CN117097570B - Cloud chain fusion-based on-board software security distribution identity authentication method - Google Patents

Cloud chain fusion-based on-board software security distribution identity authentication method Download PDF

Info

Publication number
CN117097570B
CN117097570B CN202311354251.5A CN202311354251A CN117097570B CN 117097570 B CN117097570 B CN 117097570B CN 202311354251 A CN202311354251 A CN 202311354251A CN 117097570 B CN117097570 B CN 117097570B
Authority
CN
China
Prior art keywords
software
onboard
owner
airborne
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202311354251.5A
Other languages
Chinese (zh)
Other versions
CN117097570A (en
Inventor
岳猛
段冰艳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Civil Aviation University of China
Original Assignee
Civil Aviation University of China
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Civil Aviation University of China filed Critical Civil Aviation University of China
Priority to CN202311354251.5A priority Critical patent/CN117097570B/en
Publication of CN117097570A publication Critical patent/CN117097570A/en
Application granted granted Critical
Publication of CN117097570B publication Critical patent/CN117097570B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Abstract

The invention provides an airborne software secure distribution identity authentication method based on cloud chain fusion, which comprises the steps of constructing an airborne software cloud chain fusion storage architecture and carrying out airborne software secure distribution identity authentication based on the airborne software cloud chain fusion storage architecture; the airborne software cloud chain fusion storage architecture comprises four types of members: an onboard software owner, a cloud service provider, an intelligent contract, and an onboard software user; the safety distribution identity authentication of the onboard software comprises the following steps: user registration, user key generation, onboard software data uploading, two-factor identity authentication and onboard software distribution. The invention adopts a two-factor authentication method, and the airborne software distribution can be carried out only when the identity of both the airborne software user and the airborne software owner are successfully verified and the qualification of the airplane is verified. The invention not only eliminates the excessive dependence of the airborne software on cloud storage and enables the distribution of the airborne software to be traceable, but also improves the distribution efficiency of the airborne software and enables the attack resistance to be stronger.

Description

Cloud chain fusion-based on-board software security distribution identity authentication method
Technical Field
The invention belongs to the technical field of secure distribution of airborne software, and particularly relates to an identity authentication method for secure distribution of airborne software based on cloud chain fusion.
Background
Currently, an airborne avionics system is developing towards a distributed and integrated mode, and a cloud storage architecture provides a new thought for the development of the avionics system. The cloud storage can effectively relieve the pressure of the physical storage of the airborne software of the avionics system, and the task processing efficiency is high. But as a third party, the centralized architecture causes a plurality of problems such as single-point failure, centralized data storage and the like, and reduces the safety of airborne software distribution. Moreover, currently, the boeing company uses contemporary Internet technology (Internet), wireless fidelity technology (Wi-Fi) and satellite communication technology (SATCOM) to carry out electronic distribution of the onboard software and electronic distribution and wireless transmission of the onboard software of the wireless transmission system, and the process is realized through the PKI digital signature technology, and the digital certificate is distributed and managed by means of CA, so that a certain security risk exists, and the cost is high. Therefore, research on a safe and reliable identity authentication mechanism has important theoretical and practical significance for the distribution of the onboard software.
The current secure distribution of on-board software mainly has the following problems: 1) The airborne software is easy to be illegally accessed at the cloud; 2) Lack of perfect safety distribution identity authentication design of the airborne software; 3) PKI digital signature algorithms in electronic distribution of on-board software face heavy certificate management problems.
Disclosure of Invention
In view of the above, the present invention aims to overcome the shortcomings of the prior art, and proposes an on-board software secure distribution identity authentication method based on cloud chain fusion, which combines cloud storage, blockchain, on-board software supply chain and CLS scheme to realize secure and efficient storage and distribution of on-board software through a two-factor authentication scheme.
In order to achieve the above purpose, the technical scheme of the invention is realized as follows:
an airborne software safety distribution identity authentication method based on cloud chain fusion comprises the steps of constructing an airborne software cloud chain fusion storage architecture, and carrying out airborne software safety distribution identity authentication based on the airborne software cloud chain fusion storage architecture; wherein,
the airborne software cloud chain fusion storage architecture comprises four types of members: an onboard software owner, a cloud service provider, an intelligent contract, and an onboard software user;
the onboard software owner comprises a provider and an airline company operation center and is used for uploading virtual identities of the provider to a blockchain to obtain partial keys and identity certificates, and after a legal key pair is generated and verified, the onboard software owner signs the onboard software data and uploads the signed data to the cloud service provider;
the cloud service provider is used for storing the airborne software data uploaded by the airborne software owner and providing a distribution service of corresponding airborne software for legal airborne software users;
the intelligent combination is a code deployed on the blockchain node and is used for generating a part of secret keys, issuing and verifying identification certificates and authenticating the identity of airborne software;
the onboard software user is used for sending an onboard software distribution request to the blockchain, and corresponding onboard software can be downloaded if the identity authentication is successful;
the method for carrying out the safety distribution identity authentication of the onboard software based on the cloud chain fusion storage architecture of the onboard software comprises the following steps: user registration, user key generation, airborne software data uploading, two-factor identity authentication and airborne software distribution; wherein,
user registration: the owner of the on-board software selects a random number N i ,For integer groups of order q, a time stamp T i And calculates a hash valueObtaining its virtual identity H i= For the virtual identity of the ith user, ID i For the true identity of the on-board software owner, the on-board software owner sends a registration request reg_req (H i ,T i ) Giving intelligent contracts;
user key generation: smart contract verification timestamp T i Querying whether the on-board software owner already exists in the blockchain, returning a rejection if the on-board software owner already exists, otherwise, generating a partial key and returning by the smart contract, and verifying the correctness of the partial key and generating by the on-board software ownerThe complete key pair comprises a public key and a private key, the onboard software owner selects a random number, signature information is generated by using the private key, the onboard software owner sends the random number, the signature information and the public key to the intelligent contract, the intelligent contract verifies the signature by using the public key, if the signature is correct, the intelligent contract issues identity evidence to the onboard software owner, the registration information of the onboard software owner and a summary block of attribute information are uploaded to the blockchain, and otherwise, the intelligent contract returns refusal;
uploading on-board software data: the method comprises the steps that an onboard software owner sends an onboard software data uploading request to an intelligent contract, the intelligent contract stores the request in a legal list, the onboard software data is uploaded to a cloud service provider, the cloud service provider returns a storage address and an index of the onboard software data and a hash value of the onboard software data, the intelligent contract verifies whether the hash value of the onboard software data returned by the cloud service provider is identical to the hash value of the onboard software data provided by the onboard software owner, if so, the uploading of the onboard software data to the cloud service provider is successful, a blockchain stores related uploading log information, otherwise, the uploading of the onboard software data to the cloud service provider fails, and a blockchain broadcasts errors;
two-factor identity authentication and airborne software distribution: the two-factor identity authentication comprises an airborne software user identity authentication and an airplane qualification authentication, when the airborne software user identity authentication is carried out, firstly, the airborne software user sends an airborne software sharing request and signature information thereof to an intelligent contract, the airborne software sharing request comprises an airborne software owner address, an airborne software user identity authentication, an airplane number, a hardware part number, a software part number and a keyword index, secondly, after the intelligent contract verifies the signature, the intelligent contract requests the airborne software owner to acquire the identity authentication thereof, verifies whether the identity authentication of both sides is legal, if the identity authentication of both sides is legal, the airplane qualification authentication is carried out by the rule, otherwise, an error is returned; when the aircraft qualification is verified, the intelligent contract firstly acquires a software document according to the address of the onboard software owner and the keyword index, checks the software part number, checks whether the navigable state of the software meets the standard, acquires the aircraft authorization configuration of the corresponding aircraft number according to the keyword index and the hardware part number in the operation center of the airline company, so that the aircraft is always in the correct software configuration, the two-factor identity authentication mechanism is ended, the onboard software owner decides whether to distribute the onboard software according to the intelligent contract result, if the authorization information is returned, the cloud service provider provides the onboard software download service for the user address of the onboard software, and the intelligent contract saves the shared log into the blockchain account book.
Further, different types of onboard software owners have different attributes, and attribute information of the onboard software owners is stored in a manner of on-chain and off-chain: specific attribute information is stored under the chain, and attribute abstract block information of an onboard software owner is stored on the chain.
Further, the storage mode of the on-board software application key value pair is stored in the cloud service provider.
Further, in the process of generating the user key, the intelligent contract generates a part of the key through an improved CLS scheme and returns the part of the key, which specifically comprises the following steps: initializing, generating partial key, generating signature and verifying signature; wherein,
initializing: the administrator selects the security parameter k and,acquiring an addition group E with the order of q and a generation element G of the group, executing the initialization of the intelligent contract to complete the system, selecting a random number s as a system master key by the intelligent contract,and calculate P KGC =sG,P KGC For the system public key, the master key is private, and the smart contract generates system parameters { a, b, q, G, E, P KGC ' a, b are elliptic curve equation Y 2 =X 3 Parameters of +ax+b define three hash functions::, : , :
partial key generation: the owner of the onboard software generates a virtual identity mark by H i Representing the virtual identity of the ith user and calculating, -Send {Intelligent contract, intelligent contract calculationWhether the obtained parameter result is identical to the obtained parameter H i If the key is consistent, the intelligent contract calls a partial key generation function to generate a partial key;
and (3) key generation: on-board software owner calculation,f i Is part of the private key d generated by the smart contract i And virtual identity H i Exclusive or, the onboard software owner receives f i Re-exclusive or obtaining d i By calculating equationsWhether or not it is established to prove the verifiability of the partial key, F i Is an intermediate parameter, and the owner of the onboard software selects the random number x i As its secret value and calculateThe onboard software owner calculates its private keyPublic key
Signature generation: on-board software owner selects a random number u i ,And calculateT is a time stamp, and the onboard software owner calculates
=(|||||||||||||| ||||||||) Andthe abscissa of the point G is given by,is the ordinate of the G point, x pi Is the abscissa of the public key, y pi Is the ordinate of the public key, h i As an intermediate parameter, u i Is a random number; h L For the length of the virtual identity,, is P KGC Asd, horizontal and vertical coordinates of (2) i On-board software data for the ith owner; the on-board software data asd sent to the on-board software user i Signature resultsWhen the user of the airborne software receives the information sent by the owner of the airborne software, checking the freshness of the timestamp T, and then verifying the signature information;
signature verification: machine for making foodThe software-carrying user firstly obtains the common parameters and W of the system from the blockchain i Calculation of
=(||||||||||||||||||||||) And=(||||||||||||||||||) Wherein, the method comprises the steps of, wherein,as an intermediate parameter W i Is defined by the transverse axis of (c),as an intermediate parameter W i Is then passed by the on-board software user through the equationWhether or not it is true verifies the correctness of the generated signature, wherein,=(||||||||||||||||||) Is an intermediate parameter.
Compared with the prior art, the cloud chain fusion-based on-board software secure distribution identity authentication method has the following advantages:
1. the invention adopts a two-factor authentication method, and the airborne software distribution can be carried out only when the identity of both the airborne software user and the airborne software owner are successfully verified and the qualification of the airplane is verified.
2. The CLS scheme designed by the invention replaces KGC with intelligent contracts, and solves the problem of complicated certificate management of PKI scheme in the field of airborne software distribution in the airborne software distribution process.
3. The scheme of the invention not only eliminates the excessive dependence of the airborne software on cloud storage, so that the distribution of the airborne software is traceable, but also improves the distribution efficiency of the airborne software, and the attack resistance is stronger.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the invention. In the drawings:
FIG. 1 is a schematic diagram of an onboard software cloud chain fusion storage architecture of the present invention;
FIG. 2 is a schematic diagram of provider attribute information according to the present invention;
FIG. 3 is a schematic diagram of attribute information of an airline operations center according to the present invention;
FIG. 4 is a diagram of summary block information according to the present invention;
FIG. 5 is a schematic representation of an identification card of the present invention;
FIG. 6 is a schematic diagram of uploading on-board software data to a cloud service provider according to the present invention;
FIG. 7 is a schematic diagram of an authentication mechanism according to the present invention;
FIG. 8 is a schematic diagram of a share certificate smart contract of the present invention;
FIG. 9 is a schematic diagram of a partial key generation smart contract of the present invention;
FIG. 10 is a schematic diagram of an improved CLS scheme of the present invention;
FIG. 11 is a schematic diagram of an informal security comparison of the present invention;
FIG. 12 is a schematic diagram of overhead costs for various operations of the present invention;
FIG. 13 is a schematic diagram of a signature verification overhead comparison of the present invention;
FIG. 14 is a diagram illustrating a comparison of overall computational overhead in accordance with the present invention;
fig. 15 is a schematic diagram illustrating communication overhead comparison according to the present invention.
Detailed Description
It should be noted that, without conflict, the embodiments of the present invention and features of the embodiments may be combined with each other.
In the description of the present invention, it should be understood that the terms "center", "longitudinal", "lateral", "upper", "lower", "front", "rear", "left", "right", "vertical", "horizontal", "top", "bottom", "inner", "outer", etc. indicate orientations or positional relationships based on the orientations or positional relationships shown in the drawings, are merely for convenience in describing the present invention and simplifying the description, and do not indicate or imply that the devices or elements referred to must have a specific orientation, be configured and operated in a specific orientation, and thus should not be construed as limiting the present invention. Furthermore, the terms "first," "second," and the like, are used for descriptive purposes only and are not to be construed as indicating or implying a relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defining "a first", "a second", etc. may explicitly or implicitly include one or more such feature. In the description of the present invention, unless otherwise indicated, the meaning of "a plurality" is two or more.
In the description of the present invention, it should be noted that, unless explicitly specified and limited otherwise, the terms "mounted," "connected," and "connected" are to be construed broadly, and may be either fixedly connected, detachably connected, or integrally connected, for example; can be mechanically or electrically connected; can be directly connected or indirectly connected through an intermediate medium, and can be communication between two elements. The specific meaning of the above terms in the present invention can be understood by those of ordinary skill in the art in a specific case.
The invention will be described in detail below with reference to the drawings in connection with embodiments.
The invention provides an on-board software secure distribution identity authentication method based on cloud chain fusion, wherein the overall authentication architecture is shown in fig. 1 and comprises an on-board software cloud chain fusion storage architecture and an on-board software secure distribution identity authentication mechanism.
The airborne software cloud chain fusion storage architecture comprises four types of members: on-board software owners, cloud service providers, smart contracts, and on-board software users.
On-board software owner: the on-board software owners may be suppliers and airline operations centers. The onboard software owner uploads its virtual identity to the blockchain to obtain a partial key and identification. And generating and verifying a legal public and private key, signing the airborne software data by the airborne software owner, and uploading the signed airborne software data to the cloud. In the invention, different types of onboard software owners have different attributes, and the attribute information of the onboard software owners adopts a mode of on-chain-off-chain storage: the specific attribute information is stored under the chain as shown in fig. 2 and 3. The attribute summary block information of the onboard software owner is stored on the chain as shown in fig. 4.
Cloud service provider: for storing the onboard software data uploaded by the onboard software owner and for providing a distribution service of the corresponding onboard software for legitimate onboard software users.
Intelligent contract: the intelligent contract is a code deployed on the blockchain node for generating partial keys, issuing and verifying identification certificates, on-board software identification certificates and the like.
On-board software user: and the onboard software user sends an onboard software distribution request to the blockchain, and the corresponding onboard software can be downloaded if the identity authentication is successful.
The on-board software identity authentication mechanism comprises four parts: user registration, user key generation, onboard software data uploading, two-factor identity authentication and onboard software distribution.
User registration: to protect the true identity of an on-board software ownerThe onboard software owner selects a random number Ni,a time stampAnd calculates a hash valueObtaining virtual identity thereof. The onboard software owner sends a registration requestTo a smart contract.
User key generation: smart contract verification time stampQuery whether the on-board software owner already exists in the blockchain. If the onboard software owner already exists, a denial is returned, otherwise the smart contract generates a partial public-private key for it via the modified CLS scheme and returns. The onboard software owner verifies the correctness of the partial key and generates a complete key pair. The onboard software owner selects a random number and generates signature information using a private key. The onboard software owner sends the random number, signature information, and public key to the smart contract. The smart contract verifies the signature using the public key. If the signature is correct, the intelligent contract issues an identification to the onboard software owner, and the registration information of the onboard software owner and the summary block of the attribute information are uploaded to the blockchain. Otherwise, the smart contract will return a rejection. The on-board software identification is shown in fig. 5.
Uploading on-board software data: the onboard software owner sends an onboard software data upload request to the smart contract, which saves the request to the legal list. The onboard software is uploaded to a cloud service provider, which returns the storage address, index, and hash value of the onboard software data. The intelligent contract verifies whether the hash value of the airborne software data returned by the cloud is the same as the hash value of the airborne software data provided by the airborne software owner, if so, the airborne software is successfully uploaded to the cloud service provider, the blockchain stores related uploading log information, and otherwise, the uploading to the cloud service provider fails, and the blockchain broadcasts errors. Uploading of on-board software data to a cloud service provider design is shown in fig. 6.
Two-factor identity authentication and airborne software distribution: the two-factor identity authentication consists of two parts, namely, on-board software user identity authentication and airplane qualification verification. First, the onboard software user sends an onboard software sharing request (onboard software owner address, onboard software user identification, aircraft number, hardware part number, software part number, key index) and signature information thereof to the smart contract. Secondly, after the signature is verified by the intelligent contract, the owner of the airborne software is requested to acquire the identity of the owner, whether the identity of both sides is legal or not is verified, if the identity of both sides is legal, the aircraft qualification is verified, otherwise, an error is returned. When the aircraft qualification is verified, the intelligent contract firstly acquires a software document according to the address of the owner of the airborne software and the keyword index, checks the part number of the airborne software, checks whether the navigable state of the software meets the standard, and acquires the aircraft authorization configuration of the corresponding aircraft number according to the keyword index and the hardware part number in the operation center of the airline company, so that the aircraft is always in the correct software configuration. So far, the two-factor identity authentication mechanism is ended, the onboard software owner decides whether to distribute the onboard software according to the intelligent contract result, if the authorization information is returned, the cloud end provides the onboard software download service for the user address of the onboard software, and the intelligent contract stores the shared log into the blockchain ledger. The on-board software security distribution identity authentication mechanism is shown in fig. 7, and the intelligent contract for identity authentication is shown in fig. 8.
The invention uses an improved CLS scheme to perform signature and verification in the airborne software secure distribution identity authentication method. The scheme uses intelligent contracts to replace KGC functions in the traditional CLS, eliminates excessive dependence on a centralization mechanism, and reduces cost through improvement of signature and verification algorithms.
The scheme consists of 5 parts: initialization (Setup), partial key generation (Partial Key Generation), key generation (Public/Private Key Generation), signature generation (Signature Generation), and signature verification (Signature Verification).
Initializing: the administrator selects the security parameter k and,acquiring an addition group E with the order of q and a generation element G of the group, executing the initialization of the intelligent contract to complete the system, selecting a random number s as a system master key by the intelligent contract,and calculate P KGC =sG,P KGC For the system public key, the master key is private, and the smart contract generates system parameters {,,q,G,E,P KGC ' a, b are elliptic curve equation Y 2 =X 3 Parameters of +ax+b define three hash functions::, : , :
partial key generation: on-board software owner generation of virtual identityAnd calculate, -. Send {-give smart contracts.
Smart contract computing
. Comparing the calculated resultsSum { overs (S)Provided in }If the two are the same, the following operation is performed, otherwise, an error is returned. The smart contract invokes the partial key generation function to generate a partial key, as shown in fig. 9.
And (3) key generation: on-board software owner calculationBy calculating equationsWhether or not it is established to prove the verifiability of the partial key. On-board software owner selection of random numbersAs its secret value and calculate. The onboard software owner calculates its private keyPublic key
Signature generation: on-board software owner selection of random numbersAnd calculate. T is a time stamp, on-board software owner calculation=(|||||||||||||| ||||||||) Anddata of the onboard software sent to the onboard software userSignature results. When the user of the onboard software receives the information sent by the owner of the onboard software, the freshness of the timestamp T is checked first, and then the signature information is verified.
Signature verification: the on-board software user first obtains the system public parameters and values from the blockchainCalculation of
=(||||||||||||||||||||||) And
=(||||||||||||||||||). The onboard software user then passes the equationWhether or not it is true verifies the correctness of the generated signature.
The present invention assumes that the on-board software user is an airline (Al), and the CLS scheme described above is shown in fig. 10.
The performance of the inventive protocol is verified experimentally below.
Security analysis
Correctness: after the onboard software user Al receives the signature result of the corresponding onboard software data, al verifies the correctness of the signature by the calculation formula (1).
;(1)
Wherein,is an integer;
verifiability: after receiving the partial key generated by the intelligent sum, the onboard software owner verifies the correctness of the partial key through a calculation formula (2).
(2)
Formal security analysis: we propose a series of theorem proving the safety of the inventive solution. The result shows that the method of the invention can resist class I attackerAnd class II aggressors
Security definition 1: class I attacker if for any Probability Polynomial Time (PPT)The signature forging advantages of the method are negligible, so that the protocol provided by the invention can defend class I attackers.
Class I attacker: suppose challenger C desires to attack from type I classPerson(s)Supported and crack ECDLP with non-negligible advantage, class I attackerHas the following capabilities.
1)The PublicKey cannot be queried using the input Hi, which is the virtual identity of the i-th user that is challenged.
2)The SecretValue cannot be queried using the input Hi, which is the virtual identity of the i-th user that is challenged.
3) The Sign list does not include (asdi, hi)),is the challenged i-th owner's on-board software data.
And (3) proving: to prove security definition 1, the present invention simulates a class I attackerChallenger C breaking the protocol. And meanwhile, converting the target of the forged signature into solving ECDLP, namely solving the secret value s.
The challenger C inputs the security parameter k to generate a system parameter list params, selects a secret value s as a master key, calculates PKGC=sG, and finally returns all parameters except s to the challenger C
H 2 C querying local listExists in the presence ofReturning to C, otherwise, C calculates (||||||||||||||||||) Will be%, , , , , , , ) Is stored inIn (C) will beReturn to
C first inquiring listExists in the presence ofReturning to C, otherwise, C calculates=(|||||||||||||| ||||||||) Will be%, , , , , , , ) Is stored inIn (C) will beReturn to
C first querying public Key ListWhether or not there isIf present returnOtherwise, C queries the listAcquisition ofSelecting a random numberCalculation ofWill be%, , ) Is stored inIn the list, C willReturn to
C is first atFind in list, ). If present, C returnsFeeding of. Otherwise, C will callAcquisition ofAndcalculation of= (+) Save and return to
Random numberAs a secret value the value of the secret,contains secret valueC queryList if it can find the correct oneThen it is arrangedReturning to C. Otherwise, C selects a random numberAs a secret value, and calculate. C query listAcquisition ofCalculation ofPreservation of, , ) At the position ofIn the list, C willReturn to
, , C searchInquiring about the corresponding%, , ) Will beAndreplaced byAnd
, c, firstly inquiringList, if notC query listAcquisition of. C calculationSelecting a random numberCalculation of=,-Will be,Save toIn the list, C returnsFeeding of
. To%, ) Through a different pathOperation generates two counterfeit signatures,And,if the counterfeit signature is valid, two equations should be satisfied:
two-type simultaneous subtraction can be obtained
From the above equation, the attacker's forgery signature is against ECDLP assumption, so the signature cannot be attacked by class ICounterfeiting.
Security definition 2: in the stochastic predictive model, if for any Probability Polynomial Time (PPT), class II aggressorsThe signature forging advantages of (2) are negligible, and the protocol proposed by the invention can defend class II attackers.
Class II attacker: class II attackerClass I attackerCompared with the prior art with the removalInquiry(s),Inquiry(s),All interrogation capabilities outside of the interrogation.
And (3) proving: due toWith master key theftFrom the above analysis, it is clear that,the legal signature of the challenged user can be successfully forged. However, it is necessary to forge the signature before forging itIn the protocol, the data of the protocol,the generation of (1) is generated by smart contracts, and the tamper-proof function of the blockchain renders this operation almost impossible, so our protocol is true for security definition 2.
Security definition 3: if class I attackerAnd class II aggressorsThe overall probability of (c) is negligible and the scheme is shown to be secure under the security model of EUF-CMA.
And (3) proving: as can be seen from the certification results of security definition 1 and security definition 2, both are true, satisfying security definition 3.
Informal security analysis: the invention provides six security attack types, and by analyzing and comparing four existing schemes, the scheme has the highest security, and the informal security performance comparison is shown in figure 11. And v indicates that the scheme satisfies the security type, and x indicates that the scheme does not satisfy the security type.
KGC compromise attack: the general CLS scheme always relies on centralized KGC. Centralized KGC is convenient, but there is also a risk of successful intrusion. To solve this problem, our solution replaces KGC with SC in the federation chain. Because of the decentralization and non-tamper-ability of the blockchain, it can successfully resist KGC compromise attacks.
Internal attack: to successfully forge a legitimate signature in a scheme, all parameters of the signature need to be generated. Many of the parameters in the signature are generated by smart contracts, which are a series of logical codes. Once a smart contract is successfully issued, no one can logically modify other than revocation. Therefore, even an internal person such as an administrator cannot forge a legal signature. Thus, our solution can resist the impact of the inside personnel.
Sybil attack: in this scenario, each on-board software owner has a unique virtual identity in the systemThe identifier being information using its true identityRandom numberAnd (3) generating. Before the smart contract generates the public and private keys of the on-board software owner, it will first verify if the identity of the on-board software owner exists in the federation chain.
Replay attack: replay attacks are most likely to occur during signature verification. If an attacker eavesdrops on the communication channel between the on-board software owner and the on-board software user, all signatures sent by the on-board software owner in that channel may be intercepted by an adversary. When the time stamp parameter is not added in the signing process, an attacker can replay the intercepted signature information to another unnecessary onboard software user for forgery authentication and the like. Thus, in our scheme, we willAdded to=(|||| || |||||||||||||||| ) This is the signature of the ith on-board software dataThen the onboard software user needs to verify the validity of T. So our CLS can prevent potential replay attacks.
Man-in-the-middle attack: conventional solutions assume that the channel between the onboard software owner and the smart contract is secure, and thus there is a potential risk of man-in-the-middle attacks. Moreover, this type of attack often occurs in real scenarios. To prevent all information transmitted in the channel from being eavesdropped and tampered with by an adversary, we use the owner of the on-board softwareElGamal encryption of elliptic curves was constructed. This enables the onboard software owner toIs implicit and virtual unless an adversary breaks the ECDHP. For partial private keyAfter the OR operation is performed,will be returned to the onboard software owner. Thus, the CLS of the present invention may prevent MITM attacks.
Signature forgery attack: according to theorem 1, theorem 2 and theorem 3 in form safety analysis, opponentsThe advantage of falsifying the signature is negligible, and the user of the on-board software can verify the correctness of the signature information through the system parameters. Thus, the CLS of the present invention can prevent signature forgery attacks.
Performance evaluation
The present invention calculates the computational overhead and communication overhead of the scheme and compares it with other schemes in the prior art, wherein,
scheme 1 is:
Wang Y, Zhong H, Xu Y, Cui J, Wu G (2020) Enhanced security identity-based privacy-preserving authentication scheme supporting revocation for vanets. IEEE Syst J 14(4):5373–5383。
scheme 2 is:
G. Thumbur, G. S. Rao, P. V. Reddy, N. Gayathri, and D. R. K. Reddy, “Efficient pairing-free certificateless signature scheme for secure communication in resource-constrained devices,” IEEE Commun. Lett., vol. 24, no. 8, pp. 1641–1645, Aug. 2020。
scheme 3 is:
Q. Mei, H. Xiong, J. Chen, M. Yang, S. Kumari and M. K. Khan, "Efficient Certificateless Aggregate Signature With Conditional Privacy Preservation in IoV," in IEEE Systems Journal, vol. 15, no. 1, pp. 245-256, March 2021, doi: 10.1109/JSYST.2020.2966526。
scheme 4 is:
Z. Xu, M. Luo, M. K. Khan, K. K. R. Choo, and D. He, “Analysis and improvement of a certificateless signature scheme for resource-constrained scenarios,” IEEE Commun. Lett., vol. 25, no. 4, pp. 1074–1078, Apr. 2021。
elliptic curve in finite field for use in communication and cost calculationThe method comprises the following steps:whereinAndis a prime number of 160 bits. In this experiment, the present invention executed MIRACLE library and Crypto++ library on a virtual machine with Ubuntu 18.04.6 LTS operating system, which was built on a physical machine with Intel (R) Core (TM) i3-6320 CPU@3.90GHz and 8GB RAM.
The computational cost refers to the sum of the time taken to use a series of arithmetic operations in the signing process. Thus, as shown in FIG. 12, to more accurately describe the computational cost, the present invention describes the time spent for each operation in the signing process. Wherein,representing 1 elliptic curve point multiplication operation,for a 1-time hash algorithm,for a modular multiplication operation of 1 time,for a 1-time modulo subtraction operation,is added by 1 elliptic curve point,1 time of elliptic curve point subtraction operation,is a number of modulo addition operations of 1,for a mapping to point hash function operation of 1 time,for 1 bilinear modular multiplication operation,is a 1-time bilinear operation.
The calculation overhead results are shown in table 1, and in the scheme, 1 elliptic curve point multiplication operation, 1 hash algorithm, 1 modular multiplication operation and 1 modular subtraction operation are needed in the signing process, and 3 elliptic curve point multiplication operations, 2 hash algorithm operations, 2 elliptic curve point addition operations and 1 elliptic curve point subtraction operation are needed in the verification process, so that the total cost of the scheme is 0.891ms.
TABLE 1
The calculation overhead is compared with that shown in fig. 13 and 14.
Communication overhead: let us assume that the length of the point in the addition group E is 160 bits when calculating the communication overhead, whenThe length of the digit is 80 bits.
As shown in Table 2, the CLS scheme of the present invention has signature length ofScheme 1 has a signature length ofScheme 2 has a signature length ofScheme 3Signature length isScheme 4 has a signature length of. The communication overhead comparison is shown in fig. 15.
TABLE 2
From the comparison, it can be seen that our scheme is shorter in signature length than scheme 3. The solution of the invention is generally optimal through the foregoing security analysis and computational overhead comparison.
The foregoing description of the preferred embodiments of the invention is not intended to be limiting, but rather is intended to cover all modifications, equivalents, alternatives, and improvements that fall within the spirit and scope of the invention.

Claims (4)

1. An on-board software safety distribution identity authentication method based on cloud chain fusion is characterized in that: constructing an onboard software cloud chain fusion storage architecture, and carrying out onboard software safety distribution identity authentication based on the onboard software cloud chain fusion storage architecture; wherein,
the airborne software cloud chain fusion storage architecture comprises four types of members: an onboard software owner, a cloud service provider, an intelligent contract, and an onboard software user;
the onboard software owner comprises a provider and an airline company operation center and is used for uploading virtual identities of the provider to a blockchain to obtain partial keys and identity certificates, and after a legal key pair is generated and verified, the onboard software owner signs the onboard software data and uploads the signed data to the cloud service provider;
the cloud service provider is used for storing the airborne software data uploaded by the airborne software owner and providing a distribution service of corresponding airborne software for legal airborne software users;
the intelligent combination is a code deployed on the blockchain node and is used for generating a part of secret keys, issuing and verifying identification certificates and authenticating the identity of airborne software;
the onboard software user is used for sending an onboard software distribution request to the blockchain, and corresponding onboard software can be downloaded if the identity authentication is successful;
the method for carrying out the safety distribution identity authentication of the onboard software based on the cloud chain fusion storage architecture of the onboard software comprises the following steps: user registration, user key generation, airborne software data uploading, two-factor identity authentication and airborne software distribution; wherein,
user registration: the owner of the on-board software selects a random number N i ,,/>For integer groups of order q, a time stamp T i And calculates the hash value +.>Obtaining its virtual identity H i ,/>=/>For the virtual identity of the ith user, ID i For the true identity of the on-board software owner, the on-board software owner sends a registration request reg_req (H i ,T i ) Giving intelligent contracts;
user key generation: smart contract verification timestamp T i Querying whether the on-board software owner already exists in the blockchain, returning a rejection if the on-board software owner already exists, otherwise, the smart contract generating a partial key and returning, the on-board software owner verifying the correctness of the partial key and generating a complete key pair, including a public key and a private key,the onboard software owner selects a random number, generates signature information by using a private key, sends the random number, the signature information and a public key to the intelligent contract, the intelligent contract verifies the signature by using the public key, if the signature is correct, the intelligent contract issues identification to the onboard software owner, the registration information of the onboard software owner and a summary block of attribute information are uploaded to a blockchain, otherwise, the intelligent contract returns rejection;
uploading on-board software data: the method comprises the steps that an onboard software owner sends an onboard software data uploading request to an intelligent contract, the intelligent contract stores the request in a legal list, the onboard software data is uploaded to a cloud service provider, the cloud service provider returns a storage address and an index of the onboard software data and a hash value of the onboard software data, the intelligent contract verifies whether the hash value of the onboard software data returned by the cloud service provider is identical to the hash value of the onboard software data provided by the onboard software owner, if so, the uploading of the onboard software data to the cloud service provider is successful, a blockchain stores related uploading log information, otherwise, the uploading of the onboard software data to the cloud service provider fails, and a blockchain broadcasts errors;
two-factor identity authentication and airborne software distribution: the two-factor identity authentication comprises an airborne software user identity authentication and an airplane qualification authentication, when the airborne software user identity authentication is carried out, firstly, the airborne software user sends an airborne software sharing request and signature information thereof to an intelligent contract, the airborne software sharing request comprises an airborne software owner address, an airborne software user identity authentication, an airplane number, a hardware part number, a software part number and a keyword index, secondly, after the intelligent contract verifies the signature, the intelligent contract requests the airborne software owner to acquire the identity authentication thereof, verifies whether the identity authentication of both sides is legal, if the identity authentication of both sides is legal, the airplane qualification authentication is carried out by the rule, otherwise, an error is returned; when the aircraft qualification is verified, the intelligent contract firstly acquires a software document according to the address of the onboard software owner and the keyword index, checks the software part number, checks whether the navigable state of the software meets the standard, acquires the aircraft authorization configuration of the corresponding aircraft number according to the keyword index and the hardware part number in the operation center of the airline company, so that the aircraft is always in the correct software configuration, the two-factor identity authentication mechanism is ended, the onboard software owner decides whether to distribute the onboard software according to the intelligent contract result, if the authorization information is returned, the cloud service provider provides the onboard software download service for the user address of the onboard software, and the intelligent contract saves the shared log into the blockchain account book.
2. The cloud chain fusion-based on-board software secure distribution identity authentication method as claimed in claim 1, wherein the method is characterized by comprising the following steps: different types of onboard software owners have different attributes, and attribute information of the onboard software owners is stored in a manner of on-chain and off-chain: specific attribute information is stored under the chain, and attribute abstract block information of an onboard software owner is stored on the chain.
3. The cloud chain fusion-based on-board software secure distribution identity authentication method as claimed in claim 1, wherein the method is characterized by comprising the following steps: the storage mode of the on-board software application key value pair is stored in the cloud service provider.
4. The cloud chain fusion-based on-board software secure distribution identity authentication method as claimed in claim 1, wherein the method is characterized by comprising the following steps: in the process of generating the user key, the intelligent contract generates a part of key through an improved CLS scheme and returns the part of key, and the intelligent contract specifically comprises the following steps: initializing, generating partial key, generating signature and verifying signature; wherein,
initializing: the administrator selects the security parameter k and,acquiring an addition group E with the order of q and a generation element G of the group, executing the initialization of the intelligent contract completion system, selecting a random number s as a system master key by the intelligent contract, and performing +_>And calculate P KGC =sG,P KGC For the system public key, the master key is privateIn (c) the smart contract generation system parameter { }>,/>,q,G,E,P KGC ' a, b are elliptic curve equation Y 2 =X 3 Parameters of +ax+b define three hash functions:
:/>, />: />, />:/>
partial key generation: the owner of the onboard software generates a virtual identity mark by H i Representing the virtual identity of the ith user and calculating, />-/>Send {>,/>,/>Intelligent contract, intelligent contract calculationWhether the obtained parameter result is identical to the obtained parameter H i If the key is consistent, the intelligent contract calls a partial key generation function to generate a partial key;
and (3) key generation: on-board software owner calculation,f i Is part of the private key d generated by the smart contract i And virtual identity H i Exclusive or, the onboard software owner receives f i Re-exclusive or obtaining d i By calculating equation->Whether or not it is established to prove the verifiability of the partial key, F i Is an intermediate parameter, and the owner of the onboard software selects the random number x i As its secret value and calculate +.>,/>The onboard software owner calculates his private key +.>Public key
Signature generation: on-board software owner selects a random number u i ,And calculate +.>T is a time stamp, and the onboard software owner calculates
=/>(/>||/>||/>||/>||/>||/>||/>|| />||/>||/>||/>||/>) And,/>is the abscissa of the G point, +.>Is the ordinate of the G point, x pi Is the abscissa of the public key, y pi Is the ordinate of the public key, h i As an intermediate parameter, u i Is a random number; h L For the length of the virtual identity +.>, />Is P KGC Asd, horizontal and vertical coordinates of (2) i On-board software data for the ith owner; the on-board software data asd sent to the on-board software user i And signature result +.>When the user of the airborne software receives the information sent by the owner of the airborne software, checking the freshness of the timestamp T, and then verifying the signature information;
signature verification: the user of the onboard software firstly obtains the common parameters and W of the system from the blockchain i Calculation of
=/>(/>||/>||/>||/>||/>||/>||/>||/>||/>||/>||/>||/>) And->=/>(/>||/>||/>||/>||/>||/>||/>||/>||/>||/>) Wherein->As an intermediate parameter W i Is>As an intermediate parameter W i Is then passed by the on-board software user through the equationWhether or not it is established to verify the correctness of the generated signature, wherein +.>=/>(/>||||/>||/>||/>||/>||/>||/>||/>||/>) Is an intermediate parameter.
CN202311354251.5A 2023-10-19 2023-10-19 Cloud chain fusion-based on-board software security distribution identity authentication method Active CN117097570B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311354251.5A CN117097570B (en) 2023-10-19 2023-10-19 Cloud chain fusion-based on-board software security distribution identity authentication method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311354251.5A CN117097570B (en) 2023-10-19 2023-10-19 Cloud chain fusion-based on-board software security distribution identity authentication method

Publications (2)

Publication Number Publication Date
CN117097570A CN117097570A (en) 2023-11-21
CN117097570B true CN117097570B (en) 2023-12-29

Family

ID=88780164

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311354251.5A Active CN117097570B (en) 2023-10-19 2023-10-19 Cloud chain fusion-based on-board software security distribution identity authentication method

Country Status (1)

Country Link
CN (1) CN117097570B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018081583A1 (en) * 2016-10-27 2018-05-03 Infinitekey, Inc. System and method for authenticating and authorizing devices
CN110690959A (en) * 2019-08-26 2020-01-14 西安电子科技大学 Unmanned aerial vehicle safety certifiable information communication processing method based on cloud platform
CN113162768A (en) * 2021-02-24 2021-07-23 北京科技大学 Intelligent Internet of things equipment authentication method and system based on block chain
CN115955489A (en) * 2023-03-15 2023-04-11 中国民航大学 Cloud storage-oriented onboard software possession proving method
CN116566660A (en) * 2023-04-21 2023-08-08 石家庄铁道大学 Identity authentication method based on medical block chain

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10157264B2 (en) * 2015-03-20 2018-12-18 The Boeing Company Aircraft medical management system
US10148653B2 (en) * 2016-12-14 2018-12-04 The Boeing Company Authenticating an aircraft data exchange using detected differences of onboard electronics

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018081583A1 (en) * 2016-10-27 2018-05-03 Infinitekey, Inc. System and method for authenticating and authorizing devices
CN110690959A (en) * 2019-08-26 2020-01-14 西安电子科技大学 Unmanned aerial vehicle safety certifiable information communication processing method based on cloud platform
CN113162768A (en) * 2021-02-24 2021-07-23 北京科技大学 Intelligent Internet of things equipment authentication method and system based on block chain
CN115955489A (en) * 2023-03-15 2023-04-11 中国民航大学 Cloud storage-oriented onboard software possession proving method
CN116566660A (en) * 2023-04-21 2023-08-08 石家庄铁道大学 Identity authentication method based on medical block chain

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
武传坤 ; .物联网安全关键技术与挑战.密码学报.2015,(第01期),全文. *
物联网安全关键技术与挑战;武传坤;;密码学报(第01期);全文 *

Also Published As

Publication number Publication date
CN117097570A (en) 2023-11-21

Similar Documents

Publication Publication Date Title
Eddine et al. EASBF: An efficient authentication scheme over blockchain for fog computing-enabled internet of vehicles
Alharthi et al. A privacy-preservation framework based on biometrics blockchain (BBC) to prevent attacks in VANET
Han et al. eCLAS: An efficient pairing-free certificateless aggregate signature for secure VANET communication
Shen et al. Blockchain-based lightweight certificate authority for efficient privacy-preserving location-based service in vehicular social networks
CN108632820B (en) Identity-based anonymous authentication method in vehicle-mounted ad hoc network
Wazid et al. Fortifying smart transportation security through public blockchain
CN109359464B (en) Wireless security authentication method based on block chain technology
CN110022542A (en) A kind of anonymous authentication method of the modified based on condition secret protection
George et al. Secure identity management framework for vehicular ad-hoc network using blockchain
Qi et al. A privacy-preserving authentication and pseudonym revocation scheme for VANETs
Xue et al. A distributed authentication scheme based on smart contract for roaming service in mobile vehicular networks
Sadri et al. A lightweight anonymous two‐factor authentication protocol for wireless sensor networks in Internet of Vehicles
Li et al. Lattice-based conditional privacy-preserving authentication protocol for the vehicular ad hoc network
Cahyadi et al. A certificateless aggregate signature scheme for security and privacy protection in VANET
CN114125773A (en) Vehicle networking identity management system and management method based on block chain and identification password
Zeng et al. Mix-context-based pseudonym changing privacy preserving authentication in VANETs
Kumar et al. VChain: efficient blockchain based vehicular communication protocol
Tomar et al. BCAV: Blockchain-based certificateless authentication system for vehicular network
CN115580488A (en) Vehicle-mounted network message authentication method based on block chain and physical unclonable function
Subramani et al. Blockchain-based physically secure and privacy-aware anonymous authentication scheme for fog-based VANETs
Kumar et al. EIoVChain: towards authentication and secure communication based blockchain for internet of vehicles (IoV)
Yang et al. Cryptanalysis of an efficient and secure certificateless aggregate signature-based authentication scheme for vehicular ad hoc networks
Sun et al. Anonymous authentication and key agreement scheme combining the group key for vehicular ad hoc networks
CN117097570B (en) Cloud chain fusion-based on-board software security distribution identity authentication method
Sharma et al. Secure authentication and session key management scheme for Internet of Vehicles

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant