Vehicle Authentication via Monolithically Certified Public Key and Attributes

TL;DR

This paper introduces a novel vehicle authentication method that certifies both public keys and static attributes to prevent impersonation and man-in-the-middle attacks in vehicular networks.

Contribution

It is the first to propose certifying static vehicle attributes alongside public keys for mutual authentication in vehicular communication systems.

Findings

Secure vehicle-to-vehicle communication against impersonation

Compatibility with existing authentication protocols

Formal security proof using Spi calculus

Abstract

Vehicular networks are used to coordinate actions among vehicles in traffic by the use of wireless transceivers (pairs of transmitters and receivers). Unfortunately, the wireless communication among vehicles is vulnerable to security threats that may lead to very serious safety hazards. In this work, we propose a viable solution for coping with Man-in-the-Middle attacks. Conventionally, Public Key Infrastructure (PKI) is utilized for a secure communication with the pre-certified public key. However, a secure vehicle-to-vehicle communication requires additional means of verification in order to avoid impersonation attacks. To the best of our knowledge, this is the first work that proposes to certify both the public key and out-of-band sense-able static attributes to enable mutual authentication of the communicating vehicles. Vehicle owners are bound to preprocess (periodically) a certificate for both a public key and a list of fixed unchangeable attributes of the vehicle. Furthermore, the proposed approach is shown to be adaptable with regards to the existing authentication protocols. We illustrate the security verification of the proposed protocol using a detailed proof in Spi calculus.