TPM-Based Conditional Privacy-Preserving Authentication Protocol in VANETs
Abstract
:1. Introduction
- (1)
- We propose a conditional privacy-preserving authentication scheme for VANETs, exploiting clusters to divide the large VANETs into smaller networks to unify messages, which greatly improves the stability of the system.
- (2)
- We provide a batch authentication algorithm, in which we can aggregate the signatures of multiple messages and verify through one bilinear pairing to improve the verification efficiency.
- (3)
- We provide a comprehensive security analysis to prove that our scheme ensures security, and demonstrate that our scheme is feasible in terms of computational overhead and security requirements compared with other existing schemes through extensive experiments and comparisons.
2. Related Work
3. Preliminary and Framework Description
3.1. Symmetric Bilinear Pairings
- Bilinearity. For all and , ;
- Non-degeneracy. For each , ;
- Computability. There exits an efficiently computable algorithm for computing map e.
3.2. TPM and Trusted Computing Technology
3.3. System Model
- TA: The TA is a trusted third party with high storage and communication capabilities. It is responsible for generating system parameters and preloading them in the OBU of the vehicle offline. In addition, it can dynamically revoke the legal identity of the vehicle based on the behavior of the vehicle, so that the vehicle cannot interact with other members.
- RSU: RSU is a wireless communication device deployed at the roadside using DSRC protocol, mainly responsible for broadcasting and relaying, and ensuring stable vehicle communication within range.
- Cluster head: The cluster head is the agent vehicle of the cluster. It is responsible for collecting the road condition information from other vehicles in the cluster and communicating with the RSU. What’s more, it monitors the vehicles in the cluster. It is the communication hub between the vehicles in the cluster and the RSU.
- Vehicle: The vehicles are equipped with a positioning system that allows the cluster head to track the position of the vehicles at any time. In addition, when the cluster is canceled for various reasons, the vehicles in the cluster will reselect the cluster head.
3.4. Security and Privacy Requirement
- Message Authentication: The receiver (such as RSU or other vehicles) should have the ability to verify messages sent from other vehicles to ensure the integrity of the message.
- Batch Authentication: It is inefficient to verify the received messages one by one, so batch verification needs to be introduced to verify multiple messages at once, which improves the efficiency of the system and saves computational cost.
- Resilient to Replay Attack: The attacker will steal the communication message and resend the message at a later time, and a secure IoV system should be able to withstand this kind of attack.
- Resilient to Masquerade Attack: The attacker may pretend to be legitimate user and send false information to members of the system in order to achieve their own goals.
- Resilient to Message Modification Attack: The attacker intercepts the sender’s information and selectively modifies the content of the data to impersonate the sender.
- Resilient to Linkability Attack: The attacker cannot distinguish whether two messages are from the same sender.
4. The Detailed Construction
4.1. Overview
4.2. Cluster Head Selection Algorithm
4.3. Security Authentication and Message Management
- TA selects a security parameter .
- TA selects two elliptic cryptographic curve groups and , where is an additive group and is a multiplicative group. What’s more, the order of the elliptic cryptographic curve .
- TA randomly chooses a master private key and P which is the generator of , compute the system public key .
- TA picks four hash functions , and , and , and .
- TA obtains the identity number and makes a judgment on the attributes of the vehicle, Then TA loads the parameters on the TPM of each vehicle. Every time the vehicle sends a message to the other parties, it will first request service from the built-in TPM.
- The RSU provides its identity number to the TA, TA computes and store it in the local, then TA computes and send it to RSU through a secure channel.
- TPM selects a random number , then it computes pseudonym , where , and signature key .
- The vehicle obtains the pseudonyms and signature key from the built-in TPM.
- Vehicle i selects a random number and computes , the signature , where , includes the speed, direction and position of the vehicle.
- The vehicle sends (,,) to the RSU.
- The RSU checks whether is within a reasonable range. If not, RSU rejects the message and aborts the algorithm.
- The RSU verifies the signature:
- If the authentication succeeds, the RSU executes the cluster head selection algorithm; otherwise, the request is rejected.
- In this stage, the message sent by the vehicle to the cluster head is similar to Request for Cluster Head Stage, so details are not provided
- The cluster head verifies the signature. If validated, the vehicle joins the small LAN set up by the cluster to prepare for the next phase of communication; Otherwise, the cluster head rejects the vehicle’s request.
- Vehicles request the pseudonyms and signature key from their TPMs respectively.
- The vehicles in the cluster sign the traffic information , where and , includes the vehicle’s speed, direction, location, and nearby road conditions.
- The vehicle i sends (, ) to its cluster head.
- The cluster head checks whether is within a reasonable range. If not, the the cluster head rejectes and aborts the algorithm.
- Considering that the cluster head receives more information at one time, batch verification is adopted to improve efficiency: .
- If the cluster head finds a mutated vehicle, it calculates a series of , where j is less than the number of all the members in the cluster, represents the mutated vehicle and the rest represent other ordinary vehicles in the cluster. Then the cluster head sends to RSU.
- RSU chooses a random number and computes , , .
- The RSU sends the as the generated digital signature to the TA.
- TA receives the message and signature , then first checks whether is fresh. If not, the message is rejected and the algorithm aborts.
- TA computes , .
- If , TA computes , and then records ID on the revocation list.
- The TPM on the mutated vehicle will no longer update the pseudonym and signature key for the vehicle after checking the ID of the vehicle in the revocation list.
5. Security Analysis
5.1. The Security of Message Authentication
- Initialization: The challenger executes the setup algorithm by inputting the security parameter ℓ to generate system parameters and sets , then sends params to . maintains list which are empty at first. The adversary makes the following queries to :
- vehicle-private-key queries: maintains the , makes a query on , executes the following operations:if , executes query, if the includes , returns to , else selects a random , returns to the adversary and inserts to .if , selects a random and computes , then inserts to .
- sign queries: The adversary can adaptively ask a signature on message under identity , executes the following operations:if , looks up to get of and picks random , computes , . as the signature on under identity .if , selects and computes , , as the signature on under identity . We can verify this signature:
- signature forgery: The adversary outputs a signature on message under the pseudonym which has never queried before. We assume that makes two valid signatures , where , . Then could computes the result of the CDH problem by forking lemma [36], .
- : doesn’t halt the game.
- : forges a valid signature.
- : happens and .
5.2. Resist Attack
6. Experimental Results and Analysis
6.1. Security Comparisons
6.2. Computation Overhead Comparisons
6.3. Message Authenticity
7. Conclusions
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Conflicts of Interest
References
- Su, Y.; Shen, G.; Zhang, M. A novel privacy-preserving authentication scheme for v2g networks. IEEE Syst. J. 2019, 14, 1963–1971. [Google Scholar] [CrossRef]
- He, D.; Zeadally, S.; Xu, B.; Huang, X. An efficient identity-based conditional privacy-preserving authentication scheme for vehicular ad hoc networks. IEEE Trans. Inf. Forensics Secur. 2015, 10, 2681–2691. [Google Scholar] [CrossRef]
