WO2012007609A1 - System for securely communicating in a spontaneous self-managed ad-hoc vehicular network - Google Patents

System for securely communicating in a spontaneous self-managed ad-hoc vehicular network

Info

Publication number
WO2012007609A1
WO2012007609A1 PCT/ES2011/000220 ES2011000220W WO2012007609A1 WO 2012007609 A1 WO2012007609 A1 WO 2012007609A1 ES 2011000220 W ES2011000220 W ES 2011000220W WO 2012007609 A1 WO2012007609 A1 WO 2012007609A1
Authority
WO
Grant status
Application
Patent type
Prior art keywords
node
module
key
nodes
based
Prior art date
Application number
PCT/ES2011/000220
Other languages
Spanish (es)
French (fr)
Inventor
Gil Pino Caballero
Gil Candido Caballero
Gil Jezabel Molina
Original Assignee
Universidad De La Laguna
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATIONS NETWORKS
    • H04W12/00Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
    • H04L63/0823Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
    • H04L63/0869Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATIONS NETWORKS
    • H04W12/00Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity
    • H04W12/04Key management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATIONS NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information
    • H04W4/04Services making use of location information using association of physical positions and logical data in a dedicated environment, e.g. buildings or vehicles
    • H04W4/046Services making use of location information using association of physical positions and logical data in a dedicated environment, e.g. buildings or vehicles involving vehicles, e.g. floating traffic data [FTD] or vehicle traffic prediction
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATIONS NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/80Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATIONS NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/02Access restriction performed under specific conditions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATIONS NETWORKS
    • H04W84/00Network topologies
    • H04W84/18Self-organising networks, e.g. ad-hoc networks or sensor networks

Abstract

System for securely communicating in a spontaneous self-managed ad-hoc vehicular network, without infrastructures on either the road or in vehicles, using only mobile devices with a global satellite navigation system receiver and with wireless communication and computation capability such as mobile telephones, PDAs and portable computers. The operating mode envisaged in the invention is completely distributed and decentralized and takes into account the protection of the privacy of the drivers and defence against possible attacks.

Description

Secure communications system in a vehicular ad-hoc spontaneous self-managed network The present invention relates to a secure communications system in a spontaneous, self-managed vehicular ad-hoc (VANET) network.

The invention is applicable in the field of telecommunications, particularly in mobile and wireless communications between vehicles.

BACKGROUND OF THE INVENTION

The present invention relates to the security of communications in the ad-hoc vehicle or VANETs (Vehicular Ad-hoc Networks) networks. Such security now represents a challenge to resolve since it is expected that these networks shall in the not too distant future a major revolution for the safety and comfort of road transport.

VANETs in messages exchanged between vehicles influence the behavior of their drivers as these for example, reduce the speed and / or choose alternative routes depending on the information received. Any malicious user could try to exploit this situation, carrying out any of the following attacks:

- Injection of false, altered or repeated information, disseminating erroneous information which may affect other vehicles, either for the benefit of the attacker for example by getting free one-way, or simply for misconduct for example to produce a jam.

- Spoof (impersonating example by an emergency vehicle) or manipulation of information sent (altering data as position, direction, speed, etc.) for example to attempt escape responsibilities to have caused an accident.

- Monitoring of drivers and / or vehicles, threatening their privacy and anonymity.

- Denial of service, causing the loss of network connectivity. Therefore, the security of communications is essential when such threats and prevent possible deployment of VANETs factor.

Several initiatives both from industry and academia aimed at making possible future exploitation of the VANET. However, all existing proposals have in common the hypothetical prior existence of an infrastructure on the road or RSU (Road-Side Unit) and / or the use of mobile and / or Internet and / or devices on vehicles or OBUs (On-Board Units). For example, the draft standard communications VANETs, ​​[IEEE 802.1 lp WAVE (Wireless Access Vehicular Environments for, http://grouper.ieee.org/groups/802/ll/Reports)] being developed by a consortium Car-2-Car (http://www.car-to-car.org) assumes that VANETs combine various wireless technologies such as Cellular, Satellite, WiMAX (Woridwide Interoperability for Microwave Access, http: //www.ieee802. org / 16) and DSR communications (Dedicated Short Range).

Similarly, the CALM architecture (Communications, Air Interface, Long and Medium range, http://www.isotc204wgl6.org/concept) also being standardized by the ISO (International Organization for Standar dizatiori) organization, aims to support communications in mobile environments and particularly STI (Intelligent Transportation Systems), by the combined use of various wireless technologies such as WAVE, UMTS (Universal mobile Telecommunications System, http://www.3GPP.org), WiMAX or RFID ( Radio Frequency IDentification), and the implementation of various international standards, interfaces and media such as IEEE 802.11, 802.1 lp, 802.15, 802.16e, 802.20, mobile 2G / 3G / 4G, and national STI.

In both standards, communications security is based on the combination of the technologies mentioned, generally assuming the use of public key infrastructures with based on centralized authorities certification, which implies the need for prior implementation of RSUs on roads and OBUs vehicles. Furthermore, the solutions proposed in various research projects are based on the availability of OBUs in vehicles, and / or RSUs on the road, which would involve a large initial outlay by the State and / or users. In fact, most of the research efforts in this field is being done from the auto companies, so that proposals usually assumed that the integrated vehicle OBUs there is a black box, a certified identity, sensors to detect obstacles a human-machine interface, and tamper-proof device to make calculations, and a receiver of a satellite navigation and Wi-Fi device.

Among the scientific publications related to safety in VANET, they include the following:

- [Philippe Golle, Dan Greene and Jessica Staddon, "Detecting and correcting malicious data in VANETs" lst ACM intemational workshop on Vehicular ad hoc networks pp. 29-37. 2004]. It proposes the use of sensors to detect incorrect information.

- [Maxim Raya and Jean-Pierre Hubaux, "The security of vehicular ad hoc networks", 3rd ACM Workshop on Security of ad hoc and sensor networks pp. 11-21. 2005]. It assumes the existence of certification authorities to issue certificates to vehicles that are proposing government authorities or vehicle manufacturers.

- [Florian Dótzer, "Privacy Issues in Vehicular Ad Hoc Networks", Lecture Notes in Computer Science 3856 pp. 197-209. 2006]. Involves the participation of vehicle manufacturers as during the production of each vehicle must establish a secure connection to a certification authority to validate the OBU.

Among the patents include the following documents related to the VANET.

US2008002635 and US2008002574: propose a method for managing communications traffic, measuring local levels and defining a microutilidad of data to be transmitted to select the transmission medium. - US20080279141: describes a method of assigning channels to multihop communications between a node and the other for sending information by routing.

- WO2008092475: proposes the dissemination of information via unicast.

- WO2008104673: raises the estimate of the density of nodes by dividing into geographical cells in which the closest to the center node is responsible for adding and relay information.

- WO2008119948: based on mobile phone use to define an algorithm routing information between two nodes.

- WO2009024945: describes a method for synchronizing radio communications by periodic beacons clock signals including devices.

- WO2009053657: proposes that road intersections the information broadcast is carried out through a selected node within a group based on the estimated time to reach the intersection.

- WO2010020260: presents a method for sending information from a source node to a destination node by routing through intermediate nodes.

- WO2010040372: presupposes the use of an infrastructure on the road to control the communications load the wireless channel, defining priorities on messages to establish their handling characteristics. However, it has not found any precedent describing a safe and economical solution proposals so far.

DESCRIPTION OF THE INVENTION From the above, it is an object of the present invention to provide a secure communications system in a spontaneous, self-managed vehicular ad-hoc (VANET) network.

This object is achieved by a secure communications system in a spontaneous, self-managed vehicular ad-hoc network comprising:

- a key generation module identity and digital signature;

- a module containing client / server architecture with the possibility of connecting to multiple users simultaneously; - a module for wireless multicast sending and receiving beacons with varying pseudonyms;

- a module for mutual authentication nodes, fixed exchange public keys, temporary secret keys, and stores public keys based on an interactive challenge-response scheme;

- an upgrade module stores public keys;

- a module reputation nodes, which erases stores dishonest nodes, by deleting its public key certificate stores;

- an encryption module data exchange static and dynamic elements of the road, using a temporary secret key of the issuer;

- an authentication module data by checking for matches with other messages received by data aggregation. In this sense, the invention avoids the need to install any infrastructure or in the vehicle or on the road, which means a saving in economic investment and waiting time for the development of multiple applications of vehicular networks, allowing put up the VANETs without any investment from governments, automobile companies or phone companies.

a system of secure communications is presented here in a spontaneous and self-organized vehicular ad-hoc network without infrastructure or road or vehicle, using only mobile devices with receiver of a satellite navigation and wireless communication capabilities and computer, such as mobile phones, PDAs and laptops.

The mode of operation provided by the invention is fully distributed and decentralized, and takes into account the protection of privacy of drivers and defense against possible attacks. Both issues involve the possibility of progressive deployment with effective functionality and safety from the outset. The key factors of the proposed design are: scalability and economy, authentication of nodes and information, privacy, promote cooperation, and low delay and stability of communications. a system that can be integrated into specific mobile devices or implemented in existing market as mobile phones equipped with suitable software devices is proposed.

The first fundamental element of the present invention is a method of self-managed authentication, which requires no intervention by certification authorities as they are the nodes themselves who certify the validity of the public keys of the nodes they trust, issuing them the certificates , which are stored in local warehouses and updated using an algorithm described here. In addition, the proposal authentication nodes includes a cryptographic protocol that allows each node to another node convince possession of some secret information transmitted without permits discover anything about that secret, preventing spoofing attacks possible.

A second essential element of this invention is a symmetric encryption algorithm used in different phases. For all those known design parameters assuring the safety of nonlinear filtrates stream ciphers are contemplated.

Finally the present invention also contemplates as third key element aggregation scheme data includes generating aggregates packets from as-hoc groups created for it, and the verification of digital signatures probabilistically.

In the present invention it assumes that each network node is characterized by the following parameters:

ID, (KUID, KRID), {IDI KUIDÍ, Cert (KU IDi)} IOI and store including:

- a unique identifier (denoted ID) obtained by applying a one way function on a single value. For example, if the used device is a mobile phone can use the number, while in other cases you can use an email address. The unidirectional function may be a hash function such as MD5.

- a fixed pair of public / private key (denoted (KU, KR) and calls identity keys for use in an asymmetric cryptosystem such as RSA.

- a warehouse containing several IDs and corresponding public keys and certificates Kus, the node maintains updated at all times, of the form:

KU ID i, Cert (KU 1D1)

KU ID2, Cert (KU 1D2)

KU ID3, Cert (KU ID3)

IDlím KUroiím, Cert (KU IDIÍm)

According to a preferred embodiment of the invention, the communication system can be used to reduce congestion on the road in which:

- the generation module identity keys and digital smoke is based on the generation of the decimal value corresponding to the upper triangular submatrix of symmetric adjacency matrix containing elements corresponding to a Hamiltonian circuit in a graph binary representation;

- multicast module sending and receiving wireless beacons with pseudonyms variables is based on the hash list of IDs of the nodes present in your store public keys at the time;

- the module for mutual authentication of nodes is based on a node B want to contact a node A first prompted the list of IDs from your store at the time, check coincidence of the hash with the pseudonym sent by A in its beacon, and respond indicating a key present X at the intersection of both stores. Then a demonstration of mutual no knowledge about public X key so that each node built from that key, considering it as Hamiltonian circuit, a graph G in which X is solution to the difficult problem of the Hamiltonian circuit, and it is done sent to another node. After at least two iterations of the show are made so that in a first step each node sends another as witness GI commitment A graph isomorphic to the graph previously sent. Then each node sends a random challenge to the other indicating whether to receive the other node isomorphism between two graphs or a Hamiltonian circuit graph isomorphic. After the demonstration of no knowledge, both nodes know they share the public key X, which used to encrypt using symmetric encryption described below, and send to the other node its own public key identity. After its temporary secret keys encrypted with the public key of another node and finally each uses its own temporary secret key to encrypt the symmetric encryption described below are exchanged, and send encrypted your key store, which is contrasted against the pseudonym remitted in the beacon and the list of IDs sent in the first step of authentication;

- the upgrade module stores public keys is based on using an algorithm where each node chooses to store in your store public key certificates those nodes most valid certificates issued or received. Certificates and store nodes are treated in this algorithm respectively as edges and vertices of a graph;

- module reputation of nodes is based on reflecting the behavior of a rogue node assigning in store negative weight to those for certificates issued or received by the edges, so that upon receiving such certificates negative weight, the apex leave progressively be present in the updated storage. This scheme is combined in the algorithm update stores with an allocation of weights to edges in the store, according to the following criteria: 2 for certificates issued or received directly by the node 1 for the remaining certificates for certificates denounced -2 directly by the node, and -1 for other nodes reported by certificates;

- encryption module data exchange is based on an encrypted bitstream using as sequence generator cifrante one decimating nonlinear filtering and buffer, a shift register polynomial primitive feedback on GF (2) of degree L equal the length of the key used at all times, fed with the seed formed by said key and polynomial feedback given by the primitive polynomial of smaller non-zero coefficients and number of said coefficients given by the smallest possible number greater than 0, 07 * L. The nonlinear function of filtering is to order the closest to L / 2 prime number p, includes a corresponding order to the linear term, plus a number of terms of each order i = l, 2, ..., p given by the integer part of L / i obtained by multiplying successive stages. The output of said nonlinear filtering is the tenth irregularly so that the output of register determines at all times whether the corresponding output of the filter is used or discarded, introduced in the first case in a buffer of size 4;

- the authentication module data based on an outline data aggregation based on reactive groups wherein each leader is responsible for building the package and add the signatures of all vehicles of the group, and where verification is performed according a probabilistic protocol which depends on the geographical area where each vehicle is located;

- a module for automatically detecting abnormal conditions for speed calculation, based on information received from a receiver of a satellite navigation is added. BRIEF DESCRIPTION OF THE FIGURES

For a better understanding of what has been outlined some drawings are attached in which, schematically and only by way of non-limiting example, a practical case of embodiment.

