OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...
Transcript of OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...
![Page 1: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/1.jpg)
KTH ROYAL INSTITUTEOF TECHNOLOGY
Secure and Privacy Preserving
Vehicular Communication Systems:
Identity and Credential Management
Infrastructure
Mohammad KhodaeiNetworked Systems Security Group (NSS)
November 1, 2016
July 2, 2018
![Page 2: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/2.jpg)
Outline
Secure Vehicular Communication (VC) Systems
Problem Statement
System Model
Security and Privacy Analysis
Performance Evaluation
Summary of Contributions and Future Steps
2/38
![Page 3: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/3.jpg)
Vehicular Communication (VC) Systems
Figure: Photo Courtesy of the Car2Car CommunicationConsortium (C2C-CC)
3/38
![Page 4: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/4.jpg)
Security and Privacy for VC Systems1
Basic Requirements
◮ Message authentication & integrity
◮ Message non-repudiation
◮ Access control
◮ Entity authentication
◮ Accountability
◮ Privacy protection
Vehicular Public-Key Infrastructure (VPKI)◮ Pseudonymous authentication
◮ Trusted Third Party (TTP):
◮ Certification Authority (CA)
◮ Issues credentials & binds users to their pseudonyms
1P. Papadimitratos, et al. “Securing Vehicular Communications - Assumptions, Require-
ments, and Principles,” in ESCAR, Berlin, Germany, pp. 5-14, Nov. 2006.P. Papadimitratos, et al. “Secure Vehicular Communication Systems: Design and Architec-
ture,” in IEEE Communications Magazine, vol. 46, no. 11, pp. 100-109, Nov. 2008.
4/38
![Page 5: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/5.jpg)
Security and Privacy for VC Systems (cont’d)
◮ Sign packets with the private key, corresponding to the current
valid pseudonym
◮ Verify packets with the valid pseudonym
◮ Cryptographic operations in a Hardware Security Module (HSM)
5/38
![Page 6: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/6.jpg)
State-of-the-art
Standardization and harmonization efforts
◮ IEEE 1609.2 [1], ETSI [2] and C2C-CC [3]
◮ VC related specifications for security and
privacy-preserving architectures
Projects
◮ SEVECOM, EVITA, PRECIOSA, OVERSEE,
DRIVE-C2X, Safety Pilot, PRESERVE, CAMP-VSC3
Proposals
◮ V-Token [4], CoPRA [5], SCMS [6], SEROSA [7],
PUCA [8]
6/38
![Page 7: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/7.jpg)
Outline
Secure Vehicular Communication (VC) Systems
Problem Statement
System Model
Security and Privacy Analysis
Performance Evaluation
Summary of Contributions and Future Steps
7/38
![Page 8: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/8.jpg)
Problem Statement and MotivationThe design of a VPKI
◮ Resilience
◮ Stronger adversarial model (than fully-trustworthy entities)
◮ User privacy protection against “honest-but-curious” entities◮ User privacy enhancement and service unlinkability
(inference of service provider or time)
◮ Pseudonym acquistion policies
◮ How should each vehicle interact with the VPKI, e.g., how
frequently and for how long?◮ Should each vehicle itself determine the pseudonym
lifetime?
