An Autonomous Privacy-Preserving Authentication Scheme for Intelligent Transportation System
Computers and Security Vol. 60, Nº 60C, pp. 193 - 205, April, 2016.
ISSN (print): 0167-4048
Journal Impact Factor: 2,849 (in 2016)
Digital Object Identifier: 10.1016/j.cose.2016.04.006
Privacy-preservation is of paramount importance for the emerging Intelligent Transportation System (ITS) applications, such as traffic monitoring and road safety. These applications require regular transmission of messages among vehicles or between vehicles and back-end servers. The received messages should be authenticated so that messages from malicious or malfunctioning entities can be detected and discarded. However, this requirement poses a challenge in terms of location privacy, since the user's identity is sent in clear text in the transmitted messages, and thus it can be linked to the vehicle's position. Cryptographic pseudonyms are advocated as computationally efficient solutions for preserving the privacy of vehicles' location. However, pseudonym-based systems require permanent contact between vehicles and a trusted authority (TA) to periodically renew the pseudonyms. This might cause network congestion or be infeasible in some situations due to the lack or scarcity of deployed infrastructure. In this paper, we address this challenge by proposing an autonomous privacy-preserving authentication scheme, where vehicles only need to contact the TA once; afterward, they can renew their pseudonyms by themselves without communicating with the TA. To the best of our knowledge, this is the first authentication scheme providing vehicles with the capability to renew their pseudonym sets without requiring permanent contact with a TA