| With the rapid development of mobile Internet and the increasingly serious traffic congestion problem faced by each city, Intelligent Transportation System has become a research hotspot. WAVE protocol, one of the most popular technologies in the field of ITS research, was developed by the IEEE under the guidance of the U.S. Department of Transportation. Currently most domestic studies on WAVE protocol are concentrating on the performance simulation and algorithm designing of channel switching on MAC layer, other than implementation which is rare in domestic while has several incomplete commercial products abroad.Because of the unstable and fast changing network topology of the vehicular environment, asymmetric algorithm was adopted in WAVE to send security message because it does not require negotiation on both sides. For the huge node number in the VANET, certificate chain and updated CRL was put forward in WAVE for regionalizing vehicles.There are a lot of entities especially concerning security in WAVE, like SPS, CME and PSSME. WAVE security services framework involves entities like SPS, CME, PSSME, CMP and CA. However, clear definitions are specified only for SDEE, CME and PSSME but not CMP and CA. And these two entities are integral parts for supporting WAVE security services. Therefore, detailed designs for the two entities were proposed in this paper. The asymmetric algorithms named ECIES and ECDSA are chosen in WAVE because of the advantages of short key and high safety. Considering ECC algorithm spends too much time, this article improved the way of signing certificate chains, which effectively reduces the delay of the certificate verification.After the introduction of the service model of WAVE protocol, the IEEE 1609.2 part, as WAVE security service framework, have been analyzed and explained beside the relationship between each entities. Then the CMP, CA, PS, CME, PSSME have been interpreted and analyzed, and the features and difficulties have been explained after that. A new method to sign certificate was proposed in this paper, which can be more high-speed way to verify certificate chain’s signature.Subsequently, the design has been implemented based on Linux. The process of various kinds of service requests in WAVE security service entity is described in detail. Design of inner ones in security service framework and the interactive process between them is also represented in this part. WAVE security services will use many of the service modes of process synchronization application and WSA to provide security services.Finally, we verified our design and implementation using the black box testing method. Through the test, it’s concluded that every interface implemented in this paper meets the specification of WAVE 1609.2 Protocol. |
PDF Full Text Request