A novel blockchain-based anonymous roaming authentication scheme for VANET

IF 3.8 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications Pub Date : 2024-11-26 DOI:10.1016/j.jisa.2024.103922

Xingxing Chen , Qingfeng Cheng , Weidong Yang , Xiangyang Luo

{"title":"A novel blockchain-based anonymous roaming authentication scheme for VANET","authors":"Xingxing Chen , Qingfeng Cheng , Weidong Yang , Xiangyang Luo","doi":"10.1016/j.jisa.2024.103922","DOIUrl":null,"url":null,"abstract":"<div><div>With the widespread application of vehicular ad-hoc networks, ensuring secure and seamless cross-regional roaming for mobile users and obtaining corresponding services has become a focal point. However, designing an efficient and secure roaming authentication protocol is challenging due to the confidentiality and privacy issues that data transmission during the roaming authentication process may cause and the limited computational capabilities of mobile devices. Researchers have proposed many security-oriented schemes to address this thorny challenge. However, many state-of-the-art schemes need help meeting various security requirements and facing privacy leakage and single points of failure. Recently, Xue et al. proposed a distributed authentication scheme for roaming services in mobile vehicular networks based on smart contracts. Regrettably, it is noted that their scheme is vulnerable to ephemeral key leakage attacks. Further, we present a blockchain-based anonymous roaming authentication scheme called BARA, which changes how session keys are generated and significantly reduces on-chain storage costs using probabilistic data structure techniques. We utilize Scyther and Burrows–Abadi–Needham (BAN) logic to prove the security of BARA and compare it with similar protocols in terms of computation, communication, and revocation check. The analysis results demonstrate that BARA achieves a good balance between security performance and execution efficiency.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"88 ","pages":"Article 103922"},"PeriodicalIF":3.8000,"publicationDate":"2024-11-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Security and Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214212624002242","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

With the widespread application of vehicular ad-hoc networks, ensuring secure and seamless cross-regional roaming for mobile users and obtaining corresponding services has become a focal point. However, designing an efficient and secure roaming authentication protocol is challenging due to the confidentiality and privacy issues that data transmission during the roaming authentication process may cause and the limited computational capabilities of mobile devices. Researchers have proposed many security-oriented schemes to address this thorny challenge. However, many state-of-the-art schemes need help meeting various security requirements and facing privacy leakage and single points of failure. Recently, Xue et al. proposed a distributed authentication scheme for roaming services in mobile vehicular networks based on smart contracts. Regrettably, it is noted that their scheme is vulnerable to ephemeral key leakage attacks. Further, we present a blockchain-based anonymous roaming authentication scheme called BARA, which changes how session keys are generated and significantly reduces on-chain storage costs using probabilistic data structure techniques. We utilize Scyther and Burrows–Abadi–Needham (BAN) logic to prove the security of BARA and compare it with similar protocols in terms of computation, communication, and revocation check. The analysis results demonstrate that BARA achieves a good balance between security performance and execution efficiency.

查看原文本刊更多论文

基于区块链的新型 VANET 匿名漫游认证方案

随着车载 ad-hoc 网络的广泛应用，确保移动用户安全、无缝地跨区域漫游并获得相应服务已成为一个焦点。然而，由于漫游认证过程中的数据传输可能会引起保密和隐私问题，而且移动设备的计算能力有限，因此设计一种高效、安全的漫游认证协议具有挑战性。研究人员提出了许多以安全为导向的方案来应对这一棘手的挑战。然而，许多最先进的方案需要帮助才能满足各种安全要求，并面临隐私泄露和单点故障的问题。最近，Xue 等人提出了一种基于智能合约的移动车载网络漫游服务分布式身份验证方案。遗憾的是，他们的方案容易受到短暂密钥泄漏攻击。此外，我们还提出了一种名为 BARA 的基于区块链的匿名漫游身份验证方案，它改变了会话密钥的生成方式，并利用概率数据结构技术显著降低了链上存储成本。我们利用Scyther和Burrows-Abadi-Needham（BAN）逻辑证明了BARA的安全性，并在计算、通信和撤销检查方面与类似协议进行了比较。分析结果表明，BARA 在安全性能和执行效率之间实现了良好的平衡。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Information Security and Applications Computer Science-Computer Networks and Communications

CiteScore

10.90

自引率

5.40%

发文量

206

审稿时长

56 days

期刊介绍： Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.