A transparent distributed ledger-based certificate revocation scheme for VANETs

Detalhes bibliográficos
Autor(a) principal: Tesei, Andrea
Data de Publicação: 2023
Outros Autores: Lattuca, Domenico, Luise, Marco, Pagano, Paolo, Ferreira, Joaquim, Bartolomeu, Paulo C.
Tipo de documento: Artigo
Idioma: eng
Título da fonte: Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
Texto Completo: http://hdl.handle.net/10773/41072
Resumo: The widespread adoption of Cooperative, Connected, and Automated Mobility (CCAM) applications requires the implementation of stringent security mechanisms to minimize the surface of cyber attacks. Authentication is an effective process for validating user identity in vehicular networks. However, authentication alone is not enough to prevent dangerous attack situations. Existing security mechanisms are not able to promptly revoke the credentials of misbehaving vehicles, thus tolerate malicious actors to remain trusted in the system for a long time. The resulting vulnerability window allows the implementation of complex attacks, thus posing a substantial impairment to the security of the vehicular ecosystem. In this paper we propose a Distributed Ledger-based Vehicular Revocation Scheme that improves the state of the art by providing a vulnerability window lower than 1 s, reducing well-behaved vehicles exposure to sophisticated and potentially dangerous attacks. The proposed scheme harnesses the advantages of the underlying Distributed Ledger Technology (DLT) to implement a privacy-aware revocation process while being fully transparent to all participating entities. Furthermore, it meets the critical message processing times defined by EU and US standards, thus closing a critical gap in the current international standards. Theoretical analysis and experimental validation demonstrate the effectiveness and efficiency of the proposed scheme, where DLT streamlines the revocation operation overhead and delivers an economically viable yet scalable solution against cyber attacks on vehicular systems.
id RCAP_843ff19b794809ac3c386a49e295b221
oai_identifier_str oai:ria.ua.pt:10773/41072
network_acronym_str RCAP
network_name_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository_id_str 7160
spelling A transparent distributed ledger-based certificate revocation scheme for VANETsCertificate revocation schemeTransparencyPrivacyVehicular public key infrastructureDistributed ledger technologyIntelligent transportation systemsVehicular ad-hoc networksThe widespread adoption of Cooperative, Connected, and Automated Mobility (CCAM) applications requires the implementation of stringent security mechanisms to minimize the surface of cyber attacks. Authentication is an effective process for validating user identity in vehicular networks. However, authentication alone is not enough to prevent dangerous attack situations. Existing security mechanisms are not able to promptly revoke the credentials of misbehaving vehicles, thus tolerate malicious actors to remain trusted in the system for a long time. The resulting vulnerability window allows the implementation of complex attacks, thus posing a substantial impairment to the security of the vehicular ecosystem. In this paper we propose a Distributed Ledger-based Vehicular Revocation Scheme that improves the state of the art by providing a vulnerability window lower than 1 s, reducing well-behaved vehicles exposure to sophisticated and potentially dangerous attacks. The proposed scheme harnesses the advantages of the underlying Distributed Ledger Technology (DLT) to implement a privacy-aware revocation process while being fully transparent to all participating entities. Furthermore, it meets the critical message processing times defined by EU and US standards, thus closing a critical gap in the current international standards. Theoretical analysis and experimental validation demonstrate the effectiveness and efficiency of the proposed scheme, where DLT streamlines the revocation operation overhead and delivers an economically viable yet scalable solution against cyber attacks on vehicular systems.Elsevier2024-03-13T16:29:09Z2023-01-01T00:00:00Z2023info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/articleapplication/pdfhttp://hdl.handle.net/10773/41072eng1084-804510.1016/j.jnca.2022.103569Tesei, AndreaLattuca, DomenicoLuise, MarcoPagano, PaoloFerreira, JoaquimBartolomeu, Paulo C.info:eu-repo/semantics/openAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2024-03-18T01:49:08Zoai:ria.ua.pt:10773/41072Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-20T04:02:11.442684Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse
dc.title.none.fl_str_mv A transparent distributed ledger-based certificate revocation scheme for VANETs
title A transparent distributed ledger-based certificate revocation scheme for VANETs
spellingShingle A transparent distributed ledger-based certificate revocation scheme for VANETs
Tesei, Andrea
Certificate revocation scheme
Transparency
Privacy
Vehicular public key infrastructure
Distributed ledger technology
Intelligent transportation systems
Vehicular ad-hoc networks
title_short A transparent distributed ledger-based certificate revocation scheme for VANETs
title_full A transparent distributed ledger-based certificate revocation scheme for VANETs
title_fullStr A transparent distributed ledger-based certificate revocation scheme for VANETs
title_full_unstemmed A transparent distributed ledger-based certificate revocation scheme for VANETs
title_sort A transparent distributed ledger-based certificate revocation scheme for VANETs
author Tesei, Andrea
author_facet Tesei, Andrea
Lattuca, Domenico
Luise, Marco
Pagano, Paolo
Ferreira, Joaquim
Bartolomeu, Paulo C.
author_role author
author2 Lattuca, Domenico
Luise, Marco
Pagano, Paolo
Ferreira, Joaquim
Bartolomeu, Paulo C.
author2_role author
author
author
author
author
dc.contributor.author.fl_str_mv Tesei, Andrea
Lattuca, Domenico
Luise, Marco
Pagano, Paolo
Ferreira, Joaquim
Bartolomeu, Paulo C.
dc.subject.por.fl_str_mv Certificate revocation scheme
Transparency
Privacy
Vehicular public key infrastructure
Distributed ledger technology
Intelligent transportation systems
Vehicular ad-hoc networks
topic Certificate revocation scheme
Transparency
Privacy
Vehicular public key infrastructure
Distributed ledger technology
Intelligent transportation systems
Vehicular ad-hoc networks
description The widespread adoption of Cooperative, Connected, and Automated Mobility (CCAM) applications requires the implementation of stringent security mechanisms to minimize the surface of cyber attacks. Authentication is an effective process for validating user identity in vehicular networks. However, authentication alone is not enough to prevent dangerous attack situations. Existing security mechanisms are not able to promptly revoke the credentials of misbehaving vehicles, thus tolerate malicious actors to remain trusted in the system for a long time. The resulting vulnerability window allows the implementation of complex attacks, thus posing a substantial impairment to the security of the vehicular ecosystem. In this paper we propose a Distributed Ledger-based Vehicular Revocation Scheme that improves the state of the art by providing a vulnerability window lower than 1 s, reducing well-behaved vehicles exposure to sophisticated and potentially dangerous attacks. The proposed scheme harnesses the advantages of the underlying Distributed Ledger Technology (DLT) to implement a privacy-aware revocation process while being fully transparent to all participating entities. Furthermore, it meets the critical message processing times defined by EU and US standards, thus closing a critical gap in the current international standards. Theoretical analysis and experimental validation demonstrate the effectiveness and efficiency of the proposed scheme, where DLT streamlines the revocation operation overhead and delivers an economically viable yet scalable solution against cyber attacks on vehicular systems.
publishDate 2023
dc.date.none.fl_str_mv 2023-01-01T00:00:00Z
2023
2024-03-13T16:29:09Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/article
format article
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://hdl.handle.net/10773/41072
url http://hdl.handle.net/10773/41072
dc.language.iso.fl_str_mv eng
language eng
dc.relation.none.fl_str_mv 1084-8045
10.1016/j.jnca.2022.103569
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.publisher.none.fl_str_mv Elsevier
publisher.none.fl_str_mv Elsevier
dc.source.none.fl_str_mv reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron:RCAAP
instname_str Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron_str RCAAP
institution RCAAP
reponame_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
collection Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository.name.fl_str_mv Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
repository.mail.fl_str_mv
_version_ 1799138194006999040