分布式智能车载网联系统的匿名认证与密钥协商协议  

作　　者：张晓均[1,2,3,4] 唐浩宇 张楠 王文琛[1,2] 薛婧婷 ZHANG Xiaojun;TANG Haoyu;ZHANG Nan;WANG Wenchen;XUE Jingting(School of Computer Science and Software Engineering,Research Center for Cyber Security,Chengdu 610500,China;Southwest Petroleum University,Research Center for Cyber Security,Chengdu 610500,China;BGP Inc.,China National Petroleum Corporation,ZhuoZhou 072751,China;National Engineering Research Center of Oil&Gas Exploration Computer Software,China National Petroleum Corporation,Zhuozhou 072751,China)

机构地区：[1]西南石油大学计算机与软件学院,成都610500 [2]西南石油大学网络空间安全研究中心,成都610500 [3]中国石油集团东方地球物理勘探有限责任公司,涿州072751 [4]中国石油集团油气勘探计算机软件国家工程研究中心,涿州072751

出　　处：《电子与信息学报》2024年第4期1333-1342,共10页Journal of Electronics & Information Technology

基　　金：国家自然科学基金(61902327);四川省自然科学基金(2023NSFSC1398);中国博士后科学基金(2020M681316)。

摘　　要：智能车载网联系统作为智慧城市建设的重要组成部分,近年来受到学术界与工业界越来越多的关注。智能车载网联系统中提升了智能车辆的行驶安全性与出行效率,但在开放的环境下数据传输容易被截取,造成敏感信息泄漏。因此需要实现匿名认证并且协商正确的会话密钥,来确保智能车载网联系统敏感信息的安全。该文提出面向分布式智能车载网联系统架构的匿名认证与密钥协商协议。该协议基于中国剩余定理秘密分享技术来保护认证标识符,智能车辆能够以线性的计算开销在不同的区域恢复出对应的标识符,该标识符能够长期安全使用且智能车辆能够在不使用防篡改设备的情况下完成安全认证,路侧通信基站能够检测信息的匿名性和完整性,并与智能车辆协商到后续安全通信的会话密钥,同时实现双向认证。此外,协议能够在复杂的分布式智能车载网联系统中拓展批量匿名认证、域密钥更新、车对车的匿名认证、匿名身份可追踪等实用性功能。安全性与性能分析表明该协议能够安全高效地部署在分布式智能车载网联环境。As an important component of smart city construction,intelligent vehicle networking system has received increasing attention from academia and industry in recent years.In the intelligent vehicle networking system,the vehicle communication module transmits real-time data through the wireless sensor networks,improving the driving safety and travel efficiency of intelligent vehicles.The intelligent vehicle networking system is prone to data transmission interception in an open environment,causing sensitive information leakage,and even malicious attackers can anonymously forge the real identity of the intelligent vehicle to disrupt traffic order.Therefore,the intelligent vehicle networking system needs to achieve anonymous authentication and negotiate the correct session key to ensure the confidentiality of sensitive information.In this paper,an anonymous authentication and key agreement protocol is proposed for distributed intelligent vehicle networking system architecture.The protocol protects the authentication identifier based on the secret sharing technology of the Chinese Remainder Theorem.The intelligent vehicle can recover the corresponding identifier in different regions with linear computing overhead.The identifier can be used safely for a long time,and the intelligent vehicle can complete security authentication without using tamper proof devices.The roadside communication base station can check the anonymity and integrity of information,and negotiate the session key for subsequent secure communication with the intelligent vehicle,while achieving bidirectional authentication.In addition,the protocol can expand practical functions such as batch anonymous authentication,domain key update,vehicle to vehicle anonymous authentication,and anonymous identity traceability in complex distributed intelligent vehicle networking system.The security and performance analysis shows that the protocol can be safely and efficiently deployed in a distributed intelligent vehicle networking environment.

关 键 词：智能车载网联系统 匿名认证 中国剩余定理 密钥协商 身份追踪 

分 类 号：TN915[电子电信—通信与信息系统]