RUB » Bibliotheksportal

Jan Trauernicht, Norbert Bißmeyer

• In Cooperative-Intelligent Transportation Systems (C-ITS) pseudonym certificates are used to secure communication [9]. They protect the driver’s privacy by allowing the station to change its identity periodically. However, these pseudonyms might also protect the identities of attackers. Therefore, a mechanism is needed to exclude attackers without interfering with the privacy goals. This paper describes a concept for the long-term exclusion of Sybil attackers based on a deterministic mechanism called Sybil attack Alternation Check (SAC). SAC fills the gap between misbehavior detection mechanisms on the C-ITS stations and the exclusion with a certificate revocation list. A key idea is to forbid the reuse of a recently used Authorization Ticket (AT) for a short time period. Based on this rule proof of an attack can be recorded and reported to invalidate certificates of the misbehaving station. Accusations on benign stations can not lead to false exclusions based on the assumption that attackers are unable to fake signatures originating from ATs belonging to other stations. During the whole misbehavior evaluation process no entity learns additional information about the identity of the reporter or recorded benign stations listed in the report. Furthermore, no authority is able to trace stations and the exclusion can only be performed if multiple authorities cooperate. The proposed concept builds upon current European telecommunications Standards Institute (ETSI) standards and adds only minor complexity to the public key infrastructure.