SPATA: Strong Pseudonym-Based AuthenTicAtion in Intelligent Transport System

Qazi Ejaz Ali, Naveed Ahmad, Abdul Haseeb Malik, Gauhar Ali, Muhammad Asif, Muhammad Khalid, Yue Cao
2018 IEEE Access  
Intelligent Transport System (ITS) is generally deployed to improve road safety, comfort, security, and traffic efficiency. A robust mechanism of authentication and secure communication is required to protect privacy and conditional resolution of pseudonyms to revoke malicious vehicles. In a typical ITS framework, a station can be a vehicle, Road Side Unit (RSU), or a server that can participate in communication. During authentication, the real identity of an Intelligent Transport
more » ... (ITS-S), referred to as a vehiclečň should not be revealed in order to preserve its privacy. In this paper, we propose a Strong Pseudonym based AutenTicAtion (SPATA) framework for preserving the real identity of vehicles. The distributed architecture of SPATA allows vehicles to generate pseudonyms in a very private and secure way. In the absence of a distributed architecture, the privacy cannot be preserved by storing information regarding vehicles in a single location. Therefore, the concept of linkability of certificates based on single authority is eliminated. This is done by keeping the real identity to pseudonym mappings distributed. Furthermore, the size of the Certificate Revocation List (CRL) is kept small, as only the most recent revoked communication pseudonyms are kept in the CRL. The privacy of the vehicle is preserved during the revocation and resolution phase through the distributed mechanism. Empirical results show that SPATA is a lightweight framework with low computational overhead, average latency, overhead ratio, and stable delivery ratio, in both sparse and dense network scenarios. , IEEE Access ss FIGURE 1: ITS communication architecture warnings, slow vehicle indications, lane change messages, emergency brakes, traffic condition warning messages, on the road or roadside stationary vehicles (accident or vehicle problem), road work messages, hazardous locations, wind, and visibility warnings. ITS applications are mainly divided into road safety, traffic efficiency, and infotainment applications [7] . Infotainment or miscellaneous applications include advertised services such as public transport information, point of interest advertisements/notifications, parking facilities, media downloading, local electronic commerce, fleet management, financial services, real time traffic conditions, and insurance. One of the building blocks of ITS is Vehicular Ad hoc Networks (VANETs) [8] . In VANETs, like other wireless networks, there exist attacks that jeopardize a vehicle's privacy. False information can be used by an attacker to collect users' private data and their location [9] . To protect legitimate users' in VANETs from attackers, privacy and security techniques must be in place. The IEEE 1609.2 standard addresses security issues in VANETs [10] . According to this standard, a Certificate Authority (CA) issues digital certificates to each vehicle in ITS. In case of a malicious behavior, the vehicle's certificates may be revoked. In ITS, both location and identity privacy is needed to avoid unethical usage by malicious ITS-S. The author [11] demonstrated privacy in degree levels that is different for every application. Applications that use CAMs for communication need conditional anonymity. In the case of a malicious activity, the malicious vehicle should be revoked. Applications that use infotainment services require privacy from low to high degree. For instance, if an ITS user is getting public transport information, it requires low privacy. Vehicles broadcast beacons (also known as safety messages) periodically, in order to inform other vehicles about its current speed, direction, and position. Unfortunately, eaves-2 VOLUME , 2018 2169-3536 (c)
doi:10.1109/access.2018.2883134 fatcat:yglv22qgdfctlkulmxlm2jwvha