Flexible, Extensible, and Efficient VANET Authentication (CMU-CyLab-08-010)

The authentication of VANET messages continues to be an important research challenge. Although much research has been conducted in the area of message authentication in wireless networks, VANETs pose unique challenges, such as real-time constraints, processing limitations, memory constraints, requirements for interoperability with existing standards, extensibility and flexibility for future requirements, etc. No currently proposed technique addresses all of these requirements. After analyzing the requirements for viable VANET authentication, we propose a modified version of TESLA, TESLA++, which provides the same computationally efficient broadcast authentication as TESLA with reduced memory requirements. To address the range of needs within VANETs we propose a new hybrid authentication mechanism, VANET Authentication using Signatures and TESLA++ (VAST), that combines the advantages of ECDSA signatures and TESLA++. ECDSA signatures provide fast authentication and non-repudiation, but are computationally expensive. TESLA++ prevents memory and computation-based Denial of Service attacks. We analyze the security of our mechanism and simulate VAST in realistic highway conditions under varying network and vehicular traffic scenarios. Simulation results show that VAST outperforms either signatures or TESLA on their own. Even under heavy loads VAST is able to authenticate 100% of the received messages within 107ms.