具有隐私保护的动态高效车载云管理方案

doi:10.11959/j.issn.2096-109x.2022083

Abstract

Abstract:

The vehicular cloud (VC) formed by vehicles is used for localization processing and consumption of traffic sensing data to achieve timely intelligent traffic management.The vehicle cloud is highly dynamic, self-organizing and timely, in which the identity and location privacy of vehicle users need to be protected as this poses challenges to the vehicular cloud management.A dynamic and self-organizing vehicle cloud management scheme based on the asymmetric group key agreement protocol was designed, where the vehicle cloud is automatically formed through the self-organized group key agreement of vehicles.The group key was used to control the provision and access of vehicle cloud services, and the dynamic management of the vehicle cloud was implemented through group key update.The scheme used traceable one-time pseudonym technology to achieve anonymous authentication and conditional privacy protection of vehicle users, and the group key agreement stage only included one bilinear pair operation to achieve high efficiency.In addition, the key negotiation and update process used lightweight signatures, supporting batch verification, to achieve efficient message source authentication and integrity authentication.Then the security and efficiency of vehicle cloud communications in the self-organizing environment can be ensured.The dynamic key update mechanism of the key agreement protocol realized the dynamic joining or exiting of vehicles in the vehicle cloud, adapting to the dynamic characteristics of the vehicle cloud.Under the random oracle model and the difficult assumption of the inverse computational Diffie Hellman (ICDH) problem, it was proved that the asymmetric group key agreement scheme satisfied the selective-plaintext security.The security analysis shows that the scheme can protect the identity and location privacy of vehicle users, realize the legal tracking of malicious vehicles, and ensure the confidentiality, integrity and anti-counterfeiting of communications, as well as the forward security of vehicle cloud dynamic management.The performance comparison analysis shows that this scheme has certain advantages in communication and computing efficiency under the condition of the same function and security level.

Key words: vehicular cloud, asymmetric group key agreement, privacy protection, anonymous authentication

CLC Number:

TP309

Min XIAO, Tao YAO, Yuanni LIU, Yonghong HUANG. Dynamic and efficient vehicular cloud management scheme with privacy protection[J]. Chinese Journal of Network and Information Security, 2022, 8(6): 70-83.

Figures/Tables 13

符号	符号说明
$Π_{u_{i}}^{π}$	参与者u_i的一个实例
${pid}_{u_{i}}^{π}$	与u_i一起参与协议的参与者实例的身份信息集合
${sid}_{u_{i}}^{π}$	与u_i一起参与协议的参与者实例的会话身份信息
${ms}_{u_{i}}^{π}$	$Π_{u_{i}}^{π}$ 在执行协议时发送和接收的消息集合
${ek}_{u_{i}}^{π}$	实例 $Π_{u_{i}}^{π}$ 中的加密密钥
${dk}_{u_{i}}^{π}$	实例 $Π_{u_{i}}^{π}$ 中的解密密钥
$N_{j, i}$	实例 $Π_{u_{i}}^{π}$ 中的密钥因子
${state}_{u_{i}}^{π}$	实例 $Π_{u_{i}}^{π}$ 当前的内部状态

符号	符号说明
$SK (u_{i})$	输出参与者u_i的私钥
$PK (u_{i})$	输出参与者u_i的公钥
$Replace (u_{i}, P_{i}^{'})$	把参与者u_i的公钥替换为 $P_{i}^{'}$
$KF .Reveal (Π_{u_{i}}^{π})$	输出密钥因子N_j,i
$EK .Reveal (Π_{u_{i}}^{π})$	输出加密密钥 $e k_{u_{i}}^{π}$
$DK .Reveal (Π_{u_{i}}^{π})$	输出解密密钥 $d k_{u_{i}}^{π}$

符号	数据类型	大小/byte
$L_{G_{1}}$	群G₁中的元素	40
$L_{G_{2}}$	群G₂中的元素	128
$L_{Z_{q}^{*}}$	$Z_{q}^{*}$ 中的元素	4
$L_{I D}$	身份	4
$L_{P I D}$	伪身份	44
$L_{m}$	消息	20
$L_{T S}$	时间戳	4
$L_{s i g}$	一个基于身份的签名	80
$L_{κ}$	AES-128的密钥	16
$L_{H}$	单向哈希函数	20
$L_{s i d}$	唯一标识	4
$L_{R S A 1024}$	RSA1024密钥长度	128
$L_{J T}$	加入的令牌	128

阶段	文献[21]	文献[33]	本文方案
初始化车辆	$\begin{array}{l} (n + 1) L_{G_{1}} + 1 L_{P I D} + 1 L_{T S} = \\ (40 n + 88) byte \end{array}$	$L_{JT} + L_{RSA1024} = 256 byte$	$\begin{array}{l} (n + 1) L_{G_{1}} + 1 L_{P I D} + 2 L_{Z_{q}^{*}} = \\ (40 n + 108) byte \end{array}$
初始化云管理员额外成本	$\begin{array}{l} (n + 1) L_{PID} + (n + 1) L_{G_{1}} + L_{sig} + \\ L_{G_{2}} + L_{sid} = (84 n + 296) byte \end{array}$	—	$\begin{array}{l} (n + 1) L_{G_{1}} + n L_{PID} + L_{Z_{q}^{*}} + L_{G_{2}} + \\ L_{TS} + L_{m} = (84 n + 154) byte \end{array}$
RSU	—	$(5 n + 4) L_{RSA1024} = (640 n + 512) byte$	—
密文	$\begin{array}{l} 2 L_{G_{1}} + 1 L_{κ} + 1 L_{m} + \\ 1 L_{sig} = 196 byte \end{array}$	—	$L_{G_{1}} + L_{Z_{q}^{*}} = 44 byte$

符号	含义	时间/ms
T_bp	双线性配对操作	5.627
$T_{G_{1} bpm}$	G ₁上的标量乘运算	0.724
$T_{G_{2} bpm}$	G₂上的标量乘运算	0.687
T_bpa	点加运算	0.002
T_mtp	映射到点的哈希运算	1.443
T_h	单向哈希运算	0.011
T_RSAEnc	RSA-1024加密	0.625
T_RSADec	RSA-1024解密	1.69
T_SigGen	RSA-1024签名生成	1.644
T_SigVer	RSA-1024签名验证	0.775
T_TokenVer	令牌验证	4.182
$T_{trans}^{or}$	车辆和RSU之间的通信时延	≤15
$T_{trans}^{ot}$	车辆和TA之间的通信时延	≤20
$T_{trans}^{rt}$	RSU和TA之间的通信时延	≤15
$T_{trans}^{oo}$	车辆和车辆之间的通信时延	≤15

阶段	文献[21]	文献[33]	本文方案
初始化	$(n + 4) T_{G_{1} bpm} + (n + 1) T_{mtp} + 3 T_{trans}^{oo}$	$n T_{TokenVer} + 3 n T_{G_{1} bpm} + T_{trans}^{ot} + 3 T_{trans}^{or} + T_{trans}^{rt}$	$(5 n + 2) T_{bpa} + (2 n + 5) T_{G_{1} bpm} + (2 n - 1) T_{h} + 3 T_{trans}^{oo}$
加入	$(n + 4) T_{G_{1} bpm} + (n + 1) T_{mtp} + 3 T_{trans}^{oo}$	—	$(n + 6) T_{G_{1} bpm} + 4 T_{bpa} + 2 T_{h} + 3 T_{trans}^{oo}$
加密密钥生成	$2 T_{bp} + 1 T_{G_{1} bpm} = 11.978 ms$	—	$T_{bp} = 5.267 ms$
解密密钥生成	$2 T_{bp} = 11.254 ms$	—	$T_{G_{1} bpm} = 0.724 ms$
对称群密钥生成	—	$(n + 3) T_{bpa} = (0.002 n + 0.006) ms$	—
加密	$3 T_{G_{1} bpm} = 2.172 ms$	—	$T_{G_{2} bpm} + T_{G_{1} bpm} + T_{h} = 1.422 ms$
解密	$2 T_{bp} + 1 T_{G_{1} bpm} = 11.978 ms$	—	$T_{bp} + T_{h} = 5.638 ms$

References 34

[1]	HAMDI M M , Al-DOSARY O A R , ALRAWI O A S ,et al. An overview of challenges for data dissemination and routing protocols in VANETs[C]// 2021 3rd International Congress on Human-Computer Interaction,Optimization and Robotic Applications (HORA). 2021: 1-6.
[2]	PAVITHRA T , NAGABHUSHANA B S . A survey on security in VANETs[C]// 2020 Second International Conference on Inventive Research in Computing Applications (ICIRCA). 2020: 881-889.
[3]	SASUBILLI M K , VENKATESWARLU R . Cloud computing security challenges,threats and vulnerabilities[C]// 2021 6th International Conference on Inventive Computation Technologies (ICICT). 2021: 476-480.
[4]	KANWAL I , SHAFI H , MEMON S ,et al. Cloud computing security challenges:a review[C]// Cybersecurity,Privacy and Freedom Protection in the Connected World. 2021: 459-469.
[5]	OLARIU S , HRISTOV T , YAN G J . The next paradigm shift:from vehicular networks to vehicular clouds[C]// Mobile ad Hoc networking:Cutting Edge Directions. 2013: 645-700.
[6]	GOUMIDI H , ALIOUAT Z , HAROUS S . Vehicular cloud computing security:a survey[J]. Arabian Journal for Science and Engineering, 2020,45(4): 2473-2499.
[7]	SHEIKH M S , LIANG J , WANG W S . Security and privacy in vehicular ad hoc network and vehicle cloud computing:a survey[J]. Wireless Communications and Mobile Computing, 2020,2020(3): 1-25.
[8]	OLARIU S , KHALIL I , ABUELELA M . Taking VANET to the clouds[J]. International Journal of Pervasive Computing and Communications, 2010,7(1): 7-21.
[9]	HUSSAIN R , SON J , EUN H ,et al. Rethinking vehicular communications:Merging VANET with cloud computing[C]// 4th IEEE International Conference on Cloud Computing Technology and Science Proceedings. 2012: 606-609.
[10]	YU R , ZHANG Y , GJESSING S ,et al. Toward cloud-based vehicular networks with efficient resource management[J]. IEEE Network, 2013,27(5): 48-55.
[11]	AHMAD F , KAZIM M , ADNANE A ,et al. Vehicular cloud networks:architecture,applications and security issues[C]// 2015 IEEE/ACM 8th International Conference on Utility and Cloud Computing (UCC). 2015: 571-576.
[12]	ZHENG K , MENG H L , CHATZIMISIOS P ,et al. An SMDP-based resource allocation in vehicular cloud computing systems[J]. IEEE Transactions on Industrial Electronics, 2015,62(12): 7920-7928.
[13]	SHARMA S , KAUL A . VANETs cloud:architecture,applications,challenges,and issues[J]. Archives of Computational Methods in Engineering, 2021,28: 2081-2102.
[14]	LIM K , ABUMUHFOUZ I M . STORS:secure token reward system for vehicular clouds[C]// SoutheastCon 2015. 2015: 1-2.
[15]	LIM K , ABUMUHFOUZ I M , MANIVANNAN D . Secure incentive-based architecture for vehicular cloud[C]// International Conference on Ad-Hoc Networks and Wireless. 2015: 361-374.
[16]	CUI J , ZHANG X Y , ZHONG H ,et al. Extensible conditional privacy protection authentication scheme for secure vehicular networks in a multi-cloud environment[J]. IEEE Transactions on Information Forensics and Security, 2019,15: 1654-1667.
[17]	ZHOU J , DONG X L , CAO Z F ,et al. Secure and privacy preserving protocol for cloud-based vehicular DTNs[J]. IEEE Transactions on Information Forensics and Security, 2017,10(6): 1299-1314.
[18]	KONG Q L , LU R X , ZHU H ,et al. A secure and privacy-preserving incentive framework for vehicular cloud on the road[C]// 2016 IEEE Global Communications Conference (GLOBECOM), 2016: 1-6.
[19]	张瑾瑜 . 基于车载云的安全认证和隐私保护机制研究[D]. 北京:北京交通大学, 2018.
	ZHANG J Y . Research on security authentication and privacy protection mechanism of vehicular cloud computing[D]. Beijing:Beijing Jiaotong University, 2018.
[20]	YAO Y Y , CHANG X L , MI?I? J , ,et al. Lightweight and privacy-preserving ID-as-a-service provisioning in vehicular cloud computing[J]. IEEE Transactions on Vehicular Technology, 2019,69(2): 2185-2194.
[21]	ZHANG L , MENG X Y , CHOO K K R ,et al. Privacy-preserving cloud establishment and data dissemination scheme for vehicular cloud[J]. IEEE Transactions on Dependable and Secure Computing, 2018,17(3): 634-647.
[22]	SUN P , SAMAAN N . A novel VANET-assisted traffic control for supporting vehicular cloud computing[J]. IEEE Transactions on Intelligent Transportation Systems, 2020.
[23]	SALAHUDDIN M A , AL-FUQAHA A , GUIZANI M . Software-defined networking for rsu clouds in support of the internet of vehicles[J]. IEEE Internet of Things Journal, 2014,2(2): 133-144.
[24]	HUANG X M , YU R , KANG J W ,et al. Software defined networking with pseudonym systems for secure vehicular clouds[J]. IEEE Access, 2016,4: 3522-3534.
[25]	WANG Q L , OU M , YANG Y ,et al. Conditional privacy-preserving anonymous authentication scheme with forward security in vehicle-to-grid networks[J]. IEEE Access, 2020,8: 217592-217602.
[26]	CAI Y , ZHANG H , FANG Y G . A conditional privacy protection scheme based on ring signcryption for vehicular ad hoc networks[J]. IEEE Internet of Things Journal, 2020,8(1): 647-656.
[27]	GUPTA M , GERA P , MISHRA B . CPAAS:an efficient conditional privacy-preservation anonymous authentication scheme using signcryption in VANET[J]. International Journal of Vehicle Information and Communication Systems, 2021,6(1): 88-105.
[28]	CUI J , ZHANG J , ZHONG H ,et al. SPACF:a secure privacy-preserving authentication scheme for VANET with cuckoo filter[J]. IEEE Transactions on Vehicular Technology, 2017,66(11): 10283-10295.
[29]	宋成, 张明月, 彭维平 ,等. 基于双线性对的车联网批量匿名认证方案研究[J]. 通信学报, 2017,38(6): 49-57.
	SONG C , ZHANG M Y , PENG W P ,et al. Research on batch anonymous authentication scheme for VANET based on bilinear pairing[J]. Journal on Communications, 2017,38(6): 49-57.
[30]	ZHANG Q K , GAN Y , ZHANG Q X ,et al. A dynamic and cross-domain authentication asymmetric group key agreement in telemedicine application[J]. IEEE Access, 2018,6: 24064-24074.
[31]	陈若昕, 陈杰, 张跃宇 ,等. 无证书非对称群密钥协商协议[J]. 密码学报, 2016,3(4): 382-398.
	CHENG R X , CHENG J , ZHANG Y Y,el . Certificateless asymmetric group key agreement[J]. Journal of Cryptologic Research, 2016,3(4): 382-398.
[32]	吴黎兵, 谢永, 张宇波 . 面向车联网高效安全的消息认证方案[J]. 通信学报, 2016,37(11): 1-10.
	WU L B , XIE Y , ZHANG Y B . Efficient and secure message authentication scheme for VANET[J]. Journal on Communications, 2016,37(11): 1-10.
[33]	姚英英 . 面向车载云雾服务的信任协商[D]. 北京:北京交通大学, 2021.
	YAO Y Y . Trust negotiation in vehicular cloud and fog services[D]. Beijing:Beijing Jiaotong University, 2021.
[34]	LIU Y B , WANG Y H , CHANG G H . Efficient privacy-preserving dual authentication and key agreement scheme for secure V2V communications in an IoV paradigm[J]. IEEE Transactions on Intelligent Transportation Systems, 2017,18(10): 2740-2749.

Metrics

Recommended 0

No Suggested Reading articles found!

参数	值
模拟区域	2500×2500 m²
数据传输功率	6 Mbit/s
车辆数量	55
车辆速度	10~35 m/s
MAC层协议	802.11p
网络层协议	Aodv
仿真时间	100 s

Dynamic and efficient vehicular cloud management scheme with privacy protection

RichHTML

PDF下载

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 13

References 34

Related Articles 15

Metrics

Recommended 0

[1]	Jianlong XU, Jian LIN, Yusen LI, Zhi XIONG. Distributed user privacy preserving adjustable personalized QoS prediction model for cloud services [J]. Chinese Journal of Network and Information Security, 2023, 9(2): 70-80.
[2]	Zhe SUN, Hong NING, Lihua YIN, Binxing FANG. Preliminary study on the construction of a data privacy protection course based on a teaching-in-practice range [J]. Chinese Journal of Network and Information Security, 2023, 9(1): 178-188.
[3]	Xue BAI, Baodong QIN, Rui GUO, Dong ZHENG. Two-party cooperative blind signature based on SM2 [J]. Chinese Journal of Network and Information Security, 2022, 8(6): 39-51.
[4]	Chenxin LU, Bing CHEN, Ning DING, Liquan CHEN, Ge WU. Identity-based anonymous cloud auditing scheme with compact tags [J]. Chinese Journal of Network and Information Security, 2022, 8(6): 156-168.
[5]	Shengzhi MING, Jianming ZHU, Zhiyuan SUI, Xian ZHANG. Online medical privacy protection strategy under information value-added mechanism [J]. Chinese Journal of Network and Information Security, 2022, 8(6): 169-177.
[6]	Xian ZHANG, Jianming ZHU, Zhiyuan SUI, Shengzhi MING. Analysis on anonymity and regulation of digital currency transactions based on game theory [J]. Chinese Journal of Network and Information Security, 2022, 8(5): 150-157.
[7]	Feng LIU, Jie YANG, Jiayin QI. Survey on blockchain privacy protection techniques in cryptography [J]. Chinese Journal of Network and Information Security, 2022, 8(4): 29-44.
[8]	Lin JIN, Youliang TIAN. Multi-authority attribute hidden for electronic medical record sharing scheme based on blockchain [J]. Chinese Journal of Network and Information Security, 2022, 8(4): 66-76.
[9]	Weicheng ZHANG, Hongquan WEI, Shuxin LIU, Liming PU. Fast handover authentication scheme in 5G mobile edge computing scenarios [J]. Chinese Journal of Network and Information Security, 2022, 8(3): 154-168.
[10]	Zhensheng GAO, Lifeng CAO, Xuehui DU. Research progress of access control based on blockchain [J]. Chinese Journal of Network and Information Security, 2021, 7(6): 68-87.
[11]	Chuanxin ZHOU, Yi SUN, Degang WANG, Huawei GE. Survey of federated learning research [J]. Chinese Journal of Network and Information Security, 2021, 7(5): 77-92.
[12]	Rongna XIE, Xiaonan FAN, Lin YUAN, Zichen GUO, Jiayu ZHU, Guozhen SHI. Research on extended access control mechanism in online social network [J]. Chinese Journal of Network and Information Security, 2021, 7(5): 123-131.
[13]	Zhanhui YUAN, Zhi YANG, Hongqi ZHANG, Shuyuan JIN, Xuehui DU. Android complex information flow analysis method based on communicating sequential process [J]. Chinese Journal of Network and Information Security, 2021, 7(5): 156-168.
[14]	Kui REN, Quanrun MENG, Shoukun YAN, Zhan QIN. Survey of artificial intelligence data security and privacy protection [J]. Chinese Journal of Network and Information Security, 2021, 7(1): 1-10.
[15]	Jian SHEN, Tianqi ZHOU, Chen WANG, Huijie YANG. Privacy protection key distribution protocol for edge computing [J]. Chinese Journal of Network and Information Security, 2021, 7(1): 93-100.