車載網路不僅可以提高行車安全與效率，而且也可以提供各種加值應用服務給駕駛人及乘客。近年來，有許多研究探討著車載網路上有關安全及隱私保護的議題。在本博士論文中，在車輛與基地台及車輛與車輛間二架構下，我們首先提出一基植於身分識別的批次驗證機制，當接收者收到多筆行車安全相關應用的訊息時，利用批次驗證方式來確認其訊息的正確性，會比單次一筆一筆執行訊息驗證來得更為有效率，我們提出的方法可大幅降低大量訊息驗證所花費的時間成本，從而可實現更好的可擴展性。第二部分，我們提出一安全的群體通訊機制，允許車輛於已知的一群體車輛間相互進行身分認證，確保可安全地進行通訊傳輸。當車輛透過基地台組成一群體後，在沒有基地台之介入下，車輛間可安全地進行通訊傳輸，即使車輛移動到另一基地台的區域範圍，仍然可以達到安全的通訊傳輸。在我們提出的群體通訊機制下，不但改良了過去研究方法在安全性上的問題，而且在訊息驗證的時間及傳輸成本上，仍然可以達到相對效率。第三部分，藉由可攜式憑證的概念，我們提出一安全的加值應用服務通訊機制。利用可攜式授權憑證的特性，可以免除基地台與服務提供者之間長距離的通訊傳輸問題。基地台可在本地直接進行請求者合法性的身分驗證，並確保其請求者所要求的加值應用服務是經過授權者的合法授權。總結，我們所提出的三個部分，透過廣泛的分析，可以證明這些提出的機制皆滿足安全性與隱私性的要求。

Vehicular ad hoc networks (VANET) can not only improve the traffic safety and efficiency, but also offer various value-added applications to drivers and passengers. Recently, many studies addressed security and privacy preservation issues in VANET. In this dissertation, we first propose an efficient identity-based batch verification (IBV) scheme for vehicle-to-infrastructure and inter-vehicle communications in VANET. The batch-based verification for multiple message signatures is more efficient than one-by-one single verification when the receiver has to confirm a large number of messages. The IBV scheme can dramatically decrease the time cost on verifying a large number of message signatures, which can achieve much better scalability. Next, we provide a secure group communication protocol for VANET to allow vehicles to authenticate and securely communicate with others in a group of known vehicles. Any vehicle can form a group with other vehicles and can communicate with one another securely without the intervention of roadside unit (RSU) even after moving into the region of another RSU. Finally, we propose a secure communication scheme for value-added services using the concept of portable credentials in VANET. The feature of the portable authorized credential can eliminate the backend communications between RSUs and service providers. RSUs may locally authenticate legitimate vehicles and make sure they are requesting their authorized services. Throughout extensive analyses, we can show that those schemes can achieve security and privacy requirements.

[1] Misener, J. A., “Vehicle-infrastructure integration (VII) and satety: rubber and radio meets the road in california,” Intellimotion, vol. 11, no. 2, pp. 1-3, 2005.
[2] Dedicated Short Range Communications (DSRC) Home, [Online]. Available: http://www.leearmstrong.com/dsrc/dsrchomeset.htm.
[3] Oh, H., Yae, C., Ahn, D., and Cho, H., “5.8 GHz DSRC packet communication system for ITS services,” in Proceedings of the 50th International Conference on Vehicular Technology (VTC 1999), vol. 4, pp. 2223-2227, Sept. 1999.
[4] Raya, M., and Hubaux, J. P., “Securing vehicular ad hoc networks,” Journal of Computer Security - Special Issue on Security of Ad-hoc and Sensor Network, vol. 15, no.1, pp. 39-68, 2007.
[5] Zhang, C., Lu, R., Lin, X., Ho, P. H., and Shen, X., “An efficient identity-based batch verification scheme for vehicular sensor networks,” in Proceedings of the IEEE INFOCOM’08, pp. 816-824, Apr. 2008.
[6] Hubaux, J. P., Capkun, S., and Luo, J., “The security and privacy of smart vehicles,” IEEE Security and Privacy, vol. 2, no. 3, pp. 49-55, 2004.
[7] Raya, M., and Hubaux, J. P., “Security aspects of inter-vehicle communications,” in Proceedings of the 5th Swiss Transport Research Conference, 2005.
[8] Raya, M., Papadimitratos, P., and Hubaux, J. P., “Securing vehicular communications,” IEEE Wireless Communications Magazine, Special Issue on Inter-Vehicular Communications, vol. 13, no. 5, pp. 8-15, 2006.
[9] Raya, M., Aziz, A., and Hubaux, J. P., “Efficient secure aggregation in VANETs,” in Proceedings of the 3rd ACM International Workshop on Vehicular Ad Hoc Networks (VANET’06), pp. 67-75, 2006.
[10] Lin, X., Sun, X., Ho, P. H., and Shen, X., “GSIS: A secure and privacy preserving protocol for vehicular communications,” IEEE Transaction on Vehicular Technology, vol. 56, no. 6, pp. 3442-3456, 2007.
[11] Xu, Q., Mak, T., Ko, J., and Sengupta, R., “Vehicle-to-vehicle safety messaging in DSRC,” in Proceedings of the 1st ACM International Workshop on Vehicular Ad Hoc Networks (VANET’04), pp. 19-28, Oct. 2004.
[12] Yang, X., Liu, J., Zhao, F., and Vaidya, N., “A vehicle-to-vehicle communication protocol for cooperative collision warning,” in Proceedings of the 1st International Conference on Mobile and Ubiquitous Systems: Networking and Services (MOBIQUITOUS 2004), pp. 114-123, Aug. 2004.
[13] Zhang, C., Lin, X., Lu, R., and Ho, P. H., “RAISE: An efficient RSU-aided message authentication scheme in vehicular communication networks,” in Proceedings of IEEE International Conference on Communications (ICC’08), pp. 1451-1457, Beijing, China, 2008.
[14] Sha, K., Xi, Y., Shi, W., Schwiebert, L., and Zhang, T., “Adaptive privacy preserving authentication in vehicular networks,” in Proceedings of IEEE International Workshop on Vehicle Communication and Applications, pp. 1-8, 2006.
[15] Lin, X., Lu, R., Zhang, C., Zhu, H., Ho, P. H., and Shen, X., “Security in vehicular ad hoc networks,” IEEE Communications Magazine, vol. 46, no. 4, pp. 88-95, 2008.
[16] Zhang, C., Lin, X., Lu, R., Ho, P. H., and Shen, X., “An efficient message authentication scheme for vehicular communications,” IEEE Transactions on Vehicular Technology, vol. 57, no. 6, pp. 3357-3368, 2008.
[17] Isaac, J. T., Camara, J. S., Zeadally, S., and Marquez, J. T., “A secure vehicle-to-roadside communication payment protocol in vehicular ad hoc networks,” Computer Communications, vol. 31, no. 10, pp. 2478-2484, 2008.
[18] Yousefi, S., Mousavi, M., and Fathy, M., “Vehicular ad hoc networks (VANETs): challenge and perspectives,” in Proceedings of the 6th International Conference on ITS Telecommunications, pp. 761-766, Jun. 2006.
[19] Lee, S. B., Pan, G., Park, J. S., Gerla, M., and Lu, S., “Secure incentives for commercial ad dissemination in vehicular networks,” in Proceedings of the 8th ACM International Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc’07), pp. 150-159, 2007.
[20] Ren, K., Lou, W., Kim, K., and Deng, R., “A novel privacy preserving authentication and access control scheme for pervasive computing environments,” IEEE Transactions on Vehicular Technology, vol. 55, no. 4, pp.1373-1384, 2006.
[21] MSNTV. [Online]. Available: http://www.msntv.com/, 2009.
[22] KVH industries Inc. [Online]. Available: http://www.kvh.com/, 2012.
[23] Horng, S. J., Tzeng, S. F., Pan, Y., Fan, P., Wang, X., Li, T., and Khan, M. K., “b-SPECS+: Batch verification for secure pseudonymous authentication in VANET,” IEEE Transactions on Information Forensics and Security, vol. 8, no. 11, pp. 1860-1875, 2013.
[24] Wang, N. W., Huang, Y. M., and Chen, W. M., “A novel secure communication scheme in vehicular ad hoc networks,” Computer Communication, vol. 31, no. 12, pp. 2827-2837, 2008.
[25] Wu, Q., Domingo-Ferrer, J., and Gonzalez-Nicolas, U., “Balanced trustworthiness, safety, and privacy in vehicle-to-vehicle communications,” IEEE Transactions on Vehicular Technology, vol. 59, no. 2, pp.559-573, 2010.
[26] Boneh, D., Boyen, X., and Shacham, H., “Short group signatures,” in Advances in Cryptology – CRYPTO 2004, Lecture Notes in Computer Science, vol. 3152, pp. 41-55, 2004.
[27] Chim, T. W., Yiu, S. M., Hui, L. C. K., and Li, O. K., “SPECS: Secure and privacy enhancing communications schemes for VANETs,” Ad Hoc Networks, vol. 9, no. 2, pp. 189-203, 2011.
[28] Huang, J. L., Yeh, L. Y., and Chien, H. Y., “ABAKA: An anonymous batch authenticated and key agreement scheme for value-add services in vehicular ad hoc networks,” IEEE Transactions on Vehicular Technology, vol. 60, no. 1, pp. 248-262, 2011.
[29] Li, C. T., Hwang, M. S., and Chu, Y. P., “A secure and efficient communication scheme with authenticated key establishment and privacy preserving for vehicular ad hoc networks,” Computer Communications, vol. 31, no. 12, pp. 2803-2814, 2008.
[30] Toor, Y., Muhlethaler P., and Laouiti, A., “Vehicle ad hoc networks: applications and related technical issues,” IEEE Communications Surveys & Tutorials, vol. 10, no. 3, pp. 74-88, 2008.
[31] Menezes, A., “An introduction to pairing-based cryptography,” Mathematics Subject Classification, Primary 94A60, 1991.
[32] Boneh, D., and Franklin, M., “Identity-based encryption from the Weil pairing,” in Advances in Cryptology – CRYPTO 2001, Lecture Notes in Computer Science, vol. 2139, pp. 213-229, 2001.
[33] Miyaji, A., Nakabayashi, M., and Takano, S., “New explicit conditions of elliptic curve traces for FR-reduction,” IEICE Transactions on Fundamentals, vol. E84-A, no. 5, pp. 1234-1243, 2001.
[34] Menezes, A. J., and van Oorschot, P. C., and Vanstone, S. A., “Handbook of Applied Cryptography,” CRC Press, 1996.
[35] Chaum, D., “Blind signatures for untraceable payments,” in Advances in Cryptology – CRYPTO 82, pp. 199-203, 1982.
[36] Rivest, R. L., Shamir, A., and Adleman, L., “A method for obtaining digital signatures and pubic key cryptosystems,” Communications of the ACM, vol. 21, no. 2, pp. 120-126, 1978.
[37] ElGamal, T., “A public-key cryptosystem and a signature scheme based on discrete logarithms,” IEEE Transactions on Information Theory, vol. 31, no. 4, pp. 269-472, 1985.
[38] Johnson, D., Menezes, A., and Vanstone, S., “The elliptic curve digital signature algorithm (ECDSA)”, International Journal of Information Security, vol. 1, no. 1, pp. 36-63, 2001.
[39] Lee, C. C., and Lai, Y. M., “Toward a secure batch verification with group testing for VANET,” Wireless Networks, vol. 19, no. 6, pp. 1441-1449, 2013.
[40] Zhang, C., Ho, P. H., and Tapolcai, J., “On batch verification with group testing for vehicular communications,” Wireless Networks, vol. 17, no. 8, pp. 1851-1865, 2011.
[41] Chen, L., Ng, S. L., and Wang, G., “Threshold anonymous announcement in VANETs,” IEEE Journal on Selected Areas in Communications, vol. 29, no. 3, pp. 605-615, 2011.
[42] IEEE Standard 1609.2-IEEE Trial-Use Standard for Wireless Access in Vehicular Environments - Security Services for Applications and Management Messages, Jul. 2006.
[43] Boneh, D., Lynn, B., and Shacham, H., “Short signatures from the weil pairing,” in Advances in Cryptology - ASIACRYPT 2001, Lecture Notes in Computer Science, vol. 2248, pp. 514-532, 2001.
[44] National Institute of Standards and Technology (NIST), Secure Hash Standard, FIPS PUB 180-2, 2002.
[45] Pointcheval, D., and Stern, J., “Security arguments for digital signatures and blind signatures,” Journal of Cryptography, vol. 13, no. 3, pp. 361-396, 2000.
[46] The Network Simulator-ns-2. [Online]. Available: http://nsnam.isi.edu/nsnam/index.php.
[47] Piorkowski, M., Raya, M., Lugo, A. L., Papadimitratos, P., Grossglauser, M., and Hubaux, J. P., “TraNS: Realistic joint traffic and network simulator for VANETs,” ACM SIGMOBILE Mobile Computing and Communications Review, vol. 12, no. 1, pp. 31-33, 2008.
[48] Lu, R., Lin, X., Zhu, H., Ho, P. H., and Shen, X., “A novel anonymous mutual authentication protocol with provable link-layer location privacy,” IEEE Transactions on Vehicular Technology, vol. 58, no. 3, pp. 1454-1466, 2009.
[49] Eastlake, D., and Jones, P., US Secure Hash Algorithm 1 (SHA1), IETF RFC3174, 2001.
[50] Bellare, M., Garay, J., and Rabin, T., “Fast batch verification for modular exponentiation and digital signatures,” in Advances in Cryptology – EUROCRYPT’98, Lecture Notes in Computer Science, vol. 1403, pp. 236-250, 1998.
[51] Mao, W., “Modern Cryptography: Theory and Practice,” Pearson Ptr, 2003.
[52] Bellare, M., and Rogaway P., “Random oracles are practical: a paradigm for designing efficient protocols,” in Proceedings of the 1st ACM Conference on Computer and Communication Security (CCS’93), pp. 67-73, 1993.
[53] Shim, K. A., “CPAS: An efficient conditional privacy-preserving authentication scheme for vehicular sensor networks,” IEEE Transactions on Vehicular Technology, vol. 61, no. 4, pp. 1874-1883, 2012.
[54] MIRACL Cryptographic Library: Multiprecision Integer and Rational Arithmetic C/C++ Library. [Online]. Available: http://indigo.ie/~mscott/.
[55] Boneh, D., Gentry, C., Lynn, B., and Shacham, H., “Aggregate and verifiably encrypted signatures from bilinear maps,” in Advances in Cryptology -EUROCRYPT 2003, Lecture Notes in Computer Science, vol. 2656, pp. 416-432, 2003.
[56] Yeh, L. Y., Chen, Y. C., and Huang, J. L., “PAACP: A portable privacy-preserving authentication and access control protocol in vehicular ad hoc networks,” Computer Communications, vol. 34, no. 3, pp. 447-456, 2011.
[57] Wu, W. C., and Chen, Y. M., “Cryptanalysis of a PAACP: A portable privacy-preserving authentication and access control protocol in vehicular ad hoc networks,” Applied Mathematics & Information Sciences, vol. 6, no. 2S, pp. 463-469, 2012.
[58] Chen, Y. C., and Yeh, L. Y., “An efficient authentication and access control scheme using smart cards,” in Proceedings of the 11th International Conference on Parallel and Distributed Systems (ICPADS), vol. 2, pp. 78-82, Jul. 2005.
[59] Xu, S., and Yung, M., “K-anonymous secret handshakes with reusable credentials,” in Proceedings of the 11th ACM Conference on Computer and Communications Security (CCS’04), pp. 158-167, 2004.
[60] Chang, Y. F., Chang, C. C., and Liu, Y. L., “Password authentication without the server public key,” IEICE Transactions on Communications, vol. E87-B, no. 10, pp. 3088-3091, 2004.
[61] Cramer, R., and Shoup, V., “A practical public key cryptosystem provably secure against adaptive chosen cipher attack,” in Advances in Cryptology - CRYPTO’98, Lecture Notes in Computer Science, vol. 1462, pp. 13–25, 1998.
[62] Lee, J. S., and Chang, C. C., “Secure communications for cluster-based ad hoc networks using node identities,” Journal of Network and Computer Applications, vol. 30, no. 4, pp. 1377-1396, 2007.
[63] Schneier, B., “Applied cryptography protocols algorithms and source code in C,” Second Edition, John Wiley & Sons Inc., 1996.