Field of the invention

The present invention relates to the field of intelligent transportation systems (ITS) and vehicle-to-vehicle (V2V) communication.

The present invention in particular relates to methods, devices and vehicles for authenticating a vehicle during a cooperative maneuver. The process of authenticating a vehicle during a cooperative maneuver specifically includes receiving a vehicle certificate and authenticating said vehicle certificate.

Background

ITS in particular provide an approach to introduce vehicle automation functions for assisted, cooperative or fully autonomous driving (as e.g. known from ETSI TR 102 638 VI.2 or ETSI EN 302 637-2 VI.3.2). To implement those functions, V2V communication is used to exchange information among vehicles. The information is either directly exchanged between the vehicles by means of ad-hoc wireless transmission technology, or by assistance of a cellular network environment. In a cooperative maneuver, vehicles (e.g. cars, trucks, motorcycles, bikes, boats, helicopters, airplanes or any other kind of vehicle) are informed about each other's position, driving dynamics (e.g. position, speed, acceleration, transverse acceleration, direction, engine state, shock absorber state, or any other vehicle sensor data, e.g. detected by visual or acoustical sensors) and other attributes (e.g. type, dimensions or weight of the vehicle) when performing a predefined driving maneuver in order to increase road safety and traffic efficiency (e.g. by providing lane merge assistance, collision avoidance, convoy management, intersection management or emergency warnings). This is in particular achieved by periodically exchanging information between the vehicles involved in the cooperative maneuver. To initiate the cooperative maneuver, a maneuver identification (ID), which indicates a type of the cooperative maneuver, is exchanged among vehicles which are intended to participate in the cooperative maneuver. In order to increase safety and efficiency of cooperative maneuvers, the wireless transmission technologies used for exchanging information are required to provide a high level of transmission rate, reliability and security, and a low level of latency. As a cooperative maneuver typically includes exchanging trajectory information (i.e. information according to which the above driving dynamics of a vehicle can be adapted), security of the exchanged information is of particular relevance. During a conventional cooperative maneuver, a level of security of the exchanged information is in particular tried to be reached by:

Authenticating a transmitting vehicle and authenticating the information, which was transmitted by the transmitting vehicle, in order to determine whether the transmitting vehicle is a trusted entity, and establish a level of trust between the vehicles participating in the cooperative maneuver.

Encrypting the transmitted information in order to ensure confidentiality of the transmitted information.

- Signing the transmitted information in order to ensure integrity of the transmitted information, and in order to ensure non-repudiation (i.e. to ensure that a vehicle that was transmitting signed information cannot deny that it transmitted the signed information). As the above-mentioned security measures typically include additional processing and additional information to be transmitted, they contravene the requirement for low latency transmission (according to which a predefined amount of information has to be transmitted within a predefined amount of time via wireless transmission technology that offers a predefined amount of bandwidth). Low latency transmission is crucial for V2V communication, in particular during a cooperative maneuver.

As a consequence, a problem exists as how to simultaneously transmit V2V information according to the above security and low latency requirements during a cooperative maneuver.

The following conventional approaches are known, which try to solve this problem:

A conventional approach to secure V2V communication is to use symmetric keys, which enables the involved vehicles to securely communicate with each other after agreeing on a shared secret key according to which exchanged information is encrypted and decrypted. However, there is at present no scalable way for pre-storing, managing and distributing symmetric keys to a large amount of vehicles. Additionally, symmetric encryption exclusively provides confidentiality of transmitted information, while it does not allow for authenticating a vehicle, which transmits information. Furthermore, symmetric encryption does not allow for non-repudiation of transmitted information.

Another conventional approach is to use a centralized authentication scheme, e.g. a public key infrastructure (PKI), to authenticate vehicles, and to sign or encrypt data transmitted by the vehicles, e.g. during a cooperative maneuver. The purpose of the PKI is to associate public keys with vehicles. The association is established through a process of registration and issuance of conventional certificates at and by a certificate authority (CA), which is part of the PKI. According to this approach, every vehicle is provided with one valid certificate as long as it is part of a legitimate list of users associated with the CA. The PKI allows to authenticate vehicles and to sign and encrypt information exchanged between vehicles, e.g. during a cooperative maneuver. However, presently no types of conventional certificates, and no way of using the conventional certificates by the PKI, exist that comply with the low latency requirement of V2V communication, as authenticating, signing and encrypting the transmitted information by means of exclusively one conventional certificate leads to an increased amount of information to be transmitted.

As a result, none of the conventional security measures is sufficient to comply with the current requirements of V2V communication.

Moreover, there are only few authentication methods that try to address attack scenarios, which are focusing on V2V communication during cooperative maneuvers. At present, there is no method for providing authenticity, confidentiality and integrity of the maneuver ID during the cooperative maneuver.

US 2015/0052352 Al discloses a method for providing secure connection between vehicles over channels of a wireless communication network. The method includes exchanging certificates between vehicles that intend to establish a secure connection. After receiving the certificate by a vehicle, the vehicle verifies the authenticity of the received certificate using image processing means and a camera that is capable of capturing attributes of a vehicle that transmitted the certificate. However, verifying the authenticity of the received certificate by processing the captured attributes involves additional processing load and requires additional information to be transmitted.

As a result, in all conventional solutions the problem exists that it is not possible to simultaneously transmit V2V information according to predefined security and low latency requirements, and to ensure authenticity, confidentiality and integrity of the maneuver ID, during the cooperative maneuver.

Summary

In view of the above-mentioned problems of the conventional solutions, the present invention aims to improve the state of the art. The present invention has particularly the object to provide authenticating methods, devices, and vehicles which improve the authentication of a vehicle during a cooperative maneuver, and to address and moderate the mismatch between the requirements for low latency and security, in particular for validating authenticity and integrity of the maneuver ID, during a cooperative maneuver.

The above-mentioned object of the present invention is achieved by the solution provided in the enclosed independent claims. Advantageous implementations of the present invention are further defined in the respective dependent claims.

A first aspect of the present invention provides a method for authenticating a vehicle during a cooperative maneuver, performed by an authenticating device, comprising a preparation stage and a maneuver execution stage, wherein the preparation stage comprises the step of receiving geo location information and the steps of receiving a vehicle certificate and authenticating said vehicle certificate, wherein the vehicle certificate is identified by a maneuver identification identifying the cooperative maneuver, and the maneuver execution stage comprises the step of transmitting trajectory information after a successful authentication of said received vehicle certificate.

The method of the first aspect is thus able to comply with the security requirements of V2V communication by receiving and authenticating the vehicle certificate during the preparation stage and by receiving geo location information which can also be evaluated to detect false information which may be sent by an attacker that is not located in the geographical vicinity of the receiving authenticating device. Security of the cooperative maneuver is further increased in that the vehicle certificate is identified by a maneuver ID, which identifies the cooperative maneuver. As the vehicle certificate is identified by the maneuver ID, authenticity and integrity of the maneuver ID can be verified during the cooperative maneuver. As trajectory information is exclusively exchanged in the maneuver execution stage and after successfully authenticating the received vehicle certificate, the low latency requirement of V2V communication can be met. This is one the one hand side ensured by exclusively transmitting trajectory information to entities which were successfully authenticated and which meet a geo location information requirement (e. g. which are located within a predefined distance to the authenticating device). On the other hand side, a different configuration of wireless transmission technology, and a different security configuration can be applied in the maneuver execution stage compared to the preparation stage, which enables decreasing overall information that is to be transmitted during the maneuver execution stage, which in turn allows for reducing of latency.

According to a first implementation of the first aspect, said step of transmitting trajectory information can comprise the transmission of a distribution certificate, wherein said distribution certificate is uniquely identified by an execution identification derived from and shorter than the respective maneuver identification.

This ensures that during the maneuver execution stage, when transmitting trajectory information, a different security configuration can be applied to the wireless transmission technology by transmitting the distribution certificate (e.g. the distribution certificate can be used to exclusively guarantee integrity of the transmitted trajectory information, without providing confidentiality of the transmitted trajectory information). Deriving the execution ID from the maneuver ID ensures that the maneuver ID stays confidential when transmitting distribution certificates in the maneuver execution stage and ensures that less information is to be transmitted in the maneuver execution stage, as the execution ID is shorter than the respective maneuver ID. As a result, both the transmission of a distribution certificate (which has a smaller size compared to the vehicle certificate) and the use of the execution ID allow for improving latency of V2V communication during a cooperative maneuver.

According to a second implementation of the first aspect, the received geo location information can comprise location information of an initiating vehicle initiating said cooperative maneuver.

This ensures that a request of an initiating vehicle which is initiating the cooperative maneuver can be processed according to the location information of the initiating vehicle, by the receiving authenticating device. According to a third implementation of the first aspect, the method further can comprise the step of checking, on the basis of said received geo location information, if a distance to said initiating vehicle is below an allowed distance.

Checking, if the distance to the initiating vehicle is below the allowed distance can in particular be used to detect, whether a request was sent by an admissible initiating vehicle, or whether the request can be regarded as a security attack, and also can be used to determine, whether the initiating vehicle is in close enough vicinity of the vehicle employing the authenticating device. According to a fourth implementation of the first aspect, the geo location information can comprise GPS data and/or geo-tokens issued from road- side units and/or sensor data. This ensures that various types of geo location information, provided by different types of sources can be evaluated.

According to a fifth implementation of the first aspect, the step of transmitting trajectory information can be performed at regular time intervals during said maneuver execution stage.

This ensures that the requirement for low latency of wireless transmission can be met, in particular by transmitting the trajectory information sufficiently often enough, i.e. according to predefined time intervals.

According to a sixth implementation of the first aspect, the vehicle certificate can be uniquely identified by a maneuver identification identifying the cooperative maneuver.

This ensures that a vehicle can also be authenticated in a cooperative maneuver which involves assistance of a large scale network environment in which various vehicles are present.

According to a second aspect, the invention provides a method for authenticating a vehicle during a cooperative maneuver, performed by an authenticating device, comprising a preparation stage and a maneuver execution stage, wherein the preparation stage comprises the step of transmitting geo location information and the step of transmitting a vehicle certificate, wherein the vehicle certificate is identified by a maneuver identification identifying the cooperative maneuver, and the maneuver execution stage comprises the step of receiving trajectory information in response to the transmitted vehicle certificate.

The method of the second aspect corresponds to the method of the first aspect in that it describes the steps, which are necessary for mutual V2V communication between two authenticating devices during a cooperative maneuver. The method of the second aspect particularly ensures that exchange of geo location information, a vehicle certificate and trajectory information is enabled at both endpoints of V2V communication during a cooperative maneuver. The method of the second aspect of the present invention includes all advantages of the method of the first aspect of the present invention.

According to a first implementation of the second aspect, said step of transmitting geo location information can comprise the broadcasting of said geo location information.

Broadcasting the geo location information is beneficial, as a vehicle that is initiating to perform a cooperative maneuver can transmit the geo location information to all vehicles in its vicinity. The vehicles in the vicinity of the initiating vehicle can in turn decide whether to participate in the cooperative maneuver or not, according to the broadcast geo location information.

According to a second implementation of the second aspect, the vehicle certificate can be uniquely identified by a maneuver identification identifying the cooperative maneuver.

This ensures that a vehicle can also be authenticated in a cooperative maneuver which involves assistance of a large scale network environment in which various vehicles are present.

According to a third aspect, the invention provides a method for authenticating a vehicle during a cooperative maneuver, wherein an authenticating device which initiates the cooperative maneuver performs the steps of the method of the second aspect or any of its implementations, and an authenticating device which receives the geo location information and the vehicle certificate from the initiating authenticating device performs the steps of the method according to the first aspect or any of its implementations.

The method of the third aspect thus comprises all advantages of the method of the first aspect as well as of the method of the second aspect.

According to a fourth aspect, the invention provides an authenticating device for use in a vehicle adapted for performing cooperative maneuvers with other vehicles, the authenticating device comprising means for receiving geo location information and a vehicle certificate and for authenticating said vehicle certificate during a preparation stage, wherein said vehicle certificate is identified by a maneuver identification identifying the cooperative maneuver, and means for transmitting trajectory information after a successful authentication of said exchanged vehicle certificate during a maneuver execution stage. According to a first implementation of the fourth aspect, the means for transmitting trajectory information can further be configured to transmit a distribution certificate, wherein said distribution certificate is uniquely identified by an execution identification derived from and shorter than the respective maneuver identification.

According to a second implementation of the fourth aspect, the received geo location information can comprise location information of an initiating vehicle initiating said cooperative maneuver.

According to a third implementation of the fourth aspect, the authenticating device can further comprise means for checking, on the basis of said received geo location information, if a distance to said initiating vehicle is below an allowed distance. According to a fourth implementation of the fourth aspect, the geo location information can comprise GPS data and/or geo-tokens issued from road-side units and/or sensor data.

According to a fifth implementation of the fourth aspect, the means for transmitting trajectory information can further be configured to perform the transmission of trajectory information at regular time intervals during said maneuver execution stage.

According to a sixth implementation of the fourth aspect, the vehicle certificate can be uniquely identified by a maneuver identification identifying the cooperative maneuver.

The authenticating device according to the fourth aspect and its implementations comprises all advantages of the corresponding method according to the first aspect and its implementations. According to a fifth aspect, the invention provides a vehicle adapted to perform cooperative maneuvers with other vehicles, comprising an authenticating device according to the fourth aspect or any one of its implementations, and adapted to initiate a cooperative maneuver. This ensures that a vehicle can be equipped with an authenticating device according to the fourth aspect of the present invention or any of its implementations.

According to a sixth aspect, the invention provides an authenticating device for use in a vehicle adapted for performing cooperative maneuvers with other vehicles, the authenticating device comprising means for transmitting geo location information and a vehicle certificate during a preparation stage, wherein said vehicle certificate is identified by a maneuver identification identifying a cooperative maneuver, and means for receiving trajectory information in response to the transmitted vehicle certificate during a maneuver execution stage.

According to a first implementation of the sixth aspect, the means for transmitting geo location information can be configured to broadcast said geo location information. According to a second implementation of the sixth aspect, the vehicle certificate can be uniquely identified by a maneuver identification identifying the cooperative maneuver.

The authenticating device according to the sixth aspect and its implementations comprise all advantages of the corresponding method according to the second aspect and its implementations.

According to a seventh aspect, the invention provides a vehicle adapted to perform cooperative maneuvers with other vehicles, comprising an authenticating device according to the sixth aspect or anyone of its implementations, and adapted to receive geo location information and vehicle certificate from a vehicle initiating a cooperative maneuver.

This ensures that a vehicle can be equipped with an authenticating device according to the sixth aspect or anyone of its implementations.

Generally, it has to be noted that all arrangements, devices, modules, components, models, elements, units and means and so forth described in the present application could be implemented by software or hardware elements or any kind of combination thereof. All steps which are performed by the various entities described in the present application as well as the functionality described to be performed by the various entities are intended to mean that the respective entity is adapted to, or is configured to, perform the respective steps and functionalities.

Even if in the following description of the specific embodiments, a specific functionality or step to be performed by a general entity is not reflected in the description of a specific detailed element of the entity which performs the specific step or functionality, it should be clear for a skilled person that these methods and functionalities can be implemented in respective hardware or software elements, or any kind of combination thereof. Further, the method of the present invention and its various steps are embodied in the functionalities of the various described apparatus elements.

Brief description of the drawings

The above-described aspects and embodiments of the present invention will now also be discussed with reference to the figures:

Fig. 1 shows a flow diagram of a method according to an embodiment of the present invention.

Fig. 2 shows a schematic overview of a vehicle certificate according to the present invention. Fig. 3 shows a schematic overview of a distribution certificate according to the present invention.

Fig. 4 shows a flow diagram of a method according to an embodiment of the present invention.

Fig. 5 shows a schematic overview of a method according to an embodiment of the present invention.

Fig. 6 shows a schematic overview of an authenticating device according to an embodiment of the present invention.

Fig. 7 shows a schematic overview of a vehicle comprising an authenticating device according to an embodiment of the present invention. Fig. 8 shows a schematic overview of an authenticating device according to an embodiment of the present invention.

Fig. 9 shows a schematic overview of a vehicle comprising an authenticating device according to an embodiment of the present invention.

Fig. 10 shows a schematic overview of an operating example according to the present invention. Detailed description of embodiments

Fig. 1 shows a flow diagram of a method 100 for authenticating a vehicle during a cooperative maneuver according to an embodiment of the present invention. The method can be performed by an authenticating device, which is going to be described in view of Fig. 6 below. The method includes a preparation stage and a maneuver execution stage.

The preparation stage comprises the step of receiving 101, geo location information and the steps of receiving 101, a vehicle certificate, and authenticating 101 said vehicle certificate. The vehicle certificate is identified by a maneuver ID identifying the cooperative maneuver.

The received geo location information and the received vehicle certificate can in particular be transmitted by an authenticating device of a transmitting vehicle, which requests to initiate or to participate in a cooperative maneuver. The transmission can be performed by ad-hoc wireless transmission technology, or by assistance of a cellular network environment. The transmitting vehicle may also be called initiating vehicle. The vehicle, which comprises the authenticating device that is configured to perform the method 100 can also be called receiving vehicle.

The geo location information can optionally comprise location information of a transmitting vehicle, which initiates said cooperative maneuver, wherein the location information in particular specifies the position of the initiating vehicle.

Optionally, the geo location information can comprise GPS data, which indicates the position of the transmitting vehicle.

The geo location information can further comprise optional geo-tokens, which are issued from road-side units. According to the received geo-tokens, the receiving vehicle can determine, whether the transmitting vehicle is in the same vicinity, e.g. by evaluating whether the receiving vehicle and the transmitting vehicle can receive geo- tokens from a same road-side unit which is in the vicinity of the receiving vehicle as well as in the vicinity of the transmitting vehicle.

The geo location information can also comprise optional sensor data, e.g. acoustical or optical sensor data, according to which a position of the transmitting vehicle can be compared to the position of the receiving vehicle, e.g. by a camera which can identify identical objects in the vicinity of the receiving vehicle as well as the transmitting vehicle, or by an acoustical sensor, e.g. a microphone, which allows to compare acoustical information which is detected by the receiving vehicle with acoustical information, which is detected by the transmitting vehicle. The vehicle certificate in particular can be a public key certificate, which is issued and/or signed by a trusted authority, e.g. a CA comprised by a PKI. A description of the vehicle certificate is going to be provided in view of Fig. 2 below.

The maneuver ID comprises information, which indicates the type of the cooperative maneuver. Optionally, it can be identified in the maneuver ID, whether the cooperative maneuver is a maneuver that implements lane merge assistance, collision avoidance, convoy management, intersection management, or emergency warnings. Each of those types can be identified by a predefined parameter (e.g a numerical value), which is comprised by the maneuver ID. In a specific implementation example, the maneuver ID which is used to identify the vehicle certificate can be encrypted to ensure confidentiality of the maneuver ID. The maneuver ID can be decrypted by means of cryptographic functionality which is associated with the received vehicle certificate (e.g. according to a public/private key cryptographic principle). This ensures that an attacker is prevented from detecting, which cooperative maneuver is to be carried out by vehicles among which a maneuver ID is exchanged. The attacker is thus prevented from disturbing the cooperative maneuver.

According to the received geo location information and/or the received vehicle certificate, and/or the received maneuver ID, the receiving vehicle can decide, whether to accept or deny participating in the cooperative maneuver, which is initiated by the transmitting vehicle. Depending on the decision, the maneuver execution stage is entered or not.

The decision whether to accept or deny the received request is based on the received vehicle certificate and on authenticating said vehicle certificate. Authenticating the received vehicle certificate in particular includes identifying the transmitting vehicle which transmitted the vehicle certificate as a trusted entity (i.e. the transmitting vehicle is authenticated by means of the vehicle certificate). Trust can in particular be established by a CA which issued and/or signed the vehicle certificate which was transmitted by the transmitting vehicle. The receiving vehicle can contact the CA and check, whether the received vehicle certificate is valid and whether the transmitting vehicle can be regarded as a trusted entity. Optionally, the authenticity, and/or confidentiality, and/or integrity of the transmitted geo location information and/or maneuver ID can be guaranteed by means of the received vehicle certificate. That is, an attacker is prevented from initiating a cooperative maneuver by transmitting spoofed geo location information or a spoofed maneuver ID, for example to trick the receiving vehicle into executing a wrong cooperative maneuver in order to provoke an accident.

The decision whether to accept or deny the received request can optionally also be based on a geo location check of the received geo location information. This can include checking, on the basis of said received geo location information, if a distance from the receiving vehicle to the transmitting vehicle is below an allowed distance (for example if the distance between the receiving vehicle and the transmitting vehicle is below 300 meters, in case that a lane merge assistance maneuver is to be carried out). The geo location check can alternatively or additionally include checking, on the basis of said received geo location information, if a distance from the receiving vehicle to the transmitting vehicle is above an allowed distance (for example if the distance between the receiving vehicle and the transmitting vehicle is larger than 50 meters, in case that a cooperative maneuver requires an initial safety distance). The allowed distance in particular can be the radius of a circle around the receiving vehicle. If a transmitting vehicle is located within the boundary of the circle, the distance of the vehicle is below the allowed distance, while, if a transmitting vehicle is located outside of the boundary of the circle, the distance is above the allowed distance.

The geo location check may also, or alternatively include checking, whether the direction and/or acceleration, and/or transvers acceleration and/or speed of the transmitting vehicle are within predefined intervals. The geo location check ensures that messages which are transmitted by an attacker which is not located in the geographical vicinity of the receiving vehicle can be detected and discarded.

The geo location check also ensures that the low latency requirements of V2V communication can be met, as exclusively the information transmitted by those transmitting vehicles is considered in the maneuver execution stage, which successfully pass the geo location check. As a result, less information which is transmitted by transmitting vehicles has to be considered during the maneuver execution stage. After successfully authenticating said vehicle certificate, the method 100 enters the maneuver execution stage. If the optional geo location check was carried out, the method 100 enters the maneuver execution stage after successfully authenticating said vehicle certificate and after a successful geo location check. The execution stage comprises the step of transmitting 102, trajectory information, which is performed after a successful authentication of the received vehicle certificate. As a result, the trajectory information is exclusively transmitted to the transmitting vehicle, which is successfully authenticated according to the corresponding vehicle certificate. This ensures that the overall amount of information which is transmitted by the receiving vehicle in the maneuver execution stage is minimized, and that the latency requirement of V2V communication can be complied with. The transmitted trajectory information can include information about driving dynamics of the receiving vehicle and information according to which driving dynamics, such as position, speed, acceleration, transverse acceleration, direction, engine state, shock absorber state, or any other vehicle actor state, of the transmitting vehicle (which receives the trajectory information) can be adapted. The exchanged trajectory information can thus in particular be used to adjust the behavior of all vehicles which are involved in the cooperative maneuver.

Once the maneuver execution stage is reached, the step of transmitting 102 trajectory information can be performed periodically.

Optionally, the step of transmitting trajectory information can be performed at regular time intervals during the maneuver execution stage. This ensures that the requirement for low latency of V2V communication can be complied with, in particular, by transmitting the trajectory information sufficiently often enough, for example at intervals of 10 ms. In order to comply with different kinds of wireless transmission technology, which can be used for V2V communication, the trajectory information can optionally be exchanged at predefined time frames of the wireless transmission technology, which is used for wireless transmission. Thus, a time frame which is best suited for transmitting trajectory information during V2V communication can be used.

In the maneuver execution stage, the step of transmitting 102 trajectory information can optionally comprise the transmission of a distribution certificate.

The distribution certificate in particular can be a public key certificate, which is issued and/or signed by a trusted authority, e.g. a CA comprised by a PKI. A description of the distribution certificate is going to be provided in view of Fig. 3 below.

Transmitting the distribution certificate together with the trajectory information allows for checking the integrity of the transmitted trajectory information by the entity which receives the trajectory information and the distribution certificate. As during the maneuver execution stage, the distribution certificate is exclusively used for checking the integrity of the transmitted trajectory information at the receiving entity (i.e. the transmitting vehicle which transmitted the geo location information and the vehicle certificate to the receiving vehicle in the preparation stage), the overall amount of information to be transmitted during the maneuver execution stage can be minimized, and the latency requirement of V2V communication can be met. Exclusively checking the integrity of the transmitted trajectory information by means of the distribution certificate is in particular beneficial, since this approach requires less information to be transmitted compared to additionally encrypting the transmitted trajectory information in order to establish confidentiality of the transmitted trajectory information.

The distribution certificate is uniquely identified by an execution ID. The execution ID is derived from and shorter than a corresponding maneuver ID. In an optional implementation example, the execution ID can be derived from the maneuver ID by concatenating hash values of the maneuver ID. Identifying the distribution certificate by unique execution IDs, which are shorter than a corresponding maneuver ID, ensures that during the maneuver execution stage less information is to be transmitted, as the size of the distribution certificate decreases by decreasing the size of the execution ID, which is used to identify the distribution certificate. However, an entity which receives the transmitted trajectory information and the transmitted distribution certificate still can assign the received information to a corresponding cooperative maneuver, as the receiving entity can determine, whether the execution ID of a received distribution certificate corresponds to the maneuver ID of a corresponding cooperative maneuver.

Using the unique execution ID, which is derived from the maneuver ID, is also beneficial as it allows to obfuscate to which maneuver ID, respectively to which cooperative maneuver, a transmitted distribution certificate or transmitted trajectory information belongs. Thus, an attacker is prevented from associating transmitted trajectory information or transmitted distribution certificates with the maneuver ID of a cooperative maneuver. As a result, encrypting the transmitted trajectory information or the execution ID during the maneuver execution stage is not necessary, which allows decreasing the overall amount of information that is to be transmitted during the maneuver execution stage and ensures that the low latency requirement of V2V communication can be met. In a specific implementation example, one distribution certificate (which is identified by a unique execution ID) is transmitted together with a predefined amount of trajectory information each. As the trajectory information is only valid during a predefined part of the overall cooperative maneuver (wherein the overall cooperative maneuver can have a duration of for example 10 seconds, while the predefined part of the cooperative maneuver during which the transmitted trajectory information is valid can have a duration of considerably less than one second), small cryptographic keys can be used in the distribution certificates, as an extraction of the cryptographic key of the distribution certificate, e.g. by a brute force method, is very unlikely, considering the short duration of the predefined part of the cooperative maneuver.

In a specific implementation scenario, the vehicle certificate can be uniquely identified by a maneuver ID which identifies the cooperative maneuver. The maneuver ID can be uniquely identified by a unique numerical value which is comprised by the maneuver ID, in addition to the parameter that indicates the type of the cooperative maneuver. The unique numerical value is unique within a predefined area of application in which the maneuver ID is used. This can be for example a large scale network environment, in which V2V communication is enabled by assistance of a cellular network environment. An implementation example in which uniquely identified vehicle certificates are used in a large scale network environment is going to be described in detail below in view of Fig. 10.

As a result, by dividing the process of authenticating a vehicle during a cooperative maneuver in a preparation stage and a maneuver execution stage, security of V2V communication can be increased and latency during V2V communication can be decreased at the same time for the following reasons: during the preparation stage, a transmitting vehicle is authenticated according to a transmitted vehicle certificate, and a decision, whether to participate in a cooperative maneuver or not, can be made based on received geo location information, the received vehicle certificate, and based on a maneuver ID, which is included in the vehicle certificate and which is used to identify the cooperative maneuver. In the maneuver execution stage, information exclusively needs to be transmitted to those entities which were successfully authenticated during the preparation stage, which allows transmitting less information in the maneuver execution stage, thereby meeting the low latency requirement of V2V communication. Optionally, further security features can be implemented in the maneuver execution stage, for example by transmitting distribution certificates together with trajectory information, which further allows increasing security when authenticating a vehicle during a cooperative maneuver. As it is described above, two types of certificates can be used in the method 100 according to an embodiment of the present invention. These two types are going to be described in view Fig. 2 and Fig. 3 below. Fig. 2 shows a schematic overview of a vehicle certificate 200 according to the present invention. The vehicle certificate 200 can be used by a receiving vehicle comprising the authenticating device which implements the method 100 as described in view of Fig. 1, to authenticate a transmitting vehicle during a cooperative maneuver.

The vehicle certificate 200 can in particular be used to ensure authenticity, confidentiality, integrity, and non-repeatability of all kind of information which is transmitted by a transmitting vehicle and received by a receiving vehicle during a preparation stage. This includes checking, whether geo location information, and/or a maneuver ID of the vehicle certificate 200 was altered during the transmission between the transmitting vehicle and the receiving vehicle. The vehicle certificate 200 can also be used to ensure confidentiality of the received geo location information and/or the maneuver ID. The vehicle certificate 200 in particular can be a public key certificate which is issued by a trusted authority, e.g. a CA, which is comprised by a large scale network environment that a vehicle including an authenticating device is associated with. Optionally, a suitable CA for issuing the vehicle certificate 200 can be the pseudonym certificate authority, as it is described in N. BiBmeyer, H. Stiibing, E. Schoch, S. Gotz, J. P. Stotz und B. Lone, "A Generic Public Key Infrastructure for Securing Car-To-X Communication," in ITS World Congress, 2011, or in W. Whyte, A. Weimerskirch, V. Kumar and T. Hehn, "A Security Credential Management System for V2V Communications," in IEEE Vehicular Networking Conference (VNC), 2014. The schematic overview of the vehicle certificate 200 as it is shown in Fig. 2 lists elements comprised by the vehicle certificate 200 and their corresponding descriptions and lengths (in byte). The listed elements however are only exemplary. A vehicle certificate 200 which is used to implement the present invention can also comprise more or less elements, compared to the elements listed in Fig. 2. In particular, the lengths of the elements as shown in Fig. 2 are merely exemplary.

The functionality of the vehicle certificate 200 and its elements as shown in Fig. 2 is based on the functionality of certificate formats which are disclosed in ETSI TS 103 097 VI.1.1, in particular as disclosed in Annex A.2 "Example structure of a certificate" on pages 31 - 32 of ETSI TS 103 097 VI .1.1.

In addition to the functionality which is provided by the above-mentioned ETSI technical specification, the vehicle certificate 200 includes the elements "SubjectType" and "subject_name", which typically have a length of 1 byte, respectively 2 bytes and which are typically used to indicate that a vehicle, which is transmitting the vehicle certificate 200, desires to authenticate during a cooperative maneuver (i.e. by providing an "authorization_ticket" in the element "SubjectType", and by providing a maneuver ID in the element "subject_name"). The maneuver ID, which can be provided by means of the element "subject_name", can in particular be the maneuver ID, respectively the unique maneuver ID as described in view of Fig. 1.

The elements "PublicKeyAlgorithm", "EccPointType type", "ECCPoint opaque x[32]", and "ECdsaSignature opaque s[32]" can be used to contain a signature (which can be based on a elliptic curve digital signature (ECDSA)) and to specify a used hash algorithm, which for example can be SHA-256, as shown in Fig. 2. The operating principle of the signature and the hash algorithm can in particular be based on the disclosure of "IEEE Trial-Use Standard for Wireless Access in Vehicular Environments - Security Services for Applications and Management Messages, IEEE Std 1609.02-2006" and of ETSI TS 103 097 VI.1.1.

As it is further shown in Fig. 2, the elements "Validity RestrictionType", "Time32 start_validity", and "Time32 end_validity" can be used to specify the period of time during which the vehicle certificate 200 is valid, which is typically similar to the period of time, which is scheduled for the duration of the preparation stage, as e.g. described in view of the method 100 of Fig. 1. For example, during a cooperative maneuver which provides lane merge assistance, it is reasonable to set the period of time during which the vehicle certificate 200 is valid to 10 seconds. The public key of the vehicle certificate 200 can be contained by the element "Public Key opaque x[32]", which can have a length of e.g. 32 bytes.

As a result, in order to comply with the security requirements of V2V communication, which are necessary in the preparation stage, the vehicle certificate 200 can have an exemplary total length of 115 bytes.

Fig. 3 shows a schematic overview of a distribution certificate 300 according to the present invention. The distribution certificate 300 can be transmitted by a receiving vehicle (which comprises the authenticating device, which implements the method 100 as described in view of Fig. 1) to the transmitting vehicle in the maneuver execution stage.

The distribution certificate 300 can in particular be used to ensure integrity, and non- repudiation of the trajectory information, which is transmitted from the receiving vehicle to the transmitting vehicle during the maneuver execution stage. This includes checking, whether the trajectory information was altered during the transmission between the receiving vehicle and the transmitting vehicle. Similar to the vehicle certificate 200, the distribution certificate 300 in particular can be a public key certificate which is issued by a trusted authority, e.g. a CA, which is comprised by a large scale network environment that the vehicle including the authenticating device is associated with. Optionally, a suitable CA for issuing the distribution certificate 300 can be the pseudonym certificate authority, as it is described in N. BiBmeyer, H. Stiibing, E. Schoch, S. Gotz, J. P. Stotz und B. Lone, "A Generic Public Key Infrastructure for Securing Car-To-X Communication," in ITS World Congress, 2011, or in W. Whyte, A. Weimerskirch, V. Kumar and T. Hehn, "A Security Credential Management System for V2V Communications," in IEEE Vehicular Networking Conference (VNC), 2014.

The schematic overview of the distribution certificate 300 as it is shown in Fig. 3 lists elements comprised by the distribution certificate 300 and their corresponding descriptions and lengths (in byte). The listed elements however are only exemplary. A distribution certificate 300 which is used to implement the present invention can also comprise more or less elements, compared to the elements listed in Fig. 3. In particular, the lengths of the elements as shown in Fig. 3 are merely exemplary.

The functionality of the distribution certificate 300 and its elements as shown in Fig. 3 is based on the functionality of certificate formats which are disclosed in ETSI TS 103 097 VI.1.1, in particular as disclosed in Annex A.2 "Example structure of a certificate" on pages 31 - 32 of ETSI TS 103 097 VI.1.1.

In addition to the functionality which is provided by the above-mentioned ETSI technical specification, the distribution certificate 300 includes the element "subject_name", which typically has a length of 1 byte and which is typically used to indicate the execution ID. The execution ID, which can be provided by means of the element "subject_name", can in particular be the unique execution ID as described in view of Fig. 1. Assigning a unique execution ID to the distribution certificate 300 which is derived from the corresponding maneuver ID, as it is described in view of Fig. 1 allows decreasing the size of the distribution certificate 300. In order to comply with the requirements for low latency of V2V communication (for example to be able to transmit trajectory information at a time interval of 10 ms, for example during a cooperative maneuver which provides lane merge assistance) the size of the trajectory information and of the distribution certificate 300 which are transmitted in a same step during the maneuver execution stage must not exceed a predefined limit. This is in particular ensured by the configuration of the distribution certificate 300.

In order to achieve a small size of the distribution certificate 300, shorter cryptographic keys (e.g. cryptographic keys which have a size of 80/112 bits) are used compared to the cryptographic keys which are used in the vehicle certificate 200.

The element "Public Key opaque x[32]" can be used to contain a verification key (i.e. the public key of the distribution certificate 300) as shown in Fig. 3. In Fig. 3, the maximum length of the element "Public Key opaque x[32]" is e.g. 10 bytes, which is considerably smaller then the length of the public key of the vehicle certificate 200. The operating principle of the verification key can in particular be based on the disclosure of "IEEE Trial-Use Standard for Wireless Access in Vehicular Environments - Security Services for Applications and Management Messages, IEEE Std 1609.02-2006" and of ETSI TS 103 097 VI.1.1.

It is to be noted that downsizing the used cryptographic key of the distribution certificate 300 does not lead to an increased key cracking risk, since the period of time during which a distribution certificate 300 is valid in the maneuver execution stage is considerably smaller than the period of time during which a vehicle certificate 200 is valid in the preparation stage.

In an example implementation, trajectory information can be periodically transmitted together with a distribution certificate 300 at a time interval of 10 ms during the maneuver execution stage. The period of time during which the distribution certificate 300 is valid thus can be set to a period of time which reflects the duration of the signal propagation from a transmitting to a receiving entity and the duration of the processing of the received distribution certificate 300 by a processing means in the receiving entity. The period of time during which the distribution certificate 300 is valid can thus be set to, for example, 10 to 15 milliseconds. Given the short period of time during which the distribution certificate 300 is valid in the execution stage, an extraction of the cryptographic key, e.g. by brute force technology, is unlikely. As it is shown in Fig. 3, the element "Time32 end_validity" can be used to specify the period of time during which the distribution certificate 300 is valid.

As a result of the above described configuration of the distribution certificate 300, the distribution certificate 300 is considerably smaller than the vehicle certificate 200 (for example 35 bytes compared to 115 bytes, as it is shown in Figs. 2 and 3).

Fig. 4 shows a flow diagram of a method 400 for authenticating a vehicle during a cooperative maneuver according to an embodiment of the present invention. The method 400 corresponds to the method 100 as described in view of Fig. 1 and can be performed by an authenticating device, which e.g. can be comprised by a vehicle, in particular by the transmitting vehicle as described in view of Fig. 1. The method 400 comprises a preparation stage and a maneuver execution stage. The preparation stage comprises the step of transmitting 401, geo location information and a vehicle certificate 200, wherein the vehicle certificate 200 is identified by a maneuver ID identifying the cooperative maneuver. This step can in particular be performed by an authenticating device comprised by a transmitting vehicle and corresponds to the step 101 which is described in view of Fig. 1. The step 401 ensures that a vehicle (i.e. the transmitting vehicle) can initiate a cooperative maneuver by transmitting the geo location information and the vehicle certificate 200 to a receiving vehicle, e.g. as described in view of Fig. 1. After receiving the geo location information and the vehicle certificate 200 by the receiving vehicle, the transmitting vehicle can be authenticated by the receiving vehicle, and the receiving vehicle can decide whether to participate in the cooperative maneuver or not.

The maneuver execution stage comprises the step of receiving 402, trajectory information in response to the transmitted vehicle certificate 200. The transmitting vehicle, which transmitted the geo location information and the vehicle certificate 200 in step 401, is thus able to receive trajectory information (which is sent by the receiving vehicle) in response to the transmitted vehicle certificate 200 and to adapt a cooperative maneuver according to the received trajectory information. Step 402 in particular corresponds to the step 102 which is described in view of Fig. 1. The step of transmitting 401, geo location information can optionally comprise the broadcasting of said geo location information. This ensures that the transmitting vehicle can consider all vehicles which are present in the vicinity of the transmitting vehicle, and which can be reached by means of ad-hoc wireless transmission technology or assisted by a cellular network environment, when transmitting the geo location information and the vehicle certificate 200 in order to initiate a cooperative maneuver.

The method 400 as described in view of Fig. 4, and in particular the geo location information, the vehicle certificate 200, the maneuver ID, and the trajectory information as described in view of Fig. 4, comprise all features and functionality of the method 100 as described in view of Fig. 1, in particular the features and functionality of the respective geo location information, vehicle certificate 200, maneuver ID, and trajectory information as described in view of Fig. 1.

Optionally, the vehicle certificate 200 as used by the method 400 can also be uniquely identified by a maneuver ID, which identifies the cooperative maneuver, according to the same operating principle by which the vehicle certificate 200 is uniquely identified by a maneuver ID as described in view of Fig. 1.

According to an embodiment of the present invention, in a method for authenticating a vehicle during a cooperative maneuver, it is generally possible that an authenticating device (e.g. comprised by a transmitting vehicle), which initiates the cooperative maneuver, performs the steps of the method 400 as described in view of Fig. 4, and that an authenticating device (e.g. comprised by a receiving vehicle), which receives the geo location information and the vehicle certificate 200 from the initiating authenticating device, performs the step of the method 100 as described in view of Fig. 1. However, the present invention also allows for a mutual authentication of vehicles during a cooperative maneuver, and for mutually exchanging of trajectory information during a cooperative maneuver, as it is going to be described in view of Fig. 5 below.

Fig. 5 shows a schematic overview of a method for mutual authentication according to an embodiment of the present invention. In the method 500, mutual authentication takes place between vehicle VI and vehicle V2. Depending on the respective method step which is performed, the vehicle VI can be the transmitting or the receiving vehicle as it was described above in view of Figs. 1 to 4, and the vehicle V2 can be the receiving or transmitting vehicle as it was described above in view of Figs. 1 to 4. That is, each vehicle VI, V2 can comprise the whole functionality as described in view of Figs. 1 to 4 above, and can use it according to the requirements of the present method step, which is to be performed. Both vehicles VI and V2 independently start to perform methods for mutual authentication during a cooperative maneuver. Both methods start in a preparation stage. In order to perform mutual authentication during a cooperative maneuver, in step 501, vehicle VI broadcasts a maneuver authentication requests which includes geo location information of vehicle VI and a vehicle certificate (which is identified by a maneuver ID) of vehicle VI. The broadcast maneuver authentication request is received by vehicle V2, which performs, in step 502, a geo location check of the received geo location information of vehicle VI, and a validation of the received vehicle certificate of vehicle VI, which allows to authenticate vehicle VI as a trusted entity. If both the geo location check and the vehicle certificate validation are successful, in step 503, vehicle V2 sends a maneuver authentication response and a mutual authentication request to vehicle VI. The maneuver authentication response and mutual authentication request includes an authentication response of vehicle V2, geo location information of vehicle V2, and a vehicle certificate (comprising a maneuver ID) of vehicle V2. After receiving the maneuver authentication response and mutual authentication request, vehicle VI performs, in step 504, a geo location check of the geo location information which is provided by vehicle V2, and a vehicle certificate validation of the vehicle certificate provided by vehicle V2. Performing vehicle certificate validation of the vehicle certificate which is provided by vehicle V2, allows vehicle VI to authenticate vehicle V2 as a trusted entity. After the mutual geo location check and the mutual vehicle certificate validation between vehicle VI and vehicle V2 was successful, in step 505, the methods which are separately performed in vehicle VI and vehicle V2 both reach a maneuver execution stage each. In the maneuver execution stage, in optional step 506a, vehicle VI determines an execution ID based on the maneuver ID of the vehicle certificate which was received from vehicle V2. In optional step 506b, vehicle V2 determines an execution ID based on the maneuver ID of the vehicle certificate which was received from vehicle VI. In step 507, vehicle VI can send trajectory information of vehicle VI and optionally a distribution certificate 300, which is identified by the execution ID that was previously generated in optional step S506a, to vehicle V2.

After receiving the trajectory information of vehicle VI, vehicle V2 can adapt its driving dynamics according to the received trajectory information. In case that an optional distribution certificate 300 was transmitted, the distribution certificate 300 can be used to increase security of the transmitted trajectory information, for example by checking the integrity of the trajectory information of vehicle VI which was transmitted to vehicle V2. In step 508, vehicle V2 can send trajectory information of vehicle V2 and an optional distribution certificate 300, which is identified by the execution ID that was previously generated in optional step S506b, to vehicle VI.

After receiving the trajectory information of vehicle V2, vehicle VI can adapt its driving dynamics accordingly. Vehicle VI can also use the optionally sent distribution certificate 300 to increase security of V2V communication, in particular by checking the integrity of the transmitted trajectory information of vehicle V2.

After steps 501 to 505 are completed, steps 506 to 508 can be performed repeatedly, wherein in particular steps 507 and 508 can be repeated in an arbitrary order.

Fig. 6 shows a schematic overview of an authenticating device 600 according to an embodiment of the present invention. The authenticating device 600 is adapted to perform the method 100 and to be used in a vehicle. The authenticating device 600 is further adapted to perform cooperative maneuvers with other vehicles. The authenticating device 600 can in particular can be comprised by the receiving vehicle, as it was described above.

The authenticating device 600 comprises means 601 for receiving geo location information and a vehicle certificate 200 and for authenticating said vehicle certificate 200 during a preparation stage. The vehicle certificate 200 is identified by a maneuver ID identifying the cooperative maneuver.

The authenticating device 600 further comprises means 602 for transmitting trajectory information after a successful authentication of said exchanged vehicle certificate 200 during a maneuver execution stage. Optionally, the means 601 can be further configured to implement any function which was described in view of the preparation stage of Fig. 1 above, and further optionally, the means 602 can be configured to implement the function as it was described in view of the maneuver execution stage of Fig. 1 above. Fig. 7 shows a schematic overview of a vehicle 700 comprising an authenticating device 600 according to an embodiment of the present invention. The vehicle 700 is adapted to perform cooperative maneuvers with other vehicles and comprises the authenticating device 600 as it was described in view of Fig. 6 above. The vehicle 700 is further adapted to initiate a cooperative maneuver, in particular by means of the authenticating device 600.

The vehicle 700 can in particular be a car, truck, motorcycle, bike, boat, helicopter, airplane or any other kind of vehicle.

Fig. 8 shows a schematic overview of an authenticating device 800 according to an embodiment of the present invention. The authenticating device 800 is adapted to perform the method 400 and to be used in a vehicle. The authenticating device 800 is further adapted to perform cooperative maneuvers with other vehicles. The authenticating device 800 can in particular be comprised by the transmitting vehicle as it was described above.

The authenticating device 800 comprises means 801 for transmitting geo location information and a vehicle certificate 200, and authenticating said vehicle certificate 200 during a preparation stage. The vehicle certificate 200 is identified by a maneuver ID identifying the cooperative maneuver.

The authenticating device 800 further comprises means 802 for receiving trajectory information in response to the transmitted vehicle certificate 200 during a maneuver execution stage.

Optionally, the means 801 can be further configured to implement any function which was described in view of the preparation stage of Fig. 4 above, and further optionally, the means 802 can be configured to implement any function as it was described in view of the maneuver execution stage of Fig. 4 above.

Fig. 9 shows a schematic overview of a vehicle 900 comprising an authenticating device 800 according to an embodiment of the present invention. The vehicle 900 is adapted to perform cooperative maneuvers with other vehicles and comprises the authenticating device 800 as it was described in view of Fig. 8.

The vehicle 900 is further adapted to receive geo location information and a vehicle certificate 200 sent by a vehicle which is initiating the cooperative maneuver, wherein the geo location information and the vehicle certificate 200 can in particular be received by means of the authenticating device 800 which is comprised by the vehicle 900. The vehicle 900 can in particular be a car, truck, motorcycle, bike, boat, helicopter, airplane or any other kind of vehicle.

Fig. 10 shows a schematic overview of an operation example according to the present invention. The operating example as shown in particular describes, how vehicle certificates 200 and distribution certificates 300 are provided to vehicles 1002, 1003, and how the certificates 200, 300 are used by the vehicles 1002, 1003 during cooperative maneuvers. Vehicle certificates 200 including a corresponding unique maneuver ID can be issued by a CA which is provided in the large scale network environment 1001 (e.g. by a network operator), and can be distributed to the vehicles 1002, 1003 by means of the network environment 1001. In order to provide a sufficient amount of certificates 200, 300 to the vehicles 1002, 1003, issuing and providing the certificates 200, 300 is repeated by the CA at predefined intervals, e.g. defined by an operator policy, or upon request of one of the vehicles 1002, 1003. The CA can e.g. be the pseudonym certificate authority, as it was described above.

A list of issued vehicle certificates 200 and their corresponding maneuver IDs, as well as of distribution certificates 300 and their corresponding execution ID, is stored and administrated in the CA in the network environment 1001. That is, the CA in the network environment 1001 can control the distribution of vehicle certificates 200 and distribution certificates 300 to the vehicles 1002, 1003 which are associated with the CA in the network environment 1001. This ensures that a sufficient number of certificates 200, 300 can be provided to the vehicles 1002, 1003 which are associated with the CA.

A vehicle 1002 is provided with various vehicle certificates 200, of which one vehicle certificate 200 each can be used to initiate a cooperative maneuver, and with various distribution certificates 300, of which one distribution certificate 300 each can be used to be transmitted in a step of transmitting 102 trajectory information.

Once a request for initiating a cooperative maneuver is denied, or the cooperative maneuver is completed, the vehicle certificate 200, which was used for the cooperative maneuver, is revoked and the unique maneuver ID is terminated. Once a step of transmitting 102 trajectory information together with a distribution certificate 300 is completed and the distribution certificate was successfully processed by a receiving entity, the distribution certificate 300, which was used for this step, is revoked and the unique execution ID is terminated. This can be applied to all vehicle certificates 200 and distribution certificates 300, which were transmitted during the cooperative maneuver. In case that a further cooperative maneuver is to be initiated, another vehicle certificate 200 of the vehicle certificates 200 stored in the vehicle 1002 is to be used, which implies that a new unique maneuver ID is used to identify the vehicle certificate 200 used for the new cooperative maneuver. In case that a further step of transmitting 102 trajectory information is to be carried out, another distribution certificate 300 of the vehicle certificates 300 stored in the vehicle 1002 is to be used. Thus, certificates issued by the CA can only be used once during a cooperative maneuver, which prevents replay attacks with previously used certificates.

It is further possible to revoke vehicle certificates 200 or distribution certificates 300, which are stored in the vehicle 1002 and have not been used in a cooperative maneuver, in order to prevent the vehicle 1002 from performing future cooperative maneuvers.

ITS provide several communication modes (fully cellular, cellular assisted, or ad-hoc), by use of which cooperative maneuvers can be carried out. The CA however cannot be reached in order to validate certificates 200, 300, if exclusively ad-hoc wireless transmission technology is available for V2V communication. The present invention, however, supports all communication modes of ITS, as shown in the following: As the vehicle certificates 200 and the distribution certificates 300 can be provided to the vehicles by the CA and can be stored in the vehicles, the vehicles can use the vehicle certificates 200 and the distribution certificates 300 which are stored in the vehicle to initiate or perform a cooperative maneuver, even if a cellular network environment (which comprises the CA which is to be contacted by the vehicles 1002, 1003 in order to validate a vehicle certificate 200 or a distribution certificate 300) is not in reach and exclusively ad-hoc wireless transmission technology can be used for communication between vehicles. In a scenario, in which a cellular network environment is not available to the vehicles, the vehicle 1003 can authenticate a vehicle certificate 200 or a distribution certificate 300 which is provided by the vehicle 1002 by means of information which is provided by the CA to the vehicle 1003 before, and which can be evaluated by the vehicle 1003 while the cellular network environment is not in reach. The invention has been described in conjunction with various embodiments herein. However, other variations to the enclosed embodiments can be understood and effected by those skilled in the art and practicing the claimed invention, from a study of the drawings, the disclosure and the appended claims. In the claims, the word "comprising" does not exclude other elements or steps, and the indefinite article "a" or "an" does not exclude a plurality. A single processor or other unit may fulfill the functions of several items recited in the claims. The mere fact that certain measures are recited in mutually different dependent claims does not indicate that a combination of these measures cannot be used to advantage. A computer program may be stored/distributed on a suitable medium, such as an optical storage medium or a solid- state medium supplied together with or as part of other hardware, but may also be distributed in other forms, such as via the internet or other wired or wireless telecommunication systems.