基于中国剩余定理秘密共享的切换认证协议

doi:10.3969/j.issn.1671-1122.2023.09.011

摘要/Abstract

摘要：

随着智能汽车行业的发展，车联网安全的应用意义与发展前景备受关注，而身份认证是车联网安全的第一道大门。目前关于车联网身份认证协议的研究重点大多放在车联网中两种实体间的首次认证与批量认证过程，对实体间切换认证过程的协议关注不足，并且现有切换认证协议大多基于区块链进行设计。针对上述情况，文章运用椭圆曲线加密和中国剩余定理秘密共享的技术，在不使用区块链技术的情况下提出了一个基于中国剩余定理秘密共享的车对路切换认证协议，实现了车辆与路边单元双向的初始化认证和切换认证，提高了车辆在路边单元组中切换认证的认证效率。文章首先通过理论推导证明了该协议的正确性，然后利用随机预言机模型证明了该协议的语义安全性，最后对该协议的安全性、计算开销和通信开销三方面进行性能分析，并与其他协议的性能进行对比。结果表明，随着切换认证次数的增加，该协议的累计计算开销和累计通信开销相较于其他协议增长更慢，对资源的消耗更低。

关键词: 车联网, 切换认证, 中国剩余定理, 秘密值共享

Abstract:

With the development of intelligent automobile industry, the security of Internet of Vehicles(IoV) has important application significance and development prospect, and identity authentication is the first gate of IoV security. At present, researches on identity authentication protocols for IoV focus on the initial authentication and batch authentication process between two entities in IoV, and insufficient attention is paid to protocols for inter-entity handover authentication process, and most of the existing handover authentication protocols are designed based on blockchain. In view of the above situation, this paper used elliptic curve encryption and Chinese remainder theorem and secret value sharing technology to propose a vehicle-to-road handover authentication protocol based on Chinese remainder theorem secret sharing without the use of blockchain technology, so as to realize mutual initial authentication and handover authentication between vehicles and roadside units, and improve the authentication efficiency of vehicle handover authentication in roadside unit groups. The correctness of the protocol was proved by theoretical derivation, and the semantic security of the protocol was proved by random oracle model. Finally, the performance of the protocol was analyzed in three aspects: security, computation cost and communication cost, and the performance was compared with that of other protocols. The results show that with the increase of the number of handover authentication, the accumulative computation cost and communication cost of the protocol increase more slowly than that of other protocol, and the resource consumption is lower.

Key words: internet of vehicles, handover authentication, Chinese remainder theorem, secret value sharing

中图分类号:

TP309

戴玉, 周非, 薛丹. 基于中国剩余定理秘密共享的切换认证协议[J]. 信息网络安全, 2023, 23(9): 118-128.

DAI Yu, ZHOU Fei, XUE Dan. Handover Authentication Protocol Based on Chinese Remainder Theorem Secret Sharing[J]. Netinfo Security, 2023, 23(9): 118-128.

图/表 9

表1

图1

图2

表2

表3

表4

图3

表5

图4

参考文献 20

[1]	DUREJA A, SANGWAN S. A Review: Efficient Transportation—Future Aspects of IoV[J]. Evolving Technologies for Computing, Communication and Smart World, 2020, 694: 97-108.
[2]	FAROOQ S M, HUSSAIN S M S, USTUN T S. A Survey of Authentication Techniques in Vehicular Ad-hoc Networks[J]. IEEE Intelligent Transportation Systems Magazine, 2020, 13(2): 39-52. doi: 10.1109/MITS.2020.2985024 URL
[3]	ZHANG Jing, CUI Jie, ZHONG Hong, et al. PA-CRT: Chinese Remainder Theorem Based Conditional Privacy-Preserving Authentication Scheme in Vehicular Ad-hoc Networks[J]. IEEE Transactions on Dependable and Secure Computing, 2019, 18(2): 722-735. doi: 10.1109/TDSC.8858 URL
[4]	XIE Qi, DING Zixuan, ZHENG Panpan. Provably Secure and Anonymous V2I and V2V Authentication Protocol for VANETs[J]. IEEE Transactions on Intelligent Transportation Systems, 2023, 24(7): 1-10.
[5]	KUMAR P, OM H. Secure and Efficient Cache-Based Authentication Scheme for Vehicular Ad-Hoc Networks[J]. Wireless Networks, 2022, 28(7): 2821-2836. doi: 10.1007/s11276-022-03003-y
[6]	YANG Anjia, WENG Jian, YANG Kan, et al. Delegating Authentication to Edge: A Decentralized Authentication Architecture for Vehicular Networks[J]. IEEE Transactions on Intelligent Transportation Systems, 2020, 23(2): 1284-1298. doi: 10.1109/TITS.2020.3024000 URL
[7]	SCOTT M. On the Efficient Implementation of Pairing-Based Protocols[C]// Springer. Cryptography and Coding:13th IMA International Conference. Berlin: Springer, 2011: 296-308.
[8]	SHAH K, CHADOTRA S, TANWAR S, et al. Blockchain for IoV in 6G Environment: Review Solutions and Challenges[J]. Cluster Computing, 2022, 25(3): 1927-1955. doi: 10.1007/s10586-021-03492-0
[9]	ANG L M, SENG K P, IJEMARU G K, et al. Deployment of IoV for Smart Cities: Applications, Architecture, and Challenges[J]. IEEE Access, 2018, 7: 6473-6492. doi: 10.1109/ACCESS.2018.2887076 URL
[10]	KUMAR A, DAS D. EIoVChain: Towards Authentication and Secure Communication Based Blockchain for Internet of Vehicles (IoV)[C]// IEEE. 2021 IEEE International Conference on Blockchain. New York: IEEE, 2021: 47-54.
[11]	ZENG Ping, CHEN Zhijuan, MA Yingjie, et al. Blockchain-Based Privacy-Preserving Certificateless Authentication Scheme for Internet of Vehicles[J]. Application Research of Computers, 2021, 38(10): 2919-2925.
	曾萍, 陈志娟, 马英杰, 等. 基于区块链的IoV隐私保护认证方案设计[J]. 计算机应用研究, 2021, 38(10): 2919-2925.
[12]	HE Daojing, CHAN S, GUIZANI M. Handover Authentication for Mobile Networks: Security and Efficiency Aspects[J]. IEEE Network, 2015, 29(3): 96-103. doi: 10.1109/MNET.2015.7113232 URL
[13]	DWIVEDI S K, AMIN R, VOLLALA S, et al. B-HAS: Blockchain-Assisted Efficient Handover Authentication and Secure Communication Protocol in VANETs[J]. IEEE Transactions on Network Science and Engineering, 2023, 23: 1-14.
[14]	SON S, LEE J, PARK Y, et al. Design of Blockchain-Based Lightweight V2I Handover Authentication Protocol for VANET[J]. IEEE Transactions on Network Science and Engineering, 2022, 9(3): 1346-1358. doi: 10.1109/TNSE.2022.3142287 URL
[15]	NIRANJANAMURTHY M, NITHYA B N, JAGANNATHA S. Analysis of Blockchain Technology: Pros, Cons and SWOT[J]. Cluster Computing, 2019, 22: 14743-14757. doi: 10.1007/s10586-018-2387-5
[16]	CHEN Zewen, ZHANG Longjun, WANG Yumin, et al. A Group Signature Scheme Based on Chinese Remainder Theorem[J]. Acta Electronica Sinica, 2004, 32(7): 1062-1065.
	陈泽文, 张龙军, 王育民, 等. 一种基于中国剩余定理的群签名方案[J]. 电子学报, 2004, 32(7): 1062-1065.
[17]	PANG Liaojun, PEI Qingqi, LI Huixian, et al. Secret Sharing Technology and Its Applications[M]. Beijing: Post & Telecom Press, 2017.
	庞辽军, 裴庆祺, 李慧贤, 等. 秘密共享技术及其应用[M]. 北京: 人民邮电出版社, 2017.
[18]	COPPERSMITH D. Cryptography[J]. IBM Journal of Research and Development, 1987, 31(2): 244-248. doi: 10.1147/JRD.1987.5390134 URL
[19]	KOBLITZ N, MENEZES A J. The Random Oracle Model: A Twenty-Year Retrospective[J]. Designs, Codes and Cryptography, 2015, 77: 587-610. doi: 10.1007/s10623-015-0094-2 URL
[20]	ALIMORADI R, ARKIAN H R, RAZAVIAN S M J, et al. Scalar Multiplication in Elliptic Curve Libraries[J]. Journal of Discrete Mathematical Sciences and Cryptography, 2021, 24(3): 657-666. doi: 10.1080/09720529.2017.1378411 URL

符号	定义
s_t	实体t的私钥
O_t	实体t的公钥
PID_t, TID_t	实体t的假名身份与临时身份
H(·)	单向哈希函数
K	会话密钥
T	时间戳
X	秘密值
PX	秘密值公开验证密钥
q	加法循环群G的阶数

安全属性	文献[4] 协议	文献[13] 协议	文献[14] 协议	本文协议
双向认证	√	√	√	√
匿名性	√	√	√	√
密钥协商及确认	√	√	√	√
抗重放攻击	√	√	√	√
抗合谋攻击	×	×	×	√

符号	定义	执行时间/ms
T_Esm	椭圆曲线上的点乘运算	0.5996
T_Eap	椭圆曲线上的点加运算	0.0023
T_H	单向哈希运算	0.0001

协议	初始化认证/ms		切换认证/ms
协议	V_i	RSU_j	V_i	RSU_j	RSU_k
文献[4]协议	5T_Esm+5T_H= 2.9985	5T_Esm+4T_H= 2.9984	5T_Esm+5T_H= 2.9985	0	5T_Esm+4T_H= 2.9984
文献[13] 协议	3T_Esm+6T_H= 1.7994	3T_Esm+6T_H= 1.7994	3T_Esm+6T_H= 1.7994	3T_Esm+4T_H= 1.7992	6T_Esm+11T_H= 3.5987
文献[14]协议	3T_Esm+11T_H= 1.7999	T_Esm+9T_H= 0.6005	6T_H=0.0006	0	4T_Esm+T_Eap+ 12T_H=2.9984
本文协议	4T_Esm+T_Eap+2T_H= 2.4009	6T_Esm+2T_Eap+ 2T_H=3.6024	T_Esm+2T_H= 0.5998	0	2T_Esm+T_H= 1.1993