CN114462061A - System and method based on privacy protection double-authentication of Internet of vehicles - Google Patents

System and method based on privacy protection double-authentication of Internet of vehicles Download PDF

Info

Publication number
CN114462061A
CN114462061A CN202210088621.4A CN202210088621A CN114462061A CN 114462061 A CN114462061 A CN 114462061A CN 202210088621 A CN202210088621 A CN 202210088621A CN 114462061 A CN114462061 A CN 114462061A
Authority
CN
China
Prior art keywords
vehicle
cluster
vehicles
cluster head
trusted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210088621.4A
Other languages
Chinese (zh)
Other versions
CN114462061B (en
Inventor
朱博尧
翟亦文
胡国雄
李玉梅
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hubei University of Technology
Original Assignee
Hubei University of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hubei University of Technology filed Critical Hubei University of Technology
Priority to CN202210088621.4A priority Critical patent/CN114462061B/en
Publication of CN114462061A publication Critical patent/CN114462061A/en
Application granted granted Critical
Publication of CN114462061B publication Critical patent/CN114462061B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Databases & Information Systems (AREA)
  • Computing Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Traffic Control Systems (AREA)

Abstract

The invention discloses a system and a method for privacy protection double-authentication based on internet of vehicles, wherein the system comprises a trusted center TA, roadside units RSU, vehicles and a trusted module TPM; suppose that n vehicles exist at a certain position in the system, and the vehicles form a small-range sensing network, namely a cluster, and the sensed road conditions in the cluster are collected through a cluster head and sent to other nearby vehicles. The RSU communicates bi-directionally with the vehicles for selecting the vehicle to become a cluster head or reporting a variant vehicle. TA embeds the system main private key and the required public parameters into the TPM of each vehicle, and then each time the vehicle signs for sending information, the TPM is required to generate a signature key and a corresponding pseudonym for the vehicle. The TPM of the malicious vehicle is locked by the TA at the time of revocation. The invention ensures that the Internet of vehicles system can well resist counterfeiting attack, replay attack, Sybil attack and the like, also provides privacy protection aiming at vehicle paths, and has high practicability.

Description

System and method based on privacy protection double-authentication of Internet of vehicles
Technical Field
The invention belongs to the technical field of Internet of things (Internet of things) and the technical field of V2X communication privacy protection authentication, and relates to a system and a method for resisting the counterfeiting and information modification of a malicious adversary and providing privacy protection in the Internet of vehicles; in particular to a system and a method for sending false information aiming at a malicious adversary to disturb normal traffic order, improve the fault tolerance rate of the system and timely detect malicious vehicles and cancel the vehicles.
Background
The Internet of vehicles is an important component of an Intelligent Transportation System (ITS), and each vehicle is provided with a vehicle-mounted system to realize interconnection and intercommunication among entities of the network through a dedicated short-range communication protocol (DSRC). To implement various personalized services, vehicles need to utilize information sent to each other inside the network. However, the information receiver cannot directly determine that the sender is a legal vehicle and whether the sent information is real; in addition, when vehicles interact, an adversary may draw the path of a vehicle by collecting information sent by the vehicle over time. Therefore, how to solve the above problems, namely message authentication and privacy protection in the car networking, is an important issue.
In the existing communication authentication scheme of the internet of vehicles, the communication authentication scheme can be roughly divided into three categories, namely: cryptography-based, reputation system-based, and hardware-based.
At present, most of the cryptology-based authentication schemes in the internet of vehicles use a public key cryptography foundation (PKI), a public key certificate is issued to a vehicle through a certificate issuing authority (CA), a signer signs information with a private key during registration, and a verifier verifies the signature through the public key certificate of the signer. In such schemes, the CA needs to maintain public key certificates for all vehicles, which presents a significant challenge to the CA's storage capacity. In addition, if the certificate is updated, the CA also considers how to efficiently revoke the old public key certificate, which also puts a burden on the huge car networking system.
On the other hand, there are few studies on the existing authentication of message contents, and researchers basically estimate the credibility of the message indirectly by calculating the credit score of the vehicle. In the scheme, experience feelings of each interaction are scored through direct or indirect interaction between the vehicles to serve as reputation scores of vehicles of the opposite side, and the scores are finally sent to the trusted third party, so that the trusted third party updates the reputation scores for the vehicles. However, in this communication mode, one vehicle needs to interact with the trusted third party twice in each communication, which directly causes overload of the network, and in case of packet loss, the vehicle needs to request the trusted third party again, which is not acceptable for the vehicle networking with high real-time requirement.
Hardware-based authentication schemes such as Trusted Platform Modules (TPMs) mainly protect the security of the smart terminal (e.g., sensing devices) and prevent the smart terminal from being controlled by malicious adversaries. However, the current car networking system is not a single node, and the protection of hardware is far from enough.
Disclosure of Invention
In order to solve the technical problem, the invention provides a system and a method based on privacy protection double authentication of the Internet of vehicles by means of functions provided by hardware.
The technical scheme adopted by the system of the invention is as follows: a system based on privacy protection double certification of Internet of vehicles comprises a trusted center TA, roadside units RSU, a Vehicle and a trusted module TPM; all vehicles in the system are registered in a trusted center TA, the trusted center TA embeds a system main private key x and required public parameters into a trusted module TPM of each vehicle, and a signature key and a corresponding pseudonym are generated for each signature of the vehicle by the trusted module TPM; a plurality of vehicles can form a small cluster within a certain range, and each cluster is internally provided with a vehicle designated by a roadside unit RSU as a cluster head of the cluster; when a vehicle enters the range of a certain road side unit RSU, the vehicle firstly inquires whether a cluster conforming to the characteristics of the vehicle exists in the range, if so, the vehicle sends a cluster entering request to a cluster head of the conforming cluster, and the cluster entering can be carried out after the cluster head is checked; if not, applying to the roadside unit RSU to become a cluster head in the range; sending road condition information to a cluster head by a common vehicle in one cluster, and broadcasting the road condition in the range after the cluster head is unified; if the cluster head finds that vehicles in the cluster report unrealistic, all information in the cluster is sent to a roadside unit RSU, the roadside unit RSU judges whether the unrealistic information is malicious or not, the malicious vehicle information is sent to a trusted center TA, and the trusted center TA locks a trusted module TPM of the malicious vehicle.
The method adopts the technical scheme that: a privacy protection double-authentication method based on Internet of vehicles comprises the following steps:
step 1: generating system parameters and a key pair;
step 1.1: the trusted center TA selects a security parameter K, an additive group
Figure BDA0003488178610000021
And multiplicative group
Figure BDA0003488178610000022
Step 1.2: trusted center TA selects system master private key
Figure BDA0003488178610000023
Computing system public key Ppubx.P, wherein P is a group
Figure BDA0003488178610000024
A generator of (2); wherein,
Figure BDA0003488178610000025
step 1.3: the trusted center selects four hash functions as follows:
Figure BDA0003488178610000026
H2:{0,1}*→{0,1}n
Figure BDA0003488178610000027
n represents a bit string of n bits length;
step 1.4: the trusted center TA publishes public parameters including
Figure BDA0003488178610000028
Step 2: entity registration;
all vehicles in the system are registered in a trusted center TA, the trusted center TA embeds a system main private key x and required public parameters into a trusted module TPM of each vehicle, and a signature key and a corresponding pseudonym are generated for each signature of the vehicle by the trusted module TPM;
and step 3: the vehicle is applied for entering into a cluster or becoming a cluster head;
a plurality of vehicles can form a small cluster within a certain range, and each cluster is internally provided with a vehicle designated by a roadside unit RSU as a cluster head of the cluster;
and 4, step 4: message interaction in the cluster;
when a vehicle enters the range of a certain road side unit RSU, the vehicle firstly inquires whether a cluster conforming to the characteristics of the vehicle exists in the range, if so, the vehicle sends a cluster entering request to a cluster head of the conforming cluster, and the cluster entering can be carried out after the cluster head is checked; if not, applying to the roadside unit RSU to become a cluster head in the range;
and 5: and reporting and canceling the malicious vehicles.
Sending road condition information to a cluster head by a common vehicle in one cluster, and broadcasting the road condition in the range after the cluster head is unified; if the cluster head finds that vehicles in the cluster report unrealistic, all information in the cluster is sent to a roadside unit RSU, the roadside unit RSU judges whether the unrealistic information is malicious or not, the malicious vehicle information is sent to a trusted center TA, and the trusted center TA locks a trusted module TPM of the malicious vehicle.
Compared with the prior art, the invention has the following advantages and beneficial effects:
the invention ensures that the Internet of vehicles system can well resist counterfeiting attack, replay attack, Sybil attack and the like, also provides privacy protection aiming at vehicle paths, and has high practicability. Each time before the vehicle sends a message, it requests the internal trusted module TPM for a pseudonym and a signing key, with the aim of achieving unlinkability. When information interaction is carried out in a cluster, a cluster head firstly carries out identity verification when receiving road condition information sent by a sender, and verifies whether the sender has a legal identity and whether the sent information is falsified or not through a verification signature; secondly, the cluster head carries out information content verification, when the range is proper, the perception of road conditions in the cluster is basically the same, and the cluster head judges the information, so that the accuracy of the information is ensured, the interaction times of the vehicle and a trusted third party TA are reduced, and the communication efficiency is improved; in addition, the trusted module TPM queries the public revocation list to ensure timely revocation of malicious vehicles, and since the query of the revocation list and generation of pseudonyms and signature keys are distributed, time delay is not caused. In conclusion, the invention has good practicability.
Drawings
FIG. 1: the system architecture diagram of the embodiment of the invention;
FIG. 2: a method flow diagram of an embodiment of the invention;
FIG. 3: the invention discloses a flow chart of a cluster head selection algorithm.
Detailed Description
In order to facilitate the understanding and implementation of the present invention for those of ordinary skill in the art, the present invention is further described in detail with reference to the accompanying drawings and examples, it is to be understood that the embodiments described herein are merely illustrative and explanatory of the present invention and are not restrictive thereof.
Please refer to fig. 1, the present invention provides a system for privacy protection dual authentication based on car networking, which is characterized in that: the system comprises a Trust center (Trust Authentication, TA for short), a roadside Unit (Road Side Unit, RSU for short) and a Trust Module (TPM for short);
assuming that all vehicles in the system are registered in the TA in a offline manner, the TA embeds a system master private key, required public parameters and necessary program codes into the TPM of each vehicle, and then the TPM generates a signature key and a corresponding pseudonym for each signature of each vehicle. Assuming that several vehicles can form a small cluster within a certain range, there will be one vehicle designated by the RSU in each cluster as the cluster head of the cluster. When a vehicle enters a certain RSU range, the vehicle firstly inquires whether a cluster conforming to the characteristics of the vehicle exists in the range, if so, the vehicle sends a cluster entering request to a cluster head of the conforming cluster, and the cluster entering can be carried out after the cluster head is checked; if not, applying for a cluster head in the range from the RSU. And sending the road condition information to the cluster heads by the common vehicles in one cluster, and broadcasting the road condition in the range after the cluster heads are unified. If the cluster head finds that the vehicles in the cluster report unrealistic, all information in the cluster is sent to the RSU, the RSU judges whether the unrealistic information is malicious or not, the malicious vehicle information is sent to the TA, and the TA locks the TPM of the malicious vehicle.
Referring to fig. 2, the present invention provides a method for privacy protection dual authentication based on car networking, comprising the following steps:
the generation of the system parameters and the authentication key involves step 1 in fig. 2.
Step 1: generating system parameters and a key pair;
step 1.1: the trusted center TA selects a security parameter K, an additive group
Figure BDA0003488178610000041
And multiplicative group
Figure BDA0003488178610000042
Step 1.2: trusted center TA selects system master private key
Figure BDA0003488178610000043
Computing system public key Ppubx.P, wherein P is a group
Figure BDA0003488178610000044
A generator of (2); wherein,
Figure BDA0003488178610000045
step 1.3: the trusted center selects four hash functions as follows:
Figure BDA0003488178610000046
H2:{0,1}*→{0,1}n
Figure BDA0003488178610000047
n represents a bit string of n bits length;
step 1.4: the trusted center TA publishes public parameters including
Figure BDA0003488178610000048
Entity registration involves step 2 in fig. 2.
Step 2: entity registration;
step 2.1: the credible center sends the main private key x of the system and the vehicle ViOf
Figure BDA0003488178610000051
And vehicle attributes Propi(government vehicles, buses, official vehicles or private vehicles for selection of subsequent vehicle heads) is embedded into the trusted module TPM;
step 2.2: the roadside unit RSU provides the trusted authority TA with an identity IDRAnd the trusted center returns the public and private key pair to the roadside unit: pkR=H1(IDR),skR=x·pkrThe registration phase is sent over a secure channel.
The application of a vehicle to a cluster or to a cluster head involves step 3 in fig. 2.
And step 3: the vehicle applies for entering a cluster or becoming a cluster head;
step 3.1: vehicle ViAfter entering a certain range, searching whether a cluster is in accordance with the search range;
step 3.2: if not, the vehicle ViTransmitting request information including vehicle V to roadside units RSUiCurrent state Mi,1(vehicle speed, position, direction, destination) and signature sig on the statusi,1The signature algorithm uses a BLS short signature; the RSU executes a cluster head selection algorithm after receiving the information;
the specific flow of the cluster head selection algorithm is shown in fig. 3, and the specific implementation comprises the following sub-steps:
step 3.3.1: the RSU obtains the attributes of the requesting vehicle and various driving parameters (speed, position, direction, destination) of the vehicle;
step 3.3.2: RSU calculates cluster head factor for vehicle
Figure BDA0003488178610000052
Wherein e and f are weight parameters, e + f is 1,Siindicating the distance traveled by the vehicle on the current road, niIndicating the number of other vehicles in the vicinity of the vehicle;
step 3.3.3: adding the cluster head factor and the attribute value of the vehicle to calculate a final fitting factor, and judging whether to agree with the application of the vehicle;
if yes, sending a cluster entering application to the cluster head, including the vehicle ViCurrent state Mi,1(vehicle speed, position, direction, destination) and signature sig on the statusi,1
The intra-cluster messaging interaction involves step 4 in fig. 2.
And 4, step 4: message interaction in the cluster;
step 4.1: the vehicles in the cluster sense the road condition information and sign the informationi,2Sending the data to a cluster head;
step 4.2: after the cluster head receives the information sent by other vehicles in the cluster, signature verification is executed, and in order to improve efficiency, batch verification is adopted to perform the following calculation:
Figure BDA0003488178610000061
wherein e denotes a bidirectional pairing, P denotes a base point of the elliptic cryptograph, sigi,2Indicating vehicle ViThe signature of the message is transmitted to the server,
Figure BDA0003488178610000062
ri,2,hi,2respectively represent vehicles ViPrivate signature key, random number, hash function value, PpubA master public key representing the system;
step 4.3: if the verification is passed, the cluster head executes the verification of the message content, judges the currently received message according to the Byzantine fault tolerance idea, and synthesizes the broadcast message.
The intra-cluster messaging interaction involves step 5 in fig. 3.
And 5: reporting and canceling the malicious vehicles;
step 5.1: if the cluster head finds that the vehicle report is not real, all information in the cluster is sent to a roadside unit RSU;
step 5.2: the roadside unit RSU calculates the cosine similarity of the information, judges whether the vehicle is mutated or not by comparing the cosine similarity with the similarity of the vehicle head, and sends the information of the unrealized vehicle to the trusted center TA if the vehicle is mutated;
step 5.3: the TA calculates the vehicle ID through the pseudonym and publishes the vehicle ID on a public revocation list;
step 5.4: after the trusted module TPM on the variant vehicle queries that the vehicle ID is on the revocation list, it will not generate a pseudonym and a signature key for the vehicle.
The invention realizes a privacy protection double-authentication scheme based on the Internet of vehicles and the BLS signature authentication technology, and the scheme not only realizes the protection of the vehicle path privacy, but also realizes the double authentication of the message, and improves the authenticity and the usability of the message.
It should be understood that the above description of the preferred embodiments is given for clarity and not for any purpose of limitation, and that various changes, substitutions and alterations can be made herein without departing from the spirit and scope of the invention as defined by the appended claims.

Claims (7)

1. The utility model provides a system based on two authentications of car networking privacy protection which characterized in that: the system comprises a trusted center TA, a roadside unit RSU, a Vehicle and a trusted module TPM; all vehicles in the system are registered in a trusted center TA, the trusted center TA embeds a system main private key x and required public parameters into a trusted module TPM of each vehicle, and a signature key and a corresponding pseudonym are generated for each signature of the vehicle by the trusted module TPM; a plurality of vehicles can form a small cluster within a certain range, and each cluster is internally provided with a vehicle designated by a roadside unit RSU as a cluster head of the cluster; when a vehicle enters the range of a certain road side unit RSU, the vehicle firstly inquires whether a cluster conforming to the characteristics of the vehicle exists in the range, if so, the vehicle sends a cluster entering request to a cluster head of the conforming cluster, and the cluster entering can be carried out after the cluster head is checked; if not, applying to the roadside unit RSU to become a cluster head in the range; sending road condition information to a cluster head by a common vehicle in one cluster, and broadcasting the road condition in the range after the cluster head is unified; if the cluster head finds that vehicles in the cluster report unrealistic, all information in the cluster is sent to a roadside unit RSU, the roadside unit RSU judges whether the unrealistic information is malicious or not, the malicious vehicle information is sent to a trusted center TA, and the trusted center TA locks a trusted module TPM of the malicious vehicle.
2. A privacy protection double-authentication method based on Internet of vehicles is characterized by comprising the following steps:
step 1: generating system parameters and a key pair;
step 1.1: the trusted center TA selects a security parameter K, an additive group
Figure FDA0003488178600000011
And multiplicative group
Figure FDA0003488178600000012
Step 1.2: trusted center TA selects system master private key
Figure FDA0003488178600000013
Computing system public key Ppubx.P, wherein P is a group
Figure FDA0003488178600000014
The generator of (2); wherein,
Figure FDA0003488178600000015
step 1.3: the trusted center selects four hash functions as follows:
Figure FDA0003488178600000016
H2:{0,1}*→{0,1}n
Figure FDA0003488178600000017
n represents a bit string of n bits length;
step 1.4: the trusted center TA publishes the public parameter includes
Figure FDA0003488178600000018
P,Ppub,H1,H2,H3,H4};
Step 2: entity registration;
all vehicles in the system are registered in a trusted center TA, the trusted center TA embeds a system main private key x and required public parameters into a trusted module TPM of each vehicle, and a signature key and a corresponding pseudonym are generated for each signature of the vehicle by the trusted module TPM;
and step 3: the vehicle is applied for entering into a cluster or becoming a cluster head;
a plurality of vehicles can form a small cluster within a certain range, and each cluster is internally provided with a vehicle designated by a roadside unit RSU as a cluster head of the cluster;
and 4, step 4: message interaction in the cluster;
when a vehicle enters the range of a certain road side unit RSU, the vehicle firstly inquires whether a cluster conforming to the characteristics of the vehicle exists in the range, if so, the vehicle sends a cluster entering request to a cluster head of the conforming cluster, and the cluster entering can be carried out after the cluster head is checked; if not, applying to the roadside unit RSU to become a cluster head in the range;
and 5: and reporting and canceling the malicious vehicles.
Sending road condition information to a cluster head by a common vehicle in one cluster, and broadcasting the road condition in the range after the cluster head is unified; if the cluster head finds that vehicles in the cluster report unrealistic, all information in the cluster is sent to a roadside unit RSU, the roadside unit RSU judges whether the unrealistic information is malicious or not, the malicious vehicle information is sent to a trusted center TA, and the trusted center TA locks a trusted module TPM of the malicious vehicle.
3. The method for privacy protection double authentication based on the internet of vehicles according to claim 2, wherein the step 2 is implemented by the following substeps:
step 2.1: the trusted center TA sends the system master private key x and the vehicle ViOf
Figure FDA0003488178600000021
And vehicle attributes PropiEmbedded in a trusted module TPM;
step 2.2: the roadside unit RSU provides the trusted authority TA with an identity IDRAnd the trusted center TA returns the public and private key pair to the roadside unit RSU: pkR=H1(IDR),skR=x·pkrThe registration phase is sent over a secure channel.
4. The method for privacy protection double authentication based on the internet of vehicles according to claim 3, wherein the step 3 is implemented by the following substeps:
step 3.1: vehicle ViAfter entering a certain range, searching whether a cluster is in accordance with the search range;
step 3.2: if not, the vehicle ViTransmitting request information including vehicle V to roadside units RSUiCurrent state Mi,1And signature sig on the Statei,1After receiving the information, the roadside unit RSU executes a cluster head selection algorithm; the states comprise vehicle speed, position, direction and destination'
If yes, sending a cluster entering application to the cluster head, including the vehicle ViCurrent state Mi,1And signature sig on the Statei,1
5. The method for privacy protection and double authentication based on internet of vehicles according to claim 4, wherein the cluster head selection algorithm in step 3.3 is implemented by the following substeps:
step 3.3.1: the RSU obtains the attribute of the vehicle and the state of the vehicle;
and 3. step 3.3.2: RSU calculates cluster head factor for vehicle
Figure FDA0003488178600000031
Wherein e and f are weight parameters, e + f is 1, SiIndicating the distance traveled by the vehicle on the current road, niIndicating the number of other vehicles in the vicinity of the vehicle;
step 3.3.3: and adding the cluster head factor and the attribute value of the vehicle to calculate the final fitting factor and judging whether to agree with the application of the vehicle.
6. The method for privacy protection double authentication based on the internet of vehicles according to claim 4, wherein the step 4 is implemented by the following substeps:
step 4.1: the vehicles in the cluster sense the road condition information and sign the informationi,2Sending the data to a cluster head;
step 4.2: after receiving the information sent by other vehicles in the cluster by using the cluster head, executing signature verification, and performing the following calculation by adopting batch verification:
Figure FDA0003488178600000032
wherein e denotes a bidirectional pairing, P denotes a base point of the elliptic cryptograph, sigi,2Indicating vehicle ViThe signature of the message is transmitted to the server,
Figure FDA0003488178600000033
ri,2,hi,2respectively represent vehicles ViPrivate signature key, random number, hash function value, PpubA master public key representing the system;
step 4.3: if the verification is passed, the cluster head executes the verification of the message content, judges the currently received message according to the Byzantine fault tolerance idea, and synthesizes the broadcast message.
7. The method for privacy protection double authentication based on the internet of vehicles according to any one of claims 1 to 6, wherein the specific implementation of the step 5 comprises the following sub-steps:
step 5.1: if the cluster head finds that the vehicle report is not real, all information in the cluster is sent to a roadside unit RSU;
step 5.2: the roadside unit RSU calculates the cosine similarity of the information, judges whether the vehicle is mutated or not by comparing the cosine similarity with the similarity of the vehicle head, and sends the information of the unrealized vehicle to the trusted center TA if the vehicle is mutated;
step 5.3: the trusted center TA calculates the vehicle ID through the pseudonym and publishes the vehicle ID on a public revocation list;
step 5.4: after the trusted module TPM on the variant vehicle queries that the vehicle ID is on the revocation list, it will not generate a pseudonym and a signature key for the vehicle.
CN202210088621.4A 2022-01-25 2022-01-25 System and method for protecting double authentications based on privacy of Internet of vehicles Active CN114462061B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210088621.4A CN114462061B (en) 2022-01-25 2022-01-25 System and method for protecting double authentications based on privacy of Internet of vehicles

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210088621.4A CN114462061B (en) 2022-01-25 2022-01-25 System and method for protecting double authentications based on privacy of Internet of vehicles

Publications (2)

Publication Number Publication Date
CN114462061A true CN114462061A (en) 2022-05-10
CN114462061B CN114462061B (en) 2024-07-02

Family

ID=81411215

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210088621.4A Active CN114462061B (en) 2022-01-25 2022-01-25 System and method for protecting double authentications based on privacy of Internet of vehicles

Country Status (1)

Country Link
CN (1) CN114462061B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116994423A (en) * 2023-07-19 2023-11-03 暨南大学 Lightweight, privacy-protected lead vehicle selection system and method in vehicle formation

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190327588A1 (en) * 2018-04-20 2019-10-24 Boe Technology Group Co., Ltd. Content delivery method and content update method for internet of vehicles
CN113609523A (en) * 2021-07-29 2021-11-05 南京邮电大学 Vehicle networking private data protection method based on block chain and differential privacy
WO2021237996A1 (en) * 2020-05-26 2021-12-02 多伦科技股份有限公司 Fuzzy c-means-based adaptive energy consumption optimization vehicle clustering method
CN113891318A (en) * 2021-10-07 2022-01-04 桂林理工大学 Malicious node detection method based on unmanned aerial vehicle assistance in vehicle-mounted network

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190327588A1 (en) * 2018-04-20 2019-10-24 Boe Technology Group Co., Ltd. Content delivery method and content update method for internet of vehicles
WO2021237996A1 (en) * 2020-05-26 2021-12-02 多伦科技股份有限公司 Fuzzy c-means-based adaptive energy consumption optimization vehicle clustering method
CN113609523A (en) * 2021-07-29 2021-11-05 南京邮电大学 Vehicle networking private data protection method based on block chain and differential privacy
CN113891318A (en) * 2021-10-07 2022-01-04 桂林理工大学 Malicious node detection method based on unmanned aerial vehicle assistance in vehicle-mounted network

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
王青龙;乔瑞;段宗涛;: "针对车联网认证方案CPAV和ABV的安全分析", 计算机科学, no. 04, 15 April 2019 (2019-04-15) *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116994423A (en) * 2023-07-19 2023-11-03 暨南大学 Lightweight, privacy-protected lead vehicle selection system and method in vehicle formation
CN116994423B (en) * 2023-07-19 2024-04-16 暨南大学 Lightweight, privacy-protected lead vehicle selection system and method in vehicle formation

Also Published As

Publication number Publication date
CN114462061B (en) 2024-07-02

Similar Documents

Publication Publication Date Title
Zhong et al. Conditional privacy-preserving authentication using registration list in vehicular ad hoc networks
Zhou et al. Efficient certificateless conditional privacy-preserving authentication for VANETs
Chim et al. SPECS: Secure and privacy enhancing communications schemes for VANETs
CN107947932B (en) Vehicle ad hoc network authentication method based on non-bilinear mapping certificateless signature
CN114584976B (en) Internet of vehicles identity authentication system and method based on certificate-free aggregation signature
CN104853351A (en) Internet of Vehicles distributed authentication method based on controllable privacy
CN105763558A (en) Distributed aggregation authentication method having privacy protection function for vehicle-mounted self-organizing network
CN109362062B (en) ID-based group signature-based VANETs anonymous authentication system and method
CN110071797B (en) Method for changing privacy protection authentication of internet of vehicles based on pseudonymous names of mixed contexts
Wang et al. A conditional privacy-preserving certificateless aggregate signature scheme in the standard model for VANETs
Bouakkaz et al. A certificateless ring signature scheme with batch verification for applications in VANET
CN109861830B (en) VANET-oriented efficient condition anonymous authentication method
CN106953839A (en) The resistance control system and method for untrusted Resources Spread in car networking
CN112437108A (en) Decentralized identity authentication device and method for privacy protection of Internet of vehicles
CN111885545B (en) Method for tracking selfish node based on V2V cooperative transmission authentication
CN112243234A (en) Identity-based privacy security protection method for Internet of vehicles
Gong et al. PCAS: Cryptanalysis and improvement of pairing-free certificateless aggregate signature scheme with conditional privacy-preserving for VANETs
CN110493748B (en) Fog-based road condition detection and authentication method
CN115442048A (en) VANET-oriented block chain-based anonymous authentication method
CN116321154A (en) Efficient message authentication method based on zero knowledge proof in Internet of vehicles environment
CN114302390B (en) Intra-group authentication key negotiation method in vehicle-mounted ad hoc network
Imghoure et al. ECDSA-based certificateless conditional privacy-preserving authentication scheme in Vehicular Ad Hoc Network
Shen et al. An efficient conditional privacy-preserving authentication scheme with scalable revocation for VANETs
CN114462061A (en) System and method based on privacy protection double-authentication of Internet of vehicles
CN117793670A (en) Internet of vehicles secure communication method under block chain architecture

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant