WO2008063899A2 - Method for exchanging message and verifying the authenticity of the messages in an ad hoc network - Google Patents

Method for exchanging message and verifying the authenticity of the messages in an ad hoc network Download PDF

Info

Publication number
WO2008063899A2
WO2008063899A2 PCT/US2007/084044 US2007084044W WO2008063899A2 WO 2008063899 A2 WO2008063899 A2 WO 2008063899A2 US 2007084044 W US2007084044 W US 2007084044W WO 2008063899 A2 WO2008063899 A2 WO 2008063899A2
Authority
WO
WIPO (PCT)
Prior art keywords
node
certificate authority
nodes
signature
tesla
Prior art date
Application number
PCT/US2007/084044
Other languages
French (fr)
Other versions
WO2008063899A3 (en
Inventor
Kenneth P. Laberteaux
Yih-Chun Hu
Original Assignee
Toyota Motor Engineering & Manufacturing North America, Inc.
The Board Of Trustees, University Of Illinois At Urbana-Champaign
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Toyota Motor Engineering & Manufacturing North America, Inc., The Board Of Trustees, University Of Illinois At Urbana-Champaign filed Critical Toyota Motor Engineering & Manufacturing North America, Inc.
Publication of WO2008063899A2 publication Critical patent/WO2008063899A2/en
Publication of WO2008063899A3 publication Critical patent/WO2008063899A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/006Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving public key infrastructure [PKI] trust models
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/106Packet or message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/80Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/84Vehicles

Abstract

A method for exchanging messages containing reliable information between nodes in an ad hoc network, such as a vehicle ad hoc network. The method includes the steps of providing a public key for a PKI encrypted certificate authority signature to all nodes known to transmit reliable information. Each node transmits a signal containing node identification information and the PKI encrypted certificate authority signature associated with that node. Each node also receives like signals from other nodes and then decrypts the certificate authority signatures from the received signals by using the certificate authority public key to ascertain the authenticity of the received certificate authority signatures and the reliability of the received message. Thereafter, the nodes receive and accept messages with a TESLA encrypted signature only with nodes identified to have authentic certificate authority signatures until the occurrence of a subsequent predefined event, such as a new node in the network or the elapse of a predetermined time period.

Description

METHOD FOR EXCHANGING MESSAGES AND VERIFYING THE AUTHENTICITY OF THE MESSAGES IN AN AD HOC NETWORK
CROSS-REFERENCE TO RELATED APPLICATIONS
[0001] This application claims priority of United States Provisional Patent Application Serial Nos. 60/865,246 filed November 10, 2006 and 60/891,385 filed February 23, 2007, and United States Patent Application Serial No. 11/936,509 filed November 7, 2007, the contents of each are incorporated herein by reference.
BACKGROUND OF THE INVENTION
I. FIELD OF THE INVENTION [0002] The present invention relates to a method for exchanging reliable information between nodes in an ad hoc network.
II. DESCRIPTION OF RELATED ART
[0003] On an average day, hundreds of people are killed and thousands injured in automotive accidents. This, in turn, results in a huge expenditure of health care dollars for treating those injured in such automotive accidents.
[0004] Many automotive accidents, however, are preventable if the vehicle driver is warned of a hazardous driving condition, or the vehicle itself reacts automatically to such a hazardous condition. For example, a driver may cause a chain reaction accident by rapidly applying his or her brakes in order to avoid collision with a deer or other animal. The drivers behind the vehicle about to strike the animal, however, are unable to brake sufficiently rapidly in order to avoid an accident thus resulting in a chain reaction accident. However, such an accident may be theoretically prevented, or at least the injuries and/or damages minimized, if the driver and/or vehicle potentially involved in the accident are able to react sufficiently rapidly to hazardous driving conditions in the vicinity. [0005] For that reason, dedicated short range communications (DSRC) have been proposed to permit communication between automotive vehicles as well as vehicles and infrastructure for safety communications. Indeed, the federal government in the United States has allotted 75 MHz of the wireless spectrum in the 5.9 GHz range for such communications. [0006] In managing the wireless communication between different vehicles, as well as between vehicles and infrastructure, authentication that the messages received by any particular automotive vehicle are trustworthy and constitute reliable information is paramount. Without such authentication, the vehicles may receive wireless communication from parties who intentionally transmit incorrect information for whatever private purpose, as well as vehicles that, through malfunction, transmit incorrect information. Without authentication of the reliability of the received messages, unsafe traffic conditions, traffic congestion, etc. may result. [0007] In order to enable automotive vehicles to communicate between themselves and optionally infrastructure, it has been previously proposed to form a vehicle ad hoc network (VANET) with the automotive vehicles that are within the range of interest for the automotive vehicle. Such vehicles would then communicate amongst themselves within the network providing safety information, such as the status or status of operation of each vehicle in the network as well as infrastructure adjacent the road. [0008] In order to ensure the authenticity of the messages received within the network, it has been previously proposed to use public key infrastructure (PKI) encryption of the messages transmitted over the network. In such a PKI encryption system, a certificate authority, such as a governmental body, distributes a public key to all the vehicles or nodes within the network. The certificate authority then also provides a signature encrypted with a private key to each node or vehicle and in which the signature is unique to that particular vehicle. For example, the PKI encrypted certificate authority signature may be bound to the vehicle identification number (VIN), license plate, and/or the like. The certificate authority may also revoke the encrypted signature for any particular vehicle if it is determined that that vehicle no longer transmits trustworthy or reliable information. [0009] In practice, the vehicles in the node transmit a message, which includes not only the vehicle identification but potentially safety information, together with the encrypted certificate authority signature. Upon receipt of that message by another vehicle, the other vehicle utilizes the public key of the certificate authority to decrypt the received certificate authority signature. That decrypted signature is then compared to a result of a hash function applied to the received message. If a match results, both the accuracy of the message is authenticated as well as the signature of the signature certificate authority thus verifying that the information received is valid. Otherwise, the received message is discarded and ignored.
[0010] The certificate authority, of course, retains the ability to revoke its encrypted certificate authority signature from any particular vehicle at any time in the event that that vehicle begins to transmit unreliable information. [0011] While the PKI encryption method for authenticating received messages in an ad hoc network provides sufficient security for the authenticity of the messages received in the ad hoc network, the security certificate authority signature which accompanies the messages transmitted in the network is several times the size of the actual message itself. This, together with the repetitive description of the certificate authority signature for each message, results in higher computational cost and bandwidth requirements, particularly where there are numerous vehicles in the ad hoc network.
SUMMARY OF THE PRESENT INVENTION
[0012] The present invention provides a security authentication process for an ad hoc network, such as a vehicle ad hoc network, which overcomes the disadvantages of the previously known proposals for such networks.
[0013] In brief, as each new node is detected in the ad hoc network, the nodes in the network exchange identification and authentication information utilizing PKI encryption. As such, each node transmits the vehicle information, such as the VIN and the node public key, as well as the certificate authority signature which preferably constitutes the hash function result of the VIN concatenated with the node public key encrypted with the certificate authority private key. The receiving node then decrypts the certificate authority signature with the certificate authority public key and compares the result with the hash function result of the received VIN concatenated with the node public key. Unless a match is obtained, the entire message is disregarded. Otherwise, the receiving node caches the identity of the new node as authentic so that any message received from the new authenticated node is regarded as reliable information. [0014] The future exchange of messages or communication between the two nodes, following authentication of each node, is then conducted using Timed Efficient Stream Loss tolerant Authentication (TESLA) encryption. Initially a TESLA certificate is transmitted which comprises the TESLA parameters, the root K0 of a randomly derived hash chain and the TESLA signature which, in turn, consists of the hash function result of the TESLA parameters concatenated with the current hash function result Kn encrypted with the node private key. Thereafter, information is exchanged by appending a TESLA signature to each message until the hash chain is exhausted. [0015] Upon receipt of each message together with the TESLA signature, the receiving node caches both the message and the TESLA signature. Upon receipt of the next TESLA message and signature which contains Kn+1, i.e. the next key or hash function in the hash chain, the receiving node uses Kn+1 to decrypt the signature and compare the result with the hash function result of the received message. If a match occurs, the message is authenticated. Otherwise it is discarded. In either event, the hash result Kn is then released and cannot be again used, at least not for a long time.
[0016] Since the keys or passwords utilized in the TESLA encryption exist for only a brief period of time before they are released, relatively short encryption keys may be used without breach of security. This, in turn, results in a much more efficient use of the available bandwidth, particularly when the ad hoc network contains many nodes, as well as greatly reduced computational requirements. Indeed, the only disadvantage of the TESLA encryption is that a slight time delay occurs between the receipt of the message and the time it may be decrypted. [0017] Communication between the nodes continues until the occurrence of a predetermined event. For example, such a predetermined event may arise when a new node enters the network. When that happens, the certificate authority certificate is exchanged with the newly arriving node and, after authentication of the validity of the new node, communication resumes using TESLA encryption.
BRIEF DESCRIPTION OF THE DRAWING
[0018] A better understanding of the present invention will be had upon reference to the following detailed description when read in conjunction with the accompanying drawing, wherein like reference characters refer to like parts throughout the several views, and in which: [0019] FIG. 1 is a diagrammatic view illustrating an ad hoc network; [0020] FIG. 2 is a view illustrating the structure of a data packet using PKI encryption for the signature;
[0021] FIG. 3 is a diagrammatic view illustrating a hash function used in TESLA encryption; [0022] FIG. 4 is a diagrammatic view illustrating TESLA encryption; [0023] FIG. 5 is a flowchart illustrating the operation of the present invention; [0024] FIG. 6 illustrates an exemplary TESLA certificate; and [0025] FIG. 7 illustrates an exemplary TESLA message packet.
DETAILED DESCRIPTION OF A PREFERRED EMBODIMENT OF THE PRESENT INVENTION
[0026] With reference first to FIG. 1, two automotive vehicles 20 and 22 are there illustrated diagrammatically. Each vehicle 20 and 22, furthermore, is equipped with dedicated short range communication (DSRC) equipment to enable wireless communication between the vehicles 20 and 22. At present, such wireless communication is permitted in the United States in the 5.9 GHz band. Specifically, the United States federal government has provided 7 channels, each 10 MHz in bandwidth, beginning at 5.9 GHz. [0027] In a fashion that will be subsequently described in greater detail, the vehicles 20 and
22 form a vehicular ad hoc network having two nodes, namely the vehicle 20 and the vehicle 22.
In the event that a third vehicle 24 enters a range of interest of the vehicles 20 and 22, i.e. the vehicle 24 is sufficiently close to the other vehicles 20 and 22 that the action of the vehicle 24 may impact on the safety of the vehicles 20 and/or 22, the vehicle 24 also becomes part of the ad hoc network. The ad hoc network may also include infrastructure information providers or servers 26 adjacent the road 28 on which the vehicles 20-24 travel. [0028] Short range wireless communication between the vehicles 20-24 serves several purposes. Of these, safety applications are considered to be the most important. For example, if the vehicle 20 were to rapidly apply its brakes, the transmission of that information to the vehicles 22 and 24 may be sufficient to avert a rear-end collision between either the vehicles 20 and 22 or the vehicles 22 and 24. [0029] Such wireless communication between the vehicles 20 and 24 and an adjacent server 26 may also be used for commercial purposes. For example, the vehicles 20-24 may utilize the server 26 to make certain purchases while traveling.
[0030] In either event, the information transmitted by any of the vehicles 20-24 or the roadside server 26 should be authenticated as reliable information. Otherwise, transmission of erroneous information by any of the vehicles 20-24 or the roadside server 26, either intentionally or through equipment malfunction, may create chaos on the road 28 and actually increase the safety risk, rather than reduce it. Such authentication also deters subsequent reproduction of commercial transactions. [0031] In order to provide both security and authentication, a public key infrastructure (PKI) encryption method is employed. In a PKI encryption method, each node or vehicle is assigned both a public key and a private key. The node possesses the private key whereas the verifiers, i.e. the other nodes in the network, have access only to the public key. Knowing the private key allows the node to generate valid signatures and these signatures are then subsequently verified by using the public key. However, it is computationally infeasible to generate a valid signature with the public key alone.
[0032] In order to ensure that the public key belongs to the node being authenticated, PKI is employed so that a certificate authority signs or encrypts bindings or certificates between the public keys and the node identifiers, such as the Vehicle Identification Number (VIN). The certificate authority may, for example, be a government authority, its proxy or delegate and will freely distribute the public key for the certificate authority to all nodes that are in the ad hoc network or may become in the ad hoc network. Specifically, the certificate authority signature for an individual node is created by first calculating a hash function such as MD5 or SHA-I, of the node identifier concatenated with the node public key. That result is then encrypted with the certificate authority private key to form the certificate authority signature and an exemplary data packet is shown in FIG. 2.
[0033] Prior to describing the actual operation of the present invention, the present invention also utilizes timed efficient stream loss tolerant authentication (TESLA) as a part of the communication scheme between the nodes or vehicles 20-24. TESLA authentication, however, is only employed after the trustworthiness of the node has been authenticated by PKI decryption of the certificate authority signature.
[0034] First, a TESLA certificate must be exchanged between the nodes to verify that the subsequent TESLA messages are authentic. An exemplary TESLA certificate or data packet is shown in FIG. 6 and comprises TESLA parameters 70, e.g. timing parameters, the root Ko of a hash chain (discussed below) and the TESLA node signature 72. Preferably the TESLA node signature 72 is formed by concatenating the TESLA parameters 70 with the hash chain root K0, encrypting the result with a hash function and then signing the result with the private key for the node. In this fashion the TESLA signature is unique for each node. [0035] With reference now to FIG. 3, in order to utilize TESLA encryption, a random number KN is selected where N is an arbitrary number, e.g. 2000, which defines the length of the hash chain, as well as a public one-way hash function F where K1 = F(K1-I-I). A hash chain is formed by applying the function F from KN successively until the root Ko is calculated. An exemplary hash chain shown in FIG. 3 is then used for decryption in reverse order of construction, i.e., Kn+1 is used to decrypt the TESLA signature of the message associated with KN to authenticate the message. Furthermore, it is infeasible to derive K1 from Kj where j is less than i. As such, it is computationally infeasible to generate a bogus hash chain. [0036] With reference now to FIGS. 4 and 7, the mechanism for authenticating messages 50 having a TESLA encrypted signature 52 is illustrated. First, the TESLA signature 52 is formed by concatenating the message with the current hash chain key K1-1 and then encrypting the result with the next key K1 in the hash chain at time V1. Thereafter, at time t^.^+Δt the message 50 together with the TESLA encrypted signature 52 is transmitted by the node. At this time, however, the TESLA signature 52 cannot be decrypted nor can the message 50 be authenticated since the decryption key K1 is unknown. [0037] At time t^.^+lΔt the decryption key K1, i.e. the next value in the hash chain, is transmitted by the node together with the next message. The key K1 is then used to decode or decrypt the TESLA encrypted signature 52 and, in doing so, authenticate the contents of the message 50. Such authentication occurs by comparing the decrypted TESLA signature with the hash function result of the message 50. Furthermore, after such use, the key K1 is released so that it may not be reused.
[0038] With reference now to FIG. 5, the operation of the method of the present invention will now be summarized. At step 100, the public key for the certificate authority is freely distributed to all vehicles or nodes that are either in the ad hoc network or may become in the ad hoc network. Step 100 then proceeds to step 102. At step 102, the certificate authority assigns certificates which bind the node identifiers, such as a vehicle identification number and node public key, to the node and provides the certificates to the various nodes in the fashion previously described. Since the node identification numbers will be different for each node, each certificate provided by the certificate authority at step 102 will be different for each different node. Step 102 then proceeds to step 104.
[0039] At step 104, one node (referred to herein as the primary node for ease of explanation) determines if another node (referred to as a secondary node for ease of explanation) has been detected. If not, step 104 merely branches back to itself until a secondary node is detected.
[0040] Once detected, step 104 instead branches to step 106 where the primary node transmits its message, typically the vehicle identification number and public key, together with the PKI certificate from the certificate authority to the secondary node. Step 106 then proceeds to step 108 where the primary node receives the corresponding information from the secondary node in the form of a data packet. Step 108 then proceeds to step 110.
[0041] At step 110, the primary node decrypts the received data packet at step 108 by decrypting the signature of the received signal using the public key from the certificate authority and comparing that result with the result of a hash function applied to the message. If these two values match, the message is authentic and uncorrupted and simultaneously the certificate authority has vouched that the information transmitted by the secondary node is reliable or trustworthy. Thus, in that event step 110 proceeds to step 111. Otherwise, indicating that the message has been corrupted or that the certificate authority does not vouch for the reliability of the message received by the primary node, step 110 instead branches back to step 104 where the node transmission is disregarded and the above process is repeated. [0042] At step 111 the nodes exchange the TESLA parameters, the root Ko of the hash chain and the TESLA signature. Upon verification of the TESLA signature, step 111 proceeds to step 112 and otherwise back to step 104.
[0043] At step 112, the nodes exchange information via wireless communication utilizing messages with TESLA signature encryption using the hash chain keys previously described. Step 112 then proceeds to step 114 where the algorithm determines if a predefined event, such as the elapse of a predetermined time period such as one second to prevent excessive transmissions of the PKI and TESLA certificates, a new node appearing in the ad hoc network, etc. has occurred. If not, step 114 branches back to step 112 where communication between the nodes using TESLA signature encryption continues. However, after the predetermined event is encountered, step 114 proceeds back to step 104 where the above process is repeated. [0044] Once the hash chain is exhausted, a new hash chain is created and the exchange of messages resumes beginning at the exchange of the TESLA parameters at step 111. [0045] From the foregoing, it can be seen that the method of the present invention provides a robust yet efficient system for security authentication of messages in an ad hoc network, such as a vehicular ad hoc network. In particular, since PKI encryption employed for the certificate authority signature is bound to the vehicle identification information, it is computationally infeasible to determine the private key for the node from the PKI encrypted signature thus providing robust, albeit it computationally costly, authentication of the identity and reliability of the node.
[0046] However, once the node is identified as not only valid, but also reliable or trustworthy, TESLA encrypted signature security is then used for authentication of the messages exchanged between the nodes until a predetermined event, such as the detection of a new node or the elapse of a predetermined time period, occurs. TESLA encryption is much more computationally efficient, thus requiring significantly less computational power and bandwidth than PKI encryption. Consequently, PKI encryption is first used to verify not only the identity of the node, but also the trustworthiness or the reliability of the information transmitted by the node. Once that has been authenticated, data with TESLA encryption may then be used for the rapid and efficient exchange of information between the nodes in the ad hoc network. [0047] Having described our invention, many modifications thereto will become apparent to those skilled in the art to which it pertains without deviation from the spirit of the invention as defined by the scope of the appended claims. [0048] We claim:

