A Scheme for Distributed Vehicle Authentication and Revocation in Decentralized VANETs

Sujash NASKAR; Carlo BRUNETTA; Gerhard HANCKE; Tingting ZHANG; Mikael GIDLUND

doi:10.1109/ACCESS.2024.3400530

A Scheme for Distributed Vehicle Authentication and Revocation in Decentralized VANETs

Sujash NASKAR^*, Carlo BRUNETTA, Gerhard HANCKE, Tingting ZHANG, Mikael GIDLUND

^*Corresponding author for this work

Department of Computer Science

Research output: Journal Publications and Reviews › RGC 21 - Publication in refereed journal › peer-review

6 Citations (Scopus)

23 Downloads (CityUHK Scholars)

Abstract

Vehicular Ad-Hoc Networks (VANETs) offer enhanced road safety, efficient traffic management, and improved vehicle connectivity while dealing with privacy and security challenges in public communication. In these networks, authentication mechanisms are mandatory to establish trust among communicating entities, such as vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I), without losing identity and location-based privacy. The prevailing conventional authentication mechanisms frequently depend on a centralized trust authority (CA) to ensure the mutual verifiability of transmitted messages. Nevertheless, in scenarios where the density of vehicles within the network is notably high, an overwhelming influx of authentication requests may result in a communication bottleneck at the CA, leading to a single point of failure. This paper proposes a novel distributed authentication scheme in a decentralized VANET with multiple independent CAs connected to multiple local inspectors to eliminate a single point of failure. Furthermore, prior solutions lack the capability to immediately revoke a disputed vehicle that is transmitting malicious messages in the network. In this regard, the proposed scheme also facilitates an immediate revocation of a disputed sender to prevent other vehicles from further receiving malicious messages. As vehicles share time-sensitive data for driving assistance, our scheme minimizes the computation and communication costs for V2I key sharing and direct V2V authenticated message sharing significantly compared to previously proposed schemes. Using comparatively lightweight elliptic curve cryptography and eliminating the direct involvement of CAs in the authentication process, we have reduced the overall delays and achieved a maximum of ≈ 3.9 times faster V2I authenticated key sharing, and a maximum of ≈ 7.5 times faster V2V message sharing compared to state-of-the-art bilinear pairing-based protocols. A comprehensive efficiency analysis validates our scheme’s ability to outperform time-sensitive responses, such as sending and receiving an alert within nearly 4 milliseconds. © 2024 The Authors.

Original language	English
Pages (from-to)	68648-68667
Number of pages	20
Journal	IEEE Access
Volume	12
Online published	13 May 2024
DOIs	https://doi.org/10.1109/ACCESS.2024.3400530
Publication status	Published - 2024

Research Keywords

Authentication
Data privacy
Delays
Digital signatures
Elliptic curve cryptography
Elliptic Curve Digital Signatures (ECDSA)
Privacy
Privacy-preserving authentication
Protocols
Revocation
Security
Security attacks on VANET
Single point of failure
Vehicular ad hoc networks
Vehicular Ad-Hoc Networks (VANETs)

Publisher's Copyright Statement

This full text is made available under CC-BY-NC-ND 4.0. https://creativecommons.org/licenses/by-nc-nd/4.0/

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

Access Output

10.1109/ACCESS.2024.3400530

221419121.pdfFinal Published version, 1.6 MBLicence: CC BY-NC-ND

Other Access Options

Check CityUHK Library

Permanent Link

Right click to copy link

Cite this

@article{ee6a8d3b24664b53838482b2a570ecb2,

title = "A Scheme for Distributed Vehicle Authentication and Revocation in Decentralized VANETs",

abstract = "Vehicular Ad-Hoc Networks (VANETs) offer enhanced road safety, efficient traffic management, and improved vehicle connectivity while dealing with privacy and security challenges in public communication. In these networks, authentication mechanisms are mandatory to establish trust among communicating entities, such as vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I), without losing identity and location-based privacy. The prevailing conventional authentication mechanisms frequently depend on a centralized trust authority (CA) to ensure the mutual verifiability of transmitted messages. Nevertheless, in scenarios where the density of vehicles within the network is notably high, an overwhelming influx of authentication requests may result in a communication bottleneck at the CA, leading to a single point of failure. This paper proposes a novel distributed authentication scheme in a decentralized VANET with multiple independent CAs connected to multiple local inspectors to eliminate a single point of failure. Furthermore, prior solutions lack the capability to immediately revoke a disputed vehicle that is transmitting malicious messages in the network. In this regard, the proposed scheme also facilitates an immediate revocation of a disputed sender to prevent other vehicles from further receiving malicious messages. As vehicles share time-sensitive data for driving assistance, our scheme minimizes the computation and communication costs for V2I key sharing and direct V2V authenticated message sharing significantly compared to previously proposed schemes. Using comparatively lightweight elliptic curve cryptography and eliminating the direct involvement of CAs in the authentication process, we have reduced the overall delays and achieved a maximum of ≈ 3.9 times faster V2I authenticated key sharing, and a maximum of ≈ 7.5 times faster V2V message sharing compared to state-of-the-art bilinear pairing-based protocols. A comprehensive efficiency analysis validates our scheme{\textquoteright}s ability to outperform time-sensitive responses, such as sending and receiving an alert within nearly 4 milliseconds. {\textcopyright} 2024 The Authors.",

keywords = "Authentication, Data privacy, Delays, Digital signatures, Elliptic curve cryptography, Elliptic Curve Digital Signatures (ECDSA), Privacy, Privacy-preserving authentication, Protocols, Revocation, Security, Security attacks on VANET, Single point of failure, Vehicular ad hoc networks, Vehicular Ad-Hoc Networks (VANETs)",

author = "Sujash NASKAR and Carlo BRUNETTA and Gerhard HANCKE and Tingting ZHANG and Mikael GIDLUND",

year = "2024",

doi = "10.1109/ACCESS.2024.3400530",

language = "English",

volume = "12",

pages = "68648--68667",

journal = "IEEE Access",

issn = "2169-3536",

publisher = "IEEE",

}

TY - JOUR

T1 - A Scheme for Distributed Vehicle Authentication and Revocation in Decentralized VANETs

AU - NASKAR, Sujash

AU - BRUNETTA, Carlo

AU - HANCKE, Gerhard

AU - ZHANG, Tingting

AU - GIDLUND, Mikael

PY - 2024

Y1 - 2024

N2 - Vehicular Ad-Hoc Networks (VANETs) offer enhanced road safety, efficient traffic management, and improved vehicle connectivity while dealing with privacy and security challenges in public communication. In these networks, authentication mechanisms are mandatory to establish trust among communicating entities, such as vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I), without losing identity and location-based privacy. The prevailing conventional authentication mechanisms frequently depend on a centralized trust authority (CA) to ensure the mutual verifiability of transmitted messages. Nevertheless, in scenarios where the density of vehicles within the network is notably high, an overwhelming influx of authentication requests may result in a communication bottleneck at the CA, leading to a single point of failure. This paper proposes a novel distributed authentication scheme in a decentralized VANET with multiple independent CAs connected to multiple local inspectors to eliminate a single point of failure. Furthermore, prior solutions lack the capability to immediately revoke a disputed vehicle that is transmitting malicious messages in the network. In this regard, the proposed scheme also facilitates an immediate revocation of a disputed sender to prevent other vehicles from further receiving malicious messages. As vehicles share time-sensitive data for driving assistance, our scheme minimizes the computation and communication costs for V2I key sharing and direct V2V authenticated message sharing significantly compared to previously proposed schemes. Using comparatively lightweight elliptic curve cryptography and eliminating the direct involvement of CAs in the authentication process, we have reduced the overall delays and achieved a maximum of ≈ 3.9 times faster V2I authenticated key sharing, and a maximum of ≈ 7.5 times faster V2V message sharing compared to state-of-the-art bilinear pairing-based protocols. A comprehensive efficiency analysis validates our scheme’s ability to outperform time-sensitive responses, such as sending and receiving an alert within nearly 4 milliseconds. © 2024 The Authors.

AB - Vehicular Ad-Hoc Networks (VANETs) offer enhanced road safety, efficient traffic management, and improved vehicle connectivity while dealing with privacy and security challenges in public communication. In these networks, authentication mechanisms are mandatory to establish trust among communicating entities, such as vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I), without losing identity and location-based privacy. The prevailing conventional authentication mechanisms frequently depend on a centralized trust authority (CA) to ensure the mutual verifiability of transmitted messages. Nevertheless, in scenarios where the density of vehicles within the network is notably high, an overwhelming influx of authentication requests may result in a communication bottleneck at the CA, leading to a single point of failure. This paper proposes a novel distributed authentication scheme in a decentralized VANET with multiple independent CAs connected to multiple local inspectors to eliminate a single point of failure. Furthermore, prior solutions lack the capability to immediately revoke a disputed vehicle that is transmitting malicious messages in the network. In this regard, the proposed scheme also facilitates an immediate revocation of a disputed sender to prevent other vehicles from further receiving malicious messages. As vehicles share time-sensitive data for driving assistance, our scheme minimizes the computation and communication costs for V2I key sharing and direct V2V authenticated message sharing significantly compared to previously proposed schemes. Using comparatively lightweight elliptic curve cryptography and eliminating the direct involvement of CAs in the authentication process, we have reduced the overall delays and achieved a maximum of ≈ 3.9 times faster V2I authenticated key sharing, and a maximum of ≈ 7.5 times faster V2V message sharing compared to state-of-the-art bilinear pairing-based protocols. A comprehensive efficiency analysis validates our scheme’s ability to outperform time-sensitive responses, such as sending and receiving an alert within nearly 4 milliseconds. © 2024 The Authors.

KW - Authentication

KW - Data privacy

KW - Delays

KW - Digital signatures

KW - Elliptic curve cryptography

KW - Elliptic Curve Digital Signatures (ECDSA)

KW - Privacy

KW - Privacy-preserving authentication

KW - Protocols

KW - Revocation

KW - Security

KW - Security attacks on VANET

KW - Single point of failure

KW - Vehicular ad hoc networks

KW - Vehicular Ad-Hoc Networks (VANETs)

UR - http://www.scopus.com/inward/record.url?scp=85193230332&partnerID=8YFLogxK

UR - https://www.scopus.com/record/pubmetrics.uri?eid=2-s2.0-85193230332&origin=recordpage

U2 - 10.1109/ACCESS.2024.3400530

DO - 10.1109/ACCESS.2024.3400530

M3 - RGC 21 - Publication in refereed journal

SN - 2169-3536

VL - 12

SP - 68648

EP - 68667

JO - IEEE Access

JF - IEEE Access

ER -

A Scheme for Distributed Vehicle Authentication and Revocation in Decentralized VANETs

Abstract

Research Keywords

Publisher's Copyright Statement

UN SDGs

Access Output

Other Access Options

Permanent Link

Other Files and Links

Fingerprint

Cite this