The goal is the initial request of OBE identification certificates and then subsequent top-up.
Background and Strategic Fit
The OBE identification certificate provisioning is the process by which a bootstrapped OBE receives an identification certificate. As there are no location privacy or tracking concerns for identification certificates (but anonymity concerns), the RA is not required to shuffle the requests (unlike the case of pseudonym certificates). Butterfly keys are still used to allow easy top-up. Revocation is enabled by adding individual identification certificates to the CRL, but OBE Identification certificates do not use linkage values. Each OBE only receives one identification certificate per time period, except for a minimal overlap period to account for critical events.
This use case involves the following SCMS components:
- Pseudonym Certificate Authority (PCA)
- Registration Authority (RA)
The validity duration of identification certificate is dependent on the connectivity of the OBE. Smaller validity durations will potentially reduce the number of CRL entries but require more connectivity of the OBE to RA.
- The OBE is assumed to have a valid enrollment certificate that empowers it to request OBE identification certificates; specifically related to its SSID and SSP combination in the enrollment certificate. Some applications may require additional enrollment certificates to be added to the OBE, such as first responder vehicles. The addition of another enrollment certificate would occur in a secure environment.
- The OBE is assumed to have Root CA, RA and PCA certificates
- The OBE is assumed to have relevant address(s) to communicate with the RA
- The identification certificate that is issued has a validity period consistent with an associated application
The following flow chart documents the general flow of steps an OBE needs to carry out in the given order to obtain identification certificates. It is not a 100% accurate description of the process. Please refer to the use case's steps and their requirements for a complete description of the process.
OBE Identification certificates use Butterfly Keys for the certificate signature key (mandatory), butterfly keys for the certificate encryption key (optional), and butterfly keys for a response encryption key (mandatory). The use-case works as follows:
- Initial Request
- EE creates a random, signature, butterfly key public seed (elliptic curve point) and a random, expansion, function parameter. EE signs those with its enrollment certificate.
- Optional: EE creates a random, encryption, butterfly key public seed (elliptic curve point) and a random, expansion, function parameter. The resulting encryption keys are optionally used as encryption key in a certificate.
- EE creates a response, encryption, butterfly key public seed (elliptic curve point) and a random, expansion, function parameter. The resulting encryption keys are used by PCA to encrypt the issued certificate to EE.
- EE provides the signed (with enrollment certificate) signature, butterfly key public seed and expansion function parameter and a response, encryption, butterfly key public seed and expansion function parameter to RA. EE optionally provides the encryption butterfly key public seed and expansion function parameter. All parameters are signed with EE's enrollment certificate, and encrypted to RA.
- RA verifies all received parameters
- RA creates butterfly keys based on the policy (either policy linked to EE and/or PSID; e.g., one certificate per month for month, one hour of overlap between certificates). RA creates Butterfly keys for the certificate signature key, for the response encryption key, and optionally for the certificate encryption key.
- RA creates a revocation identifier (RIF) for EE
- RA does not shuffle nor wait on purpose before forwarding to PCA
- RA forwards to PCA the certificate signature butterfly key (B_i), RIF, response encryption key (H_i), and optionally the certificate encryption key (E_i)
- PCA issues the certificate using B_i and RIF and, if available, E_i. PCA then encrypts the issued certificate with H_i and signs the encrypted certificate
- RA collects PCA's responses, bundles them in file(s), and stores it in a folder
- EE can now download the file(s)
- RA regularly checks and will initiate a generation of certificates as needed and defined in the policy
- RA will look-up RIF and calculate the proper Butterfly key(s) and send butterfly keys B_i, H_i, and RIF to PCA. If available, RA will also include E_i.
- PCA issues certificates, encrypts to EE, and sign the encrypted certificate
- RA collects PCA's responses, bundles them in file(s), and stores the file(s) in a folder
- EE can now download the file
At a high level, two steps are relevant towards an OBE: