车联网环境下无证书匿名认证方案

Certificateless Anonymous Authentication Scheme for Internet of Vehicles

通过信息共享,车联网(IoV)为车辆提供各种应用,以提高道路安全和交通效率。然而,车辆之间的公开通信导致了车辆隐私泄露和各种攻击。因而,安全且保护隐私的信息共享方法是非常必要的,并且对车辆间通信的安全性和保密性提出了更高的要求,所以该文提出了一种支持批量验证的非线性对的无证书匿名认证方案。在该方案中,首先,采用无证书签名机制避免了证书管理和密钥托管问题;其次结合区域管理局生成的长期伪身份和自己生成的短期伪身份保证车辆的强匿名性和签名的新鲜性,避免路侧单元计算伪身份造成的身份泄露和时延;再次,采用无对的聚合签名提供批验证,减少车联网环境中路侧单元的计算量;最后,当发生恶意事件时,区域管理局可以追踪车辆的真实身份并由可信中心撤销该用户。安全性证明和分析表明,该方案具有高的安全性,并满足完整性、可追踪性、匿名性、可撤销性等安全要求。将该方案与现有的方案进行了比较,效率分析表明该方案更有效。

Through information sharing,the Internet of Vehicles(IoV)provides various applications for vehicles to improve road safety and traffic efficiency.However,the open communication between vehicles lead to vehicle privacy leakage and various attacks.Therefore,information sharing methods with security and privacy protection are very necessary,so a pairing-free and certificateless anonymous authentication scheme supporting batch authentication is proposed.In this scheme,firstly,the problem of certificate management and key escrow can be avoided by using the certificateless signature;Secondly,the combination of the long-term pseudo-identity generated by the regional authority and the short-term pseudo-identity generated by itself,the strong anonymity of vehicle and the freshness of signature are guaranteed,and the identity disclosure and the communication delay caused by Road-side-unit computing pseudo identity are avoided;Thirdly,the aggregating signature without pairing is used to provide batch verification,which reduces greatly the computational burden of RSUs in vehicle network environment;Finally,when a malicious event occurs,the Regional Trusted Authority(RTA)can track the real identity of the vehicle.Security proof and analysis show that,the scheme has high security,and meets the security requirements.