VDKMS: Vehicular Decentralized Key Management System for Cellular Vehicular-to-Everything Networks, A Blockchain-Based Approach
Wei Yao, Yuhong Liu, Fadi P. Deek, Guiling Wang
TL;DR
The paper tackles the security and scalability gaps of PKI-based key management in vehicular networks by proposing VDKMS, a blockchain-based decentralized KMS for Cellular V2X that integrates Self-Sovereign Identity (SSI) and Decentralized Identifiers (DIDs). It offers a complete architecture with a consortium blockchain, SSI/DID identity layer, and V2X key management, plus protocols for provisioning, identity registration, credential verification, and authorization. The authors provide a detailed evaluation showing transaction scalability, interoperability with existing vehicular standards, and robust security properties, including end-to-end encryption, signatures, and replay protection. This approach enhances privacy, trust, and resilience in V2X ecosystems and enables secure, trust-enabled services across V2V, V2I, and beyond, with potential applicability to other industries requiring strong identity management.
Abstract
The rapid development of intelligent transportation systems and connected vehicles has highlighted the need for secure and efficient key management systems (KMS). In this paper, we introduce VDKMS (Vehicular Decentralized Key Management System), a novel Decentralized Key Management System designed specifically as an infrastructure for Cellular Vehicular-to-Everything (V2X) networks, utilizing a blockchain-based approach. The proposed VDKMS addresses the challenges of secure communication, privacy preservation, and efficient key management in V2X scenarios. It integrates blockchain technology, Self-Sovereign Identity (SSI) principles, and Decentralized Identifiers (DIDs) to enable secure and trustworthy V2X applications among vehicles, infrastructures, and networks. We first provide a comprehensive overview of the system architecture, components, protocols, and workflows, covering aspects such as provisioning, registration, verification, and authorization. We then present a detailed performance evaluation, discussing the security properties and compatibility of the proposed solution, as well as a security analysis. Finally, we present potential applications in the vehicular ecosystem that can leverage the advantages of our approach.