CN115001722B - Anti-quantum computing Internet of vehicles communication method and system based on CA and national encryption algorithm - Google Patents
Anti-quantum computing Internet of vehicles communication method and system based on CA and national encryption algorithm Download PDFInfo
- Publication number
- CN115001722B CN115001722B CN202110194035.3A CN202110194035A CN115001722B CN 115001722 B CN115001722 B CN 115001722B CN 202110194035 A CN202110194035 A CN 202110194035A CN 115001722 B CN115001722 B CN 115001722B
- Authority
- CN
- China
- Prior art keywords
- vehicle
- key
- unit
- message
- roadside
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000004891 communication Methods 0.000 title claims description 51
- 238000000034 method Methods 0.000 title claims description 20
- 238000012795 verification Methods 0.000 claims description 38
- 230000007246 mechanism Effects 0.000 claims description 12
- 238000004364 calculation method Methods 0.000 abstract description 9
- 230000006855 networking Effects 0.000 abstract description 9
- 241000135164 Timea Species 0.000 description 16
- 101001051777 Homo sapiens Protein kinase C alpha type Proteins 0.000 description 10
- 102100024924 Protein kinase C alpha type Human genes 0.000 description 10
- 235000000421 Lepidium meyenii Nutrition 0.000 description 6
- 235000012902 lepidium meyenii Nutrition 0.000 description 6
- GPUADMRJQVPIAS-QCVDVZFFSA-M cerivastatin sodium Chemical compound [Na+].COCC1=C(C(C)C)N=C(C(C)C)C(\C=C\[C@@H](O)C[C@@H](O)CC([O-])=O)=C1C1=CC=C(F)C=C1 GPUADMRJQVPIAS-QCVDVZFFSA-M 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 230000004807 localization Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 240000000759 Lepidium meyenii Species 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000000737 periodic effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/30—Services specially adapted for particular environments, situations or purposes
- H04W4/40—Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The anti-quantum computing method and the anti-quantum computing system realize anti-quantum computing vehicle networking system based on CA by using SM2, SM3, SM4 and other algorithms in the national cryptographic algorithm. The system does not use a symmetrical key scheme, does not use a pre-issued asymmetric key pool, does not need to deploy an additional key management server based on ID cryptography, does not introduce new uncertainty or increase system complexity, has less key quantity of each member of the Internet of vehicles system, stores the key in a security chip of each member, cannot be stolen, and does not occupy the storage space required by the key pool; the whole flow and the data structure of the traditional CA and the vehicle networking system based on the digital certificate are not changed, the key quantity maintained by the CA is not increased, and the cost for switching the CA and the vehicle networking system to the quantum-resistant calculation scheme is low. The anti-tracking of the user information is realized, the anti-tracking of the user information comprises the fact that the fixed information such as the ID of the OBU and the identity in the digital certificate of the OBU is not disclosed, the information of the vehicle owner cannot be revealed, the anonymous identity is frequently replaced, and the user information is prevented from being tracked.
Description
Technical Field
The invention relates to the field of anti-quantum computing, in particular to an anti-quantum computing Internet of vehicles communication method and system based on CA and a national encryption algorithm.
Background
According to the definition of China's Internet of things network school enterprise alliance, the Internet of vehicles is a huge interaction network composed of information such as vehicle positions, speeds and routes. The vehicle can complete the acquisition of the environment and state information of the vehicle through devices such as GPS, RFID, sensors, camera image processing and the like; all vehicles can transmit and gather various information of the vehicles to a central processing unit through the internet technology; the information of a large number of vehicles can be analyzed and processed through computer technology, so that the optimal routes of different vehicles can be calculated, road conditions can be reported timely, and signal lamp periods can be arranged. The intelligent vehicle-mounted intelligent network system can be regarded as a product of combining the Internet of things, intelligent traffic, vehicle information service, cloud computing and automobile electronic technology, and is well known to people at present, such as unmanned operation, man-machine interaction, intelligent voice recognition and the like, and is a representation of the Internet of vehicles.
Problems of the prior art:
1. In the existing car networking system based on CA, a CA issues a digital certificate for a vehicle, and the vehicle carries the digital certificate to an RSU for identity authentication. But this system is not quantum computing resistant. One way is to secure the internet of vehicles system with a quantum key obtained by QKD or a quantum random number key in a quantum key fob, but the disadvantage is that symmetric key management is complex, the storage amount is large, periodic update is required, and digital signature cannot be performed. The other mode is to issue an asymmetric key pool (patent with application number of 201910034536.8) to each member of the Internet of vehicles system and realize secret communication based on the pre-issued key pool, but the disadvantage is that the key pool issuing process is troublesome, and the key pool occupies a larger storage space and is easy to be stolen by enemies; the whole flow and the data structure of the traditional CA and the vehicle networking system based on the digital certificate are changed, so that the cost for switching the CA and the vehicle networking system to the quantum-resistant calculation scheme is too high
2. In the existing CA-based Internet of vehicles system, if the ID of the OBU is disclosed, the information of the vehicle owner can be leaked, if the ID is recorded at a plurality of positions, the ID tracking can be realized, and the information is seriously leaked in certain application scenes; if the OBU is issued with a key fob with an asymmetric key pool (patent with application number "201910034536.8"), quantum computation can be resisted, but the scheme does not disclose a public key, but discloses a fixed public key pointer random number for indicating the position of the public key in the asymmetric key pool, and the public key pointer random number must be disclosed, thus also causing leakage of user information
3. In the existing quantum-resistant computing communication system based on ID cryptography (patent with application number of 202020815697.9), an additional key management server based on ID cryptography is needed to be deployed, the deployment mode of the traditional CA is changed, and because the ID cryptography involves more complicated bilinear pair operation, new uncertainty is introduced, and the complexity of the system is increased
4. The SM2 algorithm in the existing national cryptographic algorithm cannot resist quantum computation.
Disclosure of Invention
Aiming at the problems in the related art, the invention provides an anti-quantum computing Internet of vehicles communication method and system based on CA and a national encryption algorithm, which are used for overcoming the technical problems existing in the prior art.
For this purpose, the invention adopts the following specific technical scheme:
The quantum-resistant computer Internet of vehicles communication method based on CA and national cryptographic algorithm comprises a third party trust mechanism, a roadside unit and a vehicle-mounted unit, wherein the third party trust mechanism can reveal the true identities of the vehicle-mounted unit and the roadside unit, and the third party trust mechanism and the roadside unit are provided with respective certificate issuing centers, and the quantum-resistant computer Internet of vehicles communication method comprises the following steps:
s1, anonymously communicating a roadside unit with a third party trust authority;
S2, the vehicle-mounted unit anonymously communicates with a third-party trust authority;
s3, the vehicle-mounted unit performs anonymous communication with the roadside unit;
S4, anonymous communication is carried out between the vehicle-mounted unit and other members of the Internet of vehicles;
the anonymous communication between the roadside unit and the third-party trust authority and the anonymous communication between the vehicle-mounted unit and the third-party trust authority comprise the following steps:
s11, a first true random number is sent Fang Shengcheng, a first private key is used for signing a current time stamp and a first communication message to obtain a first signature, a first public key is used for encrypting the first true random number based on an SM2 encryption algorithm to obtain a first ciphertext, the first public key and the current time stamp are used for symmetrically encrypting the first ciphertext based on an SM4 algorithm to obtain a second ciphertext, the first message is sent, and the first message comprises a third ciphertext, a current time stamp and the second ciphertext which are obtained by encrypting first combined information comprising the first communication message and the first signature by using the first true random number;
S12, after the receiving party receives the first message, verifying the current time stamp, and decrypting the second ciphertext by using the second private key and the current time stamp to obtain a first true random number; and decrypting the third ciphertext by using the first true random number to obtain a first communication message and a first signature.
Preferably, the sender is a roadside unit, and when the receiver is a third party trust authority, the first private key is a roadside unit private key, the first public key is a certificate issuing center public key, and the second private key is a certificate issuing authority private key; the first combined information further comprises a digital certificate of a roadside unit; step S12, decrypting the third ciphertext by using the first true random number and obtaining a digital certificate of the sender; step S12 also comprises the step of verifying the validity of the roadside unit digital certificate by a third party trust authority, verifying a first signature by using a public key of the roadside unit in the roadside unit digital certificate after the verification is passed, and confirming the real identity of the roadside unit after the verification is passed; the notification message is an authentication request.
Preferably, the sender is a vehicle-mounted unit, and when the receiver is a third-party trust authority, the first private key is a vehicle-mounted unit private key, the first public key is a certificate issuing center public key, and the second private key is a certificate issuing authority private key; the first combination information further includes a digital certificate of the on-board unit; in step S11, the vehicle-mounted unit sends a first message to the roadside unit, and the roadside unit forwards the first message to a third party trust authority; step S12, decrypting the third ciphertext by using the first true random number and obtaining a digital certificate of the sender; step S12 also comprises the step of verifying the validity of the vehicle-mounted unit digital certificate by a third-party trust authority, and verifying the first signature by using a vehicle-mounted unit public key in the vehicle-mounted unit digital certificate after the verification is passed, and confirming the real identity of the vehicle-mounted unit after the verification is passed; the notification message is an authentication request.
Optionally, when the sender is a third party trust authority and the receiver is a roadside unit, the notification message is a first session key, and the first session key is a first session key between the roadside unit and the third party trust authority; the first session key is a true random number generated by a third party trust authority; the first private key is a private key of a certificate authority, the first public key is a public key of a receiver, and the second private key is a private key of the receiver.
Optionally, when the sender is a third-party trust authority and the receiver is a vehicle-mounted unit, the notification message is a second session key, the second session key is a session key between the vehicle-mounted unit and the roadside unit, and the second session key is a true random number generated by the third-party trust authority; the first private key is a private key of a certificate authority, the first public key is a public key of a receiver, and the second private key is a private key of the receiver.
The anonymous communication between the vehicle-mounted unit and the roadside unit comprises the following steps:
S21, the vehicle-mounted unit encrypts the second session key by using an SM3 cryptographic algorithm to obtain a local pseudonym; encrypting a second notification message by using a second session key to obtain a third ciphertext, forming a fourth ciphertext by using the local pseudonym, the current timestamp and the third ciphertext, and sending out a second message, wherein the second message comprises the fourth ciphertext and a first message authentication code, and the first message authentication code is obtained by calculating the fourth ciphertext by using the second session key;
S22, after receiving the second message, the roadside unit finds a corresponding second session key according to the pseudonym, verifies the fourth ciphertext by using the second session key, and after verification, decrypts the third ciphertext by using the second session key to obtain a second notification message; encrypting a fifth ciphertext obtained by a third known message by using the second session key by using the current time stamp combination, and sending a third message, wherein the third message comprises the current time stamp, the fifth ciphertext and a second message authentication code, and the second message authentication code is obtained by calculating the combination of the session key to the time stamp and the fifth ciphertext;
S23, after receiving the third message, the vehicle-mounted unit verifies the second message authentication code by using the second session key, and after verification, the vehicle-mounted unit decrypts the third message by using the second session key to obtain the third notification message.
The vehicle-mounted unit anonymously communicates with the roadside unit, under the condition that the pseudonym digital certificate of the vehicle-mounted unit is insufficient, the pseudonym digital certificate is simultaneously requested during authentication, the second notification message is a public key set of the vehicle-mounted unit, the third notification message comprises the vehicle-mounted unit digital certificate set generated according to the public key set of the vehicle-mounted unit, the roadside unit digital certificate and a current group key of the roadside unit, the step S22 also comprises the roadside unit verification of the second notification message, new pseudonym and digital certificate are generated after verification is passed, and the digital certificate is signed by using a private key of the roadside unit; the step S23 further includes verifying the digital certificate of the roadside unit by the vehicle-mounted unit, obtaining the public key of the roadside unit after verification, storing the digital certificate of the roadside unit, verifying all the digital certificates by the vehicle-mounted unit by using the public key of the roadside unit, and storing the certificate of the vehicle-mounted unit and the set of the private keys thereof after verification.
Preferably, the on-board unit anonymously communicates with the roadside unit, and under the condition that the pseudonymous digital certificate of the on-board unit is sufficient, the pseudonymous digital certificate is not requested during authentication, the second notification message is an authentication request, and the third notification message is a current group key of the roadside unit.
Anonymous communication between the vehicle-mounted unit and other members of the Internet of vehicles comprises the following steps:
S31, the vehicle-mounted unit randomly takes out a pair of digital certificates of the vehicle-mounted unit and private keys thereof, signs the current time stamp and the anonymous broadcast message by using the private keys of the vehicle-mounted unit to obtain a second signature, encrypts the anonymous broadcast message, the second signature, the digital certificate of the roadside unit and a digital certificate of the vehicle-mounted unit to obtain a sixth ciphertext by using a group key of the roadside unit, and sends out a fourth message, wherein the fourth message comprises the current time stamp and the sixth ciphertext;
S32, after any other member of the Internet of vehicles receives the fourth message, decrypting the fourth message by using the group key of the roadside unit, verifying the digital certificate of the roadside unit after decryption, obtaining the public key of the roadside unit after verification, verifying the digital certificate of the vehicle-mounted unit by using the public key of the roadside unit, obtaining the public key of the vehicle-mounted unit after verification, verifying the second signature by using the public key of the vehicle-mounted unit, and verifying the anonymous broadcast message after verification.
Preferably, the used pseudonymous digital certificate and its private key are used several times, and then discarded or deleted by the on-board unit to prevent identity tracking.
The anti-quantum computing Internet of vehicles communication system based on the CA and the national cryptographic algorithm is used for implementing the anti-quantum computing Internet of vehicles communication method based on the CA and the national cryptographic algorithm, and comprises a third party trust mechanism, a roadside unit and a vehicle-mounted unit, wherein the third party trust mechanism can be used for registering vehicles and roadside infrastructure, generating public parameters and distributing keys, and can reveal the true identities of the vehicle-mounted unit and the roadside unit; the roadside unit is an infrastructure built at the roadside and is used for providing network access service for the vehicle nodes; the vehicle-mounted units are communication units loaded on the vehicle, the vehicle-mounted units and the roadside units are connected by wireless communication, and the third party trust mechanism and the roadside units are connected by wired networks;
The third party trust institution and the roadside units are provided with respective certificate issuing centers, the certificate issuing centers of the third party trust institution issue digital certificates for the roadside units, and the certificate issuing centers of the roadside units issue digital certificates for the vehicle-mounted units; each member has a matched anti-quantum computing key card, and the anti-quantum computing key card has the characteristic of non-dismantling, so that the self-destruction after dismantling can be realized; public and private keys of the certificate issuing center are stored in the certificate issuing center key card; public keys of certificate issuing centers, public and private keys of the key fob and digital certificates of the key fob are stored in key fob of the roadside unit and the vehicle-mounted unit.
The invention has the beneficial effects that:
1. The anti-quantum computing car networking system based on CA is achieved. The system does not use a symmetric key scheme with a plurality of defects, does not use a pre-issued asymmetric key pool, can realize the safe communication of quantum computation resistance only by pre-issuing a small number of keys, and has simple issuing and updating processes; because the key quantity of each member of the Internet of vehicles system is less, the keys are stored in the security chips of each member and cannot be stolen, and the storage space required by a key pool is not occupied; the whole flow and the data structure of the traditional CA and the vehicle networking system based on the digital certificate are not changed, and the key quantity maintained by the CA is not increased, so that the cost for switching the CA and the vehicle networking system to the quantum-resistant calculation scheme is low;
2. The anti-tracking of the user information is realized, the anti-tracking of the user information comprises the steps that the fixed information such as the ID of the OBU and the identity in the digital certificate of the OBU is not disclosed, the information of the vehicle owner is not revealed, the anonymous identity is frequently replaced, and the user information is prevented from being tracked;
3. the patent does not need to deploy an additional key management server based on ID cryptography, does not change the deployment mode of the traditional CA, and does not introduce new uncertainty or increase the complexity of the system;
4. The patent does not use RSA algorithm, but uses SM2, SM3, SM4 and other algorithms in the national cryptographic algorithm to realize quantum resistance calculation, and meets the requirements of the national cryptographic administration.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are needed in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a system block diagram according to an embodiment of the invention;
FIG. 2 is a communication flow diagram in an embodiment of the invention;
Detailed Description
For the purpose of further illustrating the various embodiments, the present invention provides the accompanying drawings, which are a part of the disclosure of the present invention, and which are mainly used to illustrate the embodiments and, together with the description, serve to explain the principles of the embodiments, and with reference to these descriptions, one skilled in the art will recognize other possible implementations and advantages of the present invention, wherein elements are not drawn to scale, and like reference numerals are generally used to designate like elements.
The invention will be further described with reference to the accompanying drawings and detailed description, as shown in fig. 1, according to an embodiment of the invention, there is provided an anti-quantum computer internet of vehicles communication method based on CA and national encryption algorithm. In the patent, the public-private key algorithm is an SM2 algorithm, the hash algorithm is an SM3 algorithm, and the symmetric encryption algorithm is an SM4 algorithm.
In this patent, as shown in fig. 1, the vehicle-mounted ad hoc network (VANET) generally consists of 3 parts, namely a third party Trust Authority (TA), a roadside unit (RSU) and an on-board unit (OBU). Where TA is a well-known third party trust authority for registration of vehicles and roadside infrastructure, generation of public parameters, distribution of keys, etc. Only the TA is able to reveal the true identity of the node. An RSU is an infrastructure built at the roadside for providing network access services to vehicle nodes. OBU is a communication unit onboard a vehicle, typically integrating an embedded system, tamper-resistant security module, global navigation positioning system, and the like. Communication between V2V (vehicle-to-vehicle) and V2R (vehicle-to-roadside unit) uses a short-range wireless communication protocol, and the communication range of RSU and OBU is 300m. The TA and RSU are connected via a wired network, which typically has high security and sufficient bandwidth.
The third party Trust Authority (TA), roadside units (RSUs) are deployed with respective certificate issuing centers CA, but the certificate issuing centers CA of the third party trust authority TA are the superior certificate issuing centers CA of the certificate issuing centers CA of all roadside units RSUs. Each member has a matched anti-quantum computing key card, and the anti-quantum computing key card has the characteristic of non-dismantling, namely self-destruction, and preferably has a safety chip in the key card to realize the characteristic of non-dismantling. The certificate authority key fob stores therein the public key PKCA and the private key SKCA of the CA system and is protected by the key fob.
Public key PKCA of CA, public and private keys PK and SK of the key fob and digital certificate CERT of the key fob are stored in key fob of roadside units (RSU) and on-board units (OBU).
The SM2 encryption calculation obtains three encryption result components ENCR, ENCM and ENCH, where the above results may be expressed as ENC SM2 (, PK) = (ENCR, ENCM, ENCH), PK is an encryption object, PK is the SM2 public key of the other party, and according to the definition of the SM2 encryption algorithm, ENCR is a random elliptic curve point, and is easily cracked by a quantum computer to obtain its private key, so as to affect the security of the encrypted message, so that ENCR needs encryption.
The patent defines that the SM2 encryption algorithm using the SM4 algorithm symmetric encryption is ENC (×pk, T) = (ENCR ', ENCM, ENCH), T is time, k=hash (PKx | PKy ||t) is a symmetric key shared by both parties, pk= (PKx, PKy), ENCR' is a value obtained by SM4 symmetric encryption of ENCR with K. When decrypting ENC (x, PK, T) using SM4 algorithm, the decrypting party calculates K according to PK and T, and then decrypts ENCR' using K to obtain ENCR, thereby obtaining ENC SM2 (x, PK); and then decrypting ENC SM2 (x, PK) with the PK-corresponding private key SK.
Stage 1: anonymous communication between roadside units and third party trust authorities
1.1 RSU member R sends out message
The roadside unit R sends a message MSGR = TimeR | { INFO1||sig (TimeR |info1, SKR) | CERTR } rr||enc to the TA (RR, PKCA, timeR). Wherein TimeR: a current time; INFO1: an authentication request; SIG (TimeR INFO1, SKR): carrying out SM2 digital signature on TimeR and INFO1 by using a private key SKR of R; CERTR: a digital certificate of R; RR: a true random number generated by a key fob of the member R; { INFO1||SIG (TimeR |INFO1, SKR) | CERTR } RR: encrypting the combination of INFO1, SIG (TimeR |info1, SKR) and CERTR with a true random number RR; ENC (RR, PKCA, timeR): the RR is encrypted using the public key PKCA of the TA and the current time TimeR using the SM2 encryption algorithm defined by this patent, which is symmetric encryption of the SM4 algorithm.
After receiving the message MSGR, the third-party trust authority TA determines TimeR whether it is the current time and decrypts ENC (RR, PKCA, timeR) with the private key SKCA of the certificate authority CA to obtain RR. Decrypting { INFO1||SIG (TimeR |INFO1, SKR) | CERTR } RR with RR to obtain INFO1||SIG (TimeR |INFO1, SKR) | CERTR; the validity of CERTR is verified with the public key PKCA of the CA. After the verification is successful, SIG (TimeR ||info1, SKR) is verified with public key PKR of R in CERTR.
After verification is successful, the real identity of the roadside unit RSU is confirmed.
1.2 TA issuing message
TA sends a message MSGCA = TimeCA || { INFO2||sig (TimeCA |info2, SKCA) } rca|enc (RCA, PKR, timeCA) to R; wherein TimeCA: a current time; SIG (TimeCA INFO2, SKCA): SM2 digitally signing TimeCA and INFO2 with private key SKCA of certificate authority CA; RCA: a true random number; { INFO2||SIG (TimeCA |INFO2, SKCA) } RCA: encrypting INFO2 and SIG (TimeCA I INFO2 and SKCA) by using a true random number RCA; INFO2: KS TA-RSU;KSTA-RSU is true random number as session key between TA and RSU; ENC (RCA, PKR, timeCA): RCA is encrypted using the public key PKR of R and the current time TimeCA using the SM2 encryption algorithm defined by this patent that uses the SM4 algorithm symmetric encryption.
R-verification MSGCA, method is similar to that described in 1.1. After verification MSGCA, KS TA-RSU was obtained.
Stage 2: anonymous communication between vehicle-mounted unit and third-party trust authority through roadside unit
2.1 OBU Member A issues a message
The vehicle-mounted unit a sends a message MSGA = TimeA | { INFO 3|sig (TimeA |info3, SKA) | CERTA } ra|enc to the roadside unit RSU (RA, PKCA, timeA); wherein TimeA: a current time; INFO3: an authentication request; SIG (TimeA INFO3, SKA): SM2 digital signature is carried out on TimeA and INFO3 by using the private key SKA of A; CERTA: a digital certificate of A; RA: a true random number; { INFO3||SIG (TimeA |INFO3, SKA) | CERTA } RA: encrypting the combination of INFO3, SIG (TimeA INFO3, SKA) and CERTA with a true random number RA; ENC (RA, PKCA, timeA): the RA is encrypted using the public key PKCA of the TA and the current time TimeA using the SM2 encryption algorithm defined by the patent that is symmetric to the SM4 algorithm.
2.2 Roadside Unit RSU forwarding messages
After the roadside unit RSU receives the request, the message is judged to be an anonymous authentication request of the vehicle-mounted unit OBU, and MSGA is forwarded to the third-party trust authority TA because the identity of the message cannot be analyzed.
After verification MSGA by the third party trust authority TA, the true identity of the on-board unit OBU is confirmed, in a manner similar to that described in 1.1.
2.3 Third Party trust authorities TA issues messages
Third party trust authority TA issuing a message
MSGCA' = TimeCA | { INFO4||sig (TimeCA |info4, SKCA) } rca|enc (RCA, PKA, timeCA) and { KS RSU-OBU}KSTA-RSU to RSU, wherein TimeCA: a current time; SIG (TimeCA INFO4, SKCA): SM2 digitally signing TimeCA and INFO4 with private key SKCA of certificate authority CA; RCA: a true random number; { INFO4||SIG (TimeCA |INFO4, SKCA) } RCA: encrypting INFO4 and SIG (TimeCA |info4, SKCA) with a true random number RCA; INFO4: KS RSU-OBU;KSRSU-OBU is a true random number as a session key between RSU and OBU; ENC (RCA, PKA, timeCA): RCA is encrypted using public key PKA of a and current time TimeCA using SM2 encryption algorithm of the symmetric encryption of SM4 algorithm defined in this patent.
2.4 Roadside Unit RSU forwarding message
After obtaining { KS RSU-OBU}KSTA-RSU, the roadside unit RSU decrypts with KS TA-RSU to obtain session key KS RSU-OBU, which is forwarded MSGCA' to a.
A verification MSGCA' and method is similar to that described in 1.1. After verification MSGCA', the session key KS RSU-OBU is obtained.
Stage 3: anonymous communication between vehicle units and roadside units
Flow branch 1: the vehicle-mounted unit OBU has insufficient alias digital certificates, and requests the alias digital certificates at the same time during authentication:
3.1 on board Unit OBU Member A issues a message
The on-board unit a generates the local pseudonym pid=hash (KS RSU-OBU), which represents the calculation using the SM3 algorithm.
The on-board unit A generates N pairs of public and private keys { PKAi || SKAi, i E [1, N ] }.
A sends a message MSGA' =pid TimeA | { INFO5} KS RSU-OBU |maca to RSU, where TimeA: a current timestamp; INFO5 contains all public keys { PKAi, i.e. [1, N ] }; { INFO5} KS RSU-OBU is the encryption of INFO5 using session key KS RSU-OBU; MACA is a message authentication code calculated for PID, timeA, and { INFO5} KS RSU-OBU using KS RSU-OBU.
The roadside unit RSU finds the corresponding session key KS RSU-OBU from the localization name PID.
After verifying the MACA in MSGA' by the roadside unit RSU, it is determined that the message is an OBU anonymous authentication and certificate request.
The roadside unit RSU generates a new pseudonym and generates a local certificate { CERTAi, i e [1, n ] }, which is signed by the private key of the roadside unit RSU.
3.2 Roadside Unit RSU issues message
The roadside unit RSU sends a message MSGR' = TimeR |{ INFO6} KS RSU-OBU || MACR to the on-board unit a. Wherein TimeR: a current timestamp; INFO6 includes all certificates generated from INFO5, the certificate CERTR of RSU, the current group key KG RSU of RSU i.e. { CERTAi, i.e. [1, N ] } CERTR ] KG RSU;{INFO6}KSRSU-OBU represents encrypting INFO6 with session key KS RSU-OBU; MACR denotes a message authentication code calculated by combining TimeR and { INFO6} KS RSU-OBU with KS RSU-OBU as a key.
After verification MACR in MSGR', { CERTAi, i ε [1, N ] } | CERTR ||KG RSU are obtained.
After verification CERTR, the correctness of the roadside unit public key PKR is confirmed and CERTR is stored.
A verifies all certificates with PKR.
After verification is successful, the vehicle-mounted unit A stores a local certificate and a private key set { CERTAi | SKAi thereof, and i epsilon [1, N ] is reserved.
Flow branch 2: if the OBU has sufficient pseudonym digital certificates, the pseudonym digital certificates may not be requested during authentication:
3.1 on board Unit OBU Member A issues a message
The on-board unit a generates the local pseudonym pid=hash (KS RSU-OBU), which represents the calculation using the SM3 algorithm.
A sends a message MSGA "=pid TimeA { INFO7} KS RSU-OBU MACA' to RSU; wherein TimeA: a current timestamp; INFO7 is a local authentication request; { INFO7} KS RSU-OBU is to encrypt INFO7 using session key KS RSU-OBU; MACA' is a message authentication code calculated for PID, timeA, and { INFO7} KS RSU-OBU using KS RSU-OBU.
The roadside unit RSU finds the corresponding session key KS RSU-OBU from the localization name PID.
After verifying the MACA' in MSGA "by the roadside unit RSU, it is determined that the message is an OBU anonymous authentication and certificate request.
3.2 Roadside Unit RSU issues message
The roadside unit RSU sends a message MSGR "= TimeR ||{ INFO8} KS RSU-OBU || MACR' to the on-board unit a. Wherein TimeR: a current timestamp; INFO8: the current group key KG RSU;{INFO8}KSRSU-OBU represents encrypting INFO8 with the session key KS RSU-OBU; MACR' represents a message authentication code calculated by combining the key calculation TimeR with KS RSU-OBU and { INFO8} KS RSU-OBU.
After a verifies MACR' in MSGR ", KG RSU is obtained.
Stage 4: anonymous communication between on-board unit and other members of the internet of vehicles
3.1 On-board unit A sends out anonymous broadcast message
The on-board unit a randomly retrieves the i-th pair of local certificates CERTAi and its private key SKAi, an anonymous broadcast message MSGB = TimeB | { info|sig (TimeB |info, SKAi) | CERTAi | CERTR } KG RSU is sent out.
Wherein, INFO: anonymous broadcast messages, namely specific information of the Internet of vehicles, such as broadcasting current road conditions, vehicle conditions and the like; timeB: a current timestamp; SIG (TimeB INFO, SKAi) digitally signs TimeB and INFO with private key SKAi; CERTR: roadside unit digital certificates; CERTAi: a vehicle-mounted unit digital certificate; { INFO||SIG (TimeB |INFO, SKAi) CERTAi CERTR } KG RSU: INFO, SIG (TimeB ||info, SKAi), CERTAi and CERTR are encrypted with the group key KG RSU.
After the i-th local certificate CERTAi and its private key SKAi have been used several times, it is discarded or deleted by the on-board unit a to prevent identity tracking.
3.2 Internet of vehicles any other Member X verifies anonymous broadcast message
After receiving MSGB, any other member X of the Internet of vehicles decrypts MSGB by utilizing the group key KG RSU, and verifies CERTR validity;
After passing the verification, the correctness of the public key PKR of the roadside unit is confirmed;
Verifying the digital certificate CERTAi with a roadside unit public key PKR;
After verification, the correctness of the public key PKAi is confirmed;
validating SIG (TimeB INFO, SKAi) with PKAi;
After passing the verification, the correctness of the received INFO is confirmed.
The technical features of the above-described embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above-described embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.
The above examples illustrate only a few embodiments of the invention, which are described in detail and are not to be construed as limiting the scope of the invention. It should be noted that it will be apparent to those skilled in the art that several variations and modifications can be made without departing from the spirit of the invention, which are all within the scope of the invention. Accordingly, the scope of protection of the present invention is to be determined by the appended claims.
Claims (8)
1. The quantum-resistant computer Internet of vehicles communication method based on CA and national cryptographic algorithm is characterized by comprising a third party trust mechanism, a roadside unit and a vehicle-mounted unit, wherein the third party trust mechanism can reveal the true identities of the vehicle-mounted unit and the roadside unit, and the third party trust mechanism and the roadside unit are provided with respective certificate issuing centers, and the method comprises the following steps:
s1, anonymously communicating a roadside unit with a third party trust authority;
S2, the vehicle-mounted unit anonymously communicates with a third-party trust authority;
s3, the vehicle-mounted unit performs anonymous communication with the roadside unit;
S4, anonymous communication is carried out between the vehicle-mounted unit and other members of the Internet of vehicles;
the anonymous communication between the roadside unit and the third-party trust authority and the anonymous communication between the vehicle-mounted unit and the third-party trust authority comprise the following steps:
S11, sending Fang Shengcheng a first true random number, signing a current timestamp and a first communication message by using a first private key to obtain a first signature, encrypting the first true random number by using a first public key based on an SM2 encryption algorithm to obtain a first ciphertext, symmetrically encrypting the first ciphertext by using the first public key and the current timestamp based on an SM4 algorithm to obtain a second ciphertext, and sending out the first message, wherein the first message comprises encrypting first combined information comprising the first communication message and the first signature by using the first true random number to obtain a third ciphertext, the current timestamp and the second ciphertext;
s12, after the receiving party receives the first message, verifying the current time stamp, and decrypting the second ciphertext by using the second private key and the current time stamp to obtain a first true random number; decrypting the third ciphertext by using the first true random number to obtain a first communication message and a first signature;
the anonymous communication between the vehicle-mounted unit and the roadside unit comprises the following steps:
S21, the vehicle-mounted unit encrypts the second session key by using an SM3 cryptographic algorithm to obtain a local pseudonym; encrypting a second notification message by using a second session key to obtain a third ciphertext, forming a fourth ciphertext by using the local pseudonym, the current timestamp and the third ciphertext, and sending out a second message, wherein the second message comprises the fourth ciphertext and a first message authentication code, and the first message authentication code is obtained by calculating the fourth ciphertext by using the second session key;
S22, after receiving the second message, the roadside unit finds a corresponding second session key according to the pseudonym, verifies the fourth ciphertext by using the second session key, and after verification, decrypts the third ciphertext by using the second session key to obtain a second notification message; encrypting a third known message by using a second session key by using the current time stamp combination to obtain a fifth ciphertext, and sending out a third message, wherein the third message comprises the current time stamp, the fifth ciphertext and a second message authentication code, and the second message authentication code is obtained by calculating the combination of the session key to the time stamp and the fifth ciphertext;
S23, after receiving the third message, the vehicle-mounted unit verifies the second message authentication code by using the second session key, and after verification, the vehicle-mounted unit decrypts the third message by using the second session key to obtain a third notification message;
anonymous communication between the vehicle-mounted unit and other members of the Internet of vehicles comprises the following steps:
S31, the vehicle-mounted unit randomly takes out a pair of digital certificates of the vehicle-mounted unit and private keys thereof, signs the current time stamp and the anonymous broadcast message by using the private keys of the vehicle-mounted unit to obtain a second signature, encrypts the anonymous broadcast message, the second signature, the digital certificate of the roadside unit and the digital certificate of the vehicle-mounted unit by using a group key of the roadside unit to obtain a sixth ciphertext, and sends out a fourth message, wherein the fourth message comprises the current time stamp and the sixth ciphertext;
S32, after any other member of the Internet of vehicles receives the fourth message, decrypting the fourth message by using the group key of the roadside unit, verifying the digital certificate of the roadside unit after decryption, obtaining the public key of the roadside unit after verification, verifying the digital certificate of the vehicle-mounted unit by using the public key of the roadside unit, obtaining the public key of the vehicle-mounted unit after verification, verifying the second signature by using the public key of the vehicle-mounted unit, and verifying the anonymous broadcast message after verification.
2. The anti-quantum computer internet of vehicles communication method based on the CA and the national encryption algorithm according to claim 1, wherein when the sender is a roadside unit and the receiver is a third party trust authority, the first private key is a roadside unit private key, the first public key is a certificate issuing center public key, and the second private key is a certificate issuing authority private key; the first combined information further comprises a digital certificate of a roadside unit; step S12, decrypting the third ciphertext by using the first true random number and obtaining a digital certificate of the sender; step S12 also comprises the step of verifying the validity of the roadside unit digital certificate by a third party trust authority, verifying a first signature by using a public key of the roadside unit in the roadside unit digital certificate after the verification is passed, and confirming the real identity of the roadside unit after the verification is passed; the second notification message is an authentication request.
3. The anti-quantum computer internet of vehicles communication method based on the CA and the national encryption algorithm according to claim 1, wherein the sender is a vehicle-mounted unit, the first private key is a vehicle-mounted unit private key when the receiver is a third party trust authority, the first public key is a certificate issuing center public key, and the second private key is a certificate issuing authority private key; the first combination information further includes a digital certificate of the on-board unit; in step S11, the vehicle-mounted unit sends a first message to the roadside unit, and the roadside unit forwards the first message to a third party trust authority; step S12, decrypting the third ciphertext by using the first true random number and obtaining a digital certificate of the sender; step S12 also comprises the step of verifying the validity of the vehicle-mounted unit digital certificate by a third-party trust authority, and verifying the first signature by using a vehicle-mounted unit public key in the vehicle-mounted unit digital certificate after the verification is passed, and confirming the real identity of the vehicle-mounted unit after the verification is passed; the second notification message is an authentication request.
4. The anti-quantum computing internet of vehicles communication method based on CA and national cryptographic algorithm according to claim 1, wherein when the sender is a third party trust authority and the receiver is a roadside unit, the third notification message is a first session key, and the first session key is a first session key between the roadside unit and the third party trust authority; the first session key is the first true random number generated by a third party trust authority; the first private key is a private key of a certificate authority, the first public key is a public key of a receiver, and the second private key is a private key of the receiver.
5. The anti-quantum computer internet of vehicles communication method based on the CA and national cryptographic algorithm according to claim 1, wherein when the sender is a third party trust authority and the receiver is a vehicle-mounted unit, the third notification message is a second session key, the second session key is a session key between the vehicle-mounted unit and a roadside unit, and the second session key is the first true random number generated by the third party trust authority; the first private key is a private key of a certificate authority, the first public key is a public key of a receiver, and the second private key is a private key of the receiver.
6. The anti-quantum computing internet of vehicles communication method based on CA and national cryptographic algorithm according to claim 1, wherein the on-board unit anonymously communicates with the roadside unit, and in case of insufficient pseudonymous digital certificate of the on-board unit, the pseudonymous digital certificate is simultaneously requested at the time of authentication, the second notification message is a public key set of the on-board unit, the third notification message includes an on-board unit digital certificate set generated according to the public key set of the on-board unit, the roadside unit digital certificate and a current group key of the roadside unit, the step S22 further includes the roadside unit verifying the second notification message, generating a new pseudonym and digital certificate after verification is passed, signing the digital certificate with a private key of the roadside unit; step S23 further includes verifying the digital certificate of the roadside unit by the vehicle-mounted unit, obtaining the public key of the roadside unit after verification, storing the digital certificate of the roadside unit, verifying all the digital certificates by the vehicle-mounted unit by using the public key of the roadside unit, and storing the certificate of the vehicle-mounted unit and the set of private keys thereof after verification; after the pseudonymous digital certificate and the private key thereof are used for a plurality of times, the pseudonymous digital certificate and the private key are abandoned and used by the vehicle-mounted unit.
7. The anti-quantum computer internet of vehicles communication method based on the CA and the national cryptographic algorithm according to claim 1, wherein the vehicle-mounted unit anonymously communicates with the roadside unit, the pseudonymous digital certificate is not requested during authentication in case of sufficient pseudonymous digital certificate of the vehicle-mounted unit, the second notification message is an authentication request, and the third notification message is a current group key of the roadside unit.
8. The anti-quantum computing Internet of vehicles communication system based on the CA and the national encryption algorithm is characterized by comprising a third party trust mechanism, a roadside unit and a vehicle-mounted unit, wherein the third party trust mechanism is used for registering vehicles and roadside infrastructure, generating public parameters and distributing keys and revealing the real identities of the vehicle-mounted unit and the roadside unit; the roadside unit is an infrastructure built at the roadside and is used for providing network access service for the vehicle nodes; the vehicle-mounted units are communication units loaded on the vehicle, the vehicle-mounted units and the roadside units are connected by wireless communication, and the third party trust mechanism and the roadside units are connected by wired networks;
The third party trust institution and the roadside units are provided with respective certificate issuing centers, the certificate issuing centers of the third party trust institution issue digital certificates for the roadside units, and the certificate issuing centers of the roadside units issue digital certificates for the vehicle-mounted units; each member has a matched anti-quantum computing key card, and the anti-quantum computing key card has the characteristic of non-dismantling, so that the self-destruction after dismantling can be realized; public and private keys of the certificate issuing center are stored in the certificate issuing center key card; public keys of certificate issuing centers, public and private keys of the key fob and digital certificates of the key fob are stored in key fob of the roadside unit and the vehicle-mounted unit.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110194035.3A CN115001722B (en) | 2021-02-20 | 2021-02-20 | Anti-quantum computing Internet of vehicles communication method and system based on CA and national encryption algorithm |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110194035.3A CN115001722B (en) | 2021-02-20 | 2021-02-20 | Anti-quantum computing Internet of vehicles communication method and system based on CA and national encryption algorithm |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115001722A CN115001722A (en) | 2022-09-02 |
| CN115001722B true CN115001722B (en) | 2024-06-11 |
Family
ID=83018180
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110194035.3A Active CN115001722B (en) | 2021-02-20 | 2021-02-20 | Anti-quantum computing Internet of vehicles communication method and system based on CA and national encryption algorithm |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115001722B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US12022012B1 (en) | 2023-01-16 | 2024-06-25 | Hefei University Of Technology | Systems and methods for vehicle encrypted communication for vehicle-road-cloud collaboration |
| CN115801461B (en) * | 2023-01-16 | 2023-04-18 | 合肥工业大学 | Vehicle encryption communication system and method for vehicle-road cloud cooperation |
| CN117241267B (en) * | 2023-11-15 | 2024-01-12 | 合肥工业大学 | Quantum group key distribution method applicable to V2I scene based on blockchain |
| CN117376904B (en) * | 2023-12-08 | 2024-02-02 | 合肥工业大学 | Communication method for vehicle group |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105722231A (en) * | 2016-04-12 | 2016-06-29 | 江苏大学 | Continuous coordinative multichannel vehicular network MAC ((Medium Access Control) protocol |
| CN105763558A (en) * | 2016-01-20 | 2016-07-13 | 华东师范大学 | Distributed aggregation authentication method having privacy protection function for vehicle-mounted self-organizing network |
| CN106713326A (en) * | 2016-12-28 | 2017-05-24 | 上海电机学院 | Vehicle-mounted network message authentication protocol |
| CN109362062A (en) * | 2018-11-21 | 2019-02-19 | 东北大学 | VANETs anonymous authentication system and method based on ID-based group ranking |
| WO2019104955A1 (en) * | 2017-11-30 | 2019-06-06 | 东北大学 | Location privacy protection query method for vanets in fog computing architecture |
| CN110830245A (en) * | 2019-10-22 | 2020-02-21 | 如般量子科技有限公司 | Anti-quantum-computation distributed Internet of vehicles method and system based on identity secret sharing and implicit certificate |
| CN111211892A (en) * | 2020-01-13 | 2020-05-29 | 南京如般量子科技有限公司 | Anti-quantum computing internet-of-vehicle system based on secret sharing and identity cryptography and authentication method thereof |
| CN111212400A (en) * | 2020-01-14 | 2020-05-29 | 南京如般量子科技有限公司 | Anti-quantum computing internet-of-vehicle system based on secret sharing and mobile terminal and authentication method thereof |
-
2021
- 2021-02-20 CN CN202110194035.3A patent/CN115001722B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105763558A (en) * | 2016-01-20 | 2016-07-13 | 华东师范大学 | Distributed aggregation authentication method having privacy protection function for vehicle-mounted self-organizing network |
| CN105722231A (en) * | 2016-04-12 | 2016-06-29 | 江苏大学 | Continuous coordinative multichannel vehicular network MAC ((Medium Access Control) protocol |
| CN106713326A (en) * | 2016-12-28 | 2017-05-24 | 上海电机学院 | Vehicle-mounted network message authentication protocol |
| WO2019104955A1 (en) * | 2017-11-30 | 2019-06-06 | 东北大学 | Location privacy protection query method for vanets in fog computing architecture |
| CN109362062A (en) * | 2018-11-21 | 2019-02-19 | 东北大学 | VANETs anonymous authentication system and method based on ID-based group ranking |
| CN110830245A (en) * | 2019-10-22 | 2020-02-21 | 如般量子科技有限公司 | Anti-quantum-computation distributed Internet of vehicles method and system based on identity secret sharing and implicit certificate |
| CN111211892A (en) * | 2020-01-13 | 2020-05-29 | 南京如般量子科技有限公司 | Anti-quantum computing internet-of-vehicle system based on secret sharing and identity cryptography and authentication method thereof |
| CN111212400A (en) * | 2020-01-14 | 2020-05-29 | 南京如般量子科技有限公司 | Anti-quantum computing internet-of-vehicle system based on secret sharing and mobile terminal and authentication method thereof |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115001722A (en) | 2022-09-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Manivannan et al. | Secure authentication and privacy-preserving techniques in Vehicular Ad-hoc NETworks (VANETs) | |
| CN115001722B (en) | Anti-quantum computing Internet of vehicles communication method and system based on CA and national encryption algorithm | |
| US11606216B2 (en) | Cryptographic methods and systems for managing digital certificates with linkage values | |
| CN111684760B (en) | Cryptographic method and system for managing digital certificates | |
| US9602290B2 (en) | System and method for vehicle messaging using a public key infrastructure | |
| CN111211892B (en) | Anti-quantum computing internet-of-vehicle system based on secret sharing and identity cryptography and authentication method thereof | |
| Li et al. | ACPN: A novel authentication framework with conditional privacy-preservation and non-repudiation for VANETs | |
| US11184180B2 (en) | Cryptographic methods and systems using blinded activation codes for digital certificate revocation | |
| US11895250B2 (en) | Cryptographic methods and systems using activation codes for digital certificate revocation | |
| CN109067525A (en) | Message authentication method based on half credible administrative center in car networking | |
| US20230029523A1 (en) | Privacy-preserving delivery of activation codes for pseudonym certificates | |
| CN105812131B (en) | Vehicle-mounted node certificate updating method based on vehicle-mounted short-distance communication network | |
| Malhi et al. | Privacy-preserving authentication framework using bloom filter for secure vehicular communications | |
| CN111212400B (en) | Anti-quantum computing internet-of-vehicle system based on secret sharing and mobile terminal and authentication method thereof | |
| US20220376931A1 (en) | Balancing privacy and efficiency for revocation in vehicular public key infrastructures | |
| CN108933665A (en) | Lightweight V2I group communications identities indentification protocol applies the method in VANETs | |
| Funderburg et al. | Pairing-free signatures with insider-attack resistance for vehicular ad-hoc networks (VANETs) | |
| CN113923651A (en) | Vehicle pseudonym replacement method, apparatus and computer-readable storage medium | |
| Park et al. | A secure and location assurance protocol for location-aware services in VANETs | |
| Funderburg et al. | Efficient short group signatures for conditional privacy in vehicular ad hoc networks via ID caching and timed revocation | |
| Peng | A novel authentication protocol for vehicle network | |
| CN113645028B (en) | Vehicle networking condition privacy protection system and method supporting dynamic key management | |
| Prakash et al. | Vanet authentication with privacy-preserving schemes—a survey | |
| Yoo | 5G‐VRSec: Secure Video Reporting Service in 5G Enabled Vehicular Networks | |
| Bai et al. | Anonymous Identity Authentication scheme for Internet of Vehicles based on moving target Defense |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |