CN109996215A - A kind of multi-path communications method based on privacy sharing under vehicular ad hoc network network environment - Google Patents

A kind of multi-path communications method based on privacy sharing under vehicular ad hoc network network environment Download PDF

Info

Publication number
CN109996215A
CN109996215A CN201910254544.3A CN201910254544A CN109996215A CN 109996215 A CN109996215 A CN 109996215A CN 201910254544 A CN201910254544 A CN 201910254544A CN 109996215 A CN109996215 A CN 109996215A
Authority
CN
China
Prior art keywords
key
node
sub
path
destination node
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910254544.3A
Other languages
Chinese (zh)
Inventor
沈剑
董昳晖
戚荣鑫
冯孟
苗田田
刘帅
蒋玲红
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing University of Information Science and Technology
Original Assignee
Nanjing University of Information Science and Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing University of Information Science and Technology filed Critical Nanjing University of Information Science and Technology
Priority to CN201910254544.3A priority Critical patent/CN109996215A/en
Publication of CN109996215A publication Critical patent/CN109996215A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/12Shortest path evaluation
    • H04L45/128Shortest path evaluation for finding disjoint paths
    • H04L45/1283Shortest path evaluation for finding disjoint paths with disjoint links
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • H04W4/48Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P] for in-vehicle communication

Abstract

The present invention is a kind of multi-path communications method based on privacy sharing under vehicular ad hoc network network environment, finds a plurality of nonintersecting paths between start node and destination node using Latin square, recycles privacy sharing that symmetric cryptographic key is divided into multiple sub-keys.Meanwhile encrypted message is also divided into multiple portions, and generates equivalent for each sub-key and promise to undertake to support fault-tolerance, while choosing current time stamp to resist Replay Attack.Encrypted sub-key and ciphertext promise to undertake that pass through each paths is sent to destination node jointly.Destination node reconstructs key using sub-key, and obtains origination message using key decryption ciphertext.This kind of communication means greatly reduces network load, improves information transfer efficiency, while also having the characteristics that stability is good, being not easy to be attacked or stolen private data.This kind of communication means fault-tolerance also with higher, even if being also capable of providing normal service when the unstable factors such as network congestion, flow restriction, node device damage occur.

