A global tech leader has recently awarded UBITECH with 16-month research contract, aiming at building and demonstrating a V2X Communication Security Architecture Including Pseudonym Usage and Re-usage as well as Pseudonym Revocation based on the Use of the Direct Anonymous Attestation (DAA) Protocol. More specifically, in the course of this action, a new solution (that changes that traditional PKI-based landscape) based on the use of the Direct Anonymous Attestation (DAA) protocol will be built by UBITECH. DAA is a user-controlled anonymous digital signature mechanism, where for each signature no entity can discover the signer’s identity. However, DAA still has the property that only a legitimate signer (e.g., vehicle) can create a valid signature through the use of trusted computing hardware or software. Under DAA, vehicles will be responsible for generating their own pseudonyms resulting in simplified infrastructure models where there is no need for a dedicated entity to take up this role.
Employing such a solution has the following advantages: (a) Scalability is partially resolved, as DAA is based on a distributed architecture, where each vehicle can create pseudonyms on its own, thus, reducing the communication overhead with the backend infrastructure to only those actions needed for certifying the validity of the host TPM; (b) Revocation complexity is reduced – there is no need for pseudonym resolution and the use of CRLs; (c) Trust is shifted from the back-end infrastructure to the edge (i.e., vehicles); and (d) DAA has comparable performance to PKI when it comes to the underlying crypto primitives used.
UBITECH, as sole contractor and implementor, is responsible for identifying how to leverage DAA for overcoming PKI limitations in V2X, designing a solution for the revocation process in V2X using DAA, resolving one of the weakest points of PKI in the V2X scenario, since there is no need for CRLs, as well as of the pseudonym usage and re-usage, optimizing the pseudonym changing policy for packet transmission under the V2X standards when self-generated pseudonyms are been used. Moreover, UBITECH will improve the overall efficiency of the DAA protocol, by re-evaluating the TPM commands invoked per DAA-phase and re-evaluate the crypto libraries to be used, in order to improve the execution times, demonstrating much more efficient results compared to the existing “vanilla” DAA implementation. Finally, UBITECH will come up with a complete reference architecture for using DAA in V2X that will be independent of the implementation, defining components and functionality, the protocol specification for each phase (issuance, etc.), a high-level description of the APIs, etc.