Tat Wing Chim

SPECS: Secure and privacy enhancing communications schemes for VANETs

Vehicular ad hoc network (VANET) is an emerging type of networks which facilitates vehicles on roads to communicate for driving safety. The basic idea is to allow arbitrary vehicles to broadcast ad hoc messages (e.g. traffic accidents) to other vehicles. However, this raises the concern of security and privacy. Messages should be signed and verified before they are trusted while the real identity of vehicles should not be revealed, but traceable by authorized party. Existing solutions either rely heavily on a tamper-proof hardware device, or cannot satisfy the privacy requirement and do not have an effective message verification scheme. In this paper, we provide a software-based solution which makes use of only two shared secrets to satisfy the privacy requirement (with security analysis) and gives lower message overhead and at least 45% higher successful rate than previous solutions in the message verification phase using the bloom filter and the binary search techniques (through simulation study). We also provide the first group communication protocol to allow vehicles to authenticate and securely communicate with others in a group of known vehicles.

VSPN: VANET-Based Secure and Privacy-Preserving Navigation

In this paper, we propose a navigation scheme that utilizes the online road information collected by a vehicular ad hoc network (VANET) to guide the drivers to desired destinations in a real-time and distributed manner. The proposed scheme has the advantage of using real-time road conditions to compute a better route and at the same time, the information source can be properly authenticated. To protect the privacy of the drivers, the query (destination) and the driver who issues the query are guaranteed to be unlinkable to any party including the trusted authority. We make use of the idea of anonymous credential to achieve this goal. In addition to authentication and privacy preserving, our scheme fulfills all other necessary security requirements. Using the real maps of New York and California, we conducted a simulation study on our scheme showing that it is effective in terms of processing delay and providing routes of much shorter traveling time.

ARMR: Anonymous routing protocol with multiple routes for communications in mobile ad hoc networks

A mobile ad hoc network consists of mobile nodes that communicate in an open wireless medium. Adversaries can launch analysis against the routing information embedded in the routing message and data packets to detect the traffic pattern of the communications, thereby obtaining sensitive information of the system, such as the identity of a critical node. In order to thwart such attacks, anonymous routing protocols are developed. For the purposes of security and robustness, an ideal anonymous routing protocol should hide the identities of the nodes in the route, in particular, those of the source and the destination. Multiple routes should be established to increase the difficulty of traffic analysis and to avoid broken paths due to node mobility. Existing schemes either make the unrealistic and undesired assumption that certain topological information about the network is known to the nodes, or cannot achieve all the properties described in the above. In this paper, we propose an anonymous routing protocol with multiple routes called ARMR, which can satisfy all the required properties. In addition, the protocol has the flexibility of creating fake routes to confuse the adversaries, thus increasing the level of anonymity. In terms of communication efficiency, extensive simulation is carried out. Compared with AODV and MASK, our ARMR protocol gives a higher route request success rate under all situations and the delay of our protocol is comparable to the best of these two protocols.

Traffic distribution over equal-cost-multi-paths

To effectively manage the traffic distribution inside a network, traffic splitting is needed for load sharing over a set of equal-cost-multi-paths (ECMPs). In this paper, a new traffic splitting algorithm, called Table-based Hashing with Reassignments (THR), is proposed. Based on the load sharing statistics collected, THR selectively reassigns some active flows from the over-utilized paths to under-utilized paths. The reassignment process takes place in such a way that the packet out-of-order problem is minimized. As compared with the existing traffic splitting algorithms, THR provides close-to-optimal load balancing performance, less than 2% of packets arrived out-of- order, and a very small end-to-end packet delay performance. Although additional traffic monitoring function is needed by THR, we show that the extra complexity incurred is marginal.

PASS: Privacy-preserving authentication scheme for smart grid network

A smart grid power system is capable of adjusting the amount of electricity generated based on real-time requests from the smart meters of customers, thus avoiding excess electricity generation and facilitating reliable and effective transmission of electricity. To ensure that requests are sent from a valid user, all request messages must be authenticated. On the other hand, by analyzing the electricity usage pattern of a customer, the daily habit of the customer, such as when he is away, may be revealed. Thus, a proper privacy preserving mechanism has to be adopted. This paper attempts to develop a scheme to address these two seemingly contradicting requirements efficiently. By using a tamper-resistant device at the smart appliance and pseudo identities, we derive a privacy preserving authentication scheme to solve the problem. The authentication process is made very efficient by means of Hash-based Message Authentication Code (HMAC). Through simulation, we show that with our scheme, the transmission and signature verification delay induced are very small and the message overhead is only 20 bytes per request message. With our efficient verification process, even under attack, the substation can effectively drop all attack messages, allowing 6 times more valid messages to reach the control center when compared to the case without any verification. Thus our scheme is both efficient and effective.

Privacy-preserving advance power reservation

Smart grid is considered to be the next generation power system. Integrating information and communication technology, power electronics, and power system technologies, smart grid reduces excess power generation by better matching power generation with customer demands, and facilitates renewable power generation by closely monitoring renewable energy source status. Such a large-scale network may be subject to various attacks. In particular, authentication and user privacy preservation are considered two major security concerns. In this article, we first highlight the importance of smart grid security. Next we introduce a new power request paradigm in which a customer is allowed to submit a power usage plan in advance. We then propose a secure and privacy-preserving power request scheme as a solution to this problem. To achieve the privacy-preserving property, our scheme employs two cryptographic techniques: anonymous credential and blind signature. We conclude this article by discussing the security and performance issues of our proposed scheme.

PRGA: Privacy-Preserving Recording & Gateway-Assisted Authentication of Power Usage Information for Smart Grid

Smart grid network facilitates reliable and efficient power generation and transmission. The power system can adjust the amount of electricity generated based on power usage information submitted by end users. Sender authentication and user privacy preservation are two important security issues on this information flow. In this paper, we propose a scheme such that even the control center (power operator) does not know which user makes the requests of using more power or agreements of using less power until the power is actually used. At the end of each billing period (i.e., after electricity usage), the end user can prove to the power operator that it has really requested to use more power or agreed to use less power earlier. To reduce the total traffic volume in the communications network, our scheme allows gateway smart meters to help aggregate power usage information, and the power generators to determine the total amount of power that needs to be generated at different times. To reduce the impact of attacking traffic, our scheme allows gateway smart meters to help filter messages before they reach the control center. Through analysis and experiments, we show that our scheme is both effective and efficient.

Security and Privacy Issues for Inter-vehicle Communications in VANETs

Vehicular ad hoc network (VANET) is an emerging type of networks to allow vehicles on roads to communicate for driving safety. An vehicle can broadcast messages (e.g. accident information) to other vehicles. These messages may have impact on other vehicles as well as the traffic control system, so all messages must be signed and authenticated. On the other hand, privacy should be enforced while the real identity of the sender should be traceable by authorized party. In this poster, we first discuss the limitations of existing solutions. In particular, we describe an impersonation attack to one of the schemes, highlight the problem of communications overhead, and effectiveness of the message verification procedure. Then, we present the main ideas of our proposed scheme which can be shown to be secure and more effective than existing schemes.

MLAS : multiple level authentication scheme for VANETs

The vehicular ad hoc network (VANET) is an emerging type of network which enables vehicles on roads to inter-communicate for driving safety. The basic idea is to allow arbitrary vehicles to broadcast ad hoc messages (e.g. traffic accidents) to other vehicles. However, this raises the concern of security and privacy. Messages should be signed and verified before they are trusted while the real identity of vehicles should not be revealed, but traceable by authorized party. Existing solutions either rely too heavily on a tamper-proof hardware device, or do not have an effective message verification scheme. In this paper, we propose a multiple level authentication scheme which still makes use of tamper-proof devices but the strong assumption that a long-term system master secret is preloaded into all tamper-proof devices is removed. Instead the master secret can be updated if needed to increase the security level. On the other hand, messages sent by vehicles are classified into two types - regular messages and urgent messages. Regular messages can be verified by neighboring vehicles by means of Hash-based Message Authentication Code (HMAC) while urgent messages can only be verified with the aid of RSUs nearby by means of a conditional privacy-preserving authentication scheme.

Along & across algorithm for routing events and queries in wireless sensor networks

In this paper, we investigate efficient strategies for routing events and queries in a wireless sensor network where energy is a major concern. Our along & across algorithm makes use of a hop tree structure. Event attributes are routed along hop levels while queries are routed across hop levels to seek for match. Location information is not assumed. Simulation results show that our algorithm yields much higher hitting probability between event attributes and queries than a previously proposed algorithm, rumor routing algorithm in a moderate-traffic environment. As a result, our algorithm consumes up to 72.6% less transmission overhead. As such, our along & across algorithm is sound and should be very useful to wireless sensor network developers.