Description

A kind of multi-path communications method based on privacy sharing under vehicular ad hoc network network environment
Technical field
The invention belongs to robot communication technique field, based on secret under specifically a kind of vehicular ad hoc network network environment Shared multi-path communications method.
Background technique
In recent years, vehicle popularity rate increases substantially, and road vehicle quantity is caused to be continuously increased, and road is crowded, goes It sails the relevant issues such as safety, environmental pollution to get worse, greatly affected the normal trip of people.Therefore, it is necessary to a kind of realities The new technique of the intercommunication of existing vehicle provides safety and convenience for Modern road traffic.For various demands, it is vehicle-mounted from Group network (Vehicular Ad-hoc Network, referred to as VANET) is come into being.VANET is one kind by vehicle-mounted node, road The group multi-hop communication network certainly of roadbed Infrastructure and server composition, provides intelligent traffic information service for driver.? In VANET, the vehicle vision travelled in the road is mobile node, is located at by road and is referred to as roadside unit (Road Side Unit, referred to as RSU) road infrastructure can be considered stationary node.Each car is equipped on board unit (On Board Unit, referred to as OBU), it can be with the extraneous interaction for carrying out information.Communication pattern in VANET can be divided into vehicle and vehicle Communication and vehicle and infrastructure (Vehicle between (Vehicle to Vehicle, referred to as V2V) Infrastructure, referred to as V2I) two parts.V2V communication pattern can make vehicle be sent to its collected information data Other vehicles in range, also can be used as relay node, the information received from a upper vehicle node are sent to next vehicle section Point.The information that vehicle obtains carries out respective handling by processing equipment, provides safety smoothly driving condition for driver. V2I communication pattern realizes the transmitting of information between vehicle and RSU so that a small range vehicle acquisition information can concentrate with RSU, and server is uploaded to by RSU, realize the unified management of analysis and the traffic of road conditions in network-wide basis.
However vehicular ad hoc network network is faced with more communication security and efficiency of transmission side while offering convenience for people The challenge in face.The information transmitted in VANET has generally comprised user's associated privacy information, if information is by attacker in communication process It obtains, by the very big privacy for invading user.The considerations of VANET of early stage is to privacy of user secure context be not comprehensive, privacy number According to being difficult to preferably be protected.In addition, vehicle has faster travel speed on road, lead to the biography of information in VANET It is shorter to pass the time.Therefore efficiency of transmission problem cannot be such as efficiently solved, message will be unable to be sent to next node in time, influence The normal operation of VANET.In view of the above-mentioned problems, some experts and scholars propose corresponding solution.It is existing to make compared with multi-scheme The safety for guaranteeing message with digital signature technology improves communication efficiency using modes such as symmetric cryptography, batch certifications.However this A little schemes only pass through a paths and transmit to message, are unable to satisfy real-time demand, and transmission process is still vulnerable to opponent Attack and destruction.In addition, System Fault Tolerance rate is lower, the unstable factors such as network congestion, equipment fault can not be effective against It generates.
Summary of the invention
The technical problem to be solved in the present invention is to provide the multichannels based on privacy sharing under a kind of vehicular ad hoc network network environment Diameter communication means with timeliness height, transmits the characteristic that can be resisted attack in information process and have high fault tolerance.
In order to solve the above technical problems, the technical solution adopted by the present invention are as follows:
A kind of multi-path communications method based on privacy sharing under vehicular ad hoc network network environment, it is characterized in that: utilizing Latin Square matrix finds a plurality of nonintersecting paths between start node and destination node, recycles privacy sharing to be divided into symmetric cryptographic key more A sub-key;Encrypted message is also divided into multiple portions, and generates equivalent for each sub-key and promise to undertake to support fault-tolerance;Add Sub-key and ciphertext, promise after close are sent to destination node by each paths jointly;Destination node is reconstructed using sub-key Key out, and origination message is obtained using key decryption ciphertext.Specific step is as follows:
Step 1, construct Latin square: the number of different elements constructs Latin square in logic-based transmission path;
Step 2, it determines transmission path: being determined according to Latin square, logical transmission path and two dynamic operation set A plurality of non-intersecting transmission path between beginning node and destination node;
Step 3, privacy sharing initialize: using rsa cryptosystem algorithm be each node distribute one group of public key to and private key pair; A non-zero random number is chosen for marking respective paths simultaneously for each path;
Step 4, sub-key generates: choosing a polynomial of one indeterminate, constant term is the symmetric cryptographic key for encrypting message;It is logical Crossing this multinomial is that each path generates a sub-key;
Step 5, after encrypting using symmetric cryptography to origination message, ciphertext privacy sharing: is again divided into multiple portions Point, the corresponding paths in every part;A promise is calculated for each sub-key, for supporting fault-tolerance;For in overt channel Middle transmission data using the public key encryption sub-key of destination node, while choosing current time stamp to resist Replay Attack, and lead to Cross the validity that cryptography one-way Hash function guarantees transmission data;Obtained corresponding data passes through each paths from start node It is transmitted to destination node;
Step 6, authenticate: after receiving the data that each paths transmit, destination node obtains current time stamp first, according to System actual demand receives the validity of timestamp in data to the limitation verifying of tolerance;After being proved to be successful, destination node The validity decrypted using own private key and obtain sub-key, and promised to undertake by checking cryptographic Hash verifying;Then, destination node uses Promise to undertake the validity for judging sub-key;If sub-key is invalid, the error detection in step 7 is carried out;If sub-key is effective, jump Cross step 7;
Step 7, error detection: if the sub-key quantity being proved to be successful does not reach prescribed requirement, destination node will be to rising Beginning node sends a error reporting;Start node carries out validation verification to the error reporting received, and by correctly transmitting The path of data is to destination node return information;The validity of destination node verifying return information.If start node is not being advised The number of interior return message of fixing time or destination node authentication failed is more than a particular value, then it is assumed that start node is malice The communication of node and termination and start node;
Step 8, cipher key reconstruction: destination node is reconstructed using effective sub-key that the path for being no less than threshold value quantity is transmitted Symmetric key out, and acquisition origination message is decrypted to ciphertext.
Using 2-CN network as traffic model, 2-CN network model is turned into non-directed graph G (n, ± d1,±d2,...,± dm), wherein n is figure interior joint number, respectively with 1,2 ..., n expression, ± d1To ± dmRespectively indicate each node in non-directed graph At a distance from adjacent 2m node, andThere are 2m most short and node-disjoint paths at this time, enables LTP (S, E, SE) is logical transmission path, is represented through sequence of operation SE from start node S to the logical path of destination node E, Wherein sequence of operation SE={ d1,d2,...,djIt is { ± d1,±d2,...,±dmA subset;Based on non-directed graph G (n, ± d1,±d2,...,±dm) definition, each node has 2m neighbors, to find 2m node-disjoint paths, first The collection of operation is combined into FO={ ± d1,±d2,...,±dm, the collection of the last one operation is combined into LO.
Latin square is constructed in the step 1, and specific step is as follows: the quantity based on elements different in SE, which constructs, draws Fourth square matrix enables FO=LO={ ± d1,±d2,...,±dm, the quantity of different elements is in SE, first by d1,d2,...,dj′ As the first row element of Latin square, subsequent -1 row of j ' moves the header element in lastrow all on the basis of lastrow To end, other elements sequence ultimately forms a j ' × j ' Latin square to Forward one.
It determines that specific step is as follows for transmission path in the step 2: a element insertion of j-j ' remaining in SE is drawn The centre of every a line in fourth square matrix, obtains j ' node-disjoint paths, and removes element identical with SE in FO and LO;
For comprising pairs of forward and reverse operation d ' and-d ', then being chosen at random from existing j ' paths in set FO Select a Pi, two operations are added to original operation forefront and rearmost, obtain two new path d ' by 0 < i≤j ' | | {Pi| |-d ' and-d ' | | { Pi| | d ', and d ' and-d ' is removed in FO and LO;Due in figure G (n, ± d1,±d2,...,± dm) in forward and reverse operation that any node is performed simultaneously can cancel out each other, therefore new route can be correctly obtained;
For single operation remaining in FOIt is added to original operation forefront and rearmost simultaneously;To guarantee Path reaches destination node E, need to be by two reverse operatingsIt is intermediate to be added to operation, i.e.,
The operationBased on { ± d1,±d2,...,±dmMerge to guarantee to minimize, ifIn subset { d1,d2,...,dbMeet d1+d2+...+db=dc, then d is usedcInstead of { d1,d2,...,db} So that the path of construction is most short, to obtain new routeAnd it is removed in FO and LO
Specific step is as follows for privacy sharing initialization in the step 3: selection prime number p and q two big select one Prime number rank cyclic group G, g are the generation member in group G;
It is that each node distributes a public key (PK using rsa cryptosystem algorithm before node deploymenti, n) and a private key (SKi, n), wherein i is node subscript, and n is the product of p and q, PKiRelatively prime, the PK with (p-1) (q-1)iSKi=1mod (p-1) (q- 1);
From finite field gf (p) from randomly selecting 2m nonzero element r1,r2,...,r2mPublic letter as 2m paths Breath.
Specific step is as follows for sub-key generation in the step 4: one t-1 rank polynomial of one indeterminate f (x)=a of construction0 +a1x+a2x2+···+at-1xt-1, wherein a1,a2,...,at-1For the random nonzero integer in GF (p), a0For symmetric key k; Start node S is that 2m paths generate 2m sub-key ki, for sharing symmetric key k and message M, k with destination node EiMeter Calculation mode is as follows:
Specific step is as follows for privacy sharing in the step 5: carrying out symmetric cryptography to message M using key k, and will Ciphertext is divided into 2m part, i.e. M1,M2,...,M2m
A promise w is calculated for each sub-keyi, i=1,2 ..., 2m;wiCalculation it is as follows:
When by overt channel from start node S transport symmetric key k and message M to destination node E, need to protect transmission The safety and authenticity of information, detailed process are as follows:
S1 uses the public key PK of destination node EeEncryption subkey ki
S2 selects current time stamp T to resist Replay Attack;
S3 calculates h (k using cryptography one-way Hash function h ()i,wi, T), for ensuring to transmit the validity of information;
S4 transmits information by 2m paths
Authenticate that specific step is as follows in the step 6: after receiving information from each path, destination node E is obtained Current time stamp T ' passes through verifying | T '-T | < TexpProve time of receipt (T of R) stamp effectively, wherein TexpFor predicted delay time;
E uses private key SKiIt calculatesAnd pass through verifying equation h (k 'i,wi, T) and=h (ki,wi, T) at The bright promise w of testificandumiEffectively;
E judges path P by verification expressioniMiddle sub-key kiValidity, the verification expression is specific as follows:
If above formula is set up, sub-key kiEffectively, i.e. kiIt can be used for reconstructing symmetric key k, otherwise kiIt is not used to reconstruct, And execute the error detection in step 7.
Specific step is as follows for error detection in the step 7: when S and E are communicated, due to having used (t, 2m) Privacy sharing, t item or more can be such that verification expression (3) set up if it exists, and E can reconstruct effective symmetric key, obtain After obtaining this symmetric key, S and E can be communicated by encrypted message;
T item or more can be such that verification expression (3) set up if it does not exist, and E sends error reportingTo S, S After the validity of the good authentication error reporting, the path for the safe transmission information for setting up verification expression (3) by one, TexpIt will in timeIt is sent to E;Then, E checks kiValidity;If S is not in Texp Interior returnOr the number of authentication failed is more than a certain number, then S is considered as malice Node, and E terminates the communication with S.
Specific step is as follows for cipher key reconstruction in the step 8: destination node E in t item or more by obtaining The sub-key obtained reconstructs symmetric key, and calculation is as follows:
Then, message M can decrypt to obtain by symmetric key k;If sub-key quantity is less than t, outbound message can not be restored M。
The beneficial effect that the multi-path communications method based on privacy sharing can generate under this kind of vehicular ad hoc network network environment Are as follows: the present invention constructs the parallel processing architecture for VANET communication, so that from starting VANET by utilizing Latin square The information of equipment can be transmitted to target VANET equipment.Compared with sequential processes, it is negative that parallel processing greatly reduces network It carries, improves information transfer efficiency, message is avoided to lag, meet the real-time demand of VANET communication.In addition, by will simultaneously Row processing framework is combined with privacy sharing, and when the number of paths of correctly transmission information is not less than threshold value, target device can It is heavy about going out symmetric key to structure and decrypt ciphertext using these information being collected into.In single path communication, system is vulnerable to more The attack of kind form, information security are unable to get effective guarantee.If the number of paths that attacker destroys in the present invention is less than thresholding Value can not then obtain any information for claiming key and encrypting message.Simultaneously as the characteristic of privacy sharing, tolerable certain amount Path lead to not Successful transmissions information because of unstable factors such as network congestion, wandering limitation or equipment faults, reduce and disappear The failure rate for ceasing transmission ensure that the robustness of VANET communication.
Detailed description of the invention
Fig. 1 is VANET in the multi-path communications method based on privacy sharing under a kind of vehicular ad hoc network network environment of the present invention System structure model.
Fig. 2 is non-directed graph in the multi-path communications method based on privacy sharing under a kind of vehicular ad hoc network network environment of the present invention The schematic diagram of G.
Fig. 3 is the communication mould of the multi-path communications method based on privacy sharing under a kind of vehicular ad hoc network network environment of the present invention Type.
Specific embodiment
Below in conjunction with Figure of description and specific preferred embodiment, the invention will be further described.
A kind of multi-path communications method based on privacy sharing under vehicular ad hoc network network environment, this method are a kind of VANET Multi-path communications scheme under environment based on privacy sharing.
In the present embodiment, using 2-CN network as traffic model.2-CN network can be modeled as non-directed graph G (n, ± d1,±d2), wherein n is figure interior joint number, respectively with 1,2 ..., n expression, d1And d2Determine the neighbouring section of each node Point, andSpecifically, the adjacent node of node i is i ± d1(mod n) and i ± d2(mod n).This implementation Non-directed graph used in example is G (n, ± d1,±d2,...,±dm), as shown in Fig. 2, wherein? It proves, from any start node to destination node, there are 2m most short and node-disjoint paths in this figure, which constitute Traffic model of the invention, as shown in Figure 3.Specifically, 2m secret information is generated first, it then will based on this traffic model Secret information is transmitted to destination node from start node.In figure G (n, ± d1,±d2,...,±dm) in, enable the LTP (S, E, SE) be Logical transmission path is represented through sequence of operation SE from start node S to the logical path of destination node E, wherein the sequence of operation SE={ d1,d2,...,djIt is { ± d1,±d2,...,±dmA subset.Based on figure G (n, ± d1,±d2,...,±dm) Definition, each node has 2m neighbors.To find 2m node-disjoint paths, the set of first operation should be FO ={ ± d1,±d2,...,±dm, the collection of the last one operation is combined into LO.
Specific step is as follows for the multi-path communications method based on privacy sharing under this kind of vehicular ad hoc network network environment:
Step 1, construct Latin square: the number of different elements constructs Latin square in logic-based transmission path.
In the present embodiment, the quantity based on elements different in SE constructs Latin square: enabling FO=LO={ ± d1,± d2,...,±dm, the quantity of different elements is j ' in SE.First by d1,d2,...,dj′As the first row element of Latin square, Header element in lastrow is moved to end all on the basis of lastrow by subsequent -1 row of j ', and other elements sequence is forward One is moved, a j ' × j ' Latin square is ultimately formed.
Step 2, it determines transmission path: being determined according to Latin square, logical transmission path and two dynamic operation set A plurality of non-intersecting transmission path between beginning node and destination node.
In the present embodiment, first by the centre of every a line in a element insertion Latin square of j-j ' remaining in SE, obtain J ' node-disjoint paths, and remove element identical with SE in FO and LO.If comprising pairs of forward direction and instead in set FO To operation, such as d ' and-d ', then a P is selected at random from existing j ' pathsi, two operations are added to by 0 < i≤j ' Original operation forefront and rearmost obtain two new path d ' | | { Pi| |-d ' and-d ' | | { Pi| | d ', and in FO and LO Middle removing d ' and-d '.Due in figure G (n, ± d1,±d2,...,±dm) in forward and reverse that any node is performed simultaneously Operation can cancel out each other, therefore the above process can be correctly obtained new route.Finally, for single operation remaining in FO, such asIt is added to original operation forefront and rearmost simultaneously.It, need to be anti-by two to guarantee that path reaches destination node E To operationIt is intermediate to be added to operation, i.e.,In addition, operationIt should be based on {±d1,±d2,...,±dmMerge to guarantee to minimize.Specifically, ifIn subset { d1, d2,...,dbMeet d1+d2+...+db=dc, then d is usedcInstead of { d1,d2,...,dbMake the path of construction most short, thus To new routeAnd it is removed in FO and LO
Step 3, privacy sharing initializes: being each node using rsa cryptosystem algorithm before disposing node to VANET Distribute one group of public key to and private key pair.In addition, choosing a non-zero random number for marking respective paths for each path.
In the present embodiment, prime number p and q two big are selected first, and selecting prime number rank cyclic group a G, g is one in group G A generation member.It then, is that each node distributes a public key using rsa cryptosystem algorithm before node deployment to VANET (PKi, n) and a private key (SKi, n), wherein i is node subscript, and n is the product of p and q, PKiIt is relatively prime with (p-1) (q-1), PKiSKi=1mod (p-1) (q-1).Finally, from finite field gf (p) from randomly selecting 2m nonzero element r1,r2,...,r2mMake For the public information of 2m paths.
Step 4, sub-key generates: choosing a polynomial of one indeterminate, constant term is the symmetric cryptographic key for encrypting message;It is logical Crossing this multinomial is that each path generates a sub-key;
In the present embodiment, to realize from start node S to privacy sharing side (t, 2m) of 2m paths between destination node E Case constructs t-1 rank polynomial of one indeterminate f (x)=a0+a1x+a2x2+···+at-1xt-1, wherein a1,a2,...,at-1For GF (p) the random nonzero integer in, a0For symmetric key k.To share symmetric key k and message M, start node S with destination node E 2m sub-key k is generated for 2m pathsi。kiCalculation it is as follows:
