Hybrid Scheme of Post-Quantum Cryptography and Elliptic-Curve Cryptography for Certificates ─ A Case Study of Security Credential Management System in Vehicle-to-Everything Communications

Abstract

Due to the use of elliptic curve cryptography (ECC) for the current Security Credential Management System (SCMS) in the IEEE 1609.2.1 standard, the SCMS is vulnerable to attacks from quantum computing, as ECC could be cracked by quantum algorithms. However, although the National Institute of Standards and Technology (NIST) has already selected post-quantum cryptography (PQC) algorithms as standards, the current PQC algorithms may have issues such as larger public key lengths, larger signature lengths, or lower efficiency for generating signatures and verifying signatures, which may not fully meet the requirements of SCMS in vehicle-to-everything (V2X) communications. Considering the challenges in packet length, signature and verification efficiency, security level, and vehicle privacy in V2X communications, this study proposes a hybrid certificate scheme combining PQC and ECC to overcome these challenges. By using PQC to establish a security level resistant to quantum computing and utilizing ECC to establish anonymous certificates and reduce packet length to meet the transmission requirements of SCMS in V2X communications. In the practical experiments, this study utilizes the Chunghwa Telecom’s SCMS of Chunghwa Telecom and the Clientron’s on-board unit (OBU) for field testing in Danhai New Town in New Taipei City. The performance of various PQC algorithms (including Dilithium, Falcon, and SPHINCS+) and the hybrid certificate scheme with ECC are compared, providing a practical solution that can be implemented.