Public Key Infrastructure

AutoCrypt PKI

Establishing trust for connect mobility

PKI-based security for automotive production and communication.

The automotive ecosystem is now highly interconnected, making it crucial to establish trust between the different parties involved. The usage of public key infrastructure (PKI) is fast-growing within the automotive industry.

AutoCrypt® PKI is a specialized PKI dedicated to the automotive ecosystem. The technology enables asymmetric end-to-end encryption for two primary purposes: user authentication and message encryption.

In manufacturing, it generates keys and manages access to individual ECUs and components. It enables anonymous two-way authentication during V2X communication and Plug&Charge (PnC). The technology is also used for fleet management.

AutoCrypt PKI is a crucial security component required for vehicular communications like V2X and Plug&Charge (PnC). The system registers enrolment certificates for OBUs and RSUs and issues identification, pseudonym, and application certificates for authentication, ensuring that only trusted entities are allowed to join the communication.

Applications

AutoCrypt PKI use cases

As an industry leader in encryption and PKI technology, AUTOCRYPT offers customized PKI implementation for different use cases and scenarios in the automotive industry.

For Production

AutoCrypt® KEY is a key management solution that utilizes AutoCrypt® PKI for production key generation and management, ensuring secure access control for every vehicle component.

For V2X

AutoCrypt® V2X-PKI is a standardized PKI platform dedicated to V2X communications, compliant with all major V2X PKI standards worldwide (US SCMS, EU CCMS, and YD/T 3957-2021).

For Plug&Charge

Compliant with ISO 15118-20, AutoCrypt® PnC utilizes PKI to securely identify vehicles and ensure end-to-end encryption when exchanging charging and payment information.

For Fleet Management

AutoCrypt® MOVE Fleet is a fleet management system that utilizes PKI to protect the real-time information it collects from the fleet and to enable secure remote control.

Highlights

All you need to know about PKI

and stay prepared with AUTOCRYPT

How PKI secures the automotive supply chain

A modern vehicle contains over 100 ECUs and millions of lines of code. To ensure all components are securely tracked and managed during production, each component is given its unique identification. Cryptographic keys known as production keys are generated, distributed, and stored to manage identity and control access to each component.

Moreover, since a large percentage of vehicle components are not directly manufactured by the automotive OEM itself, the suppliers often need to be granted access to their components. Asymmetric keys are a highly effective and secure solution to establish trust between the OEM and its suppliers.

How PKI secures automotive communications

Connectivity is another major trend in the automotive industry. Besides over-the-air (OTA) software updates, vehicles are now connected to an infinite amount of external entities via V2X communications. These entities include road users (vehicles), roadside cameras, traffic lights, charging stations (via Plug&Charge), and many more. This decentralized communication network must be built on the highest level of trust, achieved by PKI.

In the V2X ecosystem, all connected participants (vehicle OBUs, infrastructure RSUs, pedestrian devices) must obtain digital certificates from root certificate authorities (root CA), and attach these certificates to their messages as their digital signature. The root CAs (along with other CAs) continuously generate, distribute, and revoke certificates within the ecosystem.