	US 12,284,293 B2
	Balancing privacy and efficiency for revocation in vehicular public key infrastructures
Marcos A. Simplicio, Jr., São Paulo (BR); Eduardo Lopes Cominetti, São Paulo (BR); Harsh Kupwade Patil, Fremont, CA (US); Jefferson E. Ricardini Fernandes De Oliveira, São Paulo (BR); and Marcos Vinicius M. Silva, São Paulo (BR)
Assigned to LG ELECTRONICS, INC., Seoul (KR); and UNIVERSITY OF SAO PAULO, Sao Paulo (BR)
Appl. No. 17/767,003
Filed by LG ELECTRONICS, INC., Seoul (KR); and UNIVERSITY OF SAO PAULO, Sao Paulo (BR)
PCT Filed Oct. 7, 2020, PCT No. PCT/US2020/054537 § 371(c)(1), (2) Date Apr. 6, 2022, PCT Pub. No. WO2021/071918, PCT Pub. Date Apr. 15, 2021.
Claims priority of provisional application 62/942,747, filed on Dec. 3, 2019.
Claims priority of provisional application 62/912,069, filed on Oct. 8, 2019.
Prior Publication US 2022/0376931 A1, Nov. 24, 2022
Int. Cl. H04L 9/32 (2006.01); H04L 9/00 (2022.01)

CPC H04L 9/3268 (2013.01) [H04L 9/006 (2013.01); H04L 2209/84 (2013.01)]

16 Claims

1. A method for revoking one or more of a plurality of entities in a vehicular public-key infrastructure, the method balancing privacy and efficiency, the method comprising:

receiving by a first entity of the plurality of entities a plurality of digital certificates for use in authentication operations with one or more of the other entities of the plurality of entities, wherein each digital certificate is to be activated by an associated activation code, wherein the activation codes are generated by a certificate access manager and distributed through an activation tree, the activation tree comprising a plurality of nodes; and

sending by the first entity to the certificate access manager an activation code request, wherein the activation code request is made according to one of the following approaches:

a direct request approach;

a fixed-size subset approach; and

a variable-size subset approach;

wherein the direct request approach provides the least privacy for the first entity and the most efficiency with respect to bandwidth, and wherein the variable-size subset approach provides the most privacy to the first entity and the least efficiency with respect to bandwidth;

wherein the plurality of nodes of the activation tree are organized in 0 to D depths, wherein a node at depth 0 is a root node, wherein each node at depth D is a leaf node that may correspond to a respective one of the plurality of entities, and wherein each node at a depth between 0 and D−1 may support two nodes at another depth such that the activation tree supports distribution of activation codes for up to 2^Dentities;

wherein in the variable-size subset approach the activation code request includes information for up to more than D nodes, wherein the up to more than D nodes include a node at depth d on the path between the respective leaf node and the root node, wherein the up to more than D nodes includes up to one randomly selected node at each depth other than d, wherein the up to more than D nodes includes at least one respective leaf node for an entity other than the first entity.