CN107947942B - Vehicle position privacy protection method based on group ranking and prestige - Google Patents
Vehicle position privacy protection method based on group ranking and prestige Download PDFInfo
- Publication number
- CN107947942B CN107947942B CN201711234735.0A CN201711234735A CN107947942B CN 107947942 B CN107947942 B CN 107947942B CN 201711234735 A CN201711234735 A CN 201711234735A CN 107947942 B CN107947942 B CN 107947942B
- Authority
- CN
- China
- Prior art keywords
- vehicle
- group
- pseudonym
- message
- vehicles
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 32
- 230000008859 change Effects 0.000 claims abstract description 33
- 238000002156 mixing Methods 0.000 claims abstract description 13
- 230000004044 response Effects 0.000 claims description 20
- 230000008569 process Effects 0.000 claims description 18
- 238000004891 communication Methods 0.000 claims description 5
- 238000012795 verification Methods 0.000 claims description 3
- 239000000203 mixture Substances 0.000 claims description 2
- 238000012544 monitoring process Methods 0.000 claims description 2
- 230000007246 mechanism Effects 0.000 abstract description 6
- 230000015572 biosynthetic process Effects 0.000 abstract 3
- 230000007547 defect Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 1
- 230000005284 excitation Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000008447 perception Effects 0.000 description 1
- 230000009467 reduction Effects 0.000 description 1
- 239000002699 waste material Substances 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3255—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using group based signatures, e.g. ring or threshold signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
- H04L63/0421—Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/104—Peer-to-peer [P2P] networks
- H04L67/1044—Group management mechanisms
- H04L67/1051—Group master selection mechanisms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- Mathematical Physics (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Mobile Radio Communication Systems (AREA)
- Traffic Control Systems (AREA)
Abstract
The vehicle position privacy protection method based on group ranking and prestige that the invention discloses a kind of, including the following contents: more vehicle cooperations being encouraged to form the reputation model of group;Assess the privacy model of vehicle location privacy intensity;The formation of group creates a mechanism with dynamic mixing zone domain;Assumed name replaces mechanism.For any vehicle in vehicular ad hoc network network, when its assumed name is when the phase, according to the credit value of itself, actively group is established to control server request, control server is request vehicle allocation group role of leaders, and according to the current location of request vehicle, one Mixed Zone of dynamic formation, other vehicles in Mixed Zone change assumed name to determine whether participating in cooperation according to the credit value of oneself, privacy intensity, assumed name remaining time, and can dynamically adjust the credit value of vehicle.The present invention can encourage more vehicles that group is added, to cooperate to change assumed name, guarantee vehicle location privacy;Meanwhile vehicle does not have to keep silent status in the Mixed Zone of formation, but with group's identity broadcast message, ensure the driving safety of vehicle;Furthermore it is possible to efficiently reduce resource overhead caused by non-essential frequent change assumed name.
Description
Technical Field
The invention relates to the field of communication safety of Internet of vehicles, in particular to a vehicle position privacy protection method based on group signature and reputation.
Background
In recent years, vehicular ad hoc networks have become a promising technical issue to improve the efficiency and safety level of transportation systems and have attracted public attention. In an on-board ad hoc network, each vehicle is equipped with an on-board unit (OBU) communication device that allows them to communicate not only with each other, i.e., vehicle-to-vehicle (V2V), but also with roadside infrastructure, i.e., vehicle-to-infrastructure (V2I); meanwhile, the vehicle is provided with a microprocessor unit and has certain computing power. The vehicle periodically broadcasts messages, including position, speed, and direction information, to surrounding vehicles to improve the vehicle's perception of the surrounding vehicles and to warn of the occurrence of dangerous conditions. However, these messages can be easily intercepted and stolen by attackers, who use these stolen messages to track vehicles, thereby posing a serious threat to the privacy of the vehicle's location.
To solve this problem, some scholars have proposed a solution for establishing a hybrid area for location privacy protection, and generally, the hybrid area is based on a fixed location, and a specific area is used as the hybrid area, such as a road intersection or a large parking lot. The vehicle changes the pseudonym within the area to prevent attackers from tracking them. However, it is difficult to meet the requirement of flexibility in a fixed hybrid area due to its location limitation and the fact that the vehicle must maintain a quiet state in the area. Therefore, the idea of dynamically creating a blending region is proposed, thereby prompting the generation of a pseudonymization technique that dynamically determines a blending region. Through the dynamic hybrid zone method, the vehicle can dynamically select a location to change the pseudonym. For example, if a scholars proposes a density-based dynamic location privacy model, K-1 vehicles must be satisfied around any vehicle, requiring other vehicles to collaborate together to change the pseudonyms. However, some selfish vehicles are not willing to change the pseudonym due to their interest (e.g. limited pseudonym, bandwidth), and it is difficult to satisfy the k-anonymity requirement, resulting in a greatly increased probability of hidden exposure of the vehicle's location. In addition, in order to prevent the vehicles from being tracked, the vehicles generally keep a silent state in the mixed area, namely the vehicles do not broadcast messages to the outside and do not receive the messages, which poses great threats to traffic safety.
Disclosure of Invention
The purpose of the invention is as follows: the invention aims to solve the defects of the vehicle position privacy protection method in the existing vehicle ad hoc network, such as the reduction of the position privacy security caused by the small number of vehicles which change the pseudonyms in cooperation; meanwhile, resource overhead caused by frequent unnecessary pseudonym changes is reduced, more vehicles are encouraged to cooperate to change pseudonyms, and the position privacy safety of the vehicles is improved; in addition, the defect that the vehicles keep a silent state in a mixed area is overcome, the vehicles can broadcast messages in a group identity mode, and hidden dangers to traffic safety are reduced.
The technical scheme is as follows: the invention discloses a vehicle position privacy protection method based on group signature and reputation, which needs to form a mixed area through a multi-round group signature mechanism to change the pseudonym of a vehicle, and comprises the following steps:
(1) a privacy intensity model and a credit value model for measuring the position of the vehicle i are arranged in the vehicle-mounted ad hoc network;
the location privacy model is:
wherein, number of vehicles, P, for changing the pseudonym for the kth vehicle i in cooperation in a mixing area established by other vehiclesb→dThe probability of the vehicle changing from the old pseudonym b to the new pseudonym d, △ T the pseudonym life cycle, △ T the time remaining to change the pseudonym threshold (△ T takes less time relative to △ T, a time range may be set, e.g., 1 second to 30 seconds, or any value from them, e.g., 30 seconds), k the number of pseudonym changes,obtaining a location privacy strength for vehicle i at the kth wheel;
the reputation model is:representing the reputation value cumulatively obtained for vehicle i after k pseudonym changes, where NTi zIs the total number of vehicles in the mixing area,representing the number of vehicles collaboratively changing the pseudonym in the z-th round, z ≦ k;
n in the above model corresponds to the function of subscript value, ranging from 1 toAssume that at the k-th wheel, vehicle i uses b as its pseudonym before entering the blending zone, which has b as its pseudonymIf a vehicle is replaced with a new pseudonym, the new pseudonym is d, e, f, g, then the new pseudonym for vehicle i may be one of the 4 new pseudonyms, and will be successfully updated by the attackerProbability P of pseudonym d being associated with old pseudonym bb→d=1/4。Pb→dThe values are different in different rounds of changing the pseudonyms and are not fixed values.
(2) When a vehicle joins a vehicle-mounted ad hoc network for the first time, registering the vehicle with a trusted authority TA by using the real identity of the vehicle to obtain a public/private key pair and a certificate corresponding to the public/private key pair;
(3) suppose that at the k-th wheel, the microprocessor of vehicle i calculates its pseudonymous remaining timeWhen in useAt that time, the vehicle i requests the control server CS to act as the group leader GL;
(4) according to the group establishing rule, the vehicle i dynamically establishes a group by taking the vehicle i as a group leader;
(5) and constructing a mixed area in an area where the vehicles i form a group, broadcasting a change pseudonym message to group members in the mixed area by the GL, and determining whether to participate in cooperation to change the pseudonym or not by the vehicles in the mixed area according to the residual time of the pseudonym, the reputation value and the position privacy strength of the vehicles.
Further, in the step (1), the control server CS sets a reputation threshold ξ and a location privacy intensity threshold for any vehicle in the vehicle ad hoc networkThe two thresholds are set according to the privacy level that the user wants to achieve, and the obtained position privacy changes along with the difference of the settings of the two thresholds by the user.
