Adaptive certificate distribution mechanism in vehicular networks using variable inter-certificate refresh period

US 8,499,155 B2
Filed: 03/24/2010
Issued: 07/30/2013
Est. Priority Date: 03/24/2010
Status: Active Grant

First Claim

Patent Images

1. A method for distributing digital certificates in a vehicle-to-vehicle network, said method comprising:

establishing wireless communications between two vehicles in the vehicle-to-vehicle network, where a first vehicle is transmitting messages and a second vehicle is receiving messages;

measuring current network conditions, where the network conditions include number of vehicles in the network, spatial and mobility patterns of the vehicles in the network, and bandwidth saturation;

employing a digital certificate by the first vehicle, where the digital certificate contains information which can be used to verify authenticity of messages sent by the first vehicle over the vehicle-to-vehicle network;

creating a certificate digest by the first vehicle, where the certificate digest is a hash function of the digital certificate;

defining a variable inter-certificate refresh period by the first vehicle, said variable inter-certificate refresh period being a number of message packets in a set, where a last message packet in the set includes the digital certificate and all previous message packets in the set include the certificate digest, and where a value for the variable inter-certificate refresh period is established to optimize performance of the vehicle-to-vehicle network based on the measured current network conditions, and the variable inter-certificate refresh period remains at the established value for an interval of time;

transmitting a message packet over the vehicle-to-vehicle network by the first vehicle, where the message packet contains message data and either the digital certificate or the certificate digest as dictated by the inter-certificate refresh period;

receiving the message packet by the second vehicle, and determining if the message packet contains the digital certificate or the certificate digest;

verifying the message packet by the second vehicle if the message packet contains the digital certificate, or if the message packet contains the certificate digest and a matching digital certificate for the certificate digest has previously been received;

storing the message packet by the second vehicle if the message packet contains the certificate digest and the matching digital certificate for the certificate digest has not previously been received, and if storage space is available;

dropping the message packet by the second vehicle if the message packet contains the certificate digest and the matching digital certificate for the certificate digest has not previously been received, and if storage space is not available; and

using the message data in the message packet, if the message packet is verified, in an application by the second vehicle.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for improving the reliability and performance of Vehicle-to-Vehicle (V2V) networks where digital certificates are necessary for message authentication and some messages may be lost in transmission. The method uses a variable inter-certificate refresh period to optimize communications throughput based on network conditions such as node density and bandwidth saturation. In some network conditions, the inter-certificate refresh period may be increased, such that more certificate digests are sent between full digital certificates, to decrease average message size. In other network conditions, the inter-certificate refresh period may be decreased, to allow for more frequent message authentication by receiving nodes. Empirical data and an adaptive controller are used to select the refresh period which will provide the best performance based on network conditions.

9 Citations

View as Search Results

13 Claims

1. A method for distributing digital certificates in a vehicle-to-vehicle network, said method comprising:
- establishing wireless communications between two vehicles in the vehicle-to-vehicle network, where a first vehicle is transmitting messages and a second vehicle is receiving messages;
  
  measuring current network conditions, where the network conditions include number of vehicles in the network, spatial and mobility patterns of the vehicles in the network, and bandwidth saturation;
  
  employing a digital certificate by the first vehicle, where the digital certificate contains information which can be used to verify authenticity of messages sent by the first vehicle over the vehicle-to-vehicle network;
  
  creating a certificate digest by the first vehicle, where the certificate digest is a hash function of the digital certificate;
  
  defining a variable inter-certificate refresh period by the first vehicle, said variable inter-certificate refresh period being a number of message packets in a set, where a last message packet in the set includes the digital certificate and all previous message packets in the set include the certificate digest, and where a value for the variable inter-certificate refresh period is established to optimize performance of the vehicle-to-vehicle network based on the measured current network conditions, and the variable inter-certificate refresh period remains at the established value for an interval of time;
  
  transmitting a message packet over the vehicle-to-vehicle network by the first vehicle, where the message packet contains message data and either the digital certificate or the certificate digest as dictated by the inter-certificate refresh period;
  
  receiving the message packet by the second vehicle, and determining if the message packet contains the digital certificate or the certificate digest;
  
  verifying the message packet by the second vehicle if the message packet contains the digital certificate, or if the message packet contains the certificate digest and a matching digital certificate for the certificate digest has previously been received;
  
  storing the message packet by the second vehicle if the message packet contains the certificate digest and the matching digital certificate for the certificate digest has not previously been received, and if storage space is available;
  
  dropping the message packet by the second vehicle if the message packet contains the certificate digest and the matching digital certificate for the certificate digest has not previously been received, and if storage space is not available; and
  
  using the message data in the message packet, if the message packet is verified, in an application by the second vehicle.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1 further comprising measuring performance of the vehicle-to-vehicle network as a function of network and configuration parameters, where the network and configuration parameters are allowed to vary throughout their permissible range.
  - 3. The method of claim 2 wherein the network and configuration parameters include number of vehicles in the network, spatial and mobility patterns of the vehicles in the network, bandwidth saturation, and the inter-certificate refresh period.
  - 4. The method of claim 1 wherein the interval of time is variable, where the interval of time is determined based on the measured current network conditions.
  - 5. The method of claim 1 further comprising receiving by the first vehicle feedback from the second vehicle regarding actual performance of the vehicle-to-vehicle network.
  - 6. The method of claim 5 wherein a value for the variable inter-certificate refresh period is established based on the actual performance of the vehicle-to-vehicle network.

7. A method for distributing digital certificates in a vehicle-to-vehicle network, said method comprising:
- establishing wireless communications between two vehicles in the vehicle-to-vehicle network, where a first vehicle is transmitting messages and a second vehicle is receiving messages;
  
  measuring performance of the vehicle-to-vehicle network as a function of network and configuration parameters, where the network and configuration parameters are allowed to vary throughout their permissible range, and the network and configuration parameters include number of vehicles in the network, spatial and mobility patterns of the vehicles in the network, bandwidth saturation, and the inter-certificate refresh period;
  
  employing a digital certificate by the first vehicle, where the digital certificate contains information which can be used to verify authenticity of messages sent by the first vehicle over the vehicle-to-vehicle network;
  
  creating a certificate digest by the first vehicle, where the certificate digest is a hash function of the digital certificate;
  
  measuring current network conditions by the first vehicle;
  
  defining a value of an variable inter-certificate refresh period to optimize the performance of the vehicle-to-vehicle network based on the measured current network conditions by the first vehicle, said variable inter-certificate refresh period being a number of message packets in a set, where a last message packet in the set includes the digital certificate and all previous message packets in the set include the certificate digest, and where a value for the variable inter-certificate refresh period is established to optimize the performance of the vehicle-to-vehicle network based on the measured current network conditions, and the variable inter-certificate refresh period remains at the established value for an interval of time;
  
  transmitting message packets over the vehicle-to-vehicle network by the first vehicle, where the message packets contain message data and either the digital certificate or the certificate digest as dictated by the variable inter-certificate refresh period;
  
  receiving the message packet by the second vehicle, and determining if the message packet contains the digital certificate or the certificate digest;
  
  verifying the message packet by the second vehicle if the message packet contains the digital certificate, or if the message packet contains the certificate digest and a matching digital certificate for the certificate digest has previously been received;
  
  storing the message packet by the second vehicle if the message packet contains the certificate digest and the matching digital certificate for the certificate digest has not previously been received, and if storage space is available;
  
  dropping the message packet by the second vehicle if the message packet contains the certificate digest and the matching digital certificate for the certificate digest has not previously been received, and if storage space is not available; and
  
  using the message data in the message packet, if the message packet is verified, in an application by the second vehicle.
- View Dependent Claims (8)
- - 8. The method of claim 7 wherein the network conditions include number of vehicles in the network, spatial and mobility patterns of the vehicles in the network, and bandwidth saturation.

9. A distribution system for distributing digital certificates in a vehicle-to-vehicle network, said distribution system comprising:
- a first vehicle in the vehicle-to-vehicle network;
  
  a first application system in the first vehicle, where the first application system contains information about the first vehicle to be provided to other nearby vehicles in the form of message data;
  
  a first communication system in the first vehicle, where the first communication system includes a controller configured to select a value for a variable inter-certificate refresh period and determine whether to send a digital certificate or a certificate digest, said controller also being configured to measure current network conditions, where the network conditions include number of vehicles in the network, spatial and mobility patterns of the vehicles in the network, and bandwidth saturation, and where a value for the variable inter-certificate refresh period is established to optimize performance of the vehicle-to-vehicle network based on the measured current network conditions, and the variable inter-certificate refresh period remains at the established value for an interval of time, and a transmitter for transmitting message packets containing the message data and either the digital certificate or the certificate digest;
  
  a second vehicle in the vehicle-to-vehicle network;
  
  a second communication system in the second vehicle, where the second communication system includes a receiver for receiving the message packets and separating the message packets into the message data and either the digital certificate or the certificate digest, and a processor configured to validate the certificate digests with the digital certificates which are received; and
  
  a second application system in the second vehicle, where the second application system processes the message data after validating the digital certificate or the certificate digest for each message packet.
- View Dependent Claims (10, 11, 12, 13)
- - 10. The distribution system of claim 9 wherein the controller in the first vehicle uses the measured current network conditions to select the value for the variable inter-certificate refresh period.
  - 11. The distribution system of claim 9 wherein the processor in the second vehicle is configured to provide feedback to the controller in the first vehicle regarding actual performance of the vehicle-to-vehicle network.
  - 12. The distribution system of claim 11 wherein the controller in the first vehicle uses the actual performance of the vehicle-to-vehicle network to select the value for the variable inter-certificate refresh period.
  - 13. The distribution system of claim 9 wherein the first application system and the second application system are collision avoidance systems.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
GM Global Technology Operations LLC (General Motors Company)
Original Assignee
GM Global Technology Operations LLC (General Motors Company)
Inventors
Kherani, Arzad A., Muthaiah, Skanda N., Bhattacharya, Debojyoti
Primary Examiner(s)
Najjar, Saleh
Assistant Examiner(s)
Gao, Shu Chun

Application Number

US12/731,063
Publication Number

US 20110238986A1
Time in Patent Office

1,224 Days
Field of Search

713/168
US Class Current

713/168
CPC Class Codes

H04L 1/0041   Arrangements at the transmi...

H04L 1/0057   Block codes H04L1/0061, H04...

H04L 2209/84   Vehicles

H04L 43/0829   Packet loss

H04L 43/0882   Utilisation of link capacity

H04L 63/0823   using certificates cryptogr...

H04L 67/12   specially adapted for propr...

H04L 9/3268   using certificate validatio...

H04W 12/069   using certificates or pre-s...

Adaptive certificate distribution mechanism in vehicular networks using variable inter-certificate refresh period

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

9 Citations

13 Claims

Specification

Use Cases

Quick Links

Others

Adaptive certificate distribution mechanism in vehicular networks using variable inter-certificate refresh period

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

9 Citations

13 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others