ESAR: Enhanced Secure Authentication and Revocation Scheme for Vehicular Ad Hoc Networks

Coruh U., Bayat O.



Vehicle Ad Hoc Network (VANET) systems that use Public Key Infrastructure (PKI) experience significant delays when checking Certificate Revocation Lists (CRLs) and performing key pair-based asymmetric cryptographic operations. This paper offers a fast and secure mechanism for revocation checking, processing, and PKI key pair updating called the Enhanced Secure Authentication and Revocation (ESAR) scheme for VANETs. The ESAR Vehicle-To-Vehicle (V2V) authentication method applies Keyed-Hash-based Message Authentication Code (H-MAC) cryptogram validation for On-Board-Unit (OBU) revocation checks instead of the CRL search. We examined the ESAR together with a similar VANET scheme and achieved better results. We selected the Expedite Message Authentication Protocol for Vehicular Ad Hoc Networks (EMAP), which, upon a review of the literature, was seen to offer fewer countermeasures to provide resistance to most attacks. In addition, we completed the missing parts of the EMAP scheme with performance improvements and we compared it with other schemes in terms of security. Our ESAR scheme includes the following improvements. (1) The unauthorized update protection of sensitive assets is handled by revocation key sender verification and revocation version validation. (2) Privacy concerns are addressed by the use of keyed trimmed H-MAC-based pseudo ID creation. (3) Reliable data transmission issues are resolved by including missing message identification tags. (4) Performance concerns are addressed by eliminating and combining network requests to offer fast security key revocation. We targeted system performance and durability and also attack resistance using anomaly detection improvements. We ran three simulations: the standard (using CRL only), the proposed (ESAR), and the existing (EMAP) methods. According to the findings of our simulation analysis, our proposed system was more efficient in terms of performance and network congestion than the other examined methods.