Accountable, Scalable and DoS-resilient Secure Vehicular Communication
- URL: http://arxiv.org/abs/2505.22162v1
- Date: Wed, 28 May 2025 09:25:34 GMT
- Title: Accountable, Scalable and DoS-resilient Secure Vehicular Communication
- Authors: Hongyu Jin, Panos Papadimitratos,
- Abstract summary: broadcasted Cooperative Awareness Messages (CAMs) and Decentralized Environmental Notification Messages (DENMs) are pseudonymous authenticated for security and privacy protection.<n>This creates an asymmetry that can be easily exploited by external adversaries to launch a clogging Denial of Service (DoS) attack.<n>We propose efficient cryptographic constructs, which we term message verification facilitators, to prioritize processing resources for verification of potentially valid messages.
- Score: 0.27624021966289597
- License: http://creativecommons.org/licenses/by-nc-sa/4.0/
- Abstract: Paramount to vehicle safety, broadcasted Cooperative Awareness Messages (CAMs) and Decentralized Environmental Notification Messages (DENMs) are pseudonymously authenticated for security and privacy protection, with each node needing to have all incoming messages validated within an expiration deadline. This creates an asymmetry that can be easily exploited by external adversaries to launch a clogging Denial of Service (DoS) attack: each forged VC message forces all neighboring nodes to cryptographically validate it; at increasing rates, easy to generate forged messages gradually exhaust processing resources and severely degrade or deny timely validation of benign CAMs/DENMs. The result can be catastrophic when awareness of neighbor vehicle positions or critical reports are missed. We address this problem making the standardized VC pseudonymous authentication DoS-resilient. We propose efficient cryptographic constructs, which we term message verification facilitators, to prioritize processing resources for verification of potentially valid messages among bogus messages and verify multiple messages based on one signature verification. Any message acceptance is strictly based on public-key based message authentication/verification for accountability, i.e., non-repudiation is not sacrificed, unlike symmetric key based approaches. This further enables drastic misbehavior detection, also exploiting the newly introduced facilitators, based on probabilistic signature verification and cross-checking over multiple facilitators verifying the same message; while maintaining verification latency low even when under attack, trading off modest communication overhead. Our facilitators can also be used for efficient discovery and verification of DENM or any event-driven message, including misbehavior evidence used for our scheme.
Related papers
- Transcript Franking for Encrypted Messaging [14.460663943390266]
We introduce transcript franking, a new type of protocol that allows reporting subsets of conversations.<n>We define syntax, semantics, and security for transcript franking in two-party and group messaging.
arXiv Detail & Related papers (2025-07-25T15:50:42Z) - Quantum-Safe Identity Verification using Relativistic Zero-Knowledge Proof Systems [3.8435472626703473]
Identity verification is essential in sectors like finance, healthcare, and online services to ensure security and prevent fraud.<n>Current password/PIN-based identity solutions are susceptible to phishing or skimming attacks.<n>We explore identity verification through graph coloring-based relativistic zero-knowledge proofs.
arXiv Detail & Related papers (2025-07-18T18:59:19Z) - CANTXSec: A Deterministic Intrusion Detection and Prevention System for CAN Bus Monitoring ECU Activations [53.036288487863786]
We propose CANTXSec, the first deterministic Intrusion Detection and Prevention system based on physical ECU activations.<n>It detects and prevents classical attacks in the CAN bus, while detecting advanced attacks that have been less investigated in the literature.<n>We prove the effectiveness of our solution on a physical testbed, where we achieve 100% detection accuracy in both classes of attacks while preventing 100% of FIAs.
arXiv Detail & Related papers (2025-05-14T13:37:07Z) - CAIBA: Multicast Source Authentication for CAN Through Reactive Bit Flipping [5.997426999817119]
Controller Area Networks (CANs) are the backbone for reliable intra-vehicular communication.<n>Recent cyberattacks have exposed the weaknesses of CAN, which was designed without any security considerations in the 1980s.<n>We present CAIBA, a novel multicast source authentication scheme specifically designed for communication buses like CAN.
arXiv Detail & Related papers (2025-04-23T13:27:30Z) - Towards Copyright Protection for Knowledge Bases of Retrieval-augmented Language Models via Reasoning [58.57194301645823]
Large language models (LLMs) are increasingly integrated into real-world personalized applications.<n>The valuable and often proprietary nature of the knowledge bases used in RAG introduces the risk of unauthorized usage by adversaries.<n>Existing methods that can be generalized as watermarking techniques to protect these knowledge bases typically involve poisoning or backdoor attacks.<n>We propose name for harmless' copyright protection of knowledge bases.
arXiv Detail & Related papers (2025-02-10T09:15:56Z) - Formal Verification of Permission Voucher [1.4732811715354452]
The Permission Voucher Protocol is a system designed for secure and authenticated access control in distributed environments.<n>The analysis employs the Tamarin Prover, a state-of-the-art tool for symbolic verification, to evaluate key security properties.<n>Results confirm the protocol's robustness against common attacks such as message tampering, impersonation, and replay.
arXiv Detail & Related papers (2024-12-18T14:11:50Z) - Defending Against Attack on the Cloned: In-Band Active Man-in-the-Middle Detection for the Signal Protocol [1.6114012813668932]
We present a solution to active Man-in-the-Middle (MitM) attacks on Signal.<n>Our solution automates the process of key confirmation without relying on the intervention of users.<n>We document the new security guarantees while preserving the existing security guarantees of Signal.
arXiv Detail & Related papers (2024-10-21T15:23:58Z) - It Takes Two: A Peer-Prediction Solution for Blockchain Verifier's Dilemma [12.663727952216476]
We develop a Byzantine-robust peer prediction framework towards the design of one-phase Bayesian truthful mechanisms for the decentralized verification games.<n>Our study provides a framework of incentive design for decentralized verification protocols that enhances the security and robustness of the blockchain.
arXiv Detail & Related papers (2024-06-03T21:21:17Z) - A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure.
This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus.
We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
arXiv Detail & Related papers (2024-01-19T14:52:04Z) - Generative AI-aided Joint Training-free Secure Semantic Communications
via Multi-modal Prompts [89.04751776308656]
This paper proposes a GAI-aided SemCom system with multi-model prompts for accurate content decoding.
In response to security concerns, we introduce the application of covert communications aided by a friendly jammer.
arXiv Detail & Related papers (2023-09-05T23:24:56Z) - Certifiably Robust Policy Learning against Adversarial Communication in
Multi-agent Systems [51.6210785955659]
Communication is important in many multi-agent reinforcement learning (MARL) problems for agents to share information and make good decisions.
However, when deploying trained communicative agents in a real-world application where noise and potential attackers exist, the safety of communication-based policies becomes a severe issue that is underexplored.
In this work, we consider an environment with $N$ agents, where the attacker may arbitrarily change the communication from any $CfracN-12$ agents to a victim agent.
arXiv Detail & Related papers (2022-06-21T07:32:18Z) - Robust and Verifiable Information Embedding Attacks to Deep Neural
Networks via Error-Correcting Codes [81.85509264573948]
In the era of deep learning, a user often leverages a third-party machine learning tool to train a deep neural network (DNN) classifier.
In an information embedding attack, an attacker is the provider of a malicious third-party machine learning tool.
In this work, we aim to design information embedding attacks that are verifiable and robust against popular post-processing methods.
arXiv Detail & Related papers (2020-10-26T17:42:42Z) - Backdoor Attack against Speaker Verification [86.43395230456339]
We show that it is possible to inject the hidden backdoor for infecting speaker verification models by poisoning the training data.
We also demonstrate that existing backdoor attacks cannot be directly adopted in attacking speaker verification.
arXiv Detail & Related papers (2020-10-22T11:10:08Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.