CN107634837B - Internet of vehicles message authentication method based on edge calculation - Google Patents
Internet of vehicles message authentication method based on edge calculation Download PDFInfo
- Publication number
- CN107634837B CN107634837B CN201711057462.7A CN201711057462A CN107634837B CN 107634837 B CN107634837 B CN 107634837B CN 201711057462 A CN201711057462 A CN 201711057462A CN 107634837 B CN107634837 B CN 107634837B
- Authority
- CN
- China
- Prior art keywords
- rsu
- vehicle
- message
- ecv
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention discloses a vehicle networking efficient message authentication method based on edge calculation, which comprises the following steps of (1) initializing a system of a vehicle networking participant entity, wherein the step comprises two processes of parameter generation, vehicle generation of a pseudonym and signature; (2) the method comprises the steps that the RSU elects an Edge Computing Vehicle (ECV), the ECV executes tasks, the RSU checks the authentication result of the ECV, and the vehicle message authentication is carried out. The signature part of the invention uses the operation based on elliptic curve cryptography, so that the calculation and transmission costs are lower; ECV is further elected through a fuzzy logic control theory to achieve local optimal election; the ECV is set to help the RSU to realize rapid and accurate message signature authentication; the RSU furthest reduces the redundant authentication of the whole system through broadcasting the authentication result, and improves the operation efficiency of the whole Internet of vehicles.
Description
Technical Field
The invention relates to a vehicle network communication safety technology, in particular to a vehicle networking message authentication method based on edge computing.
Background
With the development of the automobile industry and the improvement of the economic level, the number of automobiles is continuously increased, and the requirements of people on automobile safety and driving comfort are more and more urgent. The internet of vehicles (VANET, Vehicular Ad Hoc Network) has been produced and has become a research focus of common attention of governments, research institutions and vehicle manufacturing enterprises. A typical internet of vehicles consists of three parts: trusted Authorities (TA), Roadside units (RSU), and On Boardreadunits (OBU). Wherein the vehicle's OBU is primarily responsible for two types of communication, inter-vehicle communication (V2V), inter-vehicle and RSU communication (V2R); the RSU acts as a bridge for the vehicle to communicate with the TA; the TA is used as a trusted management center in the Internet of vehicles and is responsible for registration and authentication of the RSU and the OBU.
Because the V2V and the V2R in the Internet of vehicles adopt wireless communication, if no reasonable safety scheme exists, a malicious attacker can modify the information of a legal vehicle and even disguise the information as the identity of the legal vehicle to send fake information, so that the traffic safety is damaged. Thus, a message recipient in the vehicle network must check the integrity and authenticity of a message after receiving it, and can only use it if it is guaranteed to be complete and authentic, otherwise it should be discarded. Besides, the privacy problem is a topic that has attracted much attention in the field of car networking in recent years. The drivers do not want personal privacy information such as own driving routes and real identities to be known by others, so the communication protocol between the internet of vehicles needs to be designed into a mode of anonymous communication, namely, vehicles use real identities of themselves but pseudonyms when communicating. But the anonymous protocol in the internet of vehicles should not be designed as an absolutely anonymous protocol because if there is a vehicle sending a forged message or tampering with a legitimate message, the identity of the vehicle should be traceable by a trusted authority. In the car networking, this privacy protection scheme is called a conditional privacy protection scheme. In order to solve the safety and privacy problems in the internet of vehicles, in recent years, many researchers have proposed various authentication schemes, but these schemes basically have redundant authentication, are not high enough in computational efficiency, and cannot meet the performance requirements in extreme cases.
In order to solve the problems of redundancy authentication and calculation efficiency in the field of Internet of vehicles message authentication, the scheme provides an efficient Internet of vehicles message authentication scheme based on edge calculation. The signature part of the scheme uses an operation based on Elliptic Curve Cryptography (ECC), so that the calculation and transmission overhead is low; ECV is elected through a fuzzy logic control theory to achieve local optimal election; the ECV is set to help the RSU to realize rapid and accurate message signature authentication, the authentication task of the RSU is outsourced to the ECV, and the RSU only needs to check the authentication result of the ECV; the RSU furthest reduces the redundant authentication of the whole system through broadcasting the authentication result, and improves the operation efficiency of the whole Internet of vehicles.
Disclosure of Invention
The purpose of the invention is as follows: the invention aims to solve the defects in the prior art and provides a vehicle networking message authentication method based on edge calculation.
The technical scheme is as follows: the invention discloses a vehicle networking message authentication method based on edge calculation, which comprises the following steps:
(1) the system initialization of the vehicle networking participant entity:
(1.1) parameter generation, namely, the TA is responsible for generating related parameters (including a system private key, a system public key, a private key of a roadside unit RSU, a public key of the roadside unit RSU, and real identity RID and password PWD distributed to each vehicle), the TA sends the private key of the RSU to the RSU through a safe wired network and sends the system private key to the vehicle at an ETC gateway, and the corresponding public key and the public parameters can be directly broadcast in any occasion without confidentiality;
(1.2) generating a pseudonym and a signature by the vehicle, namely generating the pseudonym by a TPD (tamper resistant device) module for the safety in the vehicle and signing an input message;
(2) message authentication of RSU and vehicle:
(2.1) the RSU elects an edge computing vehicle ECV, namely the vehicle broadcasts own position information and the value of the residual computing available resource, and the RSU elects the ECV according to the two metrics and distributes tasks to the ECV;
(2.2) the ECV executes the task, namely the ECV performs message authentication after receiving the task and informs the RSU of the authentication result;
(2.3) the RSU checks the authentication result of the ECV, namely the RSU broadcasts the authentication result through a Cuckoo filter after checking the authentication result of the ECV;
and (2.4) vehicle message authentication, namely after receiving the filter, the vehicles around the RSU perform inquiry work, namely, inquiry determines whether the message is legal and valid.
Further, the specific process of parameter generation in the step (1.1) is as follows:
(1.1.1) TA randomly selects two large prime numbers p, q, and one is defined as y2=x3A nonsingular elliptic curve E of + ax + b mod q, and in a group GqRandomly selecting a generating element P;
(1.1.3) TA random selectionAs the private key of the RSU, the public key PK of the RSU is calculatedR=xP;
(1.1.4) TA selects a safe hash function: h: {0,1}*→Zq;
(1.1.5) the TA distributes a real identity RID and a password PWD for each vehicle, and preloads { RID, PWD, s } into a TPD module of the vehicle through a safe channel;
(1.1.6) the TA sends the private key x of the RSU to the RSU through a secure channel;
(1.1.7) TA publishes System public parameters { P, q, a, b, P to RSU and all vehiclespub,PKRH } wherein a, b ∈ Fp。
Further, the detailed process of the step (1.2) is as follows:
(1.2.1) vehicle ViSending the real identity RID and the password PWD of the user to the TPD module for identity validity check, if the two values are equal to the values pre-stored in the TPD, passing the authentication and performing the step (1.2.2), otherwise failing the authentication and refusing the service;
(1.2.2) random selection of a number for TPDCalculate the pseudonymWherein the pseudonym comprises two sub-pseudonymsAndthe aim is to protect the identity privacy of the vehicle by conditional traceability of the pseudonym, these two sub-pseudonyms being defined as:
wherein, h: {0,1}*→Zq,PpubIs a system public key, P is in group GqSelecting randomly a generator;
(1.2.3) vehicle ViThe information M to be transmitted and the time stamp T at the moment are linked into MiTPD module input M | | TiGenerating a signature σi=sh(PIDi)+rih(Mi),
Further, the specific method of the step (2.1) is as follows:
(2.1.1) vehicle ViAdding GPS position and residual available computing resource information in the BSM message;
(2.1.2) RSU according to ViRespectively calculating a distance metric DM and an available performance metric APM according to the GPS position and the residual available calculation resource information, performing fuzzification processing, then calculating corresponding membership degrees according to fuzzy rules defined by a expert method, finally performing defuzzification processing according to a gravity center method to obtain a fitness value, and selecting V if the fitness is greater than a preset valueiInto an ECVi;
(2.1.3) for ECV-equipped vehicle ViThe RSU allocates one of them according to its remaining available computing resource sizeA specific message authentication task in the form of a pseudonym of the vehicleSent to vehicle ViWhere PID represents the set of pseudonyms to be authenticated { PID1.PID2…PIDn},Indicating that the RSU uses its own private key SKRSignature on pseudonym set PID.
Further, the distance metric DM in step (2.1.2) is calculated by the following formula:
wherein R represents the maximum effective transmission distance of the RSU;
the calculation formula of the available performance metric value APM is as follows:
wherein UCR (x) represents a vehicle ViCalculated resource value, MCL (x) for vehicle ViA maximum calculated performance value;
the preset value is a constant k, the value of k depends on the traffic flow in the current time period, and the larger the value is, the higher the standard for selecting the edge calculation vehicles is. K is suitably a constant between 0.8 and 1.0 at higher traffic flows and a constant between 0.6 and 0.8 at lower traffic flows.
Further, the specific method of the step (2.2) is as follows:
(2.2.1)ECViperforming batch authentication on the messages contained in the task set, if all the messages pass, indicating that all the messages in the task queue are legal, and informing the result to the RSU; otherwise, at least one message in the task set is illegal, and the following steps are executed;
(2.2.2)ECVito the task queueAnd combining the binary search algorithm of batch authentication, storing the illegal messages searched in the algorithm execution process into an illegal message set, and sending the illegal message queue to the RSU after the algorithm execution is finished.
Further, the specific method of the step (2.3) is as follows:
(2.3.1) RSU according to ECViDeducing a legal message set from the sent illegal message set, performing batch authentication on the legal message set, and respectively authenticating all elements in the illegal message set;
(2.3.2) the RSU computes fingerprints for legitimate messages, illegitimate messages, respectively, and stores them in the positive filter and the negative filter, respectively, and then broadcasts them.
Further, the specific method of the step (2.4) is as follows: the vehicle calculates the fingerprint of the message to be authenticated, and performs inquiry operation in the positive filter and the negative filter sent by the RSU respectively aiming at the fingerprint to determine whether the message is legal and valid.
Has the advantages that: compared with the prior art, the invention has the following advantages:
(1) the invention adopts a signature scheme based on ECC (elliptic curve cryptography), so that the calculation and communication overhead is lower;
(2) the invention adopts the edge calculation vehicle election method based on the fuzzy logic control theory, thereby obtaining the local optimal solution;
(3) the invention concentrates the message authentication task on the RSU and the edge computing vehicle, on one hand, the message authentication burden of the RSU is not overlarge, on the other hand, the vehicle with low computing performance can perform the message authentication with little overhead, and the message authentication redundancy of the whole system is low, thereby ensuring that the operation efficiency of the whole system is higher.
Drawings
FIG. 1 is a diagram of a system model of the present invention;
FIG. 2 is a schematic diagram of the pseudonym and signature generation process of the present invention;
FIG. 3 is a schematic diagram of the process of the RSU electing the ECV;
fig. 4 is a schematic diagram of the process of the RSU determining the validity of the ECV authentication result.
Detailed Description
The technical solution of the present invention is described in detail below, but the scope of the present invention is not limited to the embodiments.
As shown in fig. 1, the system model of the vehicle networking message authentication scheme based on edge computing mainly includes three participants, namely, a trusted entity (TA), a roadside unit (RSU), and a vehicle unit (OBU). The TA is responsible for the functions of parameter initialization, key material generation and release and the like of the whole system, cannot be broken and is trusted by other entities in the Internet of vehicles; the RSU is used as an intermediary of the TA and the OBU and is responsible for authenticating the validity of the message signature of the surrounding vehicle and broadcasting the result to the surrounding vehicle as a service; the OBU is used as a vehicle networking module of the vehicle and is responsible for communication of the vehicle, wherein the vehicle is divided into a common vehicle and an Edge Computing Vehicle (ECV), the common vehicle only needs to inquire the service provided by the RSU to realize message authentication, and the edge computing vehicle also needs to complete the message authentication task distributed by the RSU while enjoying the right of the common vehicle.
Example 1:
the Internet of vehicles message authentication method based on edge computing comprises the following steps:
(1) the system initialization of the vehicle networking participant entity: generating parameters, and generating a pseudonym and a signature by a vehicle;
(2) message authentication of RSU and vehicle: the RSU elects an Edge Computing Vehicle (ECV), the ECV performs tasks, the RSU checks the authentication result of the ECV, and vehicle message authentication.
In the parameter generation stage of step (1), the TA generates necessary system parameters, and then the TA preloads the system parameters into the TPD (tamper-resistant device) of the vehicle and all RSUs through a secure communication channel. The method comprises the following specific steps:
1) TA randomly selects two large prime numbers p, q, and one is defined as y2=x3Nonsingular elliptic curves E of + ax + b mod q (where a, b ∈ Fp) And in group GqAnd randomly selecting a generator P.
3) TA random selectionAs the private key of the RSU, the public key PK of the RSU is calculatedR=xP。
4) TA selects a safe hash function: h: {0,1}*→Zq。
5) TA assigns a real identity RID and a password PWD to each vehicle, and preloads { RID, PWD, s } into the TPD of the vehicle through a secure channel.
6) The TA sends the RSU's private key x to the RSU over a secure wired network.
7) TA publishes System public parameters { P, q, a, b, P to the RSU and all vehiclespub,PKR,h}。
In the pseudonym and signature generation stage of step (1), as shown in fig. 2, in order to ensure the verifiability of the message, the vehicle needs to provide a signature for the message, and the specific process is as follows:
1) the vehicle sends the real identity RID and the password PWD of the vehicle to the TPD for identity validity check, if the two values are equal to the values pre-stored in the TPD, the authentication is passed and the following steps are carried out, otherwise the authentication is failed and the service is refused.
2) Selecting a number at random for TPDCalculate the pseudonymWherein the pseudonym comprises two sub-pseudonymsAndthe purpose is conditional traceability by pseudonymTo protect the identity privacy of the vehicle, the two sub-pseudonyms are defined as:
3) vehicle ViThe information M to be transmitted and the time stamp T at the moment are linked into MiTPD inputs M | | TiGenerating a signature σi=sh(PIDi)+rih(Mi)。
The main process of the step (2) comprises the following steps: the vehicle broadcasts the position information of the vehicle and the remaining calculation available resource value, the RSU elects the ECV according to the two measurement values and distributes tasks to the ECV, the ECV performs message authentication after receiving the tasks and informs the RSU of the authentication result, the RSU broadcasts the result through a Cuckoo filter after checking the authentication result of the ECV, and vehicles around the RSU can perform message authentication only by inquiring after receiving the filter.
The vehicle broadcast location and computing resource information refers to: the vehicle adds the GPS position at the time of transmitting the message and the remaining calculation resource information in the BSM (basic safety message), and continuously updates and transmits it at a cycle of 300 ms.
The RSU in step (2) selects an ECV according to the position of the vehicle and the computing resource information and allocates a task phase, as shown in fig. 3, the specific process is described as follows:
1) RSU according to vehicle ViThe transmitted GPS position and its own position calculation itself (i.e., RSU itself) and ViD (x), calculating a Distance Metric (DM) according to the formula,
where R represents the maximum effective transmission distance of the RSU.
2) RSU according to vehicle ViCalculating Available Performance Metric (APM) based on the transmitted available resource information) The calculation method is as follows,
wherein UCR (x) represents a vehicle ViCalculated resource value, MCL (x) for vehicle ViMaximum calculated performance value.
3) The RSU substitutes DM and APM values according to Min-Max method and IF/Then rule to obtain fuzzy value, and obtains fitness according to gravity center method, IF the fitness is larger than preset constant k, Then vehicle V is selectediBecomes ECV. The output contains fuzzy sets { Verygood, Good, Unpseraberable, Bad, VeryBad }, and the fuzzy relations are shown in the following table:
4) for vehicle V becoming ECViThe RSU allocates certain message authentication tasks to the RSU according to the size of the residual available computing resources, and the tasks are in the form of vehicle pseudonymsSent to vehicle ViWherein PID ═ { PID ═ PID1,PID2,…,PIDn}。
The ECV of the step (2) executes the message authentication task stage, and the specific process is described as follows:
1) vehicle ECViFor received PID ═ PID1,PID2,…,PIDnFind the message signature Pair (PID) that needs authentication in its own message bufferi,Mi,σi) Wherein i is more than or equal to 1 and less than or equal to n, and then the following work is carried out:
2) vehicle ECViChecking the validity of the time stamps of all messages and if there are expired messages, sending a report to the RSU, which is slave to the ECViEliminating pseudonym PID corresponding to expired message in corresponding message owner list PIDx。
3) To prevent fromEnemy attack bulk summation, vehicle ECViRandomly selecting a small integer t with the length of 10bits, and randomly generating a vector v ═ v { (v)1,v2,…,vn},vi∈[1,2t]. Batch authentication is then performed according to the following equation,
if the above formula holds, it indicates ECViThe authenticated batch of messages passes the identity of the message owner and the integrity check of the message itself; if the message is not true, the ECV indicates that the batch of messages at least contains an invalid message, and the ECV is used for judging whether the batch of messages contains the invalid message or notiThe following work is required. Therefore, the attack of a malicious attacker on the signature accumulation process in batch authentication can be avoided.
4) In order to quickly find invalid messages contained in the batch of messages, a method combining binary search and batch authentication can be adopted to quickly find the invalid messages. The algorithm is as follows:
5) by the above steps, ECViFinds invalid messages in the batch messages, finds the identity sequence of the message owners in the own message buffer poolFollowed by ECViAnd feeding back the authentication result to the RSU:notably, to conserve network bandwidth, ECViOnly the pseudonym of the invalid message owner needs to be sent to the RSU. This reduces transmission overhead because most messages are available in the vehicle networking, and the RSU is slave ECViSubtracting from ECV the pseudonym set corresponding to the message requiring authenticationiThe received pseudonym set can obtain the identity corresponding to the legal message。
The RSU of step (2) checks the ECV authentication result phase, as shown in FIG. 4, for ECViAs a result of the transmission, the RSU needs to be checked, and only after the check is passed, will the RSU broadcast the ECViThe specific process of the authentication result of (1) is as follows:
1) RSU receiving ECViOf a messageThen, the signature is checked firstIf the message is valid, rejecting the message if the message is invalid, and continuing the following steps if the message is valid;
2) searching for ECV in own memoryiThe pseudonym PID sequence corresponding to the message to be authenticated is marked asThe sequence minus ECViSequence of invalid message owner identities sentCan obtain ECViPID sequence of authenticated message owners
3) To pairThe corresponding message signature carries out the batch authentication, and if the batch authentication passes, a is output as True; if not, the output a is False. For invalid message owner identity sequenceThe message signatures corresponding to all the elements in the list are authenticated one by one according to the following formula, and if all the signatures fail to be authenticated, b is output as True; otherwise, output b is False.
In the process, the hash operation is carried out on the pseudonym, and then the signature is carried out, so that the unforgeability of the identity (namely the pseudonym) of the message and the message owner can be ensured at the same time.
4) If a is True, then ECViThe message authentication result is reliable, and the following steps are continued; otherwise, ECV is explainediAttempting to spoof the RSU, the RSU recognizes the ECViCancellation of ECV for malicious vehiclesiCalculates vehicle qualification and sends an ECV to the TAiIs a pseudonym ofRequesting TA to withdraw ECVi。
5) The RSU confirms the ECV through the check of the step 4)iWhether the authentication result of (1) is reliable. The RSU initializes two Cuckoo filters, namely a positive filter posFilter and a negative filter negFilter. RSU separate calculationFingerprint of the message corresponding to all elements in the message, i.e. fingerprint (M)i) Storing the fingerprint in a positive filter; respectively calculateThe fingerprints of the messages corresponding to all the elements in the database are stored in the negative filter. After initialization is finished, the RSU broadcasts a positive filter posFilter, a negative filter negFilter and corresponding signatures to the vehicles in the jurisdiction
In the step (2), the authentication result stage of the vehicle authentication RSU broadcast comprises the following specific steps:
1) if the vehicle ViWant to authenticate message MiWhether it is legal or not, first calculate MiCorresponding fingerprint f ═ fingerprint (M)i) Respectively at the positive filter posFilter and the negative filter negFiAnd inquiring whether the fingerprint f value can be inquired in the filter.
2) The query results can be divided into four cases: { case 1: pos filter ═ True, negFilter ═ False }, { case 2: pos filter ═ False, negFilter ═ True }, { case 3: pos filter ═ True, negFilter ═ True }, { case 4: pos filter ═ False, negFilter ═ False }.
Either case 1 or 2 may specify message MiLegal or not, but with a certain probability, case 3 is encountered. Case 3, if present, indicates that the RSU has not yet authenticated message MiOr the verification result is not updated to the filter in time, the vehicle waits for the updating of the filter of the next round at the moment, if the number of rounds preset by the system is exceeded and the query still fails, the vehicle self-authenticates the message MiWhether it is legal or not. Case 4 occurs because the Cuckoo filter has a certain false positive rate, but the probability of case 4 occurring is negligible only by increasing the length of the fingerprint function finger print and increasing the Bucket Size according to actual needs.
The signature part of the invention uses the operation based on elliptic curve cryptography, so that the calculation and transmission costs are lower; ECV is further elected through a fuzzy logic control theory to achieve local optimal election; the ECV is set to help the RSU to realize rapid and accurate message signature authentication; the RSU furthest reduces the redundant authentication of the whole system through broadcasting the authentication result, and improves the operation efficiency of the whole Internet of vehicles.
Claims (8)
1. A vehicle networking message authentication method based on edge calculation is characterized in that: comprises the following steps:
(1) the system initialization of the vehicle networking participant entity:
(1.1) parameter generation, namely, a trust authority TA is responsible for generating a system private key, a system public key, a private key of a roadside unit RSU, a public key of the roadside unit RSU and a real identity RID and a password PWD distributed to each vehicle, the TA sends the private key of the RSU to the RSU through a safe wired network and sends the system private key to the vehicle at an ETC gateway, and the system public key and public parameters are broadcasted to the vehicle and the RSU at any time occasion;
(1.2) generating a pseudonym and a signature by the vehicle, namely generating the pseudonym by a TPD (tamper resistant device) module for the safety in the vehicle and signing an input message;
(2) message authentication of RSU and vehicle:
(2.1) the RSU elects an edge computing vehicle ECV, namely the vehicle broadcasts own position information and the value of the residual computing available resource, and the RSU elects the ECV according to the two metrics and distributes tasks to the ECV;
(2.2) the ECV executes the task, namely the ECV performs message authentication after receiving the task and informs the RSU of the authentication result;
(2.3) the RSU checks the authentication result of the ECV, namely the RSU broadcasts the authentication result through a Cuckoo filter after checking the authentication result of the ECV;
and (2.4) vehicle message authentication, namely after receiving the filter, the vehicles around the RSU perform inquiry work, namely, inquiry determines whether the message is legal and valid.
2. The edge computing-based internet of vehicles message authentication method of claim 1, wherein: the specific process of parameter generation in the step (1.1) is as follows:
(1.1.1) TA randomly selects two large prime numbers p, q, and one is defined as y2=x3A nonsingular elliptic curve E of + ax + b mod q, and in a group GqRandomly selecting a generating element P;
(1.1.3) TA random selectionAs the private key of the RSU, the public key PK of the RSU is calculatedR=xP;
(1.1.4) TA selects a safe hash function: h: {0,1}*→Zq;
(1.1.5) the TA distributes a real identity RID and a password PWD for each vehicle, and preloads { RID, PWD, s } into a TPD module of the vehicle through a safe channel;
(1.1.6) the TA sends the private key x of the RSU to the RSU through a secure channel;
(1.1.7) the TA publishes public parameters { P, q, a, b, P to the RSU and all vehiclespub,PKRH } wherein a, b ∈ Fp。
3. The edge computing-based internet of vehicles message authentication method of claim 1, wherein: the detailed process of the step (1.2) is as follows:
(1.2.1) vehicle ViSending the real identity RID and the password PWD of the user to the TPD module for identity validity check, if the two values are equal to the values pre-stored in the TPD, passing the authentication and performing the step (1.2.2), otherwise failing the authentication and refusing the service;
(1.2.2) random selection of a number for TPDCalculate the pseudonymWherein the pseudonym PIDiComprising two sub-pseudonymsAnd
wherein, h: {0,1}*→Zq,PpubIs a system public key, P is in group GqSelecting randomly a generator;
(1.2.3) vehicle ViThe information M to be transmitted and the time stamp T at the moment are linked into MiTPD module input M | | TiGenerating a signature σi=sh(PIDi)+rih(Mi),
4. The edge computing-based internet of vehicles message authentication method of claim 1, wherein: the specific method of the step (2.1) comprises the following steps:
(2.1.1) vehicle ViAdding GPS position and residual available computing resource information in the BSM message;
(2.1.2) RSU according to ViRespectively calculating a distance metric DM and an available performance metric APM according to the GPS position and the residual available calculation resource information, performing fuzzification processing, then calculating corresponding membership degrees according to a fuzzy rule, finally performing defuzzification processing according to a gravity center method to obtain a fitness value, and electing V if the fitness is greater than a preset valueiTo become ECV;
(2.1.3) for ECV-equipped vehicle ViThe RSU allocates its message authentication tasks in the form of vehicle pseudonyms according to its remaining available computing resource sizeSent to vehicle ViWhere PID represents the set of pseudonyms to be authenticated { PID1.PID2...PIDn},Indicating that the RSU uses its own private key SKRSignature on pseudonym set PID.
5. The edge computing-based internet of vehicles message authentication method of claim 4, wherein: the calculation formula of the distance metric DM in the step (2.1.2) is as follows:
wherein R represents the maximum effective transmission distance of the RSU;
the calculation formula of the available performance metric value APM is as follows:
wherein UCR (x) represents a vehicle ViCalculated resource value, MCL (x) for vehicle ViA maximum calculated performance value;
the preset value is a constant k, when the traffic flow is high, the constant k is between 0.8 and 1.0, and when the traffic flow is low, the constant k is between 0.6 and 0.8.
6. The edge computing-based internet of vehicles message authentication method of claim 1, wherein: the specific method of the step (2.2) is as follows:
(2.2.1)ECVithe batch authentication is carried out on the messages contained in the task set through the batch authentication formula, if the batch authentication formula equation is established, namely all the messages pass, all the messages in the task set are legal, the authentication result is informed to the RSU, and a random small factor technology, namely ECV (equal cost vector) is usediRandomly selecting an integer t with the length of 10bits, and randomly generating a vector v ═ v1,v2,…,vnIn which v isi∈[1,2t](ii) a The batch authentication formula is as follows:
if the batch authentication formula equation is not satisfied, that is, all the batch authentication formula equations are not passed, indicating that at least one message in the task set is illegal, and executing the step (2.2.2);
(2.2.2)ECViand performing a binary search algorithm combined with batch authentication on the task queue, storing the illegal messages searched in the algorithm execution process into an illegal message set, and sending the illegal message set to the RSU after the algorithm execution is finished.
7. The edge computing-based internet of vehicles message authentication method of claim 1, wherein: the specific method of the step (2.3) is as follows:
(2.3.1) RSU according to ECViDeducing a legal message set from the sent illegal message set, and executing the following steps:
(2.3.1.1) after the RSU receives the message from the edge computing vehicle, it first checks if the message signature is valid, if not, it rejects the message, if valid, it continues with the following steps;
(2.3.1.2) searching the corresponding pseudonym PID sequence of the message which needs to be authenticated of the edge computing vehicle in the memory of the edge computing vehicle, and recording the sequence asThe sequence minus ECViSent illegal message owner identity sequenceThen obtain ECViPID sequence of authenticated message owners
(2.3.1.3) pairsCarrying out batch authentication on the corresponding message signature, and if the message signature passes the batch authentication, outputting a to True; if not, outputting a as False; identity sequence to illegal message ownerThe message signatures corresponding to all the elements in the list are authenticated one by one according to the following formula, and if all the signatures fail to be authenticated, b is output as True; otherwise, outputting b as False;
(2.3.1.4) if a and b are True, then ECViThe message authentication result is reliable, and the following steps are continued; otherwise, ECV is explainediAttempting to spoof the RSU, the RSU recognizes the ECViCancellation of ECV for malicious vehiclesiCalculates vehicle qualification and sends an ECV to the TAiIs a pseudonym ofRequesting TA to withdraw ECVi;
(2.3.2) the RSU computes fingerprints for legitimate messages, illegitimate messages, respectively, and stores them in the positive filter and the negative filter, respectively, and then broadcasts them.
8. The edge computing-based internet of vehicles message authentication method of claim 1, wherein: the specific method of the step (2.4) comprises the following steps: the vehicle calculates the fingerprint of the message to be authenticated, and performs inquiry operation in the positive filter and the negative filter sent by the RSU respectively aiming at the fingerprint to determine whether the message is legal and valid.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711057462.7A CN107634837B (en) | 2017-11-01 | 2017-11-01 | Internet of vehicles message authentication method based on edge calculation |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711057462.7A CN107634837B (en) | 2017-11-01 | 2017-11-01 | Internet of vehicles message authentication method based on edge calculation |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107634837A CN107634837A (en) | 2018-01-26 |
CN107634837B true CN107634837B (en) | 2020-09-01 |
Family
ID=61106971
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711057462.7A Active CN107634837B (en) | 2017-11-01 | 2017-11-01 | Internet of vehicles message authentication method based on edge calculation |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107634837B (en) |
Families Citing this family (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108492603A (en) * | 2018-04-25 | 2018-09-04 | 济南浪潮高新科技投资发展有限公司 | A kind of edge calculations station and the automatic Pilot method based on edge calculations station |
CN109005542B (en) * | 2018-07-25 | 2021-03-02 | 安徽大学 | 5G Internet of vehicles rapid message authentication method based on reputation system |
CN109005538B (en) * | 2018-07-27 | 2021-03-02 | 安徽大学 | Message authentication method between unmanned vehicle and multi-mobile-edge computing server |
CN109067525B (en) * | 2018-08-01 | 2021-03-02 | 安徽大学 | Message authentication method based on semi-trusted management center in Internet of vehicles |
CN109218018B (en) * | 2018-09-14 | 2021-08-10 | 西安电子科技大学 | Identity-based unmanned aerial vehicle key management and networking authentication system and method |
CN110971397B (en) | 2018-09-28 | 2021-09-14 | 华为技术有限公司 | Communication method, communication device, server and system |
CN110099367A (en) * | 2019-04-26 | 2019-08-06 | 河南工学院 | Car networking secure data sharing method based on edge calculations |
CN110225481A (en) * | 2019-06-12 | 2019-09-10 | 中国科学院计算技术研究所 | The registration, certification and update method of the user of vehicle in vehicular ad hoc network |
CN110493256B (en) * | 2019-09-04 | 2020-04-17 | 深圳供电局有限公司 | Data transmission safety authentication method and system based on edge calculation and vector projection |
CN110621005B (en) * | 2019-09-26 | 2020-06-23 | 电子科技大学 | Vehicle networking privacy protection method based on crowdsourcing application |
CN110930704B (en) * | 2019-11-27 | 2021-11-05 | 连云港杰瑞电子有限公司 | Traffic flow state statistical analysis method based on edge calculation |
CN111371560B (en) * | 2020-02-27 | 2021-03-30 | 电子科技大学 | Certificateless fault-tolerant aggregation signature method and system applied to Internet of vehicles |
CN111355745B (en) * | 2020-03-12 | 2021-07-06 | 西安电子科技大学 | Cross-domain identity authentication method based on edge computing network architecture |
CN111614561A (en) * | 2020-05-28 | 2020-09-01 | 北京瑞华赢科技发展有限公司 | Intelligent road side data transmission method and device based on edge calculation and distributed system |
CN111951420A (en) * | 2020-08-27 | 2020-11-17 | 深圳成谷智能科技有限公司 | Method and device for safely transmitting ETC broadcast message |
CN112929944B (en) * | 2021-02-04 | 2022-07-22 | 天津理工大学 | Car networking collaboration content distribution method based on fuzzy logic and alliance graph game |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105959117A (en) * | 2016-07-19 | 2016-09-21 | 安徽大学 | Vehicle-mounted ad hoc network security authentication method based on Cuckoo filter |
CN106027519A (en) * | 2016-05-18 | 2016-10-12 | 安徽大学 | Efficient condition privacy protection and security authentication method in internet of vehicles |
CN106454825A (en) * | 2016-09-22 | 2017-02-22 | 北京航空航天大学 | Vehicle auxiliary authentication method in Internet of Vehicles environment |
-
2017
- 2017-11-01 CN CN201711057462.7A patent/CN107634837B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106027519A (en) * | 2016-05-18 | 2016-10-12 | 安徽大学 | Efficient condition privacy protection and security authentication method in internet of vehicles |
CN105959117A (en) * | 2016-07-19 | 2016-09-21 | 安徽大学 | Vehicle-mounted ad hoc network security authentication method based on Cuckoo filter |
CN106454825A (en) * | 2016-09-22 | 2017-02-22 | 北京航空航天大学 | Vehicle auxiliary authentication method in Internet of Vehicles environment |
Non-Patent Citations (1)
Title |
---|
面向车联网高效安全的消息认证方案;吴黎兵 等;《通信学报》;20161130;第37卷(第11期);1-10 * |
Also Published As
Publication number | Publication date |
---|---|
CN107634837A (en) | 2018-01-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107634837B (en) | Internet of vehicles message authentication method based on edge calculation | |
Cui et al. | An efficient message-authentication scheme based on edge computing for vehicular ad hoc networks | |
Yang et al. | Blockchain-based traffic event validation and trust verification for VANETs | |
CN109698754B (en) | Fleet safety management system and method based on ring signature and vehicle management platform | |
Grover | Security of Vehicular Ad Hoc Networks using blockchain: A comprehensive review | |
CN109802956B (en) | Anonymous vehicle-mounted network authentication system and method based on ring signature and vehicle communication platform | |
He et al. | Mitigating DoS attacks against signature-based authentication in VANETs | |
CN111277978B (en) | Vehicle networking system and method based on secret sharing and alliance chain | |
CN109005542B (en) | 5G Internet of vehicles rapid message authentication method based on reputation system | |
Zhou et al. | Efficient certificateless conditional privacy-preserving authentication for VANETs | |
Wang et al. | Challenges and solutions in autonomous driving: A blockchain approach | |
CN108964919A (en) | The lightweight anonymous authentication method with secret protection based on car networking | |
US9100418B2 (en) | Adaptive data verification for resource-constrained systems | |
CN110022542A (en) | A kind of anonymous authentication method of the modified based on condition secret protection | |
Wei et al. | An efficient trust management system for balancing the safety and location privacy in VANETs | |
Swanson et al. | Unconditionally secure signature schemes revisited | |
Zhao et al. | PBTM: A privacy-preserving announcement protocol with blockchain-based trust management for IoV | |
CN111260348B (en) | Fair payment system based on intelligent contract in Internet of vehicles and working method thereof | |
Olakanmi | SAPMS: a secure and anonymous parking management system for autonomous vehicles | |
CN111416705A (en) | Quantum computing resistance alliance chain voting system and method based on identity cryptography | |
Zhao et al. | Challenges and opportunities for securing intelligent transportation system | |
Chikhaoui et al. | A ticket-based authentication scheme for vanets preserving privacy | |
CN111629359A (en) | Message authentication method based on agent vehicle | |
US20080133917A1 (en) | Ring authentication method for concurrency environment | |
Wang et al. | Decentralized CRL Management for Vehicular Networks With Permissioned Blockchain |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |