CN110830245B - Anti-quantum-computation distributed Internet of vehicles method and system based on identity secret sharing and implicit certificate - Google Patents

Anti-quantum-computation distributed Internet of vehicles method and system based on identity secret sharing and implicit certificate Download PDF

Info

Publication number
CN110830245B
CN110830245B CN201911006086.8A CN201911006086A CN110830245B CN 110830245 B CN110830245 B CN 110830245B CN 201911006086 A CN201911006086 A CN 201911006086A CN 110830245 B CN110830245 B CN 110830245B
Authority
CN
China
Prior art keywords
vehicle
identity
message
key
unit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911006086.8A
Other languages
Chinese (zh)
Other versions
CN110830245A (en
Inventor
富尧
钟一民
杨羽成
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ruban Quantum Technology Co Ltd
Nanjing Ruban Quantum Technology Co Ltd
Original Assignee
Ruban Quantum Technology Co Ltd
Nanjing Ruban Quantum Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ruban Quantum Technology Co Ltd, Nanjing Ruban Quantum Technology Co Ltd filed Critical Ruban Quantum Technology Co Ltd
Priority to CN201911006086.8A priority Critical patent/CN110830245B/en
Publication of CN110830245A publication Critical patent/CN110830245A/en
Application granted granted Critical
Publication of CN110830245B publication Critical patent/CN110830245B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • H04L9/0841Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
    • H04L9/0844Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols with user authentication or key authentication, e.g. ElGamal, MTI, MQV-Menezes-Qu-Vanstone protocol or Diffie-Hellman protocols using implicitly-certified keys
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The application relates to an anti-quantum-computation distributed car networking method and system based on identity secret sharing and implicit certificates, wherein between a client member and a server member which are communicated with each other, the server member comprises a third-party trust authority for providing corresponding services and a roadside unit, and the client member comprises a car-mounted unit.

Description

Anti-quantum-computation distributed Internet of vehicles method and system based on identity secret sharing and implicit certificate
Technical Field
The application relates to the field of secret sharing, in particular to an anti-quantum computing distributed car networking method and system based on identity secret sharing and implicit certificates.
Background
The vehicle networking is a mobile network created by using a wireless local area network technology and using vehicles, namely, on Board Units (OBUs) and Road Side Units (RSUs) as network nodes to provide communication services between vehicles (V2V) and between vehicles and road side units (V2R). In the era of informatization rapid development, the Internet of vehicles provides technical support for realizing an urban intelligent traffic system. In future vehicle-mounted networks, vehicle nodes can obtain traffic conditions in front of roads from other vehicle nodes or roadside units to select more unobstructed travel routes. And the information of the traffic accident can be issued to surrounding vehicles or roadside units so that other vehicle nodes can take countermeasures.
The vehicle network has unique advantages and also faces many safety problems and challenges, for example, links such as mutual authentication between nodes are easily attacked, and malicious behaviors such as extraction of keys, manipulation of sensors and the like occur when the problems such as node failure occur. Moreover, the user's message usually contains a lot of sensitive information, and the illegal association of related information will bring serious loss to the user.
As most people know, quantum computers have great potential in password cracking. Most of the asymmetric (public key) encryption algorithms that are mainstream today, such as the RSA encryption algorithm, are based on two mathematical challenges, namely factorization of large integers or computation of discrete logarithms over finite fields. Their difficulty in breaking depends on the efficiency of solving these problems. On a traditional computer, the two mathematical problems are required to be solved, and the time is taken to be exponential (namely, the cracking time increases in exponential order along with the increase of the length of the public key), which is not acceptable in practical application. The xiuer algorithm tailored for quantum computers can perform integer factorization or discrete logarithm calculation within polynomial time (i.e. the cracking time increases at the speed of k power along with the increase of the length of a public key, wherein k is a constant irrelevant to the length of the public key), thereby providing possibility for the cracking of RSA and discrete logarithm encryption algorithms.
The problems existing in the prior art are as follows:
the ID of the obu, as disclosed, may cause owner information to leak. If the ID is recorded at a plurality of positions, ID tracking can be realized, and serious information leakage exists in some application scenes
2. The OBU is issued with a symmetric key that is not conducive to identification because it cannot be reliably digitally signed
3. Issuing an asymmetric key pair to an OBU and digitally signing with a private key in a manner that is not resistant to quantum computing because the public key needs to be disclosed when verifying the digital signature
4. The OBU is issued with a private key of an asymmetric key and the public key is stored in the server, so quantum computation can be resisted, but because the public key at the server is identified by an ID or public key pointer random number similar to the ID, the ID or public key pointer random number must be disclosed, so that user information is leaked
5. The most important element of the entire car networking system is the TA, which can have serious consequences in case its stored information is stolen.
6. In order to protect the privacy of the vehicle's location, it is common practice to require a large number of pseudonyms per vehicle and to update the pseudonyms periodically, or to assign a large number of certificates to the vehicle. The scheme brings great workload of certificate issuance and workload of subsequent certificate verification to the TA, and the TA workload is easy to be over-burdened.
Disclosure of Invention
Based on this, it is necessary to provide a quantum computation resistant distributed car networking method and system based on identity secret sharing and implicit certificate.
A quantum computation resistant distributed car networking method based on identity secret sharing and implicit certificates is implemented between client members and server members which are communicated with each other, wherein the server members comprise a third-party trust mechanism providing corresponding services and a roadside unit, the client members comprise vehicle-mounted units, each party is provided with a key fob, all the key fobs store own public keys, private keys and algorithm parameters, and the server members are also provided with a key management server;
the quantum computation resisting distributed car networking method comprises the steps of implementing identity registration or/and anonymous authentication based on identity secret sharing and implicit certificates;
if a vehicle provided with a vehicle-mounted unit needs to be registered in the Internet of vehicles, identity registration is implemented, and the third-party trust authority registers the identity of the vehicle-mounted unit and secretly shares the identity with any roadside unit;
if the vehicle-mounted unit needs to communicate in the area covered by the current roadside unit, anonymous authentication is implemented, the vehicle-mounted unit sends an authentication message to the current roadside unit in an anonymous mode, and after the authentication of the current roadside unit and a third-party trust authority, a group key of the current roadside unit is obtained to communicate in the area.
Optionally, if the vehicle provided with the on-board unit needs to be registered in the internet of vehicles, when identity registration is implemented, the method specifically includes:
after the third-party trust authority acquires the identity of the vehicle-mounted unit, selecting a first road side unit as a secret distribution unit, calculating the identity according to an identity secret sharing theory to generate a first key component and a second key component, storing the first key component, the identity of the vehicle-mounted unit and the identity of the first road side unit in a key fob as identity component information related to the vehicle-mounted unit, encrypting the second key component and sending the encrypted second key component to the first road side unit;
the first road side unit acquires the encrypted second key component for corresponding decryption, acquires the second key component, stores the second key component in a key fob, makes a message confirmation code and sends the message confirmation code to the third party trust authority;
and the third-party trust mechanism acquires the message confirmation code and completes identity registration of the vehicle-mounted unit and secret sharing of the identity identification after verification.
Optionally, during the process of identity registration and identity secret sharing of the vehicle-mounted unit by the third-party trust authority, a key fob of the vehicle-mounted unit is generated and issued by using a self-generated key management server and algorithm parameters;
and the key management server of the third-party trust authority generates the implicit certificate, the public key and the private key of the vehicle-mounted unit and sends the public key of the key fob of the third-party trust authority, the implicit certificate of the vehicle-mounted unit, the public key and the private key to the vehicle-mounted unit.
Optionally, if the on-board unit needs to communicate in an area covered by the current roadside unit, performing anonymous authentication, specifically including the following steps:
step 1, the vehicle-mounted unit sends a first message to a second roadside unit covering the current area, wherein the first message comprises a virtual implicit certificate, and a virtual identity is stored in the virtual implicit certificate;
step 2, after receiving the first message, the second roadside unit calculates according to the first message and the identity of the own party to obtain a second message and sends the second message to a third party trust mechanism;
step 3, the third-party trust mechanism receives the second message, performs corresponding operation to generate a third message, and sends the third message to the first road edge unit;
step 4, the first road edge unit receives the third message, performs corresponding operation to generate a fourth message and sends the fourth message to a third-party trust mechanism;
step 5, the third-party trust mechanism receives the fourth information, performs corresponding operation to generate a fifth message and sends the fifth message to the second roadside unit;
step 6, the second roadside unit receives the fifth message, performs corresponding operation to generate sixth information and sends the sixth information to the vehicle-mounted unit;
step 7, the vehicle-mounted unit receives the sixth message, performs corresponding operation to generate a seventh message and sends the seventh message to the second roadside unit;
and 8, after receiving the seventh message, the second roadside unit verifies the seventh message to finish the anonymous authentication of the vehicle-mounted unit.
Optionally, step 3 specifically includes:
acquiring the virtual identity of the vehicle-mounted unit according to the second message;
inquiring the identity component information related to the vehicle-mounted unit according to the imaginary identity, and knowing that the second key component of the vehicle-mounted unit is stored in the first roadside unit;
and generating a third message according to the second message.
Optionally, step 4 specifically includes:
and calculating the identity of the vehicle-mounted unit according to the secret key component of the vehicle-mounted unit, and taking the identity as a fourth message.
Optionally, the step 5 specifically includes:
generating a vehicle-mounted session key of the vehicle-mounted unit according to the identity of the vehicle-mounted unit;
performing encryption calculation according to the imaginary identity of the vehicle-mounted unit, the vehicle-mounted session key and the identity of the second roadside unit to obtain a first ciphertext and a second ciphertext;
generating a new identity and a new implicit certificate, and carrying out encryption calculation according to the new identity and the new implicit certificate to obtain a third ciphertext;
generating a pseudonym and pseudonym parameters, and carrying out encryption calculation according to the pseudonym and the pseudonym parameters to obtain a fourth ciphertext;
and taking the first ciphertext, the second ciphertext, the third ciphertext and the fourth ciphertext as a fifth message.
Optionally, the step 6 specifically includes:
correspondingly decrypting the second ciphertext to obtain a vehicle-mounted session key;
decrypting the fourth ciphertext to obtain a pseudonym and pseudonym parameters;
calculating according to the pseudonyms and the pseudonym parameters to obtain multiple groups of pseudonym certificate components and pseudonym certificate parameters;
and taking the first ciphertext, the third ciphertext, the multiple groups of the certificate components and the certificate parameters as sixth information.
Optionally, step 7 specifically includes:
correspondingly decrypting the first ciphertext to obtain a vehicle-mounted session key;
correspondingly decrypting the third ciphertext, and correspondingly calculating according to a decryption result, a plurality of groups of the certificate components and the certificate parameters to obtain a certificate of change, a public key of change, a private key of change, a group key, a new implicit certificate and a new public private key;
updating according to the new implicit certificate and the new public and private keys;
storing the group key, the public key of the second roadside unit, and a plurality of groups of certificate components and private key sets of the certificate of the pseudonymization locally;
and carrying out encryption calculation according to the session key to obtain a seventh message.
The invention also provides an anti-quantum computation distributed car networking system based on identity secret sharing and implicit certificates, which comprises client members and server members which are communicated with each other, wherein the server members comprise a third-party trust mechanism for providing corresponding services and a roadside unit, the client members comprise vehicle-mounted units, each party is provided with a key fob, all the key fobs store own public keys, private keys and algorithm parameters, and the server members are also provided with a key management server; the quantum computation resisting distributed car networking method comprises the steps of implementing identity registration or/and anonymous authentication based on identity secret sharing and implicit certificates;
the alliance chain and the users comprise memories and processors, computer programs are stored in the memories, and the processors realize the anti-quantum computing distributed car networking method based on identity secret sharing and implicit certificates when executing the computer programs.
According to the quantum computation resistant distributed Internet of vehicles method and system based on identity secret sharing and implicit certificates, the identity of the vehicle-mounted unit in the vehicle network is hidden by using the identity secret sharing theory and the implicit certificate, and the purpose that the vehicle network system can identify own users without disclosing the identity is achieved by adopting the false identity and the false implicit certificate. In a word, the enemy cannot obtain the real identity of the user through communication and data storage, so that the enemy cannot realize identity tracking, and the security is greatly improved by the identity hiding method.
Drawings
FIG. 1 is a schematic structural diagram of a quantum computation resistant distributed Internet of vehicles system based on identity secret sharing and implicit certificates in one embodiment;
FIG. 2 is a flow diagram of anonymous vehicle authentication in one embodiment.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
For a better description and illustration of embodiments of the application, reference may be made to one or more of the drawings, but additional details or examples used in describing the drawings should not be construed as limiting the scope of any of the inventive concepts of the present application, the presently described embodiments, or the preferred versions.
It should be understood that steps may be performed in other sequences unless explicitly stated otherwise. Moreover, at least a portion of the steps may include multiple sub-steps or multiple stages that are not necessarily performed at the same time, but may be performed at different times, and the order of performance of the sub-steps or stages is not necessarily sequential, but may be performed in turn or alternating with other steps or at least a portion of the sub-steps or stages of other steps.
As shown in fig. 1, a quantum computation resistant distributed car networking method based on identity secret sharing and implicit certificates is provided, and implemented between client members and server members that communicate with each other, where the server members include a third-party trust authority providing corresponding services and a roadside unit, the client members include car-mounted units, each of which is configured with a key fob, all key fobs store own public keys, private keys and algorithm parameters, and the server members are further configured with a key management server. The quantum computation resistant distributed Internet of vehicles method comprises identity registration or/and anonymous authentication based on identity secret sharing and implicit certificates.
Specifically, if a vehicle provided with a vehicle-mounted unit needs to be registered in the internet of vehicles, identity registration is implemented, and the third-party trust authority registers the identity of the vehicle-mounted unit and secretly shares the identity with any roadside unit;
specifically, if the vehicle-mounted unit needs to communicate in an area covered by the current roadside unit, anonymous authentication is implemented, the vehicle-mounted unit sends an authentication message to the current roadside unit in an anonymous mode, and after the authentication of the current roadside unit and a third-party trust authority, a group key of the current roadside unit is obtained to communicate in the area.
As shown in fig. 1, the quantum computation resistant distributed car networking method of identity secret sharing and implicit certificate comprises the following steps: a third party Trust Authority (TA), a roadside unit (RSU), and an On Board Unit (OBU).
Among these, TA is a recognized third party trust authority for registration of vehicles and roadside infrastructure, generation of public parameters, distribution of keys, and the like. Only the TA can reveal the true identity of the node.
The RSU is a roadside infrastructure for providing network access services for vehicle nodes.
Among them, the OBU is a communication unit loaded on a vehicle, and generally integrates an embedded system, a tamper-resistant security module, a global navigation positioning system, and the like.
In the embodiment, the communication between the V2V and the V2R uses a short-range wireless communication protocol, and the communication range of the RSU and the OBU is 300m. The TA and RSU are connected via a wired network, which generally has high security and sufficient bandwidth.
In this embodiment, TA has N slave devices RSUn (N ∈ [0,N-1 ]). A QKD channel is built between the TA and the RSUn, and a symmetric key pool can be formed through the QKD. Or RSUn with quantum key card and storing a pool of symmetric keys pre-issued by TA.
In this embodiment, in the security system based on the key fob, any one OBU, that is, the user a, wants to obtain the authentication of the RSUB that does not match with itself, and obtains the group key, the pseudonym, and the private key corresponding to the pseudonym of the RSUB. Each object in the system of the invention is provided with a key card which can store keys with large data volume and also has the capability of processing information. In the invention, algorithms with corresponding requirements exist in the local systems of all the objects.
Key fobs have evolved from smart card technology and are identity authentication and encryption/decryption products that combine cryptography, hardware security isolation, and quantum physics (with quantum random number generators). The embedded chip and operating system of the key fob may provide secure storage of keys and cryptographic algorithms, among other functions. Due to its independent data processing capabilities and good security, the key fob becomes a secure carrier for private keys and key pools. Each key fob is protected by a hardware PIN code, the PIN code and hardware constituting two essential factors for the user to use the key fob. So-called "two-factor authentication" is the process by which a user can log into a system only by simultaneously obtaining a key fob and a user PIN which hold pertinent authentication information. Even if the PIN code of the user is leaked, the identity of the legal user cannot be counterfeited as long as the key fob held by the user is not stolen; if the key card of the user is lost, the finder can not imitate the identity of the legal user because the user PIN code is not known. In short, the key fob prevents confidential information such as keys from appearing in the form of plaintext on the disk and memory of the host, thereby effectively ensuring the security of the confidential information.
Specifically, when the server registers in the key fob, the server first selects the domain parameters of the elliptic curve including q, a, b, G, and n. q represents the size of the finite field Fq; the variables a and b being elliptic curves y 2 =x 3 Coefficient of + ax + b, here 4a 3 +27b 2 Not equal to 0; g is a base point generator. After the server generates an elliptic curve, a base point generator G is selected to satisfy the requirement that the order of the base point generator G is an integer n. The private key sk and the public key pk generated by the server satisfy pk = sk G. The relevant parameters q, a, b, G, n of the algorithm are written to the key fob designated area.
In this embodiment, the asymmetric algorithm used in the method is implicit certificate cryptography.
In this embodiment, the key management server in the TA issues certificates for the clients, respectively.
In this embodiment, each RSU also has its own key management server, and issues a pseudonymous certificate for each client.
Public and private keys of TA: PKTA = SKTA × G, public and private key of RSU: PKRSU = SKRSU × G.
In this embodiment, the key fob of the user side a (vehicle-mounted unit) is issued by TA, and the issuing flow is described below.
The TA stores the PKTA into the key fob. The ID of a is IDA, which may be represented as IDA = IDVA | | | IDRA, including the true value IDVA and its random number key IDRA. Implicit certificate CertA of a = Encode (PA, IDA). The Encode (x) refers to a composition and an actual encoding mode of a certificate including information, and is specific to an application. PA was calculated as follows: the key fob of a generates a random number kU, calculates RU = kU × G, and outputs RU to TA. TA generates a random number k and calculates PA = RU + k × G. TA calculates eA = H (CertA), rA = eA × k + SKTA. TA writes rA, certA to A's key fob.
The public key of a is PKA = eA PA + PKTA and the private key is SKA = eA kU + rA. The key fob of a has CertA | | | PKA | | | SKA | | PKTA stored.
In this embodiment, if the vehicle provided with the on-board unit needs to be registered in the internet of vehicles, when identity registration is implemented, the method specifically includes: after the third-party trust authority acquires the identity of the vehicle-mounted unit, selecting a first road side unit as a secret distribution unit, calculating the identity according to an identity secret sharing theory to generate a first key component and a second key component, storing the first key component, the identity of the vehicle-mounted unit and the identity of the first road side unit in a key fob as identity component information related to the vehicle-mounted unit, encrypting the second key component and sending the encrypted second key component to the first road side unit; the first road side unit acquires the encrypted second key component for corresponding decryption, acquires the second key component, stores the second key component in a key fob, makes a message confirmation code and sends the message confirmation code to the third party trust authority; and the third-party trust mechanism acquires the message confirmation code and completes identity registration of the vehicle-mounted unit and secret sharing of the identity identification after verification.
In this embodiment, during the process of identity registration and identity secret sharing of the on-board unit by the third-party trust authority, a key fob of the on-board unit is generated and issued by using a self-generated key management server and algorithm parameters. And the key management server of the third party trust authority generates an implicit certificate, a public key and a private key of the vehicle-mounted unit and sends the public key of the key fob of the third party trust authority, the implicit certificate of the vehicle-mounted unit, the public key and the private key to the vehicle-mounted unit.
In this embodiment, if the on-board unit needs to communicate in an area covered by the current roadside unit, anonymous authentication is performed, which specifically includes the following steps:
step 1, the vehicle-mounted unit sends a first message to a second roadside unit covering the current area, wherein the first message comprises a fictitious implicit certificate, and a fictitious identity is stored in the fictitious implicit certificate;
step 2, after receiving the first message, the second roadside unit calculates according to the first message and the identity of the own party to obtain a second message and sends the second message to a third party trust mechanism;
step 3, the third-party trust mechanism receives the second message, performs corresponding operation to generate a third message, and sends the third message to the first road edge unit;
step 4, the first road edge unit receives the third message, performs corresponding operation to generate a fourth message and sends the fourth message to a third-party trust mechanism;
step 5, the third-party trust mechanism receives the fourth information, performs corresponding operation to generate a fifth message and sends the fifth message to the second roadside unit;
step 6, the second roadside unit receives the fifth message, performs corresponding operation to generate sixth information and sends the sixth information to the vehicle-mounted unit;
step 7, the vehicle-mounted unit receives the sixth message, performs corresponding operation to generate a seventh message and sends the seventh message to the second roadside unit;
and 8, after receiving the seventh message, the second roadside unit verifies the seventh message to finish the anonymous authentication of the vehicle-mounted unit.
In this embodiment, the step 3 specifically includes: acquiring the virtual identity of the vehicle-mounted unit according to the second message; inquiring the identity component information related to the vehicle-mounted unit according to the imaginary identity, and knowing that the second key component of the vehicle-mounted unit is stored in the first roadside unit; and generating a third message according to the second message.
In this embodiment, the step 4 specifically includes: and calculating the identity of the vehicle-mounted unit according to the key component of the vehicle-mounted unit, and taking the identity as a fourth message.
In this embodiment, the step 5 specifically includes: generating a vehicle-mounted session key of the vehicle-mounted unit according to the identity of the vehicle-mounted unit; carrying out encryption calculation according to the virtual identity of the vehicle-mounted unit, the vehicle-mounted session key and the identity of the second roadside unit to obtain a first ciphertext and a second ciphertext; generating a new identity and a new implicit certificate, and carrying out encryption calculation according to the new identity and the new implicit certificate to obtain a third ciphertext; generating a pseudonym and pseudonym parameters, and carrying out encryption calculation according to the pseudonym and the pseudonym parameters to obtain a fourth ciphertext; and taking the first ciphertext, the second ciphertext, the third ciphertext and the fourth ciphertext as a fifth message.
In this embodiment, the step 6 specifically includes: correspondingly decrypting the second ciphertext to obtain a vehicle-mounted session key; decrypting the fourth ciphertext to obtain a pseudonym and pseudonym parameters; calculating according to the pseudonyms and the pseudonym parameters to obtain multiple groups of pseudonym certificate components and pseudonym certificate parameters; and taking the first ciphertext, the third ciphertext, the multiple groups of the certificate components and the certificate parameters as sixth information.
In this embodiment, the step 7 specifically includes: correspondingly decrypting the first ciphertext to obtain a vehicle-mounted session key; correspondingly decrypting the third ciphertext, and correspondingly calculating according to a decryption result, the multiple groups of the named certificate components and the named certificate parameters to obtain a named certificate, a named public key, a named private key, a group key, a new implicit certificate and a new public private key; updating according to the new implicit certificate and the new public and private keys; storing the group key, the public key of the second roadside unit, the multiple groups of the pseudonymous certificate components and the pseudonymous private key set locally; and carrying out encryption calculation according to the session key to obtain a seventh message.
The specific flow of the anti-quantum computing distributed car networking method based on identity secret sharing and implicit certificate is further described with respect to details of each step as follows:
stage 1: vehicle registration and ID secret sharing:
step 1: and (5) registering the vehicle.
The TA obtains the ID = IDV | | | IDR of the vehicle.
Step 2: RSUn is selected.
The TA selects RSUn as a key distribution object according to N = H (ID)% N. H (×) is a hash operation,% is modulo.
And step 3: secret sharing.
The TA performs secret sharing of the ID (2,2). And when secret sharing of (t, n) is carried out on s, n is the number of fragments for splitting the shared secret by s, and t is the minimum number of fragments for recovering s, wherein t is more than or equal to 2 and less than or equal to n.
The constructor frid (x) = IDV + IDR x.
The TA generates a random number xP from the matching key fob, taking the key x = x1| | | x2 of the RSUn symmetric key pool as a pointer. Wherein x1 and x2 are not equal, and if equal, xP is replaced.
Two secrets, i.e., key components, (x 1, ID1= fID (x 1)), (x 2, ID2= fID (x 2)) are calculated. The ID can be recovered by collecting 2 groups of secrets, and the specific steps are as follows:
2 sets of secret lagrangian parameters
Figure BDA0002242816580000131
Wherein λ 1= (-x 2)/(x 1-x 2), λ 2= (-x 1)/(x 2-x 1). Calculate IDV = λ 1 × id1+ λ 2 × id2= (x 1 × ID2-x2 × ID 1)/(x 1-x 2), IDR = (ID 2-ID 1)/(x 2-x 1).
And 4, step 4: a key fob is issued.
Let MxP = H (IDR) | ID2, mxP is encrypted with x to obtain { MxP } x. The message authentication code MAC (xP | | MxP, x) is calculated for xP and MxP using x. Where MAC (m, k) represents a message authentication code with m as a message and k as a key. MxP, MAC (xP | | MxP, x), and xP are sent to RSUn, which may be expressed as xP | { MxP } x | | | MAC (xP | | MxP, x).
Meanwhile, TA stores H (IDR) | ID1| | | IDRSUn as one list entry in the local ID list.
The TA issued a key fob for the vehicle. That is, according to the aforementioned key fob issuance process, cert | | | PK | | | SK | | PKTA is stored in the key fob of the vehicle.
And 5: the RSUn receives the notification.
After receiving xP | { MxP } x | | MAC (xP | | MxP, x), RSUn takes x out from the symmetric key pool according to xP, and decrypts with x to obtain MxP = H (IDR) | ID2. The message authentication code is computed for xP and MxP using x and compared to the received MAC (xP | | MxP, x). After the verification is passed, H (IDR) | | x1| | (x 2, ID 2) is stored in an ID list in the secure memory.
RSUn makes ACK, which is an acknowledgement success or failure message. ACK is encrypted using x to yield { ACK } x. The message authentication code MAC (xP | | | ACK, x) is calculated for xP and ACK using x. ACK, MAC (xP | { ACK } x | | | MAC (xP | | | ACK, x), and xP are sent to TA, which may be expressed as xP | | { ACK } x | | MAC (xP | | | ACK, x).
After receiving the message, TA decrypts the message by using x to obtain ACK, calculates the message authentication code by using x to xP and ACK and compares the message authentication code with the received MAC (xP | | ACK, x). After the verification is passed, if the ACK shows that the confirmation is successful, the vehicle registration and the ID secret sharing are completed.
2. Vehicle anonymous authentication:
for purposes of anonymous authentication: and obtaining TA authentication, and obtaining a new pseudonym, a private key corresponding to the pseudonym and a group key GK _ RSUB of the RSU coverage area where the vehicle is currently located. Each RSU has a respective group key; the group key may be updated, for example, once a day.
The coverage area of the RSU can exceed the coverage area of the wireless signal of the RSU and reach the outside of the coverage area of the wireless signal. For example, a union of a certain RSU radio signal coverage area and a certain cell in the vicinity of the RSU is defined as the RSU coverage area. Authentication between the vehicle and the TA and the RSU can be carried out in the wireless signal coverage area of the RSU; in the RSU coverage area outside the RSU wireless signal coverage area, the group communication between vehicles can be carried out, namely, the vehicles know the current RSU coverage area according to the positioning, and then the group communication is carried out according to the group key of the RSU coverage area obtained after the authentication.
Step 1: a → RSUB.
The user a generates a random number kA ' from the matching key fob and calculates RA ' = kA ' × G.
The user a calculates a hypothetical ID, i.e., PIDA = H (IDRA), from the IDRA.
H1 (IDA) is calculated, H1 being a HASH function that maps integers to elliptic curve points. Using H1 (IDA) as the offset of PA, a hypothetical certificate pcetta = Encode (PA-H1 (IDA), PIDA).
PCertA and a timestamp NA are combined into M1_0= PCertA | | NA.
A plurality of random numbers kAL are generated and combined as sigma kAL, RAL = kAL G is calculated and combined as sigma { RAL }. Together with RA ', M1_1= RA' | | Σ { RAL }.
Signing M1_0 and M1_1 with private key SKA results in SIGN (M1 _0| | M1_1, SKA). Here SIGN = ECDSA.
Generating a random number KA, carrying out ECIES encryption on the KA by using a public key PKTA to obtain (RA, cA, tA), calculating H1 (IDA | | | NA) and carrying out offset calculation on the RA to obtain (RA-H1 (IDA | | NA), cA, tA).
The signatures of M1_1 and M1_0 and M1_1 are encrypted using KA, sent as M1 to RSUB along with M1_0 and encrypted KA. The sent message may be represented as M1= M1_0| { M1_1| | | SIGN (M1 _0| | | M1_1, ska) } KA | | (RA-H1 (IDA | | | NA), cA, tA).
Step 2: RSUB → TA.
RSUB combines M1 with its ID and timestamp NB into M2_0, which can be expressed as M1| | | IDRSUB | | | NB.
RSUB calculates a message authentication code MAC for M2_0 using a session key K _ RSUB with TA (M2 _0, K _rsub), which is sent as M2 to TA along with M2_0. M2 may be represented as M2_0| | MAC (M2 _0, K _RSUB).
And step 3: TA → RSUA.
And after the TA receives the M2, checking the timeliness of the NA | NB.
After the verification is passed, let M3_0= M2_0.
The TA finds the list entry from the local ID list according to the PIDA, i.e., PIDA I IDA 1I IDRSUA.
According to idrua, TA knows that a's partial secret information is stored in RSUA. The TA calculates a message authentication code MAC (M3 _0, K _rsua) for M3_0 using the session key K _ RSUA with RSUA, and sends as M3 to RSUA together with M3_ 0. M3 may be represented as M3_0| | MAC (M3 _0, K _RSUA).
And 4, step 4: RSUA → TA.
And after receiving the M3, the RSUA verifies the message authentication code of the M3_0 by using the K _ RSUA. Resolving according to M3_0 to obtain M1| | | IDRSUB | | | NB, resolving according to M1 to obtain M1_0| { M1_1| | SIGN (M1 _0| | | M1_1, SKA) } KA | | (RA-H1 (IDA | | | NA), cA, tA), resolving according to M1_0 to obtain PCertA | | NA, and resolving according to PCertA to obtain PIDA.
And (5) checking the timeliness of the NA | NB.
RSUA finds list entries from the local ID list according to PIDA, i.e., PIDA | | x1| | (x 2, IDA 2).
RSUA obtains IDA according to (x 1, IDA 1) | | (x 2, IDA 2), namely 2 groups of secret components, and according to the secret sharing theory, and then obtains Certa according to PCertA and IDA: adding H1 (IDA) to PA-H1 (IDA) in PCertA to obtain PA; the PIDA in PCertA is replaced by IDA. And performing hash calculation on CertA to obtain eA = H (CertA). The actual public key PKA = eA × PA + PKTA is calculated.
H1 (IDA | | NA) is calculated, and (RA, cA, tA) is obtained by adding H1 (IDA | | | NA) to RA-H1 (IDA | | NA) according to (RA-H1 (IDA | | NA), cA, tA). ECIES decryption is carried out on the key by using a private key SKTA to obtain KA.
M1_1| | SIGN (M1 _0| | M1_1, SKA) is obtained by using KA decryption, and M1_1= RA' | | Σ { RAL } is obtained by analyzing according to M1_ 1.
RSUA combined M1_0| | M1_1, use PKA to verify SIGN (M1 _0| | M1_1, SKA). Since the secret of each vehicle is shared by different RSUs, the signature of the vehicle is verified separately by the RSUs, without the TA having to undertake the task of signature verification separately, thereby sharing the computational burden with the TA.
Let M4_0= ida. If the digital signature fails to verify, M4_0= fail message.
Using K _ RSUA to encrypt M4_0 and calculate the message authentication code, M4 sent to TA may be denoted as { M4_0} K _rsua | | MAC (M4 _0, K _rsua).
And 5: TA → RSUB.
After receiving M4, TA decrypts IDA by using K _ RSUA. If the decryption results in a failure message, the process is terminated.
The TA generates a session key KAB and a random number KTA, encrypts PIDA, NA, IDRSUB, and KAB using KTA, and performs ECIES encryption on KTA to obtain CTA = (RTA, CTA, tTA). The offset of RTA was calculated using PKA (RTA-PKA, cTA, tTA). To make TICKETA = { PIDA | | NA | | IDRSUB | | KAB } KTA | (RTA-PKA, cTA, tTA), TICKETB = { IDRSUB | | NB | | PIDA | | KAB } K _ RSUB.
TA generates random kTA ', calculates PA' = RA '+ kTA' × G. The IDA = IDVA | | | IDRA is replaced with IDA '= IDVA | | | IDRA'. The IDA' is distributed locally to a certain RSU, here named RSUC, according to the ID secret sharing procedure described above.
Calculation CertA ' = Encode (PA ', IDA '), eA ' = H (CertA '), rA ' = eA ' = kTA ' + SKTA, actual public key PKA ' = eA ' = PA ' + PKTA.
CertA ', rA', and the group key GK _ RSUB are grouped together into M5_0, M5_0 is encrypted and the message authentication code MAC (M5 _0, KTA) is computed using KTA, and together, updatae = { M5_0} KTA | | MAC (M5 _0, KTA).
Let M5_1= Σ { ALIAS | | RAL }, where ALIAS is a pseudonym. M5_1 is encrypted using K _ RSUB and a message authentication code MAC (M5 _1, K _rsub) is calculated, together constituting the UPDATEB = { M5_1} K _rsub | | MAC (M5 _1, K _rsub).
M5= TICKETA | | updatae | | | TICKETB | | updatateb is sent to RSUB.
And 6: RSUB → A.
RSUB decrypts TICKETB using K _ RSUB and verifies NB to determine if it is equal to NB that was sent locally. After the verification passes, KAB is trusted as a session key for communication with A.
RSUB decrypts the UPDATEB using K RSUB and verifies the MAC (M5 _1, K _rsub). After the verification is passed, M5_1= Σ { ALIAS | | RAL }.
RSUB generates random number krub and calculates PAL = RAL + krub × G, resulting in CertAL = Encode (PAL, ALIAS | | GK _ RSUB), eAL = H (CertAL). Issuing private key SKRSUB from RSUB results in rAL = eAL x krsbu + SKRSUB. Since the key issuance public key PKRSUB = SKRSUB G of RSUB, the public key APK = eAL PAL + PKRSUB corresponding to the pseudonym is further calculated.
PCertAL = Encode (PAL-H1 (ALIAS | | GK _ RSUB), ALIAS) is calculated. The foregoing method yields a plurality of sets { PCertAL | | rAL }, such that M6_0= Σ { PCertAL | rAL }.
RSUB generates a random number NC, encrypts NC and PKRSUB using KAB, and calculates a message authentication code for NA, PKRSUB and M6_0 using KAB. M6 can be expressed as TICKETA | | UPDATEA | | | M6_0| { NC | | | PKRSUB } KAB | | MAC (NA | | PKRSUB | | | M6_0, KAB).
And 7: a → RSUB.
After receiving M6, A analyzes TICKETA to obtain { PIDA | | | NA | | IDRSUB | | KAB } KTA | | (RTA-PKA, cTA, tTA). And adding PKA to (RTA-PKA) to obtain CTA = (RTA, cTA, tTA), and performing ECIES decryption on CTA by using SKA to obtain KTA. And decrypting { PIDA (NA (absolute) IDRSUB (absolute) KAB } KTA to obtain { PIDA (absolute) NA (absolute) IDRSUB (absolute) KAB }, verifying NA to determine whether the NA is equal to the NA sent by the local, and trusting KAB as a session key for communicating with RSUB after verification is passed.
A decrypts { NC | | PKRSUB } KAB with KAB to obtain NC and PKRSUB. The combined message NA | | PKRSUB | | | M6_0 confirms the consistency of the PKRSUB | | M6_0 after performing message authentication on the combined message NA | | PKRSUB | | M6_ 0. So far, a authenticates RSUB and confirms that the negotiated key is KAB. Resolving M6_0 yields Σ { PCertAL | | rAL }.
A obtains PKRSUB | | | Σ { PCertAL | | rAL }, and recovers CertAL according to PCertAL, wherein the recovery process is as follows:
after the A decrypts UPDATEA by using KTA and verifies the message authentication code, M5_0 is obtained and analyzed to obtain Certa '| rA' | GK _ RSUB, H1 (ALIAS | | GK _ RSUB) is calculated, PAL is obtained by adding H1 (ALIAS | | GK _ RSUB) to PAL-H1 (ALIAS | | GK _ RSUB), and Certal = Encode (PAL, ALIAS | | GK _ RSUB) is recovered.
Calculation eAL = H (CertAL), calculation private key ASK = eAL kAL + rAL for the pseudonym, and public key APK = eAL PAL + PKRSUB for the pseudonym.
A is calculated by CertA '| rA', where CertA '= Encode (PA', IDA '), eA' = H (CertA '), SKA' = eA '× kA' + rA ', PKA' = eA '× PA' + PKTA.
And updating local corresponding data, namely replacing Certa with Certa ', replacing PKA with PKA ', and replacing SKA with SKA '.
A stores keys GK _ RSUB, PKRSUB, and Σ { PCertAL | | | ASK }, which are local areas, i.e., RSUB coverage areas, and then sends M7= MAC (NC, KAB) to RSUB.
And 8: RSUB → A.
Upon receipt of M7, RSUB verifies the MAC (NC, KAB) using KAB, which verifies the NC to determine if it is equal to the NC that was sent locally. So far RSUB authenticates a and confirms that the negotiated key is KAB.
And the subsequent A and the RSUB carry out secure communication, and information encryption and decryption and information authentication are carried out by utilizing the KAB. Preferably, the KAB is split into KABE and KABA as the message encryption and decryption key and the message authentication key, respectively.
3. Vehicle anonymous broadcast message:
after a certain vehicle obtains identity authentication in an RSUB coverage area and obtains information such as a group key, a pseudonym and the like, a broadcast message can be sent by using the pseudonym and the pseudonym is approved.
The BMSG represents a broadcast message, and together with a hypothetical implicit certificate pcetland a timestamp, constitutes MB _0, which may be expressed as pcetll BMSG. ECDSA signatures are performed on MB _0 and GK _ RSUB using a private key ASK corresponding to the name of the chemical, i.e., SIGN (MB _0| | GK _ RSUB, ASK) = (BR, BS). H1 (GK _ RSUB | | | timestamp) is calculated, and the BR is subjected to offset calculation to obtain (BR-H1 (GK _ RSUB | | | timestamp, BS)). The anonymous broadcast message may be represented as MB = MB _0| (BR-H1 (GK _ RSUB | | timestamp), BS).
4. Verifying the anonymous broadcast message:
a certain vehicle receives a broadcast message MB sent by another vehicle in an RSUB coverage area, the vehicle firstly knows the current RSU coverage area according to positioning, and then takes out a group key GK _ RSUB and a public key PKRSUB of the RSU coverage area. PCertAL BMSG timestamp is obtained according to MB _0 in MB, H1 (GK _ RSUB timestamp) is calculated, and (BR, BS) namely SIGN (MB _0 GK _ RSUB, ASK) is obtained by adding H1 (GK _ RSUB timestamp) to BR-H1 (GK _ RSUB timestamp).
Recovery of CertAL from PCertAL in MB, same procedure as above, calculation eAL = H (CertAL), and calculation of public key APK = eAL PAL + PKRSUB for the name. And (3) performing ECDSA verification on SIGN (MB _0| | GK _ RSUB, ASK) by using APK, wherein the successful verification indicates that the ALIAS ALIAS and the broadcast message BMSG are valid.
The above method uses a key fob to store a public key and a private key. The key fob is a separate hardware-isolated device and the likelihood of key theft by malware or malicious operations is greatly reduced. Since the quantum computer cannot obtain the user public key, the corresponding private key cannot be obtained. In addition, the invention also ensures the security of the transmitted message by anti-quantum computation signature and encryption based on the public and private keys, and the private key is difficult to be deduced even in the presence of a quantum computer. Therefore, the scheme is not easy to crack by a quantum computer.
In the method, the ID is hidden, and the purpose that the vehicle network system can identify own users without disclosing the ID is achieved by adopting a mode of false ID and false implicit certificate. In a word, the enemy cannot obtain the real ID of the user through communication and data storage, the enemy cannot realize ID tracking, and the safety is greatly improved by the method for hiding the ID.
Meanwhile, the method uses the offsets on different occasions in the process, the offsets can be calculated only by the participation of the public key in the key fob, and other parties without the key fob cannot crack the data protected by the offsets. The data is encrypted by using the offset, so that the transmission process is safer, and the characteristic of quantum computation resistance is realized; and the calculation amount of the encryption mode is smaller than that of the common encryption mode, so that the common encryption mode is prevented from resisting the attack of a quantum computer, and the equipment burden of each party is reduced.
Finally, the method improves the key management mechanism and the load balance of the Internet of vehicles. In the aspect of a key management mechanism, each ID is shared in a secret way through each RSU and TA, so that an adversary can steal ID information more difficultly. In the aspect of load balancing, the calculated amount of digital signature verification and the calculated amount of pseudonym and pseudonym certificate issuance are shared by each RSU for the TA, so that the work load of the TA is greatly reduced.
In one embodiment, a computer device, namely a quantum computation resistant distributed car networking system based on identity secret sharing and implicit certificates is provided, the computer device can be a terminal, and the internal structure of the computer device can comprise a processor, a memory, a network interface, a display screen and an input device which are connected through a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement the above described quantum computation resistant distributed car networking method based on identity secret sharing and implicit certificates. The display screen of the computer equipment can be a liquid crystal display screen or an electronic ink display screen, and the input device of the computer equipment can be a touch layer covered on the display screen, a key, a track ball or a touch pad arranged on the shell of the computer equipment, an external keyboard, a touch pad or a mouse and the like.
In one embodiment, the system comprises client members and server members which are communicated with each other, wherein the server members comprise a third-party trust mechanism for providing corresponding services and roadside units, the client members comprise vehicle-mounted units, each party is provided with a key fob, all the key fobs store own public keys, private keys and algorithm parameters, and the server members are also provided with a key management server; the quantum computation resistant distributed Internet of vehicles method comprises identity registration or/and anonymous authentication based on identity secret sharing and implicit certificates.
The alliance chain and the users comprise memories and processors, computer programs are stored in the memories, and the processors can realize the anti-quantum computing distributed car networking method based on identity secret sharing and implicit certificates when executing the computer programs.
The technical features of the embodiments described above may be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the embodiments described above are not described, but should be considered as being within the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present invention, and the description thereof is specific and detailed, but not to be construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the inventive concept, which falls within the scope of the present invention. Therefore, the protection scope of the present invention should be subject to the appended claims.

Claims (9)

1. The quantum computation resistant distributed Internet of vehicles method based on identity secret sharing and implicit certificates is implemented between client members and server members which are communicated with each other, the server members comprise third-party trust mechanisms providing corresponding services and roadside units, and the client members comprise vehicle-mounted units;
the quantum computation resistant distributed car networking method comprises the steps of implementing identity registration or/and anonymous authentication based on identity secret sharing and implicit certificates;
if a vehicle provided with a vehicle-mounted unit needs to be registered in the Internet of vehicles, identity registration is implemented, and the third-party trust authority registers the identity of the vehicle-mounted unit and secretly shares the identity with any roadside unit;
if the vehicle-mounted unit needs to communicate in an area covered by the current roadside unit, anonymous authentication is implemented, the vehicle-mounted unit sends an authentication message to the current roadside unit in an anonymous mode, and after the authentication of the current roadside unit and a third-party trust authority, a group key of the current roadside unit is obtained to communicate in the area;
if the vehicle-mounted unit needs to communicate in the area covered by the current roadside unit, anonymous authentication is implemented, and the method specifically comprises the following steps:
step 1, the vehicle-mounted unit sends a first message to a second roadside unit covering the current area, wherein the first message comprises a virtual implicit certificate, and a virtual identity is stored in the virtual implicit certificate;
step 2, after receiving the first message, the second roadside unit calculates according to the first message and the identity of the own party to obtain a second message and sends the second message to a third party trust mechanism;
step 3, the third-party trust mechanism receives the second message, performs corresponding operation to generate a third message, and sends the third message to the first road edge unit;
step 4, the first road edge unit receives the third message, performs corresponding operation to generate a fourth message and sends the fourth message to a third-party trust mechanism;
step 5, the third-party trust mechanism receives the fourth information, performs corresponding operation to generate a fifth message and sends the fifth message to the second roadside unit;
step 6, the second roadside unit receives the fifth message, performs corresponding operation to generate sixth information and sends the sixth information to the vehicle-mounted unit;
step 7, the vehicle-mounted unit receives the sixth message, performs corresponding operation to generate a seventh message and sends the seventh message to the second road side unit;
and 8, after receiving the seventh message, the second roadside unit verifies the seventh message to finish the anonymous authentication of the vehicle-mounted unit.
2. The quantum computation resistant distributed internet of vehicles method of claim 1, wherein if the vehicle with the vehicle-mounted unit needs to register in the internet of vehicles, when identity registration is implemented, the method specifically comprises:
after the third-party trust authority acquires the identity of the vehicle-mounted unit, selecting a first road side unit as a secret distribution unit, calculating the identity according to an identity secret sharing theory to generate a first key component and a second key component, storing the first key component, the identity of the vehicle-mounted unit and the identity of the first road side unit in a key fob as identity component information related to the vehicle-mounted unit, encrypting the second key component and sending the encrypted second key component to the first road side unit;
the first road side unit acquires the encrypted second key component for corresponding decryption, acquires the second key component, stores the second key component in a key fob, makes a message confirmation code and sends the message confirmation code to the third party trust authority;
and the third-party trust mechanism acquires the message confirmation code and completes identity registration of the vehicle-mounted unit and secret sharing of the identity identification after verification.
3. The distributed car networking method for resisting quantum computation of claim 2, wherein in the process of identity registration and identity secret sharing of the on-board unit by the third-party trust authority, a key fob of the on-board unit is generated and issued by using a self-generated key management server and algorithm parameters;
and the key management server of the third party trust authority generates an implicit certificate, a public key and a private key of the vehicle-mounted unit and sends the public key of the key fob of the third party trust authority, the implicit certificate of the vehicle-mounted unit, the public key and the private key to the vehicle-mounted unit.
4. The anti-quantum-computation-distributed internet-of-vehicles method according to claim 3, wherein the step 3 specifically comprises:
acquiring the virtual identity of the vehicle-mounted unit according to the second message;
inquiring the identity component information related to the vehicle-mounted unit according to the imaginary identity, and knowing that the second key component of the vehicle-mounted unit is stored in the first roadside unit;
and generating a third message according to the second message.
5. The quantum computation resistant distributed car networking method according to claim 4, wherein the step 4 specifically comprises:
and calculating the identity of the vehicle-mounted unit according to the secret key component of the vehicle-mounted unit, and taking the identity as a fourth message.
6. The quantum computation resistant distributed car networking method according to claim 5, wherein the step 5 specifically comprises:
generating a vehicle-mounted session key of the vehicle-mounted unit according to the identity of the vehicle-mounted unit;
carrying out encryption calculation according to the virtual identity of the vehicle-mounted unit, the vehicle-mounted session key and the identity of the second roadside unit to obtain a first ciphertext and a second ciphertext;
generating a new identity and a new implicit certificate, and carrying out encryption calculation according to the new identity and the new implicit certificate to obtain a third ciphertext;
generating a pseudonym and pseudonym parameters, and carrying out encryption calculation according to the pseudonym and the pseudonym parameters to obtain a fourth ciphertext;
and taking the first ciphertext, the second ciphertext, the third ciphertext and the fourth ciphertext as a fifth message.
7. The anti-quantum-computation-distributed internet-of-vehicles method according to claim 6, wherein the step 6 specifically comprises:
correspondingly decrypting the second ciphertext to obtain a vehicle-mounted session key;
decrypting the fourth ciphertext to obtain a pseudonym and pseudonym parameters;
calculating according to the pseudonyms and the pseudonym parameters to obtain multiple groups of pseudonym certificate components and pseudonym certificate parameters;
and taking the first ciphertext, the third ciphertext, the multiple groups of the certificate components and the certificate parameters as sixth information.
8. The quantum computation resistant distributed car networking method according to claim 7, wherein the step 7 specifically comprises:
correspondingly decrypting the first ciphertext to obtain a vehicle-mounted session key;
correspondingly decrypting the third ciphertext, and correspondingly calculating according to a decryption result, the multiple groups of the named certificate components and the named certificate parameters to obtain a named certificate, a named public key, a named private key, a group key, a new implicit certificate and a new public private key;
updating according to the new implicit certificate and the new public and private keys;
storing the group key, the public key of the second roadside unit, and a plurality of groups of certificate components and private key sets of the certificate of the pseudonymization locally;
and carrying out encryption calculation according to the session key to obtain a seventh message.
9. The quantum computation resistant distributed Internet of vehicles system based on identity secret sharing and implicit certificates comprises client members and server members which are communicated with each other, wherein the server members comprise third-party trust mechanisms providing corresponding services and roadside units, and the client members comprise vehicle-mounted units; the quantum computation resistant distributed car networking method comprises the steps of implementing identity registration or/and anonymous authentication based on identity secret sharing and implicit certificates;
the federation chain and users include a memory having stored therein a computer program and a processor that when executed implements the quantum computing resistant distributed vehicle networking method based on identity secret sharing and implicit certificates of any of claims 1 to 8.
CN201911006086.8A 2019-10-22 2019-10-22 Anti-quantum-computation distributed Internet of vehicles method and system based on identity secret sharing and implicit certificate Active CN110830245B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911006086.8A CN110830245B (en) 2019-10-22 2019-10-22 Anti-quantum-computation distributed Internet of vehicles method and system based on identity secret sharing and implicit certificate

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911006086.8A CN110830245B (en) 2019-10-22 2019-10-22 Anti-quantum-computation distributed Internet of vehicles method and system based on identity secret sharing and implicit certificate

Publications (2)

Publication Number Publication Date
CN110830245A CN110830245A (en) 2020-02-21
CN110830245B true CN110830245B (en) 2023-04-07

Family

ID=69550233

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911006086.8A Active CN110830245B (en) 2019-10-22 2019-10-22 Anti-quantum-computation distributed Internet of vehicles method and system based on identity secret sharing and implicit certificate

Country Status (1)

Country Link
CN (1) CN110830245B (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111416715B (en) * 2020-04-09 2022-11-01 南京如般量子科技有限公司 Quantum secret communication identity authentication system and method based on secret sharing
CN114696998A (en) * 2020-12-25 2022-07-01 科大国盾量子技术股份有限公司 Identity authentication method, device and system
CN115088274B (en) * 2021-01-19 2023-04-18 华为技术有限公司 Message sending method, receiving method and device
CN115001722A (en) * 2021-02-20 2022-09-02 南京如般量子科技有限公司 Anti-quantum computing internet-of-vehicle communication method and system based on CA and Guomu algorithm
CN114071418B (en) * 2021-08-30 2022-07-12 兰州大学 Internet of vehicles authentication protocol method based on confidential calculation
CN115801461B (en) * 2023-01-16 2023-04-18 合肥工业大学 Vehicle encryption communication system and method for vehicle-road cloud cooperation

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105763558B (en) * 2016-01-20 2018-08-24 华东师范大学 Distributed polymerization authentication method with secret protection in vehicular ad hoc net
CN106713326A (en) * 2016-12-28 2017-05-24 上海电机学院 Vehicle-mounted network message authentication protocol

Also Published As

Publication number Publication date
CN110830245A (en) 2020-02-21

Similar Documents

Publication Publication Date Title
CN110830245B (en) Anti-quantum-computation distributed Internet of vehicles method and system based on identity secret sharing and implicit certificate
CN111639361B (en) Block chain key management method, multi-person common signature method and electronic device
Zhang et al. Privacy-preserving cloud establishment and data dissemination scheme for vehicular cloud
CN108964919B (en) Lightweight anonymous authentication method with privacy protection based on Internet of vehicles
CN110881177B (en) Anti-quantum computing distributed Internet of vehicles method and system based on identity secret sharing
CN109194523B (en) Privacy protection multi-party diagnosis model fusion method and system and cloud server
Pu et al. A lightweight and privacy-preserving mutual authentication and key agreement protocol for Internet of Drones environment
CN110913390B (en) Anti-quantum computing Internet of vehicles method and system based on identity secret sharing
CN110971415A (en) Space-ground integrated space information network anonymous access authentication method and system
CN113691502B (en) Communication method, device, gateway server, client and storage medium
CN111211892B (en) Anti-quantum computing internet-of-vehicle system based on secret sharing and identity cryptography and authentication method thereof
CN110830244B (en) Anti-quantum computing Internet of vehicles method and system based on identity secret sharing and alliance chain
CN110737915B (en) Anti-quantum-computation anonymous identity recognition method and system based on implicit certificate
CN111212400B (en) Anti-quantum computing internet-of-vehicle system based on secret sharing and mobile terminal and authentication method thereof
US20210167963A1 (en) Decentralised Authentication
CN111614621A (en) Internet of things communication method and system
US20120124378A1 (en) Method for personal identity authentication utilizing a personal cryptographic device
CN108377184B (en) Distributed authentication encryption method for internal network of intelligent automobile
CN110176989B (en) Quantum communication service station identity authentication method and system based on asymmetric key pool
Zhang et al. Authentication methods for internet of vehicles based on trusted connection architecture
CN114826702A (en) Database access password encryption method and device and computer equipment
Sun et al. Anonymous authentication and key agreement scheme combining the group key for vehicular ad hoc networks
CN111245611B (en) Anti-quantum computation identity authentication method and system based on secret sharing and wearable equipment
EP2985749A2 (en) Symmetric encryption device, and method used
Lee et al. TEE based session key establishment protocol for secure infotainment systems

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant