blindCertificate-CCNC2011

blindCertificate-CCNC2011 - The 8th Annual IEEE Consumer...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
One-way-linkable Blind Signature Security Architecture for VANET Baber Aslam and Cliff C. Zou Dept. of Electrical Engineering and Computer Science University of Central Florida, Orlando, FL, USA Abstract — Security attributes of a Vehicular ad hoc network (VANET) include confidentiality, integrity, authentication, non- repudiation (liability), revocation and privacy. Privacy, having characteristics opposing to the rest of the attributes, makes design of a security architecture quite difficult. A commonly used solution is to have a large number of temporary certificates (i.e., pseudonyms) to achieve these security attributes. To guard against their malicious use, these pseudonyms are stored in expensive tamper-proof-devices (TPDs). Further, a large number of valid pseudonyms, at any given time, make non-repudiation and revocation quite complex and difficult to achieve. Another solution is to get pseudonyms blindly signed from a certificate server, thus eliminating the need of TPDs (given the pseudonyms are not generated in bulk). However, blind signatures provide unconditional privacy and thus require complex/multi- transaction procedures to ensure non-repudiation/revocation. We present a security architecture by revising the original Blind signature scheme. Our proposed architecture provides “one-way- link-ability” that helps to achieve all the security attributes without introducing complex/multi-transaction procedures. It does not require expensive TPDs or complex pseudonym issuance/revocation procedures and is especially suited to VANET during initial deployment phase which is characterized with intermittent connectivity. Further, non- repudiation/revocation requires cooperation between multiple entities thus ensuring privacy without a single point of failure. Keywords- security; privacy; VANET; Blind certificate I. INTRODUCTION Vehicular ad hoc network (VANET) is characterized by dynamic topology and membership. Vehicles may cross city/county/state/country boundaries thus leaving one network and joining another. Further, the initial deployment stages of VANET will have sparsely/widely spaced roadside units (RSUs) thus resulting in intermittent vehicle to infrastructure communication with long blackouts. The desired security attributes for VANET include authentication, confidentiality, integrity, non-repudiation, revocation and privacy. It is important to note that privacy is the most important attribute, but at the same time it is in conflict with other attributes thus complicating the design of VANET security architecture. The simplest security architecture is to assign a single permanent certificate to each vehicle, this ensures authentication, confidentiality, integrity, non-repudiation, revocation but not the privacy. To address privacy, basic architecture can be extended to use multiple temporary certificates (normally referred as pseudonyms) instead of one permanent certificate; this ensures privacy since pseudonyms cannot be linked with each other and to the user [1-6]. Different
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 08/25/2011 for the course EEL 5937 taught by Professor Staff during the Spring '08 term at University of Central Florida.

Page1 / 6

blindCertificate-CCNC2011 - The 8th Annual IEEE Consumer...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online