Lukasz Krzywiecki

Vehicle authentication via monolithically certified public key and attributes

AbstractVehicular networks are used to coordinate actions among vehicles in traffic by the use of wireless transceivers (pairs of transmitters and receivers). Unfortunately, the wireless communication among vehicles is vulnerable to security threats that may lead to very serious safety hazards. In this work, we propose a viable solution for coping with Man-in-the-Middle attacks. Conventionally, Public Key Infrastructure is utilized for a secure communication with the pre-certified public key. However, a secure vehicle-to-vehicle communication requires additional means of verification in order to avoid impersonation attacks. To the best of our knowledge, this is the first work that proposes to certify both the public key and out-of-band sense-able static attributes to enable mutual authentication of the communicating vehicles. Vehicle owners are bound to preprocess (periodically) a certificate for both a public key and a list of fixed unchangeable attributes of the vehicle. Furthermore, the proposed approach is shown to be adaptable with regards to the existing authentication protocols. We illustrate the security verification of the proposed protocol using a detailed proof in Spi calculus.

Dynamic Attribute Based Vehicle Authentication

In the near future, vehicles will establish a spontaneous connection over a wireless radio channel, coordinating actions and information. Security infrastructure is most important in such a hazardous scope of vehicles communication for coordinating actions and avoiding accidents on the roads. One of the first security issues that need to be established is authentication. Vehicle authentication with visual binding prior to establishing a wireless radio channel of communication is useful only when the vehicles possess unique visual attributes. These vehicle static attributes (e.g., Licence number, brand and color) are certified together with the vehicle public key. Therefore, we consider the case of multiple malicious vehicles with identical visual static attributes. Apparently, dynamic attributes (e.g., Location and direction) can uniquely define a vehicle and can be utilized to resolve the true identity of vehicles. However, unlike static attributes, dynamic attributes cannot be signed by a trusted authority beforehand. We propose an approach to verify the coupling between non-certified dynamic attributes and certified static attributes on an auxiliary communication channel, for example, a modulated laser beam. Furthermore, we illustrate that the proposed approach can be used to facilitate the usage of existing authentication protocols such as NAXOS, in the new scope of ad-hoc vehicle networks.

Mutual Chip Authentication

We present a Anonymous Mutual Authentication (AMA) protocol for authentication and key agreement between cryptographic devices. It is an alternative for Terminal Authentication (TA) plus Chip Authentication (ChA) developed for electronic travel documents. Unlike conventional TA, executing AMA does not provide any digital record that could be used as a proof against third parties that an interaction really took place. AMA is symmetric: the code executed by both participants is the same (apart from the sequence of operations). It eases implementation on resource limited devices such as smart cards. AMA does not require prior disclosure of identities: the protocol participants learn them in a way hidden to eavesdroppers.

Optical PUF for Non Forwardable Vehicle Authentication

Modern vehicles are configured to exchange warning messages through IEEE 1609 Dedicated Short Range Communication (DSRC) over IEEE 802.11p Wireless Access in Vehicular Environment (WAVE). Essentially, these warning messages must associate an authentication factor such that the verifier authenticates the message origin via visual binding. Interestingly, the existing vehicle communication incorporates the message forward-ability as a requested feature for numerous applications. On the contrary, the vehicle security infrastructure is vulnerable to message forwarding i.e., Messages seem to originate from a malicious vehicle (due to non-detectable message relaying) instead of the actual message sender. We introduce the non forward-able authentication to avoid an adversary coalition attack scenario. These messages should be identifiable with respect to the immediate sender at every hop. We propose to utilize immediate optical response verification in association with the authenticated key exchange over radio channel. These optical responses are generated through hardware means, i.e., A certified Physically Unclonable Function (PUF) device embedded on the front and rear of the vehicle.

General anonymous key broadcasting via Lagrangian interpolation

The authors presents a key management scheme for broadcast networks, which is a combination of broadcast encryption protocols of different kinds: an exclusion scheme based on Lagrangian interpolation in the exponent and a non-exclusion scheme. The authors show how to combine these techniques into one scheme in such a way that information on who is excluded and when they are excluded is hidden under certain adversary models, and communication overhead is independent of the system dynamics. Thus, the scheme is well suited for the general cases where the maximum number of excluded users is unpredictable.

Efficient Probabilistic Methods for Proof of Possession in Clouds

Cloud computing is a new paradigm that has received the considerable attention in theory and practice quite recently. One of the applications of cloud computing is the storage of client’s data on remote servers. While maintaining huge volumes of data, the cloud vendors may be tempted to cheat its clients by removing their data. Thus, to avoid such a situation, many proof of possession methods have been proposed. Usually they utilize complex cryptographic calculation which makes them not applicable to devices with limited resources. This paper proposes two novel methods of light-weight proof of possession. Instead of using the resource consuming cryptographic functions, these methods use only straightforward hash functions. In the first method, the client stores his data on one server in the cloud. The second approach addresses the scenario of data duplication between many independent servers.