Non-infrastructure network technologies, such as for example ad-hoc networks and sensor networks, are getting popular more and more. Particularly, in the field of Intelligent Transport Systems (ITS), distributed wireless communication technologies between vehicles (V2V) or between vehicles and infrastructures (V2I) have been actively discussed worldwide, for improving road safety, traffic efficiency and comfort and/or entertainment for drivers and passengers.
A Mobile Ad-hoc NETwork (MANET) is a communication network formed by a plurality of network nodes connected via wireless communications by means of radio communication means. These radio communication means may include, but are not limited to, WLAN, Bluetooth and/or Infrared interfaces. Every network node participating in a MANET is configured to act as a client, server or relay for communications established among a set of network nodes.
The topology of a MANET is generally arbitrary and even i network node can move freely and possibly also in an unpredictable manner. Generally, the size of a MANET is kept relatively small, but the number of MANET network nodes is basically unlimited and can potentially grow without any limit.
When most of the MANET nodes are vehicles or at least mounted to vehicles such as cars or the like (under the assumption that wireless radio means are installed on the vehicle), such networks are generally referred to as Vehicular MANETs, or also VANET.
Of course, some nodes of a VANET can also be stationary nodes or substantially stationary nodes such as, e.g. nodes mounted on cross-lights, nodes mounted on roadside gateways, VANET extensors or even devices carried by pedestrians (e.g. cell phones) as quasi-stationary nodes. Position services like GPS or Galileo may be used for node tracking and position related services.
The VANET node mobility is generally constrained by specific paths such as a traffic network comprising roads and traffic intersections or the like, the topology of which may be, however, digitally available e.g. via navigation data for navigation systems.
Such vehicular communication networks, in which nodes potentially have high mobility, require advanced access control, topology maintenance, and routing procedures for supporting the data communications for those services.
One of characteristic technologies in this field is a geographical-based routing/dissemination method, in which a data message or data packet is delivered based on position information of vehicles and its destination.
The basis for many vehicular communication networks applications may be represented by periodic beacons carrying information like location, heading and speed. In order to secure beaconing, messages should be signed and/or carry a certificate to attest valid network participants.
As discussed e.g. in the article “On the Efficiency of Secure Beaconing in VANETs” by E. Schoch and F. Kargl (In; Proceedings of the third ACM conference on Wireless network security, ACM WiSec 2010, Hoboken, N.J., USA; pp. 111-116), looking at recent standardization efforts and fields tests, it becomes clear that beaconing may initially be an important aspect for upcoming C2X (car-to-car or car-to-x communication) eSafety applications.
With “beaconing” one typically refers to the periodic transmission of packets/messages containing a vehicle's position and other information as a (single-hop) link-layer broadcast to all neighboring vehicles or roadside units. Implemented in an insecure way, beaconing opens opportunities for abuse. To address these problems, many security solutions suggest to use signatures based on asymmetric cryptographic mechanisms like ECDSA together with more mechanisms. The basic strategy is to equip nodes with asymmetric cryptographic key pairs and/or certificates issued by a trusted certification authority (CA).
Then all beacons get signed using the vehicle's signature key SK and receivers verify them using the verification key V K. Signature and certificate containing V K are attached to the beacon. This mechanism introduces two significant problems: First, adding signatures and/or certificates to the beacons creates a notable protocol overhead. Even when using an ECC-based solution with comparatively small overhead, signature plus certificate require at least 150 through 160 bytes, and creating and verifying signatures causes significant computational overhead. Every sent beacon needs one signature generation and up to two verifications (signature plus certificate).
Assuming a maximum neighbor number of 200 vehicles and a beaconing rate of 10 Hz, a vehicle needs to generate 10 signatures and verify 4000 signatures per second, which exceeds the capacity of typical vehicle on-board units. As cost constraints in vehicle manufacturing are high and on-board units need to be cheap, this cannot be addressed only by using more powerful hardware.
The above article seems to propose to omit verification of certificates and/or signatures, however, the methods teach to omit verification such as to still regularly and statically verify each Nth packet message received from the other nodes. The problem is that this may still lead to high processing burden in scenarios having high densities of nodes such as e.g. in traffic jams, and it may also lead to safety concerns in case the method still only verifies any Nth packet/message in low density scenarios.
EP 2058 992 A1 and WO 2013/185997 A1 relate to algorithms in which the sequence of packet/message verification is changed based on priority, but still it is taught to verify all received packets/messages.