Privacy-Preserving Certificate Linkage/Revocation in VANETs Without Linkage Authorities

Vehicular communication (V2X) technologies are expected to become common in the future, providing better efficiency and safety in transportation. This envisioned large-scale deployment, however, critically depends on addressing some issues. In special, to prevent abuse by drivers, messages exchanged...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Veröffentlicht in:	IEEE transactions on intelligent transportation systems 2021-06, Vol.22 (6), p.3326-3336
Hauptverfasser:	Simplicio, Marcos A., Cominetti, Eduardo Lopes, Patil, Harsh Kupwade, Ricardini, Jefferson E., Ferraz, Leonardo T. D., Silva, Marcos Vinicius M.
Format:	Artikel
Sprache:	eng
Schlagworte:	birthday attacks Couplings linkage authorities Mobile ad hoc networks Principal component analysis Privacy Public key Public Key Infrastructure revocable privacy security credential management system Standardization V2X Vehicle-to-everything
Online-Zugang:	Volltext bestellen
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page	3336
container_issue	6
container_start_page	3326
container_title	IEEE transactions on intelligent transportation systems
container_volume	22
creator	Simplicio, Marcos A. Cominetti, Eduardo Lopes Patil, Harsh Kupwade Ricardini, Jefferson E. Ferraz, Leonardo T. D. Silva, Marcos Vinicius M.
description	Vehicular communication (V2X) technologies are expected to become common in the future, providing better efficiency and safety in transportation. This envisioned large-scale deployment, however, critically depends on addressing some issues. In special, to prevent abuse by drivers, messages exchanged among authorized vehicles must be authenticated. This implies the need of a Vehicular Public Key Infrastructure (VPKI). Unlike traditional PKIs, though, VPKIs are also expected to preserve the privacy of honest drivers, preventing their vehicles from being easily identified or tracked. One promising VPKI solution, which copes with such requirements and is among the main candidates for standardization in the United States, is the Security Credential Management System (SCMS). In this paper, aiming to enhance and address shortcomings identified in SCMS, we provide two main contributions. First, we describe and fix two birthday attacks against SCMS's certificate revocation process, thus improving the system's long-term privacy. Second, we propose a method that simplifies SCMS's architecture, removing the need for Linkage Authorities (LAs); this approach cuts down deployment costs while reducing the system's attack surface, in particular against some troublesome forms of replay attacks that are hereby unveiled.
doi_str_mv	10.1109/TITS.2020.2981907
format	Article
fullrecord	<record><control><sourceid>proquest_RIE</sourceid><recordid>TN_cdi_ieee_primary_9052710</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>9052710</ieee_id><sourcerecordid>2536030868</sourcerecordid><originalsourceid>FETCH-LOGICAL-c336t-3d6df69f2afc9b1ee3ed823c722d5bd452eecc804af8459f969869eb621f63963</originalsourceid><addsrcrecordid>eNo9kE1PAjEQhhujiYj-AONlE88L_diW9kgIIglRoqscm6U7xaLuYtsl4d-7G9DTzLx5ZiZ5ELoleEAIVsN8nr8OKKZ4QJUkCo_OUI9wLlOMiTjvepqlCnN8ia5C2LZpxgnpodXSu31hDunSQwC_d9UmmYCPzjpTREgWrvosNjB8gX3dBq6uElcl7-OnaR6SlYsfdRP_oGTctLN30UG4Rhe2-Apwc6p99PYwzSeP6eJ5Np-MF6lhTMSUlaK0QllaWKPWBIBBKSkzI0pLvi4zTgGMkTgrrMy4skooKRSsBSVWMCVYH90f7-58_dNAiHpbN75qX2rKmcAMSyFbihwp4-sQPFi98-678AdNsO786c6f7vzpk7925-644wDgn28V0hHB7BcmL2yt</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2536030868</pqid></control><display><type>article</type><title>Privacy-Preserving Certificate Linkage/Revocation in VANETs Without Linkage Authorities</title><source>IEEE Electronic Library (IEL)</source><creator>Simplicio, Marcos A. ; Cominetti, Eduardo Lopes ; Patil, Harsh Kupwade ; Ricardini, Jefferson E. ; Ferraz, Leonardo T. D. ; Silva, Marcos Vinicius M.</creator><creatorcontrib>Simplicio, Marcos A. ; Cominetti, Eduardo Lopes ; Patil, Harsh Kupwade ; Ricardini, Jefferson E. ; Ferraz, Leonardo T. D. ; Silva, Marcos Vinicius M.</creatorcontrib><description>Vehicular communication (V2X) technologies are expected to become common in the future, providing better efficiency and safety in transportation. This envisioned large-scale deployment, however, critically depends on addressing some issues. In special, to prevent abuse by drivers, messages exchanged among authorized vehicles must be authenticated. This implies the need of a Vehicular Public Key Infrastructure (VPKI). Unlike traditional PKIs, though, VPKIs are also expected to preserve the privacy of honest drivers, preventing their vehicles from being easily identified or tracked. One promising VPKI solution, which copes with such requirements and is among the main candidates for standardization in the United States, is the Security Credential Management System (SCMS). In this paper, aiming to enhance and address shortcomings identified in SCMS, we provide two main contributions. First, we describe and fix two birthday attacks against SCMS's certificate revocation process, thus improving the system's long-term privacy. Second, we propose a method that simplifies SCMS's architecture, removing the need for Linkage Authorities (LAs); this approach cuts down deployment costs while reducing the system's attack surface, in particular against some troublesome forms of replay attacks that are hereby unveiled.</description><identifier>ISSN: 1524-9050</identifier><identifier>EISSN: 1558-0016</identifier><identifier>DOI: 10.1109/TITS.2020.2981907</identifier><identifier>CODEN: ITISFG</identifier><language>eng</language><publisher>New York: IEEE</publisher><subject>birthday attacks ; Couplings ; linkage authorities ; Mobile ad hoc networks ; Principal component analysis ; Privacy ; Public key ; Public Key Infrastructure ; revocable privacy ; security credential management system ; Standardization ; V2X ; Vehicle-to-everything</subject><ispartof>IEEE transactions on intelligent transportation systems, 2021-06, Vol.22 (6), p.3326-3336</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2021</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c336t-3d6df69f2afc9b1ee3ed823c722d5bd452eecc804af8459f969869eb621f63963</citedby><cites>FETCH-LOGICAL-c336t-3d6df69f2afc9b1ee3ed823c722d5bd452eecc804af8459f969869eb621f63963</cites><orcidid>0000-0002-7604-6668 ; 0000-0001-5227-7165 ; 0000-0001-5180-1324 ; 0000-0003-0434-0013 ; 0000-0003-2198-3811</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/9052710$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,776,780,792,27901,27902,54733</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/9052710$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Simplicio, Marcos A.</creatorcontrib><creatorcontrib>Cominetti, Eduardo Lopes</creatorcontrib><creatorcontrib>Patil, Harsh Kupwade</creatorcontrib><creatorcontrib>Ricardini, Jefferson E.</creatorcontrib><creatorcontrib>Ferraz, Leonardo T. D.</creatorcontrib><creatorcontrib>Silva, Marcos Vinicius M.</creatorcontrib><title>Privacy-Preserving Certificate Linkage/Revocation in VANETs Without Linkage Authorities</title><title>IEEE transactions on intelligent transportation systems</title><addtitle>TITS</addtitle><description>Vehicular communication (V2X) technologies are expected to become common in the future, providing better efficiency and safety in transportation. This envisioned large-scale deployment, however, critically depends on addressing some issues. In special, to prevent abuse by drivers, messages exchanged among authorized vehicles must be authenticated. This implies the need of a Vehicular Public Key Infrastructure (VPKI). Unlike traditional PKIs, though, VPKIs are also expected to preserve the privacy of honest drivers, preventing their vehicles from being easily identified or tracked. One promising VPKI solution, which copes with such requirements and is among the main candidates for standardization in the United States, is the Security Credential Management System (SCMS). In this paper, aiming to enhance and address shortcomings identified in SCMS, we provide two main contributions. First, we describe and fix two birthday attacks against SCMS's certificate revocation process, thus improving the system's long-term privacy. Second, we propose a method that simplifies SCMS's architecture, removing the need for Linkage Authorities (LAs); this approach cuts down deployment costs while reducing the system's attack surface, in particular against some troublesome forms of replay attacks that are hereby unveiled.</description><subject>birthday attacks</subject><subject>Couplings</subject><subject>linkage authorities</subject><subject>Mobile ad hoc networks</subject><subject>Principal component analysis</subject><subject>Privacy</subject><subject>Public key</subject><subject>Public Key Infrastructure</subject><subject>revocable privacy</subject><subject>security credential management system</subject><subject>Standardization</subject><subject>V2X</subject><subject>Vehicle-to-everything</subject><issn>1524-9050</issn><issn>1558-0016</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2021</creationdate><recordtype>article</recordtype><sourceid>RIE</sourceid><recordid>eNo9kE1PAjEQhhujiYj-AONlE88L_diW9kgIIglRoqscm6U7xaLuYtsl4d-7G9DTzLx5ZiZ5ELoleEAIVsN8nr8OKKZ4QJUkCo_OUI9wLlOMiTjvepqlCnN8ia5C2LZpxgnpodXSu31hDunSQwC_d9UmmYCPzjpTREgWrvosNjB8gX3dBq6uElcl7-OnaR6SlYsfdRP_oGTctLN30UG4Rhe2-Apwc6p99PYwzSeP6eJ5Np-MF6lhTMSUlaK0QllaWKPWBIBBKSkzI0pLvi4zTgGMkTgrrMy4skooKRSsBSVWMCVYH90f7-58_dNAiHpbN75qX2rKmcAMSyFbihwp4-sQPFi98-678AdNsO786c6f7vzpk7925-644wDgn28V0hHB7BcmL2yt</recordid><startdate>20210601</startdate><enddate>20210601</enddate><creator>Simplicio, Marcos A.</creator><creator>Cominetti, Eduardo Lopes</creator><creator>Patil, Harsh Kupwade</creator><creator>Ricardini, Jefferson E.</creator><creator>Ferraz, Leonardo T. D.</creator><creator>Silva, Marcos Vinicius M.</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>7SP</scope><scope>8FD</scope><scope>FR3</scope><scope>JQ2</scope><scope>KR7</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><orcidid>https://orcid.org/0000-0002-7604-6668</orcidid><orcidid>https://orcid.org/0000-0001-5227-7165</orcidid><orcidid>https://orcid.org/0000-0001-5180-1324</orcidid><orcidid>https://orcid.org/0000-0003-0434-0013</orcidid><orcidid>https://orcid.org/0000-0003-2198-3811</orcidid></search><sort><creationdate>20210601</creationdate><title>Privacy-Preserving Certificate Linkage/Revocation in VANETs Without Linkage Authorities</title><author>Simplicio, Marcos A. ; Cominetti, Eduardo Lopes ; Patil, Harsh Kupwade ; Ricardini, Jefferson E. ; Ferraz, Leonardo T. D. ; Silva, Marcos Vinicius M.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c336t-3d6df69f2afc9b1ee3ed823c722d5bd452eecc804af8459f969869eb621f63963</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2021</creationdate><topic>birthday attacks</topic><topic>Couplings</topic><topic>linkage authorities</topic><topic>Mobile ad hoc networks</topic><topic>Principal component analysis</topic><topic>Privacy</topic><topic>Public key</topic><topic>Public Key Infrastructure</topic><topic>revocable privacy</topic><topic>security credential management system</topic><topic>Standardization</topic><topic>V2X</topic><topic>Vehicle-to-everything</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Simplicio, Marcos A.</creatorcontrib><creatorcontrib>Cominetti, Eduardo Lopes</creatorcontrib><creatorcontrib>Patil, Harsh Kupwade</creatorcontrib><creatorcontrib>Ricardini, Jefferson E.</creatorcontrib><creatorcontrib>Ferraz, Leonardo T. D.</creatorcontrib><creatorcontrib>Silva, Marcos Vinicius M.</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics & Communications Abstracts</collection><collection>Technology Research Database</collection><collection>Engineering Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Civil Engineering Abstracts</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>IEEE transactions on intelligent transportation systems</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Simplicio, Marcos A.</au><au>Cominetti, Eduardo Lopes</au><au>Patil, Harsh Kupwade</au><au>Ricardini, Jefferson E.</au><au>Ferraz, Leonardo T. D.</au><au>Silva, Marcos Vinicius M.</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Privacy-Preserving Certificate Linkage/Revocation in VANETs Without Linkage Authorities</atitle><jtitle>IEEE transactions on intelligent transportation systems</jtitle><stitle>TITS</stitle><date>2021-06-01</date><risdate>2021</risdate><volume>22</volume><issue>6</issue><spage>3326</spage><epage>3336</epage><pages>3326-3336</pages><issn>1524-9050</issn><eissn>1558-0016</eissn><coden>ITISFG</coden><abstract>Vehicular communication (V2X) technologies are expected to become common in the future, providing better efficiency and safety in transportation. This envisioned large-scale deployment, however, critically depends on addressing some issues. In special, to prevent abuse by drivers, messages exchanged among authorized vehicles must be authenticated. This implies the need of a Vehicular Public Key Infrastructure (VPKI). Unlike traditional PKIs, though, VPKIs are also expected to preserve the privacy of honest drivers, preventing their vehicles from being easily identified or tracked. One promising VPKI solution, which copes with such requirements and is among the main candidates for standardization in the United States, is the Security Credential Management System (SCMS). In this paper, aiming to enhance and address shortcomings identified in SCMS, we provide two main contributions. First, we describe and fix two birthday attacks against SCMS's certificate revocation process, thus improving the system's long-term privacy. Second, we propose a method that simplifies SCMS's architecture, removing the need for Linkage Authorities (LAs); this approach cuts down deployment costs while reducing the system's attack surface, in particular against some troublesome forms of replay attacks that are hereby unveiled.</abstract><cop>New York</cop><pub>IEEE</pub><doi>10.1109/TITS.2020.2981907</doi><tpages>11</tpages><orcidid>https://orcid.org/0000-0002-7604-6668</orcidid><orcidid>https://orcid.org/0000-0001-5227-7165</orcidid><orcidid>https://orcid.org/0000-0001-5180-1324</orcidid><orcidid>https://orcid.org/0000-0003-0434-0013</orcidid><orcidid>https://orcid.org/0000-0003-2198-3811</orcidid><oa>free_for_read</oa></addata></record>
fulltext	fulltext_linktorsrc
identifier	ISSN: 1524-9050
ispartof	IEEE transactions on intelligent transportation systems, 2021-06, Vol.22 (6), p.3326-3336
issn	1524-9050 1558-0016
language	eng
recordid	cdi_ieee_primary_9052710
source	IEEE Electronic Library (IEL)
subjects	birthday attacks Couplings linkage authorities Mobile ad hoc networks Principal component analysis Privacy Public key Public Key Infrastructure revocable privacy security credential management system Standardization V2X Vehicle-to-everything
title	Privacy-Preserving Certificate Linkage/Revocation in VANETs Without Linkage Authorities
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-01T19%3A31%3A39IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Privacy-Preserving%20Certificate%20Linkage/Revocation%20in%20VANETs%20Without%20Linkage%20Authorities&rft.jtitle=IEEE%20transactions%20on%20intelligent%20transportation%20systems&rft.au=Simplicio,%20Marcos%20A.&rft.date=2021-06-01&rft.volume=22&rft.issue=6&rft.spage=3326&rft.epage=3336&rft.pages=3326-3336&rft.issn=1524-9050&rft.eissn=1558-0016&rft.coden=ITISFG&rft_id=info:doi/10.1109/TITS.2020.2981907&rft_dat=%3Cproquest_RIE%3E2536030868%3C/proquest_RIE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2536030868&rft_id=info:pmid/&rft_ieee_id=9052710&rfr_iscdi=true