2.4 KiB
2.4 KiB
% notes ITS talk
- quite a long title, so let's 1st talk about ITS before we get to the Pseudonym Schemes
ITS
-
road traffic is still dangerous part of our everyday lives
-
infrastructure assist safety
-
recent years: decrease of traffic deaths
-
probably also thanks to assistance systems
- currently working on their own
-
collaboration, proactively broadcast, communicate
-
multiple standardization groups working on it
-
survey focuses on middle layers
-
GN: geograhical ad-hoc routing, broadcast unicast multicast
-
constant communication, linkability
-
location privacy: deriving location patterns of a single user
-
authorized senders: message signing
pseudonym schemes
-
proposed solution: pseudonyms
- must not be linkable
-
we only want authorized vehicles to communicate
-
a priori trusted: RootCA
-
EA knows vehicle ID & public key
-
AA trusts valid EA certificates
-
pseudonym resolution: desirable for law enforcement agencies
pseudonym change
- many strategies have been proposed
- C2C CC: statistical values:
- shall achieve that locations significant to a user can't be linked together nor to the user
- 0.8-1.5km, then each 0.8km or 2-6min
- vehicle-centric change strategies: depending on mobility, trajectory
- density-based
- cryptographic mix zones: symm. key from RSU
- safety of collision avoidance systems
advanced schemes
- identity-based:
- advantage: no certificates needed as ID = key
- disadvantage: splitting mapping information hard, Trusted Authority involved in key derivation
- group signature:
- all members of group can sign for same public key
- problems: group leader, group change -> re-setup of all group keys
- symmetric MACs:
- less computation overhead
- but not really practically usable, as signature checking is done by 3rd parties
attacker model
- single-point:
- communication with EA and AA encrypted, C2C 3 segments (reception range)
- no cooperative change needed
- global passive:
- cooperative change
- cryptographic mix zones sufficient
- active: pseudonym depeltion
- active insider:
- real silent periods needed, crypto mix zones don't work anymore
- servers in the internet can't link IPv6 address thanks to stateless autoconfiguration
- special attacks:
- pseudonym depletion attack
- sybil attack
- privileged: accountability, resolution
- needs independent judicial systems and separation of powers