- Soleymani, S.A.; Abdullah, A.H.; Hassan, W.H.; Anisi, M.H.; Goudarzi, S.; Baee, M.A.R.; Mandala, S. Trust management in vehicular ad hoc network: A systematic review. EURASIP J. Wirel. Commun. Netw. 2015, 2015, 1–22. [Google Scholar] [CrossRef] [Green Version]
- Hussain, R.; Lee, J.; Zeadally, S. Trust in vanet: A survey of current solutions and future research opportunities. IEEE Trans. Intell. Transp. Syst. 2020, 22, 2553–2571. [Google Scholar] [CrossRef]
- Obaidat, M.; Khodjaeva, M.; Holst, J.; Zid, M.B. Security and Privacy Challenges in Vehicular Ad Hoc Networks; Springer International Publishing: Cham, Switzerland, 2020; pp. 223–251. [Google Scholar]
- Alshudukhi, J.S.; Mohammed, B.A.; Al-Mekhlafi, Z.G. Conditional privacy-preserving authentication scheme without using point multiplication operations based on elliptic curve cryptography (ecc). IEEE Access 2020, 8, 222032–222040. [Google Scholar] [CrossRef]
- Jo, H.J.; Kim, I.S.; Lee, D.H. Reliable cooperative authentication for vehicular networks. IEEE Trans. Intell. Transp. Syst. 2017, 19, 1065–1079. [Google Scholar] [CrossRef]
- Wang, Y.; Zhong, H.; Xu, Y.; Cui, J.; Wu, G. Enhanced security identity-based privacy-preserving authentication scheme supporting revocation for vanets. IEEE Syst. J. 2020, 14, 5373–5383. [Google Scholar] [CrossRef]
- Zhang, M.; Song, W.; Zhang, J. A secure clinical diagnosis with privacy-preserving multi-class support vector machine. IEEE Syst. J. 2022, 16, 67–78. [Google Scholar] [CrossRef]
- Ali, I.; Li, F. An efficient conditional privacy-preserving authentication scheme for vehicle-to-infrastructure communication in vanets. Veh. Commun. 2020, 22, 100228. [Google Scholar] [CrossRef]
- Gurung, S.; Lin, D.; Squicciarini, A.; Bertino, E. Information-oriented trustworthiness evaluation in vehicular ad-hoc networks. In Proceedings of the International Conference on Network and System Security, Madrid, Spain, 3–4 June 2013; Springer: Berlin/Heidelberg, Germany, 2013; pp. 94–108. [Google Scholar]
- Kerrache, C.A.; Calafate, C.T.; Cano, J.-C.; Lagraa, N.; Manzoni, P. Trust management for vehicular networks: An adversary-oriented overview. IEEE Access 2016, 4, 9293–9307. [Google Scholar] [CrossRef]
- Yao, X.; Zhang, X.; Ning, H.; Li, P. Using trust model to ensure reliable data acquisition in vanets. Ad Hoc Netw. 2017, 55, 107–118. [Google Scholar] [CrossRef]
- Kerrache, C.A.; Lagraa, N.; Hussain, R.; Ahmed, S.H.; Benslimane, A.; Calafate, C.T.; Cano, J.-C.; Vegni, A.M. Tacashi: Trust-aware communication architecture for social internet of vehicles. IEEE Internet Things J. 2018, 6, 5870–5877. [Google Scholar] [CrossRef]
- Ghaleb, F.A.; Maarof, M.A.; Zainal, A.; Al-Rimy, B.A.S.; Saeed, F.; Al-Hadhrami, T. Hybrid and multifaceted context-aware misbehavior detection model for vehicular ad hoc network. IEEE Access 2019, 7, 159119–159140. [Google Scholar] [CrossRef]
- Song, L.; Sun, G.; Yu, H.; Du, X.; Guizani, M. Fbia: A fog-based identity authentication scheme for privacy preservation in internet of vehicles. IEEE Trans. Veh. Technol. 2020, 69, 5403–5415. [Google Scholar] [CrossRef]
- Raya, M.; Hubaux, J.-P. Securing vehicular ad hoc networks. J. Comput. Secur. 2007, 15, 39–68. [Google Scholar] [CrossRef] [Green Version]
- Lin, J.; Jing, J.; Zhang, Q.; Wang, Z. Recent advances in pki technologies. J. Cryptologic Res. 2015, 2, 487C496. [Google Scholar]
- Asghar, M.; Doss, R.R.M.; Pan, L. A scalable and efficient pki based authentication protocol for vanets. In Proceedings of the 2018 28th International Telecommunication Networks and Applications Conference (ITNAC), Sydney, Australia, 21–23 November 2018; IEEE: Piscataway, NJ, USA, 2018; pp. 1–3. [Google Scholar]
- Zhong, H.; Han, S.; Cui, J.; Zhang, J.; Xu, Y. Privacy-preserving authentication scheme with full aggregation in vanet. Inf. Sci. 2019, 476, 211–221. [Google Scholar] [CrossRef]
- Xiong, W.; Wang, R.; Wang, Y.; Zhou, F.; Luo, X. Cppa-d: Efficient conditional privacy-preserving authentication scheme with double-insurance in vanets. IEEE Trans. Veh. Technol. 2021, 70, 3456–3468. [Google Scholar] [CrossRef]
- Wei, F.; Zeadally, S.; Vijayakumar, P.; Kumar, N.; He, D. An intelligent terminal based privacy-preserving multi-modal implicit authentication protocol for internet of connected vehicles. IEEE Trans. Intell. Transp. Syst. 2020, 22, 3939–3951. [Google Scholar] [CrossRef]
- Liu, Y.; Wang, Y.; Chang, G. Efficient privacy-preserving dual authentication and key agreement scheme for secure v2v communications in an iov paradigm. IEEE Trans. Intell. Transp. Syst. 2017, 18, 2740–2749. [Google Scholar] [CrossRef]
- Huang, Z.; Ruj, S.; Cavenaghi, M.A.; Stojmenovic, M.; Nayak, A. A social network approach to trust management in vanets. Peer-to-Peer Netw. Appl. 2014, 7, 229–242. [Google Scholar] [CrossRef]
- Zhou, A.; Li, J.; Sun, Q.; Fan, C.; Lei, T.; Yang, F. A security authentication method based on trust evaluation in vanets. EURASIP J. Wirel. Commun. Netw. 2015, 2015, 1–8. [Google Scholar] [CrossRef]
- He, D.; Chan, S.; Guizani, M. Handover authentication for mobile networks: Security and efficiency aspects. IEEE Netw. 2015, 29, 96–103. [Google Scholar] [CrossRef]
- Wang, S.; Yao, N.; Gong, N.; Gao, Z. A trigger-based pseudonym exchange scheme for location privacy preserving in vanets. Peer-to-Peer Netw. Appl. 2018, 11, 548–560. [Google Scholar] [CrossRef]
- Liu, J.; Li, X.; Jiang, Q.; Obaidat, M.S.; Vijayakumar, P. Bua: A blockchain-based unlinkable authentication in vanets. In Proceedings of the ICC 2020—2020 IEEE International Conference on Communications (ICC), Dublin, Ireland, 7–11 June 2020; IEEE: Piscataway, NJ, USA, 2020; pp. 1–6. [Google Scholar]
- Tzeng, S.-F.; Horng, S.-J.; Li, T.; Wang, X.; Huang, P.-H.; Khan, M.K. Enhancing security and privacy for identity-based batch verification scheme in vanets. IEEE Trans. Veh. Technol. 2015, 66, 3235–3248. [Google Scholar] [CrossRef]
- Sun, X.; Lin, X.; Ho, P.-H. Secure vehicular communications based on group signature and id-based signature scheme. In Proceedings of the 2007 IEEE International Conference on Communications, Glasgow, UK, 24–28 June 2020; IEEE: Piscataway, NJ, USA, 2007; pp. 1539–1545. [Google Scholar]
- Guo, J.; Baugh, J.P.; Wang, S. A group signature based secure and privacy-preserving vehicular communication framework. In Proceedings of the 2007 Mobile Networking for Vehicular Environments, Anchorage, AK, USA, 11 May 2007; IEEE: Piscataway, NJ, USA, 2007; pp. 103–108. [Google Scholar]
- Lu, R.; Lin, X.; Liang, X.; Shen, X. A dynamic privacy-preserving key management scheme for location-based services in vanets. IEEE Trans. Intell. Transp. Syst. 2011, 13, 127–139. [Google Scholar] [CrossRef] [Green Version]
- Zhang, M.; Zhang, Y.; Shen, G. Ppdds: A privacy-preserving disease diagnosis scheme based on the secure mahalanobis distance evaluation model. IEEE Syst. J. 2021, 1–11. [Google Scholar] [CrossRef]
- Zhang, M.; Chen, Y.; Lin, J. A privacy-preserving optimization of neighborhood-based recommendation for medical-aided diagnosis and treatment. IEEE Internet Things J. 2021, 8, 10830–10842. [Google Scholar] [CrossRef]
- Wikipedia Contributors, Trusted Platform Module—Wikipedia, the Free Encyclopedia. 2022. Available online: https://en.wikipedia.org/w/index.php?title=Trusted_Platform_Module&oldid=1086571731 (accessed on 9 May 2022).
- Pointcheval, D.; Stern, J. Security proofs for signature schemes. In Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques, Zaragoza, Spain, 12–16 May 1996; Springer: Berlin/Heidelberg, Germany, 1996; pp. 387–398. [Google Scholar]
- Li, J.; Liu, Y.; Zhang, Z.; Li, B.; Liu, H.; Cheng, J. Efficient id-based message authentication with enhanced privacy in wireless ad-hoc networks. In Proceedings of the 2018 International Conference on Computing, Networking and Communications (ICNC), Maui, HI, USA, 5–8 March 2018; IEEE: Piscataway, NJ, USA, 2018; pp. 322–326. [Google Scholar]
- Liu, J.; Yu, Y.; Zhao, Y.; Jia, J.; Wang, S. An efficient privacy preserving batch authentication scheme with deterable function for vanets. In Proceedings of the International Conference on Network and System Security, Hong Kong, China, 27–29 August 2018; Springer: Berlin/Heidelberg, Germany, 2018; pp. 288–303. [Google Scholar]
Category | Scheme | Method | Limitation |
---|---|---|---|
Message authentication | Asghar et al. [19] | Utilize anonymous certificates to reach message authentication | Vast digital certificates cause huge storage burden |
zhong et al. [20] | Propose a certificateless authentication scheme to ease storage burden | Multiple bilinear pairing operations reduce the verification efficiency | |
Wei et al. [22] | Apply matrix operations to accomplish message authentication | The characteristics of the matrix will bring high communication overhead | |
Message credibility | Liu et al. [23] | Evaluate reputation in cars that have interacted with each other | Frequent interactions cause high latency and communication overhead |
Huang et al. [4] | Evaluate the reliability of data by comparing the opinions of neighboring vehicles with a high weight of proximity to the event | ||
Zhou et al. [25] | According to direct and indirect trust assessment for security authentication | ||
Privacy preservation | He et al. [26] | Store a set of pseudonyms in OBU during the registration phase | The pseudonym has an expiration date and requires the OBU to have a certain storage capacity |
Guo et al. [31] | Use group signature technology to achieve anonymity in secure authenticated messages | The scheme latency is linearly proportional to the number of revocation vehicles |
Parameter | Value |
---|---|
TA | trust authority |
RSU | road-side unit |
TPM | Trust platform module |
cluster head factor | |
indicates the type of vehicle, such as private cars, government cars, public buses, official cars | |
speed of the i-th vehicle | |
average speed of the vehicles in the cluster | |
distance of vehicle will travel on the current road | |
distance between the vehicle and fog head | |
R | vehicle’s broadcast range |
cluster head factor | |
number of neighboring vehicles | |
system parameters | |
hash function | |
ID of vehicle and RSU | |
the first pseudonym and the second pseudonym of the i-th vehicle | |
private key of the i-th vehicle | |
RSU’s private key and public key | |
timestamp | |
‖ | message concatenation operation |
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. |
© 2022 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Zhang, M.; Zhu, B.; Li, Y.; Wang, Y. TPM-Based Conditional Privacy-Preserving Authentication Protocol in VANETs. Symmetry 2022, 14, 1123. https://doi.org/10.3390/sym14061123
Zhang M, Zhu B, Li Y, Wang Y. TPM-Based Conditional Privacy-Preserving Authentication Protocol in VANETs. Symmetry. 2022; 14(6):1123. https://doi.org/10.3390/sym14061123
Chicago/Turabian StyleZhang, Mingwu, Boyao Zhu, Yumei Li, and Yuntao Wang. 2022. "TPM-Based Conditional Privacy-Preserving Authentication Protocol in VANETs" Symmetry 14, no. 6: 1123. https://doi.org/10.3390/sym14061123
APA StyleZhang, M., Zhu, B., Li, Y., & Wang, Y. (2022). TPM-Based Conditional Privacy-Preserving Authentication Protocol in VANETs. Symmetry, 14(6), 1123. https://doi.org/10.3390/sym14061123