Download - Privacy Issues in Vehicular Ad Hoc Networks. Florian Dötzer BMW Group Research and Technology
Privacy Issues in Vehicular Ad Hoc Networks.
Florian DötzerBMW Group Research and Technology
Agenda.
Introduction
Privacy in VANETs
Exemplary Approach
Future Work / Conclusion
Agenda.
Introduction
Privacy in VANETs
Exemplary Approach
Future Work / Conclusion
VANET PrivacyBMW GroupFlorian DötzerJune 1, 2005Page 4
Ad-hoc Networks.From Cellular to VANET.
CellularCellular
Cellular Network
MANETMANET
Mobile Ad-hoc NETwork
VANETVANET
Vehicular Ad-hoc NETwork
VANET PrivacyBMW GroupFlorian DötzerJune 1, 2005Page 5
MANETsMANETs
MANETs and VANETs.Properties.
Decentralized
Self - Organizing
VANETsVANETs
Additionally:
High Node Mobility
Very Large Number of Nodes
Complex Administrative Structure
VANET PrivacyBMW GroupFlorian DötzerJune 1, 2005Page 6
VANET.Application Local Danger Warning.
VSC – Vehicle Safety Communications
VANET PrivacyBMW GroupFlorian DötzerJune 1, 2005Page 7
VANETs.Security Requirements.
Authentic InformationTrust Establishment vs. Information
Matching
AvailabilityNode Cooperation, DoS, Secure Routing
PrivacyLocation Privacy, Identities, Profiling
Agenda.
Introduction
Privacy in VANETs
Exemplary Approach
Future Work / Conclusion
VANET PrivacyBMW GroupFlorian DötzerJune 1, 2005Page 9
Cars = Personal Devices
Position is known
Cars get connected
Privacy.Importance for VANETs.
Attacks on Privacy become relevant
+ Privacy is essential for VANETs
BUT: Privacy cannot be “added” afterwards!
VANET PrivacyBMW GroupFlorian DötzerJune 1, 2005Page 10
“Automated” Law Enforcement
Identity TrackingConfiguration Fingerprinting
RF-Fingerprinting
Location Recording
Movement Profiles
Communication Relations
VANET Privacy.Example Threats and Attacks.
VANET PrivacyBMW GroupFlorian DötzerJune 1, 2005Page 11
Use of pseudonyms (no real-world identities)
Multiple pseudonyms may be used
Pseudonym change application requirements
Pseudonyms real-world ID mapping
Properties / privileges cryptographically bound
VANET Privacy.Requirements.
Agenda.
Introduction
Privacy in VANETs
Exemplary Approach
Future Work / Conclusion
VANET PrivacyBMW GroupFlorian DötzerJune 1, 2005Page 13
ID
Phase I: Separation of ID and service usage Privacy
Authority AID
Pseudonyms
ID1
Pseudonyms
PseudonymPseudonymPseudonym
2
Credentials
„Signature“
CredentialCredentialCredential
4Pseudonym
3
Organisation OPseudonym
Credentials
Trusted Authority Approach.A Car’s Setup Phase.
VANET PrivacyBMW GroupFlorian DötzerJune 1, 2005Page 14
Sender
Phase II: Receiver can verify message
ID
Credentials
Pseudonyms
ID
Receiver
Credentials
Pseudonyms
Trusted Authority Approach.Normal Usage.
VANET PrivacyBMW GroupFlorian DötzerJune 1, 2005Page 15
Phase III: Disclosure of sender ID
4
Sender
ID
Credentials
Pseudonyms
Receiver
1
ID2
Organisation OPseudonym
Credentials3
Authority AID
Pseudonyms
Signature OK!
BUT
Information is not correct
OR sender
malfunctioning
Trusted Authority Approach.“Revocation” Phase.
VANET PrivacyBMW GroupFlorian DötzerJune 1, 2005Page 16
Trusted Authority Approach.Evaluation.
Pro’s
+ Fulfills given requirements
+ Provides strong privacy
Con’s
- Requires independent, trusted authority
- Problem of detecting wrong messages
Agenda.
Introduction
Privacy in VANETs
Exemplary Approach
Future Work / Conclusion
VANET PrivacyBMW GroupFlorian DötzerJune 1, 2005Page 18
Future Work.And Open Questions…
How to change pseudonyms?
Feasibility of Organizational Solution
Feasibility of Smart Card Approach
Location Related Pseudonyms
System without IDs?
VANET PrivacyBMW GroupFlorian DötzerJune 1, 2005Page 19
Conclusion.
Privacy is essential for VANETs
Privacy must be considered at system
design
Trusted authority approach is far from
perfect
Additional research is necessary
VANET PrivacyBMW GroupFlorian DötzerJune 1, 2005Page 20
Thanks for Listening.Questions?