Protecting vehicular networks privacy in the presence of a single adversarial authority

Chang Wu Chen, Sang Yoon Chang, Yih-Chun Hu, Yen Wen Chen

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In vehicular networks, each message is signed by the generating node to ensure accountability for the contents of that message. For privacy reasons, each vehicle uses a collection of certificates, which for accountability reasons are linked at a central authority. One such design is the Security Credential Management System (SCMS) [1], which is the leading credential management system in the US. The SCMS is composed of multiple components, each of which has a different task for key management, which are logically separated. The SCMS is designed to ensure privacy against a single insider compromise, or against outside adversaries. In this paper, we demonstrate that the current SCMS design fails to achieve its design goal, showing that a compromised authority can gain substantial information about certificate linkages. We propose a solution that accommodates threshold-based detection, but uses relabeling and noise to limit the information that can be learned from a single insider adversary. We also analyze our solution using techniques from differential privacy and validate it using traffic-simulator based experiments. Our results show that our proposed solution prevents privacy information leakage against the compromised authority in collusion with outsider attackers.

Original languageEnglish (US)
Title of host publication2017 IEEE Conference on Communications and Network Security, CNS 2017
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages1-9
Number of pages9
ISBN (Electronic)9781538606834
DOIs
StatePublished - Dec 19 2017
Event2017 IEEE Conference on Communications and Network Security, CNS 2017 - Las Vegas, United States
Duration: Oct 9 2017Oct 11 2017

Publication series

Name2017 IEEE Conference on Communications and Network Security, CNS 2017
Volume2017-January

Other

Other2017 IEEE Conference on Communications and Network Security, CNS 2017
CountryUnited States
CityLas Vegas
Period10/9/1710/11/17

Fingerprint

Leakage (fluid)
Simulators
Systems analysis
Experiments

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality

Cite this

Chen, C. W., Chang, S. Y., Hu, Y-C., & Chen, Y. W. (2017). Protecting vehicular networks privacy in the presence of a single adversarial authority. In 2017 IEEE Conference on Communications and Network Security, CNS 2017 (pp. 1-9). (2017 IEEE Conference on Communications and Network Security, CNS 2017; Vol. 2017-January). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CNS.2017.8228648

Protecting vehicular networks privacy in the presence of a single adversarial authority. / Chen, Chang Wu; Chang, Sang Yoon; Hu, Yih-Chun; Chen, Yen Wen.

2017 IEEE Conference on Communications and Network Security, CNS 2017. Institute of Electrical and Electronics Engineers Inc., 2017. p. 1-9 (2017 IEEE Conference on Communications and Network Security, CNS 2017; Vol. 2017-January).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Chen, CW, Chang, SY, Hu, Y-C & Chen, YW 2017, Protecting vehicular networks privacy in the presence of a single adversarial authority. in 2017 IEEE Conference on Communications and Network Security, CNS 2017. 2017 IEEE Conference on Communications and Network Security, CNS 2017, vol. 2017-January, Institute of Electrical and Electronics Engineers Inc., pp. 1-9, 2017 IEEE Conference on Communications and Network Security, CNS 2017, Las Vegas, United States, 10/9/17. https://doi.org/10.1109/CNS.2017.8228648
Chen CW, Chang SY, Hu Y-C, Chen YW. Protecting vehicular networks privacy in the presence of a single adversarial authority. In 2017 IEEE Conference on Communications and Network Security, CNS 2017. Institute of Electrical and Electronics Engineers Inc. 2017. p. 1-9. (2017 IEEE Conference on Communications and Network Security, CNS 2017). https://doi.org/10.1109/CNS.2017.8228648
Chen, Chang Wu ; Chang, Sang Yoon ; Hu, Yih-Chun ; Chen, Yen Wen. / Protecting vehicular networks privacy in the presence of a single adversarial authority. 2017 IEEE Conference on Communications and Network Security, CNS 2017. Institute of Electrical and Electronics Engineers Inc., 2017. pp. 1-9 (2017 IEEE Conference on Communications and Network Security, CNS 2017).
@inproceedings{788080c69ee94e479c35eefd3f1a3d0c,
title = "Protecting vehicular networks privacy in the presence of a single adversarial authority",
abstract = "In vehicular networks, each message is signed by the generating node to ensure accountability for the contents of that message. For privacy reasons, each vehicle uses a collection of certificates, which for accountability reasons are linked at a central authority. One such design is the Security Credential Management System (SCMS) [1], which is the leading credential management system in the US. The SCMS is composed of multiple components, each of which has a different task for key management, which are logically separated. The SCMS is designed to ensure privacy against a single insider compromise, or against outside adversaries. In this paper, we demonstrate that the current SCMS design fails to achieve its design goal, showing that a compromised authority can gain substantial information about certificate linkages. We propose a solution that accommodates threshold-based detection, but uses relabeling and noise to limit the information that can be learned from a single insider adversary. We also analyze our solution using techniques from differential privacy and validate it using traffic-simulator based experiments. Our results show that our proposed solution prevents privacy information leakage against the compromised authority in collusion with outsider attackers.",
author = "Chen, {Chang Wu} and Chang, {Sang Yoon} and Yih-Chun Hu and Chen, {Yen Wen}",
year = "2017",
month = "12",
day = "19",
doi = "10.1109/CNS.2017.8228648",
language = "English (US)",
series = "2017 IEEE Conference on Communications and Network Security, CNS 2017",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "1--9",
booktitle = "2017 IEEE Conference on Communications and Network Security, CNS 2017",
address = "United States",

}

TY - GEN

T1 - Protecting vehicular networks privacy in the presence of a single adversarial authority

AU - Chen, Chang Wu

AU - Chang, Sang Yoon

AU - Hu, Yih-Chun

AU - Chen, Yen Wen

PY - 2017/12/19

Y1 - 2017/12/19

N2 - In vehicular networks, each message is signed by the generating node to ensure accountability for the contents of that message. For privacy reasons, each vehicle uses a collection of certificates, which for accountability reasons are linked at a central authority. One such design is the Security Credential Management System (SCMS) [1], which is the leading credential management system in the US. The SCMS is composed of multiple components, each of which has a different task for key management, which are logically separated. The SCMS is designed to ensure privacy against a single insider compromise, or against outside adversaries. In this paper, we demonstrate that the current SCMS design fails to achieve its design goal, showing that a compromised authority can gain substantial information about certificate linkages. We propose a solution that accommodates threshold-based detection, but uses relabeling and noise to limit the information that can be learned from a single insider adversary. We also analyze our solution using techniques from differential privacy and validate it using traffic-simulator based experiments. Our results show that our proposed solution prevents privacy information leakage against the compromised authority in collusion with outsider attackers.

AB - In vehicular networks, each message is signed by the generating node to ensure accountability for the contents of that message. For privacy reasons, each vehicle uses a collection of certificates, which for accountability reasons are linked at a central authority. One such design is the Security Credential Management System (SCMS) [1], which is the leading credential management system in the US. The SCMS is composed of multiple components, each of which has a different task for key management, which are logically separated. The SCMS is designed to ensure privacy against a single insider compromise, or against outside adversaries. In this paper, we demonstrate that the current SCMS design fails to achieve its design goal, showing that a compromised authority can gain substantial information about certificate linkages. We propose a solution that accommodates threshold-based detection, but uses relabeling and noise to limit the information that can be learned from a single insider adversary. We also analyze our solution using techniques from differential privacy and validate it using traffic-simulator based experiments. Our results show that our proposed solution prevents privacy information leakage against the compromised authority in collusion with outsider attackers.

UR - http://www.scopus.com/inward/record.url?scp=85046552546&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85046552546&partnerID=8YFLogxK

U2 - 10.1109/CNS.2017.8228648

DO - 10.1109/CNS.2017.8228648

M3 - Conference contribution

AN - SCOPUS:85046552546

T3 - 2017 IEEE Conference on Communications and Network Security, CNS 2017

SP - 1

EP - 9

BT - 2017 IEEE Conference on Communications and Network Security, CNS 2017

PB - Institute of Electrical and Electronics Engineers Inc.

ER -