hs-pseudonym-schemes-in-v2x/talk-slides.tex

% $Header$
% use lualatex for compilation

\documentclass[aspectratio=169]{beamer}

% This file is a solution template for:

% - Talk at a conference/colloquium.
% - Talk length is about 20min.
% - Style is ornate.



% Copyright 2004 by Till Tantau <tantau@users.sourceforge.net>.
%
% In principle, this file can be redistributed and/or modified under
% the terms of the GNU Public License, version 2.
%
% However, this file is supposed to be a template to be modified
% for your own needs. For this reason, if you use this file as a
% template and not specifically distribute it as part of a another
% package/program, I grant the extra permission to freely copy and
% modify this file as you see fit and even to delete this copyright
% notice. 


\mode<presentation>
{
  \usetheme[cd2018,noddc,navbar,darktitlepage]{tud}
  \usecolortheme{tud}
  % or ...

  %\setbeamercovered{transparent}
  % or whatever (possibly just delete it)
}

% notes on 2nd screen:
\usepackage{pgfpages}
%\setbeameroption{show notes on second screen}

\usepackage[english]{babel}
% or whatever

\usepackage{ifluatex}

\ifluatex
\usepackage{fontspec}

\else
\usepackage[T1]{fontenc}
\usepackage[utf8]{inputenc}
% Or whatever. Note that the encoding and the font should match. If T1
% does not look nice, try deleting the line with the fontenc.
\fi

\usepackage{cite}

\title[Pseudonym Schemes in ETSI V2X communication] % (optional, use only with long paper titles)
{An ETSI look at the State of the Art of pseudonym
schemes in Vehicle-to-Everything (V2X)
communication}

\author
{Oliver Schmidt}
% - Give the names in the same order as the appear in the paper.
% - Use the \inst{?} command only if the authors have different
%   affiliation.

\institute[] % (optional, but mostly needed)
{
  Department of Computer Science\\
  Technical University Dresden
}

\date[HSTS 2018] % (optional, should be abbreviation of conference name)
{Hauptseminar Technischer Datenschutz, 2018}
% - Either use conference name or its abbreviation.
% - Not really informative to the audience, more for people (including
%   yourself) who are reading the slides online

\subject{Privacy}
% This is only inserted into the PDF information catalog. Can be left
% out. 



% If you have a file called "university-logo-filename.xxx", where xxx
% is a graphic format that can be processed by latex or pdflatex,
% resp., then you can add a logo as follows:

% \pgfdeclareimage[height=0.5cm]{university-logo}{university-logo-filename}
% \logo{\pgfuseimage{university-logo}}



% Delete this, if you do not want the table of contents to pop up at
% the beginning of each subsection:
%\AtBeginSubsection[]
%{
%  \begin{frame}<beamer>{Outline}
%    \tableofcontents[currentsection,currentsubsection]
%  \end{frame}
%}


% If you wish to uncover everything in a step-wise fashion, uncomment
% the following command: 

%\beamerdefaultoverlayspecification{<+->}


\begin{document}

\maketitle


\begin{frame}{Outline}
  \tableofcontents
  % You might wish to add the option [pausesections]
\end{frame}


% Structuring a talk is a difficult task and the following structure
% may not be suitable. Here are some rules that apply for this
% solution: 

% - Exactly two or three sections (other than the summary).
% - At *most* three subsections per section.
% - Talk about 30s to 2min per frame. So there should be between about
%   15 and 30 frames, all told.

% - A conference audience is likely to know very little of what you
%   are going to talk about. So *simplify*!
% - In a 20min talk, getting the main ideas across is hard
%   enough. Leave out details, even if it means being less precise than
%   you think necessary.
% - If you omit details that are vital to the proof/implementation,
%   just say so once. Everybody will be happy with that.

\section{Motivation}

\subsection{Intelligent Transport Systems}

\begin{frame}{Intelligent Transportation Systems}{Network Communication for Increased Traffic Safety}
  % - A title should summarize the slide in an understandable fashion
  %   for anyone how does not follow everything on the slide itself.

  \begin{columns}
  \begin{column}{0.47\textwidth}

    \begin{itemize}
    \item
        \textbf{Vision Zero}: the aim of having no traffic-related fatalities\note{vision zero: late 90s, aim: no road traffic fatalities}
    \item
        includes shifting responsibility to infrastructure\note{paradigm shift}
    \item
        communication between safety assistance systems to increase safety
    \item periodical broadcast of position and proximity
    \end{itemize}
  \end{column}
  \begin{column}{0.5\textwidth}
    \begin{figure}
    \includegraphics[width=\textwidth]{figures/eu-fatalities-and-targets-2001-2020.jpg}
    \nocite{careeuroadaccidentsdatabaseEUFatalitiesTargets}
    \end{figure}
    
  \end{column}
  \end{columns}

\end{frame}


\subsection{ETSI ITS network architecture}
\begin{frame}{ETSI ITS network architecture}

\begin{itemize}
 \item \textbf{E}uropean \textbf{T}elecommunications \textbf{S}tandards \textbf{I}nstitute
 \item network technologies used in middle layers:
    \begin{itemize}
     \item GeoNetworking for geographical routing
     \item BTP as transport protocol
     \item IPv6 encapsulated in GeoNetworking
     
    \end{itemize}

\end{itemize}

 
\end{frame}

\begin{frame}{Intelligent Transportation Systems}{Tracking in Vehicular Networks}
 \begin{itemize}
  \item problem: constant communication allows tracking of vehicles
  \item \textit{linkability} of messages threat to \textit{location privacy}
  \item linkable identifiers in messages:
    \begin{itemize}
     \item vehicle position
     \item network addresses: IP, GeoNetworking, port numbers
     \item certificates for message signing\note{for security purposes authenticity of messages needs to be ensured by asymmetric signing}
     \item StationID
     \item state residing in message queues, counters, \dots
     \item message content left out of scope
     \item \dots
    \end{itemize}
    
 \end{itemize}

\end{frame}


\section{Pseudonym Schemes}

\subsection{Pseudonym Schemes for ETSI ITS}

\begin{frame}{Pseudonym Schemes for ETSI ITS}

 
\only<2>{\begin{figure}
 \includegraphics[width=0.7\textwidth]{figures/etsi-pki.png}
 \end{figure}}

\begin{itemize}
 \item<1,3-> basic idea: use temporary identifiers, change them periodically \& simultaneously together
 \item<1,3> pseudonymity while maintaining authentication of vehicle node:
    \begin{itemize}
    \item<1,3> divide knowledge about identities within a PKI
    \end{itemize}
 \item<3-> crucial operations: pseudonym issuance, use, change, revocation, resolution
\end{itemize}


\end{frame}

\begin{frame}{Pseudonym Change}
 \begin{itemize}
  \item requirements for an effective change strategy:
    \begin{itemize}
     \item other nodes present for ambiguity
     \item coordinated change
     \item random change frequency
     \item all identifiers changed simulataneously, buffers flushed
    \end{itemize}
  \item Car-2-Car CC: divide trips into 3 segments
  \item Mix Zones
  \item Silent Periods
 \end{itemize}

\end{frame}



\subsection{More Advanced Pseudonym Schemes}

\begin{frame}{Advanced Cryptographic Pseudonym Schemes}
\begin{itemize}
 \item ETSI standard uses PKI certificate-based pseudonyms
 \item other approaches: \note{all of them have their challenges}
    \begin{itemize}
     \item identity-based cryptography
     \item group signature schemes
     \item symmetric MACs
    \end{itemize}

\end{itemize}


\end{frame}

\subsection{Evaluation}

\begin{frame}{Attacker Model}{Characteristics}
 \center
 \begin{tabular}{r | l}
  \textbf{capability} & \\ \hline
  reach & single-point/ multi-point/ global \\
  authentication in network & insider/ outsider \\
  activity & Dolev-Yao (active)/ passive
 \end{tabular}

\end{frame}


\begin{frame}{Resilience Against Attacks}
\begin{tabular}{l | p{0.6\textwidth} }
 \textbf{attacker} & \textbf{possible countermeasures} \\ \hline
 multi-point passive outsider & 3-segment pseudonym change \\ \hline
 global passive outsider & cooperative pseudonym change: silent periods or (cryptographic) mix zones \\ \hline
 active attacker & resistance against pseudonym depletion (e.g. pseudonym reuse) \\ \hline
 attacking infrastructure &  frequent cooperative pseudonym change with real silent periods  \\ 

\end{tabular}
\end{frame}


\section{Summary}

\begin{frame}{Summary}

  % Keep the summary *very short*.
  \begin{itemize}
  \item
    ETSI ITS messages contain \alert{many potential linkable identifiers}.
  \item
    The \alert{PKI based pseudonym scheme} by ETSI \alert{lacks a change strategy, resilient resolution and advanced cryptography}.
  \item
    \alert{Other work} can provide these missing aspects, but \alert{needs to be integrated into the standard}.
  \end{itemize}
  
  % The following outlook is optional.
  \vskip0pt plus.5fill
  \begin{itemize}
  \item
    Outlook
    \begin{itemize}
    \item
      Expanding and adjusting the ETSI standard.
    \item
      Look at linkability in lower network layers or applications.
    \end{itemize}
  \end{itemize}
\end{frame}



% All of the following is optional and typically not needed. 
\appendix
\section<presentation>*{\appendixname}
\subsection<presentation>*{For Further Reading}

\begin{frame}[allowframebreaks]
  \frametitle{Bibliography}
    
  
  
    \bibliographystyle{IEEEtran}
    \bibliography{mybib}
   
\end{frame}

\begin{frame}
 
 \center\huge{Thank you for your attention}
 
 \includegraphics[height=0.5\textheight]{figures/nomnompingu.png}\footnote{CC-BY-SA 3.0 by Elektroll}
 
\end{frame}


\end{document}