车联网中基于证书的局部可验证聚合签名方案

doi:10.3969/j.issn.1671-1122.2025.01.005

信息网络安全 ›› 2025, Vol. 25 ›› Issue (1): 48-62.doi: 10.3969/j.issn.1671-1122.2025.01.005

车联网中基于证书的局部可验证聚合签名方案

夏喆¹^,², 夏学志¹^,², 吕文杰³(), 张明武⁴

1.武汉理工大学计算机与人工智能学院，武汉 430070
2.交通物联网湖北省重点实验室，武汉 430070
3.中国电信股份有限公司浙江分公司，杭州 310009
4.湖北工业大学计算机学院，武汉 430068

收稿日期:2024-10-14 出版日期:2025-01-10 发布日期:2025-02-14
通讯作者: 吕文杰 E-mail:lwj.zj@chinatelecom.cn
作者简介:夏喆（1982—），男，湖北，副教授，博士，主要研究方向为分布式密码学协议、可证明安全理论|夏学志（1999—），男，安徽，硕士研究生，主要研究方向为公钥密码学、隐私保护|吕文杰（1990—），男，浙江，高级工程师，硕士，主要研究方向为网络攻防、信息安全|张明武（1972—），男，湖北，教授，博士，主要研究方向为数据安全、隐私保护
基金资助:
国家重点研发计划(2022YFB3104001);国家自然科学基金(62072134);湖北省重大科技专项(2024BAA011)

Certificate-Based Locally Verifiable Aggregate Signature Scheme in VANETs

XIA Zhe¹^,², XIA Xuezhi¹^,², LYU Wenjie³(), ZHANG Mingwu⁴

1. School of Computer and Artificial Intelligence, Wuhan University of Technology, Wuhan 430070, China
2. Hubei Provincial Key Laboratory of Transportation Internet of Things Technology, Wuhan 430070, China
3. China Telecom Co., Ltd. Zhejiang Branch, Hangzhou 310009, China
4. School of Computer Science, Hubei University of Technology, Wuhan 430068, China

Received:2024-10-14 Online:2025-01-10 Published:2025-02-14
Contact: LYU Wenjie E-mail:lwj.zj@chinatelecom.cn

摘要/Abstract

摘要：

车联网作为车辆与外界的实时通信和信息交换的重要桥梁，可以提高交通安全性、优化交通效率和提升公共服务质量，在智能交通系统和未来智慧城市的发展中具有重要的作用。随着车联网的普及，其中的身份匿名、消息认证、位置隐私等通信安全问题也得到广泛关注。文章提出一种在车联网中基于证书的局部可验证聚合签名隐私保护认证方案，实现安全的车辆到基础设施（V2I）通信。与传统基于身份的聚合签名方案相比，该方案不仅解决了传统基于身份签名方案的密钥托管问题，平衡了权威机构监管和用户隐私之间的矛盾，还在数据验证方面，实现了对车辆数据的批量验证和有效的局部验证，能够验证特定数据块的正确性而不需要知道整个消息序列，降低了额外开销。

关键词: 聚合签名, 身份认证, 基于证书密码学, 车联网

Abstract:

The Vehicular Ad-hoc Network(VANET), as an important bridge for real-time communication and information exchange between vehicles and the external world, can enhance traffic safety, optimize traffic efficiency, and improve the quality of public services. It plays a crucial role in the development of intelligent transportation systems and future smart cities. With the widespread adoption of vehicle networks, communication security issues such as identity anonymity, message authentication, and location privacy have received widespread attention. This paper proposed a certificate-based locally verifiable aggregate signature privacy protection authentication scheme for vehicle-to-infrastructure (V2I) communication in vehicle networks. Compared to traditional identity-based aggregate signature schemes, the proposed solution not only addressed the key escrow problem of traditional identity-based signature schemes but also balanced the conflict between authority supervision and user privacy. In terms of data verification, it achieved batch verification of vehicle data and effective local verification, allowing for the correctness of specific data blocks to be verified without the need to know the entire message sequence, reducing overhead.

Key words: aggregate signature, identity authentication, certificate-based cryptography, vehicular ad hoc network

中图分类号:

TP309

夏喆, 夏学志, 吕文杰, 张明武. 车联网中基于证书的局部可验证聚合签名方案[J]. 信息网络安全, 2025, 25(1): 48-62.

XIA Zhe, XIA Xuezhi, LYU Wenjie, ZHANG Mingwu. Certificate-Based Locally Verifiable Aggregate Signature Scheme in VANETs[J]. Netinfo Security, 2025, 25(1): 48-62.

图/表 8

图1

表1

图2

表2

表3

图3

表4

图4

参考文献 31

[1]	CHENG Jiujun, CHENG Junlu, ZHOU Mengchu, et al. Routing in Internet of Vehicles: A Review[J]. IEEE Transactions on Intelligent Transportation Systems, 2015, 16(5): 2339-2352.
[2]	CAO Yue, LYU Chenchen, SUN Yaping, et al. Review of Research on Misbehavior Detection in VANET[J]. Netinfo Security, 2023, 23(4): 10-19.
	曹越, 吕臣臣, 孙娅苹, 等. 面向车联网环境的异常行为检测机制研究综述[J]. 信息网络安全, 2023, 23(4):10-19.
[3]	QIAO Zirui, YANG Qiliang, ZHOU Yanwei, et al. An Efficient Authentication Key Agreement Protocol with Provable Security for VANET[J]. Chinese Journal of Computers, 2023, 46 (5): 929-944.
	乔子芮, 杨启良, 周彦伟, 等. 可证明安全的高效车联网认证密钥协商协议[J]. 计算机学报, 2023, 46(5):929-944.
[4]	GENTRY C. Certificate-Based Encryption and the Certificate Revocation Problem[C]// Springer. Advances in Cryptology — EUROCRYPT 200. Heidelberg:Springer, 2003: 272-293.
[5]	KANG B G, PARK J H, HAHN S G. A Certificate-Based Signature Scheme[C]// Springer. Topics in Cryptology- CT-RSA 2004. Heidelberg: Springer, 2004: 99-111.
[6]	LI Jiguo, HUANG Xinyi, MU Yi, et al. Certificate-Based Signature: Security Model and Efficient Construction[C]// Springer. Public Key Infrastructure. Heidelberg: Springer, 2007: 110-125.
[7]	ZHOU Caixue, CUI Zongmin. Certificate-Based Signature Scheme in the Standard Model[J]. IET Information Security, 2017, 11(5): 256-260.
[8]	WANG Guoqiang, CAO Yanmei. An Efficient Certificate-Based Signature Scheme in the Standard Model[C]// Springer. Applied Cryptography and Network Security. Heidelberg: Springer, 2021: 313-329.
[9]	LIU Min, WANG Liangliang, ZHANG Kai, et al. A Pairing-Free Certificate-Based Key-Insulated Aggregate Signature Scheme for Wireless Medical Sensor Networks[J]. Peer-to-Peer Networking and Applications, 2024, 17(2): 685-700.
[10]	VERMA G K, KUMAR N, GOPE P, et al. SCBS: A Short Certificate-Based Signature Scheme with Efficient Aggregation for Industrial-Internet-of-Things Environment[J]. IEEE Internet of Things Journal, 2021, 8(11): 9305-9316.
[11]	BONEH D, GENTRY C, LYNN B, et al. Aggregate and Verifiably Encrypted Signatures from Bilinear Maps[C]// Springer. Advances in Cryptology — EUROCRYPT 200. Heidelberg:Springer, 2003: 416-432.
[12]	ZHU Fei, YI Xun, ABUADBBA A, et al. Certificate-Based Anonymous Authentication with Efficient Aggregation for Wireless Medical Sensor Networks[J]. IEEE Internet of Things Journal, 2021, 9(14): 12209-12218. doi: 10.1109/JIOT.2021.3134693
[13]	CHEN Jianneng, ZHOU Yuping, HUANG Zhenjie, et al. An Efficient Aggregate Signature Scheme for Healthcare Wireless Sensor Networks[J]. IEEE Internet of Things Journal, 2021, 6(1): 1-15.
[14]	VERMA G K, GOPE P, SAXENA N, et al. CB-DA: Lightweight and Escrow-Free Certificate-Based Data Aggregation for Smart Grid[J]. IEEE Transactions on Dependable and Secure Computing, 2023, 20(3): 2011-2024.
[15]	ZUO Weiping, LIU Yunfang. An Efficient Certificate-Based Aggregate Signature Scheme[C]// IEEE. 2023 9th International Conference on Computer and Communications (ICCC). New York: IEEE, 2023: 2621-2625.
[16]	LIU J K, BAEK J, ZHOU Jianying, et al. Certificate-Based Sequential Aggregate Signature[C]// ACM. Proceedings of the Second ACM Conference on Wireless Network Security. New York: ACM, 2009: 21-28.
[17]	WU T Y, LEE Zhiyuan, OBAIDAT M S, et al. An Authenticated Key Exchange Protocol for Multi-Server Architecture in 5G Networks[J]. IEEE Access, 2020, 8: 28096-28108.
[18]	KHAN M A, ULLAH I, ALSHARIF M H, et al. Retracted: An Efficient Certificate-Based Aggregate Signature Scheme for Internet of Drones[J]. Security and Communication Networks, 2022, 2022(1): 9718580.
[19]	QIAO Zirui, MA Kui, ZHOU Yanwei, et al. An Anonymous and Efficient Certificate-Based Identity Authentication Protocol for VANET[J]. IEEE Internet of Things Journal, 2023, 11(7): 11232-11245.
[20]	HOU Yingzhe, XIONG Hu, HUANG Xin, et al. Certificate-Based Parallel Key-Insulated Aggregate Signature Against Fully Chosen Key Attacks for Industrial Internet of Things[J]. IEEE Internet of Things Journal, 2021, 8(11): 8935-8948. doi: 10.1109/JIOT.2021.3056477
[21]	HOHENBERGER S, SAHAI A, WATERS B. Full Domain Hash from (Leveled) Multilinear Maps and Identity-Based Aggregate Signatures[C]// Springer. Advances in Cryptology-CRYPTO 2013. Heidelberg: Springer, 2013: 494-512.
[22]	DENG Lunzhi, WANG Tao, FENG Shuai, et al. Secure Identity-Based Designated Verifier Anonymous Aggregate Signature Scheme Suitable for Smart Grids[J]. IEEE Internet of Things Journal, 2022, 10(1): 57-65.
[23]	MEI Qian, XIONG Hu, CHEN Jinhao, et al. Efficient Certificateless Aggregate Signature with Conditional Privacy Preservation in IoV[J]. IEEE Systems Journal, 2020, 15(1): 245-256.
[24]	XU Zhiyan, HE Debiao, KUMAR N, et al. Efficient Certificateless Aggregate Signature Scheme for Performing Secure Routing in VANETs[J]. Security and Communication Networks, 2020, 2020(1): 1-12.
[25]	DENG Lunzhi, YANG Yixian, CHEN Yuling. Certificateless Short Aggregate Signature Scheme for Mobile Devices[J]. IEEE Access, 2019, 7: 87162-87168. doi: 10.1109/ACCESS.2019.2923697
[26]	HU Ronglei, LI Wenjing, JIANG Hua, et al. Certificateless Aggregation Signcryption Scheme Based on Discrete Logarithm[J]. Netinfo Security, 2019, 19(7): 42-49.
	胡荣磊, 李文敬, 蒋华, 等. 基于离散对数的无证书聚合签密方案[J]. 信息网络安全, 2019, 19(7):42-49.
[27]	YE Xin, XU Gencheng, CHENG Xueli, et al. Certificateless-Based Anonymous Authentication and Aggregate Signature Scheme for Vehicular Ad Hoc Networks[J]. Wireless Communications and Mobile Computing, 2021, 2021(1): 1-16.
[28]	GOYAL R, VAIKUNTANATHAN V. Locally Verifiable Signature and Key Aggregation[C]// Springer. Advances in Cryptology-CRYPTO 2022. Heidelberg: Springer, 2022: 761-791.
[29]	MAO Wenze, JIANG Peng, ZHU Liehuang. Locally Verifiable Batch Authentication in IoMT[J]. IEEE Transactions on Information Forensics and Security, 2024, 19: 1001-1014.
[30]	DELERABLÉE C, PAILLIER P, POINTCHEVAL D. Fully Collusion Secure Dynamic Broadcast Encryption with Constant-Size Ciphertexts or Decryption Keys[C]// Springer. Pairing-Based Cryptography-Pairing 2007(Pairing 2007). Heidelberg: Springer, 2007: 39-59.
[31]	DELERABLÉE C, POINTCHEVAL D. Dynamic Threshold Public-Key Encryption[C]// Springer. Advances in Cryptology-CRYPTO 2008. Heidelberg: Springer, 2008: 317-334.

符号	描述
$\lambda $	安全参数
$params$	系统公开参数
$I{{D}_{A}}$	车辆A的身份
$PI{{D}_{A}}$	车辆A的伪身份
$Cer{{t}_{A}}$	CGC颁发给车辆A的证书
$msk$	系统主私钥
$mpk$	系统主公钥
$s{{k}_{I{{D}_{A}}}}$	车辆A的私钥
$p{{k}_{I{{D}_{A}}}}$	车辆A的公钥
${{m}_{i}}$	第i条消息
${{\sigma }_{i}}$	对消息的签名
$\hat{\sigma }$	聚合签名
$au{{x}_{j}}$	${{m}_{j}}$的辅助验证信息

安全属性	文献[13]方案	文献[15]方案	本文方案
消息认证性	√	√	√
匿名性	√	√	√
条件隐私保护	√	×	√
不可链接性	√	×	√
抵抗传统攻击	×	√	√
局部可验证性	×	×	√

方案	Sign	Verify	Aggregate	AggVerify
文献[13] 方案	$4n{{T}_{e}}+2n{{T}_{m}}$	$2n{{T}_{e}}+n{{T}_{m}}+3n{{T}_{bp}}$	$n{{T}_{m}}$	$3n{{T}_{m}}+3n{{T}_{bp}}$
文献[15] 方案	$4n{{T}_{e}}+2n{{T}_{m}}$	$4n{{T}_{e}}+2n{{T}_{m}}$	$2n{{T}_{m}}$	$2(n-1){{T}_{m}}+4{{T}_{bp}}$
本文方案	$n{{T}_{e}}$	$n{{T}_{e}}+n{{T}_{m}}+3n{{T}_{bp}}$	$\begin{align} & \frac{n(n-1)}{2}{{T}_{e}} \\ & +\frac{n(n-1)}{2}{{T}_{d}} \\ \end{align}$	$n{{T}_{e}}+n{{T}_{m}}+3{{T}_{bp}}$
本文方案（局部验证）	$n{{T}_{e}}$	$n{{T}_{e}}+n{{T}_{m}}+3n{{T}_{bp}}$	$\begin{align} & \frac{n(n-1)}{2}{{T}_{e}} \\ & +\frac{n(n-1)}{2}{{T}_{d}} \\ \end{align}$	${{T}_{e}}+{{T}_{m}}+5{{T}_{bp}}$

方案	Sign	Aggregate	AuxGen
文献[13]方案	$2n\|G\|+n\|M\|$	$2\|G\|+n\|M\|$	—
文献[15]方案	$2n\|G\|+2n\|M\|$	$2\|G\|+2n\|M\|$	—
本文方案	$n\|G\|+n\|M\|$	$\|G\|+n\|M\|$	$2\|G\|$

车联网中基于证书的局部可验证聚合签名方案

Certificate-Based Locally Verifiable Aggregate Signature Scheme in VANETs

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 8

参考文献 31

相关文章 15

编辑推荐

Metrics

本文评价

[1]	袁征, 张跃飞, 冯笑, 乔雅馨. 基于PUF的电力物联网智能终端认证协议[J]. 信息网络安全, 2025, 25(1): 13-26.
[2]	段昊哲, 李志慧, 韦性佳, 胡珂欣. d维量子系统中无需纠缠的量子身份认证协议[J]. 信息网络安全, 2024, 24(9): 1364-1374.
[3]	黄旺旺, 周骅, 王代强, 赵麒. 基于国密SM9的物联网可重构密钥安全认证协议设计[J]. 信息网络安全, 2024, 24(7): 1006-1014.
[4]	刘一丹, 马永柳, 杜宜宾, 程庆丰. 一种车联网中的无证书匿名认证密钥协商协议[J]. 信息网络安全, 2024, 24(7): 983-992.
[5]	沈卓炜, 汪仁博, 孙贤军. 基于Merkle树和哈希链的层次化轻量认证方案[J]. 信息网络安全, 2024, 24(5): 709-718.
[6]	田钊, 牛亚杰, 佘维, 刘炜. 面向车联网的车辆节点信誉评估方法[J]. 信息网络安全, 2024, 24(5): 719-731.
[7]	石润华, 杨婧怡, 王鹏博, 刘华伟. V2G中基于区块链的在线/离线跨域身份认证方案[J]. 信息网络安全, 2024, 24(4): 587-601.
[8]	翟鹏, 何泾沙, 张昱. 物联网环境下基于SM9算法和区块链技术的身份认证方法[J]. 信息网络安全, 2024, 24(2): 179-187.
[9]	顾妍妍, 沈丽敏, 高晨旭, 朱婷. 车载网中高效安全的无证书聚合签名方案[J]. 信息网络安全, 2024, 24(2): 188-202.
[10]	陈宝刚, 张毅, 晏松. 民航空管信息系统用户多因子持续身份可信认证方法研究[J]. 信息网络安全, 2024, 24(11): 1632-1642.
[11]	赖成喆, 赵益宁, 郑东. 基于同态加密的隐私保护与可验证联邦学习方案[J]. 信息网络安全, 2024, 24(1): 93-105.
[12]	戴玉, 周非, 薛丹. 基于中国剩余定理秘密共享的切换认证协议[J]. 信息网络安全, 2023, 23(9): 118-128.
[13]	曹越, 吕臣臣, 孙娅苹, 张宇昂. 面向车联网环境的异常行为检测机制研究综述[J]. 信息网络安全, 2023, 23(4): 10-19.
[14]	刘吉强, 王雪微, 梁梦晴, 王健. 基于共享数据集和梯度补偿的分层联邦学习框架[J]. 信息网络安全, 2023, 23(12): 10-20.
[15]	谭伟杰, 杨雨婷, 牛坤, 彭长根. 基于MI-PUF的V2X车联网通信安全认证协议[J]. 信息网络安全, 2023, 23(12): 38-48.