CN110677256A - VPKI-based VANETs pseudonym revocation system and method - Google Patents

VPKI-based VANETs pseudonym revocation system and method Download PDF

Info

Publication number
CN110677256A
CN110677256A CN201910904538.8A CN201910904538A CN110677256A CN 110677256 A CN110677256 A CN 110677256A CN 201910904538 A CN201910904538 A CN 201910904538A CN 110677256 A CN110677256 A CN 110677256A
Authority
CN
China
Prior art keywords
vehicle
unit
pseudonym
crl
roadside
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910904538.8A
Other languages
Chinese (zh)
Other versions
CN110677256B (en
Inventor
高天寒
齐珈玉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Northeastern University China
Original Assignee
Northeastern University China
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Northeastern University China filed Critical Northeastern University China
Priority to CN201910904538.8A priority Critical patent/CN110677256B/en
Publication of CN110677256A publication Critical patent/CN110677256A/en
Application granted granted Critical
Publication of CN110677256B publication Critical patent/CN110677256B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • H04L63/0421Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • H04L9/3213Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • H04W4/44Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P] for communication between vehicles and infrastructures, e.g. vehicle-to-cloud [V2C] or vehicle-to-home [V2H]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • H04W4/46Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P] for vehicle-to-vehicle communication [V2V]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Small-Scale Networks (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a VPKI-based VANETs pseudonym revocation system and a VPKI-based VANETs pseudonym revocation method, and belongs to the technical field of vehicle-mounted network security. The invention utilizes and strengthens the latest vehicle public key infrastructure system to provide the pseudonyms in a mode according to the needs, the local credible authorization authentication center appoints a universal fixed interval, all the pseudonyms sent out in the domain have the life cycle aligned with the vehicle public key infrastructure system clock, the pseudonyms can be prevented from being linked based on time information, and all the pseudonyms before the revocation event are kept unlinkable when the revocation event occurs, thereby improving the privacy protection intensity of the vehicle nodes; the CRL fragmentation technology is adopted, the CRL fragments are distributed and transmitted by using the V2V mode, the CRL is acquired by taking a vehicle as the center in a 'publish-subscribe' mode, and the bloom filter is used for providing the certificate for the CRL fragments, so that the CRL fragments can be confirmed quickly, the calculation cost is reduced, the verification efficiency is improved, and the system performance is enhanced.

Description

VPKI-based VANETs pseudonym revocation system and method
Technical Field
The invention relates to the technical field of vehicle-mounted network security, in particular to a VPKI-based VANETs pseudonym revocation system and a VPKI-based VANETs pseudonym revocation method.
Background
With the rapid development of the internet of things, the intelligent transportation system attracts wide attention with its huge social interests, and a Vehicle Ad hoc network (VANETs) as an important component of the intelligent transportation system has become a research hotspot in recent years. However, vehicle communication systems are vulnerable to attacks, which may compromise user privacy. The standardization bodies (IEEE 1609.2WG and ETSI), the working group (C2C-CC) and the projects (SeVeCom, PRESERVE, CAMP) propose security and privacy solutions. The consensus is reached that V2V/V2I communication is protected using public key cryptography: a set of trusted authority certificate authorities form a Vehicle Public Key Infrastructure (VPKI) that provides a plurality of anonymous credentials (called pseudonyms) to legitimate vehicles. The vehicle switches from one pseudonym to a pseudonym that has never been used before to achieve unlinkability of digitally signed messages and to enhance the privacy of the V2V/V2I message sender. When harmful behaviors occur in the network, the propagation of the withdrawn pseudonyms and certificates of illegal vehicles among vehicles has important significance for maintaining communication safety. In practical application, the revocation information distribution mode of the illegal vehicles which is most widely applied in the VANETs is a certificate revocation list, and the VPKI finally revokes the vehicles which are misbehaving or are damaged by including serial numbers of unexpired certificates in the CRL.
In the current vehicle revocation method, in order to achieve the purpose of high efficiency, the CRL is mainly improved, for example, the CRL fragmentation technology is adopted, and each CRL fragment is independently delivered; the distribution of CRLs is accelerated in areas of high vehicle density by distributing CRLs in a car-to-car manner. However, the technique of splitting a digitally signed CRL into multiple fragments has the disadvantage of being vulnerable to contamination, and even if modified to sign each CRL fragment, it still has the disadvantage of incurring a significant amount of computational overhead, which for VPKI and receiving vehicles grows linearly with the number of CRL fragments. Furthermore, an attacker can exploit the signature verification delay to forge a CRL segment for a DoS attack, thereby preventing the vehicle from obtaining a genuine CRL segment. Another technique is to compress the CRL using a Bloom Filter (BF), reducing the size of the transmitted CRL. But the size of the CRL grows linearly with the number of revoked pseudonyms and most of the compressed CRLs are likely to be independent of the receiving vehicle. In addition, the technology applies the fog computing to the environment of the Internet of things to distribute revocation information, and the combination of the fog computing and the VANETs is promising, and although some research work is already done, the current method is not mature. In order to realize safe and efficient vehicle revocation in VANETs and solve the problems of easy pollution, DoS attack and the like in the prior art, a bloom filter and a CRL fragmentation technology can be combined to efficiently verify CRL fragments and distribute the CRL fragments in a car-to-car mode. Meanwhile, in order to effectively revoke a group of pseudonyms of the vehicle, a method of revoking a plurality of pseudonyms by a single CRL entry may be adopted to reduce the CRL size.
Disclosure of Invention
Aiming at the defects of the prior art, the invention provides a VPKI-based VANETs pseudonym revocation system and a VPKI-based VANETs pseudonym revocation method.
In order to solve the technical problems, the technical scheme adopted by the invention is as follows: a VPKI-based VANETs pseudonymization system, as shown in fig. 1, comprising: the system comprises a local credible authorization authentication center H-TA, an off-site credible authorization authentication center F-TA, a local domain, an off-site region, a plurality of roadside units and a plurality of vehicle units;
the local credible authorization and authentication center H-TA manages a local domain, the other-place credible authorization and authentication center F-TA manages an outer region, the credible authorization and authentication center is connected with the roadside units through wired safety channels and is responsible for managing the roadside units and generating public and private keys of the roadside units for the roadside units, and the local credible authorization and authentication center registers, authenticates and authorizes vehicle units in the local domain and issues long-term certificates (LTC) and bills to legal vehicle units;
the roadside unit is an infrastructure established on the roadside, is connected with the vehicle unit through a wireless network, generates a secret key and a pseudonym for the legally accessed vehicle unit, and is intermediate equipment for the communication between the vehicle unit and the credible authorization authentication center;
the vehicle unit is a communication unit loaded on a vehicle node, switches among different roadside units along with the movement process of the vehicle node, and is responsible for communication between the corresponding vehicle node and the roadside units and between the corresponding vehicle node and other vehicle nodes;
the local and foreign credible authorization authentication centers trust with each other, the credible authorization authentication center trusts with the roadside units, the credible authorization authentication center is completely trusted by the vehicle units, the vehicle units and the roadside units do not trust with each other, the vehicle units do not trust with each other, and the roadside units do not trust with each other.
In order to solve the technical problems, the technical scheme adopted by the invention is as follows: a VPKI-based VANETs pseudonym revocation method is disclosed, the flow of the method is shown in figure 2, and the method comprises the following steps:
step 1: the vehicle unit acquires a local bill generated for the vehicle unit through a roadside unit which is currently authenticated to be legal, the process is shown in figure 3, and then the vehicle unit executes a bill acquisition pseudonym generation protocol with a local trusted authorization and authentication center, wherein during cross-domain operation, the vehicle unit communicates with a foreign trusted authorization and authentication center to acquire a foreign bill;
step 1.1: the vehicle unit generates a pseudonym request interval t according to the pseudonym acquisition strategy useds,te];
Step 1.2: the vehicle unit prepares to send a request and concatenates the ID of the target roadside unit with the random number, calculates a hash value: h (R)ID||Rndn-tkt) Generate request ζ ← (Id)req,H(RID||Rndn-tkt),ts,te);
Wherein IdreqThe ID of the vehicle unit is shown, zeta is a request operator, and n-tkt is a local ticket native ticket;
under the condition of cross-domain operation, connecting the ID of the target foreign trusted authority authentication center with the random number;
step 1.3: private key s for vehicle unitvA zeta signature will be requested and,
Figure BDA0002212885140000021
wherein Sign () is a public key signature algorithm;
step 1.4: the vehicle unit will sign, long-term credential, random number and time stampSending the information to a local trusted authorization authentication center;
step 1.5: the local trusted authority certificate authority verifies the validity of the request according to the long-term certificate submitted by the vehicle unit and the corresponding signature,
Figure BDA0002212885140000031
wherein, Verify () is a public key signature authentication algorithm;
step 1.6: after the local credible authorization authentication center verifies that the vehicle unit is legal, a 'bill identifiable key' (IK) is generatedn-tkt) To bind the ticket to the vehicle's voucher:
Figure BDA0002212885140000032
wherein the content of the first and second substances,is the IKn-tktA generated random number;
step 1.7: the local trusted authority authentication center generates a local ticket for the vehicle unit: x ← H (R)ID||Rndn-tkt),IKn-tkt,ts,te) And signing the bill to generate an anonymous bill:
Figure BDA0002212885140000034
sendingA vehicle unit;
wherein σH-TARepresenting a signature of the system private key s, Id, generated by the H-TAresFor the sequence number of the request message, TS2Is a time stamp;
step 1.8: vehicle unit authentication anonymous ticket:and passes the verification equation
Figure BDA0002212885140000037
Whether a verification bill is established or not;
wherein, PpubThe system public key generated by the trusted authority authentication center;
in the case of cross-domain operation, the vehicle unit interacts with a foreign trusted authority authentication center and presents foreign tickets to obtain local tickets in the domain in the foreign domain.
Step 2: after the vehicle unit completes the bidirectional authentication with the target roadside unit based on the safe V2I authentication protocol, a pseudonym generation protocol is executed to obtain a pseudonym, and the flow is shown in FIG. 4;
step 2.1: preparation of parameters required by a vehicle unit for generating a pseudonym
Figure BDA0002212885140000038
Then sending the request to the roadside unit in a request form;
wherein, t's,t'eA start time stamp and an end time stamp for an actual pseudonym request interval when the vehicle unit requests a pseudonym, respectively;
step 2.2: and after the roadside unit receives the request, verifying the validity of the bill:
Figure BDA0002212885140000039
step 2.3: after the roadside unit verifies that the bill of the vehicle unit is legal, the roadside unit passes the verification equation
Figure BDA00022128851400000310
If true, check if it is the target roadside unit of the vehicle unit, and then verify the actual period of the pseudonym requested, i.e. [ t's,t'e]Whether it falls within a specified period in the ticket ts,te];
Wherein the content of the first and second substances,
Figure BDA0002212885140000041
the ID of the roadside unit;
step 2.4: the roadside unit generates a random number: rndvAnd (c) the road side unit generates an anonymous identity and a corresponding private key for the vehicle unit:<Vi,ski>;
wherein, Vi={Vi,1,Vi,2},Vi,1=xiP, roadside unit selection random numberski=sR·H2(Vi,2) I ═ 1, …, n is the number of pseudonyms distributed by each roadside unit, P ∈ G1,G1Is a cyclic addition group, P is G1A generator in, PpubIs a system parameter generated by a trusted authority certificate authority, namely a system public key, VIDIs the initial pseudonym, s, generated by the trusted authority certificate authority for the vehicle when it registers with the systemRIs the private signature key of the roadside unit, H1And H2Is a hash function selected by the trusted authority authentication center;
next, a 'kana recognizable key' is generated "
Figure BDA0002212885140000043
To bind the pseudonym to the ticket of the vehicle unit:
Figure BDA0002212885140000044
step 2.5: the wayside unit determines the pseudonym serial number SN by computing a hash value and implicitly associates a set of pseudonyms belonging to each vehicle unit requesting a pseudonym, i.e. when i is 1,when i is {2, …, n }, SNi←H(SNi-1||Hi(Rndv));
Step 2.6: the roadside unit generates a pseudonym for the vehicle unit:
Figure BDA0002212885140000046
wherein the content of the first and second substances,
Figure BDA0002212885140000047
is that roadside units integrate a gap gamma for releasing CRLCRLBF value of all CRL segments within, CRLVFor the version of CRL, the roadside unit may randomly select some pseudonyms as carriers of BF values, and the proportion of the carriers may be set according to different factors, such as the frequency of revocation events and the coverage of deployed roadside units;
step 2.7: roadside unit message (Id)res,ξ,Rndv,nonce+1,TS4) Sent to the vehicle unit, where xi is the private key and pseudonym of the roadside unit to the vehicle unit
Figure BDA0002212885140000048
Signing or encrypting;
step 2.8: after the vehicle unit receives the response message of the roadside unit, the vehicle unit verifies the legality of the pseudonym and the corresponding private key and then passes a verification equation
Figure BDA0002212885140000049
Whether or not to establish verification
Figure BDA00022128851400000410
And step 3: when the pseudonym needs to be revoked, the trusted authorization authentication center cooperates with the related roadside unit to execute a pseudonym analysis and revocation protocol, and the flow is shown in fig. 5;
step 3.1: the local credible authorization authentication center requests the roadside unit to map the revoked pseudonym to a corresponding bill stored by the roadside unit, namely n-tkt;
the credible authorization authentication center sends a request message to the related roadside units:
Figure BDA0002212885140000051
wherein
Figure BDA0002212885140000052
s is the private key of the system selected by the trusted authority certificate authority;
step 3.2: the roadside unit verifies the request with the system public key:
Figure BDA0002212885140000053
the roadside unit then maps the revoked pseudonym to the corresponding ticket:
Figure BDA0002212885140000054
step 3.3: the roadside unit sends the bill information to a trusted authority authentication center:
Figure BDA0002212885140000055
wherein
Figure BDA0002212885140000056
χ←(Idres,n-tkt,Hi(Rndv)),sRIs the private key of the roadside unit;
step 3.4: and (3) verifying the response by the trusted authority authentication center: verify (R)IDχ), then passes the verification equation
Figure BDA0002212885140000057
Whether the result is true or not is confirmed to confirm that the roadside unit has correctly resolved the pseudonym into the corresponding bill.
And 4, step 4: the roadside unit executes a CRL construction algorithm and divides the CRL into a plurality of segments, and the flow is shown in FIG. 6;
step 4.1: roadside units are based on each gammaCRLThe valid time of the pseudonym of (1) classifies the revoked pseudonym, and then attaches the following data to each group of pseudonyms;
(i) the sequence number SN of the first revoked pseudonym in the implicitly associated pseudonym chaink
(ii) Hash value
Figure BDA0002212885140000058
(iii) The number x of pseudonyms remaining in the batch;
step 4.2: the roadside unit divides the CRL into a plurality of segments according to the maximum bandwidth which can be distributed for the CRL, namely the system parameter B, and N is set as a certain gammaCRLThe number of fragments of the inner CRL,
Figure BDA0002212885140000059
wherein
Figure BDA00022128851400000510
Is a certain gammaCRLCRL, size () is the size of CRL;
the CRL fragment can be obtained:
Figure BDA00022128851400000511
where j is {0, …, N }.
And 5: the roadside unit continuously broadcasts the BF value of the CRL segment signed by the roadside unit through a wireless data link so as to inform vehicles within a communication range of a new revocation event;
step 6: the vehicle unit executes a CRL subscription algorithm, receives necessary CRL segments corresponding to the actual travel time, and the flow is shown in fig. 7, while the vehicle unit receives the query request of the neighboring vehicle for the missing CRL segments based on the secure V2V authentication protocol, and executes a CRL distribution algorithm, which flows as shown in fig. 8;
step 6.1: the vehicle unit broadcasts to its neighbours a query message signed by it to receive the several r which it wants to obtain during the travel of the vehicleCRLThe part of the missing CRL segment corresponding to the internal revocation information;
step 6.2: the vehicle unit verifies the CRL fragment by testing the signed BF value by means of a bloom filter after receiving the fragment;
step 6.3: if the BF test is successful, the segment received by the vehicle unit belongs to the CRL segment generated by the roadside unit, the vehicle unit will accept the segment and continue the request until all required segments are successfully received, otherwise it will discard the segment and continue the request;
wherein the content of the first and second substances,upon reception and verification of the CRL fragment, each vehicle passes the serial number SN of the revoked pseudonym obtainedkAnd
Figure BDA0002212885140000061
calculating hash values x times:i ═ k, k +1, k +2, …, k + x-1, and all revoked pseudonym sequence numbers are calculated.
Step 6.4: meanwhile, when the vehicle unit receives a query request for the missing CRL segment by an adjacent vehicle, after verifying that the signature on the request message is legitimate, the vehicle unit searches its local repository and randomly selects one of the requested segments, and then broadcasts it.
And 7: and performing a pseudonym revocation operation to evict a misbehaving vehicle, which flows as shown in fig. 9, wherein when a pseudonym is resolved across domains, a foreign trusted authority needs to interact with a corresponding local trusted authority, resolve a ticket generated by the foreign trusted authority with the help of the local trusted authority, and perform the pseudonym revocation operation by revoking a long-term credential.
Step 7.1: after all revoked pseudonym serial numbers are calculated, the vehicle unit will no longer communicate with the vehicle unit using the pseudonym whose serial number is in the revoked state;
step 7.2: meanwhile, the roadside unit sends the bill which is correctly analyzed to be corresponding to the revoked pseudonym to the trusted authorization authentication center, the trusted authorization authentication center cancels all registration information such as the identity voucher of the vehicle unit corresponding to the bill and informs all roadside units that the vehicle unit with the revoked bill is not provided with the service of accessing the network, thereby completely expelling the vehicle;
step 7.3: the preparation request of the foreign trusted authority authentication center is as follows: ζ ← (Id)req,n/f-tkt,nonce,TS7) Sending the request message zeta to a local trusted authorization authentication center;
wherein f-tkt is a foreign domain bill, foreign ticket;
step 7.4: local trusted authorization authenticationThe center receives the request message and analyzes the corresponding note
Figure BDA0002212885140000063
And a long-term credential that it issues to the vehicle unit;
step 7.5: the local trusted authority certificate authority sends a response message χ to the foreign trusted authority certificate authority,
step 7.6: the response message is received by the non-local credible authorization authentication center and passes through the verification equationWhether the local trusted authority certificate authority is correctly mapped to the long-term certificate of the vehicle unit is confirmed;
step 7.7: when the vehicle unit is misbehaving, the local trusted authority authentication center can directly revoke the long-term certificate of the vehicle unit analyzed in the step 7.4, so as to expel the misbehaving vehicle unit.
Adopt the produced beneficial effect of above-mentioned technical scheme to lie in:
1. in the invention, the pseudonyms are provided in an on-demand mode, the latest vehicle public key infrastructure system is utilized and enhanced, the local trusted authorization authentication center designates a universal fixed interval, all the pseudonyms sent out in the domain have the life cycle aligned with the vehicle public key infrastructure system clock, the pseudonyms can be prevented from being linked based on time information, and all the pseudonyms before a revocation event are kept unlinkable when the revocation event occurs, so that the privacy protection intensity of vehicle nodes is improved;
2. the CRL fragment distribution method adopts a CRL fragmentation technology, utilizes a V2V mode to spread and distribute CRL fragments, obtains the CRL by taking a vehicle as the center in a 'publish-subscribe' mode, and provides authentication symbols for the CRL fragments by utilizing a bloom filter, so that the CRL fragments can be rapidly confirmed, the calculation cost is reduced, the verification efficiency is improved, and the system performance is enhanced.
Drawings
FIG. 1 is a block diagram of a VPKI-based VANETs pseudonym revocation system of the present invention;
FIG. 2 is a flow chart of a VPKI-based VANETs pseudonym revocation method of the present invention;
FIG. 3 is a flow chart of a vehicle unit acquiring local tickets in accordance with the present invention;
FIG. 4 is a flow chart of the present invention for implementing a pseudonym generation protocol to obtain pseudonyms;
FIG. 5 is a flowchart of the present invention for generating a pseudonym resolution and revocation protocol by the trusted authorization authentication center in cooperation with a roadside unit;
FIG. 6 is a flow chart of a roadside unit executing a CRL construction algorithm to segment CRLs according to the present invention;
FIG. 7 is a flow chart of a vehicle unit implementing a CRL subscription algorithm in accordance with the present invention;
FIG. 8 is a flow chart of the vehicle unit implementing the CRL distribution algorithm of the present invention;
FIG. 9 is a flowchart illustrating a vehicle performing a pseudonymization operation to evict the wrong vehicle according to the present invention.
Detailed Description
The following detailed description of embodiments of the present invention is provided in connection with the accompanying drawings and examples. The following examples are intended to illustrate the invention but are not intended to limit the scope of the invention.
In this embodiment, in the VPKI-based VANETs pseudonymization system, VANETs is a specific application of a mobile ad hoc network and a wireless sensor technology in the field of intelligent transportation, and is a mobile dedicated network. VANETs mainly comprise Road-Side-units (RSUs), On-Board-units (OBUs), and trusted authorization and authentication centers (TAs). The RSU is responsible for communication between the OBU and the TA and network access of the OBU. The OBU is a processing unit embedded in the Vehicle and is responsible for communication between the Vehicle and the RSU (Vehicle to Vehicle, V2I) or other Vehicle nodes (Vehicle to Vehicle, V2V). The TA is a trusted third party, generally managed by a government department, and is mainly responsible for identity authentication, Certificate issuance, and Certificate Revocation List (CRL) maintenance of each node. The TA and RSU communicate with each other using a wired channel, and V2I and V2V communicate with each other using a wireless network in compliance with dsrc (dedicated short range communications) protocol. The VANETs can effectively improve the traffic management and driving environment and can also provide Location Based Service (LBS) for users, so that intelligent traffic targets such as collaborative safe driving among vehicles, traffic decision support, traffic intelligent scheduling, traffic fee collection Service, real-time traffic information release, wireless value-added information Service and the like are achieved.
In the embodiment, the VANETs pseudonym revocation system based on the VPKI comprises a local credible authorization authentication center H-TA, an external credible authorization authentication center F-TA, a local domain, an external region, a plurality of roadside units and a plurality of vehicle units; the system comprises a local trusted authorization authentication center H-TA, a foreign trusted authorization authentication center F-TA, a roadside unit, a vehicle unit, a roadside unit and a trusted authorization authentication center, wherein the local trusted authorization authentication center H-TA manages a local domain, the foreign trusted authorization authentication center F-TA manages a foreign region, the trusted authorization authentication center is connected with the roadside unit through a wired safety channel, the vehicle unit is connected with the roadside unit through a wireless network, and the trusted authorization authentication center is communicated with the vehicle unit; the two types of credible authorization authentication centers trust with each other, the credible authorization authentication center trusts with the roadside units, the credible authorization authentication center is completely trusted by the vehicle units, the vehicle units and the roadside units do not trust with each other, the vehicle units do not trust with each other, and the roadside units do not trust with each other;
the credible authorization authentication center is responsible for managing the roadside units, generating public and private keys of the roadside units for the roadside units, registering, authenticating and authorizing vehicle units in a local domain and issuing long-term certificates (LTC) and bills to legal vehicle units;
the roadside unit is an infrastructure established at the roadside and generates a secret key and a pseudonymous name for a legally accessed vehicle unit;
the vehicle unit is a communication unit loaded on the vehicle node, switches among different roadside units along with the movement process of the vehicle node, and is responsible for communication between the corresponding vehicle node and the roadside units and between the corresponding vehicle node and other vehicle nodes. The vehicle unit decides when to trigger the pseudonym acquisition procedure based on different parameters, such as the number of valid pseudonyms remaining, the remaining journey duration and the network connectivity. The vehicle unit obtains a local ticket (n-tkt) from a local trusted authority certificate authority to which it belongs, and submits the local ticket to the roadside unit to obtain the pseudonym. When the vehicle is traveling in the foreign domain, the vehicle unit needs to acquire a new pseudonym from the RSU in the foreign domain. The vehicle unit requests a foreign ticket (f-tkt) from its local trusted authorization and authentication center, which generates a new ticket for the vehicle unit according to the foreign ticket as the local ticket of the vehicle unit for the vehicle unit to interact with the roadside unit in the (external) domain to obtain a new pseudonym. The vehicle unit may use the currently valid pseudonym for authentication, and may be able to interact with all roadside units within its local or outside domain to obtain the CRL and execute the Online Certificate Status Protocol (OCSP).
As shown in fig. 2, the method for revoking the kanets pseudonym based on VPKI of the present embodiment is as follows.
Step 1: the vehicle unit acquires a local bill generated for the vehicle unit through a roadside unit which is currently authenticated to be legal, the process is shown in figure 3, and then the vehicle unit executes a bill acquisition pseudonym generation protocol with a local trusted authorization and authentication center, wherein during cross-domain operation, the vehicle unit communicates with a foreign trusted authorization and authentication center to acquire a foreign bill;
step 1.1: the vehicle unit generates a pseudonym request interval t according to the pseudonym acquisition strategy useds,te];
Step 1.2: the vehicle unit prepares to send a request and concatenates the ID of the target roadside unit with the random number, calculates a hash value: h (R)ID||Rndn-tkt) Generate request ζ ← (Id)req,H(RID||Rndn-tkt),ts,te);
Wherein IdreqThe ID of the vehicle unit is shown, zeta is a request operator, and n-tkt is a local ticket native ticket;
under the condition of cross-domain operation, connecting the ID of the target foreign trusted authority authentication center with the random number;
step 1.3: private key s for vehicle unitvA zeta signature will be requested and,
Figure BDA0002212885140000091
wherein Sign () is a public key signature algorithm;
step 1.4: the vehicle unit will sign, long-term credential, random number and time stampSending the information to a local trusted authorization authentication center;
step 1.5: the local trusted authority certificate authority verifies the validity of the request according to the long-term certificate submitted by the vehicle unit and the corresponding signature,
Figure BDA0002212885140000093
wherein, Verify () is a public key signature authentication algorithm;
step 1.6: after the local credible authorization authentication center verifies that the vehicle unit is legal, a 'bill identifiable key' (IK) is generatedn-tkt) To bind the ticket to the vehicle's voucher:
Figure BDA0002212885140000094
wherein the content of the first and second substances,
Figure BDA0002212885140000095
is the IKn-tktA generated random number;
step 1.7: the local trusted authority authentication center generates a local ticket for the vehicle unit: x ← H (R)ID||Rndn-tkt),IKn-tkt,ts,te) And signing the bill to generate an anonymous bill:
Figure BDA0002212885140000096
sending
Figure BDA0002212885140000097
A vehicle unit;
wherein σH-TARepresenting the system private key s generated by the H-TASignature IdresFor the sequence number of the request message, TS2Is a time stamp;
step 1.8: vehicle unit authentication anonymous ticket:
Figure BDA0002212885140000098
and passes the verification equationWhether a verification bill is established or not;
wherein, PpubThe system public key generated by the trusted authority authentication center;
in the case of cross-domain operation, the vehicle unit interacts with a foreign trusted authority authentication center and presents foreign tickets to obtain local tickets in the domain in the foreign domain.
Step 2: after the vehicle unit completes the bidirectional authentication with the target roadside unit based on the safe V2I authentication protocol, a pseudonym generation protocol is executed to obtain a pseudonym, and the flow is shown in FIG. 4;
step 2.1: preparation of parameters required by a vehicle unit for generating a pseudonym
Figure BDA0002212885140000101
Then sending the request to the roadside unit in a request form;
wherein, t's,t'eA start time stamp and an end time stamp for an actual pseudonym request interval when the vehicle unit requests a pseudonym, respectively;
step 2.2: and after the roadside unit receives the request, verifying the validity of the bill:
Figure BDA0002212885140000102
step 2.3: after the roadside unit verifies that the bill of the vehicle unit is legal, the roadside unit passes the verification equation
Figure BDA0002212885140000103
If it is established, it is checked whether it is the target roadside unit of the vehicle unit, and then the actual period of the requested pseudonym, i.e., [ 2 ]t′s,t'e]Whether it falls within a specified period in the ticket ts,te];
Wherein the content of the first and second substances,the ID of the roadside unit;
step 2.4: the roadside unit generates a random number: rndvAnd (c) the road side unit generates an anonymous identity and a corresponding private key for the vehicle unit:<Vi,ski>;
wherein, Vi={Vi,1,Vi,2},Vi,1=xiP, roadside unit selection random numberski=sR·H2(Vi,2) I ═ 1, …, n is the number of pseudonyms distributed by each roadside unit, P ∈ G1,G1Is a cyclic addition group, P is G1A generator in, PpubIs a system parameter generated by a trusted authority certificate authority, namely a system public key, VIDIs the initial pseudonym, s, generated by the trusted authority certificate authority for the vehicle when it registers with the systemRIs the private signature key of the roadside unit, H1And H2Is a hash function selected by the trusted authority authentication center;
next, a 'kana recognizable key' is generated "
Figure BDA0002212885140000106
To bind the pseudonym to the ticket of the vehicle unit:
Figure BDA0002212885140000107
step 2.5: the wayside unit determines the pseudonym serial number SN by computing a hash value and implicitly associates a set of pseudonyms belonging to each vehicle unit requesting a pseudonym, i.e. when i is 1,
Figure BDA0002212885140000108
when i is {2, …, n }, SNi←H(SNi-1||Hi(Rndv));
Step 2.6: the roadside unit generates a pseudonym for the vehicle unit:
Figure BDA0002212885140000109
wherein the content of the first and second substances,
Figure BDA00022128851400001010
is that roadside units integrate a gap gamma for releasing CRLCRLBF value of all CRL segments within, CRLVFor the version of CRL, the roadside unit may randomly select some pseudonyms as carriers of BF values, and the proportion of the carriers may be set according to different factors, such as the frequency of revocation events and the coverage of deployed roadside units;
step 2.7: roadside unit message (Id)res,ξ,Rndv,nonce+1,TS4) Sent to the vehicle unit, where xi is the private key and pseudonym of the roadside unit to the vehicle unit
Figure BDA0002212885140000111
Signing or encrypting;
step 2.8: after the vehicle unit receives the response message of the roadside unit, the vehicle unit verifies the legality of the pseudonym and the corresponding private key and then passes a verification equation
Figure BDA0002212885140000112
Whether or not to establish verification
Figure BDA0002212885140000113
And step 3: when the pseudonym needs to be revoked, the trusted authorization authentication center cooperates with the related roadside unit to execute a pseudonym analysis and revocation protocol, and the flow is shown in fig. 5;
step 3.1: the local credible authorization authentication center requests the roadside unit to map the revoked pseudonym to a corresponding bill stored by the roadside unit, namely n-tkt;
trusted authorization authenticationThe center sends a request message to the relevant roadside units:
Figure BDA0002212885140000114
wherein
Figure BDA0002212885140000115
s is the private key of the system selected by the trusted authority certificate authority;
step 3.2: the roadside unit verifies the request with the system public key:the roadside unit then maps the revoked pseudonym to the corresponding ticket:
Figure BDA0002212885140000117
step 3.3: the roadside unit sends the bill information to a trusted authority authentication center:
Figure BDA0002212885140000118
wherein
Figure BDA0002212885140000119
χ←(Idres,n-tkt,Hi(Rndv)),sRIs the private key of the roadside unit;
step 3.4: and (3) verifying the response by the trusted authority authentication center: verify (R)IDχ), then passes the verification equation
Figure BDA00022128851400001110
Whether the result is true or not is confirmed to confirm that the roadside unit has correctly resolved the pseudonym into the corresponding bill.
And 4, step 4: the roadside unit executes a CRL construction algorithm and divides the CRL into a plurality of segments, and the flow is shown in FIG. 6;
step 4.1: roadside units are based on each gammaCRLThe valid time of the pseudonym of (1) classifies the revoked pseudonym, and then attaches the following data to each group of pseudonyms;
(iv) of the first revoked pseudonym in an implicitly associated pseudonym chainSerial number SNk
(v) Hash value
Figure BDA00022128851400001111
(vi) The number x of pseudonyms remaining in the batch;
step 4.2: the roadside unit divides the CRL into a plurality of segments according to the maximum bandwidth which can be distributed for the CRL, namely the system parameter B, and N is set as a certain gammaCRLThe number of fragments of the inner CRL,
Figure BDA00022128851400001112
wherein
Figure BDA00022128851400001113
Is a certain gammaCRLCRL, size () is the size of CRL;
the CRL fragment can be obtained:where j is {0, …, N }.
And 5: the roadside unit continuously broadcasts the BF value of the CRL segment signed by the roadside unit through a wireless data link so as to inform vehicles within a communication range of a new revocation event;
step 6: the vehicle unit executes a CRL subscription algorithm, receives necessary CRL segments corresponding to the actual travel time, and the flow is shown in fig. 7, while the vehicle unit receives the query request of the neighboring vehicle for the missing CRL segments based on the secure V2V authentication protocol, and executes a CRL distribution algorithm, which flows as shown in fig. 8;
step 6.1: the vehicle unit broadcasts to its neighbours a query message signed by it to receive the several r which it wants to obtain during the travel of the vehicleCRLThe part of the missing CRL segment corresponding to the internal revocation information;
step 6.2: the vehicle unit verifies the CRL fragment by testing the signed BF value by means of a bloom filter after receiving the fragment;
step 6.3: if the BF test is successful, the segment received by the vehicle unit belongs to the CRL segment generated by the roadside unit, the vehicle unit will accept the segment and continue the request until all required segments are successfully received, otherwise it will discard the segment and continue the request;
wherein each vehicle passes the obtained serial number SN of the revoked pseudonym when receiving and verifying the CRL segmentkAnd
Figure BDA0002212885140000122
calculating hash values x times:
Figure BDA0002212885140000123
i ═ k, k +1, k +2, …, k + x-1, and all revoked pseudonym sequence numbers are calculated.
Step 6.4: meanwhile, when the vehicle unit receives a query request for the missing CRL segment by an adjacent vehicle, after verifying that the signature on the request message is legitimate, the vehicle unit searches its local repository and randomly selects one of the requested segments, and then broadcasts it.
And 7: and performing a pseudonym revocation operation to evict a misbehaving vehicle, which flows as shown in fig. 9, wherein when a pseudonym is resolved across domains, a foreign trusted authority needs to interact with a corresponding local trusted authority, resolve a ticket generated by the foreign trusted authority with the help of the local trusted authority, and perform the pseudonym revocation operation by revoking a long-term credential.
Step 7.1: after all revoked pseudonym serial numbers are calculated, the vehicle unit will no longer communicate with the vehicle unit using the pseudonym whose serial number is in the revoked state;
step 7.2: meanwhile, the roadside unit sends the bill which is correctly analyzed to be corresponding to the revoked pseudonym to the trusted authorization authentication center, the trusted authorization authentication center cancels all registration information such as the identity voucher of the vehicle unit corresponding to the bill and informs all roadside units that the vehicle unit with the revoked bill is not provided with the service of accessing the network, thereby completely expelling the vehicle;
step 7.3: the preparation request of the foreign trusted authority authentication center is as follows: ζ ← (Id)req,n/f-tkt,nonce,TS7) Sending request message ζ toA local trusted authorization and authentication center;
wherein f-tkt is a foreign domain bill, foreign ticket;
step 7.4: the local credible authorization authentication center receives the request message and analyzes the corresponding bill
Figure BDA0002212885140000131
And a long-term credential that it issues to the vehicle unit;
step 7.5: the local trusted authority certificate authority sends a response message χ to the foreign trusted authority certificate authority,
Figure BDA0002212885140000132
step 7.6: the response message is received by the non-local credible authorization authentication center and passes through the verification equation
Figure BDA0002212885140000133
Whether the local trusted authority certificate authority is correctly mapped to the long-term certificate of the vehicle unit is confirmed;
step 7.7: when the vehicle unit is misbehaving, the local trusted authority authentication center can directly revoke the long-term certificate of the vehicle unit analyzed in the step 7.4, so as to expel the misbehaving vehicle unit.

Claims (10)

1. A VPKI-based VANETs pseudonym revocation system is characterized by comprising: the system comprises a local credible authorization authentication center H-TA, an off-site credible authorization authentication center F-TA, a local domain, an off-site region, a plurality of roadside units and a plurality of vehicle units;
the local credible authorization and authentication center H-TA manages a local domain, the other-place credible authorization and authentication center F-TA manages an outer region, the credible authorization and authentication center is connected with the roadside units through wired safety channels and is responsible for managing the roadside units and generating public and private keys of the roadside units for the roadside units, and the local credible authorization and authentication center registers, authenticates and authorizes vehicle units in the local domain and issues long-term certificates (LTC) and bills to legal vehicle units;
the roadside unit is an infrastructure established on the roadside, is connected with the vehicle unit through a wireless network, generates a secret key and a pseudonym for the legally accessed vehicle unit, and is intermediate equipment for the communication between the vehicle unit and the credible authorization authentication center;
the vehicle unit is a communication unit loaded on a vehicle node, switches among different roadside units along with the movement process of the vehicle node, and is responsible for communication between the corresponding vehicle node and the roadside units and between the corresponding vehicle node and other vehicle nodes;
the local and foreign credible authorization authentication centers trust with each other, the credible authorization authentication center trusts with the roadside units, the credible authorization authentication center is completely trusted by the vehicle units, the vehicle units and the roadside units do not trust with each other, the vehicle units do not trust with each other, and the roadside units do not trust with each other.
2. A VANETs pseudonym revocation method based on VPKI is characterized by comprising the following steps:
step 1: the vehicle unit acquires a local bill generated for the vehicle unit through a roadside unit which is currently authenticated to be legal, and then executes a bill acquisition pseudonym generation protocol with a local trusted authorization authentication center, wherein during cross-domain operation, the vehicle unit communicates with a foreign trusted authorization authentication center to acquire a foreign bill;
step 2: after the vehicle unit completes the bidirectional authentication with the target roadside unit based on the safe V2I authentication protocol, a pseudonym generation protocol is executed to obtain a pseudonym;
and step 3: when the pseudonym needs to be cancelled, the credible authorization authentication center cooperates with the related roadside unit to execute a pseudonym analysis and cancellation protocol;
and 4, step 4: the roadside unit executes a CRL construction algorithm and divides the CRL into a plurality of segments;
and 5: the roadside unit continuously broadcasts the BF value of the CRL segment signed by the roadside unit through a wireless data link so as to inform vehicles within a communication range of a new revocation event;
step 6: the vehicle unit executes a CRL subscription algorithm, receives necessary CRL fragments corresponding to the actual travel time of the vehicle unit, simultaneously receives a query request of an adjacent vehicle for the missing CRL fragments based on a safe V2V authentication protocol, and executes a CRL distribution algorithm;
and 7: and executing a pseudonym revocation operation to expel vehicles with illegal behaviors, wherein when the pseudonym is analyzed across domains, the foreign trusted authorization and authentication center needs to interact with the corresponding local trusted authorization and authentication center, analyzes the bill generated by the foreign trusted authorization and authentication center with the help of the local trusted authorization and authentication center, and executes the pseudonym revocation operation by revoking the long-term voucher.
3. The VPKI-based VANETs pseudonymization method according to claim 2, wherein: the process of the step 1 is as follows:
step 1.1: the vehicle unit generates a pseudonym request interval t according to the pseudonym acquisition strategy useds,te];
Step 1.2: the vehicle unit prepares to send a request and concatenates the ID of the target roadside unit with the random number, calculates a hash value: h (R)ID||Rndn-tkt) Generate request ζ ← (Id)req,H(RID||Rndn-tkt),ts,te);
Wherein IdreqThe ID of the vehicle unit is shown, zeta is a request operator, and n-tkt is a local ticket native ticket;
under the condition of cross-domain operation, connecting the ID of the target foreign trusted authority authentication center with the random number;
step 1.3: private key s for vehicle unitvA zeta signature will be requested and,
Figure FDA0002212885130000021
wherein Sign () is a public key signature algorithm;
step 1.4: the vehicle unit will sign, long-term credential, random number and time stamp
Figure FDA0002212885130000022
Sending to local trusted authorization certificateA center;
step 1.5: the local trusted authority certificate authority verifies the validity of the request according to the long-term certificate submitted by the vehicle unit and the corresponding signature,
Figure FDA0002212885130000023
wherein, Verify () is a public key signature authentication algorithm;
step 1.6: after the local credible authorization authentication center verifies that the vehicle unit is legal, a 'bill identifiable key' (IK) is generatedn-tkt) To bind the ticket to the vehicle's voucher:
Figure FDA0002212885130000024
wherein the content of the first and second substances,
Figure FDA0002212885130000025
is the IKn-tktA generated random number;
step 1.7: the local trusted authority authentication center generates a local ticket for the vehicle unit: x ← H (R)ID||Rndn-tkt),IKn-tkt,ts,te) And signing the bill to generate an anonymous bill:
Figure FDA0002212885130000026
sending
Figure FDA0002212885130000027
A vehicle unit;
wherein σH-TARepresenting a signature of the system private key s, Id, generated by the H-TAresFor the sequence number of the request message, TS2Is a time stamp;
step 1.8: vehicle unit authentication anonymous ticket:
Figure FDA0002212885130000028
and passes the verification equation
Figure FDA0002212885130000029
Whether a verification bill is established or not;
wherein, PpubThe system public key generated by the trusted authority authentication center;
in the case of cross-domain operation, the vehicle unit interacts with a foreign trusted authority authentication center and presents foreign tickets to obtain local tickets in the domain in the foreign domain.
4. A VPKI-based VANETs pseudonymization method according to claim 2, characterized in that the pseudonymization protocol is executed in step 2 to obtain the pseudonym as follows:
step 2.1: preparation of parameters required by a vehicle unit for generating a pseudonym
Figure FDA0002212885130000031
Then sending the request to the roadside unit in a request form;
wherein, t's,t'eA start time stamp and an end time stamp for an actual pseudonym request interval when the vehicle unit requests a pseudonym, respectively;
step 2.2: and after the roadside unit receives the request, verifying the validity of the bill:
Figure FDA0002212885130000032
step 2.3: after the roadside unit verifies that the bill of the vehicle unit is legal, the roadside unit passes the verification equation
Figure FDA0002212885130000033
If true, check if it is the target roadside unit of the vehicle unit, and then verify the actual period of the pseudonym requested, i.e. [ t's,t'e]Whether it falls within a specified period in the ticket ts,te];
Wherein the content of the first and second substances,
Figure FDA0002212885130000034
the ID of the roadside unit;
step 2.4: the roadside unit generates a random number: rndvAnd (c) the road side unit generates an anonymous identity and a corresponding private key for the vehicle unit:<Vi,ski>;
wherein, Vi={Vi,1,Vi,2},Vi,1=xiP, roadside unit selection random numberski=sR·H2(Vi,2) I ═ 1, …, n is the number of pseudonyms distributed by each roadside unit, P ∈ G1,G1Is a cyclic addition group, P is G1A generator in, PpubIs a system parameter generated by a trusted authority certificate authority, namely a system public key, VIDIs the initial pseudonym, s, generated by the trusted authority certificate authority for the vehicle when it registers with the systemRIs the private signature key of the roadside unit, H1And H2Is a hash function selected by the trusted authority authentication center;
next, a 'kana recognizable key' is generated "
Figure FDA0002212885130000036
To bind the pseudonym to the ticket of the vehicle unit:
Figure FDA0002212885130000037
step 2.5: the wayside unit determines the pseudonym serial number SN by computing a hash value and implicitly associates a set of pseudonyms belonging to each vehicle unit requesting a pseudonym, i.e. when i is 1,
Figure FDA0002212885130000038
when i is {2, …, n }, SNi←H(SNi-1||Hi(Rndv));
Step 2.6: the roadside unit generates a pseudonym for the vehicle unit:
Figure FDA0002212885130000039
wherein the content of the first and second substances,
Figure FDA0002212885130000041
is that roadside units integrate a gap gamma for releasing CRLCRLBF value of all CRL segments within, CRLVFor the version of CRL, the roadside unit may randomly select some pseudonyms as carriers of BF values, and the proportion of the carriers may be set according to different factors, such as the frequency of revocation events and the coverage of deployed roadside units;
step 2.7: roadside unit message (Id)res,ξ,Rndv,nonce+1,TS4) Sent to the vehicle unit, where xi is the private key and pseudonym of the roadside unit to the vehicle unit
Figure FDA0002212885130000042
Signing or encrypting;
step 2.8: after the vehicle unit receives the response message of the roadside unit, the vehicle unit verifies the legality of the pseudonym and the corresponding private key and then passes a verification equation
Figure FDA0002212885130000043
Whether or not to establish verification
Figure FDA0002212885130000044
5. A VPKI-based VANETs pseudonymization method according to claim 2, characterized in that the procedure of step 3 is as follows:
step 3.1: the local credible authorization authentication center requests the roadside unit to map the revoked pseudonym to a corresponding bill stored by the roadside unit, namely n-tkt;
the credible authorization authentication center sends a request message to the related roadside units:wherein
Figure FDA0002212885130000046
s is the private key of the system selected by the trusted authority certificate authority;
step 3.2: the roadside unit verifies the request with the system public key:
Figure FDA0002212885130000047
the roadside unit then maps the revoked pseudonym to the corresponding ticket:
Figure FDA0002212885130000048
step 3.3: the roadside unit sends the bill information to a trusted authority authentication center:
Figure FDA0002212885130000049
wherein
Figure FDA00022128851300000410
χ←(Idres,n-tkt,Hi(Rndv)),sRIs the private key of the roadside unit;
step 3.4: and (3) verifying the response by the trusted authority authentication center: verify (R)IDχ), then passes the verification equation
Figure FDA00022128851300000411
Whether the result is true or not is confirmed to confirm that the roadside unit has correctly resolved the pseudonym into the corresponding bill.
6. The VPKI-based VANETs pseudonymization method according to claim 2, wherein the step 4 of performing CRL construction algorithm by the roadside unit and dividing the CRL into a plurality of fragments comprises the following steps:
step 4.1: roadside units are based on each gammaCRLThe valid time of the pseudonym of (1) classifies the revoked pseudonym, and then attaches the following data to each group of pseudonyms;
(i) in implicitly associated pseudonym chainsThe first revoked pseudonym's serial number SNk
(ii) Hash value
(iii) The number x of pseudonyms remaining in the batch;
step 4.2: the roadside unit divides the CRL into a plurality of segments according to the maximum bandwidth which can be distributed for the CRL, namely the system parameter B, and N is set as a certain gammaCRLThe number of fragments of the inner CRL,
Figure FDA0002212885130000051
wherein
Figure FDA0002212885130000052
Is a certain gammaCRLCRL, size () is the size of CRL;
the CRL fragment can be obtained:
Figure FDA0002212885130000053
where j is {0, …, N }.
7. The VPKI-based VANETs pseudonymization method according to claim 2, wherein the vehicle unit receives the query request of the neighboring vehicle for the missing CRL segment based on the secure V2V certification protocol in step 6, and the process of executing the CRL distribution algorithm is as follows:
when the vehicle unit receives a query request from a neighboring vehicle for the missing CRL segment, after verifying that the signature on the request message is legitimate, the vehicle unit searches its local repository and randomly selects one of the requested segments and then broadcasts it.
8. A VPKI-based VANETs pseudonymization method according to claim 2, characterized in that in step 6 the vehicle unit executes a CRL subscription algorithm, and the process of receiving the necessary CRL segment corresponding to its actual travel time is as follows:
step 6.1: vehicle unit directionIts neighbours broadcast inquiry messages signed by it to receive the several r which it wants to obtain during the running of the vehicleCRLThe part of the missing CRL segment corresponding to the internal revocation information;
step 6.2: after receiving the CRL segment, the vehicle unit tests the signed BF value through a bloom filter to verify the segment, if the BF test is successful, the segment received by the vehicle unit belongs to the CRL segment generated by the roadside unit, and the vehicle unit receives the segment and continues to request until all required segments are successfully received, otherwise, the vehicle unit discards the segment and continues to request;
wherein each vehicle passes the obtained serial number SN of the revoked pseudonym when receiving and verifying the CRL segmentkAndcalculating hash values x times:
Figure FDA0002212885130000055
i ═ k, k +1, k +2, …, k + x-1, and all revoked pseudonym sequence numbers are calculated.
9. The VPKI-based VANETs pseudonymization method according to claim 2, wherein the step 7 is performed to perform pseudonymization, and the process of expelling misbehaving vehicles is as follows:
step 7.1: after all revoked pseudonym serial numbers are calculated, the vehicle unit will no longer communicate with the vehicle unit using the pseudonym whose serial number is in the revoked state;
step 7.2: meanwhile, the roadside unit sends the bill which is correctly analyzed to correspond to the revoked pseudonym to the trusted authorization authentication center, the trusted authorization authentication center cancels all registration information such as the identity voucher and the like of the vehicle unit corresponding to the bill, and informs all roadside units that the vehicle unit with the revoked bill does not provide the service of accessing the network any more, so that the vehicle is completely expelled.
10. The VPKI-based VANETs pseudonymization method according to claim 2, wherein in step 7, the external trusted authority certificate authority needs to interact with the corresponding local trusted authority certificate authority, and the ticket generated by the external trusted authority certificate authority is parsed with the help of the local trusted authority certificate authority, and the procedure of performing pseudonymization operation by revoking the long-term credential is as follows:
step 7.3: the preparation request of the foreign trusted authority authentication center is as follows: ζ ← (Id)req,n/f-tkt,nonce,TS7) Sending the request message zeta to a local trusted authorization authentication center;
wherein f-tkt is a foreign domain bill, foreign ticket;
step 7.4: the local credible authorization authentication center receives the request message and analyzes the corresponding bill
Figure FDA0002212885130000061
And a long-term credential that it issues to the vehicle unit;
step 7.5: the local trusted authority certificate authority sends a response message χ to the foreign trusted authority certificate authority,
Figure FDA0002212885130000062
step 7.6: the response message is received by the non-local credible authorization authentication center and passes through the verification equationWhether the local trusted authority certificate authority is correctly mapped to the long-term certificate of the vehicle unit is confirmed;
step 7.7: when the vehicle unit is misbehaving, the local trusted authority authentication center can directly revoke the long-term certificate of the vehicle unit analyzed in the step 7.4, so as to expel the misbehaving vehicle unit.
CN201910904538.8A 2019-09-24 2019-09-24 VPKI-based VANETs pseudonym revocation system and method Active CN110677256B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910904538.8A CN110677256B (en) 2019-09-24 2019-09-24 VPKI-based VANETs pseudonym revocation system and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910904538.8A CN110677256B (en) 2019-09-24 2019-09-24 VPKI-based VANETs pseudonym revocation system and method

Publications (2)

Publication Number Publication Date
CN110677256A true CN110677256A (en) 2020-01-10
CN110677256B CN110677256B (en) 2022-08-16

Family

ID=69077378

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910904538.8A Active CN110677256B (en) 2019-09-24 2019-09-24 VPKI-based VANETs pseudonym revocation system and method

Country Status (1)

Country Link
CN (1) CN110677256B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112367305A (en) * 2020-10-22 2021-02-12 香港中文大学(深圳) Privacy block chain-based vehicle networking protection method and mobile terminal
CN113596015A (en) * 2021-07-27 2021-11-02 同济大学 Identity authentication method supporting privacy protection in crowd sensing based on fog calculation
CN115412264A (en) * 2022-10-31 2022-11-29 北京金睛云华科技有限公司 Vehicle-mounted self-organizing network pseudonym revocation method based on Morton filter

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107888377A (en) * 2017-12-08 2018-04-06 东北大学 The system and method for VANETs location privacy protections based on the accidental enciphering cycle
CN109362062A (en) * 2018-11-21 2019-02-19 东北大学 VANETs anonymous authentication system and method based on ID-based group ranking

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107888377A (en) * 2017-12-08 2018-04-06 东北大学 The system and method for VANETs location privacy protections based on the accidental enciphering cycle
CN109362062A (en) * 2018-11-21 2019-02-19 东北大学 VANETs anonymous authentication system and method based on ID-based group ranking

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
MARIA AZEES 等: "EAAP: Efficient Anonymous Authentication With Conditional Privacy-Preserving Scheme for Vehicular Ad hoc Networks", 《IEEE TRANSACTIONS ON INTELLIGENT TRANSPORTATION SYSTEMS》 *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112367305A (en) * 2020-10-22 2021-02-12 香港中文大学(深圳) Privacy block chain-based vehicle networking protection method and mobile terminal
CN113596015A (en) * 2021-07-27 2021-11-02 同济大学 Identity authentication method supporting privacy protection in crowd sensing based on fog calculation
CN115412264A (en) * 2022-10-31 2022-11-29 北京金睛云华科技有限公司 Vehicle-mounted self-organizing network pseudonym revocation method based on Morton filter
CN115412264B (en) * 2022-10-31 2022-12-27 北京金睛云华科技有限公司 Vehicle-mounted self-organizing network pseudonym revocation method based on Morton filter

Also Published As

Publication number Publication date
CN110677256B (en) 2022-08-16

Similar Documents

Publication Publication Date Title
CN111372248B (en) Efficient anonymous identity authentication method in Internet of vehicles environment
CN109412816B (en) Anonymous communication system and method for vehicle-mounted network based on ring signature
Wang et al. Enhanced security identity-based privacy-preserving authentication scheme supporting revocation for VANETs
CN109067525B (en) Message authentication method based on semi-trusted management center in Internet of vehicles
Zhou et al. Efficient certificateless conditional privacy-preserving authentication for VANETs
CN109005542B (en) 5G Internet of vehicles rapid message authentication method based on reputation system
CN110022542B (en) Improved anonymous authentication method based on conditional privacy protection
Alexiou et al. Vespa: Vehicular security and privacy-preserving architecture
CN109362062B (en) ID-based group signature-based VANETs anonymous authentication system and method
CN107888377B (en) VANETs position privacy protection method based on random encryption period
George et al. Secure identity management framework for vehicular ad-hoc network using blockchain
Qi et al. A privacy-preserving authentication and pseudonym revocation scheme for VANETs
CN110677256B (en) VPKI-based VANETs pseudonym revocation system and method
CN114584976B (en) Internet of vehicles identity authentication system and method based on certificate-free aggregation signature
CN109861830B (en) VANET-oriented efficient condition anonymous authentication method
CN114430552B (en) Vehicle networking v2v efficient communication method based on message pre-authentication technology
CN114599028A (en) Vehicle networking pseudonym management method based on homomorphic encryption mechanism
CN112243234A (en) Identity-based privacy security protection method for Internet of vehicles
Chikhaoui et al. A ticket-based authentication scheme for vanets preserving privacy
CN116321154A (en) Efficient message authentication method based on zero knowledge proof in Internet of vehicles environment
CN114071463B (en) Batch authentication method of vehicle-mounted self-organizing network based on bilinear mapping
Wang et al. An improved secure and efficient certificateless conditional privacy-preserving authentication scheme in VANETs
CN115379418A (en) Method suitable for vehicle-mounted ad hoc network secure communication and conditional privacy protection authentication
Hathal et al. Token-based lightweight authentication scheme for vehicle to infrastructure communications
Tahir et al. Privacy-preserving authentication protocol based on hybrid cryptography for VANETs

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant