摘要
针对车联网中的车辆单元的隐私信息泄露而被非法分子跟踪攻击的问题,通过分析车联网的拓扑结构及其通信特征,提出了一个基于轻量级群签名的车辆身份认证协议,以对车辆身份进行快速且高效的匿名认证。协议的内容共分为5个阶段:在初始化阶段,由车联网系统产生群的公/私钥对和系统参数,并利用路旁辅助设施将群公钥和系统参数分发给车载单元,群私钥由群管理者保管;在车辆单元入网阶段,车辆单元将自己的身份信息通过盲签名技术提交给群管理者,认证通过后由群管理者为车辆单元颁发群证书;在协同通信阶段,拥有群证书的车辆成员利用它的有效证书和群公钥对其状态信息进行签名,并利用车载传感器发送给附近的车辆单元,实现与周边车辆的协同驾驶;在消息验证阶段,只有合法的车辆成员才能利用群公钥打开它所接收到的状态信息,但无法得知该消息发送者的真实身份,以此实现车辆间的匿名通信;在签名验证阶段,当某个车辆成员为了独享道路资源发布虚假消息导致交通事故时,群管理者利用其预留的群私钥将该消息的签名打开,即可遍历出对应的车辆成员进行问责。作者采用改进后的轻量级群签名技术,能够做到群公钥和群签名的长度不依赖群成员的个数;以零知识证明作为成员身份验证的手段,可以提高群中成员之间的认证速度。先对协议的安全性从数学的角度作了分析和证明,再搭建了由100台PC机组成的局域网仿真平台模拟车联网中的车辆单元之间的协同通信。实验结果表明本协议在100个车辆用户的局域网中完成身份认证的时间约为7 ms,且在认证时间开销上优于所对比的方案,较大程度地降低了车载单元在身份认证过程中的存储和计算负担。
In order to solve the problem of illegal member’s tracking attack, which caused by the vehicle units’ privacy disclosure in vehicular ad hoc networks(VANETs), a vehicle identity authentication protocol based on lightweight group signature was proposed by analysis of topology and communication characteristics of VANETs in this paper, which can authenticate the vehicles anonymously in a fast and efficient way. The protocol has five stages. In the initialization phase, the public/private key pairs and system parameters of the group were generated by the VANETs system, then the group public key and system parameters were distributed to the on-board units by the roadside auxiliary facilities. The group private key was kept by the group manager. When a vehicle unit entered VANETs, the unit’s own identity was submitted to the group manager by the blind signature. A group certificate would be distributed to the vehicle unit by the group manager when authentication passed. In the cooperative communication stage, the vehicle member who owned the group certificates signed the state information with the valid certificate and group public key, then sent it to the nearby vehicle units by the car sensors, and achieved cooperative driving with surrounding vehicles. In the message verification stage,only can the legal vehicle members open the received status information by using group public key, but couldn’t know the true identity of the message sender. In this way, the anonymous communication among vehicles was realized. In the stage of signature verification, when a vehicle unit broadcasted a false message for the purpose of exclusively using road resource and caused traffic accident,the group manager can open the signature of the message by using the group private key, and traversed the corresponding vehicle members to carry on the accountability. The innovation of the paper was the usage of improved lightweight group signature technology, which could ensure that the length of group public key and group signature didn’t depend on the number of group members.Zero knowledge proof was also used as a means of membership authentication which improved the speed of authentication among the members. The security of the protocol was analyzed and proved mathematically in this paper, and a LAN simulation platform composed of 100 PC machines was built to simulate the cooperative communication among vehicle units in VANETs. The experimental results showed that authentication time of the protocol was about 7 ms among 100 vehicle users. The performance of the proposed protocol is superior to the contrasted schemes. It greatly reduced the storage and calculation burden of the vehicle units during the process of identity authentication.
作者
郑明辉
段洋洋
吕含笑
ZHENG Minghui;DUAN Yangyang;LYU Hanxiao(School of Info.Eng.,Hubei Univ.For Nationalities.,Enshi 445000,Chin)
出处
《工程科学与技术》
EI
CAS
CSCD
北大核心
2018年第4期130-134,共5页
Advanced Engineering Sciences
基金
国家自然科学基金资助项目(61472121)
湖北省创新群体项目资助(2016CFA021)
关键词
车联网
隐私保护
群签名
身份认证
VANETs
privacy protection
group signature
identity authentication