◮ Operation across multiple domains, thus a scalable design
◮ Efficiency and robustness
8/38
![Page 9: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/9.jpg)
Security and Privacy Requirements for the VPKIProtocols
◮ Authentication, communication integrity and confidentiality
◮ Authorization and access control
◮ Non-repudiation, accountability and eviction (revocation)
◮ Privacy◮ Anonymity (conditional)◮ Unlinkability
◮ Thwarting Sybil-based misbehavior
◮ Availability
9/38
![Page 10: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/10.jpg)
Adversarial Model
External adversaries
Internal adversaries
Stronger adversarial model
Protection against honest-but-curious VPKI entities
◮ Correct execution of protocols but motivated to profile users
◮ Concealing pseudonym provider identity and acquisition time, and
reducing pseudonyms linkability (inference based on time)
Multiple VPKI entities could collude
10/38
![Page 11: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/11.jpg)
Outline
Secure Vehicular Communication (VC) Systems
Problem Statement
System Model
Security and Privacy Analysis
Performance Evaluation
Summary of Contributions and Future Steps
11/38
![Page 12: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/12.jpg)
Secure VC System
◮ Root Certification Authority (RCA)
◮ Long Term CA (LTCA)
◮ Pseudonym CA (PCA)
◮ Resolution Authority (RA)
◮ Lightweight Directory Access Protocol (LDAP)
◮ Roadside Unit (RSU)
◮ Trust established with RCA, or through cross
certification
RSU3/4/5G
PCA
LTCA
PCA
LTCA
RCA
PCA
LTCA
BAA certifies B
Cross-certificationCommunication link
Domain A Domain B Domain C
RARA
RA
B
X-Cetify
LDAP LDAP
Message dissemination
{Msg}(Piv),{Pi
v}(PCA)
{Msg}(Piv),{Pi
v}(PCA)
Figure: VPKI Overview
12/38
![Page 13: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/13.jpg)
System Model
F-LTCA
PCA
H-LTCA
RCABAA certifies B
Communication link
Home Domain (A) Foreign Domain (B)LDAP
PCA
RA RA
1. LTC 2. n-tkt
I. f-tkt req.
II. f-tkt III. n-tkt
3. psnym req.
4. psnyms acquisition
IV. psnym req.
V. psnyms acquisition
Figure: VPKI Architecture
13/38
![Page 14: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/14.jpg)
Pseudonym Acquisition Policies
User-controlled policy (P1)
Oblivious policy (P2)
Universally fixed policy (P3)
ΓP3ΓP3 ΓP3
System Time
Trip Duration
}τP
}τP
}
τP
}
τP
}
τP
}
τP
}
τP
}
τP
ΓP2ΓP2
}
τP
}
τP
}
τP
}
τP
}
τP
}τP
}τP
}
τP
}
τP
}
τP
}τP
Unused
Pseudonyms
tstart
Expired
Pseudonym
tend
◮ P1 & P2: Requests could act as user “fingerprints”; the exact time
of requests and all subsequent requests until the end of trip could
14/38
![Page 15: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/15.jpg)
Vehicle Registration and Long Term Certificate(LTC) Update
V H-LTCA
1. LKv, Lkv
2. (LKv)σLkv, N, t
3. Cert(LTCltca, LKv)
4. LTCv, N + 1, t
15/38
![Page 16: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/16.jpg)
Ticket and Pseudonym Acquisition
V H-LTCA PCA
1. H(PCAID ‖Rnd256), ts, te, LTCv, N, t
2. Cert(LTCltca, tkt)
3. tkt,N + 1, t
4. tkt, Rnd256, ts′ , te′ , {(K1
v )σk1v
, ..., (Knv )σkn
v
}, N ′, t
5. Cert(LTCpca, Piv)
6. {P 1
v , . . . , Pnv }, N
′ + 1, t
16/38
![Page 17: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/17.jpg)
