International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056
Volume: 11 Issue: 05 | May 2024 www.irjet.net p-ISSN: 2395-0072
Mitigating Replay Attacks in Autonomous Vehicles
Govindarajan Lakshmikanthan1, Sreejith Sreekandan Nair2
1,2 IDPro Member ***
Abstract - A new approach to secure self-driving cars from replay attacks is proposed in this paper. Traditional methods rely on timestamps or sequence numbers, but these can be manipulated by hackers. The authors suggest using "selfvalidating nonces" which are unique codes linked toa specific vehicle's data like location or sensor readings. This makes it harder for hackers to copy and resend messages. The paper explores ways to generate and use these nonces while considering limitations in V2X communication. Further research is needed to find the best way to implement this and ensure it works well with other security measures.
Keywords: V2X, replay attack, self-validating nonce, autonomous vehicle security.
1.INTRODUCTION
Vehicle-to-Everything (V2X) communication systems enable real-time data exchange between vehicles, infrastructure, and other connected entities, revolutionizing transportation networks. However, the widespreadadoptionofV2Xtechnologyhingesonrobust securitymeasurestoprotectagainstvariouscyberthreats, includingreplayattacks.
Replay attacks involve the malicious capture and retransmission of legitimate data packets, disrupting system operations and compromising safety-critical applications. Traditional countermeasures, such as timestamps and sequence numbers, have limitations in dynamicV2Xenvironmentswithintermittentconnectivity andtimesynchronizationchallenges.
Thiswhitepaperintroducestheconceptofself-validating nonces as an innovative solution for enhancing replay attackresilienceinV2Xsystems.Self-validatingnoncesare cryptographic values that inherently validate their own freshnessanduniqueness,eliminatingtheneedforexternal verification mechanisms. By seamlessly integrating selfvalidating nonces into V2X communication protocols, we can significantly mitigate the risk of replay attacks and strengthentheoverall.
2. BACKGROUND AND RELATED WORK
Replayattacksposeasignificantthreattotheintegrityand reliabilityofV2Xcommunicationsystems.Inareplayattack, anadversaryinterceptslegitimatedatapacketstransmitted betweenvehicles,infrastructure,orotherentitieswithinthe V2Xnetwork.Thesecapturedpacketsarethenmaliciously
retransmittedor"replayed"atalatertime,misleadingthe recipient into believing the replayed data is fresh and authentic.
The consequences of successful replay attacks in V2X systems can be severe, ranging from disruptions in traffic managementandrouteoptimizationtocompromisedsafetycritical applications like emergency braking or collision avoidance systems. Therefore, implementing effective countermeasures against replay attacks is crucial for ensuringthesecureandreliableoperationofV2Xnetworks.
Traditionalmethodsformitigatingreplayattacksoftenrely on the use of timestamps or sequence numbers. In a timestamp-basedapproach,eachdatapacketisassigneda uniquetimestampindicatingitsgenerationtime.Recipients can then filter out replayed packets by comparing the timestampwithapredefinedvaliditywindow.However,this method requires strict time synchronization between all nodes in the V2X network, which can be challenging to maintainindynamicanddistributedenvironments.
Sequencenumber-basedsolutions,ontheotherhand,assign monotonicallyincreasingsequencenumberstodatapackets. Recipients keep track of the latest sequence number received and reject any packets with duplicate or out-ofordersequencenumbers.Whilethisapproacheliminatesthe needfortimesynchronization,itintroducescomplexitiesin managingsequencenumberspaces,particularlyinscenarios withintermittentconnectivityorfrequentnodejoiningand leaving.
Nonce-basedsolutionshavebeenproposedasanalternative to address the limitations of timestamps and sequence numbers. A nonce (number used once) is a random or pseudo-randomvaluethatisintendedtobeusedonlyonce inacryptographiccommunication.Byincorporatingnonces intodatapackets,recipientscandetectanddiscardreplayed packetscontainingpreviouslyusednonces.
However, existing nonce-based solutions often rely on centralizedordistributednoncegenerationandverification mechanisms,introducingadditionaloverheadandpotential singlepointsoffailure.Moreover,theseexistingapproaches may fail under certain threat models, such as when adversariespossessthecapabilitytopredictormaliciously influencethenoncevaluesemployed.
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056
Volume: 11 Issue: 05 | May 2024 www.irjet.net p-ISSN: 2395-0072
3. SELF-VALIDATING NONCES: CONCEPT AND DESIGN
Self-validatingnoncesarecryptographicconstructsdesigned with intrinsic properties that allow for autonomous verification of their freshness and uniqueness,without relying on external verification mechanisms. Unlike traditionalnonces,self-validatingnoncesaredesignedtobe self-containedandself-verifiable,offeringenhancedsecurity andresilienceagainstreplayattacksinV2Xcommunication systems.
The concept of self-validating nonces is based on the principles of cryptographic hash functions and secure randomnumbergeneration.Aself-validatingnonceconsists of two components: a random seed value and a cryptographichashderivedfromthatseedvalue.
Generation Process:
a) Asecurerandomnumbergenerator(RNG)isused togeneratearandomseedvalue.
b) This random seed value is then input into a cryptographic hash function, such as SHA-256 or SHA-3,toproduceafixed-lengthhashoutput.
c) The self-validating nonce is constructed by concatenating the random seed value and the correspondinghashoutput.
Validation Process:
a) Uponreceivingaself-validatingnonce,therecipient extractstherandomseedvalueandthehashoutput components.
b) The recipient then recalculates the hash output usingthesamecryptographichashfunctionandthe extractedseedvalue.
c) Iftherecalculatedhashoutputmatchesthereceived hashoutput,theself-validatingnonceisconsidered validandfresh.
Thekeypropertiesthatmakeself-validatingnonceseffective againstreplayattacksare:
Uniqueness:
The random seed value ensures that each self-validating nonce is unique, making it impossible to replay the same noncevaluewithoutdetection.
Unpredictability:
TheuseofasecureRNGandacryptographichashfunction makes it computationally infeasible for an adversary to predictormanipulatetheself-validatingnoncevalues.
Self-validation:
The self-validating nonce can be verified locally by the recipient without requiring communication with external entities, reducing overhead and potential single points of failure.
Non-reusability:
Onceaself-validatingnoncehasbeenusedandvalidated,it cannot be reused or replayed without being immediately detectedasinvalid.
The integration of self-validating nonces into V2X communicationprotocolsinvolvesincorporatingthenonce generation and validation processes into the existing message formats and communication flows. This can be achieved by dedicating specific fields within the protocol header or payload to include the self-validating nonce component.
4. SECURITY ANALYSIS
To thoroughly analyze the security properties of selfvalidating noncestomitigatereplayattacksinV2Xsystems, we present a formal security model and assumptions, followedbyanevaluationoftheirresilienceagainstvarious potentialattacks.
4.1 Security Model and Assumptions:
Communication Model:
We consider a V2X network consisting of vehicles, infrastructure nodes (e.g., roadside units), and other connected entities. These entities exchange messages over wirelesscommunicationchannels,whicharesusceptibleto eavesdroppingandmessageinjectionbyadversaries.
Adversary Model:
We assume the presence of an active adversary with the ability to eavesdrop on communication channels, intercept andstorelegitimatemessages,andinjectreplayedormodified messages into the network. However, the adversary is computationallyboundedandcannot break theunderlying cryptographicprimitives(e.g.,cryptographichashfunctions, securerandomnumbergenerators)withinpracticaltimeand resourceconstraints.
Trust Assumptions:
WeassumethatalllegitimateentitiesintheV2Xnetworkare trustedandfollowthespecifiedprotocolsforgeneratingand validating self-validating nonces. Additionally, we assume thatthecryptographicprimitivesused(e.g.,hashfunctions, RNGs)aresecureandcorrectlyimplemented.
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056
Volume: 11 Issue: 05 | May 2024 www.irjet.net p-ISSN: 2395-0072
4.2 Resiliency against Replay Attacks:
Self-validating nonces provide robust protection against replayattacksduetotheirinherentfreshnessanduniqueness properties. Each self-validating nonce is a unique combination of a random seed value and a corresponding cryptographic hash output. Evenifanadversaryintercepts andreplaysalegitimatemessagecontainingaself-validating nonce, the recipient can detect and discard the replayed messagebyvalidatingthenonceasfollows:
a) The recipient extracts the random seed value and hash output components from the received selfvalidatingnonce.
b) Therecipientrecalculatesthehashoutputusingthe samecryptographichashfunctionandtheextracted seedvalue.
c) Iftherecalculatedhashoutputmatchesthereceived hashoutput,theself-validatingnonceisconsidered validandfresh.
d) Iftherecalculatedhashoutputdoesnotmatch,the self-validatingnonceisdeemedinvalid,indicatinga replayedormodifiedmessage.
Sinceeachself-validatingnonceisuniqueandunpredictable, anadversarycannotgenerateormodifyavalidself-validating nonce without knowledge of the secure random number generatorandcryptographichashfunctionimplementation usedbythelegitimateentities.
4.3 Resilience against Other Potential Attacks:
In addition to replay attacks, self-validating nonces can provide protection against other potential attacks in V2X systems:
Man-in-the-Middle (MitM) Attacks:
While self-validating nonces do not directly prevent MitM attacks, they can be combined with other security mechanisms, such as authentication and encryption, to mitigatetheimpactofsuchattacks.Ifanadversaryattempts to modify or inject messages with invalid self-validating nonces,recipientwilldetectanddiscardthosemessages.
Impersonation Attacks:
Self-validating nonces alone do not provide identity authentication. However, when used in conjunction with digitalsignaturesorotherauthenticationmechanisms,they cancontributetoprevent impersonationattacksbyensuring thefreshnessandintegrityoftheauthenticatedmessages.
Brute-Force Attacks:
The use of a secure random number generator and cryptographic hash function makes it computationally infeasibleforanadversarytoperformbrute-forceattacksto predict or manipulate self-validating nonce values within practicaltimeandresourceconstraints.
4.4 Performance and Overhead Evaluation:
The implementation of self-validating nonces introduces some computational overhead due to the generation and validation processes involving secure random number generation and cryptographic hash calculations. However, modern hardware and software implementations of these cryptographic primitives are highly optimized, and the overhead is generally negligible compared to the overall communicationandprocessingrequirementsofV2Xsystems.
Furthermore, self-validating nonces eliminate the need for external verification mechanisms or centralized nonce managementsystems,reducingcommunicationoverheadand potentialsinglepointoffailure.Theself-containednatureof self-validating nonces also simplifies the integration into existing V2X communication protocols, as the nonce generationandvalidationprocessescanbeperformedlocally byeachentity.
5. IMPLEMENTATION CONSIDERATION
Toeffectivelyimplement anddeployself-validatingnonces to mitigate replay attack, several practical considerations mustbeaddressedwithinthearchitecturalcomponent.
5.1 System Architecture and Components:
Secure Random Number Generator (RNG):
AcryptographicallysecureRNGisrequiredforgeneratingthe random seed values that form the basis of self-validating nonces.Thiscomponentshouldbeimplementedusingwellestablished algorithms and standards, such as the NIST RecommendationforRandomNumberGeneration.
Cryptographic Hash Function:
Asecureandstandardizedcryptographichashfunction,such as SHA-256 or SHA-3, is essential for generating the hash outputsthatcomprisetheself-validatingnonces.Thechosen hash function should provide sufficient collision resistance andpreimageresistanceproperties.
Nonce Generation Module:
This moduleisresponsibleforcombiningtherandomseed valuesandcorrespondinghashoutputstoconstructtheselfvalidating nonces. It should be integrated into the existing messagegenerationprocesseswithintheV2Xcommunication protocols.
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056
Volume: 11 Issue: 05 | May 2024 www.irjet.net p-ISSN: 2395-0072
Nonce Validation Module:
Thismodulehandlesthevalidationofreceivedself-validating noncesbyextractingthecomponents,recalculatingthehash output,andcomparingitwiththereceivedvalue.Itshouldbe integrated into the message processing and verification pipelineswithintheV2Xprotocols.
5.2 Integration with Existing V2X Standards and Protocols:
Self-validating nonces should beseamlesslyintegratedinto existing V2X communication standards and protocols to ensurebackwardcompatibilityandinteroperability.Thismay involve:
a) Definingnewmessageformatsorextendingexisting ones to include fields to carry the self-validating noncecomponents.
b) Updating protocolspecificationsanddocumentation toincorporatethenoncegenerationandvalidation processes.
c) Collaborating with standardization bodies to promote the adoption and standardization of selfvalidatingnoncesinV2Xsecurityframeworks.
5.3 Backward Compatibility and Migration Strategies:
As self-validating nonces are introduced into V2X systems, backward compatibility with legacy systems should be considered.Potentialmigrationstrategiesinclude:
Dual-mode operation:
Support both traditional replay attack mitigation methods (e.g., timestamps, sequence numbers) and self-validating noncesinparallelduringatransitionperiod.
Phased rollout:
Gradually deploy self-validating nonces in specific regions, applications, or use cases, while maintaining compatibility withlegacysystems.
Hybrid approach:
Combine self-validating nonces with existing methods, leveraging the strengths of each technique to provide enhancedsecurityduringthemigrationprocess.
5.4 Scalability and Performance Optimizations:
AsV2Xnetworksgrowinscale,scalabilityandperformance optimization forself-validatingnoncesshouldbeconsidered:
Caching and precomputation:
Implement caching mechanisms and precompute nonce componentstoreducecomputationaloverheadduringrealtimeoperations.
Hardware acceleration:
Leverage specialized hardware components, such as cryptographic accelerators or trusted execution environments, to offload computationally intensive operations.
Distributed nonce generation:
Exploredistributednoncegenerationstrategiestodistribute theworkloadacrossmultipleentitiesandimprovescalability.
Nonce reuse strategies:
Investigatecontrolledandsecurenoncereusetechniquesto optimizeresourceutilizationwhilemaintainingfreshnessand uniquenessguarantees.Throughouttheimplementationand deployment process, thorough testing, security audits, and conformanceassessmentsshouldbeconductedtoensurethe correctandsecureintegrationofself-validatingnoncesinto V2Xsystems.
6.CASE STUDIES AND REAL-WORLD APPLICATIONS
Self-validatingnonceshavenumerouspotentialapplications inV2Xcommunicationsystems,rangingfromsafety-critical scenarios to intelligent transportation management. This sectionpresentsseveralcasestudiesandreal-worldexamples toillustratethepracticalimplicationsofimplementingselfvalidatingnoncesforreplayattackresilience.
Emergency Vehicle Prioritization:
In emergency situations, such as ambulances or fire trucks respondingtoincidents,V2Xcommunicationplaysacrucial rolein providing prioritysignalingandcoordinatingtraffic flow.Replayattacksinsuchscenarioscanleadtodisastrous consequences.Byintegratingself-validatingnoncesintothe prioritysignalingprotocols,emergencyvehiclescansecurely communicatetheirpresenceandprioritystatus,ensuringthat thesignalsarefreshandcannotbereplayedbyadversaries.
Platooning and Cooperative Adaptive Cruise Control (CACC):
Platooning and CACC rely on precise coordination and synchronization between vehicles to maintain safe intervehicledistancesandoptimizefuelefficiency.Replayattacks could potentially disrupt this coordination, leading to collisions or inefficient fuel consumption. Self-validating noncescanbeincorporatedintothecommunicationprotocols usedbyplatooningandCACCsystemstoensurethefreshness
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056
Volume: 11 Issue: 05 | May 2024 www.irjet.net p-ISSN: 2395-0072
andauthenticityoftheexchangedmessages,mitigatingthe risksofreplayattacks.
Vehicle-to-Infrastructure (V2I) Communication:
V2Icommunicationenablesvehiclestointeractwithroadside units (RSUs) and infrastructure components for various purposes, such as traffic signal optimization, tolling, and navigation assistance. Replay attacks in V2I systems could leadtoincorrecttrafficmanagementdecisionsorfraudulent toll charges. By integrating self-validating nonces into V2I protocols,bothvehiclesandinfrastructurecomponentscan validatethefreshnessanduniquenessofexchangedmessages, enhancingtheoverallsecurityandreliabilityofthesystem.
Pilot Projects and Field Trials:
Several pilot projects and field trials have explored the implementation of self-validating nonces in V2X systems. Forexample, the European Union's PRESERVE project (Preparing Secure Vehicle-to-X Communication Systems) investigated the use of self-validating nonces as part of a comprehensivesecurityarchitectureforV2Xcommunication. Lessonslearnedfromthesepilotprojectsandfieldtrialscan provide valuable insights and best practices for large-scale deployments.
Real-World Deployments:
Whilestillintheearlystages,somereal-worlddeploymentsof self-validatingnoncesinV2Xsystemshavealreadybegun.For instance,certainintelligenttransportationsystems(ITS)in Japan have adopted self-validating nonces as part of their securityframeworkstoprotectagainstreplayattacks.Asthe adoptionofV2Xtechnologycontinuestogrow,theintegration ofself-validatingnoncesisexpectedtobecomeincreasingly prevalenttoensurethesecurityandreliabilityofthesecritical communication systems. These case studies and examples demonstrate the versatility and potential impact of selfvalidatingnoncesinenhancingthesecurityandresilienceof V2Xcommunicationsystemsacrossvariousapplicationsand scenarios.
7. FURTHER RESERCH DIRECTION
While self-validating nonces offer a promising solution for replayattackresilienceinV2Xsystems,thereremainseveral avenuesforfurtherresearchandexplorationtoenhancetheir effectivenessandbroadentheirapplicability.
7.1 Potential Extensions and Improvements:
Efficient Nonce Reuse Strategies:
Investigatecontrolledandsecurenoncereusetechniquesto optimizeresourceutilizationwhilemaintainingfreshnessand uniqueness guarantees. This could involve exploring time-
based or context-based nonce reuse mechanisms, enabling moreefficientlong-termoperationsinV2Xsystems.
Nonce Precomputation and Caching:
Developadvancedprecomputationandcachingstrategiesto reducethecomputationaloverheadofself-validatingnonce generationandvalidationduringreal-timeoperations.This could involve techniques such as precomputing nonce components orcaching validated nonces fora limited time window.
Distributed Nonce Generation:
Exploredistributednoncegenerationapproachestodistribute the workload across multiple entities in the V2X network. Thiscouldimprove scalabilityand resilience by eliminating potential single point of failure in centralized nonce generationsystems.
Integration with Quantum-Resistant Cryptography:
Asquantumcomputingadvances,investigatetheintegration of self-validating nonces with post-quantum cryptographic primitives, such as hash-based signatures or lattice-based cryptography,toensurelong-termsecurityagainstpotential quantumattacks.
7.2 Integration with Other Security Mechanisms: Authentication and Digital Signatures:
Combine self-validating nonces with robust authentication mechanisms, such as digital signatures or message authentication codes (MACs), to provide comprehensive protectionagainstreplayattacks,impersonation,andmessage tampering.
Privacy-Preserving Techniques:
Exploretheintegrationofself-validatingnonceswithprivacypreservingtechniques,suchaspseudonymschemesorgroup signatures, to enable secure and privacy-preserving V2X communication.
Access Control and Authorization:
Investigate the use of self-validating nonces in conjunction withaccesscontrolandauthorizationframeworkstoensure that only authorized entities can participate in V2X communicationandpreventunauthorizedaccessormessage injection.
7.3 Emerging Trends and Challenges: Autonomous Vehicles and Connected Mobility:
As autonomous vehicles and connected mobility solutions becomemoreprevalent,thesecurityrequirementsforV2X communicationwillbecomeincreasinglycritical.Evaluatethe
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056
Volume: 11 Issue: 05 | May 2024 www.irjet.net p-ISSN: 2395-0072
roleofself-validatingnoncesinsecuringautonomousvehicle operations and ensure the reliability of safety-critical applications.
Edge Computing and Fog Networking:
With the advent of edge computing and fog networking architectures in V2X systems, explore the implications and potentialadaptationsofself-validatingnoncesindistributed computing environments with limited resources and intermittentconnectivity.
Cybersecurity Threat Landscape:
Continuouslymonitorandadapttotheevolvingcybersecurity threat landscape in the transportation sector. Investigate potential new attack vectors and vulnerabilities that may arise and assess the resilience of self-validating nonces againstemergingthreats.
Collaborative efforts between transportation industry, academicresearchinstitutionandstandardizationbodywill be crucial in driving these future research directions and ensuringthecontinuousimprovement.
3. CONCLUSION:
Vehicle-to-Everything (V2X) communication system is revolutionizing the transportation industry, enabling enhanced safety, efficiency, and connectivity. However, the widespreadadoptionofthesetechnologieshingesonrobust security measures to protect against various cyber threats, including replayattacks.Replayattacksposeasignificantrisk byallowingadversariestocaptureandretransmitlegitimate datapackets,disruptingsystemoperationsandcompromising safety-criticalapplications.
Thiswhitepaperhasintroducedself-validatingnoncesasan innovativesolutionforenhancingreplayattackresiliencein V2Xsystems.Self-validating noncesarecryptographicvalues thatinherentlyvalidatetheirownfreshnessanduniqueness, eliminatingtheneedforexternalverificationmechanisms.By seamlessly integrating self-validating nonces into V2X communication protocols, wecansignificantly mitigate the risk of replay attacks and strengthen the overall security postureofthesecriticalsystems.
Thekeypropertiesthatmakeself-validatingnonceseffective againstreplayattacksaretheiruniqueness,unpredictability, self-validation,andnon-reusability.Eachself-validatingnonce is a unique combination of a random seed value and a corresponding cryptographic hash output, making it computationally infeasible for an adversary to predict or manipulatevalidnoncevalues.
Through a comprehensive security analysis, we have demonstratedtheresilienceofself-validatingnoncesagainst replay attacks and explored the potential to mitigate other
threats,suchasman-in-the-middleattacksandimpersonation attempts, when combined with additional security mechanisms.
Furthermore, this white paper has delved into practical implementation and deployment considerations, including system architecture components, integration with existing V2X standards and protocols, backward compatibility strategies, and scalability optimizations. Real-world case studiesandpilotprojectshaveillustratedtheversatilityand potentialimpactofself-validatingnoncesacrossvariousV2X applications,rangingfromemergencyvehicleprioritizationto cooperativeadaptivecruisecontrol.
Lookingahead,severalavenuesforfutureresearchhavebeen identified, including efficient nonce reuse strategies, nonce precomputation and caching techniques, distributed nonce generation approaches, and integration with quantumresistant cryptography. As the adoption of V2X technology continues togrow, theintegration ofself-validating nonces willplayacrucialroleinensuringthesecurityandreliability ofthesecriticalcommunicationsystems.Collaborativeefforts between research academic institutions, industry, and standardization bodies will be essential in driving the widespreadadoptionandcontinuousimprovement.
Inconclusion,thiswhitepaperhasprovidedacomprehensive explorationofself-validatingnonces,theirsecurityproperties, implementationconsiderations.Byembracingself-validating noncesaspartofaholisticsecuritystrategy,wecanpavethe way for secure and trustworthy V2X technologies that revolutionizetransportationandenhanceroadsafetyforall.
REFERENCES
Petit,J.,&Shladover,S.E.(2015).Potentialcyberattackson automated vehicles. IEEE Transactions on Intelligent TransportationSystems,16(2),546-556.
Bloom,G.,Alshaer,H.,Ferragut,E.M.,&Strassner,J.(2020). Combating vehicular cybersecurity threats with machine learning.IEEEVehicularTechnologyMagazine,15(2),84-93.
Shanthamallu,U.S.,Spanias,A.,Ault,C.,&Tchier,F.(2017).A briefsurveyofsecurityandprivacyinV2Xcommunication for Intelligent Transportation System. In 2017 IEEE InternationalConferenceonElectroInformationTechnology (EIT)(pp.619-625).
Boban,M.,Kousaridas,A.,Manolakis,K.,Eichinger,J.,&Xu, W.(2018).Usecases,requirements,anddesigninsightsfor 5GV2Xarchitecture.IEEEAccess,6,73229-73255.
Lyu, X., Tian, H., Jiang, L., King, A., Liu, Y., & Palomar, D. P. (2020). Security and trustworthiness in vehicular communicationsandapplications.IEEEInternetofThings Journal,7(7),6109-6128.
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056
Volume: 11 Issue: 05 | May 2024 www.irjet.net p-ISSN: 2395-0072
Petit, J., Feiri, M., & Kargl, F. (2015). Revisiting attacker model for smart vehicles. In 2015 IEEE Trustcom/BigDataSE/ISPA(Vol.1,pp.1168-1173).
Sampigethaya,K.,Poovendran,R.,Sengupta,S.,Agarwal,S., Choukir, K., & Bushnell, L. (2010). Security of vehicular communications in DSRC. IEEE Vehicular Technology Magazine,5(4),39-49.
Bellare,M.,Rogaway,P.,&Spies,T.(2010).TheFFXmodeof operation for format-preserving encryption. NIST submission,20(2),2010.
Dworkin,M.J.(2015).SHA-3standard:Permutation-based hashandextendable-outputfunctions.FederalInf.Process. Stds.(NISTFIPS)-202.
Krovetz,T.,&Rogaway,P.(2011).Thesoftwareperformance of authenticated-encryption modes. In International Conference on Fast Software Encryption (pp. 306-327). Springer,Berlin,Heidelberg.
Bißmeyer, N., Willke, T., Fries, S., Hamed, G. A., & Fisal, N. (2010). Security concept for protecting vehicle-to-vehicle communication.IEEEIntelligentVehiclesSymposium.
Haas,J.J.,Hu,Y.C.,&Laberteaux,K.P.(2011).Designand analysisofalightweightstreamcipherforsecurevehicular communications. IEEE Transactions on Intelligent TransportationSystems,13(2),638-649.
Lee,E.,Lee,E.K.,Gerla,M.,&Oh,S.Y.(2016).Vehicularcloud networking: Architecture and design principles. IEEE CommunicationsMagazine,54(2),148-155.
Checkoway,S.,Huitsing,P.,Rescorla,E.,&Boneh,D.(2011). A systematic analysis of the juniper dual EC incident. CRYPTOLOGYePrintArchive.
Hartloff,J.,Kerwien,J.,Kiefer,I.,Link,M.,&Meyer,M.(2019). Timing attacks on automotive sensor networks. IACR CryptologyePrintArchive,2019,122.
AUTHORS:
GOVINDARAJAN LAKSHMIKANTHAN. FIRST AUTHOR (M’84) – is a Cybersecurity specialist with Bachelor of Engineering in ElectronicsandCommunication.Witha remarkablecareerspanning17years,he has garnered extensive experience acrossdiverseindustriesandroles.
StartingatTCS,Govindarajanspent7yearscontributingto projectsforBritishAirways,refininghistechnicalabilities and client-centric approach. Transitioning to Fidelity as a LeadSoftwareEngineer,heledcriticalinitiativesfor4years, demonstrating not only technical expertise but also leadership acumen. His tenure as a Technical Consultant
Manager at FDEP further solidified his reputation for delivering strategic solutions, bridging the gap between technologyandbusinessobjectivesover4years.Currently, asaSeniorTechnicalManageratJPMC,hecontinuestodrive innovation and business growth through transformative initiatives.
Govindarajan's journey epitomizes a commitment to excellence,innovation,andcontinualgrowth.Hisabilityto navigate complex challenges and lead multidisciplinary teams underscores his enduring impact in the realm of technology.
SREEJITH SREEKANDAN NAIR, SECOND
AUTHOR(M’84)is anexpertinIAM,Cybersecurity,andfullstack developer with over 16 years of experienceasatechnicallead.Proficient in the design, development, and implementation of enterprise applications in the Java/J2EE environment, Sreejith exhibits his knowledge in a variety of industries, including Finance, Healthcare, and Retail. He also demonstrates proficiency in modern UI development to buildsecureandengaginguserexperiences.Hisdedication to the information technology space is evidenced by his technicalcontributions.HeisakeymemberofJPMorgan& Chase's Identity and Access Management team, where he protects user identities and provides secure access to various applications via single sign-on (SSO) technology. HavinggraduatedfromAnnaUniversitywithaMaster'sin CommunicationSystems,heregularlymakesthemostofhis broadeducationtoencouragecreativityandexcellenceinhis field, setting new benchmarks for success. His proactive commitmenttocontinuallearningandstayingcurrentwith technologicaladvancementsenhanceshisabilitytomanage difficultworkwithease,whichcontributessignificantlyto organization'sgrowthandsuccess.