Secure and Blockchain-Based Emergency Driven Message Protocol for 5G Enabled Vehicular Edge Computing
Abstract
:1. Introduction
- We describe a novel architecture for emergency warning dissemination using edge computing and private blockchain. The proposed architectures uses 5G network technologies for communication. In our model, we design a secure and privacy preserving model that protect the sensitive data (identity, location, shared data, etc) of the vehicles participating in emergency warning dissemination. We assume that the edge nodes and cloud are semi trusted, therefore our architecture proposes a private blockchain using edge nodes to record the EDM in an immutable and verifiable ledger to guarantee EDMs auditability.
- We design a secure and blockchain based EDM protocol for 5G enabled vehicle edge computing using the private blockchain technique to provide EDM auditability. We make use of lightweight multi-receiver signcryption scheme without pairing that offer low time consuming operations, security, privacy and access control.
- We provide an analysis of security and privacy features of the proposed protocol and evaluation in respect of private blockchain construction, computational and communication costs.
2. Related Work
2.1. 5G Enabled Vehicular Edge Computing
2.2. Blockchain
2.3. Secure Schemes for Emergency Warning in VEC
3. System Model
3.1. Main Entities
- Regional Transportation Authority (RTA): RTA is considered as a trusted agency that offers the registration of all the entities within the proposed system (vehicles and edge nodes) and generate cryptographic materials to the entities during the system setup.
- RSU edge nodes: Similar to a sever with limited capabilities, edge nodes are devices placed on the roads with efficient computing, communication and also storage aptitude. Their principal role is the collection of EDM provided by the vehicles, verifies the validity of EDM through designcryption and share the EDM to RTA or any entity that might need the EDM. In real life applications, the EDM could be needed by rescue services such as police or medical centers. We did not explicitly add these entities but we assumed that they have servers in the cloud which are connected to RTA servers as shown in Figure 1. We assume that edge nodes are connected to a source that generate electricity power.
- Vehicles: The vehicles are assumed to be equipped with several sensors and devices such as camera. The onboard units (OBU) in the vehicle gather all the those data in form of EDM files, sends them to edge nodes using different communication means such as D2D or mmWave communications. All vehicles need to register with the RTA at the time of periodic inspection. Besides the well known identifiers of vehicles such as the Electronic License Plate (ELP) or the electronic chassis number (ECN), every vehicle is given a 5G unique identifier (5GID), which is similar to subscriber identification module (SIM) as it is for 3G and 4G cellular networks.
3.2. Communication Model
- Heterogeneous networks: This network aims at achieving high data rate and network capacity for the 5G-enabled vehicle edge computing. Therefore, two alternative techniques may help to get the mentioned capacities through smaller cells which increase the spectral efficiency. In addition, using the mmWave spectrum would offer high data rates since it operates within the range of 30–300 GHz and 1–10 mm for the spectrum and wavelength respectively [11].
- D2D Communications: D2D communication would enable the vehicles to communicate with each edge device within the licensed cellular bandwidth without considering the base stations. In the 5G edge based vehicular networks, the communication between the vehicles and edge devices can be done through D2D communication or mmWave technology.
3.3. Adversary Model
- A malicious vehicle can try to send EDM files when he is not enrolled for participation.
- A malicious user or vehicle can try to know the identity of the vehicles that reported the EDM file.
- A malicious vehicle can try to get the raw content of EDM which were sent through the network.
- A malicious vehicle can try to attack one or several edge nodes and try to process the EMD by impersonating a given edge node.
- A number of attackers (within or without the participating group) can try to jeopardize the whole network through a denial of service attack.
3.4. Security Objectives
- Identity privacy preservation: the identities of the vehicles that report the EDMs should be preserved.
- Authentication: each vehicle that is involved in sending the EDMs should be authenticated before it is allowed to join the system.
- Confidentiality and integrity: the EDMs files generated and sent through the network should not be intercepted and modified during the communication.
- Key escrow resilience: the keys of the entities (vehicles) participating in EDM reporting should not be generated by a single entity. Thus, even if the RTA is comprised, the attackers can not disclose the signing keys of the vehicles.
- Access control: only the entities with matching policies should be able to retrieve the contents of EDMs.
- Non-repudiation and traceability: a vehicle should not deny any participation in the EDM reporting. In addition, RTA should be able to disclose the true identity of any entity if needed.
- Auditability: the EDMs records that are saved in the system should be securely kept and easily verifiable. Even if one node in the chain is compromised, the malicious user should not be able to modify and upload any EDM content.
3.5. Preliminaries
3.5.1. Signcryption Scheme without Bilinear Pairings
- : using a parameter , RTA runs the system to generate a master secret key and the parameters .
- : a user runs the algorithm to return a secret value using his/her identity .
- : RTA runs the algorithm and returns the partial private key and partial public key using the user identity and the secret value
- : the user generates the key pairs using the partial key pairs .
- : the user target a group of authorized receivers’ public keys where n is a positive integer. Output a ciphertext on the message m.
- : using the system parameters , the receiver’s private key and the ciphertext , an authorized receiver recovers the message m.
3.5.2. Private Blockchain
- Setup: in this phase, different slot are generated and a private ledger is attached with a one block for every time slot . In addition, a leader selection algorithm is assigned to each edge node.
- Initial stage: this is a first stake distribution phase when the first block also called genesis block is generated. The genesis block includes the edge nodes identities, public keys and stakes. The first block is assumed to have an empty blockheader and signcryption is generated on it.
- Leader selection: taking each time slot , the edge nodes identities, their public key, the probability of an edge node corresponding to its stake, this function output the node leader.
- Blockgeneration: the chosen leader generates a new block which is made by a block header, its stake, the number of EDM recorded. Note that the blockheader is made by a blockheader number, hash of previous blockheader, a merkle hash root along with a time stamp. For interested readers, the overall details can be found in [21,22].
4. Protocol Description
4.1. Protocol Setup
4.2. Participation Agreement
- Step 1. Assume there is a vehicle inspection within a given period (12 or 18 months), the vehicle owner or user can express its desire to be part of EDM reporters. In this case, the vehicles does the following:
- A vehicle with its identity selects a secret and computes and send to .
- Upon receiving , choose a pseudonym for as , and keep the mapping table securely. selects and computes and Then returns to
- receives and checks if the equation is correct. If yes, generates its public key .
- generates its private key . The key pair of the vehicle is .
- Step 2. In the same way, registers the edge nodes as follows:
- A edge node with its identity selects a secret and computes and send to .
- After receiving , selects and computes and Then returns to
- receives and check if the equation is correct. If yes, generates its public key .
- generates its private key . The key pair of the edge node is .
4.3. Emergency Driven Message Reporting
- Composes EMD file as representing the date, the time, the location and main file which has been captured. could be a multimedia item such as pictures or audio files.
- generates a list of edge nodes that can recover the message, and in this case we adopt proximity protocol based on the location as described in [31]. generates and make the signcryption on the event message as follows
- Computes with
- Selects a integer and computes and and where
- Selects an integer and computes the polynomial , which equals to for
- Computes , and
- Generates that satisfy and computes
- Generates the cipher text and send it to edge nodes.
4.4. Emergency-Driven Message Collection
- Compute and
- Then computes and
- Computes and retrieve the message trough the decryption
- Also compute and verifies if the equation is correct. Otherwise, the emergency message is rejected
- Upon receiving the vehicle public , checks if the equation . The correctness is as follows:
4.5. Private Blockchain Generation
- Assume that the time is divided into time slot in which a block is attached to the ledger for each time sequence.
- The initial block also called genesis block is generated as the first state distribution and it contains the edge nodes identities, their public keys, their stakes as =< {ID }, and . We assume that first blockheader to be empty.
- Therefore, in a given area, each edge node set where is the genesis block
- An edge node collects n EDM and verifies each EDM as shown in Section 4.4 by running . To choose a leader edge node , the probability for being chosen should be relative to its stake that are in previous block.
- runs a leader selection protocol [32] that input }, representing respectively the edge nodes identities, their public key, the probability of the leader and the corresponding time slot with .
- outputs a leader edge node
- To generate a block, the selected edge node output a block that corresponds to the time slot with representing respectively the number of the block, a hash corresponding to previous blockheader, merkle hash root corresponding to a merkle tree built using n EDM.
- performs the update of its stake and generates a signcryption on the entire message.
- Finally add the block to the chain and send a notification to the entire network
5. Performance
5.1. Security Analysis
5.1.1. Privacy Preservation
5.1.2. Authentication
5.1.3. Confidentiality and Integrity
5.1.4. Key Escrow Resilience
5.1.5. Access Control
5.1.6. Traceability and Non Repudiation
5.1.7. Auditability
- The blockchain that is built in this scheme is private, any participant requires a permission or an invitation to join the private chain. In this case, it is infeasible for an malicious user to add bogus block to the chain.
- Each participant in the private chain keeps a replica of any appended ledger of emergency warning messages. This is crucial in case a crash occurs in any of the remote servers where the EDM are kept.
- Transactions immutability: It is hard for a malicious entity to tamper the EDM that is exchanged between the vehicles and the edges. In case of a legal dispute that require the thorough auditability of the EDM, the transaction immutability of blockchain can strengthen such services.
5.1.8. Secure against Known Attacks
- Impersonation attack: as mentioned earlier, the malicious vehicles cannot succeed to impersonate a legitimate vehicle because the authentication between a vehicle and an edge node is achieved through the signcryption function that is made on each message. Once an EDM is generated, makes signcryption of the message by running . Every participating vehicle needs to possess a valid private key to be able to verify the correctness of the equation . Based on the hardness of the DL problem, the signature provided on the message cannot match the verification and the message will be discarded. Thus, it is almost impossible to perform an impersonation attack in our proposed scheme
- Masquerade attack: suppose a malicious user eavesdrops an EDM message and tries to know the EMD contents. That malicious user can not tamper with the integrity of the EDM because the signcryption phase transforms the data into hash values and as described in Section 4. Therefore, the malicious user cannot learn any useful information from the eavesdropped message nor reveal the identity of the message owner.
- DDoS attack: our scheme is able to resist against DDoS attacks either launched by legitimate or illegitimate vehicles. Assume an illegitimate vehicle tries to send multiple EDM to a given edge node, as demonstrated in the impersonation attack, those EDM will be discarded by the edge node because the message verification will not hold. In addition, assume a legitimate vehicle is generating excessive EDM to cause a DDoS attack, in that scenario, the edge nodes will use the time stamp on any EDM given message to predict the frequency of message compared to other users because every EDM message contains a time stamp as shown in message content as representing respectively the date, the time, the location and which could be a multimedia item such as pictures or audio files. Therefore, the messages from the suspicious user can be discarded.
5.2. Computational Cost
5.3. Communication Cost
5.4. Private Blockchain Evaluation
5.5. Simulation
6. Conclusions
Author Contributions
Funding
Acknowledgments
Conflicts of Interest
References
- Sanguesa, J.A.; Fogue, M.; Garrido, P.; Martinez, F.J.; Cano, J.C.; Calafate, C.T. A survey and comparative study of broadcast warning message dissemination schemes for VANETs. Mob. Inf. Syst. 2016, 2016, 8714142. [Google Scholar] [CrossRef]
- Karagiannis, G.; Altintas, O.; Ekici, E.; Heijenk, G.; Jarupan, B.; Lin, K.; Weil, T. Vehicular networking: A survey and tutorial on requirements, architectures, challenges, standards and solutions. IEEE Commun. Surv. Tutorials 2011, 13, 584–616. [Google Scholar] [CrossRef]
- Kamouch, A.; Chaoub, A.; Guennoun, Z. Mobile big data in vehicular networks: The road to internet of vehicles. In Mobile Big Data; Springer: Cham, Switzerland, 2018; pp. 129–143. [Google Scholar]
- Nkenyereye, L.; Park, Y.; Rhee, K.H. Secure vehicle traffic data dissemination and analysis protocol in vehicular cloud computing. J. Supercomput. 2018, 74, 1024–1044. [Google Scholar] [CrossRef]
- Lavanya, R. Fog Computing and Its Role in the Internet of Things. In Advancing Consumer-Centric Fog Computing Architectures; IGI Global: Hershey, PA, USA, 2019; pp. 63–71. [Google Scholar]
- Nkenyereye, L.; Liu, C.H.; Song, J. Towards secure and privacy preserving collision avoidance system in 5G fog based Internet of Vehicles. Future Gener. Comput. Syst. 2019, 95, 488–499. [Google Scholar] [CrossRef]
- Yi, S.; Li, C.; Li, Q. A survey of fog computing: Concepts, applications and issues. In Proceedings of the 2015 Workshop on Mobile Big Data, Hangzhou, China, 21 June 2015; pp. 37–42. [Google Scholar]
- Mir, Z.H.; Filali, F. LTE and IEEE 802.11 p for vehicular networking: A performance evaluation. EURASIP J. Wirel. Commun. Netw. 2014, 2014, 89. [Google Scholar]
- Vinel, A. 3GPP LTE versus IEEE 802.11 p/WAVE: Which technology is able to support cooperative vehicular safety applications? IEEE Wirel. Commun. Lett. 2012, 1, 125–128. [Google Scholar] [CrossRef] [Green Version]
- Bellalta, B.; Belyaev, E.; Jonsson, M.; Vinel, A. Performance evaluation of IEEE 802.11 p-enabled vehicular video surveillance system. IEEE Commun. Lett. 2014, 18, 708–711. [Google Scholar] [CrossRef]
- Shen, X. Device-to-device communication in 5G cellular networks. IEEE Netw. 2015, 29, 2–3. [Google Scholar] [CrossRef]
- Tehrani, M.N.; Uysal, M.; Yanikomeroglu, H. Device-to-device communication in 5G cellular networks: Challenges, solutions, and future directions. IEEE Commun. Mag. 2014, 52, 86–92. [Google Scholar] [CrossRef]
- Schneider, P.; Horn, G. Towards 5G security. In Proceedings of the 2015 IEEE Trustcom/BigDataSE/ISPA, Helsinki, Finland, 20–22 August 2015; Volume 1, pp. 1165–1170. [Google Scholar]
- Park, J.; Kim, J.; Lee, B. Are uber really to blame for sexual assault?: Evidence from New York city. In Proceedings of the 18th Annual International Conference On Electronic Commerce: e-Commerce in Smart Connected World, Suwon, Korea, 17–19 August 2016; p. 12. [Google Scholar]
- Darus, M.Y.; Bakar, K.A. Review of Congestion Control Algorithm for Event-Driven Safety Messages in Vehicular Networks. Int. J. Comput. Sci. Issues 2011, 8, 49. [Google Scholar]
- Djahel, S.; Ghamri-Doudane, Y. A robust congestion control scheme for fast and reliable dissemination of safety messages in VANETs. In Proceedings of the 2012 IEEE Wireless Communications and Networking Conference (WCNC), Shanghai, China, 1–4 April 2012; pp. 2264–2269. [Google Scholar]
- Zhang, W.; Festag, A.; Baldessari, R.; Le, L. Congestion control for safety messages in VANETs: Concepts and framework. In Proceedings of the 2008 8th International Conference on ITS Telecommunications, Phuket, Thailand, 24 October 2008; pp. 199–203. [Google Scholar]
- Ma, X.; Kanelopoulos, G.; Trivedi, K.S. Application-level scheme to enhance VANET event-driven multi-hop safety-related services. In Proceedings of the 2017 international conference on computing, networking and communications (ICNC), Santa Clara, CA, USA, 26–29 January 2017; pp. 860–864. [Google Scholar]
- Ali, I.; Hassan, A.; Li, F. Authentication and privacy schemes for vehicular ad hoc networks (VANETs): A survey. Veh. Commun. 2019, 16, 45–61. [Google Scholar] [CrossRef]
- Liu, Y.; Wang, L.; Chen, H.H. Message authentication using proxy vehicles in vehicular ad hoc networks. IEEE Trans. Veh. Technol. 2015, 64, 3697–3710. [Google Scholar] [CrossRef]
- Kosba, A.; Miller, A.; Shi, E.; Wen, Z.; Papamanthou, C. Hawk: The blockchain model of cryptography and privacy-preserving smart contracts. In Proceedings of the 2016 IEEE Symposium on Security and Privacy (SP), San Jose, CA, USA, 22–26 May 2016; pp. 839–858. [Google Scholar]
- Gao, F.; Zhu, L.; Shen, M.; Sharif, K.; Wan, Z.; Ren, K. A blockchain-based privacy-preserving payment mechanism for vehicle-to-grid networks. IEEE Netw. 2018, 32, 184–192. [Google Scholar] [CrossRef]
- Ullah, A.; Yaqoob, S.; Imran, M.; Ning, H. Emergency message dissemination schemes based on congestion avoidance in VANET and vehicular FoG computing. IEEE Access 2019, 7, 1570–1585. [Google Scholar] [CrossRef]
- Zhang, K.; Mao, Y.; Leng, S.; He, Y.; Zhang, Y. Mobile-edge computing for vehicular networks: A promising network paradigm with predictive off-loading. IEEE Veh. Technol. Mag. 2017, 12, 36–44. [Google Scholar] [CrossRef]
- Feng, J.; Liu, Z.; Wu, C.; Ji, Y. AVE: Autonomous vehicular edge computing framework with ACO-based scheduling. IEEE Trans. Veh. Technol. 2017, 66, 10660–10675. [Google Scholar] [CrossRef]
- Wang, C.X.; Haider, F.; Gao, X.; You, X.H.; Yang, Y.; Yuan, D.; Aggoune, H.M.; Haas, H.; Fletcher, S.; Hepsaydir, E. Cellular architecture and key technologies for 5G wireless communication networks. IEEE Commun. Mag. 2014, 52, 122–130. [Google Scholar] [CrossRef] [Green Version]
- Ge, X.; Cheng, H.; Mao, G.; Yang, Y.; Tu, S. Vehicular communications for 5G cooperative small-cell networks. IEEE Trans. Veh. Technol. 2016, 65, 7882–7894. [Google Scholar] [CrossRef] [Green Version]
- Ge, X.; Li, Z.; Li, S. 5G software defined vehicular networks. IEEE Commun. Mag. 2017, 55, 87–93. [Google Scholar] [CrossRef] [Green Version]
- Kiayias, A.; Konstantinou, I.; Russell, A.; David, B.; Oliynykov, R. A Provably Secure Proof-of-Stake Blockchain Protocol. IACR Cryptol. EPrint Arch. 2016, 2016, 889. [Google Scholar]
- Pang, L.; Kou, M.; Wei, M.; Li, H. Efficient Anonymous Certificateless Multi-Receiver Signcryption Scheme without Bilinear Pairings. IEEE Access 2018, 6, 78123–78135. [Google Scholar] [CrossRef]
- Zheng, Y.; Li, M.; Lou, W.; Hou, Y.T. Location based handshake and private proximity test with location tags. IEEE Trans. Dependable Secur. Comput. 2017, 14, 406–419. [Google Scholar] [CrossRef]
- Kiayias, A.; Russell, A.; David, B.; Oliynykov, R. Ouroboros: A provably secure proof-of-stake blockchain protocol. In Annual International Cryptology Conference; Springer: Cham, Switzerland, 2017; pp. 357–388. [Google Scholar]
- Selvi, S.S.D.; Vivek, S.S.; Shukla, D.; Chandrasekaran, P.R. Efficient and provably secure certificateless multi-receiver signcryption. In International Conference on Provable Security; Springer: Berlin/Heidelberg, Germany, 2008; pp. 52–67. [Google Scholar]
- Wei, D. Crypto++ Library 5.6.5, a Free C++ Class Library of Cryptographic Schemes. 2019. Available online: http://www.cryptopp.com (accessed on 29 August 2019).
- He, D.; Zeadally, S.; Xu, B.; Huang, X. An efficient identity-based conditional privacy-preserving authentication scheme for vehicular ad hoc networks. IEEE Trans. Inf. Forensics Secur. 2015, 10, 2681–2691. [Google Scholar] [CrossRef]
- BBCNews. 5G Researchers Manage Record Connection Speed, 2015. 2019. Available online: http://www.bbc.co.uk/news/technology-31622297 (accessed on 29 August 2019).
Operations | Time (ms) | |
---|---|---|
Bilinear pairing | 4.5 | |
Point scalar multiplication | 0.6 | |
Point adddition on ECC | 0.047 | |
Exponentiation | 3.9 | |
Asymmetric decryption | 0.61 | |
Symmetric encryption | 0.51 | |
Symmetric decryption | 0.55 | |
Execution time of a general hash function | 0.0001 |
Phase | Operation |
---|---|
Signcryp an EDM | |
Designcryp an EDM |
Scheme | Lightweight | Traceability | Tamper Proof | Privacy | Decentralization | IoT Friendly |
---|---|---|---|---|---|---|
Liu et al., [20] | Low | YES | Low | Yes | NO | NO |
Proposed Framework | High | YES | HIGH | YES | HIGH | HIGH |
Phase | No Trans/Block | No of ED | Initialization | Request | Response | Matching | Updating |
---|---|---|---|---|---|---|---|
1 | 5 | 10 | 0.022 | 0.44 | 0.15 | 1.89 | 0.0022 |
2 | 10 | 10 | 0.022 | 0.61 | 0.26 | 2.56 | 0.0089 |
3 | 15 | 10 | 0.022 | 0.98 | 0.63 | 2.29 | 0.014 |
4 | 20 | 15 | 0.045 | 1.44 | 0.89 | 3.51 | 0.031 |
5 | 25 | 15 | 0.045 | 1.79 | 1.25 | 4.01 | 0.056 |
6 | 30 | 15 | 0.045 | 2.14 | 1.67 | 4.98 | 0.17 |
7 | 35 | 15 | 0.045 | 4.12 | 3.90 | 6.67 | 0.56 |
Tools/Parameter | Value/Specification |
---|---|
Mobility generation tool | VANETSIM 2.02 |
Network Simulation tool | ns-3 |
Data Rate | 1.2 GBps |
Number-of-vehicle | 200 |
Number-of-edge nodes | 40 |
Distance between two edge nodes | 150 m |
Simulation time | 100 min |
Wireless protocol | 802.11a |
Departure interval | 180 s |
RSU/Edge radius | 800 m |
mobility model | shortest path |
Range of EDM size | (1–6 GB) |
© 2019 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).
Share and Cite
Nkenyereye, L.; Adhi Tama, B.; Shahzad, M.K.; Choi, Y.-H. Secure and Blockchain-Based Emergency Driven Message Protocol for 5G Enabled Vehicular Edge Computing. Sensors 2020, 20, 154. https://doi.org/10.3390/s20010154
Nkenyereye L, Adhi Tama B, Shahzad MK, Choi Y-H. Secure and Blockchain-Based Emergency Driven Message Protocol for 5G Enabled Vehicular Edge Computing. Sensors. 2020; 20(1):154. https://doi.org/10.3390/s20010154
Chicago/Turabian StyleNkenyereye, Lewis, Bayu Adhi Tama, Muhammad K. Shahzad, and Yoon-Ho Choi. 2020. "Secure and Blockchain-Based Emergency Driven Message Protocol for 5G Enabled Vehicular Edge Computing" Sensors 20, no. 1: 154. https://doi.org/10.3390/s20010154
APA StyleNkenyereye, L., Adhi Tama, B., Shahzad, M. K., & Choi, Y.-H. (2020). Secure and Blockchain-Based Emergency Driven Message Protocol for 5G Enabled Vehicular Edge Computing. Sensors, 20(1), 154. https://doi.org/10.3390/s20010154