Research On Secure Mechanism In Internet Of Vehicles For Information Security Issues

As the core part of an intelligent transportation system(ITS),Internet of Vehicle(IoV)has been developing rapidly.IoV provides a better resolution to traffic problems such as traffic congestion,traffic accidents and the environmental pollution,which can better improve the traffic efficiency and traffic safety.Because the networking based on wireless communication technology is open and dynamic,which is vulnerable to all kinds of information attacks.Security problem is the most key important issues in IoV.How to enhance the resistance ability of many kinds of information attacks has become an important subject in information security field.However,the traditional secure scheme is not adapted to it because of the characteristic of IoV.Furthermore,there are many kinds of attacks in IoV,such as tampering attack,eavesdropping attack,replay attack,forgery attack,Sybil attack and also node capture attack,which cause that the existing security mechanism can not meet the increasing safety requirements.In addition,with the development of IoV in the future,vehicular clouds(VC),as the main form of IoV,will forward a higher demand about security requirement when facing the more and more complex traffic environment and more services by users.According to this,this dissertation designs there secure,high efficient and low-energy schemes based on the cryptography to protect the IoV from various of attacks.The main contents are as follows:(1)Research on an authentication scheme based on Certificateless Public Key CryptographyThe dissertation presents an enhanced authentication scheme based on certificateless public key cryptography(CLPKC),which can resist against tampering attack,replay attack and forgery attack effectively.Firstly,the proposed scheme is provably secure against the adaptive chosen message attack in the random oracle model as long as the computational elliptic curve discrete logarithm problem(ECDLP)is intractable.Furthermore,an anonymous communication and conditional privacy-preserving authentication are supported to protect users'privacy.Every user is issued a smart card with distinct pseudo identities,which are generated by trusted authorities(TAs)according to user's actual identity and secret information.The user's actual identity can be uniquely revealed by the TA when necessary.And also this scheme can resist against smart card stolen attack,which can protect the secret information from acquiring by adversaries.In addition,this scheme supports batch authentication by simultaneously verifying several messages.The scheme use the elliptic curve multiplication instead of the bilinear pairing because that the relative computational costs of a pairing operation are approximately 20 times higher than that of an elliptic curve scalar multiplication.At last,with performance evaluations,the scheme can obtain better trade-offs between security and efficiency than the well-known available schemes.(2)Research on an authentication scheme based on Sybil attack detecting strategyBecause that the Sybil attack always has a big influence in the dynamic networking and is difficult to detect.The general authentication scheme cannot overcome this kind of attack.According to this,this dissertation proposed a Sybil attack detecting strategy based on the authentication scheme pointed in the last chapter.Firstly,the road-side units(RSUs)are always deployed in an unattended environment,which are easy to be compromised by adversaries.The compromised RSU can launch a collusion attack with Sybil attackers that is difficult to detect.According to this,we proposed a scheme for defensing against the node compromising attacks based on RSSI(Received Signal Strength Indicator),which can ensure the security of RSUs.Furthermore,we design a Sybil attack detecting scheme based on single time-limited certification(TLC)strategy.TLC is a certification sent by a legal RSU,which can prove that one car is coming to one point within the communication range of a RSU.This scheme can protect vehicles from external Sybil attackers and inner Sybil attackers effectively.And also this scheme can defense the attack of routing information explosion.At last,with performance evaluations,the proposed protocol can perform more efficiently than other well-known available schemes.When the network is under the environment with Sybil attackers,the proposed strategy can achieve higher message delivery ratio.(3)Research on a secure mechanism based on group key management protocolWith the further development of IoV,autonomous vehicular clouds(AVC),as the combination of cloud computing and conventional vehicular ad hoc networks,will provide abundant resources and services by sharing under-utilized resources of future high-end vehicles such as computing power,storage and internet connectivity.However,security and privacy issues are still big challenges in autonomous vehicular clouds.This dissertation proposed a secure mechanism based on group key management protocol.Firstly,due to the high mobility of vehicular nodes in the zero-infrastructure scenario,we design a two-layered architecture,in which vehicles self-organize to groups to ensure the better communication stability.Furthermore,this scheme design a group key management protocol and encryption scheme based on the Chinese Reminder Theory(CRT)and CLPKC.It supports a high secure and efficient authentication and confidentiality in AVCs.The major advantages of the protocol are that updating keys during the users' join and leave operations is performed efficiently.In addition,in order to reduce the computation overhead at a vehicle side and a cloud server side,the proposed protocol categorizes the traffic information and the way of information transmission into three types,respectively.These features allow our protocol to be performed in various scenarios.At last,the experimental results show that our protocol can handle subgroup key management more efficiently than other well-known schemes.Our scheme is lightweight and hence more suitable for AVCs.