Blend-In: A Privacy-Enhancing Certificate-Selection Method for Vehicular Communication

Abstract

This paper presents and analyzes a method for enhancing the privacy of vehicles that use the public-key infrastructure (PKI) to secure communications. In particular, it examines the privacy limitations of a PKI system, where certificates are shared among multiple vehicles using a combinatorial certificate scheme. Such a system was implemented in the U.S. Vehicle Infrastructure Integration (VII) proof-of-concept trial to secure vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communication and preserve vehicle privacy. The analysis shows that, in low vehicle densities, there is a high probability that a vehicle may have a locally unique certificate that is not shared by other vehicles. Vehicles using unique certificates may be vulnerable to being tracked or identified. This paper proposes a vehicle-based certificate-selection method for enhancing the privacy of vehicle communications. In our method, a vehicle monitors the certificates in use by neighboring vehicles and identifies those certificates that it also possesses. The vehicle then selects a certificate already in use to secure its own communication. This allows a vehicle to ldquoblend inrdquo to its environment but without substantially increasing an attacker's ability to evade exposure. We provide an analysis of the anonymity and unlinkability properties of the method and demonstrate that it rapidly reduces the number of vehicles using unique certificates to increase privacy.