CN117979284A - Message encryption transmission method and transmission device - Google Patents

Message encryption transmission method and transmission device Download PDF

Info

Publication number
CN117979284A
CN117979284A CN202410213576.XA CN202410213576A CN117979284A CN 117979284 A CN117979284 A CN 117979284A CN 202410213576 A CN202410213576 A CN 202410213576A CN 117979284 A CN117979284 A CN 117979284A
Authority
CN
China
Prior art keywords
vehicle
message
key
digital certificate
sent
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202410213576.XA
Other languages
Chinese (zh)
Inventor
罗玉聪
陈波
李杨
苏星溢
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chongqing Selis Phoenix Intelligent Innovation Technology Co ltd
Original Assignee
Chongqing Selis Phoenix Intelligent Innovation Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chongqing Selis Phoenix Intelligent Innovation Technology Co ltd filed Critical Chongqing Selis Phoenix Intelligent Innovation Technology Co ltd
Priority to CN202410213576.XA priority Critical patent/CN117979284A/en
Publication of CN117979284A publication Critical patent/CN117979284A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/106Packet or message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The application relates to the technical field of information security, and provides a message encryption transmission method and a message encryption transmission device. When the vehicle transmits the information to the verification unit, the digital certificate signature is carried out on the information through the first secret key generated by the attribution signing user server, the second secret key generated by the trusted unit and the pseudonym generated by the vehicle, so that the digital certificate signature algorithm and the encryption algorithm are combined to be applied to identity authentication, the safety of the identity information can be ensured, the calculation cost and the communication cost of the information can be obviously reduced, privacy protection can be realized on the basis of ensuring the integrity and the instantaneity of the information, and the non-repudiation and the non-linking property of the information are ensured.

Description

Message encryption transmission method and transmission device
Technical Field
The present application relates to the field of information security technologies, and in particular, to a message encryption transmission method and a transmission device.
Background
In the field of internet of vehicles (Internet of vehicle, ioV), existing identity authentication methods typically rely on digital certificates provided by certificate authorities (CERTIFICATE AUTHORITY, CA). These certificates are managed by public key infrastructure (Public Key Infrastructure, PKI), and there are problems including complicated certificate management, large communication overhead, strong dependence on CA, and the like.
Disclosure of Invention
In view of the above, the embodiment of the application provides a message encryption transmission method and a transmission device, so as to solve the problems of low safety of vehicle identity authentication and complex certificate management in the prior art.
In a first aspect of an embodiment of the present application, there is provided a message encryption transmission method, including:
Receiving a first key PSK i sent by a home subscriber server, wherein a first key PSK i is generated by the home subscriber server based on public parameters sent by a trusted unit;
Acquiring a unique identifier UID i of the vehicle, and generating a vehicle pseudonym RID i based on the UID i, public parameters and abstract information sent by a home subscriber server;
Acquiring a message to be transmitted, and carrying out digital certificate signing on the message to be transmitted based on a first key PSK i and a vehicle pseudonym RID i to obtain a message data packet containing the digital certificate signature;
And sending the message data packet to the verification unit so that the verification unit verifies the identity of the vehicle.
In a second aspect of the embodiment of the present application, there is provided a message encryption transmission apparatus, including:
A receiving module configured to receive a first key PSK i sent by a home subscriber server, the first key PSK i being generated by the home subscriber server based on public parameters sent by a trusted unit;
An acquisition module configured to acquire a unique identifier UID i of the vehicle, generate a vehicle pseudonym RID i based on the UID i, the public parameters, and the digest information sent by the home subscriber server;
The acquisition module is further configured to acquire a message to be sent, and perform digital certificate signing on the message to be sent based on the first key PSK i and the vehicle pseudonym RID i to obtain a message data packet containing the digital certificate signature;
and the sending module is configured to send the message data packet to the verification unit so that the verification unit verifies the identity of the vehicle.
Compared with the prior art, the embodiment of the application has the beneficial effects that: when the vehicle transmits the message to the verification unit, the digital certificate signature is carried out on the message through the first key generated by the attribution signing user server, the second key generated by the trusted unit and the pseudonym generated by the vehicle, so that the digital certificate signature algorithm and the encryption algorithm are combined to be applied to identity authentication, the safety of the identity information can be ensured, the calculation cost and the communication cost of the message can be obviously reduced, privacy protection can be realized on the basis of ensuring the integrity and the instantaneity of the message, and the non-repudiation and the non-linking property of the message are ensured.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings used in the embodiments or the description of the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a schematic structural diagram of an LTE-V network model according to an embodiment of the present application.
Fig. 2 is a model diagram of replay attacks during internet of vehicles communications.
Fig. 3 is a model diagram of man-in-the-middle attacks during internet of vehicles communication.
Fig. 4 is a flow diagram of a man-in-the-middle attack.
Fig. 5 is a flow chart of a message encryption transmission method according to an embodiment of the present application.
Fig. 6 is a flow chart of another message encryption transmission method according to an embodiment of the present application.
Fig. 7 is a flowchart of a method for verifying an identity of a vehicle by a verification unit according to an embodiment of the present application.
Fig. 8 is a flowchart of an algorithm for defending against replay attacks by adding random numbers according to an embodiment of the present application.
Fig. 9 is a flowchart of another message encryption transmission method according to an embodiment of the present application.
Fig. 10 is a signal interaction diagram of a message encryption transmission method according to an embodiment of the present application.
Fig. 11 is a schematic diagram of a message encryption transmission device according to an embodiment of the present application.
Fig. 12 is a schematic diagram of a message encryption transmission system according to an embodiment of the present application.
Fig. 13 is a schematic diagram of an electronic device according to an embodiment of the present application.
Detailed Description
In the following description, for purposes of explanation and not limitation, specific details are set forth such as the particular system architecture, techniques, etc., in order to provide a thorough understanding of the embodiments of the present application. It will be apparent, however, to one skilled in the art that the present application may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present application with unnecessary detail.
A message encryption transmission method and apparatus according to embodiments of the present application will be described in detail with reference to the accompanying drawings.
As mentioned above, in the IoV area, existing authentication methods typically rely on digital certificates provided by CA. Specifically, the existing vehicle identity authentication method mainly comprises the following steps:
1) PKI-based certificate authentication methods. This method has the following disadvantages: PKI systems require a trusted CA, which can be a single point of failure for the system. In addition, the issuing and management of certificates involves a complex flow, increasing the overhead of the system.
2) Traditional symmetric key exchange methods. This method has the following disadvantages: conventional symmetric key exchange methods have problems in key distribution and management. In large-scale internet of vehicles, the management of keys can become very complex and can lead to system insecurity.
3) An identity authentication method based on an asymmetric key. This method has the following disadvantages: while asymmetric key approaches provide some security, traditional asymmetric key management may become inefficient and costly in large-scale applications in the internet of vehicles.
4) A method of using a pre-shared key. This method has the following disadvantages: the use of pre-shared keys may involve security issues, as pre-sharing and management of keys may be compromised.
In view of this, the embodiment of the application provides an efficient and reliable internet of vehicles certificate-free identity authentication method based on an elliptic curve encryption algorithm (Elliptic Curve Cryptography, ECC). The method firstly improves a conventional internet of vehicles network model and provides a new internet of vehicles network model LTE-V network model.
Fig. 1 is a schematic structural diagram of an LTE-V network model according to an embodiment of the present application. As shown in fig. 1, the LTE-V network model includes a trusted authority (Trusted Authority, TA), a Road Side Unit (RSU), an On Board Unit (OBU), and a home subscriber server (Home Subscriber Server, HSS). The solid double-headed arrow indicates a wired connection, the lightning symbol indicates that the two objects are in direct communication without passing through the intermediate base station, and the dashed double-headed arrow indicates that the two objects are in communication with each other through the intermediate base station. Each OBU periodically (about 100 ms-300 ms) sends traffic related messages to the RSU over the LTE-V network. Thus, the message is transmitted to a traffic management center, or transportation application server, through a secure wired channel for analysis and decision making.
Where the TA is assumed to be a trusted entity and has sufficient computing power and storage capacity. It is responsible for system setup and trust management, and can relate the true identity of the vehicle to information and revoke malicious information.
The HSS is assumed to be trusted and has sufficient computing power and memory space to be responsible for the registration of the vehicle OBUs and RSUs. To prevent non-repudiation, both the TA and HSS may perform condition tracking.
The RSU is assumed to be semi-trusted with insufficient computing power and storage space. RSUs located along roads or at intersections communicate with OBUs within their network coverage using LTE-V units (LTE-V-cells) and with TAs and HSS via wired connections.
OBU is assumed to be untrusted because of its limited computing power and storage space. Allowing it to communicate directly with other OBUs and pedestrians over LTE-V networks and with RSUs over LTE-V-Cell technology.
In the LTE-V network model provided by the embodiment of the present application, if a convenient authentication scheme is provided, the scheme must satisfy privacy protection, authentication and integrity, autonomy, non-repudiation, and attack resistance.
Privacy protection, among others, refers to the privacy that must be protected for an OBU, including identity privacy, unlinkability, and condition traceability. Identity privacy refers to the necessity to protect the real identity and location information of an OBU against illegal access. The attacker and other OBUs must not be able to extract the actual identity and location information of the OBU from the transmitted traffic related messages. Condition traceability means that a trusted entity should be able to extract the identity of misbehaving vehicles in the disputed message and give a corresponding legal penalty. Unlinkability means that no other party than the TA and HSS can track a large number of signed messages to the source.
Authentication and integrity means that the verifier must be able to check the authenticity of a message associated with the traffic to determine that the message is from the intended sender. Furthermore, the integrity of the received message must be investigated to detect any unauthorized modification.
Autonomy means that frequent or permanent contact with the registry must be avoided. The OBU must request the registration parameters from the HSS only once, after which it should be able to communicate using the pseudo-identity and key without interacting with the HSS.
Non-repudiation refers to the OBU having to refuse to send a disputed message after successful authentication and conditional traceability.
By attack resistance is meant that the proposed solution must be able to resist common underlying communication attacks such as replay and Man-in-the-MIDDLE ATTACK, MITM, etc.
Replay attack is also called replay attack, replay attack or freshness attack, which means that an attacker sends a packet received by a target host to achieve the purpose of spoofing a system, and is mainly used in the identity authentication process to destroy the correctness of authentication. Fig. 2 is a model diagram of replay attacks during internet of vehicles communications. As shown in fig. 2, the vehicle transmits its own identity information to the RSU for authentication, but other malicious vehicles may acquire its identity information, and although the identity information is encrypted, an attacker cannot obtain original information of the encrypted information, the RSU may resend the information at a next time point, so that the RSU repeatedly accepts the same information, and makes its judgment incorrect, thereby causing a traffic accident.
In order to make the internet of vehicles system more secure, replay attacks need to be resisted. Common methods of defending against replay attacks include:
1) And adding a password value. The password value of each time in replay attack needs to be different, and the method has the advantages that the two parties do not need to keep time synchronization, and the disadvantage that the used random password value needs to be additionally stored, and the cost of storage and inquiry needs to be saved.
2) Time stamping. The timestamp represents the number of the current time and the replayed timestamp will be relatively far from the current time, which has the advantage that no memory overhead is required, which has the disadvantage that the computer clocks of the communicating parties have to be kept synchronized (the better the synchronization, the less likely it is to be attacked).
3) Adding a running water number. The two parties add an integer which gradually increases in the message, and the replay threat is considered as long as a discontinuous serial number message (too large or too small) is received, so that the method has the advantages of no time synchronization, small stored information quantity and the disadvantage that an attacker obtains the serial number and then counterfeits the data if the message is successfully decrypted.
Man-in-the-middle attack means that an attacker creates independent links with both ends of the communication respectively and exchanges data received by the attacker, so that both ends of the communication consider that the attacker is directly talking to the counterpart through a private connection, but in fact the whole session is completely controlled by the attacker. In man-in-the-middle attacks, an attacker can intercept the calls of both parties and insert new content. Man-in-the-middle attacks are attacks that lack mutual authentication. Most encryption protocols are specialized in incorporating special authentication methods to deter man-in-the-middle attacks. For example, the SSL protocol may verify whether a certificate used by one or both parties participating in the communication is issued by an authoritative trusted digital certificate authority, and may be capable of performing two-way identity authentication.
Fig. 3 is a model diagram of man-in-the-middle attacks during internet of vehicles communication. As shown in fig. 3, there is a malicious third party between the sender and the receiver to steal the requested information so that the sender and the receiver are not in direct communication. The specific man-in-the-middle attack flow is shown in fig. 4, which is a complete man-in-the-middle attack flow:
1) A requests the public key from B but is intercepted by C.
2) C sends a public key request to B.
3) B sends the public key to C.
4) C intercepts the public key of B and then replaces it with its own public key to A.
5) A takes the public key of C as the public key of B and sends the public key of C to B by using the public key of C as encryption information.
6) C, intercepting the encrypted information, and decrypting the encrypted information by using a private key of the user to obtain a plaintext. Meanwhile, the new information is forged, encrypted by the public key of B and sent to B.
7) B obtains the encryption information and decrypts the encryption information by using the private key of the B, so that the information of A can be obtained.
Common methods of defending against man-in-the-middle attacks include:
1) Encryption techniques are used. The communication content is encrypted, so that the communication content can be effectively prevented from being stolen by a middleman.
2) Digital certificates are used. Digital certificates are electronic documents issued by trusted third parties that can be used to verify the identity of a communicating party. The digital certificate can effectively prevent the behavior of impersonating the identity of the man in the middle.
3) Secure socket layer (Secure Socket Layer, SSL) or transport layer security (Transport Layer Security, TLS) protocols are used. SSL and TLS are two commonly used network security protocols that can be used to secure network communications.
4) Virtual private network (Virtual Private Network, VPN) technology is used. The VPN can provide a secure communication channel for users and can effectively prevent man-in-the-middle attacks.
On the basis, the embodiment of the application provides a message encryption transmission method, when a vehicle transmits a message to a verification unit, a digital certificate signature is carried out on the message through a first key generated by a home subscriber server, a second key generated by a trusted unit and a pseudonym generated by the vehicle, so that the digital certificate signature algorithm and the encryption algorithm are combined to be applied to identity authentication, the safety of the identity information can be ensured, the calculation cost and the communication cost of the message can be obviously reduced, and privacy protection and non-repudiation and non-linking performance of the message can be realized on the basis of ensuring the integrity and the instantaneity of the message.
Fig. 5 is a flow chart of a message encryption transmission method according to an embodiment of the present application. The message encryption transmission method of fig. 5 may be performed by the vehicle of fig. 1. As shown in fig. 5, the message encryption transmission method includes the steps of:
In step S501, a first key PSK i transmitted by the home subscriber server is received.
Wherein the first key PSK i is generated by the home subscriber server based on public parameters sent by the trusted unit.
In step S502, a unique identifier UID i of the vehicle is acquired, and a vehicle pseudonym RID i is generated based on UID i, the public parameters, and the digest information transmitted from the home subscriber server.
In step S503, a message to be sent is acquired, and a digital certificate signature is performed on the message to be sent based on the first key PSK i and the vehicular pseudonym RID i, so as to obtain a message data packet containing the digital certificate signature.
In step S504, a message packet is sent to the verification unit to cause the verification unit to verify the identity of the vehicle.
In the embodiment of the present application, the vehicle may first receive the first key PSK i sent by the home subscriber server. The vehicle may receive, via its OBU via the internet of vehicles, the first key PSK i sent by the HSS. The first key PSK i is generated by the HSS based on the common parameters sent by the TA. Further, the OBU may also receive summary information from the HSS.
In the embodiment of the application, the vehicle can also acquire the unique identifier UID i of the vehicle and generate the vehicle pseudonym RID i based on the UID i, the public parameters and the received abstract information. Further, the vehicle may use the first key PSK i and the vehicle pseudonym RID i to digitally sign the message to be sent, resulting in a message packet containing the digital certificate signature. In the message data packet, a message encrypted by using a vehicle key and a digital certificate signature obtained by calculating the digital certificate signature of the message are used. By adopting the mode, the message is encrypted by combining the digital certificate signing algorithm and the encryption algorithm, so that the safety of the identity information is ensured.
In the embodiment of the application, the vehicle can send the generated message data packet of the message to be sent to the verification unit so that the verification unit verifies the message and receives the message after the verification is passed. Wherein the authentication unit may be an RSU.
According to the technical scheme provided by the embodiment of the application, when the vehicle transmits the message to the verification unit, the digital certificate signature is carried out on the message through the first key generated by the attribution signing user server, the second key generated by the trusted unit and the pseudonym generated by the vehicle, so that the digital certificate signature algorithm and the encryption algorithm are combined to be applied to identity authentication, the safety of the identity information can be ensured, the calculation cost and the communication cost of the message can be obviously reduced, and privacy protection and non-repudiation and non-chainability of the message can be realized on the basis of ensuring the integrity and the instantaneity of the message.
In the embodiment of the present application, the common parameters may include a base point P, large prime numbers P and q in an elliptic curve y 2=x3 +ax+ bmodp, a system public key P pub generated by the trusted unit, hash functions h 0、h1、h2 and h 3 selected by the trusted unit, and a time difference function f (t c). Wherein, the base point P epsilon G, G is an addition group with the order q generated by the point P on the elliptic curve, and a, b epsilon F q,Fq is a finite field with the large prime number q; h 0:{0,1}*→Zq,h1:h2:/>h3: {0,1} * represents the set of all possible binary strings, including empty string, →the integer set of mapped symbols, Z q modulo q,/> For a multiplicative group in modulo q, the multiplicative group comprises all integers that are mutually exclusive of q.
That is, TA may define an elliptic curve y 2=x3 +ax+ bmodp and select the base point P. TA random generation, on the other handLet P pub = sP, s be the system private key and P pub be the system public key. The TA may also select 4 hash functions (h 0,h1,h2,h3) for mapping information of different lengths into digests of fixed length. h 0:{0,1}*→Zq represents a mapping or hash function from the binary string set {0,1} to the integer set Zq of modulo q, where h 0 represents the name of the hash function, commonly used to represent the sign of this mapping; {0,1} represents the set of all possible binary strings, including empty strings, which is the input field, i.e. the input accepted by the hash function; arrow representing a mapping or function, indicating the mapping relationship of input to output; zq represents the integer set of modulo q, i.e. the output field of the hash function, which means that the hash function maps the binary string to one element of the integer set in the sense of modulo q.
The TA selection function f (t c) is used to determine the time interval on the network, where tc is the current time, which allows the TA to manage the generation of the vehicle pseudonym. It also selects a random variableTA can be the/>Stored in the TA database, send/>To HSS, and issues the common parameter params= { P, q, P pub,h0,h1,h2,h3,f(tc) }.
In the embodiment of the present application, the first key PSK i is calculated by the home subscriber server using the following formula: wherein A i=αiPi,/> X is an integer randomly generated by the home subscriber server, and
Further ,αi=h1(x,UIDi,Ppub),βi=h1(IDi,UIDi,params,Tpub),, wherein params is a common parameter, params= { P, q, P pub,h0,h1,h2,h3,f(tc)},IDi is a vehicle identification, T pub =xp.
Further, the summary information sent by the home subscriber server includes first summary information, where the first summary information includes K i and Λ i; wherein, the K i=βiAi is used for preparing the high-voltage power supply, Representing a set of hash functions with ID i information.
That is, unlike the conventional scheme, the keys of the vehicle in the embodiment of the present application are not all generated by the TA, but are generated in part by the TA and in part by the vehicle itself. The process of generating the partial secret key by the vehicle is as follows:
The vehicle OBU selects a unique identifier UID i of the vehicle, which UID i may be, for example, registration information of the vehicle, including identity information of the vehicle user and vehicle identification code (Vehicle Identification Number, VIN), etc., and submits the vehicle identification ID i and UID i to HSS, which randomly generates And calculates T pub=xP,(x,Tpub) is the key pair of the HSS.
HSS calculates a first key of the vehicle OBU by the following formulaαi=h1(x,UIDi,Ppub),βi=h1(IDi,UIDi,params,Tpub),Ki=βiAi,/>Wherein, A i=αiPi is a single-component,HSS Transmission/>To the vehicle, send (ID i,UIDi,Ki) to the TA over the secure channel, save (x, ID i,UIDi,Ki) in its database, and issue its public key T pub.
Fig. 6 is a flow chart of another message encryption transmission method according to an embodiment of the present application. Step S605 to step S607 in the embodiment shown in fig. 6 are substantially the same as step S502 to step S504 in the embodiment shown in fig. 5, and are not described herein. As shown in fig. 6, the message encryption transmission method further includes the following steps:
In step S601, the first key PSK i and the first digest information sent by the home subscriber server are received.
In step S602, the vehicle generates second digest information.
In step S603, a time period is obtained by a time difference function in response to verifying that the identity of the vehicle is valid based on the first digest information, the second digest information, the first key, and the public parameter.
In step S604, in response to determining that the period of time is a valid period of time, it is determined that the generation pseudonym condition is satisfied.
In the embodiment of the present application, the vehicle may first receive the first key PSK i and the first digest information sent by the home subscriber server. As previously described, the first digest message may include K i and Λ i. Further, the vehicle may generate the second summary information based on the information such as the ID i、UIDi, the public parameter, and the public key T pub of the HSS acquired by itselfAnd/>Wherein,Then, vehicle authentication/>And/>If true, continuing to verify the equation/>Whether or not it is. If so, the identity of the vehicle is valid, and the vehicle can receive the parameter set/>, which is sent by the HSSAnd a time period T s is obtained by a time difference function f (T c). Finally, if the period T s is determined to be a valid period, it may be determined that the generated pseudonym condition is currently satisfied.
In satisfying the above condition for generating a pseudonym, the vehicle may use the formulaA vehicle pseudonym is generated, wherein, is an exclusive or operator.
As mentioned above, in the embodiment of the present application, a part of the key of the vehicle is generated by the TA, and the other part is generated by the vehicle itself. In the embodiment of the application, the TA may generate the second key of the vehicle in the following manner: obtaining random numbersDetermining PK i=yi P as the public key in the second key of the vehicle,/>Is the private key of the second key of the vehicle. The vehicle may then receive the second key from the TA.
In the embodiment of the application, the vehicle can sign the digital certificate on the information to be transmitted based on the received first key PSK i, the second key and the vehicle pseudonym RID i to obtain the information data packet containing the digital certificate signature. Specifically, the digital certificate signature may be performed on the message to be sent in the following manner:
The random numbers r i 1 and r i 2 are first obtained, wherein, H 2i=h2(mi,IDi,UIDi,SKi,Tpub is then calculated), where m i is the message to be sent and h 2i represents hashing the message. Next, θ i=ri 1+h2iri 2,Di=θi P is calculated, and R i=Di+Ki,/>Where ,h3i=h3(mi.Ri,RIDi,PKi,ti),θi、Di、Ri and delta i are intermediate calculation parameters, h 3i represents hashing a message. Finally, σ i=(Rii) is determined as the digital certificate signature and (m ii,RIDi,PKi,ti) is determined as the message packet, where t i is the current timestamp.
In the embodiment of the application, the verification unit can verify the identity of the vehicle. Fig. 7 is a flowchart of a method for verifying an identity of a vehicle by a verification unit according to an embodiment of the present application. The authentication method of fig. 7 may be performed by the RSU of fig. 1. As shown in fig. 7, the message encryption transmission method includes the steps of:
in step S701, a message packet transmitted from a vehicle is received.
Wherein the message data packet at least comprises a time stamp.
In step S702, the digital certificate signature of the message data packet is verified in response to the verification determining that the time stamp is valid.
In step S703, a message is received in response to the verification determining that the digital certificate signature is valid.
In the embodiment of the application, the RSU may first receive a message packet (m ii,RIDi,PKi,ti) sent by the vehicle, where m i is a message sent by the vehicle, σ i is a digital certificate signature of the vehicle, RID i is a pseudonym of the vehicle, PK i is a public key of the vehicle, and t i is a current timestamp when the message packet is sent by the vehicle. Next, the RSU may verify the timestamp in the message packet, and when the verification determines that the timestamp is valid, may further verify the digital certificate signature of the message packet. If the verification determines that the digital certificate signature is valid, a message m i is received.
In the embodiment of the present application, the verification that the time stamp t i is valid may be: determining the arrival time T of a message data packet; in response to the difference between the arrival time T and the timestamp T i being less than a preset time difference threshold, the timestamp T i is determined to be valid.
In the embodiment of the application, the message data packet may be a single message data packet or include n message data packets, where n is a positive integer greater than 1. When the message data packet is a single message data packet, the verification of the digital certificate signature of the message data packet can be realized in the following manner:
Obtain h 3i=h3(mi,Ri,RIDi,PKi,ti), where h 3i represents hashing the message, h 3 is a hash function, h 3: {0,1} * represents the set of all possible binary strings, including empty string, →the integer set of mapped symbols, Z q modulo q,/> For a multiplicative group under a modulus q, the multiplicative group set contains all integers which are mutually equal to q, q is a large prime number in an elliptic curve y 2=x3 +ax+ bmodp, R i is an intermediate parameter when a vehicle carries out digital certificate signature calculation on a message, and R i is contained in sigma i;
In response to the verification determining δ iP=Ri+h3i(PKi)+Tpub, determining that the digital certificate signature is valid, wherein δ i is an intermediate parameter when the vehicle performs digital certificate signature calculation on the message, δ i is also included in σ i, P is a base point in an elliptic curve y 2=x3 +ax+ bmodp, P e G, G is an addition group with an order q generated by a point P on the elliptic curve, T pub =xp, x is an integer randomly generated by the home subscriber server, and
When the message data packet includes n message data packets, the verification of the digital certificate signature of the message data packet can be implemented in the following manner:
Obtaining a random vector { ζ i}1≤i≤n }, wherein { ζ i}∈[1,2l ], l is word length;
Calculating h 3i=h3(mi,Ri,RIDi,PKi,ti)1≤i≤n;
determining in response to authentication And determining that the digital certificate signature is valid.
In this way, due to the complexity of the elliptic curve algorithm, the verifier needs to use equations δ iP=Ri+h3i(PKi)+Tpub and δTo verify the integrity and validity of the identity message (m ii,RIDi,PKi,ti). Because the identity information is hashed to obtain the abstract, the information is changed slightly according to the property of the hash function, the two equations cannot be established, the information contains timestamp information, and authentication fails if the information is resent or the delay is too high, so that the technical scheme of the embodiment of the application can meet the requirements of the integrity and the instantaneity of the information.
On the other hand, the vehicle OBU transmits a set of messages (m ii,RIDi,PKi,ti) by which a pseudonym is generatedThus, in order to obtain its true identity information through a pseudonym, an attacker must know/>UID i and K i, because the hash function is irreversible and these messages are protected, the attacker cannot get the real ID of the vehicle OBU, thus achieving privacy protection.
Furthermore, in the technical scheme provided by the embodiment of the application, the TA and the HSS can track the true identity of the OBU through the message, so that no OBU can reject the signature message, and non-repudiation is realized.
Further, since each communication session uses a dynamically changing pseudonym, no attacker can track the vehicle's location information from the transmitted message. In addition, because there are different random values r i 1、ri 2、yi and h 2i, both of these random values are used to generate a signature of the vehicle that cannot be used for two different communications. Thus, no attacker can track the messages of the vehicle, thus achieving unlinkability.
Still further, message signature operationsIn the message, a time stamp t i is added to the message and a hash operation is performed, at this time, the receiver will first check whether the time stamp is expired, and if so, discard the message, so that replay attack can be resisted. However, the time stamp has high requirements on different machine time synchronization, so that the embodiment of the application also combines the generation of random numbers to resist replay attacks.
The embodiment of the application further provides an algorithm for defending replay attack by adding random numbers on the basis of the digital signature. Fig. 8 is a flowchart of an algorithm for defending against replay attacks by adding random numbers according to an embodiment of the present application. As shown in fig. 8, the method includes the steps of:
1) A random number is set. A random function random can be adopted to generate a random number, so that the message contains the random number for ensuring the uniqueness and freshness of the message.
2) The sender transmits the generated random number together to the receiver when transmitting the data.
3) After receiving the message and the random number, the receiver detects whether the random number requested by the message appears in the own database, and if the random number is detected to be repeated with the data carried by the sent data at a certain time, the receiver can be considered to be attacked by replay.
4) The receiver establishes a corresponding index for each received random number and stores it in a database.
When the random number is used for resisting replay attack, the digital digest of the transmitted plaintext data is extracted by the hash function encryption algorithm, then the digital digest and the generated random number are sent to the receiver, after the receiver receives the information, the public key of the sender is used for decrypting the received plaintext data to obtain the plaintext data, the decrypted data and the original plaintext data are compared, and then whether the random number appears for the first time is detected, so that the integrity of the data is ensured, and the replay attack is effectively resisted.
Meanwhile, since the man-in-the-middle can impersonate the sender by obtaining the public key of the sender, the sender is impersonated. If a signature certificate is added to the public key of the sender, the public key cannot be used by other people, so that man-in-the-middle attack can be effectively prevented by using the digital signature, and therefore the technical scheme provided by the embodiment of the application can resist man-in-the-middle attack.
Fig. 9 is a flowchart of another message encryption transmission method according to an embodiment of the present application. The message encryption transmission method of fig. 9 may be performed jointly by TA, HSS, RSU and OBU of fig. 1. As shown in fig. 9, the message encryption transmission method includes the steps of:
In step S901, the trusted unit generates common parameters and sends the common parameters to the home subscriber server, the authentication unit and the vehicle.
In step S902, the home subscriber server generates a first key PSK i and digest information based on the common parameters, and transmits the first key PSK i and digest information to the vehicle.
In step S903, the vehicle generates a vehicle pseudonym RID i based on the unique identifier UID i of the vehicle, the public parameters, and the digest information.
In step S904, the vehicle obtains a second key from the trusted unit, and signs a digital certificate on the message to be transmitted based on the first key PSK i, the second key and the vehicle pseudonym RID i, resulting in a message packet containing the digital certificate signature.
In step S905, the verification unit receives the message packet, and after the time stamp and the digital certificate signature in the message packet are verified, receives the message.
In the embodiment of the application, the trusted unit firstly generates the public parameters and sends the public parameters to the home subscriber server, the verification unit and the vehicle. The home subscriber server generates a first key PSK i and digest information based on the common parameters and transmits the first key PSK i and digest information to the vehicle. The vehicle generates a vehicle pseudonym RID i based on the unique identifier UID i of the vehicle, public parameters, and summary information. Meanwhile, the vehicle acquires a second key from the trusted unit, and performs digital certificate signing on the message to be transmitted based on the first key PSK i, the second key and the vehicle pseudonym RID i to obtain a message data packet containing the digital certificate signing. The verification unit receives the message data packet and receives the message after the timestamp and the digital certificate signature in the message data packet are verified.
Fig. 10 is a signal interaction diagram of a message encryption transmission method according to an embodiment of the present application. As shown in fig. 10, the TA first generates and issues common parameters to the HSS, RSU and OBU; the HSS generates a first key based on the public parameters and issues the first key to the OBU; the TA also generates a second key and issues it to the OBU; the OBU receives a first key and a second key after passing the authentication, and generates a pseudonym; the OBU carries out digital authentication signature on the message based on the first key, the second key and the pseudonym to obtain a message data packet; the OBU sends a message data packet to the RSU, and the RSU receives the message after the time stamp and the digital authentication signature in the message data packet are successfully authenticated.
By adopting the technical scheme of the embodiment of the application, the traditional certificate issuing organization is not required to be relied on, the complex certificate management flow is reduced, and the communication and calculation cost is reduced. By using the ECC key negotiation algorithm, a quick and efficient key negotiation process is realized, the establishment of communication is accelerated, the timely communication between the Internet of vehicles devices is facilitated, and the communication efficiency is improved. The high security of ECC is utilized, the strength of identity verification is improved, and attacks and security risks existing in some traditional identity authentication methods are prevented. The design without the certificate reduces the dependence on centralized certificate management, so that the method is more suitable for the scene of large-scale deployment of the Internet of vehicles, and the flexibility and the expandability of the system are maintained. Meanwhile, the method does not need to distribute and manage certificates in advance, simplifies the deployment process of the vehicle, reduces the complexity of maintenance and management, and makes the system easier to implement and maintain.
Any combination of the above optional solutions may be adopted to form an optional embodiment of the present application, which is not described herein.
The following are examples of the apparatus of the present application that may be used to perform the method embodiments of the present application. For details not disclosed in the embodiments of the apparatus of the present application, please refer to the embodiments of the method of the present application.
Fig. 11 is a schematic diagram of a message encryption transmission device according to an embodiment of the present application. As shown in fig. 11, the apparatus includes:
The receiving module 1101 is configured to receive a first key PSK i sent by the home subscriber server, and the first key PSK i is generated by the home subscriber server based on the public parameters sent by the trusted unit.
An acquisition module 1102 configured to acquire a unique identifier UID i of the vehicle, generate a vehicle pseudonym RID i based on UID i, public parameters, and summary information sent by the home subscriber server.
The obtaining module 1102 is further configured to obtain a message to be sent, and perform digital certificate signing on the message to be sent based on the first key PSK i and the vehicular pseudonym RID i, to obtain a message data packet containing the digital certificate signature.
The sending module 1103 is configured to send the message data packet to the verification unit, so that the verification unit verifies the identity of the vehicle.
According to the technical scheme provided by the embodiment of the application, when the vehicle transmits the message to the verification unit, the digital certificate signature is carried out on the message through the first key generated by the attribution signing user server, the second key generated by the trusted unit and the pseudonym generated by the vehicle, so that the digital certificate signature algorithm and the encryption algorithm are combined to be applied to identity authentication, the safety of the identity information can be ensured, the calculation cost and the communication cost of the message can be obviously reduced, and privacy protection and non-repudiation and non-chainability of the message can be realized on the basis of ensuring the integrity and the instantaneity of the message.
In the embodiment of the application, the public parameters comprise a base point P, big prime numbers P and q in an elliptic curve y 2=x3 +ax+ bmodp, a system public key P pub generated by a trusted unit, hash functions h 0、h1、h2 and h 3 selected by the trusted unit and a time difference function f (t c); wherein, the base point P epsilon G, G is an addition group with the order q generated by the point P on the elliptic curve, and a, b epsilon F q,Fq is a finite field with the large prime number q; h 0:{0,1}*→Zq,h1:h2:/>h3: {0,1} * represents the set of all possible binary strings, including empty string, →the integer set of mapped symbols, Z q modulo q,/> For a multiplicative group in modulo q, the multiplicative group comprises all integers that are mutually exclusive of q.
In the embodiment of the present application, the first key PSK i is calculated by the home subscriber server using the following formula: wherein A i=αiPi,/> X is an integer randomly generated by the home subscriber server, andαi=h1(x,UIDi,Ppub);βi=h1(IDi,UIDi,params,Tpub), Where IDi is a vehicle identifier, params is a common parameter, params= { P, q, P pub,h0,h1,h2,h3,f(tc)},Tpub = xP.
In the embodiment of the application, the summary information sent by the home subscriber server comprises first summary information; before generating the vehicle pseudonym, further comprising: the vehicle generates second abstract information; obtaining a time period through a time difference function in response to verifying that the identity of the vehicle is valid based on the first digest information, the second digest information, the first key and the public parameter; in response to determining that the time period is a valid time period, a vehicle pseudonym is generated.
In the embodiment of the application, before acquiring the message to be sent, the method further comprises the following steps: acquiring a second secret key sent by a trusted authority; wherein the second key is generated by the trusted unit in the following manner: obtaining random numbersDetermining PK i=yi P as the public key in the second key of the vehicle,/>Is the private key of the second key of the vehicle.
In the embodiment of the present application, a digital certificate signature is performed on a message to be sent based on a first key PSK i and a vehicle pseudonym RID i, so as to obtain a message data packet containing the digital certificate signature, which includes: random numbers r i 1 and r i 2 are obtained, wherein,Calculate h 2i=h2(mi,IDi,UIDi,SKi,Tpub), where m i is the message to be sent, and h 2i represents hashing the message; calculating theta i=ri 1+h2iri 2,Di=θi P; calculate R i=Di+Ki,/>Wherein ,h3i=h3(mi.Ri,RIDi,PKi,ti),θi、Di、Ri and delta i are intermediate calculation parameters, and h 3i represents hash calculation of the message; determining σ i=(Rii) a digital certificate signature; and determining (m ii,RIDi,PKi,ti) as a message data packet, wherein t i is a current time stamp.
In an embodiment of the present application, a verification unit verifies an identity of a vehicle, including: receiving a message data packet (m ii,RIDi,PKi,ti) sent by a vehicle, wherein m i is a message sent by the vehicle, sigma i is a digital certificate signature of the vehicle, RID i is a vehicle pseudonym, PK i is a public key of the vehicle, and t i is a current timestamp when the message data packet is sent by the vehicle; in response to the verification determining that the timestamp t i is valid, verifying the digital certificate signature of the message packet; in response to the verification determining that the digital certificate signature is valid, a message m i is received.
In the embodiment of the application, the verification of the digital certificate signature of the message data packet in response to the message data packet being a single message data packet comprises the following steps: obtain h 3i=h3(mi,Ri,RIDi,PKi,ti), where h 3i represents hashing the message, h 3 is a hash function, h 3: {0,1} * represents the set of all possible binary strings, including empty string, →the integer set of mapped symbols, Z q modulo q,/> For a multiplicative group under a modulus q, the multiplicative group set contains all integers which are mutually equal to q, q is a large prime number in an elliptic curve y 2=x3 +ax+ bmodp, R i is an intermediate parameter when a vehicle carries out digital certificate signature calculation on a message, and R i is contained in sigma i; in response to the verification determining δ iP=Ri+h3i(PKi)+Tpub, determining that the digital certificate signature is valid, wherein δ i is an intermediate parameter when the vehicle performs digital certificate signature calculation on the message, δ i is also included in σ i, P is a base point in an elliptic curve y 2=x3 +ax+ bmodp, P e G, G is an addition group with an order q generated by a point P on the elliptic curve, T pub =xp, x is an integer randomly generated by the home subscriber server, and/>
In the embodiment of the application, the response to the message data packet including n message data packets, n being a positive integer greater than 1, verifies the digital certificate signature of the message data packet, including: obtaining a random vector { ζ i}1≤i≤n }, wherein { ζ i}∈[1,2l ], l is word length; calculating h 3i=h3(mi,Ri,RIDi,PKi,ti)1≤i≤n; determining in response to authenticationThe digital certificate signature is determined to be valid.
Fig. 12 is a schematic diagram of a message encryption transmission system according to an embodiment of the present application. As shown in fig. 12, the system includes:
and the trusted unit is configured to generate public parameters and send the public parameters to the home subscriber server, the verification unit and the vehicle.
The home subscriber server is configured to generate a first key PSK i and digest information based on the common parameters and to send the first key PSK i and digest information to the vehicle.
A vehicle configured to generate a vehicle pseudonym RID i based on a unique identifier UID i of the vehicle, public parameters, and summary information.
The vehicle is further configured to obtain a second key from the trusted unit and digitally sign the message to be transmitted based on the first key PSK i, the second key and the vehicle pseudonym RID i, resulting in a message packet containing the digital certificate signature.
And the verification unit is configured to receive the message data packet and receive the message after the timestamp and the digital certificate signature in the message data packet passes verification.
It should be understood that the sequence number of each step in the foregoing embodiment does not mean that the execution sequence of each process should be determined by the function and the internal logic, and should not limit the implementation process of the embodiment of the present application.
Fig. 13 is a schematic diagram of an electronic device according to an embodiment of the present application. As shown in fig. 13, the electronic device 13 of this embodiment includes: a processor 1301, a memory 1302 and a computer program 1303 stored in the memory 1302 and executable on the processor 1301. The steps of the various method embodiments described above are implemented when the processor 1301 executes the computer program 1303. Or the processor 1301 when executing the computer program 1303 performs the functions of the modules/units in the above-described apparatus embodiments.
The electronic device 13 may be a desktop computer, a notebook computer, a palm computer, a cloud server, or the like. The electronic device 13 may include, but is not limited to, a processor 1301 and a memory 1302. It will be appreciated by those skilled in the art that fig. 13 is merely an example of the electronic device 13 and is not limiting of the electronic device 13 and may include more or fewer components than shown, or different components.
The Processor 1301 may be a central processing unit (Central Processing Unit, CPU), or may be other general purpose Processor, digital signal Processor (DIGITAL SIGNAL Processor, DSP), application SPECIFIC INTEGRATED Circuit (ASIC), field-Programmable gate array (Field-Programmable GATE ARRAY, FPGA) or other Programmable logic device, discrete gate or transistor logic device, discrete hardware components, or the like.
The memory 1302 may be an internal storage unit of the electronic device 13, for example, a hard disk or a memory of the electronic device 13. The memory 1302 may also be an external storage device of the electronic device 13, such as a plug-in hard disk, a smart memory card (SMART MEDIA CARD, SMC), a Secure Digital (SD) card, a flash memory card (FLASH CARD) or the like, which are provided on the electronic device 13. Memory 1302 may also include both internal and external storage units of electronic device 13. The memory 1302 is used to store computer programs and other programs and data required by the electronic device.
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-described division of the functional units and modules is illustrated, and in practical application, the above-described functional distribution may be performed by different functional units and modules according to needs, i.e. the internal structure of the apparatus is divided into different functional units or modules to perform all or part of the above-described functions. The functional units and modules in the embodiment may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit, where the integrated units may be implemented in a form of hardware or a form of a software functional unit.
The integrated modules/units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable storage medium. Based on such understanding, the present application may implement all or part of the flow of the method of the above embodiment, or may be implemented by a computer program to instruct related hardware, and the computer program may be stored in a computer readable storage medium, where the computer program, when executed by a processor, may implement the steps of each of the method embodiments described above. The computer program may comprise computer program code, which may be in source code form, object code form, executable file or in some intermediate form, etc. The computer readable medium may include: any entity or device capable of carrying computer program code, a recording medium, a U disk, a removable hard disk, a magnetic disk, an optical disk, a computer Memory, a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), an electrical carrier signal, a telecommunications signal, a software distribution medium, and so forth.
The above embodiments are only for illustrating the technical solution of the present application, and are not limiting; although the application has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present application, and are intended to be included in the scope of the present application.

Claims (10)

1. A method of encrypted transmission of a message, the method being performed by a vehicle, the method comprising:
Receiving a first key PSK i sent by a home subscriber server, wherein the first key PSK i is generated by the home subscriber server based on public parameters sent by a trusted unit;
Acquiring a unique identifier UID i of the vehicle, and generating a vehicle pseudonym RID i based on the UID i, the public parameters and abstract information sent by the home subscriber server;
Acquiring a message to be sent, and carrying out digital certificate signing on the message to be sent based on the first key PSK i and a vehicle pseudonym RID i to obtain a message data packet containing the digital certificate signature;
And sending the message data packet to a verification unit so that the verification unit verifies the identity of the vehicle.
2. The method according to claim 1, wherein the common parameters include a base point P, large prime numbers P and q in an elliptic curve y 2=x3 +ax+ bmodp, a system public key P pub generated by the trusted unit, hash functions h 0、h1、h2 and h 3 selected by the trusted unit, and a time difference function f (t c);
wherein, the base point P epsilon G, G is an addition group with the order q generated by the point P on the elliptic curve, and a, b epsilon F q,Fq is a finite field with the large prime number q;
h0:{0,1}*→Zq
{0,1} * represents the set of all possible binary strings, including empty string, →the integer set of mapped symbols, Z q modulo q,/> For a multiplicative group in modulo q, the multiplicative group comprises all integers that are mutually exclusive of q.
3. The method of claim 2, wherein the first key PSK i is calculated by the home subscriber server using the following formula:
wherein A i=αiPi,/> X is an integer randomly generated by the home subscriber server, and/>
αi=h1(x,UIDi,Ppub);
Β i=h1(IDi,UIDi,params,Tpub), wherein ID i is the vehicle identification, params is the common parameter,
params={P,p,q,Ppub,h0,h1,h2,h3,f(tc)},Tpub=xP。
4. The method of claim 1, wherein the summary information sent by the home subscriber server comprises first summary information;
before generating the vehicle pseudonym, the method further comprises:
The vehicle generates second abstract information;
Obtaining a time period through a time difference function in response to verifying that the identity of the vehicle is valid based on the first digest information, the second digest information, the first key, and the public parameter;
in response to determining that the time period is a valid time period, it is determined that a generating pseudonym condition is satisfied.
5. A method according to claim 3, characterized in that before the acquisition of the message to be sent, the method further comprises:
acquiring a second secret key sent by a trusted authority;
wherein the second key is generated by the trusted unit in the following manner:
Obtaining random numbers
Determining PK i=yi P as the public key of the second key of the vehicle,Is a private key of the second keys of the vehicle.
6. The method of claim 5, wherein digitally signing the message to be sent based on the first key PSK i and a vehicular pseudonym RID i results in a message packet containing a digital certificate signature, comprising:
Obtaining random numbers And/>Wherein/>
Calculate h 2i=h2(mi,IDi,UIDi,SKi,Tpub), where m i is the message to be sent, and h 2i represents hash calculation of the message;
Calculation of Di=θiP;
The calculation of the value of R i=Di+Ki,Wherein ,h3i=h3(mi.Ri,RIDi,PKi,ti),θi、Di、Ri and delta i are intermediate calculation parameters, and h 3i represents hash calculation of the message;
Determining σ i=(Rii) as the digital certificate signature;
And determining (m ii,RIDi,PKi,ti) as the message data packet, wherein t i is a current time stamp.
7. The method according to claim 1, wherein the verifying unit verifies an identity of the vehicle, comprising:
Receiving a message data packet (m ii,RIDi,PKi,ti) sent by a vehicle, wherein m i is a message sent by the vehicle, sigma i is a digital certificate signature of the vehicle, RID i is a vehicle pseudonym, PK i is a public key of the vehicle, and t i is a current timestamp when the vehicle sends the message data packet;
Verifying the digital certificate signature of the message data packet in response to verifying that the timestamp t i is valid;
the message m i is received in response to verifying that the digital certificate signature is valid.
8. The method of claim 7, wherein said verifying the digital certificate signature of the message data packet in response to the message data packet being a single message data packet comprises:
Obtain h 3i=h3(mi,Ri,RIDi,PKi,ti), where h 3i represents hashing the message, h 3 is a hash function, {0,1} * Represents the set of all possible binary strings, including empty string, →the integer set of mapped symbols, Z q modulo q,/>For a multiplicative group under a modulus q, the multiplicative group set contains all integers which are mutually equal to q, q is a large prime number in an elliptic curve y 2=x3 +ax+ bmodp, R i is an intermediate parameter when a vehicle carries out digital certificate signature calculation on a message, and R i is contained in sigma i;
In response to the verification determining delta iP=Ri+h3i(PKi)+Tpub, determining that the digital certificate signature is valid, wherein delta i is an intermediate parameter when the vehicle performs digital certificate signature calculation on the message, delta i is also contained in sigma i, P is a base point in an elliptic curve y 2=x3 +ax+ bmodp, P is G, G is an addition group with an order of q generated by a point P on the elliptic curve, T pub = xP, x is an integer randomly generated by a home subscriber server, and
9. The method of claim 7, wherein in response to the message data packet comprising n message data packets, n being a positive integer greater than 1, the verifying the digital certificate signature of the message data packet comprises:
Obtaining a random vector { ζ i}1≤i≤n }, wherein { ζ i}∈[1,2l ], l is word length;
Calculating h 3i=h3(mi,Ri,RIDi,PKi,ti)1≤i≤n;
determining in response to authentication And determining that the digital certificate signature is valid.
10. A message encryption transmission apparatus, comprising:
a receiving module configured to receive a first key PSK i sent by a home subscriber server, the first key PSK i being generated by the home subscriber server based on public parameters sent by a trusted unit;
An acquisition module configured to acquire a unique identifier UID i of a vehicle, generate a vehicle pseudonym RID i based on the UID i, the public parameters, and summary information sent by the home subscriber server;
The acquisition module is further configured to acquire a message to be sent, and perform digital certificate signing on the message to be sent based on the first key PSK i and the vehicle pseudonym RID i to obtain a message data packet containing the digital certificate signature;
And the sending module is configured to send the message data packet to the verification unit so that the verification unit verifies the identity of the vehicle.
CN202410213576.XA 2024-02-27 2024-02-27 Message encryption transmission method and transmission device Pending CN117979284A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202410213576.XA CN117979284A (en) 2024-02-27 2024-02-27 Message encryption transmission method and transmission device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202410213576.XA CN117979284A (en) 2024-02-27 2024-02-27 Message encryption transmission method and transmission device

Publications (1)

Publication Number Publication Date
CN117979284A true CN117979284A (en) 2024-05-03

Family

ID=90854594

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202410213576.XA Pending CN117979284A (en) 2024-02-27 2024-02-27 Message encryption transmission method and transmission device

Country Status (1)

Country Link
CN (1) CN117979284A (en)

Similar Documents

Publication Publication Date Title
Wei et al. Secure and lightweight conditional privacy-preserving authentication for securing traffic emergency messages in VANETs
CN108964919B (en) Lightweight anonymous authentication method with privacy protection based on Internet of vehicles
Wang et al. Enhanced security identity-based privacy-preserving authentication scheme supporting revocation for VANETs
Jiang et al. AAAS: An anonymous authentication scheme based on group signature in VANETs
Feng et al. P2BA: A privacy-preserving protocol with batch authentication against semi-trusted RSUs in vehicular ad hoc networks
CN107947932B (en) Vehicle ad hoc network authentication method based on non-bilinear mapping certificateless signature
Cai et al. A conditional privacy protection scheme based on ring signcryption for vehicular ad hoc networks
CN116707791B (en) Distributed authentication key negotiation method in intelligent vehicle-mounted networking system
Qi et al. A privacy-preserving authentication and pseudonym revocation scheme for VANETs
CN114584976B (en) Internet of vehicles identity authentication system and method based on certificate-free aggregation signature
Guo et al. An efficient certificateless ring signcryption scheme with conditional privacy-preserving in VANETs
Liu et al. IBRS: an efficient identity-based batch verification scheme for VANETs based on ring signature
Shim Reconstruction of a secure authentication scheme for vehicular ad hoc networks using a binary authentication tree
Zhang et al. A Novel Privacy‐Preserving Authentication Protocol Using Bilinear Pairings for the VANET Environment
CN112437108A (en) Decentralized identity authentication device and method for privacy protection of Internet of vehicles
He et al. An accountable, privacy-preserving, and efficient authentication framework for wireless access networks
Xie et al. [Retracted] Provable Secure and Lightweight Vehicle Message Broadcasting Authentication Protocol with Privacy Protection for VANETs
CN114302390B (en) Intra-group authentication key negotiation method in vehicle-mounted ad hoc network
Du et al. An improved conditional privacy protection scheme based on ring signcryption for vanets
Li et al. A Privacy‐Preserving Authentication Scheme for VANETs with Exculpability
Ogundoyin An Efficient, Secure and Conditional Privacy-Preserving Authentication Scheme for Vehicular Ad-hoc Networks.
Sun et al. Ridra: A rigorous decentralized randomized authentication in VANETs
Aliev et al. Matrix-based dynamic authentication with conditional privacy-preservation for vehicular network security
Peng A novel authentication protocol for vehicle network
Bai et al. Anonymous Identity Authentication scheme for Internet of Vehicles based on moving target Defense

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination