The road to a successful introduction of vehicular communications has to pass through the analysis of potential security threats and the design of a robust security architecture able to cope with these threats. In this paper, we undertake this challenge. In addition to providing a survey of related academic and industrial efforts, we also outline several open problems.

The deployment of vehicular communication (VC) systems is strongly dependent on their security and privacy features. In this paper, we propose a security architecture for VC. The primary objectives of the architecture include the management of identities and cryptographic keys, the security of communications, and the integration of privacy enhancing technologies. Our design approach aims at a system that relies on well-understood components which can be upgraded to provide enhanced security and privacy protection in the future. This effort is undertaken by SeVeCom (http://www.sevecom.org), a transversal project providing security and privacy enhancing mechanisms compatible with the VC technologies currently under development by all EU funded projects.

Vehicular networks (VNs) are emerging, among civilian applications, as a convincing instantiation of the mobile networking technology. However, security is a critical factor and a significant challenge to be met. Misbehaving or faulty network nodes have to be detected and prevented from disrupting network operation, a problem particularly hard to address in the life-critical VN environment. Existing networks rely mainly on node certificate revocation for attacker eviction, but the lack of an omnipresent infrastructure in VNs may unacceptably delay the retrieval of the most recent and relevant revocation information; this will especially be the case in the early deployment stages of such a highly volatile and large-scale system. In this paper, we address this specific problem. We propose protocols, as components of a framework, for the identification and local containment of misbehaving or faulty nodes, and then for their eviction from the system. We tailor our design to the VN characteristics and analyze our system. Our results show that the distributed approach to contain nodes and contribute to their eviction is efficiently feasible and achieves a sufficient level of robustness.

Among civilian communication systems, vehicular networks emerge as one of the most convincing and yet most challenging instantiations of the mobile ad hoc networking technology. Towards the deployment of vehicular communication systems, security and privacy are critical factors and significant challenges to be met. Thanks to the substantial research efforts carried out by the community so far, we make the following contributions in this paper: we outline security requirements for vehicular communication systems, we provide models for the system and the communication, as well as models for the adversaries, and propose a set of design principles for future security and privacy solutions for vehicular communication systems.

Abstract: This article proposes a security authentication process that is well-suited for Vehicular Ad-hoc Networks (VANET). As compared to current Public Key Infrastructure (PKI) proposals for VANET authentication, the scheme is significantly more efficient with regard to bandwidth and computation. The scheme uses time as the creator of asymmetric knowledge. A sender creates a long chain of keys. Each key is used for only a short period of time to sign messages. When a key expires, it is publicly revealed, and then never again used. (The sender subsequently uses the next key in its chain to sign future messages.) Upon receiving a revealed key, recipients authenticate previously received messages. The root of a sender’s keychain is given in a certificate signed by an authority. This article describes several possible certificate exchange methods. It also addresses privacy issues in VANET, specifically the tension between anonymity and the ability to revoke certificates. 1

Abstract. We propose a security architecture that provides two fundamental security services for VANETS: i) non-repudiation and ii) privacy enhancement. Due to a new PKI concept, referred to as PKI+, users are autonomous in deriving public keys, certificates and pseudonyms which minimizes the communication to the certificate authority. Security techniques are supported on all layers of the protocol stack. In particular we show how to link the PKI+ concepts to solutions for routing in vehicleto-vehicle and vehicle-to-infrastructure communication. 1 Vehicular communication Vehicular Ad Hoc Networks (VANETs) currently seem to be one of the civilian ad hoc network applications which are most relevant due to their impact to market. A set of nearly 50 applications have been submitted by major car manufacturers BMW, Daimler-Chrysler, Ford, and GM which are based on Dedicated Short Range Communication (DSRC) technology [1]. The applications are roughly classified into public safety and private applications. Public safety applications

Vehicular ad-hoc networks present great opportunity for information exchange and equal opportunity for abuse. Validating traffic information without imposing significant communication overheads is a hard problem. In this paper, we propose a solution for validating aggregated data. The main idea is to use random checks to probabilistically catch the attacker, and thereby discourage attacks in the network. Our solution relies on PKI based authentication and assumes a tamper-proof service in each car to carry out certain secure operations such as signing and timestamping. We try to keep the set of secure operations as small as possible, in accordance with the principle of economy of mechanism. We show that our solution provides security without significant communication overheads. 1.

Vehicle position is one of the most valuable pieces of information in a Vehicular Adhoc NETwork (VANET). The main contribution of this work is a novel approach to enhancing position security in VANETs. We achieve local security by enlisting the help of on-board radar to detect neighboring vehicles and to confirm their announced coordinates. Local security is extended to achieve global security by using preset position-based groups to create a communication network and by using a dynamic challenging mechanism to confirm remote position information. Our solution is predicated on the widely accepted assumption that the vast majority of vehicles are honest and behave responsively. Extensive simulations confirm the quality of the proposed solution by measuring how fast compromised vehicles can be detected under various conditions.

Abstract — Security and privacy are two integrated issues in deploying vehicular networks. Privacy-preserving authentication is a key technique in addressing these two issues. We propose a random key-set based authentication protocol to preserve user privacy during authentication. The proposed protocol can preserve user privacy under the zero-trust policy, in which no central authority is trusted with the user privacy. We show that the protocol can efficiently authenticate users without compromising their privacy with theoretical analysis. Malicious user identification and key revocation are also described. I.

Abstract. Vehicular ad hoc networks (VANETs) are the technical basis of an envisioned Intelligent transportation system. They offer a wide range of applications improving road safety and driving comfort. Since VANET applications affect safety-of-life, data security in a vehicular system is mandatory. The unique characteristics of VANETs compared to conventional mobile ad hoc networks and sensor networks pose particular challenges for a security solution for vehicular environment. For secure routing a number of approaches exist that have been designed for different environments and security objectives, mostly extending wellknown ad hoc routing protocols. This report systematically reviews the existing solutions and describes them on a comparable level of abstraction. Then, the report compares the solutions with respect to applied security mechanisms and performance criteria. Finally, it analyzes whether the features of the selected approaches meet VANETs requirements. From a high-level perspective the main security objectives (authentication, integrity, potentially non-repudiation) of the reviewed proposals fit well to the potential requirements of secure VANET routing. Since future VANET routing will likely be based on a specific routing protocol that utilizes positions of forwarding, additional security countermeasures are needed. These include mechanisms to ensure location privacy, to protect beaconing and location service as part of the routing protocol, and to prevent specific attacks that exploit the positions carried in data packets. These aspects necessitate the design of a unique security solution for VANETs. Nevertheless, it can also be concluded from analysis of the VANET characteristics that some aspects aid a security solution, such as less power and processing constraints, central registrations and periodic technical inspections, as well as existing law enforcement procedures. 1 ⋆ Also with Universidade de Aveiro, Instituto Telecomunicações, Portugal.