网络与信息安全学报 ›› 2022, Vol. 8 ›› Issue (6): 70-83.doi: 10.11959/j.issn.2096-109x.2022083

• 学术论文 • 上一篇    下一篇

具有隐私保护的动态高效车载云管理方案

肖敏1, 姚涛2, 刘媛妮1, 黄永洪1   

  1. 1 重庆邮电大学网络空间与信息法学院,重庆 400065
    2 重庆邮电大学计算机科学与技术学院,重庆 400065
  • 修回日期:2022-09-12 出版日期:2022-12-15 发布日期:2023-01-16
  • 作者简介:肖敏(1971- ),女,湖北宜昌人,重庆邮电大学教授、博士生导师,主要研究方向为现代密码学理论与应用、车联网安全、量子密码
    姚涛(1997- ),男,安徽安庆人,重庆邮电大学硕士生,主要研究方向为现代密码学理论与应用、车联网安全
    刘媛妮(1978- ),女,河南邓州人,重庆邮电大学副教授,主要研究方向为移动群智能感知网络、云计算安全
    黄永洪(1974- ),男,重庆人,重庆邮电大学讲师,主要研究方向为安全操作系统、人工智能安全
  • 基金资助:
    四川省重点研发计划(2020YFG0292)

Dynamic and efficient vehicular cloud management scheme with privacy protection

Min XIAO1, Tao YAO2, Yuanni LIU1, Yonghong HUANG1   

  1. 1 School of Cyber Security and Information Law, Chongqing University of Posts and Telecommunications, Chongqing 400065, China
    2 School of Computer Science and Technology, Chongqing University of Posts and Telecommunications, Chongqing 400065, China
  • Revised:2022-09-12 Online:2022-12-15 Published:2023-01-16
  • Supported by:
    The Key Research and Development Project of Sichuan Province(2020YFG0292)

摘要:

由车辆自主形成的车载云用于交通传感数据的本地化处理和消耗,实现高时效性的智能交通管理。针对车载云的高度动态性、自组织性和高时效性特点及其车联网中用户身份和位置隐私保护需求带来的车载云管理挑战,设计了基于非对称群密钥协商协议的动态自组织车载云管理方案,通过车辆自组织的群密钥协商自动形成车载云,利用群密钥控制车载云服务提供与访问,利用群密钥更新动态管理车载云。该方案使用可追踪的一次性假名技术实现车辆的匿名认证和条件隐私保护,并在群密钥协商阶段只使用一次双线性,使运算实现了更高的效率;密钥协商和更新过程利用支持批量验证的轻量级签名实现高效的消息源认证和完整性认证,在确保效率的前提下保证自组织环境下车载云通信的安全性;密钥协商协议的动态密钥更新机制实现车载云中车辆的动态加入或退出,适应车载云的动态性特点。在随机预言机模型和求逆计算Diffie-Hellman(ICDH)问题困难假设下,证明了非对称群密钥协商方案满足选择明文安全性。安全性分析显示所提方案能够保护车辆用户的身份和位置隐私,能够实现恶意车辆的合法追踪,保证通信的保密性、完整性和防假冒以及车载云动态管理的前向安全性。性能对比分析证明所提方案在实现相同功能和满足相同安全性的情况下具有一定的通信和计算效率优势。

关键词: 车载云, 非对称群密钥协商, 隐私保护, 匿名认证

Abstract:

The vehicular cloud (VC) formed by vehicles is used for localization processing and consumption of traffic sensing data to achieve timely intelligent traffic management.The vehicle cloud is highly dynamic, self-organizing and timely, in which the identity and location privacy of vehicle users need to be protected as this poses challenges to the vehicular cloud management.A dynamic and self-organizing vehicle cloud management scheme based on the asymmetric group key agreement protocol was designed, where the vehicle cloud is automatically formed through the self-organized group key agreement of vehicles.The group key was used to control the provision and access of vehicle cloud services, and the dynamic management of the vehicle cloud was implemented through group key update.The scheme used traceable one-time pseudonym technology to achieve anonymous authentication and conditional privacy protection of vehicle users, and the group key agreement stage only included one bilinear pair operation to achieve high efficiency.In addition, the key negotiation and update process used lightweight signatures, supporting batch verification, to achieve efficient message source authentication and integrity authentication.Then the security and efficiency of vehicle cloud communications in the self-organizing environment can be ensured.The dynamic key update mechanism of the key agreement protocol realized the dynamic joining or exiting of vehicles in the vehicle cloud, adapting to the dynamic characteristics of the vehicle cloud.Under the random oracle model and the difficult assumption of the inverse computational Diffie Hellman (ICDH) problem, it was proved that the asymmetric group key agreement scheme satisfied the selective-plaintext security.The security analysis shows that the scheme can protect the identity and location privacy of vehicle users, realize the legal tracking of malicious vehicles, and ensure the confidentiality, integrity and anti-counterfeiting of communications, as well as the forward security of vehicle cloud dynamic management.The performance comparison analysis shows that this scheme has certain advantages in communication and computing efficiency under the condition of the same function and security level.

Key words: vehicular cloud, asymmetric group key agreement, privacy protection, anonymous authentication

中图分类号: 

No Suggested Reading articles found!