CN118890148A - A method for Internet of Vehicles authentication key negotiation supporting conditional privacy protection - Google Patents

A method for Internet of Vehicles authentication key negotiation supporting conditional privacy protection Download PDF

Info

Publication number
CN118890148A
CN118890148A CN202411086794.8A CN202411086794A CN118890148A CN 118890148 A CN118890148 A CN 118890148A CN 202411086794 A CN202411086794 A CN 202411086794A CN 118890148 A CN118890148 A CN 118890148A
Authority
CN
China
Prior art keywords
vehicle
roadside unit
key
registration
unit rsu
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202411086794.8A
Other languages
Chinese (zh)
Other versions
CN118890148B (en
Inventor
薛婧婷
林玉涵
邓钦方
李文毅
敬熙民
张晓均
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Southwest Petroleum University
Original Assignee
Southwest Petroleum University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Southwest Petroleum University filed Critical Southwest Petroleum University
Priority to CN202411086794.8A priority Critical patent/CN118890148B/en
Publication of CN118890148A publication Critical patent/CN118890148A/en
Application granted granted Critical
Publication of CN118890148B publication Critical patent/CN118890148B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3273Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response for mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/043Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
    • H04W12/0431Key distribution or pre-distribution; Key agreement
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]

Landscapes

  • Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Medical Informatics (AREA)
  • Health & Medical Sciences (AREA)
  • Algebra (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

本发明公开了一种支持条件隐私保护的车联网认证密钥协商方法,涉及信息安全技术领域。本发明所述方法包括初始化、注册、认证和参数更新,涉及车辆、路边单元、可信中心三类实体。与现有技术的认证密钥协商方案相比,本发明能够保证车辆用户身份的条件隐私;能实现车辆和路边单元在可信中心处注册后,可信中心不参与后续的认证密钥协商过程的情况下,仍可保证通信信息的安全性;能在不依赖可信中心的情况下,实现点对点的相互认证;还能在当前密钥泄露的前提下,实现前向和后向隐私保护。

The present invention discloses a vehicle network authentication key negotiation method supporting conditional privacy protection, and relates to the field of information security technology. The method of the present invention includes initialization, registration, authentication and parameter update, and involves three entities: vehicles, roadside units, and trusted centers. Compared with the authentication key negotiation scheme of the prior art, the present invention can ensure the conditional privacy of the vehicle user's identity; it can ensure the security of communication information after the vehicle and the roadside unit are registered at the trusted center, and the trusted center does not participate in the subsequent authentication key negotiation process; it can achieve point-to-point mutual authentication without relying on the trusted center; it can also achieve forward and backward privacy protection under the premise of current key leakage.

Description

一种支持条件隐私保护的车联网认证密钥协商方法A method for Internet of Vehicles authentication key negotiation supporting conditional privacy protection

技术领域Technical Field

本发明涉及信息安全技术领域,具体涉及一种支持条件隐私保护的车联网认证密钥协商方法。The present invention relates to the field of information security technology, and in particular to a vehicle networking authentication key negotiation method supporting conditional privacy protection.

背景技术Background Art

为了促进传统交通的数字化转型,推进国家智慧交通的发展,满足人们对出行效率与交通安全等需求,车联网(Internet ofVehicles,IoV)应运而生。车联网是指通过车载传感器、控制器、执行器以及通信模块等设备,将车辆与网络连接起来,实现车辆与车辆(Vehicle 2Vehicle)、车辆与基础设施(Vehicle 2Infrastructure)、车辆与网络(Vehicle2Network)、车辆与行人(Vehicle 2Pedestrian)等多种交互方式。该技术旨在通过信息共享和协同处理,提高交通安全、提升出行效率、提供增值服务,并促进智能交通系统的发展。我国也在积极推动智能网联汽车技术研发和产业化应用。信息共享作为车联网的核心功能和关键要素,备受关注,但也面临着安全和隐私方面的挑战。传统的车联网方案中,虽然可以改善智慧交通中的智能处理和实时响应,但V2V和V2I的公共通信会让车联网系统容易受到各种攻击如数据篡改、伪装、中间人攻击等,同时车辆用户的身份也是公开的,未考虑身份的匿名性,损害了用户隐私。综上所述,在通信信息安全和用户隐私方面是有待改进。因此,本工作提出一种具有条件隐私属性的车联网安全通信方法。In order to promote the digital transformation of traditional transportation, advance the development of national smart transportation, and meet people's needs for travel efficiency and traffic safety, the Internet of Vehicles (IoV) came into being. The Internet of Vehicles refers to connecting vehicles to the network through on-board sensors, controllers, actuators, communication modules and other devices to achieve various interaction modes such as vehicle-to-vehicle (Vehicle 2Vehicle), vehicle-to-infrastructure (Vehicle 2Infrastructure), vehicle-to-network (Vehicle 2Network), and vehicle-to-pedestrian (Vehicle 2Pedestrian). This technology aims to improve traffic safety, travel efficiency, provide value-added services, and promote the development of intelligent transportation systems through information sharing and collaborative processing. my country is also actively promoting the research and development and industrial application of intelligent connected vehicle technology. As the core function and key element of the Internet of Vehicles, information sharing has attracted much attention, but it also faces challenges in security and privacy. In traditional IoV solutions, although intelligent processing and real-time response in smart transportation can be improved, the public communication of V2V and V2I makes the IoV system vulnerable to various attacks such as data tampering, camouflage, and man-in-the-middle attacks. At the same time, the identity of the vehicle user is also public, and the anonymity of the identity is not considered, which damages the user's privacy. In summary, there is room for improvement in communication information security and user privacy. Therefore, this work proposes a secure communication method for IoV with conditional privacy attributes.

为了保证通信过程中的信息安全,现有部分文献利用双线性映射和安全计算保证通信安全,但是此类方案存在计算开销大、运行效率低等问题。本工作提出一种采用椭圆曲线来实现的轻量级认证密钥协商方法,保证认证过程中信息的安全性。In order to ensure the information security during the communication process, some existing literature uses bilinear mapping and secure computing to ensure communication security, but such schemes have problems such as high computational overhead and low operating efficiency. This work proposes a lightweight authentication key agreement method implemented using elliptic curves to ensure the security of information during the authentication process.

为了实现用户身份的条件隐私,已经有很多安全有效的条件隐私保护方案被提出,如公钥基础设施(PKI)、证书和数字签名相结合实现的条件隐私保护。然而,这些方案只关注了条件匿名,并未考虑到随着车辆的增加,公钥证书的存储及管理问题。本工作提出一种认证密钥协商(AKA)的认证方法以及密钥衍生算法,来实现车辆身份的条件匿名。In order to achieve conditional privacy of user identity, many secure and effective conditional privacy protection schemes have been proposed, such as conditional privacy protection achieved by combining public key infrastructure (PKI), certificates and digital signatures. However, these schemes only focus on conditional anonymity and do not consider the storage and management of public key certificates as the number of vehicles increases. This work proposes an authentication method of authenticated key agreement (AKA) and a key derivation algorithm to achieve conditional anonymity of vehicle identity.

发明内容Summary of the invention

本发明的目的在于克服现有技术的不足,提供一种支持条件隐私保护的车联网认证密钥协商方法。The purpose of the present invention is to overcome the deficiencies of the prior art and provide a vehicle networking authentication key negotiation method that supports conditional privacy protection.

本发明的目的是通过以下技术方案来实现的:The objective of the present invention is achieved through the following technical solutions:

一种支持条件隐私保护的车联网认证密钥协商方法,包括:A vehicle network authentication key negotiation method supporting conditional privacy protection, comprising:

系统初始化阶段:构建包括可信中心TA、路边单元和车辆三种实体的车联网系统,车联网系统初始化并生成公共参数;System initialization phase: Build a connected vehicle system including three entities: the trusted center TA, roadside units, and vehicles. Initialize the connected vehicle system and generate public parameters.

车辆注册阶段:可信中心TA在收到车辆注册请求后为车辆生成注册数据,车辆根据注册数据计算车辆注册信息及车辆公私钥对;Vehicle registration phase: After receiving the vehicle registration request, the trusted center TA generates registration data for the vehicle, and the vehicle calculates the vehicle registration information and the vehicle public and private key pair based on the registration data;

路边单元注册阶段:可信中心TA在收到路边单元申请请求后为路边单元生成注册数据,路边单元根据注册数据计算路边单元注册信息及路边单元公私钥对;Roadside unit registration phase: After receiving the roadside unit application request, the trusted center TA generates registration data for the roadside unit. The roadside unit calculates the roadside unit registration information and the roadside unit public and private key pair based on the registration data;

密钥协商阶段:车辆与路边单元相互验证并建立会话密钥;Key negotiation phase: The vehicle and the roadside unit authenticate each other and establish a session key;

参数更新阶段:更新车辆与路边单元在注册阶段保存的初始注册信息。Parameter update phase: Update the initial registration information of the vehicle and the roadside unit saved during the registration phase.

进一步地,所述系统初始化阶段由可信中心TA执行,包括:Furthermore, the system initialization phase is performed by the trusted center TA, including:

基于有限域GF(p)确定椭圆曲线群其生成元为P且阶数为q;Determining the elliptic curve group based on the finite field GF(p) Its generator is P and its order is q;

随机选择作为主私钥,计算主公钥PKTA=SKTA·P;Random Selection As the master private key, calculate the master public key PK TA = SK TA · P;

选择安全哈希函数H,公开系统参数 Select a secure hash function H and disclose system parameters

进一步地,所述车辆注册阶段由车辆Vi与可信中心TA交互完成,其中i=1,2,...,n,n表示车辆总数目,车辆注册阶段具体包括:Furthermore, the vehicle registration phase is completed by the interaction between the vehicle V i and the trusted center TA, where i=1, 2, ..., n, and n represents the total number of vehicles. The vehicle registration phase specifically includes:

车辆Vi通过安全信道发送给可信中心TA;Vehicle V i will Send to the trusted center TA through a secure channel;

收到注册请求后,可信中心TA选择随机数xi,计算Xi=xi·P,li=H(PKTA)·xi+H(Xi)·SKTA(mod q),并将(Vseedi,Xi,li)发送给车辆ViAfter receiving the registration request, the trusted center TA selects a random number x i , Calculate Xi = xi ·P, li =H( PKTAxi +H( XiSKTA (mod q), and send ( Vseedi , Xi , li ) to vehicle Vi ;

可信中心TA响应后,车辆Vi首先计算hl||hr←H(Vseedi), 其中表示车辆Vi的根派生密钥,表示车辆Vi的根派生信息;然后选择随机数作为私钥,生成公钥pkVi=skVi·P;计算车辆Vi在本地保存并公开{pkVi,Xi}。After the trusted center TA responds, vehicle V i first calculates h l ||h r ←H(Vseed i ), in represents the root derived key of vehicle V i , Represents the root derived information of vehicle V i ; then select a random number As the private key, generate the public key pk Vi = sk Vi · P; calculate Vehicle V i is saved locally And make {pk Vi ,X i } public.

进一步地,所述路边单元注册阶段由路边单元RSUj与可信中心TA交互完成,其中j=1,2,...,m,m表示路边单元总数目,路边单元注册阶具体包括:Furthermore, the roadside unit registration phase is completed by the interaction between the roadside unit RSU j and the trusted center TA, where j=1, 2, ..., m, m represents the total number of roadside units, and the roadside unit registration phase specifically includes:

路边单元RSUj通过安全信道发送给可信中心TA;Roadside Unit RSU j Send to the trusted center TA through a secure channel;

收到注册请求后,可信中心TA选择随机数yj,计算Yj=yj·P,lj=H(PKTA)·yj+H(Yj||IDj)·SKTA(modq),并将(Rseedj,Yj,lj)发送给路边单元RSUjAfter receiving the registration request, the trusted center TA selects a random number yj , Calculate Y j =y j ·P, l j =H(PK TA )·y j +H(Y j || ID j )·SK TA (modq), and send (Rseed j ,Y j ,l j ) to the roadside unit RSU j ;

在可信中心TA响应后,路边单元RSUj首先计算hl||hr=H(Rseedj),其中表示路边单元RSUj的根派生密钥,表示路边单元RSUj的根派生信息;然后选择作为私钥,生成公钥pkRSUj=skRSUj·P;最后计算 路边单元RSUj在本地保存并公开{pkRSUj,Yj}。After the trusted center TA responds, the roadside unit RSU j first calculates h l || h r =H(Rseed j ), in represents the root derived key of roadside unit RSU j , Represents the root derived information of the roadside unit RSU j ; then select As the private key, generate the public key pk RSUj = sk RSUj · P; finally calculate The roadside unit RSU j is stored locally And make {pk RSUj ,Y j } public.

进一步地,所述密钥协商阶段由车辆Vi与路边单元RSUj交互完成,具体包括:Furthermore, the key negotiation phase is completed by the interaction between the vehicle V i and the roadside unit RSU j , and specifically includes:

车辆Vi选择随机数计算Ri=H(PIDi‖Xi‖mi‖ri‖Ti)·P,其中Ti为时间戳,将{PIDi,Ri,Ti}发送给路边单元RSUjVehicle V i selects a random number calculate R i =H(PID i ‖X i ‖m i ‖ri ‖T i )·P, where T i is the timestamp, and {PID i ,R i ,T i } is sent to the roadside unit RSU j ;

路边单元RSUj验证其中表示路边单元RSUj接收消息时的时间戳,Δt表示最大传输延迟;Roadside Unit RSU j Verification in represents the timestamp when the roadside unit RSU j receives the message, Δt represents the maximum transmission delay;

路边单元RSUj选择随机数并读取当前时间戳Tj,计算:Roadside unit RSU j selects a random number And read the current timestamp T j and calculate:

Rj=H(rj‖Tj‖mj)·P,R j =H(r j ‖T j ‖m j )·P,

Bj=lj·RiB j = l j · R i ,

Fj,1=fj,1·P,F j,1 =f j,1 ·P,

Fj,2=fj,2·P+fj,1·pkViF j,2 = f j,2 ·P+f j,1 ·pk Vi ,

wj,2=fj,2-skRSUj·Cj(mod q),w j,2 =f j,2 -sk RSUj ·C j (mod q),

其中表示路边单元RSUj第k个派生密钥,最后将发送给车辆Viin represents the kth derived key of roadside unit RSU j , and finally Sent to vehicle V i ;

车辆Vi首先验证然后计算:Vehicle V i first verifies Then calculate:

并验证是否成立;And verify whether it is established;

如果上述等式成立,车辆Vi首先随机数并读取当前时间戳T'i,然后计算:If the above equation holds true, vehicle V i first randomly And read the current timestamp T' i , and then calculate:

Bi=li·Rj Bili · Rj

Fi,1=fi,1·P,F i,1 =f i,1 ·P,

Fi,2=fi,2·P+fi,1·pkRSUjF i,2 = f i,2 ·P+f i,1 ·pk RSUj ,

wi,2=fi,2-skVi·Ci(modq),w i,2 = f i,2 -sk Vi ·C i (modq),

其中表示车辆Vi第k个派生密钥,车辆Vi生成会话密钥 最后将发送给路边单元RSUjin represents the kth derived key of vehicle V i , and vehicle V i generates the session key Finally Send to roadside unit RSU j ;

路边单元RSUj首先验证然后计算:The roadside unit RSU j first verifies Then calculate:

并验证是否成立,若等式成立则计算会话密钥 And verify Is it true? If the equality is true, calculate the session key

进一步地,所述参数更新阶段由车辆Vi和路边单元RSUj完成,具体包括:Furthermore, the parameter update phase is completed by the vehicle V i and the roadside unit RSU j , and specifically includes:

车辆Vi进行第k次参数更新,车辆Vi第k-1个派生密钥和第k-1个派生信息分别表示为更新过程包括:Vehicle V i performs the kth parameter update, and the k-1th derived key and k-1th derived information of vehicle V i are expressed as and The update process includes:

然后将替换原先保存在车辆Vi中的 Then Replace the previously saved in the vehicle V i

路边单元RSUj进行第k次参数更新,路边单元RSUj第k-1个派生密钥和第k-1个派生信息分别表示为更新过程包括:The roadside unit RSU j performs the kth parameter update, and the k-1th derived key and k-1th derived information of the roadside unit RSU j are expressed as and The update process includes:

然后将替换原先保存在路边单元RSUj中的 Then Replace the original data stored in the roadside unit RSU j

本发明的有益效果是:The beneficial effects of the present invention are:

与现有车联网隐私保护方案相比,本方案克服了传统车联网实现隐私保护的几大难点:1)很多车联网方案通信之前并没有进行相互验证对方身份,难以保证通信内容安全性和可靠性;2)基于双线性映射实现隐私保护的方案计算开销较大,在通信过程实时性方面表现欠佳;3)很多方案通常并没有保证车辆用户身份的隐私或者直接完全匿名,考虑到车辆用户身份的隐私性和可追溯性,需要对车辆身份条件匿名。Compared with the existing Internet of Vehicles privacy protection schemes, this scheme overcomes several major difficulties in achieving privacy protection in traditional Internet of Vehicles: 1) Many Internet of Vehicles schemes do not verify each other's identities before communication, making it difficult to ensure the security and reliability of communication content; 2) The schemes based on bilinear mapping to achieve privacy protection have high computational overhead and perform poorly in terms of real-time performance during the communication process; 3) Many schemes usually do not guarantee the privacy of vehicle user identities or are directly completely anonymized. Considering the privacy and traceability of vehicle user identities, it is necessary to anonymize vehicle identity conditions.

与现有支持隐私保护的车联网认证方案相比,本发明1)能够保证车辆身份的条件隐私;2)能实现车辆和路边单元在可信中心处注册后,可信中心不参与后续的认证密钥协商过程的情况下,仍可保证通信信息的安全性;3)能在不依赖可信中心的情况下,实现点对点的相互认证;4)还能在当前密钥泄露的前提下,实现前向和后向隐私保护。Compared with the existing Internet of Vehicles authentication schemes that support privacy protection, the present invention 1) can ensure the conditional privacy of vehicle identity; 2) can ensure the security of communication information after the vehicle and roadside unit are registered at the trusted center, without the trusted center participating in the subsequent authentication key negotiation process; 3) can achieve point-to-point mutual authentication without relying on the trusted center; 4) can also achieve forward and backward privacy protection under the premise of current key leakage.

附图说明BRIEF DESCRIPTION OF THE DRAWINGS

图1为本发明实施例提供的一种支持条件隐私保护的车联网认证密钥协商方法的系统模型图;FIG1 is a system model diagram of a method for Internet of Vehicles authentication key negotiation supporting conditional privacy protection provided by an embodiment of the present invention;

图2为本发明实施例提供的一种支持条件隐私保护的车联网认证密钥协商方法的流程图。FIG2 is a flow chart of a method for Internet of Vehicles authentication key negotiation supporting conditional privacy protection provided by an embodiment of the present invention.

具体实施方式DETAILED DESCRIPTION

下面将结合实施例,对本发明的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域技术人员在没有付出创造性劳动的前提下所获得的所有其他实施例,都属于本发明保护的范围。The technical solution of the present invention will be clearly and completely described below in conjunction with the embodiments. Obviously, the described embodiments are only part of the embodiments of the present invention, rather than all of the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative work are within the scope of protection of the present invention.

参阅图1-图2,本发明提供一种技术方案:Referring to Figures 1 and 2, the present invention provides a technical solution:

一种支持条件隐私保护的车联网认证密钥协商方法,包括:A vehicle network authentication key negotiation method supporting conditional privacy protection, comprising:

系统初始化阶段:构建包括可信中心TA、路边单元和车辆三种实体的车联网系统,车联网系统初始化并生成公共参数;System initialization phase: Build a connected vehicle system including three entities: the trusted center TA, roadside units, and vehicles. Initialize the connected vehicle system and generate public parameters.

车辆注册阶段:可信中心TA在收到车辆注册请求后为车辆生成注册数据,车辆根据注册数据计算车辆注册信息及车辆公私钥对;Vehicle registration phase: After receiving the vehicle registration request, the trusted center TA generates registration data for the vehicle, and the vehicle calculates the vehicle registration information and the vehicle public and private key pair based on the registration data;

路边单元注册阶段:可信中心TA在收到路边单元申请请求后为路边单元生成注册数据,路边单元根据注册数据计算路边单元注册信息及路边单元公私钥对;Roadside unit registration phase: After receiving the roadside unit application request, the trusted center TA generates registration data for the roadside unit. The roadside unit calculates the roadside unit registration information and the roadside unit public and private key pair based on the registration data;

密钥协商阶段:车辆与路边单元相互验证并建立会话密钥;Key negotiation phase: The vehicle and the roadside unit authenticate each other and establish a session key;

参数更新阶段:更新车辆与路边单元在注册阶段保存的初始注册信息。Parameter update phase: Update the initial registration information of the vehicle and the roadside unit saved during the registration phase.

本实施例中,包括可信中心TA、路边单元和车辆三种实体的车联网系统结构图如图1所示。In this embodiment, the structure diagram of the Internet of Vehicles system including three entities, namely, a trusted center TA, a roadside unit and a vehicle, is shown in FIG1 .

本实施例中,所述系统初始化阶段由可信中心TA执行,包括:In this embodiment, the system initialization phase is performed by the trusted center TA, including:

基于有限域GF(p)确定椭圆曲线群其生成元为P且阶数为q;Determining the elliptic curve group based on the finite field GF(p) Its generator is P and its order is q;

随机选择作为主私钥,计算主公钥PKTA=SKTA·P;Random Selection As the master private key, calculate the master public key PK TA = SK TA · P;

选择安全哈希函数H,公开系统参数 Select a secure hash function H and disclose system parameters

本实施例中,所述车辆注册阶段由车辆Vi与可信中心TA交互完成,其中i=1,2,...,n,n表示车辆总数目,车辆注册阶段具体包括:In this embodiment, the vehicle registration phase is completed by the interaction between the vehicle V i and the trusted center TA, where i=1, 2, ..., n, and n represents the total number of vehicles. The vehicle registration phase specifically includes:

车辆Vi通过安全信道发送给可信中心TA;Vehicle V i will Send to the trusted center TA through a secure channel;

收到注册请求后,可信中心TA选择随机数xi,计算Xi=xi·P,li=H(PKTA)·xi+H(Xi)·SKTA(modq),并将(Vseedi,Xi,li)发送给车辆ViAfter receiving the registration request, the trusted center TA selects a random number x i , Calculate Xi = xi ·P, li =H( PKTAxi +H( XiSKTA (modq), and send ( Vseedi , Xi , li ) to vehicle Vi ;

可信中心TA响应后,车辆Vi首先计算 其中表示车辆Vi的根派生密钥,表示车辆Vi的根派生信息;然后选择随机数作为私钥,生成公钥pkVi=skVi·P;计算车辆Vi在本地保存并公开{pkV-i,Xi}。After the trusted center TA responds, the vehicle V i first calculates in represents the root derived key of vehicle Vi , Represents the root derived information of vehicle V i ; then select a random number As the private key, generate the public key pk Vi = sk Vi · P; calculate Vehicle V i is saved locally And make {pk Vi ,X i } public.

本实施例中,所述路边单元注册阶段由路边单元RSUj与可信中心TA交互完成,其中j=1,2,...,m,m表示路边单元总数目,路边单元注册阶具体包括:In this embodiment, the roadside unit registration stage is completed by the interaction between the roadside unit RSU j and the trusted center TA, where j=1, 2, ..., m, m represents the total number of roadside units, and the roadside unit registration stage specifically includes:

路边单元RSUj通过安全信道发送给可信中心TA;Roadside Unit RSU j Send to the trusted center TA through a secure channel;

收到注册请求后,可信中心TA选择随机数yj,计算Yj=yj·P,lj=H(PKTA)·yj+H(Yj||IDj)·SKTA(mod q),并将(Rseedj,Yj,lj)发送给路边单元RSUjAfter receiving the registration request, the trusted center TA selects a random number yj , Calculate Y j =y j ·P, l j =H(PK TA )·y j +H(Y j || ID j )·SK TA (mod q), and send (Rseed j ,Y j ,l j ) to the roadside unit RSU j ;

在可信中心TA响应后,路边单元RSUj首先计算hl||hr=H(Rseedj),其中表示路边单元RSUj的根派生密钥,表示路边单元RSUj的根派生信息;然后选择作为私钥,生成公钥pkRSUj=skRSUj·P;最后计算 路边单元RSUj在本地保存并公开{pkRSUj,Yj}。After the trusted center TA responds, the roadside unit RSU j first calculates h l || h r =H(Rseed j ), in represents the root derived key of roadside unit RSU j , Represents the root derived information of the roadside unit RSU j ; then select As the private key, generate the public key pk RSUj = sk RSUj · P; finally calculate The roadside unit RSU j is stored locally And make {pk RSUj ,Y j } public.

所述密钥协商阶段由车辆Vi与路边单元RSUj交互完成,具体包括:The key negotiation phase is completed by the interaction between the vehicle V i and the roadside unit RSU j , and specifically includes:

车辆Vi选择随机数计算Ri=H(PIDi‖Xi‖mi‖ri‖Ti)·P,其中Ti为时间戳,将{PIDi,Ri,Ti}发送给路边单元RSUjVehicle V i selects a random number calculate R i =H(PID i ‖X i ‖m i ‖ri ‖T i )·P, where T i is the timestamp, and {PID i ,R i ,T i } is sent to the roadside unit RSU j ;

路边单元RSUj验证其中表示路边单元RSUj接收消息时的时间戳,Δt表示最大传输延迟;Roadside Unit RSU j Verification in represents the timestamp when the roadside unit RSU j receives the message, Δt represents the maximum transmission delay;

路边单元RSUj选择随机数并读取当前时间戳Tj,计算:Roadside unit RSU j selects a random number And read the current timestamp T j and calculate:

Rj=H(rj‖Tj‖mj)·P,R j =H(r j ‖T j ‖m j )·P,

Bj=lj·RiB j = l j · R i ,

Fj,1=fj,1·P,F j,1 =f j,1 ·P,

Fj,2=fj,2·P+fj,1·pkViF j,2 = f j,2 ·P+f j,1 ·pk Vi ,

wj,2=fj,2-skRSUj·Cj(modq),w j,2 = f j,2 -sk RSUj ·C j (modq),

其中表示路边单元RSUj第k个派生密钥,最后将发送给车辆Viin represents the kth derived key of roadside unit RSU j , and finally Sent to vehicle V i ;

车辆Vi首先验证然后计算:Vehicle V i first verifies Then calculate:

并验证是否成立;And verify whether it is established;

如果上述等式成立,车辆Vi首先随机数并读取当前时间戳T'i,然后计算:If the above equation holds true, vehicle V i first randomly And read the current timestamp T' i , and then calculate:

Bi=li·Rj Bili · Rj

Fi,1=fi,1·P,F i,1 =f i,1 ·P,

Fi,2=fi,2·P+fi,1·pkRSUjF i,2 = f i,2 ·P+f i,1 ·pk RSUj ,

wi,2=fi,2-skVi·Ci(mod q),w i,2 = f i,2 -sk Vi ·C i (mod q),

其中表示车辆Vi第k个派生密钥,车辆Vi生成会话密钥 最后将发送给路边单元RSUjin represents the kth derived key of vehicle V i , and vehicle V i generates the session key Finally Send to roadside unit RSU j ;

路边单元RSUj首先验证然后计算:Roadside unit RSU j first verifies Then calculate:

并验证是否成立,若等式成立则计算会话密钥 And verify Is it true? If the equality is true, calculate the session key

本实施例中,所述参数更新阶段由车辆Vi和路边单元RSUj完成,具体包括:In this embodiment, the parameter update phase is completed by the vehicle V i and the roadside unit RSU j , and specifically includes:

车辆Vi进行第k次参数更新,车辆Vi第k-1个派生密钥和第k-1个派生信息分别表示为更新过程包括:Vehicle V i performs the kth parameter update, and the k-1th derived key and k-1th derived information of vehicle V i are expressed as and The update process includes:

然后将替换原先保存在车辆Vi中的 Then Replace the previously saved in the vehicle V i

路边单元RSUj进行第k次参数更新,路边单元RSUj第k-1个派生密钥和第k-1个派生信息分别表示为更新过程包括:The roadside unit RSU j performs the kth parameter update, and the k-1th derived key and k-1th derived information of the roadside unit RSU j are expressed as and The update process includes:

然后将替换原先保存在路边单元RSUj中的 Then Replace the original data stored in the roadside unit RSU j

本发明车联网各实体间的交互情况如图2所示,与现有车联网隐私保护方案相比,本发明克服了传统车联网实现隐私保护的几大难点:1)很多车联网方案通信之前并没有进行相互验证对方身份,难以保证通信内容安全性和可靠性;2)基于双线性映射实现隐私保护的方案计算开销较大,在通信过程实时性方面表现欠佳;3)很多方案通常并没有保证车辆用户身份的隐私或者直接完全匿名,考虑到车辆用户身份的隐私性和可追溯性,需要对车辆身份条件匿名。The interaction between the various entities of the Internet of Vehicles of the present invention is shown in Figure 2. Compared with the existing Internet of Vehicles privacy protection scheme, the present invention overcomes several major difficulties in achieving privacy protection in traditional Internet of Vehicles: 1) Many Internet of Vehicles schemes do not verify each other's identities before communication, making it difficult to ensure the security and reliability of communication content; 2) The schemes based on bilinear mapping to achieve privacy protection have a large computational overhead and perform poorly in terms of real-time performance during the communication process; 3) Many schemes usually do not guarantee the privacy of the vehicle user's identity or are directly completely anonymous. Considering the privacy and traceability of the vehicle user's identity, the vehicle identity conditions need to be anonymized.

与现有支持隐私保护的车联网认证方案相比,本发明1)能够保证车辆身份的条件隐私;2)能实现车辆和路边单元在可信中心处注册后,可信中心不参与后续的认证密钥协商过程的情况下,仍可保证通信信息的安全性;3)能在不依赖可信中心的情况下,实现点对点的相互认证;4)还能在当前密钥泄露的前提下,实现前向和后向隐私保护。Compared with the existing Internet of Vehicles authentication schemes that support privacy protection, the present invention 1) can ensure the conditional privacy of vehicle identity; 2) can ensure the security of communication information after the vehicle and roadside unit are registered at the trusted center, without the trusted center participating in the subsequent authentication key negotiation process; 3) can achieve point-to-point mutual authentication without relying on the trusted center; 4) can also achieve forward and backward privacy protection under the premise of current key leakage.

以上所述仅是本发明的优选实施方式,应当理解本发明并非局限于本文所披露的形式,不应看作是对其他实施例的排除,而可用于各种其他组合、修改和环境,并能够在本文所述构想范围内,通过上述教导或相关领域的技术或知识进行改动。而本领域人员所进行的改动和变化不脱离本发明的精神和范围,则都应在本发明所附权利要求的保护范围内。The above is only a preferred embodiment of the present invention. It should be understood that the present invention is not limited to the form disclosed herein, and should not be regarded as excluding other embodiments, but can be used in various other combinations, modifications and environments, and can be modified within the scope of the concept described herein through the above teachings or the technology or knowledge of the relevant field. The changes and modifications made by those skilled in the art shall not deviate from the spirit and scope of the present invention, and shall be within the scope of protection of the claims attached to the present invention.

Claims (6)

1.一种支持条件隐私保护的车联网认证密钥协商方法,其特征在于,包括:1. A method for vehicle network authentication key negotiation supporting conditional privacy protection, characterized by comprising: 系统初始化阶段:构建包括可信中心TA、路边单元和车辆三种实体的车联网系统,车联网系统初始化并生成公共参数;System initialization phase: Build a connected vehicle system including three entities: the trusted center TA, roadside units, and vehicles. Initialize the connected vehicle system and generate public parameters. 车辆注册阶段:可信中心TA在收到车辆注册请求后为车辆生成注册数据,车辆根据注册数据计算车辆注册信息及车辆公私钥对;Vehicle registration phase: After receiving the vehicle registration request, the trusted center TA generates registration data for the vehicle, and the vehicle calculates the vehicle registration information and the vehicle public and private key pair based on the registration data; 路边单元注册阶段:可信中心TA在收到路边单元申请请求后为路边单元生成注册数据,路边单元根据注册数据计算路边单元注册信息及路边单元公私钥对;Roadside unit registration phase: After receiving the roadside unit application request, the trusted center TA generates registration data for the roadside unit. The roadside unit calculates the roadside unit registration information and the roadside unit public and private key pair based on the registration data; 密钥协商阶段:车辆与路边单元相互验证并建立会话密钥;Key negotiation phase: The vehicle and the roadside unit authenticate each other and establish a session key; 参数更新阶段:更新车辆与路边单元在注册阶段保存的初始注册信息。Parameter update phase: Update the initial registration information of the vehicle and the roadside unit saved during the registration phase. 2.根据权利要求1所述的一种支持条件隐私保护的车联网认证密钥协商方法,其特征在于:所述系统初始化阶段由可信中心TA执行,包括:2. A method for Internet of Vehicles authentication key negotiation supporting conditional privacy protection according to claim 1, characterized in that: the system initialization phase is performed by a trusted center TA, including: 基于有限域GF(p)确定椭圆曲线群其生成元为P且阶数为q;Determining the elliptic curve group based on the finite field GF(p) Its generator is P and its order is q; 随机选择作为主私钥,计算主公钥PKTA=SKTA·P;Random Selection As the master private key, calculate the master public key PK TA = SK TA · P; 选择安全哈希函数H,公开系统参数 Select a secure hash function H and disclose system parameters 3.根据权利要求2所述的一种支持条件隐私保护的车联网认证密钥协商方法,其特征在于:所述车辆注册阶段由车辆Vi与可信中心TA交互完成,其中i=1,2,...,n,n表示车辆总数目,车辆注册阶段具体包括:3. A method for vehicle network authentication key negotiation supporting conditional privacy protection according to claim 2, characterized in that: the vehicle registration phase is completed by the interaction between the vehicle V i and the trusted center TA, where i = 1, 2, ..., n, n represents the total number of vehicles, and the vehicle registration phase specifically includes: 车辆Vi通过安全信道发送给可信中心TA;Vehicle V i will Send to the trusted center TA through a secure channel; 收到注册请求后,可信中心TA选择随机数计算Xi=xi·P,li=H(PKTA)·xi+H(Xi)·SKTA(mod q),并将(Vseedi,Xi,li)发送给车辆Vi;可信中心TA响应后,车辆Vi首先计算 其中表示车辆Vi的根派生密钥,表示车辆Vi的根派生信息;然后选择随机数作为私钥,生成公钥pkVi=skVi·P;计算车辆Vi在本地保存并公开{pkVi,Xi}。After receiving the registration request, the trusted center TA selects a random number Calculate Xi = xi ·P, li =H( PKTAxi +H( XiSKTA (mod q), and send ( Vseedi , Xi , li ) to vehicle Vi . After the trusted center TA responds, vehicle Vi first calculates in represents the root derived key of vehicle V i , Represents the root derived information of vehicle V i ; then select a random number As the private key, generate the public key pk Vi = sk Vi · P; calculate Vehicle V i is saved locally And make {pk Vi ,X i } public. 4.根据权利要求3所述的一种支持条件隐私保护的车联网认证密钥协商方法,其特征在于:所述路边单元注册阶段由路边单元RSUj与可信中心TA交互完成,其中j=1,2,...,m,m表示路边单元总数目,路边单元注册阶具体包括:4. A method for vehicle network authentication key negotiation supporting conditional privacy protection according to claim 3, characterized in that: the roadside unit registration stage is completed by the interaction between the roadside unit RSU j and the trusted center TA, where j=1,2,...,m, m represents the total number of roadside units, and the roadside unit registration stage specifically includes: 路边单元RSUj通过安全信道发送给可信中心TA;Roadside Unit RSU j Send to the trusted center TA through a secure channel; 收到注册请求后,可信中心TA选择随机数计算Yj=yj·P,lj=H(PKTA)·yj+H(Yj||IDj)·SKTA(mod q),并将(Rseedj,Yj,lj)发送给路边单元RSUjAfter receiving the registration request, the trusted center TA selects a random number Calculate Y j =y j ·P, l j =H(PK TA )·y j +H(Y j || ID j )·SK TA (mod q), and send (Rseed j ,Y j ,l j ) to the roadside unit RSU j ; 在可信中心TA响应后,路边单元RSUj首先计算 其中表示路边单元RSUj的根派生密钥,表示路边单元RSUj的根派生信息;然后选择作为私钥,生成公钥pkRSUj=skRSUj·P;最后计算 路边单元RSUj在本地保存并公开{pkRSUj,Yj}。After the trusted center TA responds, the roadside unit RSU j first calculates in represents the root derived key of roadside unit RSU j , Represents the root derived information of the roadside unit RSU j ; then select As the private key, generate the public key pk RSUj = sk RSUj · P; finally calculate The roadside unit RSU j is stored locally And make {pk RSUj ,Y j } public. 5.根据权利要求4所述的一种支持条件隐私保护的车联网认证密钥协商方法,其特征在于:所述密钥协商阶段由车辆Vi与路边单元RSUj交互完成,具体包括:5. A vehicle network authentication key negotiation method supporting conditional privacy protection according to claim 4, characterized in that: the key negotiation phase is completed by the interaction between the vehicle V i and the roadside unit RSU j , specifically comprising: 车辆Vi选择随机数计算Ri=H(PIDi‖Xi‖mi‖ri‖Ti)·P,其中Ti为时间戳,将{PIDi,Ri,Ti}发送给路边单元RSUjVehicle V i selects a random number calculate R i =H(PID i ‖X i ‖m i ‖ri ‖T i )·P, where T i is the timestamp, and {PID i ,R i ,T i } is sent to the roadside unit RSU j ; 路边单元RSUj验证其中表示路边单元RSUj接收消息时的时间戳,Δt表示最大传输延迟;Roadside Unit RSU j Verification in represents the timestamp when the roadside unit RSU j receives the message, Δt represents the maximum transmission delay; 路边单元RSUj选择随机数并读取当前时间戳Tj,计算:Roadside unit RSU j selects a random number And read the current timestamp T j and calculate: Rj=H(rj||Tj||mj)·P,R j =H(r j ||T j ||m j )·P, Bj=lj·RiB j = l j · R i , Fj,1=fj,1·P,F j,1 =f j,1 ·P, Fj,2=fj,2·P+fj,1·pkViF j,2 =f j,2 ·P+f j,1 ·pk Vi , wj,2=fj,2-skRSUj·Cj(mod q),w j,2 = f j, 2 -sk RSUj ·C j (mod q), 其中表示路边单元RSUj第k个派生密钥,最后将发送给车辆Viin represents the kth derived key of roadside unit RSU j , and finally Sent to vehicle V i ; 车辆Vi首先验证然后计算:Vehicle V i first verifies Then calculate: 并验证是否成立;And verify whether it is established; 如果上述等式成立,车辆Vi首先随机数并读取当前时间戳T′i,然后计算:If the above equation holds true, vehicle V i first randomly And read the current timestamp T′ i , and then calculate: Bi=li·Rj Bili · Rj Fi,1=fi,1·P,F i,1 =f i,1 ·P, Fi,2=fi,2·P+fi,1·pkRSUj, F i,2 = f i,2 ·P+f i,1 ·pk RSUj, 其中表示车辆Vi第k个派生密钥,车辆Vi生成会话密钥 最后将发送给路边单元RSUjin represents the kth derived key of vehicle V i , and vehicle V i generates the session key Finally Send to roadside unit RSU j ; 路边单元RSUj首先验证然后计算:Roadside unit RSU j first verifies Then calculate: 并验证是否成立,若等式成立则计算会话密钥 And verify Is it true? If the equality is true, calculate the session key 6.根据权利要求5所述的一种支持条件隐私保护的车联网认证密钥协商方法,其特征在于:所述参数更新阶段由车辆Vi和路边单元RSUj完成,具体包括:6. A method for vehicle network authentication key negotiation supporting conditional privacy protection according to claim 5, characterized in that: the parameter update phase is completed by vehicle V i and roadside unit RSU j , specifically comprising: 车辆Vi进行第k次参数更新,车辆Vi第k-1个派生密钥和第k-1个派生信息分别表示为更新过程包括:Vehicle V i performs the kth parameter update, and the k-1th derived key and k-1th derived information of vehicle V i are expressed as and The update process includes: 然后将替换原先保存在车辆Vi中的 Then Replace the previously saved in the vehicle V i 路边单元RSUj进行第k次参数更新,路边单元RSUj第k-1个派生密钥和第k-1个派生信息分别表示为更新过程包括:The roadside unit RSU j performs the kth parameter update, and the k-1th derived key and k-1th derived information of the roadside unit RSU j are expressed as and The update process includes: 然后将替换原先保存在路边单元RSUj中的 Then Replace the original data stored in the roadside unit RSU j
CN202411086794.8A 2024-08-08 2024-08-08 A method for Internet of Vehicles authentication key negotiation supporting conditional privacy protection Active CN118890148B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202411086794.8A CN118890148B (en) 2024-08-08 2024-08-08 A method for Internet of Vehicles authentication key negotiation supporting conditional privacy protection

