skip to main content

Title: EFFICIENT BLOCKCHAIN AUTHENTICATION SCHEME FOR VANETS
As the use of autonomous vehicles increase, the transportation infrastructure as a whole becomes more susceptible to cyber-attacks due to the increase of components that can communicate with one another and the Internet. It has been shown that autonomous vehicles benefit greatly from cooperating to perform many cost and life-saving applications such as tailgating, advanced collision warning, and even traffic routing. To secure the transportation infrastructure against this increasing risk, this paper presents an efficient blockchain scheme for vehicular ad-hoc networks of autonomous vehicles. In the proposed scheme, every vehicle maintains blocks generated by its platoon which contain transactions that evaluate the actions of every vehicle. Thus, vehicles will possess different blocks and thus different blockchains as they join and leave platoons. No central blockchain is maintained. These blocks are used as a token by the vehicle to gain access to future platoons. The proposed scheme uses the Schnorr digital signature scheme to create a secure signature and reach consensus within the platoon. It is proven to be secure under the given assumptions.
Authors:
;
Award ID(s):
1837472
Publication Date:
NSF-PAR ID:
10190266
Journal Name:
Critical Infrastructure Protection XIV.
Sponsoring Org:
National Science Foundation
More Like this
  1. Internet of Vehicles (IoV) in 5G is regarded as a backbone for intelligent transportation system in smart city, where vehicles are expected to communicate with drivers, with road-side wireless infrastructure, with other vehicles, with traffic signals and different city infrastructure using vehicle-to-vehicle (V2V) and/or vehicle-to-infrastructure (V2I) communications. In IoV, the network topology changes based on drivers' destination, intent or vehicles' movements and road structure on which the vehicles travel. In IoV, vehicles are assumed to be equipped with computing devices to process data, storage devices to store data and communication devices to communicate with other vehicles or with roadside infrastructuremore »(RSI). It is vital to authenticate data in IoV to make sure that legitimate data is being propagated in IoV. Thus, security stands as a vital factor in IoV. The existing literature contains some limitations for robust security in IoV such as high delay introduced by security algorithms, security without privacy, unreliable security and reduced overall communication efficiency. To address these issues, this paper proposes the Elliptic Curve Cryptography (ECC) based Ant Colony Optimization Ad hoc On-demand Distance Vector (ACO-AODV) routing protocol which avoids suspicious vehicles during message dissemination in IoV. Specifically, our proposed protocol comprises three components: i) certificate authority (CA) which maps vehicle's publicly available info such as number plates with cryptographic keys using ECC; ii) malicious vehicle (MV) detection algorithm which works based on trust level calculated using status message interactions; and iii) secure optimal path selection in an adaptive manner based on the intent of communications using ACO-AODV that avoids malicious vehicles. Experimental results illustrate that the proposed approach provides better results than the existing approaches.« less
  2. Truck platooning is emerging as a promising solution with many economic incentives. However, securely admitting a new vehicle into a platoon is an extremely important yet difficult task. There is no adequate method today for verifying physical arrangements of vehicles within a platoon formation. Specifically, we address the problem of a platoon ghost attack wherein an attacker spoofs presence within a platoon to gain admission and subsequently execute malicious attacks. To address such concerns, we present Convoy, a novel autonomous platoon admission scheme which binds the vehicles' digital certificates to their physical context (i.e., locality). Convoy exploits the findings thatmore »vehicles traveling together experience similar context to prove to each other over time that they are co-present. Specifically, they experience similar road (e.g., bumps and cracks) and traffic (e.g., acceleration and steering) conditions. Our approach is based on the ability for vehicles to capture this context, generate fingerprints to establish shared keys, and later bind these symmetric keys to their public keys. We design and implement the Convoy protocol and evaluate it with real-world driving data. Our implementation demonstrates that vehicles traveling in adjacent lanes can be sufficiently distinguished by their context and this can be utilized to thwart platoon ghost attacks and similar misbehavior« less
  3. Cities have circumvented privacy norms and deployed sensors to track vehicles via toll transponders (like E-Zpass tags). The ethical problems regarding these practices have been highlighted by various privacy advocacy groups. The industry however, has yet to implement a standard privacy protection regime to protect users’ data. Further, existing risk management models do not adequately address user-controlled data sharing requirements. In this paper, we consider the challenges of protecting private data in the Internet of Vehicles (IoV) and mobile edge networks. Specifically, we present a privacy risk reduction model for electronic toll transponder data. We seek to preserve driver privacymore »while contributing to intelligent transportation infrastructure congestion automation schemes. We thus propose TollsOnly, a fully homomorphic encryption protocol. TollsOnly is expected to be a post-quantum privacy preservation scheme. It enables users to share specific data with smart cities via blockchain technology. TollsOnly protects driver privacy in compliance with the European General Data Protection Regulation (GDPR) and the California Consumer Privacy Act.« less
  4. Collaborative intrusion detection system (CIDS) shares the critical detection-control information across the nodes for improved and coordinated defense. Software-defined network (SDN) introduces the controllers for the networking control, including for the networks spanning across multiple autonomous systems, and therefore provides a prime platform for CIDS application. Although previous research studies have focused on CIDS in SDN, the real-time secure exchange of the detection relevant information (e.g., the detection signature) remains a critical challenge. In particular, the CIDS research still lacks robust trust management of the SDN controllers and the integrity protection of the collaborative defense information to resist against themore »insider attacks transmitting untruthful and malicious detection signatures to other participating controllers. In this paper, we propose a blockchain-enabled collaborative intrusion detection in SDN, taking advantage of the blockchain’s security properties. Our scheme achieves three important security goals: to establish the trust of the participating controllers by using the permissioned blockchain to register the controller and manage digital certificates, to protect the integrity of the detection signatures against malicious detection signature injection, and to attest the delivery/update of the detection signature to other controllers. Our experiments in CloudLab based on a prototype built on Ethereum, Smart Contract, and IPFS demonstrates that our approach efficiently shares and distributes detection signatures in real-time through the trustworthy distributed platform.« less
  5. Collaborative intrusion detection system (CIDS) shares the critical detection-control information across the nodes for improved and coordinated defense. Software-defined network (SDN) introduces the controllers for the networking control, including for the networks spanning across multiple autonomous systems, and therefore provides a prime platform for CIDS application. Although previous research studies have focused on CIDS in SDN, the real-time secure exchange of the detection relevant information (e.g., the detection signature) remains a critical challenge. In particular, the CIDS research still lacks robust trust management of the SDN controllers and the integrity protection of the collaborative defense information to resist against themore »insider attacks transmitting untruthful and malicious detection signatures to other participating controllers. In this paper, we propose a blockchain-enabled collaborative intrusion detection in SDN, taking advantage of the blockchain’s security properties. Our scheme achieves three important security goals: to establish the trust of the participating controllers by using the permissioned blockchain to register the controller and manage digital certificates, to protect the integrity of the detection signatures against malicious detection signature injection, and to attest the delivery/update of the detection signature to other controllers. Our experiments in CloudLab based on a prototype built on Ethereum, Smart Contract, and IPFS demonstrates that our approach efficiently shares and distributes detection signatures in real-time through the trustworthy distributed platform.« less