Formal analysis of V2X revocation protocols

Jorden Whitefield; Liqun Chen; Frank Kargl; Andrew Paverd; Steve Schneider; Helen Treharne; Stephan Wesemeyer

doi:10.1007/978-3-319-68063-7_10

Formal analysis of V2X revocation protocols

Jorden Whitefield, Liqun Chen, Frank Kargl, Andrew Paverd, Steve Schneider, Helen Treharne^*, Stephan Wesemeyer

^*Tämän työn vastaava kirjoittaja

Tutkimustuotos: Artikkeli kirjassa/konferenssijulkaisussa › Conference contribution › Scientific › vertaisarvioitu

17 Sitaatiot (Scopus)

Abstrakti

Research on vehicular networking (V2X) security has produced a range of securitymechanisms and protocols tailored for this domain, addressing both security and privacy. Typically, the security analysis of these proposals has largely been informal. However, formal analysis can be used to expose flaws and ultimately provide a higher level of assurance in the protocols. This paper focusses on the formal analysis of a particular element of security mechanisms for V2X found in many proposals, that is the revocation of malicious or misbehaving vehicles from the V2X system by invalidating their credentials. This revocation needs to be performed in an unlinkable way for vehicle privacy even in the context of vehicles regularly changing their pseudonyms. The Rewire scheme by Förster et al. and its subschemes Plain and R-token aim to solve this challenge by means of cryptographic solutions and trusted hardware. Formal analysis using the Tamarin prover identifies two flaws: one previously reported in the lierature concerned with functional correctness of the protocol, and one previously unknown flaw concerning an authentication property of the R-token scheme. In response to these flaws we propose Obscure Token (O-token), an extension of Rewire to enable revocation in a privacy preserving manner. Our approach addresses the functional and authentication properties by introducing an additional key-pair, which offers a stronger and verifiable guarantee of successful revocation of vehicles without resolving the long-term identity. Moreover O-token is the first V2X revocation protocol to be co-designed with a formal model.

Alkuperäiskieli	Englanti
Otsikko	Security and Trust Management - 13th International Workshop, STM 2017, Proceedings
Kustantaja	SPRINGER
Sivut	147-163
Sivumäärä	17
ISBN (painettu)	9783319680620
DOI - pysyväislinkit	https://doi.org/10.1007/978-3-319-68063-7_10
Tila	Julkaistu - 2017
OKM-julkaisutyyppi	A4 Artikkeli konferenssijulkaisuussa
Tapahtuma	International Workshop on Security and Trust Management - Oslo, Norja Kesto: 14 syysk. 2017 → 15 syysk. 2017 Konferenssinumero: 13

Julkaisusarja

Nimi	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Vuosikerta	10547 LNCS
ISSN (painettu)	0302-9743
ISSN (elektroninen)	1611-3349

Workshop

Workshop	International Workshop on Security and Trust Management
Lyhennettä	STM
Maa/Alue	Norja
Kaupunki	Oslo
Ajanjakso	14/09/2017 → 15/09/2017

Pääsy asiakirjaan

10.1007/978-3-319-68063-7_10

OpenUrl-saatavuus

Koko teksti

Muut tiedostot ja linkit

Link to publication in Scopus

Siteeraa tätä

Whitefield, J., Chen, L., Kargl, F., Paverd, A., Schneider, S., Treharne, H., & Wesemeyer, S. (2017). Formal analysis of V2X revocation protocols. teoksessa Security and Trust Management - 13th International Workshop, STM 2017, Proceedings (Sivut 147-163). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vuosikerta 10547 LNCS). SPRINGER. https://doi.org/10.1007/978-3-319-68063-7_10

@inproceedings{29161f685c4240e595e9aca935986019,

title = "Formal analysis of V2X revocation protocols",

abstract = "Research on vehicular networking (V2X) security has produced a range of securitymechanisms and protocols tailored for this domain, addressing both security and privacy. Typically, the security analysis of these proposals has largely been informal. However, formal analysis can be used to expose flaws and ultimately provide a higher level of assurance in the protocols. This paper focusses on the formal analysis of a particular element of security mechanisms for V2X found in many proposals, that is the revocation of malicious or misbehaving vehicles from the V2X system by invalidating their credentials. This revocation needs to be performed in an unlinkable way for vehicle privacy even in the context of vehicles regularly changing their pseudonyms. The Rewire scheme by F{\"o}rster et al. and its subschemes Plain and R-token aim to solve this challenge by means of cryptographic solutions and trusted hardware. Formal analysis using the Tamarin prover identifies two flaws: one previously reported in the lierature concerned with functional correctness of the protocol, and one previously unknown flaw concerning an authentication property of the R-token scheme. In response to these flaws we propose Obscure Token (O-token), an extension of Rewire to enable revocation in a privacy preserving manner. Our approach addresses the functional and authentication properties by introducing an additional key-pair, which offers a stronger and verifiable guarantee of successful revocation of vehicles without resolving the long-term identity. Moreover O-token is the first V2X revocation protocol to be co-designed with a formal model.",

keywords = "Ad hoc networks, Authentication, Security verification, V2X",

author = "Jorden Whitefield and Liqun Chen and Frank Kargl and Andrew Paverd and Steve Schneider and Helen Treharne and Stephan Wesemeyer",

year = "2017",

doi = "10.1007/978-3-319-68063-7_10",

language = "English",

isbn = "9783319680620",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "SPRINGER",

pages = "147--163",

booktitle = "Security and Trust Management - 13th International Workshop, STM 2017, Proceedings",

address = "Germany",

note = "International Workshop on Security and Trust Management, STM ; Conference date: 14-09-2017 Through 15-09-2017",

