In this paper, we propose a distributed and dynamic public key infrastructure for vehicular ad hoc networks. We aim to achieve the fundamental security requirements, particularly the authentication, the confidentiality, and a reliable vehicle-to-vehicle data exchange. To make the certification authority (CA) reachable by all vehicles, we distribute its role among a set of dynamically elected vehicles. The election of dynamic CAs is based on a clustering algorithm where the cluster heads will be CAs in their clusters. The cluster heads are elected following two criteria: security and mobility. Due to the important role of the CA in each cluster and to protect it from DOS attacks, we introduce a VANETs dynamic demilitarized zone for vehicular ad hoc networks. Its role is to handle the certification requests sent to the CA from unknown vehicles, and hence, it avoids compromising it. Additionally, we detail the certificates management in the proposed public key infrastructure, and we propose a mechanism to provide anonymous vehicle-to-vehicle communications using pseudonyms. To study the feasibility of our distributed architecture and particularly the clustering algorithm, we propose a probabilistic model considering the speed of vehicles and taking into account the safety distance between vehicles.
We carried out a set of simulations to evaluate the performance of the proposed clustering algorithm in both urban and highway environments. Hence, we study the effects of the transmission range, the speed of vehicles, and the number of trusted vehicles in the network on the stability and the efficiency of the overall proposed architecture. We also study some delays characterizing the certificates management. Our simulation results show that the security of the proposed architecture closely depends on the number of trusted vehicles in the network, and the stability depends on the mobility of vehicles on the road and on the total number of trusted vehicles. Copyright © 2013 John Wiley & Sons, Ltd.