Efficient Certificate Revocation List Organization and Distribution
Source: University of Idaho
In this paper, the authors propose a lightweight mechanism for revoking security certificates that is appropriate for the limited bandwidth and hardware cost constraints of a VANET. A Certificate Authority (CA) issues certificates to trusted nodes, i.e., vehicles. If the CA looses trust in a vehicle (e.g., due to evidence of malfunction or malicious behavior), the CA must promptly revoke the certificates of the distrusted vehicle. To distribute revocation information quickly even during incremental deployment, they propose that CAs use Certificate Revocation Lists (CRLs). The CRL should be composed in a secure manner, and it should be exchanged in a way such that the CRL is both quickly and widely distributed.