}

Whitefield, J, Chen, L, Kargl, F, Paverd, A, Schneider, S, Treharne, H & Wesemeyer, S 2017, Formal analysis of V2X revocation protocols. julkaisussa Security and Trust Management - 13th International Workshop, STM 2017, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Vuosikerta 10547 LNCS, SPRINGER, Sivut 147-163, International Workshop on Security and Trust Management, Oslo, Norja, 14/09/2017. https://doi.org/10.1007/978-3-319-68063-7_10

Formal analysis of V2X revocation protocols. / Whitefield, Jorden; Chen, Liqun; Kargl, Frank et al.

Security and Trust Management - 13th International Workshop, STM 2017, Proceedings. SPRINGER, 2017. s. 147-163 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vuosikerta 10547 LNCS).

Tutkimustuotos: Artikkeli kirjassa/konferenssijulkaisussa › Conference contribution › Scientific › vertaisarvioitu

TY - GEN

T1 - Formal analysis of V2X revocation protocols

AU - Whitefield, Jorden

AU - Chen, Liqun

AU - Kargl, Frank

AU - Paverd, Andrew

AU - Schneider, Steve

AU - Treharne, Helen

AU - Wesemeyer, Stephan

N1 - Conference code: 13

PY - 2017

Y1 - 2017

N2 - Research on vehicular networking (V2X) security has produced a range of securitymechanisms and protocols tailored for this domain, addressing both security and privacy. Typically, the security analysis of these proposals has largely been informal. However, formal analysis can be used to expose flaws and ultimately provide a higher level of assurance in the protocols. This paper focusses on the formal analysis of a particular element of security mechanisms for V2X found in many proposals, that is the revocation of malicious or misbehaving vehicles from the V2X system by invalidating their credentials. This revocation needs to be performed in an unlinkable way for vehicle privacy even in the context of vehicles regularly changing their pseudonyms. The Rewire scheme by Förster et al. and its subschemes Plain and R-token aim to solve this challenge by means of cryptographic solutions and trusted hardware. Formal analysis using the Tamarin prover identifies two flaws: one previously reported in the lierature concerned with functional correctness of the protocol, and one previously unknown flaw concerning an authentication property of the R-token scheme. In response to these flaws we propose Obscure Token (O-token), an extension of Rewire to enable revocation in a privacy preserving manner. Our approach addresses the functional and authentication properties by introducing an additional key-pair, which offers a stronger and verifiable guarantee of successful revocation of vehicles without resolving the long-term identity. Moreover O-token is the first V2X revocation protocol to be co-designed with a formal model.

AB - Research on vehicular networking (V2X) security has produced a range of securitymechanisms and protocols tailored for this domain, addressing both security and privacy. Typically, the security analysis of these proposals has largely been informal. However, formal analysis can be used to expose flaws and ultimately provide a higher level of assurance in the protocols. This paper focusses on the formal analysis of a particular element of security mechanisms for V2X found in many proposals, that is the revocation of malicious or misbehaving vehicles from the V2X system by invalidating their credentials. This revocation needs to be performed in an unlinkable way for vehicle privacy even in the context of vehicles regularly changing their pseudonyms. The Rewire scheme by Förster et al. and its subschemes Plain and R-token aim to solve this challenge by means of cryptographic solutions and trusted hardware. Formal analysis using the Tamarin prover identifies two flaws: one previously reported in the lierature concerned with functional correctness of the protocol, and one previously unknown flaw concerning an authentication property of the R-token scheme. In response to these flaws we propose Obscure Token (O-token), an extension of Rewire to enable revocation in a privacy preserving manner. Our approach addresses the functional and authentication properties by introducing an additional key-pair, which offers a stronger and verifiable guarantee of successful revocation of vehicles without resolving the long-term identity. Moreover O-token is the first V2X revocation protocol to be co-designed with a formal model.

KW - Ad hoc networks

KW - Authentication

KW - Security verification

KW - V2X

UR - http://www.scopus.com/inward/record.url?scp=85030171055&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-68063-7_10

DO - 10.1007/978-3-319-68063-7_10

M3 - Conference contribution

AN - SCOPUS:85030171055

SN - 9783319680620

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 147

EP - 163

BT - Security and Trust Management - 13th International Workshop, STM 2017, Proceedings

PB - SPRINGER

T2 - International Workshop on Security and Trust Management

Y2 - 14 September 2017 through 15 September 2017

ER -

Whitefield J, Chen L, Kargl F, Paverd A, Schneider S, Treharne H et al. Formal analysis of V2X revocation protocols. julkaisussa Security and Trust Management - 13th International Workshop, STM 2017, Proceedings. SPRINGER. 2017. s. 147-163. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-319-68063-7_10

Formal analysis of V2X revocation protocols

Abstrakti

Julkaisusarja

Workshop

Pääsy asiakirjaan

OpenUrl-saatavuus

Muut tiedostot ja linkit

Sormenjälki

Siteeraa tätä