SECURE VANET VIA NAMED DATA NETWORKINGi.cs.hku.hk/fyp/2015/report/final_report/SO CHEUK...
Transcript of SECURE VANET VIA NAMED DATA NETWORKINGi.cs.hku.hk/fyp/2015/report/final_report/SO CHEUK...
SECUREVANETVIA
NAMEDDATA
NETWORKINGHKU COMP4801 (FYP) Final Report
Cheuk Yiu [email protected] | UID: 2012530095
DesigninganewsecurityprotocolforprivacypreservingidentityverificationinV-NDN
(Vehicularad-hocnetworkviaNamedDataNetwork)
17APRIL2016
1
Summary
VehicularAd-hocNETwork (VANET) is a typeof infrastructure-less networkmainly for inter vehicle
communication through wireless medium. Named Data Networking (NDN) is a data-oriented
networkingmodel. Itprovidesagoodnetworkingmodel forcommunicationbetweenvehiclessince
mostoftheVANETapplicationsreliesonsharinginformationbetweenvehicles.
Onnamed-data.net, there is a specification forNamedDataNetworking (NamedDataNetworking:
Motivation&Details-NamedDataNetworking(NDN)).TheprotocoloverviewspecifiesthatNamed
DataNetworkingprotocolaimstoreplaceIPonthenetworkinglayer.Thereisalsoa“VANETviaNamed
Data Networking” (Giulio Grassi) publication on named-data.net. It contains a NDN protocol for
effectivecommunicationbetweenvehiclesthroughvehicletovehicle(V2V)communicationbyutilizing
thenatureofwirelesscommunicationprotocol,whichisbroadcastingtoreducetheamountofpacket
needtoberesendbynodes.
Currently,twoprotocolshavebeendesigned.Thefirstone,isaprivacypreservingidentityverification
inVANETwithNDNdesign.ThisdesigntriestomergethecurrentpopularPublicKeyInfrastructureinto
VANETwithNDN.Thereareseveraldiscussionsonhowtodistributethepublickeyeffectivelyunder
thesituationthatthereisonlyvehicletovehiclecommunication.
Thesecondone,isadatafusionprotocolfordeliveringinformationtoreceiverinspecificarea.Itutilizes
GPSlocationdataasakeyforcryptography.Oneremarkablefeatureofthisdesignisthatnopreshare
keyisneeded.Aslongasthesenderhasthetimestampandlocationinfo,thekeycanbeconstructed.
Intheend,thereisasectiononsuggestingwhatcanbefurtherresearchedinNamedDataNetworking
andinVehicularAd-hocNETwork.
2
Contents
Summary..................................................................................................................................................1
Contents...................................................................................................................................................2
Introduction.............................................................................................................................................4
Background..............................................................................................................................................5
Purpose....................................................................................................................................................6
Previousworkinthefield.........................................................................................................................7
Privacypreservingidentityverificationdesign........................................................................................8
Summary..............................................................................................................................................8
Introduction.........................................................................................................................................8
SecurityschemeforVANETinNDN......................................................................................................8
Privacypreserving................................................................................................................................9
Cryptographyalgorithmselection......................................................................................................10
Identityverification............................................................................................................................10
PublickeysigninginNDNwithRoadSideUnit(RSU).........................................................................11
NDNsigningwithsmallmodification.............................................................................................11
FullNDNapproach.........................................................................................................................12
Distributingpublickey/Certificate....................................................................................................13
Passiveapproach............................................................................................................................13
Activeapproach..............................................................................................................................15
3
Dynamicactiveapproach...............................................................................................................18
Certificateincludedapproach........................................................................................................21
Hybriddynamicapproach..............................................................................................................23
Datapacketverifying..........................................................................................................................26
Certificaterevocation.........................................................................................................................26
Comment............................................................................................................................................27
DataFusionwithGPSlocationakeyDesign..........................................................................................28
Introduction.......................................................................................................................................28
Designdetails(withexample)............................................................................................................29
Explainingwithexample.....................................................................................................................30
Usage..................................................................................................................................................34
Comment............................................................................................................................................34
Currentstatus.........................................................................................................................................35
Futurework............................................................................................................................................36
Results....................................................................................................................................................37
References..............................................................................................................................................38
TableofFigures......................................................................................................................................38
4
Introduction
Vehicular Ad-hoc NETwork (VANET) is a type of wireless network mainly for inter-vehicle
communication.NamedDataNetworking(NDN)hasbeenselectedtobethenextgenerationInternet
architectureandNDNissuitableforVANETapplicationsasmostofthemrelyonsharinganddistributing
informationwithothervehicles.
The project will study how NDN can be used in VANET and design a new protocol with privacy-
preservingidentityverificationforVANETwithNDN.
ThedevelopmentofimplementingNDNwithVANETintheworldisstillatthebeginningstage.With
the new protocol, vehicle can share informationwith other vehicles without worrying the driver’s
privacybeingexposedto3rdparty.Meanwhile,themessagesender(thedriverortheonbroadunit)
identitywillstillbeproperlyauthenticated.ThiscanhelpdevelopingbetterVANETapplicationasthe
protocolhasprovidedawaytoshareinformationsafelyrunonapplicationanddeveloperneednotto
designadditionalmechanismtoprotectsender’sprivacyandverifyingsender’sidentity.
5
Background
Figure1-InternetandNDNHourglassArchitectures,from(NamedDataNetworking:Motivation&Details-NamedDataNetworking(NDN))
Infigure1,NDNwillreplaceIPpacketsbyContentchunks.RoutingwillnotbedeterminedbyIPaddress,
instead,itwillbedecidedbythecontenttag.Andthestrategylayerwilldecidehowcontentchunksbe
deliveredtonexthop.
Named Data Networking (NDN) is a kind of data-oriented networking model. It provides a good
networkingmodelforcommunicationbetweenvehiclessincemostoftheVANETapplicationrelieson
sharinginformationbetweenvehicles.
There are several application domains on VANET, from spreading information with single hops to
spreading information tomulti hopswithin various distances. Examples are electronic brake lights,
platooningandtrafficinformationsystems.
VANETapplicationsareusuallyrequiredtoshareinformationwithothervehiclesthroughdistribution.
Anexampleisroadsafetyapplication,whichisakindoftrafficinformationsystemthatsharestraffic
informationwithothervehiclesnearby.ThetraditionalIPnetworkingmodelfocusesonunicast(oneto
one)communication.Therefore,IPwillintroduceasignificantoverheadonVANETapplicationasthe
sourcenodehastomaintaintheconnectionbetweentheclientnodes.
6
WithNDN,thesendernodeisnolongerrequiredtomaintaintheconnectionbetweentheclientnodes
aseachnodecanbeturnedintoarelaynodetohelpdistributedata.Thesendernodejustneedsto
makesurethedatahasbeensentouttothenearbynodeandwillrespondtorequestswhenadditional
dataisneeded.
Purpose
Vehicular Ad-hoc NETwork (VANET) and Named Data Network (NDN) are regarded as two next
generationnetworks.VANETaimsatenhancingroadsafetywhileNDNaimsatreplacingthetraditional
IPnetwork.Researchersstartcombiningthemtoutilizetheiradvantages.
ThepurposeoftheprojectistodevelopaprotocolforVANETthroughtheNDNnetworkmodelwith
privacy preserving identity verification. For example, the message sender must be properly
authenticatedwhiletheprivacyofthedrivermustbeproperlypreserved.Attackershouldnotbeable
totraceadriver’stravellingroutebyanalyzingmultiplepacketsentbythevehicle.
Besidessecurity,performanceisalsoaconcernofthisproject.SinceVANETisawirelessinfrastructure,
bandwidthinwirelessnetworkislimited.Researchhastobedonetolookforabetterwaytotransmit
dataeffectivelyandsecurely.
7
Previousworkinthefield
Onnamed-data.net, there isa specification forNamedDataNetworking. (NamedDataNetworking:
Motivation&Details-NamedDataNetworking(NDN))TheprotocoloverviewspecifiedthatNamed
DataNetworkingprotocol isaimasreplacingIPonthenetworkinglayer.Ithasalsomentionedhow
datapacketsarebeingsignedtoprovidesourceidentification.However,thismightnotbesuitablefor
privacy-preserving identify verification as eachpacket has to be signedby using a private key. The
identity can be of the sender will be revealed if the signer’s certification contains the personal
informationofthesender.
Thereisalsoa“VANETviaNamedDataNetworking”(GiulioGrassi)publicationonnamed-data.net.It
containsaNDNprotocolforeffectivecommunicationbetweenvehiclesthroughvehicletovehicle(V2V)
communication.Thedesignofthisprotocolaimsasmakingdatapacketsspreadquicklyandeffectively.
However, italso includes theGPS locationof the sender.Asa result, the sender’s locationand the
drivingroutecanbetracedeasilyifthesenderkeeponsendinginformationout.
8
Privacypreservingidentityverificationdesign
Summary
Severalthingswillbecoveredinthefollowingsections.WewilldiscussabouthowtocombinethePublic
KeyInfrastructureintoNDNforVANET.Therewillbealargesectiondiscussabouthowtodistributethe
publickeyofasendereffectively.Intheendofthatsection,thereisanapproachwhichcombinedall
advantagesofothersapproachtogethertoformatheoreticallyoptimalapproach.
Inaddition,certificaterevocation,privacypreserving,identityverificationwillalsobecovered.
Introduction
ThisdesignfocusonimplementingthecurrentfamousPublicKeyInfrastructureintotheVANETwith
utilizingNamedDataNetworkingmodel.
Detailsofthedesignwillbementionedinthefollowingsubtopics.
SecurityschemeforVANETinNDN
Thisprojectproposedusingthedesignthatthepublickeyandcertificatearenotincludedinordinary
messagetoreducetransmissionoverhead.Thecertificatewillbelocatedasanindependentdatapacket
whichonlycontainsthecertificateandnamedwiththehashedvalueofthecertificate.
Thenamingmethodofthedatapacketis:
“/vanet/key/signed/[H(PubKey)]”
Whenavehicleneedaparticularcertificate,theOBUwillsendoutaninterestpackettoretrievethe
certificateofthesender.However,thisapproachwillintroduceotherproblemsandwillbediscussed
inthe“Distributingcertificate”section.
9
Privacypreserving
Toarchiveprivacypreserving, theprotocol has adopted thepseudo id as the id for identifying the
senderduringcommunicationbetweennodes.Eachvehiclewilluseanewidentityafteracertainperiod,
saychangingiteverydayorafteraweek.
TheOBUwillfirstgenerateapublickeyandaskthetrustedpartytosignthepublickeybysendinga
requestwiththekeyandatraceableid.OncetheOBUreceivedthesignedpublickey,thesenderwill
usethatkeytosigneverypacketitsends.Thesenderidisthehashedvalueofthepublickey.
Example:
1. Alicegenerateanewpublickey
2. Aliceencryptthefollowitemswiththetrustedpartypublickey
a. Thenewpublickey
b. Alice’straceableidentity
3. Alicesendtheencryptedpackettothetrustedpartyandrequestforsigning
4. Thetrustedpartyverifytherequestandsignthepublickey
5. Thetrustedpartyencryptthecertificate(signedpublickeyincluded)withAlice’snewpublickey
6. ThetrustedpartysendbacktheencryptedcertificatetoAlice
TheOBUcanalsogenerateasetofkeysandrequestforsigningforlateruse.Thiswillallowthesigner
tochangekeywithamoredynamicschedulewithoutbeingrestrictedbytheconnectionbetweenthe
trustedpartyandtheOBU.
10
Cryptographyalgorithmselection
The design of this implementation select Elliptic Curves Cryptography as the algorithm for signing
packetsanddata.
ConsideringthecomputationpowerofOBUonvehicleislimited,anefficientcryptographyalgorithm
hastobeselectedtoprovidebetterperformanceonsigningandverifyingpackets.
Asmentionedfrom“PerformanceAnalysisofIdentityManagementintheSessionInitiationProtocol
(SIP)”(YacineRebahi),theperformanceofECDSAismuchbetterthanRSA.
ThiswillprovidebetterperformancewhileprovidingsamesecuritylevelasRSAundersameparameters.
Asaresult,packetprocessingcanbefasterandtheoverheadoftransmittingpacketscanbereduced.
Identityverification
Whenthere isaneedtoretrievethereal identityofaparticularsender,wecantakethesender id
(eitherthehashedvalueofthesenderidorthecertificate)tothetrustedpartyandaskforthereal
identity.
11
PublickeysigninginNDNwithRoadSideUnit(RSU)
NDNsigningwithsmallmodification
ToutilizeNDNinthecurrentdesign, thefollowingmechanismwillbeadoptedforsigning.The
followingdesigndoesnotrequireothernetworkingprotocolstacktocompletetheoperation.
1. First,thetrustedpartyinterestedontheprefix
“/vanet/key/signing/”
ItwillalsomodifytheintermediatenodenottokeepanypacketinthePITonthisprefix
2. Second,theOBUwillinterestontheprefix
“/vanet/key/signed/[H(PubKey)]”
3. Third,theOBUwillmakeasignrequestbysendingdatapacketwiththename
“/vanet/key/signing/[H(PubKey)]”
4. Fourth,thetrustpartywillsendthesignedcertificatewiththename
“/vanet/key/signed/[H(PubKey)]”
Comment
However,thisdesignrequiredamodificationontheNDNdesign.AstheoriginaldesignofNDNwillkeep
datapacketintotheCStableandemptytheentryinthePITtable.
12
FullNDNapproach
ThereisanotherdesignthatcanstillfullyutilizeNDNprotocolwhiletheperformancewillbereduced
duetothepublickeywillbeencodedintothenamefiledoftheinterestpacket.
1. Frist,theOBUmakeasignrequestbysendingainterestpacketonname
“/vanet/key/signed/[base64(PubKey+traceableId)]”
Wherethepublickeyandthetraceableidwillbeencodedinbased64formatandincludedinthe
namefiledoftheinterestpacket
2. Second,thetrustedpartywillverifytherequestandsignthepublickeyandreturnthesigned
certificatebyincludingitinthedatapacketwiththename
“/vanet/key/signed/[base64(PubKey+traceableId)]”
3. Third,theOBUwillreceivethesignedcertificatefromthedatapacket.
Comment
However,thisdesignhasseveralproblems:
1. IftheOBUrequestforsigningwhilethevehicleismoving,theOBUhastoresendtheinterest
packet since not all RSU will contain the interest entry in the PIT table. This will increase the
overheadasthesizeoftheinterestpacketismuchbiggerthanthepreviousdesign.
2. TheRSUcannothelpspreadingthecertificateasthenameofthedatapacketisnotthehashed
valueofthecertificatewhichisthesenderid.
13
Distributingpublickey/Certificate
Passiveapproach
Themostpopularapproachtodistributecertificateinnameddatanetworkwasapassiveapproach.
When a consumer received a packet with unknown sender, which is the case that the sender’s
certificateisnotlocatedinconsumer’sidstore.Theconsumerwillsendaninterestpacketannouncing
itisinterestedonaspecificcertificateandwaitforthecertificatesendbackfromtheproduceroran
intermediatenode.
Pseudocode
Send_data(){
If(interest_packet.request_certificate()){
send_certificate()
}else{
send_data()
}
}
Performanceanalysis
Assumethefollowingparameter:
1. EachOBUcansendoutapacket (EitheraVANETapplicationpacket;anauthenticationrelated
packet;aninterestpacket)onceasecond.
2. Thesenderwillalwaysresponsetotheinterestpacketwhichrequestingthecertificate
14
Case1–Everyminute,50%oftheneighborwillbechanged.
SotheOBUcansend60packetsperminutes.With50%oftheneighborchangedinaminutes,itwill
have50%ofthepacketsallocatedforsendingcertificatewhichis30packetsforsendingcertificateina
minute.
Case2–Everyminute,25%oftheneighborwillbechanged.
SincetheOBUcansend60packetsperminute,with25%changingrateofnearbyvehicles;theOBUhas
tosendabout15packetsforit’scertificate.Whichtheoverheadis25%(15packets/60packets).
Itcanbeobservedthattheoverheadofbeingusedforsendingsender’scertificateisbeinglinkedwith
theneighborchangingrate.Whenanewvehicleappears,thenewvehiclewillrequestforthesender’s
certificate.
Comment
However,inVANETapplication,thismethodmightnotbeafeasiblewaytodistributekey.Considering
someVANETapplicationrequirelowlatencyonreceivingpacket,forexample,electronicbreak.Ifthe
carwhichbehindthesenderdoesnothasthecertificateofthesender,thelaternodewillsendoutan
interestpackettoretrievethecertificate.Thisapproachwillintroduceahugedelayandwillintroduce
accidenceifthekeyexchangeisnotfastenough.
15
Activeapproach
Herewe propose anothermethod to distribute certificate. Instead of taking the passive approach
mentionedabove,wecantakeanactiveapproachtodistributecertificate.Inthisapproach,insteadof
waitingforaninterestpacketarrivetotheproducer,theproducerwillsendoutit’sowncertificateout
inafixedschedule,forexample,every10second.
Pseudocode
Send_data(){
If(last_cert_send_time–current_time>=10){
send_certificate()
last_cert_send_time=current_time
}else{
send_data()
}
}
Performanceanalysis
Assumethefollowingparameter:
1. EachOBUcansendoutapacket(EitheraVANETapplicationpacket;anauthenticationrelated
packet;aninterestpacket)onceasecond.
2. Thesenderwillnotsendoutit’sownscertificateoutofitsscheduleevenitreceivedaninterest
packet.
16
Case1–Everyminute,50%ofitsnearbyvehiclechanged,sendingcertificateonceevery9packets.(1
in10datapacketsiscertificatepacket)
SincetheOBUwillnotsenditowncertificateoutofit’scertificatesendoutschedule.Theamountof
certificatepacketsentare6inaminute(60*10%).
Case2–Everyminute,25%ofitsnearbyvehiclechanged,sendingcertificateonceevery9packets.(1
in10datapacketsiscertificatepacket)
SincetheOBUwillnotsenditowncertificateoutofit’scertificatesendoutschedule.Theamountof
certificatepacketsentarestill6inaminute(60*10%).
Case3–Everyminute,50%ofitsnearbyvehiclechanged,sendingcertificateonceevery19packets.(1
in20datapacketsiscertificatepacket)
SincetheOBUwillnotsenditowncertificateoutofit’scertificatesendoutschedule.Theamountof
certificatepacketsentare3inaminute(60*5%).
Case4–Everyminute,20%ofitsnearbyvehiclechanged,sendingcertificateonceevery19packets.(1
in20datapacketsiscertificatepacket)
SincetheOBUwillnotsenditowncertificateoutofit’scertificatesendoutschedule.Theamountof
certificatepacketsentare3inaminute(60*5%).
17
SincetheOBUwillnotresponsetointerestpacketinstantlyanditwillonlyfollowitownscheduleto
sendout certificate, theoverheadof beingused to sendout certificated is beingboundedwith its
scheduleinsteadodthechangingrateofneighbor.
Comment
However,thismethodhasadisadvantagethatthenumberofcertificatebeingsentistoomanyandtoo
frequent.Inaddition,itwillnotresponsetointerestpacketinstantlyandwillcreateincidencesdueto
consumerfailedtoreceivethecertificate.
18
Dynamicactiveapproach
There isabettermethoddeveloped inthisproject,whichcertificatecanbedynamicallydistributed
basedondemandandneeded.ThedesignfeatureseveryOBUtocontainaneighbortablewhichwill
storeinformationaboutvehiclesnearby.
ThisdesignassumethateveryOBUwillsendoutitsstatuswhichissimilartothe“AutomaticDependent
Surveillance–Broadcast” (ADS-B)system,asystembeingused inaircraft toshare informationwith
otheraircraftsinairspace.
TheOBUwilllistenoneverypacketreceivedfromneighborvehiclestomaintainitsneighbortable.If
theOBUfoundanewneighborshowup,itwillsendoutitcertificate.
ThiswillallowothervehicletoreceivethecertificatequicklywhileallowingtheOBUtosendoutuseful
informationinsteadofauthenticationinformation.
Pseudocode
Send_data(){
If(neighbor_table.has_new()){
send_certificate()
}else{
send_data()
}
}
19
Performanceanalysis
Assumethefollowingparameter:
1. EachOBUcansendoutapacket(EitheraVANETapplicationpacket;anauthenticationrelated
packet;aninterestpacket)onceasecond.
2. Thesenderwillnotsendoutit’sownscertificateoutofitsscheduleevenitreceivedaninterest
packet.
3. The senderwill adjust it own certificate sendout schedule basedon the information on its
neighbortable.
Case1–Everyminute,50%ofthevehiclewillbechanged.
Inoneminute,itneedtosendoutmaximum30datapacketfordistributingcertificate.Thissendout
action isbasedonthechangesonneighbortable,whenanewvehicleappears, itwill sendoutthe
certificate.
Case2–Everyminute,20%ofthevehiclewillbechanged.
Inoneminute,itneedtosendoutmaximum30datapacketfordistributingcertificate.Thissendout
action isbasedonthechangesonneighbortable,whenanewvehicleappears, itwill sendoutthe
certificate.
20
Comment
Itcanbeobservedthattheperformanceisquitesimilartothepassiveapproach.Theonlydifferent
between this design and the passive approach is; instead of waiting for an interest packet which
requestingforthesender’scertificate,itwillsendoutit’sowncertificateonceitnoticeanewneighbor
hasappeared.Thiswill allowother vehicle to verifyurgentdatapacket sinceother vehiclehas the
sender’scertificatealready.
Thisapproachcanprovidebetterperformancebydecreasingthenumberofcertificatebeingsentout
sincethesendingcriteriaisnotbasedoninterestpacketbutbasedonthenumberofnewneighbor
appear.Ifseveralnewneighborappearedinthesametimeslot,itwilljustsendoutthecertificatedata
packetonceinsteadofmultiple.
However,therearestillsomecornercase,forexample,whenthefirstpacketreceivedbyneighboris
anurgentpacket,theneighbor’sOBUcannotresponsetothepacketinstantlysincetheconsumerhas
nosender’scertificate.
21
Certificateincludedapproach
Insteadofsendingthecertificateinadifferentpacket,thesender’scertificatecanbeincludinginthe
senderfield.ThisapproachcanbeimplementedwiththeoriginalNamedDataNetworkingmodel.
Soeachtimeadatapacketisbeingsent,thecertificatewillbeincluded.Consumerwithnosender’s
certificatedonotneedtorequestforthesender’scertificateasithasbeenincludedinthedatapacket.
Pseudocode
Send_data(){
Send_data_with_cert()
}
Performanceanalysis
Assumethefollowingparameter:
1. EachOBUcansendoutapacket(EitheraVANETapplicationpacket;anauthenticationrelated
packet;aninterestpacket)onceasecond.
2. OBUwillnotsenditowncertificateasadedicatedpacketevenaninterestpacketwhichrequest
forit’scertificate.
Case1–Everyminute,50%ofthevehiclewillbechanged.
Inoneminute,itwillsendout0certificatepacket.Sincealldatapacketitsendsoutwillincludedthe
certificate.
Case2–Everyminute,20%ofthevehiclewillbechanged.
Itissameascase1,nocertificatepacketwillbesentout.
22
Comment
This approach seemsprovidingbetterperformance in termsofpacketbeingused for sendingdata
packet. This also allow consumer to verify urgent data packet immediately. However, the time for
sendingeachpacketwillbemorethananyotherapproachmentionedbeforeasthecertificateisbeing
included,theoverheadappearedineachpacketheader.Bothsendersandconsumersrequiremore
timetosendandreceivedatapackets.
Itisalsoimportanttonotethattheamountofbandwidthinwirelessspaceislimited,itisimportantto
reduceoverheadoneachpacketbeingsenttoallowmoreusefuldatabeingsentandshared.
23
Hybriddynamicapproach
Lastbutnotleast,weproposeanothermethodtodistributecertificate.Thisapproachcombinesboth
thedynamicactiveapproachwithanothersecurityschema,the“Certificateincludedapproach”.
Insteadof forcingeverydatapacketcontainsonly thesender’s id in thesender field,wecanallow
urgentpacketcontainthecertificateinthesenderfieldinsteadofthesenderid.Thiswillincreasethe
overheadofsendingtheurgentpacket,astheheadersizeofthesenderfieldislarger,whilethisalso
provideseveralbenefit.
First, consumernodewillable toverifysender’s identity immediately.Second,consumercansafely
relaytheurgentpackettoothervehiclewithoutrepackingthepacketwithitownsignature.Thiswill
providebetterrelayperformanceforurgentinformation.
Inaddition,OBUwillnotsendoutit’scertificateimmediatelyafteranewneighborappear.Itwillcheck
whetherithassentoutacertificaterecently,ifyes,itwillsenditafterwardbasedonascheduler.
Pseudocode
Send_data(){
If(neighbor_table.has_new()&&last_send_cert_time–current_time>=10){
send_certificate()
last_send_cert_time=current_time
}else{
send_data()
}
}
Send_urgent_data(){
Send_with_certificate()
}
24
Performanceanalysis
Assumethefollowingparameter:
1. EachOBUcansendoutapacket(EitheraVANETapplicationpacket;anauthenticationrelated
packet;aninterestpacket)onceasecond.
2. Thesenderwillnotsendoutit’sownscertificateoutofitsscheduleevenitreceivedaninterest
packet.
3. The senderwill adjust it own certificate sendout schedule basedon the information on its
neighbortable.
4. Thesenderwillsendoutcertificatepacketmostlyoncein10seconds.
Case1–Everyminute,50%ofthevehiclewillbechanged.
Inoneminute,itneedtosendoutmaximum6datapacketfordistributingcertificate.Thissendout
action isbasedonthechangesonneighbortable,whenanewvehicleappears, itwill sendoutthe
certificate.However,itwillnotsendcertificatepacketifithassentoutonewithin10secondsbefore.
Case2–Everyminute,20%ofthevehiclewillbechanged.
Inoneminute,itneedtosendoutmaximum6datapacketfordistributingcertificate.Thissendout
action isbasedonthechangesonneighbortable,whenanewvehicleappears, itwill sendoutthe
certificate.However,itwillnotsendcertificatepacketifithassentoutonewithin10secondsbefore.
25
Comment
Theworstcaseperformanceofthisapproachwillbethesameastheactiveapproach.Theoverheadof
beingusedtosendoutcertificatedisbeingboundedwithitsscheduleinsteadodthechangingrateof
neighbor.Whileitalsoenjoysbenefitfromthedynamicapproach(sinceitbasedondynamicapproach)
whichitsendsoutcertificatepacketonlyifnewneighborappears.
Unlikethe“Certificateincludedapproach”,certificatewillnotbeincludedineverydatapacket.Thiswill
reducetheoverheadforsendingeachdatapacket.Whichwillreducethebandwidthusedforsending
datapacket.
In addition, it also eliminates some comer cases appeared in the dynamic active approach as the
sender’scertificatewillbe included inthesenderfield forurgentdatapacket.Consumernodeswill
alwaysabletoverifysender’sidentityforurgentpacket.
26
Datapacketverifying
InthedesignofNamedDataNetwork,whenaconsumerreceivedadatapacket,theconsumerwill
verifywhetherthepackethasbeensignedproperly.Ifthedatapacketisnotbeingsingedproperlythe
packetwillbedropped.Iftheconsumerhasnocertificateofthesenderforverifyingthepacket,itcan
chooseeitherwaitforthecertificatearriveorsimplydroppingthepacket.
Itcanbeduetoimproperdatasigning;thecertificateisnottrustedbyconsumerortheisnotsignedby
acertificatesignedbytrustedparty,theconsumercandropthepacketinthiscase.
Certificaterevocation
Thisprojectsuggestsusingcertificaterevocationlistasamediumtodistributealistofcertificatewhich
hasbeenrevoked.TheCRLcanbeeitherafullCRLoradeltaCRL.Thelistshallbedistributedthrough
NDNdatapacket.
Toarchivethis,everyOBUwillinterestonprefix“/vanet/crl/”.ItwillallowrelayCRLordelta-crlpacket
toothernodes.ThetrustpartydoesnotneedtosigntheCRLsinceNDNdatapackethastobesigned
bysender.
In addition, theOSCP protocol can also be implement intoNDN in VANET.We can create a prefix
“/vanet/oscp/”forhandlingcertificatestatusdata.Whenaconsumerwanttoknowthelateststatusof
acertificate,itcansendainterestpacketwithname“/vanet/oscp/[sender’sid]”.
27
Comment
Severaldesignsofdistributingcertificatedhasbeencoveredinthisreport.Withthehybriddynamic
approach,whichcombinealladvantagesofdifferentdesignstogetherwithalittletradeoffforurgent
datapacket;itallowsvehiclesinVANETutilizethebandwidthinthewirelesschanneleffectively.
MostefforthasbeenputintocombiningPublicKeyinfrastructureintoVANETwithNDNandpublickey
/ certificate distribution from sender. Additional explanations have to be added to describe how
certificateshallberevokedandhowdatapacketshallbeverified.
Thecurrentdesignstillrequiretheroadsideunitconnectedtoanetworkwhichcanreachthetrusted
partyforcertificatesigning.Althoughmethodshavebeenproposedinthisprojectonhowtosigned
publickeywithroadsideunit,thismethodcannotbeworkonsituationthatnoroadsideunitisgiven.
28
DataFusionwithGPSlocationakeyDesign
Introduction
Currently, a protocol has been designed for sharing informationwith other vehicleswhich located
withinaspecificareainaspecifictimerange.Forexample,thesendercandecidesharinginformation
withvehicleswhichislocatedwithinabout50metersradiusfromthesenderat2015-10-1112:32:37.
Toarchivethis,anencryptionalgorithmisrequiredtoencryptthedata.SinceNDNisanetworkmodel
whichissimilartomulticast,anewkeydistributingmethodhasbeendevelopedtomakegooduseof
thisproperty.EveryvehiclewillcontainaGPSunittorecordtheirGPSlocation.Eachrowintherecord
tablewillcontaintheGPSlocationandthetimestamp.TheformatofthelocationvalueisWGS84.
Theproperty ofWGS84 is that themoredecimal places given in the value, themore accurate the
locationwill be. In otherwords, considering using this property as a key for encryption to restrict
decoderinaspecificarea.Thelessdecimalplacesbeingusedasthekey,thelargertheareawillbe.
29
Designdetails(withexample)
Thesenderwillsendoutthepacketwiththefollowingdata:
1. Thetimestampoftheinformationgenerated,forexample,“2015-10-1112:32”
2. Theaccuracyofthelocationvalueforthekey(howmanydecimalplaces),forexample,“1”.
3. Theencryptedinformation.
4. Theidofthevehicle.
5. Thehashedvalueofthekey.
Theexampleabovewillcreateaspecifiedareawithsize11kmnorth-southand8.5kmeast-west.Only
vehiclewhichlocatedinthesamespecifiedareaofthesenderatthemoment2015-10-1112:32will
knowtheexactkeyfordecryption.Receivercanretrievethekeyfromtheirrecordtablebyusingthe
timestampprovidedinthepacketandtruncatingthelocationbytheaccuracyspecifiedinthepacket
anduseitasadecryptionkey.
Thehashedvalueofthekeyprovidesamechanismforreceivertocheckwhethertheyhavethecorrect
keytodecryptthemessage.Thisenablethereceiverputthecomputingresourceondecryptingpacket
whichistargetforhim,sothatthelessresourcewillbewastedontryingtodecryptmessagewhichis
not forthereceiver.Sinceahashedvaluecannotbereversedtotheoriginalvalue,attackercannot
retrievethekeysimplybyanalyzingthehashedvalue.
30
Explainingwithexample
Tracklogofthreevehicles
Hereisthetracklogofthreevehiclesinashorttimeperiod.
Figure2-Tracklogofthreevehiclesinashorttimeperiod
These track log showswhere thecarexistatdifferent time.The first column is the timestamp, the
secondcolumnisthelatitudeandthethirdcolumnsisthelongitude.Thesetracklogswillbeusefurther
inthefollowingsectionsonexplaininghowitworksasankeyforsharinginformationwithdifferent
receivers.
31
CarAsendoutthefirstpacket
When car A send out the first packet at time “1:00:00”, it will send out a packet with following
parameter:
1. Timestamp:2016-01-0101:00:00
2. Accuracy:0(ignorealldecimalplace)
3. Key:(40,-74)
4. Keyhash:hashedvalueofkey(40,-74)
Figure3–Cars’tracklogswithresultshownattime01:00:00
WhencarBandcarCreceivedthepacketfromcarA,theywillfirstcheckoutthetimestampinthe
packet.Thentheywillextractthecorrespondinglatitudeandlongitudevaluefromtheirtracklog.Next
theywillextracttheaccuracyvaluefromthepacketsothattheywillknowhowtoconstructthekey.In
thiscase,bothcarwilluse(40,-74)asthekeyfordecoding.Bothvehiclewillcomputethehashvalue
ofthekeybeingusedandcompareitwiththekeyhashfromthepacket.Ifthekeyhashvaluesarethe
same,theydecodethepacketcontent.
Inthiscase,bothcarBandcarCwillabletodecryptthepacketsincetheywereinthesamelocationas
carAandwithintheaccuracylimit.
32
CarAsendoutthesecondpacket
WhencarA sendout the secondpacketat time“1:01:00”, itwill sendoutapacketwith following
parameters:
1. Timestamp:2016-01-0101:01:00
2. Accuracy:0(ignorealldecimalplace)
3. Key:(41,-74)
4. Keyhash:hashedvalueofkey(41,-74)
Figure4–Cars’tracklogswithresultshownattime01:01:00
Now,carBandcarCwillfollowthesameprocedurementionedinthepreviousexample.However,car
Cwilldiscoverthatit’skeyhashedvalueisnotthesameastheonefromthepacket,sincecarConly
knowthekey(39,-74)butnotthekeyusedbycarAfroencryption,whichis(41,-74).CarCwillnottry
todecryptthedatapacketsincecarCdoesnothasthecorrectkey.
CarBwillstillabletodecryptthedatapacketsincecarBhassufficientinformationtoreconstructback
thekey.
33
CarAsendoutthethirdpacket
When car A send out the third packet at time “1:02:00”, it will send out a packet with following
parameters:
1. Timestamp:2016-01-0101:02:00
2. Accuracy:1(keeponedecimalplace)
3. Key:(401,-740)
4. Keyhash:hashedvalueofkey“(401,-740)”
Ascanbeseen,thistime,carAsettheaccuracyvalueto1.Asaresult,thekeyis(401,-740)insteadof
(40,-74).
Figure5-Cars'tacklogswithresultshownattime01:02:00
Inthiscase,bothcarBandcarCarenotabletodecryptthepacketsentbycarA.
ForcarB,thekeyitwilltrytodecryptthepacketis(416,-740).CarBisnotusingthekey(41,-74)this
timebecausetheaccuracyparameter is1.WhencarB try tocomparethehashedvalueof thekey
constructedfromit’stracklogandtheonefromthemessagepacket, itwillrealizethatthevalueis
differentandcarBwillnottrytodecryptthemessage.
ForcarC,itwillableabletodiscoverthekeyconstructedfromit’stracklogisdifferentfromtheone
usedbycarA,sincethehashedvalueofthekeyisdifferent.
34
Usage
Thisprotocolcanbeusedinvarioussituation,includedbutnotlimitedinVANETapplication.Itcanbe
use in advertisement to general public in city, information sharingwithunknown receiverwhoare
locatednearthesender.
Comment
Althoughthisdesignenablesprivacypreservingidentityverificationbyknowingwhowassendingthe
packet(TheIdofthevehicle)butnotknowingwhereexactlythedriverislocated,thisdesignhasseveral
restrictions.
First,thesizeofthespecifiedareaisrestrictedbythedesignofWGS84,asaresult,thescaleofthesize
oftheareaisdividedby10.Forexample,with1decimalplace,theaccuracyinlatitudeis11km;with2
decimalplace,theaccuracyinlatitudeis1.1km.Sendercannotdecidetheaccuracyinlatitudetobe
5km.
Second,thisprotocolcannotbeusedinareawithnoGPSsignal,forexample,insideatunnelorarea
withlargeandthickcloudwhichfilterouttheGPSsignal.
AdditionalworkshastobedonetofurtherimprovetheprotocolandtestitwithintheNS3simulator.
35
Currentstatus
At this moment, two different designs have been created in this project to address two different
problems.First,adesignforimplementingthePublicKeyInfrastructureintotheVANETwithNamed
DataNetworkingmodel.Second,adatafusiondesignwhichcanbeusedforfilterdataandtargeting
specificreceivingnode.
DuringthestageofdesigningdifferentapproachondistributingcertificateinVANETwithNDN,several
problemsinNDNhasbeendiscovered.Forexample,thebehaviorbetweenthePITandpacketreturn
theproducerhasnotbeenproperlyspecified.Asaresult,additionefforthasbeentakento further
studythebehaviorofPITtable.
The simulatorNS-3hasbeen taken into studya fewweeksafter the startof the second semester.
HoweverduetothecomplexityofthesetwodesignandtoomanyoptionsintheNS-3simulator,there
was insufficient time to implement designs into the simulator for extracting performance data for
analysis.
For the Privacy preserving identity verification design, since theNS-3 simulator does not contain a
generalAPIforgeneratinginterestpacketbasedonpacketreceivedoneachnode,itrequiresaddition
timeandefforttoimplementtheselogicsintothesimulatorforsimulation.
36
Futurework
Severaltopicscanbedoneinthefutureasanindependentproject.
1. SigningrequestonpureNDNwithbetterperformance.
Currently,thecommunicationmodelbetweenconsumerandproducerisbasedonarequestbase.
Consumercanonlysenddatatoproducerasainterestpacket,datacanonlybeencodedinbase64
formatandincludedinthenamefield.
2. Allowconsumerpushingdatatoproducer
Asmentionedabove,consumercanonlysenddatatoproducerbyincludinginformationasabase64
formatandincludedinthenamefieldofinterestpacket.Thisisnotanefficientapproachwhenwe
compareitwithdatacanbesendasbinarydata,likehowIPdoesthesedays.Wecanstudyhowcan
theprotocolbemodifiedtoallowdataincludedasabinarydataandsendittoproducer.
3. Allowproducerstreamingdata
Atthismoment,thedesignofNamedDataNetworkingisbasedonarequestandresponseapproach.
Itisimpossibleforproducertosenddatapackettoconsumerifconsumerdoesnotrequestfora
packetthroughaninterestpacket.ItispossibletoimproveNDNbyimplementingamulticastlike
featureintoitsothatproducercanpushdatatoconsumerdirectly.Itcanbedesignaswithasingle
interest packet from consumer, subsequencedatapacket share the sameprefix canbe sent to
consumerwithouttheconsumerkeeponsendingdifferentinterestpacket.
4. ImprovethePendingInterestTabledesign
Rightnow,theNamedDataNetworkingmodelhasnotdefinedhowtheintermediatereactwhena
datapacketreceivedwithalongernamethantheentryinthePIT.Howshouldtheintermediate
nodestorethedatapacketintothecontentstore?Shoulditmakethedatapackethasthesame
nameastheoneinthePIT?Additionalresearchandworkhastobedonetoimprovethedesign.
37
Results
Two designs have been created for addressing two different issue. The first design is for privacy
preserving identity verification. The design has suggested a way to implement the Public Key
InfrastructureintoVANETwithNDN.Inaddition,ithasalargesectionfocusingonhowtoimprovethe
performanceondistributingpublickeysduringtransmissioninthecasethatnoroadsideunitexists.
The second design, which is the data fusion with GPS location data as a key. This design allow
informationsharedwithaudiencesnearbywithfinecontrolontheareaoftheaudiences.ItutilizesGPS
locationandtimestampasamediumtoformthecommonkeyforcryptography.
Itwasplannedtoimplementthesetwodesignsintoasimulatortoextractperformancedataforfurther
improvementonthedesignsofthesetwoprotocol.However,thedesignoftheNS-3simulatorisfar
more complex than expected earlier and the API provided by the simulator cannot fulfill the
requirementofsimulatingthesetwoprotocol.Asaresult,additionalworkhastobedonetostudythe
simulatorandcreateadditionalimplementationforsimulatingbothdesignsandprotocols.
38
References
"Named Data Networking: Motivation & Details - Named Data Networking (NDN)." Named Data
NetworkingNDN.<http://named-data.net/project/archoverview/>.
GiulioGrassi,DavidePesavento,GiovanniPau,RamaVuyyuru,RyujiWakikawa,LixiaZhang."VANETvia
Named Data Networking." 2014. VANET via Named Data Networking. <http://named-data.net/wp-
content/uploads/2014/03/vanet_via_ndn_infocom_nom.pdf>.
YacineRebahi,JordiJaenPallares,NguyenTuanMinh,SvenEhlert,GergelyKovacs,DorghamSisalem.
"PerformanceAnalysisofIdentityManagementintheSessionInitiationProtocol(SIP)."IEEE,n.d.
TableofFigures
Figure1-InternetandNDNHourglassArchitectures,from(NamedDataNetworking:Motivation
&Details-NamedDataNetworking(NDN))........................................................................5
Figure2-Tracklogofthreevehiclesinashorttimeperiod......................................................30
Figure3–Cars’tracklogswithresultshownattime01:00:00..................................................31
Figure4–Cars’tracklogswithresultshownattime01:01:00..................................................32
Figure5-Cars'tacklogswithresultshownattime01:02:00....................................................33