Skip to Main Content
Vehicular ad hoc networks (VANETs) are expected to provide basic security attributes using certificate-based authentication schemes. Credential management guarantees that the principals in VANETs are able to filter out messages from misbehaving vehicles. The various phases in the process of eviction of a misbehaving vehicle-misbehavior detection, misbehavior reporting, certificate revocation, and revocation information dissemination-delay the eviction process by amounts that depend on the technology and schemes used to implement the individual phases. These delays directly translate into the existence of a window of vulnerability for other legitimate vehicles, thus implying degradation in the eviction performance. We propose a framework for analyzing the performance of the node-eviction schemes proposed for vehicle-to-vehicle (V2V) systems by abstracting out the various mechanisms for the different phases of misbehaving-vehicle eviction. This unifying framework could be useful, for example, in deciding the required communication technology and the rate of communication with the security infrastructure to achieve a target eviction performance. We advocate a holistic design approach, where the various phases of node eviction are jointly designed and optimized to improve the eviction performance of the network. Furthermore, it is emphasized that the window of vulnerability is lower bounded by the misbehavior-detection delays and, hence, cannot completely be eliminated; this also provides a natural bound on the performance of the node-eviction schemes. We derive bounds on the performance of misbehavior-detection and eviction schemes required to limit the extent of success of an attack where malicious vehicles submit incorrect accusations of misbehavior against legitimate vehicles.