CN110087197A - Message broadcast, reception and method for tracing in vehicular ad hoc network - Google Patents

Message broadcast, reception and method for tracing in vehicular ad hoc network Download PDF

Info

Publication number
CN110087197A
CN110087197A CN201910505611.4A CN201910505611A CN110087197A CN 110087197 A CN110087197 A CN 110087197A CN 201910505611 A CN201910505611 A CN 201910505611A CN 110087197 A CN110087197 A CN 110087197A
Authority
CN
China
Prior art keywords
vehicle
message
information equipment
equipment
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910505611.4A
Other languages
Chinese (zh)
Inventor
王飞
杜一凡
徐勇军
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Institute of Computing Technology of CAS
Original Assignee
Institute of Computing Technology of CAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Institute of Computing Technology of CAS filed Critical Institute of Computing Technology of CAS
Priority to CN201910505611.4A priority Critical patent/CN110087197A/en
Publication of CN110087197A publication Critical patent/CN110087197A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/06Selective distribution of broadcast services, e.g. multimedia broadcast multicast service [MBMS]; Services to user groups; One-way selective calling services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Computing Systems (AREA)
  • Medical Informatics (AREA)
  • Multimedia (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The present invention provides a kind of message broadcast in vehicular ad hoc network, receives and method for tracing, wherein, message broadcasting method in vehicular ad hoc network includes: step 1) when the information equipment of vehicle is inserted into the adaptable interface of the vehicle, is authenticated by the information equipment of the vehicle to the user of the vehicle;If the user of the step 2) vehicle, when the vehicle generates message to be broadcast, authenticates the information equipment of the vehicle by the tampering protection equipment of the vehicle by certification;If the information equipment of the step 3) vehicle broadcasts the message from the tampering protection equipment of the vehicle to the vehicular ad hoc network and wraps, the message package includes message to be broadcast by certification.The present invention improves the efficiency of data authentication in vehicular ad hoc network while guaranteeing the safety of data source and data.

Description

Message broadcast, reception and method for tracing in vehicular ad hoc network
Technical field
The present invention relates to the field of information security technology in wireless communication, in particular to a kind of vehicular ad hoc net Message broadcast, reception and method for tracing in network.
Background technique
Vehicular ad hoc network makes between vehicle and vehicle and vehicle and road using vehicle and roadside infrastructure as node Communication is able to carry out between the infrastructure of side, to promote traffic safety, alleviate traffic pressure, raising driving experience.Vehicle can be right The data that receive in vehicular ad hoc network carry out analysis decision, before carrying out decision to data, verify data source with And the integrality of data is just particularly important.
Authentication techniques are the means of the common confirmation data source of one kind and verification of data integrity, in recent years, for vehicle Self-organizing network is carried, researchers propose a variety of certificate schemes, are broadly divided into following four classes: 1. based on Public Key Infrastructure The scheme of (Public Key Infrastructure, PKI);2. the scheme based on anonymous credential;3. based on a group side for signature Case;4. anonymous credential and group signature hybrid plan.
However, these existing certificate schemes safety and in terms of there is also deficiencies.For example, being based on The scheme of PKI sends certificate and data simultaneously in communication process, the data for causing user to send and the user for holding the certificate Natural binding, therefore attacker can be associated with specific user by historical data, to cause the leakage of privacy of user;It is based on The scheme of anonymous credential is for each vehicle primary distribution and stores about 40000 certificates, since the certificate quantity updated every time is huge Greatly, therefore cause administration overhead larger, and also aggravate the computational load and communication overhead of roadside infrastructure, serious shadow The efficiency of certification authentication is rung;In based on group scheme of signature, the signature and certification needs of message are real by group public/private keys It is existing, however this signature and expense of the authentication method compared with other schemes in calculating and communication are larger, and attacker can To initiate computational DoS attack easily by sending invalid data signature, therefore safety is not high;Hybrid plan is although can To reduce the expense in communication and calculating to a certain extent, but certificate update depends on roadside infrastructure, this is remotely Availability is lower under the environment such as area, mountainous rural area.
Summary of the invention
To solve above-mentioned problems of the prior art, according to one embodiment of present invention, it is vehicle-mounted certainly to provide one kind The message broadcasting method in network is organized, the vehicle in the vehicular ad hoc network has dismountable information equipment and fixation Tampering protection equipment, which comprises
Step 1) is set when the information equipment of vehicle is attached to the adaptable interface of the vehicle by the information of the vehicle It is standby that the user of the vehicle is authenticated;The information equipment of the vehicle includes relevant to the user of the vehicle Ground parameter;
If the user of the step 2) vehicle is by certification, when the vehicle generates message to be broadcast, by institute The tampering protection equipment for stating vehicle authenticates the information equipment of the vehicle;The tampering protection equipment of the vehicle include with The relevant local parameter of the information equipment of the vehicle;
If the information equipment of the step 3) vehicle by certification, from the tampering protection equipment of the vehicle to the vehicle It is downloaded from hoc network broadcast message package, the message package includes message to be broadcast.
In the above method, in step 1), the user of the vehicle is authenticated by the information equipment of the vehicle It include: the biometrics password that the user of the vehicle is received by the information equipment of the vehicle;If the information of the vehicle is set The standby user's parameters for authentication generated when can recover the registration vehicle from the received biometrics password of institute and local parameter, Then the user of the vehicle passes through certification.Specifically, it is carried out by user of the information equipment of the vehicle to the vehicle Certification includes:
1. receiving the biometrics password of the user of the vehicle by the information equipment of the vehicle;
2. calculating following formula by the information equipment of the vehicle:
Wherein, i indicates that the vehicle is vehicle i, and u indicates that the user of the vehicle is user u;H () indicates Hash Function;Indicate the received biometrics password of information equipment institute of the vehicle;PIDiTable Show the initial anonymous Identity of the vehicle, SCIDiIndicate the virtual identity of the information equipment of the vehicle, βi,uAnd SCIDiIt is this Ground parameter, γi,u=h (pwi,u) and pwi,uIt is the biometrics password of the user of vehicle when registering the vehicle;
3. being judged by the information equipment of the vehicleWhereinIt and is described in registration The user's parameters for authentication generated when vehicle, the user of the vehicle is otherwise unauthenticated by certification if returning to vacation.
In the above method, in step 2), by the vehicle tampering protection equipment to the information equipment of the vehicle into Row certification includes: the instant anonymous Identity and information equipment certification ginseng that the vehicle is calculated by the information equipment of the vehicle Number;It will be described in the instant anonymous Identity of the vehicle, information equipment parameters for authentication and calculating as the information equipment of the vehicle Timestamp when the instant anonymous Identity of vehicle is sent to the tampering protection equipment of the vehicle;If the intervention of the vehicle is anti- Protecting equipment being capable of timestamp from the instant anonymous Identity of the vehicle, when calculating the instant anonymous Identity of the vehicle and local Parameter reconstruction goes out the information equipment parameters for authentication, then the information equipment of the vehicle passes through certification.Specifically, by the vehicle Tampering protection equipment to the information equipment of the vehicle carry out certification include:
1. calculating the instant anonymous Identity of the vehicle according to the following formula by the information equipment of the vehicle:
Wherein, i indicates that the vehicle is vehicle i, and h () indicates hash function, IDiIndicate the true identity of the vehicle, SCIDiIndicate the virtual identity of the information equipment of the vehicle, PIDiIndicate the initial anonymous Identity of the vehicle, PIDi,tsTable Show that the instant anonymous Identity of the vehicle, ts indicate timestamp when calculating the instant anonymous Identity of the vehicle;
2. calculating information equipment parameters for authentication according to the following formula by the information equipment of the vehicle:
εi=h (ηi||PIDi||ts)
Wherein,kmIndicate system key;
3. by the information equipment of the vehicle by PIDi,ts、εiThe tampering protection equipment of the vehicle is sent to ts;
4. calculating following formula by the tampering protection equipment of the vehicle:
Wherein, PIDi、SCIDiAnd kmIt is local parameter;
5. being judged by the tampering protection equipment of the vehicleThe information equipment of the vehicle passes through if returning to vacation Certification, it is otherwise unauthenticated.
In the above method, the message package further includes the instant anonymous Identity and meter of message authentication parameter, the vehicle Calculate timestamp when the instant anonymous Identity of the vehicle;Wherein, the tampering protection equipment of the vehicle obtains institute according to the following formula State message authentication parameter:
Wherein, i indicates that the vehicle is vehicle i, PIDi,tsIndicate that the instant anonymous Identity of the vehicle, h () indicate to breathe out Uncommon function, m indicate message, kmIndicate that system key, ts indicate timestamp when calculating the instant anonymous Identity of the vehicle,It indicates with kmMessage authentication parameter as key calculates function.
According to one embodiment of present invention, the message receival method in a kind of vehicular ad hoc network is also provided, it is described Vehicle in vehicular ad hoc network has dismountable information equipment and fixed tampering protection equipment, which comprises
Step a) is when vehicle listens to the packet of broadcast, by the tampering protection equipment of the vehicle to the message package It is authenticated;
If the step b) message package receives the message in the message package by the vehicle by certification.
In the above method, the message package includes the instant of the vehicle of message, message authentication parameter, the broadcast message package Anonymous Identity and timestamp when calculating the instant anonymous Identity;
Wherein, the message authentication parameter obtains according to the following formula:
Wherein, i indicates that the vehicle for broadcasting the message package is vehicle i, PIDi,tsIndicate the vehicle of the broadcast message package Instant anonymous Identity, h () indicate hash function, m indicate message, kmIndicate that system key, ts indicate that calculating is described and hide immediately Timestamp when name identity,It indicates with kmMessage authentication parameter as key calculates function.
In the above method, in step a), certification packet is carried out to the message package by the tampering protection equipment of the vehicle It includes:
It is calculated as follows by the tampering protection equipment of the vehicle:
Judged by the tampering protection equipment of the vehicleThe message package is by certification if returning to vacation, otherwise It is unauthenticated.
According to one embodiment of present invention, the message method for tracing in a kind of vehicular ad hoc network is also provided, it is described Vehicular ad hoc network includes Key Management Center, and the Key Management Center safeguards that vehicle user message table, the vehicle are used Every record of family information table corresponds to the relevant information of a vehicle in vehicular ad hoc network, which comprises
When the Key Management Center listens to the packet of broadcast, the note in the vehicle user information table is inquired Record, the record of following formula is met until finding:
Wherein, h () indicates hash function, PID*,tsIndicate the instant anonymous Identity of the vehicle of the broadcast message package, ts It indicates to calculate the instant anonymous Identity PID*,tsWhen timestamp, PID*,tsIt is included in the packet with ts;IDi、 SCIDiAnd PIDiRespectively indicate the true identity, information equipment that meet vehicle corresponding to the record of above formula virtual identity and just Beginning anonymous Identity.
According to one embodiment of present invention, a kind of message dissemination system is also provided, comprising:
Information equipment is removably attached to vehicle;
Tampering protection equipment is securely attached to the vehicle, connect simultaneously with the information equipment for being attached to the vehicle And it is connect with vehicular ad hoc network;
Wherein, when the information equipment is attached to the adaptable interface of the vehicle, by the information equipment to described The user of vehicle authenticates;If the user of the vehicle is by certification, when the vehicle generates message to be broadcast When, the tampering protection equipment is logged in be recognized by the tampering protection equipment the information equipment by the information equipment Card;If the information equipment is broadcast the message from the tampering protection equipment to the vehicular ad hoc network and is wrapped by certification, The message package includes message to be broadcast;The tampering protection equipment is also used to monitor wide in the vehicular ad hoc network The message package broadcast;
Wherein, the information equipment includes local parameter relevant to the user of the vehicle;The intervention of the vehicle Safeguard includes local parameter relevant to the information equipment of the vehicle.
Above system can also include: Key Management Center, safeguard vehicle user message table, the vehicle user information Every record of table corresponds to the relevant information of a vehicle in the vehicular ad hoc network;Wherein, the Key Management Center For monitoring the message package broadcasted in the vehicular ad hoc network and tracking the message package.
The embodiment of the present invention have it is following the utility model has the advantages that
The user of vehicle is authenticated using the biological characteristic of people, it is not easy to cause password to reveal, in addition, to vehicle The certification of user information equipment is authenticated using tampering protection equipment in conjunction with information equipment, and further, protect The safety of data source is demonstrate,proved.The transmission and certification of message are without the Key Management Center and roadside base in vehicular ad hoc network Plinth equipment participates in, wherein at instant anonymous Identity and generating corresponding message authentication parameter in transmission message previous existence every time, is protecting The burden that vehicular ad hoc network is alleviated while demonstrate,proving Security and Integrality of Data, improves the efficiency of certification.The present invention Suitable for the vehicular ad hoc network in the case of high traffic, availability is higher.
Detailed description of the invention
Below will by reference to attached drawing, exemplary embodiment is described in detail, attached drawing is intended to depicted example embodiment And it is not necessarily to be construed as limiting the desired extent of claim.Unless explicitly stated otherwise, otherwise attached drawing be not considered according to than Example is drawn.
Fig. 1 is the flow chart of the message propagating method in vehicular ad hoc network according to an embodiment of the invention;
Fig. 2 is the method flow diagram that the user according to an embodiment of the invention to vehicle and vehicle is registered;
Fig. 3 is the method flow that vehicle according to an embodiment of the invention broadcasts the message in vehicular ad hoc network Figure;
Fig. 4 is the method flow that vehicle according to an embodiment of the invention receives message in vehicular ad hoc network Figure;
Fig. 5 is the flow chart of the message method for tracing in vehicular ad hoc network according to an embodiment of the invention.
Specific embodiment
In order to make the purpose of the present invention, technical solution and advantage are more clearly understood, and are passed through below in conjunction with attached drawing specific real Applying example, the present invention is described in more detail.It should be appreciated that described herein, specific examples are only used to explain the present invention, and It is not used in the restriction present invention.
Before embodiments of the present invention are described, first the variable hereinafter occurred and its definition are enumerated in the following table.
Table 1
According to one embodiment of present invention, the message propagating method in a kind of vehicular ad hoc network is provided, is especially related to And message broadcast and message sink in vehicular ad hoc network.Wherein, vehicular ad hoc network includes a key management Center (KMC), the vehicle in vehicular ad hoc network is equipped with dismountable information equipment and fixed intervention in the car Safeguard.Information equipment is held by the user of vehicle, and user needs to set information before using vehicular ad hoc network In adaptable interface in standby insertion vehicle, information equipment can be communicated by the interface with the tampering protection equipment of vehicle, and Tampering protection equipment is connected to vehicular ad hoc network.Information equipment and tampering protection equipment have storage and computing function, this Outside, self is understood when tampering protection equipment, which is attempted, to be broken through to destroy, to not reveal any data that it is saved.
Fig. 1 schematically shows the message propagating method in vehicular ad hoc network according to an embodiment of the invention Flow chart, each step of this method is described referring now to Fig. 1:
Step S11. initial phase.
Initial phase includes: step S111. close by Key Management Center (KMC) the generation system of vehicular ad hoc network Key km;Step S112. is registered by user of the Key Management Center to vehicle and vehicle.
Wherein, vehicle user if it is intended to using vehicular ad hoc network provide service, then need to it is vehicle-mounted from The Key Management Center of network is organized to submit the relevant information of vehicle and user to register.Referring to fig. 2, with Vehiclei (i.e. for vehicle i), step S112 includes following sub-step:
1. submitting the relevant information of vehicle i and user u, the phase from the user u of vehicle i to Key Management Center Closing information includes but is not limited to: the true identity ID of vehicle ii(such as license plate number);The Kazakhstan of the biometrics password of the user u of vehicle i Uncommon value γi,u=h (pwi,u) (or biometrics password informative abstract of the user u of vehicle i), wherein pwi,uFor the use of vehicle i The biometrics password of person u, such as finger print information;And information of vehicles Infoi, when information of vehicles may include engine sequence number, manufacture Between, the owner of vehicle etc..
The user of vehicle is submitted to Key Management Center there are many kinds of the modes of relevant information, for example, can pass through nothing The mode of line communication or wire communication is submitted.
2. receiving the relevant information of vehicle i and its user u by Key Management Center.
3. by Key Management Center check the authenticity of received relevant information terminate to infuse if information is untrue Volume process (i.e. vehicle i and its user u registration failure);If true, execute 4..According to one embodiment of present invention, Key Management Center checks the user of vehicle institute by interacting with the third-party institution (such as government organs such as vehicle administration office, public security) The authenticity of the relevant information of submission.
4. completing the registration to vehicle i and its user u by Key Management Center.
Firstly, Key Management Center is that vehicle i randomly chooses an initial anonymous Identity PIDi, set for the information of vehicle i Standby TDiRandomly choose a virtual identity SCIDi, generate registration information < ID of vehicle ii,SCIDi,PIDi,Infoi>, and will The registration information is stored in the local vehicle user information table safeguarded by Key Management Center, as the vehicle user information table One record.
Then, Key Management Center is calculated as follows:
In above formula, h () indicates hash function, and the information equipment and intervention for Key Management Center, vehicle are anti- It protects for equipment, which is well known;IDiIndicate the true identity of vehicle i;SCIDiIndicate the information equipment of vehicle i TDiVirtual identity;PIDiIndicate the initial anonymous Identity of vehicle i;kmIndicate system key;γi,uIndicate the user of vehicle i The biometrics password pw that u is submittedi,uCryptographic Hash.
Then, Key Management Center is by SCIDi、IDi、ηi、αi,ui,uAlso referred to as user's parameters for authentication) and βi,uIt sends To the information equipment TD of vehicle iiBy TDiIt is saved (for example, being saved by way of write-in to TDi), and by PIDi、 SCIDiAnd kmIt is sent to the tampering protection equipment TPD of vehicle iiSaved (for example, save through wireless communication to TPDi).As described below, SCIDi、αi,uAnd βi,uFor authenticating the user of vehicle, SCIDi、IDiAnd ηiFor landing vehicle Tampering protection equipment;PIDi、SCIDiAnd kmFor authenticating the information equipment of vehicle and sending message.
Step S12. vehicle broadcasts the message in vehicular ad hoc network.
Referring to Fig. 3, by taking vehicle i and its user u that registration is completed as an example, step S12 includes following sub-step:
Step S121. authenticates the user of vehicle.
Specifically, firstly, the information equipment TD that the user u of vehicle i is heldiIt is inserted into the adaptable interface of vehicle i, And to information equipment TDiInput the biometrics password of oneself(it should be understood that if the user u of vehicle i and vehicle when registration The user of i is the same person, thenWherein pwi,uThe biometrics password of the user of vehicle i when being registration), In one embodiment, information equipment TDiIt can have the input interface for receiving the biometrics password (such as fingerprint) of user, in order to Receive the biometrics password of user.
Then, information equipment TDiIt is calculated as follows:
Wherein, h () indicates hash function,It is user u to the information equipment TD of vehicle iiThe biology of input is close Code,Indicate information equipment TDiReceived biometrics password cryptographic Hash, βi,uAnd SCIDiIt is stored in information equipment TDiIn , parameter from Key Management Center.
Then, by information equipment TDiJudgementWherein αi,uIt is stored in information equipment TDiIn, come from key The parameter (user's parameters for authentication) of administrative center,It is to be calculated by formula (6);If returning to vacation, illustrate vehicle i User u input biometrics password it is correct, which passes through certification, and information equipment TDiWhat preservation was calculatedInitial anonymous Identity PID as vehicle ii;If returning very, user u is unauthenticated, i.e. vehicle i haves no right It broadcasts the message in vehicular ad hoc network.
Step S122. is in the case where the user u of vehicle i is by certification, when vehicle i produces message to be broadcast When (being hereinafter message), to the information equipment TD of vehicle iiIt is authenticated, to vehicular ad hoc network if through certification Broadcast the message.
In the case where the user u of vehicle i is by certification, when vehicle i produces message, set by the information of vehicle i Standby TDiLog in the tampering protection equipment TPD of the vehiclei, and by tampering protection equipment TPDiTo information equipment TDiIt is authenticated. Specifically, comprising:
1. by the information equipment TD of vehicle iiThe instant anonymous Identity PID of vehicle i is calculated according to the following formulai,ts:
Wherein, h () indicates hash function;IDiIndicate the true identity of vehicle i, SCIDiIndicate the information equipment of vehicle i TDiVirtual identity, IDiAnd SCIDiIt is stored in information equipment TDiIn, parameter from Key Management Center;PIDiIt indicates The initial anonymous Identity of vehicle i is (referring to formula (5)) being calculated when authenticating user u;Ts indicates to calculate instant Anonymous Identity PIDi,tsWhen timestamp.
2. by the information equipment TD of vehicle iiInformation equipment TD is calculated according to the following formulaiParameters for authentication (i.e. information equipment is recognized Demonstrate,prove parameter):
εi=h (ηi||PIDi||ts) (8)
Wherein, h () indicates hash function, ηiIt is stored in information equipment TDiIn, ginseng from Key Management Center Number, PIDiIndicate that the initial anonymous Identity (it is calculated when authenticating user u) of vehicle i, ts indicate to calculate instant Anonymous Identity PIDi,tsWhen timestamp.
3. by the information equipment TD of vehicle iiThe instant anonymous Identity PID that will be calculatedi,ts, information equipment parameters for authentication εiAnd calculate instant anonymous Identity PIDi,tsWhen timestamp ts be sent to the tampering protection equipment TPD of vehicle ii, dry to log in Pre- safeguard TPDi
4. by the tampering protection equipment TPD of vehicle iiCalculate following formula:
Wherein, h () indicates hash function;PIDi,tsIndicate that the instant anonymous Identity of vehicle i, ts are indicated to calculate and be hidden immediately Name identity PIDi,tsWhen timestamp, PIDi,tsInformation equipment TD with ts from vehicle ii;PIDiIndicate initially hideing for vehicle i Name identity, kmIndicate system key, SCIDiIndicate the information equipment TD of vehicle iiVirtual identity, PIDi、kmAnd SCIDiIt is to protect There are tampering protection equipment TPDiIn, parameter from Key Management Center.
5. by the tampering protection equipment TPD of vehicle iiJudgementWherein εiIt is from information equipment TDiInformation set Standby parameters for authentication,It is to be calculated according to formula (10);If returning to false, information equipment TDiBy certification, and dry Pre- safeguard TPDiThe middle instant anonymous Identity PID for saving vehicle ii,tsWith corresponding timestamp ts;If returning to true, information Equipment TDiUnauthenticated, i.e., vehicle i haves no right to broadcast the message in vehicular ad hoc network.
If information equipment TDiBy certification, then by the tampering protection equipment TPD of vehicle iiIt is broadcasted to vehicular ad hoc network The message of generation.Specifically, comprising:
1. by the tampering protection equipment TPD of vehicle iiMessage authentication parameter is calculated according to the following formula:
Wherein, h () indicates hash function, PIDi,tsIndicate that the instant anonymous Identity of vehicle i, m indicate message, kmIndicate system System key, ts indicate to calculate instant anonymous Identity PIDi,tsWhen timestamp,It indicates with kmMessage as key is recognized Demonstrate,proving parameter calculating function, (for the tampering protection equipment of each vehicle in vehicular ad hoc network, which is public Know).
2. by the tampering protection equipment TPD of vehicle iiIt broadcasts the message and wraps to vehicular ad hoc network, which includes: PIDi,ts, σi, ts, m.
Other vehicles in step S13. vehicular ad hoc network receive message.Referring to fig. 4, by taking vehicle j as an example, step S13 includes following sub-step:
Step S131. is listened to as vehicle j from other vehicles (such as message package (including PID of vehicle i)i,ts, σi, Ts, m) when, the message package is authenticated by the tampering protection equipment of vehicle j.
Specifically, firstly, being calculated as follows by the tampering protection equipment of vehicle j:
Wherein, h () indicates hash function;PIDi,tsIndicate that the instant anonymous Identity of vehicle i, m indicate message, ts is indicated Calculate instant anonymous Identity PIDi,tsWhen timestamp, PIDi,ts, m, ts be to be obtained from message package;kmIndicate system key;It indicates with kmMessage authentication parameter as key calculates function.
Then, judged by the tampering protection equipment of vehicle jWherein σiIt is the message authentication parameter in message package, It is to be calculated according to formula (12), message package passes through certification if returning to vacation;Otherwise the message package is unauthenticated.
If step S132. message package receives the message in message package by certification, by vehicle j, to be answered for subsequent With.
In the above-described embodiment, it is authenticated using user of the biological characteristic of people to vehicle, it is not easy to cause close Code leakage, in addition, utilizing tampering protection equipment to letter in conjunction with information equipment, and further the certification of the user of vehicle Breath equipment is authenticated, and ensure that the safety of data source.The transmission and certification of message are without close in vehicular ad hoc network Key administrative center and roadside infrastructure device participate in, wherein sending message previous existence every time into instant anonymous Identity and generating corresponding Message authentication parameter alleviates the burden of vehicular ad hoc network while assuring data security and integrality, improves The efficiency of certification.The present invention is suitable for the vehicular ad hoc network in the case of high traffic, and availability is higher.
In the above-described embodiment, Key Management Center is in registered vehicle and its user, by registration information (for example, < IDi,SCIDi,PIDi,Infoi>) the local vehicle user information table of deposit, when message package is broadcasted in vehicular ad hoc network When, the Key Management Center can also listen to the message package and can be tracked according to vehicle user information table transmission this disappear Cease the vehicle of packet.In view of this, according to one embodiment of present invention, the message also provided in a kind of vehicular ad hoc network is chased after Track method.As shown in figure 5, this method comprises the following steps:
Step S21. listens to the message package including message (as above when the Key Management Center in vehicular ad hoc network It is described, the message package include: message, broadcast the message package vehicle instant anonymous Identity, when calculating the instant anonymous Identity Timestamp and message authentication parameter) when, inquire the record in local vehicle user information table, meet following formula until finding Record:
Wherein, h () indicates hash function, PID*,tsIndicate the instant anonymous Identity of the vehicle of the broadcast message package, ts It indicates to calculate the instant anonymous Identity PID*,tsWhen timestamp, PID*,tsIt include in the packet listened to ts;IDi、 SCIDiAnd PIDiRespectively indicate the virtual of the information equipment of the true identity, the vehicle that meet vehicle corresponding to the record of above formula The initial anonymous Identity of identity and the vehicle.
Step S22. obtains the true identity of the vehicle of broadcast message packet according to the record found.
Key Management Center tracks the true identity for broadcasting the vehicle of the message package as a result, and can be true based on this Message is further processed in real identity.
According to one embodiment of present invention, a kind of message dissemination system is also provided, comprising:
Information equipment is removably attached to vehicle;
Tampering protection equipment is securely attached to the vehicle, connect simultaneously with the information equipment for being attached to the vehicle And it is connect with vehicular ad hoc network;
Key Management Center safeguards that vehicle user message table, every record of the vehicle user information table correspond to vehicle Carry the relevant information of a vehicle in self-organizing network.
Wherein, when the information equipment is attached to the adaptable interface of the vehicle, by the information equipment to vehicle User authenticate;If the user of vehicle is by certification, when vehicle generates message to be broadcast, by information equipment Tampering protection equipment is logged in be authenticated by tampering protection equipment to information equipment;If information equipment is by certification, by doing Pre- safeguard broadcasts the message to vehicular ad hoc network and wraps, and the message package includes message to be broadcast.Tampering protection equipment It is also used to monitor the message package broadcasted in vehicular ad hoc network;Key Management Center is for monitoring in vehicular ad hoc network The message package of middle broadcast and track the message package.
In order to verify the validity of scheme provided by the present invention, inventor is by the scheme provided in above-described embodiment and now Some vehicular ad hoc network certificate schemes are compared, and comparing result is as shown in table 2.
Table 2
As seen from Table 2, it compared with prior art, the present invention a variety of different security attributes can be taken into account, is especially supporting Anti- Denial of Service attack, privacy protecting, condition traceability, strong Privacy Safeguarding and strong non repudiation etc., it is all excellent In the prior art.In addition, inventor has found that computing cost reduces 100 to the present invention compared with prior art by emulation experiment ~1000 times, and communication-cost also reduces 55.24%~77.52%.
It should be noted that some illustrative methods are depicted as flow chart.It is executed although operation is expressed as sequence by flow chart, But it is understood that many operations can be parallel while or synchronously being executed.Furthermore it is possible to rearrange the sequence of operation. Processing can be terminated when operating and completing, but also be can have and be not included in the other step in figure or in embodiment.
The above method can pass through hardware, software, firmware, middleware, pseudocode, hardware description language or their times Meaning combination is to realize.When with the implementation of software, firmware, middleware or pseudocode, for executing the program code or code of task Segmentation can be stored in computer-readable medium, and such as storage medium, processor can execute the task.
It should be understood that the exemplary embodiment of software realization usually carried out in some form of program storage medium coding or Person realizes on some type of transmission medium.Program storage medium can be arbitrary non-transitory storage media, such as disk (for example, floppy disk or hard disk) or CD (for example, compact disk read-only memory or " CD ROM "), and can be it is read-only or Random access.Similarly, transmission medium can be twisted pair, coaxial cable, optical fiber or known in the art some other Applicable transmission medium.
Although the present invention has been described by means of preferred embodiments, the present invention is not limited to described here Embodiment, without departing from the present invention further include made various changes and variation.

Claims (12)

1. the message broadcasting method in a kind of vehicular ad hoc network, the vehicle in the vehicular ad hoc network has detachable Information equipment and fixed tampering protection equipment, which comprises
Step 1) is when the information equipment of vehicle is attached to the adaptable interface of the vehicle, by the information equipment pair of the vehicle The user of the vehicle authenticates;The information equipment of the vehicle includes local ginseng relevant to the user of the vehicle Number;
If the user of the step 2) vehicle is by certification, when the vehicle generates message to be broadcast, by the vehicle Tampering protection equipment the information equipment of the vehicle is authenticated;The tampering protection equipment of the vehicle include with it is described The relevant local parameter of the information equipment of vehicle;
If the information equipment of the step 3) vehicle by certification, from the tampering protection equipment of the vehicle to it is described it is vehicle-mounted from Hoc network broadcast message package, the message package include message to be broadcast.
2. according to the method described in claim 1, the use in step 1), by the information equipment of the vehicle to the vehicle Person carries out certification
The biometrics password of the user of the vehicle is received by the information equipment of the vehicle;
If the information equipment of the vehicle can recover the registration vehicle from the received biometrics password of institute and local parameter When user's parameters for authentication for generating, then the user of the vehicle passes through certification.
3. method according to claim 2, wherein recognized by the information equipment of the vehicle the user of the vehicle Card includes:
1. receiving the biometrics password of the user of the vehicle by the information equipment of the vehicle;
2. calculating following formula by the information equipment of the vehicle:
Wherein, i indicates that the vehicle is vehicle i, and u indicates that the user of the vehicle is user u;H () indicates Hash letter Number;Indicate the received biometrics password of information equipment institute of the vehicle;PIDiIt indicates The initial anonymous Identity of the vehicle, SCIDiIndicate the virtual identity of the information equipment of the vehicle, βi,uAnd SCIDiIt is local Parameter, γi,u=h (pwi,u) and pwi,uIt is the biometrics password of the user of vehicle when registering the vehicle;
3. being judged by the information equipment of the vehicleWhereinIt and is the registration vehicle User's parameters for authentication of Shi Shengcheng, the user of the vehicle is otherwise unauthenticated by certification if returning to vacation.
4. method according to any one of claim 1-3, in step 2), by the tampering protection equipment pair of the vehicle The information equipment of the vehicle carries out certification
The instant anonymous Identity and information equipment parameters for authentication of the vehicle are calculated by the information equipment of the vehicle;
It will be described in the instant anonymous Identity of the vehicle, information equipment parameters for authentication and calculating as the information equipment of the vehicle Timestamp when the instant anonymous Identity of vehicle is sent to the tampering protection equipment of the vehicle;
If the tampering protection equipment of the vehicle can from the instant anonymous Identity of the vehicle, calculate the instant of the vehicle Timestamp and local parameter when anonymous Identity recover the information equipment parameters for authentication, then the information equipment of the vehicle is logical Cross certification.
5. according to the method described in claim 4, wherein, being set by the tampering protection equipment of the vehicle to the information of the vehicle Include: for certification is carried out
1. calculating the instant anonymous Identity of the vehicle according to the following formula by the information equipment of the vehicle:
Wherein, i indicates that the vehicle is vehicle i, and h () indicates hash function, IDiIndicate the true identity of the vehicle, SCIDi Indicate the virtual identity of the information equipment of the vehicle, PIDiIndicate the initial anonymous Identity of the vehicle, PIDi,tsDescribed in expression The instant anonymous Identity of vehicle, ts indicate timestamp when calculating the instant anonymous Identity of the vehicle;
2. calculating information equipment parameters for authentication according to the following formula by the information equipment of the vehicle:
εi=h (ηi||PIDi||ts)
Wherein,kmIndicate system key;
3. by the information equipment of the vehicle by PIDi,ts、εiThe tampering protection equipment of the vehicle is sent to ts;
4. calculating following formula by the tampering protection equipment of the vehicle:
Wherein, PIDi、SCIDiAnd kmIt is local parameter;
5. being judged by the tampering protection equipment of the vehicleThe information equipment of the vehicle is by recognizing if returning to vacation Card, it is otherwise unauthenticated.
6. method according to any one of claim 1-3, wherein the message package further includes message authentication parameter, institute Timestamp when stating the instant anonymous Identity of vehicle and calculating the instant anonymous Identity of the vehicle;Wherein, the vehicle Tampering protection equipment obtains the message authentication parameter according to the following formula:
Wherein, i indicates that the vehicle is vehicle i, PIDi,tsIndicate that the instant anonymous Identity of the vehicle, h () indicate Hash letter Number, m indicate message, kmIndicate that system key, ts indicate timestamp when calculating the instant anonymous Identity of the vehicle, It indicates with kmMessage authentication parameter as key calculates function.
7. the message receival method in a kind of vehicular ad hoc network, the vehicle in the vehicular ad hoc network has detachable Information equipment and fixed tampering protection equipment, which comprises
Step a) is when vehicle is listened to using the packet broadcasted such as method of any of claims 1-6, by institute The tampering protection equipment for stating vehicle authenticates the message package;
If the step b) message package receives the message in the message package by the vehicle by certification.
8. according to the method described in claim 7, wherein, the message package includes message, message authentication parameter, disappears described in broadcast Timestamp when ceasing the instant anonymous Identity of the vehicle of packet and calculating the instant anonymous Identity;
Wherein, the message authentication parameter obtains according to the following formula:
Wherein, i indicates that the vehicle for broadcasting the message package is vehicle i, PIDi,tsIndicate the instant of the vehicle of the broadcast message package Anonymous Identity, h () indicate that hash function, m indicate message, kmIndicate that system key, ts indicate to calculate the instant anonymous Identity When timestamp,It indicates with kmMessage authentication parameter as key calculates function.
9. according to the method described in claim 8, in step a), by the tampering protection equipment of the vehicle to the message package Carrying out certification includes:
It is calculated as follows by the tampering protection equipment of the vehicle:
Judged by the tampering protection equipment of the vehicleIf returning to vacation otherwise the message package is not passed through by certification Certification.
10. the message method for tracing in a kind of vehicular ad hoc network, the vehicular ad hoc network include Key Management Center, The Key Management Center safeguards that vehicle user message table, every record of the vehicle user information table correspond to vehicle-mounted from group The relevant information of a vehicle in knitmesh network, which comprises
When the Key Management Center is listened to using the packet such as method of any of claims 1-6 broadcast When, the record in the vehicle user information table is inquired, the record of following formula is met until finding:
Wherein, h () indicates hash function, PID*,tsIndicate that the instant anonymous Identity of the vehicle of the broadcast message package, ts indicate Calculate the instant anonymous Identity PID*,tsWhen timestamp, PID*,tsIt is included in the packet with ts;IDi、SCIDiWith PIDiThe virtual identity for respectively indicating the true identity, information equipment that meet vehicle corresponding to the record of above formula and initially anonymity Identity.
11. a kind of message dissemination system, comprising:
Information equipment is removably attached to vehicle;
Tampering protection equipment is securely attached to the vehicle, connect with the information equipment for being attached to the vehicle and with Vehicular ad hoc network connection;
Wherein, when the information equipment is attached to the adaptable interface of the vehicle, by the information equipment to the vehicle User authenticate;If the user of the vehicle is by certification, when the vehicle generates message to be broadcast, by The information equipment logs in the tampering protection equipment to be authenticated by the tampering protection equipment to the information equipment;If The information equipment is then broadcast the message from the tampering protection equipment to the vehicular ad hoc network and is wrapped by certification, described Message package includes message to be broadcast;The tampering protection equipment is also used to monitor to be broadcasted in the vehicular ad hoc network Message package;
Wherein, the information equipment includes local parameter relevant to the user of the vehicle;The tampering protection of the vehicle Equipment includes local parameter relevant to the information equipment of the vehicle.
12. system according to claim 11, further includes:
Key Management Center safeguards that vehicle user message table, every record of the vehicle user information table correspond to described The relevant information of a vehicle in vehicular ad hoc network;
Wherein, the Key Management Center is for monitoring the message package broadcasted in the vehicular ad hoc network and tracking institute State message package.
CN201910505611.4A 2019-06-12 2019-06-12 Message broadcast, reception and method for tracing in vehicular ad hoc network Pending CN110087197A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910505611.4A CN110087197A (en) 2019-06-12 2019-06-12 Message broadcast, reception and method for tracing in vehicular ad hoc network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910505611.4A CN110087197A (en) 2019-06-12 2019-06-12 Message broadcast, reception and method for tracing in vehicular ad hoc network

Publications (1)

Publication Number Publication Date
CN110087197A true CN110087197A (en) 2019-08-02

Family

ID=67424207

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910505611.4A Pending CN110087197A (en) 2019-06-12 2019-06-12 Message broadcast, reception and method for tracing in vehicular ad hoc network

Country Status (1)

Country Link
CN (1) CN110087197A (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102904896A (en) * 2012-10-23 2013-01-30 大连理工大学 Anonymous authentication scheme under vehicular ad hoc network based on biometric encryption technology

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102904896A (en) * 2012-10-23 2013-01-30 大连理工大学 Anonymous authentication scheme under vehicular ad hoc network based on biometric encryption technology

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
FEI WANG;YONGJUN XU;HANWEN ZHANG;YUJUN ZHANG;LIEHUANG ZHU: "《2FLIP: A Two-Factor Lightweight Privacy-Preserving Authentication Scheme for VANET》", 《IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY》 *

Similar Documents

Publication Publication Date Title
US10944575B2 (en) Implicitly certified digital signatures
Ali et al. An efficient and provably secure ECC-based conditional privacy-preserving authentication for vehicle-to-vehicle communication in VANETs
Zhou et al. Efficient certificateless conditional privacy-preserving authentication for VANETs
US10148422B2 (en) Implicitly certified public keys
CN109067801A (en) A kind of identity identifying method, identification authentication system and computer-readable medium
CN104753881B (en) A kind of WebService safety certification access control method based on software digital certificate and timestamp
CN108768652A (en) It is a kind of can the attack of anti-quantum alliance&#39;s block chain bottom encryption method
CN107493165B (en) Internet of vehicles authentication and key agreement method with strong anonymity
CN107947932A (en) The vehicular ad hoc network authentication method without certificate signature based on non-bilinear map
CN109687965A (en) The real name identification method of subscriber identity information in a kind of protection network
CN111970299A (en) Block chain-based distributed Internet of things equipment identity authentication device and method
Babu et al. Robust authentication protocol for dynamic charging system of electric vehicles
CN112291062B (en) Voting method and device based on block chain
Yao et al. An Improved and Privacy‐Preserving Mutual Authentication Scheme with Forward Secrecy in VANETs
CN114125773A (en) Vehicle networking identity management system and management method based on block chain and identification password
CN110166445A (en) A kind of the secret protection anonymous authentication and cryptographic key negotiation method of identity-based
Babu et al. EV-PUF: Lightweight security protocol for dynamic charging system of electric vehicles using physical unclonable functions
CN114049121A (en) Block chain based account resetting method and equipment
Shen et al. An efficient conditional privacy-preserving authentication scheme with scalable revocation for VANETs
CN110572392A (en) Identity authentication method based on HyperLegger network
Sun et al. Anonymous authentication and key agreement scheme combining the group key for vehicular ad hoc networks
CN113612616A (en) Vehicle communication method and device based on block chain
Hegde et al. MFZKAP: multi factor zero knowledge proof authentication for secure service in vehicular cloud computing
CN110460609A (en) The mutual authentication method and system of terminal applies and safety certification platform
Kwon et al. Certificate transparency with enhanced privacy

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20190802