Forming Vehicular Web of Trust in VANET

Irshad Ahmed Sumra, Halabi Hasbullah, Iftikhar Ahmad

Computer and Information Sciences Department
Universiti Teknologi PETRONAS
Bandar Seri Iskandar
31750, Tronoh, Perak, Malaysia.
isomro28@gmail.com, halabi@petronas.com.my,
wattoohu@gmail.com

Jamalul-lail bin Ab Manan
Advanced Information Security Cluster
MIMOS Berhad
Technology Park Malaysia
Kuala Lumpur, Malaysia
jamalul.lail@mimos.my
AbstractTodays VANET applications are vastly focused
towards fulfilling users requirements on road and making their
journey safe and comfortable. In particular, safety applications
will provide secure information to users and introduce
mechanisms to help reduce the death rate due to road accidents.
The most important aspect in such environment is the integrity of
this safety information; it must be at all times prevented from
being altered by attackers. Attackers try to get benefits from the
nature of open wireless medium to launch different kind of
attacks in the network to achieve their specific goals. Current
DSRC is used as a communication medium for sending the safety
and non safety messages from vehicle to vehicle (V2V) and vehicle
to infrastructure (V2I). With the introduction of trusted
computing several years ago, Trusted Platform Module (TPM) is
a security hardware that can potentially handle the software
attacks on VANET and maintain the integrity of the data within
vehicular network. The main idea behind trusted computing is the
hardware based TPM which contains active security modules that
supports chain of trust to be built within components of the
network. We propose a new model for chain of trust within
vehicular to handle all types of attacks and maintain the integrity
of messages. Direct Anonymous Attestation (DAA) digital group
signature scheme play a key role for developing web of trust and
provides security and privacy for vehicle.
Keywords- Vehicular Ad hoc Network (VANET); Safety
Applications; Security Attackers; Trusted Platform Module
(TPM);Trust;
I. INTRODUCTION
Vehicular Ad hoc Network (VANET) applications are
broadly categorized into safety and non safety applications.
Safety applications are very important because it provides
information to users that directly relate to users and safe their
lives. Security is important issue especially in this kind of
network where altering the contents of the message would
create problem for users. The role of Dedicated Short Range
Communication (DSRC) frequency band is important for
vehicles to communicate with other vehicles and infrastructure.
Seven channels are categories into safety and non safety
channels to meet the requirements of safety and non safety
applications [1].
Confidentiality, Authentication, Availability, Privacy and
Integrity are the basic requirements [2] for safety and non
safety applications. The role of integrity is prominent in
vehicular environment and content of the message should not
alter from sender to receiver. If the content of the message is
changed then the network is no more reliable.
Vehicle is the basic entity module of the vehicular network
that starts communication. A vehicle which specifically uses
VANET services is different from other vehicles because it has
additional embedded sensors and security modules. Most of the
sensors are used for communication purposes. The major
requirement for creating a reliable safety condition on the road
is that vehicle should be trusted and these vehicles must build a
chain of trust in network. We noted that existing modules
within VANET which include Event Data Recorder (EDR) and
Temper Proof Device (TPD) are used in vehicles [3] but they
do not provide the required trusted environment that can ensure
the integrity of data flow within the network. Past research
works [4, 5, and 6] have proposed the use of TPMs for this
purpose. In this paper we explore the use of Chain of Trust in
VANET to achieve data flow integrity, and hence a safer road
environment.
The rest of the paper is divided into the following sections.
Section II is describes the concept of trust and trusted
computing in vehicular environment. Section III is based on
related work and Section IV we propose the chain of trust
model concept and discuss the digital group signature scheme
DAA. Section V concludes the paper.
II. TRUST AND TRUSTED COMPUTING
Trust is the key element of security and defined as a
system or component is one that behaves in expected manner
for particular purpose [7, 8, 9]. Considering this definition in
the context of VANET, we may define that all components of
the network (vehicles and infrastructure) are behaving in an
expected manner (trusted communication between the
components) and serve users and save human lives.
We also define Trustworthy as a system or components
of the system (vehicles and infrastructure) that behave in an
expected manner. There are two types of trust i.e. static and
dynamic trust [10]. Static trust provides evidence as a platform
is capable of behaving properly. But dynamic trust depends on
dynamic collection of different behaviors/evidences that
provide the information whether a platform is trusted or not.
Trusted Computing Group (TCG) promotes trusted computing
for the sake of information security. TPM is small tamper
evident cryptographic chip and perform all security functions
like creating and storing keys, digital signing, identity
authentication and providing algorithms for cryptographic
(RSA,SHA-1,HMAC) and last important task is to
measurement of integrity of data [11].Trusted Computing (TC)
This work is funded by Universiti Teknologi PETRONAS Postgraduate
Assistantship Scheme.
978-1-4577-0069-9/11/$26.00 2011 IEEE
is the process of enhancing security with the help of hardware
module i.e. TPM. TPM is used in vehicles and provides a
foundation of trust for software running in vehicle platform. It
protects the information from software based attacks and
physical theft. The objective of trusted computing is to collect
and provide evidences of behavior to user. The trusted
computing defines two basic properties in vehicular
environment which are given below [12, 13].
Sender who sends the messages (safety or non safety)
in vehicle to vehicle (V2V) or vehicle to
infrastructure (V2I) is accepted as a trusted entity.
The contents of the message source is not changed
during transmission, it meets the integrity
requirement.
III. RELATED WORK
Smart vehicle used many embedded hardware modules.
Trusted Platform Module (TPM) is one of the trusted
hardware modules which are used in Pc and desktop and
vehicles. G.Guette [14] described the main functionalities of
TPM in vehicular network. They discussed in detail the
security requirements and two possible application (Platoons
and Event Reporting) in vehicular network. Main problem
being highlighted was to maintain the integrity of data and
ensure secure and trusted communication between other
vehicles and also with infrastructure. The author also
discussed thread model which contain attacks such as Sybil
attack, node impersonation, sending false information and car
tracking. Three security properties were presented. They
include vehicle and it must have a unique identifier, ensuring
the integrity of the messages which must be authentic with
regards to vehicle identifier and lastly, to ensure the
trustfulness of the content of the messages that must be
verified. TPM-based solution is one of the more cost effective
one which meets all security properties and handle with
security threats.
The main communication in VANET is divided into two:
embedded sensors communicate with applications and
applications communicate with TPM for signing data
purposes. Endorsement key (EK) and Attestation identity key
(AIK) are the two main keys that are used for signing and
attestation purposes. Trusted application performs two types
of communication, communication with sensors and with
TPM. This type of communication is called inside
communication and its purpose is to sign and keep the data
safe in secure location. Trusted Application also
communicates with application of the other vehicle using
parameters such as Position, Signature and Credential.
In [15], the author proposed TPM based security architecture
to solve the issues of security and privacy for successful
deployment of VANET technology. The main focus point is
management of cryptographic keys to provide security and
anonymity of vehicles communications. The proposed solution
is based on several cryptographic key pairs and it is pre-loaded
in a vehicle during manufacturing. The authors discuss some
key design constraints of the solution which are given below:
It provides the anonymity of inter-vehicular
communication particularly and avoids the use of
same cryptographic pseudonym for long period of
time.
An authorized administrator provides the entity of
possibility to revoke the anonymity of a given
message.
It uses native TPM security mechanism.
It has the possibility to downgrade the standard
operation if an entity does not operate correctly.
Authors mentioned some physical element and some other
entities which are involved in proposed solution. TPM,
memory stick and on-line server for the PCA are some of the
physical elements of the proposed solution and Vehicle
manufacturers, driver and mechanic, administration and PCA
are entities used in it. An advantage of this proposed solution is
that there is no need for infrastructure (RSU) along the road.
Memory stacks replace the place of infrastructure (PCA) and
store data about sensors and TPM keys. However, the solution
is quite less practical because keys are preloaded in the vehicle
during the construction phase and memory sticks are used to
renew the certified keys to be used by the proposed protocol.
Software stack is used to protect and store data in shielded
locations.
Inter-vehicle communication uses TPM keys for signing the
messages, which means that only trusted vehicles can
communicate. If one vehicle application sends request to the
other vehicle it must first be signed using TPM keys. The
other vehicle receives this message and verifies its certificates
and signature. Vehicle to infrastructure communication also
uses TPM keys to ensure a trusted communication. AVISPA
and SPAN two security protocol simulator are used for
simulation purposes and prove two properties of protocol.
Session key shared by TPM and the PCA remains
secret.
Exchanged of AiK between the TPM and the PCA
through the memory stick remains secret, until their
first use in an inter-vehicular message.
Stumpf et. al [16] presented a multi-layered security protocol
that allows a vehicle to receive certificates which are used for
transferring messages (traffic safety). Secure Revocable
Anonymous Authenticated Inter-Vehicle Communication
(SRAAC) proposed security and privacy protocol and this
protocol combines with different types of signature schemes.
Authentication Authority (AA), On-Board-Units (OBU) which
are part of the vehicles and the Inter-Vehicle Communication
Certificate Servers (ICS) are the three main entities of SRAAC
an infrastructure. While the TPM is only able to generate RSA
signatures and SRAAC protocol uses the Digital Signature
Standard (DSS). Authors also introduce the faster and smaller
cryptographic schemes to the TPM and that is probably
needed to use it in the vehicular environment. Authors
evaluate possible attacks (Arbitrary Validity Time, OBU
Collusion Attack and Injecting False Safety Messages) on
safety messages and as well as possible attacks on proposed
protocol SRAAC.
IV. PROPOSED CHAIN OF TRUST MODEL
In the proposed Vehicular Web of TRUST (VWT)
environment the each vehicle possess a Trust Module with a
TPM inside it. Whenever vehicles start communication, first
Trust Platform Module (TPM) measures the trust condition of
the vehicle platform, also known as internal trust and then
passes trusted information to TPMs of other vehicles. In
concept, Vehicle Web of Trust is built on a web of many Trust
Modules. The VWT is able to convey life critical information
in a more secure and trusted manner.


Figure 1. Propose Vehicular Web of TRUST
Levels of TRUST
In our proposed Vehicular Web of Trust model, there are
different levels of trusts.
1. Trust between TPMs and Vehicle Sensors
2. Trusted Medium (DSRC)
3. Trust between Vehicle to Vehicle (V2V)
4. Trust between Vehicle to Infrastructure (V2I)

1. Trust between TPM and Vehicle Sensors
At first level TPM communicates with other TPMs of other
vehicles. The vehicle TPM wants to make sure those specific
sensors within the vehicle communicates securely. Trusted
vehicles are different from normal vehicles because of their
functional components such as many types of embedded
sensors and processing units inside these vehicles and its
communication abilities. Global Position System (GPS), Radar
Systems (RSs) and Communication Facility (CF) are these
modules which are used inside the vehicle. It is the
responsibility of TPM to communicate with these modules and
to build the web of trust within the trusted vehicles.
Sensor Hardware
On Board
Unit (OBU)
Software Application
Sensor Hardware
On Board
Unit (OBU)
Software Application
Trusted Platform Module(TPM)

Figure 2. Chain of trust from sensor to OBU and OBU to sensors
2. Trusted Medium (DSRC)
At the second level, the role of the channel medium is
important, dedicated short range communication (DSRC)
frequency band is used for all types of communication in
VANET. DSRC provides multiple channels and its
transmission ranges from 5.850 to 5.925 GHz. DSRC are
divided into seven channels and each channel range is 10 MHz.
Every vehicle in the network receives messages from other
vehicles or from infrastructure. A secure and trusted content of
message is the major concern of the users. The attackers will
try hard to change the contents of the message and break the
trust between the vehicles. When users receive any information
(safety or non safety) from other vehicles or from infrastructure
it must be trusted because user reacts according to the message.
To establish the trust, we must provide secure and trusted
channel (Trusted Medium) between the users in network.
Whenever attackers launch any type of attack then we have the
option of using others channels. Attackers will also use these
channels and insert their false information to the network and
create problems for legitimate users. Message exchange from
vehicle to vehicle and vehicle to infrastructure should be
reliable, accurate and confidential and this will be happened in
the presence of secure communication medium. C. Laurendeau
[17] explained the security threats in DSRC/wireless access in
vehicular environment (WAVE).
3. Trust between Vehicle to Vehicle (Direct Trust)
Peer to Peer (P2P) communication between vehicles in the
network and develop the trust and web of trust is also called the
Direct Trust. When users receive any message (Safety or Non
Safety) from other vehicles or infrastructure, it should be
trusted because users react according to the message. To
establish the trust, it is required to provide trust between the
users in V2V and V2I communication. The attackers try to
change the contents of the message and break the trust between
the vehicles.
At third level is to build the trust with other vehicles as
shown in Figure 3 which shows the Direct Trust in the
network. Third level chain depends on the first and second
level chain. For example, a trusted vehicle A communicates
and does mutual attestation with vehicle B. Now that vehicle B
becomes trusted and it does mutual attestation with vehicle C
and so on. Finally peer to peer trust between vehicles makes a
web of trust in the network.
A B
E D
C

Figure 3. Vehicular Web of TRUST (VWT)
4.Trust between Vehicle to RSU (Indirect Trust)
The objective of trusted infrastructure is to ensure the
availability of the network and provide secure communication
in the network. We can extend the web of trust from vehicle to
infrastructure so that availability is ensured. The role of
infrastructure is important to verify the vehicles and provide
information related to safety and non safety applications. It is
necessary for a vehicle to have TPM so that it communicates
with the infrastructure and to build the trust with it. Road Side
Unit (RSU), Cellular network; WiMAX and WiFi are some
examples of infrastructure.
Figure 4 explains the indirect trust between the vehicles to
infrastructure. Vehicle A has done mutual attestation with
RSU (infrastructure) and which then do mutual attestation
with vehicle E in the network. In doing so, vehicle E is
making trust indirectly via the infrastructure and establishes
trust with vehicle E. Hence, another kind of trust in
infrastructure has been established from vehicle E to
Infrastructure.
RSU
A B
D
E
C

Figure 4. Infrastructure Web of TRUST (IWT)
Accessibility and availability of network are directly related
with the users trust level. WiMAX and Cellular can also be
utilized as part of Vehicle infrastructure. If a user wants to
communicate with infrastructure for sending/receiving the
information is hampered by an attack to the VANET
infrastructure, we can switch to other communication channels
such as WiMAX and Cellular. If channel jamming (Denial of
Service attack) [18] happens, and the network is not available
due to any attack then users trust is seriously affected.
Direct Anonymous Attestation (DAA)
TPM functionalities are used to provide security and it is used
inside the vehicle. Privacy Certification Authority (PCA) is
trusted third party and its purpose is to issue the certificate for
AIK and verify the AIK which are used in different types of
applications in the network. Guette and Heen [15] proposed
the memory stick (USB) for saving AIK certificates. So we are
proposing the Direct Anonymous Attestation (DAA) scheme
for achieving the vehicular web of trust. DAA is a digital
group signature scheme and it was originated by Brickell,
Camenisch and Chen [19]. It provides the facility to a third
party to validate the TPM, and check whether the user
platform is genuine. In VANET environment, DAA can be
considered for attesting a vehicle platform, and at the same
time protecting the privacy of the user. Using of DAA we can
develop the four level of trust in vehicular communication.
DAA is combination of three modules with unique features.
Direct mean without any trusted third party provide proof.
Privacy Certificate Authority (PCA) is also one of the
protocol that is used in TPM v.1.1 and problem with PCA
is it is require for each authentication and without
involvement of the PCA authentication task could not
possible. In vehicular network environment authentication
is very difficult task by using PCA. Due to high mobility
vehicle and dynamic topology of the network, we could
not reply third party for authentication of the vehicle.
Anonymous describe that user privacy do not disclose and
vehicular network peoples are more concern about their
privacy while sending and receiving messages.
Attestation is to verify membership claim from TPM.
Attestation is the system ability to confirm the integrity of
the certain types of information. Purpose of attestation is
to ensure that software running in vehicle or any other
information of sensors has not been changed in unintended
manner. If malicious program alter the sorted information
or applications then changes should be detected quickly
[12]. Trusted Computing Group was adopted DAA as a
method for remote anonymous authentication for Trusted
Platform Module (TPM). This is suitable protocol in
vehicular network.
Types of Attestations
Here some of the types of attestation are given below [10].
Attestation by TPM: it provides the proof of data
that only known to TPM.
Attestation to Platform: it provides proof that
platform can be trusted to integrity metrics by using of
platform credentials.
Attestation of the Platform: it provides the proof of
set of platforms integrity measurements.
For the platform attestation TCG provide embedded
endorsement key (EK) to prove that particular TPM is genuine
[20].EK is not show the platform identity and attestation
identity key (AIK) is describe the identity of the platform and
also attest the properties of that platform [21]. Figure 5
explains the working of DAA by using of two TPM keys
(Endorsement Key (EK) and Attestation Identity Key (AIK)).
AIK is a TPM key that is used for attestation of current
platform and its configuration. AIK sign the applications and
these applications communicating with other vehicle (V2V)
and also with infrastructure (RSU). AIK is also used as an
alias for the endorsement key (EK). AIK is generated by the
owner of TPM and it is non-migratable singing key. Multiple
AIK can be generated by TPM. So using of DAA protocol our
communication will be secured and data integrity (contents of
the message and time value) is maintained.

Figure 5. DAA Communicating with other vehicle and RSU
Digital Group signature scheme has the following
properties:
It is provided the facility to other third party to validate
the TPM, check the user platform is genuine where
TPM is resided. In VANET environment third party
easily identify about any vehicle that these user have
genuine platform or rogue TPM. At the manufacture
time TPM is embedded into the vehicle and later
attacker can physically change the TPM so DAA
mechanism can find out this kind of problem.
Police authority or car manufactures can validate the
TPM without revealing the identity of the user. This is
one of the benefits of this scheme.
Time saving of communication with trusted third party
(TTP) for authentication of the vehicles.
Secure communication between the vehicles in the
networks by using if DAA scheme. Its not easy for
attackers to get the signature and modified the messages.
Identical users platform makes different transactions
using of different kind of AIKs and it is not link
together. Even one vehicle creates multiple AIKs for
signing different applications.
These are following main four entities which are involved
in DAA scheme; figure 6 show all entities of DAA scheme.
1. DAA issuer: this is first entity of DAA scheme
and mostly it could be TPM manufacturer
2. TPM: it is security chip that generates DAA
signature in DAA process mechanism.
3. Host: Host is a typically platform where TPM
reside it and assist in join and sign process.
TPM have very little capacity for storage and
computation, so we involve host to solve the
problem of computation and storage.
4. DAA verifier: It could be any external partner
how verifies the DAA Signature.
Now we discuss the process mechanism (join, sign and
verifier) protocols [19], [22], [23], [24], [25], [26] for
generation the DAA signature. Figure 6 explain the internal
DAA process mechanism.
EK
DAA
User Sign
Verify
Join
TPM
issuer
Discrete
Algorithm
(ZKP)

Figure 6. Process Mechanism of DAA Scheme
Join Protocol
The purpose of this Protocol to allow the user platform to
obtain a DAA certificate from DAA issuer. This certificate is
use to provide prove to other parties that the user platform is
trusted. DAA issuer has ability to generate anonymous
certificates and its role is similar to certificate authority (CA).
It is manufacturer of TPM how creates DAA certificate issue.
This protocol runs between the issuer and User and TPM.
Endorsement key (EK) play his role as an authentic channel
between the TPM and issuer.
User authenticate himself to based on Endorsement key
(EK) of vehicle TPM. TPM manufacture play a role of CA
and user use the public part of Endorsement key (EK) which is
called the attestation identity key (AIK). Now DAA issuer
issues the certificate by using the following mechanism.
DAA issuer generate public key and value of the key we can
assume are (n,X,Y,Z)
N = pq p and q large prime no.
X,Y,Z Z
n
Random generated values
User of the vehicle perform two task first they generate a
secret key (S) and compute the value A = X
s
,Y
t1
mod n and
second task is to compute the value B
I
=
s
I
mod


I
identity
of the issuer large prime number.
User sends the values of A and B to the DAA issuer and
convinces the issuer that the value of A and B are correctly
form by using of the discrete algorithm (Zero-knowledge proof
of knowledge).
When DAA issuer receive the value of A and B
I
and check
it properly if it is convince with it then it will sign the message
by computing the H = (Y/AX
t2
)
1/e
mod m and after all process
DAA issuer send (H,e,t) to user and proves that H is generated
correctly.
Signing Protocol
DAA signer is combination of TPM and user and they work
together. TPM generates DAA signature and it is part of user.
Due to limited capacity for computation and storage of TPM,
user is involved for join and signing process. Purpose of this
protocol is to allow the user to authenticate the message on the
base of signature. User and verifier perform this task using with
DAA certificate. Singing protocol works in the following way.
Message could be safety or non safety message user signs the
message M with secret key (s) and DAA Certificate (H, e, t),
(t= t1 + t2). User computes the value of B
v
and also generates
the Signature .
B
v
=
s

mod
Verifier Protocol
DAA Verifier could be any external service provider and
task of verifier is to verify the DAA Signature. Verifier first
verifies the signature and if signature is valid then checks the
DAA certificate that is created by valid TPM. User obtains the
DAA certificate by using of join and sign protocols and now
user is ready to generate AIKs as possible as and sign the
safety and non safety messages. Join and sign process only
performed once and after this no need to repeat it for signing
the messages.
V. CONCLUSION AND FUTURE WORK
Reducing death rate and avoiding congestion on roads is
key objective of vehicular network. Security and trust are
becoming increasingly key challenges in vehicular network.
The main idea behind trusted computing is the hardware based
TPM which contains active security modules that supports
chain of trust to be built within components of the network. In
this paper we present a new model for chain of trust within
vehicular to handle all types of attacks and maintain the
integrity of safety messages. DAA scheme develop the chain of
trust and also to solve the problem of privacy of users while
communicating with other vehicles or with RSU.
REFERENCES
[1] D. Jiang, V. Taliwal, A. Meier,W. Holfelder,R. HerrtwichDesign of 5.9
GHz DSRC-based vehicular safety communication Wireless
Communications IEEE Vol. 13, No. 5. (2006), pp. 36-43.
[2] H. Hartenstein,Kenneth P.Laberteaux, Toyota Technical Center. A
Tutorial Survey on Vehicular Ad Hoc NetworksIEEE Communication
Magazine, June 2008.
[3] J.P.Hubaux,S.Capkun,J.Luo The Security and Privacy of Smart
Vehicles Published by the IEEE Computer Society.May/June 2004.
[4] G. Guett, C. Bryce, Using TPMs to Secure Vehicular Ad-Hoc
Networks (VANETs) IFIP 2008, WISTP 2008, LNCS 5019, pp.106-
116.
[5] A. Stampoulis, Z. Chai A Survey of Security in Vehicular Networks
[6] M. Raya,J. Pierre, Hubaux,Securing vehicular ad hoc Networks
Journal of Computer Security,vol.15,Issue no.1 January 2007, pp: 39-68.
[7] R.Anderson,Cryptography and competition policy-issue with trusted
computing,proceedings of PODC03,july 13-16,boston,MA,pp.3-
10,ACM press 2003.
[8] B.Balacheff,L.Chen,S.Pearson,D.Plaquin and G.Proudler.In
S.Pearson,ed.,Trusted computing platform:TCPA technology in
context.Prentice Hall PTR,Upper saddle river,NJ,2003.
[9] A. Reza Sadeghi,Trusted Computing-Special Aspects and
challenges,Lecture Notes Horst-Gortz-Institute(HGI) for IT-
Security,Ruha-University Bochum, Germany.2007.
[10] E.Gallery,An overview of trusted computing technology,Trusted
Computing,chapter No.3,pp.31-32.IEE professional application of
computing series 6.
[11] Trusted Platform Module Basics Using TPM in Embedded Systems by
Steven Kinney Chapter No.03 Overview of the TPM Architecture,pp.26.
[12] D.Kallath,Trust in trusted computing-the end of security as we know
itBT security Research Centre.
[13] H. Hartenstein,Kenneth P.Laberteaux, Toyota Technical Center. A
Tutorial Survey on Vehicular Ad Hoc NetworksIEEE Communication
Magazine, June 2008.
[14] G. Guett, C. Bryce, Using TPMs to Secure Vehicular Ad-Hoc
Networks (VANETs) IFIP 2008, WISTP 2008, LNCS 5019, pp.106-
116.
[15] G.Guette and O.Heen,A TPM-based Architecture for improved secuirty
and Anonoymity in vehicular ad hoc networks,IRIS France.
[16] F. Stumpf, L. Fischer and C.Eckert, Trust, Security and Privacy in
VANETs Multilayered Security Architecture for C2C-Communication,
Automotive Security, pp. 55-70,Wolfsburg, Germany, VDI-Verlag, 200.
[17] C. Laurendeau,M. Barbeau,Theat to security in DSRC/WAVE, 5th
International Conference on Ad Hoc Networks and Wireless (ADHOC-
NOW).LNCS 4104, pp.226-279, 2006.
[18] M. Raya,J. Pierre,Hubaux,The Security of vehicular ad hoc Networks
SASN05,November 07,2005,Alexandria,Virginia USA.
[19] E. Brickell, J. Camenisch, and L. Chen: "Direct Anonymous Attestation"
In Proceedings of 11th ACM Conference on Computer and
Communications Security, ACM Press, 2004.
[20] A. Reza Sadeghi,Trusted Computing-Special Aspects and
challenges,Lecture Notes Horst-Gortz-Institute(HGI) for IT-
Security,Ruha-University Bochum, Germany 2007.
[21] M. Strasser, H. Stamer, A Software-Based Trusted Platform Module
Emulator, TRUST 2008, LNCS 4968, pp. 33-47, Springer Berlin.
[22] E. Brickell, J. Camenisch, and L. Chen,The DAA scheme in context
Trusted Computing,chapter no.5,pp.143. IEE professional application of
computing series 6.
[23] M.Strasser,A Software-Based TPM Emulator for Linux, Semester
Thesis, Department computer Science Swiss Federal Institute of
Technology Zurich, 2004.
[24] H.Ge,S.R.Tate,A Direct Anonymous Attestation scheme for embedded
devices,LNCS 4450,pp.16-30,2007.
[25] K.Dietrich,Anonymous client Authentication for transport layer
security,LNCS 6109,pp.268-280,2010.
[26] L.Chen,A DAA scheme requiring less TPM resources Inscrypt'09
Proceedings of the 5th international conference on Information security
and cryptology.