International Association
for Cryptologic Research

V2V technology has the potential to prevent 615,000 collisions per year in the US, reduce congestion by up to 30%, and support efforts in slowing climate change by eliminating 5% of vehicle CO2 emissions. However, the security of V2V technology is often an afterthought, much less the threat of quantum computing on this security. With experts estimating that RSA-2048 will be broken by quantum computers with a probability of 50-99% by 2051, and cars manufactured today having an expected lifespan of 30 years, time is running out. This research is the first full-scale study into how post-quantum cryptography (PQC) will interact with current standards for vehicle-to-vehicle (V2V) communications. Connected vehicles use V2V technology to exchange safety messages that allow them to avoid colliding with each other, improving roadway safety and proximity awareness. These communications must be secured against malicious attacks to ensure an adversary cannot abuse V2V to cause a collision, traffic jam, or other unsafe and/or disruptive situation. The IEEE 1609.2 standard (2016) specifies authentication mechanisms for V2V communication. However, it relies on the Elliptic Curve Digital Signature Algorithm (ECDSA), which is not quantum-secure. It is therefore imperative that this standard be updated to support quantum-secure algorithms in line with current PQ standardisation efforts by NIST (2016). To the best of our knowledge, ours is among the first works to consider PQC in conjunction with the 1609.2 standard from the perspective of digital signatures, and the first to do so with consideration for the unique constraints imposed by the complex, wireless environment of V2V communications. In this talk, we consider how the three NIST digital signature finalists would integrate with the IEEE 1609.2 standard and, using these observations, we propose several practical designs for consideration during migration to PQC. Specifically, we conclude that Falcon-512 is the most suitable NIST PQC finalist for V2V and illustrate how Falcon can be incorporated into pure PQC, hybrid classical-PQC, backwards-compatible and ``partially quantum-secure'' designs to leverage PQ security while accounting for its large public key sizes. Through experimental evaluation of these designs using a software-defined radio testbed, we show that a partially quantum-secure hybrid scheme, using post-quantum certificates to support classical ECDSA signatures, achieves the best compromise between PQ security and little impact on V2V system performance during the transition phase.