Subir Biswas

A Cross-Layer Approach to Privacy-Preserving Authentication in WAVE-Enabled VANETs

We present an anonymous authentication and verification scheme for the IEEE Wireless Access in Vehicular Communications (WAVE)-based vehicular ad hoc networks (VANETs). Our contribution includes vehicular message authentication and an efficient prioritized verification strategy for periodic road safety messages. A variation of elliptic curve digital signature algorithm (ECDSA) is used in combination with the identity-based (ID-based) signature, where current position information on a vehicle is utilized as the ID of the corresponding vehicle. This waives the need for a third-party public key certificate for message authentication in VANETs. A high-density road traffic condition poses a challenge for authentication of vehicular messages since the required verification time is often much longer than the average interarrival time. To mitigate the issue, messages of each traffic class are verified following the VANETs medium access control (MAC) layer priorities and the application relevance of individual safety messages. Performance analysis and simulation results have shown that our approach is secure, privacy preserving, scalable, and resource efficient.

ID-based Safety Message Authentication for Security and Trust in Vehicular Networks

We present a safety message authentication scheme for vehicular ad hoc networks using an ID-based signature and verification mechanism. An ID-based technique offers a certificate-less public key verification, while a proxy signature provides flexibilities in message authentication and trust management. In this scheme, we incorporate an ID-based proxy signature framework with the standard ECDSA for VANETs road-side unit (RSU) originated safety application messages. Also, forwarding of signed messages are specially handled to ensure the trust and authentication of RSUs application messages. We claim that this scheme is resilient against all major security threats and also efficient in terms of computation complexity.

DDoS attack on WAVE-enabled VANET through synchronization

A VANET that uses IEEE 802.11p EDCA mechanism is susceptible to a synchronization-based DDoS attack due to periodicity of transmissions and small contention window sizes. To make things worse, neither the sender nor receivers of periodic broadcasts will be aware of the attack since broadcast communications in VANET do not have acknowledgements. In this paper, we analyze the prospect of a synchronization-based DDoS attacks on vehicular communications and propose mitigation techniques to avoid such an attack.

Proxy signature-based RSU message broadcasting in VANETs

We propose a framework for a secure RSU-to-OBU message broadcasting in VANETs using proxy signatures. We consider a VANET infrastructure for which the network assumptions are similar to the current standards of VANET communications. The main purpose of our scheme is to provide message integrity, authenticate the broadcast messages, and authenticate the RSU to the OBUs. We set the appropriate liabilities to the network components enabling the OBU to verify the received message for its validity and integrity. Our contribution includes modification of the proxy signature scheme in order to fulfill the security requirements of a VANETs message broadcast. The security analysis of our scheme strongly supports the applicability of our proposed framework.

Location-based anonymous authentication for vehicular communications

We present an anonymous authentication scheme for vehicular networks, that provides conditional anonymity to collocated vehicles. A modified ECDSA mechanism utilizes the position information of vehicles operating together in close proximity for generation and verification of elliptic curve-based signatures on safety and other application messages. This waives the requirement of a third party public-key certificate for message authentication in VANET. Our scheme provides a privacy-preserving, lightweight, secure, and compatible instant authentication for vehicle-originated safety messages. Security analysis and simulation experiments justify the usefulness of our scheme.

Relevance-based verification of VANET safety messages

Authentication of vehicular safety messages poses a challenge in a high density road-traffic scenario as the verification time for gathered messages gets longer than the average inter-arrival time. This may expose a vehicular network entity to several different security attacks. The existing solutions have addressed the issue either by randomizing the verification candidates, or by using aggregated signature verification schemes, both of which have short-comings in terms of applicability in vehicular communications. We propose a novel solution to the vehicular message authentication in dense traffic conditions by introducing a prioritized verification strategy. Based on the relevance of physical parameters of neighboring vehicles, received safety messages are assigned with different priority scores at the verifying entity. In a heavy traffic condition when the resources are scarce, a verifier randomly authenticates the selected received messages according to their priorities. Performance evaluation has shown that our approach is scalable, resource-efficient, and compatible with any underlying authentication schemes.

Deploying Proxy Signature in VANETs

We introduce a verifiable, self authenticating, and anonymous message delivery protocol for VANET communications using different implementations of proxy signature scheme, where RSU-to-OBU, OBU-to- RSU, and OBU-to-OBU message delivery issues have been addressed. An RSU-to-OBU message delivery scheme is developed, in which a message is protected against potential forgery launched by a malicious RSU. Also, a new proxy signature based approach is provided for message integrity and anonymity for the OBU message delivery. The total process is accountable. The security analysis confirms the validity of the proposed protocol.

Establishing Trust on VANET Safety Messages

We introduce a new scheme for safety message authentication in VANETs. For a practical implementation of VANET, we anticipate that road side units (RSUs) are not physically protected and are prone to several different attacks including node compromise attacks. Thus, an RSU should not be automatically trusted by on road vehicles. In our proposed scheme, a road side controller (RSC) is responsible for controlling all the RSUs, and delivering messages through RSUs to vehicles in a given area, where each RSU uses a proxy signature mechanism based on Elliptic Curve Cryptography (ECC), which is a variation of known ECDS-based proxy signature schemes and modified according to the VANET’s criteria and security requirements. The underlying network constraints and properties from VANET standards have been taken into consideration along with the security, reliability and other related issues.We also discuss the potential forgery and attack scenarios on our proposed scheme. The security analysis and simulation results prove the strength and adaptability of our proposed scheme in future VANETs.

A Novel Asynchronous, Energy Efficient, Low Transmission Delay MAC Protocol for Wireless Sensor Networks

Wireless Sensor Networks use battery-operated computing and sensing devices. It is often impractical or even impossible to charge/replace the exhausted batteries of the nodes. Thus, energy consumption is the main concern in a wireless sensor network. Moreover, a critical event detected by the sensor network should be delivered to the user as soon as possible. Thus, for sensor networks, both energy efficiency and transmission latency are important parameters. In this paper, we propose a novel asynchronous, duty cycled, energy efficient, and low transmission delay for wireless sensor networks, which addresses all the sources of energy waste to make the medium access more energy efficient, while keeping transmission delay low.The currently available asynchronous contention-based MAC protocols require that proper strategies for sender and receiver nodes are provided to rendezvous. However, the proposed protocol does not rely on any rendezvous between sender and receiver. For evaluating the novel MAC protocol, we have simulated this protocol and two very efficient and established MAC protocols, RTS/CTS IEEE 802.11 and S-MAC. The simulation results indicate that the proposed protocol has very good performance. In addition, as the results show, the novel protocol provides a very suitable balance between energy efficiency and transmission delay.

Fast, Seamless Rekeying In Wireless Sensor Networks

We extend the probabilistic key-based approach for wireless sensor networks concerning the slow rekeying and path key reestablishment processes. By introducing a novel, energy efficient, distributed, and faster scheme, we attempt to replace the existing ordinary rekeying method of probabilistic key management scheme through a deterministic algorithm that works on both the base station and on each communicating pair of sensor nodes. The node predetermines the backup link key for a future key revocation and switches to the backup key when needed without further interrupting the base station or the key server. This scheme assures high level of security in rekeying operation, and at the same time reduces the rekeying cost very significantly.