Xiaoliang Wang,Xinhui She,Liang Bai,Yang Qing,Frank Jiang

DOI: https://doi.org/10.32604/cmc.2021.012454

2021-01-01

Abstract:The vehicular cloud computing is an emerging technology that changes vehicle communication and underlying traffic management applications. However, cloud computing has disadvantages such as high delay, low privacy and high communication cost, which can not meet the needs of realtime interactive information of Internet of vehicles. Ensuring security and privacy in Internet of Vehicles is also regarded as one of its most important challenges. Therefore, in order to ensure the user information security and improve the real-time of vehicle information interaction, this paper proposes an anonymous authentication scheme based on edge computing. In this scheme, the concept of edge computing is introduced into the Internet of vehicles, which makes full use of the redundant computing power and storage capacity of idle edge equipment. The edge vehicle nodes are determined by simple algorithm of defining distance and resources, and the improved RSA encryption algorithm is used to encrypt the user information. The improved RSA algorithm encrypts the user information by reencrypting the encryption parameters . Compared with the traditional RSA algorithm, it can resist more attacks, so it is used to ensure the security of user information. It can not only protect the privacy of vehicles, but also avoid anonymous abuse. Simulation results show that the proposed scheme has lower computational complexity and communication overhead than the traditional anonymous scheme.

Mir Ali Rezazadeh Baee,Leonie Simpson,Xavier Boyen,Ernest Foo,Josef Pieprzyk

DOI: https://doi.org/10.1186/s13638-021-01968-6

2021-05-21

EURASIP Journal on Wireless Communications and Networking

Abstract:Abstract In intelligent vehicular networks, vehicles have enhanced sensing capabilities and carry computing and communication platforms to enable new versatile systems known as Vehicular Communication (VC) systems. Vehicles communicate with other vehicles and with nearby fixed equipment to support different applications, including those which increase driver awareness of the surroundings. This should result in improved safety and may optimize traffic. However, VC systems are vulnerable to cyber attacks involving message manipulation. Research aimed at tackling this problem has resulted in the proposal of multiple authentication protocols. Several existing survey papers have attempted to classify some of these protocols based on a limited set of characteristics. However, to date there is no generic framework to support the comparison of these protocols and provide guidance for design and evaluation. Most existing classifications either use computation complexity of cryptographic techniques as a criterion, or they fail to make connections between different important aspects of authentication. This paper provides such a framework, proposing a new taxonomy to enable a consistent means of classifying authentication schemes based upon seven main criteria. The main contribution of this study is a framework to enable protocol designers and investigators to adequately compare and select authentication schemes when deciding on particular protocols to implement in an application. Our framework can be applied in design, making choices appropriate for the intended context in both intra-vehicle and inter-vehicle communications. We demonstrate the application of our framework using two different types of case study: individual analysis and hypothetical design. Additionally, this work makes several related contributions. We present the network model, outline the applications, list the communication patterns and the underlying standards, and discuss the necessity of using cryptography and key management in VC systems. We also review the threats, authentication, and privacy requirements in vehicular networks.

telecommunications,engineering, electrical & electronic

Li Li,XingJuan Fan,BoYuan Zhi,ShaoJun Li,Seyyed Amirreza Dabollahi

DOI: https://doi.org/10.1007/s11235-024-01172-z

2024-06-20

Telecommunication Systems

Abstract:In the contemporary era, the Internet of Vehicles (IoV) plays a pivotal role in traffic management, especially in the context of highly scalable and dynamic 5 G networks. Safeguarding these networks presents numerous challenges, particularly in controlling access for unauthenticated users and establishing secure key agreements with fine-grained access control. Balancing these security measures is vital to prevent unauthorized information flow while aligning with the promising goals of future generation technologies. Despite numerous related studies being conducted, existing schemes face risks such as privacy breaches, identity tracing, and substantial computation overheads. Consequently, there is an urgent need to introduce a more secure and efficient scheme to counter various attacks. This paper introduces an authenticated key agreement scheme, tailored for fog-based IoV. The scheme's security is established under the Random Oracle Model and verified using the ProVerif tool. Additionally, a performance assessment is conducted, demonstrating that the proposed protocol simultaneously meets both security and efficiency requirements when compared to several related schemes.

telecommunications

Jingwei Liu,Qingqing Li,Rong Sun,Xiaojiang Du,Mohsen Guizani

DOI: https://doi.org/10.48550/arXiv.1811.03239

2018-11-08

Abstract:Internet of Vehicles (IoV) is an intelligent application of IoT in smart transportation, which can make intelligent decisions for passengers. It has drawn extensive attention to improve traffic safety and efficiency and create a more comfortable driving and riding environment. Vehicular cloud computing is a variant of mobile cloud computing, which can process local information quickly. The cooperation of the Internet and vehicular cloud can make the communication more efficient in IoV. In this paper, we mainly focus on the secure communication between vehicles and roadside units. We first propose a new certificateless short signature scheme (CLSS) and prove the unforgeability of it in random oracle model. Then, by combining CLSS and a regional management strategy we design an efficient anonymous mutual quick authentication scheme for IoV. Additionally, the quantitative performance analysis shows that the proposed scheme achieves higher efficiency in terms of interaction between vehicles and roadside units compared with other existing schemes.

Cryptography and Security

Qing Yang,Xiaoqian Zhu,Xiaoliang Wang,Junjie Fu,Jing Zheng,Yuzhen Liu

DOI: https://doi.org/10.1016/j.future.2023.03.037

IF: 7.307

2023-04-02

Future Generation Computer Systems

Abstract:With the proposal of the intelligent transportation system, vehicular ad-hoc networks have been widely concerned and well-developed. Vehicular ad-hoc network is recognized as a major innovation of the Internet of Things technology. It can collect and analyze traffic data uploaded by vehicles through the network, monitor vehicle state in real-time, provide better driving routes and real-time traffic decisions for vehicles, and improve vehicles' overall level of intelligent driving. To make vehicles quickly join the vehicular ad-hoc networks through the authentication of identity legitimacy, take into account security and efficiency, and further reduce the calculation and communication consumption in authentication, this paper designs a mutual anonymous authentication and key agreement scheme based on an elliptic curve for the vehicular ad-hoc networks. To complete vehicle authentication and session key establishment, we work with lightweight operations like hash, XOR, and connection in conjunction with the elliptic curve discrete logarithm problem to guarantee the confidentiality of communication data. In the scheme, identity authentication is divided into two types: initial authentication and subsequent authentication. When the vehicle is just on the road, it will use the first roadside unit it encounters for initial authentication. All roadside units that cars on the road come across are then authenticated after the accomplishment of the initial authentication with the first roadside unit. Subsequent authentication is lighter and less computationally complex than initial authentication. Of course, subsequent authentication is based on initial authentication. This paper also analyzes the scheme's security and uses BAN logic analysis and Proverif simulation to verify the scheme's security. Additionally, performance analysis is used to demonstrate the scheme's superiority.

computer science, theory & methods

Junfeng Miao,Zhaoshun Wang,Xin Ning,Achyut Shankar,Carsten Maple,Joel J. P. C. Rodrigues

DOI: https://doi.org/10.1109/tits.2024.3360251

IF: 8.5

2024-01-01

IEEE Transactions on Intelligent Transportation Systems

Abstract:As a component of the Intelligent Transportation System (ITS), Internet of Vehicles (IoV) is becoming increasingly important in the management and construction of urban transportation as it can provide users with a range of applications related to traffic accident warnings, entertainment information, collaborative driving and real-time road information through communication devices on vehicles. However, with the increasing variety of services in the IoV, the growing demand for user traffic and the advances in Unmanned Aerial Vehicle (UAV) technology, UAV is introduced into the IoV as a solution, which can relieve the pressure on the communication infrastructure in the network, provide emergency communication services and improve the performance of network services. Due to the openness of IoV and the high-speed movement of vehicles, authentication and privacy issues are among the most pressing issues in IoV. Therefore, the paper proposes a secure and effective authentication protocol for UAV-assisted IoV. The protocol utilises elliptic curve cryptography to assure the security of the authentication. The protocol undergoes proof of security, Burrows-Abadi-Needham (BAN) logic analysis and informal security analysis to ensure secure and mutual authentication, and have a good resistance to known attacks. Furthermore, performance analysis and comparison are conducted to evaluate the efficiency of our protocol. The results indicate that our protocol has superior advantages in overhead.

engineering, electrical & electronic,transportation science & technology, civil

Jing Zheng,Xiaoliang Wang,Qing Yang,Wenhui Xiao,Yapeng Sun,Wei Liang

DOI: https://doi.org/10.1080/09540091.2022.2032602

2022-05-12

Connection Science

Abstract:The Internet of Vehicles is deployed in an open environment, and protecting its security and data privacy is the challenge. Carrying out the Internet of Vehicles secure authentication before interaction of information is an important part of ensuring the security foundation. Therefore, this article designs a safe and reliable Internet of Vehicles authentication and key agreement schemeassisted by blockchain. This article uses a multi-TA network model to improve the efficiency of authentication. Because of the rapid movement of vehicles, it will continue to appear cross-RSU and TA certification. Considering the disadvantages of most centralised authentication protocols using a single TA, this paper uses the multi-TA model to improve the efficiency of authentication. By usingblockchain technology to store the authentication information of vehicles, the cross-domain authentication of vehicles and the protection of user privacy information can be well realised. At the same time, in order to reduce the time of vehicle authentication, this scheme uses a lightweight calculation operation to complete the whole process of authentication. Through security analysis and results of Proverif simulation, the security of the solution is well proved, our scheme can resist various common attacks. Compared with some existing Internet of Vehicles security authentication protocols, the proposed scheme has a lower cost of computation, communication, and storage.

computer science, artificial intelligence, theory & methods

Kai Fan,Ye Bi,Yintang Yang,Kuan Zhang,Hui Li

DOI: https://doi.org/10.1109/mnet.002.2300009

IF: 10.294

2023-12-01

IEEE Network

Abstract:With the increased number of vehicles, infrastructure, and demand for various road services, the traditional Internet of Vehicles (IoV) architecture fails to provide quality services to users. New frameworks combining the vehicular network with cloud computing to extend storage capacity and processing power are highly sought. The vehicles communicate with the roadside units (RSUs) and upload the road condition information to the cloud server, enabling dynamic resource scheduling. However, in practical applications, the authentication scheme for emergency vehicles as a special node in the vehicle network receives insufficient attention. This article proposes a multi-factor lightweight emergency vehicle authentication protocol for cloud environments. Our protocol enables mutual authentication among the vehicle, the RSU, and the cloud server. An essential feature of our scheme is that during the initial authentication process, the cloud server generates random temporary secrets for the emergency vehicle and subsequent RSUs on the planned route. During the re-authentication phase, the vehicles and RSUs are authenticated using temporary secrets, improving the efficiency. In addition, our protocol verifies the driver's identity and prevents the system from impersonation attacks and vehicle theft attacks. Extensive simulation comparisons and security analyses demonstrate that our protocol is more effective.

computer science, information systems,telecommunications,engineering, electrical & electronic, hardware & architecture

Zhaolong Wang,Yanwei Zhou,Zirui Qiao,Bo Yang,Chunxiang Gu,Yuan Xu,Mingwu Zhang

DOI: https://doi.org/10.1109/jiot.2022.3222469

IF: 10.6

2023-03-11

IEEE Internet of Things Journal

Abstract:In the vehicular ad hoc network (VANET), the communication between the vehicle and other nodes is performed in an open channel, which puts forward the requirements for its privacy security and message integrity. Most previous protocols either frequently verify identities before accepting traffic information or do not involve identity revocation mechanisms, and they may assume that third parties are fully trusted. To further solve the above problem, a certificateless-based anonymous and revocable authentication protocol for vehicle-to-vehicle communications is proposed in this article. Our construction separates the identity authentication process from the traffic message verification, which not only avoids the disadvantage of a frequent identity revocation list (IRL) checking but also reduces the overhead in communication and message authentication. These features can make "identity authentication once, broadcast efficiency" really happen. In addition, since our authentication process is based on certificateless signature, it can resist malicious key generation centers (KGCs) and road-side units (RSUs), which is very necessary for privacy-sensitive application scenarios. Finally, the performance analyses show that our proposal is superior to the existing schemes in terms of authentication speed and communication overhead.

computer science, information systems,telecommunications,engineering, electrical & electronic

Chaeeon Kim,DeokKyu Kwon,Seunghwan Son,Sungjin Yu,Youngho Park

DOI: https://doi.org/10.3390/math12233756

IF: 2.4

2024-11-29

Mathematics

Abstract:The Internet of Vehicles (IoV) is an emerging technology that enables vehicles to communicate with their surroundings, provide convenient services, and enhance transportation systems. However, IoV networks can be vulnerable to security attacks because vehicles communicate with other IoV components through an open wireless channel. The recent related work suggested a two-factor-based lightweight authentication scheme for IoV networks. Unfortunately, we prove that the related work cannot prevent various security attacks, such as insider and ephemeral secret leakage (ESL) attacks, and fails to ensure perfect forward secrecy. To address these security weaknesses, we propose an anonymous and efficient authentication scheme with conditional privacy-preserving capabilities in IoV networks. The proposed scheme can ensure robustness against various security attacks and provide essential security features. The proposed scheme ensures conditional privacy to revoke malicious behavior in IoV networks. Moreover, our scheme uses only one-way hash functions and XOR operations, which are low-cost cryptographic operations suitable for IoV. We also prove the security of our scheme using the "Burrows–Abadi–Needham (BAN) logic", "Real-or-Random (ROR) model", and "Automated Validation of Internet Security Protocols and Applications (AVISPA) simulation tool". We evaluate and compare the performance and security features of the proposed scheme with existing methods. Consequently, our scheme provides improved security and efficiency and is suitable for practical IoV networks.

mathematics

Anmulin Wu,Yajun Guo,Yimin Guo

DOI: https://doi.org/10.1007/s12083-022-01442-0

IF: 3.488

2023-05-07

Peer-to-Peer Networking and Applications

Abstract:Blockchain technology can provide excellent support for identity authentication and access control mechanisms. In particular, blockchain technology can ensure that large amounts of confidential data generated by the Internet of Vehicles devices are stored and transmitted in a safe and reliable environment, which is the key to making system services optimal. In addition, mobile edge computing is the best solution for IoV applications to deal with low latency and limited computing and storage capacity of vehicle-mounted devices. Mobile edge computing can help IoV systems achieve a variety of functions and features, the most important of which is the ability to process terminal data in real-time. Even though the amount of data generated by IoV devices is growing rapidly, the system is still characterized by low latency and high efficiency. Because the communication between IoV devices is carried out in an untrusted environment, it is particularly important to design a secure and effective identity authentication scheme. Therefore, this paper proposes an efficient, safe, and time-sensitive authentication mechanism for devices on the Internet of Vehicles, which applies to a large number of scenarios. The mechanism is based on the blockchain concept and mobile edge computing technology. Security analysis shows that the proposed scheme meets the security requirements of the Internet of Vehicles and is resistant to many known attacks. By comparing with existing advanced IoT authentication schemes, the performance evaluation of the mechanism shows that the scheme enhances security features while reducing computation and communication overhead.

