Browse Prior Art Database

ELECTOR-BASED ROOT MANAGEMENT SYSTEM TO MANAGE A PUBLIC KEY INFRASTRUCTURE

IP.com Disclosure Number: IPCOM000245336D
Publication Date: 2016-Mar-01
Document File: 17 page(s) / 1M

Publishing Venue

The IP.com Prior Art Database

Related People

Ben Brecht, Volkswagen: AUTHOR [+8]

Abstract

The security and integrity of a Public Key Infrastructure (PKI) depends on the maintenance of one or more secure root certificate authority (CA). In a conventional PKI, a single root CA is maintained with strict policies to minimize the risk of compromise or failure of that single entity. This approach does not scale well for very large PKI systems with participation from a multitude of peer organizations. The elector model described here introduces a secure mechanism to manage one or more trusted root CA in a PKI. It has the property that operational responsibilities can be distributed among multiple entities. It introduces the ability to securely and reliably replace and update the root CAs in a PKI hierarchy (or multiple, peer root CAs) over time. This approach was developed specifically to support the Security Credential Management System (SCMS), which is part of the US DOT Vehicle-to-Vehicle communication system. The same approach can be implemented as an extension to many other new or existing PKI systems with few changes to established protocols and message structures.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 18% of the total text.

Page 01 of 17

ELECTOR-BASED ROOT MANAGEMENT SYSTEM TO MANAGE A PUBLIC KEY INFRASTRUCTURE

December 20, 2015

This publication was developed by the Crash Avoidance Metrics Partners LLC (CAMP) Vehicle Safety Communications 5 (VSC5) Consortium (Ford Motor Company, General Motors LLC., Honda R&D Americas, Inc., Hyundai-Kia America Technical Center, Inc., Mazda, Nissan Technical Center North America, Inc., and Volkswagen Group of America).

This material is based upon work supported by the U.S. Department of Transportation under Cooperative Agreement No. DTNH22-14H00449.

Any opinions, findings, and conclusions or recommendations expressed in this publication are those of the Authors and do not necessarily reflect the views of the U.S. Department of Transportation.

Authors: Ben Brecht, Volkswagen; Dean Therriault, General Motors; Roger Motz, Nissan; Virendra Kumar, Security Innovations; Rob Lambert, TrustPoint Innovation Technologies, Ltd.; Bill Lattin, Green Hills Software; Brian Romansky, TrustPoint Innovation Technologies, Ltd.; and William Whyte, Security Innovations;

ABSTRACT

The security and integrity of a Public Key Infrastructure (PKI) depends on the maintenance of one or more secure root certificate authority (CA). In a conventional PKI, a single root CA is maintained with strict policies to minimize the risk of compromise or failure of that single entity. This approach does not scale well for very large PKI systems with participation from a multitude of peer organizations. The elector model described here introduces a secure mechanism to manage one or more trusted root CA in a PKI. It has the property that operational responsibilities can be distributed among multiple entities. It introduces the ability to securely and reliably replace and update the root CAs in a PKI hierarchy (or multiple, peer root CAs) over time. This approach was developed specifically to support the Security Credential Management System (SCMS), which is part of the US DOT Vehicle-to-Vehicle communication system. The same approach can be implemented as an extension to many other new or existing PKI systems with few changes to established protocols and message structures.

KEYWORDS

Public Key Infrastructure, PKI, root management, SCMS, V2V

Page 1 of 17


Page 02 of 17

INTRODUCTION

When managing Public-Key Infrastructure (PKI) credentials, which is the central purpose of the Security Credential Management System (SCMS), the roots of trust for the system, which are the eventual stopping point for trust chains, are a crucial component. The roots of trust chains, or Trust Anchors, are a set of certificates or public keys for which signatures will be implicitly trusted by the system. The implicitly trusted entity (Trust Anchor) certificates are stored in tamper-proof storage usually referred to as a Trust Store. A signature on a certificate from an entity above is what allows a trust chain validator to climb up a link of the chain, and if the last signature of the chain is verif...