高级检索

    面向车联网增值服务的匿名认证协议的密码分析与设计

    Cryptanalysis and Design of Anonymous Authentication Protocol for Value-Added Services in Internet of Vehicles

    • 摘要: 车联网是智慧城市的重要组成部分,它能够提供道路安全、交通管理、自动驾驶和互联网内容分发服务.其中,内容分发服务是针对车辆或其驾乘人员的互联网增值服务,它面临着比传统互联网服务更严苛的安全挑战.面向车联网增值服务的密钥协商协议能够为其安全通信初始化会话密钥,但已有的多服务器协议大多存在匿名性和前向安全性脆弱的缺点.最近,Vasudev等人使用Hash函数设计了一种面向车联网增值服务的轻量级认证协议.密码分析显示该协议除了匿名性和前向安全性脆弱之外还存在因智能卡丢失导致系统主密钥泄露的致命缺陷.为了弥补这些不足,使用椭圆曲线密码和Hash函数设计了一种适用于车联网增值服务的认证密钥协商协议.安全分析显示,该提案能够满足随机预言模型下的认证密钥协商安全性,具有强匿名性和前向安全性,并且能够抵抗已知的互联网攻击.性能分析显示,所提协议安全性能优于同类协议、用户侧的通信开销至少降低了34%.

       

      Abstract: The Internet of vehicles (IoV) is an important part of a smart city. It can provide road safety, traffic management, autonomous driving, and Internet content distribution services. Among them, the content distribution service is an Internet value-added service for vehicles or their occupants. It faces more stringent security challenges than traditional Internet services. The key agreement protocol for the Internet of vehicles value-added service can initialize the session key for its secure communication, but most of the existing multi-server protocols have the shortcomings of anonymity and forward security. Recently, Vasudev et al. proposed a lightweight authentication protocol for value-added services in IoV using Hash functions. Cryptanalysis shows that in addition to the vulnerability of anonymity and forward security, the protocol also has fatal flaws such as the loss of the master key of the system due to the loss of the smart card. In order to overcome these flaws, elliptic curve cryptography (ECC) and Hash function are used to design an authenticated key agreement protocol suitable for the value-added services in IoV. Security analysis shows that the proposal can satisfy the authenticated key agreement security in the random oracle model, has strong anonymity and forward security, and can resist known Internet attacks. Performance analysis shows that the security of the proposed protocol is better than similar protocols, and the communication overhead on the user side is reduced by at least 34%.

       

    /

    返回文章
    返回