In the drawings,

1 shows a conceptual scheme of the communication system according to the invention including eight core modules key generation and signature (Cl), client / server (C2), sending and receiving beacons (C3), Authentication nodes (C4), Update stores (C5), reputation Scheme (C6), encryption Exchange (C7) and Authentication data (C8). The implementation of such modules is not necessarily sequential as C5 and C6 do not require interaction between nodes, while C7 and C8 each other so that C5 and C6 can run in parallel with C7 and C8. In fact, in the proposed embodiment described two modes such that in one implementation of C7 and C8 is required modules are proposed;

Figure 2 shows a diagram representing the client / server architecture with connection to multiple users simultaneously, and also the multicast sending and receiving wireless beacons;

Figure 3 shows a diagram of mutual authentication based on an interactive zero-knowledge proof between a pair of nodes A and B. In step B sending beacons is committed against the node A in order to demonstrate sending a control (DI ). If A wishes to contact B, it sends a random challenge (D2). Finally B returns the response (D3) corresponding to the challenge and the witness;

4 shows a diagram representing the property of the six degrees of separation in the vicinity of the certification public key between vehicles;

Figure 5 illustrates a scheme showing the proposed embodiment of the invention using the mobile phone associated first to the hands-free device of a vehicle, so that before starting the vehicle the user enters his destination and route preference and when the mobile receives information on abnormal speeds of your neighbors, and recommended recalculates the route suggested the driver;

6 shows an exemplification given generation public identity key Kuro from a graph and its adjacency matrix, using the elements of the upper triangular submatrix corresponding to a Hamiltonian circuit in the graph;

7 shows a diagram representing all interactions between two nodes A and B. First A B sends the hash {A} VDIDe store (Pl), in step (P2) requests the node B to the list of IDs their store, then a sends to B the set {a} VIDeAlmacén (P3), B checks whether a key Xe nAlmacéne} {store a and then sends it to the node a, (P4). A then builds and sends B a GA (X) (P5) graph. After at least two iterations of three steps in which first A sends B a GU (X) (P6) graph isomorphic to the graph GA (X) are performed, then B sends to the node A a random binary challenge (P7), and by value a to B it returns the isomorphism between both graphs or a Hamiltonian circuit GIA (X) (P8). Upon completion, A using X to encrypt the key KUA and send B the result EX (KUA) (P9), then B using KU A key to encrypt the key ¾ and send to node A the KUA result (K b) ( CHEEP). Finally, KA uses his key to encrypt your store and send e KA B (Warehouse A) (Pl l) encryption; 8 shows a sequence generator cifrante based on a shift register with primitive polynomial coefficients feedback (CL CL- 15..., C minor nonzero values such that the weight of the coefficient vector is lower value greater than 0.07 * L. Includes a filtering function f of order equal to the prime number p closer to L / 2, corresponding to p linear term and number of terms of each order i = l, 2, .. ., p equals [L / i] output filtering said one tenth according to the register output, and the decimated output is input to a buffer size. 4;

9 shows formation generated ad-hoc reactive group from the detection of a jam;

Figure 10 shows a diagram representing the three geographical areas defined for data authentication called danger zone (Zl), uncertainty area (Z2) and security zone (Z3); Y

Figure 11 shows a graphical representation of use of calculating the speed from the distance s traveled in time t by a node, allowing the device to automatically recalculate time t and estimated initially recommended and compare it to the route h time initially estimated for that route, so that if you 'th, and there is an alternative route with estimated time t to "t e, the device driver recommended this route.

Description of a preferred embodiment of the invention

Although the general approach of the invention can be used in different applications of the VANET, the analyzes carried out and the specific embodiment disclosed as embodiment are focused on the objective of reducing congestion on the road. In this case mobile phones and mobile devices are used, so that the node representing the vehicle in the vehicular network at all times is the mobile phone associated passenger first vehicle to handsfree device. This latter assumption avoids the possibility that a vehicle devices are several passengers who may be appearing in the VANET, as this would lead to erroneous conclusions about density of vehicles on the road. Furthermore, at the time of synchronization as the first mobile phone to the handsfree apparatus associated device, the mobile phone automatically changes to 'vehicle mode' 'pedestrian mode'. In 'pedestrian mode' mobile phone has only active C2, C3, C4, C5 and C6 components that allow you to update your keystore.

To use this invention the user does not have to take any specific action while driving. Before starting the vehicle, enter your destination into the device and route preference. The proposal implies that the device receives and sends information automatically, using only the vehicular network without requiring the collaboration of the driver at any time (see Figure 5). When the device detects that the vehicle is traveling at an abnormal speed relative to the path, it generates a message and sends it to all its neighbors via broadcast. With the information received, the device automatically recalculates the route and the recommended suggests the driver.

