CN110087197A - Message broadcast, reception and method for tracing in vehicular ad hoc network - Google Patents
Message broadcast, reception and method for tracing in vehicular ad hoc network Download PDFInfo
- Publication number
- CN110087197A CN110087197A CN201910505611.4A CN201910505611A CN110087197A CN 110087197 A CN110087197 A CN 110087197A CN 201910505611 A CN201910505611 A CN 201910505611A CN 110087197 A CN110087197 A CN 110087197A
- Authority
- CN
- China
- Prior art keywords
- vehicle
- message
- information equipment
- equipment
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3231—Biological data, e.g. fingerprint, voice or retina
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3297—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/06—Selective distribution of broadcast services, e.g. multimedia broadcast multicast service [MBMS]; Services to user groups; One-way selective calling services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/30—Services specially adapted for particular environments, situations or purposes
- H04W4/40—Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Biomedical Technology (AREA)
- Biodiversity & Conservation Biology (AREA)
- Life Sciences & Earth Sciences (AREA)
- Computing Systems (AREA)
- Medical Informatics (AREA)
- Multimedia (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The present invention provides a kind of message broadcast in vehicular ad hoc network, receives and method for tracing, wherein, message broadcasting method in vehicular ad hoc network includes: step 1) when the information equipment of vehicle is inserted into the adaptable interface of the vehicle, is authenticated by the information equipment of the vehicle to the user of the vehicle;If the user of the step 2) vehicle, when the vehicle generates message to be broadcast, authenticates the information equipment of the vehicle by the tampering protection equipment of the vehicle by certification;If the information equipment of the step 3) vehicle broadcasts the message from the tampering protection equipment of the vehicle to the vehicular ad hoc network and wraps, the message package includes message to be broadcast by certification.The present invention improves the efficiency of data authentication in vehicular ad hoc network while guaranteeing the safety of data source and data.
Description
Technical field
The present invention relates to the field of information security technology in wireless communication, in particular to a kind of vehicular ad hoc net
Message broadcast, reception and method for tracing in network.
Background technique
Vehicular ad hoc network makes between vehicle and vehicle and vehicle and road using vehicle and roadside infrastructure as node
Communication is able to carry out between the infrastructure of side, to promote traffic safety, alleviate traffic pressure, raising driving experience.Vehicle can be right
The data that receive in vehicular ad hoc network carry out analysis decision, before carrying out decision to data, verify data source with
And the integrality of data is just particularly important.
Authentication techniques are the means of the common confirmation data source of one kind and verification of data integrity, in recent years, for vehicle
Self-organizing network is carried, researchers propose a variety of certificate schemes, are broadly divided into following four classes: 1. based on Public Key Infrastructure
The scheme of (Public Key Infrastructure, PKI);2. the scheme based on anonymous credential;3. based on a group side for signature
Case;4. anonymous credential and group signature hybrid plan.
However, these existing certificate schemes safety and in terms of there is also deficiencies.For example, being based on
The scheme of PKI sends certificate and data simultaneously in communication process, the data for causing user to send and the user for holding the certificate
Natural binding, therefore attacker can be associated with specific user by historical data, to cause the leakage of privacy of user;It is based on
The scheme of anonymous credential is for each vehicle primary distribution and stores about 40000 certificates, since the certificate quantity updated every time is huge
Greatly, therefore cause administration overhead larger, and also aggravate the computational load and communication overhead of roadside infrastructure, serious shadow
The efficiency of certification authentication is rung;In based on group scheme of signature, the signature and certification needs of message are real by group public/private keys
It is existing, however this signature and expense of the authentication method compared with other schemes in calculating and communication are larger, and attacker can
To initiate computational DoS attack easily by sending invalid data signature, therefore safety is not high;Hybrid plan is although can
To reduce the expense in communication and calculating to a certain extent, but certificate update depends on roadside infrastructure, this is remotely
Availability is lower under the environment such as area, mountainous rural area.
Summary of the invention
To solve above-mentioned problems of the prior art, according to one embodiment of present invention, it is vehicle-mounted certainly to provide one kind
The message broadcasting method in network is organized, the vehicle in the vehicular ad hoc network has dismountable information equipment and fixation
Tampering protection equipment, which comprises
Step 1) is set when the information equipment of vehicle is attached to the adaptable interface of the vehicle by the information of the vehicle
It is standby that the user of the vehicle is authenticated;The information equipment of the vehicle includes relevant to the user of the vehicle
Ground parameter;
If the user of the step 2) vehicle is by certification, when the vehicle generates message to be broadcast, by institute
The tampering protection equipment for stating vehicle authenticates the information equipment of the vehicle;The tampering protection equipment of the vehicle include with
The relevant local parameter of the information equipment of the vehicle;
If the information equipment of the step 3) vehicle by certification, from the tampering protection equipment of the vehicle to the vehicle
It is downloaded from hoc network broadcast message package, the message package includes message to be broadcast.
In the above method, in step 1), the user of the vehicle is authenticated by the information equipment of the vehicle
It include: the biometrics password that the user of the vehicle is received by the information equipment of the vehicle;If the information of the vehicle is set
The standby user's parameters for authentication generated when can recover the registration vehicle from the received biometrics password of institute and local parameter,
Then the user of the vehicle passes through certification.Specifically, it is carried out by user of the information equipment of the vehicle to the vehicle
Certification includes:
1. receiving the biometrics password of the user of the vehicle by the information equipment of the vehicle;
2. calculating following formula by the information equipment of the vehicle:
Wherein, i indicates that the vehicle is vehicle i, and u indicates that the user of the vehicle is user u;H () indicates Hash
Function;Indicate the received biometrics password of information equipment institute of the vehicle;PIDiTable
Show the initial anonymous Identity of the vehicle, SCIDiIndicate the virtual identity of the information equipment of the vehicle, βi,uAnd SCIDiIt is this
Ground parameter, γi,u=h (pwi,u) and pwi,uIt is the biometrics password of the user of vehicle when registering the vehicle;
3. being judged by the information equipment of the vehicleWhereinIt and is described in registration
The user's parameters for authentication generated when vehicle, the user of the vehicle is otherwise unauthenticated by certification if returning to vacation.
In the above method, in step 2), by the vehicle tampering protection equipment to the information equipment of the vehicle into
Row certification includes: the instant anonymous Identity and information equipment certification ginseng that the vehicle is calculated by the information equipment of the vehicle
Number;It will be described in the instant anonymous Identity of the vehicle, information equipment parameters for authentication and calculating as the information equipment of the vehicle
Timestamp when the instant anonymous Identity of vehicle is sent to the tampering protection equipment of the vehicle;If the intervention of the vehicle is anti-
Protecting equipment being capable of timestamp from the instant anonymous Identity of the vehicle, when calculating the instant anonymous Identity of the vehicle and local
Parameter reconstruction goes out the information equipment parameters for authentication, then the information equipment of the vehicle passes through certification.Specifically, by the vehicle
Tampering protection equipment to the information equipment of the vehicle carry out certification include:
1. calculating the instant anonymous Identity of the vehicle according to the following formula by the information equipment of the vehicle:
Wherein, i indicates that the vehicle is vehicle i, and h () indicates hash function, IDiIndicate the true identity of the vehicle,
SCIDiIndicate the virtual identity of the information equipment of the vehicle, PIDiIndicate the initial anonymous Identity of the vehicle, PIDi,tsTable
Show that the instant anonymous Identity of the vehicle, ts indicate timestamp when calculating the instant anonymous Identity of the vehicle;
2. calculating information equipment parameters for authentication according to the following formula by the information equipment of the vehicle:
εi=h (ηi||PIDi||ts)
Wherein,kmIndicate system key;
3. by the information equipment of the vehicle by PIDi,ts、εiThe tampering protection equipment of the vehicle is sent to ts;
4. calculating following formula by the tampering protection equipment of the vehicle:
Wherein, PIDi、SCIDiAnd kmIt is local parameter;
5. being judged by the tampering protection equipment of the vehicleThe information equipment of the vehicle passes through if returning to vacation
Certification, it is otherwise unauthenticated.
In the above method, the message package further includes the instant anonymous Identity and meter of message authentication parameter, the vehicle
Calculate timestamp when the instant anonymous Identity of the vehicle;Wherein, the tampering protection equipment of the vehicle obtains institute according to the following formula
State message authentication parameter:
Wherein, i indicates that the vehicle is vehicle i, PIDi,tsIndicate that the instant anonymous Identity of the vehicle, h () indicate to breathe out
Uncommon function, m indicate message, kmIndicate that system key, ts indicate timestamp when calculating the instant anonymous Identity of the vehicle,It indicates with kmMessage authentication parameter as key calculates function.
According to one embodiment of present invention, the message receival method in a kind of vehicular ad hoc network is also provided, it is described
Vehicle in vehicular ad hoc network has dismountable information equipment and fixed tampering protection equipment, which comprises
Step a) is when vehicle listens to the packet of broadcast, by the tampering protection equipment of the vehicle to the message package
It is authenticated;
If the step b) message package receives the message in the message package by the vehicle by certification.
In the above method, the message package includes the instant of the vehicle of message, message authentication parameter, the broadcast message package
Anonymous Identity and timestamp when calculating the instant anonymous Identity;
Wherein, the message authentication parameter obtains according to the following formula:
Wherein, i indicates that the vehicle for broadcasting the message package is vehicle i, PIDi,tsIndicate the vehicle of the broadcast message package
Instant anonymous Identity, h () indicate hash function, m indicate message, kmIndicate that system key, ts indicate that calculating is described and hide immediately
Timestamp when name identity,It indicates with kmMessage authentication parameter as key calculates function.
In the above method, in step a), certification packet is carried out to the message package by the tampering protection equipment of the vehicle
It includes:
It is calculated as follows by the tampering protection equipment of the vehicle:
Judged by the tampering protection equipment of the vehicleThe message package is by certification if returning to vacation, otherwise
It is unauthenticated.
According to one embodiment of present invention, the message method for tracing in a kind of vehicular ad hoc network is also provided, it is described
Vehicular ad hoc network includes Key Management Center, and the Key Management Center safeguards that vehicle user message table, the vehicle are used
Every record of family information table corresponds to the relevant information of a vehicle in vehicular ad hoc network, which comprises
When the Key Management Center listens to the packet of broadcast, the note in the vehicle user information table is inquired
Record, the record of following formula is met until finding:
Wherein, h () indicates hash function, PID*,tsIndicate the instant anonymous Identity of the vehicle of the broadcast message package, ts
It indicates to calculate the instant anonymous Identity PID*,tsWhen timestamp, PID*,tsIt is included in the packet with ts;IDi、
SCIDiAnd PIDiRespectively indicate the true identity, information equipment that meet vehicle corresponding to the record of above formula virtual identity and just
Beginning anonymous Identity.
According to one embodiment of present invention, a kind of message dissemination system is also provided, comprising:
Information equipment is removably attached to vehicle;
Tampering protection equipment is securely attached to the vehicle, connect simultaneously with the information equipment for being attached to the vehicle
And it is connect with vehicular ad hoc network;
Wherein, when the information equipment is attached to the adaptable interface of the vehicle, by the information equipment to described
The user of vehicle authenticates;If the user of the vehicle is by certification, when the vehicle generates message to be broadcast
When, the tampering protection equipment is logged in be recognized by the tampering protection equipment the information equipment by the information equipment
Card;If the information equipment is broadcast the message from the tampering protection equipment to the vehicular ad hoc network and is wrapped by certification,
The message package includes message to be broadcast;The tampering protection equipment is also used to monitor wide in the vehicular ad hoc network
The message package broadcast;
Wherein, the information equipment includes local parameter relevant to the user of the vehicle;The intervention of the vehicle
Safeguard includes local parameter relevant to the information equipment of the vehicle.
Above system can also include: Key Management Center, safeguard vehicle user message table, the vehicle user information
Every record of table corresponds to the relevant information of a vehicle in the vehicular ad hoc network;Wherein, the Key Management Center
For monitoring the message package broadcasted in the vehicular ad hoc network and tracking the message package.
The embodiment of the present invention have it is following the utility model has the advantages that
The user of vehicle is authenticated using the biological characteristic of people, it is not easy to cause password to reveal, in addition, to vehicle
The certification of user information equipment is authenticated using tampering protection equipment in conjunction with information equipment, and further, protect
The safety of data source is demonstrate,proved.The transmission and certification of message are without the Key Management Center and roadside base in vehicular ad hoc network
Plinth equipment participates in, wherein at instant anonymous Identity and generating corresponding message authentication parameter in transmission message previous existence every time, is protecting
The burden that vehicular ad hoc network is alleviated while demonstrate,proving Security and Integrality of Data, improves the efficiency of certification.The present invention
Suitable for the vehicular ad hoc network in the case of high traffic, availability is higher.
Detailed description of the invention
Below will by reference to attached drawing, exemplary embodiment is described in detail, attached drawing is intended to depicted example embodiment
And it is not necessarily to be construed as limiting the desired extent of claim.Unless explicitly stated otherwise, otherwise attached drawing be not considered according to than
Example is drawn.
Fig. 1 is the flow chart of the message propagating method in vehicular ad hoc network according to an embodiment of the invention;
Fig. 2 is the method flow diagram that the user according to an embodiment of the invention to vehicle and vehicle is registered;
Fig. 3 is the method flow that vehicle according to an embodiment of the invention broadcasts the message in vehicular ad hoc network
Figure;
Fig. 4 is the method flow that vehicle according to an embodiment of the invention receives message in vehicular ad hoc network
Figure;
Fig. 5 is the flow chart of the message method for tracing in vehicular ad hoc network according to an embodiment of the invention.
Specific embodiment
In order to make the purpose of the present invention, technical solution and advantage are more clearly understood, and are passed through below in conjunction with attached drawing specific real
Applying example, the present invention is described in more detail.It should be appreciated that described herein, specific examples are only used to explain the present invention, and
It is not used in the restriction present invention.
Before embodiments of the present invention are described, first the variable hereinafter occurred and its definition are enumerated in the following table.
Table 1
According to one embodiment of present invention, the message propagating method in a kind of vehicular ad hoc network is provided, is especially related to
And message broadcast and message sink in vehicular ad hoc network.Wherein, vehicular ad hoc network includes a key management
Center (KMC), the vehicle in vehicular ad hoc network is equipped with dismountable information equipment and fixed intervention in the car
Safeguard.Information equipment is held by the user of vehicle, and user needs to set information before using vehicular ad hoc network
In adaptable interface in standby insertion vehicle, information equipment can be communicated by the interface with the tampering protection equipment of vehicle, and
Tampering protection equipment is connected to vehicular ad hoc network.Information equipment and tampering protection equipment have storage and computing function, this
Outside, self is understood when tampering protection equipment, which is attempted, to be broken through to destroy, to not reveal any data that it is saved.
Fig. 1 schematically shows the message propagating method in vehicular ad hoc network according to an embodiment of the invention
Flow chart, each step of this method is described referring now to Fig. 1:
Step S11. initial phase.
Initial phase includes: step S111. close by Key Management Center (KMC) the generation system of vehicular ad hoc network
Key km;Step S112. is registered by user of the Key Management Center to vehicle and vehicle.
Wherein, vehicle user if it is intended to using vehicular ad hoc network provide service, then need to it is vehicle-mounted from
The Key Management Center of network is organized to submit the relevant information of vehicle and user to register.Referring to fig. 2, with Vehiclei
(i.e. for vehicle i), step S112 includes following sub-step:
1. submitting the relevant information of vehicle i and user u, the phase from the user u of vehicle i to Key Management Center
Closing information includes but is not limited to: the true identity ID of vehicle ii(such as license plate number);The Kazakhstan of the biometrics password of the user u of vehicle i
Uncommon value γi,u=h (pwi,u) (or biometrics password informative abstract of the user u of vehicle i), wherein pwi,uFor the use of vehicle i
The biometrics password of person u, such as finger print information;And information of vehicles Infoi, when information of vehicles may include engine sequence number, manufacture
Between, the owner of vehicle etc..
The user of vehicle is submitted to Key Management Center there are many kinds of the modes of relevant information, for example, can pass through nothing
The mode of line communication or wire communication is submitted.
2. receiving the relevant information of vehicle i and its user u by Key Management Center.
3. by Key Management Center check the authenticity of received relevant information terminate to infuse if information is untrue
Volume process (i.e. vehicle i and its user u registration failure);If true, execute 4..According to one embodiment of present invention,
Key Management Center checks the user of vehicle institute by interacting with the third-party institution (such as government organs such as vehicle administration office, public security)
The authenticity of the relevant information of submission.
4. completing the registration to vehicle i and its user u by Key Management Center.
Firstly, Key Management Center is that vehicle i randomly chooses an initial anonymous Identity PIDi, set for the information of vehicle i
Standby TDiRandomly choose a virtual identity SCIDi, generate registration information < ID of vehicle ii,SCIDi,PIDi,Infoi>, and will
The registration information is stored in the local vehicle user information table safeguarded by Key Management Center, as the vehicle user information table
One record.
Then, Key Management Center is calculated as follows:
In above formula, h () indicates hash function, and the information equipment and intervention for Key Management Center, vehicle are anti-
It protects for equipment, which is well known;IDiIndicate the true identity of vehicle i;SCIDiIndicate the information equipment of vehicle i
TDiVirtual identity;PIDiIndicate the initial anonymous Identity of vehicle i;kmIndicate system key;γi,uIndicate the user of vehicle i
The biometrics password pw that u is submittedi,uCryptographic Hash.
Then, Key Management Center is by SCIDi、IDi、ηi、αi,u(αi,uAlso referred to as user's parameters for authentication) and βi,uIt sends
To the information equipment TD of vehicle iiBy TDiIt is saved (for example, being saved by way of write-in to TDi), and by PIDi、
SCIDiAnd kmIt is sent to the tampering protection equipment TPD of vehicle iiSaved (for example, save through wireless communication to
TPDi).As described below, SCIDi、αi,uAnd βi,uFor authenticating the user of vehicle, SCIDi、IDiAnd ηiFor landing vehicle
Tampering protection equipment;PIDi、SCIDiAnd kmFor authenticating the information equipment of vehicle and sending message.
Step S12. vehicle broadcasts the message in vehicular ad hoc network.
Referring to Fig. 3, by taking vehicle i and its user u that registration is completed as an example, step S12 includes following sub-step:
Step S121. authenticates the user of vehicle.
Specifically, firstly, the information equipment TD that the user u of vehicle i is heldiIt is inserted into the adaptable interface of vehicle i,
And to information equipment TDiInput the biometrics password of oneself(it should be understood that if the user u of vehicle i and vehicle when registration
The user of i is the same person, thenWherein pwi,uThe biometrics password of the user of vehicle i when being registration),
In one embodiment, information equipment TDiIt can have the input interface for receiving the biometrics password (such as fingerprint) of user, in order to
Receive the biometrics password of user.
Then, information equipment TDiIt is calculated as follows:
Wherein, h () indicates hash function,It is user u to the information equipment TD of vehicle iiThe biology of input is close
Code,Indicate information equipment TDiReceived biometrics password cryptographic Hash, βi,uAnd SCIDiIt is stored in information equipment TDiIn
, parameter from Key Management Center.
Then, by information equipment TDiJudgementWherein αi,uIt is stored in information equipment TDiIn, come from key
The parameter (user's parameters for authentication) of administrative center,It is to be calculated by formula (6);If returning to vacation, illustrate vehicle i
User u input biometrics password it is correct, which passes through certification, and information equipment TDiWhat preservation was calculatedInitial anonymous Identity PID as vehicle ii;If returning very, user u is unauthenticated, i.e. vehicle i haves no right
It broadcasts the message in vehicular ad hoc network.
Step S122. is in the case where the user u of vehicle i is by certification, when vehicle i produces message to be broadcast
When (being hereinafter message), to the information equipment TD of vehicle iiIt is authenticated, to vehicular ad hoc network if through certification
Broadcast the message.
In the case where the user u of vehicle i is by certification, when vehicle i produces message, set by the information of vehicle i
Standby TDiLog in the tampering protection equipment TPD of the vehiclei, and by tampering protection equipment TPDiTo information equipment TDiIt is authenticated.
Specifically, comprising:
1. by the information equipment TD of vehicle iiThe instant anonymous Identity PID of vehicle i is calculated according to the following formulai,ts:
Wherein, h () indicates hash function;IDiIndicate the true identity of vehicle i, SCIDiIndicate the information equipment of vehicle i
TDiVirtual identity, IDiAnd SCIDiIt is stored in information equipment TDiIn, parameter from Key Management Center;PIDiIt indicates
The initial anonymous Identity of vehicle i is (referring to formula (5)) being calculated when authenticating user u;Ts indicates to calculate instant
Anonymous Identity PIDi,tsWhen timestamp.
2. by the information equipment TD of vehicle iiInformation equipment TD is calculated according to the following formulaiParameters for authentication (i.e. information equipment is recognized
Demonstrate,prove parameter):
εi=h (ηi||PIDi||ts) (8)
Wherein, h () indicates hash function, ηiIt is stored in information equipment TDiIn, ginseng from Key Management Center
Number, PIDiIndicate that the initial anonymous Identity (it is calculated when authenticating user u) of vehicle i, ts indicate to calculate instant
Anonymous Identity PIDi,tsWhen timestamp.
3. by the information equipment TD of vehicle iiThe instant anonymous Identity PID that will be calculatedi,ts, information equipment parameters for authentication
εiAnd calculate instant anonymous Identity PIDi,tsWhen timestamp ts be sent to the tampering protection equipment TPD of vehicle ii, dry to log in
Pre- safeguard TPDi。
4. by the tampering protection equipment TPD of vehicle iiCalculate following formula:
Wherein, h () indicates hash function;PIDi,tsIndicate that the instant anonymous Identity of vehicle i, ts are indicated to calculate and be hidden immediately
Name identity PIDi,tsWhen timestamp, PIDi,tsInformation equipment TD with ts from vehicle ii;PIDiIndicate initially hideing for vehicle i
Name identity, kmIndicate system key, SCIDiIndicate the information equipment TD of vehicle iiVirtual identity, PIDi、kmAnd SCIDiIt is to protect
There are tampering protection equipment TPDiIn, parameter from Key Management Center.
5. by the tampering protection equipment TPD of vehicle iiJudgementWherein εiIt is from information equipment TDiInformation set
Standby parameters for authentication,It is to be calculated according to formula (10);If returning to false, information equipment TDiBy certification, and dry
Pre- safeguard TPDiThe middle instant anonymous Identity PID for saving vehicle ii,tsWith corresponding timestamp ts;If returning to true, information
Equipment TDiUnauthenticated, i.e., vehicle i haves no right to broadcast the message in vehicular ad hoc network.
If information equipment TDiBy certification, then by the tampering protection equipment TPD of vehicle iiIt is broadcasted to vehicular ad hoc network
The message of generation.Specifically, comprising:
1. by the tampering protection equipment TPD of vehicle iiMessage authentication parameter is calculated according to the following formula:
Wherein, h () indicates hash function, PIDi,tsIndicate that the instant anonymous Identity of vehicle i, m indicate message, kmIndicate system
System key, ts indicate to calculate instant anonymous Identity PIDi,tsWhen timestamp,It indicates with kmMessage as key is recognized
Demonstrate,proving parameter calculating function, (for the tampering protection equipment of each vehicle in vehicular ad hoc network, which is public
Know).
2. by the tampering protection equipment TPD of vehicle iiIt broadcasts the message and wraps to vehicular ad hoc network, which includes:
PIDi,ts, σi, ts, m.
Other vehicles in step S13. vehicular ad hoc network receive message.Referring to fig. 4, by taking vehicle j as an example, step
S13 includes following sub-step:
Step S131. is listened to as vehicle j from other vehicles (such as message package (including PID of vehicle i)i,ts, σi,
Ts, m) when, the message package is authenticated by the tampering protection equipment of vehicle j.
Specifically, firstly, being calculated as follows by the tampering protection equipment of vehicle j:
Wherein, h () indicates hash function;PIDi,tsIndicate that the instant anonymous Identity of vehicle i, m indicate message, ts is indicated
Calculate instant anonymous Identity PIDi,tsWhen timestamp, PIDi,ts, m, ts be to be obtained from message package;kmIndicate system key;It indicates with kmMessage authentication parameter as key calculates function.
Then, judged by the tampering protection equipment of vehicle jWherein σiIt is the message authentication parameter in message package,
It is to be calculated according to formula (12), message package passes through certification if returning to vacation;Otherwise the message package is unauthenticated.
If step S132. message package receives the message in message package by certification, by vehicle j, to be answered for subsequent
With.
In the above-described embodiment, it is authenticated using user of the biological characteristic of people to vehicle, it is not easy to cause close
Code leakage, in addition, utilizing tampering protection equipment to letter in conjunction with information equipment, and further the certification of the user of vehicle
Breath equipment is authenticated, and ensure that the safety of data source.The transmission and certification of message are without close in vehicular ad hoc network
Key administrative center and roadside infrastructure device participate in, wherein sending message previous existence every time into instant anonymous Identity and generating corresponding
Message authentication parameter alleviates the burden of vehicular ad hoc network while assuring data security and integrality, improves
The efficiency of certification.The present invention is suitable for the vehicular ad hoc network in the case of high traffic, and availability is higher.
In the above-described embodiment, Key Management Center is in registered vehicle and its user, by registration information (for example, <
IDi,SCIDi,PIDi,Infoi>) the local vehicle user information table of deposit, when message package is broadcasted in vehicular ad hoc network
When, the Key Management Center can also listen to the message package and can be tracked according to vehicle user information table transmission this disappear
Cease the vehicle of packet.In view of this, according to one embodiment of present invention, the message also provided in a kind of vehicular ad hoc network is chased after
Track method.As shown in figure 5, this method comprises the following steps:
Step S21. listens to the message package including message (as above when the Key Management Center in vehicular ad hoc network
It is described, the message package include: message, broadcast the message package vehicle instant anonymous Identity, when calculating the instant anonymous Identity
Timestamp and message authentication parameter) when, inquire the record in local vehicle user information table, meet following formula until finding
Record:
Wherein, h () indicates hash function, PID*,tsIndicate the instant anonymous Identity of the vehicle of the broadcast message package, ts
It indicates to calculate the instant anonymous Identity PID*,tsWhen timestamp, PID*,tsIt include in the packet listened to ts;IDi、
SCIDiAnd PIDiRespectively indicate the virtual of the information equipment of the true identity, the vehicle that meet vehicle corresponding to the record of above formula
The initial anonymous Identity of identity and the vehicle.
Step S22. obtains the true identity of the vehicle of broadcast message packet according to the record found.
Key Management Center tracks the true identity for broadcasting the vehicle of the message package as a result, and can be true based on this
Message is further processed in real identity.
According to one embodiment of present invention, a kind of message dissemination system is also provided, comprising:
Information equipment is removably attached to vehicle;
Tampering protection equipment is securely attached to the vehicle, connect simultaneously with the information equipment for being attached to the vehicle
And it is connect with vehicular ad hoc network;
Key Management Center safeguards that vehicle user message table, every record of the vehicle user information table correspond to vehicle
Carry the relevant information of a vehicle in self-organizing network.
Wherein, when the information equipment is attached to the adaptable interface of the vehicle, by the information equipment to vehicle
User authenticate;If the user of vehicle is by certification, when vehicle generates message to be broadcast, by information equipment
Tampering protection equipment is logged in be authenticated by tampering protection equipment to information equipment;If information equipment is by certification, by doing
Pre- safeguard broadcasts the message to vehicular ad hoc network and wraps, and the message package includes message to be broadcast.Tampering protection equipment
It is also used to monitor the message package broadcasted in vehicular ad hoc network;Key Management Center is for monitoring in vehicular ad hoc network
The message package of middle broadcast and track the message package.
In order to verify the validity of scheme provided by the present invention, inventor is by the scheme provided in above-described embodiment and now
Some vehicular ad hoc network certificate schemes are compared, and comparing result is as shown in table 2.
Table 2
As seen from Table 2, it compared with prior art, the present invention a variety of different security attributes can be taken into account, is especially supporting
Anti- Denial of Service attack, privacy protecting, condition traceability, strong Privacy Safeguarding and strong non repudiation etc., it is all excellent
In the prior art.In addition, inventor has found that computing cost reduces 100 to the present invention compared with prior art by emulation experiment
~1000 times, and communication-cost also reduces 55.24%~77.52%.
It should be noted that some illustrative methods are depicted as flow chart.It is executed although operation is expressed as sequence by flow chart,
But it is understood that many operations can be parallel while or synchronously being executed.Furthermore it is possible to rearrange the sequence of operation.
Processing can be terminated when operating and completing, but also be can have and be not included in the other step in figure or in embodiment.
The above method can pass through hardware, software, firmware, middleware, pseudocode, hardware description language or their times
Meaning combination is to realize.When with the implementation of software, firmware, middleware or pseudocode, for executing the program code or code of task
Segmentation can be stored in computer-readable medium, and such as storage medium, processor can execute the task.
It should be understood that the exemplary embodiment of software realization usually carried out in some form of program storage medium coding or
Person realizes on some type of transmission medium.Program storage medium can be arbitrary non-transitory storage media, such as disk
(for example, floppy disk or hard disk) or CD (for example, compact disk read-only memory or " CD ROM "), and can be it is read-only or
Random access.Similarly, transmission medium can be twisted pair, coaxial cable, optical fiber or known in the art some other
Applicable transmission medium.
Although the present invention has been described by means of preferred embodiments, the present invention is not limited to described here
Embodiment, without departing from the present invention further include made various changes and variation.
Claims (12)
1. the message broadcasting method in a kind of vehicular ad hoc network, the vehicle in the vehicular ad hoc network has detachable
Information equipment and fixed tampering protection equipment, which comprises
Step 1) is when the information equipment of vehicle is attached to the adaptable interface of the vehicle, by the information equipment pair of the vehicle
The user of the vehicle authenticates;The information equipment of the vehicle includes local ginseng relevant to the user of the vehicle
Number;
If the user of the step 2) vehicle is by certification, when the vehicle generates message to be broadcast, by the vehicle
Tampering protection equipment the information equipment of the vehicle is authenticated;The tampering protection equipment of the vehicle include with it is described
The relevant local parameter of the information equipment of vehicle;
If the information equipment of the step 3) vehicle by certification, from the tampering protection equipment of the vehicle to it is described it is vehicle-mounted from
Hoc network broadcast message package, the message package include message to be broadcast.
2. according to the method described in claim 1, the use in step 1), by the information equipment of the vehicle to the vehicle
Person carries out certification
The biometrics password of the user of the vehicle is received by the information equipment of the vehicle;
If the information equipment of the vehicle can recover the registration vehicle from the received biometrics password of institute and local parameter
When user's parameters for authentication for generating, then the user of the vehicle passes through certification.
3. method according to claim 2, wherein recognized by the information equipment of the vehicle the user of the vehicle
Card includes:
1. receiving the biometrics password of the user of the vehicle by the information equipment of the vehicle;
2. calculating following formula by the information equipment of the vehicle:
Wherein, i indicates that the vehicle is vehicle i, and u indicates that the user of the vehicle is user u;H () indicates Hash letter
Number;Indicate the received biometrics password of information equipment institute of the vehicle;PIDiIt indicates
The initial anonymous Identity of the vehicle, SCIDiIndicate the virtual identity of the information equipment of the vehicle, βi,uAnd SCIDiIt is local
Parameter, γi,u=h (pwi,u) and pwi,uIt is the biometrics password of the user of vehicle when registering the vehicle;
3. being judged by the information equipment of the vehicleWhereinIt and is the registration vehicle
User's parameters for authentication of Shi Shengcheng, the user of the vehicle is otherwise unauthenticated by certification if returning to vacation.
4. method according to any one of claim 1-3, in step 2), by the tampering protection equipment pair of the vehicle
The information equipment of the vehicle carries out certification
The instant anonymous Identity and information equipment parameters for authentication of the vehicle are calculated by the information equipment of the vehicle;
It will be described in the instant anonymous Identity of the vehicle, information equipment parameters for authentication and calculating as the information equipment of the vehicle
Timestamp when the instant anonymous Identity of vehicle is sent to the tampering protection equipment of the vehicle;
If the tampering protection equipment of the vehicle can from the instant anonymous Identity of the vehicle, calculate the instant of the vehicle
Timestamp and local parameter when anonymous Identity recover the information equipment parameters for authentication, then the information equipment of the vehicle is logical
Cross certification.
5. according to the method described in claim 4, wherein, being set by the tampering protection equipment of the vehicle to the information of the vehicle
Include: for certification is carried out
1. calculating the instant anonymous Identity of the vehicle according to the following formula by the information equipment of the vehicle:
Wherein, i indicates that the vehicle is vehicle i, and h () indicates hash function, IDiIndicate the true identity of the vehicle, SCIDi
Indicate the virtual identity of the information equipment of the vehicle, PIDiIndicate the initial anonymous Identity of the vehicle, PIDi,tsDescribed in expression
The instant anonymous Identity of vehicle, ts indicate timestamp when calculating the instant anonymous Identity of the vehicle;
2. calculating information equipment parameters for authentication according to the following formula by the information equipment of the vehicle:
εi=h (ηi||PIDi||ts)
Wherein,kmIndicate system key;
3. by the information equipment of the vehicle by PIDi,ts、εiThe tampering protection equipment of the vehicle is sent to ts;
4. calculating following formula by the tampering protection equipment of the vehicle:
Wherein, PIDi、SCIDiAnd kmIt is local parameter;
5. being judged by the tampering protection equipment of the vehicleThe information equipment of the vehicle is by recognizing if returning to vacation
Card, it is otherwise unauthenticated.
6. method according to any one of claim 1-3, wherein the message package further includes message authentication parameter, institute
Timestamp when stating the instant anonymous Identity of vehicle and calculating the instant anonymous Identity of the vehicle;Wherein, the vehicle
Tampering protection equipment obtains the message authentication parameter according to the following formula:
Wherein, i indicates that the vehicle is vehicle i, PIDi,tsIndicate that the instant anonymous Identity of the vehicle, h () indicate Hash letter
Number, m indicate message, kmIndicate that system key, ts indicate timestamp when calculating the instant anonymous Identity of the vehicle,
It indicates with kmMessage authentication parameter as key calculates function.
7. the message receival method in a kind of vehicular ad hoc network, the vehicle in the vehicular ad hoc network has detachable
Information equipment and fixed tampering protection equipment, which comprises
Step a) is when vehicle is listened to using the packet broadcasted such as method of any of claims 1-6, by institute
The tampering protection equipment for stating vehicle authenticates the message package;
If the step b) message package receives the message in the message package by the vehicle by certification.
8. according to the method described in claim 7, wherein, the message package includes message, message authentication parameter, disappears described in broadcast
Timestamp when ceasing the instant anonymous Identity of the vehicle of packet and calculating the instant anonymous Identity;
Wherein, the message authentication parameter obtains according to the following formula:
Wherein, i indicates that the vehicle for broadcasting the message package is vehicle i, PIDi,tsIndicate the instant of the vehicle of the broadcast message package
Anonymous Identity, h () indicate that hash function, m indicate message, kmIndicate that system key, ts indicate to calculate the instant anonymous Identity
When timestamp,It indicates with kmMessage authentication parameter as key calculates function.
9. according to the method described in claim 8, in step a), by the tampering protection equipment of the vehicle to the message package
Carrying out certification includes:
It is calculated as follows by the tampering protection equipment of the vehicle:
Judged by the tampering protection equipment of the vehicleIf returning to vacation otherwise the message package is not passed through by certification
Certification.
10. the message method for tracing in a kind of vehicular ad hoc network, the vehicular ad hoc network include Key Management Center,
The Key Management Center safeguards that vehicle user message table, every record of the vehicle user information table correspond to vehicle-mounted from group
The relevant information of a vehicle in knitmesh network, which comprises
When the Key Management Center is listened to using the packet such as method of any of claims 1-6 broadcast
When, the record in the vehicle user information table is inquired, the record of following formula is met until finding:
Wherein, h () indicates hash function, PID*,tsIndicate that the instant anonymous Identity of the vehicle of the broadcast message package, ts indicate
Calculate the instant anonymous Identity PID*,tsWhen timestamp, PID*,tsIt is included in the packet with ts;IDi、SCIDiWith
PIDiThe virtual identity for respectively indicating the true identity, information equipment that meet vehicle corresponding to the record of above formula and initially anonymity
Identity.
