A novel active revocation algorithm for Intelligent Transport System security

Vehicular networks enable vehicles to communicate with each other and with the roadside infrastructure. They are part of the Intelligent Transport System (ITS) framework and provide safety, navigation, and other roadside services. To communicate with each other in the network, ITS stations (i.e., vehicles, roadside and portable units) use pseudonym certificates called Authorization Tickets (ATs). These ATs are issued to certified ITS stations (ITS-S) so they can sign and encrypt messages in the network, building trust in ITS. ATs are of short validity and have to be renovated frequently due to the privacy of ITS stations. Revocation of ATs is done passively, not sending new ATs to compromised ITS-Ss, leaving a space between the moment an ITS-S is classified as compromised and the end of the validity of its ATs, exposing the network to possible misleading messages. This work studies ITS security management and proposes an active revocation algorithm based on an Authorization Ticket Certificate Revocation List (ATCRL). This list is distributed in the ITS network and used by vehicles to discard messages associated with the compromised ATs. An analysis of the proposed algorithm is conducted, where several scenarios were built to compare and analyze different uses of the algorithm, including the two versions proposed, i.e., a decentralized and a centralized version. The decentralized version is faster, and there is a benefit in using delta versions of the ATCRL.