1. Field of the Invention
This invention relates generally to a method for distributing digital certificates in vehicle-to-vehicle networks and, more particularly, to a method for distributing digital certificates in vehicle-to-vehicle networks which uses a variable inter-certificate refresh period to optimize performance based on network conditions.
2. Discussion of the Related Art
Wireless vehicle-to-vehicle (V2V) communication is becoming increasingly popular as a driver assistance mechanism. V2V communication can be used in systems which provide drivers with important advisories and warnings about the state of traffic in the surrounding environment. Security is an important part of V2V communication, since spurious advisories or warnings shown to a driver based on information from compromised nodes would lead to loss of confidence in the use of V2V systems. It is hence important that messages exchanged between nodes (vehicles) in V2V networks be secured against malicious entities intent on manipulating the system or disrupting the service.
Security in a V2V network can be provided by using digital signatures based on public key cryptography (PKC). An important requirement of PKC-based security protocols is the exchange of public keys through a secure and trusted channel. Digital certificates provide the means necessary for establishment of a secure channel to exchange the public key between a transmitting node and receiving nodes. A digital certificate, among other parameters, typically contains a unique certificate identifier, along with the public key, which is needed for message authentication. Since bandwidth in wireless V2V networks is at a premium, message size must be kept to a minimum. For this reason, a common strategy used in V2V networks is not to transmit a digital certificate with every message. Instead, a certificate may be appended only to messages at a certain interval, such as every fifth message, where the first, sixth, and eleventh messages include a full certificate, while the second through fifth and seventh through tenth messages include a certificate digest, and so forth. Then, when the next message containing a full certificate is received, the receiving node can validate that the preceding messages with certificate digests were in fact authentic. Since a certificate digest is considerably smaller than a certificate, this strategy accomplishes the objective of reducing message size.
However, V2V networks are characterized by rapidly changing topology, signal strengths are sometimes marginal, and node density can be high. Thus, some transmitted messages can be lost. That is, some messages are not successfully received by nodes which should receive them. If a lost message happens to be one containing a full digital certificate, then the receiving node accumulates a backlog of messages which it cannot authenticate. As a result, performance of real-time messaging systems will suffer, and some critical information may be permanently lost.
There is a need for a certificate distribution mechanism which minimizes message size, while simultaneously minimizing the potential negative impact of lost messages.