一种高效、可撤销的基于puf的vanet V2R互通信安全认证方案

IF 8.9 1区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Internet of Things Journal Pub Date : 2025-07-03 DOI:10.1109/JIOT.2025.3585643

Jiping Li;Jing Chen;Yining Liu;Shouyin Liu;Yuanyuan Zhang

{"title":"一种高效、可撤销的基于puf的vanet V2R互通信安全认证方案","authors":"Jiping Li;Jing Chen;Yining Liu;Shouyin Liu;Yuanyuan Zhang","doi":"10.1109/JIOT.2025.3585643","DOIUrl":null,"url":null,"abstract":"In vehicular ad hoc networks (VANETs), vehicles and roadside units (RSUs) utilize open wireless channels to exchange safety-critical data, facilitating real-time decision-making for enhanced road safety and traffic management efficiency in intelligent transportation systems (ITSs). However, the openness of these channels exposes them to various security threats. Malicious adversaries may impersonate RSUs to forge and distribute harmful commands, manipulating vehicular behavior, or masquerade as legitimate vehicles to bypass authentication protocols and gain unauthorized access. Such attacks jeopardize the security and functionality of the VANETs, underscoring the necessity of robust mutual authentication between vehicles and RSUs. Existing centralized trust authority (TA)-dependent schemes for vehicle-to-RSU (V2R) authentication incur high-computational overhead, introduce authentication latency, and cause a single point of failure, particularly in dense traffic scenarios. To address these challenges, we propose efficient, revocable authentication scheme with session key negotiation (ERAS2KN), an efficient and revocable authentication scheme with session key negotiation. By integrating physical unclonable functions (PUFs) with lightweight cryptography, such as one-way hash functions, bitwise <sc>xor</small>, and symmetric encryption, ERAS2KN enables rapid mutual authentication and secure session key establishment. Comprehensive security analysis, including informal evaluation, formal security proof based on the real-or-random (RoR) model, and automated validation using AVISPA, confirms ERAS2KN’s resilience against vehicle impersonation, eavesdropping, vehicle/RSU compromise, man-in-the-middle, and other advance attacks. Performance evaluations demonstrate that ERAS2KN surpasses existing schemes by delivering enhanced security features while achieving the lowest computational overhead, communication overhead, and energy consumption cost, making it ideal for high-density VANETs environments.","PeriodicalId":54347,"journal":{"name":"IEEE Internet of Things Journal","volume":"12 18","pages":"37974-37987"},"PeriodicalIF":8.9000,"publicationDate":"2025-07-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"An Efficient and Revocable PUF-Based Authentication Scheme for Secure V2R Mutual Communication in VANETs\",\"authors\":\"Jiping Li;Jing Chen;Yining Liu;Shouyin Liu;Yuanyuan Zhang\",\"doi\":\"10.1109/JIOT.2025.3585643\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In vehicular ad hoc networks (VANETs), vehicles and roadside units (RSUs) utilize open wireless channels to exchange safety-critical data, facilitating real-time decision-making for enhanced road safety and traffic management efficiency in intelligent transportation systems (ITSs). However, the openness of these channels exposes them to various security threats. Malicious adversaries may impersonate RSUs to forge and distribute harmful commands, manipulating vehicular behavior, or masquerade as legitimate vehicles to bypass authentication protocols and gain unauthorized access. Such attacks jeopardize the security and functionality of the VANETs, underscoring the necessity of robust mutual authentication between vehicles and RSUs. Existing centralized trust authority (TA)-dependent schemes for vehicle-to-RSU (V2R) authentication incur high-computational overhead, introduce authentication latency, and cause a single point of failure, particularly in dense traffic scenarios. To address these challenges, we propose efficient, revocable authentication scheme with session key negotiation (ERAS2KN), an efficient and revocable authentication scheme with session key negotiation. By integrating physical unclonable functions (PUFs) with lightweight cryptography, such as one-way hash functions, bitwise <sc>xor</small>, and symmetric encryption, ERAS2KN enables rapid mutual authentication and secure session key establishment. Comprehensive security analysis, including informal evaluation, formal security proof based on the real-or-random (RoR) model, and automated validation using AVISPA, confirms ERAS2KN’s resilience against vehicle impersonation, eavesdropping, vehicle/RSU compromise, man-in-the-middle, and other advance attacks. Performance evaluations demonstrate that ERAS2KN surpasses existing schemes by delivering enhanced security features while achieving the lowest computational overhead, communication overhead, and energy consumption cost, making it ideal for high-density VANETs environments.\",\"PeriodicalId\":54347,\"journal\":{\"name\":\"IEEE Internet of Things Journal\",\"volume\":\"12 18\",\"pages\":\"37974-37987\"},\"PeriodicalIF\":8.9000,\"publicationDate\":\"2025-07-03\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Internet of Things Journal\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://ieeexplore.ieee.org/document/11068146/\",\"RegionNum\":1,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Internet of Things Journal","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/11068146/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

在车辆特设网络（vanet）中，车辆和路边单元（rsu）利用开放的无线通道交换安全关键数据，促进实时决策，以提高智能交通系统（ITSs）的道路安全和交通管理效率。然而，这些通道的开放性使它们暴露在各种安全威胁之下。恶意攻击者可能冒充rsu伪造和分发有害命令，操纵车辆行为，或伪装成合法车辆绕过身份验证协议并获得未经授权的访问。此类攻击危及vanet的安全性和功能，强调了车辆和rsu之间强大的相互认证的必要性。现有的车辆到rsu （V2R）身份验证依赖于中心化信任机构（TA）的方案会产生高计算开销，引入身份验证延迟，并导致单点故障，特别是在密集的交通场景中。为了解决这些挑战，我们提出了高效、可撤销的会话密钥协商认证方案（ERAS2KN），这是一种高效、可撤销的会话密钥协商认证方案。ERAS2KN通过将物理不可克隆功能（puf）与单向哈希函数、按位xor和对称加密等轻量级加密技术相结合，实现了快速的相互认证和安全的会话密钥建立。全面的安全分析，包括非正式评估、基于real-or-random （RoR）模型的正式安全证明，以及使用AVISPA的自动验证，证实了ERAS2KN在抵御车辆冒充、窃听、车辆/RSU入侵、中间人攻击和其他高级攻击方面的弹性。性能评估表明，ERAS2KN通过提供增强的安全功能超越现有方案，同时实现最低的计算开销、通信开销和能耗成本，使其成为高密度vanet环境的理想选择。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

An Efficient and Revocable PUF-Based Authentication Scheme for Secure V2R Mutual Communication in VANETs

In vehicular ad hoc networks (VANETs), vehicles and roadside units (RSUs) utilize open wireless channels to exchange safety-critical data, facilitating real-time decision-making for enhanced road safety and traffic management efficiency in intelligent transportation systems (ITSs). However, the openness of these channels exposes them to various security threats. Malicious adversaries may impersonate RSUs to forge and distribute harmful commands, manipulating vehicular behavior, or masquerade as legitimate vehicles to bypass authentication protocols and gain unauthorized access. Such attacks jeopardize the security and functionality of the VANETs, underscoring the necessity of robust mutual authentication between vehicles and RSUs. Existing centralized trust authority (TA)-dependent schemes for vehicle-to-RSU (V2R) authentication incur high-computational overhead, introduce authentication latency, and cause a single point of failure, particularly in dense traffic scenarios. To address these challenges, we propose efficient, revocable authentication scheme with session key negotiation (ERAS2KN), an efficient and revocable authentication scheme with session key negotiation. By integrating physical unclonable functions (PUFs) with lightweight cryptography, such as one-way hash functions, bitwise xor, and symmetric encryption, ERAS2KN enables rapid mutual authentication and secure session key establishment. Comprehensive security analysis, including informal evaluation, formal security proof based on the real-or-random (RoR) model, and automated validation using AVISPA, confirms ERAS2KN’s resilience against vehicle impersonation, eavesdropping, vehicle/RSU compromise, man-in-the-middle, and other advance attacks. Performance evaluations demonstrate that ERAS2KN surpasses existing schemes by delivering enhanced security features while achieving the lowest computational overhead, communication overhead, and energy consumption cost, making it ideal for high-density VANETs environments.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

IEEE Internet of Things Journal Computer Science-Information Systems

CiteScore

17.60

自引率

13.20%

发文量

1982

期刊介绍： The EEE Internet of Things (IoT) Journal publishes articles and review articles covering various aspects of IoT, including IoT system architecture, IoT enabling technologies, IoT communication and networking protocols such as network coding, and IoT services and applications. Topics encompass IoT's impacts on sensor technologies, big data management, and future internet design for applications like smart cities and smart homes. Fields of interest include IoT architecture such as things-centric, data-centric, service-oriented IoT architecture; IoT enabling technologies and systematic integration such as sensor technologies, big sensor data management, and future Internet design for IoT; IoT services, applications, and test-beds such as IoT service middleware, IoT application programming interface (API), IoT application design, and IoT trials/experiments; IoT standardization activities and technology development in different standard development organizations (SDO) such as IEEE, IETF, ITU, 3GPP, ETSI, etc.