CN112911545B - Emergency message dissemination method and system with trust management and privacy protection functions in SAGAVINS - Google Patents

Abstract

The invention discloses an emergency message dissemination method and system in SAGEVNs for both trust management and privacy protection, wherein the method comprises the following steps: initializing a system, initializing a trusted authority TA and initializing other entities in the system; vehicle registration; request of reputation certificate, vehicle request new reputation certificate, temporary private key and secret threshold grade set from TA; spreading emergency messages, wherein when one vehicle senses the occurrence of an emergency, the emergency messages are spread to other vehicles in a V2V mode; the system comprises a reputation feedback report, a vehicle-mounted sensor and a vehicle-mounted sensor, wherein the reputation feedback report is used for sensing the actual state of an emergency and judging the correctness of the emergency when other vehicles drive into a preset range of the emergency; and updating the prestige information, and updating the prestige information of the vehicle by the TA according to the prestige feedback. The method is based on 0-1 coding and FNV hash algorithm, can give consideration to trust management and privacy protection, supports the multiplexing of pseudonyms, temporary public keys and temporary private keys in different time intervals, and has strong fault tolerance and adaptability.

Description

Emergency message dissemination method and system with trust management and privacy protection functions in SAGAVINS

Technical Field

The invention belongs to the technical field of car networking safety, and particularly relates to an emergency message dissemination method and system in SAGEVNs with trust management and privacy protection.

Background

The internet of vehicles can greatly improve road safety and traffic efficiency, and is widely supported by the industry and academia in recent years. Collaborative security applications are an important branch of the internet of vehicles, where emergency message dissemination enables each vehicle to intelligently perceive surrounding conditions and make timely decisions about potential hazards. However, due to the limited coverage of the ground infrastructure (including road side units, cellular base stations, etc.), there is no way to cover every place, especially rural, mountain or disaster areas, by means of a ground network alone. To achieve full coverage radio access services, a new network architecture must be adopted. Air-space-ground integrated internet of vehicles (SAGAVIN) is a product of applying an air-space-ground integrated network (SAGIN) architecture in the internet of vehicles, and comprises a space part (comprising satellites and the like), a sky part (comprising unmanned planes, balloons, airships and the like) and a ground part (comprising road side units, cellular base stations, vehicles and the like). However, SAGIVNs are vulnerable to external and internal attacks due to their bulky, open, heterogeneous, self-organizing, highly dynamic, etc. characteristics, which severely hamper the practical application of SAGIVNs.

Trust management and privacy protection play important roles in SAGEVNs, wherein the trust management is a key tool for constructing the trusted SAGEVNs, and the willingness of users to participate in emergency message dissemination can be greatly enhanced by realizing the privacy protection. However, there are conflicting requirements for trust management and privacy protection, and therefore how to consider trust management and privacy protection in SAGIVNs emergency message dissemination and overcome the deficiencies in the existing research is an urgent problem to be solved.

Disclosure of Invention

The invention mainly aims to overcome the defects and shortcomings in the prior art, and provides an emergency message dissemination method and system for considering both trust management and privacy protection in SAGEVNs, wherein the method is based on 0-1 coding and FNV hash algorithm and can perfectly consider both trust management and privacy protection.

In order to achieve the purpose, the invention adopts the following technical scheme:

an emergency message spreading method considering trust management and privacy protection in SAGAVINS is provided with a trusted authority TA, a road side unit RSU, a cellular base station BS, a vehicle and a vehicle-mounted sensor thereof, a vehicle-mounted unit OBU, a sky component, a satellite and a ground base station corresponding to the satellite, and comprises the following steps:

initializing a system, initializing a trusted authority TA and initializing other entities in the system;

vehicle registration, when a new vehicle is accessed into the SAGAVINS, a trusted authority TA distributes a unique identifier for the new vehicle, generates a master public key and a master private key, installs a trusted platform module and sets an initial reputation score for the vehicle;

the method comprises the steps that a prestige certificate request is carried out, and a vehicle requests a new prestige certificate, a temporary private key and a secret threshold level set from a TA;

spreading emergency messages, wherein when a certain vehicle senses the occurrence of an emergency through a vehicle-mounted sensor, the emergency messages are spread to other vehicles in a vehicle-to-vehicle V2V mode;

the method comprises the following steps that a prestige feedback report is carried out, when other vehicles drive into a preset range of emergency occurrence, the actual state of the emergency is sensed through a vehicle-mounted sensor, and the correctness of the emergency message is judged;

and (4) updating the prestige information, and updating the prestige information of the vehicle by the TA according to the prestige feedback in the database.

Further, the initialization of the trusted authority TA specifically includes:

setting TA self-clock and generating public key Pk for TA self_TAnd private key Sk_TWherein Sk_TAlways stored secretly by the TA;

TA divides time into a series of equal-length time intervals T₁,T₂,., and defining n selectable prestige levels and a threshold level L₁＜L₂＜...＜L_nWherein the length of each time interval is represented as theta, n ∈ Z₊；

For each T_α∈{T₁,T₂,., TA from [0, λ n-1 ]]Randomly selecting n and L in interval₁,L₂,...,L_nOrdered integers in one-to-one correspondence

And for each

Respectively calculating 0 codes

And 1 encoding

To obtain

And

all have at most

An element; wherein λ ∈ Z₊；

TA random Generation of secret values

The secret value is kept secret by the TA and is

And

each element c in (1) is calculated

Get the corresponding set

And

if a hash collision occurs, another random one is generated

And regenerate

And

this detection is referred to as "collision detection-i";

wherein,

represents the pair c and

performing character string splicing, and performing FNV hash on a spliced result;

binary coding r of TA with random rho bits₁,r₂,.. fill as a new element

And

to obtain

Corresponding set of individual elements

And

for each r_τ∈{r₁,r₂,., if a certain one is available

If true, another random value r is used_τThis detection is called "collision detection-II";

where ρ is equal to

The output length of (d);

TA random rearrangement

And

i.e. randomly disordering the element sequence in each set to obtain the corresponding set

And

and storing it in a database;

wherein,

and

are respectively called and L_β∈{L₁,L₂,...,L_nAt T_αInner secret 0 encoding and secret 1 encoding.

Further, the initialization of other entities in the system specifically includes:

configuring a satellite and corresponding ground base stations, and establishing wired connection between each ground base station and a TA (timing advance);

configuring a sky assembly to be suspended above a roadway and to supplement a BS, wherein the sky assembly includes a drone, a balloon, and an airship;

RSUs are installed beside a road, and wired connection is established between each RSU and a TA;

BSs are installed near the road, and a wired connection is established between each BS and the TA.

Further, the vehicle registration specifically includes:

when the vehicle V_iUpon registration with the TA, the TA distributes a unique identifier i for it, and the TA generates V_iMaster public key of

And a master private key

And is taken as V in an off-line manner_iInstalling a trusted platform module;

the trusted platform module is used for storing

Pk_TA clock synchronized with the TA, parameters shared with the TA, and cryptography and digital signature algorithms to protect the reputation certificate, the temporary private key, and the secret threshold level set from theft, manipulation, or sharing;

TA is V according to equation (1)_iSetting initial reputation score

And will V_iIs stored in the database, the formula is as follows:

further, the reputation certificate request comprises the steps of:

V_igenerating random values

And selecting a threshold level

Then generates the request information

As shown in equation (2):

wherein,

indicating the use of Pk_TTo carry outThe asymmetric encryption is carried out in such a way that,

indicating use of

The generated digital signature is shown in formula (3):

vehicle V_iWill be connected by means of vehicle-to-infrastructure V2I or vehicle-to-sky assembly V2A or vehicle-to-satellite V2S

Sending the data to the TA;

receive from

Then, TA utilizes Sk_TDecryption

To obtain i, Tl_ViAnd

and based on

Authentication

The validity of (2).

Further, the reputation certificate request further comprises the steps of:

TA obtains the Current T_αAnd attempts to retrieve V from the database_iAt T_αK groups of reputation certificates, ephemeral private keys, and a secret threshold level set:

if the search result is null, TA searches V in the database_iCurrent reputation score of

And convert it to the current reputation level

The conversion is shown in equation (4):

suppose that

Wherein L is_βi∈{L₁,L₂,...,L_n}；

TA retrieves from the database at T_αInner correspond to

Secret 0 encoding of

And is V_iGenerating k sets of pseudonyms, ephemeral public keys, ephemeral private keys, and random values to form

Wherein,

are each V_iAt T_αA kth pseudonym, a kth temporary public key, a kth temporary private key, and a kth random value within;

for each kappa, TA is

Each element c in (1) calculates

Filling according to the method mentioned in TA initializationRandomly rearranging the set to obtain V_iAt T_αInner kth random reputation level

TA is V_iIs generated at T_αInner kth reputation certificate

As shown in equation (5):

wherein,

indicating the use of Sk_TThe generated digital signature is shown in formula (6):

suppose that

Wherein

TA retrieves from the database at T_αInner correspond to

Secret 1 encoding of

And using it as V_iAt T_αInner secret threshold level set

Then will be

And

storing in a database;

if the search result is not null, TA adopts the existing result set

And

without generating new ones

After executing corresponding operation according to the retrieval result, TA is V_iGenerating a response message

As shown in equation (7):

wherein,

indicating use of

The asymmetric encryption is carried out and,

indicating the use of Sk_TThe generated digital signature is shown in formula (8):

TA will be

Is returned to V_i；

Receive from

Then, V_iUse of

Decryption

To obtain

And

and based on

Authentication

The validity of (2);

V_istore in its local storage

And

if V_iFail to receive in time

The TA will be requested again with a new request message in the form of V2I or V2A or V2S.

Further, the emergency message dissemination specifically includes:

when a certain vehicle V_iV when the presence of an emergency event epsilon is sensed by an on-board sensor and intentionally reported to a surrounding vehicle_iFirst, the current T is derived_αRandomly selecting one kappa from {1, 2.. multidot.k }, and then selecting one kappa from the kRetrieving in local storage

V_iGenerating an emergency message about an event epsilon

As shown in formula (9):

wherein,

a description is shown with respect to the event epsilon,

to represent

The time stamp of the time when it was generated,

indicating use of

The generated digital signature is shown in formula (10):

wherein,

is comprised in

Middle V_iThe kth pseudonym of (1);

V_iin the mode of V2V

Broadcast to other vehicles;

when another vehicle V_jReceive from

V_jBased on

And

separately verify

And

the effectiveness of (a) is specifically:

V_jderiving a current time interval

And a current time stamp

Respectively verified by detecting formula (11) and formula (12)

And

has not expired wherein

And ψ is two predefined parameters;

vehicle V_jRetrieve at T in local store_αInner secret threshold level set

And from

Is prepared by

And

then is that

Each element c in (1) calculates

To obtain a corresponding set

And detecting

Whether the result is true or not;

if it is not

Is established, then

I.e. V_iAt V_jIt appears to be authentic, therefore V_jIs based on immediately

Making a decision; at the same time, V_jCan also be based on

Generating and broadcasting an emergency message to other vehicles;

if it is not

If not, then

I.e. V_iAt V_jIt appears to be untrusted, therefore V_jCan not be aligned with

Making any decision;

therein, no matter whether

Whether or not it is true, as long as

Effective and unexpired, V_jAll store

To facilitate subsequent reputation feedback reporting.

Further, the reputation feedback report specifically includes:

when a certain vehicle V_jWhen the vehicle enters a preset range of the occurrence of the emergency event epsilon, the actual state of the emergency event epsilon is sensed and judged through the vehicle-mounted sensor

The correctness of the test;

V_jis composed of

Calculating a feedback score

Such as formula(13) Shown in the figure:

wherein,

the actual state of the emergency event epsilon;

V_jis composed of

Generating prestige feedback

As shown in equation (14):

wherein, alpha,

And

are all extracted from

Indicating use of

The generated digital signature is shown in formula (15):

V_jstoring

And sends it to V2I or V2A or V2STA；

Receive from

After that, TA is verified by the detection equation (16)

Validating and deriving the current timestamp Tn_T；

TA verification by detection equation (17)

Where ω is a predefined parameter;

TA will be

And the unique identifier i of the emergency message broadcaster is stored in the database, and if V_jIs composed of

Reporting a plurality of prestige feedbacks, the TA storing only the latest one;

TA is

Generating acknowledgement messages

As shown in equation (18):

wherein，

Is extracted from

Indicating the use of Sk_TThe generated digital signature is shown in formula (19):

TA will be

Is returned to V_j；

Receive from

Rear, V_jUse of

Decryption

And verify

Whether or not it is consistent with formula (19), decrypted

And is stored

In (1)

Whether they are equal; if the verification passes, V_jConfirm TA has received

And deleted from local storage

If V_jFail to receive in time

Or if the verification fails, V_jWill be provided with

And re-sent to TA in V2I or V2A or V2S.

Further, the updating of the reputation information specifically includes:

for each time interval and each vehicle, the TA derives a current timestamp

And selecting V within a predefined time range from the database_iAll reputation feedback reported by the emergency message;

wherein,

for predefining time range parameters, use

Is shown as V_iThe set of all reputation feedbacks reported by the emergency message of (1);

TA calculation of V_iNew reputation score of

As shown in equation (21):

wherein,

and

respectively, V in TA database_iAnd V_jIs equal to [0,1 ] the current reputation score of]Is an attenuation factor;

i.e. if the formula (22) holds,

is calculated as

A weighted average sum of; if not, then,

are calculated as attenuation factors delta and V_iThe product of the current reputation scores;

finally, TA will be V_iReputation score in the database is updated to

The invention also provides an emergency message dissemination system with trust management and privacy protection in SAGEVNs, and the system uses the emergency message dissemination method provided by the invention, and comprises a space part, a sky part and a ground part;

the space part comprises a plurality of satellites and corresponding ground base stations;

the sky part consists of a plurality of sky components, and the sky components specifically comprise unmanned planes, balloons and airships;

the ground part comprises a credible institution TA, a plurality of road side units RSUs, a plurality of cellular base stations BS and a plurality of vehicles, and the vehicles are provided with an on-board unit OBU and a plurality of on-board sensors; the trusted authority TA is used for registering vehicles, storing and regularly updating reputation information of the vehicles, generating and distributing reputation certificates, temporary private keys and secret threshold level sets for the vehicles;

the road side unit RSU and the cellular base station BS are used as ground infrastructure, are connected to the TA in a wired mode and are used as an interface for communication between the TA and the vehicle;

the satellites are communicated with each other in a satellite-to-satellite S2S mode, the satellites and the ground base stations are communicated with each other in a ground-to-satellite G2S mode, and the ground base stations are connected to a trusted authority in a wired mode;

the multiple sky components form one or more flying ad hoc networks FANETs, the sky components in the FANETs are communicated with each other in a sky component-to-sky component A2A mode, the sky components and the cellular base station are communicated with each other in a ground-to-sky G2A mode, and the sky components and the satellites are communicated with each other in a sky-to-space A2S mode;

emergency information is disseminated among the vehicles in a V2V wireless communication mode, the vehicles are connected with the RSU or the BS in a V2I wireless communication mode, the vehicles are connected with the sky assembly in a vehicle-to-sky assembly V2A communication mode, and the vehicles are connected with the satellites in a vehicle-to-satellite V2S communication mode.

Compared with the prior art, the invention has the following advantages and beneficial effects:

1. based on 0-1 coding and FNV hash algorithm, the invention can give good consideration to trust management and privacy protection; by adopting the SAGIN architecture, each vehicle can be connected to a trusted authority in a reputation certificate request stage and a reputation feedback report stage through various optional modes, and compared with the existing method, the method has stronger applicability; the invention can provide strong fault tolerance and provide strong fault tolerance for temporary faults of the trusted mechanism.

2. The invention supports the multiplexing of the pseudonym, the temporary public key and the temporary private key in different time intervals, and compared with the prior method, the pseudonym, the temporary public key and the temporary private key in the invention are shorter, thereby saving the storage space and the network bandwidth.

Drawings

FIG. 1 is a flow chart of the method of the present invention;

FIG. 2 is a schematic diagram of the system of the present invention.

Detailed Description

The present invention will be described in further detail with reference to examples and drawings, but the present invention is not limited thereto.

Examples

As shown in fig. 2, the emergency message dissemination system for both trust management and privacy protection in SAGIVNs of the present invention includes a space portion, a sky portion, and a ground portion;

the space part comprises a plurality of satellites and corresponding ground base stations, the satellites form one or more Satellite hosts, and the satellites in each Satellite host can communicate with each other in a Satellite-to-Satellite (S2S) mode. Meanwhile, the Satellite and the corresponding Ground base station can communicate with each other through a Ground-to-Satellite (G2S) manner, and the Ground base station is connected to a Trusted Authority (TA) through a wired manner.

The sky part comprises a plurality of unmanned aerial vehicles, balloon, airship etc. (all called sky subassembly). The sky components form one or more self-organizing Networks (FANETs), and the sky components can communicate with each other in a sky-to-sky-component (A2A) mode through the sky components in each FANET. In addition, the sky component supports multiple communication modes, such as cellular communication, satellite communication, and the like. Therefore, sky components and cellular Base Stations (BSs) within a certain range can communicate with each other in a Ground-to-Air (G2A) manner, and sky components and satellites can communicate with each other in a sky-to-Space (A2S) manner.

The ground part comprises a centralized Authority (TA) and a large number of Road Side Units (RSUs), cellular Base Stations (BSs) and vehicles (vehicles). The TA is responsible for vehicle registration, storing and periodically updating the reputation information of the vehicle, generating and distributing a reputation certificate/ephemeral private key/secret threshold level set for the vehicle. The RSU and BS act as two types of ground infrastructure, are wired to the TA, and act as an interface for communication between the TA and the vehicle. Each vehicle is equipped with a plurality of On-Board sensors and an On-Board Unit (OBU), which supports a plurality of Communication modes, such as Dedicated Short Range Communication (DSRC), cellular Communication, satellite Communication, and the like. Thus, vehicles can sense an emergency (e.g., an obstacle) within a certain range and communicate with each other in a wireless Vehicle-to-Vehicle (V2V) manner to disseminate emergency information in the SAGIVNs. In addition, each Vehicle can connect a range of RSUs or BSs wirelessly from Vehicle-to-Infrastructure (V2I) depending on the current network status and its own needs; connecting a range of sky components (in the sky part) in a Vehicle-to-sky component (V2A) mode; or connecting the satellites (in space) in a Vehicle-to-Satellite (V2S) manner, wherein the V2A and V2S manners can be regarded as special forms of the G2A and G2S manners, respectively.

In this embodiment, the emergency message dissemination system deploys an emergency message dissemination method that gives consideration to both trust management and privacy protection in SAGIVNs, so as to give consideration to both trust management and privacy protection, as shown in fig. 1, the method specifically includes the following steps:

s1, initializing the system, including initializing a trusted authority TA and initializing other entities in the system;

s11, TA initialization, specifically:

TA sets its clock and generates public key Pk for itself_TAnd private key Sk_T；

Wherein, Sk_TAlways stored by the TA secret.

TA divides time into a series of equal-length time intervals T₁,T₂,., and defining n (n is Z)₊) Selectable reputation level and threshold level L₁＜L₂＜...＜L_n。

Where the length of each time interval is denoted as θ.

For each T_α∈{T₁,T₂,., TA from [0, λ n-1 ]]Within the interval (lambda belongs to Z₊) Randomly selecting n and L₁,L₂,...,L_nOrdered integers in one-to-one correspondence

And for each

Respectively calculating 0 codes

And 1 encoding

To obtain

And

all have at most

And (4) each element.

TA random Generation of secret values

The secret value is kept secret by the TA and is

And

each element c in (1) is calculated

Get the corresponding set

And

if a hash collision occurs, another random one is generated

And regenerate

And

this detection is referred to as "collision detection-i";

wherein,

represents the pair c and

performing character string splicing, and performing FNV hash on a spliced result;

binary coding r of TA with random rho bits₁,r₂,.. fill as a new element

And

to obtain

Corresponding set of individual elements

And

for each r_τ∈{r₁,r₂,., if a certain one is available

If true, another random value r is used_τThis detection is called "collision detection-II";

where ρ is equal to

The output length of (d);

TA random rearrangement

And

i.e. randomly disordering the element sequence in each set to obtain the corresponding set

And

and storing it in a database;

wherein,

and

are respectively called and L_β∈{L₁,L₂,...,L_nAt T_αInner secret 0 encoding and secret 1 encoding.

S12, initializing other entities, specifically:

configuring a satellite and corresponding ground base stations, and establishing wired connection between each ground base station and a TA (timing advance);

configuring an unmanned aerial vehicle, a balloon and an airship to suspend above a road and supplement BS;

RSUs are installed beside a road, and wired connection is established between each RSU and a TA;

BSs are installed near the road, and a wired connection is established between each BS and the TA.

S2, vehicle registration, specifically:

when the vehicle V_iUpon registration with the TA, the TA distributes a unique identifier i for it, and the TA generates V_iMaster public key of

And a master private key

And is taken as V in an off-line manner_iInstalling Trusted Platform Module (TPM) for storage

Pk_TClocks synchronized with the TA, parameters shared with the TA, cryptography and digital signature algorithms, and protection reputation certificates, ephemeral private keys, and secret threshold level sets to ensure that they are not stolen, manipulated, or shared.

TA is V according to equation (1)_iSetting initial reputation score

And will V_iIs stored in the database, the formula is as follows:

s3, request for reputation certificate, at the beginning of each time interval, vehicle V_iRequesting a new reputation certificate, a temporary private key and a secret threshold level set from the TA, specifically:

S31、V_igenerating random values

And selecting a threshold level

Then generates the request information

As shown in equation (2):

wherein,

indicating the use of Pk_TThe asymmetric encryption is carried out and,

indicating use of

The generated digital signature is shown in formula (3):

vehicle V_iBy means of V2I or V2A or V2S

Sending the data to the TA;

receive from

Then, TA utilizes Sk_TDecryption

To obtain i,

And

and based on

Authentication

The validity of (2);

TA obtains the Current T_αAnd attempts to retrieve V from the database_iAt T_αK groups of reputation certificates, ephemeral private keys, and a secret threshold level set:

if the search result is null, TA searches V in the data base_iCurrent reputation score of

And convert it to the current reputation level

The conversion is shown in equation (4):

suppose that

Wherein L is_βi∈{L₁,L₂,...,L_n}；

TA retrieves from the database at T_αInner correspond to

Secret 0 encoding of

And is V_iGenerating k sets of pseudonyms, ephemeral public keys, ephemeral private keys, and random values to form

Wherein,

are each V_iAt T_αThe k-th pseudonym, the k-th temporary public key, the k-th temporary private key and the k-th random key in the blockA machine value;

for each kappa, TA is

Each element c in (1) calculates

Filling and randomly rearranging the set (including collision detection-I and collision detection-II) to obtain V according to the method mentioned in TA initialization_iAt T_αInner kth random reputation level

TA is V_iIs generated at T_αInner kth reputation certificate

As shown in equation (5):

wherein,

indicating the use of Sk_TThe generated digital signature is shown in formula (6):

suppose that

Wherein

TA retrieves from the database at T_αInner correspond to

Secret 1 encoding of

And using it as V_iAt T_αInner secret threshold level set

Then will be

And

stored in a database.

Secondly, if the retrieval result is not null, the TA adopted result is concentrated on the existing one

And

without generating new ones

And

the above strategy can ensure that even V_iRequest TA multiple times, at each T_αOnly k groups of reputation certificates, temporary private keys and a secret threshold level set can be obtained, which greatly enhances the privacy protection capability of the method.

S32, TA is V_iGenerating a response message

As shown in equation (7):

wherein,

indicating use of

The asymmetric encryption is carried out and,

indicating the use of Sk_TThe generated digital signature is shown in formula (8):

TA will be

Is returned to V_i；

Receive from

Then, V_iUse of

Decryption

To obtain

And

and based on

Authentication

The validity of (2);

V_istore in its local storage

And

if V_iFail to receive in time

It can adopt other alternative ways (i.e. V2I or V2A or V2S) to send a new request message (containing a new random

To avoid its request message being linked by an adversary) to request the TA again.

S4, spreading the urgent message, wherein when an urgent event epsilon occurs, the urgent message about epsilon can be spread in nearby vehicles by a V2V method, specifically:

s41, if a certain vehicle V_iSensing the presence of epsilon and intentionally reporting to surrounding vehicles by on-board sensors, V_iFirst, the current T is derived_αRandomly selecting one kappa from {1, 2.. multidot.k }, and then searching in a local storage

V_iGenerating an emergency message about an event epsilon

As shown in formula (9):

wherein,

a description is shown with respect to the event epsilon,

to represent

The time stamp of the time when it was generated,

indicating use of

The generated digital signature is shown in formula (10):

wherein,

is comprised in

Middle V_iThe kth pseudonym of (1);

V_iin the mode of V2V

Broadcast to surrounding vehicles.

S42, when another vehicle V_jReceive from

V_jBased on

And

separately verify

And

effectiveness of：

V_jDeriving a current time interval

And a current time stamp

Respectively verified by detecting formula (11) and formula (12)

And

has not expired wherein

And psi are two predefined parameters.

Vehicle V_jRetrieve at T in local store_αInner secret threshold level set

And from

Is prepared by

And

then is that

Each element c in (1) calculates

To obtain a corresponding set

(it is called V_jIs corresponding to

Random threshold level set) and detect

Whether or not this is true.

If true, then

I.e. V_iAt V_jIt appears to be authentic, therefore V_jIs based on immediately

Making a decision; at the same time, V_jCan also be based on

Generating and broadcasting an urgent message to surrounding vehicles;

if not, then

I.e. V_iAt V_jIt appears to be untrusted, therefore V_jCan not be aligned with

Making any decision; whether or not

Whether or not it is true, as long as

Is effective and does notExpiration date, V_jAll store

To facilitate subsequent reputation feedback reporting. This strategy can greatly facilitate the reputation evolution of newly registered vehicles with low initial reputation scores.

In the above process, each message receiver can accurately judge whether a message broadcaster is trusted or not in a non-interactive and privacy-protecting manner.

S5, the reputation feedback report specifically includes:

when a certain vehicle V_jWhen the vehicle enters a preset range of the occurrence of the emergency event epsilon, the actual state of the epsilon (namely whether the vehicle exists or not, marked as

) And judge

The correctness of the operation. V_jIs composed of

Calculating a feedback score

As shown in equation (13):

V_jis composed of

Generating prestige feedback

As shown in equation (14):

wherein, alpha,

And

are all extracted from

Indicating use of

The generated digital signature is shown in formula (15):

V_jstoring

And sends it to TA by way of V2I or V2A or V2S;

receive from

After that, TA is verified by the detection equation (16)

Validating and deriving the current timestamp Tn_T。

TA verification by detection equation (17)

Where ω is a predefined parameter;

TA will be

And a unique identifier i (corresponding to T) of the message broadcaster_αInside of

) Stored in a database. If V_jIs composed of

Multiple reputation feedbacks are reported and the TA stores only the latest one.

TA is

Generating acknowledgement messages

As shown in equation (18):

wherein,

is extracted from

Indicating the use of Sk_TThe generated digital signature is shown in formula (19):

TA will be

Is returned to V_j；

Receive from

Rear, V_jUse of

Decryption

And verify

Whether or not it is consistent with formula (19), decrypted

And is stored

In (1)

Whether they are equal; if the verification passes, V_jConfirm TA has received

And deleted from local storage

If V_jFail to receive in time

Or if the verification fails, V_jWill be provided with

And sent to the TA again in the other alternative (i.e., V2I or V2A or V2S).

And S6, updating the reputation information, and updating the reputation information of the vehicle by the TA according to the reputation feedback in the database when each time interval is ended, wherein the updating specifically comprises the following steps:

for each time interval (e.g. T)_α) And each vehicle (e.g. V)_i)，

TA derived current timestamp

And selects from the database that it is within the predefined time range (i.e., satisfies equation (20) where

Is a predefined parameter) is V_iAll reputation feedback reported by the urgent message (the set of which is denoted as

)

TA calculation of V_iNew reputation score of

As shown in equation (21):

wherein,

and

respectively, V in TA database_iAnd V_jIs equal to [0,1 ] the current reputation score of]Is an attenuation factor.

I.e. if the formula (22) holds,

is calculated as

Wherein the current reputation score of each message recipient is taken as an important weight; if not, then,

are calculated as attenuation factors delta and V_iThe product of the current prestige scores.

TA will be V_iReputation score in the database is updated to

Is obtained by the formula (1) and the formula (21)

And

all belong to the interval [0,1]。

It should also be noted that in this specification, terms such as "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.

The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (9)

1. An emergency message spreading method considering trust management and privacy protection in SAGAVINS is characterized by comprising a trusted authority TA, a road side unit RSU, a cellular base station BS, a vehicle-mounted sensor and a vehicle-mounted unit OBU of the vehicle, a sky component, a satellite and a ground base station corresponding to the satellite, and comprises the following steps:

initializing a system, initializing a trusted authority TA and initializing other entities in the system; the method specifically comprises the following steps:

setting TA self-clock and generating public key Pk for TA self_TAnd private key Sk_TWherein Sk_TAlways stored secretly by the TA;

TA divides time into a series of equal-length time intervals T₁,T₂…, and defining n selectable reputation levels and a threshold level L₁＜L₂＜…＜L_nWherein the length of each time interval is represented as theta, n ∈ Z₊；

For each T_α∈{T₁,T₂…, TA from [0, λ n-1 ]]Randomly selecting n and L in interval₁,L₂,...,L_nOrdered integers in one-to-one correspondence

And for each

Respectively calculating 0 codes

And 1 encoding

To obtain

And

all have at most

An element; wherein λ ∈ Z₊；

TA random Generation of secret values

The secret value is kept secret by the TA and is

And

each element c in (1) is calculated

Get the corresponding set

And

if a hash collision occurs, another random one is generated

And regenerate

And

referred to as "collision detection-i";

wherein,

represents the pair c and

performing character string splicing, and performing FNV hash on a spliced result;

binary coding r of TA with random rho bits₁,r₂… filling as a new element

And

to obtain

Corresponding set of individual elements

And

for each r_τ∈{r₁,r₂… }, if a certain one is present

If true, another random value r is used_τReferred to as "collision detection-II";

where ρ is equal to

The output length of (d);

TA random rearrangement

And

i.e. randomly disordering the element sequence in each set to obtain the corresponding set

And

and storing it in a database;

wherein,

and

are respectively called and L_β∈{L₁,L₂,…,L_nAt T_αInner secret 0 encoding and secret 1 encoding;

vehicle registration, when a new vehicle is accessed into the SAGAVINS, a trusted authority TA distributes a unique identifier for the new vehicle, generates a master public key and a master private key, installs a trusted platform module and sets an initial reputation score for the vehicle;

the method comprises the steps that a prestige certificate request is carried out, and a vehicle requests a new prestige certificate, a temporary private key and a secret threshold level set from a TA;

spreading emergency messages, wherein when a certain vehicle senses the occurrence of an emergency through a vehicle-mounted sensor, the emergency messages are spread to other vehicles in a vehicle-to-vehicle V2V mode;

the method comprises the following steps that a prestige feedback report is carried out, when other vehicles drive into a preset range of emergency occurrence, the actual state of the emergency is sensed through a vehicle-mounted sensor, and the correctness of the emergency message is judged;

and (4) updating the prestige information, and updating the prestige information of the vehicle by the TA according to the prestige feedback in the database.

2. The method as claimed in claim 1, wherein the initialization of other entities in the system is specifically:

configuring a satellite and corresponding ground base stations, and establishing wired connection between each ground base station and a TA (timing advance);

configuring a sky assembly to be suspended above a roadway and to supplement a BS, wherein the sky assembly includes a drone, a balloon, and an airship;

RSUs are installed beside a road, and wired connection is established between each RSU and a TA;

BSs are installed near the road, and a wired connection is established between each BS and the TA.

3. The method as claimed in claim 1, wherein the vehicle registration is specifically as follows:

when the vehicle V_iUpon registration with the TA, the TA distributes a unique identifier i for it, and the TA generates V_iMaster public key of

And a master private key

And is taken as V in an off-line manner_iInstalling a trusted platform module;

the trusted platform module is used for storing

Pk_TA clock synchronized with the TA, parameters shared with the TA, and cryptography and digital signature algorithms to protect the reputation certificate, the temporary private key, and the secret threshold level set from theft, manipulation, or sharing;

TA is V according to equation (1)_iSetting initial reputation score

And will V_iIs stored in the database, the formula is as follows:

4. the method of claim 3, wherein said request for reputation certificates comprises the steps of:

V_igenerating random values

And selecting a threshold level

Then generates the request information

As shown in equation (2):

wherein,

indicating the use of Pk_TThe asymmetric encryption is carried out and,

indicating use of

The generated digital signature is shown in formula (3):

vehicle V_iWill be connected by means of vehicle-to-infrastructure V2I or vehicle-to-sky assembly V2A or vehicle-to-satellite V2S

Sending the data to the TA;

receive from

Then, TA utilizes Sk_TDecryption

To obtain i,

And

and based on

Authentication

The validity of (2).

5. The method of claim 4, wherein said request for reputation certificates further comprises the steps of:

TA obtains the Current T_αAnd attempts to retrieve V from the database_iAt T_αK groups of reputation certificates, ephemeral private keys, and a secret threshold level set:

if the search result is null, TA searches V in the database_iCurrent reputation score of

And convert it to the current reputation level

The conversion is shown in equation (4):

suppose that

Wherein L is_βi∈{L₁,L₂,…,L_n}；

TA retrieves from the database at T_αInner correspond to

Secret 0 encoding of

And is V_iGenerating k sets of pseudonyms, ephemeral public keys, ephemeral private keys, and random values to form

Wherein,

are each V_iAt T_αA kth pseudonym, a kth temporary public key, a kth temporary private key, and a kth random value within;

for each kappa, TA is

Each element c in (1) calculates

Filling and randomly rearranging the set to obtain V according to the method mentioned in TA initialization_iAt T_αInner kth random prestigeGrade

TA is V_iIs generated at T_αInner kth reputation certificate

As shown in equation (5):

wherein,

indicating the use of Sk_TThe generated digital signature is shown in formula (6):

suppose that

Wherein

TA retrieves from the database at T_αInner correspond to

Secret 1 encoding of

And using it as V_iAt T_αInner secret threshold level set

Then will be

And

storing in a database;

if the search result is not null, TA adopts the existing result set

And

without generating new ones

And

after executing corresponding operation according to the retrieval result, TA is V_iGenerating a response message

As shown in equation (7):

wherein,

indicating use of

The asymmetric encryption is carried out and,

indicating the use of Sk_TGenerated digital signatures, e.g. officialFormula (8):

TA will be

Is returned to V_i；

Receive from

Then, V_iUse of

Decryption

To obtain

And

and based on

Authentication

The validity of (2);

V_istore in its local storage

And

if V_iFail to receive in time

The TA will be requested again with a new request message in the form of V2I or V2A or V2S.

6. The method as claimed in claim 5, wherein the emergency message dissemination method for both trust management and privacy protection in SAGEVNs is specifically as follows:

when a certain vehicle V_iV when the presence of an emergency event epsilon is sensed by an on-board sensor and intentionally reported to a surrounding vehicle_iFirst, the current T is derived_αRandomly selecting a kappa from {1,2, …, k }, and then searching in the local storage

V_iGenerating an emergency message about an event epsilon

As shown in formula (9):

wherein,

a description is shown with respect to the event epsilon,

to represent

The time stamp of the time when it was generated,

indicating use of

The generated digital signature is shown in formula (10):

wherein,

is comprised in

Middle V_iThe kth pseudonym of (1);

V_iin the mode of V2V

Broadcast to other vehicles;

when another vehicle V_jReceive from

V_jBased on

And

separately verify

And

the effectiveness of (a) is specifically:

V_jderiving a current time interval

And a current time stamp

Respectively verified by detecting formula (11) and formula (12)

And

has not expired wherein

And ψ is two predefined parameters;

vehicle V_jRetrieve at T in local store_αInner secret threshold level set

And from

Is prepared by

And

then is that

Each element c in (1) calculates

To obtain a corresponding set

And detecting

Whether the result is true or not;

if it is not

Is established, then

I.e. V_iAt V_jIt appears to be authentic, therefore V_jIs based on immediately

Making a decision; at the same time, V_jCan also be based on

Generating and broadcasting an emergency message to other vehicles;

if it is not

If not, then

I.e. V_iAt V_jIt appears to be untrusted, therefore V_jCan not be aligned with

Making any decision;

therein, no matter whether

Whether or not it is true, as long as

Effective and unexpired, V_jAll store

To facilitate subsequent reputation feedback reporting.

7. The method as claimed in claim 6, wherein the reputation feedback report is specifically:

when a certain vehicle V_jWhen the vehicle enters a preset range of the occurrence of the emergency event epsilon, the actual state of the emergency event epsilon is sensed and judged through the vehicle-mounted sensor

The correctness of the test;

V_jis composed of

Calculating a feedback score

As shown in equation (13):

wherein,

the actual state of the emergency event epsilon;

V_jis composed of

Generating prestige feedback

As shown in equation (14):

wherein, alpha,

And

are all extracted from

Indicating use of

The generated digital signature is shown in formula (15):

V_jstoring

And sends it to TA by way of V2I or V2A or V2S;

receive from

After that, TA is verified by the detection equation (16)

Efficient and exportCurrent time stamp Tn_T；

TA verification by detection equation (17)

Where ω is a predefined parameter;

TA will be

And the unique identifier i of the emergency message broadcaster is stored in the database, and if V_jIs composed of

Reporting a plurality of prestige feedbacks, the TA storing only the latest one;

TA is

Generating acknowledgement messages

As shown in equation (18):

wherein,

is extracted from

Indicating the use of Sk_TThe generated digital signature is shown in formula (19):

TA will be

Is returned to V_j；

Receive from

Rear, V_jUse of

Decryption

And verify

Whether or not it is consistent with formula (19), decrypted

And is stored

In (1)

Whether they are equal; if the verification passes, V_jConfirm TA has received

And deleted from local storage

If V_jFail to receive in time

Or if the verification fails, V_jWill be provided with

And re-sent to TA in V2I or V2A or V2S.

8. The method as claimed in claim 7, wherein the updating of reputation information is specifically as follows:

for each time interval and each vehicle, the TA derives a current timestamp

And selecting V within a predefined time range from the database_iAll reputation feedback reported by the emergency message;

wherein,

for predefining time range parameters, use

Is shown as V_iThe set of all reputation feedbacks reported by the emergency message of (1);

TA calculation of V_iNew reputation score of

As shown in equation (21):

wherein,

and

respectively, V in TA database_iAnd V_jIs equal to [0,1 ] the current reputation score of]Is an attenuation factor;

i.e. if the formula (22) holds,

is calculated as

A weighted average sum of; if not, then,

are calculated as attenuation factors delta and V_iThe product of the current reputation scores;

finally, TA will be V_iReputation score in the database is updated to

An emergency message dissemination system for both trust management and privacy protection in SAGAVINs, characterized in that the emergency message dissemination method of any of claims 1-8 is applied, comprising a space section, a sky section and a ground section;

the space part comprises a plurality of satellites and corresponding ground base stations;

the sky part consists of a plurality of sky components, and the sky components specifically comprise unmanned planes, balloons and airships;

the ground part comprises a credible institution TA, a plurality of road side units RSUs, a plurality of cellular base stations BS and a plurality of vehicles, and the vehicles are provided with an on-board unit OBU and a plurality of on-board sensors; the trusted authority TA is used for registering vehicles, storing and regularly updating reputation information of the vehicles, generating and distributing reputation certificates, temporary private keys and secret threshold level sets for the vehicles;

the road side unit RSU and the cellular base station BS are used as ground infrastructure, are connected to the TA in a wired mode and are used as an interface for communication between the TA and the vehicle;

the satellites are communicated with each other in a satellite-to-satellite S2S mode, the satellites and the ground base stations are communicated with each other in a ground-to-satellite G2S mode, and the ground base stations are connected to a trusted authority in a wired mode;

the multiple sky components form one or more flying ad hoc networks FANETs, the sky components in the FANETs are communicated with each other in a sky component-to-sky component A2A mode, the sky components and the cellular base station are communicated with each other in a ground-to-sky G2A mode, and the sky components and the satellites are communicated with each other in a sky-to-space A2S mode;

emergency information is disseminated among the vehicles in a V2V wireless communication mode, the vehicles are connected with the RSU or the BS in a V2I wireless communication mode, the vehicles are connected with the sky assembly in a vehicle-to-sky assembly V2A communication mode, and the vehicles are connected with the satellites in a vehicle-to-satellite V2S communication mode.

Images