skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: When Cryptography Needs a Hand: Practical Post-Quantum Authentication for V2V Communications
We tackle the atypical challenge of supporting postquantum cryptography (PQC) and its significant overhead in safety-critical vehicle-to-vehicle (V2V) communications, dealing with strict overhead and latency restrictions within the limited radio spectrum for V2V. For example, we show that the current use of spectrum to support signature verification in V2V makes it nearly impossible to adopt PQC. Accordingly, we propose a scheduling technique for message signing certificate transmissions (which we find are currently up to 93% redundant) that learns to adaptively reduce the use of radio spectrum. In combination, we design the first integration of PQC and V2V, which satisfies the above stringent constraints given the available spectrum. Specifically, we analyze the three PQ signature algorithms selected for standardization by NIST, as well as XMSS (RFC 8391), and propose a Partially Hybrid authentication protocol—a tailored fusion of classical cryptography and PQC—for use in the V2V ecosystem during the nascent transition period we outline towards fully PQ V2V. Our provably secure protocol efficiently balances security and performance, as demonstrated experimentally with software-defined radios (USRPs), commercial V2V devices, and road traffic and V2V simulators. We show our joint transmission scheduling optimization and Partially Hybrid design are scalable and reliable under realistic conditions, adding a negligible average delay (0.39 ms per message) against the current state-of-the-art.  more » « less
Award ID(s):
2239931
PAR ID:
10492326
Author(s) / Creator(s):
; ; ;
Publisher / Repository:
Network and Distributed System Security Symposium (NDSS)
Date Published:
Journal Name:
Network and Distributed System Security Symposium (NDSS 2024)
ISBN:
1-891562-93-2
Subject(s) / Keyword(s):
V2V security connected vehicles post-quantum cryptography hardware testbed hybrid authentication protocol
Format(s):
Medium: X
Location:
San Diego, CA, USA
Sponsoring Org:
National Science Foundation
More Like this
  1. ; (, ACM Transactions on Multimedia Computing, Communications, and Applications)
    Digital Twins (DT) virtually model cyber-physical objects via sensory inputs by simulating or monitoring their behavior. Therefore, DTs usually harbor vast quantities of Internet of Things (IoT) components (e.g., sensors) that gather, process, and offload sensitive information (e.g., healthcare) to the cloud. It is imperative to ensure the trustworthiness of such sensitive information with long-term and compromise-resilient security guarantees. Digital signatures provide scalable authentication and integrity with non-repudiation and are vital tools for DTs. Post-quantum cryptography (PQC) and forward-secure signatures are two fundamental tools to offer long-term security and breach resiliency. However, NIST-PQC signature standards are exorbitantly costly for embedded DT components and are infeasible when forward-security is also considered. Moreover, NIST-PQC signatures do not admit aggregation, which is a highly desirable feature to mitigate the heavy storage and transmission burden in DTs. Finally, NIST recommends hybrid PQ solutions to enable cryptographic agility and transitional security. Yet, there is a significant gap in the state of the art in the achievement of all these advanced features simultaneously. Therefore, there is a significant need for lightweight digital signatures that offer compromise resiliency and compactness while permitting transitional security into the PQ era for DTs. We create a series of highly lightweight digital signatures called Hardware-ASisted Efficient Signature (HASES) that meets the above requirements. The core ofHASES is a hardware-assisted cryptographic commitment construct oracle (CCO) that permits verifiers to obtain expensive commitments without signer interaction. We created threeHASES schemes:PQ-HASES is a forward-secure PQ signature,LA-HASES is an efficient aggregate Elliptic-Curve signature, andHY-HASES is a novel hybrid scheme that combinesPQ-HASES andLA-HASES with novel strong nesting and sequential aggregation.HASES does not require a secure-hardware on the signer. We prove thatHASES schemes are secure and implemented them on commodity hardware and and 8-bit AVR ATmega2560. Our experiments confirm thatPQ-HASES andLA-HASES are two magnitudes of times more signer efficient than their PQ and conventional-secure counterparts, respectively.HY-HASES outperforms NIST PQC and conventional signature combinations, offering a standard-compliant transitional solution for emerging DTs. We open-sourceHASES schemes for public-testing and adaptation. 
    more » « less
  2. ; (, Symposium on Vehicle Security and Privacy (VehicleSec 2024))
    We showcase PQ-V2Verifier, the first open-source testbed for using NIST-approved post-quantum authentication algorithms in vehicle-to-vehicle (V2V) communications. With hardware in the loop for over-the-air experiments using software-defined radios and commercial V2V devices, we show the potential of PQ-V2Verifier for customizable experiments to evaluate V2V security protocols in safety use cases against attacks enabled by a large quantum computer, as well as novel countermeasures. 
    more » « less
  3. ; ; ; ; (, IEEE International Conference on Communications)
    This paper investigates the resource allocation problem in device-to-device (D2D)-based vehicular communications, based on slow fading statistics of channel state information (CSI), to alleviate signaling overhead for reporting rapidly varying accurate CSI of mobile links. We consider the case when each vehicle-to-infrastructure (V2I) link shares spectrum with multiple vehicle-to-vehicle (V2V) links. Leveraging the slow fading statistical CSI of mobile links, we maximize the sum V2I capacity while guaranteeing the reliability of all V2V links. We propose a graph- based algorithm that uses graph partitioning tools to divide highly interfering V2V links into different clusters before formulating the spectrum sharing problem as a weighted 3-dimensional matching problem, which is then solved through adapting a high-performance approximation algorithm. 
    more » « less
  4. ; (, IEEE Transactions on Intelligent Transportation Systems)
    null (Ed.)
    Internet of Vehicles (IoV) in 5G is regarded as a backbone for intelligent transportation system in smart city, where vehicles are expected to communicate with drivers, with road-side wireless infrastructure, with other vehicles, with traffic signals and different city infrastructure using vehicle-to-vehicle (V2V) and/or vehicle-to-infrastructure (V2I) communications. In IoV, the network topology changes based on drivers' destination, intent or vehicles' movements and road structure on which the vehicles travel. In IoV, vehicles are assumed to be equipped with computing devices to process data, storage devices to store data and communication devices to communicate with other vehicles or with roadside infrastructure (RSI). It is vital to authenticate data in IoV to make sure that legitimate data is being propagated in IoV. Thus, security stands as a vital factor in IoV. The existing literature contains some limitations for robust security in IoV such as high delay introduced by security algorithms, security without privacy, unreliable security and reduced overall communication efficiency. To address these issues, this paper proposes the Elliptic Curve Cryptography (ECC) based Ant Colony Optimization Ad hoc On-demand Distance Vector (ACO-AODV) routing protocol which avoids suspicious vehicles during message dissemination in IoV. Specifically, our proposed protocol comprises three components: i) certificate authority (CA) which maps vehicle's publicly available info such as number plates with cryptographic keys using ECC; ii) malicious vehicle (MV) detection algorithm which works based on trust level calculated using status message interactions; and iii) secure optimal path selection in an adaptive manner based on the intent of communications using ACO-AODV that avoids malicious vehicles. Experimental results illustrate that the proposed approach provides better results than the existing approaches. 
    more » « less
  5. ; ; (, IEEE LCN)
    Cities around the world are increasingly promoting electric vehicles (EV) to reduce and ultimately eliminate greenhouse gas emissions. A huge number of EVs will put unprecedented stress on the power grid. To efficiently serve the increased charging load, these EVs need to be charged in a coordinated fashion. One promising coordination strategy is vehicle-to-vehicle (V2V) charging coordination, enabling EVs to sell their surplus energy in an ad-hoc, peer to peer manner. This paper introduces an Information Centric Networking (ICN)-based protocol to support ad-hoc V2V charging coordination (V2V-CC). Our evaluations demonstrate that V2V-CC can provide added flexibility, fault tolerance, and reduced communication latency than a conventional centralized cloud based approach. We show that V2V-CC can achieve a 93% reduction in protocol completion time compared to a conventional approach. We also show that V2V-CC also works well under extreme packet loss, making it ideal for V2V charging coordination. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email