車載自組網(wǎng)中可證明安全的無證書認證方案

曾萍; 郭瑞芳; 馬英杰; 高原; 趙耿

doi:10.11999/JEIT190883

車載自組網(wǎng)中可證明安全的無證書認證方案

doi: 10.11999/JEIT190883

曾萍¹,
郭瑞芳^{1, 2, ,},
馬英杰¹,
高原¹,
趙耿¹

1.
北京電子科技學院北京 100070
2.
西安電子科技大學西安 710000

基金項目: 國家自然科學基金(61772047)

詳細信息

作者簡介:
曾萍：女，1969年生，教授，研究方向為通信與網(wǎng)絡安全、物聯(lián)網(wǎng)安全

郭瑞芳：女，1994年生，碩士生，研究方向為物聯(lián)網(wǎng)安全

馬英杰：女，1979年生，副教授，研究方向為混沌密碼通信

高原：女，1979年生，講師，研究方向為區(qū)塊鏈應用

趙耿：男，1964年生，教授，博士生導師，研究方向為混沌密碼通信

通訊作者:
郭瑞芳　fang_wankai@163.com

中圖分類號: TN918; TN393.08
計量
- 文章訪問數(shù): 1222
- HTML全文瀏覽量: 361
- PDF下載量: 146
- 被引次數(shù): 0
出版歷程
- 收稿日期: 2019-11-04
- 修回日期: 2020-10-19
- 網(wǎng)絡出版日期: 2020-10-23
- 刊出日期: 2020-12-08

Provable Security Certificateless Authentication Scheme for Vehicular Ad hoc Network

1.
Beijing Electronic Science&Technology Institute, Beijing 100070, China
2.
Xidian University, Xi’an 710000, China

Funds: The National Natural Science Fouundation of China (61772047)

摘要

摘要:
認證協(xié)議的設計是目前車載自組網(wǎng)(VANET)安全領域的研究熱點?，F(xiàn)有的認證方案中普遍存在密鑰托管帶來的安全問題，以及使用計算量大的雙線性對導致認證效率很低。針對以上問題，該文提出可證明安全的無證書批認證方案，方案中車輛的密鑰由車輛自身和一個密鑰生成中心共同生成，解決密鑰需要托管給第三方維護的問題；方案的簽名構(gòu)造不使用計算量大的對運算，減少了計算開銷；引入批認證來減少路邊設施的認證負擔，提高認證效率?；谇蠼鈾E圓曲線上的離散對數(shù)問題的困難性假設，在隨機預言機模型中證明了該方案可以抵抗自適應選擇消息和身份攻擊，從而抵抗更改攻擊和假冒攻擊，并具有匿名性、可追蹤性等特點。與現(xiàn)有方案相比，該方案實現(xiàn)了更高效的認證。
- 認證 /
- 無證書 /
- 批認證 /
- 可證明安全的 /
- 匿名性
Abstract:
The design of authentication protocol is a hot topic in the field of the security of Vehicular Ad hoc NETwork (VANET). There are security problems caused by key escrow in the existing authentication schemes. In order to solve this problem and achieve secure and efficient verification, an efficient pairing-free certificateless authentication scheme with batch verification is proposed, in which the key of the vehicle is generated by the vehicle itself and a key generation center, which solves the problem that the key needs to be managed to the third party for maintenance. The bilinear pairing operation, one of the most complex operations in modern cryptography, is not used in the generation of vehicle’s signatures to reduce the computation cost of message verification. Unforgebility of the schemes against adaptively chosen-message and identity attack is proved under the difficulty of computing the discrete logarithm problem in the random oracle model to guarantee resistancy against modification and impersonation attacks, and has the characteristics of anonymity and traceability. Compared to the existing schemes, the proposed scheme is more efficient.
- Authentication /
- Certificateless /
- Batch verification /
- Provable security /
- Anonymity

HTML全文

圖 1 VANET系統(tǒng)通信模型

下載: 全尺寸圖片幻燈片

圖 2 方案總的認證計算開銷

下載: 全尺寸圖片幻燈片

圖 3 批認證時間開銷

下載: 全尺寸圖片幻燈片

表 1 批認證過程中無效消息查找算法(二分查找算法)

輸入：List={ID_i, M_i, W_i, σ_i, T_i}
輸出：InvalidList={ID₁, ID₂, ···, ID_m}
(1) Function
(2) batch And Search(List, InvalidList, Index, low, high)
(3) 　/Function batchAuth(List, low, high)表示對消息數(shù)組下　　　標Index屬于[low, high]的消息進行式(2)所述批認證，成功　　　則返回true，失敗則返回false/
(4) 　if (batchAuth(List, Index Low, high)) then
(5) return true
(6) else if (low==high)
(7) 　　Invalid List.append(List[low])
(8) 　　return Invalid List
(9) 　　else
(10) 　　　mid=(low+high)/2
(11) 　　　batch And Search(List, InvalidList, Index, low, mid)
(12) 　　　batch And Search(List, InvalidList, Index, mid+1, 　　　　　 high)
(13) 　　end if
(14) 　　return InvalidList
(15) 　end if
(16) 　end Function
(17) 　for i:=1 to n do
(18) 　　batch And Search(List, InvalidList, i, 1, n)19: end for

下載: 導出CSV

表 2 不同方案的計算開銷(ms)

方案	簽名生成	認證1條消息	認證n條消息
文獻[15]	5T_mul-G1+1T_pa-G1+1T_mtp=12.9581	T_mul-G1+3T_exp+T_mtp=18.7480	nT_mul-G1+3T_exp+nT_mtp=5.1120n+12.6117
文獻[17]	4T_mul-G1+1T_pa-G1+2T_mtp+1T_h=15.6552	2T_par+2T_mul-G1+1T_pa-G1+1T_mtp +1T_h=8.4273	2T_exp+2nT_mul-G1+nT_pa-G1+nT_mtp+nT_h =7.8312n+8.422
文獻[12]	5T_exp+3T_h= 0.0253	T_exp+2T_par+3T_h=8.4273	(n+1)T_par+nT_exp+3nT_h=4.2163n+4.2110
本文	4T_mul-G+2T_pa-G+3T_h=1.7666	4T_mul-G+3T_pa-G+3T_h=1.7737	(2n+2)T_mul-G+3nT_h+(2n+1)T_pa-G= 0.8879n+0.8858

下載: 導出CSV

表 3 不同方案的通信開銷(Byte)

方案	發(fā)送1條消息	發(fā)送n條消息
本文	144	144n
文獻[17]	384	384n
文獻[15]	388	388n
文獻[12]	144	144n

下載: 導出CSV

參考文獻(22)

KENNEY J B. Dedicated short-range communications (DSRC) standards in the United States[J]. Proceedings of the IEEE, 2011, 99(7): 1162–1182. doi: 10.1109/jproc.2011.2132790

張春花, 臧海娟, 薛小平, 等. 車聯(lián)網(wǎng)軌跡隱私保護研究進展[J]. 計算機應用, 2017, 37(7): 1921–1925, 1942. doi: 10.11772/j.issn.1001-9081.2017.07.1921

ZHANG Chunhua, ZANG Haijuan, XUE Xiaoping, et al. Research progress in internet of vehicles trajectory privacy protection[J]. Journal of Computer Applications, 2017, 37(7): 1921–1925, 1942. doi: 10.11772/j.issn.1001-9081.2017.07.1921

李馥娟, 王群, 錢煥延. 車聯(lián)網(wǎng)安全威脅綜述[J]. 電子技術應用, 2017, 43(5): 29–33, 37.

LI Fujuan, WANG Qun, and QIAN Huanyan. Survey on security threats of Internet of vehicles[J]. Application of Electronic Technique, 2017, 43(5): 29–33, 37.

QU Fengzhong, WU Zhihui, WANG Feiyue, et al. A security and privacy review of VANETs[J]. IEEE Transactions on Intelligent Transportation Systems, 2015, 16(6): 2985–2996. doi: 10.1109/tits.2015.2439292

LI Jie, LU Huang, and GUIZANI M. ACPN: A novel authentication framework with conditional privacy-preservation and non-repudiation for VANETs[J]. IEEE Transactions on Parallel and Distributed Systems, 2015, 26(4): 938–948. doi: 10.1109/tpds.2014.2308215

WANG Fei, XU Yongjun, ZHANG Hanwen, et al. 2FLIP: A two-factor lightweight privacy-preserving authentication scheme for VANET[J]. IEEE Transactions on Vehicular Technology, 2016, 65(2): 896–911. doi: 10.1109/tvt.2015.2402166

ZHONG Hong, WEN Jingyu, CUI Jie, et al. Efficient conditional privacy-preserving and authentication scheme for secure service provision in VANET[J]. Tsinghua Science and Technology, 2016, 21(6): 620–629. doi: 10.1109/tst.2016.7787005

HE Debiao, ZEADALLY S, XU Baowen, et al. An efficient identity-based conditional privacy-preserving authentication scheme for vehicular ad hoc networks[J]. IEEE Transactions on Information Forensics and Security, 2015, 10(12): 2681–2691. doi: 10.1109/TIFS.2015.2473820

ZHANG Yaling, YANG Liang, and WANG Shangping. An efficient identity-based signature scheme for vehicular communications[C]. The 2015 11th International Conference on Computational Intelligence and Security, Shenzhen, China, 2015: 326–330. doi: 10.1109/cis.2015.86.

SHIM K A. CPAS: An efficient conditional privacy-preserving authentication scheme for vehicular sensor networks[J]. IEEE Transactions on Vehicular Technology, 2012, 61(4): 1874–1883. doi: 10.1109/tvt.2012.2186992

SHAO Jun, LIN Xiaodong, LU Rongxing, et al. A threshold anonymous authentication protocol for VANETs[J]. IEEE Transactions on Vehicular Technology, 2016, 65(3): 1711–1720. doi: 10.1109/tvt.2015.2405853

ZHANG Lei, WU Qianhong, DOMINGO-FERRER J, et al. Distributed aggregate privacy-preserving authentication in VANETs[J]. IEEE Transactions on Intelligent Transportation Systems, 2017, 18(3): 516–526. doi: 10.1109/tits.2016.2579162

LIU Zhicai, XIONG Ling, PENG Tu, et al. A realistic distributed conditional privacy- preserving authentication scheme for vehicular ad hoc networks[J]. IEEE Access, 2018, 6: 26307–26317. doi: 10.1109/ACCESS.2018.2834224

CUI Jie, TAO Xuefei, ZHANG Jing, et al. HCPA-GKA: A hash function-based conditional privacy-preserving authentication and group-key agreement scheme for VANETs[J]. Vehicular Communications, 2018, 14: 15–25. doi: 10.1016/j.vehcom.2018.09.003

BAYAT M, BARMSHOORY M, RAHIMI M, et al. A secure authentication scheme for VANETs with batch verification[J]. Wireless Networks, 2015, 21(5): 1733–1743. doi: 10.1007/s11276-014-0881-0

LO N W and TSAI J L. An efficient conditional privacy-preserving authentication scheme for vehicular sensor networks without pairings[J]. IEEE Transactions on Intelligent Transportation Systems, 2016, 17(5): 1319–1328. doi: 10.1109/tits.2015.2502322

HORNG S J, TZENG S F, HUANG P H, et al. An efficient certificateless aggregate signature with conditional privacy-preserving for vehicular sensor networks[J]. Information Sciences, 2015, 317: 48–66. doi: 10.1016/j.ins.2015.04.033

GAYATHRI N B, THUMBUR G, REDDY P V, et al. Efficient pairing-free certificateless authentication scheme with batch verification for vehicular ad-hoc networks[J]. IEEE Access, 2018, 6: 31808–31819. doi: 10.1109/ACCESS.2018.2845464

KARATI A, ISLAM S H, and KARUPPIAH M. Provably secure and lightweight certificateless signature scheme for IIoT environments[J]. IEEE Transactions on Industrial Informatics, 2018, 14(8): 3701–3711. doi: 10.1109/tii.2018.2794991

ZHANG Bo, ZHU Tianqing, HU Chengyu, et al. Cryptanalysis of a lightweight certificateless signature scheme for IIOT environments[J]. IEEE Access, 2018, 6: 73885–73894. doi: 10.1109/access.2018.2883581

吳濤, 景曉軍. 一種強不可偽造無證書簽名方案的密碼學分析與改進[J]. 電子學報, 2018, 46(3): 602–606. doi: 10.3969/j.issn.0372-2112.2018.03.013

WU Tao and JING Xiaojun. Cryptanalysis and improvement of a certificateless signature scheme with strong unforgeability[J]. Acta Electronica Sinica, 2018, 46(3): 602–606. doi: 10.3969/j.issn.0372-2112.2018.03.013

謝永, 李香, 張松松, 等. 一種可證安全的車聯(lián)網(wǎng)無證書聚合簽名改進方案[J]. 電子與信息學報, 2020, 42(5): 1125–1131. doi: 10.11999/JEIT190184

XIE Yong, LI Xiang, ZHANG Songsong, et al. An improved provable secure certificateless aggregation signature scheme for vehicular ad hoc NETworks[J]. Journal of Electronics &Information Technology, 2020, 42(5): 1125–1131. doi: 10.11999/JEIT190184

施引文獻

資源附件(0)

訪問統(tǒng)計