Step 5, after encrypting using symmetric cryptography to origination message, ciphertext privacy sharing: is again divided into multiple portions Point, the corresponding paths in every part.In addition, calculating a promise for each sub-key to support fault-tolerance.For in open letter Data are transmitted in road, using the public key encryption sub-key of destination node, while choosing current time stamp to resist Replay Attack, and Guarantee the validity of transmission data by cryptography one-way Hash function.Obtained corresponding data is saved by each paths from starting Point is transmitted to destination node.
In the present embodiment, symmetric cryptography is carried out to message M using key k, and ciphertext is divided into 2m part, i.e. M1, M2,...,M2m.In addition, calculating a promise w for each sub-keyi, i=1,2 ..., 2m.wiCalculation it is as follows:
, from start node S transport symmetric key k and message M to destination node E, to need following below scheme by overt channel To protect the safety and authenticity of transmission information.Firstly, using the public key PK of destination node EeEncryption subkey ki.Then, it is Replay Attack is resisted, current time stamp T is selected.Then, h (k is calculated using cryptography one-way Hash function h ()i,wi, T), with Ensure to transmit the validity of information.Finally, transmitting information by 2m paths
Step 6, authenticate: after receiving the data that each paths transmit, destination node obtains current time stamp first, according to System actual demand receives the validity of timestamp in data to the limitation verifying of tolerance;After being proved to be successful, destination node The validity decrypted using own private key and obtain sub-key, and promised to undertake by checking cryptographic Hash verifying;Then, destination node uses Promise to undertake the validity for judging sub-key;If sub-key is invalid, the error detection in step 7 is carried out;If sub-key is effective, jump Cross step 7;
In the present embodiment, after receiving information from each path, destination node E obtains current time stamp T ', passes through verifying | T '-T | < TexpProve time of receipt (T of R) stamp effectively, wherein TexpFor predicted delay time, can be controlled according to requirement in practical systems System is within the scope of tolerable.Then, E uses private key SKiIt calculatesAnd pass through verifying equation h (k 'i,wi, T)=h (ki,wi, T) and set up proof promise wiEffectively.In addition, E judges path P by verification expression (3)iMiddle sub-key kiIt is effective Property.
If above formula is set up, sub-key kiEffectively, i.e. kiIt can be used for reconstructing symmetric key k.Otherwise kiIt is not used to reconstruct, And execute the error detection in step 7.
Step 7, error detection: if the sub-key quantity being proved to be successful does not reach prescribed requirement, destination node will be to rising Beginning node sends a error reporting;Start node carries out validation verification to the error reporting received, and by correctly transmitting The path of data is to destination node return information;The validity of destination node verifying return information.If start node is not being advised The number of interior return message of fixing time or destination node authentication failed is more than a particular value, then it is assumed that start node is malice The communication of node and termination and start node;
Since under actual conditions, attacker can not only eavesdrop communication channel, it can also block, forward or distort channel. In addition, it will generate invalid sub-key deliberately to interfere or destroy VANET communication if start node S itself is attacker.Cause This, fault-tolerant height is the essential a part of healthy and strong scheme.
In the present embodiment, if equation (3) is invalid, at least one attacker in system.However due to used (t, 2m) privacy sharing can be such that equation (3) set up simply by the presence of t item or more, and E can reconstruct effective symmetric key. After obtaining this symmetric key, S and E can be communicated by encrypted message.T item or more can make if it does not exist Formula (3) is set up, and E sends error reportingTo S.After the validity of the S good authentication error reporting, pass through one The path of safe transmission information, in TexpIt will in timeIt is sent to E.Then, E checks ki Validity.In the above process, if S is not in TexpInterior returnOr authentication failed Number is more than a certain number, then S is considered as malicious node, and E terminates the communication with S.
Step 8, cipher key reconstruction: destination node is reconstructed using effective sub-key that the path for being no less than threshold value quantity is transmitted Symmetric key out, and acquisition origination message is decrypted to ciphertext.
In the present embodiment, destination node E can be reconstructed symmetrical close by the sub-key obtained in t item or more Key, calculation are as follows:
Then, message M can decrypt to obtain by symmetric key k.But it if sub-key quantity is less than t, can not recover Message M.
Under this kind of vehicular ad hoc network network environment the multi-path communications method based on privacy sharing pass through between two nodes by Communication information ciphertext is decomposed into multiple portions, carries out information transmitting by multiple channels respectively, reduces single in transmission process The load of network realizes reduction delay, solves the problems, such as that destination node receives information and excessively lags.What this kind of information was transmitted Method, which can make the traffic environment of present road, to be analyzed in time and provides corresponding intelligent traffic service.
Further, this kind of communication means, which is able to solve attacker and is attacked the transmitting of the information of single-pathway, leads just Can destroy this time communication the case where, reduce the security risk of network.Criminal's utilization can be effectively prevent to steal Private data obtains unlawful advantage, and protects the legitimate rights and interests of user, is also prevented from the loss for causing user's economic asset.
This kind of communication means also has high fault tolerance, even if network congestion, flow restriction, node device in VANET occurs The unstable factors such as damage, this kind of communication means also system can provide normal service function during this period of time.
The above is only the preferred embodiment of the present invention, protection scope of the present invention is not limited merely to above-described embodiment, All technical solutions belonged under thinking of the present invention all belong to the scope of protection of the present invention.It should be pointed out that for the art For those of ordinary skill, several improvements and modifications without departing from the principles of the present invention should be regarded as protection of the invention Range.

Claims (10)

1. a kind of multi-path communications method under vehicular ad hoc network network environment based on privacy sharing, it is characterized in that: utilizing Latin square Battle array finds a plurality of nonintersecting paths between start node and destination node, recycles privacy sharing to be divided into symmetric cryptographic key multiple Sub-key;Encrypted message is also divided into multiple portions, and generates equivalent for each sub-key and promise to undertake to support fault-tolerance;Encryption Sub-key and ciphertext, promise afterwards passes through each paths and is sent to destination node jointly;Destination node is reconstructed using sub-key Key, and origination message is obtained using key decryption ciphertext.Specific step is as follows:
Step 1, construct Latin square: the number of different elements constructs Latin square in logic-based transmission path;
Step 2, it determines transmission path: determining starting section according to Latin square, logical transmission path and two dynamic operation set A plurality of non-intersecting transmission path between point and destination node;
Step 3, privacy sharing initialize: using rsa cryptosystem algorithm be each node distribute one group of public key to and private key pair;Simultaneously A non-zero random number is chosen for marking respective paths for each path;
Step 4, sub-key generates: choosing a polynomial of one indeterminate, constant term is the symmetric cryptographic key for encrypting message;Pass through this Multinomial is that each path generates a sub-key;
Step 5, privacy sharing: after encrypting using symmetric cryptography to origination message, ciphertext is again divided into multiple portions, often The corresponding paths in part;A promise is calculated for each sub-key, for supporting fault-tolerance;To be transmitted in overt channel Data using the public key encryption sub-key of destination node, while choosing current time stamp to resist Replay Attack, and pass through password Learn the validity that one-way Hash function guarantees transmission data;Obtained corresponding data is transmitted to by each paths from start node Destination node;
Step 6, authenticate: after receiving the data that each paths transmit, destination node obtains current time stamp first, according to system Actual demand receives the validity of timestamp in data to the limitation verifying of tolerance;After being proved to be successful, destination node is used Own private key decryption obtains sub-key, and the validity promised to undertake by checking cryptographic Hash verifying;Then, destination node uses promise Judge the validity of sub-key;If sub-key is invalid, the error detection in step 7 is carried out;If sub-key is effective, step is skipped Rapid 7;
Step 7, error detection: if the sub-key quantity being proved to be successful does not reach prescribed requirement, destination node will be saved to starting Point sends a error reporting;Start node carries out validation verification to the error reporting received, and by correctly transmitting data Path to destination node return information;The validity of destination node verifying return information.If start node is not in regulation The interior message or the number of destination node authentication failed of returning is more than a particular value, then it is assumed that start node is malicious node And the communication of termination and start node;
Step 8, cipher key reconstruction: destination node is reconstructed pair using the effective sub-key that transmits of path for being no less than threshold value quantity Claim key, and acquisition origination message is decrypted to ciphertext.
2. the multi-path communications method based on privacy sharing under a kind of vehicular ad hoc network network environment according to claim 1, It is characterized by: 2-CN network model is turned to non-directed graph G (n, ± d using 2-CN network as traffic model1,±d2,...,± dm), wherein n is figure interior joint number, respectively with 1,2 ..., n expression, ± d1To ± dmRespectively indicate each node in non-directed graph At a distance from adjacent 2m node, andThere are 2m most short and node-disjoint paths at this time, enables LTP (S, E, SE) is logical transmission path, is represented through sequence of operation SE from start node S to the logical path of destination node E, Wherein sequence of operation SE={ d1,d2,...,djIt is { ± d1,±d2,...,±dmA subset;Based on non-directed graph G (n, ± d1,±d2,...,±dm) definition, each node has 2m neighbors, to find 2m node-disjoint paths, first The collection of operation is combined into FO={ ± d1,±d2,...,±dm, the collection of the last one operation is combined into LO.
3. the multi-path communications method based on privacy sharing under a kind of vehicular ad hoc network network environment according to claim 2, It is characterized by: constructing Latin square in the step 1, specific step is as follows: the quantity construction based on elements different in SE Latin square enables FO=LO={ ± d1,±d2,...,±dm, the quantity of different elements is in SE, first by d1,d2,..., dj′As the first row element of Latin square, subsequent -1 row of j ' moves the header element in lastrow all on the basis of lastrow It moves to end, other elements sequence ultimately forms a j ' × j ' Latin square to Forward one.
4. the multi-path communications method based on privacy sharing under a kind of vehicular ad hoc network network environment according to claim 3, It is characterized by: determining transmission path in the step 2, specific step is as follows: a element of j-j ' remaining in SE is inserted into The centre of every a line in Latin square, obtains j ' node-disjoint paths, and removes element identical with SE in FO and LO;
For comprising pairs of forward and reverse operation d ' and-d ', then selecting one at random from existing j ' paths in set FO Pi, two operations are added to original operation forefront and rearmost, obtain two new path d ' by 0 < i≤j ' | | { Pi}| |-d ' and-d ' | | { Pi| | d ', and d ' and-d ' is removed in FO and LO;Due in figure G (n, ± d1,±d2,...,±dm) in It can cancel out each other to the forward and reverse operation that any node is performed simultaneously, therefore new route can be correctly obtained;
For single operation remaining in FOIt is added to original operation forefront and rearmost simultaneously;To guarantee that path can Destination node E is reached, it need to be by two reverse operatingsIt is intermediate to be added to operation, i.e.,
The operationBased on { ± d1,±d2,...,±dmMerge to guarantee to minimize, ifIn subset { d1,d2,...,dbMeet d1+d2+...+db=dc, then d is usedcInstead of { d1,d2,...,db} So that the path of construction is most short, to obtain new routeAnd it is removed in FO and LO
5. the multi-path communications method based on privacy sharing under a kind of vehicular ad hoc network network environment according to claim 4, It is characterized by: specific step is as follows for privacy sharing initialization in the step 3: selection prime number p and q two big, selection One prime number rank cyclic group G, g are the generation member in group G;
It is that each node distributes a public key (PK using rsa cryptosystem algorithm before node deploymenti, n) and a private key (SKi, N), wherein i is node subscript, and n is the product of p and q, PKiRelatively prime, the PK with (p-1) (q-1)iSKi=1mod (p-1) (q-1);
From finite field gf (p) from randomly selecting 2m nonzero element r1,r2,...,r2mPublic information as 2m paths.
6. the multi-path communications method based on privacy sharing under a kind of vehicular ad hoc network network environment according to claim 5, It is characterized by: specific step is as follows for sub-key generation in the step 4: one t-1 rank polynomial of one indeterminate f (x) of construction =a0+a1x+a2x2+···+at-1xt-1, wherein a1,a2,...,at-1For the random nonzero integer in GF (p), a0It is symmetrical close Key k;Start node S is that 2m paths generate 2m sub-key ki, for sharing symmetric key k and message M, k with destination node Ei Calculation it is as follows:
7. the multi-path communications method based on privacy sharing under a kind of vehicular ad hoc network network environment according to claim 6, It is characterized by: specific step is as follows for privacy sharing in the step 5: symmetric cryptography is carried out to message M using key k, And ciphertext is divided into 2m part, i.e. M1,M2,...,M2m
A promise w is calculated for each sub-keyi, i=1,2 ..., 2m;wiCalculation it is as follows:
When by overt channel from start node S transport symmetric key k and message M to destination node E, need to protect transmission information Safety and authenticity, detailed process is as follows:
S1 uses the public key PK of destination node EeEncryption subkey ki
S2 selects current time stamp T to resist Replay Attack;
S3 calculates h (k using cryptography one-way Hash function h ()i,wi, T), for ensuring to transmit the validity of information;
S4 transmits information by 2m paths
8. the multi-path communications method based on privacy sharing under a kind of vehicular ad hoc network network environment according to claim 7, It is characterized by: authenticating in the step 6, specific step is as follows: after receiving information from each path, destination node E is obtained Current time stamp T ' is taken, verifying is passed through | T '-T | < TexpProve time of receipt (T of R) stamp effectively, wherein TexpFor predicted delay time;
E uses private key SKiIt calculatesAnd pass through verifying equation h (k 'i,wi, T) and=h (ki,wi, T) and at testificandum Bright promise wiEffectively;
E judges path P by verification expressioniMiddle sub-key kiValidity, the verification expression is specific as follows:
If above formula is set up, sub-key kiEffectively, i.e. kiIt can be used for reconstructing symmetric key k, otherwise kiIt is not used to reconstruct, and holds Error detection in row step 7.
9. the multi-path communications method based on privacy sharing under a kind of vehicular ad hoc network network environment according to claim 8, It is characterized by: specific step is as follows for error detection in the step 7: when S and E are communicated, due to used (t, 2m) privacy sharing, t item or more can be such that verification expression (3) set up if it exists, and E can reconstruct effective symmetric key, After obtaining this symmetric key, S and E can be communicated by encrypted message;
T item or more can be such that verification expression (3) set up if it does not exist, and E sends error reportingTo S, S at After function verifies the validity of the error reporting, the path for the safe transmission information for setting up verification expression (3) by one, TexpIt will in timeIt is sent to E;Then, E checks kiValidity;If S is not in Texp Interior returnOr the number of authentication failed is more than a certain number, then S is considered as malice Node, and E terminates the communication with S.
10. the multi-path communications method based on privacy sharing under a kind of vehicular ad hoc network network environment according to claim 9, It is characterized by: specific step is as follows for cipher key reconstruction in the step 8: destination node E passes through in t item or more The sub-key of acquisition reconstructs symmetric key, and calculation is as follows:
Then, message M can decrypt to obtain by symmetric key k;If sub-key quantity is less than t, outbound message M can not be restored.
CN201910254544.3A 2019-03-31 2019-03-31 A kind of multi-path communications method based on privacy sharing under vehicular ad hoc network network environment Pending CN109996215A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910254544.3A CN109996215A (en) 2019-03-31 2019-03-31 A kind of multi-path communications method based on privacy sharing under vehicular ad hoc network network environment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910254544.3A CN109996215A (en) 2019-03-31 2019-03-31 A kind of multi-path communications method based on privacy sharing under vehicular ad hoc network network environment

Publications (1)

Publication Number Publication Date
CN109996215A true CN109996215A (en) 2019-07-09

Family

ID=67132008

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910254544.3A Pending CN109996215A (en) 2019-03-31 2019-03-31 A kind of multi-path communications method based on privacy sharing under vehicular ad hoc network network environment

Country Status (1)

Country Link
CN (1) CN109996215A (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110768786A (en) * 2019-10-29 2020-02-07 上海交通大学 Information segmentation encryption and decryption combination system and method based on AES algorithm
CN112153744A (en) * 2020-09-25 2020-12-29 哈尔滨工业大学 Physical layer security resource allocation method in ICV network
CN112702712A (en) * 2020-12-25 2021-04-23 江苏鸣实纯钧科技有限公司 Method and system for encrypted data transmission of vehicle-mounted terminal
CN114499863A (en) * 2022-04-15 2022-05-13 深圳市永达电子信息股份有限公司 Multi-party authentication method based on time division and space division and computer readable storage medium
CN114553597A (en) * 2022-04-22 2022-05-27 中国长江三峡集团有限公司 Power equipment operation and maintenance data transmission management method and system
CN114679257A (en) * 2020-12-24 2022-06-28 科大国盾量子技术股份有限公司 Multipath key relay method, transmitting device, receiving device and related equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150098329A1 (en) * 2013-10-03 2015-04-09 National Chiao Tung University Vehicular communication system and routing method thereof
WO2015197413A1 (en) * 2014-06-27 2015-12-30 Norwegian University Of Science And Technology Coding in galois fields with reduced complexity
CN105846947A (en) * 2016-03-22 2016-08-10 中国人民解放军国防科学技术大学 Physical layer encryption method introducing Latin array
CN107682149A (en) * 2017-10-25 2018-02-09 重庆邮电大学 A kind of method of the vehicular ad hoc network secret protection close based on label

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150098329A1 (en) * 2013-10-03 2015-04-09 National Chiao Tung University Vehicular communication system and routing method thereof
WO2015197413A1 (en) * 2014-06-27 2015-12-30 Norwegian University Of Science And Technology Coding in galois fields with reduced complexity
CN105846947A (en) * 2016-03-22 2016-08-10 中国人民解放军国防科学技术大学 Physical layer encryption method introducing Latin array
CN107682149A (en) * 2017-10-25 2018-02-09 重庆邮电大学 A kind of method of the vehicular ad hoc network secret protection close based on label

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
JIAN SHEN: "A Novel Latin-Square-Based Secret Sharing for M2M Communications", 《IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS》 *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110768786A (en) * 2019-10-29 2020-02-07 上海交通大学 Information segmentation encryption and decryption combination system and method based on AES algorithm
CN112153744A (en) * 2020-09-25 2020-12-29 哈尔滨工业大学 Physical layer security resource allocation method in ICV network
CN112153744B (en) * 2020-09-25 2022-08-02 哈尔滨工业大学 Physical layer security resource allocation method in ICV network
CN114679257A (en) * 2020-12-24 2022-06-28 科大国盾量子技术股份有限公司 Multipath key relay method, transmitting device, receiving device and related equipment
CN114679257B (en) * 2020-12-24 2023-08-22 科大国盾量子技术股份有限公司 Multipath key relay method, transmitting device, receiving device and related equipment
CN112702712A (en) * 2020-12-25 2021-04-23 江苏鸣实纯钧科技有限公司 Method and system for encrypted data transmission of vehicle-mounted terminal
CN114499863A (en) * 2022-04-15 2022-05-13 深圳市永达电子信息股份有限公司 Multi-party authentication method based on time division and space division and computer readable storage medium
CN114499863B (en) * 2022-04-15 2022-08-23 深圳市永达电子信息股份有限公司 Multi-party authentication method based on time division and space division and computer readable storage medium
CN114553597A (en) * 2022-04-22 2022-05-27 中国长江三峡集团有限公司 Power equipment operation and maintenance data transmission management method and system

Similar Documents

Publication Publication Date Title
CN109996215A (en) A kind of multi-path communications method based on privacy sharing under vehicular ad hoc network network environment
Kamil et al. An improved certificateless aggregate signature scheme without bilinear pairings for vehicular ad hoc networks
US8825998B2 (en) Security control in a communication system
Wasef et al. PPGCV: Privacy preserving group communications protocol for vehicular ad hoc networks
Burmester et al. Strengthening privacy protection in vanets
Chuang et al. PPAS: A privacy preservation authentication scheme for vehicle-to-infrastructure communication networks
Chothia et al. An attack against message authentication in the ERTMS train to trackside communication protocols
Salem et al. SOS: Self‐organized secure framework for VANET
CN107666491A (en) The data transmission method of air-ground integrated network based on symmetric cryptography
Yan et al. Efficient group handover authentication for secure 5g-based communications in platoons
Liu et al. A novel secure message delivery and authentication method for vehicular ad hoc networks
Alimohammadi et al. Performance analysis of cryptography methods for secure message exchanging in VANET
Tahir et al. Lightweight and Secure Multi-Factor Authentication Scheme in VANETs
Yan et al. A certificateless efficient and secure group handover authentication protocol in 5G enabled vehicular networks
Singh et al. Pseudo-identity based secure communication scheme for vehicular ad-hoc networks
Tai et al. A fast-handover-supported authentication protocol for vehicular ad hoc networks.
Ruan et al. Elliptic curve ElGamal threshold-based key management scheme against compromise of distributed RSUs for VANETs
Shokri et al. Anonymous routing in manet using random identifiers
CN113115309A (en) Data processing method and device for Internet of vehicles, storage medium and electronic equipment
Al-Shareeda Enhancing security, privacy, and efficiency of vehicular networks
Zhang et al. Towards privacy-preserving and secure opportunistic routings in VANETs
Rathore et al. Efficient Decentralized Key Management Approach for Vehicular Ad Hoc Network
CN112564918B (en) Lightweight active cross-layer authentication method in smart grid
Li et al. Efficient and fault-diagnosable authentication scheme for advanced metering infrastructure
Jia et al. A Secure Message Transaction Protocol for Delay Tolerant Networks.

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20190709