Optimized Certificate Revocation List Distribution for Secure V2X Communications
This work addresses scalability challenges in secure V2X communications for connected and autonomous vehicles, representing an incremental improvement in certificate revocation management.
The paper tackles the scalability issue in pseudonym public key infrastructure for secure vehicle communications by proposing a low-complexity framework using optimized Bloom filters to compress certificate revocation lists, achieving significant overhead reduction with configurable false positive rates.
The successful deployment of safe and trustworthy Connected and Autonomous Vehicles (CAVs) will highly depend on the ability to devise robust and effective security solutions to resist sophisticated cyber attacks and patch up critical vulnerabilities. Pseudonym Public Key Infrastructure (PPKI) is a promising approach to secure vehicular networks as well as ensure data and location privacy, concealing the vehicles' real identities. Nevertheless, pseudonym distribution and management affect PPKI scalability due to the significant number of digital certificates required by a single vehicle. In this paper, we focus on the certificate revocation process and propose a versatile and low-complexity framework to facilitate the distribution of the Certificate Revocation Lists (CRL) issued by the Certification Authority (CA). CRL compression is achieved through optimized Bloom filters, which guarantee a considerable overhead reduction with a configurable rate of false positives. Our results show that the distribution of compressed CRLs can significantly enhance the system scalability without increasing the complexity of the revocation process.