Direct anonymous attestation on the road: Efficient and privacy-preserving revocation in C-ITS

Abstract

Vehicular networks rely on Public Key Infrastructure (PKIs) to generate long-term and short-term pseudonyms that protect vehicle's privacy. Instead of relying on a complex and centralized ecosystem of PKI entities, a more scalable solution is to rely on Direct Anonymous Attestation (DAA) and the use of Trusted Computing elements. In particular, revocation based on DAA is very attractive in terms of efficiency and privacy: it does not require the use of Certificate Revocation Lists (CRLs) and revocation authorities can exclude misbehaving participants from a V2X system without resolving (i.e. learning) their long-term identity. In this paper, we present a novel revocation protocol based on the use of DAA and showcase a detailed design and modeling of the implementation on a real TPM platform in order to demonstrate its significant performance improvements compared to existing solutions.