Roaming User: Foreign Ticket Authentication
V LDAP H-LTCA
1. LDAP Req.
2.LDAP Search
3. LDAP Res.
4. H(F -LTCAID ‖Rnd256), ts, te, LTCv, N, t
5. Cert(LTCltca, f -tkt)
6. f -tkt,N + 1, t
17/38
![Page 18: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/18.jpg)
Native Ticket and Pseudonym Acquisition in theForeign Domain
V F -LTCA PCA
1. f -tkt,H(PCAID||Rnd′256
), Rnd256, N, t
2.Cert(LTCltca, n-tkt)
3. n-tkt,N + 1, t
4. n-tkt, Rnd′256
, ts′ , te′ , {(K1
v)σk1v
, ..., (Knv )σkn
v
}, N ′, t
5. Cert(LTCpca, Piv)
6. {P 1
v , . . . , Pnv }, N
′ + 1, t
18/38
![Page 19: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/19.jpg)
Pseudonym Revocation and Resolution
RA PCA LTCA
1. Pi, N, t
2.Update CRL
3. tkt,N + 1, t
4.SNtkt, N′, t
5.Resolve LTCv
6.LTCv, N′ + 1, t
19/38
![Page 20: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/20.jpg)
Outline
Secure Vehicular Communication (VC) Systems
Problem Statement
System Model
Security and Privacy Analysis
Performance Evaluation
Summary of Contributions and Future Steps
20/38
![Page 21: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/21.jpg)
Security and Privacy Analysis◮ Communication integrity, confidentiality, and non-repudiation
◮ Certificates, TLS and digital signatures
◮ Authentication, authorization and access control◮ LTCA is the policy decision and enforcement point◮ PCA grants the service◮ Security association discovery through LDAP
◮ Concealing PCAs, F-LTCA, actual pseudonym acquisition period◮ Sending H(PCAid‖Rnd256), ts , te , LTCv to the H-LTCA◮ PCA verifies if [t ′s, t ′e ] ⊆ [ts , te]
◮ Thwarting Sybil-based misbehavior◮ LTCA never issues valid tickets with overlapping lifetime (for a given
domain)◮ A ticket is bound to a specific PCA◮ PCA keeps records of ticket usage
21/38
![Page 22: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/22.jpg)
Linkability based on Timing Informationof Credentials
0 5 10 15 20 25 30 35 40 45 50 55 60
System Time [min.]
0
1
2
3
4
5
6
7
8
9
10
τP= 5min.
0 5 10 15 20 25 30 35 40 45 50 55 60
System Time [min.]
0
1
2
3
4
5
6
7
8
9
10
τP= 5min., ΓP2= 15min.
0 5 10 15 20 25 30 35 40 45 50 55 60
System Time [min.]
0
1
2
3
4
5
6
7
8
9
10
τP= 5min., ΓP3= 15min.
(a) P1: User-controlled policy (b) P2: Oblivious policy (c) P3: Universally fixed policy
◮ Non-overlapping pseudonym lifetimes from eavesdroppers’ perspective
◮ P1 & P2: Distinct lifetimes per vehicle make linkability easier(requests/pseudonyms could act as user ‘fingerprints’)
◮ P3: Uniform pseudonym lifetime results in no distinction
22/38
![Page 23: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/23.jpg)
Outline
Secure Vehicular Communication (VC) Systems
Problem Statement
System Model
Security and Privacy Analysis
Performance Evaluation
Summary of Contributions and Future Steps
23/38
![Page 24: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/24.jpg)
Experimental Setup (#1)
◮ VPKI testbed
◮ Implementation in C++
◮ OpenSSL: Transport Layer Security (TLS)
and Elliptic Curve Digital Signature
Algorithm (ECDSA)-256 according to the
standard [1]
◮ Network connectivity
◮ Varies depending on the actual OBU-VPKI
connectivity
◮ Reliable connectivity to the VPKI (e.g., RSU,
Cellular, opportunistic WiFi)
Table: Servers and Clients Specifications
LTCA PCA RA Clients
VM Number 2 5 1 25
Dual-core CPU (Ghz) 2.0 2.0 2.0 2.0
BogoMips 4000 4000 4000 4000
Memory 2GB 2GB 1GB 1GB
Database MySQL MySQL MySQL MySQL
Web Server Apache Apache Apache -
Load Balancer Apache Apache - -
Emulated Threads - - - 400
