Cryptology ePrint Archive: Report 2014/926

Road-to-Vehicle Communications with Time-Dependent Anonymity: A Light Weight Construction and its Experimental Results

Keita Emura and Takuya Hayashi

Abstract: This paper describes techniques that enable vehicles to collect local information (such as road conditions and traffic information) and report it via road-to-vehicle communications. To exclude malicious data, the collected information is signed by each vehicle. In this communications system, the location privacy of vehicles must be maintained. However, simultaneously linkable information (such as travel routes) is also important. That is, no such linkable information can be collected when full anonymity is guaranteed using cryptographic tools such as group signatures. Similarly, continuous linkability (via pseudonyms, for example) may also cause problem from the viewpoint of privacy.

In this paper, we propose a road-to-vehicle communication system with relaxed anonymity via group signatures with time-token dependent linking (GS-TDL). Briefly, a vehicle is unlinkable unless it generates multiple signatures in the same time period. We provide our experimental results (using the RELIC library on a cheap and constrained computational power device, Raspberry Pi), and simulate our system by using a traffic simulator (PTV), a radio wave propagation analysis tool (RapLab), and a network simulator (QualNet). Though a similar functionality of time-token dependent linking was proposed by Wu, Domingo-Ferrer and González-Nicolás (IEEE T. Vehicular Technology 2010), we can show an attack against the scheme where anyone can forge a valid group signature without using a secret key. In contrast, our GS-TDL scheme is provably secure.

In addition to the time-dependent linking property, our GS-TDL scheme supports verifier-local revocation (VLR), where a signer (vehicle) is not involved in the revocation procedure. It is particularly worth noting that no secret key or certificate of a signer (vehicle) must be updated whereas the security credential management system (SCMS) must update certificates frequently for vehicle privacy. Moreover, our technique maintains constant signing and verification costs by using the linkable part of signatures. This might be of independent interest.

Category / Keywords: cryptographic protocols /

Original Publication (with major differences): LightSec 2015

Date: received 10 Nov 2014, last revised 23 Jul 2017

Contact author: k-emura at nict go jp

Available format(s): PDF | BibTeX Citation

Note: In the conference version (LightSec 2015), we provided the GS-TDL part, and gave experimental results using the TEPLA library (on a cheap and constrained computational power device, Raspberry Pi). In this version, we use the RELIC library and reconsider the pairing equations in our algorithm. Moreover, we simulate our system using a traffic simulator (PTV), a radio wave propagation analysis tool (RapLab), and a network simulator (QualNet).

Version: 20170723:233000 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]