Randomized Certificate Replacement with Bounded Collateral Damage

Dae Hyun YUM  

IEICE TRANSACTIONS on Information and Systems   Vol.E98-D   No.11   pp.1990-1993
Publication Date: 2015/11/01
Publicized: 2015/07/27
Online ISSN: 1745-1361
DOI: 10.1587/transinf.2015EDL8133
Type of Manuscript: LETTER
Category: Information Network
PKI,  privacy,  anonymity,  certificate revocation,  

Full Text: PDF>>
Buy this Article

To accomplish secure communication in vehicular networks, public key infrastructure (PKI) can be employed. However, traditional PKI systems are not suitable because a unique certificate is assigned to each vehicle and thus no anonymity is guaranteed. In the combinatorial certificate schemes, each vehicle is assigned multiple certificates from a shared certificate pool and each certificate in the pool is assigned to multiple vehicles to achieve a level of anonymity. When a certificate assigned to a misbehaving vehicle is revoked, a certificate replacement procedure is executed to all vehicles sharing the certificate. To replace the revoked certificate, a randomized certificate replacement scheme probabilistically assigns different certificates to different vehicles, which can reduce collateral damage caused by repeatedly misusing a certificate and its replacement certificates. Unfortunately, previous randomized certificate replacement schemes allow unbounded collateral damage; a finite number of certificate replacements cannot detect the misbehaving vehicle with certainty. To address this problem, we propose a new randomized certificate replacement scheme with bounded collateral damage.