Researchers have developed a new method to reduce redundant data transmissions in vehicle-to-vehicle (V2V) communications, enabling the integration of post-quantum cryptography without compromising safety or performance. The team discovered that current V2V certificate transmissions are up to 93% redundant, presenting an opportunity to optimize radio spectrum usage. Their solution, a Partially Hybrid authentication protocol and adaptive transmission scheduling, adds only 0.39 ms of delay per message despite incorporating advanced post-quantum signature algorithms like XMSS (RFC) alongside those selected for standardization by NIST. This work demonstrates the first integration of PQC and V2V, addressing the need to secure connected vehicles as they become increasingly prevalent on roadways.
V2V Communication & Emerging Intelligent Transportation Systems
Nearly ninety-three percent of current vehicle-to-vehicle (V2V) certificate transmissions are redundant, presenting an inefficiency within the rapidly expanding realm of intelligent transportation systems. Geoff Twardokus, Nina Bindel, Hanif Rahbari, and Sarah McCarthy identified this substantial overlap, revealing an opportunity to optimize radio spectrum usage as V2V technology becomes increasingly vital for advanced driver-assistance and autonomous driving. The team’s work demonstrates the first integration of PQC and V2V, countering the threat of quantum computing, which could compromise the elliptic curve cryptography currently underpinning V2V security protocols.
NIST PQ Signature Algorithm Analysis for V2V Integration
The effort to secure vehicle-to-vehicle communications against future quantum computing threats is revealing unexpected inefficiencies in current systems. Research indicates that current V2V certificate transmissions are up to 93% redundant, highlighting an opportunity to optimize spectrum usage and enable the integration of more computationally intensive post-quantum cryptography. Researchers Geoff Twardokus, Nina Bindel, Hanif Rahbari, and Sarah McCarthy are evaluating not only the signature algorithms recently selected for standardization by NIST, but also XMSS (RFC) as a potential solution during this transitional period. The team designed a Partially Hybrid authentication protocol, fusing classical cryptography with post-quantum techniques, to balance security and performance. Experimental results, utilizing software-defined radios (USRPs) and V2V simulators, demonstrate a negligible average delay of 0.39 ms per message, despite the added complexity of post-quantum cryptography. This work represents the first integration of PQC and V2V.
We are the first to reveal that current V2V security standards require vehicles to transmit in particular, we show that more than 90% of certificate transmissions are redundant (i.e., the receivers already possess a message-signing certificate being shared).
Spectrum Redundancy in Current V2V Message Signing
Geoff Twardokus of Rochester Institute of Technology and his team are addressing an inefficiency in current vehicle-to-vehicle communication systems that hinders the adoption of post-quantum cryptography. Their research reveals a surprising level of redundancy in how vehicles currently authenticate messages; analysis indicates that up to 93% of certificate transmissions are unnecessary repetitions. This discovery is not merely academic, but a practical bottleneck impacting the limited radio spectrum available for V2V broadcasts. The team’s work highlights that maximizing system capacity, allowing more vehicles to communicate effectively, requires minimizing transmission length and processing time.
In some circumstances (e.g., non-line-of-sight scenarios), V2V messages could provide a critical chance to avert a collision .
Partially Hybrid Authentication Protocol for V2V Transition
The increasing deployment of vehicle-to-vehicle (V2V) technology demands a proactive approach to security, particularly against the emerging threat of quantum computing capable of breaking current cryptographic standards. Researchers Geoff Twardokus, Nina Bindel, Hanif Rahbari, and Sarah McCarthy identified a critical vulnerability; IEEE has overhauled its Dedicated Short Range Communications (DSRC) protocol, which previously relied solely on elliptic curve cryptography, and this will be ineffective against future quantum attacks. This necessitates a shift towards post-quantum cryptography (PQC), but direct implementation presents challenges given the limited radio spectrum and stringent latency requirements of V2V systems. Their analysis reveals that current V2V certificate transmissions are up to 93% redundant, presenting an opportunity to reclaim valuable bandwidth. This work demonstrates the first integration of PQC and V2V.
Hybrid designs, supported by NIST , have previously been explored outside of V2V but consider looser size or latency constraints, .
ECDSA Vulnerability to Quantum Computing Attacks
The assumption that current vehicle security will remain robust against future threats is increasingly challenged by the development of quantum computing; vehicles with lifespans extending beyond 15 years face a growing risk of cryptographic compromise. Specifically, the Elliptic Curve Digital Signature Algorithm (ECDSA), foundational to both Cellular V2X (C-V2X) and Dedicated Short Range Communications (DSRC) systems, will be vulnerable to attacks leveraging quantum computers. An adversary exploiting this vulnerability could potentially lead to catastrophic consequences. This vulnerability is exacerbated by the difficulty of updating vehicle hardware; once deployed, cryptographic modules are difficult to adapt or replace due to consumer response rates and the lack of resources. Researchers Geoff Twardokus, Nina Bindel, Hanif Rahbari, and Sarah McCarthy found that simply swapping existing elliptic curve cryptography for post-quantum alternatives is impractical, as up to 93% of current certificate transmissions are redundant. This discovery necessitates a shift in how radio spectrum is utilized and a prioritization of security guarantees aligned with the evolving quantum threat landscape.
With the accelerating deployment of V2V, the safety of connected vehicles is increasingly put in jeopardy by the likelihood of adversaries gaining access to quantum computers within the lifetime of vehicles being sold today (12- years ).
This is because V2V systems demand high broadcast rates, ten or more safety messages per second, within a narrow and shared radio frequency band, necessitating minimized message sizes and rapid processing times. Up to 93% of current certificate transmissions are redundant. This careful balance is crucial, as the safety-critical nature of V2V demands processing each message within milliseconds of arrival.
In particular, the Elliptic Curve Digital Signature is used for signing V2V safety Algorithm (ECDSA) that messages to protect against spoofing, alteration, and replay attacks in both C-V2X and DSRC systems will be extremely vulnerable.
Impact of Long Vehicle Lifespans on Crypto Agility
The longevity of modern vehicles presents a unique challenge to maintaining secure vehicle-to-vehicle (V2V) communications as the threat of quantum computing looms. Researchers Geoff Twardokus, Nina Bindel, Hanif Rahbari, and Sarah McCarthy are now focused on the critical issue of crypto agility, considering vehicles potentially remaining on the road for 12, 15 years, overlapping with the anticipated arrival of sufficiently powerful quantum computers. Researchers find that message signing certificate transmissions are currently up to 93% redundant, and their analysis reveals that simply swapping existing elliptic curve cryptography for post-quantum alternatives is impractical. The resulting system adds a negligible average delay of 0.39 ms per message.
There is a 50% or greater chance that a quantum computer powerful enough to break classical cryptography will be developed by then .
Experimental Validation with SDRs & V2V Simulators
This practical validation was essential, given the stringent latency and bandwidth limitations inherent in real-world V2V systems, and the need to demonstrate scalability under realistic conditions. The team’s focus extended to road traffic and V2V simulators, allowing for comprehensive assessment of performance in diverse scenarios. Analysis revealed a critical opportunity for optimization; the research demonstrates that up to 93% of current certificate transmissions are redundant. Researchers Geoff Twardokus, Nina Bindel, Hanif Rahbari, and Sarah McCarthy specifically analyzed three post-quantum signature algorithms selected for standardization by NIST, alongside XMSS (RFC), to determine the most viable options for implementation. This careful consideration of available algorithms underscores the importance of a flexible, adaptable solution for the evolving threat landscape.
We show that simply adopting a hybrid design using any of the PQ signature schemes selected for NIST standardization or the ) s e t y b ( t n i a r t s n o c e z i S V2V 6G SPDM Latency constraint (ms) . Comparison of PQC integration constraints in related domains/works alternative eXtended Merkle Signature Scheme (XMSS) is impossible under the constraints of V2V protocols.
Scalability & Performance: 0.39ms Average Delay Added
Their work reveals that up to 93% of message signing certificate transmissions are redundant, and proposes a scheduling technique that learns to adaptively reduce the use of radio spectrum. In combination, they designed the first integration of PQC and V2V, which satisfies stringent constraints given the available spectrum. Specifically, they analyze three PQ signature algorithms selected for standardization by NIST, as well as XMSS (RFC ), and propose a Partially Hybrid authentication protocol, a tailored fusion of classical cryptography and PQC, for use in the V2V ecosystem during the transitional period they outline towards fully PQ V2V. Their provably secure protocol efficiently balances security and performance, as demonstrated experimentally with software-defined radios (USRPs), commercial V2V devices, and road traffic and V2V simulators.
They show their joint transmission scheduling optimization and Partially Hybrid design are scalable and reliable under realistic conditions, adding a negligible average delay of 0.39 ms per message. Connected vehicle (CV) technologies, integral to emerging intelligent transportation systems, are among the safety requirements of advanced driver-assistance and, ultimately, autonomous driving systems. CV technologies are proliferating globally under the umbrella of vehicle-to-everything (V2X) communication, wherein vehicle-to-vehicle (V2V) has the potential to drastically reduce serious roadway collisions and, at the same time, enhance transportation system efficiency. It requires each vehicle to regularly broadcast safety messages containing travel data to facilitate proactive movement coordination, such as collision avoidance, among vehicles. In some circumstances, V2V messages could provide a critical chance to avert a collision.
V2V modules are already installed in thousands of vehicles on the road and their adoption rate continues to accelerate; for example, Ford and other major automakers just received regulatory approval for immediate deployment of V2V in new vehicles sold in certain U.S. states. This momentum aligns with ongoing standardization efforts for expanded use cases of V2V to enhance safety, efficiency, and autonomy, IEEE has overhauled its Dedicated Short Range Communications (DSRC) protocol for V2V and 3GPP continues to prioritize its alternative Cellular V2X (C-V2X) protocol in upcoming releases towards 6G. Simultaneously, autonomous vehicles are improving; autonomous driving systems are expected to be available with a moderate price premium by the 2040s.
With the accelerating deployment of V2V, the safety of connected vehicles is increasingly put in jeopardy by the likelihood of adversaries gaining access to quantum computers within the lifetime of vehicles being sold today. These vehicles may be on the roads until or beyond, and many experts believe there is a 50% or greater chance that a quantum computer powerful enough to break classical cryptography will be developed by then. Meanwhile, the latest IEEE .2 and .2.1 standards for CV security, which describe protocols for certificate-based authentication of broadcast V2V messages, rely solely on elliptic curve cryptography (ECC), and thus will not be effective against adversaries equipped with large quantum computers. In particular, the Elliptic Curve Digital Signature Algorithm (ECDSA) used for signing V2V safety messages to protect against spoofing, alteration, and replay attacks in both C-V2X and DSRC systems will be extremely vulnerable.
An attacker who uses a quantum computer to forge valid ECDSA signatures on those messages could execute a variety of devastating attacks; for example, sending fake emergency brake activation notifications in fog or heavy precipitation to cause vehicles to react by suddenly stopping or slowing down, resulting in anything from a severe traffic jam to a chain of rear-end collisions with injuries and, potentially, fatalities. Therefore, guaranteeing the integrity and authenticity of V2V messages is paramount. Once a vehicle is on the road, the hardware security module (HSM) it uses to store and manage classical cryptographic primitives cannot easily be disenrolled from the V2V system, adapted to new cryptographic primitives via over-the-air updates, or replaced via manufacturer recall due to poor consumer response rates. This means vehicles lack crypto agility. With the lifetimes of new vehicles overlapping the possible realization of a quantum threat, it is critical to begin taking steps towards securing connected vehicles against quantum attacks that can break ECDSA.
Accordingly, we propose a scheduling technique for message signing certificate transmissions (which we find are currently up to 93% redundant) that learns to adaptively reduce the use of radio spectrum.
