Privacy is an important issue on any open system, in particular for connected vehicles. These vehicles send continuously messages containing their locations in order to cooperate with their neighbors about what is happening on roads. Privacy protection is highly required to deploy C-ITS (Cooperative Intelligent Transport Systems) in order to avoid tracking drivers. For this reason, vehicles change frequently their identity in order to become anonymous. We need to consider the authenticity of senders in order to drop messages coming from untrusted drivers who may send fake events. To do so, each trusted vehicle should sign its message using a certificate. This certificate is provided by an adapted PKI (Public Key Infrastructure) which generates certificates to all trusted vehicles. The eco-system is considered as a trusted domain. However, if a vehicle uses only one certificate, it could be tracked. Since a relationship between its identity and its certificate could be easily done. For this reason, it has to use a set of pseudonym certificates (PCs). Each PC is used for a limited period of time. When this period expires, the vehicle switches to another PC. When all PCs are used, the vehicle downloads another set of PCs from the PKI.

This paper proposes a method which reduces the number of PCs used by vehicles. Indeed, when a certificate is used by a vehicle, in order to introduce a confusion against any tracker, this PC will be swap with another driver PC. A tracker will be confused since the former vehicle will not be the owner of the previous PC. This swap has to be recorded on the PKI with a simple process. This mechanism ensures privacy and introduces another PC change method. It also reduces the PC costs for drivers. The evaluation of the work has been done through simulations on a constrained environments (driving on highways) and has proven that tracking becomes very difficult. It has been measured through two key performance indicators: confusion rate and PC cost.

隐私是任何开放系统（尤其是联网车辆）上的重要问题。这些车辆连续发送包含其位置的消息，以便与邻居就道路上发生的事情进行合作。部署C-ITS（协作智能传输系统）时高度需要隐私保护，以避免跟踪驱动程序。因此，车辆经常更改其身份以变得匿名。我们需要考虑发件人的真实性，以便丢弃来自可能发送虚假事件的不受信任的驱动程序发出的消息。为此，每个受信任的车辆都应使用证书签署其消息。该证书由经过修改的PKI（公钥基础结构）提供，该PKI会向所有受信任的车辆生成证书。该生态系统被认为是受信任的域。然而，如果车辆仅使用一个证书，则可以对其进行跟踪。由于其身份和证书之间的关系很容易实现。因此，它必须使用一组假名证书（PC）。每台PC只能使用有限的时间。当该时间段到期时，车辆切换到另一台PC。使用所有PC时，车辆将从PKI下载另一套PC。

本文提出了一种减少车辆使用PC数量的方法。实际上，当车辆使用证书时，为了对任何跟踪器造成混乱，该PC将与另一台驾驶员PC互换。由于先前的车辆将不是先前PC的所有者，因此跟踪器会感到困惑。必须通过一个简单的过程将此交换记录在PKI上。此机制可确保隐私并引入另一种PC更改方法。它还降低了驱动程序的PC成本。这项工作的评估是通过在有限的环境（高速公路上行驶）上进行模拟来完成的，并证明了跟踪变得非常困难。它是通过两个关键性能指标来衡量的：混淆率和PC成本。