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202411086794.8A CN118890148B (en) 2024-08-08 2024-08-08 A method for Internet of Vehicles authentication key negotiation supporting conditional privacy protection

Publications (2)

Publication Number Publication Date
CN118890148A true CN118890148A (en) 2024-11-01
CN118890148B CN118890148B (en) 2025-04-22

Family

ID=93225933

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202411086794.8A Active CN118890148B (en) 2024-08-08 2024-08-08 A method for Internet of Vehicles authentication key negotiation supporting conditional privacy protection

Country Status (1)

Country Link
CN (1) CN118890148B (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017091959A1 (en) * 2015-11-30 2017-06-08 华为技术有限公司 Data transmission method, user equipment and network side device
US20180255531A1 (en) * 2015-09-11 2018-09-06 Lg Electronics Inc. Method and apparatus for allocating mbms based resources for v2x message transmission in wireless communication system
CN114040394A (en) * 2021-11-15 2022-02-11 上海吉大正元信息技术有限公司 Communication method and electronic equipment based on derived key
CN116055084A (en) * 2022-09-22 2023-05-02 重庆移通学院 A Batch Authentication and Group Key Agreement Method in Internet of Vehicles
CN117098128A (en) * 2023-09-13 2023-11-21 重庆邮电大学 Internet of vehicles efficient batch authentication key negotiation method based on signature
CN117978537A (en) * 2024-03-18 2024-05-03 暨南大学 A conditional privacy protection authentication method based on Internet of Vehicles
CN118018191A (en) * 2024-02-01 2024-05-10 常州工学院 A traceable anonymous mutual trust authentication and key negotiation method for Internet of Vehicles

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180255531A1 (en) * 2015-09-11 2018-09-06 Lg Electronics Inc. Method and apparatus for allocating mbms based resources for v2x message transmission in wireless communication system
WO2017091959A1 (en) * 2015-11-30 2017-06-08 华为技术有限公司 Data transmission method, user equipment and network side device
CN114040394A (en) * 2021-11-15 2022-02-11 上海吉大正元信息技术有限公司 Communication method and electronic equipment based on derived key
CN116055084A (en) * 2022-09-22 2023-05-02 重庆移通学院 A Batch Authentication and Group Key Agreement Method in Internet of Vehicles
CN117098128A (en) * 2023-09-13 2023-11-21 重庆邮电大学 Internet of vehicles efficient batch authentication key negotiation method based on signature
CN118018191A (en) * 2024-02-01 2024-05-10 常州工学院 A traceable anonymous mutual trust authentication and key negotiation method for Internet of Vehicles
CN117978537A (en) * 2024-03-18 2024-05-03 暨南大学 A conditional privacy protection authentication method based on Internet of Vehicles

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
CHEN JIAOYUE等: "Study of Network Security Based on Key Management System for In-Vehicle Ethernet", 《 ELECTRONICS》, 24 July 2024 (2024-07-24) *
王怡暄: "基于区块链的车联网隐私保护认证方案研究", 《中国优秀硕士学位论文电子期刊网》, 15 February 2024 (2024-02-15), pages 5 *

Also Published As

Publication number Publication date
CN118890148B (en) 2025-04-22

Similar Documents

Publication Publication Date Title
Cui et al. Full session key agreement scheme based on chaotic map in vehicular ad hoc networks
Zhang et al. DBCPA: Dual blockchain-assisted conditional privacy-preserving authentication framework and protocol for vehicular ad hoc networks
Zhao et al. A survey of applications of identity-based cryptography in mobile ad-hoc networks
CN110086821A (en) The authentication method of electric power things-internet gateway and the access of electric power internet-of-things terminal based on block chain
CN107493570B (en) A PMIPV6 anonymous access authentication system and method based on identity group signature
CN108667616A (en) Across cloud security Verification System based on mark and method
Zhang et al. Lbvp: a lightweight batch verification protocol for fog-based vehicular networks using self-certified public key cryptography
CN114422152A (en) Industrial environment authentication method based on PUF and block chain
CN115514474B (en) A trusted access method for industrial equipment based on cloud-edge-end collaboration
CN101815294B (en) Access authentication method, equipment and system of P2P (peer-to-peer) network
Zhong et al. CD-BASA: An efficient cross-domain batch authentication scheme based on blockchain with accumulator for VANETs
CN114398602A (en) Internet of things terminal identity authentication method based on edge calculation
CN108632820A (en) The anonymous authentication method of identity-based in a kind of vehicular ad hoc network
CN116436640A (en) A lightweight terminal cross-domain authentication method for edge computing
CN103731819B (en) A kind of authentication method of wireless sensor network node
CN118400102A (en) Dynamic unmanned aerial vehicle group identity authentication key negotiation method
CN120110810B (en) A quantum-resistant secure data transmission authentication method based on SLH-DSA
CN116074019A (en) Identity authentication method, system and medium between mobile client and server
CN119653363B (en) Unmanned aerial vehicle group distributed management method based on mobile active secret sharing technology
CN118890148A (en) A method for Internet of Vehicles authentication key negotiation supporting conditional privacy protection
CN118713882A (en) A lightweight identity authentication and key agreement method for smart grid based on elliptic curve
CN118250693A (en) A vehicle network authentication method based on PUF and fuzzy extractor
CN119628831B (en) Method and system for group device identity authentication and key negotiation in a mobile edge computing environment based on distributed learning
CN116015699A (en) Elliptic curve-based financial system identity authentication method
CN121037113B (en) An anonymous broadcast encryption and multi-party authentication transmission method based on extended chaotic mapping

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant