Imagine running a wireless network where users join and leave every few seconds, and where any delay or false data could have immediate and life-threatening consequences. Imagine also the problems of ensuring that all users are authentic and are feeding the network with correct information.
This is the reality when it comes to the security of Vehicular Ad-Hoc Networks (VANETs) (.pdf), which could soon help reduce traffic accidents and ensure drivers navigate the roads safely. Much effort has been invested by engineers and technologists to make VANETs work, but the challenge of creating these highly dynamic networks -- and ensuring they work at speed with highly accurate information -- is a huge one.
If such networks were to be implemented -- and relied upon by drivers -- they would have to be hack-proof. Otherwise, a malicious attacker could falsely report that a road was heavily congested, or could impersonate other vehicles or traffic signals in order to trigger false safety hazards, potentially resulting in traffic confusion or even dangerous collisions.
Therefore, any such new technology would be highly dependent on secure authentication to help detect and prevent participants spreading wrong information in the network.
The problems involved, and potential solutions, are the subject of a new article by Abdul Kalam Aboobaker and Stephen Wolthusen, Analysis of authentication protocols in vehicular networks. The piece is based on a thesis of the same name given in information security at Royal Holloway University of London.
The article describes the technical challenges associated with making these ad hoc networks work, and explores the methods that could be used to ensure proper authentication to prevent the technology from being subverted. It also analyses the security requirements of safety messaging, the effects of message size on security and on the performance of secure messaging protocols.
About the authors:
Abdul Kalam Aboobaker has worked in IT for companies in India and Dubai. Having completed his MSc at Royal Holloway, he is now applying to do a doctorate in mobile ad hoc networks.
Dr. Stephen Wolthusen is a lecturer in information security at Royal Holloway with research interests in information assurance and the use of formal methods in security. He teaches courses in network security and digital forensics.
The article is based on a thesis written in the Information Security Group at Royal Holloway University of London. It is one of nine that SearchSecurity.co.UK is publishing exclusively in 2010 as part of its close collaboration with RHUL, which is in its third year.
This was first published in December 2010