A Security Credential Management System for V2X Communications
A Vehicle-to-Everything (V2X) communications safety system requires that people using a safety device can trust the information presented to them. To this end, each receiving device must be able to tell whether messages received over the air interface come from a trustworthy source and have not been tampered with during transmission. This trust relation needs to be established as soon as two devices receive messages from each other. At the same time, users care about privacy and will unlikely accept the system if it allows for tracking of an individual device. Providing both security and privacy to the utmost extent reasonable and possible is the primary challenge and design goal of the Security Credential Management System (SCMS) presented in this chapter. The Crash Avoidance Metrics Partnership (CAMP) under a Cooperative Agreement with the USDOT designed and developed the SCMS for vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communications. The design builds on public key infrastructure (PKI) principles and issues digital certificates to participating devices (vehicles and infrastructure nodes) for trustful communication among them, which is necessary for safety and mobility applications based on V2X communications. Standard solutions from literature, such as group signature schemes and management schemes for symmetric keys, do not meet the requirements of a V2X communications system. We briefly review these well-known schemes and show where they do not meet these criteria.
The SCMS supports four primary use cases, namely bootstrapping, certificate provisioning, misbehavior reporting, and revocation. Devices use pseudonym certificates to sign their messages, and multiple organizations are involved in the generation and provisioning of those certificates to achieve a reasonable level of privacy. One of the main challenges is to facilitate efficient revocation of misbehaving or malfunctioning vehicles, while at the same time preserving privacy against attacks from insiders. We present a revocation process which actively informs the fleet about misbehaving devices and is very efficient regarding revoking a high number of pseudonym certificates with only a small amount of data signaled over the air. Another challenge is to handle certificate authority revocations without requiring all affected devices to come back to dealerships or get updated in some form of secure environment. We present an approach called Elector-based Root Management to minimize the impact on devices.
The authors of this chapter have contributed to the SCMS, but they rather see themselves as SCMS ambassadors than its inventors. The SCMS is a culmination of efforts by many parties and people. This includes members of the US Department of Transportation (USDOT), the Crash Avoidance Metric Partnership Vehicle Safety Consortium (CAMP) and the Vehicle Infrastructure Integration Consortium (VIIC). Its primary designer is the Vehicle Communications Security Team at CAMP, which mainly consists of representatives of vehicle manufacturers and security experts from industry and academia.
- 1.Bißmeyer, N. et al., 2011. A generic public key infrastructure for securing car-to-x communication. s.l., s.n.Google Scholar
- 2.ETSI, 2010a. TR 102 893 V1.1.1 (2010-03) Intelligent Transport Systems (ITS); Security; Threat, Vulnerability and Risk Analysis (TVRA), s.l.: s.n.Google Scholar
- 3.ETSI, 2010b. TS 102 731V1.1.1 (2010-09) Intelligent Transport Systems (ITS); Security; Security Services and Architecture., s.l.: s.n.Google Scholar
- 4.ETSI, 2012. TS 102 867 v1.1.1 (2012-06) Intelligent Transportation Systems (ITS); Security; Stage 3 mapping for IEEE 1609.2., s.l.: s.n.Google Scholar
- 5.IEEE Vehicular Technology Society, 2013. 1609.2. Annex E.4.1: Why sign data instead of using a message authentication code?, s.l.: s.n.Google Scholar
- 6.Kung, A., 2008. Secure Vehicle Communication. Security Architecture and Mechanisms for V2V/V2I., s.l.: s.n.Google Scholar
- 7.USDOT, 2006. Vehicle Safety Communications Project. Final Report 2006. Appendix H, s.l.: U.S. Department of Transportation, National Highway Traffic Safety Administration.Google Scholar
- 8.Brecht, B. et al., 2018. A Security Credential Management System for V2X Communications. IEEE Transactions on Intelligent Transport Systems. Google Scholar
- 9.Whyte, W., Weimerskirch, A., Kumar, V. & Hehn, T., 2013. A security credential management system for V2V communications. s.l., s.n., pp. 1–8.Google Scholar
- 10.USDOT, U. S. D. o. T. -. I. J. P. O., 2016. Connected Vehicle Pilot Deployment Program. [Online] Available at: https://www.its.dot.gov/pilots/ [Accessed 16 October 2017].
- 12.Cavoukian, A., 2011. Privacy by Design. The 7 Foundational Principles., s.l.: s.n.Google Scholar
- 13.Dierks, T. & Rescorla, E., 2008. RFC 5246 - The Transport Layer Security (TLS) Protocol, s.l.: IETF - Network Working Group.Google Scholar
- 14.IEEE, 2016. IEEE Std 1609.2-2016 - IEEE Standard for Wireless Access in Vehicular Environments–Security Services for Applications and Management Messages, s.l.: IEEE.Google Scholar
- 15.Chaum, D. & Van Heyst, E., 1991. Group Signatures. s.l., Springer, pp. 257–265.Google Scholar
- 16.Manulis, M. et al., 2012. Group Signatures: Authentication with Privacy, s.l.: s.n.Google Scholar
- 17.Carter, J. & Zhang, J., 2015. Analysis of Vehicle-Based Security Operations. Gothenburg, Sweden, s.n.Google Scholar
- 18.Boneh, D., Boyen, X. & Shacham, H., 2004. Short Group Signatures. s.l., Springer, pp. 41–55.Google Scholar
- 19.Calandriello, G., Papdimimitratos, P., Hubaux, J.-P. & Lioy, A., 2011. On the Performance of Secure Vehicular Communication Systems. s.l., IEEE, pp. 898–912.Google Scholar
- 21.Carter, J. & Paul, N., 2016. Towards a Scalable Group Vehicle-based Security System. Ann Arbor, MI, USA, s.n.Google Scholar
- 22.Ateniese, G., Song, D. & Tsudik, G., 2003. Quasi-Efficient Revocation of Group Signatures. s.l., Springer, pp. 183–197.Google Scholar
- 23.Boneh, D. & Shacham, H., 2004. Group Signatures with Verifier-Local Revocation. s.l., ACM, pp. 168–177.Google Scholar
- 24.Camenisch, J. & Lysyanskaya, A., 2001. Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials. s.l., Springer, pp. 257–265.Google Scholar
- 25.Nakanishi, T. & Funabiki, N., 2005. A Short Verifier-Local Revocation Group Signature Scheme with Backward Unlinkability from Bilinear Maps. s.l., Springer, pp. 533–548.Google Scholar