Figure 1 shows a preferred embodiment of secure communications system according to the invention. In this preferred embodiment, the secure communications system in a spontaneous, self-managed vehicular ad-hoc network includes the following modules:

Cl. Module identity key generation digital signature v

It constitutes part of the first basic element of the invention. This generation is necessary because authentication nodes proposed in this invention is based on public key cryptography self-managed at any time without requiring certification authorities. Instead, each node is responsible for generating your own pair of public / private key, which are essential for the processes of authentication and digital signing of messages you send once authenticated. Each node has a fixed pair of public / private (identity keys) keys whose validity is self-managed by certified so stores public keys of the nodes themselves.

C2. client / server architecture with the possibility of connecting to multiple users at a time is required for the first fundamental element of the invention. It is that each node (client) makes requests to another node (server) which responds (see Figure 2). This idea is very useful in multiuser distributed systems such as vehicular network object of this invention because that process capability is distributed among clients and servers. Particularly in this invention this component is required for interconnecting nodes and allows sending and receiving messages from many customers and from many servers at once because each user is both client and server time.

C3. multicast sending and receiving wireless beacons with varying pseudonyms

It is part of the first basic element of the invention. The sending / receiving messages containing varying beacons pseudonyms of sending nodes is necessary for the discovery process of active nodes, and avoid possible traces (see Figure 2).

C4. mutual authentication of nodes, with fixed exchange public keys, temporary secret keys and public key stores:

It is the basis of the first key element of the invention. The exchange of messages between pairs of nodes is intended to show each other who knows a secret without revealing anything about it. The proposed scheme is based on an interactive challenge-response scheme, as shown in Figure 3. In step of sending beacons each node is committed against its neighbors with what purports to show, sending them a witness (DI). If a node A wants to contact another node B, it sends a random challenge (D2). B then returns the response (D3) corresponding to the challenge and the witness. After these steps, both nodes share a key used to encrypt and send the other his identity public key. Then their temporary secret keys encrypted with the public key of another node are exchanged. Finally each uses its own secret key to encrypt and send encrypted key store. This module ensures each node authenticity of the other, and to exchange secret keys that are used in the C7 module, and update stores public keys needed for the subsequent verification of the validity of the public keys of identity used for message signing.

C5. Optimal upgrade stores public keys

It is an important part of the first basic element of the invention. Limits the number of keys stored to a denoted lim value, so that the value is generally less than the number of users forming the vehicular network, and equal to the minimum number that allows, using the property of the six degrees of consistent separation in which any node can connect to any other via a chain with no more than six links (see Figure 4), storing only the necessary keys to authenticate any other node with a high probability. C6. Scheme reputation nodes, which erases stores dishonest nodes is part of the first basic element of the invention. It allows nodes to isolate those which have been detected incorrect or corrupt behavior by deleting your public key certificate stores.

01. exchange encrypted data on static and dynamic elements of the road

This module is the second key element of the invention. The encrypted exchange of information obtained on the road and traffic, which are stored at the time the nodes is necessary to avoid passive behavior of users who intend to take advantage of the VANET without cooperating for operation. Using a secret key cryptosystem is advisable given the size of the data file. Our invention proposes to use this temporary secret key of the issuer. C8. Data Authentication

The third key element of the invention is part of this module. For the proper functioning of the network is essential to check integrity and origin of data received by digital signature, evaluating verifiable characteristics (freshness, location, relevance, accuracy, etc.) and test matches aggregation, as it should check at any time that relayed information is true, current and valid. In this self-managed invention this is only possible by combining techniques integrity checking and source, verifiable assessment of characteristics, and check matches with other messages received by data aggregation. Then various concepts and algorithms proposed as a preferred embodiment of the invention, the specific purpose described above.

For the Cl module is proposed as particular embodiment, the public identity key generated as a decimal value corresponding to the upper triangular submatrix of symmetric adjacency matrix containing elements corresponding to a Hamiltonian circuit in a graph binary representation ( see Figure 6). In the module C3 propose in this specific embodiment, the variable-pseudonym of each node is the hash list of IDs of the nodes present in your store public keys at that time. Since this storage is varying, the pseudonym also varies. Furthermore thus you can perform checking the IDs sent in the first authentication step corresponds to the hash sent in the corresponding beacon.

In the C4 module propose for this particular embodiment, as shown in Figure 7, a node B want to contact a node A first prompted the list of IDs from your store at the time, check matching your hash under the pseudonym sent by a in its beacon, and respond indicating a key present X at the intersection of both stores. Then show mutual no knowledge is made on the public X key so that each node built from that key, considering it as Hamiltonian circuit, a graph G in which X is solution to the difficult problem of the Hamiltonian circuit, and sent to another node. After at least two iterations of the show are made so that in a first step each node sends another as witness GI commitment A graph isomorphic to the graph previously sent. Then each node sends a random challenge to the other indicating whether to receive the other node isomorphism between two graphs or a Hamiltonian circuit graph isomorphic. After the demonstration of no knowledge, both nodes know they share the public key X, which used to encrypt using symmetric encryption described below, and send to the other node its own public key identity. After its temporary secret keys encrypted with the public key of another node and finally each uses its own temporary secret key to encrypt the symmetric encryption described below are exchanged, and send encrypted your key store, which is contrasted against the pseudonym remitted in the beacon and the list of IDs sent in the first step of authentication.

To implement the module C5 we propose that the stock update algorithm described below is used. Each node chooses to store in your store public key certificates those nodes most valid certificates issued or received, as this maximizes the probability of intersection between warehouses, required in the C4 module. Certificates and store nodes are treated in this algorithm respectively as edges and vertices of a graph. _Almacén Update function ()

Initialize data structures;

u: = B;

For each (u, ID) and A ^ store Warehouse

If I grado_ponderado (ID)> max (grado_ponderado (^ AlmacénB stores)

If cardinal (Warehouse B) <lim or

grado_ponderado (ID)> max (grado_ponderado (AlmacénB))

Add (u, ID) to store;

u: = ID;

end If

end If

end for

End Function To implement the C6 module propose that the dishonest node, rather than directly delete your public key storage after improper behavior, their behavior reflects assigning in store a negative weight to the corresponding edges of certificates issued or received by it, so that those certificates to receive a negative weight, the vertex will be present in progressively updated store. This scheme is combined in the algorithm update stores with an allocation of weights to edges in the store, according to the following criteria: 2 for certificates issued or received directly by the node 1 for the remaining certificates for certificates denounced -2 directly by the node, and -1 for certificates reported by other nodes. For use in the C7 module as well as for encrypting secret key referred to in module C4 propose an efficient symmetric encryption. Such efficiency is essential because in its first use in the C4 module length of the key used, being a public key, is generally superior to the established as safe symmetric ciphers, while in its second use in C4 the key store in general is a very large file. Also on the C7 module itself containing the file to encrypt data traffic and road will generally be very large. We therefore propose as symmetric encryption encryption in bitstream using as sequence generator cifrante described in Figure 8, which is based on a shift register polynomial primitive feedback on GF (2), 1+ C? X + c 2 x 2 + - + CLX L, grade L equal to the length of the key used at all times, and fed by said seed key formed. The feedback polynomial is given by log the nonzero primitive polynomial coefficients and minor number of said coefficients given by the smallest possible number greater than 0.07 * L, to improve efficiency. The order of the filtering function is the closest prime number p to L / 2 to ensure large linear complexity. Said function includes a corresponding order to the linear term, plus a number of terms of each order i = l, 2, ..., p given by the integer part of L / i obtained by multiplying successive stages to achieve seudoaleatoriedad and confusion. To avoid attacks by correlation, the output of said nonlinear filtering is the tenth irregularly so that the output of register determines at all times whether the corresponding output of the filter is used or discarded. Finally, in order to ensure a stable output, a buffer size 4 is included.

As specific proposal for implementation module C8 propose that matches by checking data aggregation is conducted with a probabilistic protocol ad-hoc based reactive groups, ie, generated to produce an aggregated packet (see Figure 9). They are distinguished for it three situations in which vehicles can be found regarding an incident: Vehicles that are capable of detecting an obstacle or incident on the road and are responsible for generating the corresponding warning messages; Vehicles receiving messages and warnings can confirm that the information is true because they have direct contact with the incident; Vehicles receiving warning messages but are unable to confirm or deny this information because they are out of range. Moreover, since in most cases the information generated at a certain point we are of interest outside a certain radius distance to that point are considered three geographical areas regarding an incident (see Figure 10): Area danger (Zl) or central area where the danger can be detected directly by the vehicle; Uncertainty zone (Z2) which surrounds the danger zone and where it is not possible to confirm the information directly but where decision making must be quick and effective because in a short period of time the vehicle will enter the danger zone; and Security Zone (Z3), where nodes behave following the paradigm-and-carry store gathering evidence about the same risk obtained through different packages. We also propose the establishment of reactive groups when a hazard is detected, so that vehicles cooperate in groups within their range, in the same geographical cell and generating aggregate information avoiding collisions, delays, overloading the network and repeats information. With the use of groups intend to keep the number of packets generated in a danger zone to warn of a problem grow infinitely, and allows reducing the number of signatures contained in a package. The center of the geographical area corresponds to the location of the danger and from this different groups are generated. In each group there is a leader in charge of building the package and add the signatures of all vehicles in your group. Verification of a message aggregation is performed only on those vehicles that are unable to directly verify the information, ie, when a vehicle receives a warning message about an incident that is outside the coverage of your antenna and wants to confirm the authenticity message received. Verification performed by vehicles depends on the direction of travel and geographical area where it is located. In the area of ​​uncertainty, if a vehicle receives a message aggregation containing n signatures, using the shift register of length n defined in the C7 module fed with the first bit of each of the signatures to generate n bits and check only signatures indicated by said output. In the safety area, the vehicles tested a number of signatures contained in the package as described in the above, but also vehicles may perform other checks that provide greater level of assurance on the information received. Thus, being in this area, you may receive several packets corresponding aggregates same hazard but from different groups.

At 8 basic modules of the system described is added to the specific embodiment, a last module which enables automatic detection of abnormal conditions of the road in order to advance warning drivers to avoid or reduce clogging.

C9. Speed ​​calculation, abnormal traffic conditions and alternate routes:

This module uses the information received from a receiver of a satellite navigation. You need to use the network in order to assist driving without having to install any infrastructure or in the vehicle or on the road (see Figure 11).

Though described and illustrated one specific embodiment of the present invention, it is evident that those skilled in the art may introduce variants and modifications, or replace the details by others technically equivalent, without departing from the scope of protection defined by the claims attached.

Claims

What is claimed
1. System secure communications in a spontaneous, self-managed vehicular ad-hoc network comprising:
- a module key generation identity and digital signature;
- a module containing client / server architecture with the possibility of connecting to multiple users simultaneously;
- a module for wireless multicast sending and receiving beacons with varying pseudonyms;
- a module for mutual authentication nodes, fixed exchange public keys, temporary secret keys, and stores public keys based on an interactive challenge-response scheme;
- An upgrade module stores public keys;
- a module reputation nodes, which erases stores dishonest nodes, by deleting its public key certificate stores;
- an encryption module data exchange static and dynamic elements of the road, using a temporary secret key of the issuer;
- an authentication module data by checking for matches with other messages received by data aggregation.
2. System secure communications in a spontaneous, self-managed vehicular ad-hoc network according to claim 1 for reducing congestion on the road in which:
- the generation module identity keys and digital signatures is based on the generation of the decimal value corresponding to the upper triangular submatrix of symmetric adjacency matrix containing elements corresponding to a Hamiltonian circuit in a graph binary representation;
- multicast module sending and receiving wireless beacons with pseudonyms variables is based on the hash list of IDs of the nodes present in your store public keys at the time;
- the module for mutual authentication of nodes is based on a node B want to contact a node A first prompted the list of IDs from your store at the time, check coincidence of the hash with the pseudonym sent by A in its beacon, and respond indicating a key present X at the intersection of both stores. Then a demonstration of mutual no knowledge about public X key so that each node built from that key, considering it as Hamiltonian circuit, a graph G in which X is solution to the difficult problem of the Hamiltonian circuit, and it is done sent to another node. After at least two iterations of the show are made so that in a first step each node sends another as witness GI commitment A graph isomorphic to the graph previously sent. Then each node sends a random challenge to the other indicating whether to receive the other node isomorphism between two graphs or a Hamiltonian circuit graph isomorphic. After the demonstration of no knowledge, both nodes know they share the public key X, which used to encrypt using symmetric encryption described below, and send to the other node its own public key identity. After its temporary secret keys encrypted with the public key of another node and finally each uses its own temporary secret key to encrypt the symmetric encryption described below are exchanged, and send encrypted your key store, which is contrasted against the pseudonym remitted in the beacon and the list of IDs sent in the first step of authentication;
- the upgrade module stores public keys is based on using an algorithm where each node chooses to store in your store public key certificates those nodes most valid certificates issued or received. Certificates and store nodes are treated in this algorithm respectively as edges and vertices of a graph;
- module reputation of nodes is based on reflecting the behavior of a rogue node assigning in store negative weight to those for certificates issued or received by the edges, so that upon receiving such certificates negative weight, the apex leave progressively be present in the updated storage. This scheme is combined in the algorithm update stores with an allocation of weights to edges in the store, according to the following criteria: 2 for certificates issued or received directly by the node 1 for the remaining certificates for certificates denounced -2 directly by the node, and -1 for other nodes reported by certificates;
- encryption module data exchange is based on an encrypted bitstream using as sequence generator cifrante one decimating nonlinear filtering and buffer, a shift register polynomial primitive feedback on GF (2) of degree L equal the length of the key used at all times, fed with the seed formed by said key and polynomial feedback given by the primitive polynomial of smaller non-zero coefficients and number of said coefficients given by the smallest possible number greater than 0, 07 * L. The nonlinear function of filtering is to order the closest to L / 2 prime number p, includes a corresponding order to the linear term, plus a number of terms of each order i = l, 2, ..., p given by the integer part of L / i obtained by multiplying successive stages. The output of said nonlinear filtering is the tenth irregularly so that the output of register determines at all times whether the corresponding output of the filter is used or discarded, introduced in the first case in a buffer of size 4;
- the authentication module data based on an outline data aggregation based on reactive groups wherein each leader is responsible for building the package and add the signatures of all vehicles of the group, and where verification is performed according a probabilistic protocol which depends on the geographical area where each vehicle is located;
- a module for automatic detection of abnormal conditions for speed calculation, based on information received from a receiver of a satellite navigation is added.
PCT/ES2011/000220 2010-06-29 2011-06-29 System for securely communicating in a spontaneous self-managed ad-hoc vehicular network WO2012007609A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
ESP201000865 2010-06-29
ES201000865A ES2372841B2 (en) 2010-06-29 2010-06-29 Secure communications system in a spontaneous, self-managed vehicular ad-hoc network.

