Cloud-based security and privacy-aware information dissemination over ubiquitous VANETs

Accepted Manuscript

Cloud-based security and privacy-aware information dissemination over ubiquitous VANETs Qamas Gul Khan Safi , Senlin Luo , Chao Wei , Limin Pan , Guanglu Yan PII: DOI: Reference:

S0920-5489(16)30242-2 10.1016/j.csi.2017.09.009 CSI 3242

To appear in:

Computer Standards & Interfaces

Received date: Revised date: Accepted date:

30 December 2016 17 September 2017 29 September 2017

Please cite this article as: Qamas Gul Khan Safi , Senlin Luo , Chao Wei , Limin Pan , Guanglu Yan , Cloud-based security and privacy-aware information dissemination over ubiquitous VANETs, Computer Standards & Interfaces (2017), doi: 10.1016/j.csi.2017.09.009

This is a PDF file of an unedited manuscript that has been accepted for publication. As a service to our customers we are providing this early version of the manuscript. The manuscript will undergo copyediting, typesetting, and review of the resulting proof before it is published in its final form. Please note that during the production process errors may be discovered which could affect the content, and all legal disclaimers that apply to the journal pertain.

ACCEPTED MANUSCRIPT

Highlights Cloud-based security and privacy-oriented information dissemination over ubiquitous VANET. Ciphertext-policy attribute-based encryption for access mechanism by enabling a cooperation-based environment between vehicles and the cloud system.



Identity-based encryption scheme for signature authentication by ensuring user privacy and confidentiality.



Cloud-based fine-grained Information Vectors (IVs) dissemination towards OBUs of the vehicles.

AC

CE

PT

ED

M

AN US

CR IP T

 

ACCEPTED MANUSCRIPT

Cloud-based security and privacy-aware information dissemination over ubiquitous VANETs Qamas Gul Khan Safi, Senlin Luo, Chao Wei, Limin Pan* and Guanglu Yan Information System & Security and Countermeasures Experiments Center, School of Information and Electronics, Beijing Institute of Technology, 100081, P.R. China.

CR IP T

*[email protected]

Abstract

M

AN US

The rapid advancement of automobile industry enables the production of the high-tech vehicles equipped with more computing and communication power. This phenomenon explodes the development of rich vehicular applications for intelligent and safe transportation systems. However, security and privacy are one of the major concerns in cloud-based Vehicular ad hoc networks (VANETs). In this paper, we propose a cloud-based security and privacy-aware information dissemination environment between vehicular nodes and cloud infrastructure. Information Vectors (IVs) enable the sharing of fine-grained information among vehicular nodes and the cloud system. In this scheme, we couple the identity-based signature (IBS) with a pseudonym to not only provide authentication for IVs but also ensure the privacy of vehicular nodes. Moreover, we take on ciphertext policy attribute-based encryption (CP-ABE) to implement the access control systems and effective access policies for both cloud and VANETs. The experimental results demonstrate the efficiency of the proposed scheme in terms of computational overhead, space overhead and IVs authentication.

Keywords

1

Introduction

ED

Cloud computing; Attribute-based encryption; Information authentication; Identity-based signature; VANETs

AC

CE

PT

The immediate improvement in VANETs and cloud technology has significantly facilitated the environment for intelligent and safe transportation systems by enriching people’s lifestyle through adaptable, cost-effective, and quality-oriented services. Vehicular Ad-hoc Networks (VANETs) is another promising technology for providing efficient traffic management solutions, navigation-based services, infotainment and vehicular safety [50]. Automobile companies are introducing the new high-end vehicles equipped with more communication and computing power that inspired researchers to develop various kinds of VANET-based applications. Vehicle to vehicle (V2V) and vehicle to infrastructure (V2I) mode of communication not only bring new prospects but also bring challenges in terms of security and privacy [1-5]. The Federal communications commission (FCC) of USA approved the 5.9 GHz band to develop, intelligent, ubiquitous and safe user-centric applications for Dedicated Short Range Communication (DSRC) [6]. Also, WAVE 802.11p standard was approved to encourage standard communication over the assigned spectrum range by adapting the scarcity of DSRC spectrum for excessive vehicle density. Through the modern time vehicles are more equipped with storage, communication and computing capabilities explicitly the On-Board Unit (OBU) for both V2I and V2V communication schemes [7]. Thus such kind of robust abilities of vehicles gives an opportunity to pool resources and combine them with

ACCEPTED MANUSCRIPT

AC

CE

PT

ED

M

AN US

CR IP T

VANET-oriented cloud technologies for effective utilization of the available resources. Olariu et al. [2] originally devised the term VANET clouds by unfolding the VANETs and cloud technologies together. There are numerous versions of architectural outlines in terms of VANETs and cloud technologies, for example, Vehicular clouds, VANET-based clouds, VANET using cloud and hybrid vehicular clouds [1],[25]. The inspiration behind the integration of both VANET and cloud technology is to deliver future prospects of various Intelligent Transportation Systems (ITS) [7]. In recent times, security and privacy related concerns both in VANET and cloud impede the rapid development of vehicular Cloud-based applications [52-54]. Cloud-based information dissemination service is helpful in providing the various kind of robust applications for emergency services, parking, weather, traffic congestion, infotainment and disaster recovery [11-13, 51]. Furthermore, malicious vehicles can be easily identified and track down. In this process of information dissemination among cloud infrastructure and vehicular nodes, adversaries can jeopardize the normal behavior of the communication by sharing false traffic information to disrupt the whole ITS. Henceforth, it is widely recommended to develop security and privacy-aware applications for ITS [10]. Therefore, data confidentiality, integrity, authentication and access control is of utmost importance. In this regard, a security and conditional privacy-aware architecture are required for the smooth information dissemination between cloud infrastructure and vehicular nodes. Hussain et al. [25] proposed secure traffic information dissemination as a service in VANET-based clouds by utilizing mainly location-based encryption. In brief, GPS coordinates of the current location of the user are being utilized as a key for message encryption and decryption. As GPS coordinates are publicly available, that makes this scheme vulnerable to attacks. L. Nkenyereye et al. [13] proposed ID-based signatures with batch verification for secure vehicle traffic data dissemination in vehicular clouds. However, this study lacks a proper encryption scheme which makes it vulnerable. Huang et al. [9] devised the ciphertext-policy attribute-based encryption (CP-ABE), in which each vehicle has a well-defined role for information sharing and dissemination and only legitimate vehicular nodes can access or decrypt the information message. Identity-based encryption is an authentication scheme for public key identifiers to decrease the complications of key management [14], [15]. In this study, we aimed to provide a cloud-based secure and privacy-aware information dissemination service by enabling cooperation among concerned entities. This research targets to provide fine-grained information to the vehicular nodes by coordinated collaboration between cloud-based infrastructure and the vehicular nodes. The fine-grained information can be comprised of congestion reports on various routes, location-based services, traffic information, emergency traffic services and infotainment. This fine-grained information is rendered to make a well-stretched information view that may take multi-hop communication resources. The Road Side Units (RSUs) and the vehicular nodes act as Communication Terminals (CTs). RSUs contribute as permanent CTs and vehicular nodes work as portable CTs for efficient information dissemination. The RSUs as CTs perform to control all the communication between vehicular nodes and the cloud-based infrastructure. Traffic management Bureau (TMB) is an authority for issuing the security certificate that is to be utilized both at cloud and RSU side for authentication and for assuring the security of the vehicle. Reliable vehicular nodes share their coarse-grained information in the form of beacon messages named as Information Vectors (IVs), with nearby corresponding vehicular nodes and updating cloud infrastructure through CTs. The broadcasting frequency range for IVs is in milliseconds as described by the DSRC standard. IVs are distributed in an anonymous arrangement to reserve the conditional privacy. Also, we work out an access mechanism

ACCEPTED MANUSCRIPT

M

AN US

CR IP T

scheme for authentication of IVs using an identity-based signature (IBS) and exploit pseudonym as a vehicular identity to ensure privacy. For information dissemination batch verification is adopted aimed at authentication effectiveness to avoid authentication delay which may occur in the case of rapid IVs explosion towards vehicular nodes. The Ciphertext-policy attribute-based encryption (CP-ABE) is adopted to make sure the confidentiality and to effectively address the access structure on both prompts of information sharing process of vehicular nodes and cloud infrastructure. For conditional privacy assurance, it is required to disseminate information through unidentified IVs. It is difficult for the attacker to target anonymous IVs and misuse or mislead the information of a specific user. However, in such a scenario Cloud-based Revocation Authorities (CRAs) can revoke users to avoid dispute or misconduct by using trapdoor of the IVs [4]. From this technique, a user can be conditionally preserved. This paper presents the following major contributions: 1. A cloud-based security and privacy-aware information dissemination system through ciphertext-policy attribute-based encryption for access mechanism along with batch verification, in a coordinated manner amid vehicles and the cloud system. 2. Identity-based encryption scheme for signature authentication by ensuring pseudonyms of user privacy and confidentiality in the process of information dissemination. 3. Cloud-based fine-grained Information Vectors (IVs) dissemination towards OBUs of the vehicles and coarse-grained IVs from OBUs to cloud infrastructure. Organization. The rest of this paper is organized as follows. Section 2 summarizes the related work and research objective with respect to VANETs and cloud security. Section 3 highlights the preliminary background regarding bilinear maps, attribute-based encryption and identity-based signature schemes. The detailed overview of our proposed system is listed in Section 4. Section 5 comprises of the detailed construction scheme. In Section 6 we analyzed the performance of our scheme. Finally, section 7 concludes the paper with some remarks for future directions.

Related work and research objectives

ED

2

PT

Over the past few years, several security solutions have been proposed such as protection of conditional privacy [16, 53], authentication [21], OBU-based key management [22] and vehicular communication security [23]. There are numerous challenges to ensure access control mechanism and secure information dissemination among vehicular nodes and cloud infrastructure.

CE

2.1 Information dissemination in VANET-based clouds

AC

In a multi-user environment, access control through public key infrastructure certificates method is not a good approach because in dynamic vehicular communication situation it will not ensure the access control in a fine-grained manner. Yeh et al. proposed the encryption scheme based on fuzzy identity and offered the attribute-oriented access control system for emergency information dissemination service in vehicular ad hoc networks [49]. Attribute-based encryption showed an improved reduction in computational and communicational overhead as compared to the existing public key infrastructure certificates methodologies. However, these studies lacking the provision of complex policy classification with predicates. Hussain et al. [25] proposed secure traffic information dissemination as a service in VANET-based clouds by utilizing GPS-based location encryption scheme. As GPS coordinates are publicly available and easily accessible to the attackers. L. Nkenyereye et al. [13] proposed ID-based signatures with batch verification for secure vehicle traffic data dissemination in vehicular clouds. However, a proper encryption scheme is much needed to avoid

ACCEPTED MANUSCRIPT

2.2 Objectives and contributions

M

AN US

CR IP T

information confidentiality and access authentication. Q. Kang et al. [32] and X. Liu et al. [33], proposed the secure access authentication-based information dissemination over VANETs. However, these schemes are only limited to the vehicular ad hoc networks. In various research studies, the identity-based signature has been employed for achieving authentication in vehicular ad hoc networks [14-16]. In VANETs, the exchange of key pairs (public/ private) causes a heavy computational and communicational burden for the OBUs and RSUs. However, the identity-based signature scheme is more suitable for Vehicular Clouds Computing (VCC) environment because of fast and batch verification [30, 54]. Boyen et al. [19] proposed the identity-based encryption scheme (IBES) for the identity-based encryption and identity-based signature to ensure information confidentiality and authentication. Identity-based authentication is much suitable for utilizing batch and rapid verification in vehicular communication in VANETs [38-41]. Bethencourt et al. [29] proposed the first CP-ABE information dissemination access control mechanism for supporting tree-based arrangement in generic group model. Wan et al. [30] proposed a fine-grained access control system in cloud storage services. Hur et al. [19] presented an access control structure based on CP-ABE in data subcontracting schemes such as cloud computing. Huang and Verma [9] first of all presented the VANET-based ABE framework that is ensuring security, decentralized key management and flexibility. However, these schemes are limited to data sharing and cannot support write operation on the stored data. Liu et al. [33] drawn-out CP-ABE algorithm with manifold authorities and vehicles are permitted to exploit the attribute-based signature. Some research studies [34-37] proposed signature to achieve authentication in VANETs. Chen et al. [20] firstly proposed the two outsourced ABS systems in which the computational overhead is significantly reduced at user side through subcontracting major computations to Cloud Service Providers (CSP). Our proposed system also delegates maximum of the authorization procedures to the CSP.

Overview of bilinear maps, attribute-based encryption and identity-based signature

CE

3

PT

ED

After, analyzing all the proposed VANETs and cloud-based secure information dissemination schemes, we have proposed a novel cloud-based security and privacy-aware information dissemination over ubiquitous VANETs. In this research work, we have analyzed the security and privacy issues. Furthermore, we have adopted ciphertext policy attribute-based encryption (CP-ABE) to implement the access control systems and effective access policies for both cloud and VANETs. IVs carried out the fine-grained information dissemination among cloud system and the vehicular nodes by adopting the batch verification process.

3.1 Bilinear maps

Let 𝔾1 and 𝔾2 be the two multiplicative cyclic groups based upon prime order p and q. The bilinear

AC

map is named as 𝑒, and 𝑒: 𝔾1 × 𝔾1 → 𝔾2 , only if the bilinear map 𝑒 has the following features. 1. Non-degeneracy: 𝑒(𝑞, 𝑞) ≠ 1. 2. Bi-linearity: for all 𝑞1 , 𝑞2 ∈ 𝔾1 and 𝑎, 𝑏 ∈ ℤ𝑝 then 𝑒(𝑞1𝑎 , 𝑞2𝑏 ) = 𝑒(𝑞1 , 𝑞2 )𝑎𝑏 Only in case of group operation in 𝔾1 and the bilinear map 𝑒: 𝔾1 × 𝔾1 → 𝔾2 can be effectively quantifiable, at that point we can say that 𝔾1 is a bilinear group [45]. 3.2 Attribute-based encryption

Ciphertext-policy attribute-based encryption (CP-ABE) is a one to many communication-based primal for public key cryptography. It delivers a mechanism to stipulate an access arrangement over features in the

ACCEPTED MANUSCRIPT

encryption procedure [17]. Then the manipulator can decrypt the ciphertext if and only if the features associated with the manipulator accomplishes the access arrangement [19]. 3.3 Identity-based signature

4

CR IP T

Identity-based signature (IBS) is a signature system for the public key. The user of a system can use the online identifiers along with specific system-based information for making public keys [44]. This significantly decreases the complications of key management that have altered the mass approval of public key cryptography as a unique source [43]. The end-user, as a demonstrator, can then recognize itself to a validator in a protocol in which the validator initiates by knowing only the demanded identifier of the demonstrator.

System overview

PT

ED

M

AN US

In this section, we outline the system overview along with system model and presented a snapshot of the algorithms developed for our proposed solutions.

CE

Fig. 1: Cloud-based security and privacy-aware information dissemination model

4.1 System model and overview

AC

We categorized our proposed scheme into two main classifications, cloud-based infrastructure along with TMB and VANET-based infrastructure along with RSUs. Both VANET and cloud-based infrastructures are well connected through CTs. Overall, the proposed design consists upon traffic management Bureau (TMB) as a trusted authority, roadside infrastructure, and OBUs of the vehicles. Vehicles on roads serve as nodes for VANET based communication and RSUs serve as CTs between cloud infrastructure and vehicles. In a situation where there is no connectivity available to the nearby RSUs, 3G/4G internet capability of the vehicles can be employed as mobile CTs. Thus RSUs as CTs, are responsible to concurrently update the cloud system through the beaconing of IVs by utilizing the available means of internet connectivity.

ACCEPTED MANUSCRIPT

AC

CE

PT

ED

M

AN US

CR IP T

The cloud infrastructure can be subdivided into the following units and are named as Cloud Information Processing Unit (CIPU), Cloud Vehicle Information Database (CVID), Cloud Decision Unit (CDU) and Cloud Certification Unit (CCU) along with the CVID and TMB as a trusted authority. CCU is responsible for vehicles certification, subscription and verification by utilizing the support of the trusted authority TMB. IVs based data from RSUs and OBUs are collected by the cloud infrastructure for further processing at CIPU. Subsequently, processing of the IVs, CIPU constructs the fine-grained IVs and forwards it to CDU. CDU then organizing the fine-grained IVs according to the physical position of each RSUs. All the RSUs and the connecting roads are divided into regions/zones and further subdivided into segments for better beaconing of the IVs. The proposed scheme not only be utilized for efficient dissemination safety of and non-safety information towards OBUs but also helping TMB in various kind of traffic management operations such as monitoring of traffic congestion on various routes, nearby weather forecasts, dangerous road conditions and searching/tracking the malicious vehicles. Due to the continuous beaconing of information messages, huge traffic information data is generated in the vicinity and this huge traffic information data can be termed as big vehicular traffic information data (BVTID). For the processing of such a huge amount of vehicular traffic information, cloud-based resources can be easily engaged in VANET based applications where vehicles and RSUs delegate their vehicular traffic information data to the cloud and obtain fine-grained vehicular traffic information. This fine-grained vehicular traffic data will not only serve the TMB and vehicles but also help in efficient utilization of numerous traffic services in a metropolitan city. Vehicular traffic information beacon messages can also be received from the cloud infrastructure for the extended vehicular traffic information view by saving both congestion and bandwidth of the channel. 4.1.1 Traffic Management Bureau (TMB) TMB is responsible for the key generation and malicious vehicle detection. Also, perform the role of a traffic monitor for better traffic management in handling issues related to regulation and controlling of vehicles and routes. It’s a trusted authority for all the stakeholders of the entire system including main vehicles, parking facilities managers, traffic police and drivers. TMB can easily track the malicious kind of vehicle and keep an eye on that for security reasons whether the vehicle is parked or non-parked maneuvering on the roads. TMB validate the registration credentials of the vehicle as it requests for a car park facility and upon validation, the system proceeds for further allotment of parking space. TMB also have the hands-on information regarding traffic congestion on various routes and through this, it can better manage the traffic issues of the entire urban center. TMB ensure security through key management procedures by using encryption and private key assignment to the vehicle. 4.1.2 Road Side Unit (RSU) RSUs have a wide-ranging role of not only serving as the connectivity point for both vehicles, PSUs along with the centralized cloud-based server but also to monitor the congestion situation on roads. RSUs gather congestion reports on various routes and send it to the cloud server for better traffic management. The congestion report is not only helpful for the vehicles to safely and timely reach to a parking facility but also helpful for the Traffic Management Bureau (TMB) for controlling traffic congestion problem on different routes of a city. RSUs can utilize the existing infrastructure of 3G/ 4G for communication along with PSUs and the cloud-based parking server. RSUs also provide the hands-on traffic information to the vehicles present in the surrounding area.

ACCEPTED MANUSCRIPT

CR IP T

4.1.3 On-Board Unit (OBU) As modern day vehicles are fitted out with more computing and communication power that demands more intelligent and robust applications for both traffic management and safety as well. OBUs are responsible for hosting client-side traffic applications like intelligent and ubiquitous parking in our case. This special processing unit has processing, storage and communication power to assist the driver in finding a suitable parking space. The existing vehicles can be upgraded to be equipped with such a unit or drivers can access the parking application through their smartphones as well. We assume that each OBU cannot be compromised as they are considered to be secured. 4.2 Assumptions

M

4.3 Algorithm definition

AN US

This scheme is proposed under the following assumptions. 1. TMB is presumed to be the trusted authority for key management and for the detection of the malicious vehicles. They are supposed to have the premier level of security and thus cannot be compromised. 2. Each and every vehicle is supposed to be installed with an OBU. OBUs and RSUs are installed by TRH (Tamper Resistant Hardware) from TMB at the time of vehicle registration. OBUs are well equipped with processing, storage and necessary communication power, thus have the ability to carry out necessary cryptographic computations. 3. There is a clear and well-directed policy framework for VANET, RSUs and cloud-based infrastructure providers. CRAs (Cloud-based Revocation Authorities) are held responsible for revocation.

PT

ED

Our scheme mainly consists of the following seven phases. Phase-I: CCU input the implicit security credentials from OBUs through RSUs by verifying them along with CVID and TMB. Henceforth, create the general public key and the cloud-based system key(𝐺𝐾 , 𝑆𝐾 ). Phase-II: 𝐴𝐵𝐸. 𝐾𝑒𝑦 (𝑆𝐾 , 𝑃), The attribute-based encryption key generation algorithm inputs the cloud-based system key and 𝑃 as input attribute to create 𝑃𝐾𝑖 as a private output key.

CE

Phase-III: 𝐼𝐵𝑆. 𝐾𝑒𝑦 (𝐺𝐾 , 𝑝, 𝑉𝐼𝐷 ), The identity-based signature algorithm generate the private key 𝑃𝐾𝑝, 𝑉𝐼𝐷 as a vehicle certification key.

AC

Phase-IV: 𝐸𝑛𝑐𝑟𝑦𝑝𝑡𝑖𝑜𝑛 (𝐺𝐾 , 𝐼𝑀, 𝑅𝐸𝑁𝐶 ), A random encryption algorithm that input the general public key parameter 𝐺𝐾 , an information message 𝐼𝑀, and access structure parameter 𝑅𝐸𝑁𝐶 . It yields a cipher message 𝐶𝑀 that can only be decrypted by those vehicles possessing the access structure parameter. Phase-V: 𝑆𝑖𝑔𝑛𝑎𝑡𝑢𝑟𝑒 (𝐺𝐾 , 𝑃𝐾𝑝, 𝑉𝐼𝐷 , 𝐼𝑀) The random-based signature algorithm inputs the general public key 𝐺𝐾 , signature verification key 𝑃𝐾𝑝, 𝑉𝐼𝐷 and the information message 𝐼𝑀 , to output the corresponding signature key as α. Phase-VI: 𝐷𝑒𝑐𝑟𝑦𝑝𝑡𝑖𝑜𝑛 (𝑃𝐾𝑖 , 𝐶𝑀), The decryption phase algorithm input the cipher message 𝐶𝑀 which have the information of both access structure 𝑅𝐸𝑁𝐶 and private key 𝑃𝐾𝑖 for the relevant OBUs. It yield the information message 𝐼𝑀 to the corresponding OBUs which possess the access structure 𝑅𝐸𝑁𝐶 and 𝑃𝐾𝑖 private key as well. Phase-VII: 𝐴𝑢𝑡𝑕𝑒𝑛𝑡𝑖𝑐𝑎𝑡𝑖𝑜𝑛 (𝐺𝐾 , 𝑉𝐼𝐷 , 𝛼), The authentication algorithm input the general public key

ACCEPTED MANUSCRIPT

𝐺𝐾 along with necessary vehicle credentials and the corresponding signature key associated to 𝐺𝐾 . The important notations used in our proposed scheme are described in Table 1. Table 1: Important notations Explanation

𝐺𝐾

General purpose public key

2

𝑆𝐾

System-level Key

3

𝑉𝐼𝐷

Vehicle identification credentials

4

𝐼𝑀

Information message

5

𝐶𝑀

Cipher message

6

𝑍𝑞∗ , 𝑍𝑝∗

Random numbers

7

𝐼𝑉𝑠

Information dissemination in the form of information vectors

8

𝑅𝑒

Access policy key

9

𝑕𝑎 , 𝐻𝑏

Cryptographic hash functions

10

𝐸𝑛𝑐𝑦()

Symmetric encryption

11

𝑉𝐾𝑒

vehicle’s OBU private key

12

𝑅𝑒𝑛𝑐

Information message policy

13

𝑃𝐾𝑝,𝑉𝐼𝐷

Vehicle authorization key

14

𝛼

Information message signature

15

N

An 𝑙 × 𝑛 matrix

16

𝑃

Collection of key identifiers for an authentic user

17

𝑆𝑉𝐼𝐷

Vehicle pseudo ID

AN US

CR IP T

Notation

1

M

S. No.

ED

4.4 Proposed security and privacy-aware information dissemination system

4.4.1

PT

In this section, a dual authentication mechanism is devised to ensure the security and privacy of information dissemination among vehicular nodes by implementing the technique of bilinear mapping, dual usage of attribute-based encryption and the identity-based encryption with equality test. Initialization setup and bilinear mapping

CE

TMB and OBU work in accordance with the bilinear pairing technique. Primarily, TMB selects two large prime numbers 𝑃 and 𝑞. According to the bilinear Diffie-Hellman problem, let (𝑞, 𝐺, 𝐺𝑇 , 𝑒, 𝑃) is the 5-tuple generated by 𝐺𝑒𝑛(𝑘). Known 𝑎𝑃, 𝑏𝑃, 𝑐𝑃 ∈ 𝐺 with the anonymous 𝑎, 𝑏, 𝑐 ∈ 𝑍𝑞∗ , and it is tough

AC

to calculate𝑒(𝑃, 𝑃)𝑎,𝑏,𝑐 . According to the security parameter k, TMB generates a 5-tuple (𝑞, 𝐺, 𝐺𝑇 , 𝑒, 𝑃) by running 𝐺𝑒𝑛(𝑘). Then, TMB introduces a random number 𝑚 ∈ 𝑍𝑞∗ as a system level master key and calculate the genera; level public key 𝐺𝐾 = 𝑆𝐾 P. Let the two secure cryptographic hash functions be ha and Hb, whereas 𝑕𝑎 : *0,1+∗ → 𝑍𝑞∗ and 𝐻𝑏 : *0,1+∗ → G, and Ency() be a secure symmetric encryption algorithm [47], then the parameters params conclude as *𝑞, 𝐺, 𝐺𝑇 , 𝑒, 𝑃, 𝐺𝐾 , 𝑕𝑎 , 𝐻𝑏 , 𝐸𝑛𝑐𝑦𝑘 ()+. When a vehicle’s identifier 𝑉𝐼𝐷 applies to the system, TMB examines the legitimacy and by passing this, then it proceed to the following two steps. 1. Firstly, utilize the system level master key 𝑆𝐾 to encrypt the vehicle’s OBU identifier 𝑉𝐼𝐷 into a pseudo-ID S𝑉𝐼𝐷 , and keep the 𝑉𝐼𝐷 hidden for privacy preservation of a vehicle. 2. Secondly, generate the vehicle’s OBU private key as 𝑉𝑘𝑖 = 𝑚𝐻𝑏 (𝑆𝑉𝐼𝐷 ) and send back

ACCEPTED MANUSCRIPT

the (𝑆𝑉𝐼𝐷 , 𝑉𝑘𝑖 ), to both vehicle’s OBU and to the relevant RSU via a secure channel. Whenever the OBU based vehicle reaches at a particular RSU assigned by the system, the keys to be decrypted and matched at the entry of each parking facility.

5

Proposed scheme construction 5.1 Signature-based key assignment

CR IP T

Every vehicle has to register itself through a predefined registration process implemented by the TMB and hosted by a cloud-based module CCU. CCU makes sure its availability and accessibility both through RSUs and cloud server. After registration process the confirmation information 𝛽 along with pseudonym as depicted in signature algorithm. Algorithm 1: 𝑆𝑖𝑔𝑛𝑎𝑡𝑢𝑟𝑒(𝐺𝐾 , 𝑃𝐾𝑝, 𝑉𝐼𝐷 , 𝐼𝑀) 1. Selection process via a random number 𝑟° ← 𝑍𝑞∗ 2. Calculate 𝑌 = 𝑟𝑝, 𝑕𝑎 = 𝐻𝑏 (𝐼𝑉𝐼𝐷 , 𝐼𝑀, 𝑅𝐼𝐷 , 𝑌) 𝑎𝑛𝑑 𝑊 = 𝑕𝑎 𝑆𝐼𝐷𝑖 + 𝑟𝑄𝑏

AN US

3. Thus Signature is 𝛼 = (𝑅𝐼𝐷 , 𝑌, 𝑊) TMB along with the specific cloud module create the OBU-based secret key for each vehicle, which is composed of pseudonyms and vehicle’s privacy identifiers. We can further describe it as follows. Description: 1. 𝐼𝐵𝑆. 𝐾𝑒𝑦(𝐺𝐾 , 𝑉, 𝑉𝐼𝐷 ): Selection through a randomly picked number 𝐾 ← 𝑍𝑃∗ and calculate 𝑅𝐼𝐷 = 𝐾𝑝, 𝑕𝑎 = 𝐻𝑏 (𝐼𝑉𝐼𝐷 , 𝑅𝐼𝐷 ) 𝑎𝑛𝑑 𝑆𝐼𝐷𝑖 = (𝑆 + 𝑕𝑎 𝐾)𝑄𝑎 Step-II: Private Key as an output 𝑉𝐾𝑖 , 𝐼𝑉𝐼𝐷 = (𝑅𝐼𝐷 , 𝑆𝐼𝐷𝑖 )

2. 𝐴𝐵𝐸. 𝐾𝑒𝑦(𝑆𝐾 , 𝑃)

M

Step-I:

ED

Input the system level master key along with primary identifiers of the vehicle provided through each OBU for unique identification. The algorithm selects a random number 𝑛 ∈ 𝑍𝑞 , thus by creating the private key for OBU of the each vehicle. 𝑛 𝑉𝐾𝑒 : (𝐾 = 𝑓 𝑐 𝑓 𝑐𝑛 , 𝑁 = 𝑓 𝑛 , ∀𝑥 ∈ 𝑃: 𝐾𝑥 = 𝑕𝑎𝑥 )

PT

5.2 IVs encryption by means of the access policy key 𝑹𝒆

CE

𝐸𝑛𝑐𝑟𝑦𝑝𝑡𝑖𝑜𝑛(𝐺𝐾 , (𝐼𝑀, 𝑝), 𝐼𝑀): The initial selection of the random vector 𝑉 = (𝑝, 𝑥2 , … … . 𝑥𝑚 )𝑁 ∈ 𝑍𝑞𝑡 , that is 𝑝𝜖𝑍𝑞 and the rest of the variables represents the encryption-based

AC

exponent 𝑝. For 𝑖 = 1 𝑡𝑜 𝑚, CIPU along with CCU computes 𝛾𝑖 = 𝑆𝑖 𝑣, that 𝑆𝑖 is the associated vector along with the ith row of 𝑆. Considering numerous random exponents such as 𝑟1 , … … . . , 𝑟𝑙 ∈ 𝑍𝑞 . The CM (cypher message) emerged as ́ = 𝑓 𝑛 , (𝐶𝑀1 = 𝑓 𝑐𝛾 𝑕−𝛾1 , 𝐷𝑀1 = 𝑓 𝑟1 ) , … . , (𝐶𝑀𝑙 = 𝑓 𝑐𝛾 𝑕−𝛾𝑙 , 𝐷𝑀𝑙 = 𝑓 𝑟𝑙 ) 𝐶𝑀 = 𝑚𝑒(𝑓, 𝑓)𝑐𝑛 , 𝐶𝑀 𝑝(1) 𝑝(𝑙)

Subsequently, RSUs sign the IVs with 𝜎 in algorithm 1 and forward them towards vehicular nodes. 5.3 Retrieval of IVs As the OBU of the specific vehicle receive the IVs 𝛼 and initiate the process of authentication by

ACCEPTED MANUSCRIPT

utilizing the Algorithm 2 to verify the genuineness and legitimacy of the source/ sender. Algorithm 2: 𝐴𝑢𝑡𝑕𝑒𝑛𝑐𝑖𝑎𝑡𝑖𝑜𝑛(𝐺𝐾 , 𝛼, 𝐼𝑀, 𝑉𝐼𝐷 ) For further authentication and computation process initiation 𝛿 ∈ 𝑅(0,1)𝑛 , for 𝑖 = 1, … . . , 𝑚; While 𝑛 is the security check parameter. Calculate 𝑕𝑖 = 𝐻1 (𝑇𝐼𝐷𝑖 , 𝑆𝐼𝐷𝑖 ) 𝑎𝑛𝑑 𝑕́𝑖 = 𝐻2 (𝑇𝐼𝐷𝑖 , 𝐹𝑖 , 𝑊𝑖 , 𝑆𝐼𝐷𝑖 , 𝑅𝑖 ) for 𝑖 = 1, … . . , 𝑚. Authenticate either 𝑚

𝑚

CR IP T

𝑚

𝑒 (∑ 𝛿. 𝑈𝑖 , 𝑓) = 𝑒 (∑ 𝑕́𝑖 , 𝛿𝑖 ) (𝑇𝑝𝑢𝑏 + 𝑕𝑖 𝑆𝐼𝐷𝑖 ), 𝑄𝑎 ). 𝑒(∑ 𝛿𝑖 𝑣𝑖 , 𝑄𝑏 ) 𝑖=1

𝑖=1

𝑖=1

AN US

Stands either true or false. Authenticated upon success otherwise failed. Furthermore, in the next phase, the process of decryption is initiated for fine-grained IVs. 𝐷𝑒𝑐𝑟𝑦𝑝𝑡(𝐶𝑀, 𝑆𝐾 , 𝑃𝐾𝑖 ) In 𝐷𝑒𝑐𝑟𝑦𝑝𝑡(𝐶𝑀, 𝑃𝐾𝑖 ), input 𝐶𝑀 as cipher message and suppose that 𝑃 is the collection of key

PT

ED

M

identifiers satisfying (𝑁, 𝑠) that represents an authentic and legitimate user. Suppose 𝐼 ⊂ *1,2, … . . , 𝑛+ as 𝐼 = *𝑖, 𝑆(𝑖) ∈ 𝑃+ and define *𝑥𝑖 𝜀𝑍𝑝 1,2, … . . , 𝑛+𝑖∈𝐼 as constants. Denoting to access structure of 𝑁, only if ∑𝑖=1 𝑊𝑖 𝛾𝑖 = 𝑝 persists, then *𝛾𝑖 + are valid portions of the 𝑝 secrets. Concerning vehicle’s OBU verifies the capability of successfulness of decryption process for the cipher message 𝐶𝑀. ∑𝑖=𝐼 𝑁𝑖 𝑊𝑖 = (1,0, … . ,0) If step 1 validated then the decryption process algorithm calculates ́ = 𝑒(𝑓 𝑐 , 𝑓 𝑐𝑛 , 𝑓 𝑇 )𝑒(𝑓, 𝑓)𝛾1 𝑇 /𝑒(𝑓, 𝑓)𝛾𝑇𝑛 = 𝑒(𝑓, 𝑓)𝛾2𝑇𝑛 𝑒(𝑓, 𝑓)𝛾1 𝑇 /𝑒(𝑓, 𝑓)𝛾𝑇𝑛 = 𝑒(𝑓, 𝑓)𝛾𝑇 𝑒(𝐺𝐾 , 𝐷́ )𝐶𝑀 In conclusion, compute and calculate 𝐷/𝑒(𝑓, 𝑓)𝛾𝑇 and acquire the specified IVs. The proposed cloud-based security and privacy-aware information dissemination over ubiquitous VANETs is safe against both outsiders and insiders attacks by preserving the conditional privacy. However, in some situations of misconduct or dispute CRAs can apply revocation. 5.4 Security and privacy-aware Information Vectors (IVs) dissemination

AC

CE

In VANET-based applications, vehicles employ the technique of on-spot information sharing through beaconing of information messages thus by creating a cooperation-oriented environment among the vehicles and the roadside infrastructure. IVs collect traffic information from neighboring vehicles and RSUs. IVs are correspondingly useful in getting the trustworthy, ubiquitous and safe road-side traffic congestion experience by evading the mischievous information and malicious nodes as well. Mostly, the standard communication range (one hop) is not covered in VANETs because of various issues related to coverage and line of sight. Even some recent studies presented that skyscraper building, the mobility of vehicular nodes, towering vehicles and forestation along the roadsides disrupt the line of sight and shorten the operational range of communication [48]. Consequently, the proposed model of cloud-based information dissemination using VANET solves the issue of coverage area not only for one hop communication but also enabling the long-range communication. The proposed cloud-based system along with the TMB sends the fine-grained IVs towards the respective RSUs. Each of the IVs contains the information messages forwarded by cloud module towards RSUs and further directed towards vehicular

ACCEPTED MANUSCRIPT

AN US

CR IP T

nodes as fine-grained IVs. In response, also sending back the coarse-grained IVs to the cloud server via RSUs for further processing. The fine-grained IVs secured by ABE and IBS are shared through RSUs to the vehicular nodes as shown in Fig. 2. Revocation process can also be initiated in case of any dispute or mistrust.

6

Performance analysis

M

Fig. 2: Flowchart model for secure information dissemination

PT

ED

In order to assess the effectiveness of our proposed scheme, we primarily present the experimental setup in our experiments, then the performance evaluation, together with computational overhead, communication overhead and encryption/decryption efficiency of our scheme. In the meantime, experimental and theoretical results prove the effectiveness of our proposed scheme in comparison with the prevailing schemes. In conclusion, we present the recommended security proof of our proposed scheme. 6.1 Experimental setup

AC

CE

To evaluate the performance of our proposed scheme, we simulate the cloud-based security and privacy-aware information dissemination over ubiquitous VANETs in a trusted cloud server named as Aliyun. RSUs are presumed to be powerful enough with computing, storage and communication resources. Normally, OBUs have limited computation and storage capabilities with respect to RSUs and cloud infrastructure. We implement the proposed scheme on three kinds of dedicated hardware platforms to measure performance. A 3.0 GHz Intel Core CPU with 4 GB of RAM running 32-bit Ubuntu 14.04, an Octa-core 1.95 GHz smartphone operating on Android OS with RAM of 3 GB and a 2.50 GHz Nexus smartphone running Android OS with 2 GB of RAM.

6.2 Computational overhead In this section, we have described the theoretical efficiency of our proposed scheme in terms of computational overhead with respect to the existing schemes. In Table 2, we presented the computational overheads of all the main processes and Table 3 summarized the comparison of our proposed scheme

ACCEPTED MANUSCRIPT

with other related studies. Table 2: Operational processes along with their Computational overheads Computational Overhead

Cloud setup center

P(1)

Key generation and assignment

P((|R|+3)Ne)

Encryption center

P(2mNe)

RSU setup

P((2+m)Np)

OBU setup (Decryption)

P(Np)

CR IP T

Operational Processes

m*= The number of attributes in access policy (row of the matrix N)

Ne*= The computational cost of exponentiations

Np*= The computational cost of pairing processes

CE

PT

ED

M

AN US

|R|*= The number of attributes for a vehicle in set R

Fig. 3: Final decryption time of OBU with delegation and without delegation to the cloud

AC

Fig. 3 shows the decryption time measured on the three types of platforms with a delegation to the centralized cloud service and without delegation to the cloud service for N number of policy attributes function. This experiment was performed a number of times for each ciphertext to get the average values as shown in Fig. 3. It is clear from the results that decryption overhead for delegation towards cloud service is much more efficient and less in terms of time as compared to decryption overhead for without delegation to the cloud service.

6.3 Space overhead We adopt the key encapsulation mechanism centered library named as libfenc [31], also use the elliptic curve of the Stanford crypto library [46]. In our proposed scheme we delegate most of the complexities to the cloud infrastructure which reduce the processing burden of both OBU and RSU as well.

ACCEPTED MANUSCRIPT

CR IP T

In the previous versions of the CP-ABE system, the size of the ciphertext and decryption time relies on the access policy complication that is involved in the ciphertext. In addition, they grew up linearly as by the increase in a number of policy attributes. To elaborate it further, we have taken 130 of the most complicated policy attributes from (A1 and A2,….,and, An), the N counts from 1 to 130 and of which Ai is an attribute as per our experiment. By this methodology, it is confirmed that all the ciphertext modules are coupled in the decryption process. The encryption in ciphertext policy of 130 policies attributes outcomes in the ciphertext of about 33.02 KB as of X. Liu et al. [32-33]. However, the vehicles are required to take very small space to hold the partially decrypted security key and ciphertext as of limited memory. As the processing and memory resources of the OBU/ RSU are limited, due to which both performance and efficiency are badly affected. In this regard, our cloud-oriented approach is more efficient and robust, as it can easily handle the processing and space complexities of encryption/ decryption for enormous vehicular nodes.

AN US

6.4 Security challenges and proof

Let suppose 𝒜, be an attacker with a trial matrix 𝑁 ∗ of size 𝑜 ∗ × 𝑚∗ and (𝑜∗ × 𝑚∗ ≤ 𝑞), which implies both dimensions of the matrix are as a maximum of 𝑞. The q-BDHE will perform as a decisional problem with 𝛼 simulator. Then the attacker 𝒜, has a non-negligible advantage 𝜎 = 𝐴𝑡𝑡𝐴, against our suggested scheme. Initialization: The 𝛼 simulator inputs a trial based on q-BDHE 𝑞 𝑞+2 2𝑞 𝑠 𝑎 𝑎 𝑎 𝑎 𝑋⃗ = (g, g , g ,…., g , g , … . , g ), 𝑇. Then the attacker 𝒜 provides the attacking model of the

𝑞

M

access structure(𝑁 ∗ , 𝜌∗ ), that implies 𝑁 ∗ has 𝑚∗ ≤ 𝑞. Setup: The simulator 𝛼 selects 𝛽́1 , 𝛽́2 ∈ ℤ𝑝 and indirectly makes 𝛽1 = 𝛽́1 + 𝑎𝑞+1/2 , 𝛽2 = 𝛽́2 + 𝑎𝑞+1/2 ́

𝑞

́

ED

by authorizing 𝑒(g, g)𝛽1 , 𝑒(g𝑎/2 , g𝑎 /2 ) 𝑒(g, g) 𝛽1 , 𝑒(g, g) 𝛽2 = 𝑒(g𝑎/2 , g𝑎 /2)𝑒(g, g) 𝛽2 . The simulator 𝛼 chooses a value𝑧𝑦 ∈ ℤ𝑝 for every y in the set of attributes 𝑉, for programming group elements 𝑕1 , … . , 𝑕𝑉 if equation 𝜌∗ (𝑖) = 𝑦 holds, the simulator-based program is 𝑕𝑦 as: 2

∗

PT

𝑕𝑦 = gzy ∏𝑖∈𝑦 g𝑎𝑁𝑖,1 g𝑎 𝑁𝑖 ,𝑚 Here, Y denotes the indices 𝑖 and if 𝑌 = ∅ then 𝑕𝑦 = g𝑧𝑦 . Now we can conclude and denote several key points. Firstly, the value of 𝑕𝑦 is randomly distributed

CE

because of the 𝑔 𝑧𝑦 parameters. Furthermore, in the attribute set for each of 𝑦, 𝜌∗ is the injective function that describes that there is at maximum on 𝑖 to satisfy 𝜌∗ (𝑖) = 𝑦. Then the attacker appoints the

AC

general public parameter 𝐺𝑘 as *g, 𝑒(g, g)𝛽 , ga , 𝑕1 , … . , 𝑕𝑉 +, and send it back to the simulator. Level-I: At this level, the simulator 𝛼 responses the requests of private keys. There is an attribute set 𝑀 that does not justify the access structure 𝑁 ∗. Presume that the simulator 𝛼 has been given a key query for ⃗⃗ = (𝑈1, … . , 𝑈𝑚 ) ∈ set 𝑀. The simulator initially picks a random set 𝑟 ∈ ℤ𝑝 , then it determines a vector 𝑈 𝑛∗ ∗ ∗ (𝑖) ⃗⃗. 𝑁𝑖 = 0. Conferring to the linear ℤ𝑝 such that 𝑈1 = −1 and for entire 𝑖 where 𝜌 = 𝑀, we have 𝑈 secret key sharing scheme (LSSS), since 𝑀, does not justify 𝑁 ∗ , such type of a vector must be present. Firstly, the simulator implicitly defines 𝑡 as: 𝑟 + 𝑈1 𝑎𝑞 + 𝑈2 𝑎𝑞−1 + ⋯ + 𝑈𝑚∗ 𝑎𝑞−𝑛∗+1 Then it implements q+1-i

𝐿 = g𝑟 ∏𝑖=1,…,𝑚∗ (ga )𝑈𝑖 = g𝑡 As per description of 𝑡, the unidentified term in g𝛽 can be passed over in the procedure of private key

ACCEPTED MANUSCRIPT

generation. The simulator can calculate 𝑆𝑘 𝑎𝑛𝑑 𝑃𝑘 as: 𝑞+2−𝑖

𝑆𝑘 = g𝛽1 g𝑎𝑟 ∏𝑖=2,…,𝑚∗ (g𝑎 )𝑈𝑖 𝑞+2−𝑖 𝑃𝑘 = g𝛽2 g𝑎𝑟 ∏𝑖=2,…,𝑚∗ (g𝑎 )𝑈𝑖 Now, as for 𝑦 ∈ 𝑆, we can compute 𝑘𝑦 . Firstly, we suppose 𝑦 ∈ 𝑆 for there is no presence of 𝑖 such that 𝜌∗ (𝑖) = 𝑦 . Let 𝑘𝑦 = 𝐿𝑧𝑦 . Now the main stimulating assignment is to acquire the essential components of 𝑘𝑦 for the access structure attributes of 𝑦. It is worth noting that we cannot simulate for 𝑞+1

∏

𝑘𝑦 = 𝐿𝑧𝑦 𝑗=1,…,𝑚∗(g𝑎

𝑗𝑟

CR IP T

those keys that have no specific term such like g𝑎 . In this procedure for calculating 𝑕𝑡 𝑦 ; all terms of ∗ 𝑗 the exponent taken from 𝑁𝑖,𝑗 𝑎 𝑈𝑗 𝑎𝑞+1−𝑗 , for any j, where 𝜌∗ (𝑖) = 𝑦. However, by combined approach of ⃗⃗ = 0, discards. all with exponent of aq+1 , we have that as 𝑁𝑖∗ . 𝑈 The simulator produces 𝑘𝑦 as follows. Presume 𝜌∗ (𝑖) = 𝑦 then ∏ 𝑎𝑞+1+𝑗−𝑘 𝑈𝑘 ∗ ) )𝑁𝑖,𝑗 𝑗=1,…,𝑚∗ ,𝑘≠𝑗 (g

Challenge: The attacker 𝒜 provides two kinds of messages 𝑚1 , 𝑚2 to the simulator. The simulator ́ ́ ́ = gs . As the term 𝑕s 𝜌∗ (𝑖) will keep tosses a coin 𝛼. It makes 𝐶𝑀 = 𝑚𝛼 𝑇𝑒(gs , g 𝛽1 )𝑒(gs , g 𝛽2 ) and 𝐶𝑀 𝑗

AN US

the terms of g𝑎 𝑠 , the intricate portion is how to simulate 𝐶𝑀𝑖 values. The simulator can utilize the secret splitting to discard out these portions. Automatically, the simulator picks random 𝑥2́ , … , 𝑥𝑚́ ∗ ́∈ ℤ𝑝 and ∗ ⃗⃗ = (𝑠, 𝑠𝑎 + 𝑥2́ , … , 𝑠𝑎𝑚∗ −1 + 𝑥𝑚́ ∗ ) ∈ ℤ𝑚 then utilizes the 𝑈 𝑝 , to share the secret. In addition, the simulator picks values of 𝑟1́ , … , 𝑟𝑙́ randomly. For 𝑙, … , 𝑚∗ , the ciphertext elements are produced as ́

-ŕ

́

∗

𝑠 )−𝑧 𝜌∗ (𝑖)

i 𝐷𝑀𝑖 = g-ri . g−𝑠 = g-ri−𝑠 , 𝐶𝑀𝑖 = 𝑕𝜌(𝑖) . (∏𝑖=2,..,𝑚∗ (g𝑎 )𝑁𝑖,𝑗.𝑦𝑗́ .(g

).

M

Level-II: At level-II, the simulator 𝛼, handles the attacker 𝒜′𝑠, requests same as mentioned in level-I, except any request that might result in a set 𝑆 that justifies 𝑁 ∗. Predict As a final point, the attacker 𝒜 will output an estimate 𝛼́ 𝑜𝑓 𝛼. Also, the simulator will provide 𝑞

ED

the estimate. It outputs 0 to express that it estimates 𝑇 = 𝑒(g, g)𝑎 +1 𝑠, if 𝛼 =́ 𝛼; otherwise, it outputs 1 to specify that it considers T from a group of random values in 𝐺𝑇 . Thus the final simulation by simulator 𝛼 is given as

PT

𝑞 Pr[𝛼(𝑋⃗, 𝑇 = 𝑒𝑒(g, g)𝑎 +1 𝑠) = 0] = 1⁄2 + 𝐴𝑡𝑡𝐴

If 𝑇 is a random set of elements, the message 𝑚𝛼 is fully concealed and the probability is Pr[𝛼(𝑋⃗, 𝑇 = 𝑞 +1

𝑠) = 0] = 1⁄2. In consequence, the simulator 𝛼, shows the decisional q-BDHE game by

CE

𝑒𝑒(g, g)𝑎

AC

insignificant benefit. Revocation process: Furthermore, our proposed scheme can certainly preserve the conditional privacy in the situation of misconduct, dispute or malicious activity by competently revoking the message or user [4]. As IVs are identity-less, this makes it difficult for the attacker 𝒜, to target IVs and IMs. However, CRAs can easily revoke a message. Cloud-based modules CIPU and CCU saves the key values, thus in case of any dispute CCU can deliver the suspected values to CRAs. Prior to all others, CRAs have the secret key of the vehicles. The secret key is held by the CRAs in an encrypted setup and CRAs intrigue to perform secret key decryption by revoking the user. The revocation complexity is P(1) reliant on the implementation and hash functions [25]. As the hash values do not disclose any valued information about authentic users, so it does not have any antagonistic effect on the privacy.

ACCEPTED MANUSCRIPT

6.5 Performance evaluation and comparison We have further evaluated and compared our proposed scheme with other existing research studies in terms of confidentiality, authorization, delegation and access control.

Table 3: Comparison with other known schemes Information Schemes

CR IP T

Table 3, shows the comparative evaluation of our proposed scheme with other related research studies in terms of information confidentiality schemes of both ABE and IBS, access control mechanism, user-level authentication, cloud-based information delegation and utilization of cloud or VANET resources. Our proposed scheme is much more flexible and extensible as compared to the other schemes.

Information

Access control

Authentication

confidentiality

CE/ VE

delegation

Y.S. Rao et al’s [37]

ABE

No

Yes

X. Liu et al.’s [33]

ABE

Yes

No

ABE and IBS

Yes

Yes

No

VE

No

No

No

Yes

CE and VE

ABE and IBS

Yes

Yes

Yes

CE and VE

R. Hussain et al.’s [25] Our scheme CE*= Cloud-enabled

CE and VE

No

VE

AN US

Q. Kang et. al.’s [32]

No

VE*= VANET-enabled

ABE*= Attribute-based encryption

IBS*= Identity-based signature

AC

CE

PT

ED

M

Information confidentiality: The key-policy attribute encryption scheme that monitors message dissemination through fuzzy-based identity algorithm to enable fine-grained access control environment [49]. In this scheme access control environment is achieved through ciphertext-policy based attribute encryption algorithm for data encryption by labeling all the ciphertext and keys with some specific attributes [9]. Q. Kang et al. [32] and X. Liu et al. [33] adopted the ciphertext policy based attribute encryption (CP-ABE) to provide efficient access control mechanism for sharing information between vehicular nodes. Authorization: The message authorization scheme by Yeh et al. [49] proposed some techniques for the deterrence of fake RSU attacks but lacking clarity. X. Jia et al. [8] scheme improve authorization effectiveness by implementing both batch verification and lightweight signature. It only chooses explicit vehicles to provide the functionality of RSU, which is lacking the coverage scope and specialty of genuine RSU because of IEEE 802.11p. Hence, our proposed scheme utilizes the dedicated RSUs by commissioning IBS to do authorization and user privacy. Information delegation: X. Liu et al. [33] and Q. Kang et al. [32] schemes, both only exploits VANETs for data dissemination, while it lacks cloud technology for information delegation and centralized monitoring. Our proposed cloud-based security and privacy-aware information dissemination over ubiquitous VANETs schemes are more efficient and flexible in terms of both information delegation and centralized monitoring. Access control mechanism: For ensuring access control mechanism, this scheme exploits CP-ABE to handle information dissemination for confidentiality in controlled access environment [21]. The information message is encrypted with CP-ABE by a vehicular node, in the meantime OBUs of the vehicular nodes put in force expressive and elastic access configuration mechanism for the identified

ACCEPTED MANUSCRIPT

vehicles that assist to accomplish access control.

7

Conclusions and future work

CR IP T

In this paper, we propose a cloud-based security and privacy-aware information dissemination over ubiquitous VANETs. The access control mechanism and authentication schemes are devised for communication between vehicular nodes and cloud infrastructure. Information authentication and privacy are achieved through identity-based signature (IBS) with a pseudonym for identity verification of vehicular nodes. Furthermore, we adopt ciphertext policy attribute-based encryption (CP-ABE) to implement the access control systems and effective access policies for both cloud and VANETs. IVs carried out the fine-grained information dissemination among cloud system and the vehicular nodes by adopting the batch verification process. In future research, we will focus on more robust scenarios for vehicular cloud computing and the issues related to security and privacy.

Acknowledgments

AN US

This work was supported in part by the Technology Innovation Program of Beijing Institute of Technology under Grant No. 2011CX01015.

References [1]

Q. G. K. Safi, S. Luo, C. Wei, L. Pan, and Q. Chen; PIaaS: Cloud-oriented secure and privacy-conscious parking

information as a service using VANETs. Elsevier-Computer Networks (2017), Vol. 124, pp.33-45. S. Olariu, I. Khalil, and M. Abuelela; Taking VANET to the Clouds: International Journal of Pervasive Computer and

Communications; vol. 7, no. 1, (2011), pp. 7–21. [3]

M

[2]

G. Yan, S. Olariu, and M. C. Weigle; Providing VANET security through active position detection: Computer

Communication., vol. 31, no. 12, pp. 2883–2897, July 2008, Special Issue on Mobility Protocols for ITS/VANET.

ED

[4] R. Hussain, F. Abbas, J. Son, H. Eun and H. Oh; Privacy-aware route tracing and revocation games in VANET-based clouds: IEEE International Conference on Wireless and Mobile Computing, Networking and Communications (IEEE WiMob, 2013), Lyon, France, October 2013, pp. 730-735.

PT

[5] R. Hussain, Z. Rezaeifar and H. Oh; A paradigm shift from vehicular ad hoc networks to VANET-based clouds, in Wireless Personal Communications, Springer, 2015, http://dx.doi.org/10.1007/s11277 015442y. [6]

L. Delgrossi and T. Zhang; Dedicated short-range communications (DSRC), in Vehicle Safety Communications: Protocols,

[7]

CE

Security, and Privacy, 2009, pp. 44–51.

G. Yan, D. Wen, S. Olariu and M.C. Weigle; Security challenges in vehicular cloud computing: IEEE Transactions on

Intelligent Transportation System 14 (1) (2013) 284–294. http://dx.doi.org/10.1109/TITS.2012.2211870.

AC

[8] X. Jia, X. Yuan, L. Meng and L. Wang; EPAS: Efficient Privacy-preserving Authentication Scheme for VANETs-based emergency communication, Journal of Software, 8 (8) (2013): 1914–1922. IEEE Trans. Ind. Elec. 62(1), 2015, pp. 564–571. [9]

D. Huang and M. Verma; ASPE: Attribute-Based Secure Policy Enforcement in vehicular ad hoc networks, Ad Hoc

Networks, 7 (8) (2009): pp. 1526–1535. [10] R.C.U. Lee and M. Gerla; Emerging vehicular applications, in S.O. Olariu, M.C. Weigle (Eds.), Vehicular Networks: From Theory to Practice, Taylor and Francis, FL, 2009, pp. 1–30. [11] Partners for Advanced Transportation Technology, 〈http://www.path.berkeley.edu//research/transportation safety〉. [12] United States Department of Transportation, 〈http://www.its.dot.gov/arch/index.htm〉. [13] L. Nkenyereye, B. A. Tama, Y. Park and K. H. Rhee; A fine-grained privacy-preserving protocol over attribute-based access

ACCEPTED MANUSCRIPT

control for VANETs. Journal of Wireless Mobile Networks Ubiquitous Computing Dependable Applications 6.2 (2015): pp. 98-112. [14] X. Hong, D. Huang, M. Gerla and Z. Cao; SAT: Situation-Aware Trust architecture for vehicular networks, in Proceedings of the 3rd International Workshop on Mobility in the Evolving Internet Architecture, ACM, 2008, pp. 31–36. [15] S. Ruj, A. Nayak and I. Stojmenovic; an Improved access control mechanism in vehicular ad hoc networks: in Ad-hoc, Mobile, and Wireless Networks, Springer, 2011, pp. 191–205.

pp. 1–13.

CR IP T

[16] R.G. Engoulou, M. Bellaïche, S. Pierre and A. Quintero; VANETs security surveys, Computer Communications, 44 (2014):

[17] H. Deng, Q. Wu, B. Qin, J. Domingo-Ferrer, L. Zhang, J. Liu and W. Shi, Ciphertext-policy hierarchical attribute-based encryption with short ciphertexts, Information Science, 275 (2014): pp. 370–384.

[18] X. Dong, J. Yu, Y. Zhu, Y. Chen, Y. Luo and M. Li; SECO: Secure and scalable data Collaboration services in cloud computing, Computer Security, 50 (2015): pp. 91–105.

[19] J. Hur; Attribute-based secure data sharing with hidden policies in smart grid, IEEE Transactions on Parallel Distributed Systems, 24 (11) (2013): pp. 2171–2180.

AN US

[20] X. Chen, J. Li, X. Huang, J. Li, Y. Xiang and D.S. Wong; Secure outsourced attribute-based signatures: IEEE Transactions on Parallel Distributed System, 25 (12) (2014): pp. 3285–3294.

[21] R. Lu, X. Lin, H. Zhu, P. H. Ho and X. Shen; ECPP: Efficient Conditional Privacy Preservation Protocol for secure vehicular communications, in Proceedings of the 27th Conference on Computer Communications, IEEE, (2008): pp. 1229–1237. [22] D. Huang, S. Misra, M. Verma and G. Xue; PACP: an efficient pseudonymous authentication-based conditional privacy protocol for VANETs, IEEE Transactions on. Intelligent Transportation System 12 (3) (2011): pp. 736–746.

Computers, 63 (2) (2014): pp. 510–524.

M

[23] T. Chim, S. Yiu, L. Hui and V. Li; VSPN: VANET-based secure and privacy-preserving navigation, IEEE Transactions on

[24] S. Yu, C. Wang, K. Ren and W. Lou; Achieving secure, scalable, and fine-grained data access control in cloud computing, in:

ED

IEEE INFOCOM 2010, San Diego, 2010, pp. 1–9.

[25] R. Hussain, Z. Rezaeifar, Y. H. Lee and H. Oh; Secure and privacy-aware traffic information as a service in VANET-based clouds: Pervasive and Mobile Computing (2015), http://10.1016/j.pmcj.2015.07.007.

PT

[26] A. Sahai and B. Waters; Fuzzy identity-based encryption, in Advances in Cryptology: Eurocrypt, 2005, pp. 457–473. [27] B. Waters, Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization, in: Public Key Cryptography, Springer, 2011, pp. 53–70.

CE

[28] J. Bethencourt, A. Sahai and B. Waters; Ciphertext-policy attribute-based encryption, in: IEEE Symposium on Security and Privacy, SP'07, IEEE, Oakland, California, USA, 2007, pp. 321–334. [29] B.W. John Bethencourt, Amit Sahai, Ciphertext-policy attribute-based encryption, http://hms.isi.jhu.edu/acsc/.

AC

[30] Z. Wan, J. Liu, R.H. Deng; HASBE: A Hierarchical Attribute-Based Solution for Flexible and Scalable Access Control in cloud computing, IEEE Transactions on Information Forensics and Security 7 (2) (2012): pp. 743–754. [31] A.A.M. Green and M. Rushanan, libfenc: the functional encryption library, http://code.google.com/p/libfenc/. [32] Q. Kang, X. Liu, Y. Yao, Z. Wang and Y. Li; Efficient authentication and access control of message dissemination over vehicular ad hoc network, Neurocomputing: 181 (2016): pp. 132–138. [33] X. Liu, Z. Shan, L. Zhang, W. Ye and R. Yan; An efficient message access quality model in vehicular communication networks, Signal Process, 2014, pp. 309–1316. [34] L. Zhang, Q. Wu, A. Solanas and J. Domingo-Ferrer; A scalable robust authentication protocol for secure vehicular communications: IEEE Transactions on Vehicular Technology, 59 (4) (2010) 1606–1617.

ACCEPTED MANUSCRIPT

[35] C. Zhang, R. Lu, X. Lin, P. H. Ho and X. Shen; An efficient identity-based batch verification scheme for vehicular sensor networks: in The 27th Conference on Computer Communications, INFOCOM, IEEE, Phoenix, AZ, USA, 2008. [36] K.-A. Shim, An efficient conditional privacy-preserving authentication scheme for vehicular sensor networks: IEEE Transactions on Vehicular Technology, 61 (4) (2012), 1874–1883. [37] Y.S. Rao, R. Dutta, Computationally efficient secure access control for vehicular ad-hoc networks, in Information Systems Security, Springer, 2012, pp. 294–309.

2005, pp. 1–6.

CR IP T

[38] B. Parno, A. Perrig, Challenges in securing vehicular networks, in Workshop on Hot Topics in Networks (HotNets-IV),

[39] T.W. Chim, S. Yiu, L.C.K. Hui and V.O. Li; VSPN: VANET-based Secure and Privacy-preserving Navigation, IEEE Transactions on Computers, 63 (2) (2014): pp. 510–524. [40] G. Calandriello, P. Papadimitratos, J. P. Hubaux and A. Lioy;

Efficient and robust pseudonymous authentication in

VANETs: in Proceedings of the Fourth ACM International Workshop on Vehicular Ad Hoc Networks, ACM, Montreal, Quebec, Canada, 2007, pp. 19–28.

[41] Y. Jiang, Y. Ji and T. Liu, An anonymous communication scheme based on ring signature in VANETs, arXiv preprint arXiv:

AN US

1410.1639.

[42] X. Boyen, Multipurpose identity-based signcryption, in Advances in Cryptology-CRYPTO, Springer, Santa Barbara, California, USA, 2003, pp. 383–399.

[43] P.S. Barreto, B. Libert, N. McCullagh and J. Quisquater, Efficient and provably secure identity-based signatures and signcryption from bilinear maps, in Advances in Cryptology-ASIACRYPT, Springer, Chennai, India, 2005, pp. 515–532. [44] A. Shamir, Identity-based cryptosystems and signature schemes, in: Advances in Cryptology, Springer, Paris, France, 1985,

M

pp. 47–53.

[45] N. Koblitz and A. Menezes, Pairing-Based Cryptography at High Security Levels, Springer, 2005. [46] B. Lynn, Stanford pairings-based crypto library, http://crypto.stanford.edu/pbc/.

ED

[47] D. Boneh and M. Franklin, “Identity-based encryption from the Weil pairing”, in Advances in Cryptology - CRYPTO 2001, LNCS 2139, pp.213-229, Springer-Verlag, 2001.

[48] M. Boban, T.T.V. Vinhoza, M. Ferreira, J. Barros and O.K. Tonguz; Impact of vehicles as obstacles in vehicular ad hoc

PT

networks: IEEE J. Sel. Areas Commun. 29 (1) (2011): pp. 15–28. [49] L. Y. Yeh, Y. C. Chen. and J.-L. Huang; ABACS: An Attribute-Based Access Control System for emergency services over vehicular ad-hoc networks, IEEE Journal on Selected Areas in Communications, 29 (3) (2011): pp. 630–643.

CE

[50] J. Liu, J. Wan, Q. Wang, P. Deng, K. Zhou and Y. Qiao; A survey on position-based routing for vehicular ad hoc networks Telecommunication Systems, 62(1): pp. 15-30. [51] M. K. Jiau, S. C. Huang, J. N. Hwang, and A. V. Vasilakos; Multimedia services in cloud-based vehicular networks: IEEE

AC

Intelligent Transportation Systems Magazine 7.3 (2015): pp. 62-79. [52] J. Zhou, D. Xiaolei, C. Zhenfu, and A. V. Vasilakos; Secure and privacy-preserving protocol for cloud-based vehicular DTNs, IEEE Transactions on Information Forensics and Security 10, no. 6 (2015): pp. 1299-1314. [53] W. Viriyasitavat, M. Boban, H. M. Tsai, and A. V. Vasilakos; Vehicular communications: Survey and challenges of channel and propagation models, IEEE Vehicular Technology Magazine 10.2 (2015): pp. 55-66. [54] L. Wei, H. Zhu, Z. Cao, X. Dong, W. Jia,, Y. Chen and A. V. Vasilakos; Security and privacy for storage and computation in cloud computing, Information Sciences 258 (2014): 371-386. [55] Z. Yan, Z., X. Li, M. Wang, and A. Vasilakos; Flexible data access control based on trust and reputation in cloud computing: IEEE Transactions on Cloud Computing, (2015).