An Efficient and Practical Authenticated Communication Scheme for Vehicular Ad Hoc Networks

Source: IEEE Transactions on Vehicular Technology, Reviewing

Presenter: Yung-Chih Lu (呂勇志 )

Date: 2011/03/04

Outline

2

Introduction Proposed Scheme Security Analysis Performance Analysis Conclusion Comment

Introduction (1/3)

Goal Message Authentication & Message

Encryption Against attack

Replay attackImpersonation attackOutsider attack

Saving resourcecomputation cost

3

Introduction (2/3)

4

Vehicular Ad Hoc Network (VANET)

RSC: Road Side Unit

Introduction (3/3)

The Functions of Proposed Scheme Traffic control schemes

Message Authentication Entertainment service scheme

Message Encryption

5

Vehicle-RSU-Vehicle Communication

Proposed Scheme for Traffic Control (1/2)

6V: Vehicular M: Message TVi: Timestamp Kvi: A pre-shared keyx: RSU’s private key t: Random number H(): one way hash functionQ: base point over Elliptic Curve X= x ． Q

Vi

(IDVi, IDVj, M, TVi, Kvi⊕ H(M||TVi))

VjRSU

1.Computes K’Vi =H(IDVi || x)2. Decrypts Kvi⊕ H(M||TVi)3.

4.Checks M,Tvi

5. Selects t ∈ Z*n

6. Computes T= t ． Q = (x1,y1) r= x1 mod n s= t-1 ． [H(M||TR)+x ．t]7.Broadcast (IDR, IDVj, M, (r,s), TR )

1.Computes (s-1 ． H(M||TR)) ． Q+s-1 ． r ． X)= (x1’,y1

’)2. Verifies r’ = r r’= x1’ mod n

CSESPP Scheme

Proposed Scheme for Entertainment Service (2/2)

7V: Vehicular Reg: Request message TVi: Timestamp Kvi: A pre-shared keyES: Entertainment Service R: Random number H(): one way hash functionCSESPP: Communication Scheme for Entertainment Services with Privacy Preservation

Vi

(IDVi, Reg, TVi, H(Kvi||TVi))

RSU

1.Computes K’Vi =H(Kvi||TVi)2. Verifies H(K’vi||TVi) =H(Kvi||TVi) 3. R∈ Z*

n

4. Computes SKi= H(Kvi||R) {ESKi(ES,R) ,R}

1.Computes SKi =H(Kvi||R)2. Decrypts ESKi(ES,R) 3. Check R

K’Vi =H(IDVi || x)

Security Analysis (1/1)

Against attack Outsider attack

Secret key Impersonation attack

Secret key Replay attack

Timestamp

8

Performance Analysis (1/1)

9

Comparisons Table

TEC_Mul: the operation time of point multiplication on the elliptic curve functionTexp: the operation time of the modular exponentiationTmul: the operation time of the modular multiplication

Conclusion

10

A vehicle only needs to share one session key with RSU to communicate with the other vehicles.

The proposed scheme is more efficient than other scheme.

Comment (1/2)

11

本文主要貢獻簡述： 所有認證與加密工作皆透過公認第三方 (RSU) 來進行 ,

搭配 ECDSA 簽章，降低 Computation cost 。優點：

提出橢圓曲線的 point multiplication 比 modular exponentiation 更有效率的概念，來降低computation cost 。

缺點： 錯字都集中在 proposed scheme 。 Security Analysis 缺乏證明。 當 Vehicular 周圍無 RSU 時，則無法進行

authentication 及 encryption 。

Comment (2/2)

作者需進一步說明 : 請解釋在 Entertainment Service 中，使用隨機值 R

的用意。明顯錯誤 ( 含 typos):

Page6, 倒數第 3 行 S 應改成 M Page16, Figure1, 第 8 行 H’(IDVi||x) =⊕ H(IDVi||x) 應

改成 H’(M||TVi) =H(M||TVi) Page16, Figure1, 第 13 行 x ． t 應改成 x ． r Page18, Figure2, 第 5 行 K’Vi =H(Kvi||TVi) 應改成 K’Vi

=H(IDVi || x)

12

Li et al.’s Scheme for Traffic Control (1/2)

13

Vi Vj

1.Computes 1.Decrypts the message by Ht(SK)2.Computes

3.check

Vehicle-to-Vehicle Communication