Abstract: Digital certificates are generated for devices by a Certificate Authority (CA), which communicates with devices via another entity—registration authority (RA)—so that the CA and RA cannot associate certificates with devices. Each certificate is associated with a public signature key, and with a public encryption key used by CA to encrypt the certificate to hide it from the RA. Both keys are derived by CA from a single key. For example, the signature key can be derived from the public encryption key rather than generated independently. However, high security is obtained even when the CA does not sign the encrypted certificate. Reduced bandwidth and computational costs are obtained as a result. Other embodiments are also provided.

Abstract: According to some embodiments, in a Vehicular-to-Everything (V2X) communications environment where vehicles can exchange messages with other entities, including nearby vehicles and pedestrians, systems and methods are provided to implement a mechanism or technique based on hash chaining that allows a large sequence of messages from the same source to be validated by verifying a single digital signature.

Abstract: Improved pseudonym certificate management is provided for connected vehicle authentication and other applications. Temporary revocation of a certificate is enabled. With respect to Security Credential Management Systems (SCMS), pre-linkage values can be employed. The pre-linkage values can be encrypted using homomorphic encryption. Other embodiments are also provided.

Abstract: In a vehicle-to-everything (V2X) technology environment, systems and methods are provided for extending the distribution of activation codes (ACs) in an Activation Codes for Pseudonym Certificates (ACPC) system, in a privacy-preserving manner, to a unicast mode of communication. In this unicast ACPC (uACPC), in some embodiments, the ACs are distributed by the back-end system via a unicast channel upon the receipt of the vehicle's direct request for its respective ACs. In some embodiments, uACPC can leverage edge computing architecture for low latency delivery of certificate revocation lists (CRLs) and higher availability for the distribution of ACs.

Abstract: According to some embodiments, systems and methods are provided for revoking one or more of a plurality of entities in a vehicular public-key infrastructure. The systems and methods balance privacy and efficiency by distributing activation codes according to various approaches, including a direct request approach, a fixed-size subset approach, and a variable-size subset approach.

Abstract: Embodiments described herein provide systems and methods to prevent, or provide a countermeasure, to a co-existence attack, for example, that may occur in a Security Credential Management System (SCMS) where both regular butterfly key (RBK) protocol and unified butterfly key (UBK) protocol are supported. Embodiments described herein provide, support, employ, or implement hardware acceleration for a Hardware Security Module (HSM), for example, for cryptographic operations (e.g., block ciphers, digital signature schemes, and key exchange protocols).

Abstract: Embodiments described herein provide systems and methods to prevent, or provide a countermeasure, to a co-existence attack, for example, that may occur in a Security Credential Management System (SCMS) where both regular butterfly key (RBK) protocol and unified butterfly key (UBK) protocol are supported. Embodiments described herein provide, support, employ, or implement hardware acceleration for a Hardware Security Module (HSM), for example, for cryptographic operations (e.g., block ciphers, digital signature schemes, and key exchange protocols).

Abstract: To revoke a digital certificate, activation of the digital certificate is blocked by withholding an activation code from the certificate user. The certificates are generated by a plurality of entities in a robust process that preserves user privacy (e.g. anonymity) even in case of collusion of some of the entities. The process is suitable for connected vehicles, e.g. as an improvement for Security Credential Management System (SCMS).

Abstract: To revoke a digital certificate (160p), activation of the digital certificate is blocked by withholding an activation code from the certificate user (110). The certificates are generated by a plurality of entities (210, 220, 838) in a robust process that preserves user privacy (e.g. anonymity) even in case of collusion of some of the entities. The process is suitable for connected vehicles, e.g. as an improvement for Security Credential Management System (SCMS).

Abstract: According to some embodiments, in a Vehicular-to-Everything (V2X) communications environment where vehicles can exchange messages with other entities, including nearby vehicles and pedestrians, systems and methods are provided to implement a mechanism or technique based on hash chaining that allows a large sequence of messages from the same source to be validated by verifying a single digital signature.

Abstract: Digital certificates are generated for devices by a Certificate Authority (CA), which communicates with devices via another entity registration authority (RA)—so that the CA and RA cannot associate certificates with devices. Each certificate is associated with a public signature key, and with a public encryption key used by CA to encrypt the certificate to hide it from the RA. Both keys are derived by CA from a single key. For example, the signature key can be derived from the public encryption key rather than generated independently. However, high security is obtained even when the CA does not sign the encrypted certificate. Reduced bandwidth and computational costs are obtained as a result. Other embodiments are also provided.

Abstract: Pseudonym digital certificates (160p) are generated for devices (110/150) by a Pseudonym Certificate Authority (PCA), which communicates with devices via another entity—registration authority (RA)—so that the PCA and RA cannot associate certificates with devices. Each certificate is associated with a public signature key, and with a public encryption key used by PCA to encrypt the certificate to hide it from the RA. Both keys are derived by PCA from a single key. For example, the signature key can be derived from the public encryption key rather than generated independently. However, high security is obtained even when the PCA does not sign the encrypted certificate. Reduced bandwidth and computational costs are obtained as a result. Other embodiments are also provided.

Abstract: A method for computing a shared key (K) for encrypting data between a first device and a second device. The method includes communicating a first private ephemeral key (XA), and a first parameter set (YA) to a second device. The first parameter set (YA) includes identity data (IDA) that identifies the first device, a random point (VA) on an elliptic curve, and a first public key (UA). The first device receives a second private ephemeral key (XB) and a second parameter set (YB). The second parameter set (YB) includes identity data (IDB) that identifies the second device, a random point (VB) on the elliptic curve, and a second public key (UB). Verifying operations are performed to verify the second public key (UB) and the second private ephemeral key (XB) as valid. A shared key (K) is then computed based at least on the first parameter set (YA), the second parameter set (YB), the first private ephemeral key (XA), and the second private ephemeral key (XB).

Abstract: Improved pseudonym certificate management is provided for connected vehicle authentication and other applications. Temporary revocation of a certificate is enabled. With respect to Security Credential Management Systems (SCMS), pre-linkage values can be employed. The pre-linkage values can be encrypted using homomorphic encryption. Other embodiments are also provided.

Abstract: Embodiments described herein provide systems and methods to prevent, or provide a countermeasure, to a co-existence attack, for example, that may occur in a Security Credential Management System (SCMS) where both regular butterfly key (RBK) protocol and unified butterfly key (UBK) protocol are supported. Embodiments described herein provide, support, employ, or implement hardware acceleration for a Hardware Security Module (HSM), for example, for cryptographic operations (e.g., block ciphers, digital signature schemes, and key exchange protocols).

Abstract: Improved pseudonym certificate management is provided for connected vehicle authentication and other applications. Temporary revocation of a certificate is enabled. With respect to Security Credential Management Systems (SCMS), linkage authorities can be eliminated without compromising the system security. Other embodiments are also provided.

Abstract: Pseudonym digital certificates (160p) are generated for devices (110/150) by a Pseudonym Certificate Authority (PCA), which communicates with devices via another entity—registration authority (RA)—so that the PCA and RA cannot associate certificates with devices. Each certificate is associated with a public signature key, and with a public encryption key used by PCA to encrypt the certificate to hide it from the RA. Both keys are derived by PCA from a single key. For example, the signature key can be derived from the public encryption key rather than generated independently. However, high security is obtained even when the PCA does not sign the encrypted certificate. Reduced bandwidth and computational costs are obtained as a result. Other embodiments are also provided.

Abstract: Pseudonym digital certificates (160p) are generated for devices (110/150) by a Pseudonym Certificate Authority (PCA), which communicates with devices via another entity—registration authority (RA)—so that the PCA and RA cannot associate certificates with devices. Each certificate is associated with a public signature key, and with a public encryption key used by PCA to encrypt the certificate to hide it from the RA. Both keys are derived by PCA from a single key. For example, the signature key can be derived from the public encryption key rather than generated independently. However, high security is obtained even when the PCA does not sign the encrypted certificate. Reduced bandwidth and computational costs are obtained as a result. Other embodiments are also provided.

Abstract: To revoke a digital certificate, activation of the digital certificate is blocked by withholding an activation code from the certificate user. The certificates are generated by a plurality of entities in a robust process that preserves user privacy (e.g. anonymity) even in case of collusion of some of the entities. The process is suitable for connected vehicles, e.g. as an improvement for Security Credential Management System (SCMS).

Abstract: A method for computing a shared key (K) for encrypting data between a first device and a second device. The method includes communicating a first private ephemeral key (XA), and a first parameter set (YA) to a second device. The first parameter set (YA) includes identity data (IDA) that identifies the first device, a random point (VA) on an elliptic curve, and a first public key (UA). The first device receives a second private ephemeral key (XB) and a second parameter set (YB). The second parameter set (YB) includes identity data (IDB) that identifies the second device, a random point (VB) on the elliptic curve, and a second public key (UB). Verifying operations are performed to verify the second public key (UB) and the second private ephemeral key (XB) as valid. A shared key (K) is then computed based at least on the first parameter set (YA), the second parameter set (YB), the first private ephemeral key (XA), and the second private ephemeral key (XB).