V2X Security Credential Management System (SCMS) Proof-of ...transops.s3.amazonaws.com/uploaded_files/V2I DC TWG 3 October 19 2015... · October 2015 1 V2X Security Credential Management

1 October 2015

V2X Security Credential Management System (SCMS)

Proof-of-Concept Implementation

funded by US DOT/NHTSA

Benedikt Brecht, CAMP Principal Investigator, VWGoA

2 October 2015

CAMP Partners

Project funded by Supported by

3 October 2015

What is V2X?

Photo Source: U.S. DOT

4 October 2015 4

Remote Vehicles sends position and

speed

Do Not Pass Warning

Photo Source: Continental

5 October 2015 5

Remote Vehicles sends position and

speed

Left Turn Assist

Photo Source: Cadillac

6 October 2015

Traffic Light Assistant

Traffic light sends current state and time

to next state

Dept: VWGoA Safety

Affairs

Photo Source: Audi/jalopnik.com

7 October 2015

V2X Public Perception, Market and

Mandate Activities

GM announced V2V for the 2017 Cadillac CTS

“We’re doing it because it’s what customers around the

world want. Through technology and innovation, we will

make driving safer.”

USDOT Secretary - Anthony Foxx

“The Department wants to speed the nation toward an

era when vehicle safety isn’t just about surviving

crashes. It’s about avoiding them”

MIT Technology Review

Announced V2X communication as one of the 10

breakthrough technologies 2015.

http://www.technologyreview.com/featuredstory/534981/

car-to-car-communication

8 October 2015

Establish Trust

Photo Source: Shutterstock

9 October 2015

Ensure Privacy

Photo Source: Independent.co.uk

10 October 2015

Photo Source: moviepilot.com

Avoid Intrusion

11 October 2015

Initialization

Device receives keys and information to establish trusted connections to SCMS components

Photo Source: Wikimedia Commons

12 October 2015

Enrollment

Device receives long-term certificate to use in interaction with SCMS components

Photo Source: depositphotos.com

13 October 2015

Pseudonym Certificates Short-term certificates to use in interactions with other devices

Photo Source: REUTERS/Ricardo Moraes

14 October 2015

Misbehavior Detection Device detects misbehavior and might report to MA or MA detects

misbehavior on a global level

Photo Source: Liudmila P. Sundikova

15 October 2015

Penalty / device revocation Device should no longer be trusted - MA revokes certificates and informs devices and SCMS components

Photo Source: Andy Devlin/NHLI via Getty Images

16 October 2015

Certification Lab

Linkage Authority 1

Linkage Authority 2

Location Obscurer Proxy

Root CA

CRL Store

Policy Technical

SCMS ManagerSCMS Manager

Device 1 Device 2 Device 3Device 3

Device Config. Manager

CRL Broadcast

Intermediate CA

Legend

Regular communication

Out-of-band communication

Not Intrinsically Central

Intrinsically Central

Enrollment CA

Pseudonym CA

Internal Blacklist Manager

GlobalDetection

CRLGenerator

Misbehaviour Authority

RegistrationAuthority

SCMS Architecture

17 October 2015

A Security Credential Management System (SCMS) for

Vehicle-to-Vehicle Communications

William Whyte (CAMP VSC5)

18 October 2015

Motivation

• V2V system can alert the driver (thus help prevent crashes) by issuing different safety warnings, e.g.:

• Forward Collision Warning (FCW)

• Intersection Movement Assist (IMA)

• Electronic Emergency Brake Light (EEBL)

• Messages include information on current position, velocity, etc.

• Messages received over the air: integrity and authentication required

• CAMP VSC5 Choice:

• Unencrypted messages with signature based on asymmetric cryptography (ECDSA-256)

• Certificates (incl. public key) issued by a Public-Key-Infrastructure (PKI)

19 October 2015

Contradicting requirements

• Privacy (OEM privacy goals)

• Prevent SCMS from collecting Personally Identifiable Information (PII)

• Prevent trip tracking by outsiders: frequent change in pseudonym certificates

• Prevent trip tracking by SCMS insiders: separation of duties and information such that trip tracking is only possible by a collusion of several SCMS components

• Trustworthy messages • Incoming messages must be verifiable

• Misbehaving units need to be removed

20 October 2015

• Privacy from attacks by an SCMS insider

• Introduce extra SCMS components, e.g. 2nd LA, LOP, etc.

• Don’t link certificates to VIN

• Separate operation of SCMS components:

Two or more components should not be run by the same

organization without “proper” separation

if

the combined information held by the components would allow the

organization to track* a vehicle

*predict next pseudonym certificate based on current one or find

out whether two certificates belong to the same device

Privacy by Design: OEM Perspective

21 October 2015

Basic Overview

To Enrollment

Certificate

Authority:

Prove Eligibility

Receive

ONE enrollment

certificate

Certificate

Provisioning

Participate

in V2V Enrollment

To Registration

Authority: Show

Enrollment Cert

Receive SET of

pseudonym

certificates

Current Assumptions on pseudonym certificates:

• 3120 pseudonym certificates

• 20 valid per week

• Frequent change of pseudonym certificate (e.g. every 5

minutes)

22 October 2015

SCMS Design

Certification Lab

Enrollment CA

Pseudonym CA

Linkage Authority 1

Linkage Authority 2

Registration Authority

Location Obscurer Proxy

Root CA

Misbehavior Authority

CRL Store

Internal Blacklist Manager

CRL Generator

Global Detection

Policy Technical

SCMS Manager

Device 1 Device 2 Device 3Device 3

Device Config. Manager

Legend

Regular communication

Out-of-band communication

Not Intrinsically Central

Intrinsically Central

CRL Broadcast

Intermediate CA

23 October 2015

Certificate Update

Certification Lab

Enrollment CA

Pseudonym CA

Linkage Authority 1

Linkage Authority 2

Registration Authority

Location Obscurer Proxy

Root CA

Misbehavior Authority

CRL Store

Internal Blacklist Manager

CRL Generator

Global Detection

Policy Technical

SCMS Manager

Device 1 Device 2 Device 3Device 3

Device Config. Manager

Legend

Provides information before execution

Directly acts in this use case

CRL Broadcast

Intermediate CA

24 October 2015

Misbehavior Reporting

Certification Lab

Enrollment CA

Pseudonym CA

Linkage Authority 1

Linkage Authority 2

Registration Authority

Location Obscurer Proxy

Root CA

Misbehavior Authority

CRL Store

Internal Blacklist Manager

CRL Generator

Global Detection

Policy Technical

SCMS Manager

Device 1 Device 2 Device 3Device 3

Device Config. Manager

Legend

Provides information before execution

Directly acts in this use case

CRL Broadcast

Intermediate CA

25 October 2015

Revocation

Certification Lab

Enrollment CA

Pseudonym CA

Linkage Authority 1

Linkage Authority 2

Registration Authority

Location Obscurer Proxy

Root CA

Misbehavior Authority

CRL Store

Internal Blacklist Manager

CRL Generator

Global Detection

Policy Technical

SCMS Manager

Device 1 Device 2 Device 3Device 3

Device Config. Manager

Legend

Provides information before execution

Directly acts in this use case

CRL Broadcast

Intermediate CA

26 October 2015

New SCMS Features

• Certificate Top-Up

• Device can top up certificates at any time

• Certificates are pre-generated at the RA (e.g. on a

week-by-week basis)

• Group Revocation

• Very efficient method of revoking multiple devices if

needed

• Optional Feature

27 October 2015

New SCMS Features

• Preliminary assessment of V2I applicability

• Certificate types

• OBE Enrollment certificate (V2V): enrollment certificate provided to OBE during bootstrap that OBE then uses to request application certificates

• OBE Pseudonym certificate (V2V): Pseudonym certificates for BSM authentication

• OBE Authorization certificate (V2I): e.g. for signal priority applications

• RSE Enrollment certificate (V2I): enrollment certificate provided to RSE during bootstrap that RSE then uses to request application certificates

• RSE Encryption and Authentication certificate (V2I): authenticated broadcast messages, confidential communication between OBE and RSE.

28 October 2015

Future Plans regarding SCMS Implementation

• Project ongoing to implement an SCMS that

supports anticipated year-one certificate requests

• All components except for Misbehavior Authority will be

implemented in this phase

• Misbehavior Authority will be implemented in a

subsequent phase

• Focus on Interface and Load Testing

29 October 2015

Thank you