CN115860750B - Electric automobile electric power transaction identity authentication privacy protection method - Google Patents
Electric automobile electric power transaction identity authentication privacy protection method Download PDFInfo
- Publication number
- CN115860750B CN115860750B CN202310165002.5A CN202310165002A CN115860750B CN 115860750 B CN115860750 B CN 115860750B CN 202310165002 A CN202310165002 A CN 202310165002A CN 115860750 B CN115860750 B CN 115860750B
- Authority
- CN
- China
- Prior art keywords
- electric automobile
- identity authentication
- signature
- proof
- electric
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 70
- 230000008569 process Effects 0.000 claims abstract description 34
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 14
- 238000009827 uniform distribution Methods 0.000 claims abstract description 7
- 238000004364 calculation method Methods 0.000 claims description 26
- 238000012795 verification Methods 0.000 claims description 20
- 230000004044 response Effects 0.000 claims description 6
- 238000013507 mapping Methods 0.000 claims description 3
- 238000004806 packaging method and process Methods 0.000 claims description 3
- 235000016496 Panda oleosa Nutrition 0.000 claims description 2
- 240000000220 Panda oleosa Species 0.000 claims description 2
- 238000005457 optimization Methods 0.000 abstract description 7
- 238000004458 analytical method Methods 0.000 abstract description 6
- 238000004891 communication Methods 0.000 description 16
- 230000006870 function Effects 0.000 description 9
- 238000007599 discharging Methods 0.000 description 7
- 238000010586 diagram Methods 0.000 description 6
- 238000004590 computer program Methods 0.000 description 4
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000013475 authorization Methods 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 239000004065 semiconductor Substances 0.000 description 2
- 238000004088 simulation Methods 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- 208000024780 Urticaria Diseases 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 125000004122 cyclic group Chemical group 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 238000005259 measurement Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 238000012856 packing Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
Images
Landscapes
- Electric Propulsion And Braking For Vehicles (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses an electric power transaction identity authentication privacy protection method for an electric vehicle, which comprises the following steps: leader node selection of security parameters
Running a group generation algorithm of a symmetric prime order bilinear pair and generating public parameters, and selecting a collision-resistant hash function by a leader node to release the public parameters; the electric automobile randomly selects a master key and a public key which meet uniform distribution from the anti-collision hash function; according to the invention, through the identity authentication privacy protection scheme of the electric vehicle optimization charge-discharge transaction process combining the anonymous certificate and the blockchain, a trusted third party is not relied on, a pseudonym is used for representing the identity in the charge/discharge optimization scheduling and identity authentication process, the legality is signed by a CL (code-based) and endorsed by zero knowledge, and the security analysis shows that the proposed model cannot reveal any privacy information to potential internal attackers such as blockchain nodes, charging piles and the like and any other external attackers and can resist some common attacks.
Description
Technical Field
The invention relates to the technical field of identity privacy protection, in particular to an electric vehicle electric power transaction identity authentication privacy protection method.
Background
With the large-scale popularization of electric vehicles, the online electric power transaction between the electric vehicles and the charging piles is more frequent, and the traditional online transaction mode only allows the electric vehicles to access the system and participate in the transaction after authentication and authorization, otherwise, the safety risks such as identity theft, data tampering and information theft are easy to occur;
in addition, the transaction information is collected and stored in the database for transaction information inquiry, arbitration and the like, and in the process, some private information of the electric automobile user, such as the position, the available charging period, the license plate number, the driving license and the like, is inevitably revealed, and an attacker can further disclose the track, the living habit and the like of the electric automobile user and share the track, the living habit, the insurance company and the like by analyzing the information.
Disclosure of Invention
The invention aims to provide an electric power transaction identity authentication privacy protection method for an electric vehicle, which aims to solve the defects in the background technology.
In order to achieve the above object, the present invention provides the following technical solutions: an electric automobile electric power transaction identity authentication privacy protection method comprises the following steps:
s1: leader node selection of security parameters
Group generation algorithm running symmetric prime order bilinear pairs +.>
Generating common parameters, the leader node selecting the anti-collision hash function +.>
Publishing common parameters
, wherein />
Is a random prime number->
Is prime order->
G is belonging to the two multiplication cycle groups of
Is a generator of->
For a bilinear mapping,/a>
For the number->
Is a finite field of (2);
s2: electric automobile
,/>
From->
Randomly selecting private keys satisfying a uniform distribution +.>
Public key
Omega represents the number of electric cars served by each blockchain node, blockchain node +.>
,
Is used to issue a certificate, a list of attributes is signed, wherein +.>
Is a random integer;
S3:
proof keys for a given proof paradigm, the zero knowledge proof expression is:
in the formula ,
for security parameters, P is credential, +.>
Are random numbers in the finite field of number q,
,/>
select own private key->
And corresponding public key
。
Preferably, the electric automobile
In (a): let per blockchain node service->
Electric automobile +.>
Electric automobile obtains voucher from block chain link point through zero knowledge proof modeAnd proving to the charging pile that the secret attribute corresponding to the certificate is known.
Preferably, in step S2, the blockchain node
The detailed process of generating the proof is as follows:
s2.1: selecting random numbers
,/>
And generates a random value +.>
;
S2.2: generating challenges
, wherein />
Expiration date for marking proof, +.>
For blockchain node->
Identity information of (a);
s2.3: calculating a response
, wherein />
,
Mod is a remainder operation;
s2.4: reservation of
As its public key->
Is a proof of (3).
Preferably, the electric automobile
In (a): is provided with->
Attribute confidentiality in the certificate of (1) to form a secret attribute set
,m ji For each attribute information, the same master secret is included as a special attribute in +.>
In the certificate of (2) private key->
Is->
Helping to bind different credentials to the same identity.
Preferably, the secret attribute verification process is:
using public keys
Before generating promise->
Will request->
Send->
Is to verify and authenticate the public key->
;
calculation of
;
Calculation of
;
Satisfy the following requirements
Then accept public key +.>
Otherwise, refusing.
Preferably, the electric automobile
Use of +.according to the Pedersen commitment scheme>
Public key of->
For secret attribute->
Generating a promise->
,/>
The proof commitment is to correctly generate the corresponding zero knowledge proof expression as follows:
selecting random numbers
,/>
And generate->
;
Generating challenges
wherein />
Is the current timestamp;
calculating a response
, wherein />
;
Transmitting
To->
。
Preferably, the blockchain node
Pair ∈10 using CL signature algorithm>
Commitment of submission->
Signing to issue a voucher +.>
。
Preferably, the blockchain node
Random generator->
And calculate->
,/>
Calculate->
And calculate->
,
Finally->
Calculating to obtain signature->
And send to->
Direct pair promise using CL signature algorithm>
Signature generated->
Direct price pair->
Is a result of the signature of (a).
Preferably, the blockchain node
Verifying the credential signature includes:
Preferably, the method comprises the steps of,
presenting a blinded version of the voucher to participate in the optimized charge-discharge transaction,>
selecting random numbers
And computes a blinded version of the credential as:
wherein ,
is further blinded to->
The uniform distribution is independent of all parameters, will +.>
As->
The kana used in each transaction +.>
Along with transaction information is recorded in the blockchain for transaction inquiry and transaction arbitration.
In the technical scheme, the invention has the technical effects and advantages that:
according to the invention, an identity authentication privacy protection scheme of an electric vehicle optimization charge-discharge transaction process combining an anonymous certificate and a blockchain is independent of a trusted third party, a pseudonym is used for representing identity in the charge/discharge optimization scheduling and identity authentication process, the pseudonym has anonymity and unlinkability, a CL signature and zero knowledge proof endorsement are used for legality, and security analysis shows that the proposed model cannot reveal any privacy information to potential internal attackers such as blockchain nodes and charging piles and any other external attackers and can resist some common attacks.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings that are needed in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments described in the present invention, and other drawings may be obtained according to these drawings for a person having ordinary skill in the art.
FIG. 1 is a system architecture diagram of the present invention.
FIG. 2 is a flow chart of the system configuration of the present invention.
FIG. 3 is a flow chart of anonymous attribute verification according to the present invention.
FIG. 4 is a flow chart of the credential issuance process of the present invention.
Fig. 5 is a flowchart of the charging authentication of the electric vehicle according to the present invention.
FIG. 6 is a block chain node of the present invention with the number of secret attributes and the computational overhead
And the number of electric vehicles served by the same
Is a variation of the schematic diagram.
FIG. 7 shows the calculation costs of the electric vehicle and the charging pile according to the present invention
Is a variation of the schematic diagram.
FIG. 8 is a diagram showing the number of secret attributes of an electric vehicle according to the present invention
And the total number of electric vehicles served by each block chain link point +.>
Schematic change.
FIG. 9 is a diagram showing the communication overhead between the charging pile and the electric vehicle according to the present invention
Is a variation of the schematic diagram.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments of the present invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Example 1
Referring to fig. 1 and 2, the method for protecting the identity authentication privacy of the electric power transaction of the electric vehicle according to the embodiment includes the following steps:
(1) Blockchain nodes:
is a set of nodes that make up a distributed blockchain network, where τ is a random integer. In one aspect, all block link points together maintain normal operation of the block chain network, including transaction generation, consensus, block packing and chaining, and the like. The blockchain node on the other hand also acts as a certificate authority to issue digital certificates, hereinafter referred to as vouchers, in a distributed manner to a set of attributes of the electric vehicle.
In addition, the present application employs a HyperledgerFabric build blockchain system that uses a Raft consensus algorithm with a mature, efficient and highly reliable leader node (leader) selection mechanism. Considering that a single node may be invaded by an attacker, resulting in a single point of failure, the present application is responsible for initializing system settings, publishing system common parameters, and providing registration services for the node by this dynamically selected reliable node, the leader node.
(2) Charging pile: the charging pile firstly verifies whether the electric automobile acquires the charging permission, and then provides charging/discharging service for the electric automobile in a distributed mode. The intelligent ammeter built in the charging pile can record charging and discharging data of the electric automobile in real time.
(3) Electric automobile: assume that each block link point is at most serviceable
Electric automobile
. The electric automobile obtains the certificate from the block chain link point in a zero knowledge proving mode and proving to the charging pile that the secret attribute corresponding to the certificate is known. Therefore, the electric automobile obtains the charge and discharge permission and completes the charge and discharge transaction under the condition that any additional information is not disclosed to the blockchain node and the charge pile, and the electric automobile and the blockchain node are mutually communicated through the Internet.
1. Initialization of
The leader node selects the appropriate security parameters
And running a group generation algorithm Setup (++f) for symmetric prime order bilinear pairs>
) Generating the public parameter, the leader node furthermore has to select a collision-resistant hash function +.>
Finally the leader node issues the common parameter +.>
, wherein />
Is a random prime number->
Is prime order->
G is belonging to +.>
Is a generator of->
For a bilinear mapping,/a>
For the number->
Is a finite field of the system. />
2. Key generation
Electric automobile
,/>
From->
Randomly selecting private keys satisfying a uniform distribution +.>
Public key
. Block chain node->
,/>
For issuing a credential, i.e. for signing a list of attributes. />
Select own private key->
And corresponding public key
,/>
,
。
3. Generating zero knowledge proof
In addition, in the case of the optical fiber,
it is necessary to prove that the key pair is correct for a given credential paradigm (defining the size of the message block—equivalent to the number of attributes of the credential). This zero knowledge is demonstrated as follows:
in the formula ,
for safety parameters->
The method designs an identity authentication privacy protection scheme for an electric vehicle optimization charge-discharge transaction process combining an anonymous certificate and a blockchain, and does not depend on a trusted third party, a pseudonym is used for representing the identity in the charge/discharge optimization scheduling and identity authentication process, the pseudonym has anonymity and unlinkability, the legality of the pseudonym is endorsed by a CL signature and zero knowledge proof, and security analysis shows that the proposed model cannot reveal any privacy information to potential internal attackers such as blockchain nodes, charging piles and the like and any other external attackers and can resist some common attacks.
(1) Selecting random numbers
,/>
And generates a random value +.>
。
(2) Generating challenges
, wherein />
Expiration date for marking proof, +.>
For blockchain node->
Identity information of (a) is provided.
(3) Calculating a response
, wherein />
,/>
,/>
,
Is a remainder taking operation.
(4) Finally reserve
As its public key->
Is a proof of (3).
Anonymous attribute verification:
it is desirable to register a credential for a set of attributes that it possesses (such as master key, driver license expiration date, owner name, owner nationality, owner identity ID, car model number, account balance, charging stake address, and charging stake number);
to hide the secret attribute such as master key, charging pile number, etc., the block link can be dotted
Signing the commitments of the secret property set instead of the original property without loss of generality;
assume that
All attributes in the credentials of (1) need to be kept secret, constituting a secret attribute set +.>
,m ji For each attribute information, in particular, +.>
I.e. the same master secret is included as a special attribute in all +.>
Is a credential of (1);
can be considered as a private key
Act as->
Helping to bind different credentials to the same identity, +.>
For the number of other secret properties than the master key, +.>
In the direction->
The need to provide a zero knowledge before obtaining the signature of the commitment proves that he really knows the secret attribute corresponding to the commitment submitted>
。/>
The whole process is as shown in fig. 3: the detailed anonymity attribute verification process is as follows:
1) And (3) verifying correctness of the public key: in using public keys
Before generating promise->
Will request->
Send->
Is verified and validated.
(1) Calculating a random value
。
(2) Calculation of
.
(3) If it meets
Then accept public key +.>
Otherwise, refusing.
2) Generating a secret attribute commitment: in order to hide the attributes of the attributes,
use of +.according to the Pedersen commitment scheme>
Public key of (a)
For secret attribute->
Generating a promise->
The petersen commitment solves the problem based on discrete logarithms, allowing the message submitter to submit the message to a verifier without revealing the committed message details.
3) Generating a promise proof:
his commitment must be verified as correctly generated, corresponding to the following zero knowledge proof:
(1) Selecting random numbers
,/>
And generates a random value +.>
;
(2) Generating challenges
wherein />
Is the current timestamp;
(3) Calculating a response
, wherein />
;
(4) Transmitting
To->
。
4) Verification promises to prove: received from
After the demonstration of->
The electric automobile is indirectly proved to be really aware of the secret attribute corresponding to the promise by serving as a verifier to verify the promise by the following steps>
:
(1) Calculation of
;
(2) Calculation of
;
(3) If it meets
Accept promise->
Otherwise, refusing. />
example 2
As shown in fig. 4: in the present embodiment, description is made of
Pair ∈10 using CL signature algorithm>
Commitment of submission->
Signing to issue a voucher +.>
。
1) Generating a credential signature:
first randomly generate +>
And calculate->
Then->
Calculation of
,/>
,/>
And calculate->
,
. Finally->
Calculating to obtain signature
And send to->
. Direct pair promise using CL signature algorithm>
Signature generated->
Equivalent direct pair->
Because of->
The following can be demonstrated:
for a pair of
For->
Submitted->
Signature and direct pair of attribute sets thereof>
The security of the signature is the same. This is because +.>
The validity of the corresponding attribute of the promise is proved by a zero-knowledge mode. For->
For the sake of +>
Can only go from->
Extracting about->
Is provided. However, according to the Pedersen commitment, < ->
Is a security commitment whose information is theoretically independent of +.>
Thus information theoretically conceals the secret attribute set +.>
。
2) Verifying the certificate signature: received by
After the signature sent->
It is necessary to check its signature +.>
Is effective, then combine the attribute set +.>
Packaging into a signature certificate and storing. The specific signature verification process is as follows: />
2.1)
Whether or not to pass right->
To judge. The correctness of this equation is verified as follows:
2.2)
and />
Whether or not to pass through->
and />
And (5) judging. The correctness verification of the two equations is shown in (7) and (8), respectively:
2.3)
whether or not to pass right->
To judge. The correctness of this equation is verified as follows:
as shown in fig. 5, once
Reaching the charging station and connecting with the charging post within a specified period of time requires authentication of itself to perform the charging and discharging. />
Using different pseudonyms (a special cryptographic token, derived from the credentials non-deterministicallyOut) to interact with the charging post instead of simply sending the account and corresponding master key or key hash to the charging post for authentication. />
There is a need to specify the property set corresponding to the pseudonym without revealing +.>
On the premise of proving possession of the pseudonym to the charging pile. Finally->
The method and the device realize that the validity of the identity of the charging pile is verified under the condition that the privacy information is not revealed, so that the charging/discharging service provided by the charging pile is obtained.
In order not to reveal the credentials,
a blinded version of the credential is presented to participate in the optimized charge-discharge transaction. />
Selecting random numbers
And computes a blinded version of the credential as follows:
wherein 
Is further blinded to->
All are provided withThe uniform distribution is independent of all other parameters. Thus can be +.>
As->
Is a pseudonym of (c). Due to the security features of the blockchain, such as non-tamperability and traceability, the pseudonym +_ used in each transaction>
Along with other transaction information may be recorded in the blockchain for transaction inquiry and transaction arbitration.
3) Generating a credential proof:
it needs to be proved that he knows the property set to which the credential corresponds +.>
The corresponding zero knowledge is demonstrated below.
wherein 
,/>
,/>
,/>
Are all intermediate parameters of CL signatures.
calculation of
、/>
、/>
and />
;
Selecting random numbers
,/>
And calculate +.>
;
Computational challenges
, wherein />
Is the current timestamp used to resist potential replay attacks;
calculate the corresponding
, wherein />
,/>
,/>
;
Transmitting
,/>
To the charging pile。
4) Verification credentials prove that: received from
After the information of (a), the charging pile firstly compares the current time with the timestamp +.>
To preliminarily judge the validity of the proof. Then verify ++by judging whether or not formulas (5-11) - (5-13) are true>
,
Is the legitimacy of (2).
The correctness of formulas (11) - (13) prove similar to formulas (6) - (8), and are not repeated here.
Finally, the charging pile completes the alignment through the following zero knowledge proving process
Verification of submitted information and authorization to start with a false name +.>
Electric automobile of (2)>
Charging and discharging are performed.
(1) Calculation of
、/>
、/>
and />
;
(2) Calculation of
;
(3) Calculation of
;
(4) If it meets
The credential is accepted, otherwise rejected.
from the above procedure it can be concluded that the cryptographic pseudonym thus derived has the property that on the one hand, no entity can determine whether the two pseudonyms are from the same master secret, and on the other hand, if the master secret and other properties to which the pseudonym corresponds are not known, it is not possible for the electric vehicle to successfully authenticate itself by means of the pseudonym.
The attack mode of identity privacy protection comprises the following steps:
1. block link point attack
The electric automobile verifies and knows anonymous secret attributes corresponding to promise to the block chain link point in a zero knowledge proof mode. The process does not require the electric vehicle to present its own true identity. And finally, the block chain link point only can know an anonymous electric vehicle request to carry out charge and discharge optimization scheduling, but cannot know privacy information such as charging habit, position, personal information and the like from the process.
2. Charging pile attack
The proposed scheme generates an electric car pseudonym by CL signature and authenticates it with zero knowledge proof. The pseudonym is anonymous and is unassociated with the true identity of the electric car. And finally, the charging pile can only know that a legal electric automobile finishes charging and discharging in a distributed time period, and cannot know the real identity of the electric automobile from the process.
3. Alliance chain account book attack
In the proposal, although the transaction information of the electric automobile and the charging pile stored on the alliance chain is transparent to the users of the alliance chain. But a different electric car pseudonym is saved in each newly generated transaction. Pseudonyms are randomly generated and evenly distributed, and it is difficult for an attacker to distinguish the pseudonyms and associate them with a single identity.
4. Man-in-the-middle attack
Because the scheduling request information sent by the electric vehicle to the blockchain node may be encrypted using the public key of the blockchain node. Even if an attacker can capture this data, it cannot access the information inside. And even if an attacker hives the blockchain node and acquires clear text information of the scheduling request, the attacker can only know when and where a certain electric automobile will be charged and discharged, but cannot know the real identity of the electric automobile and associate the real identity with future charging and discharging behaviors because the information is only bound with one pseudonym. In addition, the electric automobile needs to send a proof to the block chain link point in the identity authentication process. Because the proof is zero knowledge, an attacker cannot obtain any private information about the electric vehicle from the proof.
5. Replay attack
The verifier finally determines the validity of the proof by detecting that the current time is within the validity period of the proof and verifying the cryptographic validity of the proof.
6. Denial of service attack
The system may require its prepaid deposit to resist denial of service attacks when the electric vehicle applies for charge-discharge dispatch transactions. In this way, initiating a large number of scheduling requests would have a high cost and thus reduce the desire of an attacker to attack.
The scheme mainly considers the identity privacy of the electric automobile, and based on the identity privacy, the position, the charging habit and other privacy are jointly considered. The above security analysis may indicate that the proposed scheme does not reveal such private information to other internal or external attackers. The blockchain node cannot contact the private information, but is still able to authenticate and issue certificates to the electric vehicle through zero knowledge proof. It is difficult for a charging stake or blockchain node to link two proofs that are generated from the same credential. The charging stake can verify the legitimacy of the electric vehicle through credentials (anonymous and not linkable to true identity) and corresponding credentials without accessing other private information. Any attacker cannot obtain the scheduling request information and personal information from the communication channel or the alliance chain ledger and match it with the real electric car identity. Therefore, the proposal can protect the privacy of the users of the electric automobile in the distributed environment.
Example 3
This embodiment is mainly used for evaluating the protection methods in embodiment 1 and embodiment 2, and includes:
1) Simulation setting: scheme CL signature algorithm and SchnorrNIZKP protocol were implemented based on typeapaining of JPBC (java printing-basedcryptigy) Library. The performance of the scheme was evaluated on an Intel (R) 4CoreCPU@2.80GHz8GB memory virtual machine running the centos7.4 computing system. In addition, we build our coalition chain system based on hyperledgerFabricv2.3.2, and develop client programs and intelligent contracts based on Thefabric-sdk-java and fabric-char-java, respectively.
Specifically, bilinear pair is in the domain
Upper structure, wherein->
Bits. />
Is marked by elliptic curve->
The group of the upper dots is large prime order +.>
Is 160, i.e. +.>
Bits.
2) Computational overhead analysis: and considering the calculation overhead of the blockchain node, the electric automobile and the charging pile in the aspects of signature and signature verification, zero knowledge proof generation and verification.
Order the
,/>
Respectively indicate->
and />
The computational overhead of the medium exponent operation, wherein +.>
A multiplicative cyclic group of prime order q. Let->
Representing the computational overhead of the bilinear pairwise operation.
The computational overhead of other operations (e.g., random number generation, multiplication, and hash value computation) is negligible compared to the computational overhead of exponential and pair operations. Experimental measurement
,/>
,/>
。
For a blockchain node, verifying a promise of an electric vehicle proves to be needed
Personal->
An exponential operation in (a). Block chain link point calculation of signature of an electric car approximately requires +.>
Personal->
An exponential operation in (a). Thus a blockchain node serves all +.>
The total calculation cost of the electric vehicles is +.>
。
EV verification for an electric vehicle
Correctness needs->
Personal->
In (2) generating a commitment need by an exponential operation in (a)
Personal->
In (2) generating a promise proof need +.>
Personal->
The exponential operation in (3) has the calculation cost of
。
Electric automobile inspection
、/>
and />
Respectively need->
and />
Checking the arithmetic of the pairs>
Need->
The sum of the pairs>
Personal->
The exponential operation in (a) with a calculation overhead of +.>
。
Electric automobile calculations prove to be about
Couple operations->
Personal->
The exponential operation in (3) has the calculation cost of
. The total calculation cost of an electric vehicle is therefore
。
For a charging pile, the charging pile needs to be aligned first
,/>
Signature verification, need->
And performing pairing operation. The charging stake then verifies that SchnorrNIZKF requires about +.>
The sum of the pairs>
Personal->
An exponential operation in (a). />
Therefore, the total calculation cost of one charging pile serving one electric automobile is as follows
。
FIG. 6 shows the computational overhead of a blockchain node as a function of the number of secret attributes
And the number of electric vehicles served by the same
Is a variation of (2).
When (when)
,/>
I.e. only attribute +.>
When secret, the blockchain node obtains the minimum computational overhead as +.>
. When->
,/>
The maximum calculation cost obtained by the time zone block chain node is +.>
s。
Thus one blockchain node can issue anonymous credentials to all serviced electric vehicles in less than half a minute.
FIG. 7 shows the calculation overhead of an electric vehicle and a charging pile as a function of
Is a variation of (2). When->
In the process, the electric automobile and the charging pile respectively obtain the minimum calculation cost of +.>
and />
. When->
In this case, the electric vehicle and the charging pile respectively acquire a maximum calculation cost of +>
and />
. Therefore, the electric automobile and the charging pile can complete the identity authentication process in less than 1 s.
3) Communication overhead analysis: implementation of secure hash functions in SchnorrNIZKP using SHA-256 algorithm
The hash value is +.>
. From the simulation settings, each +.>
The element size of (a) is->
. Each->
The element size of (a) is->
。
Consider the communication overhead between a blockchain node and an electric car. Each electric automobile
Sending a proof of authenticity
,/>
To the blockchain node. Challenge->
Is +.>
. Each->
Is +.>
,/>
The total size is +.>
。/>
The size is +.>
。/>
Negligible. />
Transmitting signatures
,/>
Give->
。/>
The sizes are all +.>
. Each->
The size is +.>
,/>
And->
The sizes are all +.>
. Thus the blockchain node serves all->
The total communication overhead of the electric automobile is that
Bytes。
Consider the overhead of communication between a charging pile and an electric car. Each electric car sends
,/>
And (5) feeding the charging pile. Challenge->
Is +.>
. Each->
In the size->
Thus->
The total size is +.>
. Blinded signature->
Comprises->
Element of (2), thus->
The size is +.>
Bytes。/>
Can be ignored. Therefore, the total communication cost of one charging pile and 1 electric automobile served by the charging pile is
Bytes。
FIG. 8 shows the number of secret attributes with an electric vehicle
And the total number of electric vehicles served by each block chain link point +.>
The total communication overhead of a blockchain node changes. When->
,/>
The block link point gets the minimum communication overhead +.>
. When->
,/>
When the blockchain node obtains the maximum communication overhead
。
Fig. 9 shows the communication overhead of a charging pile and an electric vehicle
Is a variation of (2). When->
When the charging pile and the electric automobile are in the minimum communication cost +.>
. When->
When the charging pile and the electric automobile have the maximum communication cost of
。/>
As can be seen from fig. 8 and 9, the blockchain node occupies less communication resources in both the process of issuing anonymous certificates to all the served electric vehicles and the charge-discharge authentication process of the electric vehicles.
The above embodiments may be implemented in whole or in part by software, hardware, firmware, or any other combination. When implemented in software, the above-described embodiments may be implemented in whole or in part in the form of a computer program product. The computer program product comprises one or more computer instructions or computer programs. When the computer instructions or computer program are loaded or executed on a computer, the processes or functions described in accordance with the embodiments of the present application are all or partially produced. The computer may be a general purpose computer, a special purpose computer, a computer network, or other programmable apparatus. The computer instructions may be stored in a computer-readable storage medium or transmitted from one computer-readable storage medium to another computer-readable storage medium, for example, the computer instructions may be transmitted from one website site, computer, server, or data center to another website site, computer, server, or data center by wired (e.g., infrared, wireless, microwave, etc.). The computer readable storage medium may be any available medium that can be accessed by a computer or a data storage device such as a server, data center, etc. that contains one or more sets of available media. The usable medium may be a magnetic medium (e.g., floppy disk, hard disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium. The semiconductor medium may be a solid state disk.
It should be understood that the term "and/or" is merely an association relationship describing the associated object, and means that three relationships may exist, for example, a and/or B may mean: there are three cases, a alone, a and B together, and B alone, wherein a, B may be singular or plural. In addition, the character "/" herein generally indicates that the associated object is an "or" relationship, but may also indicate an "and/or" relationship, and may be understood by referring to the context.
In the present application, "at least one" means one or more, and "a plurality" means two or more. "at least one of" or the like means any combination of these items, including any combination of single item(s) or plural items(s). For example, at least one (one) of a, b, or c may represent: a, b, c, a-b, a-c, b-c, or a-b-c, wherein a, b, c may be single or plural.
It should be understood that, in various embodiments of the present application, the sequence numbers of the foregoing processes do not mean the order of execution, and the order of execution of the processes should be determined by the functions and internal logic thereof, and should not constitute any limitation on the implementation process of the embodiments of the present application.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
It will be clear to those skilled in the art that, for convenience and brevity of description, specific working procedures of the above-described systems, apparatuses and units may refer to corresponding procedures in the foregoing method embodiments, and are not repeated herein.
In the several embodiments provided in this application, it should be understood that the disclosed systems, devices, and methods may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of the units is merely a logical function division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in each embodiment of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on such understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the methods described in the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a read-only memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, or other various media capable of storing program codes.
The foregoing is merely specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily think about changes or substitutions within the technical scope of the present application, and the changes and substitutions are intended to be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (10)
1. The electric power transaction identity authentication privacy protection method for the electric vehicle is characterized by comprising the following steps of: the protection method comprises the following steps:
s1: leader node selection of security parameters
Group generation algorithm running symmetric prime order bilinear pairs +.>
Generating common parameters, the leader node selecting the anti-collision hash function +.>
Publishing common parameters
, wherein />
Is a random prime number->
Is prime order->
G is belonging to the two multiplication cycle groups of
Is a generator of->
For a bilinear mapping,/a>
For the number->
Is a finite field of (2);
s2: electric automobile
,/>
From->
Randomly selecting private keys satisfying a uniform distribution +.>
Public key
,/>
Representing each blockchain node serviceElectric cars of (a), block chain node->
,/>
Is used to issue a certificate, a list of attributes is signed, wherein +.>
Is a random integer;
S3:
proof keys for a given proof paradigm, the zero knowledge proof expression is:
in the formula ,
for security parameters, P is credential, +.>
Are random numbers in the finite field of number q,
,/>
select own private key->
And corresponding public key
。
2. An electric motor according to claim 1The privacy protection method for the identity authentication of the automobile power transaction is characterized by comprising the following steps of: the electric automobile
In (a): let per blockchain node service->
Electric automobile +.>
The electric automobile obtains the certificate from the block chain link point in a zero knowledge proving mode and proving to the charging pile that the secret attribute corresponding to the certificate is known.
3. The method for protecting the identity authentication privacy of electric automobile power transaction according to claim 2, which is characterized in that: in step S2, blockchain nodes
The detailed process of generating the proof is as follows:
s2.1: selecting random numbers
,/>
And generates a random value +.>
;
S2.2: generating challenges
, wherein />
Expiration date for marking proof, +.>
Is a blockChain node->
Identity information of (a);
s2.3: calculating a response
, wherein />
,
mod is a remainder operation;
s2.4: reservation of
As its public key->
Is a proof of (3).
4. The method for protecting the identity authentication privacy of electric automobile power transaction according to claim 3, wherein the method comprises the following steps: the electric automobile
In (a): is provided with->
Attribute confidentiality in the certificate of (1) to form a secret attribute set
,m ji For each attribute information, the same master secret is included as a special attribute in +.>
In the certificate of (2) private key->
Is->
Helping to bind different credentials to the same identity.
5. The method for protecting the identity authentication privacy of electric automobile power transaction according to claim 4, wherein the method comprises the following steps: the secret attribute verification process is as follows:
using public keys
Before generating promise->
Will request->
Send->
Is to verify and authenticate the public key->
;
calculating a random value
;
Calculation of
;
Satisfy the following requirements
Then accept public key +.>
Otherwise, refusing.
6. The method for protecting the identity authentication privacy of electric automobile power transaction according to claim 5, wherein the method comprises the following steps: the electric automobile
Use of +.according to the Pedersen commitment scheme>
Public key of->
For secret attribute->
Generating a commitment
,/>
The proof commitment is to correctly generate the corresponding zero knowledge proof expression as follows:
selecting random numbers
,/>
And generates a random value +.>
;
Generating challenges
wherein />
Is the current timestamp;
calculating a response
, wherein />
;
Transmitting
To->
。
7. The method for protecting the identity authentication privacy of electric automobile power transaction according to claim 1, wherein the method comprises the following steps: the blockchain node
Pair ∈10 using CL signature algorithm>
Commitment of submission->
Signing to issue a voucher +.>
。
8. The method for protecting the identity authentication privacy of electric automobile power transaction according to claim 7, wherein the method comprises the following steps: the blockchain node
Random generation->
And calculate->
,/>
Calculation of
And calculate->
,
Finally->
Calculating to obtain signature->
And send to->
Direct pair promise using CL signature algorithm>
Signature generated->
Direct price pair->
Is a result of the signature of (a).
9. The electric vehicle power transaction identity authentication of claim 8The privacy protection method is characterized in that: the blockchain node
Verifying the credential signature includes:
10. The method for protecting the identity authentication privacy of electric automobile power transaction according to claim 9, wherein the method comprises the following steps:
presenting a blinded version of the voucher to participate in the optimized charge-discharge transaction,>
select random number +.>
And computes a blinded version of the credential as:
wherein ,
is further blinded byGet->
The uniform distribution is independent of all parameters, will +.>
As->
The kana used in each transaction +.>
Along with transaction information is recorded in the blockchain for transaction inquiry and transaction arbitration. />
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310165002.5A CN115860750B (en) | 2023-02-27 | 2023-02-27 | Electric automobile electric power transaction identity authentication privacy protection method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310165002.5A CN115860750B (en) | 2023-02-27 | 2023-02-27 | Electric automobile electric power transaction identity authentication privacy protection method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115860750A CN115860750A (en) | 2023-03-28 |
| CN115860750B true CN115860750B (en) | 2023-05-30 |
Family
ID=85658848
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310165002.5A Active CN115860750B (en) | 2023-02-27 | 2023-02-27 | Electric automobile electric power transaction identity authentication privacy protection method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115860750B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113098838A (en) * | 2021-02-21 | 2021-07-09 | 西安电子科技大学 | Trusted distributed identity authentication method, system, storage medium and application |
| CN115564434A (en) * | 2022-09-23 | 2023-01-03 | 西南交通大学 | Block chain supervision privacy protection method based on zero knowledge proof |
Family Cites Families (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108769020B (en) * | 2018-05-29 | 2021-07-13 | 东北大学 | Privacy-protecting identity attribute certification system and method |
| CN109614820A (en) * | 2018-12-06 | 2019-04-12 | 山东大学 | Intelligent contract authentication data method for secret protection based on zero-knowledge proof |
| CN110728576A (en) * | 2019-08-19 | 2020-01-24 | 湖南科技学院 | Decentralized anonymous data transaction method based on zero knowledge proof |
| CN110958110B (en) * | 2019-12-09 | 2023-04-07 | 趣派(海南)信息科技有限公司 | Block chain private data management method and system based on zero knowledge proof |
| CN113177225B (en) * | 2021-03-16 | 2022-03-18 | 深圳市名竹科技有限公司 | Block chain-based data storage certification method, device, equipment and storage medium |
| CN113489733B (en) * | 2021-07-13 | 2022-07-29 | 郑州轻工业大学 | Content center network privacy protection method based on block chain |
| CN114615280B (en) * | 2022-03-24 | 2023-02-03 | 国网河南省电力公司电力科学研究院 | Anonymous credential based power block chain privacy protection method and system |
| CN114710294A (en) * | 2022-04-20 | 2022-07-05 | 电子科技大学 | Novel block chain privacy protection method |
-
2023
- 2023-02-27 CN CN202310165002.5A patent/CN115860750B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113098838A (en) * | 2021-02-21 | 2021-07-09 | 西安电子科技大学 | Trusted distributed identity authentication method, system, storage medium and application |
| CN115564434A (en) * | 2022-09-23 | 2023-01-03 | 西南交通大学 | Block chain supervision privacy protection method based on zero knowledge proof |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115860750A (en) | 2023-03-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Gabay et al. | Privacy-preserving authentication scheme for connected electric vehicles using blockchain and zero knowledge proofs | |
| Xu et al. | EVchain: an anonymous blockchain-based system for charging-connected electric vehicles | |
| Baza et al. | Privacy-preserving blockchain-based energy trading schemes for electric vehicles | |
| CN109325331B (en) | Big data acquisition transaction system based on block chain and trusted computing platform | |
| CN103856477B (en) | A kind of credible accounting system and corresponding authentication method and equipment | |
| Wang et al. | A novel lightweight authentication protocol for emergency vehicle avoidance in VANETs | |
| CN109687976A (en) | Fleet's establishment and management method and system based on block chain and PKI authentication mechanism | |
| CN113129518B (en) | Electric vehicle charging system and resource management method thereof | |
| Huang et al. | Blockchain-assisted transparent cross-domain authorization and authentication for smart city | |
| CN105187405A (en) | Reputation-based cloud computing identity management method | |
| CN112291062B (en) | Voting method and device based on block chain | |
| Wu et al. | An electronic voting mechanism for fighting bribery and coercion | |
| Abdelfatah et al. | Secure VANET authentication protocol (SVAP) using Chebyshev chaotic maps for emergency conditions | |
| Bhargav-Spantzel et al. | Multifactor identity verification using aggregated proof of knowledge | |
| CN115694838A (en) | Anonymous trusted access control method based on verifiable certificate and zero-knowledge proof | |
| CN115277010A (en) | Identity authentication method, system, computer device and storage medium | |
| CN103858377A (en) | Method for managing and checking data from different identity domains organized into a structured set | |
| Suresh et al. | A TPM-based architecture to secure VANET | |
| CN115860750B (en) | Electric automobile electric power transaction identity authentication privacy protection method | |
| CN113468614A (en) | Kerberos cross-domain authentication method based on Bulletprofs | |
| Mandal et al. | Design of electronic payment system based on authenticated key exchange | |
| CN114329610A (en) | Block chain privacy identity protection method, device, storage medium and system | |
| CN115952483A (en) | Anonymous traceable identity authentication method and device | |
| Dzurenda et al. | Privacy-preserving solution for vehicle parking services complying with EU legislation | |
| AU2021106388A4 (en) | A secure public cloud system for preserving privacy |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |