An Anonymous Authentication and Key Agreement Scheme in VANETs

Liu, Jian-You

23 July 2012

Vehicular ad-hoc network (VANETs) has been a hot research topic in recent years. In this environment, each vehicle can broadcast messages to other vehicles and inform drivers to change their route right away in order to enhance the efficiency of driving and to avoid accidents. Since vehicles communicate through wireless tunnel, many malicious attacks may occur during the transmission of messages. Consequently, ensuring the correctness of receiving messages and verifying the authenticity of the sender is necessary. Besides, we also need to protect the real identities of vehicles from revealing to guarantee the privacy. To satisfy these security properties, many related researches have been proposed. However, they all have some drawbacks. For example: 1. The cost of the certificate management and the exposure problem of the certificate. 2. Waiting for RSU to verify the messages: Once more vehicles need RSU, RSU will have much more overhead and it can¡¦t achieve real-time authentication. In this thesis, we come up with an anonymous authentication and key agreement scheme based on chameleon hashing and ID-based cryptography in the vehicular communication environment. In our scheme, every vehicle can generate many different chameleon hash values to represent itself, and others can prove the ownership of chameleon hash value. Furthermore, unlike other pseudonymous authentication schemes, we also achieve one-to-one private communication via ID-based cryptography. Finally, we not only overcome some problems in previous works but also fulfill some necessary security requirements in vehicular communication environment.

VANETs

Anonymous Authentication

ID-based Cryptography

Key Agreement

Chameleon hashing

Authentification in wireless mesh networks with identity-based cryptography / Authentification dans les réseaux maillés sans fils avec la cryptographie basée sur l’identité

Boudguiga, Aymen

10 September 2012

De nos jours, l'authentification dans les réseaux maillés sans fils fait appel aux certificats ou aux secrets partagés. Dans les environnements sans fils, la gestion des certificats est désavantageuse. En effet, les certificats nécessitent le déploiement d'une infrastructure à clés publiques (ICP) et la définition d'une autorité de certification (AC). La AC définit toute une politique qui permet de contrôler la génération, la transmission et la révocation des certificats. Cette politique ne prend pas en considération les limites en termes de puissance et de mémoire que peuvent avoir les stations des clients dans un réseau maillé. Afin de ne pas utiliser les certificats et ne pas déployer une ICP, nous avons étudié dans cette thèse les utilisations possibles de la cryptographie basée sur l’identité (CBI) pour la définition de nouveaux schémas d’authentification pour les réseaux maillés sans fils. La CBI propose de dériver, directement, la clé publique d’une station à partir de son identité. Par conséquent, nous n’avons plus besoin de passer par des certificats pour associer l’identité de la station à sa paire de clés (publique et privée). Par contre, la CBI définit un générateur de clé privée (GCP) qui gère le calcul des clés privées des différentes stations sur le réseau. Par conséquent, ce GCP est capable de réaliser une attaque d’usurpation d’identité (escroc de clés) à l’encontre de toutes les stations légitimes. Pour diminuer le risque de cette attaque, les chercheurs ont tendance à supposer que le GCP est digne de confiance. Dans cette thèse, nous présentons tout d'abord un protocole d'authentification basée sur l’utilisation conjointe d’un mot de passe et de la CBI. En effet, nous proposons d'utiliser le serveur d’authentification de notre réseau maillé comme GCP. Ensuite, nous étudions une liste de mécanismes qui permettent de contrer l’attaque de l’escroc qui caractérise le GCP / Nowadays, authentication in Wireless Mesh Networks (WMNs) refers to IEEE802.1X standard authentication methods or a pre-shared key authentication, and makes use of certificates or shared secrets. In wireless environments, management of certificates is disadvantageous. Certificates require deploying a Public Key Infrastructure (PKI) and a Certification Authority (CA). The CA defines a certificate management policy to control the generation, transmission and revocation of certificates. Management of certificates is a cumbersome task and does not match the limited (power and memory) resources available at wireless nodes. Moreover, it does not match the non permanent connectivity to the CA. In order to get rid of PKI disadvantages, we investigate in this thesis; the use of ID-Based Cryptography (IBC) for authentication in WMNs. IBC proposes to derive an entity public key from its identity directly. As such, IBC avoids the deployment of the PKI and the CA. IBC relies on a Private Key Generator (PKG) for the computation of stations private keys. As such, the PKG is able to impersonate as any station by illegally generating signature or deciphering encrypted traffic. For mitigating that Key Escrow Attack (KEA), a strong assumption is usually made necessary that the PKG is a trustworthy entity. In this thesis, we first present an ID-Based Password Authentication Protocol (IBPAP) that relies on IBC and a shared secret to authenticate mesh station to the network Authentication Server (AS). We propose to use the AS as a PKG. As such, the AS generates the ID-based private key of the supplicant station at the end of a successful authentication. Meanwhile, the supplicant station uses the shared secret to authenticate the AS and its ID-based public parameters. The latter are needed for the good usage of ID-based signature and encryption algorithms. Second, we propose a Key Escrow Resistant ID-Based Authentication Protocol (KERIBAP). That is, we make each supplicant station participate to the generation of its ID-based private key. We show how to change the existing ID-based signature and encryption algorithms to take into consideration the new format of private keys. We discuss also the possibility of distributing the private key generation between a set of ASs in order to avoid the key escrow attack. We verify that our authentication protocols are all secure in the formal model using the protocol verification tool ProVerif. In addition, we discuss their security resistance to some well-known attacks such as replay, collision and denial of service attacks. Finally, we propose some implementation results to confirm IBC advantages compared to PKI. We show how IBC usage reduces the memory consumption of stations

Réseaux maillés

Authentification

Cryptographie basée sur l'identité

EAP

Mesh networks

Authentification

ID-based cryptography

EAP

Authentification dans les réseaux maillés sans fils avec la cryptographie basée sur l'identité

Boudguiga, Aymen

10 September 2012

De nos jours, l'authentification dans les réseaux maillés sans fils fait appel aux certificats ou aux secrets partagés. Dans les environnements sans fils, la gestion des certificats est désavantageuse. En effet, les certificats nécessitent le déploiement d'une infrastructure à clés publiques (ICP) et la définition d'une autorité de certification (AC). La AC définit toute une politique qui permet de contrôler la génération, la transmission et la révocation des certificats. Cette politique ne prend pas en considération les limites en termes de puissance et de mémoire que peuvent avoir les stations des clients dans un réseau maillé. Afin de ne pas utiliser les certificats et ne pas déployer une ICP, nous avons étudié dans cette thèse les utilisations possibles de la cryptographie basée sur l'identité (CBI) pour la définition de nouveaux schémas d'authentification pour les réseaux maillés sans fils. La CBI propose de dériver, directement, la clé publique d'une station à partir de son identité. Par conséquent, nous n'avons plus besoin de passer par des certificats pour associer l'identité de la station à sa paire de clés (publique et privée). Par contre, la CBI définit un générateur de clé privée (GCP) qui gère le calcul des clés privées des différentes stations sur le réseau. Par conséquent, ce GCP est capable de réaliser une attaque d'usurpation d'identité (escroc de clés) à l'encontre de toutes les stations légitimes. Pour diminuer le risque de cette attaque, les chercheurs ont tendance à supposer que le GCP est digne de confiance. Dans cette thèse, nous présentons tout d'abord un protocole d'authentification basée sur l'utilisation conjointe d'un mot de passe et de la CBI. En effet, nous proposons d'utiliser le serveur d'authentification de notre réseau maillé comme GCP. Ensuite, nous étudions une liste de mécanismes qui permettent de contrer l'attaque de l'escroc qui caractérise le GCP.

Mesh networks

AuthentificRéseaux maillés

Authentification

Cryptographie basée sur l'identité

EAPation

ID-based cryptography

EAP

Autenticação e comunicação segura em dispositivos móveis de poder computacional restrito / Authentication and secure communication in mobile devices with restricted computational power

Araujo, Rafael Will Macedo de

31 October 2013

Protocolos de autenticação e de estabelecimento de chaves são peças fundamentais em implementações de segurança para comunicação de dispositivos eletrônicos. Em aplicações que envolvam dispositivos com poder computacional restrito (tais como smartphones ou tablets) comunicando-se com um servidor, é primordial a escolha de protocolos eficientes e que necessitem de uma infraestrutura mais simples. Neste trabalho selecionamos e implementamos protocolos de acordo de chave seguros nos modelos de criptografia de chave pública baseado em identidade (ID-based) e sem certificado (Certificateless) em plataformas com processadores ARM. Comparamos tempos de execução, utilização de memória e uso do canal de comunicação. / Protocols for authentication and key establishment are fundamental parts in security implementations for electronic devices communication. In applications involving devices with limited computational power (such as smartphones and tablets) communicating with a server, the choice of efficient protocols that require a simpler infrastructure is essential. In this work we select and implement secure key agreement protocols in ID-based and Certificateless public key cryptography models on ARM processor platforms. We also compare running times, memory and network usage.

Bilinear pairing

Certificateless cryptography

Criptografia baseada em identidade

Criptografia sem certificado

Criptografia sobre curva elíptica

Dispositivos móveis

Elliptic curve cryptography

Emparelhamento bilinear

ID-based cryptography

Key agreement protocol

Mobile devices

Protocolo de acordo de chave

Autenticação e comunicação segura em dispositivos móveis de poder computacional restrito / Authentication and secure communication in mobile devices with restricted computational power

Rafael Will Macedo de Araujo

31 October 2013

Protocolos de autenticação e de estabelecimento de chaves são peças fundamentais em implementações de segurança para comunicação de dispositivos eletrônicos. Em aplicações que envolvam dispositivos com poder computacional restrito (tais como smartphones ou tablets) comunicando-se com um servidor, é primordial a escolha de protocolos eficientes e que necessitem de uma infraestrutura mais simples. Neste trabalho selecionamos e implementamos protocolos de acordo de chave seguros nos modelos de criptografia de chave pública baseado em identidade (ID-based) e sem certificado (Certificateless) em plataformas com processadores ARM. Comparamos tempos de execução, utilização de memória e uso do canal de comunicação. / Protocols for authentication and key establishment are fundamental parts in security implementations for electronic devices communication. In applications involving devices with limited computational power (such as smartphones and tablets) communicating with a server, the choice of efficient protocols that require a simpler infrastructure is essential. In this work we select and implement secure key agreement protocols in ID-based and Certificateless public key cryptography models on ARM processor platforms. We also compare running times, memory and network usage.

Criptografia baseada em identidade

Criptografia sem certificado

Criptografia sobre curva elíptica

Dispositivos móveis

Emparelhamento bilinear

Protocolo de acordo de chave

Bilinear pairing

Certificateless cryptography

Elliptic curve cryptography

ID-based cryptography

Key agreement protocol

Mobile devices