Visible to the public Protecting vehicular networks privacy in the presence of a single adversarial authority

TitleProtecting vehicular networks privacy in the presence of a single adversarial authority
Publication TypeConference Paper
Year of Publication2017
AuthorsChen, C. W., Chang, S. Y., Hu, Y. C., Chen, Y. W.
Conference Name2017 IEEE Conference on Communications and Network Security (CNS)
ISBN Number978-1-5386-0683-4
Keywordscentral authority, Communication networks, composability, Conferences, Couplings, data privacy, Key Management, Metrics, network accountability, principal component analysis, privacy, privacy information leakage, pubcrawl, relabeling, resilience, Resiliency, road traffic, road vehicles, SCMS design, security, Security Credential Management System, single adversarial authority, single insider adversary, telecommunication security, threshold-based detection, traffic engineering computing, traffic-simulator based experiments, vehicular ad hoc network, vehicular ad hoc networks, vehicular networks privacy protection

In vehicular networks, each message is signed by the generating node to ensure accountability for the contents of that message. For privacy reasons, each vehicle uses a collection of certificates, which for accountability reasons are linked at a central authority. One such design is the Security Credential Management System (SCMS) [1], which is the leading credential management system in the US. The SCMS is composed of multiple components, each of which has a different task for key management, which are logically separated. The SCMS is designed to ensure privacy against a single insider compromise, or against outside adversaries. In this paper, we demonstrate that the current SCMS design fails to achieve its design goal, showing that a compromised authority can gain substantial information about certificate linkages. We propose a solution that accommodates threshold-based detection, but uses relabeling and noise to limit the information that can be learned from a single insider adversary. We also analyze our solution using techniques from differential privacy and validate it using traffic-simulator based experiments. Our results show that our proposed solution prevents privacy information leakage against the compromised authority in collusion with outsider attackers.

Citation Keychen_protecting_2017