Efficient Authorization Authority Certificate Distribution in VANETs

Sebastian Bittl, Karsten Roscher


Car-to-X communication systems are about to enter the mass market in upcoming years. Security in these networks depends on digital signatures managed by a multi-level certificate hierarchy. Thereby, certificate distribution is critical in regard to channel utilization and data reception delay via security caused packet loss. These issues are even more significant in case not only pseudonym certificates but also authorization authority certificates have to be exchanged between nodes in the VANET. Prior work has not studied distribution of the elements of a multi-level certificate chain in detail. Hence, this work provides an analysis of the currently standardized mechanisms and identifies several drawbacks of the straight forward solution proposed so far. Thereby, we find a severe denial of service attack on that solution. Moreover, the distribution problem is found to be similar to the packet forwarding problem encountered in position-based routing. Thus, we study several strategies for efficient distribution of a certificate chain in regard to channel load, which are adapted from their counterparts in position-based routing. Thereby, we find that by combining pseudonym certificate buffering with requester based responder selection the requirement for certificate chain distribution in VANETs can be removed completely. Hence, the proposed design avoids the identified denial of service weakness and reduces the worst case size of the security envelope of VANET messages by more than a third.


  1. (2011). Intelligent Transport Systems (ITS); Decentralized Congestion Control Mechanisms for Intelligent Transport Systems operating in the 5 GHz range; Access layer Part. V1.1.1.
  2. (2011). Memorandum of Understanding for OEMs within the CAR 2 CAR Communication Consortium on Deployment Strategy for cooperative ITS in Europe. V 4.0102.
  3. (2012a). Intelligent Transport Systems (ITS); Security; ITS communications security architecture and security management. V1.1.1.
  4. (2012b). Intelligent Transport Systems (ITS); STDMA recommended parameters and settings for cooperative ITS; Access Layer Part. V1.1.1.
  5. (2013). IEEE Standard for Wireless Access in Vehicular Environments - Security Services for Applications and Management Messages. 1609.2-2013.
  6. (2013). Intelligent Transport Systems (ITS); Security; Security header and certificate formats. V1.1.1.
  7. (2014). Intelligent Transport Systems (ITS); Vehicular Communications; Basic Set of Applications; Part 2: Specification of Cooperative Awareness Basic Service. V1.3.2.
  8. (2015). Intelligent Transport Systems (ITS); Security; Security header and certificate formats. V1.2.1.
  9. Behrisch, M., Bieker, L., Erdmann, J., and Krajzewicz, D. (2011). SUMO - Simulation of Urban MObility: An Overview. In The Third International Conference on Advances in System Simulation, pages 63-68.
  10. Bittl, S., Aydinli, B., and Roscher, K. (2015a). Effective Certificate Distribution in ETSI ITS VANETs using Implicit and Explicit Requests. In M. Kassab et al., editor, 8th International Workshop Nets4Cars/Nets4Trains/Nets4Aircraft, LNCS 9066, pages 72-83.
  11. Bittl, S., Gonzalez, A. A., Spähn, M., and Heidrich, W. (2015b). Performance Comparison of Data Serialization Schemes for ETSI ITS Car-to-X Communication Systems. International Journal On Advances in Telecommunications, 8:48 - 58.
  12. Blum, B., He, T., and Son, S. (2003). IGF: A State-Free Robust Communication Protocol for Wireless Sensor Networks. Technical Report CS-2003-11, Department of Computer Science, University of Virginia.
  13. Boban, M. (2012). Realistic and Efficient Channel Modeling for Vehicular Networks. Phd thesis, Dept. of Electrical and Computer Engineering, Carnegie Mellon University.
