With the adoption of Vehicle-to-everything (V2X) technology, security and privacy
of vehicles are paramount. To avoid tracking while preserving vehicle/driver’s
privacy, modern vehicular public key infrastructure provision vehicles with
multiple short-term pseudonym certificates. However, provisioning a large number
of pseudonym certificates can lead to an enormous growth of Certificate
Revocation Lists (CRLs) during its revocation process. One possible approach to
avoid such CRL growth is by relying on activation code
(AC)-based solutions. In such solutions, the vehicles are provisioned with
batches of encrypted certificates, which are decrypted periodically via the ACs
(broadcasted by the back-end system). When the system detects a revoked vehicle,
it simply does not broadcast the respective vehicle’s AC. As a result, revoked
vehicles do not receive their respective AC and are prevented from decrypting
their certificates. Consequently, the need to add such vehicles on the CRL is
expunged. In this article, we introduce uACPC, which extends the distribution of
ACs (in a privacy-preserving manner) to the unicast mode of communication. In
uACPC, the ACs are distributed by the back-end system via a unicast channel upon
the receipt of the vehicle’s direct request for their respective ACs. In
addition, we show that uACPC can leverage the edge computing architecture for
faster and timely distribution of CRLs. In particular, edge computing can bring
low-latency delivery of CRLs and higher availability for the distribution of
ACs.
