scholarly journals Security Analysis and Improvement of Lighweight VANET Authentication Protocol (Case Study : Zhao et al. LVAP)

2021 ◽  
Vol 3 (2) ◽  
pp. 135-143
Author(s):  
Sepha Siswantyo
Keyword(s):  
Traffic Safety ◽  
Traffic Management ◽  
Ad Hoc ◽  
Security Analysis ◽  
Authentication Protocol ◽  
Security Protocol ◽  
Sybil Attack ◽  
Session Key ◽  
Man In The Middle ◽  
Vanet Security

VANET is an ad-hoc network implemented on vehicle communication to ensure traffic safety and traffic management efficiency. VANET security is a concern because of various vulnerabilities, especially from authentication criteria that the attacker can exploit. VANET is vulnerable to Sybil attack, entity impersonation, message modification, and identity falsification. Several mechanisms and protocols have been developed to address these vulnerabilities. The design of the VANET authentication protocol also needs to be proven using formal methods to ensure that the protocol meets the required security criteria.  In this research, the security of VANET authentication protocol developed by Zhao et al. was analyzed using the Datta et al. security protocol analysis method. Instead of BAN Logic, the Scyther tool was used to verify security claims and find possible attacks. Our Security analysis results show that Zhao et al.'s protocol does not meet confidentiality and entity authentication criteria. Scyther tool can find attacks on nonce confidentiality and man-in-the-middle attack. Therefore, we modify Zhao et al. protocol by adding signature and session key confirmation to improve its security. Based on analysis results, our modified Zhao et al. authentication protocol met confidentiality and entity authentication criteria. The use of signature and session key confirmation prevents man-in-the-middle attack and protects nonce confidentiality. Therefore, our research concludes that modified Zhao et al. authentication protocol more secure than the original protocol in terms of nonce and session key confidentiality, aliveness, weak agreement, non-injective agreement, and non-injective synchronization.

scholarly journals Overview of Security Issues in Vehicular Ad-hoc Networks

2011 ◽  
pp. 894-911 ◽  
Author(s):  
José María De Fuentes ◽  
Ana Isabel González-Tablas ◽  
Arturo Ribagorda
Keyword(s):  
Ad Hoc Networks ◽  
Traffic Safety ◽  
Traffic Management ◽  
Vehicular Ad Hoc Networks ◽  
Ad Hoc ◽  
Road Traffic ◽  
High Mobility ◽  
Security Issues ◽  
Vanet Security ◽  
Hoc Networks

Vehicular ad-hoc networks (VANETs) are a promising communication scenario. Several new applications are envisioned, which will improve traffic management and safety. Nevertheless, those applications have stringent security requirements, as they affect road traffic safety. Moreover, VANETs face several security threats. As VANETs present some unique features (e.g. high mobility of nodes, geographic extension, etc.) traditional security mechanisms are not always suitable. Because of that, a plethora of research contributions have been presented so far. This chapter aims to describe and analyze the most representative VANET security developments.

scholarly journals Obfuscated RSUs Vector Based Signature Scheme for Detecting Conspiracy Sybil Attack in VANETs

2017 ◽  
Vol 2017 ◽  
pp. 1-11 ◽  
Author(s):  
Xia Feng ◽  
Jin Tang
Keyword(s):  
Traffic Safety ◽  
Traffic Management ◽  
Vehicular Ad Hoc Networks ◽  
Ad Hoc ◽  
Attack Detection ◽  
Sybil Attack ◽  
Security Threat ◽  
Computational Overhead ◽  
Neighbor Relationship ◽  
Relationship Of

Given the popularity of vehicular Ad hoc networks (VANETs) in traffic management, a new challenging issue comes into traffic safety, that is, security of the networks, especially when the adversary breaks defence. Sybil attack, for example, is a potential security threat through forging several identities to carry out attacks in VANETs. At this point, the paper proposed a solution named DMON that is a Sybil attack detection method with obfuscated neighbor relationship of Road Side Units (RSUs). DMON presents a ring signature based identification scheme and replaces vehicles’ identities with their trajectory for the purpose of anonymity. Furthermore, the neighbor relationship of RSUs is obfuscated to achieve privacy preserving of locations. The proposed scheme has been formally proved in the views of security and performance. Simulation has also been implemented to validate the scheme, in which the findings reveal the lower computational overhead and higher detection rate comparing with other related solutions.

