[go: up one dir, main page]

CN110366176B - A key agreement method for in-vehicle ad hoc networks - Google Patents

A key agreement method for in-vehicle ad hoc networks Download PDF

Info

Publication number
CN110366176B
CN110366176B CN201910536975.9A CN201910536975A CN110366176B CN 110366176 B CN110366176 B CN 110366176B CN 201910536975 A CN201910536975 A CN 201910536975A CN 110366176 B CN110366176 B CN 110366176B
Authority
CN
China
Prior art keywords
vehicle
mounted device
key agreement
key
identity
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910536975.9A
Other languages
Chinese (zh)
Other versions
CN110366176A (en
Inventor
侯延昭
许晓东
陶小峰
孟锐
王晓雪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing University of Posts and Telecommunications
Original Assignee
Beijing University of Posts and Telecommunications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing University of Posts and Telecommunications filed Critical Beijing University of Posts and Telecommunications
Priority to CN201910536975.9A priority Critical patent/CN110366176B/en
Publication of CN110366176A publication Critical patent/CN110366176A/en
Application granted granted Critical
Publication of CN110366176B publication Critical patent/CN110366176B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • H04L9/0847Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving identity based encryption [IBE] schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/009Security arrangements; Authentication; Protecting privacy or anonymity specially adapted for networks, e.g. wireless sensor networks, ad-hoc networks, RFID networks or cloud networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/043Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
    • H04W12/0431Key distribution or pre-distribution; Key agreement
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/18Self-organising networks, e.g. ad-hoc networks or sensor networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Algebra (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Power Engineering (AREA)
  • Computing Systems (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

本发明实施例提供一种车载自组织网络的密钥协商方法,包括:向可信机构发送身份认证请求信息;接收所述可信机构发送的身份确认信息;向第二车载装置发送密钥协商请求信息;接收第二车载装置发送的密钥协商响应信息;若判断获知密钥协商响应信息有效,则计算第一车载装置和第二车载装置之间的通信私钥。本发明实施例提供的车载自组织网络的密钥协商方法,首先对车载装置进行身份认证,然后,协商双方通过验证消息是否有效来判断是否进行密钥协商,最终实现双向认证并协商出通信私钥。保护了车辆的隐私,并且密钥协商机制的计算开销小。

Figure 201910536975

An embodiment of the present invention provides a key negotiation method for a vehicle-mounted ad hoc network, including: sending identity authentication request information to a trusted organization; receiving identity confirmation information sent by the trusted organization; sending a key negotiation method to a second vehicle-mounted device request information; receive key negotiation response information sent by the second on-board device; if it is determined that the learned key agreement response information is valid, calculate the private key for communication between the first on-board device and the second on-board device. The key negotiation method for a vehicle-mounted ad hoc network provided by the embodiment of the present invention firstly performs identity authentication on the vehicle-mounted device, and then the two parties in the negotiation determine whether to perform key negotiation by verifying whether the message is valid, and finally realizes the two-way authentication and negotiates the communication privacy. key. The privacy of the vehicle is protected, and the computational overhead of the key agreement mechanism is small.

Figure 201910536975

Description

Key negotiation method for vehicle-mounted self-organizing network
Technical Field
The invention relates to the technical field of mobile communication, in particular to a key negotiation method of a vehicle-mounted self-organizing network.
Background
The vehicle-mounted self-organizing network is a large network which realizes wireless communication and information exchange between vehicles (V2V), between vehicles and a base station (V2I) and between vehicles and pedestrians (V2P) according to a specific communication protocol, and is also an integrated network which can realize intelligent transportation and dynamic information service. The vehicle-mounted self-organizing network consists of a vehicle-mounted unit, a roadside unit and a trusted authority. The On Board Unit (OBU) will install wireless communication means for communicating with other vehicles and roadside units; the roadside unit (RSU) can receive the information of other vehicles, forward the information to other vehicles and perform wired communication with a trusted authority; the Trusted Authority (TA) performs identity authentication on the vehicle, and can identify and manage the vehicle under the condition of traffic accidents, forged information and the like.
The vehicle-mounted ad hoc network requires that the vehicle periodically broadcasts information such as the position and the speed of the vehicle to other vehicles and roadside units, but the information sent by the vehicle is transmitted in an unsafe wireless multi-hop mode, and an eavesdropper can attack the vehicle network by eavesdropping a channel, so that the position privacy of the owner of the vehicle is exposed, and meanwhile, the collected information can be used for scattering error information to other vehicles, so that the vehicle privacy protection in the vehicle network is of great importance. In addition, since the computing power of the car networking users in the car networking is generally limited, the computing overhead of the key agreement mechanism is required to be as small as possible.
Disclosure of Invention
It is an object of embodiments of the present invention to provide a key agreement method for a vehicular ad hoc network that overcomes or at least partially solves the above mentioned problems.
In order to solve the foregoing technical problem, an embodiment of the present invention provides a key agreement method for a vehicle-mounted ad hoc network, including:
sending identity authentication request information to a trusted authority, wherein the identity authentication request information comprises an identity identifier of a first vehicle-mounted device and an identity identifier of a second vehicle-mounted device, the first vehicle-mounted device is an initiator of key agreement, and the second vehicle-mounted device is an agreement object of the first vehicle-mounted device;
receiving identity confirmation information sent by the trusted authority, wherein the identity confirmation information is sent by the trusted authority under the condition that the identities of the first vehicle-mounted device and the second vehicle-mounted device are both legal;
sending key negotiation request information to the second vehicle-mounted device, wherein the key negotiation request information is generated by the first vehicle-mounted device according to a preset elliptic curve cryptographic algorithm;
receiving key agreement response information sent by the second vehicle-mounted device, wherein the key agreement response information is sent by the second vehicle-mounted device under the condition that the key agreement request information is verified to be valid;
and if the key negotiation response information is judged to be valid, calculating a communication private key between the first vehicle-mounted device and the second vehicle-mounted device.
Further, before sending the identity authentication request information to the trusted authority, the method further includes:
and receiving the system information broadcast by the trusted authority and the identity identification broadcast by the second vehicle-mounted device.
Further, the system information comprises parameters E, q, Ppub、h0、h1And h2
Wherein, PpubE is an elliptic curve over a finite field, q is the order of a finite cyclic group on the elliptic curve, P is a generator of the finite cyclic group on the elliptic curve, PpubIs a system public key, s is a first random number, h0Is a first hash function, h1Is a second hash function, h2Is a third hash function.
Further, the key negotiation request message includes a parameter ID1、PID0、R0And delta0
Wherein:
Figure BDA0002101422350000021
R0=r0P
δ0=f0r0
f0=h0(ID1,PID0,R0)
PID0、R0、δ0and f0Are all intermediate process parameters, r0Is a second random number, u0Is a third randomNumber, ID0Is the identity, ID, of the first vehicle-mounted device1For the identity of the second onboard device, P is the generator of the finite cyclic group on the elliptic curve, h0Is a first hash function.
Further, the second vehicle-mounted device verifies whether the key agreement request information is valid through a first preset verification formula, if the first preset verification formula is established, the key agreement request information is valid, otherwise, the key agreement request information is invalid;
the first preset verification formula is as follows:
δ0P=f0R0
wherein R is0、δ0And f0Are intermediate process parameters, and P is the generator of the finite cyclic group on the elliptic curve.
Further, the key agreement response information comprises a parameter PID0、R1、δ1
Wherein:
Figure BDA0002101422350000031
R1=r1P
δ1=f1r1
f1=h2(PID0,ID1,SK,r1R0)
R0=r0P
SK=h1(r1R0,ID1,PID0)
PID0、R1、δ1、f1and R0Are all intermediate process parameters, r0Is a second random number, u0Is a third random number, r1Is a fourth random number, ID0Is the identity, ID, of the first vehicle-mounted device1For the identity of the second vehicle-mounted device, P is the generator of the finite cyclic group on the elliptic curve, and SK is the first vehicle-mounted devicePrivate key of communication between device and second in-vehicle device, h1Is a second hash function, h2Is a third hash function.
Further, before the calculating the private key for communication between the first in-vehicle device and the second in-vehicle device, the method further includes:
verifying whether the key negotiation response information is valid through a second preset verification formula, if the second preset verification formula is established, the key negotiation response information is valid, otherwise, the key negotiation response information is invalid;
the second preset verification formula is as follows:
δ1P=f1R1
wherein R is1、δ1And f1Are intermediate process parameters, and P is the generator of the finite cyclic group on the elliptic curve.
In another aspect, an embodiment of the present invention provides a first vehicle-mounted device, including:
the authentication module is used for sending identity authentication request information to a trusted authority, wherein the identity authentication request information comprises an identity identifier of a first vehicle-mounted device and an identity identifier of a second vehicle-mounted device, the first vehicle-mounted device is an initiator of key agreement, and the second vehicle-mounted device is an agreement object of the first vehicle-mounted device;
a first receiving module, configured to receive identity confirmation information sent by the trusted authority, where the identity confirmation information is sent by the trusted authority when it is determined that the identities of the first onboard device and the second onboard device are both legal;
the negotiation module is used for sending key negotiation request information to the second vehicle-mounted device, and the key negotiation request information is generated by the first vehicle-mounted device according to a preset elliptic curve cryptographic algorithm;
a second receiving module, configured to receive key agreement response information sent by the second onboard apparatus, where the key agreement response information is sent by the second onboard apparatus when the key agreement request information is verified to be valid;
and the key generation module is used for calculating a communication private key between the first vehicle-mounted device and the second vehicle-mounted device if the key negotiation response information is judged to be valid.
In another aspect, an embodiment of the present invention provides an electronic device, including: a memory, a processor, and a computer program stored on the memory and executable on the processor, the processor implementing the steps of the above method when executing the computer program.
In yet another aspect, the present invention provides a non-transitory computer readable storage medium, on which a computer program is stored, which when executed by a processor implements the steps of the above method.
The key agreement method of the vehicle-mounted self-organizing network provided by the embodiment of the invention comprises the steps of firstly carrying out identity authentication on a vehicle-mounted device, then judging whether to carry out key agreement or not by verifying whether a message is valid or not by two negotiation parties, and finally realizing bidirectional authentication and negotiating out a communication private key. The privacy of the vehicle is protected and the computational overhead of the key agreement mechanism is small.
Drawings
Fig. 1 is a schematic diagram of a key agreement method of a vehicle-mounted ad hoc network according to an embodiment of the present invention;
fig. 2 is a schematic view of a scenario of a key negotiation mechanism of a vehicle-mounted ad hoc network according to an embodiment of the present invention;
fig. 3 is a timing diagram of a key agreement mechanism of a vehicle ad hoc network according to an embodiment of the present invention;
FIG. 4 is a schematic diagram of a first onboard device according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without making any creative effort, shall fall within the protection scope of the present invention.
Fig. 1 is a schematic diagram of a key agreement method for a vehicle-mounted ad hoc network according to an embodiment of the present invention, and as shown in fig. 1, the embodiment of the present invention provides a key agreement method for a vehicle-mounted ad hoc network, where an execution subject of the key agreement method is a first vehicle-mounted device, and the method includes:
step S101, identity authentication request information is sent to a trusted authority, the identity authentication request information comprises an identity of a first vehicle-mounted device and an identity of a second vehicle-mounted device, the first vehicle-mounted device is an initiator of key agreement, and the second vehicle-mounted device is an agreement object of the first vehicle-mounted device.
Specifically, fig. 2 is a schematic view of a scenario of a key agreement mechanism of a vehicle ad hoc network according to an embodiment of the present invention, as shown in fig. 2, a first vehicle-mounted device V0Is the initiator of the key agreement. Second onboard device V1Is V0The negotiation object of (2). The trusted authority is a registry, is a completely trusted third party, and can resist various security attacks. The task of the system is to generate system parameters, which are broadcast to each vehicle.
Firstly, a first vehicle-mounted device V0And sending identity authentication request information to the trusted authority. When the system is initialized, the trusted authority of the system broadcasts system information, and all vehicle-mounted devices in the area can receive the system information broadcasted by the trusted authority. When the first vehicle-mounted device V0And a second vehicle-mounted device V1When the communication condition is satisfied, for example, when the first in-vehicle device V0And a second vehicle-mounted device V1When the distance between the first and second vehicle-mounted devices is less than the preset distance, the first vehicle-mounted device V0And a second onboard device V1Respectively broadcast the identification marks of the first vehicle-mounted device V0Receives the second onboard device V1Broadcast its identity ID1Then, it is desired to communicate with the second in-vehicle device V1The key agreement is carried out on the first vehicleDevice V0Sending identity authentication request information to a trusted authority, wherein the identity authentication request information comprises a first vehicle-mounted device V0ID of0And a second onboard device V1ID of1
Step S102, receiving identity confirmation information sent by the trusted authority, wherein the identity confirmation information is sent by the trusted authority under the condition that the identity of the first vehicle-mounted device and the identity of the second vehicle-mounted device are both legal.
Specifically, the trusted authority receives the first in-vehicle device V0After the transmitted identity authentication request information, the first vehicle-mounted device V is subjected to0And a second onboard device V1Is authenticated after confirming the first in-vehicle device V0And a second onboard device V1To the first vehicle-mounted device V under the condition that the identities of the vehicle-mounted devices are legal0And sending identity confirmation information.
First vehicle-mounted device V0Receiving identity confirmation information sent by the trusted authority, wherein the identity confirmation information is used for indicating that the trusted authority passes the second vehicle-mounted device V1The identity authentication of (1).
Step S103, sending key negotiation request information to the second vehicle-mounted device, wherein the key negotiation request information is generated by the first vehicle-mounted device according to a preset elliptic curve cryptography algorithm.
Specifically, the first in-vehicle device V0And after receiving the identity confirmation information sent by the trusted authority, starting to perform key agreement. First vehicle-mounted device V0To the second onboard device V1Transmitting key agreement request information by the first in-vehicle device V0And generating according to a preset elliptic curve cryptographic algorithm.
In the embodiment of the invention, a key negotiation mechanism uses a mathematic difficult-to-solve problem to protect the security of a key, wherein the mathematic difficult-to-solve problem is as follows:
(1) discrete logarithm difficult-to-solve problem: gx≡ a mod p, solving x is a difficult problem when integers g and a are known, and a large prime number p is known;
(2) elliptic curve discrete logarithm difficult-to-solve problem: the problem is based on an elliptic curve cryptography algorithm, and the calculation of the integer k is problematic for any one of the discrete points S and Q on the elliptic curve E, so that the equation kS ═ Q holds.
Step S104 is to receive key agreement response information sent by the second onboard device, where the key agreement response information is sent by the second onboard device when the key agreement request information is verified to be valid.
Specifically, the second in-vehicle device V1Receives the first vehicle-mounted device V0After the key agreement request information is sent, whether the key agreement request information is valid is verified through a first preset verification formula, and when the key agreement request information is valid, the key agreement request information is sent to the first vehicle-mounted device V0And sending key agreement response information. First vehicle-mounted device V0Receive the second onboard device V1And sending the key agreement response information.
When the key agreement request message is invalid, the second in-vehicle device V1This key agreement is terminated.
Step S105, if it is determined that the key agreement response information is valid, calculating a communication private key between the first in-vehicle device and the second in-vehicle device.
Specifically, when the first in-vehicle device V0Receives the second onboard device V1After the key agreement response message is sent, the validity of the key agreement response message also needs to be verified, and if the key agreement response message is judged to be valid, the first vehicle-mounted device V is calculated0And a second onboard device V1The private key of communication between.
When the key agreement response message is invalid, the first in-vehicle device V0This key agreement is terminated.
The key agreement method of the vehicle-mounted self-organizing network provided by the embodiment of the invention comprises the steps of firstly carrying out identity authentication on a vehicle-mounted device, then judging whether to carry out key agreement or not by verifying whether a message is valid or not by two negotiation parties, and finally realizing bidirectional authentication and negotiating out a communication private key. The privacy of the vehicle is protected and the computational overhead of the key agreement mechanism is small.
Based on any one of the above embodiments, further before sending the identity authentication request information to the trusted authority, the method further includes:
and receiving the system information broadcast by the trusted authority and the identity identification broadcast by the second vehicle-mounted device.
Specifically, when the system is initialized, the trusted authority of the system broadcasts system information, and all vehicle-mounted devices in the area can receive the system information broadcasted by the trusted authority. When the first vehicle-mounted device V0And a second vehicle-mounted device V1When the communication condition is satisfied, for example, when the first in-vehicle device V0And a second vehicle-mounted device V1When the distance between the first and second vehicle-mounted devices is less than the preset distance, the first vehicle-mounted device V0And a second onboard device V1Respectively broadcast the identification marks of the first vehicle-mounted device V0Receives the second onboard device V1Broadcast its identity ID1Then, it is desired to communicate with the second in-vehicle device V1The first vehicle-mounted device V carries out key agreement0And sending identity authentication request information to the trusted authority.
The key agreement method of the vehicle-mounted self-organizing network provided by the embodiment of the invention comprises the steps of firstly carrying out identity authentication on a vehicle-mounted device, then judging whether to carry out key agreement or not by verifying whether a message is valid or not by two negotiation parties, and finally realizing bidirectional authentication and negotiating out a communication private key. The privacy of the vehicle is protected and the computational overhead of the key agreement mechanism is small.
Based on any of the above embodiments, further, the system information includes parameters E, q, P, and Ppub、h0、h1And h2
Wherein, PpubE is an elliptic curve over a finite field, q is the order of a finite cyclic group on the elliptic curve, P is a generator of the finite cyclic group on the elliptic curve, PpubIs a system public key, s is a first random number, h0Is a first hash function, h1Is a second hash function, h2Is a third hash function.
Specifically, in the embodiment of the present invention, the key agreement mechanism uses a mathematical difficult-to-solve problem to protect the security of the key, where the mathematical difficult-to-solve problem is as follows:
(1) discrete logarithm difficult-to-solve problem: gx≡ a mod p, solving x is a difficult problem when integers g and a are known, and a large prime number p is known;
(2) elliptic curve discrete logarithm difficult-to-solve problem: the problem is based on an elliptic curve cryptography algorithm, and the calculation of the integer k is problematic for any one of the discrete points S and Q on the elliptic curve E, so that the equation kS ═ Q holds.
When the system is initialized, the system information broadcast by the trusted authority of the system comprises parameters E, q, P and Ppub、h0、h1And h2
Wherein, PpubE is an elliptic curve over a finite field, FqIs a large prime number P, q is the order of a finite cyclic group on the elliptic curve, P is the generator of the finite cyclic group on the elliptic curve, PpubIs a system public key, s is a first random number,
Figure BDA0002101422350000081
Figure BDA0002101422350000082
is a predetermined domain, h0Is a first hash function, h1Is a second hash function, h2Is a third hash function.
The key agreement method of the vehicle-mounted self-organizing network provided by the embodiment of the invention comprises the steps of firstly carrying out identity authentication on a vehicle-mounted device, then judging whether to carry out key agreement or not by verifying whether a message is valid or not by two negotiation parties, and finally realizing bidirectional authentication and negotiating out a communication private key. The privacy of the vehicle is protected and the computational overhead of the key agreement mechanism is small.
Based on any of the above embodiments, further, the key agreement request information includes a parameter ID1、PID0、R0And delta0
Wherein:
Figure BDA0002101422350000091
R0=r0P;
δ0=f0r0
f0=h0(ID1,PID0,R0);
PID0、R0、δ0and f0Are all intermediate process parameters, r0Is a second random number, u0Is a third random number, ID0Is the identity, ID, of the first vehicle-mounted device1For the identity of the second onboard device, P is the generator of the finite cyclic group on the elliptic curve, h0Is a first hash function.
Specifically, the first in-vehicle device V0And after receiving the identity confirmation information sent by the trusted authority, starting to perform key agreement. First vehicle-mounted device V0To the second onboard device V1Transmitting key agreement request information by the first in-vehicle device V0And generating according to a preset elliptic curve cryptographic algorithm.
The key agreement request information includes a parameter ID1、PID0、R0And delta0
Wherein:
Figure BDA0002101422350000092
R0=r0P;
δ0=f0r0
f0=h0(ID1,PID0,R0);
PID0、R0、δ0and f0All are involved in the intermediate processNumber r0Is a second random number that is a function of the first random number,
Figure BDA0002101422350000093
u0is a third random number that is a random number,
Figure BDA0002101422350000094
Figure BDA0002101422350000095
is a predetermined domain, r0Is a second random number, u0Is a third random number, ID0Is the identity, ID, of the first vehicle-mounted device1For the identity of the second onboard device, P is the generator of the finite cyclic group on the elliptic curve, h0Is a first hash function.
The key agreement method of the vehicle-mounted self-organizing network provided by the embodiment of the invention comprises the steps of firstly carrying out identity authentication on a vehicle-mounted device, then judging whether to carry out key agreement or not by verifying whether a message is valid or not by two negotiation parties, and finally realizing bidirectional authentication and negotiating out a communication private key. The privacy of the vehicle is protected and the computational overhead of the key agreement mechanism is small.
Based on any one of the above embodiments, further, the second onboard apparatus verifies whether the key agreement request information is valid through a first preset verification formula, if the first preset verification formula is true, the key agreement request information is valid, otherwise, the key agreement request information is invalid;
the first preset verification formula is as follows:
δ0P=f0R0
wherein R is0、δ0And f0Are intermediate process parameters, and P is the generator of the finite cyclic group on the elliptic curve.
Specifically, the second in-vehicle device V1Receives the first vehicle-mounted device V0After the key agreement request information is sent, whether the key agreement request information is valid is verified through a first preset verification formula, and when the key agreement request information is valid, the key agreement request information is sent to the first vehicle-mounted device V0And sending key agreement response information. First vehicle-mounted device V0Receive the second onboard device V1And sending the key agreement response information.
When the key agreement request message is invalid, the second in-vehicle device V1This key agreement is terminated.
Second onboard device V1And verifying whether the key negotiation request information is valid through a first preset verification formula, if the first preset verification formula is established, the key negotiation request information is valid, and if not, the key negotiation request information is invalid.
The first preset verification formula is as follows:
δ0P=f0R0
wherein R is0、δ0And f0Are intermediate process parameters, and P is the generator of the finite cyclic group on the elliptic curve.
First predetermined verification formula delta0P=f0R0Can be derived as δ0P=(f0r0)P=f0(r0P)=f0R0The satisfaction of the first preset verification formula indicates that the second in-vehicle device V1 received the information from the first in-vehicle device V0The information of (1).
The key agreement method of the vehicle-mounted self-organizing network provided by the embodiment of the invention comprises the steps of firstly carrying out identity authentication on a vehicle-mounted device, then judging whether to carry out key agreement or not by verifying whether a message is valid or not by two negotiation parties, and finally realizing bidirectional authentication and negotiating out a communication private key. The privacy of the vehicle is protected and the computational overhead of the key agreement mechanism is small.
Based on any of the above embodiments, further, the key agreement response information includes a parameter PID0、R1、δ1
Wherein:
Figure BDA0002101422350000111
R1=r1P;
δ1=f1r1
f1=h2(PID0,ID1,SK,r1R0);
R0=r0P;
SK=h1(r1R0,ID1,PID0);
PID0、R1、δ1、f1and R0Are all intermediate process parameters, r0Is a second random number, u0Is a third random number, r1Is a fourth random number, ID0Is the identity, ID, of the first vehicle-mounted device1P is a generation element of a finite cyclic group on an elliptic curve, SK is a communication private key between the first vehicle-mounted device and the second vehicle-mounted device, and h is an identity of the second vehicle-mounted device1Is a second hash function, h2Is a third hash function.
Specifically, when the key agreement request message is valid, the second in-vehicle device V1Generating key negotiation response information and sending the key negotiation response information to the first vehicle-mounted device V0
The key agreement response information comprises a parameter PID0、R1、δ1
Wherein:
Figure BDA0002101422350000112
R1=r1P;
δ1=f1r1
f1=h2(PID0,ID1,SK,r1R0);
R0=r0P;
SK=h1(r1R0,ID1,PID0);
PID0、R1、δ1、f1and R0Are all intermediate process parameters, r0Is a second random number that is a function of the first random number,
Figure BDA0002101422350000113
Figure BDA0002101422350000114
u0is a third random number that is a random number,
Figure BDA0002101422350000115
r1is a fourth random number, and is,
Figure BDA0002101422350000116
Figure BDA0002101422350000117
is a predetermined domain, ID0Is the identity, ID, of the first vehicle-mounted device1P is a generation element of a finite cyclic group on an elliptic curve, SK is a communication private key between the first vehicle-mounted device and the second vehicle-mounted device, and h is an identity of the second vehicle-mounted device1Is a second hash function, h2Is a third hash function.
The key agreement method of the vehicle-mounted self-organizing network provided by the embodiment of the invention comprises the steps of firstly carrying out identity authentication on a vehicle-mounted device, then judging whether to carry out key agreement or not by verifying whether a message is valid or not by two negotiation parties, and finally realizing bidirectional authentication and negotiating out a communication private key. The privacy of the vehicle is protected and the computational overhead of the key agreement mechanism is small.
Based on any one of the above embodiments, further before the calculating the private key for communication between the first in-vehicle device and the second in-vehicle device, the method further includes:
verifying whether the key negotiation response information is valid through a second preset verification formula, if the second preset verification formula is established, the key negotiation response information is valid, otherwise, the key negotiation response information is invalid;
the second preset verification formula is as follows:
δ1P=f1R1
wherein R is1、δ1And f1Are intermediate process parameters, and P is the generator of the finite cyclic group on the elliptic curve.
Specifically, when the first in-vehicle device V0Receives the second onboard device V1After the key agreement response message is sent, the validity of the key agreement response message also needs to be verified, and if the key agreement response message is judged to be valid, the first vehicle-mounted device V is calculated0And a second onboard device V1The private key of communication between.
When the key agreement response message is invalid, the first in-vehicle device V0This key agreement is terminated.
First vehicle-mounted device V0And verifying whether the key negotiation response information is valid through a second preset verification formula, if the second preset verification formula is established, the key negotiation response information is valid, and if not, the key negotiation response information is invalid.
The second preset verification formula is as follows:
δ1P=f1R1
wherein R is1、δ1And f1Are intermediate process parameters, and P is the generator of the finite cyclic group on the elliptic curve.
First vehicle-mounted device V0Verifying the formula delta by a second preset1P=f1R1Verifying the correctness of the digital signature, and a second predetermined verification formula delta1P=f1R1Can be deduced as delta1P=(f1r1)P=f1(r1P)=f1R1The establishment of the formula explains the first vehicle-mounted device V0Has received the information from the second in-vehicle device V1The message of (2).
First vehicle-mounted device V0Calculating it and a second onboard device V1The formula of the private key for communication between the two is as follows:
SK=h1(r0R1,ID1,PID0)
wherein, PID0And R1Are all intermediate process parameters, r0Is a second random number that is a function of the first random number,
Figure BDA0002101422350000121
Figure BDA0002101422350000122
is a predetermined domain, ID1SK is a private key of communication between the first vehicle-mounted device and the second vehicle-mounted device, h is an identity of the second vehicle-mounted device1Is a second hash function.
In contrast to the above embodiment, the second in-vehicle device V1Calculate it and the first vehicle-mounted device V0The formula of the private key for communication between the two is as follows:
SK=h1(r1R0,ID1,PID0)
PID0and R0Are all intermediate process parameters, r1Is a fourth random number, and is,
Figure BDA0002101422350000131
Figure BDA0002101422350000132
is a predetermined domain, ID1SK is a private key of communication between the first vehicle-mounted device and the second vehicle-mounted device, h is an identity of the second vehicle-mounted device1Is a second hash function.
The difference of the two calculated communication private keys lies in r0R1And r1R0According to r0R1=r0r1P=r1r0P=r1R0It can be seen that the first in-vehicle device V0Generated communication private key and second in-vehicle device V1The generated private communication key is consistent.
The security analysis of the key agreement mechanism in the embodiment of the invention is as follows:
(1) in the first vehicle-mounted device V0The second onboard device V1And in the process of carrying out key agreement, the digital signature is used for verifying the correctness of the message, the subsequent information interaction step can be continued only if the signature verification is passed, and if the signature is not passed, repeated signature authentication is carried out or the vehicle node is abandoned. The digital signature can solve the problems of repudiation, forgery, falsification and the like of information in the transmission process, ensure that the information received by the node comes from a safe node, and prevent the attack of a malicious node.
(2) In the key agreement process, the first vehicle-mounted device V0The second onboard device V1The negotiated communication key satisfies SK h1(r0R1,ID1,PID0)=h1(r1R0,ID1,PID0) Wherein r is0、r1Are respectively the first vehicle-mounted device V0The second onboard device V1And selecting a random number. Based on the problem of discrete logarithm of an elliptic curve, only a first vehicle-mounted device V in the communication system0The second onboard device V1Knowing the random number of its own choosing, it is difficult for the rest of the devices to calculate it, and the final session key is only the first vehicle-mounted device V0The second onboard device V1Knowing, therefore, the first vehicle-mounted device V0The second onboard device V1The negotiated session key is secure.
(3) In the key agreement process, the first vehicle-mounted device V0Before sending out the key agreement application, the identity authentication is carried out to the trusted authority, and a second vehicle-mounted device V is obtained1Is unique identification ID of1. But the second in-vehicle device V1Only receives the first vehicle-mounted device V0Temporary identity PID of0Due to calculation of PID0In the formula (a) u0Is a first vehicle-mounted device V0Randomly selected, thus the second vehicle-mounted device V1The first vehicle-mounted device V cannot be obtained0Thereby protecting the first vehicle-mounted device V0The identity security of the system realizes the hidden key negotiation initiator V0The purpose of the identity.
The key agreement method of the vehicle-mounted self-organizing network provided by the embodiment of the invention comprises the steps of firstly carrying out identity authentication on a vehicle-mounted device, then judging whether to carry out key agreement or not by verifying whether a message is valid or not by two negotiation parties, and finally realizing bidirectional authentication and negotiating out a communication private key. The privacy of the vehicle is protected and the computational overhead of the key agreement mechanism is small.
Fig. 3 is a timing diagram of a key agreement mechanism of a vehicle ad hoc network according to an embodiment of the present invention, where as shown in fig. 3, the mechanism includes:
s1, negotiating key to initiator vehicle V0Initializing a system in the vehicle-mounted self-organizing network, wherein a trusted authority of the system publishes system parameters: params ═ { E, P, q, P ═ Ppub,h0,h1,h2};
S2、V0Submitting an identity authentication application to a trusted authority, the trusted authority applying to V0Returning system private keys s and V0Vehicle node V to be negotiated1ID of1;V1Application for identity authentication to trusted authority, trusted authority checking V1After the validity of the authorization V1Returning a unique identity ID1
S3、V0To V1Sending a message V0→V1:req=(ID1,PID0,R0,δ0);V1Return V0Message V1→V0:res=(PID0,R1,δ1);V0Verifying the received response message res ═ (PID)0,R1,δ1)。
Fig. 4 is a schematic diagram of a first vehicle-mounted device according to an embodiment of the present invention, and as shown in fig. 4, the first vehicle-mounted device according to the embodiment of the present invention includes an authentication module 401, a first receiving module 402, a negotiation module 403, a second receiving module 404, and a key generation module 405, where:
the authentication module 401 is configured to send identity authentication request information to a trusted authority, where the identity authentication request information includes an identity of a first vehicle-mounted device and an identity of a second vehicle-mounted device, the first vehicle-mounted device is an initiator of key agreement, and the second vehicle-mounted device is an object of the first vehicle-mounted device in agreement.
The first receiving module 402 is configured to receive identity confirmation information sent by the trusted authority, where the identity confirmation information is sent by the trusted authority when it is determined that the identities of the first onboard device and the second onboard device are both legal.
The negotiation module 403 is configured to send a key negotiation request message to the second vehicle-mounted device, where the key negotiation request message is generated by the first vehicle-mounted device according to a preset elliptic curve cryptography algorithm.
The second receiving module 404 is configured to receive a key agreement response message sent by the second vehicle-mounted device, where the key agreement response message is sent by the second vehicle-mounted device under the condition that the key agreement request message is verified to be valid.
The key generation module 405 is configured to calculate a communication private key between the first vehicle-mounted device and the second vehicle-mounted device if it is determined that the key agreement response message is valid.
Specifically, first, the first onboard device V0Identity authentication request information is sent to the trusted authority through the authentication module 401. When the system is initialized, the trusted authority of the system broadcasts system information, and all vehicle-mounted devices in the area can receive the system information broadcasted by the trusted authority. When the first vehicle-mounted device V0And a second vehicle-mounted device V1When the communication condition is satisfied, for example, when the first in-vehicle device V0And a second vehicle-mounted device V1When the distance between the first and second vehicle-mounted devices is less than the preset distance, the first vehicle-mounted device V0And a second onboard device V1Respectively broadcast the identification marks of the first vehicle-mounted device V0Receives the second onboard device V1Broadcast its identity ID1Then, it is desired to communicate with the second in-vehicle device V1The first vehicle-mounted device V carries out key agreement0Sending identity authentication request information to a trusted authority, the identity authentication request informationThe information includes a first vehicle-mounted device V0ID of0And a second onboard device V1ID of1
The trusted authority receives the first vehicle-mounted device V0After the transmitted identity authentication request information, the first vehicle-mounted device V is subjected to0And a second onboard device V1Is authenticated after confirming the first in-vehicle device V0And a second onboard device V1To the first vehicle-mounted device V under the condition that the identities of the vehicle-mounted devices are legal0And sending identity confirmation information.
First vehicle-mounted device V0The first receiving module 402 receives the identity confirmation message sent by the trusted authority, which is used to indicate that the trusted authority passes the second vehicle-mounted device V1The identity authentication of (1).
First vehicle-mounted device V0And after receiving the identity confirmation information sent by the trusted authority, starting to perform key agreement. First vehicle-mounted device V0To the second onboard device V by means of the negotiation module 4031Transmitting key agreement request information by the first in-vehicle device V0And generating according to a preset elliptic curve cryptographic algorithm.
Second onboard device V1Receives the first vehicle-mounted device V0After the key agreement request information is sent, whether the key agreement request information is valid is verified through a first preset verification formula, and when the key agreement request information is valid, the key agreement request information is sent to the first vehicle-mounted device V0And sending key agreement response information. First vehicle-mounted device V0Receiving the second vehicle-mounted device V through the second receiving module 4041And sending the key agreement response information.
When the key agreement request message is invalid, the second in-vehicle device V1This key agreement is terminated.
When the first vehicle-mounted device V0Receives the second onboard device V1After the key agreement response message is sent, the validity of the key agreement response message also needs to be verified, and if the key agreement response message is judged to be valid, the secret key is usedThe key generation module 405 calculates the first in-vehicle device V0And a second onboard device V1The private key of communication between.
When the key agreement response message is invalid, the first in-vehicle device V0This key agreement is terminated.
The first vehicle-mounted device provided by the embodiment of the invention firstly performs identity authentication on the vehicle-mounted device, then negotiates whether to perform key negotiation or not by judging whether the verification message is valid or not, and finally realizes bidirectional authentication and negotiates a communication private key. The privacy of the vehicle is protected and the computational overhead of the key agreement mechanism is small.
Fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present invention, and as shown in fig. 5, the electronic device includes: a processor (processor)501, a memory (memory)502, a bus 503, and computer programs stored on the memory and executable on the processor.
The processor 501 and the memory 502 complete communication with each other through a bus 503;
the processor 501 is configured to call and execute the computer program in the memory 502 to perform the steps in the above method embodiments, including:
sending identity authentication request information to a trusted authority, wherein the identity authentication request information comprises an identity identifier of a first vehicle-mounted device and an identity identifier of a second vehicle-mounted device, the first vehicle-mounted device is an initiator of key agreement, and the second vehicle-mounted device is an agreement object of the first vehicle-mounted device;
receiving identity confirmation information sent by the trusted authority, wherein the identity confirmation information is sent by the trusted authority under the condition that the identities of the first vehicle-mounted device and the second vehicle-mounted device are both legal;
sending key negotiation request information to the second vehicle-mounted device, wherein the key negotiation request information is generated by the first vehicle-mounted device according to a preset elliptic curve cryptographic algorithm;
receiving key agreement response information sent by the second vehicle-mounted device, wherein the key agreement response information is sent by the second vehicle-mounted device under the condition that the key agreement request information is verified to be valid;
and if the key negotiation response information is judged to be valid, calculating a communication private key between the first vehicle-mounted device and the second vehicle-mounted device.
In addition, the logic instructions in the memory may be implemented in the form of software functional units and may be stored in a computer readable storage medium when sold or used as a stand-alone product. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
Embodiments of the present invention provide a computer program product comprising a computer program stored on a non-transitory computer-readable storage medium, the computer program comprising program instructions which, when executed by a computer, enable the computer to perform the steps of the above-described method embodiments, for example, including:
sending identity authentication request information to a trusted authority, wherein the identity authentication request information comprises an identity identifier of a first vehicle-mounted device and an identity identifier of a second vehicle-mounted device, the first vehicle-mounted device is an initiator of key agreement, and the second vehicle-mounted device is an agreement object of the first vehicle-mounted device;
receiving identity confirmation information sent by the trusted authority, wherein the identity confirmation information is sent by the trusted authority under the condition that the identities of the first vehicle-mounted device and the second vehicle-mounted device are both legal;
sending key negotiation request information to the second vehicle-mounted device, wherein the key negotiation request information is generated by the first vehicle-mounted device according to a preset elliptic curve cryptographic algorithm;
receiving key agreement response information sent by the second vehicle-mounted device, wherein the key agreement response information is sent by the second vehicle-mounted device under the condition that the key agreement request information is verified to be valid;
and if the key negotiation response information is judged to be valid, calculating a communication private key between the first vehicle-mounted device and the second vehicle-mounted device.
An embodiment of the present invention provides a non-transitory computer-readable storage medium, on which a computer program is stored, and when the computer program is executed by a processor, the computer program implements the steps in the above method embodiments, for example, including:
sending identity authentication request information to a trusted authority, wherein the identity authentication request information comprises an identity identifier of a first vehicle-mounted device and an identity identifier of a second vehicle-mounted device, the first vehicle-mounted device is an initiator of key agreement, and the second vehicle-mounted device is an agreement object of the first vehicle-mounted device;
receiving identity confirmation information sent by the trusted authority, wherein the identity confirmation information is sent by the trusted authority under the condition that the identities of the first vehicle-mounted device and the second vehicle-mounted device are both legal;
sending key negotiation request information to the second vehicle-mounted device, wherein the key negotiation request information is generated by the first vehicle-mounted device according to a preset elliptic curve cryptographic algorithm;
receiving key agreement response information sent by the second vehicle-mounted device, wherein the key agreement response information is sent by the second vehicle-mounted device under the condition that the key agreement request information is verified to be valid;
and if the key negotiation response information is judged to be valid, calculating a communication private key between the first vehicle-mounted device and the second vehicle-mounted device.
The above-described embodiments of the apparatuses and devices are merely illustrative, where the units described as separate parts may or may not be physically separate, and the parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on multiple network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware. With this understanding in mind, the above-described technical solutions may be embodied in the form of a software product, which can be stored in a computer-readable storage medium such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods described in the embodiments or some parts of the embodiments.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.

Claims (10)

1.一种车载自组织网络的密钥协商方法,其特征在于,包括:1. a key agreement method of vehicle-mounted ad hoc network, is characterized in that, comprises: 向可信机构发送身份认证请求信息,所述身份认证请求信息中包含第一车载装置的身份标识和第二车载装置的身份标识,所述第一车载装置是密钥协商的发起方,所述第二车载装置是所述第一车载装置的协商对象;Send identity authentication request information to a trusted institution, where the identity authentication request information includes the identity of the first on-board device and the identity of the second on-board device, the first on-board device is the initiator of the key negotiation, the The second in-vehicle device is the negotiation object of the first in-vehicle device; 接收所述可信机构发送的身份确认信息,所述身份确认信息是所述可信机构在确认所述第一车载装置和所述第二车载装置的身份均合法的情况下发送的;receiving the identity confirmation information sent by the trusted institution, where the identity confirmation information is sent by the trusted institution under the condition that the identities of the first vehicle-mounted device and the second vehicle-mounted device are both legal; 向所述第二车载装置发送密钥协商请求信息,所述密钥协商请求信息由所述第一车载装置根据预设椭圆曲线密码算法生成;sending key agreement request information to the second vehicle-mounted device, where the key-agreement request information is generated by the first vehicle-mounted device according to a preset elliptic curve cryptographic algorithm; 接收所述第二车载装置发送的密钥协商响应信息,所述密钥协商响应信息是所述第二车载装置在验证所述密钥协商请求信息有效的情况下发送的;receiving key agreement response information sent by the second vehicle-mounted device, where the key agreement response information is sent by the second vehicle-mounted device under the condition of verifying that the key agreement request information is valid; 若判断获知所述密钥协商响应信息有效,则计算所述第一车载装置和所述第二车载装置之间的通信私钥。If it is determined that the key agreement response information is valid, the private key for communication between the first vehicle-mounted device and the second vehicle-mounted device is calculated. 2.根据权利要求1所述的车载自组织网络的密钥协商方法,其特征在于,所述向可信机构发送身份认证请求信息之前还包括:2. The key agreement method of the vehicle-mounted ad hoc network according to claim 1, characterized in that, before the sending the identity authentication request information to the trusted organization, the method further comprises: 接收所述可信机构广播的系统信息,以及所述第二车载装置广播的其身份标识。Receive the system information broadcasted by the trusted organization and its identity broadcasted by the second vehicle-mounted device. 3.根据权利要求2所述的车载自组织网络的密钥协商方法,其特征在于,所述系统信息包括参数E、q、P、Ppub、h0、h1和h23. The key agreement method for a vehicle-mounted ad hoc network according to claim 2, wherein the system information comprises parameters E, q, P, Ppub , h 0 , h 1 and h 2 ; 其中,Ppub=sP,E为有限域上的椭圆曲线,q为椭圆曲线上的有限循环群的阶,P为椭圆曲线上的有限循环群的生成元,Ppub为系统公钥,s为第一随机数,h0为第一哈希函数,h1为第二哈希函数,h2为第三哈希函数。Among them, P pub =sP, E is the elliptic curve on the finite field, q is the order of the finite cyclic group on the elliptic curve, P is the generator of the finite cyclic group on the elliptic curve, P pub is the system public key, s is the The first random number, h 0 is the first hash function, h 1 is the second hash function, and h 2 is the third hash function. 4.根据权利要求3所述的车载自组织网络的密钥协商方法,其特征在于,所述密钥协商请求信息包括参数ID1、PID0、R0和δ04. The key agreement method for a vehicle-mounted ad hoc network according to claim 3, wherein the key agreement request information comprises parameters ID 1 , PID 0 , R 0 and δ 0 ; 其中:in:
Figure FDA0002101422340000011
Figure FDA0002101422340000011
 R0=r0PR 0 =r 0 P δ0=f0r0 δ 0 =f 0 r 0 f0=h0(ID1,PID0,R0)f 0 =h 0 (ID 1 , PID 0 , R 0 ) PID0、R0、δ0和f0均为中间过程参数,r0为第二随机数,u0为第三随机数,ID0为第一车载装置的身份标识,ID1为第二车载装置的身份标识,P为椭圆曲线上的有限循环群的生成元,h0为第一哈希函数。PID 0 , R 0 , δ 0 and f 0 are all intermediate process parameters, r 0 is the second random number, u 0 is the third random number, ID 0 is the identity of the first on-board device, and ID 1 is the second on-board device The identification of the device, P is the generator of the finite cyclic group on the elliptic curve, and h 0 is the first hash function. 5.根据权利要求4所述的车载自组织网络的密钥协商方法,其特征在于,所述第二车载装置通过第一预设验证公式验证所述密钥协商请求信息是否有效,若所述第一预设验证公式等式成立,则所述密钥协商请求信息有效,否则无效;5. The key agreement method of the vehicle-mounted ad hoc network according to claim 4, wherein the second vehicle-mounted device verifies whether the key agreement request information is valid through a first preset verification formula, and if the If the first preset verification formula equation is established, the key agreement request information is valid, otherwise it is invalid; 所述第一预设验证公式如下:The first preset verification formula is as follows: δ0P=f0R0 δ 0 P=f 0 R 0 其中,R0、δ0和f0均为中间过程参数,P为椭圆曲线上的有限循环群的生成元。Among them, R 0 , δ 0 and f 0 are all intermediate process parameters, and P is the generator of the finite cyclic group on the elliptic curve. 6.根据权利要求5所述的车载自组织网络的密钥协商方法,其特征在于,所述密钥协商响应信息包括参数PID0、R1、δ16. The key agreement method of the vehicle-mounted ad hoc network according to claim 5, wherein the key agreement response information comprises parameters PID 0 , R 1 , δ 1 ; 其中:in:
Figure FDA0002101422340000021
Figure FDA0002101422340000021
 R1=r1PR 1 =r 1 P δ1=f1r1 δ 1 =f 1 r 1 f1=h2(PID0,ID1,SK,r1R0)f 1 =h 2 (PID 0 , ID 1 , SK, r 1 R 0 ) R0=r0PR 0 =r 0 P SK=h1(r1R0,ID1,PID0)SK=h 1 (r 1 R 0 , ID 1 , PID 0 ) PID0、R1、δ1、f1和R0均为中间过程参数,r0为第二随机数,u0为第三随机数,r1为第四随机数,ID0为第一车载装置的身份标识,ID1为第二车载装置的身份标识,P为椭圆曲线上的有限循环群的生成元,SK为第一车载装置和第二车载装置之间的通信私钥,h1为第二哈希函数,h2为第三哈希函数。PID 0 , R 1 , δ 1 , f 1 and R 0 are all intermediate process parameters, r 0 is the second random number, u 0 is the third random number, r 1 is the fourth random number, and ID 0 is the first vehicle The identity of the device, ID 1 is the identity of the second on-board device, P is the generator of the finite cyclic group on the elliptic curve, SK is the communication private key between the first on-board device and the second on-board device, and h 1 is The second hash function, h 2 is the third hash function. 7.根据权利要求6所述的车载自组织网络的密钥协商方法,其特征在于,所述计算所述第一车载装置和所述第二车载装置之间的通信私钥之前,还包括:7. The key agreement method of the vehicle-mounted ad hoc network according to claim 6, characterized in that, before calculating the communication private key between the first vehicle-mounted device and the second vehicle-mounted device, the method further comprises: 通过第二预设验证公式验证所述密钥协商响应信息是否有效,若所述第二预设验证公式等式成立,则所述密钥协商响应信息有效,否则无效;Verifying whether the key agreement response information is valid by using a second preset verification formula, if the second preset verification formula equation is established, the key agreement response information is valid, otherwise it is invalid; 所述第二预设验证公式如下:The second preset verification formula is as follows: δ1P=f1R1 δ 1 P=f 1 R 1 其中,R1、δ1和f1均为中间过程参数,P为椭圆曲线上的有限循环群的生成元。Among them, R 1 , δ 1 and f 1 are all intermediate process parameters, and P is the generator of the finite cyclic group on the elliptic curve. 8.一种第一车载装置,其特征在于,包括:8. A first vehicle-mounted device, comprising: 认证模块,用于向可信机构发送身份认证请求信息,所述身份认证请求信息中包含第一车载装置的身份标识和第二车载装置的身份标识,所述第一车载装置是密钥协商的发起方,所述第二车载装置是所述第一车载装置的协商对象;The authentication module is used to send the identity authentication request information to the trusted organization, the identity authentication request information includes the identity of the first vehicle-mounted device and the identity of the second vehicle-mounted device, the first vehicle-mounted device is key negotiated an initiator, the second vehicle-mounted device is the negotiation object of the first vehicle-mounted device; 第一接收模块,用于接收所述可信机构发送的身份确认信息,所述身份确认信息是所述可信机构在确认所述第一车载装置和所述第二车载装置的身份均合法的情况下发送的;The first receiving module is configured to receive the identity confirmation information sent by the trusted organization, the identity confirmation information is that the trusted organization confirms that the identities of the first vehicle-mounted device and the second vehicle-mounted device are legal sent under the circumstances; 协商模块,用于向所述第二车载装置发送密钥协商请求信息,所述密钥协商请求信息由所述第一车载装置根据预设椭圆曲线密码算法生成;a negotiation module, configured to send key agreement request information to the second vehicle-mounted device, where the key-agreement request information is generated by the first vehicle-mounted device according to a preset elliptic curve cryptographic algorithm; 第二接收模块,用于接收所述第二车载装置发送的密钥协商响应信息,所述密钥协商响应信息是所述第二车载装置在验证所述密钥协商请求信息有效的情况下发送的;A second receiving module, configured to receive key agreement response information sent by the second vehicle-mounted device, where the key agreement response information is sent by the second vehicle-mounted device under the condition that the key agreement request information is verified to be valid of; 密钥生成模块,用于若判断获知所述密钥协商响应信息有效,则计算所述第一车载装置和所述第二车载装置之间的通信私钥。The key generation module is configured to calculate the private key for communication between the first vehicle-mounted device and the second vehicle-mounted device if it is determined that the key agreement response information is valid. 9.一种电子设备,包括存储器、处理器,以及存储在所述存储器上并可在所述处理器上运行的计算机程序,其特征在于,所述处理器执行所述计算机程序时,实现如权利要求1至7任一项所述车载自组织网络的密钥协商方法的步骤。9. An electronic device comprising a memory, a processor, and a computer program stored on the memory and running on the processor, wherein when the processor executes the computer program, The steps of the key agreement method of the vehicle-mounted ad hoc network according to any one of claims 1 to 7. 10.一种非暂态计算机可读存储介质,其上存储有计算机程序,其特征在于,当所述计算机程序被处理器执行时,实现如权利要求1至7任一所述车载自组织网络的密钥协商方法的步骤。10. A non-transitory computer-readable storage medium on which a computer program is stored, characterized in that, when the computer program is executed by a processor, the vehicle-mounted ad hoc network according to any one of claims 1 to 7 is realized. The steps of the key agreement method.
CN201910536975.9A 2019-06-20 2019-06-20 A key agreement method for in-vehicle ad hoc networks Active CN110366176B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910536975.9A CN110366176B (en) 2019-06-20 2019-06-20 A key agreement method for in-vehicle ad hoc networks

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910536975.9A CN110366176B (en) 2019-06-20 2019-06-20 A key agreement method for in-vehicle ad hoc networks

Publications (2)

Publication Number Publication Date
CN110366176A CN110366176A (en) 2019-10-22
CN110366176B true CN110366176B (en) 2021-08-06

Family

ID=68217445

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910536975.9A Active CN110366176B (en) 2019-06-20 2019-06-20 A key agreement method for in-vehicle ad hoc networks

Country Status (1)

Country Link
CN (1) CN110366176B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111093169B (en) * 2019-12-26 2022-06-07 国汽(北京)智能网联汽车研究院有限公司 Communication establishing method and device
CN111212047B (en) * 2019-12-26 2022-03-29 国汽(北京)智能网联汽车研究院有限公司 Communication establishing method and device
CN112740733B (en) * 2020-12-24 2022-08-26 华为技术有限公司 Secure access method and device
CN113453223B (en) * 2021-06-07 2023-04-07 北京聚利科技有限公司 Key updating method, system, device, storage medium and terminal
CN114363858A (en) * 2022-03-21 2022-04-15 苏州浪潮智能科技有限公司 Conversation and registration method, system and related components of cellular internet of vehicles cooperative communication

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101123501A (en) * 2006-08-08 2008-02-13 西安电子科技大学 Method and system for WAPI authentication and key agreement
CN106027519A (en) * 2016-05-18 2016-10-12 安徽大学 Efficient condition privacy protection and security authentication method in internet of vehicles
CN108833074A (en) * 2018-04-28 2018-11-16 西安电子科技大学 Authentication system and method for vehicle ad hoc network based on homomorphic encryption

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016044202A1 (en) * 2014-09-15 2016-03-24 Sirius Xm Radio Inc. Satellite receiver option for certificate distribution
CN106559877B (en) * 2015-09-24 2019-02-26 中兴通讯股份有限公司 The sending method and device of car networking business, resource allocation method and device
CN106330910B (en) * 2016-08-25 2019-07-19 重庆邮电大学 Two-factor authentication method for strong privacy protection based on node identity and reputation in the Internet of Vehicles
CN108881176A (en) * 2018-05-28 2018-11-23 惠州市德赛西威汽车电子股份有限公司 A kind of method of secure communication between car networking terminal
CN109040285B (en) * 2018-08-24 2023-06-20 北京汽车集团有限公司 Method and device for safety authentication of vehicle-mounted network, storage medium and vehicle

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101123501A (en) * 2006-08-08 2008-02-13 西安电子科技大学 Method and system for WAPI authentication and key agreement
CN106027519A (en) * 2016-05-18 2016-10-12 安徽大学 Efficient condition privacy protection and security authentication method in internet of vehicles
CN108833074A (en) * 2018-04-28 2018-11-16 西安电子科技大学 Authentication system and method for vehicle ad hoc network based on homomorphic encryption

Also Published As

Publication number Publication date
CN110366176A (en) 2019-10-22

Similar Documents

Publication Publication Date Title
CN110366176B (en) A key agreement method for in-vehicle ad hoc networks
CN105847235B (en) Identity-based efficient anonymous batch authentication method in Internet of vehicles environment
CN106330910B (en) Two-factor authentication method for strong privacy protection based on node identity and reputation in the Internet of Vehicles
CN109922475B (en) Vehicle Authentication and Message Verification Method in Vehicle Network Environment
CN112134698B (en) A method and system for fast communication authentication method and system for Internet of Vehicles based on blockchain
CN114584976B (en) A system and method for Internet of Vehicles identity authentication based on certificateless aggregate signature
CN108322486B (en) Authentication method for multi-server architecture under Internet of vehicles cloud environment
Förster et al. PUCA: A pseudonym scheme with user-controlled anonymity for vehicular ad-hoc networks (VANET)
KR101521412B1 (en) Protocol Management System for Aggregating Massages based on certification
CN104394000A (en) Batched certification method based on pseudonym verification public key in vehicle-mounted network
CN106027233A (en) Method for designing vehicle network group negotiation communication protocol
CN107580006B (en) Vehicular ad hoc network conditionity method for secret protection based on register list
CN110071797B (en) Method for changing privacy protection authentication of internet of vehicles based on pseudonymous names of mixed contexts
CN107493165B (en) Internet of vehicles authentication and key agreement method with strong anonymity
CN109561383A (en) A kind of location privacy protection method based on dynamic assumed name exchange area
CN109640325B (en) Motorcade-oriented safety management method based on extensible contribution group key negotiation
KR101321080B1 (en) Method of message batch verification scheme using bloom filter in vanet
CN112437108A (en) Decentralized identity authentication device and method for privacy protection of Internet of vehicles
CN113852632A (en) Vehicle identity authentication method, system, device and storage medium based on SM9 algorithm
Patel et al. Vehiclechain: Blockchain-based vehicular data transmission scheme for smart city
JP2021528935A (en) Decentralized authentication method
CN115379418B (en) An authentication method suitable for secure communication and conditional privacy protection in vehicular ad hoc networks
CN110166445A (en) A kind of the secret protection anonymous authentication and cryptographic key negotiation method of identity-based
CN113839782B (en) Light-weight safe communication method for CAN (controller area network) bus in vehicle based on PUF (physical unclonable function)
CN109379372B (en) A conditional anonymous authentication method without certificate and signature for VANET

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant