Paper 2018/324

ACPC: Efficient revocation of pseudonym certificates using activation codes

Marcos A. Simplicio Jr., Eduardo Lopes Cominetti, Harsh Kupwade Patil, Jefferson E. Ricardini, and Marcos Vinicius M. Silva

Abstract

Vehicular communication (V2X) technologies allow vehicles to exchange information about the road conditions and their own status, and thereby enhance transportation safety and efficiency. For broader deployment, however, such technologies are expected to address security and privacy concerns, preventing abuse by users and by the system's entities. In particular, the system is expected to enable the revocation of malicious vehicles, e.g., in case they send invalid information to their peers or to the roadside infrastructure; it should also prevent the system from being misused for tracking honest vehicles.Both features are enabled by Vehicular Public Key Infrastructure (VPKI) solutions such as Security Credential Management Systems (SCMS), one of the leading candidates for protecting V2X communication in the United States. Unfortunately, though, SCMS's original revocation mechanism can lead to large Certification Revocation Lists (CRLs), which in turn impacts the bandwidth usage and processing overhead of the system. In this article, we propose a novel design called Activation Codes for Pseudonym Certificates (ACPC), which can be integrated into SCMS to address this issue. Our proposal is based on activation codes, short bitstrings without which certificates previously issued to a vehicle cannot be used by the latter, which are periodically distributed to non-revoked vehicles using an efficient broadcast mechanism. As a result, the identifiers of the corresponding certificates do no need to remain on the CRL for a long time, reducing the CRLs' size and streamlining their distribution and verification of any vehicle's revocation status. Besides describing ACPC in detail, we also compare it to similar-purpose solutions such as Issue First Activate Later (IFAL) and Binary Hash Tree based Certificate Access Management (BCAM).This analysis shows that our proposal not only brings security improvements (e.g., in terms of resilience against colluding system authorities), but also leads to processing and bandwidth overheads that are orders of magnitude smaller than those observed in the state of the art.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Published elsewhere. Minor revision. https://www.sciencedirect.com/science/article/pii/S1570870518304761
DOI
10.1016/j.adhoc.2018.07.007
Keywords
Vehicular communicationscertificate revocationactivation codesSecurityPrivacy
Contact author(s)
joliveira @ larc usp br
History
2020-04-21: revised
2018-04-09: received
See all versions
Short URL
https://ia.cr/2018/324
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2018/324,
      author = {Marcos A.  Simplicio Jr. and Eduardo Lopes Cominetti and Harsh Kupwade Patil and Jefferson E.  Ricardini and Marcos Vinicius M.  Silva},
      title = {ACPC: Efficient revocation of pseudonym certificates using activation codes},
      howpublished = {Cryptology ePrint Archive, Paper 2018/324},
      year = {2018},
      doi = {10.1016/j.adhoc.2018.07.007},
      note = {\url{https://eprint.iacr.org/2018/324}},
      url = {https://eprint.iacr.org/2018/324}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.