Proposal and Verification of Function-based Security Protocol for Vehicular Communication System

) communication but also IoT (Internet of Things) technology has emerged against the backdrop of evolving ICT industry, drawing much attention in all fields including auto industry. Being first adopted in such fields as factories, logistics, meteorology, environment, defense and agriculture and stockbreeding, M2M systems enable devices to communicate automatically with one another and to operate in response to varying conditions. As for vehicles, M2M technology is applied to interactions between internal and external vehicular devices, between vehicles, between vehicles and traffic systems and between vehicles and peripheral devices. Yet, wireless communication systems are prone to hacking attacks in transmission sections. Thus, any attacks on vehicles’ brakes, multiple control systems and engine control parts will put passengers and safety at risk. In this context, many researchers explore the security measures for inter-device communication. This paper designed a protocol for safe communication between vehicular devices using hash function and complex mathematical formulae, and tested it with Casper/FDR, a formal verification tool for protocols. The proposed protocol proved to guard against diverse attacks and to be effectively applicable in practice.


Introduction
In addition to the concept of device-to-device and machine-to-machine communication as well as virtual interactions with information, IoT (Internet of Things) incorporates general communication where all products support embedded systems including electronic appliances and smartphones.Particularly, as inter-device automatic communication without human intervention, M2M (Machine-to-Machine) communication is widely investigated 1,2 .M2M technology is extensively applied across industries that hardly allow manual inspection and operation, e.g. military surveillance, agriculture and stockbreeding, meteorological observation, safety, environment, vehicles and factory automation 3,4 .Regarding vehicles, research is undertaken on automatic operation without human intervention in vehicle-tovehicle, vehicle-to-device, vehicle-to-thing and deviceto-device communication.Still, the wireless section for inter-device communication is potentially vulnerable to hacking attacks from intruders 5 .In case hackers tamper with the communication system between things and vehicles, they can control brakes, steering systems and engines, threatening people's lives.Hence, meeting security requirements is a significant issue, and many researchers inquire into the security in wireless communication sections.Mostly, however, previous studies were focused on theorem proving, ending up with complications unforeseen in the design process.Some protocols turned and CASPER/FDR.Chapter 3 proposes an authentication protocol and describes its operation before experimentally testing it with Casper/FDR.Chapter 4 verifies the safety of the protocol.Finally, Chapter 5 presents the conclusion.

Literature Review
The following are the prerequisites for security in wireless communication 9,10  The template is used to format your paper and style the text.All margins, column widths, line spaces, and text fonts are prescribed; please do not alter them.You may note peculiarities.For example, the head margin in this template measures proportionately more than is customary.This measurement and others are deliberate, using specifications that anticipate your paper as one part of the entire proceedings, and not as an independent document.Please do not revise any of the current designations.

CASTER/FDR
Casper (Compiler for the Analysis of Security Protocols) is a compiler developed to facilitate the process of designing a protocol based on CSP (Communication Sequential Process) 11 .To design a protocol, types of variables and functions, initial states of communication agents, sequence of exchanging messages between agents, security attributes of interest, real data types and names need be declared.Then, functions used in the protocol, representation of initial states of communication agents, and intruders' initial states need be designed 12 .When the program is run, it automatically performs the conversion to a CSP document.The FDR (Failure Divergence Refinements) program tests the converted document in terms of whether it meets the security and authentication attributes.The FDR verifies the safety, deadlock and livelock of a protocol and facilitates the analysis of vulnerabilities 7,8 .

Proposed Protocol
The proposed protocol was designed by using random numbers and variables varying with each session and based on vector values and hash functions.
The symbols are defined in Table 1.

Operation
The proposed protocol operates in the following steps.◎ (Step ① : Tag → Reader) The Tag receives a Query from the Reader, and generates the Hash Function (Vector1) using the Vector1 value.Also, the Tag generates the Nonce and session keys prior to the concatenation with the values generated.Then, the Tag stores the values in the variable %M1, and transmits the calculated H (Vector1),{x}{sk1}%m1 to the Reader.Here, the generated value is unique that cannot be generated by another Tag.As for the hash value, the fixed-length data are hashed as follows.
For the first vector function, ã = (a 0 ,...,a k ) and an integer 2w are calculated as, which is applied to the string of the transmitted data value as follows:

Conclusion
The present paper designed a vehicular security protocol and verified its safety, deadlock and live lock operations using the model checking program of FDR 2.91 released for research.In Figure 1, the source file is loaded and converted to the CSP source without any compile errors.The converted CSP format is verified by CASPER.As the CSP code is complex and prone to mistakes in manual coding, it is recommended to use FDR for the conversion.Once the compiling is completed, an in-depth verification is performed to see whether it is safe against different types of attacks as in Figure 2. Here, the tick marks on the left side in Figure 2 indicate the attributes meet the security requirements.

Conclusion
It was not until recently that many studies dealt with the security of vehicular inter-device communication.
In near future, multiple hardware devices will be hyperconnected for communication.Yet, malevolent intruders taking advantage of the vulnerabilities of wireless sections are likely to commit attacks hindering system operation.Such vulnerabilities and resultant attacks on vehicles are significant issues directly related to people's lives.This paper proposed an efficiently secure and safe communication protocol to cope with security issues in vehicular communication.The proposed protocol is based on hash operation, public keys, vectors and random numbers, and designed to perform an operation in each communication session, yielding a unique output value for mutual authentication.The formal verification with Casper/FDR proved the safety of each item tested.The proposed protocol worked efficiently without redundant calculations, and the design was found to benefit the safe and secure vehicular communication environment.Future studies will extend the scope of communication security to a range of security gateways.

Acknowledgment
This work was supported by the research grant of Baekseok University in 2015.
[p] is uniformly random and h int is chosen randomly from a universal family mapping integer domain [p] → [msk1, and the concatenation operation, H(Vector1),{x}{sk1}%m1 is sent to the Reader.
sk1, x, k and does a concatenation to generate the m2%{k} {sk1},{x}{k},H(Vector2) value.Once the value is generated normally, the Reader transmits it to the Tag for authentication.◎ (Step ⑤ : Tag →Reader) Finally, the Tag receives from the Reader the value of m2%{k}{sk1},{x}{k}, with the value it holds.Once the two values match, the tag uses its ID for the operation, +)H (Tag), and encryption and transmits the result to the Reader, completing its authentication session.Subsequently, the Reader receives the value of from the Tag and sends it to S.Then, S retrieves the stored value for the Tag to compare it with the value received from the Tag for authentication.Upon completion of normal authentication process, hash codes and Tag codes are checked for subsequent operations.

Figure 2 .
Figure 2. Verification Set-Up and Running.

Figure 3 .
Figure 3. Security Verification Results of the Protocol.

Figure 2
Figure 2 presents 4 outputs from the verification, each of which is described below.• SECRET_M::SECRET_SPEC[T=SECRET_M::SYS-TEM_S This indicates the proposed protocol is secure enough to guard against intruders and attacks on the system.The communication between agents, data values,

Table 1 .
Symbols and definition Proposal and Verification of Function-based Security Protocol for Vehicular Communication System session keys and hash functions are safe and secure.