Publications (1)

Publication Number Publication Date
WO2012007609A1 true true WO2012007609A1 (en) 2012-01-19

Family

ID=45446403

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/ES2011/000220 WO2012007609A1 (en) 2010-06-29 2011-06-29 System for securely communicating in a spontaneous self-managed ad-hoc vehicular network

Country Status (2)

Country Link
ES (1) ES2372841B2 (en)
WO (1) WO2012007609A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9971800B2 (en) 2016-04-12 2018-05-15 Cisco Technology, Inc. Compressing indices in a video stream

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017158208A1 (en) * 2016-03-18 2017-09-21 Universidad De La Laguna System and method for the automation and safe use of mobile applications in vehicles

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
"Pretty Good Privacy", ARTICULO WIKIPEDIA, 18 June 2010 (2010-06-18), Retrieved from the Internet <URL:http://es.wikipedia.org/w/index.php?title=Pretty_Good_Privacy&oldid=38143026> [retrieved on 20111202] *
CABALLERO-GIL ET AL.: "Self-organized authentication architecture for Mobile Ad-hoc Networks", INTERNATIONAL SYMPOSIUM ON 6TH MODELING AND OPTIMIZATION IN MOBILE, AD HOC, AND WIRELESS NETWORKS AND WORKSHOPS, 2008. WIOPT 2008, 1 August 2008 (2008-08-01), PISCATAWAY, NJ, USA., pages 217 - 224 *
CAPKUN ET AL.: "Self-organized public-key management for mobile ad hoc networks", IEEE TRANSACTIONS ON MOBILE COMPUTING (2003), vol. 2, no. 1, 31 March 2003 (2003-03-31), PISCATAWAY, NJ, USA., pages 52 - 64, XP001171685, DOI: doi:10.1109/TMC.2003.1195151 *
RAYA ET AL.: "Efficient Secure Aggregation in VANETs", PROCEEDINGS OF THE 3RD INTERNATIONAL WORKSHOP ON VEHICULAR AD HOC NETWORKS 2006, 31 December 2006 (2006-12-31), pages 67 - 75 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9971800B2 (en) 2016-04-12 2018-05-15 Cisco Technology, Inc. Compressing indices in a video stream

Also Published As

Publication number Publication date Type
ES2372841B2 (en) 2013-04-16 grant
ES2372841A1 (en) 2012-01-27 application

Similar Documents

Publication Publication Date Title
Karagiannis et al. Vehicular networking: A survey and tutorial on requirements, architectures, challenges, standards and solutions
Studer et al. TACKing together efficient authentication, revocation, and privacy in VANETs
Olariu et al. The next paradigm shift: from vehicular networks to vehicular clouds
Raya et al. Securing vehicular communications
Engoulou et al. VANET security surveys
Papadimitratos et al. Secure vehicular communication systems: design and architecture
Zhang et al. An efficient identity-based batch verification scheme for vehicular sensor networks
Zeadally et al. Vehicular ad hoc networks (VANETS): status, results, and challenges
Mejri et al. Survey on VANET security challenges and possible cryptographic solutions
Samara et al. Security analysis of vehicular ad hoc nerworks (VANET)
Samara et al. Security issues and challenges of vehicular ad hoc networks (VANET)
Zhang et al. A scalable robust authentication protocol for secure vehicular communications
Armknecht et al. Cross-layer privacy enhancement and non-repudiation in vehicular communication
Lin et al. Security in vehicular ad hoc networks
Lu et al. A dynamic privacy-preserving key management scheme for location-based services in vanets
Raw et al. Security challenges, issues and their solutions for VANET
Raya et al. Security aspects of inter-vehicle communications
Schmidt et al. Vehicle behavior analysis to enhance security in vanets
Yan et al. Providing location security in vehicular ad hoc networks
Park et al. Defense against sybil attack in vehicular ad hoc network based on roadside unit support
Hsiao et al. Flooding-resilient broadcast authentication for vanets
Chang et al. Footprint: Detecting sybil attacks in urban vehicular networks
Song et al. Secure Location Verification for Vehicular Ad-Hoc Networks.
Rivas et al. Security on VANETs: Privacy, misbehaving nodes, false information and secure data aggregation
US20110238997A1 (en) EFFICIENT TECHNIQUE TO ACHIEVE NON-REPUDIATION AND RESILIENCE TO DoS ATTACKS IN WIRELESS NETWORKS

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11806328

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase in:

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11806328

Country of ref document: EP

Kind code of ref document: A1