System and method for vehicle messaging using a public key infrastructure

What is claimed is: 1. A method for vehicle messaging comprising: obtaining, by a first vehicle, initial trust information comprising a root public key (RPK); obtaining, by the first vehicle, a message authentication set comprising a first pool of group certificate (GC) sets and a first vehicle authentication certificate (VAC), wherein the first VAC comprises a first encrypted serial number (ESN) of the first vehicle; selecting, by the first vehicle, a first GC set from the first pool, wherein the first GC set comprises a first GC and a first group private key (Gpk); determining, by the first vehicle, a first signature in accordance with a first message and a digest function, wherein the first message comprises the first GC; sending, by the first vehicle, a first datagram comprising the first message and the first signature; receiving, by the first vehicle, a second datagram comprising a second GC and a second signature, wherein the second GC is a duplicate of a GC comprised in the first pool; receiving, by the first vehicle, a third datagram comprising a third GC and a third signature, wherein the third GC is not a duplicate of any GC comprised in the first pool; verifying the second datagram in accordance with the digest function and a second GPK of the second GC determined according to at least the RPK, wherein the verifying the second datagram comprises: determining, by the first vehicle, the second GPK in accordance with a second GPK reconstruction value and the RPK; and verifying, by the first vehicle, the second datagram in accordance with the digest function and the second GPK; and verifying the third datagram in accordance with the digest function and a third GPK of the third GC determined according to at least the RPK, wherein the verifying the third datagram comprises: determining, by the first vehicle, a third GPK in accordance with a third GPK reconstruction value and the RPK; and verifying, by the first vehicle, the third datagram in accordance with the digest function and the third GPK. 2. The method of claim 1 , wherein the first GC comprises a first group public key (GPK) reconstruction value for a first GPK; and wherein the first GPK is a matching public key of the first Gpk. 3. The method of claim 2 , wherein the determining the first signature is further in accordance with the first Gpk; the second GC comprises the second GPK reconstruction value; and the third GC comprises the third GPK reconstruction value. 4. The method of claim 2 , further comprising: determining, by the first vehicle in accordance with the first Gpk, a first vehicle dynamic private key (VDpk); and determining, by the first vehicle, a first vehicle dynamic public key (VDPK) reconstruction value for a first VDPK that is a matching public key of the first VDpk; wherein the first message further comprises the first VDPK reconstruction value; wherein the determining the first signature is further in accordance with the first VDpk; wherein the second datagram further comprises a second GPK reconstruction value and a second VDPK reconstruction value; wherein the verifying the second datagram comprises: determining, by the first vehicle, a second GPK in accordance with the second GPK reconstruction value and the RPK; determining, by the first vehicle, a second VDPK in accordance with the second VDPK reconstruction value and the second GPK; and verifying, by the first vehicle, the second datagram in accordance with the digest function and the second VDPK; wherein the third datagram further comprises a third GPK reconstruction value and a third VDPK reconstruction value; and wherein the verifying the third datagram comprises: determining, by the first vehicle, a third GPK in accordance with the third GPK reconstruction value and the RPK determining, by the first vehicle, a third VDPK in accordance with the third VDPK reconstruction value and the third GPK; and verifying, by the first vehicle, the third datagram in accordance with the digest function and the third VDPK. 5. The method of claim 1 , further comprising concatenating the first ESN in accordance with a nonce to produce a concatenated ESN; and encrypting the concatenated ESN in accordance with the RPK and the first Gpk to produce a first double-encrypted serial number (DESN) of the first vehicle; wherein the first message further comprises the first DESN; wherein the second datagram further comprises a second DESN of a second vehicle; and wherein the third datagram further comprises sender data comprising one of a third DESN of a third vehicle and the second DESN. 6. The method of claim 1 , further comprising: determining, by the first vehicle, a vehicle authentication public key (VAPK) that is a matching public key of a vehicle authentication private key (VApk); encrypting, by the first vehicle, the VAPK in accordance with the RPK to produce an RPK-encrypted VAPK; and sending, by the first vehicle, a registration request comprising the RPK-encrypted VAPK and a first vehicle serial number (SN) of the first vehicle; wherein the initial trust information further comprises the VApk and the first SN; and wherein the obtaining the message authentication set comprises: receiving, by the first vehicle, a registration package; and decrypting, by the first vehicle, the registration package in accordance with the VApk to obtain the message authentication set. 7. The method of claim 1 , further comprising: receiving, by the first vehicle, a certificate revocation list (CRL); determining, by the first vehicle in accordance with the CRL, that a received GC is revoked, wherein the received GC comprises at least one of the second GC and the third GC; and sending, by the first vehicle, a warning message indicating that the received GC is revoked. 8. A vehicle messaging system comprising: an on-board equipment (OBE) configured to reside in a first vehicle, the OBE comprising: a processor; and a non-transitory computer readable medium; wherein initial trust information is stored in the non-transitory computer readable medium, the initial trust information comprising a root public key (RPK), and wherein programming for execution by the processor is stored in the non-transitory computer readable medium, the programming comprising instructions to: obtain a message authentication set comprising a first pool of group certificate (GC) sets and a first vehicle authentication certificate (VAC), wherein the first VAC comprises a first encrypted serial number (ESN) of the first vehicle; select a first GC set from the first pool, wherein the first GC set comprises a first GC and a first group private key (Gpk); determine a first signature in accordance with a first message and a digest function, wherein the first message comprises the first GC; send a first datagram comprising the first message and the first signature; receive a second datagram comprising a second GC and a second signature, wherein the second GC is a duplicate of a GC comprised in the first pool; receive a third datagram comprising a third GC and a third signature, wherein the third GC is not a duplicate of any GC comprised in the first pool; verify the second datagram in accordance with the digest function and a second GPK of the second GC determined according to at least the RPK, wherein the instructions to verify the second datagram comprise instructions to: determine the second GPK in accordance with a second GPK reconstruction value and the RPK; and verify the second datagram in accordance with the digest function and the second GPK; and verify the third datagram in accordance with the digest function and a third GPK of the third GC determined according to at least the RP