Scalable Broadcast Authentication for V2V Communication

摘要

Vehicular Ad Hoc Networking (VANET) technology is, at it’s core, the simple idea of outfitting vehicles with wireless data communication equipment for automatic information exchange. This technology is expected to serve as a foundation for a set of novel safety, automation, and infotainment applications. The most prominent among these appli- cations are expected to be driver assistance systems which also support advanced levels of automated driving. These applications stand to benefit from enhanced situational awareness, which is made possible through the cooperative exchange of information about environmental influences and the presence and condition of surrounding vehicles. Wireless networking technology and networking in general are well understood domains in computer science. However, the context of con- nected vehicles and the associated requirements and communication patterns imposes a set of unique challenges, which require solutions that differ from established networking practices. The susceptibility of wireless communication to packet loss and the very high mobility of vehicular communication nodes make VANET technology extremely volatile. At the same time the usage in safety critical applications de- mands very low latency and high availability of the communication infrastructure for frequent information exchange. And on top of these challenges security and privacy need taken into account in the design of the overall communication infrastructure. Classic solutions for stable networks cannot provide optimal performance characteristics under these conditions. The focus of this work is specifically on vehicle-to-vehicle technology (V2V), which is a subset of the more general vehicle-to-anything (V2X) topic. This subset of VANET is concerned with the direct informa- tion exchange among vehicles without the involvement of additional infrastructure, which may or may not be available to vehicles which driving. Direct V2V communication is expected to always be available between vehicle within a safety critical range. Therefore, this commu- nication path is expected to be used to enable the most safety critical applications. The scalability of security solutions for vehicular communication remains an untested aspect of ongoing efforts to bring VANET technol- ogy to the market on a larger scale. Filed operational test projects have started to trial VANET deployments to investigate, but penetration rates are too low to allow for realistic extrapolations of future scala- bility problems. This dissertations contributes to the research efforts that support the development of secure vehicular communication technology through investigations of attributes and solutions for scalable security for V2V broadcast communication. Part II reviews security requirements and provides detailed quan- tifications of performance requirements for security in V2V broadcast communication. These requirements define the solution space for ap- plicable broadcast authentication techniques. Additionally, the review of achievable security and privacy goals enables informed trade-offs between security and privacy in the context of effective and efficient pseudonymity schemes. Finally, an information flow analysis shows the broader need to consider attacker models beyond the classic net- work oriented view, in order to capture the full spectrum of the threat landscape for connected vehicle technology. Part III contributes a study of hardware assisted scalability solutions for the relevant cryptographic algorithms in V2V broadcast authen- tication. This specifically concerns the performance characteristics of dedicated hardware security modules and the feasibility of reaching sufficient performance levels to satisfy the requirements of the expected communication patterns in vehicular environments. A second contri- bution under the topic of hardware assisted scalability solutions is a novel storage systems for pseudonymous identities. An application of Physically Inclinable Functions (PUF) allows for very efficient and secure storage of large sets of private key material, as it is expected to be used for privacy protection on vehicular communication. Part IV contributes detailed simulation studies of the costs and benefits of in-line certificate management in the V2V communication channel with a focus on scalability. The increased communication load due to the inclusion of certificate material can cause availability prob- lems in highly congested situations. Proposals for certificate omission schemes exist, but do not sufficiently take scalability in extremely con- gested situations into account. A novel congestion-based certificate omission scheme is proposed and evaluated in simulation studies. Ad- ditionally, a novel certificate pre-distribution approach is proposed, which is permissible under the assumptions of achievable privacy and can offer enhanced availability during privacy preserving pseudonym changes.