  14. Cheng, L., Henty, B. E., Stancil, D. D., Bai, F., and Mudalige, P. (2007). Mobile Vehicle-to-Vehicle NarrowBand Channel Measurement and Characterization of the 5.9 GHz Dedicated Short Range Communication (DSRC) Frquency Band. IEEE Journal on Selected Areas in Communications, 25(8):1501-1516.
  15. Feiri, M., Petit, J., and Kargl, F. (2012). Evaluation of Congestion-based Certificate Omission in VANETs. In IEEE Vehicular Networking Conference, pages 101 - 108.
  16. Füßler, H., Hartenstein, H., Martin, M., Effelsberg, W., and Widmer, J. (2004). Contention-Based Forwarding for Street Scenarios. In 1st International Workshop in Intelligent Transportation, pages 155-160.
  17. Füßler, H., Widmer, J., K äsemann, M., Mauve, M., and Hartenstein, H. (2003). Contention-Based Forwarding for Mobile Ad Hoc Networks. Elsevier's Ad Hoc Networks, 1(4):351-369.
  18. J. Harding et al. (2014). Vehicle-to-Vehicle Communications: Readiness of V2V Technology for Application. Technical Report DOT HS 812 014, Washington, DC: National Highway Traffic Safety Administration.
  19. Heissenbüttel, M., Braun, T., Bernoulli, T., and Wälchli, M. (2004). BLR: Beacon-Less Routing Algorithm for Mobile Ad-Hoc Networks. Elsevier's Computer Communications Journal (Special Issue), 27(11):1076- 1086.
  20. Kargl, F., Schoch, E., Wiedersheim, B., and Leinmüller, T. (2008). Secure and Efficient Beaconing for Vehicular Networks. In Fifth ACM international workshop on VehiculAr Inter-NETworking, pages 82-83.
  21. Kloiber, B., Strang, T., de Ponte-Mueller, F., Rico Garcia, C., and Roeckl, M. (2010). An Approach for Performance Analysis of ETSI ITS-G5A MAC for Safety Applications. In The 10th International Conference on Intelligent Transport Systems Telecommunications.
  22. Kraftfahrt-Bundesamt (2014). Neuzulassungen von Personenkraftwagen im August 2014 nach Marken und Modellreihen. online. available http://www.kba.de/DE/Statistik/Fahrzeuge/Neuzulas sungen/MonatlicheNeuzulassungen/monatl neuzulas sungen node.html.
  23. Masdari, M. and Barbin, J. P. (2012). Distributed Certificate Management in Mobile Ad Hoc Networks. International Journal of Applied Information Systems, 1(1):33-40.
  24. Morogan, M. S. and Muftic, S. (2003). Certificate Management in ad hoc Networks. In Symposium on Applications and the Internet Workshops, pages 337-341.
  25. Riley, G. F. and Henderson, T. R. (2010). The ns-3 Network Simulator. In Wehrle, K., Günes, M., and Gross, J., editors, Modeling and Tools for Network Simulation, pages 15-34. Springer Berlin Heidelberg.
  26. Roscher, K., Bittl, S., Gonzalez, A. A., Myrtus, M., and Jiru, J. (2014). ezCar2X: Rapid-Prototyping of Communication Technologies and Cooperative ITS Applications on Real Targets and Inside Simulation Environments. In 11th Wireless Communication and Information, pages 51 - 62.
  27. Sen, J., Chandra, M. G., Balamuradlidhar, P., and Harihara, S. G. (2007). A Scheme of Certificate Authority for Ad Hoc Networks. In 18th International Workshop on Database and Expert Systems Applications, pages 615-619.
  28. Sommer, C. and Dressler, F. (2015). Vehiclular Networking. Cambridge University Press.
  29. Task Force PKI, WG Security C2C-CC (2012). C2C-CC PKI Memo. Technical Report 1.7, Car2Car Communication Consortium.

Paper Citation

in Harvard Style

Bittl S. and Roscher K. (2016). Efficient Authorization Authority Certificate Distribution in VANETs . In Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-167-0, pages 85-96. DOI: 10.5220/0005685600850096

in Bibtex Style

author={Sebastian Bittl and Karsten Roscher},
title={Efficient Authorization Authority Certificate Distribution in VANETs},
booktitle={Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},

in EndNote Style

JO - Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Efficient Authorization Authority Certificate Distribution in VANETs
SN - 978-989-758-167-0
AU - Bittl S.
AU - Roscher K.
PY - 2016
SP - 85
EP - 96
DO - 10.5220/0005685600850096