CN112954671B - Vehicle networking location privacy protection method based on pseudonymous exchange - Google Patents

Vehicle networking location privacy protection method based on pseudonymous exchange Download PDF

Info

Publication number
CN112954671B
CN112954671B CN202110110481.1A CN202110110481A CN112954671B CN 112954671 B CN112954671 B CN 112954671B CN 202110110481 A CN202110110481 A CN 202110110481A CN 112954671 B CN112954671 B CN 112954671B
Authority
CN
China
Prior art keywords
vehicle
information
calling
called
exchange
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110110481.1A
Other languages
Chinese (zh)
Other versions
CN112954671A (en
Inventor
陈惠芳
曹贞芳
谢磊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang University ZJU
Original Assignee
Zhejiang University ZJU
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang University ZJU filed Critical Zhejiang University ZJU
Priority to CN202110110481.1A priority Critical patent/CN112954671B/en
Publication of CN112954671A publication Critical patent/CN112954671A/en
Application granted granted Critical
Publication of CN112954671B publication Critical patent/CN112954671B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • H04W4/44Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P] for communication between vehicles and infrastructures, e.g. vehicle-to-cloud [V2C] or vehicle-to-home [V2H]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • H04W4/46Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P] for vehicle-to-vehicle communication [V2V]
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a vehicle networking location privacy protection method based on pseudonym exchange. The existing method has high communication overhead and cannot better resist the pseudonymous association attack based on semantics. The method of the invention utilizes the beacon information and the change rule of the vehicle position and speed, can effectively protect the position privacy of the vehicle, and has the following specific processes: the vehicles find the target vehicle and request the public key of the target vehicle from the RSU, and then negotiate with the target vehicle to reach the pseudonym exchange agreement, and finally cooperate with each other to complete the pseudonym exchange. The target vehicle searching is completed by using the predefined overtaking condition, so that the vehicle can realize smooth transition of the state by broadcasting false beacon information temporarily, and an attacker is prevented from performing pseudonym association through semantics. The method is simple to operate and easy to realize; only the target vehicle needs to be communicated, so that the communication overhead is reduced; by temporarily broadcasting false beacon information, pseudonymous association attack is effectively resisted, and the influence on security application is reduced.

Description

Vehicle networking location privacy protection method based on pseudonymous exchange
Technical Field
The invention belongs to the technical field of vehicle networking, relates to privacy protection technology based on location service, and particularly relates to a vehicle networking location privacy protection method based on pseudonym exchange.
Background
Vehicles, Road-Side units (RSUs), and Certificate Authorities (CAs) exist in the internet of vehicles. The vehicles periodically broadcast the beacon information, so that other vehicles can know the state of the whole network and take corresponding measures to avoid traffic jam and accidents. The beacon information includes the state information of the vehicle, and the vehicle broadcasts the beacon information once in a clear text form every 100ms to 1 s. When the vehicle runs on a road, the vehicle can only run towards a certain direction along the road under the premise of complying with relevant traffic regulations, and the track has predictability. An attacker analyzes and tracks the beacon information by collecting the beacon information, establishes a position file of the vehicle, learns the track of the vehicle and causes the disclosure of the privacy of the position of the vehicle.
Vehicle location privacy protection methods fall into four categories: silent mode, confusing mode, false event mode, and pseudonym replacement mode. The location privacy protection method based on silence is to close wireless communication and stop external broadcasting within a certain period of time, so as to achieve the purpose of protecting location privacy. By adopting a silencing mode, if the silencing time is short, the disclosure of the position privacy cannot be prevented, and if the silencing time is too long, the notification of the emergency event is not timely, so that the safety application and the like are negatively affected. The position privacy protection method based on confusion is to perform some processing on the broadcast state information, such as noise addition and fuzzification, so as to reduce the precision and achieve the purpose of protecting the position privacy. But a smaller offset is not effective against long-term position tracking attacks and has a greater negative impact on security applications. The location privacy protection method based on the false event is to protect the location privacy by broadcasting the false location. The method for protecting the position privacy based on the pseudonym replacement is characterized in that pseudonyms are replaced at intervals, so that continuously broadcasted beacon information cannot be associated together, and the position privacy of a vehicle is effectively protected on the premise of not influencing the safety application work.
The prior art discloses some location privacy protection methods based on pseudonym exchange. For example, the invention patent with application number 201811539727.1 discloses a method for exchanging the pseudonyms according to the number of surrounding vehicles and the communication available time. Through analysis, the method is communicated with all neighbor vehicles in the pseudonymous name exchange process, so that the communication bandwidth consumption is large, the time delay is large, and the pseudonymous name correlation attack based on semantics cannot be effectively resisted. The invention patent with application number 201711234735.0 discloses a cooperative pseudonym exchange by means of clustering, but this method is not resistant to internal attackers.
Disclosure of Invention
The invention aims to provide a vehicle networking location privacy protection method based on pseudonym exchange, aiming at solving the problems that the communication cost is too high and the location privacy cannot be effectively protected in the existing method, so that the location privacy of a vehicle is effectively protected.
The method is realized by the following technical scheme:
setting the state of the vehicle to
Figure BDA0002918812040000021
Wherein p (t) represents a position vector of the vehicle at time t, and v (t) represents a velocity vector of the vehicle at time t; the vehicle periodically broadcasts beacon information containing its status, with a beacon information broadcast interval of T.
In order to guarantee the communication safety, the vehicles and the RSU and the vehicles communicate in an asymmetric encryption mode, and the RSU is a roadside unit; in the network, the RSU broadcasts its public key periodically, i.e. assuming that the RSU public key is known. When entering the management range of the RSU, the vehicle sends the pseudonym and the certificate thereof to the RSU, the certificate comprises a vehicle public key and a vehicle public key encrypted by a CA private key, and the CA is a certificate authority. With this information, the RSU maintains a key-value pair database consisting of pseudonyms, certificates locally. The vehicle may request other vehicle public keys from the RSU to complete the communication.
The method comprises the following steps:
step (1) searching a target vehicle:
during driving, the calling vehicle A monitors the network and analyzes all received beacon information; in the collected neighbor vehicle information, if the called vehicle B exists, the running direction of the called vehicle B is the same as that of the called vehicle B, and the condition that the running direction of the called vehicle B is the same as that of the called vehicle B is met
Figure BDA0002918812040000022
The called vehicle B is considered as a target vehicle, and false overtaking is initiated;
pA(t) and pB(t) position vectors of the calling vehicle A and the called vehicle B at time t, vA(t) and vB(T) velocity vectors of the calling vehicle A and the called vehicle B at time T, TthrIs a set time threshold.
Step (2), the calling vehicle A requests the public key information of the called vehicle B from the roadside unit RSU:
(2-1) the calling vehicle A transmits authentication request information to the RSU
Figure BDA0002918812040000023
Requesting the public key of the called vehicle B; wherein the content of the first and second substances,
Figure BDA0002918812040000024
presentation information is encrypted using the RSU public key, PesuAAnd PesuBRespectively representing the pseudonyms of the calling vehicle and the called vehicle, t1Indicating transmission information M1Time of (S)1Information M representing calling vehicle A pair1The digital signature of (a) is stored,
Figure BDA0002918812040000025
the presentation information is encrypted using the calling vehicle A private key, and SHA256 (-) represents the calculation of the message digest value using the SHA-256 hash algorithm.
After the verification request information is sent, if the RSU response is received before the timer is overtime, the pseudonymous name exchange process is continued, otherwise, the verification request information is sent again;
(2-2) RSU reception information M1Then, the calling vehicle A is combined with the pseudonym PesuAAnd a digital signature S1Verifying the identity of the calling vehicle A, and if the identity of the calling vehicle A does not pass the verification, discarding the information; otherwise, the public key Pk of the called vehicle B is searched in the database thereofBAnd sends verification passing information to the calling vehicle A
Figure BDA0002918812040000031
Wherein the content of the first and second substances,
Figure BDA0002918812040000032
indicating information usageThe public key of the calling vehicle A is encrypted, t2Indicating transmission information M2Time of (S)2Representing RSU pair information M2The digital signature of (a) is stored,
Figure BDA0002918812040000033
the presentation information is encrypted using the RSU private key;
(2-3) the calling vehicle A extracts the public key of the called vehicle B:
calling vehicle A receives M2Then, decrypting and verifying the digital signature; if the verification is passed, the Pk of the public key of the called vehicle B is savedBOtherwise, the calling vehicle A sends the verification request information to the RSU again.
Step (3), the calling vehicle A communicates with the called vehicle B to reach the pseudonymous name exchange convention;
(3-1) the calling vehicle A sends false overtaking request information to the called vehicle B
Figure BDA0002918812040000034
Wherein the content of the first and second substances,
Figure BDA0002918812040000035
representation information is encrypted using the public key of the called vehicle B, StA(t3) Indicating that the calling vehicle A is at t3The state of the time-of-day,
Figure BDA0002918812040000036
PkAa public key representing the calling vehicle a; certAAs the authentication information of the calling vehicle a,
Figure BDA0002918812040000037
t3indicating transmission information M3Time of (S)3Information M representing calling vehicle A pair3The digital signature of (a) is stored,
Figure BDA0002918812040000038
(3-2) the called vehicle B receives the information M3And then, the called vehicle B checks the state of the calling vehicle A:
if it is not
Figure BDA0002918812040000039
Then first rejection information is sent to the calling vehicle a
Figure BDA00029188120400000310
Wherein, REJ is 0, which indicates that the called vehicle B refuses the pseudonymous exchange; t is t4Indicating transmission information M4Time of (S)4Information M representing called vehicle B pair4The digital signature of (a) is stored,
Figure BDA00029188120400000311
the representation information is encrypted by using a private key of a called vehicle B;
if it is not
Figure BDA00029188120400000312
Then Cert will beASaving to local and sending the first confirmation information to the calling vehicle A
Figure BDA00029188120400000313
Wherein, ACK is 1, which means the called vehicle B agrees to continue the pseudonymous exchange; certBIs the authentication information of the called vehicle B,
Figure BDA00029188120400000314
tstand tspRespectively representing the start time and end time, t, of the pseudonym exchangestSelected by the called vehicle B, tsp=tst+Tthr;t5Indicating transmission information M5Time of (S)5Information M representing called vehicle B pair5The digital signature of (2) is obtained,
Figure BDA00029188120400000315
(3-3) if the calling vehicle A receives the first rejection information M4Re-executing the step (1) to find a new target vehicle;
if the calling vehicle A receives the first confirmation information M5The calling vehicle A sends second confirmation information to the called vehicle B
Figure BDA0002918812040000041
Reach the exchange agreement of the pseudonym; ACK is 1, indicating that the calling vehicle A agrees to continue the pseudonymization exchange, t6Indicating transmission information M6Time of (S)6Information M representing calling vehicle A pair6The digital signature of (a) is stored,
Figure BDA0002918812040000042
step (4), the calling vehicle A and the called vehicle B report pseudonymous name exchange events to a certificate authority CA and a roadside unit RSU, and the pseudonymous name exchange events comprise the following steps:
(4-1) the calling vehicle A and the called vehicle B agree to continue the pseudonymous exchange, namely after reaching the pseudonymous exchange agreement, the calling vehicle A sends first provision information to the CA
Figure BDA0002918812040000043
The called vehicle B sends second backup information to the CA
Figure BDA0002918812040000044
Wherein the content of the first and second substances,
Figure BDA0002918812040000045
presentation information encrypted using CA public key, t7And t8Respectively represent the transmission information M7And M8The time of (d); s. the7Information M representing calling vehicle A pair7The digital signature of (2) is obtained,
Figure BDA0002918812040000046
S8information M representing called vehicle B pair8The digital signature of (2) is obtained,
Figure BDA0002918812040000047
(4-2) CA receives message M7And M8After, according to PesuA、PesuBAnd a digital signature S7、S8CA carries out identity authentication on the calling vehicle A and the called vehicle B, and compares t in the two pieces of informationst、tspIf the two are equal, the calling vehicle A and the called vehicle B are ensured to complete the pseudonym exchange negotiation and reach the agreement; t corresponding to two pieces of information and passing identity authenticationst、tspIf the verification result is equal to the verification result, the verification is passed, otherwise, the verification is not passed;
if the verification is passed, the CA sends third confirmation information to the calling vehicle A
Figure BDA0002918812040000048
Sending fourth confirmation information to the called vehicle B
Figure BDA0002918812040000049
Wherein, t9And t10Respectively representing transmitted information M9And M10The time of (d); s9Indicates CA pair information M9The digital signature of (a) is stored,
Figure BDA00029188120400000410
S10indicates CA pair information M10The digital signature of (a) is stored,
Figure BDA00029188120400000411
the presentation information is encrypted using a CA private key; meanwhile, a local database is updated, the corresponding relation between the vehicle and the pseudonym is modified, and non-repudiation is ensured;
if the verification is not passed, the CA sends a second rejection message to the calling vehicle A
Figure BDA00029188120400000412
Sending third refusing information to the called vehicle B
Figure BDA0002918812040000051
Wherein, t11And t12Respectively representing transmitted information M11And M12The time of (d); s11Represents CA pair information M11The digital signature of (a) is stored,
Figure BDA0002918812040000052
S12represents CA pair information M12Digital signature of (2),
Figure BDA0002918812040000053
(4-3) if the calling vehicle A receives the message M9If yes, the calling vehicle A sends a third report message to the RSU
Figure BDA0002918812040000054
Wherein, t13Indicating transmission information M13Time of (S)13Information M representing calling vehicle A pair13The digital signature of (2) is obtained,
Figure BDA0002918812040000055
if the calling vehicle A receives the information M11Ending the pseudonym exchange, and starting to execute a new pseudonym exchange process from the step (1);
if the called vehicle B receives M10If yes, the called vehicle B sends fourth backup information to the RSU
Figure BDA0002918812040000056
Wherein, t14Indicating transmission information M14Time of (S)14Information M representing called vehicle B pair14The digital signature of (a) is stored,
Figure BDA0002918812040000057
if the called vehicle B receives the information M12If yes, the pseudonym exchange is ended, and a new pseudonym exchange process is executed from the step (1);
(4-4) RSU reception information M13And M14The RSU then authenticates the information: according to PesuADigital signature S13Authenticating the identity of the calling vehicle A according to PesuBDigital signature S14The identity authentication is carried out on the called vehicle B, and the calling vehicle A and the called vehicle B are ensured to complete the pseudonymous name exchange negotiation and reach the agreement; if the authentication is passed, updating the local database, and modifying the corresponding relation between the pseudonym and the certificate; if the authentication is not passed, the information M is discarded13、M14
And (5) performing pseudonym exchange.
At tstWhen the vehicle broadcasts a piece of real beacon information, and then the pseudonyms are exchanged, namely the calling vehicle A uses the pseudonym Pesu of the called vehicle BBThe called vehicle B uses the pseudonym Pesu of the calling vehicle AAStarting to broadcast beacon information containing a false state; at tspWhen the beacon is received, pseudonym exchange is completed, and real beacon information broadcasting is recovered;
at tst~tspMeanwhile, the beacon information broadcast by the calling vehicle A is marked as A1,A2,…,ANAnd the beacon information broadcast by the called vehicle B is recorded as B1,B2,…,BNAmount of beacon information
Figure BDA0002918812040000058
T denotes a beacon information broadcast interval;
state of calling vehicle A at time t
Figure BDA0002918812040000059
State of called vehicle B at time t
Figure BDA00029188120400000510
The calling vehicle A estimates it at tspState value of time
Figure BDA0002918812040000061
The called vehicle B estimates the time tspState value of time
Figure BDA0002918812040000062
Caller vehicle A calculates intermediate states
Figure BDA0002918812040000063
Wherein, tiIndicating the time of broadcasting the i-th beacon information, ti=tst+ iT; get the demarcation point
Figure BDA0002918812040000064
The beacon information a broadcast by the calling vehicle aiDummy states contained in
Figure BDA0002918812040000065
Called vehicle B calculates intermediate state
Figure BDA0002918812040000066
Obtaining a demarcation point
Figure BDA0002918812040000067
The beacon information B broadcast by the called vehicle BiDummy states contained in
Figure BDA0002918812040000068
By the above algorithm, t is generatedstTime of the other party's position, to tspThe false track ending at the self position ensures that the false state information is continuous and approaches to the self real state information continuously, the difference between the false state information and the self state information is gradually reduced, and the smooth transition from the state of the opposite side to the self state is realized, so that an attacker cannot identify and track the pseudonym exchange through semantic analysis.
The invention relates to a vehicle position privacy protection method based on kana exchange, which combines a vehicle driving rule and vehicle state information to generate a false position during the kana exchange and simulate overtaking behavior so as to protect the position privacy of a vehicle user, and compared with the existing vehicle position privacy protection method, the vehicle position privacy protection method has the following advantages:
(1) the initiation of the pseudonym does not need the intervention of an RSU, and the vehicle can automatically decide when and with whom to exchange the pseudonym through the overtaking condition, so that the vehicle has certain autonomy and flexibility, and the privacy of the vehicle is protected more effectively.
(2) By broadcasting the false beacon information, the vehicle can realize smooth transition of a track, and effectively prevent an attacker from identifying and tracking pseudonymous exchange; through reasonable design, vehicles participating in false beacon information broadcasting and broadcasting time are reduced, safe application can work better, and higher-quality service is provided.
Drawings
FIG. 1 is a flow chart of the method of the present invention.
Detailed Description
The invention is further described in detail below by way of examples and with reference to the accompanying drawings.
As shown in fig. 1, the method for protecting location privacy of internet of vehicles based on pseudonym exchange is implemented by the following steps:
assume that the position of a vehicle in the Internet of vehicles is characterized using a two-dimensional coordinate system, such as calling vehicle A having a state of
Figure BDA0002918812040000071
Wherein
Figure BDA0002918812040000072
And
Figure BDA0002918812040000073
respectively representing the position components of the vehicle in the x-direction and the y-direction;
Figure BDA0002918812040000074
and
Figure BDA0002918812040000075
representing the velocity components of the vehicle in the x-direction and y-direction, respectively. The system uses UTC time in the format hhmms. Caller vehicle A uses the pseudonym PesuAState of change
Figure BDA0002918812040000076
The called vehicle B uses a pseudonym PesuBState of change
Figure BDA0002918812040000077
The vehicle moves at a constant speed; t isthrSetting to be 5 s; the beacon information broadcast interval T is 500 ms.
The communication among vehicles, vehicles and RSU uses RSA encryption algorithm, and the calling vehicle A generates algorithm according to RSA keySelecting two different large prime numbers p and q, and calculating nASelecting a large integer e ═ pqAAnd dASatisfies the following conditions:
gcd(eA,(p-1)(q-1))=1 (4)
(dAeA)mod((p-1)(q-1))=1 (5)
the calling vehicle A public key is PkA=(nA,eA) The private key is PrA=(nA,dA). Likewise, the called vehicle B generates its public key PkB=(nB,eB) Private key PrB=(nB,dB) (ii) a RSU generates its public key PkRSU=(nRSU,eRSU) Private key PrB=(nRSU,dRSU)。
Step (1) searching a target vehicle:
the calling vehicle A monitors the network, finds that the neighbor called vehicle B has the same driving direction with the calling vehicle A, and meets the requirement
Figure BDA0002918812040000078
Taking the called vehicle B as a target vehicle, and initiating false overtaking to the called vehicle B;
step (2), the calling vehicle A requests the public key information of the called vehicle B from the roadside unit RSU:
(2-1) when t is 023137.000, the calling vehicle a transmits authentication request information to the RSU
Figure BDA0002918812040000081
Requesting a public key of a called vehicle B; wherein S is1Information M representing calling vehicle A pair1The digital signature of (a) is stored,
Figure BDA0002918812040000082
after the verification request information is sent, if the RSU response is received before the timer is overtime, the pseudonymous name exchange process is continued, otherwise, the verification request information is sent again;
(2-2) when t is 023137.010, the RSU receives the message M1. RSU combines calling vehicle A pseudonym PesuAAnd digital labelName S1Verifying the identity of the calling vehicle A, and if the identity of the calling vehicle A does not pass the verification, discarding the information; otherwise, the public key Pk of the called vehicle B is searched in the database thereofB=(nB,eB) And sends verification passing information to the calling vehicle A
Figure BDA0002918812040000083
Wherein S is2Representing RSU pair information M2The digital signature of (a) is stored,
Figure BDA0002918812040000084
(2-3) the calling vehicle A extracts the public key of the called vehicle B:
information M received by calling vehicle A2Then, decrypting and verifying the digital signature; if the verification is passed, the public key Pk of the called vehicle B is savedBOtherwise, the calling vehicle A sends the verification request information to the RSU again.
Step (3), the calling vehicle A communicates with the called vehicle B to reach the pseudonymous name exchange convention;
(3-1) when t is 023137.020, the calling vehicle A sends false overtaking request information to the called vehicle B
Figure BDA0002918812040000085
Wherein S is3Information M representing calling vehicle A pair3The digital signature of (a) is stored,
Figure BDA0002918812040000086
(3-2) when t is 023137.030, the called vehicle B receives the message M3And the called vehicle B checks the state of the calling vehicle A:
if it is not
Figure BDA0002918812040000087
Then first rejection information is sent to the calling vehicle a
Figure BDA0002918812040000088
Wherein S is4Information M representing called vehicle B pair4The digital signature of (a) is stored,
Figure BDA0002918812040000089
if it is not
Figure BDA00029188120400000810
Then Cert will beASaving to local and sending the first confirmation information to the calling vehicle A
Figure BDA00029188120400000811
S5Information M representing called vehicle B pair5The digital signature of (a) is stored,
Figure BDA0002918812040000091
(3-3) if the calling vehicle A receives the first rejection information M4Re-executing the step (1) to find a new target vehicle; if the calling vehicle A receives the first confirmation information M5If yes, the calling vehicle A sends a second confirmation message to the called vehicle B
Figure BDA0002918812040000092
Reach a pseudonym exchange contract, wherein S6Information M representing calling vehicle A pair6The digital signature of (a) is stored,
Figure BDA0002918812040000093
step (4), the calling vehicle A and the called vehicle B report pseudonymous name exchange events to a certificate authority CA and a roadside unit RSU, and the pseudonymous name exchange events comprise the following steps:
(4-1) the calling vehicle A and the called vehicle B agree to continue the pseudonymous exchange, namely after reaching the pseudonymous exchange agreement, the calling vehicle A sends first provision information to the CA
Figure BDA0002918812040000094
The called vehicle B sends second backup information to the CA
Figure BDA0002918812040000095
S7Information M representing calling vehicle A pair7The digital signature of (a) is stored,
Figure BDA0002918812040000096
S8information M representing called vehicle B pair8The digital signature of (a) is stored,
Figure BDA0002918812040000097
(4-2) receipt of message M7And M8Then, CA carries out identity authentication to the calling vehicle A and the called vehicle B, and compares t in the two pieces of informationst、tspWhether the two are equal or not ensures that the calling vehicle A and the called vehicle B finish the pseudonymous name exchange negotiation and reach the same; t corresponding to two pieces of information and passing identity authenticationst、tspIf the verification result is equal to the verification result, the verification is passed, otherwise, the verification is not passed;
if the verification is passed, the CA sends third confirmation information to the calling vehicle A
Figure BDA0002918812040000098
Sending fourth confirmation information to the called vehicle B
Figure BDA0002918812040000099
Wherein S is9Indicates CA pair information M9The digital signature of (2) is obtained,
Figure BDA00029188120400000910
S10represents CA pair information M10The digital signature of (a) is stored,
Figure BDA00029188120400000911
containing information M encrypted by the private key of the vehicle CA10A plaintext digest value; meanwhile, a local database is updated, the corresponding relation between the vehicle and the pseudonym is modified, and non-repudiation is ensured;
if the verification is not passed, the CA sends a second rejection message to the calling vehicle A
Figure BDA00029188120400000912
Sending third refusing information to the called vehicle B
Figure BDA00029188120400000913
Wherein S is11Indicates CA pair information M11The digital signature of (a) is stored,
Figure BDA0002918812040000101
S12indicates CA pair information M12The digital signature of (2) is obtained,
Figure BDA0002918812040000102
(4-3) if the calling vehicle A receives M9If yes, the calling vehicle A sends a third report message to the RSU
Figure BDA0002918812040000103
Wherein S is13Information M representing calling vehicle A pair13The digital signature of (a) is stored,
Figure BDA0002918812040000104
if calling vehicle A receives M11If yes, the pseudonym exchange is ended, and a new pseudonym exchange process is executed from the step (1);
if the called vehicle B receives M10If yes, the called vehicle B sends fourth backup information to the RSU
Figure BDA0002918812040000105
Wherein S is14Information M representing called vehicle B pair14The digital signature of (a) is stored,
Figure BDA0002918812040000106
if the called vehicle B receives M12Ending the pseudonym exchange, and starting to execute a new pseudonym exchange process from the step (1);
(4-4) RSU receives M13And M14The RSU then authenticates the information: according to PesuADigital signature S13Authenticating the identity of the calling vehicle A according to PesuBDigital signature S14The identity authentication is carried out on the called vehicle B, and the calling vehicle A and the called vehicle B are ensured to complete the pseudonymous name exchange negotiation and reach the agreement; if the authentication is passed, updatingThe local database modifies the corresponding relation between the pseudonym and the certificate; if the authentication is not passed, the information M is discarded13、M14
And (5) performing pseudonym exchange.
tstWhen t is 023137.500, status St of calling vehicle aA(023137.500)=[[105 82.5][10 5]]TCalled vehicle B State StB(023137.500)=[[85 72.5][10 5]]TThe vehicles exchange pseudonyms; t is tspWhen, i.e. t is 023142.500, status St of calling vehicle aA(023142.500)=[[155 107.5][10 5]]TCalled vehicle B State StB(023142.500)=[[135 97.5][10 5]]TAnd the vehicle completes the pseudonym exchange and recovers the broadcast of the real beacon information.
The amount of beacon information during periods 023137.500-023142.500
Figure BDA0002918812040000107
The beacon information broadcast by the calling vehicle A is marked as A1,A2,…,A10And the beacon information broadcast by the called vehicle B is recorded as B1,B2,…,B10
State St of calling vehicle A at time tA(t)=[[105+10Δt 82.5+5Δt][10 5]]T,Δt=t-tst(ii) a State St of called vehicle B at time tB(t)=[[85+10Δt 72.5+5Δt][10 5]]T
The calling vehicle A estimates it at tspTime status value St'A(tsp)=[[120 95][0 0]]T
The called vehicle B estimates it at tspTime status value St'B(tsp)=[[110 85][0 0]]T
Caller vehicle A calculates intermediate states
Figure BDA0002918812040000111
Wherein, ti=tst+ iT represents the time of broadcasting the ith beacon message, and a demarcation point k is obtainedAIf 1, the calling vehicle a broadcasts beacon information aiDummy states contained in
Figure BDA0002918812040000112
Called vehicle B calculates intermediate state
Figure BDA0002918812040000113
Obtaining a demarcation point kBIf it is 5, the called vehicle B broadcasts beacon information BiDummy states contained in
Figure BDA0002918812040000114
The content of the foregoing embodiments is only exemplary of the implementation forms of the present invention, and the protection scope of the present invention should not be limited to the specific forms set forth in the embodiments, and the protection scope of the present invention should also include the similar inventive methods conceived on the basis of the present invention.

Claims (4)

1. A vehicle networking location privacy protection method based on pseudonym exchange is characterized by comprising the following specific steps:
step (1) searching a target vehicle:
during driving, the calling vehicle A monitors the network and analyzes all received beacon information; in the collected neighbor vehicle information, if the called vehicle B exists, the running direction of the called vehicle B is the same as that of the called vehicle B, and the condition that the running direction of the called vehicle B is the same as that of the called vehicle B is met
Figure FDA0003589547760000011
The called vehicle B is considered as a target vehicle, and false overtaking is initiated; p is a radical ofA(t) and pB(t) position vectors of the calling vehicle A and the called vehicle B at time t, vA(t) and vB(T) velocity vectors of the calling vehicle A and the called vehicle B at time T, TthrIs a set time threshold;
step (2), the calling vehicle A requests the public key information of the called vehicle B from the roadside unit RSU:
step (3), the calling vehicle A communicates with the called vehicle B to reach the pseudonymous name exchange convention;
step (4), the calling vehicle A and the called vehicle B report pseudonymous name exchange events to a certificate authority CA and a roadside unit RSU;
step (5) exchanging pseudonyms; the method comprises the following steps:
at tstWhen the vehicle broadcasts a piece of real beacon information, and then the pseudonyms are exchanged, namely the calling vehicle A uses the pseudonym Pesu of the called vehicle BBThe called vehicle B uses the pseudonym Pesu of the calling vehicle AAStarting to broadcast beacon information containing a false state; at tspWhen the beacon is received, pseudonym exchange is completed, and real beacon information broadcasting is recovered; t is tstAnd tspRespectively representing the starting time and the ending time of the pseudonym exchange;
at tst~tspMeanwhile, the beacon information broadcast by the calling vehicle A is marked as A1,A2,…,ANAnd the beacon information broadcast by the called vehicle B is recorded as B1,B2,…,BNAmount of beacon information
Figure FDA0003589547760000012
T denotes a beacon information broadcast interval;
state of calling vehicle A at time t
Figure FDA0003589547760000013
State of called vehicle B at time t
Figure FDA0003589547760000014
The calling vehicle A estimates it at tspState value of time
Figure FDA0003589547760000015
The called vehicle B estimates it at tspState value of time
Figure FDA0003589547760000016
Caller vehicle A calculates intermediate states
Figure FDA0003589547760000017
Wherein, tiIndicating the time of broadcasting the i-th beacon information, ti=tst+ iT; obtaining a demarcation point
Figure FDA0003589547760000021
The beacon information a broadcast by the calling vehicle aiDummy states contained in
Figure FDA0003589547760000022
Called vehicle B calculates intermediate state
Figure FDA0003589547760000023
Obtaining a demarcation point
Figure FDA0003589547760000024
The beacon information B broadcast by the called vehicle BiDummy states contained in
Figure FDA0003589547760000025
2. The vehicle networking location privacy protection method based on pseudonym exchange according to claim 1, wherein the step (2) is specifically:
(2-1) the calling vehicle A transmits authentication request information to the RSU
Figure FDA0003589547760000026
Requesting the public key of the called vehicle B; wherein the content of the first and second substances,
Figure FDA0003589547760000027
presentation information is encrypted using the RSU public key, PesuAAnd PesuBRespectively representing the pseudonyms of the calling vehicle and the called vehicle, t1Indicating transmission information M1When (2) is in contact withM, S1Information M representing calling vehicle A pair1The digital signature of (a) is stored,
Figure FDA0003589547760000028
Figure FDA0003589547760000029
the presentation information is encrypted using the calling vehicle A private key;
after the verification request information is sent, if the RSU response is received before the timer is overtime, the pseudonymous name exchange process is continued, otherwise, the verification request information is sent again;
(2-2) RSU reception information M1Then, combine the false name Pesu of the calling vehicle AAAnd a digital signature S1Verifying the identity of the calling vehicle A, and if the identity of the calling vehicle A does not pass the verification, discarding the information; otherwise, looking up the public key Pk of the called vehicle B in the database thereofBAnd sends verification passing information to the calling vehicle A
Figure FDA00035895477600000210
Wherein the content of the first and second substances,
Figure FDA00035895477600000211
presentation information is encrypted using the calling vehicle A public key, t2Indicating transmission information M2Time of (S)2Representing RSU pair information M2The digital signature of (2) is obtained,
Figure FDA00035895477600000212
Figure FDA00035895477600000213
the presentation information is encrypted using the RSU private key;
(2-3) the calling vehicle A extracts the public key of the called vehicle B:
calling vehicle A receives M2Then, decrypting and verifying the digital signature; if the verification is passed, saving Pk of the public key of the called vehicle BBOtherwise, the calling vehicle A sends the verification request information to the RSU again.
3. The vehicle networking location privacy protection method based on pseudonym exchange according to claim 2, wherein the step (3) is specifically:
(3-1) the calling vehicle A sends false overtaking request information to the called vehicle B
Figure FDA0003589547760000031
Wherein the content of the first and second substances,
Figure FDA0003589547760000032
the presentation information is encrypted using the public key of the called vehicle B, StA(t3) Indicating that the calling vehicle A is at t3The state of the time-of-day,
Figure FDA0003589547760000033
PkAa public key representing the calling vehicle a; certAAs the authentication information of the calling vehicle a,
Figure FDA0003589547760000034
t3indicating transmission information M3Time of (S)3Information M representing calling vehicle A pair3The digital signature of (a) is stored,
Figure FDA0003589547760000035
(3-2) the called vehicle B receives the information M3And then, the called vehicle B checks the state of the calling vehicle A: if it is not
Figure FDA0003589547760000036
Then first rejection information is sent to the calling vehicle a
Figure FDA0003589547760000037
Wherein, REJ is 0, which indicates that the called vehicle B refuses the pseudonymous exchange; t is t4Indicating transmission information M4Time of (S)4Information M representing called vehicle B pair4The digital signature of (a) is stored,
Figure FDA0003589547760000038
Figure FDA0003589547760000039
the representation information is encrypted by using a private key of a called vehicle B;
if it is not
Figure FDA00035895477600000310
Then Cert will beASaving to local and sending the first confirmation information to the calling vehicle A
Figure FDA00035895477600000311
Wherein, ACK is 1, which means that the called vehicle B agrees to continue the pseudonymous exchange; certBAs the authentication information of the called vehicle B,
Figure FDA00035895477600000312
tstand tspRespectively representing the start time and end time, t, of the pseudonym exchangestSelected by the called vehicle B, tsp=tst+Tthr;t5Indicating transmission information M5Time of (S)5Information M representing called vehicle B pair5The digital signature of (a) is stored,
Figure FDA00035895477600000313
(3-3) if the calling vehicle A receives the first rejection information M4Re-executing the step (1) to find a new target vehicle;
if the calling vehicle A receives the first confirmation information M5The calling vehicle A sends second confirmation information to the called vehicle B
Figure FDA00035895477600000314
Reach the exchange agreement of the pseudonym; ACK is 1, indicating that the calling vehicle A agrees to continue the pseudonymization exchange, t6Indicating transmission information M6Time of (S)6Information M representing calling vehicle A pair6The digital signature of (a) is stored,
Figure FDA00035895477600000315
4. the vehicle networking location privacy protection method based on pseudonym exchange according to claim 3, wherein the step (4) is specifically:
(4-1) the calling vehicle A and the called vehicle B agree to continue the pseudonymous exchange, namely after reaching the pseudonymous exchange agreement, the calling vehicle A sends first provision information to the CA
Figure FDA0003589547760000041
The called vehicle B sends second backup information to the CA
Figure FDA0003589547760000042
Wherein the content of the first and second substances,
Figure FDA0003589547760000043
presentation information encrypted using CA public key, t7And t8Respectively representing transmitted information M7And M8The time of (d); s7Information M representing calling vehicle A pair7The digital signature of (a) is stored,
Figure FDA0003589547760000044
S8information M representing called vehicle B pair8The digital signature of (a) is stored,
Figure FDA0003589547760000045
(4-2) CA receives message M7And M8After, according to PesuA、PesuBAnd a digital signature S7、S8The CA authenticates the identity of the calling vehicle A and the called vehicle B and compares t in the two messagesst、tspWhether the two are equal or not ensures that the calling vehicle A and the called vehicle B finish the pseudonymous name exchange negotiation and reach the same; identity authentication passAnd t corresponding to two pieces of informationst、tspIf the verification result is equal to the verification result, the verification is passed, otherwise, the verification is not passed;
if the verification is passed, the CA sends third confirmation information to the calling vehicle A
Figure FDA0003589547760000046
Sending fourth confirmation information to the called vehicle B
Figure FDA0003589547760000047
Wherein, t9And t10Respectively represent the transmission information M9And M10The time of (d); s9Indicates CA pair information M9The digital signature of (2) is obtained,
Figure FDA0003589547760000048
S10represents CA pair information M10The digital signature of (a) is stored,
Figure FDA0003589547760000049
Figure FDA00035895477600000410
the presentation information is encrypted using a CA private key; meanwhile, a local database is updated, the corresponding relation between the vehicle and the pseudonym is modified, and non-repudiation is guaranteed;
if the verification is not passed, the CA sends a second rejection message to the calling vehicle A
Figure FDA00035895477600000411
Sending third refusing information to the called vehicle B
Figure FDA00035895477600000412
Wherein, t11And t12Respectively representing transmitted information M11And M12The time of (d); s11Indicates CA pair information M11The digital signature of (a) is stored,
Figure FDA00035895477600000413
S12indicates CA pair information M12The digital signature of (a) is stored,
Figure FDA00035895477600000414
(4-3) if the calling vehicle A receives the message M9If yes, the calling vehicle A sends a third report message to the RSU
Figure FDA00035895477600000415
Wherein, t13Indicating transmission information M13Time of (S)13Information M representing calling vehicle A pair13The digital signature of (2) is obtained,
Figure FDA0003589547760000051
if the calling vehicle A receives the information M11If yes, the pseudonym exchange is ended, and a new pseudonym exchange process is executed from the step (1);
if the called vehicle B receives M10If yes, the called vehicle B sends fourth backup information to the RSU
Figure FDA0003589547760000052
Wherein, t14Indicating transmission information M14Time of (S)14Information M representing called vehicle B pair14The digital signature of (a) is stored,
Figure FDA0003589547760000053
if the called vehicle B receives the information M12Ending the pseudonym exchange, and starting to execute a new pseudonym exchange process from the step (1);
(4-4) RSU reception information M13And M14The RSU then authenticates the information: according to PesuADigital signature S13Authenticating the identity of the calling vehicle A according to PesuBDigital signature S14The identity authentication is carried out on the called vehicle B, and the calling vehicle A and the called vehicle B are ensured to complete the pseudonymous name exchange negotiation and reach the agreement; if the authentication is passed, updating the local database, and modifying the pseudonym and certificate pairThe corresponding relation; if the authentication is not passed, the information M is discarded13、M14
CN202110110481.1A 2021-01-27 2021-01-27 Vehicle networking location privacy protection method based on pseudonymous exchange Active CN112954671B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110110481.1A CN112954671B (en) 2021-01-27 2021-01-27 Vehicle networking location privacy protection method based on pseudonymous exchange

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110110481.1A CN112954671B (en) 2021-01-27 2021-01-27 Vehicle networking location privacy protection method based on pseudonymous exchange

Publications (2)

Publication Number Publication Date
CN112954671A CN112954671A (en) 2021-06-11
CN112954671B true CN112954671B (en) 2022-05-31

Family

ID=76237748

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110110481.1A Active CN112954671B (en) 2021-01-27 2021-01-27 Vehicle networking location privacy protection method based on pseudonymous exchange

Country Status (1)

Country Link
CN (1) CN112954671B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109561383A (en) * 2018-12-17 2019-04-02 昆明理工大学 A kind of location privacy protection method based on dynamic assumed name exchange area
CN110430567A (en) * 2019-07-31 2019-11-08 福建师范大学 A kind of car networking assumed name replacing options based on game theory analysis

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20200091689A (en) * 2019-01-23 2020-07-31 한국전자통신연구원 Security management system for vehicle communication and operating method thereof, messege processing method of vehicle communication service providing system having the same

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109561383A (en) * 2018-12-17 2019-04-02 昆明理工大学 A kind of location privacy protection method based on dynamic assumed name exchange area
CN110430567A (en) * 2019-07-31 2019-11-08 福建师范大学 A kind of car networking assumed name replacing options based on game theory analysis

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Alloyed Pseudonym Change Strategy for Location Privacy in VANETs;Leila Benarous 等;《2020 IEEE 17th Annual Consumer Communications & Networking Conference (CCNC)》;20200326;全文 *
车联网隐私保护认证及协同驾驶安全技术研究;张辉;《中国优秀硕士学位论文全文数据库 (工程科技Ⅱ辑)》;20200215;全文 *

Also Published As

Publication number Publication date
CN112954671A (en) 2021-06-11

Similar Documents

Publication Publication Date Title
Yang et al. Blockchain-based traffic event validation and trust verification for VANETs
Kaur et al. Security issues in vehicular ad-hoc network (VANET)
CN108848062B (en) Block chain-based controllable anonymous data security sharing method in vehicle-mounted network
Lin et al. TSVC: Timed efficient and secure vehicular communications with privacy preserving
Zhou et al. Efficient certificateless conditional privacy-preserving authentication for VANETs
Olariu et al. The next paradigm shift: from vehicular networks to vehicular clouds
CN112165711B (en) Vehicle-mounted ad hoc network group key negotiation method based on block chain
CN109362062A (en) VANETs anonymous authentication system and method based on ID-based group ranking
Molina-Gil et al. Aggregation and probabilistic verification for data authentication in VANETs
Baee et al. A model to evaluate reliability of authentication protocols in C-ITS safety-critical applications
CN108712432B (en) Agent-based location privacy protection method for vehicle-mounted social network
Aboobaker Performance analysis of authentication protocols in vehicular ad hoc networks (VANET)
CN112954671B (en) Vehicle networking location privacy protection method based on pseudonymous exchange
Khacheba et al. CLPS: context-based location privacy scheme for VANETs
Funderburg et al. Efficient short group signatures for conditional privacy in vehicular ad hoc networks via ID caching and timed revocation
Chaurasia et al. Attacks on Anonymity in VANET
Qin et al. ECAS: An efficient and conditional privacy preserving collision warning system in fog-based vehicular ad hoc networks
EP3937524A1 (en) Transmitting method in an intelligent transport system
Hussain et al. AntiSybil: Standing against Sybil attacks in privacy-preserved VANET
CN109788456B (en) Group-based lightweight low-overhead secure communication method in Internet of vehicles environment
Bermad et al. Reputation based intelligent control protocol
Li et al. Broadcast and Silence Period (BSP): A Pseudonym Change Strategy
Alam et al. Blockchain Based Intelligent Incentive Enabled Information Sharing Scheme in Future Generation IoV Networks
Nabwene Review on Intelligent Internal Attacks Detection in VANET
Tomandl et al. PADAVAN: privacy-aware data accumulation for vehicular ad-hoc networks

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant