CN116156489A - Position privacy protection method based on collaborative service - Google Patents
Position privacy protection method based on collaborative service Download PDFInfo
- Publication number
- CN116156489A CN116156489A CN202211650176.2A CN202211650176A CN116156489A CN 116156489 A CN116156489 A CN 116156489A CN 202211650176 A CN202211650176 A CN 202211650176A CN 116156489 A CN116156489 A CN 116156489A
- Authority
- CN
- China
- Prior art keywords
- rsu
- lsp
- service
- user
- location
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 37
- 238000012360 testing method Methods 0.000 claims description 31
- 238000004364 calculation method Methods 0.000 claims description 17
- 238000012795 verification Methods 0.000 claims description 16
- 230000008569 process Effects 0.000 claims description 14
- 230000004044 response Effects 0.000 claims description 13
- 230000003993 interaction Effects 0.000 claims description 5
- 125000004122 cyclic group Chemical group 0.000 claims description 3
- 239000011159 matrix material Substances 0.000 claims description 3
- 230000002441 reversible effect Effects 0.000 claims description 3
- 238000004891 communication Methods 0.000 description 11
- 238000011160 research Methods 0.000 description 8
- 230000008901 benefit Effects 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000006872 improvement Effects 0.000 description 2
- 239000002699 waste material Substances 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 239000003054 catalyst Substances 0.000 description 1
- 238000007418 data mining Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 239000006185 dispersion Substances 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/041—Key generation or derivation
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention relates to the technical field of software communication, and discloses a position privacy protection method based on collaborative services, which comprises the following steps of S1, system initialization: the TA generates a system public key PK, a system private key MSK, a tracking key TK and a system parameter params; s2, user registration: RU (remote Unit) i 、CU j Registering the RSU and the LSP with the TA respectively to generate respective public and private key pairs; s3, service inquiry: RU (remote Unit) i Generating location services query SQ i And sends it to the LSP through the RSU; the position privacy protection method based on the collaborative service can provide the position service for the user on the premise of higher safety coefficient, and the following three targets are realized. First, a secure cable is constructed for the user by using a Bloom filterGuiding to provide secure location services; secondly, the position privacy of the user is not revealed when the user responds to the RSU, and finally, the position privacy of the other user cannot be deduced by any user through the content of the collaborative service when any two users perform the collaborative service.
Description
Technical Field
The invention relates to the technical field of software communication, in particular to a position privacy protection method based on collaborative services.
Background
The internet of vehicles refers to the realization of omnibearing network connection of the interior of a vehicle, vehicles and people, vehicles and vehicles, vehicles and roads, vehicles and service platforms by means of a new generation of mobile communication technology. The system brings great convenience to people in transportation and great help to government departments in establishing an intelligent transportation system, such as road safety and traffic passing efficiency improvement, but the data fingerprint generated in the data interaction process brings privacy safety threat to users, and hackers can analyze collected user data through technologies such as data mining and the like, so that sensitive information of the users is obtained.
In order to solve the problems, scholars propose an internet of vehicles privacy protection scheme based on anonymity and cryptography. For some attackers with a certain knowledge background, the common anonymity-based location privacy protection scheme cannot well protect the location privacy of the user, and further, a double anonymity-based location privacy protection scheme is provided, and the correlation between the user and the service request is reduced by introducing a trusted cloud service between the user and the location service provider, so that the location privacy of the user is protected to the greatest extent. In order to improve the effectiveness, uncertainty and dispersion of the virtual position under the condition of road constraint and avoid the privacy safety problem caused by providing the real position information of the user, a position privacy protection algorithm based on the virtual position under the condition of road constraint without a trusted third party server is provided. The convenience of carpooling is realized by sacrificing identity privacy of a driver and a passenger, and an anonymous mutual authentication protocol is further provided, wherein the driver and the passenger in the protocol send a carpooling inquiry to a cloud server in an anonymous mode to finish carpooling service. In order to help a driver to quickly and accurately find a required parking space, an intelligent parking navigation scheme with privacy protection is provided. In the scheme, after a user initiates a parking space inquiry to a cloud server, the cloud server searches and generates a parkable position meeting the expectations of the user, and then the user is required to search. These schemes have limitations in user privacy security and resource overhead. On the one hand, the anonymity-based scheme is to replace the real location information of the user with an anonymized set and perform location-based service, but the communication overhead of the anonymized set generally increases linearly with the increase of the anonymized set; on the other hand, the cryptography-based scheme generally encrypts and transmits the location information to a server, and then the server decrypts and obtains the corresponding plaintext information and returns to the corresponding location-based service. In this process, the private information of the user is often revealed due to a system vulnerability of the server or attack by a malicious adversary.
The use of location-based services typically requires users to submit their past, present, or future location information, which inevitably presents the problems described above. One existing research approach is based on distributed collaborative services. The research method supports that the requesting user initiates a location-based service request in a privacy-safe manner, and the cooperative user can respond to the corresponding location service to the requesting user accordingly. In the process, any sensitive information about the user is not revealed, so that the privacy security of the user can be well protected, but the problems of repeated response resources, waste and the like exist, and the main reason is that the repeated response service from the cooperative user cannot be filtered.
Bloom filters are a random data structure that is space efficient and fast to query, and can be used to check if an element is in a collection. And because it does not need to store the element itself, it also has some confidentiality to the element itself. In addition, as a technology capable of performing an equivalence test in a ciphertext state, the ciphertext equivalence test is widely applied to test whether corresponding plaintext information between different ciphertexts is equal, thereby supporting the judgment of the relationship between the ciphertexts on the premise that a decryption key is not required.
As can be seen from the above, the existing internet of vehicles privacy protection scheme based on anonymity and cryptography can protect the privacy security of users to a certain extent, but has some disadvantages. As shown in fig. 1, X pre-processes its own location information in a K-anonymous or cryptographic manner and initiates a service query to Y. And Y returns a corresponding service response to X according to the service query received by the Y. In the process, the existing privacy protection scheme of the internet of vehicles still faces a great challenge due to the existing privacy safety hidden trouble and the large communication resource consumption. Improvements are therefore needed.
Disclosure of Invention
(one) solving the technical problems
Aiming at the defects of the prior art, the invention provides a location privacy protection method based on collaborative services, which has the advantages of privacy safety, low communication overhead, high collaborative service efficiency and repeatability test based on ciphertext equivalent test, and solves the hidden danger of privacy and larger communication resource consumption caused by location service inquiry initiated in a K anonymous or cryptology mode.
(II) technical scheme
In order to achieve the purposes of privacy security, low communication overhead, high collaborative service efficiency and repeatability test based on ciphertext equivalent test, the invention provides the following technical scheme:
a location privacy protection method based on collaborative services comprises the following steps:
s1, initializing a system: the TA generates a system public key PK, a system private key MSK, a tracking key TK and a system parameter params;
s2, user registration: RU (remote Unit) i 、CU j Registering the RSU and the LSP with the TA respectively to generate respective public and private key pairs;
s3, service inquiry: RU (remote Unit) i Generating location services query SQ i And sends it to the LSP through the RSU;
s4, inquiring and verifying: LSP receives RU i Transmitted SQ i After that, the validity is verified a priori. If the verification is not passed, rejecting the query, otherwise querying the location service for SQ i ' send to RSU;
s5, proxy service: RSU receives LS P Transmitted SQ i After' broadcast a co-signal CS to surrounding CUs j And is RU i Executing proxy services to thereby interact with CUs i And carrying out data interaction. In this process, CU i Identity and co-verification is to be performed to the RSU. For a CU that is verified to be successful i Generating a ciphertext O of a position service set S and sending the ciphertext O to the RSU;
s6, testing repeatability: RSU is composed of RU i Test trapdoor ET sent over secure channel for n CUs j Generated by n The individual location service cryptograms O are tested for repeatability. If the test passes, a location service response SR is generated i,j Sending the LSP to LSP for storage;
s7, service retrieval: RU (remote Unit) i Sending a location service search trapdoor ST to the LSP, and the LSP returning corresponding search results to the RU based thereon i ;
S8, user tracking: when a user exhibits malicious behaviour, the TA can reveal its identity by tracking the key TK.
Preferably, the following detailed description is given in S1:
s1.1, setting a security parameter lambda, and generating TA with a prime number p (p is more than or equal to 2) λ ) Is a cyclic group of (a)Wherein->To generate a primitive;
s1.2, given a security parameter delta, TA generates a reversible matrixVector v= { (V) 1 ,...,v 8 ) T )|v i ∈ R {0,1}, hash key set +.>Pseudo-random function F: {0,1} * ×{0,1} 8 →{0,1} * And/or one mutually independent location-sensitive hash function->
S1.5, TA generation system public key pk= (h) 1 ,h 2 ,h 3 ) System private key msk= (α, M) 1 ,M 2 V), tracking key tk= (ζ 1 ,ξ 2 ) System parametersWherein the TA discloses the system parameters params, and retains the system private key MSK and the tracking key TK.
Preferably, in S2, the following detailed description is provided:
S2.3、RU i Received theAfter that, store->And will->Split into two parts->And->Satisfy the following requirements
S2.5, like S2.1-2.4, CU can be generated j Is pk cu The private key is sk cu ;
S2.6, RSU selection numberCalculate->And will->Is sent to the TA through the secure channel, the public and private key pair of the RSU is +.>
S2.7 LSP selection numberCalculate->And will->Sent to the TA over the secure channel, the public-private key pair of LSP is +.>
Preferably, in the step S3, the following detailed description is provided:
S3.1、RU i random generation of a random number including a start pointFinal occupation->Location point set of (2)And constructing a delta-position bloom filter for itEach x at the beginning i Are all 0; />
S3.2、RU i Using functionsWill->The point in (a) is inserted into->Then toIf v i E V is 0, let x' i =、x″ i =x i Otherwise, choose the number->Let-> Final output->And->
Preferably, in S4, the following detailed description is provided:
s4.1, LSP receives RU i Transmitted SQ i After that, verify SQ i Time stamp T of (2) ru . If not satisfy |T ru -T lsp Rejecting the query if delta T is less than or equal to deltat; otherwise, continuing the next step;
s4.2, LSP is calculatedAnd L' 1 =H 1 (E 1 ,E 2 ,E′ 3 E 4 ,PI′ ru ,PI″ ru ) To judgeAnd->Whether or not to do so simultaneously. If not, rejecting the query; otherwise outputAnd sends it to the RSU.
Preferably, in the step S5, the following detailed description is provided:
s5.1, the RSU receives the SQ sent by the LSP i After' broadcast a co-signal CS to surrounding CUs j ;
S5.2、CU j Upon receipt of the CS, a set of location points providing location services is generated based on existing background knowledgeAnd constructing a delta-position bloom filter for it>Each y at the beginning j Is 0;
S5.3、CU j using functionsWill->The point in (a) is inserted into->Then pair->If v j E V is 1, let y' j =y″ j =y j Otherwise, choose the number->Let->Finally outputAnd->
S5.6.1 and RSU by calculationAnd L' " 1 =H 1 (E″ 1 ,E″ 2 ,E′″ 3 ,E″ 4 ,PI′ CM ,PI″ CM ) To judge->And->Whether or not to do so simultaneously. If not, rejecting CU j Participate in the collaboration; otherwise, continuing the next step;
s5.6.2, RSU by calculating n= (PI' cu ) T ·PI′ ru +(PI″ cu ) T ·PI″ ru To judgeWhether or not it is. If not, rejecting CU j Participate in the collaboration; otherwise to CU j Sending an instruction for successful verification;
s5.7, after the CUj receives the verification success instruction sent by the RSU, according to the position point setGenerating corresponding location servicesAnd calculate
Wherein f (x) =f 0 +f 1 x+…+f n-1 x n-1 ;
Let o= (O) 1 ,O 2 ,O 3 ) And sends it to the RSU.
Preferably, in the step S6, the following detailed description is provided:
s6.1, RSU received by n CUs j The generated position service ciphertext O;
s6.2, RSU is composed of RU i A test trapdoor ET sent over the secure channel;
If the equations are all true, the process is interrupted and the n CUs are refused to be received i Generating n position service cryptograms O, otherwise generating position service response SR i,j ={E″ 1 , E″ 2 ,O 1 ,O 2 ,O 3 ,PI′ cu ,PI″ cu And sends it to the LSP for storage.
Preferably, in S7, the following detailed description is provided:
S7.1、RU i transmitting a location service search trapdoor st= to LSP PI ′ ru ,PI″ ru );
S7.2, after receiving ST, the LSP calculates n=(PI′ cu ) T ·PI′ ru +(PI″ cu ) T ·PI″ ru To judgeWhether or not it is.
S7.3 (PI 'if any, which makes the formula true' cu ,PI″ cu The service response SR associated therewith is then i,j Sent to RU i ;
S7.4、RU i Received SR i,j After that, calculateThen self-check>And retrieve the relevant location service.
Preferably, in S8, the following detailed description is provided:
s8.1 if there is a user U k Stable RU i CU j In case of malicious behavior, the TA obtains the user U with malicious behavior by calculating the following formula k Private key
S8.2, since TA knows private keyThe corresponding relationship with the user identity can be used for revealing the identity of the user;
(III) beneficial effects
Compared with the prior art, the invention provides a position privacy protection method based on collaborative services, which has the following beneficial effects:
1. the position privacy protection method based on the collaborative service is different from the existing research scheme based on cryptography, can provide the position service for the user on the premise of higher safety coefficient, and achieves the following three targets. Firstly, a Bloom filter is used for constructing a security index for a user so as to provide a secure location service; secondly, the position privacy of the user is not revealed when the user responds to the RSU, and finally, the position privacy of the other user cannot be deduced by any user through the content of the collaborative service when any two users perform the collaborative service.
2. The collaborative service-based location privacy protection method is different from the existing K anonymity-based research scheme, and has lower communication overhead while protecting the privacy security of users. Specifically, the anonymized set and the tedious cryptography algorithm which require large communication overhead in the past are replaced by a secure one-way hash function, a pseudo-random function, a bloom filter and the like to initiate the location-based service query, so that the communication overhead can be about 1.39kbytes constantly. This has a greater advantage when the population of users is large than existing anonymous research schemes.
3. The pairing (searching) index constructed based on the Bloom filter is not changed along with the change of the number of the user position points, but is constant at about 0.2146s. The invention can improve the collaborative location service efficiency of the user to a certain extent.
4. The position privacy protection method based on cooperative service provides a repeatability test based on ciphertext equivalent test, and supports judging whether a plurality of cooperative service ciphertexts are encrypted by using different public keys in a ciphertext state. In addition, in the process of repeatability test, any plaintext information corresponding to the related service recommendation is not revealed, so that the privacy security of the user can be well protected.
Drawings
FIG. 1 is a schematic diagram of an existing Internet of vehicles privacy protection scheme based on anonymity and cryptography;
FIG. 2 is a schematic flow chart of the present invention;
FIG. 3 is a schematic diagram of a collaborative location service according to the present invention;
FIG. 4 shows RSU-CU of the present invention j A schematic calculation is performed.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Referring to fig. 2-4, the present invention provides the following technical solutions:
s1, initializing a system: the TA generates a system public key PK, a system private key MSK, a tracking key TK and a system parameter params;
s2, user registration: RU (remote Unit) i 、CU j Registering the RSU and the LSP with the TA respectively to generate respective public and private key pairs;
s3, service inquiry: RU (remote Unit) i Generating location services query SQ i And sends it to the LSP through the RSU;
s4, inquiring and verifying: LSP receives RU i Transmitted SQ i After that, the validity is verified a priori. If the verification is not passed, rejecting the query, otherwise querying the location service for SQ i ' send to RSU;
s5, proxy service: the RSU receives the SQ sent by the LSP i After' broadcast a co-signal CS to surrounding CUs j And is RU i Executing proxy services to thereby interact with CUs j And carrying out data interaction. In this process, CU j To enter into RSULine identity and collaborative authentication. For a CU that is verified to be successful j Which generates a set of location servicesCiphertext O of (a), and sending the ciphertext O to the RSU;
s6, testing repeatability: RSU is composed of RU i Test trapdoor ET sent over secure channel for n CUs j And carrying out repeatability test on the generated n position service ciphertext O. If the test passes, a location service response SR is generated i,j Sending the LSP to LSP for storage;
s7, service retrieval: RU (remote Unit) i Sending a location service search trapdoor ST to the LSP, and the LSP returning corresponding search results to the RU based thereon i ;
S8, user tracking: when a user exhibits malicious behaviour, the TA can reveal its identity by tracking the key TK.
In order to make the technical scheme of the invention more clear, the invention is further described in detail below with reference to the accompanying drawings.
S1, initializing a system: TA generates a system public key PK, a system private key MSK and a system parameter params;
s1.1, setting a security parameter lambda, and generating TA with a prime number p (p is more than or equal to 2) λ ) Is a cyclic group of (a)Wherein->To generate a primitive;
s1.2, given a security parameter delta, TA generates a reversible matrixVector v= { (V) 1 ,...,v δ ) T |v i ∈ R {0,1}, hash key set +.>Pseudo-random functionNumber F: {0,1} * ×{ 0 ,1} δ →{0,1} * And/or one mutually independent location-sensitive hash function->
S1.5, TA generation system public key pk= (h) 1 ,h 2 ,h 3 ) System private key msk= (α, M) 1 ,M 2 V), tracking key tk= (ζ 1 ,ξ 2 ) System parametersWherein the TA discloses the system parameters params, and retains the system private key MSK and the tracking key TK.
S2, user registration: RU (remote Unit) i 、CU j Registering the RSU and the LSP with the TA respectively to generate respective public and private key pairs;
S2.1、RU i selecting a numberCalculate->And will->Transmitted to the mobile terminal through a secure channelTA;
S2.3、RU i Received theAfter that, store->And will->Split into two parts->And->Satisfy the following requirements
S2.5, like S2.1-2.4, CU can be generated j Is pk cu The private key is sk cu ;
S2.6, RSU selection numberCalculate->And will->Is sent to the TA through the secure channel, the public and private key pair of the RSU is +.>
S2.7 LSP selection numberCalculate->And will->Sent to the TA over the secure channel, the public-private key pair of LSP is +.>
In order to make the collaborative location service (S3-S7) of the present invention more clearly apparent, the collaborative location service in the present invention will be described in further detail with reference to fig. 3.
S3, service inquiry: RU (remote Unit) i Generating location services query SQ i And sends it to the LSP through the RSU;
S3.1、RU i random generation of a random number including a start pointFinal occupation->Location point set of (2)And constructing a delta-position bloom filter for itEach x at the beginning i Are all 0;
S3.2、RU i using functionsWill->The point in (a) is inserted into->Then toIf v i E V is 0, let x' i =x″ i =x i Otherwise, choose the number->Let-> Final output->And->/>
S4, inquiring and verifying: LSP receives RU i Transmitted SQ i After that, the validity is verified a priori. If the verification is not passed, rejecting the query, otherwise querying the location serviceSending to the RSU;
s4.1, LSP receives RU i Transmitted SQ i After that, verify SQ i Time stamp T of (2) ru . If notSatisfy |T ru T lsp Rejecting the query if delta T is less than or equal to deltat; otherwise, continuing the next step;
s4.2, LSP is calculatedAnd L' 1 =H1(E 1 ,E 2 ,E′ 3 ,E 4 ,PI′ ru ,PI″ ru ) To judgeAnd->Whether or not to do so simultaneously. If not, rejecting the query; otherwise outputAnd sends it to the RSU.
To more clearly describe S5, further details are provided below in conjunction with fig. 4.
S5, proxy service: the RSU receives LSP transmissionThereafter, a cooperative signal CS is broadcast to surrounding CUs j And is RU i Executing proxy services to thereby interact with CUs j And carrying out data interaction. In this process, CU j Identity and co-verification is to be performed to the RSU. For a CU that is verified to be successful j Which generates a location service set +.>Ciphertext O of (a), and sending the ciphertext O to the RSU;
s5.1, the RSU receives the SQ sent by the LSP i After' broadcast a co-signal CS to surrounding CUs j ;
S5.2、CU j Upon receipt of the CS, a set of location points providing location services is generated based on existing background knowledgeAnd constructing a delta-position bloom filter for it>Each y at the beginning j Is 0;
S5.3、CU j using functionsWill->The point in (a) is inserted into->Then pair->If v j E V is 1, let y' j =y″ j =y j Otherwise, choose the number->Let->Finally outputAnd->
s5.6.1 and RSU by calculationAnd L'. 1 =H 1 (E″ 1 ,E″ 2 E″′ 3 ,E″ 4 ,PI′ cu ,PI″ cu ) To judge->And->Whether or not to do so simultaneously. If not, rejecting CU j Participate in the collaboration; otherwise, continuing the next step;
s5.6.2, RSU by calculating n= (PI' cu ) T ·PI′ ru +(PI″ cu ) T ·PI″ ru To judgeWhether or not it is. If not, rejecting CU j Participate in the collaboration; otherwise to CU j Sending an instruction for successful verification;
s5.7, after the CUj receives the verification success instruction sent by the RSU, according to the position point setGenerating corresponding location servicesAnd calculate
Wherein f (x) =f 0 +f 1 x+…+f n-1 x n-1 ;
Let o= (O) 1 ,O 2 ,O 3 ) And sends it to the RSU.
S6, testing repeatability: RSU is composed of RU i Test trapdoor ET sent over secure channel for n CUs j And carrying out repeatability test on the generated n position service ciphertext O. If the test passes, a location service response SR is generated i,j Sending the LSP to LSP for storage;
s6.1, RSU received by n CUs j The generated position service ciphertext O;
s6.2, RSU is composed of RU i A test trapdoor ET sent over the secure channel;
If the equations are all true, the process is interrupted and the n CUs are refused to be received j Generating n position service cryptograms O, otherwise generating position service response SR i,j ={E″ 1 , E″ 2 ,O 1 ,O 2 ,O 3 ,PI′ cu ,PI″ cu And sends it to the LSP for storage.
S7, service retrieval: RU (remote Unit) i Sending a location service search trapdoor ST to the LSP, and the LSP returning corresponding search results to the RU based thereon i ;
S7.1、RU i Transmitting a location service search trapdoor st=to LSP ( PI′ ru ,PI″ ru );
s7.2, after receiving ST, LSP calculates n= (PI' cu ) T ·PI′ ru +(PI″ cu ) T ·PI″ cu To judgeWhether or not it is.
S7 . 3 If there is a catalyst that makes the formula hold ( PI′ cu -PI″ cu ) The service response SR associated therewith is then i,j Sent to RU i ;
S7.4、RU i Received SR i,j After that, calculateThen self-check>And retrieve the relevant location service.
S8, user tracking: when a user exhibits malicious behaviour, the TA can reveal its identity by tracking the key TK.
S8.1 if there is a user U k Stable RU i CU j In case of malicious behavior, the TA obtains the user U with malicious behavior by calculating the following formula k Private key
S8.2, since TA knows private keyThe corresponding relationship with the user identity can be used for revealing the identity of the user;
The position privacy protection method based on the collaborative service is different from the existing research scheme based on cryptography, can provide the position service for the user on the premise of higher safety coefficient, and achieves the following three targets. Firstly, a Bloom filter is used for constructing a security index for a user so as to provide a secure location service; secondly, the position privacy of the user is not revealed when the user responds to the RSU, and finally, the position privacy of the other user cannot be deduced by any user through the content of the collaborative service when any two users perform the collaborative service.
Unlike the existing research scheme based on K anonymity, the method can protect the privacy security of users and simultaneously has lower communication overhead. Specifically, the anonymized set and the tedious cryptography algorithm which require large communication overhead in the past are replaced by a secure one-way hash function, a pseudo-random function, a bloom filter and the like to initiate the location-based service query, so that the communication overhead can be about 1.39kbytes constantly. This has a greater advantage when the population of users is large than existing anonymous research schemes.
Pairing (search) indexes built on the basis of Bloom filters have pairing efficiency which does not change with the number of user location points, but is constant at about 0.2146s. The invention can improve the collaborative location service efficiency of the user to a certain extent.
The repeated cooperative service can not improve the position service efficiency, and can also bring the problems of resource waste and the like. In this regard, the invention provides a repeatability test based on ciphertext equivalent test, which supports judging whether a plurality of cooperative service ciphertexts are encrypted by different public keys in the ciphertext state. In addition, in the process of repeatability test, any plaintext information corresponding to the related service recommendation is not revealed, so that the privacy security of the user can be well protected.
Although embodiments of the present invention have been shown and described, it will be understood by those skilled in the art that various changes, modifications, substitutions and alterations can be made therein without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.
Claims (9)
1. The location privacy protection method based on the collaborative service is characterized by comprising the following steps:
s1, initializing a system: the TA generates a system public key PK, a system private key MSK, a tracking key TK and a system parameter params;
s2, user registration: RU (remote Unit) i 、CU j Registering the RSU and the LSP with the TA respectively to generate respective public and private key pairs;
s3, service inquiry: RU (remote Unit) i Generating location services query SQ i And sends it to the LSP through the RSU;
s4, inquiring and verifying: LSP receives RU i Transmitted SQ i After that, the validity is verified a priori. If the verification is not passed, rejecting the query, otherwise, sending a location service query SQ' to the RSU;
s5, proxy service: after receiving the SQ' sent by LSP, RSU broadcasts a cooperative signal CS to surrounding CUs j And is RU i Executing proxy services to thereby interact with CUs j And carrying out data interaction. In this process, CU j Identity and co-verification is to be performed to the RSU. For a CU that is verified to be successful j Generating a ciphertext O of a position service set S and sending the ciphertext O to the RSU;
s6, testing repeatability: RSU is composed of RU i Test trapdoor ET sent over secure channel for n CUs j And carrying out repeatability test on the generated n position service ciphertext O. If the test passes, a location service response SR is generated i,j Sending the LSP to LSP for storage;
s7, service retrieval: RU (remote Unit) i Sending a location service search trapdoor ST to the LSP, and the LSP returning corresponding search results to the RU based thereon i ;
S8, user tracking: when a user exhibits malicious behaviour, the TA can reveal its identity by tracking the key TK.
2. The location privacy protection method based on collaborative services according to claim 1, wherein the S1 has the following detailed description:
s1.1, setting a security parameter lambda, and generating TA with a prime number p (p is more than or equal to 2) λ ) Is a cyclic group of (a)Wherein->To generate a primitive;
s1.2, given a security parameter delta, TA generates a reversible matrixVector v= { (V) 1 ,...,v δ ) T |v i ∈ R {0,1}, hash key set +.>Pseudo-random function F: {0,1} * ×{0,1} δ →{0,1} * And, a mutually independent location-sensitive hash function +.>
S1.3, TA generates three secure hash functions H 1 :H 2 :{0,1} * →{0,1} 2ρ And H 3 :{0,1} * →{0,1} λ ;
3. The location privacy protection method based on collaborative services according to claim 1, wherein the S2 has the following detailed description:
S2.3、RU i Received theAfter that, store->And will->Split into two parts->And->Satisfy the following requirements
S2.5, like S2.1-2.4, CU can be generated j Is pk cu The private key is sk cu ;
S2.6, RSU selection numberCalculate->And will->Is sent to the TA through the secure channel, the public and private key pair of the RSU is +.>
4. The location privacy protection method based on collaborative services according to claim 1, wherein in S3, the following detailed description is provided:
S3.1、RU i random generation of a random number including a start pointEndpoint->Position point set->And constructing a delta-position bloom filter for it>Each x at the beginning i Are all 0;
S3.2、RU i using functionsWill->The point in (a) is inserted into->Then toIf v i E V is 0, let x' i =x i ″=x i Otherwise, choose the number->Let-> Final output->And->
5. The location privacy protection method based on collaborative services according to claim 1, wherein in S4, the following detailed description is provided:
s4.1, LSP receives RU i Transmitted SQ i After that, verify SQ i Time stamp T of (2) ru . If not satisfy |T ru T lsp Rejecting the query if delta T is less than or equal to deltat; otherwise, continuing the next step;
6. The location privacy protection method based on collaborative services according to claim 1, wherein in S5, the following detailed description is provided:
s5.1, the RSU receives the SQ sent by the LSP i After' broadcast a co-signal CS to surrounding CUs j ;
S5.2、CU j Upon receipt of the CS, a set of location points providing location services is generated based on existing background knowledgeAnd constructing a delta-position bloom filter for it>Each y at the beginning j Is 0;
S5.3、CU j using functionsWill->The point in (a) is inserted into->Then pair->If v j E V is 1, let y' j =y″ j =y j Otherwise, choose the number->Let->Finally outputAnd->
s5.6.1 and RSU by calculationAnd->To judge->And->Whether or not to do so simultaneously. If not, rejecting CU j Participate in the collaboration; otherwise, continuing the next step;
S5.6.2、RSu by calculating n= (PI' cu ) T ·PI′ ru +(PI″ cu ) T ·PI″ cu To judgeWhether or not it is. If not, rejecting CU j Participate in the collaboration; otherwise to CU j Sending an instruction for successful verification;
S5.7、CU j after receiving a verification success instruction sent by the RSU, according to the position point setGenerating corresponding location servicesAnd calculate
Wherein f (x) =f 0 +f 1 x+…+f n-1 x n-1 ;
Let o= (O) 1 ,O 2 ,O 3 ) And sends it to the RSU.
7. The location privacy protection method based on collaborative services according to claim 1, wherein in S6, the following detailed description is provided:
s6.1, RSU received by n CUs i The generated position service ciphertext O;
s6.2, RSU is composed of RU i A test trapdoor ET sent over the secure channel;
If the equations are all true, the process is interrupted and the n CUs are refused to be received j Generating n position service cryptograms O, otherwise generating position service response SR i,j ={E″ 1 ,E″ 2 ,O 1 ,O 2 ,O 3 ,PI′ cu ,PI″ cu And sends it to the LSP for storage.
8. The location privacy protection method based on collaborative services according to claim 1, wherein in S7, the following detailed description is provided:
S7.1、RU i transmitting a location service search trapdoor st= (PI 'to LSP' ru ,PI″ cu );
S7.2, after receiving ST, LSP calculates N= (PI' cu ) T ·PI′ ru +(PI″ cu ) T ·PI″ ru To judge that N is larger than or equal to TH i ru Whether or not it is.
S7.3 (PI 'if any, which makes the formula true' cu ,PI″ cu ) The service response SR associated therewith is then i,j Sent to RU i ;
9. The location privacy protection method based on collaborative services according to claim 1, wherein in S8, the following detailed description is provided:
s8.1 if there is a user U k Stable RU i CU j In case of malicious behavior, the TA obtains the user U with malicious behavior by calculating the following formula k Private key
S8.2, since TA knows private keyThe corresponding relationship with the user identity can be used for revealing the identity of the user; />
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211650176.2A CN116156489A (en) | 2022-12-21 | 2022-12-21 | Position privacy protection method based on collaborative service |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211650176.2A CN116156489A (en) | 2022-12-21 | 2022-12-21 | Position privacy protection method based on collaborative service |
Publications (1)
Publication Number | Publication Date |
---|---|
CN116156489A true CN116156489A (en) | 2023-05-23 |
Family
ID=86351784
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202211650176.2A Pending CN116156489A (en) | 2022-12-21 | 2022-12-21 | Position privacy protection method based on collaborative service |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN116156489A (en) |
-
2022
- 2022-12-21 CN CN202211650176.2A patent/CN116156489A/en active Pending
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Islam et al. | A robust and efficient password-based conditional privacy preserving authentication and group-key agreement protocol for VANETs | |
CN108964919B (en) | Lightweight anonymous authentication method with privacy protection based on Internet of vehicles | |
Li et al. | Privacy-preserving traffic monitoring with false report filtering via fog-assisted vehicular crowdsensing | |
CN106330910B (en) | Strong secret protection double authentication method in car networking based on node identities and prestige | |
CN109327313A (en) | A kind of Bidirectional identity authentication method with secret protection characteristic, server | |
CN111212084B (en) | Attribute encryption access control method facing edge calculation | |
CN105743888A (en) | Agent re-encryption scheme based on keyword research | |
Xi et al. | ZAMA: A ZKP-based anonymous mutual authentication scheme for the IoV | |
Dharminder et al. | LCPPA: Lattice‐based conditional privacy preserving authentication in vehicular communication | |
CN110730064B (en) | Data fusion method based on privacy protection in crowd sensing network | |
CN111147460A (en) | Block chain-based cooperative fine-grained access control method | |
CN111262834B (en) | Authentication and credibility analysis method, device and system for physical entity | |
Jiang et al. | No one can track you: Randomized authentication in vehicular ad-hoc networks | |
Ahamed et al. | EMBA: An efficient anonymous mutual and batch authentication schemes for vanets | |
CN114390474A (en) | Lightweight two-factor vehicle networking bidirectional anonymous authentication system and method based on BS-PUF | |
Badr et al. | Blockchain-based ride-sharing system with accurate matching and privacy-preservation | |
CN106657002A (en) | Novel crash-proof base correlation time multi-password identity authentication method | |
CN114599028A (en) | Vehicle networking pseudonym management method based on homomorphic encryption mechanism | |
Chen et al. | Privacy‐Preserving Data Aggregation Protocol for Fog Computing‐Assisted Vehicle‐to‐Infrastructure Scenario | |
Xiong et al. | Attribute-based data sharing scheme with flexible search functionality for cloud-assisted autonomous transportation system | |
CN115442048A (en) | VANET-oriented block chain-based anonymous authentication method | |
Zhou et al. | Privacy protection scheme for the Internet of Vehicles based on collaborative services | |
Sun et al. | Anonymous authentication and key agreement scheme combining the group key for vehicular ad hoc networks | |
Mi et al. | NTRU Implementation of Efficient Privacy‐Preserving Location‐Based Querying in VANET | |
CN116506174A (en) | Multi-server data transmission method suitable for Internet of vehicles and supporting user hidden identity |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |