0% found this document useful (0 votes)
107 views14 pages

Dual Authentication and Key Management Techniques For Secure Data Transmission in Vehicular Ad Hoc Networks

Uploaded by

محمد
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
107 views14 pages

Dual Authentication and Key Management Techniques For Secure Data Transmission in Vehicular Ad Hoc Networks

Uploaded by

محمد
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 14

IEEE TRANSACTIONS ON INTELLIGENT TRANSPORTATION SYSTEMS, VOL. 17, NO.

4, APRIL 2016 1015

Dual Authentication and Key Management


Techniques for Secure Data Transmission
in Vehicular Ad Hoc Networks
Pandi Vijayakumar, Maria Azees, Arputharaj Kannan, and Lazarus Jegatha Deborah

Abstract—Vehicular ad hoc networks (VANETs) are an impor- research community in recent years. In general, a VANET con-
tant communication paradigm in modern-day mobile computing sists of three major components, namely the Trusted Authority
for exchanging live messages regarding traffic congestion, weather (TA), Road Side Units (RSUs) and vehicles. The TA provides a
conditions, road conditions, and targeted location-based adver-
tisements to improve the driving comfort. In such environments, variety of online premium services to the VANET users through
security and intelligent decision making are two important chal- RSUs. The RSUs are fixed at the road sides which are used
lenges needed to be addressed. In this paper, a trusted authority to connect the vehicles to the TA. Each vehicle is installed
(TA) is designed to provide a variety of online premium ser- with an On Board Unit (OBU) which is used to perform
vices to customers through VANETs. Therefore, it is important all computation and communication tasks. Various statistical
to maintain the confidentiality and authentication of messages
exchanged between the TA and the VANET nodes. Hence, we studies reveal that due to road accidents, many people have
address the security problem by focusing on the scenario where the either died or injured and the traffic jams generate a tremendous
TA classifies the users into primary, secondary, and unauthorized waste of time and fuel. In order to solve these problems and
users. In this paper, first, we present a dual authentication scheme to enhance the driving comfort, appropriate traffic information
to provide a high level of security in the vehicle side to effec- should be provided to the drivers in a smart and secured way.
tively prevent the unauthorized vehicles entering into the VANET.
Second, we propose a dual group key management scheme to Therefore, VANETs are developed to provide attractive services
efficiently distribute a group key to a group of users and to update such as safety services that include curve speed warnings,
such group keys during the users’ join and leave operations. The emergency vehicle warnings, lane changing assistance, pedes-
major advantage of the proposed dual key management is that trian crossing warnings, traffic-sign violation warnings, road
adding/revoking users in the VANET group can be performed in a intersection warnings and road-condition warnings. In addition,
computationally efficient manner by updating a small amount of
information. The results of the proposed dual authentication and it can offer the comfort services such as weather information,
key management scheme are computationally efficient compared traffic information, location of petrol stations or restaurants, and
with all other existing schemes discussed in literature, and the interactive service such as Internet access. Even though, these
results are promising. services make driving comfort, the Intelligent Transport System
Index Terms—Authentication, vehicle secret key, Chinese re- (ITS) technology heavily depends on the intelligent security
mainder theorem, group key management, VANET. and privacy-preserving protocols to enhance the quality of
experience for the drivers and passengers without fear for their
I. I NTRODUCTION safety and personal privacy [1], [32].
Two types of communications are performed in VANETs.

V EHICULAR Ad-hoc Network (VANET) is a distributed,


self-organizing communication network, which is built
among moving vehicles. Due to the promising features and their
The first type is the Vehicle to Vehicle (V2V) communication
in which the moving vehicles can communicate with each other
and the second type is the Vehicle to RSU (V2R) communi-
security properties, VANETs have extensive attention in the cation in which the moving vehicles can communicate with
the RSUs which are located aside the roads. The V2V and
V2R communications are carried out using the Dedicated Short
Range Communications (DSRC) standard [2], [29] through an
Manuscript received September 22, 2014; revised July 17, 2015; accepted
October 12, 2015. Date of publication November 11, 2015; date of current open wireless channel. Each RSU and OBU uses a DSRC
version March 25, 2016. This work was supported by the Centre for Technology radio, based on IEEE 802.11p radio technology to access the
Development and Transfer (CTDT), Anna University, Chennai, India. The wireless channel along with a directional or a unidirectional
Associate Editor for this paper was X. Cheng.
P. Vijayakumar, M. Azees, and L. Jegatha Deborah are with the Department antenna. If an RSU wants to transmit a message to a specific
of Computer Science and Engineering, University College of Engineering location, a unidirectional antenna is used. Since, V2V and
Tindivanam, Tindivanam 604001, India (e-mail: [email protected]; V2R communications are performed through an open wire-
[email protected]; [email protected]).
A. Kannan is with the Department of Information Science and Technology, less channel, these communications are vulnerable to various
Faculty of Information and Communication Engineering, Anna University, kinds of attacks such as interference, eavesdropping, jamming,
Chennai 600025, India (e-mail: [email protected]). etc. [3].
Color versions of one or more of the figures in this paper are available online
at http://ieeexplore.ieee.org. The primary step to ensure security in VANET is performed
Digital Object Identifier 10.1109/TITS.2015.2492981 by providing an authentication mechanism through which it
1524-9050 © 2015 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission.
See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.

Authorized licensed use limited to: Lancaster University. Downloaded on December 13,2020 at 19:53:39 UTC from IEEE Xplore. Restrictions apply.
1016 IEEE TRANSACTIONS ON INTELLIGENT TRANSPORTATION SYSTEMS, VOL. 17, NO. 4, APRIL 2016

is easy to ascertain all the authenticated vehicles [4], [7]. the security strength of our proposed scheme. Section VII
Authentication is the process of verifying a user identity prior to provides the performance evaluation metrics and results of our
granting access to the network. It can be considered as the first proposed algorithm with the other existing key management
line of protection against intruders. The authentication process schemes. Section VIII gives concluding remarks and suggests
ensures that only valid vehicles can be part of the group in some future directions.
VANET. In this paper, a new dual authentication scheme is
proposed to provide the security improvement in the vehicle’s
II. P REVIOUS W ORKS
side to resist malicious users entering into the VANET. After
completing the authentication process, the TA can multicast Many existing techniques are available in the literature for
the information to the authenticated vehicles. The authenticated providing authentication in the VANET [3]–[6]. Among the
vehicles can broadcast that information to other vehicles in a various existing techniques, Johnson et al. [8] proposed an
secure way. To multicast the information from the TA side and Elliptic Curve Digital Signature Algorithm (ECDSA), which
to broadcast the information from one vehicle to other vehicles, is mathematically derived from the basic digital signature al-
we have proposed a dual key management technique using gorithm. ECDSA uses an asymmetric key pair which consists
Chinese Remainder Theorem (CRT). In this technique, the TA of a public key and a private key. The public key used in this
generates two different group keys for two different groups of technique is a random multiple of the base point, where the
users, namely primary user group and secondary user group. In multiples are generated from the private key. Here, both the
the generated group keys, one group key is used for multicast- public and the private keys are used for user authentication.
ing the information from the TA to primary users (PUs) and the The two attacking techniques that are performed in this method
other group key is issued for broadcasting the information from are the attacks on Elliptic Curve Discrete Logarithmic Problem
primary users to secondary users (SUs). However, the shared (ECDLP) and the attacks on the hash function. Wasef et al. [9]
cryptographic group keys should be refreshed through a proper proposed a technique for the management of digital certificates,
racing operation at the time of group membership changes due namely Efficient Certificate Management Scheme for Vehicular
to new users joining into the network or old users leaving Ad Hoc Networks (ECMV). This method is based on a Public
from the network. Therefore, an old group member has no Key Infrastructure (PKI). In this technique, each vehicle has
access to present communications (forward secrecy) and a new a short lifetime certificate and this certificate can be updated
member has no access to previous communications (backward from any RSU. This certificate is frequently updated to provide
secrecy). The proposed dual group key management scheme privacy-preserving authentication, which creates an additional
minimizes the computational cost of the TA and group members overhead. Shen et al. [10] represented Cooperative Message
in the rekeying operation. To achieve this goal, the TA performs Authentication Protocol (CMAP) to find out the malicious
only simple addition and subtraction operations to update the information broadcasted by the malicious vehicles in the road
group key. Similarly, each vehicle user of the multicast group transport system. The cooperative message authentication is a
performs only one modulo division operation for recovering the promising technique to alleviate vehicle’s computation over-
updated key when the group membership changes. The major head for message verification. However, the communication
contributions of this paper are summarized as follows. overhead increases when the density of vehicles is higher. The
main limitation of this method is that if there is no verifier
1) We propose a secure dual authentication technique with to verify messages, then the malicious messages may be con-
the capability of preventing malicious vehicles entering sumed by vehicle users.
into the VANET system. Syamsuddin et al. [11] presented a comparison of various
2) We introduce a dual key management technique into RFID authentication protocols based on the use of the hash
the VANET to disseminate the information from the TA chain method. However, among these existing protocols, most
side to the group of vehicle users in an intelligent and of them have addressed a specific issue called authentication.
secure way. All these schemes fail to propose an integrated approach to
3) We get the computational complexity of our proposed provide the authentication as well as confidentiality services in
dual key management scheme as O(1) in both the TA and VANET. Perrig et al. [12] represented a Timed Efficient Stream
vehicle users and hence it is suitable for VANETs. Loss-tolerant Authentication (TESLA) protocol, which uses
4) The communication complexity of our proposed dual key symmetric keys instead of using asymmetric keys. Since the
management scheme is also O(1) which means that our symmetric key systems are significantly faster than signatures,
scheme takes only one broadcast to inform the updated the Denial of Service (DoS) attack is averted in this system.
keying information from the TA to vehicle group. However, it is hard to achieve non-repudiation with symmet-
ric key-based approaches. So the digital signatures provide a
The remainder of this paper is organized as follows. best way for providing authentication with non-repudiation.
Section II summarizes the previous works in the literature. The Guo et al. [13] proposed a technique based on the group
system model and attack model are presented in Section III. We signature, which is a promising security scheme to provide
describe our proposed dual authentication scheme in Section IV privacy in VANETs. In the group signature, one group public
and the dual key management for group communications in key is connected with multiple groups of private keys. In this
Section V. This section also explains secure data transmission group signature scheme, an attacker can easily find a message
scheme that takes place among vehicles. Section VI analyzes sent by the group, but it is not possible to track the sender of

Authorized licensed use limited to: Lancaster University. Downloaded on December 13,2020 at 19:53:39 UTC from IEEE Xplore. Restrictions apply.
VIJAYAKUMAR et al.: AUTHENTICATION AND MANAGEMENT TECHNIQUES FOR DATA TRANSMISSION IN VANETs 1017

the message. Lin et al. [33] proposed a time-efficient and se-


cure vehicular communications (TSVC) scheme for sequential
message authentication. In this scheme, a vehicle first sends a
hash chain to its neighbors and then it generates a MAC based
on the elements of the hash chain through which the neighbors
can authenticate this vehicle’s messages. Due to fast MAC
verification, this scheme considerably reduces the message loss
ratio. However, in large scale networks, a vehicle is needed to
broadcast its hash chain much more frequently to neighbors and
hence the message loss ratio could increase.
Many existing schemes available in the literature are used
to provide authentication only. Therefore, we have discussed
some of the existing group key management methods used
in the wired and wireless networks [14]–[17]. Among these
schemes, Wong et al. [14] presented a novel solution to the
scalability problem of group or multicast key management.
They introduced the concept of key graphs for specifying secure
groups. In addition, they presented three strategies for securely
distributing rekeying messages after a join and leave operation
in the secure group. In the rekeying strategies, join and leave Fig. 1. System model.
protocols have been implemented in a prototype key server that
they have built. The main limitation of this approach is the the intruder cannot use that VSK for getting service from the
increased computational complexity. Zheng et al. [15] proposed TA. To prevent the intruder to use other users VSK, we have
two centralized group key management protocols based on the included fingerprint of each authenticated user in the smart card
CRT. The main advantage of their approach is that the number issued by the TA. Moreover, the proposed dual authentication
of broadcast messages to distribute the group key to user side technique is a computationally efficient authentication tech-
is minimized. Moreover, the user side key computation is also nique. To provide secure and reliable data transmission facility
minimized. However, the main limitation of their approach is based on group communication in VANETs, we have developed
that computation complexity of the key server is very high. a dual key management scheme in this paper. The dual key
Zhou and Yong [16] proposed a CRT based static key management scheme proposed in this paper is superior to others
structure for distributing the group key to the members of the in many ways. First, the computation complexity of the TA and
group when group membership changes. The main contribution VANET user is reduced substantially by minimizing the num-
of this work is that it minimizes broadcast messages and ber of arithmetic operations taken by the TA and VANET user.
also minimizes user side key computation. However, it also In order to minimize the computation time in both the TA and
increases the workload of key server by allowing the key server vehicle side, we use the CRT based key management scheme. In
to find a common group key by using CRT for ‘n’ number addition, we reduce the number of computations by validating
of congruential equations. Naranjo et al. [17] presented a new the credentials using intelligent agents in the OBU. Hence,
algorithm for key management to provide security and privacy. the overall computing power is enhanced in each vehicle.
Vijayakumar et al. [18] proposed a Greatest Common Divisor Second, comparing with all the existing group key management
(GCD) based key distribution protocol that focuses on two algorithms, the number of key values stored by VANET users
dimensions. The first dimension deals with the reduction of is also minimized in this work. Finally, the proposed algorithm
computational complexity and second dimension aims at reduc- reduces the amount of information needed to be communicated
ing the amount of information stored in the Group Center and for updating the group key values when there is a change in the
group members while performing the update operation in the group membership.
key content. The main limitation of these existing works is that
the computation complexity involved in rekeying operations
leading to the decrease in performance. In addition, the memory III. S YSTEM OVERVIEW
requirements are high in most existing schemes. In this section, we demonstrate the system model, the attack
Comparing with most of the existing authentication and model and system assumptions used in our proposed method.
group key management schemes existing in the literature, the
authentication scheme proposed in this paper is a dual authen-
A. System Model
tication scheme with intelligent decision making for vehicle
movement. The main objective of developing a dual authenti- The system model of our proposed scheme is shown in Fig. 1.
cation scheme is to improve the security in the vehicle side. It consists of a TA, RSUs and vehicles.
The dual authentication scheme in our system depends on the Trusted Authority (TA): The TA is responsible for the regis-
vehicle secret key (VSK) which is given to the user during tration of RSUs, vehicle OBUs and the vehicle users and it is
the time of registration by the TA and the fingerprint of the also responsible for key generation and distribution to support
individual user. Even if the VSK value of any user is lost, secure premium services in the VANET system. In our scheme,

Authorized licensed use limited to: Lancaster University. Downloaded on December 13,2020 at 19:53:39 UTC from IEEE Xplore. Restrictions apply.
1018 IEEE TRANSACTIONS ON INTELLIGENT TRANSPORTATION SYSTEMS, VOL. 17, NO. 4, APRIL 2016

data such as a secret key, group key and the identity of the
vehicle. The EDR is used to record information related to
accidents or vehicle crashes. The speed sensor is used to
collect the vehicle information such as velocity and breaking
information. The forward and rear sensors are used to monitor
the activities happening on the front and rear side of the vehicle.
The communication system uses a communication device such
a DSRC radio to communicate with other vehicles and RSUs.
The data collection agent also collects the fingerprint from the
individual user through the fingerprint device and compares this
with the fingerprint in the smart card for dual key authentica-
tion purpose. The smart card is given by the TA during the
time of registration, which contains the fingerprint and VSK.
The smart card is used through a smart card device which is
also controlled by the OBU. The spatio-temporal reasoning
agent is not only responsible for checking spatial and temporal
constraints on road conditions, but also to perform predictions
on the safest place with respect to space and time for further
vehicle movement and to plan in prior the suitable moving
arrangements.
The fuzzy inference engine is the core component of the in-
Fig. 2. Components of a vehicle for intelligent transportation. telligent transportation system which uses the symmetric fuzzy
Gaussian membership function [34] to extract appropriate deci-
sions from the data provided by the data collection agent. The
every state in the country has a TA. When a vehicle moves rule base contains IF-THEN fuzzy rules for the classification
from one state to another state, the vehicle’s credentials will be of the data and the fuzzy rules generated in this research work
verified using the TA of the registered state, which is initiated are given in the Appendix (see Table III). The scheduler in the
by the TA of the state where the vehicle is roaming currently. fuzzy inference subsystem is used to select appropriate rules
In Fig. 1, we have illustrated a single TA for our convenience. from the rule base and sends them to the decision making agent.
In addition to this, each TA authenticates the identity vehicle The decision making agent finally selects suitable decisions on
OBU’s or the identity of users to avoid malicious vehicles the executed rules according to the road conditions in order to
entering into the VANET system. reduce the traffic and to minimize the fuel consumption. The
Road Side Unit (RSU): RSUs are deployed at the roadsides encryption/decryption agent is used to encrypt or decrypt the
and they are regularly monitored and managed by the TA [28]. incoming messages that are received from the data collection
These units act like bridges between the TA and the vehicles. agent and the decision making agent to achieve data security.
The RSUs connect with the TA by a secure wired network and The human machine interface component is responsible for the
OBUs by an open wireless channel. interaction between the vehicle users and OBUs. The goal of
Vehicles: Each vehicle is embedded with an OBU in the this interaction is to allow the vehicle users to view the mes-
VANET system. The vehicles can communicate with other sages and to generate the messages. Vehicle original equipment
vehicles and RSUs through this OBUs. The vehicles can com- manufacturers are required to invest in vehicle components
municate with the TA through the RSUs. The OBU consists of that are designed to interact with the intelligent transportation
six major components, namely an encryption/decryption agent, components via standardized interfaces [30] in order to satisfy
data collection agent, spatio-temporal reasoning agent, Fuzzy the above mentioned objectives.
inference engine, rule base and decision making agent as shown
in Fig. 2.
Moreover, the OBU interacts with vehicle sensors, Tamper B. Attack Model
Proof Device (TPD), DSRC communication medium, smart
Since the V2V and V2I communications are carried out in an
card device, fingerprint device, Event Data Recorder (EDR) and
open wireless channel, there are many attacks which threaten
human machine interface to perform effective decision making
these kinds of communications on the road. In this section, we
on vehicle movement. The Data collection agent collects the
have listed several possible attacks performed in VANETs.
necessary data from the intelligent transportation components
like the Global Positioning System (GPS), forward and rear 1) Message replay attack: As the name implies, this attack
sensors, speed sensor, TPD, DSRC communication medium, is basically happening when the attacker repeats or delays
smart card device, finger print device and EDR for giving input the valid message transmission maliciously to disturb the
to the Fuzzy inference engine. Among these devices, the GPS traffic.
receiver is used to acquire the vehicle’s real-time geographical 2) Sybil attack: The attacker may use multiple identities at
position and to perform fairly accurate time synchronization the same time. In this attack, an attacker broadcast nu-
among the vehicles [31]. The TPD is used to store sensitive merous messages with different identities to other vehicles.

Authorized licensed use limited to: Lancaster University. Downloaded on December 13,2020 at 19:53:39 UTC from IEEE Xplore. Restrictions apply.
VIJAYAKUMAR et al.: AUTHENTICATION AND MANAGEMENT TECHNIQUES FOR DATA TRANSMISSION IN VANETs 1019

The receiving vehicles think that these messages are broad-


casted from different vehicles and hence they feel that
there is a traffic jam and they are enforced to change their
routes to make the road clear. The Sybil attack is very
difficult to identify and it is really dangerous to the VANET
environment.
3) Masquerading: In this attack, the attacker actively pre-
tends to be another vehicle by using false identities. This
attack takes place when one user makes believe to be a dif-
ferent user to gain unauthorized access through legitimate
access identification.
4) Message Tampering/Fabrication/Alteration: In this at-
tack, the attacker may modify, delete and alter the content of
the message or a specific part of the message to be sent. The
attacker makes some modifications in the message which
helps him to meet his intended purpose of the attack.
5) Collusion attack: The collusion attack is the improper
secret agreement in which two or more adversaries coopera-
tively defraud and act as legitimate PUs for their benefit. For
example, the vehicles make an improper secret agreement
with the current primary users in the group to get the
updated group key after leaving from the PUs group. Fig. 3. Authentication in vehicle and the TA.

Hence, our scheme is designed to prevent all the aforemen-


vehicle users when they complete the registration process. This
tioned security attacks to improve system security during the
VSK is used for authenticating the vehicles when they enter
dual authentication and key management.
into the VANET to start communicating with other vehicles
and RSUs. In order to improve the authentication process,
C. Assumptions
we use a dual authentication technique in this paper where
Some important assumptions are considered in our proposed the authentication process is performed two times. For the
scheme which are very essential for secure VANET communi- first time, authentication is done on the vehicle side and the
cations. The assumptions are as follows. second time, authentication is done in the TA side and hence
the intruder has no possibility to enter into the VANETs. In
1) TA is powerful than vehicle OBUs and RSUs in terms of the TA, the authentication is performed by verifying the Hash
computation, communication, and storage capability. Code (HC) generated by the vehicle using their VSKi . The
2) TA’s public key is given to all vehicles and RSUs at the authentication was performed on the vehicle side by verifying
time of registration. the fingerprint given by the user at the time of registration. The
3) TA has powerful firewalls and other protections that main objective of introducing dual authentication technique is
prevent them from being compromised [7]. that anyone who finds the VSK of a vehicle cannot enter into
4) Each vehicle keeps its VSK as a secret which is given VANET communication as they cannot produce the fingerprint
by the TA to the VANET vehicle users during the time of the corresponding vehicle user. The same is true if the
of their registration. Similarly, each RSU keeps its own attacker has only the fingerprint of a vehicle user and does not
RSU Secret Key (RSK) as a secret which is given by the have VSK of that vehicle. Therefore, the dual authentication
TA during the time of its registration. technique provides more security because these two factors are
5) The TA maintains a list of VSKs of all registered vehi- required in order to authenticate the vehicles.
cles along with its corresponding vehicle ID (IDV ) and In VANETs, the registration can be performed in two ways,
RSKs of all RSUs along with its corresponding RSU ID namely online mode and offline mode. In the online mode,
(IDRSU ) in a secure manner. each VANET user performs registration process by submitting
his/her details in the TA’s website through Internet connection.
In contrast to the online mode, the user goes to the TA’s office to
IV. P ROPOSED D UAL AUTHENTICATION T ECHNIQUE
complete registration in the offline mode. In this approach, the
This section explains our proposed dual authentication tech- registration is performed in the offline mode. After completing
nique, which is used for secure VANET communication. To the registration process, each VANET user must complete a
provide secure, authenticated communication in VANETs, ini- dual authentication process to get Authentication Code (AC) in
tially, the TA selects two large prime numbers p and q. The order to send messages in VANETs. After receiving the authen-
value p helps in defining a multiplicative group zp∗ and q is used tication code, the vehicles are permitted to receive services from
to fix a threshold value to select the group key values. Initially, the TA and also vehicles can exchange information from one
the TA selects the VSKi (1 ≤ i ≤ n) from the multiplicative vehicle to other vehicles. This section explains about only dual
group zp∗ for ‘n’ number of vehicles which are given to the authentication technique proposed in this paper. Fig. 3 shows

Authorized licensed use limited to: Lancaster University. Downloaded on December 13,2020 at 19:53:39 UTC from IEEE Xplore. Restrictions apply.
1020 IEEE TRANSACTIONS ON INTELLIGENT TRANSPORTATION SYSTEMS, VOL. 17, NO. 4, APRIL 2016

the dual authentication process performed by both the vehicle TABLE I


T HE N OTATIONS AND D ESCRIPTIONS
and the TA. The following steps explain the process of dual
authentication in both the vehicle and the TA.

A. Registration Through Offline Mode


1) The VANET user first approaches the TA office directly
to make offline registration and provide the essential
information like name, address, phone number, email id
etc. to the TA.
2) While each user performs registration, the TA gets the
fingerprint of the corresponding user.
3) After completing the registration process, the TA pro-
vides the VSKi to the registered user, which is unique for
every vehicle and the TA also maintains the list of all the
vehicles and their respective VSKs in its storage area. The
TA provides the (VSKi ) to the user through a smart card
which also contains the user’s fingerprint which is given
by the TA to the user after completing the registration
process.
• The (VSKi ) is used for creating the Hash Code (HC)
and the HC is verified by the TA for authentication and
then the TA provides AC to the authenticated VANET
users.
• The fingerprint is also verified in the vehicle side for Here, the identities of vehicle (IDV ), RSU (IDRSU ) and
authentication of the user during the time for making the TA (IDTA ) are dummy identities which are generated
communication with the VANET. during the time of its registration using the following
• If the fingerprint is not matched with the fingerprint manner. In order to compute the dummy identities, the TA
which is printed on the smart card, then the user is not chooses two random numbers a1 and b1 such that a1 , b1 ∈
permitted to make communications with VANETs. Zq∗ and computes IDV = g1a1 × g2b1 mod q. Here, g1 and
g2 are the generators of Zq∗ . Similarly, the TA generates
B. Vehicle’s Authentication Process the dummy identities of RSUs (IDRSU ) and its dummy
identity (IDTA ). The mapping from original identities to
4) Each user store (VSKi ) in their vehicle in the tamper dummy identities is done only in the TA. The necessity of
proof device which is equipped in the car. When a user attaching the dummy identities in each message is to check
wants to communicate with the VANETs, then the user the validity of the message source and the identification of
first enters his/her fingerprint through a fingerprint device the particular vehicle or RSU or TA. Even though these
which is equipped inside the car. Then, the OBU of the identities are disclosed to all vehicles, they do not reveal
vehicle compares this fingerprint with the smart card the privacy of the vehicle users or RSUs or TA. Because,
fingerprint that is already stored in the smart card. even if these dummy identities are captured, they provide
• If they match, the user is allowed to communicate with zero knowledge about the vehicle user or RSU. Table I
TA and with the other vehicles. defines the list of symbols used in this paper.
• If they do not match, the user is not allowed to commu- 7) The RSU receives the packet, appends its identity IDRSU
nicate with other users of the VANET. and increments the timestamp value T S 1 to get T S 2 .
Then, the RSU encrypts the entire message using the RSK
C. Trusted Authority’s Authentication Process and the which is known only to TA and RSU and forwards it to the
Provision of Authentication Code (AC) TA as given in equation (3).
5) Each vehicle selects a random number N . After selecting ERSK (EVSK (N HCIDV )IDV IDTA T S2IDRSU).
the random number, it successively creates a Hash Code (3)
(HC) using N and VSK by SHA_256 [27] algorithm.
8) The TA decrypts the packet received from RSU using RSK
HC = SHA_256(VSKN ). (1) of the RSU and validates the RSU with its identity IDRSU
6) The vehicle encrypts the random number N , the Hash as given in equation (4).
Code (HC) and the Vehicle ID, with its VSK, and broad-
DRSK (ERSK (EVSK (N HCIDV )
casts along with the Vehicle’s identity IDV , TA identity
IDV IDTA T S2IDRSU )) . (4)
IDTA and the time stamp T S1 as shown in equation (2).
This forms the Authentication Request.
The TA also verifies its identity IDTA after decrypting it
EVSK (N HCIDV ) IDV IDTA T S1  . (2) using RSK. After verifying its identity, the TA decrypts

Authorized licensed use limited to: Lancaster University. Downloaded on December 13,2020 at 19:53:39 UTC from IEEE Xplore. Restrictions apply.
VIJAYAKUMAR et al.: AUTHENTICATION AND MANAGEMENT TECHNIQUES FOR DATA TRANSMISSION IN VANETs 1021

the packet using VSK of the particular vehicle and verifies (message) using vehicle’s group key kpug or ksug as shown
the IDV in equation (13).
 
DVSK (EVSK (N HCIDV )) . (5) Ekpug (payload) (ETA−P vt (ACIDV T S3 Lifetime)) .
(13)
Then, the TA generates the HC using the random number
N and the VSK by SHA_256 algorithm and then verifies In many existing approaches, the payload is not encrypted
the newly computed HC value with the HC which is sent [19]–[21] when it is communicated with the other ve-
from the vehicle side. hicles. In order to protect the payload (actual data or
9) If the two HC values match, then the TA hashes the Hash information) field against eavesdropping and modification
Code to get the Authentication Code (AC). by unauthorized users, we have included a protocol which
is explained in Section V. To provide two different secure
AC = SHA_256(HC). (6) group communications in VANETs, we have also devel-
oped a dual key management scheme in this paper.
10) The TA includes the Vehicle ID, incremented time stamp
value and also it includes the lifetime of the AC along with
the AC and encrypts this sequence with its private key of V. D UAL K EY M ANAGEMENT FOR
TA (TA − P vt) to create a digital signature. Therefore, G ROUP C OMMUNICATION
any vehicle user can verify this digital signature using the
Dual Key Management is a group key management scheme
public key of TA. But, no vehicle user can regenerate this
in which the TA computes two different group keys intended for
digital signature because it is generated using the private
two different groups in VANETs. The group is a very important
key of the TA.
concept in our scheme. Based on the money paid to the TA,
a very simple Service Level Agreement (SLA) is considered
ETA−P vt (ACIDV T S3Lifetime) . (7)
between the TA and the vehicle users, which categorize the
This forms the authentication response. To securely trans- vehicle users into three groups, namely Primary Users (PUs),
fer this AC to the appropriate vehicle user, the TA also Secondary Users (SUs) and Unauthorized Users (UUs) in a pre-
encrypts this authentication response using the VSK value defined manner. The PUs are eligible to get attractive services
of the corresponding user and RSK of RSU. such as safety, comfort services and interactive services from
the TA. The PUs are authorized VANET users who receive
(ERSK (EVSK (ETA−P vt (ACIDV TS3 Lifetime)))IDTA). these services from the TA side periodically. The SUs are also
(8) authorized VANET users who receive the attractive services
such as safety services from the PUs without making any re-
Finally, the TA sends the packet to the RSU. quests to them, but they cannot receive the information directly
11) RSU receives the packet from the TA and decrypts the from the TA. The PUs can communicate with each other by
packet using its RSK. means of V2V communications. However, the SUs can also
DRSK (ERSK (EVSK (ETA−P vt communicate with each other after getting the SUs group key
(ACIDV T S3 Lifetime))) IDTA ) . (9) from the TA through PUs. Both the PUs and the SUs will have
a valid VSK received from the TA. Finally, UUs are the vehicle
On receiving this message, the RSU is able to check the users who do not have access to the information exchanged
identity of TA (IDTA ), verifies that whether it is sent between PUs and SUs and hence a UU is considered as an
by the legitimate TA or malicious node. After verifying intruder in this proposed approach.
the identity of the TA, the RSU sends the packet to the To disseminate the information from the TA side to PUs
vehicle user. side in a secure way, the TA encrypts the information using a
common group key which is derived using individual vehicles
(EVSK (ETA−P vt (ACIDV T S3Lifetime)) IDTA ). secret key of PUs as discussed in one of the previous works
(10) [22]. Similarly, for broadcasting the information from the PUs
12) The vehicle decrypts the packet using its VSK, and then to SUs in a secure way, the TA encrypts the group key of SUs
verifies IDTA . using the group key of PUs and multicast it to PUs. All the PUs
can get the group key of SUs. This group key is used in the
DVSK (EVSK (ETA−P vt (ACIDV TS3 Lifetime))IDTA). PUs side to encrypt the information and the encrypted message
(11) is sent to neighboring SUs. In computing a common group key
After that, the vehicle verifies the IDV by decrypting the separately for PUs and SUs vehicles in the TA side, we use CRT
resultant message using the public key of the TA. based group key management scheme used in many existing
schemes [15], [16], [25].
DTA−pub (ETA−P vt (ACIDV T S3 Lifetime)). (12) Let k1 , k2 , k3 , . . . , kn be pairwise relatively prime positive
integers, and let a1 , a2 , a3 , . . . , an be positive integers. Then,
13) The vehicles then start sending the safety messages to CRT states that the pair of congruences, X ≡ a1 mod k1 ,
other vehicles with this AC by encrypting the payload X ≡ a2 mod k2 , . . . , X ≡ an mod kn has a unique solution

Authorized licensed use limited to: Lancaster University. Downloaded on December 13,2020 at 19:53:39 UTC from IEEE Xplore. Restrictions apply.
1022 IEEE TRANSACTIONS ON INTELLIGENT TRANSPORTATION SYSTEMS, VOL. 17, NO. 4, APRIL 2016


mod ∂g = ni=1 (ki ). To compute the unique solution, the TA B. Group Key Computation
can compute the value as shown in equation (14).
In this phase, the VANET group users complete the registra-

n tion process and get their corresponding group secret keys from
X= ai βi γi (mod ki ) the TA. Whenever the TA wants to send common information
i=1 to a group of VANET users (PUs) to support the group commu-
∂g
Where, βi = and βi γi ≡ 1 mod ki . (14) nication, the TA computes the group key in the following way
ki and multicast it to the PUs group through RSU.
The proposed dual group key management scheme works
in four phases. The first phase is the TA Initial set up, where a) Initially, the TA selects a random element kpug as a new
a multiplicative group is created at the TA side from which group key for PUs within the range q.
secret key and group key values are selected. For differentiating b) Multiply the newly generated group key with the value μ
the VSK values of PUs and SUs vehicles, we use two types which is computed in TA initial setup.
of notations for representing the secret key values used for
PUs and SUs in this section. The secret key value of PUs is γpug = kpug × μ. (20)
denoted as P U SKi (i = 1, . . . , n) and SUs are denoted as
c) The TA broadcast a single message γpug to the VANET
SU SKi (i = 1, . . . , n). The second phase is called registration
users. Upon receiving γpug value from the TA side, an
and group key computation phase, where the PUs and SUs
authorized vehicle can obtain the new group key kpug by
complete the registration process and receives P U SKi and
doing only one modulo division operation as shown in
SU SKi (i = 1, . . . , n) from the TA side. After that, the TA
equation (21).
also generates two group keys separately for two groups of PUs
and SUs and it informs this group key to them in a secure way. γpug mod P U SKi = kpug . (21)
The third phase is secure data transmission, where the data are
disseminated using the group key values in the VANET. The Since, kpug < q < P U SKi < p and μ mod P U SKi = 1,
final phase of this algorithm is the key updating phase where the kpug obtained in this way must be equal to the kpug
a group key is updated when an existing PU leaves the PU’s generated in Step a) of group key computation phase. After
multicast group or a new PU joins the PU’s multicast group in computing the group key, the TA also computes another group
order to provide forward and backward secrecy. Similarly, the key ksug using the aforementioned procedure for SUs. Then,
TA also updates the group key of SUs separately. it encrypts this ksug using kpug and it is sent as a multicast
message along with γpug and γsug to all the PUs.
A. TA Initial Set Up  
Initially, the TA selects large prime numbers p and q, where Ekpug (ksug )γpug γsug . (22)
p > q and q ≤ p/4
where p value is used for defining a
After receiving the packet from TA, the PUs compute the
multiplicative group zp∗ and q is used for selecting the group key
value of kpug from γpug using equation (21) and then decrypt
values. Initially, the TA selects P U SKi and SU SKi from the
Ekpug (ksug ) to get the group key value of SUs.
multiplicative group zp∗ for ‘n’ number of vehicles which will
be given to the vehicle users at the time of offline registration.    
Dkpug Ekpug (ksug ) ||γsug . (23)
In the proposed group communication scheme, it is required
that all the P U SKi and SU SKi values are pairwise relatively Then the PUs send γsug as a multicast message to all the SUs
prime positive integers and are selected from zp∗ as explained in in its coverage area. After receiving this message from the
[15], [16]. Moreover, all the secret keys should be much larger PUs, the SUs compute the value of ksug from γsug as given
than the group key which is selected within the threshold value in equation (24).
fixed by q. Next, the TA executes the following steps as we
illustrated in our previous approaches [18], [23] for computing γsug mod SU SKi = ksug . (24)
the group key used for PUs. Similarly, the TA will also compute
a group key for SUs. The PUs utilize the group key value of SUs to broadcast
the information to the nearest SUs within their coverage area.

n
Therefore, the TA encrypts the information using this group key
1) Compute ∂g = (P U SKi ) (15)
i=1
(kpug ) and multicast it to the PUs. All the PUs can use their
∂g group key to decrypt the information received from the TA side.
2) Compute xi = where i = 1, 2, 3, . . . , n (16) Each PU can in turn broadcast the information received from
P U SKi
3) Compute yi such that xi × yi ≡ 1 mod P U SKi (17) the TA to SUs by encrypting it using ksug . In this way, the
4) Multiply all users xi and yi values and store them secure group communication is implemented in this proposed
in the variables work. When ‘i’ reaches to n, the TA executes TA Initial set
vari = xi × yi (18) up phase to compute ∂g , vari and μ for ‘m’ number of users
n where m = n × δ. The value δ is a constant value which may
5) Compute the value μ = vari . (19) take values less than 5 depending upon the dynamic nature of
i the multicast group.

Authorized licensed use limited to: Lancaster University. Downloaded on December 13,2020 at 19:53:39 UTC from IEEE Xplore. Restrictions apply.
VIJAYAKUMAR et al.: AUTHENTICATION AND MANAGEMENT TECHNIQUES FOR DATA TRANSMISSION IN VANETs 1023

Step 4. After receiving the data packet from the TA, the
PUs decrypt the packet using kpug and consumes the
information or messages.
  
Dkpug Ekpug (IDTA message or information) . (26)

Step 5. The PUs broadcast the message to the SUs, by encrypt-


ing the message or information using the group key
of SUs along with the authentication code received
from the TA in the dual authentication technique.

Eksug (IDV message or information)ETA−P vt
(ACIDV T S3Lifetime). (27)

Step 6. After receiving the data packet, the nearest SUs can
decrypt the data packet using the group key ksug and
can also verify the authenticity of the messages by
decrypting the authentication part using the public
key (TA − P ub) of TA as shown below:
DTA−P ub (ETA−P vt (ACIDV T S3 Lifetime)). (28)

Step 7. The SUs can in turn forward the received data packet
Fig. 4. Secure Data communication in VANET.
to other SUs by encrypting it using ksug over a long
range using multihop communication.
C. Secure Data Transmission in VANETs
Step 8. After receiving the packets, the SUs can decrypt the
In this subsection, we have explained the secure transmission packet using the ksug and process the messages.
of data (information) from TA to vehicles and between vehicles
in VANETs. Fig. 4 shows the working of secure data transmis-
sion that takes place between the TA and PUs. In addition to D. Key Updating
this, it also represents the V2V communications that take place
between PUs and SUs. The TA has collection of servers for Group key updating operation is performed when a PU joins
storing the necessary keys and data required for the VANET or leaves and usually takes more computational complexity in
users. The TA can multicast the information to PUs through most of the group key management schemes [20], [22], [26].
a dedicated Internet connection. The PUs in turn can broad- When a PU joins the VANET group, it is the responsibility of
cast the information to SUs with the PUs wireless medium. the TA to communicate the new group key in a secure way to
Finally, the UUs have no permission to communicate to the the group members. Therefore, the newly joining user cannot
VANETs since they are unauthorized users. In order to improve view the previous communications and it provides backward
the confidentiality, the messages should be exchanged in an secrecy. Similarly, when a PU leaves from a group, the TA must
encrypted form so that the UUs cannot access the messages. update the group key in order to avoid the use of a new group
The steps involved in the secure data transmission in VANET key by the old PU to preserve forward secrecy. In our proposed
communication are described as follows: key management scheme, the group key updating process is
performed in a simplest way when the group membership
Step 1. The TA generates a group key (kpug ) using the
changes. For example, when a vehicle vi of PU leaves the
PUSK’s of the PUs after collecting the requests of group, the TA has to perform the following steps.
PUs through any RSU. Also, it generates a separate
1) Subtract vari from μ.
group key (ksug ) for SUs.
Step 2. Then, the TA multicasts both the group key values μ = μ − vari . (29)
in an encrypted form as explained in equation (20).
Both the group users can find their group key using
2) Next, the TA must select a new group key kpug and it
their secret key values as used in equation (21). Also,
should be multiplied by μ to form the rekeying message
the TA sends the group key value of SUs through the as shown below.
RSU to the PUs by encrypting it using PUs group key
Ekpug (ksug ). γpug = kpug × μ . (30)
Step 3. The TA sends messages or traffic information to the
PUs only by encrypting the messages using PUs 3) The updated group key value is sent as a broadcast
group key kpug , and there is no message exchange message to all the existing PUs. The existing users of

between the TA and SUs. the PUs group can get the updated group key value kpug
  by doing only one mod operation as shown in equation
Ekpug (IDTA message or information) . (25) (21). From the received value, the vehicle vi cannot find

Authorized licensed use limited to: Lancaster University. Downloaded on December 13,2020 at 19:53:39 UTC from IEEE Xplore. Restrictions apply.
1024 IEEE TRANSACTIONS ON INTELLIGENT TRANSPORTATION SYSTEMS, VOL. 17, NO. 4, APRIL 2016


the newly updated group key kpug since that particular TA is unable to distinguish an authentication effort from a
vehicle’s secret key is not included in μ . malicious attacker. Because, the malicious attacker makes use
of real users’ authentication efforts with stolen passwords, user-
Similarly, if a PU wants to join in the multicast group, then the names and secret keys, and the TA still considers the attackers
TA has to perform only one addition operation for updating the as real users. In this paper, we have used a novel dual authen-
group key. For example, if vi wants to join an existing VANET tication scheme, which can effectively oppose the malicious
group, then the TA has to perform the following steps for group behavior of the attackers that is previously mentioned. In our
key updating. proposed authentication scheme, even if the attacker knows
VSK of any vehicle user, the OBU verifies the fingerprint of
1) Instead of computing xi and yi value for the new VANET the vehicle user. If it doesn’t match, the particular vehicle is
user, the TA can take the multiplied value of xi and yi not allowed to make communication with VANETs. Hence, the
from the variable vari which is already computed in the masquerade and Sybil attacks are successfully prevented in our
TA initialization phase. The TA can select this value from dual authentication scheme.
the TA’s storage area to compute μ = μ + vari . iii) Message tampering/fabrication/alteration attack: In

2) Next, the TA selects a new group key kpug and multiplies our scheme, the messages are encrypted using the group keys

it with updated μ to form the rekeying message as shown in the group communication before they are sent among the
in equation (30). groups. For example, the TA sends messages to the PUs group
3) The updated group key value is sent as a multicast mes- by encrypting the messages using the PUs group key kpug .
sage to all the existing and newly joined PUs of the group. Therefore, no one can delete, modify and alter the content of

From the multicast value γpug , the newly joined PUs of the messages during the transmission between the TA and PUs.
the multicast group can find the newly updated group key Since, the group keys are managed by the TA, an intruder will

kpug since his/her vari value is included in μ using vari . not be able to find the key in a feasible amount of time to
communicate with the group.
Therefore, in general, if ‘n’ PUs want to join in the existing iv) Backward secrecy: Backward secrecy is the tech-
PU‘s multicast group, the TA has to perform ‘n’ additions for nique of preventing a new PU from accessing the previous
updating the group key. The key strength of our algorithm is that communication before joining the group. In order to access
the computational complexity of the TA is completely reduced the previous communication, an adversary needs to obtain the
in comparison to the other existing approaches [21], [22]. The previous group key. Moreover, if the adversary becomes a PU
computation complexity of the TA is O(1) when a single PU in a group, it may try to derive the previous group key which is
joins or leaves from the multicast group. In addition to this, the not permitted. In the proposed group key management scheme,
computational complexity of a multicast PU is also minimized when the newly updated group key is communicated to old
by allowing each PU to perform only one modulo division group members, an adversary needs to find any one of the PUs
operation. Moreover, the TA takes only one broadcast message secret key. Moreover, all the P U SK’s are randomly selected
which is same in most of the existing algorithms for informing from a large set of positive integers with respect to the multi-
the updated group key value to PUs of the multicast group. plicative group. Even if the adversary finds any one of the PUs
secret key P U SKi , then the adversary cannot use this P U SKi .
Because, we use dual authentication scheme in this proposed
VI. S ECURITY A NALYSIS
approach to participate in VANET communication. When the
In this section, we analyze the security strength of our adversary tries to use any other PUs P U SKi , the TA will also
proposed dual authentication scheme with respect to the at- ask the adversary user to complete the authentication process
tack models presented in Section III. The proposed group key to get authentication code before participating in the VANET’s
management scheme is analyzed for various attacks to support group communication. Moreover, if an adversary sends any
forward secrecy and backward secrecy as discussed in many information without including the authentication code, then
existing algorithms [14], [17], [18], [22]. The assumption of the receiving vehicles will not process the information. This
the implemented key management scheme is that an adversary property makes the situation infeasible for the adversary to use
might be a PU for some time and the TA keeps all user secret any other PUs secret key. Consequently, the adversary cannot
keys secretly. access the communication sent before join, which means the
i) Resistance to replay attack: In a replay attack, the proposed approach supports the initial security requirement.
malicious user re-injects the previously received messages or v) Forward secrecy: Forward secrecy is the technique of
packets back into the VANET. To protect our system from preventing a PU from accessing current communication after
replay attack and provide freshness to messages, our proposed leave operation. When a PU leaves the group, he or she may
scheme maintains time stamps to keep a cache of recently try to derive the group key by using any attacking methods. In
received messages through which the newly received messages the proposed algorithm, it is infeasible for a PU to compute the
can be compared. current group key after the leave operation from the group that
ii) Masquerade and sybil attacks: In this section, we ana- was explained for the backward secrecy technique. Because,
lyze the security properties of our proposed dual authentication when a PU vi leaves from the group, the TA subtract his or
scheme and will show how the scheme is effective for resisting her share value such as multiplication of xi and yi which is
masquerade and Sybil attacks. In many existing approaches, stored in vari from μ value to produce μ . This updated μ

Authorized licensed use limited to: Lancaster University. Downloaded on December 13,2020 at 19:53:39 UTC from IEEE Xplore. Restrictions apply.
VIJAYAKUMAR et al.: AUTHENTICATION AND MANAGEMENT TECHNIQUES FOR DATA TRANSMISSION IN VANETs 1025

TABLE II
is multiplied by the newly generated group key value kpug to
C OMPUTATION , S TORAGE AND C OMMUNICATION C OMPLEXITIES
form the rekeying message γpug . Therefore, a PU who had
already left for the service cannot find the new group key in
a feasible way since his or her personal keying information is
not included. The PU who had left from the group may try to

find kpug from the rekeying value which is sent as a broadcast
message from the TA in an infeasible method. In order to do
that, the PU has to multiply his or her secret key value with
all the numbers starting from 1 to q where q is the maximum
limit of group key value. At a certain point, it will give a value

ϑ = kpug (i.e. P U SKi × ω = ϑ). After finding this ω value,
the PU vi can find a set of numbers S that will divide the
number ω. Therefore, the value of S is defined as the set of
numbers {ω mod 1, ω mod 2, . . . , ω mod ω} = 0. Among the

set of numbers, newly generated group key kpug is also one of

the number (i.e., kpug ∈ S). In this case, if the size of P U SKi
is w bits, then the attacker has to perform 2w multiplication.

The time taken to derive kpug can be increased by choosing
a large P U SKi for each VANET user’s secret key. In this
work, the size of P U SKi must be 1024 bits and prior exper-
iments were conducted with 128 bits, 256 bits and 512 bits.
After finding the set of values S that divides the number
ω, the attacker (user left from the group) can find the new
group key by selecting the values from the set S by using
brute force attack by making 2s−1 attempts. Consequently, an communication in the PUs of VANET communication. The
adversary cannot find the group key in a feasible method in computation time is defined as the time taken to compute
order to access the current communication, which means the group key at the TA when group membership changes in the
second security requirement is also supported in our proposed VANET group. The communication time is defined as the
algorithm. time taken to broadcast the amount of information from TA
vi) Collusion attack: The Collusion attack is the one in in order to make the VANET users to recover the group key.
which two or more adversaries act as legitimate PUs when they Table II shows the computation and storage complexities of var-
are participating in the group and then cooperatively compute ious key management approaches, namely Chinese Remainder
the updated group key after leaving the group. Since, the value Group Key (CRGK) [15], Fast-Chinese Remainder Group Key
of vari is subtracted from μ after the leaving operation is (FRGK) [11], Key-tree Chinese Remainder Theorem (KCRT)
performed in a multicast group, any number of prior user’s [16], Number Theory Research Unit (NTRU) [24] and Elga-
collision will not be used to gain information about the con- mal Group Key Management (EGKM) [24] and our proposed

gruence system and to derive the updated group key kpug VANET Group Key Management (VGKM) which are based
as long as the pairwise relatively prime numbers are large. on the CRT. The notations used for comparisons are defined
The following scenario describes a kind of collusion attack in as: n is the number of users, τ is the maximum number of
which two adversaries act as legitimate users. Consider v1 as children of each node of the tree, EEA is the time taken to find
an adversary A who knows the key values P U SK1 , kpug and the inverse element of a multiplicative group using Extended
v3 as an adversary B who knows the key values P U SK3 and Euclidean Algorithm, exp represents the exponential operation,
kpug at time ‘t − 2’. In time ‘t − 1’, the adversary A leaves M represents the multiplication operation, D represents the
the group with the key values P U SK1 and kpug . B receives division operation, A represents the addition operation and S

the rekeying message γpug from the TA at the time ‘t’ and represents the subtraction operation.

computes kpug . In time ‘t + 1’, B leaves the group with the Among these schemes, the Number Theory Research Unit

two key values P U SK3 and kpug . Both of these adversaries (NTRU) based group key management scheme uses a multi-
exchanges their known key values P U SK1 , kpug , P U SK3 plication ring from which it chooses some polynomial values

and kpug . Using these known values, the adversaries A and B as private and public keys from which it computes a com-

cannot cooperatively find the updated group key kpug which is mon group key. Hence, the multiplication operation used in
broadcast at time ‘t + 2’ in a feasible amount of time since their this scheme is performed by using the convolution product
shares var1 and var3 are excluded from μ. method. All the remaining schemes use a multiplicative group
for choosing and computing the keys. Moreover, all the existing
schemes take O(n) for updating the group key when a single
VII. P ERFORMANCE A NALYSIS
authorized vehicle user joins or leaves from the secure VANET
We consider two performance metrics in our proposed communication. From Table II, it is evident that all the existing
scheme, namely the computation time and communication time approaches take more computation complexity if it is used in
for updating the group key in order to perform secure group the TA side in the VANET for computing the group key for

Authorized licensed use limited to: Lancaster University. Downloaded on December 13,2020 at 19:53:39 UTC from IEEE Xplore. Restrictions apply.
1026 IEEE TRANSACTIONS ON INTELLIGENT TRANSPORTATION SYSTEMS, VOL. 17, NO. 4, APRIL 2016

performing a single user join/leave operation which is very


high in comparison with our proposed approach. Therefore, our
proposed approach takes less computation complexity when
it is compared with all the remaining five approaches since it
takes only 1 subtraction operation or (addition) operation to be
performed when a single user leave or join operation is per-
formed. Moreover, the proposed approach doesn’t perform any
cyclic convolution product operation and multiplicative inverse
operation on the user side which reduces user’s computational
complexity. The amount of information bits necessary to be
communicated while updating the group key to our proposed
approach and existing approaches are calculated and are also
shown in Table II. It is very clear that our proposed group Fig. 5. Group key Computation Time at TA side.
key management scheme takes the same communication com-
plexity as that of most of the existing group key management
protocol which are based on CRT.
The proposed method has been executed in JAVA (Intel
Core i3 processor, 2GB RAM, 500 GB Hard disk, Win-
dows XP Operating System) for a group of 1000 nodes and
each node is considered as a VANET user. For implementing
this authenticated group key management scheme suitable for
VANET, the TA generates P U SKi values for 1000 nodes ran-
domly. The P U SKi values used in this approach are 1024 bit
positive integers which are relatively prime. For generating
large integers in our program, we use BigInteger class that
supports various methods for handling large positive integers. Fig. 6. PUs Key Recovery Time in the VANET.
The method multiply() supported by BigInteger class is used to
multiply all users secret key into a variable which will be used
to find xi and yi values. The method modInverse() is used to and it is observed that when the key size is 512 bits, the key
find the multiplicative inverse of a given element with respect recovery time of a user is found to be 5.3 ms in our proposed
to the size of the multiplicative group. Our proposed group approach, which is better in comparison with the other existing
key computation scheme takes less computational complexity schemes.
because it takes only addition or subtraction operation in the
key updating process. Moreover, for computing the group key
VIII. C ONCLUSION
in all the existing approaches present in the literature, we
measured the computation time separately for xi which is In this paper, we proposed a new dual authentication scheme
obtained by dividing ∂g and yi which is obtained by finding the for improving the security of vehicles that are communicating
multiplicative inverse for xi . All the existing algorithms shown with the VANET environment. For providing such authentica-
in Table II takes more computational time for calculating xi and tion in dual mode, we used two components such as hash code
yi values, which would increase the computing load of the TA in and fingerprint of each communicating vehicle user. Therefore,
VANETs. In the proposed approach, computational complexity the fingerprint authentication technique is integrated into a
is very much reduced because 1) calculating xi and yi value is hash code creation method in this paper to avoid malicious
neglected by storing them in the TA’s server storage area and users to use the secret key of any VANET users in order to
2) multiplying xi with yi is also reduced, which is done in the participate in the VANET communication. Moreover, to avoid
TA initialization phase. Therefore, our proposed VGKM ap- malicious users from spoofing the authentication code issued
proach reduces the computing load of TA by slightly increasing for any VANET users and sending erroneous messages to
the storage overhead of the TA. other vehicles we have introduced a new dual key manage-
The graphical results shown in Fig. 5 are used to compare ment scheme in this research paper. The dual key management
the group key computation time of TA for our proposed method scheme implemented in this paper is computationally efficient
with the existing methods. It compares the results obtained from that supports secure data transmission from TA to PUs and PUs
our proposed VGKM with CRGK, FRGK, KCRT, NTRU and to SUs based on two different group keys, one for PUs and
EGKM. From Fig. 5, it is observed that when the key is 512 bits, another one for SUs for further improving the security among
the group key computation time of TA is found to be 19 ms different classes of vehicles. Moreover, our proposed algorithm
in our proposed approach, which is better in comparison with also takes single broadcast messages from TA to inform the
the other existing schemes. The results shown in Fig. 6 are group members in order to recover the updated group key.
used to compare the PUs key recovery time of our proposed The future development of this work is to devise new methods
method with the existing methods. It compares the results in order to preserve the vehicle’s location privacy from the
obtained from our proposed scheme with existing approaches intruders.

Authorized licensed use limited to: Lancaster University. Downloaded on December 13,2020 at 19:53:39 UTC from IEEE Xplore. Restrictions apply.
VIJAYAKUMAR et al.: AUTHENTICATION AND MANAGEMENT TECHNIQUES FOR DATA TRANSMISSION IN VANETs 1027

A PPENDIX [3] A. Dhamgaye and N. Chavhan, “Survey on security challenges in


TABLE III VANET,” Int. J. Comput. Sci., vol. 2, no. 1, pp. 88–96, 2013.
F UZZY RULES S PECIFICATION [4] J. L. Huang, L. Y. Yeh, and H. Y. Chien, “ABAKA: An anonymous
batch authenticated and key agreement scheme for value-added services
in vehicular ad hoc networks,” IEEE Trans. Veh. Technol., vol. 60, no. 1,
pp. 248–262, Jan. 2011.
[5] K. Mershad and H. Artail, “A framework for secure and efficient data
acquisition in vehicular Ad Hoc networks,” IEEE Trans. Veh. Technol.,
vol. 62, no. 2, pp. 536–551, Feb. 2013.
[6] M. Raya and J. Hubaux, “Securing vehicular ad hoc networks,” J. Comput.
Security, vol. 15, no. 1, pp. 39–68, Jan. 2007.
[7] Y. Hao, Y. Cheng, C. Zhou, and W. Song, “A distributed key management
framework with cooperative message authentication in VANETs,” IEEE
J. Sel. Areas Commun., vol. 29, no. 3, pp. 616–629, Mar. 2011.
[8] D. Johnson, A. Menezes, and S. Vanstone, “The elliptic curve digital sig-
nature algorithm (ECDSA),” Int. J. Inf. Security, vol. 1, no. 1, pp. 36–63,
Aug. 2001.
[9] A. Wasef, Y. Jiang, and X. Shen, “ECMV: Efficient certificate man-
agement scheme for vehicular networks,” in Proc. IEEE GLOBECOM,
New Orleans, LA, USA, 2008, pp. 1–5.
[10] W. Shen, L. Liu, and X. Cao, “Cooperative message authentication in ve-
hicular cyber-physical systems,” IEEE Trans. Emerging Topics Comput.,
vol. 1, no. 1, pp. 84–97, Jun. 2013.
[11] I. Syamsuddin, T. Dillon, E. Chang, and S. Han, “A survey of RFID au-
thentication protocols based on hash chain method,” in Proc. 3rd ICCIT,
2008, vol. 2, pp. 559–564.
[12] A. Perrig, R. Canetti, J. D. Tygar, and D. Song, “The TESLA broadcast au-
thentication protocol,” RSA Crypto., vol. 5, no. 2, pp. 2–13, Aug. 2002.
[13] J. Guo, J. P. Baugh, and S. Wang, “A group signature based secure and
privacy preserving vehicular communication framework,” in Proc. IEEE
INFOCOM, Anchorage, AK, USA, May 2007, pp. 103–108.
[14] C. Wong, M. Gouda, and S. Lam, “Secure group communications using
key graphs,” IEEE/ACM Trans. Netw., vol. 8, no. 1, pp. 16–30, Feb. 2000.
[15] X. L. Zheng, C. T. Huang, and M. Matthews, “Chinese remainder theorem
based group key management,” in Proc. 45th ACMSE, Winston-Salem,
NC, USA, 2007, pp. 266–271.
[16] J. Zhou and Y. H. Ou, “Key tree and Chinese remainder theorem based
group key distribution scheme,” J. Chin. Inst. Eng., vol. 32, no. 7,
pp. 967–974, Oct. 2009.
[17] J. A. M. Naranjo, J. A. L. Ramos, and L. G. Casado, “A suite of algorithms
for key distribution and authentication in centralized secure multicast
environments,” J. Comput. Appl. Math., vol. 236, no. 12, pp. 3042–3051,
Jun. 2012.
[18] P. Vijayakumar, S. Bose, and A. Kannan, “Centralized key distribution
protocol using the greatest common divisor method,” Comput. Math.
Appl., vol. 65, no. 9, pp. 1360–1368, May 2013.
[19] N. V. Vighnesh, N. Kavita, R. Shalini, and S. Sampalli, “A novel sender au-
thentication scheme based on hash chain for vehicular ad-hoc networks,”
in Proc. IEEE Symp. ISWTA, Langkawi, Malaysia, 2011, pp. 96–101.
[20] P. Papadimitratos, V. Gligor, and J.-P. Hubaux, “Securing vehicular
communications-assumptions, requirements, and principles,” in Proc. 4th
Workshop ESCAR, Lausanne, Switzerland, 2006, pp. 5–14.
[21] C. Zhang, X. Lin, R. Lu, and P.-H. Ho, “RAISE: An efficient RSU-aided
message authentication scheme in vehicular communication networks,”
in Proc. IEEE ICC, Beijing, China, May 19–23, 2008, pp. 1451–1457.
[22] L. Veltri, S. Cirani, S. Busanelli, and G. Ferrari, “A novel batch based
group key management protocol applied to the Internet of things,” Ad Hoc
Netw., vol. 11, no. 8, pp. 2724–2737, Nov. 2013.
[23] S. Busanelli, G. Ferrari, and L. Veltri, “Short-lived key management for
secure communications in VANETs,” in Proc. IEEE Int. Conf. ITST,
St. Petersburg, Russia, 2011, pp. 613–618.
[24] X. Lv, H. Li, and B. Wang, “Group key agreement for secure group
communication in dynamic peer systems,” J. Parallel Distrib. Comput.,
vol. 72, no. 10, pp. 1195–1200, Oct. 2012.
[25] P. Vijayakumar, S. Bose, and A. Kannan, “Chinese remainder theorem
based centralized group key management for secure multicast communi-
cation,” IET Inf. Security, vol. 8, no. 3, pp. 179–187, May 2014.
[26] X. Sun, X. Lin, and P.-H. Ho, “Secure vehicular communications based
on group signature and id-based signature scheme,” in Proc. IEEE ICC,
Jun. 2007, pp. 1539–1545.
R EFERENCES [27] K. Matusiewicz, J. Pieprzyk, N. Pramstaller, C. Rechberger, and
V. Rijmen, “Analysis of simplified variants of SHA-256,” in Proc.
[1] L. Wischhof, A. Ebner, and H. Rohling, “Information dissemination in WEWoRC, Louvain, Belgium, Jul. 2005, pp. 1–12.
self-organizing intervehicle networks,” IEEE Trans. Intell. Transp. Syst., [28] D. Huang, S. Misra, M. Verma, and G. Xue, “PACP: An efficient
vol. 6, no. 1, pp. 90–101, Mar. 2005. pseudonymous authentication-based conditional privacy protocol for
[2] X. Sun, et al., “Secure vehicular communications based on group signature VANETs,” IEEE Trans. Intell. Transp. Syst., vol. 12, no. 3, pp. 736–746,
and ID-based signature scheme,” in Proc. IEEE ICC, 2007, pp. 1539–1545. Sep. 2011.

Authorized licensed use limited to: Lancaster University. Downloaded on December 13,2020 at 19:53:39 UTC from IEEE Xplore. Restrictions apply.
1028 IEEE TRANSACTIONS ON INTELLIGENT TRANSPORTATION SYSTEMS, VOL. 17, NO. 4, APRIL 2016

[29] X. Cheng, L. Yang, and X. Shen, “D2D for Intelligent transportation Maria Azees received the B.E. degree in ECE and the
systems: A feasibility study,” IEEE Trans. Intell. Transp. Syst., vol. 16, M.E. degree in applied electronics from St. Xavier’s
no. 4, pp. 1784–1793, Aug. 2015. Catholic College of Engineering, Nagercoil, India,
[30] X. Cheng et al., “Electrified vehicles and the smart grid: The ITS per- affiliated under Anna University, Chennai, India, in
spective,” IEEE Trans. Intell. Transp. Syst., vol. 15, no. 4, pp. 1388–1404, 2011 and 2013, respectively. He is currently working
Aug. 2014. toward the Ph.D. degree with Anna University. His
[31] R. Zhang, X. Cheng, L. Yang, X. Shen, and B. Jiao, “A novel centralized research interests include security and privacy for
TDMA-based scheduling protocol for vehicular networks,” IEEE Trans. VANETs.
Intell. Transp. Syst., vol. 16, no. 1, pp. 411–416, Feb. 2015.
[32] X. Shen, X. Cheng, L. Yang, R. Zhang, and B. Jiao, “Data dissemination
in VANETs: A scheduling approach,” IEEE Trans. Intell. Transp. Syst.,
vol. 15, no. 5, pp. 411–416, Oct. 2014.
[33] X. Lin et al., “TSVC: Timed efficient and secure vehicular communica-
tions with privacy preserving,” IEEE Trans. Wireless Commun., vol. 7, Arputharaj Kannan received the Master of engi-
no. 12, pp. 4987–4998, Dec. 2008. neering and Ph.D. degrees in computer science and
[34] L. J. Deborah, R. Sathiyaseelan, S. Audithan, and P. Vijayakumar, “Fuzzy- engineering from Anna University, Chennai, India,
logic based learning style prediction in e-learning using web interface in 1991 and 2000, respectively. After completing the
information,” Proc. Eng. Sci., vol. 40, no. 2, pp. 379–394, Apr. 2015. master’s degree, he worked as an Assistant Professor
with Anna University, where he is presently working
as a Professor with the Department of Information
Science and Technology, Faculty of Information and
Communication Engineering. He has successfully
produced more than 20 Ph.D. candidates. He is the
author or coauthor of more than 100 papers in several
reputed journals such as Elsevier, Springer, IET, etc. His main thrust areas of
interest include artificial intelligence and database management systems.

Pandi Vijayakumar received the Bachelor of en-


gineering degree from Madurai Kamaraj University, Lazarus Jegatha Deborah received the Bachelor of
Madurai, India, in 2002; the Master of engineering engineering degree from Madurai Kamaraj Univer-
degree in computer science and engineering from sity, Madurai, India, in 2002; the Master of engineer-
Karunya Institute of Technology, Coimbatore, India, ing degree in computer science and engineering from
in 2005; and the Ph.D. degree in computer science Karunya Institute of Technology, Coimbatore, India,
and engineering from Anna University, Chennai, in 2005; and the Ph.D. degree in computer science
India, in 2013. He is currently working as a Dean and engineering from Anna University, Chennai,
in charge of University College of Engineering India, in 2013. She is presently working as an Assis-
Tindivanam, a Constituent College of Anna Uni- tant Professor with and the Head of the Department
versity Chennai, Tindivanam, India. His main thrust of Computer Science and Engineering, University
research areas include key management in network security, VANET security, College of Engineering Tindivanam, Tindivanam,
and multicasting in computer networks. India (a constituent college of Anna University).

Authorized licensed use limited to: Lancaster University. Downloaded on December 13,2020 at 19:53:39 UTC from IEEE Xplore. Restrictions apply.

You might also like