Certificate Revocation List Distribution in Vehicular Communication Systems

Abstract: Message exchange in VANETs should be secured. Researchers have designed many methods to meet this goal. One of the ways agreed upon by most researchers, is through the use of a public-key infrastructure (PKI). An important part of any PKI system is certificate revocation. The revocation is usually done by periodically issuing a Certificate Revocation List (CRL) by the Certification Authority (CA). After the creation of a CRL by CA, the CRL should be distributed in the VC system. The important question is how we can distribute the CRL efficiently and in a timely manner throughout the system in a way that all vehicles receive a genuine copy of it. A couple of researches considered CRL distribution in the past and proposed different methods like RSU-only [1], C2C Epidemic [2], and Most Pieces Broadcast (MPB) [3]. We implement the aforementioned CRL distribution methods and evaluate them using a common framework. With this approach, we can compare these methods accurately and point out the limitations of each. Due to the fact that C2C Epidemic did not provide any packet-level implementation, we propose an implementation for it. We also propose a new method for CRL distribution called ICE (Intelligent CRL Exchange). This method uses V2V and I2V communication to distribute the CRL pieces to vehicles. ICE is an enhanced version of the MPB method and it uses semi-incremental CRL exchange. With this approach, the number of duplicate received pieces decreases in comparison to the MPB method. Moreover, ICE uses a simple approach to decrease the number of unnecessary broadcasts by RSUs. The evaluation is done through simulations. OMNET++ [4] and the MiXiM framework are used for detailed packet-level simulation. The simulation is done for both small and large scale scenarios. For the large scale simulation, we use SUMO [5] to generate mobility traces of vehicle nodes. Different criteria are defined so that we can compare CRL distribution methods. According to the simulation results, vehicles in C2C Epidemic, MPB and ICE receive all the required CRL pieces in less time in comparison to RSU-only, because vehicles use both I2V and V2V communications. MPB shows a better performance than C2C Epidemic, but the number of duplicate received pieces increases substantially. ICE tries to alleviate this by incorporating semi-incremental CRL exchange. Furthermore, the number of broadcasts by RSUs in the ICE method shows reduction.