基于双层分片区块链的车联网跨信任域高效认证方案

doi:10.11959/j.issn.1000-436x.2023080

摘要/Abstract

摘要：

为解决车联网跨信任域消息认证中拓展性差、认证信息同步慢和认证开销大的问题，提出了基于双层分片区块链的车联网跨信任域高效认证方案。设计了一种面向大量跨信任域消息认证的双层分片区块链架构，通过在全域不同实体层级上构建区块链，提升系统的拓展性，确保跨域信息安全高效的共享；提出了一种基于 Metis图划分算法的车联网区块链分片方法，通过均衡各分片的负载，适应车联网中各路段认证信息不均的情形，提高大量认证信息上链同步的效率；提出了基于无证书公钥密码的跨域批量认证方案，实现对不同信任域消息的批量认证，降低了跨域消息的认证开销。实验表明，所提方案有效地提升了跨信任域消息的认证效率，相比于其他方案，在大量跨域消息认证上降低了26.4%以上的计算开销。

关键词: 车联网, 批量认证, 跨信任域, 分片区块链, 高效

Abstract:

To solve the problems of poor scalability, slow synchronization of authentication information, and high authentication overhead in cross-trust domain message authentication in the Internet of vehicles (IoV), an efficient authentication scheme for cross-trust domain of IoV based on a double-layer shard blockchain was proposed.A double-layer shard blockchain architecture was designed for lots of cross-trust domain message authentication by constructing blockchains on different entity levels in all domains to improve the scalability of the system and ensure secure and efficient sharing of cross-domain information.A blockchain sharding method based on the Metis graph partitioning algorithm for IoV was proposed to balance loads of each shard and adapt to the uneven distribution of authentication information on different road segments in IoV, thereby improving the efficiency of synchronizing a large number of authentication information on the chain.A batch authentication scheme based on certificateless public-key cryptography (CL-PKC) was proposed, which reduced the authentication overhead of cross-domain messages by enabling batch authentication of messages from different trust domains.Experimental results show that the proposed scheme effectively improves the authentication efficiency of cross-trust domain messages.Compared with other schemes, the proposed scheme reduces the computational overhead of a large number of cross-domain message authentication by more than 26.4%.

Key words: Internet of vehicles, batch authentication, cross-trust domain, shard blockchain, efficient

中图分类号:

TN92

刘雪娇, 钟强, 夏莹杰. 基于双层分片区块链的车联网跨信任域高效认证方案[J]. 通信学报, 2023, 44(5): 213-223.

Xuejiao LIU, Qiang ZHONG, Yingjie XIA. Efficient authentication scheme for cross-trust domain of IoV based on double-layer shard blockchain[J]. Journal on Communications, 2023, 44(5): 213-223.

图/表 11

图1

图2

图3

表1

表2

图4

图5

表3

图6

图7

表4

参考文献 27

[1]	TAN H W , XUAN S C , CHUNG I . HCDA:efficient pairing-free homographic key management for dynamic cross-domain authentication in VANETs[J]. Symmetry, 2020,12(6): 1003.
[2]	AGGARWAL S , KUMAR N , GOPE P . An efficient blockchain-based authentication scheme for energy-trading in V2G networks[J]. IEEE Transactions on Industrial Informatics, 2021,17(10): 6971-6980.
[3]	ALI I , CHEN Y , ULLAH N ,et al. An efficient and provably secure ECC-based conditional privacy-preserving authentication for vehicle-to-vehicle communication in VANETs[J]. IEEE Transactions on Vehicular Technology, 2021,70(2): 1278-1291.
[4]	WANG P , LIU Y N . SEMA:secure and efficient message authentication protocol for VANETs[J]. IEEE Systems Journal, 2021,15(1): 846-855.
[5]	CHEN J , ZHAN Z Y , HE K ,et al. XAuth:efficient privacy-preserving cross-domain authentication[J]. IEEE Transactions on Dependable and Secure Computing, 2022,19(5): 3301-3311.
[6]	LIN C , HUANG X Y , HE D B . EBCPA:efficient blockchain-based conditional privacy-preserving authentication for VANETs[J]. IEEE Transactions on Dependable and Secure Computing, 2022,20(3): 1818-1832.
[7]	冯霞, 崔凯平, 谢晴晴 ,等. VANET中基于区块链的分布式匿名认证方案[J]. 通信学报, 2022,43(9): 134-147.
	FENG X , CUI K P , XIE Q Q ,et al. Distributed anonymous authentication scheme based on blockchain in VANET[J]. Journal on Communications, 2022,43(9): 134-147.
[8]	XUE L Y , HUANG H P , XIAO F ,et al. A cross-domain authentication scheme based on cooperative blockchains functioning with revocation for medical consortiums[J]. IEEE Transactions on Network and Service Management, 2022,19(3): 2409-2420.
[9]	WANG J , WANG H . Monoxide:scale out blockchains with asynchronous consensus zones[C]// Proceedings of the 16th USENIX symposium on networked systems design and implementation. Berkeley:USENIX Association, 2019: 95-112.
[10]	HUANG H W , PENG X W , ZHAN J Z ,et al. BrokerChain:a cross-shard blockchain protocol for account/balance-based state sharding[C]// Proceedings of IEEE Conference on Computer Communications. Piscataway:IEEE Press, 2022: 1968-1977.
[11]	ZHENG P L , XU Q Q , LUO X P ,et al. Aeolus:distributed execution of permissioned blockchain transactions via state sharding[J]. IEEE Transactions on Industrial Informatics, 2022,18(12): 9227-9238.
[12]	QI J Y , GAO T H . A privacy-preserving authentication and pseudonym revocation scheme for VANETs[J]. IEEE Access, 2020,8: 177693-177707.
[13]	ZHOU Y , LONG X , CHEN L ,et al. Conditional privacy-preserving authentication and key agreement scheme for roaming services in VANETs[J]. Journal of Information Security and Applications, 2019,47: 295-301.
[14]	张文波, 黄文华, 冯景瑜 . 基于无证书签密的车联社会网络安全通信机制[J]. 通信学报, 2021,42(7): 128-136.
	ZHANG W B , HUANG W H , FENG J Y . Secure communication mechanism for VSN based on certificateless signcryption[J]. Journal on Communications, 2021,42(7): 128-136.
[15]	黄冬艳, 李浪, 陈斌 ,等. RBFT：基于Raft集群的拜占庭容错共识机制[J]. 通信学报, 2021,42(3): 209-219.
	HUANG D Y , LI L , CHEN B ,et al. RBFT:a new Byzantine fault-tolerant consensus mechanism based on Raft cluster[J]. Journal on Communications, 2021,42(3): 209-219.
[16]	SINGH P K , SINGH R , NANDI S K ,et al. Blockchain-based adaptive trust management in Internet of vehicles using smart contract[J]. IEEE Transactions on Intelligent Transportation Systems, 2021,22(6): 3616-3630.
[17]	ZHANG X , XIA W , CUI Q ,et al. Efficient and trusted data sharing in a sharding-enabled vehicular blockchain[J]. IEEE Network, 2022:doi.org/10.1109/MNET.122.2100755.
[18]	WANG J , HUANG J , KONG L ,et al. A privacy-preserving vehicular data sharing framework atop multi-sharding blockchain[C]// Proceedings of 2021 IEEE Global Communications Conference. Piscataway:IEEE Press, 2021: 1-6.
[19]	NARESH V S , ALLAVARPU V V L D , REDDI S . Blockchain IOTA sharding-based scalable secure group communication in large VANETs[J]. IEEE Internet of Things Journal, 2023,10(6): 5205-5213.
[20]	ZHANG Y , LI B , WU J X ,et al. Efficient and privacy-preserving blockchain-based multifactor device authentication protocol for cross-domain IIoT[J]. IEEE Internet of Things Journal, 2022,9(22): 22501-22515.
[21]	SHEN M , LIU H S , ZHU L H ,et al. Blockchain-assisted secure device authentication for cross-domain industrial IoT[J]. IEEE Journal on Selected Areas in Communications, 2020,38(5): 942-954.
[22]	TONG F , CHEN X , WANG K M ,et al. CCAP:a complete crossdomain authentication based on blockchain for Internet of things[J]. IEEE Transactions on Information Forensics and Security, 2022,17: 3789-3800.
[23]	YANG Y H , WEI L J , WU J ,et al. A blockchain -based multidomain authentication scheme for conditional privacy preserving in vehicular ad-hoc network[J]. IEEE Internet of Things Journal, 2022,9(11): 8078-8090.
[24]	SHEN J , LIU D Z , CHEN X F ,et al. Secure real-time traffic data aggregation with batch verification for vehicular cloud in VANETs[J]. IEEE Transactions on Vehicular Technology, 2020,69(1): 807-817.
[25]	CHEN Q , WU T , HU C ,et al. An identity-based cross-domain authenticated asymmetric group key agreement[J]. Information, 2021,12(3): 112.
[26]	KARYPIS G , KUMAR V . A fast and high quality multilevel scheme for partitioning irregular graphs[J]. SIAM Journal on scientific Computing, 1998,20(1): 359-392.
[27]	GALBRAITH S D , GAUDRY P . Recent progress on the elliptic curve discrete logarithm problem[J]. Designs,Codes and Cryptography, 2016,78: 51-72.

方案	匿名性	不可伪造性	不可链接性	可追溯	抵抗常见攻击	跨域批量认证
Shen等方案^[21]	√	√	×	√	√	×
Yang等方案^[23]	√	√	√	√	√	×
Chen等方案^[25]	×	√	×	√	√	√
所提方案	√	√	√	√	√	√

操作标识	含义	执行时间/ms
T_bm	双线性配对的标量乘运算	0.624 0
T_ba	双线性配对的点加运算	0.001 4
T_bp	双线性配对	4.322 5
T_ep	模幂运算	3.342 7
T_pm	在上的标量乘运算	0.356 2
T_pa	在上的点加运算	0.002 6
T_h	哈希运算	0.000 6

方案	假名和部分密钥生成	离线签名	在线签名	跨域消息验证	批量验证(n条消息)
Yang等方案		0	T_h
Shen等方案		0
Chen等方案		0
所提方案		T_pm	T_h

方案	假名和部分密钥生成/B	跨域消息签名/B	跨域消息验证/B	总通信开销/B
Yang等方案				L_m+584
Shen等方案				3 L_m+1204
Chen等方案			0	L_m+624
所提方案			0	L_m+584