◮ Use cases◮ Pseudonym provision
◮ Performing a DDoS attack
24/38
![Page 25: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/25.jpg)
Client and LTCA Performance Evaluation
1 10 100 200 500 10000
200
400
600
800
1000
1200
1400
1600
1800
2000
2200
2400
Number of Pseudonyms in a Request
En
tire
Tim
e [
ms]
Entire Ticket OperationsEntire Operations on PCANetworking DelayVehicle Pseudonym Verification
0 600 1200 1800 2400 3000 36000
4
8
12
16
20
24
Time [sec]
Pro
ce
ssin
g T
ime
[m
s]
One ticket per request
Client processing time LTCA performance
◮ Delay to obtain pseudonyms◮ LTCA response time to issue a ticket
25/38
![Page 26: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/26.jpg)
PCA Performance Evaluation
0 600 1200 1800 2400 3000 36000
100
200
300
400
500
600
Time [sec]
Pro
ce
ssin
g T
ime
[m
s]
100 psnyms per request
Server failure
0 100 200 300 400 500 600 700 8000
0.1
0.2
0.3
0.4
0.5
0.6
0.7
0.8
0.9
1
Processing Time [msec]
Cu
mu
lative
Pro
ba
bili
ty
Empirical CDF
10 psnyms per request
20 psnyms per request
50 psnyms per request
100 psnyms per request
200 psnyms per request
Issuing 100 pseudonyms per request PCA performance under different configuration
◮ PCA response time, including a crash failure
◮ Efficient provision for pseudonyms, with different configurations
◮ Obtaining 200 pseudonyms: Fx (t=500)=0.9 or Pr{t≤500}=0.9
26/38
![Page 27: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/27.jpg)
The VPKI Servers under a DDoS Attack
0 200 500 1K 2K 5K 10K 20K0
1
2
3
4
5
6
7
8
9
Attackers Number
Ave
rag
e N
um
be
r o
f L
eg
itim
ate
Re
q.
(pe
r S
ec.)
0 200 500 1K 2K 5K 10K 20K0
0.5
1
1.5
2
2.5
3
3.5
Attackers Number
Ave
rag
e N
um
be
r o
f L
eg
itim
ate
Re
q.
(pe
r S
ec.)
LTCA performance PCA performance
◮ 10K legitimate vehicles, requesting 100 pseudonyms every 10 minutes
◮ Up to 20K attackers, sending requests every 10 seconds
◮ An LTCA is more resistant to DDoS than a PCA
27/38
![Page 28: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/28.jpg)
Experimental Setup (#2)
Table: Mobility Traces Information
TAPASCologne LuST
Number of vehicles 75,576 138,259
Number of trips 75,576 287,939
Duration of snapshot (hour) 24 24
Available duration of snapshot (hour) 2 (6-8 AM) 24
Average trip duration (sec.) 590.49 692.81
Total trip duration (sec.) 44,655,579 102,766,924
◮ Main metric
◮ End-to-end pseudonym
acquisition latency from the
initialization of ticket acquisition
protocol till successful
completion of pseudonym
acquisition protocol
Table: Servers & Clients Specifications
LTCA PCA Client
Number of entities 1 1 1
Dual-core CPU (Ghz) 2.0 2.0 2.0
BogoMips 4000 4000 4000
Memory 2GB 2GB 1GB
Database MySQL MySQL MySQL
◮ N.B. PRESERVE Nexcom boxes specs:
dual-core 1.66 GHz, 2GB Memory
28/38
![Page 29: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/29.jpg)
End-to-end Latency for P1, P2, and P3
Choice of parameters:
◮ Frequency of interaction and volume
of workload to a PCA
◮ Γ=5 min., τP=0.5 min., 5 min.
LuST dataset (τP = 0.5 min):
◮ P1: Fx(t = 167 ms) = 0.99
◮ P2: Fx(t = 80 ms) = 0.99
◮ P3: Fx(t = 74 ms) = 0.99
(P1)
(P2)
(P3)
TAPASCologne dataset LuST dataset
0 20 40 60 80 100 120System Time [min.]
0
20
40
60
80
100
120
140
End-to-E
ndLatency
[ms]
User-controlled Policy (P1): 1 LTCA and 1 PCA
τP= 0.5min.
τP= 5min.
0 200 400 600 800 1000 1200 1400System Time [min.]
0
20
40
60
80
100
120
140
End-to-E
ndLatency
[ms]
User-controlled Policy (P1): 1 LTCA and 1 PCA
τP= 0.5min.
τP= 5min.
0 20 40 60 80 100 120System Time [min.]
0
20
40
60
80
100
120
140
End-to-E
ndLatency
[ms]
Oblivious Policy (P2): 1 LTCA and 1 PCA
τP= 0.5min.
τP= 5min.
0 200 400 600 800 1000 1200 1400System Time [min.]
0
20
40
60
80
100
120
140
End-to-E
ndLatency
[ms]
Oblivious Policy (P2): 1 LTCA and 1 PCA
τP= 0.5min.
τP= 5min.
0 20 40 60 80 100 120System Time [min.]
0
20
40
60
80
100
120
140
End-to-E
ndLatency
[ms]
Universally Fixed Policy (P3): 1 LTCA and 1 PCA
τP= 0.5min.
τP= 5min.
0 200 400 600 800 1000 1200 1400System Time [min.]
0
20
40
60
80
100
120
140
End-to-E
ndLatency
[ms]
Universally Fixed Policy (P3): 1 LTCA and 1 PCA
τP= 0.5min.
τP= 5min.
29/38
![Page 30: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/30.jpg)
The VPKI Servers under a DDoS Attack
0 200 400 600 800 1000Faked Requests [per sec.]
0
50
100
150
200
250
300
350
400
Overh
ead[m
s]
The VPKI Servers under a DDoS Attack: 1 LTCA and 1 PCA
No countermeasure
With countermeasure (L=5)
Figure: Overhead to obtain pseudonyms, LuST dataset with P1 (τP = 5 min.)
30/38
![Page 31: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/31.jpg)
Outline
Secure Vehicular Communication (VC) Systems
Problem Statement
System Model
Security and Privacy Analysis
Performance Evaluation
Summary of Contributions and Future Steps
31/38
![Page 32: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/32.jpg)
Summary of Contributions
1. Facilitating multi-domain operation
2. Offering increased user privacy protection◮ Honest-but-curious system entities◮ Eliminating pseudonym linking based on timing information
3. Eradication of Sybil-based misbehavior
4. Proposing multiple generally applicable pseudonym
acquisition policies
5. Detailed analysis of security and privacy protocols
6. Extensive experimental evaluation◮ Efficiency, scalability, and robustness◮ Achieving significant performance improvement◮ Modest VMs can serve sizable areas or domain
32/38
![Page 33: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/33.jpg)
Future Steps
VPKI enhancements
◮ Evaluation of the level of privacy, i.e., unlinkability, based on
the timing information of the pseudonyms for each policy
◮ Evaluation of actual networking latency, e.g., OBU-RSU
◮ Rigorous analysis of the security and privacy protocols
Efficient distribution of revocation information
◮ How to disseminate pseudonyms validity information
without interfering with vehicles operations?
33/38
![Page 34: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/34.jpg)
Original Work◮ N. Alexiou, M. Laganà, S. Gisdakis, M. Khodaei, and P. Papadimitratos, “VeSPA: Vehicular Security
and Privacy-preserving Architecture,” in ACM HotWiSec, Budapest, Hungary, Apr. 2013.
◮ M. Khodaei, H. Jin, and P. Papadimitratos, “Towards Deploying a Scalable & Robust Vehicular
Identity and Credential Management Infrastructure,” in IEEE VNC, Paderborn, Germany, Dec. 2014.
◮ M. Khodaei and P. Papadimitratos, “The Key to Intelligent Transportation: Identity and Credential
Management in Vehicular Communication Systems,” IEEE VT Magazine, vol. 10, no. 4, pp. 63-69,
Dec. 2015.
◮ M. Khodaei and P. Papadimitratos, “Evaluating On-demand Pseudonym Acquisition Policies in
Vehicular Communication Systems,” in ACM MobiHoc, Workshop on Internet of Vehicles and
Vehicles of Internet (IoV-VoI), Paderborn, Germany, July 2016.
◮ M. Khodaei, H. Jin, and P. Papadimitratos, “SECMACE: Scalable and Robust Identity and
Credential Management Infrastructure in Vehicular Communication Systems,” Submitted to the
IEEE Transactions on Intelligent Transportation Systems.
34/38
![Page 35: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/35.jpg)
Bibliography I
[1] “IEEE Standard for Wireless Access in Vehicular Environments - Security Services for Applicationsand Management Messages,” IEEE Std 1609.2-2016 (Revision of IEEE Std 1609.2-2013), Mar. 2016.
[2] T. ETSI, “ETSI TS 103 097 v1. 1.1-Intelligent Transport Systems (ITS); Security; Security Header andCertificate Formats, Standard, TC ITS,” Apr. 2013.
[3] Car-to-Car Communication Consortium (C2C-CC), June 2013. [Online]. Available:http://www.car-2-car.org/
[4] F. Schaub, F. Kargl, Z. Ma, and M. Weber, “V-tokens for Conditional Pseudonymity in VANETs,” inIEEE WCNC, NJ, USA, Apr. 2010.
[5] N. Bißmeyer, J. Petit, and K. M. Bayarou, “CoPRA: Conditional Pseudonym Resolution Algorithm inVANETs,” in IEEE WONS, Banff, Canada, pp. 9–16, Mar. 2013.
35/38
![Page 36: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/36.jpg)
Bibliography II
[6] W. Whyte, A. Weimerskirch, V. Kumar, and T. Hehn, “A Security Credential Management System forV2V Communications,” in IEEE VNC, Boston, MA, pp. 1–8, Dec. 2013.
[7] S. Gisdakis, M. Laganà, T. Giannetsos, and P. Papadimitratos, “SEROSA: SERvice Oriented SecurityArchitecture for Vehicular Communications,” in IEEE VNC, Boston, MA, USA, Dec. 2013.
[8] D. Förster, H. Löhr, and F. Kargl, “PUCA: A Pseudonym Scheme with User-Controlled Anonymity forVehicular Ad-Hoc Networks (VANET),” in IEEE VNC, Paderborn, Germany, Dec. 2014.
[9] M. Khodaei, “Secure Vehicular Communication Systems: Design and Implementation of a VehicularPKI (VPKI),” Master’s thesis, Lab of Communication Networks (LCN), KTH University, Oct. 2012.
[10] N. Alexiou, M. Laganà, S. Gisdakis, M. Khodaei, and P. Papadimitratos, “VeSPA: Vehicular Securityand Privacy-preserving Architecture,” in Proceedings of the 2nd ACM workshop on Hot topics onwireless network security and privacy, Budapest, Hungary, pp. 19–24, Apr. 2013.
36/38
![Page 37: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/37.jpg)
Bibliography III
[11] M. Khodaei, H. Jin, and P. Papadimitratos, “Towards Deploying a Scalable & Robust Vehicular Identityand Credential Management Infrastructure,” in IEEE Vehicular Networking Conference (VNC),Paderborn, Germany, pp. 33–40, Dec. 2014.
[12] M. Khodaei and P. Papadimitratos, “The Key to Intelligent Transportation: Identity and CredentialManagement in Vehicular Communication Systems,” IEEE VT Magazine, vol. 10, no. 4, pp. 63–69,Dec. 2015.
[13] ——, “Evaluating On-demand Pseudonym Acquisition Policies in Vehicular Communication Systems,”in Proceedings of the First International Workshop on Internet of Vehicles and Vehicles of Internet,Paderborn, Germany, pp. 7–12, July 2016.
[14] “Preparing Secure Vehicle-to-X Communication Systems - PRESERVE.” [Online]. Available:http://www.preserve-project.eu/
37/38
![Page 38: OF TECHNOLOGY Secure and Privacy Preserving Vehicular ...](https://reader034.fdocuments.in/reader034/viewer/2022051315/627ac202e1e18c23897a5353/html5/thumbnails/38.jpg)
Secure and Privacy Preserving VehicularCommunication Systems: Identity andCredential Management Infrastructure
Licentiate Defense
Mohammad Khodaei
Networked Systems Security Group (NSS)
www.ee.kth.se/nss
38/38