Abstract: Embodiments described herein provide a tree-based key management protocol with enhanced computational and bandwidth efficiency. A tree structure including a plurality of nodes is formulated according to modules in a vehicle. A group key and a blinded key are computed for a leaf node from the plurality of nodes based at least in part on a multiplication operation defined in an ecliptic curve group. Or a group key and a blinded key are recursively computed for a non-leaf node based at least in part on a key derivation function and the multiplication operation involving a group key and a blinded key corresponding to nodes that is one level down to the non-leaf node.

Abstract: Improved pseudonym certificate management is provided for connected vehicle authentication and other applications. Temporary revocation of a certificate is enabled. With respect to Security Credential Management Systems (SCMS), pre-linkage values can be employed. The pre-linkage values can be encrypted using homomorphic encryption. Other embodiments are also provided.

Abstract: Embodiments described herein provide systems and methods to prevent, or provide a countermeasure, to a co-existence attack, for example, that may occur in a Security Credential Management System (SCMS) where both regular butterfly key (RBK) protocol and unified butterfly key (UBK) protocol are supported. Embodiments described herein provide, support, employ, or implement hardware acceleration for a Hardware Security Module (HSM), for example, for cryptographic operations (e.g., block ciphers, digital signature schemes, and key exchange protocols).

Abstract: Improved pseudonym certificate management is provided for connected vehicle authentication and other applications. Temporary revocation of a certificate is enabled. With respect to Security Credential Management Systems (SCMS), linkage authorities can be eliminated without compromising the system security. Other embodiments are also provided.

Abstract: Pseudonym digital certificates (160p) are generated for devices (110/150) by a Pseudonym Certificate Authority (PCA), which communicates with devices via another entity—registration authority (RA)—so that the PCA and RA cannot associate certificates with devices. Each certificate is associated with a public signature key, and with a public encryption key used by PCA to encrypt the certificate to hide it from the RA. Both keys are derived by PCA from a single key. For example, the signature key can be derived from the public encryption key rather than generated independently. However, high security is obtained even when the PCA does not sign the encrypted certificate. Reduced bandwidth and computational costs are obtained as a result. Other embodiments are also provided.

Abstract: Pseudonym digital certificates (160p) are generated for devices (110/150) by a Pseudonym Certificate Authority (PCA), which communicates with devices via another entity—registration authority (RA)—so that the PCA and RA cannot associate certificates with devices. Each certificate is associated with a public signature key, and with a public encryption key used by PCA to encrypt the certificate to hide it from the RA. Both keys are derived by PCA from a single key. For example, the signature key can be derived from the public encryption key rather than generated independently. However, high security is obtained even when the PCA does not sign the encrypted certificate. Reduced bandwidth and computational costs are obtained as a result. Other embodiments are also provided.

Abstract: Pseudonym digital certificates (160p) are generated for devices (110/150) by a Pseudonym Certificate Authority (PCA), which communicates with devices via another entity—registration authority (RA)—so that the PCA and RA cannot associate certificates with devices. Each certificate is associated with a public signature key, and with a public encryption key used by PCA to encrypt the certificate to hide it from the RA. Both keys are derived by PCA from a single key. For example, the signature key can be derived from the public encryption key rather than generated independently. However, high security is obtained even when the PCA does not sign the encrypted certificate. Reduced bandwidth and computational costs are obtained as a result. Other embodiments are also provided.

Abstract: Improved pseudonym certificate management is provided for connected vehicle authentication and other applications. Temporary revocation of a certificate is enabled. With respect to Security Credential Management Systems (SCMS), linkage authorities can be eliminated without compromising the system security. Other embodiments are also provided.