Privacy-preserving attribute-based credentials in cooperative intelligent transport systems
In Cooperative Intelligent Transport Systemss (C-ITSs), vehicles broadcast their location and other information over dedicated short-range radio channels. This communication must be authenticated to protect the information against tampering, but at the same time must be anonymous to protect the location privacy of the driver. The most prominent C-ITS solutions today let vehicles either store large numbers of preloaded pseudonym certificates, or let them regularly fetch new pseudonyms from an online authority. More advanced solutions based on group signatures or anonymous credentials allow vehicles to generate arbitrarily many pseudonyms locally, without requiring further interaction. These solutions, however, are vulnerable to Sybil attacks, as the compromised key material of a single vehicle could be used to impersonate an arbitrary number of vehicles simultaneously. In this paper, we propose a new generic approach for C-ITS authentication based on privacy-preserving Attribute-Based Credential (ABC) that generates pseudonyms locally on the vehicle, but where only one valid pseudonym can be generated at any given time. The computational performance and signature sizes of current Privacy-ABC schemes makes them more useful for low-frequency warning messages than for high-frequency beaconing. We therefore see our approach rather as a conceptual framework that can direct further research into more efficient dedicated implementations.