Affiliations: Telematics Department, Universitat Politècnica de
Catalunya, Barcelona, Spain | Computer Communications Department, Middlesex
University, London, UK
Note: [] Corresponding author: Carlos Gañán, Universitat
Politècnica de Catalunya (UPC), Jordi Girona 1-3, 08034 Barcelona, Spain.
Tel.: +34 93 401 7027; Fax: +34 93 401 1058; E-mail: [email protected]
Abstract: Certificate revocation is a challenging task, especially
in mobile network environments such as vehicular ad Hoc networks (VANETs).
According to the IEEE 1609.2 security standard for VANETs, public key
infrastructure (PKI) will provide this functionality by means of
certificate revocation lists (CRLs).
When a certificate authority (CA)
needs to revoke a certificate, it
globally distributes CRLs.
Transmitting these lists pose a problem as they require high update frequencies and a lot of
bandwidth. In this article, we propose BECSI, a
Bandwidth Efficient Certificate Status Information
mechanism to efficiently distribute
certificate status information (CSI) in VANETs.
By means of Merkle hash trees (MHT), BECSI allows
to retrieve authenticated CSI not only
from the infrastructure but also from vehicles acting
as mobile repositories.
Since these MHTs are significantly smaller than the CRLs, BECSI
reduces the load on the CSI repositories and improves the response time for the vehicles.
Additionally, BECSI improves the freshness of the CSI
by combining the use of delta-CRLs with MHTs.
Thus, vehicles that have cached the most current CRL
can download delta-CRLs to have a complete list of revoked certificates.
Once a vehicle has the whole list of revoked certificates, it can act as mobile repository.
