message Authentication Scheme in VANETs  

Ryu, Eun-Kyung (EECS, Kyungpook National University)
Lee, Sung-Woon (Department of Information Security, Tongmyong University)
Yoo, Kee-Young (School of Computer Science and Engineering, Kyungpook National University)
Publication Information
Journal of the Institute of Electronics and Information Engineers / v.50, no.6, 2013 , pp. 167-172 More about this Journal
Abstract
In a paper recently published in the International Journal of Parallel, Emergent and Distributed Systems, Biswas et al. proposed a VANET message authentication scheme which uses an identity-based proxy signature mechanism as an underlying primitive. The authors claimed that their scheme supports various security features including the security of proxy-key, the security against message forgery and the security against replay attack, with non-repudiation and resistance to proxy-key compromise. Here, we show how an active attacker, who has no knowledge of an original message sender's private key, can compute the proxy-signature key of the corresponding message sender, meaning that the scheme is completely insecure. We also suggest an enhanced version of the protocol capable of solving such serious security holes.
Keywords
Message Authentication; Identity-based Proxy Signature; Vehicular Ad-hoc Networks;
Citations & Related Records
연도 인용수 순위
  • Reference
1 A. Shamir, "Identity-based Cryptosystems and Signature Schemes," in Proceedings of CRYPTO 84 on Advances in Cryptology, Springer-Verlag, pp. 47-53, 1985.
2 A. Studer, F. Bai, B. Bellur, and A. Perrig, "Flexible, Extensible, and Efficient VANET Authentication," in Proceedings of the 6th Embedded Security in Cars Workshop (ESCAR), 2008.
3 B. Parno and A. Perrig, "Challenges in Securing Vehicular Networks," in Proceedings of Workshop on Hot Topics in Networks (HotNets-IV), 2005.
4 F. Kargl, E. Schoch, B. Wiedersheim, and T. Leinm, "Secure and Efficient Beaconing for Vehicular Networks", In Proceeding of 5th ACM VANET, 2008.
5 M. Raya and J.P. Hubaux, "The Security of Vehicular Ad hoc Networks," in Proceedings of the 3rd ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN '05), 2005.
6 M. Mambo, K. Usuda, and E. Okamoto, "Proxy Signatures for Delegating Signing Operation, in Proceedings of the 3rd ACM Conference on Computer and Communications Security, pp. 48-57, 1996.
7 P. Papadimitratos, V. Gligor, and J. Hubaux, "Securing Vehicular Communications Assumptions, Requirements, and Principles," in Proceedings of Workshop on Embedded Security in Cars (ESCAR), 2006.
8 P. Papadimitratos, P. Buttyan, T. Holczer, et al, "Secure Vehicular Communications: Design and Architecture Application and Management Services," IEEE Communications Magazine 46(11), pp. 100-109, 2008.
9 S. Biswas, J. Misic, and V. Misic, "An Identity-based Authentication Scheme for Safety Messages in WAVE-enabled VANETs," International Journal of Parallel, Emergent and Distributed Systems, DOI:10.1080/7445760.011.41965, 2012.   DOI
10 IEEE Std 1609.2, IEEE Trial-use Standard for Wireless Access in Vehicular Environments (WAVE)-Security Services for Applications and Management Messages, IEEE, 2006.