A Study on Issuance of Secure Vehicle Certificate for

Vehicle to Vehicle Communications in Internet of

Vehicles*

Taekjung Kim1, Byungwook Jin1, Si-Ho Cha2†, and Moon-Seog Jun1

1 Department of Computer Science, Soongsil University

369, Sangdo-ro, Dong-Jak, Seoul, South Korea 2 Dept. of Multimedia Science, Chungwoon University

113, Sukgol-ro, Nam-gu, Incheon, South Korea

shcha@chungwoon.ac.kr

Abstract. This paper describes that the stability for vehicle to vehicle (V2V)

communication in Internet of Vehicles (IoV). The V2V communication is

important factors for intelligent transportation system that is fast becoming

commercialization. In this paper, we particularly focus on the vulnerabilities of

the authentication form used as an essential factor in communication between

vehicles. We propose the secure vehicle certificate method against the threat

posed by CA access by improving the authentication issue process of CA that

has been a week point.

Keywords: Secure Vehicle Certificate, Internet of Vehicles, Vehicle to Vehicle

1 Introduction

Vehicle-to-vehicle (V2V) in Internet of Vehicles (IoV) allows for direct

communication between vehicles traveling at high speed, thus providing safety as part

of the services. The existing ITS services provide static services when a car moves

through a certain spot or section. It was focused on after-incident management with

constraints on prompt response in case of traffic accidents. But the C-ITS currently in

pilot in Korea offers dynamic services where the road infrastructure and vehicles

constantly communicate with one another. This allows for prompt prevention and

response. The WAVE system technologically supports the communication amongst

the infrastructure, the vehicles or the user device, thus delivering the current status of

the roads to moving vehicles so that they can receive real-time information. As a

result, it is expected to be applicable to various areas such as preventing collisions or

accidents causing human lives. With the increase in applied wireless communication

technology, security risks are exposed to Man in the Middle (MITM) attacks,

* This research was supported by Basic Science Research Program through the National

Research Foundation of Korea (NRF) funded by the Ministry of Education

(NRF2016R1D1A1A09917662). † Corresponding author

Advanced Science and Technology Letters Vol.142 (SIT 2016), pp.117-120

http://dx.doi.org/10.14257/astl.2016.142.21

ISSN: 2287-1233 ASTL Copyright © 2016 SERSC

resending attacks and other attacks. If the messages of a car collision accident are

exposed to a third party and this is disguised or changed, then nearby cars can become

victims of even more accidents. To prevent such scenarios, reliable authentication is

sought after in the vehicle communication systems. Given the characteristics of cars

moving at high speed, mutual authentication using authentication forms is the basis of

the system. While the authentication form is easy to access and to replicate, once it is

managed poorly or stored online such as in a cloud, there is the risk of being hacked

or attacked by a virus. In fact, there are many accidents related to the theft of

authentication forms. If such authentication form is stolen from a car moving at high

speed, this can lead to a dangerous situation that puts the driver’s life at risk. For such

reasons, this paper suggests an ensure for a safe issue of authentication forms in the

WAVE system.

2 Related Work

2.1 C2C-CC

The CSR authentication is issued by LTCA (Long Term CA), and the pseudonym

authentication by PCA (Pseudonym CA). If a vehicle requests an issue using the CSR

authentication to PCA, PCA through LTCA verifies the validity of the CSR

authentication form and a pseudonym authentication form. In the CAMP method,

even an insider who can access RA cannot discover the ID information that generates

the CSR authentication form and pseudonym authentication, while in the C2C-CC

(Car2Car-Communication Consortium) method, an insider with access to PCA can

find the CSR authentication form and the ID of the pseudonym authentication form.

Therefore, it is of utmost importance to conduct authority management and training

and to prevent insider information leakage by securing audit evidence [1][3].

2.2 WAVE Based V2X Communication

WAVE uses the IEEE technological standard to provide V2V/V2I automobile

networking technologies for public safety and ITS services. The process of how the

WAVE standard came to be shows how the existing vehicle communication

environment used DSRC (Dedicated Short Range Communications) to provide traffic

information or for charging toll fees. However, as needs changed in the ITS

environment that changes in real time, the existing standard of Wi-Fi communication,

IEEE 802.11a was used as a base to reflect the electric wave environment on the road

or within automobiles to designate WAVE as the IEEE 802.11p standard. IEEE

802.11p, in order to simplify the membership joining process, omitted the existing

method of authentication of IEEE 802.11and the assembly process which led to

security issues. To address such issues, the IEEE 1609.2 standard that provides

security services in the upper hierarchy of MAC was combined to give birth to the

Advanced Science and Technology Letters Vol.142 (SIT 2016)

118 Copyright © 2016 SERSC

WAVE standard. The structure of the WAVE is as seen in Fig. 1.

The WAVE can be categorized into three parts of WAVE Security Service, Data

Plane, and Management Plane. WAVE Security Service provides the services that can

complement the omitted authentication of IEEE 802.11p, while the Management

Plane requests or advertises services from the RSU (Road-Side Unit) or OBU (On-

Board Unit). Data Plane contains the data flow for actual data transmission and

reception [1][2].

Fig. 1. WAVE Architecture

3 Protocol Design

This chapter reviews the issues with C2C-CC where the PCA issues a pseudonym

authentication form at which point a pseudonym for the vehicle ID is generated and

issued to the vehicle. During this process, the vehicle ID information can be stored in

order to trace the vehicle ID. This poses the risk of anyone with access to PCA or a

malicious attacker stealing the vehicle ID. Therefore, by preventing the PCA from

knowing the ID that can generate the authentication form using RCA, leakage of

information on the vehicle ID can be prevented.

Advanced Science and Technology Letters Vol.142 (SIT 2016)

Copyright © 2016 SERSC 119

Fig. 1. A Design RCA Protocol of V2V Communication

4 Conclusion

This paper suggests a method issuing authentication forms that can improve security

by reducing the likelihood of hacking in the authentication process required for

communication between vehicles in the intelligent transport system. In addition, a

quantitative analysis will be conducted on the stability and efficiency of the suggested

protocol to conduct an evaluation on the functions. As a follow-up study, the direction

of security that can defend against new and evolving attacks in the intelligent

transport system environment will be reviewed.

References

1. Park, S.-S., Kim, K.: A Study on Minimalize V2V Communication Authentication

Procedure for Enhancing Privacy. Korea Institute of Communication Sciences. 2016.6,

117-118.

2. Lee, Y.S., Sim, S.G., Kim, D.S.: A Study on Security technology for V2X communication.

Korea Institute of Information Security and Cryptology. 2014.4, 28-34.

3. An, H., Kang, S., Kim, M., Jung, J.: A Study on the IEEE WAVE 1609.2 ECDSA

Performance based on Open Source. Korea Institute of Communication Sciences. 2015.1,

856-857.

Advanced Science and Technology Letters Vol.142 (SIT 2016)

120 Copyright © 2016 SERSC