Two-phase authentication for secure vehicular digital twin communications

IF 4.4 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Networks Pub Date : 2025-07-12 DOI:10.1016/j.comnet.2025.111514

Xinwei Zhang , Chengzhe Lai , Guanjie Li , Dong Zheng

{"title":"Two-phase authentication for secure vehicular digital twin communications","authors":"Xinwei Zhang , Chengzhe Lai , Guanjie Li , Dong Zheng","doi":"10.1016/j.comnet.2025.111514","DOIUrl":null,"url":null,"abstract":"<div><div>With the continuous development and advancement of autonomous vehicle, vehicular digital twin (VDT) has emerged as a new paradigm that facilitates real-time vehicle data analysis and enhances communication efficiency. To mitigate potential security issues in communication between vehicles and digital twins, ensuring the safety of physical vehicle operation, this paper proposes a two-phase authentication for secure VDT communication. The proposed scheme guarantees both the protection of user and vehicle identities and the security of data transmission. In the first phase, authentication is performed based on the vehicle owner’s ID, password, and biometric identifiers to verify vehicle ownership. The second phase involves the issuance of agent authorizations and signatures by the trusted authority (TA) and the generation of proxy private keys by the vehicle and its twin. Mutual authentication through the exchange of information and signatures ensures the legitimacy of both parties’ identities. The correctness of the proposed protocol is verified through BAN logic and formal security validation using the AVISPA. Finally, the performance and security evaluations demonstrate that the proposed scheme achieves strong anonymity and effectively balances computational and communication overhead. It successfully resists replay and forgery attacks, ensuring robust security. Compared to representative existing schemes, our protocol reduces computation cost in the user authentication phase by up to 36.4% and communication overhead by 67.3%. In the vehicle authentication phase, it achieves over 82% reduction in computation and 39.8%reduction in communication overhead, while preserving comprehensive security guarantees.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"270 ","pages":"Article 111514"},"PeriodicalIF":4.4000,"publicationDate":"2025-07-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Networks","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1389128625004815","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

With the continuous development and advancement of autonomous vehicle, vehicular digital twin (VDT) has emerged as a new paradigm that facilitates real-time vehicle data analysis and enhances communication efficiency. To mitigate potential security issues in communication between vehicles and digital twins, ensuring the safety of physical vehicle operation, this paper proposes a two-phase authentication for secure VDT communication. The proposed scheme guarantees both the protection of user and vehicle identities and the security of data transmission. In the first phase, authentication is performed based on the vehicle owner’s ID, password, and biometric identifiers to verify vehicle ownership. The second phase involves the issuance of agent authorizations and signatures by the trusted authority (TA) and the generation of proxy private keys by the vehicle and its twin. Mutual authentication through the exchange of information and signatures ensures the legitimacy of both parties’ identities. The correctness of the proposed protocol is verified through BAN logic and formal security validation using the AVISPA. Finally, the performance and security evaluations demonstrate that the proposed scheme achieves strong anonymity and effectively balances computational and communication overhead. It successfully resists replay and forgery attacks, ensuring robust security. Compared to representative existing schemes, our protocol reduces computation cost in the user authentication phase by up to 36.4% and communication overhead by 67.3%. In the vehicle authentication phase, it achieves over 82% reduction in computation and 39.8%reduction in communication overhead, while preserving comprehensive security guarantees.

查看原文本刊更多论文

安全车辆数字孪生通信的两阶段认证

随着自动驾驶汽车的不断发展和进步，车辆数字孪生技术（vehicle digital twin， VDT）作为一种新的模式应运而生，它有助于实时分析车辆数据，提高通信效率。为了缓解车辆与数字孪生体通信中存在的安全隐患，确保车辆物理运行安全，本文提出了一种安全VDT通信的两阶段认证方法。该方案既保证了用户和车辆身份的保护，又保证了数据传输的安全性。在第一阶段，根据车主的ID、密码和生物识别标识符执行身份验证，以验证车辆所有权。第二阶段涉及由可信机构（TA）颁发代理授权和签名，以及由车辆及其孪生体生成代理私钥。通过交换信息和签名进行相互认证，保证了双方身份的合法性。通过BAN逻辑和AVISPA的形式化安全验证验证了协议的正确性。最后，性能和安全性评估表明，该方案实现了强匿名性，有效地平衡了计算和通信开销。它成功地抵御了重放和伪造攻击，确保了强大的安全性。与代表性的现有方案相比，我们的协议将用户认证阶段的计算成本降低了36.4%，通信开销降低了67.3%。在车辆认证阶段，计算量减少82%以上，通信开销减少39.8%，同时保持全面的安全保障。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computer Networks 工程技术-电信学

CiteScore

10.80

自引率

3.60%

发文量

434

审稿时长

8.6 months

期刊介绍： Computer Networks is an international, archival journal providing a publication vehicle for complete coverage of all topics of interest to those involved in the computer communications networking area. The audience includes researchers, managers and operators of networks as well as designers and implementors. The Editorial Board will consider any material for publication that is of interest to those groups.