Assessment of attribute-based credentials for privacy-preserving road traffic services in smart cities

Pers Ubiquit Comput (2017) 21:869–891 DOI 10.1007/s00779-017-1057-6 ORIGINAL ARTICLE Assessment of attribute-based credentials for privacy-preserving road traffic services in smart cities J. M. de Fuentes1 · L. González-Manzano1 · J. Serna-Olvera2 · F. Veseli2 Received: 25 August 2016 / Accepted: 8 February 2017 / Published online: 25 July 2017 © The Author(s) 2017. This article is an open access publication Abstract Smart cities involve the provision of advanced services for road traffic users. Vehicular ad hoc networks (VANETs) are a promising communication technology in this regard. Preservation of privacy is crucial in these services to foster their acceptance. Previous approaches have mainly focused on PKI-based or ID-based cryptography. However, these works have not fully addressed the minimum information disclosure principle. Thus, questions such as how to prove that a driver is a neighbour of a given zone, without actually disclosing his identity or real address, remain unaddressed. A set of techniques, referred to as Attribute-Based Credentials (ABCs), have been proposed to address this need in traditional computation scenarios. In this paper, we explore the use of ABCs in the vehicular context. For this purpose, we focus on a set of use cases from European Telecommunications Standards Institute (ETSI) Basic Set of Applications, specially appropriate for the early development of smart cities. We assess which ABC techniques are suitable for this scenario, focusing on three representative ones—Idemix, U-Prove and VANETupdated Persiano systems. Our experimental results show that they are feasible in VANETs considering state-of-theart technologies, and that Idemix is the most promising technique for most of the considered use cases.  J. M. de Fuentes L. González-Manzano 1 Computer Security Lab (COSEC), Carlos III University of Madrid, Madrid, Spain 2 Goethe Universitat Frankfurt am Main, Frankfurt, Germany Keywords Smart cities · Attribute-Based Credential (ABC) · Privacy preservation · Vehicular networks · VANETs 1 Introduction Smart cities involve the management of different infrastructures in order to provide better services to citizens. Among these services, those intended to improve road traffic play a key role in smart cities development [3]. In order to achieve this goal, vehicular ad hoc networks (VANETs) are being developed. VANETs allow the exchange of information with vehicles around and also with the traffic manager and other service providers. In this way, VANETs enable not only traffic management but also a plethora of services to enhance citizens’ experience of travelling. In particular, the European Telecommunications Standards Institute (ETSI) has defined the Basic Set of Applications (BSA), which “can be deployed simultaneously at a targeted time (day 1) with the objective to serve societal and business objectives of private and public road transport stakeholders” [18]. Therefore, BSA is a stepping stone towards the development of smart cities. However, despite their benefits, privacy is a key concern in this facet of smart cities [22]. For example, given that vehicles will be exchanging data with other entities, path tracking becomes a feasible threat. What is more, the passive collection of data will enable the attacker to keep track of driver’s and/or vehicle’s issues (e.g. behavior, preferences, and characteristics) and their automatic analysis [17, 43, 44]. To address the privacy issue, a plethora of contributions have been proposed so far. Several approaches have mainly focused on public key cryptography based on certificates 870 [43], or ID-based (i.e. certificateless) cryptography [8]. Traditional PKI authentication systems were not designed to provide any privacy protection [22, 23]; thus, in typical PKI approaches, the use of certificates leads to unnecessarily revealing the identity of their holders as well as other privacy-sensitive attributes [24]. In a more privacypreserving way, the use of pseudonyms has been proposed. Pseudonyms are different identities to conceal the real one to unauthorized parties [7]. However, privacy threats are still possible when a pseudonym is used in scarce networks [22], where even small correlations of data could reveal sensitive information. In a smart city context, when a driver or vehicle requests a resource or service using VANET communications, the provider only needs to verify if the vehicle is authorized to access the requested issue. However, revealing more information than necessary could lead to privacy risks [48]. Thus, achieving minimum information disclosure, that is minimizing as much as possible the disclosed information (attributes in this case) to achieve a goal, is of utmost relevance. This property contributes to avoid data inference from a service provider or a collusion of them. Credential holders (e.g. drivers) must be able to disclose a subset of credential attributes without giving away their identity or other private information. In order to achieve this goal, Attribute-Based Credentials (ABCs) have been explored [45, 55]. ABCs are slowly gaining momentum, and yet a number of ABC theoretical approaches exist [13, 35, 39, 40]. Regardless of ABC benefits, few proposals have suggested applying them in the field of VANETs. [38] presents challenges and open issues regarding privacy and identity management in vehicular communication and point out ABCs as a potential solution for addressing privacy needs in generic scenarios; neither specific scenarios are discussed, nor an evaluation of ABC’s applicability or technical feasibility is introduced. Authors in [50] introduce a conceptual framework including the use of ABCs, to provide trustworthy vehicular communications, in their work, authors highlighted the need of evaluating different ABC technologies in order to assess both: the privacy features offered by each technology and their technical feasibility for VANET environments. ABCs could enable, for instance, showing that a driver is neighbour of a given zone, without actually disclosing his identity or real address. Nevertheless, developing such an application requires a theoretical and practical analysis on the suitability of each ABC technique. This would enable to take an informed decision on the best mechanism for each VANET application. To address this issue, this paper presents a feasibility analysis of ABC techniques for the vehicular context which, to the best of the authors’ knowledge, remains unaddressed. This issue has been pointed out as a research need [50] due to the complexity of these technologies [60]. Thus, Pers Ubiquit Comput (2017) 21:869–891 the goal of this paper is to analyze how these systems can be adapted to VANETs and to assess if such adaptation is feasible and useful for VANET use cases. The analysis is focused on a subset of the aforementioned BSA services in which we identify privacy issues. We consider two major ABC systems—Idemi (...truncated)