Further, in the step (2), when any vehicle joins the vehicle ad hoc network for the first time, the trusted authority TA allocates a certain number of pseudonyms to the vehicle, each pseudonym has a corresponding use time, so that the vehicle sends messages outwards in the form of pseudonyms during driving, and all messages are encrypted or signed before being sent.
Further, the specific process of the step (3) is as follows:
(3.1) whenWhen the vehicle i is in use, the vehicle i sends a message to the control server CS via the road side unit RSU to serve as a group leader GL, wherein the sent message comprises a pseudonym, a position, an average speed and pseudonym remaining time information which are currently used by the vehicle i;
(3.2) control Server CS receives message of vehicle i, verifiesIf it is true, with the help of the trusted authority TA, a response message is sent to the vehicle i via the roadside unit RSU, the response message comprising the group identity GID assigned to the vehicle i, the symmetric key kGAnd a certificate, wherein the control server CS simultaneously stores the pseudonym, the group identity GID and the certificate information of the vehicle i in a local list;
and (3.3) after the vehicle i receives the response message of the control server CS, monitoring the request joining message from other vehicles by using the group identity.
Further, the specific process of the step (4) is as follows:
(4.1) periodically broadcasting the group establishment message by the group leader GL in a group identity GID, wherein any vehicle j receives the group establishment message, judges whether the vehicle j is the group leader, if so, the vehicle j discards the group establishment message, otherwise, the vehicle j continuously judges whether the group establishment message from other group leaders GL is received, if so, the vehicle j also discards the message, otherwise, the vehicle j further broadcasts the group establishment message according to the credit value R of the group leader GLGLSelf-pseudonym remaining timeIts own reputation value RjAnd intensity of location privacy BjJudging whether to join the group formed by the vehicle i to become a group member; the method can effectively avoid the problem that one group leader is a member of the other group, and simultaneously avoid the problem that one vehicle simultaneously joins a plurality of groups.
(4.2) when R isGLAt least ξ, the vehicle j sends a request to join the group to the group leader GL, when R isGL<ξ andat time, vehicle j sends a request to join the group to the group leader GL; when R isGL<ξ if Rj<ξ andthe vehicle j sends a request to join the group to the group leader GL; otherwise, when the pseudonym of the vehicle j is soon due, actively requesting the control server CS to act as a group leader;
wherein the request message for joining the group comprises a pseudonym, a certificate and a certificate used by the current vehicle,RjAnd BjAfter receiving the request message for joining the group, the group leader GL stores the identity information of the vehicle j and sends a response message to the vehicle j, wherein the response message includes GID and kGAnd a certificate; after the vehicle j receives the response message, the group identity is verified and k is storedG(ii) a After which the vehicles in the cluster pass kGEncrypted communication, wherein vehicles in the group issue messages to the outside of the group by GID; in the above process, in order to ensure timeliness of the messages, each message contains timestamp information.
Further, the specific process of the step (5) is as follows:
(5.1) after the group is established, selecting members of the group having at least NTi kThe critical area of the size of an individual vehicle is used as a mixture area, after which all vehicles in this area complete the pseudonymization as required, whereink△T-△t≤t<k△T,PchpThe probability of changing the pseudonym for vehicles within the hybrid zone (which may be set to 0.5, for example, indicating that any vehicle has a 50% probability of changing the pseudonym in the hybrid zone of other vehicles);is a location privacy intensity threshold value set by the control server CS for any vehicle in the on-board ad hoc network;
(5.2) the group leader GL sends a message to the control server CS through the roadside unit RSU, the message comprises a group identity GID and a certificate, the control server CS receives the message and passes verification, the group identity GID is compared with the group identity GID stored in the local list, if the group identity GID exists, the group leader GL is proved to be effective, a response message is replied to the group leader GL, and the group leader GL and group members are allowed to change pseudonyms as required;
(5.3) group leader GL kGEncrypting and broadcasting the message for changing the pseudonym, decrypting the message by the group members in the mixed area, and changing the pseudonym according to the requirement; if it isVehicle j calculates its own RjAnd BjParticipating in cooperative change of pseudonyms; otherwise, R of vehicle jj<ξ andvehicle j likewise calculates its own reputation value RjAnd intensity of location privacy BjParticipating in cooperative change of pseudonyms; otherwise, the vehicle j keeps the pseudonym unchanged until the pseudonym is soon due, and actively requests the CS control server to act as the group leader in the next round;
and (5.4) finishing the process of establishing the group and changing the pseudonyms in the mixed area, and then entering the process of the next round by the vehicle.
Has the advantages that: compared with the prior art, the invention has the following advantages:
(1) the invention introduces a group signature mechanism, the vehicles broadcast messages in the form of pseudonym identities in the driving process, when the vehicles form a group or become members of other groups, the pseudonym broadcast messages can be replaced by the group identities, the vehicles do not need to keep a silent state, the threat to traffic safety is reduced, in addition, the vehicles in a mixed area broadcast messages in the form of group identities, the confusability of the vehicles is enhanced, and the probability of successful tracking of attackers is effectively resisted.
(2) The invention introduces an excitation mechanism of the credit value, the initial value of the credit is set to be 0 when the vehicle just joins the vehicle ad hoc network, the privacy security of the vehicle position is lower at the moment, and the vehicle can actively participate in cooperation to change the pseudonymous name in order to improve the credit value. In the process of continuously participating in other vehicles to change the pseudonyms in a cooperative manner, the credit values are continuously accumulated, and when the credit values reach a specified threshold value, the pseudonyms are involved in multiple times of changing, so that the privacy safety is guaranteed, and the pseudonyms do not need to be replaced later.
(3) The present invention, due to the restriction of the stored pseudonym for each vehicle, quickly runs out of pseudonyms if the pseudonym is changed frequently. Therefore, vehicles in the mixed area do not need to change all the pseudonyms, and the pseudonyms are changed only when the conditions specified in the scheme are met, so that the resource overhead caused by changing the pseudonyms is effectively reduced.
Drawings
FIG. 1 is a diagram of a system model architecture of the present invention;
FIG. 2 is an overall flow chart of the present invention;
FIG. 3 is a flow chart of the group establishment process of the present invention;
fig. 4 is a flow chart of the pseudonym change process in the present invention.
Detailed Description
The technical solution of the present invention is described in detail below, but the scope of the present invention is not limited to the embodiments.
Example 1:
as shown in fig. 2, a vehicle location privacy protection method based on group signature and reputation of the present invention sequentially includes the following steps:
(1) a model for measuring the privacy intensity of the position of the vehicle i is set in the vehicle ad hoc network as follows:
wherein, number of vehicles, P, for changing the pseudonym for the kth vehicle i in cooperation in a mixing area established by other vehiclesb→dThe probability of a vehicle changing from an old pseudonym b to a new pseudonym d is determined.
For example, the vehicle uses b as the pseudonym before entering the blending zone, the number of vehicles collaboratively changing the pseudonym in the blending zone is 6, the vehicle continues to travel with a new pseudonym after leaving the blending zone, and the new pseudonym for vehicle i may be one of 6 new pseudonyms, that is, one of 6 new pseudonyms△ T is the pseudonym lifecycle, set to 25 minutes, △ T is the change pseudonym remaining time threshold, set to 0.5 minutes, k is the number of pseudonym changes, set to 30,is at the same timeLocation privacy Strength obtained by the k-th wheel vehicle i, its value and t, k, andit is related.
Meanwhile, a model for measuring the vehicle credit value is set as follows:representing the reputation value cumulatively obtained for vehicle i after k pseudonym changes, where NTi zThe total number of vehicles in the mixing area.
(2) When a vehicle joins in a vehicle-mounted ad hoc network for the first time, the vehicle registers with a TA (trusted people) by using the real identity of the vehicle to obtain a public/private key pair and a certificate corresponding to the public/private key pair, the initial position privacy intensity of a vehicle i is set to be 2, and the initial credit value is set to be 0.
(3) Suppose that at the k-th wheel, the microprocessor of vehicle i calculates its pseudonymous remaining timeWhen in useAt that time, vehicle i requests the Control Server (CS) to act as a Group Leader (GL), with the CS setting a reputation threshold ξ of 2.0 for each vehicle, and a location privacy thresholdIs 2.5.
(4) According to the group establishment rule, the vehicle i dynamically establishes the group by taking the vehicle i as the group leader.
(5) And forming a mixed area in the group, broadcasting a change pseudonym message to group members in the mixed area by the GL, and determining whether to participate in cooperation to change the pseudonym or not by vehicles in the mixed area according to the residual time of the pseudonym, the reputation value and the position privacy strength of the vehicles.
The pseudonym life cycle, the pseudonym remaining time threshold and the position privacy intensity threshold can be properly adjusted, and the number of vehicles in the mixed area can meet the requirement of privacy confusion by adjusting the size of the mixed area.
The specific implementation process of the step (3) is as follows:
1. when T isi leftAnd when the time is less than or equal to △ t, the vehicle i sends a message to the CS to act as GL through a Road Side Unit (RSU), wherein the message comprises the current pseudonym, the position, the average speed and the pseudonym remaining time information of the vehicle i.
CS receives message, checks Ti leftIf △ t is satisfied, after the verification is passed, a response message is sent to the vehicle i via the RSU with the help of TA, wherein the response message includes the Group Identity (GID) assigned to the vehicle i, the symmetric key (k)G) And a certificate, the CS locally holding the pseudonym, GID and certificate of the vehicle i at the same time.
3. After receiving the response message of CS, vehicle i can listen to the join request message from other vehicles in the group identity.
As shown in fig. 3, the specific implementation process of step (4) is as follows:
1, GL broadcasts group establishment message periodically by GID, any vehicle j receives the message and judges whether the vehicle is a group leader; if so, the vehicle j discards the message, otherwise, the vehicle j judges whether the group establishment message from other GL is received; if so, vehicle j also discards the message, otherwise, vehicle j again depends on the reputation value (R) of the group leaderGL) Self-pseudonym remaining timeReputation value of itself (R)j) And intensity of location privacy (B)j) To determine whether to join the group formed by the vehicle i and become a group member.
2. When R isGLAt > ξ, vehicle j sends a request to GL to join the group, otherwise, when RGL<ξ, ifVehicle j sends a request to GL to join the group, otherwise, when RGL<ξ if Rj<ξ andvehicle j sends a request to GL to join the group, otherwise, when the pseudonym of vehicle j is soon due, it actively requests CS to act as the group leader.
Wherein the information for joining the group comprises the pseudonym, the certificate and the like used by the current vehicle,RjAnd BjThe GL receives the information of joining the group, stores the identity information of the vehicle j, and sends a response message including GID and k to the vehicle jGAnd a certificate. After the vehicle j receives the response message, the group identity is verified and k is storedG. Then the vehicles in the group can pass through kGAnd encrypting communication, and issuing a message to the outside of the group by the vehicles in the group through the GID. In addition, in order to guarantee timeliness of the messages, each message contains timestamp information.
As shown in fig. 4, the specific implementation process of step (5) is as follows:
1. after the group is established, members of the group are selected to have at least NTi kThe critical area of an individual vehicle is used as a hybrid area, after which all vehicles in this area complete the pseudonymization as required, whereink△T-△t≤t<k△T,PchpSetting P for probability of changing pseudonym for vehicles in a mixed regionchp=0.5。
And 2, the GL sends a message to the CS through the RSU, wherein the message comprises a GID and a certificate, the CS receives the message and verifies the message to pass, the GID is compared with the GID stored in the local list, if the GID exists, the GL is proved to be effective, a response message is replied to the GL, and the GL and the group members are allowed to change the pseudonyms as required.
K for GLGThe messages for changing the pseudonym are encrypted and broadcast, the group members in the mixed area decrypt the messages, and the pseudonym is changed as required. If it isVehicle j calculates its own RjAnd BjParticipating in cooperative change of pseudonyms; otherwise, R of vehicle jj<ξ andthen vehicle j likewise calculates its own RjAnd BjParticipating in cooperative change of pseudonyms; otherwise, vehicle j remains with the pseudonym until the pseudonym is soon due, requesting the CS to act as the group leader on the next active round.
4. The process of establishing a group and changing the pseudonyms in the mixed area is finished, and then the vehicle enters the process of the next round.
The embodiment can see that the reputation mechanism is used, more vehicles are encouraged to cooperate to change the pseudonyms, the confusability of the vehicles is greatly increased, the position privacy of the vehicles is effectively ensured, and meanwhile, the resource waste caused by unnecessary forced change of the pseudonyms is reduced. In addition, according to the vehicle space distribution characteristics, the vehicles form a mixed area in a group signature mode, and the vehicles in the group send messages by replacing pseudonyms with group identities, so that the probability of the vehicles being tracked can be effectively reduced, and higher privacy performance is maintained. Meanwhile, the vehicles in the group do not need to keep a silent state, and the safety of the vehicles in the driving process can be effectively ensured.
Claims (3)
1. A vehicle position privacy protection method based on group signature and reputation is characterized in that: the method comprises the following steps:
(1) a privacy intensity model and a credit value model for measuring the position of the vehicle i are arranged in the vehicle-mounted ad hoc network;
the location privacy model is:
wherein, number of vehicles, P, for changing the pseudonym for the kth vehicle i in cooperation in a mixing area established by other vehiclesb→dProbability of changing from old pseudonym b to new pseudonym d for vehicle, and△ T is the pseudonym life cycle, △ T is the time remaining to change pseudonym threshold, k is the number of pseudonym changes,obtaining a location privacy strength for vehicle i at the kth wheel;
the reputation model is:representing the reputation value cumulatively obtained for vehicle i after k pseudonym changes, where NTi zThe total number of vehicles in the mixed area;representing the number of vehicles collaboratively changing the pseudonym in the z-th round, z ≦ k;
(2) when a vehicle joins a vehicle-mounted ad hoc network for the first time, registering the vehicle with a trusted authority TA by using the real identity of the vehicle to obtain a public/private key pair and a certificate corresponding to the public/private key pair;
(3) assuming that at the k-th wheel, the microprocessor of vehicle i calculates the respective pseudonymous remaining time Ti leftWhen T isi leftWhen the time is less than or equal to △ t, the vehicle i requests the control server CS to act as a group leader GL;
(3.1) when Ti leftWhen the time is less than or equal to △ t, the vehicle i sends a message to the control server CS through the road side unit RSU to request to serve as a group leader GL, wherein the sent message comprises a pseudonym, a position, an average speed and pseudonym remaining time information currently used by the vehicle i;
(3.2) control Server CS receives message of vehicle i, verifies Ti left△ t ≦ is established, and with the help of the trusted authority TA, a response message is sent to the vehicle i via the roadside unit RSU, the response message comprising the group identity GID assigned to the vehicle i, the symmetric key kGAnd a certificate, wherein the control server CS simultaneously stores the pseudonym, the group identity GID and the certificate information of the vehicle i in a local list;
(3.3) after the vehicle i receives the response message of the control server CS, monitoring the request joining message from other vehicles by using the group identity;
(4) according to the group establishing rule, the vehicle i dynamically establishes a group by taking the vehicle i as a group leader;
(4.1) periodically broadcasting the group establishment message by the group leader GL in a group identity GID, wherein any vehicle j receives the group establishment message, judges whether the vehicle j is the group leader, if so, the vehicle j discards the group establishment message, otherwise, the vehicle j continuously judges whether the group establishment message from other group leaders GL is received, if so, the vehicle j also discards the message, otherwise, the vehicle j further broadcasts the group establishment message according to the credit value R of the group leader GLGLSelf-pseudonym remaining timeIts own reputation value RjAnd intensity of location privacy BjJudging whether to join the group formed by the vehicle i to become a group member;
(4.2) when R isGLAt least ξ, the vehicle j sends a request to join the group to the group leader GL, when R isGL<ξ andat time, vehicle j sends a request to join the group to the group leader GL; when R isGL<ξ if Rj<ξ andthe vehicle j sends a request to join the group to the group leader GL; otherwise, when the pseudonym of the vehicle j is soon due, actively requesting the control server CSTo assume the group leader, ξ is a reputation threshold,is a location privacy intensity threshold;
wherein the request message for joining the group comprises a pseudonym, a certificate and a certificate used by the current vehicle,RjAnd BjAfter receiving the request message for joining the group, the group leader GL stores the identity information of the vehicle j and sends a response message to the vehicle j, wherein the response message includes GID and kGAnd a certificate; after the vehicle j receives the response message, the group identity is verified and k is storedG(ii) a After which the vehicles in the cluster pass kGEncrypted communication, wherein vehicles in the group issue messages to the outside of the group by GID;
(5) constructing a mixed area in an area where vehicles i form a group, broadcasting a change pseudonym message to group members in the mixed area by a GL, and judging whether to participate in cooperation to change pseudonyms or not by the vehicles in the mixed area according to the remaining time of the pseudonyms, the reputation value and the position privacy strength of the vehicles;
(5.1) after the group is established, selecting members of the group having at least NTi kThe critical area of the size of an individual vehicle is used as a mixture area, after which all vehicles in this area complete the pseudonymization as required, whereink△T-△t≤t<k△T,PchpA probability of changing pseudonyms for vehicles within the blending area;is a location privacy intensity threshold value set by the control server CS for any vehicle in the on-board ad hoc network;
(5.2) the group leader GL sends a message to the control server CS through the roadside unit RSU, the message comprises a group identity GID and a certificate, the control server CS receives the message and passes verification, the group identity GID is compared with the group identity GID stored in the local list, if the group identity GID exists, the group leader GL is proved to be effective, a response message is replied to the group leader GL, and the group leader GL and group members are allowed to change pseudonyms as required;
(5.3) group leader GL kGEncrypting and broadcasting the message for changing the pseudonym, decrypting the message by the group members in the mixed area, and changing the pseudonym according to the requirement; if it isVehicle j calculates its own RjAnd BjParticipating in cooperative change of pseudonyms; otherwise, R of vehicle jj<ξ andvehicle j likewise calculates its own reputation value RjAnd intensity of location privacy BjParticipating in cooperative change of pseudonyms; otherwise, the vehicle j keeps the pseudonym unchanged until the pseudonym is soon due, and actively requests the CS control server to act as the group leader in the next round;
and (5.4) finishing the process of establishing the group and changing the pseudonyms in the mixed area, and then entering the process of the next round by the vehicle.
2. The group signature and reputation based vehicle location privacy protection method of claim 1, wherein in step (1), the control server CS sets a reputation threshold ξ and a location privacy strength threshold for any vehicle in the vehicle ad hoc network
3. The group signature and reputation based vehicle location privacy protection method of claim 1, wherein in step (2), when any vehicle joins the ad hoc network in the vehicle for the first time, the trusted authority TA assigns a certain number of pseudonyms to the vehicle, each pseudonym having a corresponding use time △ T, so that the vehicle sends out messages in the form of pseudonyms during driving, and all messages are encrypted or signed before being sent.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711234735.0A CN107947942B (en) | 2017-11-30 | 2017-11-30 | Vehicle position privacy protection method based on group ranking and prestige |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711234735.0A CN107947942B (en) | 2017-11-30 | 2017-11-30 | Vehicle position privacy protection method based on group ranking and prestige |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107947942A CN107947942A (en) | 2018-04-20 |
CN107947942B true CN107947942B (en) | 2019-08-27 |
Family
ID=61947917
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711234735.0A Active CN107947942B (en) | 2017-11-30 | 2017-11-30 | Vehicle position privacy protection method based on group ranking and prestige |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107947942B (en) |
Families Citing this family (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107580048B (en) * | 2017-09-04 | 2020-07-14 | 东北大学 | VANETs position privacy protection system and method based on virtual Mix-zone |
CN108769926B (en) * | 2018-05-16 | 2020-10-23 | 电子科技大学 | Group perception layer-based car networking privacy protection method and car networking framework |
CN109561383A (en) * | 2018-12-17 | 2019-04-02 | 昆明理工大学 | A kind of location privacy protection method based on dynamic assumed name exchange area |
CN110034958B (en) * | 2019-04-02 | 2022-11-11 | 浙江工商大学 | Vehicle networking pseudonym change incentive algorithm and change method based on SGUM theory |
CN110430567B (en) * | 2019-07-31 | 2023-03-24 | 福建师范大学 | Internet of vehicles pseudonym replacement method based on game analysis |
US11240659B2 (en) * | 2019-12-09 | 2022-02-01 | Intel Corporation | Privacy protection mechanisms for connected vehicles |
CN112351408B (en) * | 2021-01-08 | 2021-04-06 | 北京电信易通信息技术股份有限公司 | Data safety transmission method and system for intelligent network-connected electric vehicle |
CN112969173B (en) * | 2021-02-01 | 2022-08-30 | 河南工学院 | Position privacy protection method and system in 5G vehicle-mounted network based on virtual vehicle |
CN114051235B (en) * | 2021-08-28 | 2024-03-29 | 北京工业大学 | Vehicle track privacy protection method in Internet of vehicles scene |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103338444A (en) * | 2013-05-15 | 2013-10-02 | 浙江工商大学 | Vehicle position privacy protection method of vehicular ad hoc network |
CN103781067A (en) * | 2014-03-03 | 2014-05-07 | 南京理工大学 | Authentication switching method with privacy protection in LTE (long term evolution)/LTE-A (LTE-advanced) network |
CN106027519A (en) * | 2016-05-18 | 2016-10-12 | 安徽大学 | Efficient condition privacy protection and security authentication method in internet of vehicles |
-
2017
- 2017-11-30 CN CN201711234735.0A patent/CN107947942B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103338444A (en) * | 2013-05-15 | 2013-10-02 | 浙江工商大学 | Vehicle position privacy protection method of vehicular ad hoc network |
CN103781067A (en) * | 2014-03-03 | 2014-05-07 | 南京理工大学 | Authentication switching method with privacy protection in LTE (long term evolution)/LTE-A (LTE-advanced) network |
CN106027519A (en) * | 2016-05-18 | 2016-10-12 | 安徽大学 | Efficient condition privacy protection and security authentication method in internet of vehicles |
Non-Patent Citations (1)
Title |
---|
AMOEBA:Robust Location Privacy Scheme for VANET;Krishna Sampigethaya 等;《EEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS》;20071031;第25卷(第8期);第1569,1584段 * |
Also Published As
Publication number | Publication date |
---|---|
CN107947942A (en) | 2018-04-20 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107947942B (en) | Vehicle position privacy protection method based on group ranking and prestige | |
Alnasser et al. | Cyber security challenges and solutions for V2X communications: A survey | |
Yang et al. | Blockchain-based traffic event validation and trust verification for VANETs | |
CN107580048B (en) | VANETs position privacy protection system and method based on virtual Mix-zone | |
Liu et al. | TCEMD: A trust cascading-based emergency message dissemination model in VANETs | |
Rostamzadeh et al. | A context-aware trust-based information dissemination framework for vehicular networks | |
CN109005542B (en) | 5G Internet of vehicles rapid message authentication method based on reputation system | |
Wang et al. | Challenges and solutions in autonomous driving: A blockchain approach | |
CN111967051B (en) | Block chain-based inter-vehicle data safety sharing method and system | |
CN107580006B (en) | Vehicular ad hoc network conditionity method for secret protection based on register list | |
Lu et al. | Anonymity analysis on social spot based pseudonym changing for location privacy in VANETs | |
Safavat et al. | On the elliptic curve cryptography for privacy-aware secure ACO-AODV routing in intent-based internet of vehicles for smart cities | |
Chaurasia et al. | Trust computation in VANETs | |
Mistareehi et al. | A secure and distributed architecture for vehicular cloud | |
Ghourab et al. | Blockchain-guided dynamic best-relay selection for trustworthy vehicular communication | |
Gazdar et al. | A secure cluster‐based architecture for certificates management in vehicular networks | |
Chavhan et al. | Edge-enabled Blockchain-based V2X scheme for secure communication within the smart city development | |
Caballero-Gil et al. | Data aggregation based on fuzzy logic for VANETs | |
Funderburg et al. | Efficient short group signatures for conditional privacy in vehicular ad hoc networks via ID caching and timed revocation | |
Didouh et al. | TileChain: A Blockchain-Based Framework for Security Service Management For Vehicular Communications | |
Monir et al. | A trust-based message reporting scheme for vanet | |
Raya | Data-centric trust in ephemeral networks | |
Squicciarini et al. | Paim: Peer-based automobile identity management in vehicular ad-hoc network | |
Sharma et al. | Token based trust computation in VANET | |
Li et al. | Broadcast and Silence Period (BSP): A Pseudonym Change Strategy |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |