Privacy-Preserving Method for Temporarily Linking/Revoking Pseudonym Certificates in VANETs

Vehicular communication (V2X) technologies are expected to become increasingly common in the future. Although they enable improvements on transportation safety and efficiency, the large scale deployment of V2X requires addressing some challenges. In particular, to prevent abuse by drivers and by the...

Full description

Saved in:
Bibliographic Details
Main Authors: Simplicio Junior, Marcos Antonio, Lopes Cominetti, Eduardo, Kupwade Patil, Harsh, Ricardini, Jefferson, Ferraz, Leonardo, Silva, Marcos Vinicius
Format: Conference Proceeding
Language:English
Subjects:
Conferences
Couplings
linkability
Principal component analysis
Privacy
Proposals
pseudonym certificates
revocable privacy
Safety
SCMS
Security
Vehicular communications
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by
cites
container_end_page 1329
container_issue
container_start_page 1322
container_title
container_volume
creator Simplicio Junior, Marcos Antonio
Lopes Cominetti, Eduardo
Kupwade Patil, Harsh
Ricardini, Jefferson
Ferraz, Leonardo
Silva, Marcos Vinicius
description Vehicular communication (V2X) technologies are expected to become increasingly common in the future. Although they enable improvements on transportation safety and efficiency, the large scale deployment of V2X requires addressing some challenges. In particular, to prevent abuse by drivers and by the system itself, V2X architectures must: (1) ensure the authenticity of messages, which is usually accomplished by means of digital certification; and (2) preserve the privacy of honest users, so owners of non-revoked certificates cannot be easily identified or tracked by eavesdroppers. A promising design to address these requirements is the Security Credential Management System (SCMS), which is currently among the main candidates for protecting V2X communications in the United States. Even though SCMS provides efficient, scalable and privacy-preserving mechanisms for managing V2X-oriented certificates, in this paper we show that it can be further enhanced. Namely, we present two birthday attacks against SCMS's certificate revocation process, both of which degrade the system's security as time passes and more certificates are revoked. We then describe an alternative design to prevent such security degradation with minimal computational overhead. In complement to these security gains, we also describe a mechanism for improving the flexibility of revocation, allowing certificates (as well as their owner's privacy) to be temporarily revoked in an efficient manner. This functionality is useful, for example, to implement suspension mechanisms or to aid in investigations by law-enforcement authorities.
doi_str_mv 10.1109/TrustCom/BigDataSE.2018.00182
format conference_proceeding
fullrecord <record><control><sourceid>ieee_CHZPO</sourceid><recordid>TN_cdi_ieee_primary_8456051</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>8456051</ieee_id><sourcerecordid>8456051</sourcerecordid><originalsourceid>FETCH-LOGICAL-i175t-dc0d3bd70a329956870d6edfe7fbc997196a4f01bdcff102119c6d652453e8153</originalsourceid><addsrcrecordid>eNotj11LwzAYhaMgOOd-gTe58bJbPpo0uZx1fsDUoVUEL0bavJnRtR1JV-i_d6I35zxw4IGD0CUlU0qJnhVhH7u8rWdXfnNtOvOymDJC1ZQcgh2hMyq4kilX6v0YjRhnaaIJ5adoEuMXIYRJlSohRuhjFXxvqiFZBYgQet9s8AN0n63Frg24gHrXBhP8dsBL33wf5tkz9O0v4FWEvW2bocY5hM47X5kOIvYNfps_Lop4jk6c2UaY_PcYvd4sivwuWT7d3ufzZeJpJrrEVsTy0mbEcKa1kCojVoJ1kLmy0jqjWprUEVrayjlKGKW6klYKlgoO6nB0jC7-vB4A1rvgaxOGtUqFJILyH8Y_WM4</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>Privacy-Preserving Method for Temporarily Linking/Revoking Pseudonym Certificates in VANETs</title><source>IEEE Xplore All Conference Series</source><creator>Simplicio Junior, Marcos Antonio ; Lopes Cominetti, Eduardo ; Kupwade Patil, Harsh ; Ricardini, Jefferson ; Ferraz, Leonardo ; Silva, Marcos Vinicius</creator><creatorcontrib>Simplicio Junior, Marcos Antonio ; Lopes Cominetti, Eduardo ; Kupwade Patil, Harsh ; Ricardini, Jefferson ; Ferraz, Leonardo ; Silva, Marcos Vinicius</creatorcontrib><description>Vehicular communication (V2X) technologies are expected to become increasingly common in the future. Although they enable improvements on transportation safety and efficiency, the large scale deployment of V2X requires addressing some challenges. In particular, to prevent abuse by drivers and by the system itself, V2X architectures must: (1) ensure the authenticity of messages, which is usually accomplished by means of digital certification; and (2) preserve the privacy of honest users, so owners of non-revoked certificates cannot be easily identified or tracked by eavesdroppers. A promising design to address these requirements is the Security Credential Management System (SCMS), which is currently among the main candidates for protecting V2X communications in the United States. Even though SCMS provides efficient, scalable and privacy-preserving mechanisms for managing V2X-oriented certificates, in this paper we show that it can be further enhanced. Namely, we present two birthday attacks against SCMS's certificate revocation process, both of which degrade the system's security as time passes and more certificates are revoked. We then describe an alternative design to prevent such security degradation with minimal computational overhead. In complement to these security gains, we also describe a mechanism for improving the flexibility of revocation, allowing certificates (as well as their owner's privacy) to be temporarily revoked in an efficient manner. This functionality is useful, for example, to implement suspension mechanisms or to aid in investigations by law-enforcement authorities.</description><identifier>EISSN: 2324-9013</identifier><identifier>EISBN: 153864388X</identifier><identifier>EISBN: 9781538643884</identifier><identifier>DOI: 10.1109/TrustCom/BigDataSE.2018.00182</identifier><identifier>CODEN: IEEPAD</identifier><language>eng</language><publisher>IEEE</publisher><subject>Conferences ; Couplings ; linkability ; Principal component analysis ; Privacy ; Proposals ; pseudonym certificates ; revocable privacy ; Safety ; SCMS ; Security ; Vehicular communications</subject><ispartof>2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), 2018, p.1322-1329</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/8456051$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,780,784,789,790,23929,23930,25139,27924,54554,54931</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/8456051$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Simplicio Junior, Marcos Antonio</creatorcontrib><creatorcontrib>Lopes Cominetti, Eduardo</creatorcontrib><creatorcontrib>Kupwade Patil, Harsh</creatorcontrib><creatorcontrib>Ricardini, Jefferson</creatorcontrib><creatorcontrib>Ferraz, Leonardo</creatorcontrib><creatorcontrib>Silva, Marcos Vinicius</creatorcontrib><title>Privacy-Preserving Method for Temporarily Linking/Revoking Pseudonym Certificates in VANETs</title><title>2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE)</title><addtitle>TrustCom</addtitle><description>Vehicular communication (V2X) technologies are expected to become increasingly common in the future. Although they enable improvements on transportation safety and efficiency, the large scale deployment of V2X requires addressing some challenges. In particular, to prevent abuse by drivers and by the system itself, V2X architectures must: (1) ensure the authenticity of messages, which is usually accomplished by means of digital certification; and (2) preserve the privacy of honest users, so owners of non-revoked certificates cannot be easily identified or tracked by eavesdroppers. A promising design to address these requirements is the Security Credential Management System (SCMS), which is currently among the main candidates for protecting V2X communications in the United States. Even though SCMS provides efficient, scalable and privacy-preserving mechanisms for managing V2X-oriented certificates, in this paper we show that it can be further enhanced. Namely, we present two birthday attacks against SCMS's certificate revocation process, both of which degrade the system's security as time passes and more certificates are revoked. We then describe an alternative design to prevent such security degradation with minimal computational overhead. In complement to these security gains, we also describe a mechanism for improving the flexibility of revocation, allowing certificates (as well as their owner's privacy) to be temporarily revoked in an efficient manner. This functionality is useful, for example, to implement suspension mechanisms or to aid in investigations by law-enforcement authorities.</description><subject>Conferences</subject><subject>Couplings</subject><subject>linkability</subject><subject>Principal component analysis</subject><subject>Privacy</subject><subject>Proposals</subject><subject>pseudonym certificates</subject><subject>revocable privacy</subject><subject>Safety</subject><subject>SCMS</subject><subject>Security</subject><subject>Vehicular communications</subject><issn>2324-9013</issn><isbn>153864388X</isbn><isbn>9781538643884</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2018</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><recordid>eNotj11LwzAYhaMgOOd-gTe58bJbPpo0uZx1fsDUoVUEL0bavJnRtR1JV-i_d6I35zxw4IGD0CUlU0qJnhVhH7u8rWdXfnNtOvOymDJC1ZQcgh2hMyq4kilX6v0YjRhnaaIJ5adoEuMXIYRJlSohRuhjFXxvqiFZBYgQet9s8AN0n63Frg24gHrXBhP8dsBL33wf5tkz9O0v4FWEvW2bocY5hM47X5kOIvYNfps_Lop4jk6c2UaY_PcYvd4sivwuWT7d3ufzZeJpJrrEVsTy0mbEcKa1kCojVoJ1kLmy0jqjWprUEVrayjlKGKW6klYKlgoO6nB0jC7-vB4A1rvgaxOGtUqFJILyH8Y_WM4</recordid><startdate>201808</startdate><enddate>201808</enddate><creator>Simplicio Junior, Marcos Antonio</creator><creator>Lopes Cominetti, Eduardo</creator><creator>Kupwade Patil, Harsh</creator><creator>Ricardini, Jefferson</creator><creator>Ferraz, Leonardo</creator><creator>Silva, Marcos Vinicius</creator><general>IEEE</general><scope>6IE</scope><scope>6IL</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIL</scope></search><sort><creationdate>201808</creationdate><title>Privacy-Preserving Method for Temporarily Linking/Revoking Pseudonym Certificates in VANETs</title><author>Simplicio Junior, Marcos Antonio ; Lopes Cominetti, Eduardo ; Kupwade Patil, Harsh ; Ricardini, Jefferson ; Ferraz, Leonardo ; Silva, Marcos Vinicius</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i175t-dc0d3bd70a329956870d6edfe7fbc997196a4f01bdcff102119c6d652453e8153</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2018</creationdate><topic>Conferences</topic><topic>Couplings</topic><topic>linkability</topic><topic>Principal component analysis</topic><topic>Privacy</topic><topic>Proposals</topic><topic>pseudonym certificates</topic><topic>revocable privacy</topic><topic>Safety</topic><topic>SCMS</topic><topic>Security</topic><topic>Vehicular communications</topic><toplevel>online_resources</toplevel><creatorcontrib>Simplicio Junior, Marcos Antonio</creatorcontrib><creatorcontrib>Lopes Cominetti, Eduardo</creatorcontrib><creatorcontrib>Kupwade Patil, Harsh</creatorcontrib><creatorcontrib>Ricardini, Jefferson</creatorcontrib><creatorcontrib>Ferraz, Leonardo</creatorcontrib><creatorcontrib>Silva, Marcos Vinicius</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEL</collection><collection>IEEE Proceedings Order Plans (POP All) 1998-Present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Simplicio Junior, Marcos Antonio</au><au>Lopes Cominetti, Eduardo</au><au>Kupwade Patil, Harsh</au><au>Ricardini, Jefferson</au><au>Ferraz, Leonardo</au><au>Silva, Marcos Vinicius</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Privacy-Preserving Method for Temporarily Linking/Revoking Pseudonym Certificates in VANETs</atitle><btitle>2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE)</btitle><stitle>TrustCom</stitle><date>2018-08</date><risdate>2018</risdate><spage>1322</spage><epage>1329</epage><pages>1322-1329</pages><eissn>2324-9013</eissn><eisbn>153864388X</eisbn><eisbn>9781538643884</eisbn><coden>IEEPAD</coden><abstract>Vehicular communication (V2X) technologies are expected to become increasingly common in the future. Although they enable improvements on transportation safety and efficiency, the large scale deployment of V2X requires addressing some challenges. In particular, to prevent abuse by drivers and by the system itself, V2X architectures must: (1) ensure the authenticity of messages, which is usually accomplished by means of digital certification; and (2) preserve the privacy of honest users, so owners of non-revoked certificates cannot be easily identified or tracked by eavesdroppers. A promising design to address these requirements is the Security Credential Management System (SCMS), which is currently among the main candidates for protecting V2X communications in the United States. Even though SCMS provides efficient, scalable and privacy-preserving mechanisms for managing V2X-oriented certificates, in this paper we show that it can be further enhanced. Namely, we present two birthday attacks against SCMS's certificate revocation process, both of which degrade the system's security as time passes and more certificates are revoked. We then describe an alternative design to prevent such security degradation with minimal computational overhead. In complement to these security gains, we also describe a mechanism for improving the flexibility of revocation, allowing certificates (as well as their owner's privacy) to be temporarily revoked in an efficient manner. This functionality is useful, for example, to implement suspension mechanisms or to aid in investigations by law-enforcement authorities.</abstract><pub>IEEE</pub><doi>10.1109/TrustCom/BigDataSE.2018.00182</doi><tpages>8</tpages></addata></record>
fulltext fulltext_linktorsrc
identifier EISSN: 2324-9013
ispartof 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), 2018, p.1322-1329
issn 2324-9013
language eng
recordid cdi_ieee_primary_8456051
source IEEE Xplore All Conference Series
subjects Conferences
Couplings
linkability
Principal component analysis
Privacy
Proposals
pseudonym certificates
revocable privacy
Safety
SCMS
Security
Vehicular communications
title Privacy-Preserving Method for Temporarily Linking/Revoking Pseudonym Certificates in VANETs
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-13T09%3A39%3A58IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_CHZPO&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Privacy-Preserving%20Method%20for%20Temporarily%20Linking/Revoking%20Pseudonym%20Certificates%20in%20VANETs&rft.btitle=2018%2017th%20IEEE%20International%20Conference%20On%20Trust,%20Security%20And%20Privacy%20In%20Computing%20And%20Communications/%2012th%20IEEE%20International%20Conference%20On%20Big%20Data%20Science%20And%20Engineering%20(TrustCom/BigDataSE)&rft.au=Simplicio%20Junior,%20Marcos%20Antonio&rft.date=2018-08&rft.spage=1322&rft.epage=1329&rft.pages=1322-1329&rft.eissn=2324-9013&rft.coden=IEEPAD&rft_id=info:doi/10.1109/TrustCom/BigDataSE.2018.00182&rft.eisbn=153864388X&rft.eisbn_list=9781538643884&rft_dat=%3Cieee_CHZPO%3E8456051%3C/ieee_CHZPO%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-i175t-dc0d3bd70a329956870d6edfe7fbc997196a4f01bdcff102119c6d652453e8153%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=8456051&rfr_iscdi=true