格基环签名的车联网隐私保护

Ring Signature Based on Lattice and VANET Privacy Preservation

现今,车联网在学术以及智能交通等领域已经成为一个研究热点.车联网有一些显著的优点:(1)为驾驶者和交通管理员提供了便利(如实时交通信息系统);(2)提高了车辆行驶的安全程度(如追尾提前警告系统).这样一种应用需要车辆用户之间共享信息.然而在实际应用中,车辆之间的通讯可以被恶意攻击者用来定位和跟踪车辆,因此隐私保护在车联网中至关重要.虽然之前已经提出了一些解决方案,但是这些方案都存在各类缺点.该文提出了一个新的基于格困难问题的环签名方案来解决这个问题.相比于其他方案,格基环签名方案实现了无条件的匿名性,在必要的时候还可以为授权方提供可追踪性.另外,该文方案不同于采用传统公钥密码进行隐私保护的方案,而是基于格的环上错误学习问题而设计的,这样可以确保其在量子算法攻击下的安全性.

In contemporary society, Vehicular Ad-hoc Network (VANET) has been a hot research topic in academic as well as other fields, such as intelligent transportation field. The application, VANET, has some charming strengths:(1) it can provide more convenient service for drivers and traffic managers (e.g. real time traffic information system);(2) it also increases the safety of vehicle traffic (e.g. rear-end early warning system). Such kind of service or convenience is based on shared information from participant users. The information includes the time, the location and other information about the roads and traffic. Usually, the message is broadcasted among many vehicles or temporary networks. Thus, communications between vehicles can be easily eavesdropped by some malicious attackers, who may be one of the normal users among the networks. And the message can be used by malicious attackers to locate and track the vehicles in practice. Therefore, it is essential to preserve the privacy in VANET. To our knowledge, there are many scheme proposed to solve this problem and they can be classified into as follows: anonymous certification, pseudo ID, group signature and ring signature. And currently, the most accepted schemes are based on pseudo ID, where users need to change their identities regularly and which is easy to be implemented. However, if the identity is changed in a not appropriate time, then the solution may not be effective. As for the anonymous certification schemes, though they offer conditional traceability with high computational efficiency, the distribution, the revocation and the huge storage of these certifications become the thorny problems. And the group signature based schemes are convenient to form a temporary network automatically and also have the property of traceability and anonymity. However, a role in these scheme, named group administrator, becomes the bottleneck of security, who is powerful and is needed to be trusted by others. In this paper, we will focus on the ring signature scheme which is paid less attention than others. The reasons why we choose ring signature are the following:(1) in ring signature based schemes, ring members are equal when compared to that of group signature based scheme, since it has no administrator role, so it is better to preserve the privacy;(2) compared to the anonymous certificate scheme, it does not need to communicate with certificate authorities, ring signature scheme is more flexible and automatic;(3) although it is not as simple as pseudo ID based schemes, ring signature scheme can achieve a higher security level. The main contributions of this paper include the following. First, we try to put forward a lattice - based ring signature scheme to deal with the privacy problem in VANET for a higher security level. In recent years, it is a concern to the attacks of quantum algorithms and lattice - based encryption schemes attracts a lot of attention. Second, to achieve the goal of anonymity and traceability, we apply the non-interactive zero knowledge proof technology to our construction. As a result, when the authorities want to know the true identity of some senders or malicious attackers who broadcast incorrect message, it can be achieved under the cooperation of all ring members.