Blockchain-based root of trust management in security credential management system for vehicular communications

Security Credential Management System (SCMS) provides the Public Key Infrastructure (PKI) for vehicular networking. SCMS builds the state-of-the-art distributed PKI to protect the vehicular networking privacy against an honest-but-curious authority (by the use of multiple PKI authorities) and to decentralize the PKI root of trust (by the Elector-Based Root Management or EBRM, having the distributed electors manage the Root Certificate Authority or RCA). We build on the EBRM architecture and construct a Blockchain-Based Root Management (BBRM) to provide even greater decentralization and security. More specifically, BBRM uses blockchain to i) replace the existing RCA and have the electors directly involved in the root certificate generation, ii) control the elector network membership including elector addition and revocation, and iii) provide greater accountability and transparency on the aforementioned functionalities. We implement BBRM on Hyperledger Fabric using smart contract for system experimentation and analyses. Our experiments show that BBRM is lightweight in processing, efficient in ledger size, and supports a bandwidth of multiple transactions per second. Our results show that the BBRM blockchain is appropriate for the root certificate generation and the elector membership control for EBRM within SCMS, which are significantly smaller in number and occurrences than the SCMS outputs of vehicle certificates. We also experiment to analyze how the BBRM distributed consensus protocol parameters, such as the number of electors and the number of required votes, affect the overall scheme's performances.