| In order to ameliorate the problems of traffic accidents and traffic jams caused by excessive vehicles,the concept of vehicle ad-hoc network(VANET)has been put forward and has become a research hotspot in recent years.In VANET,real-time data is exchanged between vehicles to share their driving status and driving environment.This information can provide data support for driving decision-making and ensure driving safety.There are malicious nodes in VANET that attack the network by forging fake messages and benefit themselves.Vehicles travel fast,and false information may lead to adverse consequences,so it is necessary to take certain measures to ensure the security of data exchanged between vehicles.Encrypting and signing data packets can effectively solve most data security problems and provide confidentiality,authenticity and accountability for data.The security protocol has been standardized in VANET protocol stacks in the US and Europe.The primary means of protecting data security is that each vehicle uses its digital certificate to authenticate the data based on the public key infrastructure.The main contributions and innovations of this thesis are as follows:1.Analyzing the security protocol of VANET,designing and implementing the software for security entity based on these analyses.The data structure of certificate and secured protocol data unit(SPDU)are the cornerstones of the security entity.Each field in the structures has its own representation and has a certain purpose.Some core fields are analyzed and explained.To make it clear,the security entity is logically divided into five modules when designing the structure of software: crypto module,database module,data encoding & decoding module,primitive module and inter-process communication module.After realization of the security entity,this thesis tests the encapsulation and decapsulation service requests initiated by the network & transport layer,and the results show that the functional modules of the security entity work normally and can meet the service requirements of network & transport layer.2.Expanding research on authentication schemes in VANET.There is a great demand for verifying the legitimacy of a lot of SPDUs and certificates in VANET.The system overhead for authenticating these data one by one is relatively large,and the batch authentication scheme can effectively improve the system efficiency when multiple packets are authenticated at once.This thesis proposes a batch authentication scheme for the implicit certificate environment and introduces the batch authentication scheme into the security protocol.In addition,privacy protection is also a hot issue in VANET.This thesis analyzes the privacy-preserving authentication scheme EPA-CPPA,and redesigns the signing,authenticating,and the batch authenticating processes of it,so that the operation efficiency improves significantly. |
PDF Full Text Request