Paper 2016/1158

Activate Later Certificates for V2X -- Combining ITS efficiency with privacy

Eric R. Verheul


We specify Issue First Activate Later (IFAL). This is an ETSI type of V2X Public Key Infrastructure based on short-lived pseudonymous certificates without Certificate Revocation Lists. IFAL certificates are valid in the future but can only be used together with periodically provided activation codes. IFAL supports controlled de-pseudonymization enabling provisioning to stop for misbehaving vehicles. IFAL allows for flexible policies, trade-offs between three essential V2X properties: trust, privacy and usability. IFAL activation codes are small and can be sent in an SMS, through roadside equipment or even broadcasted. Like the Butterfly scheme, IFAL uses key derivation with one base private/public key pair. However in IFAL the security module can be simple as it can be kept oblivious of key derivation.

Available format(s)
Publication info
Preprint. MINOR revision.
deniability of implicit certificateselliptic curve cryptographyITSprivacypseudonymsV2X
Contact author(s)
eric verheul @ keycontrols nl
2016-12-22: revised
2016-12-21: received
See all versions
Short URL
Creative Commons Attribution


      author = {Eric R.  Verheul},
      title = {Activate Later Certificates for V2X -- Combining ITS efficiency with privacy},
      howpublished = {Cryptology ePrint Archive, Paper 2016/1158},
      year = {2016},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.