车联网中具有强隐私保护的无证书签名方案  被引量：5

作　　者：朱栋 殷新春[1,2] 宁建廷 ZHU Dong;YIN Xinchun;NING Jianting(College of Information Engineering,Yangzhou University,Yangzhou Jiangsu 225127,China;Guangling College,Yangzhou University,Yangzhou Jiangsu 225000,China;College of Computer and Cyberspace Security,Fujian Normal University,Fuzhou Fujian 350117,China)

机构地区：[1]扬州大学信息工程学院,江苏扬州225127 [2]扬州大学广陵学院,江苏扬州225000 [3]福建师范大学计算机与网络空间安全学院,福州350117

出　　处：《计算机应用》2022年第10期3091-3101,共11页journal of Computer Applications

基　　金：国家自然科学基金资助项目(61972094)。

摘　　要：针对车联网(IoV)通信安全难以保证和车辆私钥频繁更新导致的开销大的问题,首先,证明了现有的无证书聚合签名方案无法同时抵抗公钥替换攻击和恶意密钥生成中心(KGC)攻击;其次,提出了一种适用于IoV且具有强隐私保护的无证书聚合签名方案。所提方案通过引入假名身份来实现车辆的身份隐藏,同时实现可信中心对可疑车辆的事后追查。此外,在所提方案中,车辆的假名身份和公钥可随着区域的变化而动态更新,这样既可以保证车辆的轨迹不被泄露又可以有效避免私钥频繁更新带来的通信和存储开销。在随机预言模型下,在基于椭圆曲线离散对数(ECDL)问题的假设下,证明了所提方案具有认证性和完整性,且满足匿名性、可追踪性和强隐私保护性。所提方案还采用聚合签名技术实现车辆签名的聚合验证,从而降低了验证签名时的计算开销。性能分析表明,当聚合签名所包含的签名数量为100时,与同类型方案相比,所提方案传输聚合签名的通信开销至少减少了约21.4%。To guarantee the communication security of Internet of Vehicles(IoV) and reduce the overhead caused by updating vehicles private key frequently, firstly, the existing certificateless aggregate signature schemes were proved vulnerable to public key replacement attacks and malevolent Key Generation Center(KGC) attack at the same time.Secondly, a certificateless aggregate signature scheme with strong privacy protection and suitable for IoV was proposed. In the proposed scheme, by introducing pseudonymous identities, vehicles’ identities were hidden and trusted authority was capable of tracing malicious vehicles after the events. Meanwhile, vehicles’ pseudonymous identities and public keys were able to be updated dynamically with the change of the area in the proposed scheme. In this way, it was not only able to ensure the safety of vehicles’ trajectories, but also able to avoid the communication and storage overhead brought by frequent private key update effectively. Under the assumption of the Elliptic Curve Discrete Logarithm(ECDL) problem, security proof shows that the proposed scheme satisfies authentication and integrity under the random oracle model. Moreover, anonymity, traceability and strong privacy protection are also provided by the proposed scheme. At the same time, aggregate signature technology was used to realize the aggregated verification of vehicle signatures in the scheme, which reduced the computational cost of verifying the signature. Performance analysis shows that when the number of signatures contained in the aggregate signature is 100, the communication overhead of transmitting aggregated signatures by the proposed scheme is reduced by at least approximately 21. 4% compared with the other related schemes.

关 键 词：车联网 无证书签名 强隐私保护 聚合签名 随机预言模型 

分 类 号：TP309.7[自动化与计算机技术—计算机系统结构]