The impact of ECDSA in a VANET routing service: Insights from real data traces

Abstract

Abstract Both the WAVE IEEE 1609.2 standard in USA and the ETSI ITS security standards in Europe rely on the Elliptic Curve Digital Signature Algorithm (ECDSA) to authenticate messages exchanged among vehicles. Although being faster than other equivalent algorithms, the ECDSA computational cost nevertheless affects the message validation throughput. Even worse, the number of messages that a device has to authenticate may easily exhaust its computational limits. In this article, we evaluated the impact caused by ECDSA authentication of messages of the multi-hop routing control plane used in a real Vehicular Ad Hoc Network (VANET). Such control plane uses periodic vicinity updates to keep accurate, distributed routing paths, and ECDSA-based validation delays may force to discard many of such updates. To perform the evaluation of the impact imposed by ECDSA we considered the multiple curve parameters associated to WAVE and ETSI ITS, their implementation by different cryptographic libraries and their performance in distinct hardware. We took as reference for traffic to be authenticated with ECDSA a day-long set of messages of a VANET routing control plane. These messages were inferred from connectivity status samples from all mobile nodes of a real VANET. Emulation results with those messages show that, without high-end computing devices, ECDSA authentication would have a substantial negative impact in the routing service of the tested VANET.