How to construct random functions
Journal of the ACM (JACM)
Applied cryptography (2nd ed.): protocols, algorithms, and source code in C
Applied cryptography (2nd ed.): protocols, algorithms, and source code in C
Keying Hash Functions for Message Authentication
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Balancing auditability and privacy in vehicular networks
Proceedings of the 1st ACM international workshop on Quality of service & security in wireless and mobile networks
The security of vehicular ad hoc networks
Proceedings of the 3rd ACM workshop on Security of ad hoc and sensor networks
Foundations of cryptography: a primer
Foundations and Trends® in Theoretical Computer Science
Securing vehicular ad hoc networks
Journal of Computer Security - Special Issue on Security of Ad-hoc and Sensor Networks
Privacy and scalability analysis of vehicular combinatorial certificate schemes
CCNC'09 Proceedings of the 6th IEEE Conference on Consumer Communications and Networking Conference
Security in vehicular ad hoc networks
IEEE Communications Magazine
| Hi-index | 0.00 |
We investigate privacy-preserving Public-Key Infrastructures (PKIs) with additional security, privacy, and performance requirements meant to support vehicular networks. While conventional PKIs are a cornerstone for identity management in certain security applications, they do not offer the privacy properties that vehicular networks demand. Over the last few years, there have been efforts to generalize conventional PKIs to meet these new privacy and security demands. One particular example is the class of multiple certificate PKIs where each vehicle is given multiple short-lived and anonymous certificates that can function as credentials until the vehicle is due for, say, the next inspection or dealership visit. While such PKIs offer attractive security and privacy properties, achieving acceptable performance has remained an open problem thus questioning their practicality. In this paper, we formally define and investigate the efficient certificate revocation list (CRL) search problem for multiple certificate PKIs, which asks whether it is possible to efficiently test CRL membership of a given certificate in the same order of computational complexity as in conventional PKIs (that is, by a simple and fast binary search over the set of revoked PKI members). Any solution to this problem is of particular interest when it does not introduce unacceptable compromises on other important properties such as security and privacy. We start by formally defining vehicular networks and a number of security, privacy and performance requirements for them. Then we demonstrate that for PKIs based on general classes of efficient algorithms, containing binary search over totally ordered sets and approximate nearest neighbor search over metric spaces, a solution to the efficient CRL search problem can be used to violate privacy. Finally, we present and analyze new solutions that simultaneously solve the efficient cRL search problem and satisfy privacy requirements by allowing all vehicles to locally (i.e., with minimal help from the CA) and consistently (i.e., with the same results across all vehicles) manage their CRLs. Using these ideas, we can maintain security and privacy properties while reducing the CRL membership testing time to logarithmic in the number of revoked vehicles, which is essentially the same performance that one obtains with conventional PKIs where privacy is not required.