A Mutual Authentication Protocol with Resynchronisation Capability for Mobile Satellite Communications

2013 ◽  
pp. 35-51
Author(s):  
Ioana Lasc ◽  
Reiner Dojen ◽  
Tom Coffey
Keyword(s):  
Denial Of Service ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Service Condition ◽  
Satellite Communications ◽  
Authentication Protocol ◽  
Security Protocol ◽  
New Type ◽  
Mobile Satellite ◽  
Mutual Authentication Protocol

Many peer-to-peer security protocols proposed for wireless communications use one-time shared secrets for authentication purposes. This paper analyses online update mechanisms for one-time shared secrets. A new type of attack against update mechanisms, called desynchronisation attack, is introduced. This type of attack may lead to a permanent denial of service condition. A case study demonstrates the effectiveness of desynchronisation attacks against a security protocol for mobile satellite communications. A new mutual authentication protocol for satellite communications, incorporating a resynchronisation capability, is proposed to counter the disruptive effects of desynchronisation attacks. The new protocol has an esynchronisation phase that is initiated whenever desynchronisation is suspected. Thus, the possibility of causing permanent denial of service conditions by mounting desynchronisation attacks is eliminated. A security analysis of the proposed protocol establishes its resistance against attacks like replay attacks, dictionary attacks, and desynchronisation attacks.

scholarly journals Efficient Certificateless Conditional Privacy-Preserving Authentication Scheme in VANETs

2019 ◽  
Vol 2019 ◽  
pp. 1-19 ◽  
Author(s):  
Yang Ming ◽  
Hongliang Cheng
Keyword(s):  
Traffic Safety ◽  
Vehicular Ad Hoc Networks ◽  
Ad Hoc ◽  
Security Analysis ◽  
Real Life ◽  
Random Oracle Model ◽  
Random Oracle ◽  
Privacy Preserving ◽  
Bilinear Pairing ◽  
Security And Privacy

Vehicular ad hoc networks (VANETs) are an increasing important paradigm for greatly enhancing roadway system efficiency and traffic safety. To widely deploy VANETs in real life, it is critical to deal with the security and privacy issues in VANETs. In this paper, we propose a certificateless conditional privacy preserving authentication (CCPPA) scheme based on certificateless cryptography and elliptic curve cryptography for secure vehicle-to-infrastructure communication in VANETs. In the proposed scheme, a roadside unit (RSU) can simultaneously verify plenty of received messages such that the total verification time may be sharply decreased. Furthermore, the security analysis indicates that the proposed scheme is provably secure in the random oracle model and fulfills all the requirements on security and privacy. To further improve efficiency, both map-to-point hash operation and bilinear pairing operation are not employed. Compared with previous CCPPA schemes, the proposed scheme prominently cuts down computation delay of message signing and verification by 66.9%–85.5% and 91.8%–93.4%, respectively, and reduces communication cost by 44.4%. Extensive simulations show that the proposed scheme is practicable and achieves prominent performances of very little average message delay and average message loss ratio and thus is appropriate for realistic applications.

A Secure Two-Factor Remote User Authentication and Session Key Agreement Scheme

2016 ◽  
Vol 12 (2) ◽  
pp. 62-79 ◽  
Author(s):  
Preeti Chandrakar ◽  
Hari Om
Keyword(s):  
Key Agreement ◽  
User Authentication ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Session Key ◽  
Key Agreement Protocol ◽  
Remote User Authentication ◽  
Session Key Agreement ◽  
Man In The Middle ◽  
Remote User

In this article, the authors have proposed a secure two-factor remote user authentication and session key agreement protocol. As they have shown in the presented scheme, is precise and secure according to both formal and informal security analysis. For formal security analysis, they have applied BAN (Burrows-Abadi-Needham) logic which certifies that the presented scheme provides the amenity of mutual authentication and session key agreement safely. The informal security verification has shown that the proposed scheme is more vigorous against various sort of cruel threats. Moreover, the authors have simulated the presented scheme using broadly accepted AVISPA tool, whose simulation results make sure that the protocol is not dangerous from active and passive attacks together with replay and man-in-the-middle attacks. In addition, the performance evaluation and the security comparison have revealed that the presented scheme gives strong security as well as better complexity in the context of smart card memory requirement, communication cost and computation cost.

scholarly journals A Multi-User, Single-Authentication Protocol for Smart Grid Architectures

Sensors ◽  
2020 ◽  
Vol 20 (6) ◽  
pp. 1581
Author(s):  
Ahmed S. Alfakeeh ◽  
Sarmadullah Khan ◽  
Ali Hilal Al-Bayatti
Keyword(s):  
Smart Grid ◽  
Demand Response ◽  
Security Analysis ◽  
Authentication Protocol ◽  
Wireless Channel ◽  
Public Key ◽  
Sensitive Information ◽  
Session Key ◽  
Fine Grained ◽  
Smart Grid System

In a smart grid system, the utility server collects data from various smart grid devices. These data play an important role in the energy distribution and balancing between the energy providers and energy consumers. However, these data are prone to tampering attacks by an attacker, while traversing from the smart grid devices to the utility servers, which may result in energy disruption or imbalance. Thus, an authentication is mandatory to efficiently authenticate the devices and the utility servers and avoid tampering attacks. To this end, a group authentication algorithm is proposed for preserving demand–response security in a smart grid. The proposed mechanism also provides a fine-grained access control feature where the utility server can only access a limited number of smart grid devices. The initial authentication between the utility server and smart grid device in a group involves a single public key operation, while the subsequent authentications with the same device or other devices in the same group do not need a public key operation. This reduces the overall computation and communication overheads and takes less time to successfully establish a secret session key, which is used to exchange sensitive information over an unsecured wireless channel. The resilience of the proposed algorithm is tested against various attacks using formal and informal security analysis.

scholarly journals Privacy-Preserving Lightweight Authentication Protocol for Demand Response Management in Smart Grid Environment

2020 ◽  
Vol 10 (5) ◽  
pp. 1758 ◽  
Author(s):  
SungJin Yu ◽  
KiSung Park ◽  
JoonYoung Lee ◽  
YoungHo Park ◽  
YoHan Park ◽  
...  
Keyword(s):  
Smart Grid ◽  
Demand Response ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Privacy Preserving ◽  
Authentication Protocol ◽  
Session Key ◽  
Energy Services ◽  
Lightweight Authentication ◽  
Secure Authentication

With the development in wireless communication and low-power device, users can receive various useful services such as electric vehicle (EV) charging, smart building, and smart home services at anytime and anywhere in smart grid (SG) environments. The SG devices send demand of electricity to the remote control center and utility center (UC) to use energy services, and UCs handle it for distributing electricity efficiently. However, in SG environments, the transmitted messages are vulnerable to various attacks because information related to electricity is transmitted over an insecure channel. Thus, secure authentication and key agreement are essential to provide secure energy services for legitimate users. In 2019, Kumar et al. presented a secure authentication protocol for demand response management in the SG system. However, we demonstrate that their protocol is insecure against masquerade, the SG device stolen, and session key disclosure attacks and does not ensure secure mutual authentication. Thus, we propose a privacy-preserving lightweight authentication protocol for demand response management in the SG environments to address the security shortcomings of Kumar et al.’s protocol. The proposed protocol withstands various attacks and ensures secure mutual authentication and anonymity. We also evaluated the security features of the proposed scheme using informal security analysis and proved the session key security of proposed scheme using the ROR model. Furthermore, we showed that the proposed protocol achieves secure mutual authentication between the SG devices and the UC using Burrows–Abadi–Needham (BAN) logic analysis. We also demonstrated that our authentication protocol prevents man-in-the-middle and replay attacks utilizing AVISPA simulation tool and compared the performance analysis with other existing protocols. Therefore, the proposed scheme provides superior safety and efficiency other than existing related protocols and can be suitable for practical SG environments.

scholarly journals Security Analysis and Improvement of an Anonymous Authentication Scheme for Roaming Services

2014 ◽  
Vol 2014 ◽  
pp. 1-8 ◽  
Author(s):  
Youngsook Lee ◽  
Juryon Paik
Keyword(s):  
Mutual Authentication ◽  
Security Analysis ◽  
Mobile User ◽  
Authentication Scheme ◽  
Third Party ◽  
Dictionary Attack ◽  
Session Key ◽  
Foreign Agent ◽  
Anonymous Authentication ◽  
Man In The Middle

An anonymous authentication scheme for roaming services in global mobility networks allows a mobile user visiting a foreign network to achieve mutual authentication and session key establishment with the foreign-network operator in an anonymous manner. In this work, we revisit He et al.’s anonymous authentication scheme for roaming services and present previously unpublished security weaknesses in the scheme: (1) it fails to provide user anonymity against any third party as well as the foreign agent, (2) it cannot protect the passwords of mobile users due to its vulnerability to an offline dictionary attack, and (3) it does not achieve session-key security against a man-in-the-middle attack. We also show how the security weaknesses of He et al.’s scheme can be addressed without degrading the efficiency of the scheme.

scholarly journals Secure Key Agreement and Authentication Protocol for Message Confirmation in Vehicular Cloud Computing

2020 ◽  
Vol 10 (18) ◽  
pp. 6268
Author(s):  
JoonYoung Lee ◽  
SungJin Yu ◽  
MyeongHyun Kim ◽  
YoungHo Park ◽  
SangWoo Lee ◽  
...  
Keyword(s):  
Cloud Computing ◽  
Key Agreement ◽  
Mutual Authentication ◽  
Authentication Protocol ◽  
Internet Security ◽  
Malicious Attacks ◽  
Session Key ◽  
Vehicular Cloud Computing ◽  
Vehicular Cloud ◽  
Man In The Middle

With the development of vehicular ad-hoc networks (VANETs) and Internet of vehicles (IoVs), a large amount of useful information is generated for vehicle drivers and traffic management systems. The amount of vehicle and traffic information is as large as the number of vehicles and it is enormous when compared to vehicle calculation and storage performance. To resolve this problem, VANET uses a combined cloud computing technology, called vehicular cloud computing (VCC), which controls vehicle-related data, and helps vehicle drivers directly or indirectly. However, VANETs remain vulnerable to attacks such as tracking, masquerade and man-in-the-middle attacks because VANETs communicate via open networks. To overcome these issues, many researchers have proposed secure authentication protocols for message confirmation with vehicular cloud computing. However, many researchers have pointed out that some proposed protocols use ideal tamper-proof devices (TPDs). They demonstrated that realistic TPDs cannot prevent adversaries attack. Limbasiya et al. presented a message confirmation scheme for vehicular cloud computing using a realistic TPD in order to prevent these problems. However, their proposed scheme still has security weaknesses over a TPD and does not guarantee mutual authentication. This paper proposes a secure key agreement and authentication protocol to address the security weaknesses inherent in the protocol of Limbasiya et al. The suggested protocol withstands malicious attacks and ensures secure mutual authentication for privacy-preserving. We prove that the proposed protocol can provide session key security using Real-Or-Random (ROR) model. We also employed Automated Validation of Internet Security Protocols and Applications (AVISPA) simulation tool to show that the proposed protocol is able to defeat replay and man-in-the-middle attacks. Furthermore, we established that the proposed protocol can resist other malicious attacks by conducting the informal security analysis. We proved that our proposed protocol is lightweight and suitable for VCC environments.

Sign in / Sign up

Export Citation Format

Share Document