CN103338444B - The vehicle position privacy protection method of vehicular ad hoc network - Google Patents

Abstract

The invention discloses a kind of vehicle position privacy protection method of vehicular ad hoc network; First the privacy model of the current location privacy for assessment of different vehicle is set, for reflecting reputation model and the Mixed Zone criterion of the degree of cooperation of Current vehicle; Any vehicle in vehicular ad hoc network, according to send pseudo-name request vehicle i current fame and in the Mixed Zone of vehicle i, whether determine whether that cooperation is changed pseudo-name and protected vehicle i from car; And can according to from the current location privacy of car, pseudo-name dynamic conditioning remaining time from the fame of car.The present invention has while the current location of satisfied protection vehicle requires, significantly can reduce energy expense; More vehicles participate in the change of pseudo-name, the feature that the location privacy fail safe of vehicular wireless network is higher.

Description

The vehicle position privacy protection method of vehicular ad hoc network

Technical field

The present invention relates to wireless communication technology field, especially relate to a kind of can the location privacy of available protecting vehicle; More vehicles can be impelled to participate in the change of pseudo-name, thus significantly improve the vehicle position privacy protection method of the vehicular ad hoc network of the location privacy fail safe of network.

Background technology

Along with developing rapidly of the key technologies such as wireless communication technology, vehicle-mounted embedded type calculating and all kinds of onboard sensors, vehicular ad hoc network (Vehicular ad hoc network, VANET) is considered to the higher imperial scale mobile ad-hoc network of current practical level.Vehicular ad hoc network is by car and car, car and roadside unit (Roadside Units, RSUs) intercom the intelligent transportation system of inter-vehicular communication of safe, quick, effective, the structure opening formed mutually, can realize the application such as accident alarm, auxiliary driving.Such as in accident alarm application, driver can rely on vehicle-carrying communication in the scope of over the horizon, obtain vehicle condition (as the speed of a motor vehicle, direction, position, braking vane pressure etc.) and the real-time road condition information of other vehicles, thus effectively avoid traffic accident with congested, safety is fast more to make vehicular traffic.VANET due to wide application prospect and huge economic results in society thereof, and receives national governments, the great attention of academia and industrial circle etc.

But in the alarm of vehicular ad hoc network accident, auxiliary driving application, vehicle needs to broadcast heartbeat message continually.These heartbeat messages comprise the information such as position, time, direction, speed, acceleration/deceleration.Assailant can utilize these heartbeat messages to follow the tracks of interested vehicle or reduce their driving trace, the personal secrets of serious harm people.

Although can send anonymous heartbeat message by means of pseudo-name technology, global attack person still can utilize the space-time relationship between position, time, speed connected by these messages and obtain the location privacy of target vehicle.Some scholars utilize Mixed Zone (Mix-zone) to solve location privacy problem, and its thought is that pseudo-name changed by all vehicles before leaving Mixed Zone.If Mixed Zone area is very large, so vehicle at least needs to wait for that the longer time could send heartbeat message.If Mixed Zone area is less, assailant is easy to guess the association between position and pseudo-name.The scholars such as Sampigethaya propose agent communication strategy, form a communication group, represent group member externally issue heartbeat message by group leader between namely adjacent vehicle.Because vehicle fast running, group member change very greatly, the method requires very high to query processing time and call duration time.The scholars such as Carianha are proposed in the encryption Mixed Zone that the intensive regional deployment of vehicle is set up by RSUs.When vehicle is in Mixed Zone, all communication all must be encrypted.But position, Mixed Zone is fixed in advance, if old pseudo-name the natural duration of life of vehicle arrives, but this vehicle may outside Mixed Zone.

For the drawback of above-mentioned Mixed Zone, some scholars propose territory, dynamic mixing zone location privacy protection method, and namely vehicle is according to the privacy requirements Dynamic Establishing Mixed Zone of oneself.Such as, when pseudo-name is about to expire or location privacy is low time, territory, dynamic mixing zone set up automatically by vehicle, and requires that pseudo-name changed by all vehicles in Mixed Zone.Due in Mixed Zone, change pseudo-name and can lose a false name certificate and produce extra energy expense, the vehicle of some selfishness can be selected uncooperative, does not namely change pseudo-name and maximizes to realize number one.If lack correct effective excitation and penalty mechanism in system, selfish vehicle can consider that self privacy maximizes, and causes initiatively not changing pseudo-name.And pseudo-name is by overdue vehicle, then must change pseudo-name in Mixed Zone, if other vehicles are all selected uncooperative, assailant is easy to infer the mapping relations between the new and old pseudo-name this vehicle.

Chinese patent mandate publication number: CN101720059A, authorize publication date on June 2nd, 2010, disclose a kind of implementation method of vehicle-mounted mobile self-organized network route, comprise the following steps: each intersection arranges node, source node, when forwarding data bag, can forward to the node that oneself one end, section, place distance destination node is nearer; Whether node, when forwarding data bag, first judges to have in neighbor table apart from the nearer node of destination node, if having, then and direct node packet being transmitted to correspondence; Otherwise selecting adjacent according to section selection algorithm is not the section just having received packet, and direction, section is near the section of destination node, other end node in road section selected is then specified to be section receiving terminal node; When routing node receives from different sections of highway the same packet that identical sources node sends, selecting one, to receive packet success rate higher, and the optimal path that time of delay is shorter, forbid those non-optimal RX path simultaneously.Weak point is, function singleness, does not have location privacy protection function.

Summary of the invention

The present invention is in the location privacy protection process of vehicular ad hoc network in order to overcome prior art, there is selfish vehicle uncooperative, causes vehicle location personal secrets to decline; Or the deficiency that energy expense that pseudo-name brings increases frequently changed by the vehicle in vehicular ad hoc network, provide a kind of can the location privacy of available protecting vehicle; More vehicles can be impelled to participate in the change of pseudo-name, thus significantly improve the vehicle position privacy protection method of the vehicular ad hoc network of the location privacy fail safe of network.

To achieve these goals, the present invention is by the following technical solutions:

A vehicle position privacy protection method for vehicular ad hoc network, described vehicular ad hoc network is using the terminal be located on automobile as mobile node, and described terminal comprises radio receiving transmitting module, microprocessor and memory; Described mobile node and several onboard servers wireless connections, onboard servers and Control Server wirelessly or wired mode be connected; Comprise the steps:

(1-1) in onboard servers, be provided with the Mixed Zone criterion of vehicle i, Mixed Zone criterion is have at least in the Mixed Zone of vehicle i car; Wherein, i is the numbering of any one vehicle in vehicular ad hoc network; k Δ T-Δ t≤t < (k+1) Δ T; Δ T is the life cycle of pseudo-name, and Δ t is the change threshold value of pseudo-name; P _chpfor in Mixed Zone, the probability of pseudo-name changed by each car, DL _it () is the vehicle location privacy threshold value of setting; K is pseudo-name change number of times;

by DL _i(t), P _chpdetermine, such as: DL _i(t)=2, P _chp=0.5, then numerical value relevant with location privacy with the fame of the vehicle in the Mixed Zone of the fame of vehicle i, vehicle i.

In terminal, be provided with location privacy model is:

$B_i\left(t\right)=\left\{\begin{array}{cc}{A}_i^k,& (k-1)\mathrm{\&Delta;T}\&le;t<(k+1)\mathrm{\&Delta;T}-\mathrm{\&Delta;t}\\ 0,& \mathrm{k\&Delta;T}-\mathrm{\&Delta;t}\&le;t<(k+1)\mathrm{\&Delta;T}\end{array}\right.,$ Wherein for location privacy grade, α is the old pseudo-name sequence number of vehicle i, and b is the new pseudo-name sequence number of vehicle i; for changing the vehicle fleet of pseudo-name in Mixed Zone; B _it () is location privacy, P _{a → b}for the old pseudo-name sequence number α of vehicle i is replaced by the probability of new pseudo-name sequence number b;

Reputation model is provided with in terminal: $R_i^k=\underset{j=1}{\overset{k}{\mathrm{\&Sigma;}}}\frac{-\underset{b=1}{\overset{N_i^j}{\mathrm{\&Sigma;}}}{P}_{a\&RightArrow;b}{\log }_2{P}_{a\&RightArrow;b}}{-\underset{b=1}{\overset{{\mathrm{NT}}_i^j}{\mathrm{\&Sigma;}}}{P}_{a\&RightArrow;b}{\log }_2{P}_{a\&RightArrow;b}},$ for after k the pseudo-name of change, the fame of vehicle i; for vehicle fleet in Mixed Zone; Setting fame threshold value is DR _i(t);

(1-2) before vehicle i enters vehicular ad hoc network first, public, private key pair is obtained to Control Server registration, with public affairs, private key to corresponding certificate; The initial fame of setting vehicle i is 0, and the initial position privacy of vehicle i is 2;

(1-3) microprocessor of vehicle i calculates the pseudo-name remaining time of vehicle i when vehicle i sends the pseudo-name request message RNP after an encryption to onboard servers;

(1-4) after receiving pseudo-name request message RNP, onboard servers sets up according to Mixed Zone the Mixed Zone that criterion sets up vehicle i, the command message COMMAND after onboard servers broadcast enciphering;

(1-5) other vehicle set outside the vehicle i in vehicle self-organizing network is vehicle j, when vehicle j receives orders message COMMAND, the microprocessor of vehicle j is by Mixed Zone size and location information in the command message COMMAND received and compare from car present position, when in the Mixed Zone that vehicle j drops on vehicle i, vehicle j broadcasting command message COMMAND; When then vehicle j changes pseudo-name; The microprocessor of vehicle j utilizes reputation model to calculate its fame the microprocessor of vehicle j calculates the location privacy B of vehicle j _j(t), and handle and B _jt () is stored in the memory of vehicle j;

(1-6) when in the Mixed Zone that vehicle j drops on vehicle i and and the current fame of vehicle j then vehicle j changes pseudo-name; When in the Mixed Zone that vehicle j drops on vehicle i and and the location privacy B of vehicle j _j(t) < DL _j(t), then vehicle j changes pseudo-name; The microprocessor of vehicle j calculates the fame of vehicle j with location privacy B _j(t), and handle and B _jt () is stored in the memory of vehicle j;

(1-7) when vehicle j receives orders message COMMAND and vehicle j not in the Mixed Zone of vehicle i, then command message COMMAND abandons by vehicle j.

Due in Mixed Zone, change pseudo-name and can lose a false name certificate and produce extra energy expense, for selfish vehicle, can select uncooperatively namely not change pseudo-name and maximize to realize number one.If lack correct effective excitation and penalty mechanism in system, selfish vehicle can consider that self privacy maximizes, and causes initiatively not changing pseudo-name.And pseudo-name is by overdue vehicle, then must change pseudo-name in Mixed Zone, if other vehicles are all selected uncooperative, assailant is easy to infer the mapping relations between the new and old pseudo-name this vehicle.

For the problems referred to above, first the present invention sets the privacy model of the current location privacy for assessment of different vehicle, for reflecting reputation model and the Mixed Zone criterion of the degree of cooperation of Current vehicle.

Any vehicle in vehicular ad hoc network of the present invention, according to send pseudo-name request vehicle i current fame and in the Mixed Zone of vehicle i, whether determine whether that cooperation is changed pseudo-name and protected vehicle i from car; And can according to from the current location privacy of car, pseudo-name dynamic conditioning remaining time from the fame of car.

Simulation result shows, vehicular ad hoc network location privacy protection method of the present invention, while the current location privacy requirement of satisfied protection vehicle, significantly can reduce energy expense.Meanwhile, the introducing due to fame makes more vehicle participate in the change of pseudo-name, thus improves the fail safe of the location privacy of whole vehicular ad hoc network.

As preferably, step (1-4) also comprises the steps:

After onboard servers receives the pseudo-name request message RNP of vehicle i, receive again pseudo-name request message RNP and vehicle j that vehicle j sends in the Mixed Zone of vehicle i, then the pseudo-name request message RNP of the vehicle j received abandons by onboard servers.

As preferably, the pseudo-name request message RNP in described step (1-3) comprises the remaining time of current pseudo-name new pseudo-name, fame fame threshold DR _i(t), current location and the speed of a motor vehicle.

As preferably, the command message COMMAND in described step (1-4) comprises the position, Mixed Zone of vehicle i, pseudo-name changed by Mixed Zone size, vehicle time, fame with fame threshold DR _i(t).

As preferably, the pseudo-name request message RNP in described step (1-3) adopts broadcast encryption method encryption.

As preferably, the message COMMAND in described step (1-4) adopts broadcast encryption method encryption.

As preferably, Δ T is 5 minutes to 30 minutes.

As preferably, Δ t is 1 second to 45 seconds.

Therefore, the present invention has following beneficial effect: (1), while the current location of satisfied protection vehicle requires, significantly can reduce energy expense; (2) more vehicles participate in the change of pseudo-name, and the location privacy fail safe of vehicular wireless network is higher.

Accompanying drawing explanation

Fig. 1 is a kind of location privacy illustraton of model of vehicle i of the present invention;

Fig. 2 is a kind of flow chart of the present invention;

Fig. 3 is mean place privacy of the present invention and pseudo-name life cycle Δ T graph of a relation;

Fig. 4 is average energy expense and pseudo-name life cycle Δ T graph of a relation;

Fig. 5 is average energy expense and location privacy threshold value graph of a relation;

Fig. 6 is mean place privacy and popularity threshold value graph of a relation.

Embodiment

Below in conjunction with the drawings and specific embodiments, the present invention will be further described.

Be a kind of vehicle position privacy protection method of vehicular ad hoc network as mentioned in the embodiment of figure 2, vehicular ad hoc network is using the terminal be located on automobile as mobile node, and terminal comprises radio receiving transmitting module, microprocessor and memory; Microprocessor is electrically connected with radio receiving transmitting module and memory respectively; Mobile node and 4 onboard servers wireless connections, onboard servers is wirelessly connected with Control Server; Comprise the steps:

Step 100, the Mixed Zone criterion being provided with vehicle i in onboard servers is have at least in the Mixed Zone of vehicle i car; Wherein, i is the numbering of any one vehicle in vehicular ad hoc network; span be: k Δ T-Δ t≤t < (k+1) Δ T; Δ T=25 minute, Δ t=0.5 minute; P _chp=0.5, DL _i(t)=2.0; K=50;

In terminal, be provided with location privacy model as shown in Figure 1, location privacy model is:

$B_i\left(t\right)=\left\{\begin{array}{cc}{A}_i^k,& (k-1)\mathrm{\&Delta;T}\&le;t<(k+1)\mathrm{\&Delta;T}-\mathrm{\&Delta;t}\\ 0,& \mathrm{k\&Delta;T}-\mathrm{\&Delta;t}\&le;t<(k+1)\mathrm{\&Delta;T}\end{array}\right.,$ Wherein for location privacy grade, α is the old pseudo-name sequence number of vehicle i, and b is the new pseudo-name sequence number of vehicle i; for changing the vehicle fleet of pseudo-name in Mixed Zone; B _it () is location privacy, P _{a → b}for the old pseudo-name sequence number α of vehicle i is replaced by the probability of new pseudo-name sequence number b; Such as the pseudo-name sequence number of vehicle i before entering Mixed Zone is α, has 3 cars to change to new pseudo-name in Mixed Zone, and its new pseudo-name sequence number is respectively b, c, d, and the new pseudo-name sequence number of vehicle i may be one in the middle of b, c, d; P _{a → b}=1/3; B _i(t) value and t, k, relevant;

Reputation model is provided with in terminal: $R_i^k=\underset{j=1}{\overset{k}{\mathrm{\&Sigma;}}}\frac{-\underset{b=1}{\overset{N_i^j}{\mathrm{\&Sigma;}}}{P}_{a\&RightArrow;b}{\log }_2{P}_{a\&RightArrow;b}}{-\underset{b=1}{\overset{{\mathrm{NT}}_i^j}{\mathrm{\&Sigma;}}}{P}_{a\&RightArrow;b}{\log }_2{P}_{a\&RightArrow;b}},$ for after k the pseudo-name of change, the fame of vehicle i; for vehicle fleet in Mixed Zone; Setting fame threshold value is DR _it () is 2.0;

Step 200, before vehicle i enters vehicular ad hoc network first, to Control Server registration obtain public, private key to and with public, private key to corresponding certificate; The initial fame of setting vehicle i is 0, and the initial position privacy of vehicle i is 2;

Step 300, the microprocessor of vehicle i calculates the pseudo-name remaining time of vehicle i when vehicle i sends the pseudo-name request message RNP after an encryption to onboard servers;

Step 400, after receiving pseudo-name request message RNP, onboard servers sets up according to Mixed Zone the Mixed Zone that criterion sets up vehicle i, the command message COMMAND after onboard servers broadcast enciphering; Pseudo-name request message RNP comprises the remaining time of current pseudo-name new pseudo-name, fame fame threshold DR _i(t), current location and the speed of a motor vehicle.

Step 500, other vehicle outside vehicle i in setting vehicle self-organizing network is vehicle j, when vehicle j receives orders message COMMAND, the microprocessor of vehicle j is by Mixed Zone size and location information in the command message COMMAND received and compare from car present position, when in the Mixed Zone that vehicle j drops on vehicle i, vehicle j broadcasting command message COMMAND; When then vehicle j changes pseudo-name; The microprocessor of vehicle j utilizes reputation model to calculate its fame the microprocessor of vehicle j calculates the location privacy B of vehicle j _j(t), and handle and B _jt () is stored in the memory of vehicle j;

Command message COMMAND comprises the position, Mixed Zone of vehicle i, pseudo-name changed by Mixed Zone size, vehicle time, fame with fame threshold DR _i(t).

Step 600, when in the Mixed Zone that vehicle j drops on vehicle i and and the current fame of vehicle j then vehicle j changes pseudo-name; When in the Mixed Zone that vehicle j drops on vehicle i and and the location privacy B of vehicle j _j(t) < DL _j(t), then vehicle j changes pseudo-name; The microprocessor of vehicle j calculates the fame of vehicle j with location privacy B _j(t), and handle and B _jt () is stored in the memory of vehicle j;

Step 700, when vehicle j receives orders message COMMAND and vehicle j not in the Mixed Zone of vehicle i, then command message COMMAND abandons by vehicle j.

Be below Simulation results:

The configuration of emulation experiment is in table 1, and vehicle operating is at the rural road in 2 tracks, and Vehicle Speed is limited in 40 kilometers/hour to 80 kilometers/hour, and the communication radius of vehicle is 250 meters, and Δ t is 0.5 minute.

Table 1 experiment parameter configures

Parameter	Numerical value
		Track	2 tracks
Lane width	3.5 rice
		The shortest safety traffic distance	5 meters
Travel speed	[40 kilometers/hour 80 kilometers/hour]
		Vehicle communication radius	250 meters
Send a RNP energy expense	1mJ
		Change pseudo-name energy expense once	0.1mJ
Δt	0.5 second
		k	50

Fig. 3 represents the relation between the mean place privacy of vehicle and pseudo-name life cycle Δ T.Wherein, Swap method is that when remaining time that the location privacy of certain vehicle is less than location privacy threshold value or pseudo-name being less than Δ t, this vehicle enters pseudo-name change procedure.

If Non-Reputation method is that in Mixed Zone, the location privacy of certain vehicle meets location privacy threshold value, then pseudo-name do not changed by this vehicle.Location privacy threshold value DL in the present embodiment _it () is log ₂(5), popularity threshold DR _it () is 2.0.

As shown in Figure 3, the location privacy of the present invention and Swap method is higher than location privacy threshold value log ₂, and the location privacy value of Non-Reputation method remains on 2.3 (5).Its reason is: in Non-Reputation method, once selfish vehicle meets location privacy threshold value, does not change pseudo-name, and the location privacy value of vehicle i is declined, thus causes the mean place privacy of whole system to decline.

In addition, as shown in Figure 3, the life cycle of pseudo-name is little on the impact of mean place privacy, and its reason is if the remaining time of pseudo-name pseudo-name all changed by all vehicles.

Fig. 4 gives the relation between the average energy expense of system and pseudo-name life cycle.Wherein, location privacy threshold value DL _it () is log ₂(5), DR _it () popularity threshold value is 2.0.

As shown in Figure 4, energy expense of the present invention is at about 2.5mJ, and Swap method is at about 37mJ, and its main cause is compared with Swap method, The present invention reduces pseudo-name change number of times.Compared with the present invention, Non-Reputation method is low due to mean place privacy, makes more vehicle send RNP message, thus causes energy expense larger than the present invention.

Table 2 provides the mean place privacy of three kinds of methods of diverse location privacy threshold value.Compare with Swap method, the present invention does not initiatively change pseudo-name due to selfish vehicle and causes mean place privacy low, but the present invention can meet the location privacy threshold value of vehicle.Compared with Non-Reputation method, the present invention makes mean place privacy increase owing to introducing popularity incentive measure.

Relation between table 2 mean place privacy and threshold value

Fig. 5 represents the relation between average energy expense and location privacy threshold value.As shown in Figure 5, the average energy expense of the present invention and Non-Reputation method increases along with the increase of location privacy threshold value, and Swap method is contrary.Its reason is as follows: when Mixed Zone is less, and in Swap method, vehicle is difficult to reach location privacy threshold value thus constantly sends RNP message calls and enters pseudo-name change procedure; And in the present invention and Non-Reputation method, because Some vehicles in Mixed Zone changes pseudo-name, along with location privacy threshold value increases, more vehicle needs to change pseudo-name to meet location privacy threshold value.

Fig. 6 gives the relation between mean place privacy and popularity threshold value.

As shown in Figure 6, along with the increase of popularity threshold value, mean place privacy of the present invention also increases thereupon.This increases mainly due to popularity threshold value, causes more vehicle needs by changing the fame of pseudo-name ability raising itself.

Should be understood that the present embodiment is only not used in for illustration of the present invention to limit the scope of the invention.In addition should be understood that those skilled in the art can make various changes or modifications the present invention, and these equivalent form of values fall within the application's appended claims limited range equally after the content of having read the present invention's instruction.

Claims (8)

1. a vehicle position privacy protection method for vehicular ad hoc network, described vehicular ad hoc network is using the terminal be located on automobile as mobile node, and described terminal comprises radio receiving transmitting module, microprocessor and memory; Described mobile node and several onboard servers wireless connections, onboard servers and Control Server wirelessly or wired mode be connected; It is characterized in that, comprise the steps:

(1-1) in onboard servers, be provided with the Mixed Zone criterion of vehicle i, Mixed Zone criterion is have at least in the Mixed Zone of vehicle i car; Wherein, i is the numbering of any one vehicle in vehicular ad hoc network; k Δ T-Δ t≤t < (k+1) Δ T; Δ T is the life cycle of pseudo-name, and Δ t is the change threshold value of pseudo-name; P _chpfor in Mixed Zone, the probability of pseudo-name changed by each car, DL _it () is the vehicle location privacy threshold value of setting; K is pseudo-name change number of times;

In terminal, be provided with location privacy model is:

$B_i\left(t\right)=\left\{\begin{array}{cc}{A}_i^k,& (k-1)\mathrm{\&Delta;T}\&le;t<(k+1)\mathrm{\&Delta;T}-\mathrm{\&Delta;t}\\ 0,& \mathrm{k\&Delta;T}-\mathrm{\&Delta;t}\&le;t<(k+1)\mathrm{\&Delta;T}\end{array}\right.,$ Wherein for location privacy grade, a is the old pseudo-name sequence number of vehicle i, and b is the new pseudo-name sequence number of vehicle i; for changing the vehicle fleet of pseudo-name in Mixed Zone; B _it () is location privacy, P _{a → b}for the old pseudo-name sequence number a of vehicle i is replaced by the probability of new pseudo-name sequence number b;

Reputation model is provided with in terminal: $R_i^k=\underset{j=1}{\overset{k}{\mathrm{\&Sigma;}}}\frac{-\underset{b=1}{\overset{N_i^j}{\mathrm{\&Sigma;}}}{P}_{a\&RightArrow;b}{\log }_2{P}_{a\&RightArrow;b}}{-\underset{b=1}{\overset{{{\mathrm{NT}}_i}^j}{\mathrm{\&Sigma;}}}{P}_{a\&RightArrow;b}{\log }_2{P}_{a\&RightArrow;b}},$ for after k the pseudo-name of change, the fame of vehicle i; NT _i ^jfor vehicle fleet in Mixed Zone; Setting fame threshold value is DR _i(t);

(1-2) before vehicle i enters vehicular ad hoc network first, public, private key pair is obtained to Control Server registration, with public affairs, private key to corresponding certificate; The initial fame of setting vehicle i is 0, and the initial position privacy of vehicle i is 2;

(1-3) microprocessor of vehicle i calculates the pseudo-name remaining time of vehicle i when vehicle i sends the pseudo-name request message RNP after an encryption to onboard servers;

(1-4) after receiving pseudo-name request message RNP, onboard servers sets up according to Mixed Zone the Mixed Zone that criterion sets up vehicle i, the command message COMMAND after onboard servers broadcast enciphering;

(1-5) other vehicle set outside the vehicle i in vehicle self-organizing network is vehicle j, when vehicle j receives orders message COMMAND, the microprocessor of vehicle j is by Mixed Zone size and location information in the command message COMMAND received and compare from car present position, when in the Mixed Zone that vehicle j drops on vehicle i, vehicle j broadcasting command message COMMAND; When then vehicle j changes pseudo-name; The microprocessor of vehicle j utilizes reputation model to calculate its fame the microprocessor of vehicle j calculates the location privacy B of vehicle j _j(t), and handle and B _jt () is stored in the memory of vehicle j;

(1-6) when in the Mixed Zone that vehicle j drops on vehicle i and and the current fame of vehicle j then vehicle j changes pseudo-name; When in the Mixed Zone that vehicle j drops on vehicle i and and the location privacy B of vehicle j _j(t) < DL _j(t), then vehicle j changes pseudo-name; The microprocessor of vehicle j calculates the fame of vehicle j with location privacy B _j(t), and handle and B _jt () is stored in the memory of vehicle j;

(1-7) when vehicle j receives orders message COMMAND and vehicle j not in the Mixed Zone of vehicle i, then command message COMMAND abandons by vehicle j.

2. the vehicle position privacy protection method of vehicular ad hoc network according to claim 1, is characterized in that, step (1-4) also comprises the steps:

After onboard servers receives the pseudo-name request message RNP of vehicle i, receive again the pseudo-name request message RNP that vehicle j sends, and vehicle j is in the Mixed Zone of vehicle i, then the pseudo-name request message RNP of the vehicle j received abandons by onboard servers.

3. the vehicle position privacy protection method of vehicular ad hoc network according to claim 1, is characterized in that, the pseudo-name request message RNP in described step (1-3) comprises the remaining time of current pseudo-name new pseudo-name, fame fame threshold DR _i(t), current location and the speed of a motor vehicle.

4. the vehicle position privacy protection method of vehicular ad hoc network according to claim 1; it is characterized in that, the command message COMMAND in described step (1-4) comprises the position, Mixed Zone of vehicle i, pseudo-name changed by Mixed Zone size, vehicle time, fame with fame threshold DR _i(t).

5. the vehicle position privacy protection method of vehicular ad hoc network according to claim 1, is characterized in that, the pseudo-name request message RNP in described step (1-3) adopts broadcast encryption method encryption.

6. the vehicle position privacy protection method of vehicular ad hoc network according to claim 1, is characterized in that, the message COMMAND in described step (1-4) adopts broadcast encryption method encryption.

7. the vehicle position privacy protection method of the vehicular ad hoc network according to claim 1 or 2 or 3 or 4 or 5 or 6, it is characterized in that, Δ T is 5 minutes to 30 minutes.

8. the vehicle position privacy protection method of the vehicular ad hoc network according to claim 1 or 2 or 3 or 4 or 5 or 6, it is characterized in that, Δ t is 1 second to 45 seconds.