Paper 2018/788

Privacy-preserving certificate linkage/revocation in VANETs without Linkage Authorities

Marcos A. Simplicio Jr., Eduardo Lopes Cominetti, Harsh Kupwade Patil, Jefferson E. Ricardini, Leonardo T. D. Ferraz, and Marcos Vinicius M. Silva


Vehicular communication (V2X) technologies are expected to be common in the future, providing better transportation safety and efficiency. However, their large-scale deployment requires addressing some challenges. In particular, to prevent abuse by drivers and by the system itself, V2X architectures must: (1) ensure the authenticity of messages, which is usually accomplished by means of digital certification; and (2) preserve the privacy of honest users, so owners of non-revoked certificates cannot be easily identified or tracked by eavesdroppers. A promising solution for managing V2X-oriented certificates in an efficient manner is the Security Credential Management System (SCMS), which is among the main candidates for standardization in the United States. In this paper, aiming to enhance and address issues in the SCMS architecture, we provide three main contributions. First, we describe and fix two birthday attacks against SCMS's certificate revocation process, thus preventing the system's security degradation with the number of issued and revoked certificates. In addition, we describe a mechanism for improving the flexibility of revocation, allowing certificates and their owner's privacy to be temporarily revoked in an efficient manner; this functionality is useful, for example, in case of vehicle theft or kidnapping. Finally, we propose a method that simplifies SCMS's system architecture, removing the need for the so-called Linkage Authorities (LAs); this not only results in cost reductions for SCMS's implementation, but also improves its security and privacy due to the removal of one potential point of failure/collusion.

Note: This is an earlier, more complete version of the published manuscript. It has been updated with the latest performance results, as well as some additional details regarding (1) the assumed security model and (2) architecture cost analysis.

Available format(s)
Publication info
Published elsewhere. MAJOR revision.IEEE Transactions on Intelligent Transportation Systems
Vehicular communicationsSecurityRevocable privacyBirthday attacksLinkage Authority free.
Contact author(s)
mjunior @ larc usp br
2020-04-06: revised
2018-09-01: received
See all versions
Short URL
Creative Commons Attribution


      author = {Marcos A.  Simplicio Jr. and Eduardo Lopes Cominetti and Harsh Kupwade Patil and Jefferson E.  Ricardini and Leonardo T.  D.  Ferraz and Marcos Vinicius M.  Silva},
      title = {Privacy-preserving certificate linkage/revocation in VANETs without Linkage Authorities},
      howpublished = {Cryptology ePrint Archive, Paper 2018/788},
      year = {2018},
      doi = {10.1109/TITS.2020.2981907},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.