ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2022, Vol. 59 ›› Issue (4): 781-795.doi: 10.7544/issn1000-1239.20200620

• 信息安全 • 上一篇    下一篇

面向移动边缘计算车联网中车辆假名管理方案

韩牟1,杨晨1,华蕾2,刘帅3,马世典4   

  1. 1(江苏大学计算机科学与通信工程学院 江苏镇江 212013);2(江苏大学汽车与交通工程学院 江苏镇江 212013);3(青岛国创智能家电研究院有限公司 山东青岛 266061);4(江苏大学汽车工程研究院 江苏镇江 212013) (hanmu@ujs.edu.cn)
  • 出版日期: 2022-04-01
  • 基金资助: 
    国家自然科学基金项目(61902156);江苏省研究生创新基金项目(KYLX_1057);江苏省自然科学基金项目(BK20180860)

Vehicle Pseudonym Management Scheme in Internet of Vehicles for Mobile Edge Computing

Han Mu1, Yang Chen1, Hua Lei2, Liu Shuai3, Ma Shidian4   

  1. 1(School of Computer Science and Communication Engineering, Jiangsu University, Zhenjiang, Jiangsu 212013);2(School of Automotive and Traffic Engineering, Jiangsu University, Zhenjiang, Jiangsu 212013);3(Qingdao Guochuang Intelligent Home Appliance Research Institute Co.Ltd, Qingdao, Shandong 266061);4(Automotive Engineering Research Institute, Jiangsu University, Zhenjiang, Jiangsu 212013)
  • Online: 2022-04-01
  • Supported by: 
    This work was supported by the National Natural Science Foundation of China(61902156), the Innovation Plan for Postgraduate Research of Jiangsu Province (KYLX_1057), and the Natural Science Foundation of Jiangsu Province (BK20180860).

摘要: 移动边缘计算(mobile edge computing, MEC)技术将计算和存储资源下沉到网络边缘,为车联网带来了高实时性和可靠性的服务.然而,MEC技术也面临各种安全威胁,攻击者可控制边缘数据中心导致车辆假名信息的泄露,威胁车辆的身份隐私.针对该问题,提出一种面向移动边缘计算车联网中的车辆假名管理方案,使其实现高效更新假名信息、边缘云层安全存储假名信息以及假名的可追踪.该方案使用边缘化、实时性高的边缘云代替中心云对车辆身份进行认证,提高了身份认证效率,进而实现高效的假名更新;对假名信息进行同态加密,保证了假名信息存储的安全性而不影响边缘云层对假名的管理;车辆的每个假名表都关联一个相应的查找词,系统的最高权威机构可由假名表密文计算出查找词,以揭露恶意车辆的真实身份,实现假名的可追踪.然后通过可证明安全理论证明了方案在选择明文攻击下具有不可区分性,并对方案中车辆身份的匿名性、消息的完整性与不可否认性进行了安全性分析,满足了车联网中对车辆身份隐私保护的安全需求.最后对方案中身份认证、假名请求以及同态加密性能等方面进行了效率分析及仿真,结果表明该方案满足车联网低时延通信的需求,并在认证效率上优于现有方案.

关键词: 车联网, 移动边缘计算, 隐私保护, 假名管理, 同态加密

Abstract: Mobile edge computing (MEC) deploys computing and storage resources to the edge of the network, which brings real-time and high-reliability services to the Internet of vehicles (IoV). However, MEC faces various security threats. Attackers may control edge data centers and leak the pseudonym information of the vehicle, thereby threatening the vehicle’s identity privacy. For this problem, a vehicle pseudonym management scheme in MEC-IoV is proposed, which can realize efficient update of pseudonym information, secure storage of pseudonym information in the edge cloud, and traceability of pseudonyms. This scheme uses the edge cloud with high real-time performance to replace the central cloud to authenticate the vehicle identity, which improves the efficiency of identity authentication and realizes efficient pseudonym update. The pseudonym information is encrypted by the homomorphic encryption algorithm, which guarantees the security of the pseudonym information and doesn’t affect pseudonym management in the edge cloud. Each pseudonym table of the vehicle is associated with a search term calculated based on the pseudonym in the table, and the highest authority of the system can calculate the search term based on the ciphertext of the pseudonym table to expose the real identity of the malicious vehicle, which realize traceability of pseudonyms. After that, through the provable security theory, it is proved that the scheme is indistinguishable under the chosen plaintext attack, and the security analysis of the anonymity of the vehicle identity, the integrity and non-repudiation of the message in the scheme is carried out, which achieve the security requirements of preserving vehicle’s identity privacy in IoV. In the end, the efficiency analysis and simulation of the scheme in terms of identity authentication, pseudonym request, and homomorphic encryption performance are carried out. Experimental results show this scheme can achieve the requirements of low-latency communication in IoV and is superior to existing schemes in authentication efficiency.

Key words: Internet of vehicles, mobile edge computing (MEC), privacy preserving, pseudonym management, homomorphic encryption

中图分类号: