Contents I. Introduction
In Recent years, Internet of Things (IoT) evolved so rapidly that paved the way for smart cities. A Vehicular Ad hoc Network (VANET) is a technology employed in smart cities to establish an intelligent transportation system that provides security to roads, safety to pedestrians, passengers, drivers [1]. There are two basic communication modes in VANET: 1) Vehicle-to-Vehicle (V2V) communication, 2) Vehicle-to-Infrastructure (V2I) communication. Both modes make use of the Dedicated Short Range Communication (DSRC) standard [2]. According to DSRC, each vehicle has to broadcast regular position beacon messages (known as BSMs in the US standard) every 300 [2], [3]. In addition, prior to accepting a received message, vehicles must first verify the message validity, to avoid communication with revoked vehicles, the message integrity as the adversary may falsify the original messages during transmission. Furthermore, the privacy of VANET users must be preserved, otherwise, an adversary most likely obtains sensitive information such as a driver's name, travel route, or license plate [4]. According to [2], the privacy of vehicles mightn’t well be preserved even with frequently switching pseudonyms. This is due to the fact that the main privacy problem lies within the BSM itself as it contains the vehicle's position, speed, heading, acceleration. However, it is being broadcast up to 10 times per second in plaintext, which facilitates messages linking, traceability attacks by an adversary [2]. VANETs essentially require deploying a revocation mechanism to prevent malicious vehicles from any future communication, thus remove them from the network. A traditional method for the revocation mechanism in VANETs is to deploy Certification Revocation Lists (CRLs). Basically, CRLs are lists, containing all (malicious) revoked vehicles’ certificates. On the one hand, CRLs are regularly distributed to enhance the overall security, safety of vehicular networks, but on the other hand, they are time-consuming in terms of the checking process, more likely to be very large in size over time [5]. As a result, they cause a heavy burden on computation, communication processes. Nevertheless, in CRLs-based authentication schemes, all Road-Side Units (RSUs), vehicles must store, regularly update CRLs, firstly check them upon receiving a message [6]. According to [7], a vehicle consumes 9 to check one identity in CRL, 11 to verify an attached signature with a received message. Suppose the number of revoked vehicles in CRL is , then the total number of messages which can be verified in one second is [7]. It is obvious that CRL checking alongside signature verification presents an excessive computation, communication delay, considerably degrading VANETs performance [3]. Additionally, the delivery time of BSMs is still another concern in VANET. In other words, a cooperative safety driving system cannot avoid traffic accidents if BSMs delivery time is larger than 0.5 [8]. Moreover, if an accident occurred, the accident information could not be transmitted to users who need it as fast as possible, more serious issues such as traffic congestion or more tragic traffic accidents would probably happen [9]. Consequently, it is critical for a vehicular communication system to efficiently handle the issues of processing, fast sharing of BSMs. Furthermore, DoS (de-synchronization) attacks are another possible key issue in VANET when a vehicle requests an update of its secret credentials from RSU or TA. Even though many authentication schemes have been proposed in the literature for VANET, they still suffer from most of the issues mentioned above. In addition, most schemes are designed based on an assumption that a vehicle is equipped with tamper-proof key storage/On-Board Units (OBUs). Nonetheless, an adversary can still mount side-channel attacks, i.e., a power analysis attack, on a vehicle's OBU, obtain all secret materials stored in it since the adversary may easily gain access to parked vehicles or RSUs [10]. Hence it is concluded that the aforementioned issues are critical to VANET, addressing them is of the utmost importance. However, they are not resolved well in the existing literature. To address these issues, this article contributes towards proposing a physically secure privacy-preserving message authentication protocol based on Physical Unclonable Function (PUF), (, )-Shamir's Secret Sharing [11]. By utilizing PUF, the authenticity of a signer, e.g., a vehicle, is always proved as an adversary cannot tamper with PUF. The major contributions of our proposed protocol are as follows.
PUF, Secret Sharing-based key establishment, where the entities (vehicle, RSUs) can make use of their PUF to reconstruct a secret polynomial-share . Consequently, pairwise temporal secret keys PTKs can be established with other entities. Moreover, an adversary cannot impersonate a legal entity due to employing PUF.
Secret Sharing-based revocation mechanism, compared with the existing protocols that use CRLs for entity revocation, our proposed (, )-Secret Sharing-based Session Group Key Distribution (SGKD) reduced the revocation time complexity from (log) to . Moreover, our revocation mechanism is more flexible as it enables temporary revocation besides the permanent one.
Polynomial-based broadcast encryption, expeditious message transmission. According to [2], it is still challenging to encrypt broadacst, anonymously authenticate VANET messages. We addressed the aforementioned challenge by introducing two novel algorithms (namely, Broadcast Encryption, Broadcast Decryption) wherein a polynomial-based encrypted broadcast is used, which is symmetric, lightweight. The encrypted broadcast can be authenticated, decrypted by only legitimate vehicles. As a result, our protocol thwarts an eavesdropper from linking messages to trace a vehicle Furthermore, our protocol doesn’t require a third party during V2V communication, thus authenticated message transmission is expeditious.
One-side secret renewal mechanism. Unlike many existing schemes, our protocol is secure against de-synchronization attacks, owing to PTKs, secret renewal mechanism.
