基于PUF函数的轻量级双向认证协议
|
摘要
为保障系统内车辆与车辆以及车辆与基础设施的无线通信安全,根据车联网特点,在不借助可信第三方的情况下,引入物理不可克隆函数,提出一种轻量级双向认证协议。利用GNY逻辑进行形式化分析,并通过安全性分析和效率分析,证明该协议在有效保护隐私的情况下完成双向认证,且能够抵抗克隆、窃听、重放、中间人等攻击,满足车联网的安全需求。效率及安全性分析结果表明,与同类协议相比,该协议具有较高的安全性和认证效率。
Aiming at the characteristics of the internet of vehicles,in order to ensure the wireless communication security of Vechicle-to-Vechicle( V2 V) and Vechicle-to-Infrastructure( V2I) in the system,a Physical Unclonable Function(PUF) is introduced without the aid of a trusted third party,and a lightweight mutual authentication protocol is proposed. Using GNY logic for formal analysis,and through security analysis and efficiency analysis,it proves that the protocol can achieve mutual authentication under the condition of effective protection of privacy,and can resist attacks such as cloning,eavesdropping,replay,and middleman,the protocol can meet the security requirements of VANET.Efficiency and safety analysis results show that the protocol has better security and authentication efficiency than similar protocols.
Aiming at the characteristics of the internet of vehicles,in order to ensure the wireless communication security of Vechicle-to-Vechicle( V2 V) and Vechicle-to-Infrastructure( V2I) in the system,a Physical Unclonable Function(PUF) is introduced without the aid of a trusted third party,and a lightweight mutual authentication protocol is proposed. Using GNY logic for formal analysis,and through security analysis and efficiency analysis,it proves that the protocol can achieve mutual authentication under the condition of effective protection of privacy,and can resist attacks such as cloning,eavesdropping,replay,and middleman,the protocol can meet the security requirements of VANET.Efficiency and safety analysis results show that the protocol has better security and authentication efficiency than similar protocols.
引文
[1]KAIWARTYA O,ABDULLAH A H,CAO Y,et al.Internet of vehicles:motivation,layered architecture,network model,challenges,and future aspects[J].IEEE Access,2016,4:5356-5373.
[2]宋成,张明月,彭维平,等.基于双线性对的车联网批量匿名认证方案研究[J].通信学报,2017,38(6):49-57.
[3]LUCKSHETTY A,DONTAL S,TANGADE S.Asurvey:comparative study of applications,attacks,security and privacy in VANETs[C]//Proceedings of IEEE 2016 International Conference on Communication and Signal Processing.Washington D.C.,USA:IEEE Press,2016:1594-1598.
[4]RAYA M,HUBAUX J P.Securing vehicular ad hoc networks[J].Journal of Computer Security,2007,15(1):39-68.
[5]SHIM K.An ID-based aggregate signature scheme with constant pairng computations[J].Journal of Systems and Software,2010,83(10):1873-1880.
[6]ZHANG C,LU R,LIN X,et al.An efficient identitybased batch verification scheme for vehicular sensor nehvorks[C]//Proceedings of IEEE INFOCOM’08.Washington D.C.,USA:IEEE Press,2008:246-250.
[7]LEE C C,LAI Y M.Toward a secure batch verification with group testing for VANET[J].Wireless Networks,2013,19(6):1441-1449.
[8]HORNG S J,TZENG S F,LI T,et al.Enhancing security and privacy for identity-based batch verification scheme in VANET[J].IEEE Transactions on Vehicular Technology,2015(99):1-12.
[9]BAYAT M,BARMSHOORY M,RAHIMI M,et al.A secure authentication scheme for VANETs with batch verification[J].Wireless Networks,2015,21(5):1733-1743.(52)41
[10]HE D,ZEADALLY S,XU B,et al.An efficient identitybased conditional privacy-preserving authentication scheme for vehicular ad hoc networks[J].IEEETransactions on Information Forensics and Security,2015,10(12):2681-2691.
[11]PAPPU R.Physicalone-way functions[D].[S.1.]:Massachusetts Institute of Technology,2001.
[12]LI Jinglin,LIU Zhihan,YANG Fangchun.Internet of vehicles:the framework and key technology[J].Journal of Beijing University of Posts and Telecommunications,2014,37(6):95-100.
[13]BURROWS M,ABADI M,NEEDHAM R M.A logic of authentication[C]//Proceedings of Royal Society of London a Mathematical,Physical and Engineering Sciences.Washington D.C.,USA:IEEE Press,1989:233-271.
[14]刘博雅,刘年义,杨亚涛.基于椭圆曲线密码的无线射频识别双向认证协议[J].计算机工程,2017,43(1):196-200.
[15]GONG L,NEEDHAM R,YAHALOM R.Reasoning about belief in cryptographic protocols[C]//Proceedings of 1990 IEEE Computer Society Symposium on Research in Security and Privacy.Washington D.C.,USA:IEEE Press,1990:234-248.
[16]马成林,肖美华,邓春艳.基于改进GNY逻辑的Kerberos*协议安全性分析[J].计算机与数字工程,2014,42(10):1758-1762,1882.
[17]张学龙.物理不可克隆函数电路研究[D].宁波:宁波大学,2014.
[2]宋成,张明月,彭维平,等.基于双线性对的车联网批量匿名认证方案研究[J].通信学报,2017,38(6):49-57.
[3]LUCKSHETTY A,DONTAL S,TANGADE S.Asurvey:comparative study of applications,attacks,security and privacy in VANETs[C]//Proceedings of IEEE 2016 International Conference on Communication and Signal Processing.Washington D.C.,USA:IEEE Press,2016:1594-1598.
[4]RAYA M,HUBAUX J P.Securing vehicular ad hoc networks[J].Journal of Computer Security,2007,15(1):39-68.
[5]SHIM K.An ID-based aggregate signature scheme with constant pairng computations[J].Journal of Systems and Software,2010,83(10):1873-1880.
[6]ZHANG C,LU R,LIN X,et al.An efficient identitybased batch verification scheme for vehicular sensor nehvorks[C]//Proceedings of IEEE INFOCOM’08.Washington D.C.,USA:IEEE Press,2008:246-250.
[7]LEE C C,LAI Y M.Toward a secure batch verification with group testing for VANET[J].Wireless Networks,2013,19(6):1441-1449.
[8]HORNG S J,TZENG S F,LI T,et al.Enhancing security and privacy for identity-based batch verification scheme in VANET[J].IEEE Transactions on Vehicular Technology,2015(99):1-12.
[9]BAYAT M,BARMSHOORY M,RAHIMI M,et al.A secure authentication scheme for VANETs with batch verification[J].Wireless Networks,2015,21(5):1733-1743.(52)41
[10]HE D,ZEADALLY S,XU B,et al.An efficient identitybased conditional privacy-preserving authentication scheme for vehicular ad hoc networks[J].IEEETransactions on Information Forensics and Security,2015,10(12):2681-2691.
[11]PAPPU R.Physicalone-way functions[D].[S.1.]:Massachusetts Institute of Technology,2001.
[12]LI Jinglin,LIU Zhihan,YANG Fangchun.Internet of vehicles:the framework and key technology[J].Journal of Beijing University of Posts and Telecommunications,2014,37(6):95-100.
[13]BURROWS M,ABADI M,NEEDHAM R M.A logic of authentication[C]//Proceedings of Royal Society of London a Mathematical,Physical and Engineering Sciences.Washington D.C.,USA:IEEE Press,1989:233-271.
[14]刘博雅,刘年义,杨亚涛.基于椭圆曲线密码的无线射频识别双向认证协议[J].计算机工程,2017,43(1):196-200.
[15]GONG L,NEEDHAM R,YAHALOM R.Reasoning about belief in cryptographic protocols[C]//Proceedings of 1990 IEEE Computer Society Symposium on Research in Security and Privacy.Washington D.C.,USA:IEEE Press,1990:234-248.
[16]马成林,肖美华,邓春艳.基于改进GNY逻辑的Kerberos*协议安全性分析[J].计算机与数字工程,2014,42(10):1758-1762,1882.
[17]张学龙.物理不可克隆函数电路研究[D].宁波:宁波大学,2014.