近年來，隨著行動隨意網路的快速發展與演變，汽車隨意網路(Vehicular ad hoc networks)已成為行動隨意網路中最具吸引力的應用之一。然而，由於汽車隨意網路中，節點自我集結與高速移動的特性，以及非集中式的網路拓樸架構，在諸多安全威脅議題尚未解決的前提下，如何提供一套有效率的安全通訊機制，實為重大的挑戰。
本研究藉由深入分析兩篇知名的國際期刊論文之安全度與效能評估，並發現此兩篇論文當中的金鑰協議協定（Key agreement protocol）無法抵抗已選擇協定攻擊(Chosen protocol attack)，更甚之，舉凡竊取金鑰假冒合法身份 (Key-compromise impersonation)與使用者誤認分享金鑰(Unknown key-share)等在金鑰協議協定研究中扮演重要角色的安全特性也都無法具備。在協定流程的安全分析中，本研究針對協定的流程瑕疵給予適當的修改建議與因應對策，此外，根據效能評估的數據顯示，安全傳輸策略的採用將取決於資料傳輸時的節點個數。

As VANETs (Vehicular Ad Hoc NETworks) promptly becomes one of the most promising applications in MANETs (Mobile Ad hoc NETworks), the nature of the data security vulnerability and privacy invasion of VANETs are also concerned by the individuals and organizations at the same time. Due to the self-organizing and decentralized topology, and high-speed movement characteristics, how to provide an efficient and secure communication scheme for VANETs is still an ongoing effort while many open security issues are still unsolved. In this study, we analyze the security and performance that two famous published communication schemes proposed by Raya & Hubaux (2007) and Wang et al (2008) on VANETs. From the security analysis, we point out that these two schemes are insecure against chosen protocol attack and key-compromise impersonation attack, and cannot achieve unknown key-share properties. We propose countermeasures for security enhancement. In addition, we further investigate the robustness and efficiency of these two communication schemes. According to the performance evaluation, we make suggestions for efficiency improvement of secure communication scheme on VANETs.

指導教授推薦書II
碩士學位考試委員會審定書III
中文摘要IV
ABSTRACTV
誌謝VI
CONTENTSVII
LIST OF TABLESVIII
LIST OF FIGURESIX
CHAPTER 1. INTRODUCTION1
CHAPTER 2. RELATED WORK4
CHAPTER 3. SECURITY ANALYSIS OF TWO RECENTLY COMMUNICATION SCHEMES ON VANETS6
CHAPTER 4. COUNTERMEASURE13
CHAPTER 5. THEORETICAL PERFORMANCE EVALUATION TO TARGETED COMMUNICATION SCHEMES WITH DIFFERENT COMBINATION OF ENCRYPTION OPERATIONS15
CHAPTER 6. CONCLUSION27
REFERENCES28

[1]N.W. Wang, Y.M. Huang, and W.M. Chen, “A novel secure communication scheme in vehicular ad hoc networks,” Computer Communications (In press), Available online, 2008.
[2]M. Raya, and J. P. Hubaux, “Securing vehicular ad hoc networks,” Journal of Computer Security, Vol. 15, Pages: 39-68, 2007.
[3]J. Kelsey, B. Schneier, and D. Wagner, “Protocol Interactions and the Chosen Protocol Attack,” In Proceeding of the 5th International Workshop on Security Protocols, Vol. 1361 of LNCS, Pages: 91-104, 1997.
[4]W. Diffie, and M. Hellman, “New directions in cryptography,” IEEE Transactions on Information Theory, 1976.
[5]S. Blake-Wilson and A. Menezes, “Authenticated Diffie-Hellman Key Agreement Protocols,” In Proceeding of the 5th Annual Workshop on Selected Areas in Cryptography, Vol. 1556 of LNCS, pages: 339-361, 1998.
[6]M. Raya, and J.P. Hubaux, “The security of vehicular ad hoc networks,” In Proceeding of SASN’05, pages: 11-21, 2005.
[7]F. Dotzer, F. Kohlmayer, T. Kosch, and M. Strassberger, “Secure Communication for Intersection Assistance,” In proceeding of the 2nd International Workshop on Intelligent Transportation, March 15-16, 2005.
[8]C. Laurendeau and M. Barbeau, “Secure Anoymous Broadcasting in Vehicular Networks,” IEEE Conference on Local Computer Networks, 2007.
[9]IEEE Vehicular Technology Society, “5.9 GHz Dedicated Short Range Communications (DSRC) – Overview,” [online] available: http://grouper.ieee.org/groups/scc32/dsrc/
[10]IEEE 802 Committee of the IEEE Computer Society: Draft Amendment to Standard for Information Technology -Telecommunications and information Exchange between Systems - LAN/MAN Specific Requirements-Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications: Wireless Access in Vehicular Environments (WAVE). Draft IEEE Standard, IEEE P802.11p/D1.1, January 2005.
[11]SCC32 Committee of the IEEE Intelligent Transportation Systems Society: Draft Standard for Wireless Access in Vehicular Environments-Security Services for Applications and Management Messages. Draft IEEE Standard, IEEE 1609.2/D1.3, October 2005.
[12]SCC32 Committee of the IEEE Intelligent Transportation System Society: Wireless Access in Vehicular Environments (WAVE) Multi-Channel Operation. Draft IEEE Standard, IEEE p1609.2/D1.3, October 2005.
[13]C. Laurendeau and M. Barbeau, “Threats to Security in DSRC/WAVE,” In Proceedings of the 5th International Conference on Ad Hoc Networks andWireless. Vol 4104 of LNCS, 2006.
[14]M. Gerlach, A. Festag, T. Leinmuller, G. Goldacker, and C. Harsch, “Security architecture for vehicular communication,” In Proceeding of WIT’05, Hamburg, Germany, 2005.
[15]P. Papadimitratos, V. Gligor, and J. P. Hubaux, “Securing Vehicular Communications - Assumptions, Requirements, and Principles,” In Proceedings of 4th Workshop on Embedded Security in Cars, 2006.
[16]X. Yang, J. Liu, F. Zhao and N. Vaidya, “A Vehicle-to-Vehicle Communication Protocol for Cooperative Collision Warning,” Technical Report, University of Illinois at Urbana-Champaign, Dec. 2003.
[17]C. Adler and M. Strassberger, “Putting Together the Pieces- A Comprehensive View on Cooperative Local Danger Warning,” In Proceedings the 13th ITS World Congress and Exhibition on Intelligent Transport Systems and Services, London, UK, 2006.
[18]B. Parno and A. Perrig, “Challenges in Securing Vehicular Networks,” In Proceeding of the Workshop on Hot Topics in Networks, 2005.
[19]J.P. Hubaux, S. Capkun, and J. Luo, “The security and privacy of smart vehicles,” IEEE Security and Privacy, pages: 49–55, 2004.
[20]M. Juhong, H Jihun, Y Sangki, K Lnhye, and K Hyogon,” Secure Vehicular Communication for Safety Applications - A Measurement Study,” In Proceeding of the IEEE Vehicular Technology Conference, 2008.
[21]M. Raya, P. Papadimitratos, and J. P. Hubaux, “Securing Vehicular Communications,” IEEE Wireless Communications Magazine, 2006.
[22]JT Isaac, JS Camara, S Zeadally, and JT Marquez, “A secure vehicle-to-roadside communication payment protocol in vehicular ad hoc networks,” - Computer Communications, 2008.
[23]J. Zhang, W. Zou, D. Chen, and Y. Wang, “On the security of a digital signature with message recovery using self-certified public key,” Informatica (Slovenia), Vol.29, No 3, pages: 343–346, 2005.
[24]E. Barker, W. Barker, W. Burr, W. Polk, and M. Smid, “Recommendation for Key Management – Part 1: General(Revised) NIST Special Publication 800-57”, May, 2006.
[25]Wei Dai, “Crypto++ Library 5.5.2.” online available: http://www.cryptopp.com/
[26]FIPS PUB 186-2, “Digital Signature Standard (DSS),” National Institute for Standard.
[27]W. Ren, Y. Kim, J.Y. Jo, M. Yang and Y. Jiang, “dsRF: ID-based Secure Routing Framework for Wireless Ad-Hoc Networks,” In Proceeding of 4th International Conference on Information Technology, Pages: 102-110, 2007.