Abstract
Certificate revocation is a challenging task, especiallyin mobile network environments such as vehicular ad Hoc networks (VANETs).According to the IEEE 1609.2 security standard for VANETs, public keyinfrastructure (PKI) will provide this functionality by means of certificate revocation lists (CRLs).When a certificate authority (CA)needs to revoke a certificate, itglobally distributes CRLs.Transmitting these lists pose a problem as they require high update frequencies and a lot of bandwidth. In this article, we propose BECSI, aBandwidth Efficient Certificate Status Informationmechanism to efficiently distributecertificate status information (CSI) in VANETs.By means of Merkle hash trees (MHT), BECSI allowsto retrieve authenticated CSI not onlyfrom the infrastructure but also from vehicles actingas mobile repositories.Since these MHTs are significantly smaller than the CRLs, BECSIreduces the load on the CSI repositories and improves the response time for the vehicles.Additionally, BECSI improves the freshness of the CSIby combining the use of delta-CRLs with MHTs.Thus, vehicles that have cached the most current CRLcan download delta-CRLs to have a complete list of revoked certificates.Once a vehicle has the whole list of revoked certificates, it can act as mobile repository.
Highlights
Vehicular ad-hoc networks (VANETs) have recently attracted extensive attentions as a promising technology for revolutionizing the transportation systems
The IEEE 1609.2 standard suggest the use of certificate revocation lists (CRLs) to manage the revocation data
The tradicional way of issuing CRLs do not fit well in a VANET where huge number of nodes are involved and where several pseudonym certificates are assigned in addition to vehicle identity certificates
Summary
Vehicular ad-hoc networks (VANETs) have recently attracted extensive attentions as a promising technology for revolutionizing the transportation systems. We address the CRL distribution problem by exploiting the combination of three well-known mechanisms: (1) delta-CRL [1], (2) Merkle hash tree (MHT) [18], and (3) one-way hash chain [16] By combining these three mechanisms, we design a Bandwidth Efficient Certificate Status Information (BECSI) protocol, that allows increasing the availability and freshness of the certificate status information (CSI) and at the same time reduces the bandwidth necessary to check the validity of a given certificate. Our extension contains all the necessary information to allow any vehicle or VANET infrastructure element that possesses the extended-CRL to build the BECSI tree, i.e., a hash tree with the CSI of the CRL Using this BECSI tree, any entity possessing the extended-CRL can act as repository and.
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
