IEEE 1609 SERIES-2016 en Trial-Use Standard for Wireless Access in Vehicular Environments -Security Services for Applications and Management Messages.pdf

1、IEEE Std 1609.2-2006IEEE Trial-Use Standard for WirelessAccess in Vehicular EnvironmentsSecurity Services for Aplications andManagement MessagesI E E E3 Park Avenue New York, NY10016-5997, USA6 July 2006Intelligent Transportation Systems CommitteeSponsored by theIEEE Vehicular Technology SocietyIEEE

2、 Std 1609.2-2006IEEE Trial-Use Standard for Wireless Access in Vehicular EnvironmentsSecurity Services for Applications and Management Messages Sponsor Intelligent Transportation Systems Committee of theIEEE Vehicular Technology SocietyApproved 8 June 2006IEEE-SA Standards BoardThe Institute of Elec

3、trical and Electronics Engineers, Inc.3 Park Avenue, New York, NY 10016-5997, USACopyright 2006 by the Institute of Electrical and Electronics Engineers, Inc.All rights reserved. Published 6 July 2006. Printed in the United States of America.IEEE is a registered trademark in the U.S. Patent +1 978 7

4、50 8400. Permission to photocopy portions ofany individual standard for educational classroom use can also be obtained through the Copyright ClearanceCenter.ivCopyright 2006 IEEE. All rights reserved.Introduction5.9 GHz Dedicated Short Range Communications for Wireless Access in Vehicular Environmen

5、ts (DSRC/WAVE, hereafter simply WAVE), as specified in a range of standards including those generated by theIEEE P1609 working group, enables vehicle-to-vehicle (V2V), and vehicle-to-infrastructure (V2I) wirelesscommunications. This connectivity makes possible a range of applications that rely on co

6、mmunicationsbetween road users, including vehicle safety, public safety, commercial fleet management, tolling, and otheroperations.With improved communications come increased risks, and the safety-critical nature of many WAVEapplications makes it vital that services be specified that can be used to

7、protect messages from attacks suchas eavesdropping, spoofing, alteration, and replay. Additionally, the fact that the wireless technology will bedeployed in personal vehicles, whose owners have a right to privacy, means that in as much as possible thesecurity services should respect that right and n

8、ot leak personal, identifying, or linkable information tounauthorized parties.With this in mind, at the time that IEEE P1609 was established to develop the standards for the DSRCwireless network stack, the IEEE also established IEEE P1556(later renumbered as IEEE 1609.2) todevelop standards for the

9、security techniques that will be used to protect the services that use this networkstack. These applications face unique constraints. Many of them, particularly safety applications, are time-critical: the processing and bandwidth overhead due to security must be kept to a minimum, to improveresponsi

10、veness and decrease the likelihood of packet loss. For many applications, the potential audienceconsists of all vehicles on the road in North America; therefore, the mechanism used to authenticatemessages must be as flexible and scalable as possible, and must accommodate the smooth removal ofcomprom

11、ised units from the system. Additionally, as mentioned above, the privacy of privately owned andoperated vehicles must be respected as far as technically and administratively feasible.This document specifies a range of security services for use in the WAVE environment. Mechanisms areprovided to auth

12、enticate WAVE management messages, to authenticate messages that do not requireanonymity, and to encrypt messages to a known recipient. Mechanisms to provide anonymity, particularlyanonymous broadcast, will be provided in a separate document.Notice to usersErrataErrata, if any, for this and all othe

13、r standards can be accessed at the following URL: http:/standards.ieee.org/reading/ieee/updates/errata/index.html. Users are encouraged to check this URL forerrata periodically.InterpretationsCurrent interpretations can be accessed at the following URL: http:/standards.ieee.org/reading/ieee/interp/i

14、ndex.html.This introduction is not part of IEEE Std 1609.2, IEEE Trial-Use Standard for Wireless Access in Vehicular Envi-ronmentsSecurity Services for Applications and Management Messages.vCopyright 2006 IEEE. All rights reserved.PatentsAttention is called to the possibility that implementation of

15、this standard may require use of subject mattercovered by patent rights. By publication of this standard, no position is taken with respect to the existence orvalidity of any patent rights in connection therewith. The IEEE shall not be responsible for identifyingpatents or patent applications for wh

16、ich a license may be required to implement an IEEE standard or forconducting inquiries into the legal validity or scope of those patents that are brought to its attention. A patentholder or patent applicant has filed a statement of assurance that it will grant licenses under these rightswithout comp

17、ensation or under reasonable rates and nondiscriminatory, reasonable terms and conditions toapplicants desiring to obtain such licenses. The IEEE makes no representation as to the reasonableness ofrates, terms, and conditions of the license agreements offered by patent holders or patent applicants.

18、Furtherinformation may be obtained from the IEEE Standards Department.Publication of this trial-use standard for comment and criticism has been approved by theInstitute of Electrical and Electronics Engineers. Trial-use standards are effective for 24months from the date of publication. Comments for

19、revision will be accepted for 18 monthsafter publication. Suggestions for revision should be directed to the Secretary, IEEE-SAStandards Board, 445 Hoes Lane, P.O. Box 1331, Piscataway, NJ 08855-1331, and shouldbe received no later than 7 January 2007. It is expected that following the 24-month peri

20、od,this trial-use standard, revised as necessary, shall be submitted to the IEEE-SA StandardsBoard for approval as a full-use standard.viCopyright 2006 IEEE. All rights reserved.ParticipantsThe active participants in the IEEE P1609.2 (1556) working group at the time this trial-use standard wasdevelo

21、ped and balloted were as follows: Thomas M. Kurihara, ChairRoger J. OConnor, Working Group Vice Technical ChairDouglas M. Kavner, Security SWG ChairEric Rescorla, Primary Security ConsultantWilliam Whyte, P1609.2 (1556) Technical EditorThe following members of the individual balloting committee vote

22、d on this trial-use standard. Balloters mayhave voted for approval, disapproval, or abstention. Scott AndrewsLee R. ArmstrongDaniel V. BaileyJim BauerArt CarterBroady CashRonald K. CharEmily ClarkJ. Kenneth CookKhaled DessoukyEskafi FarokhWayne FisherRamez GergesSusan GrahamGloria GwynneChris Hedges

23、Russell D. HousleyMary Ann IngramDaniel JiangCarl KainPankaj R. KarnikDouglas M. KavnerDavid KelleyHariharan KrishnanJerremy A. LandtJason LiuJustin McNewJohn T. MoringSean OHaraPeter OomenSam OyamaJoon Gou ParkGordon PeredoFrank PerryMohan PundariEd RingTom SchaffnitDick SchnackeDouglas SieselRober

24、t T. SorannoSteve SpenlerBill SpurgeonSteve TenglerJim TomcikRoger TongGlenn TurnockBryan WellsFilip WeytjensDoug WhitingChris WilsonJijun YinJeffery ZhuToru AiharaScott AndrewsLee R. ArmstrongJohn R. BarrAlexei BeliaevJuan C. CarreonYi-ming ChenDanila ChernetsovElizabeth ChesnuttKai Moon ChowKeith

25、ChowJ. Kenneth Cook Tommy P. CooperThomas J. DineenRandall L. DotsonMarc EmmelmannAvraham FreedmanIgnacio Marin GarciaNikhil GoelSergiu R. GomaRandall C. GrovesPradeep GuptaGloria G. GwynneGary A. HeustonWerner HoelzlRussell D. HousleyRaj JainOh JongtaekAvinash JoshiPankaj R. KarnikPiotr KarockiDoug

26、las M. KavnerStuart J. KerryPatrick W. KinneyJim KulchiskyThomas M. KuriharaJeremy A. LandtJun LiuWilliam LumpkinsG. L. LuriJulius M. MadeyGary L. MichelWilliam J. MitchellApurva N. ModyYasser L. MorganJohn T. MoringRoss A. MorrisAndrew F. MylesMichael S. NewmanRichard H. NoensSatoshi ObaraRoger J.

27、OConnorChris L. OsterlohSatoshi OyamaSubburajan PonnuswamyHenry S. PtasinskiVikram PunjRobert A. RobinsonFrank H. RocchioRandal D. RoebuckMichael SchollesStephen C. SchwarmRich SeifertJohn W. SheppardRobert T. Soranno,Luca SpotornoThomas E. StaraiMark A. TillinghastScott A. ValcourtChristopher G. Wa

28、reWilliam WhyteEric V. WoodsPaul R WorkOren YuenviiCopyright 2006 IEEE. All rights reserved.When the IEEE-SA Standards Board approved this standard on 8 June 2006, it had the followingmembership:Steve M. Mills, ChairRichard H. Hulett, Vice ChairDon Wright, Past ChairJudith Gorman, Secretary*Member E

29、meritusAlso included are the following nonvoting IEEE-SA Standards Board liaisons:Satish K. Aggarwal, NRC RepresentativeRichard DeBlasio, DOE RepresentativeAlan H. Cookson, NIST RepresentativeMichelle TurnerIEEE Standards Program Manager, Document DevelopmentMatthew CegliaIEEE Standards Program Mana

30、ger, Technical Program DevelopmentMark D. BowmanDennis B. BrophyWilliam R. GoldbachArnold M. GreenspanRobert M. GrowJoanna N. GueninJulian Forster*Mark S. HalpinKenneth S. HanusWilliam B. HopfJoseph L. Koepfinger*David J. LawDaleep C. MohlaT. W. OlsenGlenn ParsonsRonald C. PetersenTom A. PrevostGreg

31、 RattaRobby RobsonAnne-Marie SahazizianVirginia C. SulzbergerMalcolm V. ThadenRichard L. TownsendWalter WeigelHowad L. Wolfmanviii Copyright 2006 IEEE. All rights reserved. Contents 1. Overview .1 1.1 Introduction .1 1.2 Scope .1 1.3 Purpose 2 1.4 Document organization2 1.5 Document conventions 3 2.

32、 Normative references.3 3. Definitions, abbreviations, and acronyms .4 3.1 Definitions.4 3.2 Abbreviations and acronyms .9 3.3 Terminology, applications, implementations, and the security manager.10 4. Presentation language11 4.1 General 11 4.2 Notation conventions.11 4.3 Basic block size .12 4.4 Nu

33、mbers 12 4.5 Fixed-length vectors 12 4.6 Variable-length vectors13 4.7 The opaque and opaqueExtLength type.13 4.8 Enumerated type14 4.9 Constructed types 15 4.10 The case statement.15 4.11 The extern statement16 4.12 Flags 16 5. Secured Messages17 5.1 General 17 ix Copyright 2006 IEEE. All rights re

34、served. 5.2 SecuredMessage type 17 5.3 SignedMessage, ToBeSignedMessage, and MessageFlags types18 5.4 SignedWSM and ToBeSignedWSM types19 5.5 PublicKey, PKAlgorithm, and SymmAlgorithm types20 5.6 ECPublicKey type .20 5.7 CertID8 and CertID10 type .21 5.8 The ApplicationID and FullySpecifiedAppID typ

35、es .21 5.9 Time64 and Time32 types .22 5.10 SignerInfo type 22 5.11 Signature type23 5.12 ECDSASignature type.23 5.13 EncryptedMessage, EncryptedContentInfo, and RecipientInfo types .23 5.14 ECIESNISTp256EncryptedKey and AESCCMCiphertext types24 5.15 WAVECertificate, ToBeSignedWAVECertificate, CertS

36、pecificData, SubjectType, and CRLSeries types 25 5.16 WAVECRL, ToBeSignedCRL, CRLType, and IDAndDate types .27 5.17 WAVECertificateRequest and WAVECertificateResponse types.28 5.18 GeographicRegion and RegionType types 29 5.19 The 2DLocation and 3DLocationAndConfidence types30 5.20 Certificate Scope

37、s31 6. Other secured message formats .34 7. Secure message processing35 7.1 Required information for security services35 7.2 Caches and stores 35 7.3 Signed messages37 7.4 Processing Encrypted Messages43 7.5 Processing Signed and Encrypted Messages .45 8. Specific uses of secured messages.45 x Copyr

38、ight 2006 IEEE. All rights reserved. 8.1 Secured WSAs.45 8.2 Secured WSMs 50 8.3 Security Manager.53 8.4 Certificate requests 55 8.5 Fragmented messages57 Annex A (normative) Protocol Implementation Conformance Statement (PICS) proforma.59 Annex B (normative) Summary of message formats.76 Annex C (i

39、nformative) Examples of message structures.83 Annex D (informative) General description 89 Annex E (informative) Additional security considerations .95 Annex F (informative) Threat model.98 Annex G (informative) Bandwidth considerations and opportunities for optimization.101 Annex H (informative) Co

40、pyright statement for Clause 4.103 Annex I (informative) Bibliography104 1 Copyright 2006 IEEE. All rights reserved. IEEE Trial-Use Standard for Wireless Access in Vehicular EnvironmentsSecurity Services for Applications and Management Messages 1. Overview 1.1 Introduction Wireless Access in Vehicul

41、ar Environments (WAVE) is a radio communications system intended to provide interoperable wireless networking services for transportation. These services include those recognized for Dedicated Short-Range Communications (DSRC) by the U.S. National Intelligent Transportation Systems (ITS) Architectur

42、e (NITSA) B211and many others not specifically identified in the architecture. The system enables vehicle-to-vehicle (V2V) and vehicle-to-roadside or vehicle-to-infrastructure (V2I) communications, generally over line-of-sight distances of less than 1000 m, where the vehicles may be moving at speeds

43、 up to 140 km/h. The Physical Layer (PHY) and Medium Access Control (MAC) use elements of the IEEE 802.11PHY and MAC and were under development at the time this standard was issued. Channelization and the upper layers of the network stack are defined in IEEE P1609.4B4 and IEEE P1609.3, respectively.

44、 IEEE P1609.1B3 defines an application, the Resource Manager, that uses the network stack for communications. This document, IEEE Std 1609.2, specifies security services for the WAVE networking stack and for applications that are intended to run over that stack. Services include encryption using ano

45、ther partys public key, and non-anonymous authentication. 1.2 Scope The scope of this standard is to define secure message formats, and the processing of those secure messages, within the DSRC/WAVE system. The standard covers methods for securing WAVE 1Numbers in brackets correspond to the bibliogra

46、phy in Annex I. IEEE Std 1609.2-2006 IEEE TRIAL-USE STANDARD FOR WIRELESS ACCESS IN VEHICULAR ENVIRONMENTS 2 Copyright 2006 IEEE. All rights reserved. management messages and application messages, with the exception of vehicle-originating safety messages. It also describes administrative functions n

47、ecessary to support the core security functions. 1.3 Purpose The safety-critical nature of many DSRC/WAVE applications makes it vital that services be specified that can be used to protect messages from attacks such as eavesdropping, spoofing, alteration, and replay. Additionally, the fact that the

48、wireless technology will be deployed in personal vehicles, whose owners have a right to privacy, means that in as much as possible the security services must be designed to respect that right and not leak personal, identifying, or linkable information to unauthorized parties. This standard describes

49、 security services for WAVE management messages and application messages, with the exception of vehicle-originating safety messages, to meet these requirements. It is anticipated that vehicle-originating safety messages will be added in an amendment to this standard. 1.4 Document organization The document contains both normative and informative text, and is organized as follows. Clause 1 reviews the scope and purpose of this standard and introduces the main entities in the system. Clause 2 contains the normative references. These are documents tha