computer science, information systems,telecommunications

Yuanshuai Li,Li Cao,Guoli Zheng,Honglei Men,Liang Chen

DOI: https://doi.org/10.1016/j.compeleceng.2024.109261

IF: 4.152

2024-05-02

Computers & Electrical Engineering

Abstract:The Internet of Vehicles (IoV) provides various services to vehicles through information sharing to ensure road safety and improve traffic efficiency. However, malicious attackers can challenge the privacy and security systems of the IoV by conducting security attacks. Currently, many schemes use bilinear pairing or elliptic curves to construct authentication systems, ensuring anonymity of vehicle identities and message security. However, these schemes suffer drawbacks such as low computational efficiency and high communication overhead in highly dynamic IoV. Therefore, we propose a new efficient certificateless message authentication scheme. The proposed scheme constructs a lightweight security authentication protocol by improving the RSA dynamic accumulator and combining it with non-interactive discrete logarithm zero-knowledge proofs. In addition, our scheme eliminates the need for bilinear pairing operations, thereby reducing computational overhead. Simultaneously, it enables real-time tracking and revocation of malicious vehicle identities. Security analysis shows that our scheme can be reduced to a secure S-RSA assumption under the random oracle model, meeting various security requirements of the IoV. Performance analysis shows that our scheme diminishes not only the computational overhead but also the communication overhead.

engineering, electrical & electronic,computer science, interdisciplinary applications, hardware & architecture

Ming Tao,Kaoru Ota,Mianxiong Dong,Zhuzhong Qian

DOI: https://doi.org/10.1016/j.jpdc.2017.09.004

IF: 4.542

2017-01-01

Journal of Parallel and Distributed Computing

Abstract:Vehicle-to-Grid (V2G) systems promoted by the federated Internet of Things (IoT) technology will be ubiquitous in the future; therefore, it is crucial to provide trusted, flexible and efficient operations for V2G services using high-quality measures for security and privacy. These can be achieved by access and authority authentication. This paper presents a lightweight protocol for capacity-based security access authentication named AccessAuth. Considering the overload probability and system capacity constraints of the V2G network domain, as well as the mobility of electric vehicles, the ideal number of admissible access requests is first calculated adaptively for each V2G network domain to actively achieve capacity-based access admission control. Subsequently, to provide mutual authentication and maintain the data privacy of admitted sessions, by considering whether there is prior knowledge of the trust relationship between the relevant V2G network domains, a high-level authentication model with specific authentication procedures is presented to enforce strict access authentication such that the sessions are conducted only by authorized requesters. Additionally, efficient session revocation with forward security and session recovery with no extra authentication delay are also discussed. Finally, analytical and evaluation results are presented to demonstrate the performance of AccessAuth.

Huimin Shen,Taochun Wang,Jian Chen,Yuan Tao,Fulong Chen

DOI: https://doi.org/10.1109/tvt.2024.3355711

IF: 6.8

2024-01-01

IEEE Transactions on Vehicular Technology

Abstract:The proliferation of intelligent transportation technology has led to an increased frequency of communication between vehicles. However, the openness of the Internet of Vehicles and wireless communication has introduced substantial privacy and security concerns, necessitating the adoption of identity authentication technology to ensure secure vehicle-to-vehicle communication. In response to the challenges posed by single point of failure and high computational costs in traditional centralized identity authentication schemes, this study proposes a blockchain-based batch authentication scheme for the Internet of Vehicles BBASV. By leveraging a non-pairing certificateless mechanism, the BBASV scheme effectively addresses these limitations, reducing the computational complexity and network traffic in the authentication process, thereby enabling efficient batch authentication. Additionally, identity-based prefix-key encryption is utilized to preserve the privacy of vehicle identities during proxy vehicle broadcasting. Moreover, the proxy vehicle leverages signature fusion technology to perform batch authentication on neighboring vehicles, alleviating the authentication burden on roadside units. The effectiveness of the BBASV scheme is rigorously evaluated through theoretical analysis and empirical experimentation, demonstrating its resilience against various security threats, including DoS attacks, man-in-the-middle attacks, and simulated attacks. Furthermore, the scheme exhibits favorable attributes such as low computational requirements and network traffic, rendering it a promising solution for ensuring secure and privacy-preserving communication within the Internet of Vehicles domain.

telecommunications,engineering, electrical & electronic,transportation science & technology

Hu Xiong,Jianbin Hu,Tao Yang,Wei Xin,Zhong Chen

DOI: https://doi.org/10.48550/arXiv.1008.5015

2010-08-30

Abstract:In this paper, we introduce an efficient and trustworthy conditional privacy-preserving communication protocol for VANETs based on proxy re-signature. The proposed protocol is characterized by the Trusted Authority (TA) designating the Roadside Units (RSUs) to translate signatures computed by the On-Board Units (OBUs) into one that are valid with respect to TA's public key. In addition, the proposed protocol offers both a priori and a posteriori countermeasures: it can not only provide fast anonymous authentication and privacy tracking, but guarantees message trustworthiness for vehicle-to-vehicle (V2V) communications. Furthermore, it reduces the communication overhead and offers fast message authentication and, low storage requirements. We use extensive analysis to demonstrate the merits of the proposed protocol and to contrast it with previously proposed solutions.

Cryptography and Security

Manik Gupta,Rakesh Kumar,Shashi Shekhar,Bhisham Sharma,Ram Bahadur Patel,Shaily Jain,Imed Ben Dhaou,Celestine Iwendi

DOI: https://doi.org/10.3390/s22145119

2022-07-07

Abstract:The Internet of Vehicles (IoV) is a new paradigm for vehicular networks. Using diverse access methods, IoV enables vehicles to connect with their surroundings. However, without data security, IoV settings might be hazardous. Because of the IoV's openness and self-organization, they are prone to malevolent attack. To overcome this problem, this paper proposes a revolutionary blockchain-enabled game theory-based authentication mechanism for securing IoVs. Here, a three layer multi-trusted authorization solution is provided in which authentication of vehicles can be performed from initial entry to movement into different trusted authorities' areas without any delay by the use of Physical Unclonable Functions (PUFs) in the beginning and later through duel gaming, and a dynamic Proof-of-Work (dPoW) consensus mechanism. Formal and informal security analyses justify the framework's credibility in more depth with mathematical proofs. A rigorous comparative study demonstrates that the suggested framework achieves greater security and functionality characteristics and provides lower transaction and computation overhead than many of the available solutions so far. However, these solutions never considered the prime concerns of physical cloning and side-channel attacks. However, the framework in this paper is capable of handling them along with all the other security attacks the previous work can handle. Finally, the suggested framework has been subjected to a blockchain implementation to demonstrate its efficacy with duel gaming to achieve authentication in addition to its capability of using lower burdened blockchain at the physical layer, which current blockchain-based authentication models for IoVs do not support.

Teng Cheng,Zexu Wu,Chuansu Wang,Qin Shi,Xing Zhang,Peiling Xu

DOI: https://doi.org/10.1109/tvt.2024.3382100

IF: 6.8

2024-01-01

IEEE Transactions on Vehicular Technology

Abstract:The Internet of Vehicles (IoV) technology has recently emerged as a popular area of research, and vehicle-to-cloud communication forms the basis of the IoV. This process involves uploading a large amount of information related to the vehicle and its location. The security of vehicle-to-cloud communication thus has a significant impact on the safety of the IoV. This paper proposes a vehicle-to-cloud communication system based on lightweight authentication and extended Quantum Key Distribution. The system supports the wireless distribution of session keys between vehicles and the Quantum Cloud Server (QCS) by using a WAN (Wide Area Network), and supports the wired transmission of quantum keys between the QCS and the Telematics Service Provider (TSP) through a LAN (Local Area Network) by using the BB84 protocol. The system can implement encrypted communication based on quantum physical security in a hybrid network. Moreover, we propose a lightweight identity authentication scheme. An analysis of its performance shows that the proposed system requires a small amount of computation and incurs a low communication overhead. This scheme is applicable to most Internet devices with low computing and communication capacity, and can potentially be used in the IoV framework. We conducted simulations of the proposed system and experiments to test its performance. The maximum average delay in communication in experiments was 40.681 ms and the maximum rate of packet loss was 0.1222%. The proposed system can thus ensure safe and efficient IoV communication.

telecommunications,engineering, electrical & electronic,transportation science & technology

Haoye Chai,Supeng Leng,Jianhua He,Ke Zhang,Baoyi Cheng

DOI: https://doi.org/10.1109/tvt.2021.3132961

IF: 6.8

2021-01-01

IEEE Transactions on Vehicular Technology

Abstract:Internet of Vehicles (IoVs) presents promising opportunities for vehicle to everything (V2X) applications, wherein authentication acts as the cornerstone to realize trustworthy vehicular context and to support advanced applications. However, existing authentication schemes mainly depend on centralized servers with both security and privacy issues. In this paper, we propose a CyberTwin (CT) empowered blockchain framework for authentication, namely CyberChain, to reduce both the communication and storage cost while maintaining vehicular privacy. By designing a blockchain system in the cyberspace, we decouple the consensus process from the physical world, so that the operation cost of blockchain can be reduced. A Privacy-Preserving Parallel Pedersen Commitment (P4C) algorithm is designed to protect the privacy of vehicles and accelerate the authentication process. To further enhance the operation efficiency of CyberChain, we propose a Diffused Practical Byzantine Fault Tolerance (DPBFT) mechanism to reach consensus in the cyberspace that can reduce consensus latency. The proposed cyberchain framework and the associated mechanisms are evaluated by qualitative analysis and simulations. The evaluation results demonstrated that the proposed cyberchain based framework significantly improves the authentication performance in terms of authentication latency, privacy, communication overhead and storage cost.

telecommunications,engineering, electrical & electronic,transportation science & technology

Wenping Yu,Rui Zhang,Maode Ma,Cong Wang

DOI: https://doi.org/10.3390/electronics13020449

IF: 2.9

2024-01-23

Electronics

Abstract:In the process of vehicles transitioning from conventional means of transportation to mobile computing platforms, ensuring secure communication and data exchange is of paramount importance. Consequently, identity authentication has emerged as a crucial security measure. Specifically, effective authentication is required prior to the communication between the On-Board Unit (OBU) and Roadside Unit (RSU). To address vehicle identity authentication challenges in the Internet of Vehicles (VANETs), this paper proposes a three-party identity authentication and key agreement protocol based on elliptic curve public key cryptography. Considering issues such as vehicle impersonation attacks, RSU impersonation attacks, and vehicle privacy breaches in existing schemes within wireless mobile environments, this protocol introduces a trusted registry center that successfully enables mutual authentication between OBU and RSU. The proposed protocol not only enhances the VANETs system's ability to withstand security threats but also improves the credibility and efficiency of the authentication process.

engineering, electrical & electronic,computer science, information systems,physics, applied

Hu Xiong,Ting Yao,Yaxin Zhao,Lingxiao Gong,Kuo-Hui Yeh

DOI: https://doi.org/10.1109/tits.2024.3465242

IF: 8.5

2024-11-05

IEEE Transactions on Intelligent Transportation Systems

Abstract:With the rise of intelligent transportation, various mobile value-added services can be provided by the service provider (SP) in the Internet of Vehicles (IoV). To guarantee the dependability of services, it is essential to implement a mutual authentication protocol between the vehicles and the SP. Existing mutual authentication protocols to secure the communication between the SP and the vehicle raise challenges such as providing fine-grained forward security for the SP and achieving backward security for the vehicle. To handle these challenges, this paper proposes a conditional privacy-preserving mutual authentication protocol featured with fine-grained forward security and backward security for IoV, which can be implemented via two building blocks we have constructed. Specifically, we present a new puncturable signature (PS) scheme without false-positive probability and the update of the public key as well as the first proxy re-signature scheme with parallel key-insulation (PKI-PRS). What's more, both the proposed PKI-PRS and PS still have interest beyond this protocol. Then, an anonymous mutual authentication protocol with resistance to key leakage is constructed by incorporating the above signature schemes. The proposed protocol not only provides fine-grained forward security for the SP, but also ensures forward security as well as backward security for the vehicles. Besides, the approach to achieving anonymous authentication can efficiently provide conditional privacy-preserving for the vehicles. With the support of the random oracle model and experimental simulations, the formal security proof and the superiority of the proposed protocol is explicitly given.

engineering, electrical & electronic,transportation science & technology, civil