车联网中支持非法签名定位的无证书匿名认证方案

doi:10.19678/j.issn.1000-3428.0067902

摘要/Abstract

摘要： 车联网环境中,车辆通过互联网连接到公共网络,车辆信息在传输过程中很容易遭受到攻击者的各种恶意攻击,从而导致车辆隐私信息泄露甚至威胁用户生命安全。2022年,为了保障车辆间公开通信中消息传输的安全性和隐私性,研究人员提出了一种车联网环境下的无证书匿名认证方案,并证明该方案在随机预言机模型下满足签名的不可伪造性。然而,通过安全性分析发现,该方案无法抵抗恶意的密钥生成中心替换攻击以及车辆之间的合谋攻击。针对上述安全缺陷,提出改进的车联网无证书匿名认证方案。在随机预言模型下基于椭圆曲线离散对数问题存在不可伪造性,同时也能够抵抗车辆之间联合发起的合谋攻击。此外,该方案支持非法签名的快速查询,能在聚合签名验证失败后,通过建立非法签名与聚合签名验证等式的关联性,节省对右子节点中非法签名的查找次数,从而迅速定位到非法签名的位置。实验结果表明,与同类方案相比,改进方案在聚合签名验证阶段的计算开销减少了至少25%,并能满足更多的安全属性。

关键词: 车联网, 匿名认证, 无证书签名, 签名伪造, 非法签名定位

Abstract: In the Internet of Vehicles (IoV) environment, vehicles are connected to public networks through the Internet and information is vulnerable to various malicious attacks from attackers during transmission. Consequently, vehicle privacy information is leaked, which can threaten the safety of users. In 2022, to guarantee the security and privacy of message transmission in public communication between vehicles, researchers propose a certificateless anonymous authentication scheme for the IoV and proved that the scheme satisfies signature unforgeability under a random oracle model. However, security analysis revealed that their scheme is unable to resist malicious Key Generation Center(KGC) replacement attacks and collusion attacks between vehicles. Hence, an enhanced certificateless anonymous authentication scheme for the IoV is proposed. The proposed scheme features unforgeability based on the Elliptic-Curve Discrete-Logarithm Problem(ECDLP) under a random oracle model and resists coalition attacks jointly launched among vehicles. Additionally, the proposed scheme supports rapid illegal signature queries and can reduce the number of searches for illegal signatures in the correct child node by establishing a correlation between illegal signatures and the aggregate signature-verification equation after the aggregate signature verification fails, thus promptly locating illegal signatures. The proposed scheme reduces the computational cost in the aggregate signature-verification stage by at least 25% and achieves better security properties than similar solutions.

Key words: Internet of Vehicles(IoV), anonymous authentication, certificateless signature, signature forgery, illegal signatures localization

中图分类号:

TP309.7

杨小东, 李沐紫, 马国祖, 李松谕, 王彩芬. 车联网中支持非法签名定位的无证书匿名认证方案[J]. 计算机工程, 2024, 50(6): 157-165.

YANG Xiaodong, LI Muzi, MA Guozu, LI Songyu, WANG Caifen. Certificateless Anonymous Authentication Scheme Supporting Illegal Signatures Localization for Internet of Vehicles[J]. Computer Engineering, 2024, 50(6): 157-165.

https://www.ecice06.com/CN/Y2024/V50/I6/157

参考文献

[1] 潘森杉,王赛妃.一种抗伪造攻击的车联网无证书聚合签密方案[J].西安电子科技大学学报, 2023, 50(2), 169-177. PAN S S, WANG S F. Certificateless aggregate signcryption scheme against forgery attacks for vehicular ad-hoc networks[J]. Journal of Xidian University, 2023, 50(2):169-177.(in Chinese)
[2] HOU J S, TIAN D X, WANG Y P, et al. Reliability optimal cooperative communication and computing in connected vehicle systems[J]. IEEE Transactions on Mobile Computing, 2020, 19(5):1216-1232.
[3] 徐小雅,于海洋,崔志勇,等.车联网环境下的隐私安全度量方法[J].同济大学学报(自然科学版), 2022, 50(12):1693-1702. XU X Y, YU H Y, CUI Z Y, et al. Privacy metric review of Internet of vehicles[J]. Journal of Tongji University (Natural Science), 2022, 50(12):1693-1702.(in Chinese)
[4] 黄明浩,王雍,李强,等.车联网路侧系统信息安全机制与技术[J].通信技术, 2023, 56(1):82-88. HUANG M H, WANG Y, LI Q, et al. Information security mechanism and technology of roadside system in Internet of vehicles[J]. Communications Technology, 2023, 56(1):82-88.(in Chinese)
[5] GONG Z Y, GAO T H, GUO N. PCAS:cryptanalysis and improvement of pairing-free certificateless aggregate signature scheme with conditional privacy-preserving for VANETs[J]. Ad Hoc Networks, 2023, 144:1-10.
[6] WANG B Y, YI R H, ZHANG S M, et al. An efficient certificateless aggregate signcryption scheme in V2G[J]. Journal of Electrotechnology, Electrical Engineering and Management, 2023, 6(1):1-10.
[7] 朱栋,殷新春,宁建廷.车联网中具有强隐私保护的无证书签名方案[J].计算机应用, 2022, 42(10):3091-3101. ZHU D, YIN X C, NING J T. Certificateless signature scheme with strong privacy protection for Internet of vehicles[J]. Journal of Computer Applications, 2022, 42(10):3091-3101.(in Chinese)
[8] 王春东,罗婉薇,莫秀良.车联网互信认证与安全通信综述[J].计算机科学, 2020, 47(11):1-9. WANG C D, LUO W W, MO X L, et al. Survey on mutual trust authentication and secure communication of Internet of vehicles[J]. Computer Science, 2020, 47(11):1-9.(in Chinese)
[9] KUMAR P, KUMARI S, SHARMA V, et al. Secure CLS and CL-AS schemes designed for VANETs[J]. The Journal of Supercomputing, 2019, 75(6):3076-3098.
[10] CUI J, ZHANG J, ZHONG H, et al. An efficient certificateless aggregate signature without pairings for vehicular ad hoc networks[J]. Information Sciences, 2018, 451(7):1-15.
[11] THUMBUR G, REDDY P V, RAO G S, et al. Efficient and secure certificateless aggregate signature-based authentication scheme for vehicular ad hoc networks[J]. IEEE Internet of Things Journal, 2020, 8(3):1908-1920.
[12] HORNG S J, TZENG S F, HUANG P H, et al. An efficient certificateless aggregate signature with conditional privacy-preserving for vehicular sensor networks[J]. Information Sciences, 2015, 317:48-66.
[13] GAYATHRI N B, THUMBUR G, REDDY P V, et al. Efficient pairing-free certificateless authentication scheme with batch verification for vehicular ad-hoc networks[J]. IEEE Access, 2018, 6(1):31808-31819.
[14] THUMBUR G, RAO G S, REDDY P V. Efficient pairing-free certificateless signature scheme for secure communication in resource-constrained devices[J]. IEEE Communications Letters, 2020, 24(8):1641-1645.
[15] 王大星,滕济凯.车载网中可证安全的无证书聚合签名算法[J].电子与信息学报, 2018, 40(1):11-17. WANG D X, TENG J K. Probably secure cetificateless aggregate signature algorithm for vehicular ad hoc network[J]. Journal of Electronics&Information Technology, 2018, 40(1):11-17.(in Chinese)
[16] 杨小东,麻婷春,陈春霖,等.面向车载自组网的无证书聚合签名方案的安全性分析与改进[J].电子与信息学报, 2019, 41(5):1265-1270. YANG X D, MA T C, CHEN C L, et al. Security analysis and improvement of certificateless aggregate signature scheme for vehicular ad hoc networks[J]. Journal of Electronics&Information Technology, 2019, 41(5):1265-1270.(in Chinese)
[17] ZHONG H, HAN S S, CUI J, et al. Privacy-preserving authentication scheme with full aggregation in VANET[J]. Information Sciences, 2019, 476(18):211-221.
[18] MEI Q, XIONG H, CHEN J H, et al. Efficient certificateless aggregate signature with conditional privacy preservation in IoV[J]. IEEE System Journal, 2020, 15(1):1-12.
[19] 朱栋,殷新春.一种适用于车载自组网的无证书签名方案[J].小型微型计算机系统, 2022, 43(4):785-794. ZHU D, YIN X C. Certificateless signature scheme for vehicular ad-hoc networks[J]. Journal of Chinese Computer Systems, 2022, 43(4):785-794.(in Chinese)
[20] 高岩,邓伦治,施虹宇,等.适用于车联网的无证书强匿名聚合签名方案[J].贵州师范大学学报(自然科学版), 2022, 40(2):96-104. GAO Y, DENG L Z, SHI H Y, et al. Certificateless strong anonymous aggregate signature scheme for Internet of vehicles[J]. Journal of Guizhou Normal University (Natural Sciences), 2022, 40(2):96-104.(in Chinese)
[21] 刘雪艳,王力,郇丽娟,等.车联网环境下无证书匿名认证方案[J].电子与信息学报, 2022, 44(1):295-304. LIU X Y, WANG L, XUN L J, et al. Certificateless anonymous authentication scheme for Internet of vehicles[J]. Journal of Electronics&Information Technology, 2022, 44(1):295-304.(in Chinese)
[22] 赵洪,喻书涵,韩妍妍,等.无证书签名方案的分析与改进[J].计算机应用, 2023, 43(1):147-153. ZHAO H, YU S H, HAN Y Y, et al. Analysis and improvement of certificateless signature scheme[J]. Journal of Computer Applications, 2023, 43(1):147-153.(in Chinese)
[23] 丁晓晖,曹素珍,窦凤鸽,等.基于无证书聚合签名的导航信息更新方案[J].计算机技术与发展, 2022, 32(6):112-119. DING X H, CAO S Z, DOU F G, et al. Navigation information updating scheme based on certificateless aggregate signature in vehicle networking[J]. Computer Technology and Development, 2022, 32(6):112-119.(in Chinese)
[24] 房保纲.基于无线医疗传感器网络的无证书聚合签名研究[D].上海:上海工程技术大学, 2021. FANG B G. Research on certificateless:aggregate signature based on wireless medical sensor networks[D]. Shanghai:Shanghai University of Engineering Science, 2021.(in Chinese)
[25] 陶雪飞. VANETs中隐私安全与认证协议的研究[D].合肥:安徽大学, 2019. TAO X F. Research on privacy security and authentication protocol in VANETs[D]. Hefei:Anhui University, 2019.(in Chinese)
[26] POINTCHEVAL D, STERN J. Security proofs for signature schemes[EB/OL].[2023-05-15]. https://link.springer.com/content/pdf/10.1007/3-540-68339-9_33.pdf.
[27] 杨波.现代密码学[M].北京:清华大学出版社, 2015:65-69. YANG B. Modern cryptography[M]. Beijing:Tsinghua University Press, 2015:65-69.(in Chinese)

选择文件类型/文献管理软件名称

选择包含的内容