11. a kind of message dissemination system, comprising:
Information equipment is removably attached to vehicle;
Tampering protection equipment is securely attached to the vehicle, connect with the information equipment for being attached to the vehicle and with
Vehicular ad hoc network connection;
Wherein, when the information equipment is attached to the adaptable interface of the vehicle, by the information equipment to the vehicle
User authenticate;If the user of the vehicle is by certification, when the vehicle generates message to be broadcast, by
The information equipment logs in the tampering protection equipment to be authenticated by the tampering protection equipment to the information equipment;If
The information equipment is then broadcast the message from the tampering protection equipment to the vehicular ad hoc network and is wrapped by certification, described
Message package includes message to be broadcast;The tampering protection equipment is also used to monitor to be broadcasted in the vehicular ad hoc network
Message package;
Wherein, the information equipment includes local parameter relevant to the user of the vehicle;The tampering protection of the vehicle
Equipment includes local parameter relevant to the information equipment of the vehicle.
12. system according to claim 11, further includes:
Key Management Center safeguards that vehicle user message table, every record of the vehicle user information table correspond to described
The relevant information of a vehicle in vehicular ad hoc network;
Wherein, the Key Management Center is for monitoring the message package broadcasted in the vehicular ad hoc network and tracking institute
State message package.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910505611.4A CN110087197A (en) | 2019-06-12 | 2019-06-12 | Message broadcast, reception and method for tracing in vehicular ad hoc network |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910505611.4A CN110087197A (en) | 2019-06-12 | 2019-06-12 | Message broadcast, reception and method for tracing in vehicular ad hoc network |
Publications (1)
Publication Number | Publication Date |
---|---|
CN110087197A true CN110087197A (en) | 2019-08-02 |
Family
ID=67424207
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910505611.4A Pending CN110087197A (en) | 2019-06-12 | 2019-06-12 | Message broadcast, reception and method for tracing in vehicular ad hoc network |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110087197A (en) |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102904896A (en) * | 2012-10-23 | 2013-01-30 | 大连理工大学 | Anonymous authentication scheme under vehicular ad hoc network based on biometric encryption technology |
-
2019
- 2019-06-12 CN CN201910505611.4A patent/CN110087197A/en active Pending
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102904896A (en) * | 2012-10-23 | 2013-01-30 | 大连理工大学 | Anonymous authentication scheme under vehicular ad hoc network based on biometric encryption technology |
Non-Patent Citations (1)
Title |
---|
FEI WANG;YONGJUN XU;HANWEN ZHANG;YUJUN ZHANG;LIEHUANG ZHU: "《2FLIP: A Two-Factor Lightweight Privacy-Preserving Authentication Scheme for VANET》", 《IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY》 * |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10944575B2 (en) | Implicitly certified digital signatures | |
Ali et al. | An efficient and provably secure ECC-based conditional privacy-preserving authentication for vehicle-to-vehicle communication in VANETs | |
Zhou et al. | Efficient certificateless conditional privacy-preserving authentication for VANETs | |
US10148422B2 (en) | Implicitly certified public keys | |
CN109067801A (en) | A kind of identity identifying method, identification authentication system and computer-readable medium | |
CN104753881B (en) | A kind of WebService safety certification access control method based on software digital certificate and timestamp | |
CN108768652A (en) | It is a kind of can the attack of anti-quantum alliance's block chain bottom encryption method | |
CN107493165B (en) | Internet of vehicles authentication and key agreement method with strong anonymity | |
CN107947932A (en) | The vehicular ad hoc network authentication method without certificate signature based on non-bilinear map | |
CN109687965A (en) | The real name identification method of subscriber identity information in a kind of protection network | |
CN111970299A (en) | Block chain-based distributed Internet of things equipment identity authentication device and method | |
Babu et al. | Robust authentication protocol for dynamic charging system of electric vehicles | |
CN112291062B (en) | Voting method and device based on block chain | |
Yao et al. | An Improved and Privacy‐Preserving Mutual Authentication Scheme with Forward Secrecy in VANETs | |
CN114125773A (en) | Vehicle networking identity management system and management method based on block chain and identification password | |
CN110166445A (en) | A kind of the secret protection anonymous authentication and cryptographic key negotiation method of identity-based | |
Babu et al. | EV-PUF: Lightweight security protocol for dynamic charging system of electric vehicles using physical unclonable functions | |
CN114049121A (en) | Block chain based account resetting method and equipment | |
Shen et al. | An efficient conditional privacy-preserving authentication scheme with scalable revocation for VANETs | |
CN110572392A (en) | Identity authentication method based on HyperLegger network | |
Sun et al. | Anonymous authentication and key agreement scheme combining the group key for vehicular ad hoc networks | |
CN113612616A (en) | Vehicle communication method and device based on block chain | |
Hegde et al. | MFZKAP: multi factor zero knowledge proof authentication for secure service in vehicular cloud computing | |
CN110460609A (en) | The mutual authentication method and system of terminal applies and safety certification platform | |
Kwon et al. | Certificate transparency with enhanced privacy |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20190802 |