Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE credits
The idea of vehicular communication systems could bring more safety, immunity
and assurance in driving while it poses a variety of applications in traffic efficiency,
driver assistance, environmental hazards, road conditions and infotainment. The aim
is to make driving safer and to facilitate driving to the full extent, even on dangerous
roads. However, having effective and robust operations within the VC system needs an
infrastructure to handle threats, faults, illegitimate activities and unexpected incidents.
Message authentication, integrity, non-repudiation and privacy within such a system are
considered as the most controversial issues from security perspective. The idea is to
protect privacy not only from legal point of view, but also from technical perspective
in terms of using privacy enhancing technologies. To provide security within such a
system, the idea of Public Key Infrastructure is considered as a promising solution.
Using long-term certificates does reveal the real identity of the owner. Since users’
privacy is considered as the main security requirement in the VC system, standard
certificates (X.509) and normal PKI cannot be used within a VC network. There are
some functionalities and features for vehicular communication systems that do not exist
in standard PKI. As a result, using pseudonym certificates to perform transactions within
the VC system is a solution.
In this report, a vehicular public key infrastructure, called VPKI, is proposed. OpenCA
is used as the PKI, equipped with Pseudonym Certificate Authority (PCA), Long-Term
Certificate Authority (LTCA) and Pseudonym Resolution Authority (PRA). These
authorities are certified by the RCA and they have privileges to perform their tasks.
LTCA is responsible for issuing long-term certificates while PCA is responsible for
issuing pseudonym certificates. PRA is the authority to perform pseudonym resolution to
identify the real identity of a pseudonym certificate. When it comes to CRL, PCA is the
responsible authority to determine revoked pseudonym certificates in order to keep the
system secure. Three protocols are then proposed to obtain pseudonym certificates, latest
version of pseudonym CRL as well as performing pseudonym resolution. Obtaining
pseudonym certificates is done in two phases. Firstly, each vehicle sends a request
to LTCA to get a valid token. In the second step, the token is used by PCA to issue
2012. , 115 p.