Claims

1. A method for exchanging messages containing reliable information between nodes in an ad hoc network comprising the steps of:
(a) providing a public key for a PKI encrypted certificate authority signature to all nodes,
(b) providing a private key PKI encrypted certificate authority signature to all nodes known to transmit reliable information,
(c) each node transmitting a signal containing node identification information and the PKI encrypted certificate authority signature associated with that node, (d) each node receiving said signals from the other nodes,
(e) each node decrypting the certificate authority signatures received from the other nodes by using the public key to ascertain the authenticity of the received certificate authority signatures,
(f) thereafter said nodes receiving and authenticating messages with a TESLA encrypted signature only with nodes identified to have an authentic certificate authority signature until the occurrence of a subsequent predefined event.
2. The invention as defined in claim 1 wherein said subsequent event comprises a new node joining the ad hoc network.
3. The invention as defined in claim 1 wherein said subsequent event comprises the elapse of a predetermined time period from step (c).
4. The invention as defined in claim 1 wherein said subsequent event comprises the elapse of a predetermined time period from step (c) and a new node joining the ad hoc network.
5. The invention as defined in claim 1 and comprising the steps of repeating step (c) through step (f) after the occurrence of said predefined event.
6. The invention as defined in claim 1 and comprising the step of releasing the authenticity of the TESLA signature within a predefined time period following said receiving and accepting a message with the TESLA encrypted signature.
7. The invention as defined in claim 1 and further comprising the step of time synchronizing a clock to a transmission from a global positioning system to messages with TESLA encrypted signatures.
8. The invention as defined in claim 1 wherein said transmitting step comprises the step of transmitting a radio signal.
9. The invention as defined in claim 1 wherein said ad hoc network comprises a vehicle ad hoc network.
10. A method for exchanging messages containing reliable information between nodes in an ad hoc network in which each node is provided with a public key for a PKI encrypted certificate authority signature and in which each node known to transmit reliable information is provided with a private key PKI encrypted certificate authority signature, said method comprising the steps of:
(a) each node transmitting a signal containing node identification information and the PKI encrypted certificate authority signature associated with that node,
(b) each node receiving said signals from the other nodes,
(c) each node decrypting the certificate authority signatures received from the other nodes by using the public key to ascertain the authenticity of the received certificate authority signatures,
(d) thereafter said nodes receiving and authenticating messages with a TESLA encrypted signature only with nodes identified to have an authentic certificate authority signature until the occurrence of a subsequent predefined event.
11. The invention as defined in claim 10 wherein said subsequent event comprises a new node joining the ad hoc network.
12. The invention as defined in claim 10 wherein said subsequent event comprises the elapse of a predetermined time period from step (a).
13. The invention as defined in claim 10 wherein said subsequent event comprises the elapse of a predetermined time period from step (c) and a new node joining the ad hoc network.
14. The invention as defined in claim 10 and comprising the steps of repeating step (c) through step (i) after the occurrence of said predefined event.
15. The invention as defined in claim 10 and comprising the step of releasing the authenticity of the TESLA signature within a predefined time period following said receiving and accepting a message with the TESLA encrypted signature.
16. The invention as defined in claim 10 and further comprising the step of time synchronizing a clock to a transmission from a global positioning system to messages with TESLA encrypted signatures.
17. The invention ns defined in claim 10 wherein said transmitting step comprises the step of transmitting a radio signal.
18. The invention as define in claim 10 wherein said ad hoc network comprises a vehicle ad hoc network.
19. The invention as defined in claim 10 wherein said message contains information regarding the status of the node.
PCT/US2007/084044 2006-11-10 2007-11-08 Method for exchanging message and verifying the authenticity of the messages in an ad hoc network WO2008063899A2 (en)

Applications Claiming Priority (6)

Application Number Priority Date Filing Date Title
US86524606P 2006-11-10 2006-11-10
US60/865,246 2006-11-10
US89138507P 2007-02-23 2007-02-23
US60/891,385 2007-02-23
US11/936,509 2007-11-07
US11/936,509 US7934095B2 (en) 2006-11-10 2007-11-07 Method for exchanging messages and verifying the authenticity of the messages in an ad hoc network

Publications (2)

Publication Number Publication Date
WO2008063899A2 true WO2008063899A2 (en) 2008-05-29
WO2008063899A3 WO2008063899A3 (en) 2008-08-14

Family

ID=39430455

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2007/084044 WO2008063899A2 (en) 2006-11-10 2007-11-08 Method for exchanging message and verifying the authenticity of the messages in an ad hoc network

Country Status (2)

Country Link
US (1) US7934095B2 (en)
WO (1) WO2008063899A2 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103731469A (en) * 2012-10-12 2014-04-16 瑞萨电子株式会社 In-vehicle communication system
FR3030987A1 (en) * 2014-12-23 2016-06-24 Valeo Comfort & Driving Assistance AUTOMATIC RECOGNITION METHOD BETWEEN A MOBILE DEVICE AND A MOTOR VEHICLE FOR OPERATING ACCORDING TO THE BLUE PROTOCOL
WO2017180382A1 (en) * 2016-04-12 2017-10-19 Pcms Holdings, Inc. System and method for data validation in a decentralized sensor network
DE102020000635A1 (en) 2020-01-30 2021-08-05 Christoph Maget Perfectly secure communication between participants in cellular networks

Families Citing this family (45)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008112048A1 (en) * 2007-02-02 2008-09-18 Tecordia Technologies, Inc. Method and system to authorize and assign digital certificates without loss of privacy
US20090254754A1 (en) * 2008-04-04 2009-10-08 Gm Global Technology Operations, Inc. Lightweight geographic trajectory authentication via one-time signatures
US8515996B2 (en) 2008-05-19 2013-08-20 Emulex Design & Manufacturing Corporation Secure configuration of authentication servers
US9800413B2 (en) * 2008-08-15 2017-10-24 Gm Global Technology Operations, Inc. System and method for performing an asymmetric key exchange between a vehicle and a remote device
WO2010033802A1 (en) * 2008-09-19 2010-03-25 Interdigital Patent Holdings, Inc. Authentication for secure wireless communication
DE102008055076A1 (en) * 2008-12-22 2010-07-01 Robert Bosch Gmbh Device and method for protecting data, computer program, computer program product
US8582775B2 (en) * 2009-02-12 2013-11-12 General Motors Llc Method of securing and authenticating data using micro-certificates
US8397062B2 (en) * 2009-04-21 2013-03-12 University Of Maryland, College Park Method and system for source authentication in group communications
KR101584987B1 (en) * 2009-06-08 2016-01-13 삼성전자주식회사 Apparatus for transmitting and receiving data and method using the same
JP2013503403A (en) * 2009-08-31 2013-01-31 テルコーディア テクノロジーズ インコーポレイテッド System and method for detecting and evicting malicious vehicles in a vehicle communication network
US8904183B2 (en) 2010-03-25 2014-12-02 GM Global Technology Operations LLC Efficient technique to achieve non-repudiation and resilience to DoS attacks in wireless networks
US8639934B2 (en) * 2010-06-10 2014-01-28 Empire Technology Development Llc Radio channel metrics for secure wireless network pairing
JP2012037940A (en) * 2010-08-03 2012-02-23 Toshiba Corp Inter-vehicle communication system, on-vehicle device, and inter-vehicle communication method and program
US8756430B2 (en) * 2011-04-14 2014-06-17 GM Global Technology Operations LLC Exploiting application characteristics for multiple-authenticator broadcast authentication schemes
CN103986687B (en) * 2013-02-07 2017-09-15 电信科学技术研究院 A kind of method, equipment and system for realizing the management of car networking device authorization
KR101400275B1 (en) 2013-02-18 2014-05-28 부경대학교 산학협력단 Message delivery method using identity-hidden message index in vehicular ad-hoc networks
US10282676B2 (en) 2014-10-06 2019-05-07 Fisher-Rosemount Systems, Inc. Automatic signal processing-based learning in a process plant
US9804588B2 (en) 2014-03-14 2017-10-31 Fisher-Rosemount Systems, Inc. Determining associations and alignments of process elements and measurements in a process
US10678225B2 (en) 2013-03-04 2020-06-09 Fisher-Rosemount Systems, Inc. Data analytic services for distributed industrial performance monitoring
US10866952B2 (en) 2013-03-04 2020-12-15 Fisher-Rosemount Systems, Inc. Source-independent queries in distributed industrial system
US10223327B2 (en) 2013-03-14 2019-03-05 Fisher-Rosemount Systems, Inc. Collecting and delivering data to a big data machine in a process control system
US10649449B2 (en) 2013-03-04 2020-05-12 Fisher-Rosemount Systems, Inc. Distributed industrial performance monitoring and analytics
US10909137B2 (en) 2014-10-06 2021-02-02 Fisher-Rosemount Systems, Inc. Streaming data for analytics in process control systems
US9558220B2 (en) 2013-03-04 2017-01-31 Fisher-Rosemount Systems, Inc. Big data in process control systems
US10386827B2 (en) 2013-03-04 2019-08-20 Fisher-Rosemount Systems, Inc. Distributed industrial performance monitoring and analytics platform
US10649424B2 (en) 2013-03-04 2020-05-12 Fisher-Rosemount Systems, Inc. Distributed industrial performance monitoring and analytics
US9665088B2 (en) 2014-01-31 2017-05-30 Fisher-Rosemount Systems, Inc. Managing big data in process control systems
US9823626B2 (en) 2014-10-06 2017-11-21 Fisher-Rosemount Systems, Inc. Regional big data in process control systems
US9397836B2 (en) 2014-08-11 2016-07-19 Fisher-Rosemount Systems, Inc. Securing devices to process control systems
US10691281B2 (en) 2013-03-15 2020-06-23 Fisher-Rosemount Systems, Inc. Method and apparatus for controlling a process plant with location aware mobile control devices
EP3200131A1 (en) 2013-03-15 2017-08-02 Fisher-Rosemount Systems, Inc. Data modeling studio
EP3018987B1 (en) * 2013-07-10 2020-09-02 Agco Corporation Automating distribution of work in a field
WO2015006609A1 (en) * 2013-07-10 2015-01-15 Agco Coporation Automation of networking a group of machines
KR20160038091A (en) * 2014-09-24 2016-04-07 현대자동차주식회사 Method and System for Issuing CSR Certificate for Vehicle-to-Anything Communication
US10168691B2 (en) 2014-10-06 2019-01-01 Fisher-Rosemount Systems, Inc. Data pipeline for process control system analytics
US10149159B1 (en) * 2015-03-19 2018-12-04 Proxidyne, Inc. Trusted beacon system and method
US20170015263A1 (en) 2015-07-14 2017-01-19 Ford Global Technologies, Llc Vehicle Emergency Broadcast
US10503483B2 (en) 2016-02-12 2019-12-10 Fisher-Rosemount Systems, Inc. Rule builder in a process control network
TWI600334B (en) * 2016-03-23 2017-09-21 財團法人工業技術研究院 Security certificate management method for a vehicular network node and vehicular network node applying the same
US10705221B2 (en) * 2016-06-08 2020-07-07 The Boeing Company On-board backup and anti-spoofing GPS system
US10284654B2 (en) * 2016-09-27 2019-05-07 Intel Corporation Trusted vehicle telematics using blockchain data analytics
US10491405B2 (en) 2016-10-04 2019-11-26 Denso International America, Inc. Cryptographic security verification of incoming messages
US10297147B2 (en) 2016-12-06 2019-05-21 Flir Commercial Systems, Inc. Methods and apparatus for monitoring traffic data
US10966091B1 (en) * 2017-05-24 2021-03-30 Jonathan Grier Agile node isolation using packet level non-repudiation for mobile networks
WO2022074450A1 (en) * 2020-10-09 2022-04-14 Unho Choi Chain of authentication using public key infrastructure

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6813561B2 (en) * 2003-03-25 2004-11-02 Ford Global Technologies, Llc Relative positioning for vehicles using GPS enhanced with bluetooth range finding
US20050010757A1 (en) * 2003-06-06 2005-01-13 Hewlett-Packard Development Company, L.P. Public-key infrastructure in network management
US20050191990A1 (en) * 2001-02-06 2005-09-01 Willey William D. Mobile certificate distribution in a PKI

Family Cites Families (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5432841A (en) 1992-07-10 1995-07-11 Rimer; Neil A. System for locating and communicating with mobile vehicles
US6748320B2 (en) 1993-05-18 2004-06-08 Arrivalstar, Inc. Advance notification systems and methods utilizing a computer network
JP3491665B2 (en) 1997-04-16 2004-01-26 ソニー株式会社 Remote control device and remote control method
US6680922B1 (en) 1998-07-10 2004-01-20 Malibu Networks, Inc. Method for the recognition and operation of virtual private networks (VPNs) over a wireless point to multi-point (PtMP) transmission system
US6701434B1 (en) 1999-05-07 2004-03-02 International Business Machines Corporation Efficient hybrid public key signature scheme
US6430485B1 (en) 2000-07-06 2002-08-06 International Truck Intellectual Property Company, L.L.C. Wireless interface adaptor for remote diagnosis and programming of vehicle control systems
US6760662B2 (en) 2001-05-03 2004-07-06 Samsung Electronics Co., Ltd. Route guiding method for in-vehicle navigation device
US7006437B2 (en) 2001-07-06 2006-02-28 Sri International Scheduling mechanisms for use in mobile ad hoc wireless networks for achieving a differentiated services per-hop behavior
US6920556B2 (en) 2001-07-20 2005-07-19 International Business Machines Corporation Methods, systems and computer program products for multi-packet message authentication for secured SSL-based communication sessions
US20030069784A1 (en) 2001-10-04 2003-04-10 International Business Machines Corporation Integrated billing of vehicle-related services using ad-hoc networks
US6708107B2 (en) 2002-04-02 2004-03-16 Lockheed Martin Corporation Real-time ad hoc traffic alert distribution
US7600114B2 (en) 2002-06-28 2009-10-06 Temic Automotive Of North America, Inc. Method and system for vehicle authentication of another vehicle
US7581095B2 (en) * 2002-07-17 2009-08-25 Harris Corporation Mobile-ad-hoc network including node authentication features and related methods
KR100498965B1 (en) 2003-04-22 2005-07-01 삼성전자주식회사 A System and Method For Communicating Vehicle Driving Information Using Ad Hoc Network
US7508840B2 (en) 2004-05-28 2009-03-24 Bae Systems Information And Electronic Systems Integration Inc. Mobile temporary incident area network for local communications interoperability
US7155238B2 (en) 2004-07-06 2006-12-26 Katz Daniel A Wireless location determining device
EP1813040B1 (en) 2004-11-08 2011-04-20 Toyota Technical Center, U.S.A., Inc. System and method of vehicular wireless communication
US20060291482A1 (en) 2005-06-23 2006-12-28 Cisco Technology, Inc. Method and apparatus for providing a metropolitan mesh network
US7734050B2 (en) * 2006-03-27 2010-06-08 Nissan Technical Center North America, Inc. Digital certificate pool

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050191990A1 (en) * 2001-02-06 2005-09-01 Willey William D. Mobile certificate distribution in a PKI
US6813561B2 (en) * 2003-03-25 2004-11-02 Ford Global Technologies, Llc Relative positioning for vehicles using GPS enhanced with bluetooth range finding
US20050010757A1 (en) * 2003-06-06 2005-01-13 Hewlett-Packard Development Company, L.P. Public-key infrastructure in network management

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
PERRIG ET AL.: 'CryptoBytes' RSA LABORATORIES, THE TESLA BROADCAST AUTHENTICATION PROTOCOL, [Online] vol. 5, no. 2, 2002, Retrieved from the Internet: <URL:http://www.rsa.com/rsalabs/cryptobytes/cryptobytes_v5n2.pdf> *

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103731469A (en) * 2012-10-12 2014-04-16 瑞萨电子株式会社 In-vehicle communication system
CN103731469B (en) * 2012-10-12 2019-02-12 瑞萨电子株式会社 Vehicular communication system
FR3030987A1 (en) * 2014-12-23 2016-06-24 Valeo Comfort & Driving Assistance AUTOMATIC RECOGNITION METHOD BETWEEN A MOBILE DEVICE AND A MOTOR VEHICLE FOR OPERATING ACCORDING TO THE BLUE PROTOCOL
WO2016102887A1 (en) * 2014-12-23 2016-06-30 Valeo Comfort And Driving Assistance Method for automatic recognition between a mobile device and a motor vehicle, capable of functioning according to the ble protocol
US10548014B2 (en) 2014-12-23 2020-01-28 Valeo Comfort And Driving Assistance Method for automatic recognition between a mobile device and a motor vehicle, capable of functioning according to the BLE protocol
WO2017180382A1 (en) * 2016-04-12 2017-10-19 Pcms Holdings, Inc. System and method for data validation in a decentralized sensor network
DE102020000635A1 (en) 2020-01-30 2021-08-05 Christoph Maget Perfectly secure communication between participants in cellular networks

Also Published As

Publication number Publication date
US20080235509A1 (en) 2008-09-25
WO2008063899A3 (en) 2008-08-14
US7934095B2 (en) 2011-04-26

Similar Documents

Publication Publication Date Title
US7934095B2 (en) Method for exchanging messages and verifying the authenticity of the messages in an ad hoc network
CN109462836B (en) Internet of vehicles malicious node detection system and method fusing block chain consensus mechanism
CN109922475B (en) Vehicle authentication and message verification method under vehicle-mounted network environment
US9461827B2 (en) Method for distributing a list of certificate revocations in a vanet
CN111684764B (en) Cryptographic method and system for digital certificate revocation using blind activation codes
US7742603B2 (en) Security for anonymous vehicular broadcast messages
KR101521412B1 (en) Protocol Management System for Aggregating Massages based on certification
US8230215B2 (en) Method for allocating multiple authentication certificates to vehicles in a vehicle-to-vehicle communication network
Ying et al. Privacy preserving broadcast message authentication protocol for VANETs
US11895250B2 (en) Cryptographic methods and systems using activation codes for digital certificate revocation
EP2003813A1 (en) Method and Apparatus for Authentication
US11811943B2 (en) Verification of messages using hash chaining
CN110022542A (en) A kind of anonymous authentication method of the modified based on condition secret protection
Park et al. An Efficient Anonymous Authentication Protocol for Secure Vehicular Communications.
JP5991561B2 (en) Wireless device
CN110677256B (en) VPKI-based VANETs pseudonym revocation system and method
CN115580488A (en) Vehicle-mounted network message authentication method based on block chain and physical unclonable function
CN114430552B (en) Vehicle networking v2v efficient communication method based on message pre-authentication technology
Limbasiya et al. Autosec: Secure automotive data transmission scheme for in-vehicle networks
Qin et al. ECAS: An efficient and conditional privacy preserving collision warning system in fog-based vehicular ad hoc networks
Hathal et al. Token-based lightweight authentication scheme for vehicle to infrastructure communications
Cominetti et al. Faster verification of V2X basic safety messages via Message Chaining
Lin Secure and privacy-preserving vehicular communications
JP6187888B2 (en) Processing equipment
Foo et al. Security issues for future intelligent transport systems

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07868698

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 07868698

Country of ref document: EP

Kind code of ref document: A2