Published online by Cambridge University Press: 18 December 2014
With the increasing engagement of the major industry players to bring inter-vehicle communication (IVC) onto the market, the need to secure the communication between vehicles and the infrastructure became an important issue. Apart from satisfying the demand for deploying closed-market systems that offer services only to paying customers, security is also necessary in order to prevent fraud and malicious attacks. Just recently, it has been demonstrated that IVC-related systems are not as secure as necessary: Attackers successfully took over control of car electronics via tire-pressure-measurement-systems or they attacked electronic message boards along a highway. Even spoofed traffic-information transmissions via TMC have been demonstrated. In this chapter, we study possible security solutions for vehicular networks, focusing on their practical relevance. We review not only the generic security primitives but also their applicability and limits. Furthermore, we look into the very critical balance between security and privacy: The more secure a system is made, the more severely the driver's privacy is impacted. Therefore, we also investigate location privacy and outline how the driver's privacy can be increased. In particular, we investigate the use of pseudonyms, time-varying pseudonym pools, and the exchange of pseudonyms.
This chapter is organized as follows.
• Security primitives (Section 7.1) – In this section, we briefly review the general security objectives before investigating the specific security relationships relevant for vehicular networks. The main focus is on introducing the concept of certificates and their use for digitally signing messages. We also investigate the fundamental relationship between security and privacy.
• Securing vehicular networks (Section 7.2) – This is the key section on enabling security in vehicular networks. The key technology proposed is the use of certificates for digitally signing messages such as periodic CAMs. We further investigate how the resulting performance issues can be solved as well as how certificates can be revoked if keys have been compromised. We conclude this section with a brief overview on using context information such as geographic position to increase security.