Today’s average smartphone wirelessly exchanges various kinds of data such as contacts, photos, videos, and location information between multiple parties using Bluetooth®, Wi-Fi, and cellular technology. For example, the Apple® iPhone® features an app called AirDrop® that enables the exchange of photo albums, events, journals, and slideshows directly to another Apple device using Bluetooth or Wi-Fi technology.

In a similar manner, vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communications, which are part of connected vehicle communications, enable the wireless exchange of information among vehicles, roadway infrastructure, traffic management centers, and wireless mobile devices. But, how secure is this exchange of information? A security system is critical to ensure that users of connected vehicle technology can trust in the validity of information received from other system users—even indistinct users who they do not know personally.

Graphic. The fundamental framework of a system using digital certificates requires four key components identified here as confidentiality, authentication, integrity, and nonrepudiation; and four structured segments identified here as technology, implementation, policy, and standards. Source: USDOT.
The fundamental framework of a system using digital certificates requires four key components (confidentiality, authentication, integrity, and nonrepudiation) and four structured segments (technology, implementation, policy, and standards).

The U.S. Department of Transportation (USDOT) is committed to ensuring that connected and automated vehicle (CAV) technologies operate in a safe and secure manner that protects user privacy. Since 2013, USDOT has led the way in research and implementation of a state-of-the-art security system for CAVs that use connected vehicle communications.

Digital Certificates

Systems for connected vehicle communications use digital certificates to exchange information that all elements, including vehicles, roadway infrastructure, and traffic management centers, can validate. In cryptography, a digital certificate or public key certificate is an electronic document that proves the ownership of a digital public key—a key that the owner can share with everyone.

Each digital public key has a matching digital private key, which is known only by the owner of the digital certificate. The digital certificate in turn contains information about the identity of the owner, a unique digital signature, and the means to verify the authenticity of the digital signature using the digital public key.

Digital certificates are the basis of a fundamental framework for a system that ensures users can trust the validity of information received through connected vehicle communications. This framework requires four key components and four structured segments.

The four key components of a trusted digital certificate system are confidentiality, authentication, integrity, and nonrepudiation, or CAIN. Confidentiality means the information exchanged within the system can be kept secret. Authentication is the process of confirming the information is valid. Integrity ensures the system has not been corrupted, and nonrepudiation provides proof of data and system integrity so that an information transmitter cannot deny having sent the information.

To read more about V2V and V2I infrastructure and privacy issues, check out the whole article at FHWA Public Roads!