Blockchain-Based Method for Pre-Authentication and Handover Authentication of IoV Vehicles
Abstract
:1. Introduction
- (1)
- A blockchain-based handover authentication method is designed. The decentralized and non-tampering features of the blockchain ensure data security while reducing the authentication overhead.
- (2)
- An improved practical Byzantine fault tolerance (PBFT) consensus based on information matching is designed. Using information matching instead of cryptography to complete the consensus process reduces the computational overhead while improving the efficiency of consensus.
- (3)
- A pre-authentication method is introduced before handover authentication. The RSU stores information for historically accessed vehicles and reduces the computation and communication overhead of vehicles and the RSU during handover authentication by pre-authenticating the vehicles.
2. Related Works
3. Pre-Authentication and Handover Authentication Methods for Vehicles
3.1. Basic Architecture
3.2. Vehicle Access Authentication Process
- (1)
- When vehicle A applies for access to an RSU, it listens to the current RSU broadcast of its own identity information IDRSU and sends the IDRSU of the RSU, location information LRSU, and its own identity identification (virtual IoT device A (VIDA)) to the authentication center of the system for authentication of the RSU identity; the relevant information is encrypted with the public key pubsys of the authentication center.req = Encpubsys (IDRSU, LRSU, VIDA, ts, Hash (IDRSU, LRSU, VIDA, ts))
3.3. Consensus Mechanism between RSUs
- (1)
- When vehicle A finds that the signal intensity of the surrounding RSUs gradually increases while the signal of the currently connected source RSU is decreasing, the vehicle sends a pre-authentication request message to the source RSU. In this message, VIDA represents the vehicle identification; VA represents the current speed of the vehicle, which is used to make a judgment on the authenticity of the vehicle at consensus; HLA is a collection of historical RSU information that vehicle A passes through in a predefined time interval, including the location of the historical RSU, the identification of the historical RSU, and the information of vehicle A’s successful authentication at the historical RSU (such information is also available for other RSUs’ pre-authentication consensus on vehicle identity); T1 represents the timestamp; and S1 represents the digital signature for the pre_auth message from vehicle A with its private key.pre_auth = (VIDA, VA, HLA, T1, S1)
- (2)
- When the source RSU receives the pre-authentication message pre_auth, it checks the timestamp to prevent replay attacks and then verifies the integrity of the message; finally, it pre-authenticates consensus on the handover vehicle. During the pre-authentication consensus, the source RSU first selects a node among consensus nodes as the master node of consensus, and its selection equation can be defined as:N = (b + c) % n
- (3)
- Upon receipt of the message, the master node verifies the correctness of signature S2 and then determines whether the nodes in HLA exist in the neighbor table of the master node. If the nodes in HLA exist in the neighbor table, the pre_prepare message will be constructed and broadcast to the nearby consensus RSUs along the road; the header of the pre_prepare message is changed to pre_prepare, and the original signature is replaced with master node signature S3. The format is as follows:pre_prepare = (pre_prepare, VIDA, VA, HLA, T1, LS, S3)
- (4)
- Upon receipt of the pre_prepare message, the other historical RSUs verify that the signature is correct and then verify the vehicle’s identity. If the authentication is passed, the con_commit message will be broadcast; otherwise, the prepare message will be constructed and broadcast to the consensus RSUs near the road.
- (5)
- Other RSUs that have not authenticated vehicle A will verify that the signature of the master node in the received prepare and con_commit messages is the same as that in the received pre_prepare message to prevent the master node selected by the source RSU from being malicious. If there are 2F messages with the same signature, where F is the number of down or malicious RSUs during the consensus process, the RSU will broadcast the con_commit message containing the authentication result whose Rei is null and request the source RSU to replace the master node to prevent malicious nodes from affecting the pre-authentication result.
- (6)
- After receiving 2F + 1 con_commit messages, the master node performs consensus view statistics on the Rei of its own vehicle authentication results with those of other RSUs to confirm the validity of the vehicle identity.
- (7)
- The source RSU receives a con_reply message indicating that a pre-authentication consensus has been reached, and it will generate a block of pre-authentication results and add it to the blockchain. The pre-authentication result block includes the identification and result information of the pre-authenticated vehicle, the consensus node set information, and the consensus view, as shown in Figure 4.
3.4. Vehicle Handover Authentication Process
4. Analysis and Authentication
4.1. Security Analysis
4.2. Performance Analysis and Verification
5. Conclusions and Prospects
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Conflicts of Interest
References
- Kong, Q.; Lu, R.; Ma, M.; Bao, H. A privacy-preserving sensory data sharing scheme in Internet of Vehicles. Future Gener. Comput. Syst. 2019, 92, 644–655. [Google Scholar] [CrossRef]
- Liu, J.; Zhang, S.; Sun, W.; Shi, Y. In-vehicle network attacks and countermeasures: Challenges and future directions. IEEE Netw. 2017, 31, 50–58. [Google Scholar] [CrossRef]
- Hoppe, T.; Dittman, J. Sniffing/Replay Attacks on CAN Buses: A simulated attack on the electric window lift classified using an adapted CERT taxonomy. In Proceedings of the 2nd Workshop on Embedded Systems Security, Salzburg, Austria, 4 October 2007; pp. 1–6. [Google Scholar]
- Koscher, K.; Czeskis, A.; Roesner, F.; Patel, S.; Kohno, T.; Checkoway, S.; McCoy, D.; Kantor, B.; Anderson, D.; Shacham, H. Experimental security analysis of a modern automobile. In Proceedings of the 2010 IEEE Symposium on Security and Privacy, Berkeley, CA, USA, 16–19 May 2010; pp. 447–462. [Google Scholar]
- Woo, S.; Jo, H.J.; Lee, D.H. A practical wireless attack on the connected car and security protocol for in-vehicle CAN. IEEE Trans. Intell. Transp. Syst. 2014, 16, 993–1006. [Google Scholar] [CrossRef]
- Engoulou, R.G.; Bellaieche, M.; Pierre, S.; Quintero, A. VANET security surveys. Comput. Commun. 2014, 44, 1–13. [Google Scholar] [CrossRef]
- Huang, J.; Qian, Y. A secure and efficient handover authentication and key management protocol for 5G networks. J. Commun. Inf. Netw. 2020, 5, 40–49. [Google Scholar] [CrossRef]
- Xue, K.; Hong, P.; Tie, X. Using security context pre-transfer to provide security handover optimization for vehicular ad-hoc networks. In Proceedings of the 2010 IEEE 72nd Vehicular Technology Conference-Fall, Ottawa, ON, Canada, 6–9 September 2010; pp. 1–5. [Google Scholar]
- Zhu, H.; Lu, R.; Shen, X.; Lin, X. Security in service-oriented vehicular networks. IEEE Wirel. Commun. 2009, 16, 16–22. [Google Scholar]
- Choi, J.; Jung, S.; Kim, Y.; Yoo, M. A fast and efficient handover authentication achieving conditional privacy in V2I networks. In Proceedings of the 9th International Conference, NEW2AN 2009 and Second Conference on Smart Spaces, ruSMART 2009, St. Petersburg, Russia, 15–18 September 2009; Smart Spaces and Next Generation Wired/Wireless Networking. pp. 291–300. [Google Scholar]
- Li, J.S.; Liu, K.H. A lightweight identity authentication protocol for vehicular networks. Telecommun. Syst. 2013, 53, 425–438. [Google Scholar] [CrossRef]
- Zhou, Z.; Zhang, H.; Sun, Z. An improved privacy-aware handoff authentication protocol for VANETs. Wirel. Pers. Commun. 2017, 97, 3601–3618. [Google Scholar] [CrossRef]
- Guo, W.; Liu, Y.; Wang, J. FPAP: Fast pre-distribution authentication protocol for v2i. In Proceedings of the International Conference on Cloud Computing and Security, Nanjing, China, 29–31 July 2016; pp. 25–36. [Google Scholar]
- Zhang, L.; Wu, Q.; Solanas, A.; Domingo-Ferrer, J. A scalable robust authentication protocol for secure vehicular communications. IEEE Trans. Veh. Technol. 2009, 59, 1606–1617. [Google Scholar] [CrossRef] [Green Version]
- Kim, J.; Song, J. A pre-authentication method for secure communications in vehicular ad hoc networks. In Proceedings of the 2012 8th International Conference on Wireless Communications, Networking and Mobile Computing, Shanghai, China, 21–23 September 2012; pp. 1–6. [Google Scholar]
- Lai, C.; Zhou, H.; Cheng, N.; Shen, X.S. Secure group communications in vehicular networks: A software-defined network-enabled architecture and solution. IEEE Veh. Technol. Mag. 2017, 12, 40–49. [Google Scholar] [CrossRef]
- Wang, C.; Shen, J.; Lai, J.F.; Liu, J. A Trustworthiness-Based Time-Efficient V2I Authentication Scheme for VANETs. In Proceedings of the International Conference on Blockchain and Trustworthy Systems, Guangzhou, China, 7–8 December 2019; pp. 794–799. [Google Scholar]
- Jiang, Y.; Ge, S.; Shen, X. AAAS: An anonymous authentication scheme based on group signature in VANETs. IEEE Access 2020, 8, 98986–98998. [Google Scholar] [CrossRef]
- Wang, C.; Shen, J.; Lai, J.F.; Liu, J. B-TSCA: Blockchain assisted trustworthiness scalable computation for V2I authentication in VANETs. IEEE Trans. Emerg. Top. Comput. 2020, 9, 1386–1396. [Google Scholar] [CrossRef]
- Yu, F.; Ma, M.; Li, X. A Blockchain-Assisted Seamless Handover Authentication for V2I Communication in 5G Wireless Networks. In Proceedings of the ICC 2021-IEEE International Conference on Communications, Montreal, QC, Canada, 14–18 June 2021; pp. 1–6. [Google Scholar]
- Maria, A.; Pandi, V.; Lazarus, J.D.; Karuppiah, M.; Christo, M.S. BBAAS: Blockchain-based anonymous authentication scheme for providing secure communication in VANETs. Secur. Commun. Netw. 2021, 2011, 6679882. [Google Scholar] [CrossRef]
- Zhang, X.; Cao, X.; Yan, L.; Sung, D.K. A street-centric opportunistic routing protocol based on link correlation for urban VANETs. IEEE Trans. Mob. Comput. 2015, 15, 1586–1599. [Google Scholar] [CrossRef]
- Lu, R.; Lin, X.; Zhu, H.; Ho, P.H.; Shen, X. ECPP: Efficient conditional privacy preservation protocol for secure vehicular communications. In Proceedings of the IEEE INFOCOM 2008—The 27th Conference on Computer Communications, Phoenix, AZ, USA, 13–18 April 2008; pp. 1229–1237. [Google Scholar]
- Zheng, D.; Jing, C.; Guo, R.; Gao, S.; Wang, L. A traceable blockchain-based access authentication system with privacy preservation in VANETs. IEEE Access 2019, 7, 117716–117726. [Google Scholar] [CrossRef]
Consensus Node | Self-Authentication Result Rei | Commit View | Consensus View |
---|---|---|---|
Historical RSU1 | T | [null, T, T, null] | [T, T, T, null] |
Historical RSU2 | T | [T, null, T, null] | [T, T, T, null] |
Historical RSU3 | T | [T, T, null, null] | [T, T, T, null] |
Historical RSU4 | null | [T, T, T, null] | [T, T, T, null] |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2022 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Li, Q.; Su, W.; Zhang, P.; Cheng, X.; Li, M.; Liu, Y. Blockchain-Based Method for Pre-Authentication and Handover Authentication of IoV Vehicles. Electronics 2023, 12, 139. https://doi.org/10.3390/electronics12010139
Li Q, Su W, Zhang P, Cheng X, Li M, Liu Y. Blockchain-Based Method for Pre-Authentication and Handover Authentication of IoV Vehicles. Electronics. 2023; 12(1):139. https://doi.org/10.3390/electronics12010139
Chicago/Turabian StyleLi, Qiang, Wenlong Su, Peng Zhang, Xinzhou Cheng, Mingxin Li, and Yuanni Liu. 2023. "Blockchain-Based Method for Pre-Authentication and Handover Authentication of IoV Vehicles" Electronics 12, no. 1: 139. https://doi.org/10.3390/electronics12010139
APA StyleLi, Q., Su, W., Zhang, P., Cheng, X., Li, M., & Liu, Y. (2023). Blockchain-Based Method for Pre-Authentication and Handover Authentication of IoV Vehicles. Electronics, 12(1), 139. https://doi.org/10.3390/electronics12010139