EAIA: An Efficient and Anonymous Identity-Authentication Scheme in 5G-V2V
<p>System model.</p> "> Figure 2
<p>Registration.</p> "> Figure 3
<p>Mutual authentication.</p> "> Figure 4
<p>Scyther verification result of the EAIA.</p> "> Figure 5
<p>Compare the results of the computational costs.</p> "> Figure 6
<p>Compare the results of the communication cost.</p> "> Figure 7
<p>Comparison of authentication time cost.</p> "> Figure 8
<p>Compare the results of the energy cost.</p> ">
Abstract
:1. Introduction
- In the mutual authentication between vehicles process, the proposed protocol achieves authentication and session key negotiation without the involvement of TAs and RSUs, enabling vehicles to communicate in scenarios lacking traffic infrastructure.
- Using temporary anonymous identities, nodes cannot resolve each other’s real identities, thereby protecting privacy. Once the authentication session is initiated, the established temporary session key is used, avoiding the burden of key management and making it difficult for attackers to obtain keys or tamper with messages.
- Considering the limited computational resources of vehicles, the authentication protocol is designed to be lightweight and efficient while resisting various complex typical attacks.
2. Related Work
3. Preliminaries
3.1. Elliptic Curve Cryptosystem
3.2. Mathematical Problems
- Elliptic Curve Discrete Logarithm Problem (ECDLP)The ECDLP is the foundation of elliptic curve cryptography. Given an elliptic curve E and two points P and Q on it, if there exists an integer k such that , then k is the discrete logarithm of Q with respect to P. Computing this k is known as solving the ECDLP. This problem is considered very difficult, especially over large prime fields, providing the security basis for elliptic curve cryptography.
- Elliptic-Curve Diffie–Hellman (ECDH)ECDH is a key-exchange protocol based on elliptic curves. It allows two participants, who do not share any prior secret information, to agree on a shared key over an insecure communication channel. The steps are as follows:
- Step 1
- Key Generation: each participant chooses a private key a and b and computes the corresponding public keys and , where P is a generator on the elliptic curve.
- Step 2
- Key exchange: participants exchange their public keys.
- Step 3
- Shared Key Computation: Each participant uses the other’s public key and their own private key to compute the shared key. The first participant computes , and the second participant computes . Since , both participants arrive at the same shared key.
3.3. Certificate-Less Public Key Cryptography (CL-PKC)
4. System Model
4.1. System Model
4.2. Attack Model
- Eavesdropping, Interception, Modification, or Deletion of Messages: An adversary can eavesdrop on, intercept, modify, or delete publicly transmitted messages, potentially compromising the confidentiality and integrity of the communication. Passive attacks may also be used to gather sensitive information.
- Replay Attacks: an adversary might capture and resend previously transmitted data packets to deceive other vehicles or infrastructure, leading to the propagation of duplicate or misleading information.
- Message or credential forgery: an adversary might forge false messages or credentials to impersonate legitimate vehicles or road infrastructure, causing the dissemination of incorrect traffic information or false warning messages, thereby impacting road safety.
- Man-in-the-middle attacks: an adversary could position themselves between communicating parties, establishing normal connections with both sides and deceiving them into exchanging data through the attacker.
5. Proposed Scheme EAIA
5.1. System Initialization
5.2. Registration
5.3. Mutual Authentication
5.4. Pseudoidentity Update
6. Security Evaluation
6.1. Security Analysis
- Mutual authentication: For two vehicles requiring mutual authentication, encrypts its identity using ’s public key, ensuring that only can extract ’s identity. To validate the signature and verify the validity of , uses its private key to compute . Only the target vehicle can obtain the correct identity and random number A of and verify ’s identity. Therefore, can also validate the validity of .
- Secure session key agreement: The integrity and confidentiality of the session key are ensured by the principles of ECCDH. If an adversary could forge a session key between vehicles, it would imply that the adversary could solve the computational Diffie–Hellman problem, which is known to be difficult, as discussed in Section 3.2.
- Anonymity and privacy protection: In the proposed protocol, real identities are anonymized by generating pseudonyms, which are then obscured by hash functions. During the authentication process, the messages and do not directly transmit identities. Instead, identities are linked with random numbers, preventing the sender’s identity from being disclosed. Thus, the proposed protocol satisfies user anonymity and privacy protection requirements.
- Resistance to man-in-the-middle attacks: During authentication, authenticated OBUs can verify the requesting OBU by generating its signature using the requesting vehicle’s private key . Without this private key, the authenticated vehicle cannot extract the identity of the requesting vehicle. If an adversary attempts a man-in-the-middle attack, they must possess to complete identity authentication and key exchange. However, remains unknown to any adversary.
- Resistance to impersonation attacks: To successfully impersonate a vehicle, an attacker needs to know the private key of the requesting OBU to generate a legitimate signature . Since the attacker cannot obtain the private key of the requesting vehicle, they cannot generate a valid signature, thus preventing impersonation.
- Resistance to Replay Attacks: in the proposed protocol, timestamps and ensure that session keys cannot be reused by adversaries to disrupt the mutual authentication process.
- Perfect forward secrecy: Forward secrecy ensures that even if participants’ long-term private keys and previous session keys are compromised, the current session key remains secure. In the proposed protocol, if the private keys and of two participants are leaked, adversaries still cannot access the session key without knowing the temporary keys. Assuming the current session keys are and , adversaries might access and . For , it should be computed as , where . However, adversaries do not have access to the temporary keys d or a involved in generating the session key. Therefore, our protocol meets the requirements for forward secrecy.
- Resistance to Random Number Leakage: during the authentication process, even if the random numbers a, b, and d are leaked, adversaries cannot generate the correct session key because the secret keys of the vehicles are used as part of the session key.
6.2. Formal Proof by BAN Logic
- Goal 1:
- Goal 2:
- Goal 3:
- Goal 4:
- Goal 5:
- Message 1:
- Message 2:
- Message 3:
- Message 4:
6.3. Formal Verification by Scyther Tool
7. Performance Evaluation
7.1. Computation Cost
7.2. Communication Cost
7.3. Energy Consumption
7.4. Discussion
8. Conclusions
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Conflicts of Interest
References
- Muhammad, M.; Safdar, G.A. Survey on existing authentication issues for cellular-assisted V2X communication. Veh. Commun. 2018, 12, 50–65. [Google Scholar] [CrossRef]
- Chen, S.; Hu, J.; Shi, Y.; Zhao, L.; Li, W. A Vision of C-V2X: Technologies, Field Testing, and Challenges with Chinese Development. IEEE Internet Things J. 2020, 7, 3872–3881. [Google Scholar] [CrossRef]
- Peter, M.N.; Rani, M.P. V2V Communication and Authentication: The Internet of Things Vehicles(Iotv). Kluw. Commun. 2021, 120, 231–247. [Google Scholar] [CrossRef]
- Shang, Z.; Ma, M.; Li, X. A Secure Group-Oriented Device-to-Device Authentication Protocol for 5G Wireless Networks. IEEE Trans. Wireless Commun. 2020, 19, 7021–7032. [Google Scholar] [CrossRef]
- Weerasinghe, N.; Usman, M.A.; Hewage, C.; Pfluegel, E.; Politis, C. Threshold Cryptography-Based Secure Vehicle-to-Everything (V2X) Communication in 5G-Enabled Intelligent Transportation Systems. Future Internet 2023, 15, 5. [Google Scholar] [CrossRef]
- Hakeem, S.A.A.; Kim, H. Authentication and encryption protocol with revocation and reputation management for enhancing 5G-V2X security. J. King Saud Univ.-Comput. Inf. Sci. 2023, 35, 101638. [Google Scholar] [CrossRef]
- Ali, I.; Hassan, A.; Li, F. Authentication and privacy schemes for vehicular ad hoc networks (VANETs): A survey. Veh. Commun. 2019, 16, 45–61. [Google Scholar] [CrossRef]
- Azam, F.; Yadav, S.K.; Priyadarshi, N.; Padmanaban, S.; Bansal, R.C. A Comprehensive Review of Authentication Schemes in Vehicular Ad-Hoc Network. IEEE Access 2021, 9, 31309–31321. [Google Scholar] [CrossRef]
- Gu, T.; Lim, K.; Choi, G.H.; Wang, X. A Lidar Information-based Privacy-Preserving Authentication Scheme Using Elliptic Curve Cryptosystem in VANETs. In Proceedings of the 2022 IEEE 19th Annual Consumer Communications & Networking Conference (CCNC), Las Vegas, NV, USA, 8–11 January 2022; IEEE: Piscataway, NJ, USA, 2022; pp. 525–526. [Google Scholar] [CrossRef]
- Liu, X.; Zhang, R. A Robust Authentication Scheme with Continuously Updated Information for Vehicular Sensor Networks. IEEE Access 2018, 6, 70473–70486. [Google Scholar] [CrossRef]
- Liu, Y.; Wang, Y.; Chang, G. Efficient Privacy-Preserving Dual Authentication and Key Agreement Scheme for Secure V2V Communications in an IoV Paradigm. IEEE Trans. Intell. Transp. Syst. 2017, 18, 2740–2749. [Google Scholar] [CrossRef]
- Xie, Q.; Ding, Z.; Zheng, P. Provably Secure and Anonymous V2I and V2V Authentication Protocol for VANETs. IEEE Trans. Intell. Transp. Syst. 2023, 24, 7318–7327. [Google Scholar] [CrossRef]
- Wu, L.; Sun, Q.; Wang, X.; Wang, J.; Yu, S.; Zou, Y.; Liu, B.; Zhu, Z. An Efficient Privacy-Preserving Mutual Authentication Scheme for Secure V2V Communication in Vehicular Ad Hoc Network. IEEE Access 2019, 7, 55050–55063. [Google Scholar] [CrossRef]
- Vasudev, H.; Deshpande, V.; Das, D.; Das, S.K. A Lightweight Mutual Authentication Protocol for V2V Communication in Internet of Vehicles. IEEE Trans. Veh. Technol. 2020, 69, 6709–6717. [Google Scholar] [CrossRef]
- Wang, P.; Chen, C.-M.; Kumari, S.; Shojafar, M.; Tafazolli, R.; Liu, Y.-N. HDMA: Hybrid D2D Message Authentication Scheme for 5G-Enabled VANETs. IEEE Trans. Intell. Transp. Syst. 2021, 22, 5071–5080. [Google Scholar] [CrossRef]
- Palaniswamy, B.; Camtepe, S.; Foo, E.; Simpson, L.; Baee, M.A.R.; Pieprzyk, J. Continuous authentication for VANET. Veh. Commun. 2020, 25, 100255. [Google Scholar] [CrossRef]
- Zhou, L.; Leng, S.; Wang, Q.; Liu, Q. Integrated Sensing and Communication in UAV Swarms for Cooperative Multiple Targets Tracking. IEEE Trans. Mob. Comput. 2023, 22, 6526–6542. [Google Scholar] [CrossRef]
- Zhou, L.; Leng, S.; Liu, Q.; Wang, Q. Intelligent UAV Swarm Cooperation for Multiple Targets Tracking. IEEE Internet Things J. 2022, 9, 743–754. [Google Scholar] [CrossRef]
- Xie, Q.; Ding, Z.; Tang, W.; He, D.; Tan, X. Provable secure and lightweight blockchain-based V2I handover authentication and V2V broadcast protocol for VANETs. IEEE Trans. Veh. Technol. 2023, 72, 15200–15212. [Google Scholar] [CrossRef]
- Li, Q. A V2V Identity Authentication and Key Agreement Scheme Based on Identity-Based Cryptograph. Future Internet 2023, 15, 25. [Google Scholar] [CrossRef]
- Mun, H.; Seo, M.; Lee, D.H. Secure Privacy-Preserving V2V Communication in 5G-V2X Supporting Network Slicing. IEEE Trans. Intell. Transp. Syst. 2022, 23, 14439–14455. [Google Scholar] [CrossRef]
- Lim, K.; Tuladhar, K.M. LIDAR: Lidar Information based Dynamic V2V Authentication for Roadside Infrastructure-less Vehicular Networks. In Proceedings of the 2019 16th IEEE Annual Consumer Communications & Networking Conference (CCNC), Las Vegas, NV, USA, 11–14 January 2019; IEEE: Piscataway, NJ, USA, 2019; pp. 1–6. [Google Scholar] [CrossRef]
- Hakeem, S.A.A.; Kim, H. Multi-Zone Authentication and Privacy-Preserving Protocol (MAPP) Based on the Bilinear Pairing Cryptography for 5G-V2X. Sensors 2021, 21, 665. [Google Scholar] [CrossRef] [PubMed]
- Wang, Q.; Li, Y.; Tan, Z.; Fan, N.; Yao, G. Conditional privacy-preserving authentication scheme for V2V communication without pseudonyms. J. Inf. Secur. Appl. 2023, 78, 103616. [Google Scholar] [CrossRef]
- Mohammed, B.A.; Al-Shareeda, M.A.; Manickam, S.; Al-Mekhlafi, Z.G.; Alreshidi, A.; Alazmi, M.; Alshudukhi, J.S.; Alsaffar, M. FC-PA: Fog Computing-Based Pseudonym Authentication Scheme in 5G-Enabled Vehicular Networks. IEEE Access 2023, 11, 18571–18581. [Google Scholar] [CrossRef]
- Nyangaresi, V.O.; Rodrigues, A.J.; Abeka, S.O. Efficient Group Authentication Protocol for Secure 5G Enabled Vehicular Communications. In Proceedings of the 2020 16th International Computer Engineering Conference (ICENCO), Cairo, Egypt, 29–30 December 2020; pp. 25–30. [Google Scholar] [CrossRef]
- Vasudev, H.; Das, D. A Lightweight Authentication Protocol for V2V Communication in VANETs. In Proceedings of the 2018 IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computing, Scalable Computing & Communications, Cloud & Big Data Computing, Internet of People and Smart City Innovation (SmartWorld/SCALCOM/UIC/ATC/CBDCom/IOP/SCI), Guangzhou, China, 8–12 October 2018; IEEE: Piscataway, NJ, USA, 2018; pp. 1237–1242. [Google Scholar] [CrossRef]
- Meng, L.; Xu, H.; Xiong, H.; Zhang, X.; Zhou, X.; Han, Z. An Efficient Certificateless Authenticated Key Exchange Protocol Resistant to Ephemeral Key Leakage Attack for V2V Communication in IoV. IEEE Trans. Veh. Technol. 2021, 70, 11736–11747. [Google Scholar] [CrossRef]
- Cremers, C.J.F. Scyther: Semantics and Verification of Security Protocols; Eindhoven University Technology: Eindhoven, The Netherlands, 2006. [Google Scholar]
- 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Service Requirements for the 5G System; (Release 16), document TS 22.261, V16.12.0, 3GPP, July 2020. Available online: https://portal.3gpp.org/desktopmodules/Specifications/SpecificationDetails.aspx?specificationId=3107 (accessed on 17 March 2023).
- Klaoudatou, E.; Konstantinou, E.; Kambourakis, G.; Gritzalis, S. A survey on cluster-based group key agreement protocols for wsns. IEEE Commun. Surv. Tutor. 2011, 13, 429–442. [Google Scholar] [CrossRef]
- Tan, C.H.; Teo, J.C.M. Energy-efficient idbased group key agreement protocols for wireless network. In Proceedings of the 20th IEEE International Parallel Distributed Processing Symposium, Rhodes Island, Greece, 25–29 April 2006; p. 8. [Google Scholar]
Notion | Description |
---|---|
The security parameter for the system. | |
p, q | The large primes. |
l | The length of session keys. |
G | The additive group over the elliptic curve cryptography. |
P | The generator of G. |
s | The master key of system. |
The public key of system. | |
The hash functions (i = 1,…,4). | |
a, b, d | The random number. |
, | The timestamps chosen in the communication. |
, | The real identity of . |
, | The pseudoidentity of . |
The static private key pair of . | |
The static public key of . | |
The session keys generated in the proposed method. |
Notation | Meaning |
---|---|
X | P believes the message X |
P saw the message X | |
P said the message X | |
P has the message X jurisdiction | |
The message X is fresh | |
X is encrypted with key K | |
K is the security key between P and Q |
Notations | Description | OBU Computation Time (s) |
---|---|---|
Hash (SHA-256) | 2 | |
Scale multiplication | 576 | |
Point addition related to the ECC | 20 | |
Modular exponential operation (1024 bits) | 249 | |
AES-256 encryption/decryption | 530/7425 | |
The computation time of an ECDSA signature generation based on the secp256k1 curve | 12,560 | |
The computation time of an ECDSA signature verification based on the secp256k1 curve | 450 | |
Bilinear pairing | 6574 |
Scheme | Authentication | Time (ms) |
---|---|---|
HDMA | 30.311 | |
PPMA | 0.036 | |
PPDAS | 15.687 | |
SPPC | 38.541 | |
EAIA | 2.354 |
Scheme | Message Size (Bits) | Tt (s) | Tp (s) |
---|---|---|---|
HDMA | 1696 | 67.84 | 0.67 |
PPMA | 1504 | 60.16 | 0.67 |
PPDAS | 2272 | 90.88 | 0.67 |
SPPC | 3216 | 128.64 | 0.67 |
EAIA | 1312 | 52.48 | 0.67 |
Notations | Description | Energy Consumption |
---|---|---|
The energy cost of one exponential operation in G | 9.1 mJ | |
The energy cost of an ECDSA (160 bits) signature generation | 8.8 mJ | |
The energy cost of an ECDSA (160 bits) signature verification | 10.9 mJ | |
The energy cost of one pairing operation | 47.0 mJ | |
The energy cost of one scalar multiplication | 8.8 mJ | |
The energy cost for transmitting one bit | 0.66 J | |
The energy cost for receiving one bit | 0.31 J |
Scheme | Type | Operation | Energy Cost | Total Energy Cost |
---|---|---|---|---|
HDMA | Computational | 148.6 | 150.245 | |
Transmission | 1696 | 1.645 | ||
PPMA | Computational | 0 | 0 | 14.588 |
Transmission | 1504 | 14.588 | ||
PPDAS | Computational | 2 | 64.6 | 66.804 |
Transmission | 2272 | 2.204 | ||
SPPC | Computational | 2 | 55.5 | 58.620 |
Transmission | 3216 | 3.120 | ||
EAIA | Computational | 35.2 | 36.473 | |
Transmission | 1312 | 1.273 |
EAIA | HDMA | PPMA | PPDAS | SPPC | |
---|---|---|---|---|---|
RSU | N | Y | Y | Y | Y |
Mutual authentication | Y | Y | Y | Y | Y |
Key agreement | Y | Y | N | Y | Y |
Private Protection | Y | Y | Y | Y | Y |
Communication cost | L | M | L | H | M |
Computational cost | L | H | L | M | H |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2024 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Du, Q.; Zhou, J.; Ma, M. EAIA: An Efficient and Anonymous Identity-Authentication Scheme in 5G-V2V. Sensors 2024, 24, 5376. https://doi.org/10.3390/s24165376
Du Q, Zhou J, Ma M. EAIA: An Efficient and Anonymous Identity-Authentication Scheme in 5G-V2V. Sensors. 2024; 24(16):5376. https://doi.org/10.3390/s24165376
Chicago/Turabian StyleDu, Qianmin, Jianhong Zhou, and Maode Ma. 2024. "EAIA: An Efficient and Anonymous Identity-Authentication Scheme in 5G-V2V" Sensors 24, no. 16: 5376. https://doi.org/10.3390/s24165376
APA StyleDu, Q., Zhou, J., & Ma, M. (2024). EAIA: An Efficient and Anonymous Identity-Authentication Scheme in 5G-V2V. Sensors, 24(16), 5376. https://doi.org/10.3390/s24165376