[go: up one dir, main page]

CN109996215A - A kind of multi-path communications method based on privacy sharing under vehicular ad hoc network network environment - Google Patents

A kind of multi-path communications method based on privacy sharing under vehicular ad hoc network network environment Download PDF

Info

Publication number
CN109996215A
CN109996215A CN201910254544.3A CN201910254544A CN109996215A CN 109996215 A CN109996215 A CN 109996215A CN 201910254544 A CN201910254544 A CN 201910254544A CN 109996215 A CN109996215 A CN 109996215A
Authority
CN
China
Prior art keywords
node
key
path
target node
secret sharing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910254544.3A
Other languages
Chinese (zh)
Inventor
沈剑
董昳晖
戚荣鑫
冯孟
苗田田
刘帅
蒋玲红
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing University of Information Science and Technology
Original Assignee
Nanjing University of Information Science and Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing University of Information Science and Technology filed Critical Nanjing University of Information Science and Technology
Priority to CN201910254544.3A priority Critical patent/CN109996215A/en
Publication of CN109996215A publication Critical patent/CN109996215A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/12Shortest path evaluation
    • H04L45/128Shortest path evaluation for finding disjoint paths
    • H04L45/1283Shortest path evaluation for finding disjoint paths with disjoint links
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • H04W4/48Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P] for in-vehicle communication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

本发明是一种车载自组网络环境下基于秘密共享的多路径通信方法,利用拉丁方阵找到起始节点与目标节点间多条不相交路径,再利用秘密共享将对称加密密钥分成多个子密钥。同时,加密后的消息也分成多个部分,并为每个子密钥生成等量承诺以支持容错性,同时选取当前时间戳以抵抗重放攻击。加密后的子密钥与密文、承诺通过各条路径共同传送至目标节点。目标节点利用子密钥重构出密钥,并使用密钥解密密文得到原始消息。该种通信方法极大降低了网络负载,提高了信息传输效率,同时还具有稳定性好、不易被攻击或窃取隐私数据的特点。该种通信方法还具有较高的容错性,即使在网络拥挤、流量限制、节点设备损坏等不稳定因素发生时,也能够提供正常的服务。

The invention is a multi-path communication method based on secret sharing under the vehicle-mounted ad hoc network environment. The Latin square matrix is used to find multiple disjoint paths between the starting node and the target node, and then the secret sharing is used to divide the symmetric encryption key into multiple sub-systems. key. At the same time, the encrypted message is also divided into multiple parts, and an equal amount of commitment is generated for each subkey to support fault tolerance, while the current timestamp is selected to resist replay attacks. The encrypted subkey, ciphertext, and commitment are jointly transmitted to the target node through various paths. The target node uses the subkey to reconstruct the key, and uses the key to decrypt the ciphertext to obtain the original message. This communication method greatly reduces the network load, improves the information transmission efficiency, and also has the characteristics of good stability, and it is not easy to be attacked or steal private data. This communication method also has high fault tolerance, and can provide normal services even when unstable factors such as network congestion, traffic restrictions, and node equipment damage occur.

Description

一种车载自组网络环境下基于秘密共享的多路径通信方法A multi-path communication method based on secret sharing in vehicle-mounted ad hoc network environment

技术领域technical field

本发明属于机器人通讯技术领域,具体的说是一种车载自组网络环境下基于秘密共享的多路径通信方法。The invention belongs to the technical field of robot communication, in particular to a multi-path communication method based on secret sharing in a vehicle-mounted ad hoc network environment.

背景技术Background technique

近年来,车辆普及率大幅度提高,致使道路上的车辆数量不断增加,道路拥挤、行驶安全、环境污染等相关问题日益严重,极大地影响了人们的正常出行。因此,需要一种实现车辆之间相互通信的新型技术,为现代道路交通提供安全与便利。出于种种需求,车载自组网络(Vehicular Ad-hoc Network,简称为VANET)应运而生。VANET是一种由车载节点、道路基础设施和服务器组成的自组多跳通信网络,为驾驶员提供智能化交通信息服务。在VANET中,行驶在道路中的车辆可视为移动节点,位于道路旁被称作路侧单元(Road SideUnit,简称为RSU)的道路基础设施可视为静止节点。每辆车安装有车载单元(On BoardUnit,简称为OBU),使其能与外界进行信息的交互。VANET中的通信模式可分为车辆与车辆(Vehicle to Vehicle,简称为V2V)之间的通信以及车辆与基础设施(Vehicle toInfrastructure,简称为V2I)两部分。V2V通信模式可使车辆将其采集到的信息数据发送至范围内其他车辆,也可作为中继节点,将从上一车辆节点接收到的信息发送至下一车辆节点。车辆获得的信息通过处理设备进行相应处理,为驾驶人员提供安全顺畅的行车条件。V2I通信模式实现了车辆与RSU之间信息的传递,使得小范围内车辆采集的信息可集中与RSU,并通过RSU上传至服务器,实现全网范围内道路情况的分析及交通的统一管理。In recent years, the penetration rate of vehicles has increased significantly, resulting in a continuous increase in the number of vehicles on the road, and related problems such as road congestion, driving safety, and environmental pollution have become increasingly serious, which greatly affects people's normal travel. Therefore, there is a need for a new type of technology that enables vehicles to communicate with each other to provide safety and convenience for modern road traffic. Due to various demands, the Vehicular Ad-hoc Network (VANET for short) emerges as the times require. VANET is an ad-hoc multi-hop communication network composed of on-board nodes, road infrastructure and servers, providing intelligent traffic information services for drivers. In VANET, a vehicle driving on a road can be regarded as a mobile node, and a road infrastructure called a Road Side Unit (RSU) located beside the road can be regarded as a stationary node. Each vehicle is installed with an On Board Unit (OBU for short), which enables it to exchange information with the outside world. The communication mode in VANET can be divided into two parts: vehicle to vehicle (V2V for short) communication and vehicle to infrastructure (V2I for short). The V2V communication mode enables the vehicle to send the information data it has collected to other vehicles within the range, and can also act as a relay node to send the information received from the previous vehicle node to the next vehicle node. The information obtained by the vehicle is processed correspondingly through the processing equipment to provide drivers with safe and smooth driving conditions. The V2I communication mode realizes the transmission of information between the vehicle and the RSU, so that the information collected by the vehicle in a small area can be centralized with the RSU, and uploaded to the server through the RSU, so as to realize the analysis of road conditions and unified traffic management in the whole network.

然而车载自组网络在为人们带来便利的同时,面临着较多通信安全与传输效率方面的挑战。VANET中传输的信息通常包含有用户相关隐私信息,若通信过程中信息被攻击者获取,将极大侵犯用户的隐私。早期的VANET对用户隐私安全方面的考虑并不全面,隐私数据难以得到较好的保护。此外,车辆在道路上具有较快的行驶速度,导致VANET中信息的传递时间较短。因此如不能有效地解决传输效率问题,消息将无法及时传送至下一节点,影响VANET的正常运行。针对上述问题,一些专家学者提出了相应的解决方案。现有较多方案使用数字签名技术保证消息的安全性,使用对称密码、批量认证等方式提高通信效率。然而这些方案仅通过一条路径对消息进行传输,无法满足实时性需求,且传输过程仍易受到敌手的攻击和破坏。此外,系统容错率较低,无法有效抵抗网络拥挤、设备故障等不稳定因素的产生。However, in-vehicle ad hoc networks bring convenience to people, but they also face many challenges in terms of communication security and transmission efficiency. The information transmitted in VANET usually contains user-related private information. If the information is obtained by the attacker during the communication process, the user's privacy will be greatly violated. In the early VANET, the consideration of user privacy and security was not comprehensive, and it was difficult for private data to be well protected. In addition, the vehicle has a faster driving speed on the road, resulting in a shorter transfer time of information in VANET. Therefore, if the transmission efficiency problem cannot be effectively solved, the message will not be transmitted to the next node in time, which will affect the normal operation of the VANET. In response to the above problems, some experts and scholars have proposed corresponding solutions. Many existing schemes use digital signature technology to ensure the security of messages, and use symmetric encryption, batch authentication and other methods to improve communication efficiency. However, these schemes only transmit messages through one path, which cannot meet the real-time requirements, and the transmission process is still vulnerable to the attack and destruction of adversaries. In addition, the system has a low fault tolerance rate and cannot effectively resist the generation of unstable factors such as network congestion and equipment failure.

发明内容SUMMARY OF THE INVENTION

本发明要解决的技术问题是提供一种车载自组网络环境下基于秘密共享的多路径通信方法,具有时效性高、传输信息过程中能够抵抗攻击且具有高容错性的特性。The technical problem to be solved by the present invention is to provide a multi-path communication method based on secret sharing in a vehicle-mounted ad hoc network environment, which has the characteristics of high timeliness, resistance to attacks during information transmission and high fault tolerance.

为解决上述技术问题,本发明采用的技术方案为:In order to solve the above-mentioned technical problems, the technical scheme adopted in the present invention is:

一种车载自组网络环境下基于秘密共享的多路径通信方法,其特征是:利用拉丁方阵找到起始节点与目标节点间多条不相交路径,再利用秘密共享将对称加密密钥分成多个子密钥;加密后的消息也分成多个部分,并为每个子密钥生成等量承诺以支持容错性;加密后的子密钥与密文、承诺通过各条路径共同传送至目标节点;目标节点利用子密钥重构出密钥,并使用密钥解密密文得到原始消息。具体步骤如下:A multi-path communication method based on secret sharing in a vehicle-mounted ad hoc network environment, which is characterized in that: using a Latin square matrix to find multiple disjoint paths between a starting node and a target node, and then using secret sharing to divide a symmetric encryption key into multiple A subkey; the encrypted message is also divided into multiple parts, and an equal amount of commitment is generated for each subkey to support fault tolerance; the encrypted subkey, ciphertext, and commitment are jointly transmitted to the target node through various paths; The target node uses the subkey to reconstruct the key, and uses the key to decrypt the ciphertext to obtain the original message. Specific steps are as follows:

步骤1,构造拉丁方阵:基于逻辑传输路径中不同元素的个数构造拉丁方阵;Step 1, construct a Latin square matrix: construct a Latin square matrix based on the number of different elements in the logical transmission path;

步骤2,确定传输路径:根据拉丁方阵、逻辑传输路径和两个动态操作集合确定起始节点与目标节点之间的多条不相交传输路径;Step 2, determine the transmission path: determine multiple disjoint transmission paths between the start node and the target node according to the Latin square matrix, the logical transmission path and the two dynamic operation sets;

步骤3,秘密共享初始化:利用RSA密码算法为每个节点分配一组公钥对和私钥对;同时为每条路径选取一个非零随机数用于标记相应路径;Step 3, secret sharing initialization: use the RSA cryptographic algorithm to assign a set of public key pair and private key pair to each node; at the same time, select a non-zero random number for each path to mark the corresponding path;

步骤4,子密钥生成:选取一个一元多项式,常数项为加密消息的对称加密密钥;通过此多项式为每条路径生成一个子密钥;Step 4, sub-key generation: select a univariate polynomial, and the constant term is the symmetric encryption key of the encrypted message; generate a sub-key for each path through this polynomial;

步骤5,秘密共享:使用对称加密对原始消息进行加密后,将密文同样分成多个部分,每部分对应一条路径;针对每个子密钥计算一个承诺,用于支持容错性;为在公开信道中传输数据,使用目标节点的公钥加密子密钥,同时选取当前时间戳以抵抗重放攻击,并通过密码学单向哈希函数保证传输数据的有效性;得到的相应数据通过各条路径从起始节点传输至目标节点;Step 5, secret sharing: After encrypting the original message using symmetric encryption, the ciphertext is also divided into multiple parts, each part corresponds to a path; a commitment is calculated for each subkey to support fault tolerance; To transmit data, use the public key of the target node to encrypt the sub-key, select the current timestamp to resist replay attacks, and use the cryptographic one-way hash function to ensure the validity of the transmitted data; The start node transmits to the target node;

步骤6,认证:接收到各条路径传来的数据后,目标节点首先获取当前时间戳,根据系统实际需求对容忍范围的限制验证收到数据中时间戳的有效性;验证成功后,目标节点使用自身私钥解密获得子密钥,并通过检查哈希值验证承诺的有效性;随后,目标节点使用承诺判断子密钥的有效性;若子密钥无效,则进行步骤7中的错误检测;若子密钥有效,则跳过步骤7;Step 6, authentication: after receiving the data from each path, the target node first obtains the current timestamp, and verifies the validity of the timestamp in the received data according to the actual system requirements on the tolerance range limit; after the verification is successful, the target node Use its own private key to decrypt to obtain the sub-key, and verify the validity of the promise by checking the hash value; then, the target node uses the promise to judge the validity of the sub-key; if the sub-key is invalid, perform the error detection in step 7; If the subkey is valid, skip step 7;

步骤7,错误检测:若验证成功的子密钥数量没有达到规定要求,目标节点将向起始节点发送一份错误报告;起始节点对收到的错误报告进行有效性验证,并通过正确传输数据的路径向目标节点返回信息;目标节点验证返回信息的有效性。若起始节点没有在规定时间内返回消息或者目标节点验证失败的次数超过一个特定值,则认为起始节点为恶意节点并终止与起始节点的通信;Step 7, error detection: if the number of successfully verified subkeys does not meet the specified requirements, the target node will send an error report to the starting node; the starting node will verify the validity of the received error report and transmit it correctly. The data path returns information to the target node; the target node verifies the validity of the returned information. If the originating node does not return a message within the specified time or the number of failed verifications of the target node exceeds a certain value, the originating node is considered a malicious node and the communication with the originating node is terminated;

步骤8,密钥重构:目标节点利用不少于门限值数量的路径传来的有效子密钥重构出对称密钥,并对密文进行解密获得原始消息。Step 8, key reconstruction: the target node reconstructs the symmetric key by using the valid sub-keys transmitted by the number of paths not less than the threshold value, and decrypts the ciphertext to obtain the original message.

以2-CN网络作为通信模型,将2-CN网络模型化为无向图G(n,±d1,±d2,...,±dm),其中n为图中节点个数,分别以1,2,...,n表示,±d1至±dm分别表示无向图中每个节点与相邻2m个节点的距离,且此时存在2m个最短且节点不相交路径,令LTP(S,E,SE)为逻辑传输路径,代表通过操作序列SE从起始节点S至目标节点E的逻辑路径,其中操作序列SE={d1,d2,...,dj}是{±d1,±d2,...,±dm}的一个子集;基于无向图G(n,±d1,±d2,...,±dm)的定义,每个节点都有2m个邻节点,为找到2m个节点不相交路径,第一个操作的集合为FO={±d1,±d2,...,±dm},最后一个操作的集合为LO。Taking the 2-CN network as the communication model, the 2-CN network is modeled as an undirected graph G(n,±d 1 ,±d 2 ,...,±d m ), where n is the number of nodes in the graph, are represented by 1, 2, ..., n respectively, and ±d 1 to ±d m represent the distance between each node and the adjacent 2m nodes in the undirected graph, respectively, and At this time, there are 2m shortest and node-disjoint paths, let LTP(S, E, SE) be the logical transmission path, representing the logical path from the starting node S to the target node E through the operation sequence SE, where the operation sequence SE={ d 1 ,d 2 ,...,d j } is a subset of {±d 1 ,±d 2 ,...,±d m }; based on the undirected graph G(n,±d 1 ,±d 2 ,...,±d m ), each node has 2m adjacent nodes, in order to find the disjoint path of 2m nodes, the first set of operations is FO={±d 1 ,±d 2 , ...,±d m }, the set of last operations is LO.

所述的步骤1中构造拉丁方阵的具体步骤如下:基于SE中不同元素的数量构造拉丁方阵,令FO=LO={±d1,±d2,...,±dm},SE中不同元素的数量为,首先将d1,d2,...,dj′作为拉丁方阵第一行元素,随后的j′-1行都以上一行为基准,并将上一行中的首元素移动至末尾,其他元素顺序向前移一位,最终形成一个j′×j′拉丁方阵。The specific steps of constructing the Latin square matrix in the said step 1 are as follows: constructing the Latin square matrix based on the number of different elements in SE, let FO=LO={±d 1 ,±d 2 ,...,±d m }, The number of different elements in SE is, firstly take d 1 , d 2 ,..., d j' as the first row element of the Latin square matrix, and the subsequent j'-1 rows are all based on the previous row, and put the elements in the previous row The first element of is moved to the end, and the other elements are moved forward one place in sequence, and finally a j'×j' Latin square matrix is formed.

所述的步骤2中确定传输路径的具体步骤如下:将SE中余下的j-j′个元素插入拉丁方阵中每一行的中间,得到j′条节点不相交路径,并除去FO和LO中与SE相同的元素;The specific steps of determining the transmission path in the said step 2 are as follows: insert the remaining j-j' elements in SE into the middle of each row in the Latin square matrix to obtain j' node disjoint paths, and remove the FO and LO with SE. the same element;

对于集合FO中包含成对的正向和反向操作d′和-d′,则从已有j′条路径中随机挑选一条Pi,0<i≤j′,将两个操作添加到原有操作最前方和最后方,得到两条新的路径d′||{Pi}||-d′和-d′||{Pi}||d′,并在FO和LO中除去d′和-d′;由于在图G(n,±d1,±d2,...,±dm)中对任一节点同时执行的正向和反向操作可相互抵消,因此可正确得到新路径;For the set FO that contains pairs of forward and reverse operations d' and -d', randomly select a P i from the existing j' paths, 0<i≤j', and add the two operations to the original There are two new paths d'||{P i }||-d' and -d'||{P i }||d', and remove d in FO and LO ' and -d'; since the forward and reverse operations performed simultaneously on any node in the graph G(n,±d 1 ,±d 2 ,...,±d m ) can cancel each other out, the correct get new path;

对于FO中剩余的单个操作将其同时添加到原有操作最前方和最后方;为保证路径可到达目标节点E,需将两个反向操作添加至操作中间,即 For the remaining single operations in FO Add it to the front and back of the original operation at the same time; in order to ensure that the path can reach the target node E, it is necessary to reverse the two operations added to the middle of the operation, i.e.

所述的操作基于{±d1,±d2,...,±dm}进行合并以保证最小化,若中的子集{d1,d2,...,db}满足d1+d2+...+db=dc,则用dc代替{d1,d2,...,db}使得构造的路径最短,从而得到新路径并在FO和LO中除去 the described operation Merge based on {±d 1 , ±d 2 ,...,±d m } to guarantee minimization, if The subsets in {d 1 ,d 2 ,...,d b } satisfy d 1 +d 2 +...+d b =d c , then replace { d 1 ,d 2 ,... ,d b } makes the constructed path the shortest, so as to obtain a new path and removed in FO and LO

所述的步骤3中秘密共享初始化的具体步骤如下:选择两个大质数p和q,选择一个质数阶循环群G,g为群G中的一个生成元;The specific steps of the secret sharing initialization in the described step 3 are as follows: select two large prime numbers p and q, select a prime order cyclic group G, and g is a generator in the group G;

在节点部署之前,利用RSA密码算法为每个节点分配一个公钥(PKi,n)和一个私钥(SKi,n),其中i为节点下标,n为p和q的乘积,PKi与(p-1)(q-1)互质,PKiSKi=1mod(p-1)(q-1);Before node deployment, each node is assigned a public key (PK i ,n) and a private key (SK i ,n) using the RSA cryptographic algorithm, where i is the node subscript, n is the product of p and q, and PK i is relatively prime to (p-1)(q-1), PK i SK i =1mod(p-1)(q-1);

从有限域GF(p)从随机选取2m个非零元素r1,r2,...,r2m作为2m条路径的公共信息。Randomly select 2m non-zero elements r 1 , r 2 ,...,r 2m from the finite field GF(p) as the common information of the 2m paths.

所述的步骤4中子密钥生成的具体步骤如下:构造一个t-1阶一元多项式f(x)=a0+a1x+a2x2+···+at-1xt-1,其中a1,a2,...,at-1为GF(p)中的随机非零整数,a0为对称密钥k;起始节点S为2m条路径生成2m个子密钥ki,用于与目标节点E共享对称密钥k和消息M,ki的计算方式如下:The specific steps of the sub-key generation in the said step 4 are as follows: construct a t-1 order unary polynomial f(x)=a 0 +a 1 x+a 2 x 2 +...+a t-1 x t -1 , where a 1 , a 2 ,...,a t-1 is a random non-zero integer in GF(p), a 0 is a symmetric key k; the starting node S generates 2m sub-keys for 2m paths The key k i is used to share the symmetric key k and the message M with the target node E. The calculation method of k i is as follows:

所述的步骤5中秘密共享的具体步骤如下:使用密钥k对消息M进行对称加密,并将密文分成2m个部分,即M1,M2,...,M2mThe specific steps of the secret sharing in the described step 5 are as follows: use the key k to symmetrically encrypt the message M, and divide the ciphertext into 2m parts, namely M 1 , M 2 , . . . , M 2m ;

为每个子密钥计算一个承诺wi,i=1,2,...,2m;wi的计算方式如下:Calculate a commitment wi for each subkey, i=1,2,...,2m; wi is calculated as follows:

通过公开信道从起始节点S传输对称密钥k和消息M至目标节点E时,需要保护传输信息的安全性和真实性,具体流程如下:When transmitting the symmetric key k and message M from the starting node S to the target node E through the open channel, the security and authenticity of the transmitted information need to be protected. The specific process is as follows:

S1,使用目标节点E的公钥PKe加密子密钥kiS1, use the public key PK e of the target node E to encrypt the subkey ki ;

S2,为抵抗重放攻击,选择当前时间戳T;S2, in order to resist replay attacks, select the current timestamp T;

S3,使用密码学单向哈希函数h(·)计算h(ki,wi,T),用于确保传输信息的有效性;S3, use the cryptographic one-way hash function h(·) to calculate h(k i , w i , T) to ensure the validity of the transmitted information;

S4,通过2m条路径传输信息 S4, transmit information through 2m paths

所述的步骤6中认证的具体步骤如下:从每条路径接收到信息后,目标节点E获取当前时间戳T′,通过验证|T′-T|<Texp证明收到时间戳有效,其中Texp为预计延迟时间;The specific steps of the authentication in the said step 6 are as follows: after receiving the information from each path, the target node E obtains the current timestamp T', and proves that the received timestamp is valid by verifying |T'-T|<T exp , where T exp is the expected delay time;

E使用私钥SKi计算并通过验证等式h(k′i,wi,T)=h(ki,wi,T)成立证明承诺wi有效;E is calculated using the private key SK i And by verifying that the equation h(k′ i , wi , T) = h( ki , wi , T) is established to prove that the commitment wi is valid;

E通过验证式判断路径Pi中子密钥ki的有效性,所述的验证式具体如下:E judges the validity of the sub-key ki in the path Pi by the verification formula, and the verification formula is as follows:

若上式成立,则子密钥ki有效,即ki可用于重构对称密钥k,否则ki无法用于重构,并执行步骤7中的错误检测。If the above formula holds, the sub-key ki is valid, that is, ki can be used to reconstruct the symmetric key k, otherwise ki cannot be used for reconstruction, and the error detection in step 7 is performed.

所述的步骤7中错误检测的具体步骤如下:在S和E进行通信时,由于使用了(t,2m)秘密共享,若存在t条或更多条路径能使验证式(3)成立,E即可重构出有效的对称密钥,获得此对称密钥后,S和E可通过加密后的消息进行通信;The specific steps of error detection in the above-mentioned step 7 are as follows: when S and E communicate, due to the use of (t, 2m) secret sharing, if there are t or more paths, the verification formula (3) can be established, E can reconstruct a valid symmetric key, and after obtaining the symmetric key, S and E can communicate through encrypted messages;

若不存在t条或更多条路径能使验证式(3)成立,E发送错误报告至S,S成功验证该错误报告的有效性后,通过一个已使验证式(3)成立的安全传输信息的路径,在Texp时间内将发送至E;随后,E检查ki的有效性;若S没有在Texp内返回或验证失败的次数超过一个特定数,则S被视为恶意节点,并且E终止与S的通信。If there are no t or more paths to verify (3), E sends an error report To S, after S successfully verifies the validity of the error report, it passes through a safe transmission information path that has established the verification formula (3), within the time T exp Send to E; then, E checks the validity of ki ; if S does not return within T exp Or the number of verification failures exceeds a certain number, then S is regarded as a malicious node, and E terminates the communication with S.

所述的步骤8中密钥重构的具体步骤如下:目标节点E通过t条或更多条路径中获得的子密钥重构出对称密钥,计算方式如下:The specific steps of the key reconstruction in the said step 8 are as follows: the target node E reconstructs the symmetric key through the sub-keys obtained in t or more paths, and the calculation method is as follows:

随后,消息M可通过对称密钥k解密得到;若子密钥数量少于t,则无法恢复出消息M。Subsequently, the message M can be obtained by decrypting the symmetric key k; if the number of subkeys is less than t, the message M cannot be recovered.

该种车载自组网络环境下基于秘密共享的多路径通信方法能够产生的有益效果为:本发明通过利用拉丁方阵,构建了用于VANET通信的并行处理架构,使得来自起始VANET设备的信息可并行传输至目标VANET设备。与顺序处理相比,并行处理极大降低了网络负载,提高了信息传输效率,避免消息滞后,满足了VANET通信的实时性需求。此外,通过将并行处理架构与秘密共享相结合,在正确传输信息的路径数量不小于门限值时,目标设备可利用收集到的这些信息重得关于对构出对称密钥并解密密文。单路径通信中,系统易受多种形式的攻击,信息安全无法得到有效保障。本发明中若攻击者破坏的路径数量小于门限值,则无法获称密钥和加密消息的任何信息。同时,由于秘密共享的特性,可容忍一定数量的路径因网络拥挤、流浪限制或设备故障等不稳定因素导致无法成功传输信息,降低了消息传输的失败率,保证了VANET通信的鲁棒性。The beneficial effects that the multi-path communication method based on secret sharing can produce in the vehicle-mounted ad hoc network environment are as follows: the present invention constructs a parallel processing architecture for VANET communication by using the Latin square matrix, so that the information from the initial VANET equipment can be Parallel transfer to target VANET devices is possible. Compared with sequential processing, parallel processing greatly reduces network load, improves information transmission efficiency, avoids message lag, and meets the real-time requirements of VANET communication. In addition, by combining the parallel processing architecture with secret sharing, when the number of paths to correctly transmit information is not less than the threshold value, the target device can use the collected information to reconstruct the symmetric key and decrypt the ciphertext. In single-path communication, the system is vulnerable to various forms of attacks, and information security cannot be effectively guaranteed. In the present invention, if the number of paths destroyed by the attacker is less than the threshold value, any information called the key and the encrypted message cannot be obtained. At the same time, due to the characteristics of secret sharing, it can tolerate a certain number of paths that cannot successfully transmit information due to unstable factors such as network congestion, wandering restrictions or equipment failures, which reduces the failure rate of message transmission and ensures the robustness of VANET communication.

附图说明Description of drawings

图1为本发明一种车载自组网络环境下基于秘密共享的多路径通信方法中VANET的系统结构模型。FIG. 1 is a system structure model of VANET in a multi-path communication method based on secret sharing in a vehicle-mounted ad hoc network environment of the present invention.

图2为本发明一种车载自组网络环境下基于秘密共享的多路径通信方法中无向图G的示意图。FIG. 2 is a schematic diagram of an undirected graph G in a multi-path communication method based on secret sharing in a vehicle-mounted ad hoc network environment of the present invention.

图3为本发明一种车载自组网络环境下基于秘密共享的多路径通信方法的通讯模型。FIG. 3 is a communication model of a multi-path communication method based on secret sharing in a vehicle-mounted ad hoc network environment of the present invention.

具体实施方式Detailed ways

以下结合说明书附图和具体优选的实施例对本发明作进一步描述。The present invention will be further described below with reference to the accompanying drawings and specific preferred embodiments.

一种车载自组网络环境下基于秘密共享的多路径通信方法,该方法为一种VANET环境下基于秘密共享的多路径通信方案。A secret sharing-based multi-path communication method in a vehicle-mounted ad hoc network environment is a secret-sharing-based multi-path communication scheme in a VANET environment.

本实施例中,采用2-CN网络作为通信模型。2-CN网络可被模型化为无向图G(n,±d1,±d2),其中n为图中节点个数,分别以1,2,...,n表示,d1和d2决定了每个节点的邻近节点,且具体来说,节点i的邻近节点为i±d1(mod n)和i±d2(mod n)。本实施例中使用的无向图为G(n,±d1,±d2,...,±dm),如图2所示,其中已经证明,从任何起始节点出发至目标节点,此图中存在2m个最短且节点不相交路径,这构成了本发明的通信模型,如图3所示。具体来说,首先产生2m个秘密信息,随后基于此通信模型将秘密信息从起始节点传输至目标节点。在图G(n,±d1,±d2,...,±dm)中,令LTP(S,E,SE)为逻辑传输路径,代表通过操作序列SE从起始节点S至目标节点E的逻辑路径,其中操作序列SE={d1,d2,...,dj}是{±d1,±d2,...,±dm}的一个子集。基于图G(n,±d1,±d2,...,±dm)的定义,每个节点都有2m个邻节点。为找到2m个节点不相交路径,第一个操作的集合应为FO={±d1,±d2,...,±dm},最后一个操作的集合为LO。In this embodiment, the 2-CN network is used as the communication model. The 2-CN network can be modeled as an undirected graph G(n, ±d 1 , ±d 2 ), where n is the number of nodes in the graph, represented by 1, 2,...,n, respectively, d 1 and d 2 determines the neighbors of each node, and Specifically, the neighboring nodes of node i are i±d 1 (mod n) and i±d 2 (mod n). The undirected graph used in this embodiment is G(n, ±d 1 , ±d 2 , . . . , ±d m ), as shown in FIG. 2 , where It has been proved that from any starting node to the target node, there are 2m shortest and node-disjoint paths in this graph, which constitute the communication model of the present invention, as shown in FIG. 3 . Specifically, 2m pieces of secret information are first generated, and then the secret information is transmitted from the start node to the target node based on this communication model. In the graph G(n,±d 1 ,±d 2 ,...,±d m ), let LTP(S,E,SE) be the logical transmission path, representing from the start node S to the target through the operation sequence SE A logical path for node E, where the sequence of operations SE={d 1 ,d 2 ,...,d j } is a subset of {±d 1 ,±d 2 ,...,±d m }. Based on the definition of the graph G(n,±d 1 ,±d 2 ,...,±d m ), each node has 2m neighbors. To find 2m node disjoint paths, the set of first operations should be FO={±d 1 ,±d 2 ,...,±d m }, and the set of last operations should be LO.

该种车载自组网络环境下基于秘密共享的多路径通信方法的具体步骤如下:The specific steps of the multi-path communication method based on secret sharing in the vehicle ad hoc network environment are as follows:

步骤1,构造拉丁方阵:基于逻辑传输路径中不同元素的个数构造拉丁方阵。Step 1, construct a Latin square matrix: construct a Latin square matrix based on the number of different elements in the logical transmission path.

本实施例中,基于SE中不同元素的数量构造拉丁方阵:令FO=LO={±d1,±d2,...,±dm},SE中不同元素的数量为j′。首先将d1,d2,...,dj′作为拉丁方阵第一行元素,随后的j′-1行都以上一行为基准,并将上一行中的首元素移动至末尾,其他元素顺序向前移一位,最终形成一个j′×j′拉丁方阵。In this embodiment, a Latin square matrix is constructed based on the number of different elements in SE: let FO=LO={±d 1 , ±d 2 , . . . , ±d m }, and the number of different elements in SE is j′. First, take d 1 , d 2 ,...,d j' as the first row element of the Latin square matrix, and the subsequent j'-1 rows are all based on the previous row, and move the first element in the previous row to the end, other The order of elements is shifted forward by one, and finally a j'×j' Latin square matrix is formed.

步骤2,确定传输路径:根据拉丁方阵、逻辑传输路径和两个动态操作集合确定起始节点与目标节点之间的多条不相交传输路径。Step 2, determine the transmission path: determine a plurality of disjoint transmission paths between the start node and the target node according to the Latin square matrix, the logical transmission path and the two dynamic operation sets.

本实施例中,首先将SE中余下的j-j′个元素插入拉丁方阵中每一行的中间,得到j′条节点不相交路径,并除去FO和LO中与SE相同的元素。若集合FO中包含成对的正向和反向操作,例如d′和-d′,则从已有j′条路径中随机挑选一条Pi,0<i≤j′,将两个操作添加到原有操作最前方和最后方,得到两条新的路径d′||{Pi}||-d′和-d′||{Pi}||d′,并在FO和LO中除去d′和-d′。由于在图G(n,±d1,±d2,...,±dm)中对任一节点同时执行的正向和反向操作可相互抵消,因此上述过程可正确得到新路径。最后,对于FO中剩余的单个操作,例如将其同时添加到原有操作最前方和最后方。为保证路径可到达目标节点E,需将两个反向操作添加至操作中间,即此外,操作应基于{±d1,±d2,...,±dm}进行合并以保证最小化。具体来说,若中的子集{d1,d2,...,db}满足d1+d2+...+db=dc,则用dc代替{d1,d2,...,db}使得构造的路径最短,从而得到新路径并在FO和LO中除去 In this embodiment, the remaining jj' elements in SE are first inserted into the middle of each row in the Latin square matrix to obtain j' node disjoint paths, and elements in FO and LO that are the same as SE are removed. If the set FO contains pairs of forward and reverse operations, such as d' and -d', then randomly select a P i from the existing j' paths, 0<i≤j', add the two operations Go to the front and back of the original operation, get two new paths d′||{P i }||-d′ and -d′||{P i }||d′, and in FO and LO Remove d' and -d'. Since the forward and reverse operations performed simultaneously on any node in the graph G(n,±d 1 ,±d 2 ,...,±d m ) can cancel each other, the above process can correctly obtain the new path. Finally, for the remaining single operations in FO, e.g. Add it to the front and back of the original operation at the same time. In order to ensure that the path can reach the target node E, it is necessary to reverse the two operations added to the middle of the operation, i.e. In addition, operating Merging should be done based on {±d 1 , ±d 2 ,...,±d m } to guarantee minimization. Specifically, if The subsets in {d 1 ,d 2 ,...,d b } satisfy d 1 +d 2 +...+d b =d c , then replace { d 1 ,d 2 ,... ,d b } makes the constructed path the shortest, so as to obtain a new path and removed in FO and LO

步骤3,秘密共享初始化:在部署节点至VANET之前,利用RSA密码算法为每个节点分配一组公钥对和私钥对。此外,为每条路径选取一个非零随机数用于标记相应路径。Step 3, secret sharing initialization: Before deploying nodes to VANET, each node is allocated a set of public key and private key pairs using the RSA cryptographic algorithm. In addition, a non-zero random number is chosen for each path to mark the corresponding path.

本实施例中,首先选择两个大质数p和q,选择一个质数阶循环群G,g为群G中的一个生成元。随后,在节点部署至VANET之前,利用RSA密码算法为每个节点分配一个公钥(PKi,n)和一个私钥(SKi,n),其中i为节点下标,n为p和q的乘积,PKi与(p-1)(q-1)互质,PKiSKi=1mod(p-1)(q-1)。最后,从有限域GF(p)从随机选取2m个非零元素r1,r2,...,r2m作为2m条路径的公共信息。In this embodiment, two large prime numbers p and q are selected first, and a prime order cyclic group G is selected, where g is a generator in the group G. Then, before the nodes are deployed to VANET, each node is assigned a public key (PK i ,n) and a private key (SK i ,n) using the RSA cryptographic algorithm, where i is the node subscript and n is p and q The product of , PK i and (p-1)(q-1) are relatively prime, PK i SK i =1mod(p-1)(q-1). Finally, 2m non-zero elements r 1 , r 2 , ..., r 2m are randomly selected from the finite field GF(p) as the common information of the 2m paths.

步骤4,子密钥生成:选取一个一元多项式,常数项为加密消息的对称加密密钥;通过此多项式为每条路径生成一个子密钥;Step 4, sub-key generation: select a univariate polynomial, and the constant term is the symmetric encryption key of the encrypted message; generate a sub-key for each path through this polynomial;

本实施例中,为实现从起始节点S至目标节点E间2m条路径的(t,2m)秘密共享方案,构造一个t-1阶一元多项式f(x)=a0+a1x+a2x2+···+at-1xt-1,其中a1,a2,...,at-1为GF(p)中的随机非零整数,a0为对称密钥k。为与目标节点E共享对称密钥k和消息M,起始节点S为2m条路径生成2m个子密钥ki。ki的计算方式如下:In this embodiment, in order to realize the (t, 2m) secret sharing scheme of 2m paths from the starting node S to the target node E, a t-1 order unary polynomial f(x)=a 0 +a 1 x+ is constructed. a 2 x 2 +...+a t-1 x t-1 , where a 1 ,a 2 ,...,a t-1 are random non-zero integers in GF(p), and a 0 is a symmetric encryption key k. In order to share the symmetric key k and the message M with the target node E, the starting node S generates 2m subkeys k i for 2m paths. ki is calculated as follows:

步骤5,秘密共享:使用对称加密对原始消息进行加密后,将密文同样分成多个部分,每部分对应一条路径。此外,为支持容错性,针对每个子密钥计算一个承诺。为在公开信道中传输数据,使用目标节点的公钥加密子密钥,同时选取当前时间戳以抵抗重放攻击,并通过密码学单向哈希函数保证传输数据的有效性。得到的相应数据通过各条路径从起始节点传输至目标节点。Step 5, secret sharing: After encrypting the original message using symmetric encryption, the ciphertext is also divided into multiple parts, and each part corresponds to a path. Additionally, to support fault tolerance, a commitment is computed for each subkey. In order to transmit data in the open channel, use the public key of the target node to encrypt the sub-key, and select the current timestamp to resist replay attacks, and use the cryptographic one-way hash function to ensure the validity of the transmitted data. The corresponding data obtained are transmitted from the start node to the target node through various paths.

本实施例中,使用密钥k对消息M进行对称加密,并将密文分成2m个部分,即M1,M2,...,M2m。此外,为每个子密钥计算一个承诺wi,i=1,2,...,2m。wi的计算方式如下:In this embodiment, the message M is symmetrically encrypted using the key k, and the ciphertext is divided into 2m parts, namely M 1 , M 2 , . . . , M 2m . Furthermore, a commitment wi is computed for each subkey, i=1,2,...,2m. w i is calculated as follows:

为通过公开信道从起始节点S传输对称密钥k和消息M至目标节点E,需要以下流程来保护传输信息的安全性和真实性。首先,使用目标节点E的公钥PKe加密子密钥ki。随后,为抵抗重放攻击,选择当前时间戳T。接着,使用密码学单向哈希函数h(·)计算h(ki,wi,T),以确保传输信息的有效性。最后,通过2m条路径传输信息 In order to transmit the symmetric key k and the message M from the originating node S to the destination node E through the open channel, the following procedures are required to protect the security and authenticity of the transmitted information. First, the subkey ki is encrypted using the public key PK e of the target node E. Subsequently, to resist replay attacks, the current timestamp T is chosen. Next, h( ki , wi ,T) is calculated using the cryptographic one-way hash function h(·) to ensure the validity of the transmitted information. Finally, the information is transmitted through 2m paths

步骤6,认证:接收到各条路径传来的数据后,目标节点首先获取当前时间戳,根据系统实际需求对容忍范围的限制验证收到数据中时间戳的有效性;验证成功后,目标节点使用自身私钥解密获得子密钥,并通过检查哈希值验证承诺的有效性;随后,目标节点使用承诺判断子密钥的有效性;若子密钥无效,则进行步骤7中的错误检测;若子密钥有效,则跳过步骤7;Step 6, authentication: after receiving the data from each path, the target node first obtains the current timestamp, and verifies the validity of the timestamp in the received data according to the actual system requirements on the tolerance range limit; after the verification is successful, the target node Use its own private key to decrypt to obtain the sub-key, and verify the validity of the promise by checking the hash value; then, the target node uses the promise to judge the validity of the sub-key; if the sub-key is invalid, perform the error detection in step 7; If the subkey is valid, skip step 7;

本实施例中,从每条路径接收到信息后,目标节点E获取当前时间戳T′,通过验证|T′-T|<Texp证明收到时间戳有效,其中Texp为预计延迟时间,可根据实际系统需求,将其控制在可容忍范围内。随后,E使用私钥SKi计算并通过验证等式h(k′i,wi,T)=h(ki,wi,T)成立证明承诺wi有效。此外,E通过验证式(3)判断路径Pi中子密钥ki的有效性。In this embodiment, after receiving information from each path, the target node E obtains the current timestamp T', and proves that the received timestamp is valid by verifying |T'-T|<T exp , where T exp is the expected delay time, It can be controlled within the tolerable range according to the actual system requirements. Subsequently, E uses the private key SK i to calculate And by verifying that the equation h(k′ i , wi , T)=h(k i , wi , T) holds, the promise wi is valid. In addition, E judges the validity of the subkey ki in the path Pi by verifying the formula (3).

若上式成立,则子密钥ki有效,即ki可用于重构对称密钥k。否则ki无法用于重构,并执行步骤7中的错误检测。If the above formula holds, the subkey ki is valid, that is, ki can be used to reconstruct the symmetric key k. Otherwise k i cannot be used for reconstruction, and the error detection in step 7 is performed.

步骤7,错误检测:若验证成功的子密钥数量没有达到规定要求,目标节点将向起始节点发送一份错误报告;起始节点对收到的错误报告进行有效性验证,并通过正确传输数据的路径向目标节点返回信息;目标节点验证返回信息的有效性。若起始节点没有在规定时间内返回消息或者目标节点验证失败的次数超过一个特定值,则认为起始节点为恶意节点并终止与起始节点的通信;Step 7, error detection: if the number of successfully verified subkeys does not meet the specified requirements, the target node will send an error report to the starting node; the starting node will verify the validity of the received error report and transmit it correctly. The data path returns information to the target node; the target node verifies the validity of the returned information. If the originating node does not return a message within the specified time or the number of failed verifications of the target node exceeds a certain value, the originating node is considered a malicious node and the communication with the originating node is terminated;

由于实际情况下,攻击者不仅可以窃听通信信道,还可以阻塞、转发或篡改信道。此外,若起始节点S本身即是攻击者,它将故意生成无效子密钥以干扰或破坏VANET通信。因此,高容错是一个健壮方案必不可少的一部分。Due to the actual situation, the attacker can not only eavesdrop on the communication channel, but also block, forward or tamper with the channel. Furthermore, if the originating node S is itself an attacker, it will deliberately generate invalid subkeys to interfere or disrupt VANET communications. Therefore, high fault tolerance is an essential part of a robust scheme.

本实施例中,若等式(3)不成立,则系统中至少有一个攻击者。然而由于使用了(t,2m)秘密共享,只要存在t条或更多条路径能使等式(3)成立,E即可重构出有效的对称密钥。获得此对称密钥后,S和E可通过加密后的消息进行通信。若不存在t条或更多条路径能使等式(3)成立,E发送错误报告至S。S成功验证该错误报告的有效性后,通过一个安全传输信息的路径,在Texp时间内将发送至E。随后,E检查ki的有效性。上述过程中,若S没有在Texp内返回或验证失败的次数超过一个特定数,则S被视为恶意节点,并且E终止与S的通信。In this embodiment, if equation (3) does not hold, there is at least one attacker in the system. However, due to the use of (t, 2m) secret sharing, E can reconstruct a valid symmetric key as long as there are t or more paths that make equation (3) true. After obtaining this symmetric key, S and E can communicate via encrypted messages. If there are no t or more paths that make equation (3) true, E sends an error report to S. After S successfully verifies the validity of the error report, it will transfer the information within T exp time through a safe transmission path sent to E. Subsequently, E checks the validity of ki . In the above process, if S is not returned within T exp Or the number of verification failures exceeds a certain number, then S is regarded as a malicious node, and E terminates the communication with S.

步骤8,密钥重构:目标节点利用不少于门限值数量的路径传来的有效子密钥重构出对称密钥,并对密文进行解密获得原始消息。Step 8, key reconstruction: the target node reconstructs the symmetric key by using the valid sub-keys transmitted by the number of paths not less than the threshold value, and decrypts the ciphertext to obtain the original message.

本实施例中,目标节点E可通过t条或更多条路径中获得的子密钥重构出对称密钥,计算方式如下:In this embodiment, the target node E can reconstruct the symmetric key through subkeys obtained in t or more paths, and the calculation method is as follows:

随后,消息M可通过对称密钥k解密得到。但是,若子密钥数量少于t,则无法恢复出消息M。Then, the message M can be decrypted with the symmetric key k. However, if the number of subkeys is less than t, the message M cannot be recovered.

该种车载自组网络环境下基于秘密共享的多路径通信方法在两节点之间通过将通讯信息密文分解为多个部分,分别通过多个通道进行信息传递,降低了传输过程中单一网络的负载,实现了降低延迟,解决了目标节点接收信息过于滞后的问题。该种信息传递的方法能够对当前道路的交通环境做出及时分析并提供相应的智能化交通服务。In the multi-path communication method based on secret sharing in the vehicle ad hoc network environment, the ciphertext of the communication information is decomposed into multiple parts between two nodes, and the information is transmitted through multiple channels respectively, which reduces the transmission process of a single network. load, reduce the delay, and solve the problem that the target node receives information too lag. This information transmission method can timely analyze the current road traffic environment and provide corresponding intelligent traffic services.

进一步的,该种通信方法能够解决攻击者对单一路径的信息传递进行攻击即导就能够破坏此次通讯的的情况,降低了网络的安全风险。能够有效防止不法分子利用窃取的隐私数据牟取非法利益,保护了用户的合法权益,也防止造成用户经济财产的损失。Further, the communication method can solve the situation that the attacker can destroy the communication by attacking the information transmission of a single path, thereby reducing the security risk of the network. It can effectively prevent criminals from using the stolen private data to seek illegal benefits, protect the legitimate rights and interests of users, and prevent the loss of users' economic property.

该种通信方法还具有高容错性,即使发生VANET中网络拥挤、流量限制、节点设备损坏等不稳定因素,该种通信方法也能够在该时间段内系统提供正常的服务功能。This communication method also has high fault tolerance. Even if unstable factors such as network congestion, traffic restriction, and node equipment damage occur in the VANET, this communication method can still provide normal service functions within this time period.

以上仅是本发明的优选实施方式,本发明的保护范围并不仅局限于上述实施例,凡属于本发明思路下的技术方案均属于本发明的保护范围。应当指出,对于本技术领域的普通技术人员来说,在不脱离本发明原理前提下的若干改进和润饰,应视为本发明的保护范围。The above are only preferred embodiments of the present invention, and the protection scope of the present invention is not limited to the above-mentioned embodiments, and all technical solutions that belong to the idea of the present invention belong to the protection scope of the present invention. It should be pointed out that for those skilled in the art, some improvements and modifications without departing from the principle of the present invention should be regarded as the protection scope of the present invention.

Claims (10)

1.一种车载自组网络环境下基于秘密共享的多路径通信方法,其特征是:利用拉丁方阵找到起始节点与目标节点间多条不相交路径,再利用秘密共享将对称加密密钥分成多个子密钥;加密后的消息也分成多个部分,并为每个子密钥生成等量承诺以支持容错性;加密后的子密钥与密文、承诺通过各条路径共同传送至目标节点;目标节点利用子密钥重构出密钥,并使用密钥解密密文得到原始消息。具体步骤如下:1. a multi-path communication method based on secret sharing under a vehicle-mounted ad hoc network environment, is characterized in that: utilize the Latin square matrix to find a plurality of disjoint paths between the starting node and the target node, and then utilize secret sharing to encrypt the symmetric encryption key. Divided into multiple sub-keys; the encrypted message is also divided into multiple parts, and an equal amount of commitment is generated for each sub-key to support fault tolerance; the encrypted sub-key, ciphertext, and commitment are jointly transmitted to the target through various paths node; the target node reconstructs the key using the subkey, and uses the key to decrypt the ciphertext to obtain the original message. Specific steps are as follows: 步骤1,构造拉丁方阵:基于逻辑传输路径中不同元素的个数构造拉丁方阵;Step 1, construct a Latin square matrix: construct a Latin square matrix based on the number of different elements in the logical transmission path; 步骤2,确定传输路径:根据拉丁方阵、逻辑传输路径和两个动态操作集合确定起始节点与目标节点之间的多条不相交传输路径;Step 2, determine the transmission path: determine multiple disjoint transmission paths between the start node and the target node according to the Latin square matrix, the logical transmission path and the two dynamic operation sets; 步骤3,秘密共享初始化:利用RSA密码算法为每个节点分配一组公钥对和私钥对;同时为每条路径选取一个非零随机数用于标记相应路径;Step 3, secret sharing initialization: use the RSA cryptographic algorithm to assign a set of public key pair and private key pair to each node; at the same time, select a non-zero random number for each path to mark the corresponding path; 步骤4,子密钥生成:选取一个一元多项式,常数项为加密消息的对称加密密钥;通过此多项式为每条路径生成一个子密钥;Step 4, sub-key generation: select a univariate polynomial, and the constant term is the symmetric encryption key of the encrypted message; generate a sub-key for each path through this polynomial; 步骤5,秘密共享:使用对称加密对原始消息进行加密后,将密文同样分成多个部分,每部分对应一条路径;针对每个子密钥计算一个承诺,用于支持容错性;为在公开信道中传输数据,使用目标节点的公钥加密子密钥,同时选取当前时间戳以抵抗重放攻击,并通过密码学单向哈希函数保证传输数据的有效性;得到的相应数据通过各条路径从起始节点传输至目标节点;Step 5, secret sharing: After encrypting the original message using symmetric encryption, the ciphertext is also divided into multiple parts, each part corresponds to a path; a commitment is calculated for each subkey to support fault tolerance; To transmit data, use the public key of the target node to encrypt the sub-key, select the current timestamp to resist replay attacks, and use the cryptographic one-way hash function to ensure the validity of the transmitted data; The start node transmits to the target node; 步骤6,认证:接收到各条路径传来的数据后,目标节点首先获取当前时间戳,根据系统实际需求对容忍范围的限制验证收到数据中时间戳的有效性;验证成功后,目标节点使用自身私钥解密获得子密钥,并通过检查哈希值验证承诺的有效性;随后,目标节点使用承诺判断子密钥的有效性;若子密钥无效,则进行步骤7中的错误检测;若子密钥有效,则跳过步骤7;Step 6, authentication: after receiving the data from each path, the target node first obtains the current timestamp, and verifies the validity of the timestamp in the received data according to the actual system requirements on the tolerance range limit; after the verification is successful, the target node Use its own private key to decrypt to obtain the sub-key, and verify the validity of the promise by checking the hash value; then, the target node uses the promise to judge the validity of the sub-key; if the sub-key is invalid, perform the error detection in step 7; If the subkey is valid, skip step 7; 步骤7,错误检测:若验证成功的子密钥数量没有达到规定要求,目标节点将向起始节点发送一份错误报告;起始节点对收到的错误报告进行有效性验证,并通过正确传输数据的路径向目标节点返回信息;目标节点验证返回信息的有效性。若起始节点没有在规定时间内返回消息或者目标节点验证失败的次数超过一个特定值,则认为起始节点为恶意节点并终止与起始节点的通信;Step 7, error detection: if the number of successfully verified subkeys does not meet the specified requirements, the target node will send an error report to the starting node; the starting node will verify the validity of the received error report and transmit it correctly. The data path returns information to the target node; the target node verifies the validity of the returned information. If the originating node does not return a message within the specified time or the number of failed verifications of the target node exceeds a certain value, the originating node is considered a malicious node and the communication with the originating node is terminated; 步骤8,密钥重构:目标节点利用不少于门限值数量的路径传来的有效子密钥重构出对称密钥,并对密文进行解密获得原始消息。Step 8, key reconstruction: the target node reconstructs the symmetric key by using the valid sub-keys transmitted by the number of paths not less than the threshold value, and decrypts the ciphertext to obtain the original message. 2.根据权利要求1所述的一种车载自组网络环境下基于秘密共享的多路径通信方法,其特征在于:以2-CN网络作为通信模型,将2-CN网络模型化为无向图G(n,±d1,±d2,...,±dm),其中n为图中节点个数,分别以1,2,...,n表示,±d1至±dm分别表示无向图中每个节点与相邻2m个节点的距离,且此时存在2m个最短且节点不相交路径,令LTP(S,E,SE)为逻辑传输路径,代表通过操作序列SE从起始节点S至目标节点E的逻辑路径,其中操作序列SE={d1,d2,...,dj}是{±d1,±d2,...,±dm}的一个子集;基于无向图G(n,±d1,±d2,...,±dm)的定义,每个节点都有2m个邻节点,为找到2m个节点不相交路径,第一个操作的集合为FO={±d1,±d2,...,±dm},最后一个操作的集合为LO。2. the multi-path communication method based on secret sharing under a kind of vehicle-mounted ad hoc network environment according to claim 1 is characterized in that: with 2-CN network as communication model, the 2-CN network is modeled as an undirected graph G(n,±d 1 ,±d 2 ,...,±d m ), where n is the number of nodes in the graph, represented by 1, 2,...,n respectively, ±d 1 to ±d m respectively represent the distance between each node and the adjacent 2m nodes in the undirected graph, and At this time, there are 2m shortest and node-disjoint paths, let LTP(S, E, SE) be the logical transmission path, representing the logical path from the starting node S to the target node E through the operation sequence SE, where the operation sequence SE={ d 1 ,d 2 ,...,d j } is a subset of {±d 1 ,±d 2 ,...,±d m }; based on the undirected graph G(n,±d 1 ,±d 2 ,...,±d m ), each node has 2m adjacent nodes, in order to find the disjoint path of 2m nodes, the first set of operations is FO={±d 1 ,±d 2 , ...,±d m }, the set of last operations is LO. 3.根据权利要求2所述的一种车载自组网络环境下基于秘密共享的多路径通信方法,其特征在于:所述的步骤1中构造拉丁方阵的具体步骤如下:基于SE中不同元素的数量构造拉丁方阵,令FO=LO={±d1,±d2,...,±dm},SE中不同元素的数量为,首先将d1,d2,...,dj′作为拉丁方阵第一行元素,随后的j′-1行都以上一行为基准,并将上一行中的首元素移动至末尾,其他元素顺序向前移一位,最终形成一个j′×j′拉丁方阵。3. the multi-path communication method based on secret sharing under a kind of vehicle-mounted ad hoc network environment according to claim 2, is characterized in that: the concrete steps of constructing Latin square matrix in described step 1 are as follows: based on different elements in SE Construct a Latin square matrix with the number of , let FO=LO= { ±d 1 ,±d 2 ,...,±d m } , the number of different elements in SE is d j' is used as the first row element of the Latin square matrix, the subsequent j'-1 rows are all based on the previous row, and the first element in the previous row is moved to the end, and the other elements are moved forward one place in sequence, and finally a j '×j' Latin square matrix. 4.根据权利要求3所述的一种车载自组网络环境下基于秘密共享的多路径通信方法,其特征在于:所述的步骤2中确定传输路径的具体步骤如下:将SE中余下的j-j′个元素插入拉丁方阵中每一行的中间,得到j′条节点不相交路径,并除去FO和LO中与SE相同的元素;4. the multi-path communication method based on secret sharing under a kind of vehicle-mounted ad hoc network environment according to claim 3, is characterized in that: the concrete step of determining transmission path in described step 2 is as follows: ' elements are inserted into the middle of each row in the Latin square matrix to obtain j' node disjoint paths, and remove the same elements as SE in FO and LO; 对于集合FO中包含成对的正向和反向操作d′和-d′,则从已有j′条路径中随机挑选一条Pi,0<i≤j′,将两个操作添加到原有操作最前方和最后方,得到两条新的路径d′||{Pi}||-d′和-d′||{Pi}||d′,并在FO和LO中除去d′和-d′;由于在图G(n,±d1,±d2,...,±dm)中对任一节点同时执行的正向和反向操作可相互抵消,因此可正确得到新路径;For the set FO that contains pairs of forward and reverse operations d' and -d', randomly select a P i from the existing j' paths, 0<i≤j', and add the two operations to the original There are two new paths d'||{P i }||-d' and -d'||{P i }||d', and remove d in FO and LO ' and -d'; since the forward and reverse operations performed simultaneously on any node in the graph G(n,±d 1 ,±d 2 ,...,±d m ) can cancel each other out, the correct get new path; 对于FO中剩余的单个操作将其同时添加到原有操作最前方和最后方;为保证路径可到达目标节点E,需将两个反向操作添加至操作中间,即 For the remaining single operations in FO Add it to the front and back of the original operation at the same time; in order to ensure that the path can reach the target node E, it is necessary to reverse the two operations added to the middle of the operation, i.e. 所述的操作基于{±d1,±d2,...,±dm}进行合并以保证最小化,若中的子集{d1,d2,...,db}满足d1+d2+...+db=dc,则用dc代替{d1,d2,...,db}使得构造的路径最短,从而得到新路径并在FO和LO中除去 the described operation Merge based on {±d 1 , ±d 2 ,...,±d m } to guarantee minimization, if The subsets in {d 1 ,d 2 ,...,d b } satisfy d 1 +d 2 +...+d b =d c , then replace { d 1 ,d 2 ,... ,d b } makes the constructed path the shortest, so as to obtain a new path and removed in FO and LO 5.根据权利要求4所述的一种车载自组网络环境下基于秘密共享的多路径通信方法,其特征在于:所述的步骤3中秘密共享初始化的具体步骤如下:选择两个大质数p和q,选择一个质数阶循环群G,g为群G中的一个生成元;5. the multi-path communication method based on secret sharing under a kind of vehicle-mounted ad hoc network environment according to claim 4 is characterized in that: the concrete steps of secret sharing initialization in described step 3 are as follows: select two large prime numbers p and q, select a prime order cyclic group G, where g is a generator in the group G; 在节点部署之前,利用RSA密码算法为每个节点分配一个公钥(PKi,n)和一个私钥(SKi,n),其中i为节点下标,n为p和q的乘积,PKi与(p-1)(q-1)互质,PKiSKi=1mod(p-1)(q-1);Before node deployment, each node is assigned a public key (PK i ,n) and a private key (SK i ,n) using the RSA cryptographic algorithm, where i is the node subscript, n is the product of p and q, and PK i is relatively prime to (p-1)(q-1), PK i SK i =1mod(p-1)(q-1); 从有限域GF(p)从随机选取2m个非零元素r1,r2,...,r2m作为2m条路径的公共信息。Randomly select 2m non-zero elements r 1 , r 2 ,...,r 2m from the finite field GF(p) as the common information of the 2m paths. 6.根据权利要求5所述的一种车载自组网络环境下基于秘密共享的多路径通信方法,其特征在于:所述的步骤4中子密钥生成的具体步骤如下:构造一个t-1阶一元多项式f(x)=a0+a1x+a2x2+···+at-1xt-1,其中a1,a2,...,at-1为GF(p)中的随机非零整数,a0为对称密钥k;起始节点S为2m条路径生成2m个子密钥ki,用于与目标节点E共享对称密钥k和消息M,ki的计算方式如下:6. the multi-path communication method based on secret sharing under a kind of vehicle-mounted ad hoc network environment according to claim 5, is characterized in that: the concrete steps that the sub-key is generated in described step 4 are as follows: construct a t-1 Order univariate polynomial f(x)=a 0 +a 1 x+a 2 x 2 +...+a t-1 x t-1 , where a 1 ,a 2 ,...,a t-1 is GF The random non-zero integer in (p), a 0 is the symmetric key k; the starting node S generates 2m subkeys k i for 2m paths, which are used to share the symmetric key k and the message M, k with the target node E i is calculated as follows: 7.根据权利要求6所述的一种车载自组网络环境下基于秘密共享的多路径通信方法,其特征在于:所述的步骤5中秘密共享的具体步骤如下:使用密钥k对消息M进行对称加密,并将密文分成2m个部分,即M1,M2,...,M2m7. the multi-path communication method based on secret sharing under a kind of vehicle-mounted ad hoc network environment according to claim 6, is characterized in that: the concrete steps of secret sharing in described step 5 are as follows: use key k to message M Perform symmetric encryption, and divide the ciphertext into 2m parts, namely M 1 , M 2 ,..., M 2m ; 为每个子密钥计算一个承诺wi,i=1,2,...,2m;wi的计算方式如下:Calculate a commitment wi for each subkey, i=1,2,...,2m; wi is calculated as follows: 通过公开信道从起始节点S传输对称密钥k和消息M至目标节点E时,需要保护传输信息的安全性和真实性,具体流程如下:When transmitting the symmetric key k and message M from the starting node S to the target node E through the open channel, the security and authenticity of the transmitted information need to be protected. The specific process is as follows: S1,使用目标节点E的公钥PKe加密子密钥kiS1, use the public key PK e of the target node E to encrypt the subkey ki ; S2,为抵抗重放攻击,选择当前时间戳T;S2, in order to resist replay attacks, select the current timestamp T; S3,使用密码学单向哈希函数h(·)计算h(ki,wi,T),用于确保传输信息的有效性;S3, use the cryptographic one-way hash function h(·) to calculate h(k i , w i , T) to ensure the validity of the transmitted information; S4,通过2m条路径传输信息 S4, transmit information through 2m paths 8.根据权利要求7所述的一种车载自组网络环境下基于秘密共享的多路径通信方法,其特征在于:所述的步骤6中认证的具体步骤如下:从每条路径接收到信息后,目标节点E获取当前时间戳T′,通过验证|T′-T|<Texp证明收到时间戳有效,其中Texp为预计延迟时间;8. the multi-path communication method based on secret sharing under a kind of vehicle-mounted ad hoc network environment according to claim 7, is characterized in that: the concrete steps of authentication in described step 6 are as follows: after receiving information from each path , the target node E obtains the current timestamp T', and proves that the received timestamp is valid by verifying that |T'-T|<T exp , where T exp is the expected delay time; E使用私钥SKi计算并通过验证等式h(k′i,wi,T)=h(ki,wi,T)成立证明承诺wi有效;E is calculated using the private key SK i And by verifying that the equation h(k′ i , wi , T) = h( ki , wi , T) is established to prove that the commitment wi is valid; E通过验证式判断路径Pi中子密钥ki的有效性,所述的验证式具体如下:E judges the validity of the sub-key ki in the path Pi by the verification formula, and the verification formula is as follows: 若上式成立,则子密钥ki有效,即ki可用于重构对称密钥k,否则ki无法用于重构,并执行步骤7中的错误检测。If the above formula holds, the sub-key ki is valid, that is, ki can be used to reconstruct the symmetric key k, otherwise ki cannot be used for reconstruction, and the error detection in step 7 is performed. 9.根据权利要求8所述的一种车载自组网络环境下基于秘密共享的多路径通信方法,其特征在于:所述的步骤7中错误检测的具体步骤如下:在S和E进行通信时,由于使用了(t,2m)秘密共享,若存在t条或更多条路径能使验证式(3)成立,E即可重构出有效的对称密钥,获得此对称密钥后,S和E可通过加密后的消息进行通信;9. the multi-path communication method based on secret sharing under a kind of vehicle-mounted ad hoc network environment according to claim 8, is characterized in that: the concrete steps of error detection in described step 7 are as follows: when S and E communicate , due to the use of (t, 2m) secret sharing, if there are t or more paths that can make the verification formula (3) true, E can reconstruct a valid symmetric key. After obtaining this symmetric key, S and E can communicate through encrypted messages; 若不存在t条或更多条路径能使验证式(3)成立,E发送错误报告至S,S成功验证该错误报告的有效性后,通过一个已使验证式(3)成立的安全传输信息的路径,在Texp时间内将发送至E;随后,E检查ki的有效性;若S没有在Texp内返回或验证失败的次数超过一个特定数,则S被视为恶意节点,并且E终止与S的通信。If there are no t or more paths to verify (3), E sends an error report To S, after S successfully verifies the validity of the error report, it passes through a safe transmission information path that has established the verification formula (3), within the time T exp Send to E; then, E checks the validity of ki ; if S does not return within T exp Or the number of verification failures exceeds a certain number, then S is regarded as a malicious node, and E terminates the communication with S. 10.根据权利要求9所述的一种车载自组网络环境下基于秘密共享的多路径通信方法,其特征在于:所述的步骤8中密钥重构的具体步骤如下:目标节点E通过t条或更多条路径中获得的子密钥重构出对称密钥,计算方式如下:10. The multi-path communication method based on secret sharing under a kind of vehicle-mounted ad hoc network environment according to claim 9, it is characterized in that: the concrete steps of key reconstruction in described step 8 are as follows: target node E passes t The symmetric key is reconstructed from subkeys obtained in one or more paths, calculated as follows: 随后,消息M可通过对称密钥k解密得到;若子密钥数量少于t,则无法恢复出消息M。Subsequently, the message M can be obtained by decrypting the symmetric key k; if the number of subkeys is less than t, the message M cannot be recovered.
CN201910254544.3A 2019-03-31 2019-03-31 A kind of multi-path communications method based on privacy sharing under vehicular ad hoc network network environment Pending CN109996215A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910254544.3A CN109996215A (en) 2019-03-31 2019-03-31 A kind of multi-path communications method based on privacy sharing under vehicular ad hoc network network environment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910254544.3A CN109996215A (en) 2019-03-31 2019-03-31 A kind of multi-path communications method based on privacy sharing under vehicular ad hoc network network environment

Publications (1)

Publication Number Publication Date
CN109996215A true CN109996215A (en) 2019-07-09

Family

ID=67132008

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910254544.3A Pending CN109996215A (en) 2019-03-31 2019-03-31 A kind of multi-path communications method based on privacy sharing under vehicular ad hoc network network environment

Country Status (1)

Country Link
CN (1) CN109996215A (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110768786A (en) * 2019-10-29 2020-02-07 上海交通大学 Information segmentation encryption and decryption combination system and method based on AES algorithm
CN112153744A (en) * 2020-09-25 2020-12-29 哈尔滨工业大学 A method of physical layer security resource allocation in ICV network
CN112702712A (en) * 2020-12-25 2021-04-23 江苏鸣实纯钧科技有限公司 Method and system for encrypted data transmission of vehicle-mounted terminal
CN114499863A (en) * 2022-04-15 2022-05-13 深圳市永达电子信息股份有限公司 Multi-party authentication method based on time division and space division and computer readable storage medium
CN114553597A (en) * 2022-04-22 2022-05-27 中国长江三峡集团有限公司 Power equipment operation and maintenance data transmission management method and system
CN114679257A (en) * 2020-12-24 2022-06-28 科大国盾量子技术股份有限公司 Multipath key relay method, transmitting device, receiving device and related equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150098329A1 (en) * 2013-10-03 2015-04-09 National Chiao Tung University Vehicular communication system and routing method thereof
WO2015197413A1 (en) * 2014-06-27 2015-12-30 Norwegian University Of Science And Technology Coding in galois fields with reduced complexity
CN105846947A (en) * 2016-03-22 2016-08-10 中国人民解放军国防科学技术大学 Physical layer encryption method introducing Latin array
CN107682149A (en) * 2017-10-25 2018-02-09 重庆邮电大学 A kind of method of the vehicular ad hoc network secret protection close based on label

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150098329A1 (en) * 2013-10-03 2015-04-09 National Chiao Tung University Vehicular communication system and routing method thereof
WO2015197413A1 (en) * 2014-06-27 2015-12-30 Norwegian University Of Science And Technology Coding in galois fields with reduced complexity
CN105846947A (en) * 2016-03-22 2016-08-10 中国人民解放军国防科学技术大学 Physical layer encryption method introducing Latin array
CN107682149A (en) * 2017-10-25 2018-02-09 重庆邮电大学 A kind of method of the vehicular ad hoc network secret protection close based on label

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
JIAN SHEN: "A Novel Latin-Square-Based Secret Sharing for M2M Communications", 《IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS》 *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110768786A (en) * 2019-10-29 2020-02-07 上海交通大学 Information segmentation encryption and decryption combination system and method based on AES algorithm
CN112153744A (en) * 2020-09-25 2020-12-29 哈尔滨工业大学 A method of physical layer security resource allocation in ICV network
CN112153744B (en) * 2020-09-25 2022-08-02 哈尔滨工业大学 Physical layer security resource allocation method in ICV network
CN114679257A (en) * 2020-12-24 2022-06-28 科大国盾量子技术股份有限公司 Multipath key relay method, transmitting device, receiving device and related equipment
CN114679257B (en) * 2020-12-24 2023-08-22 科大国盾量子技术股份有限公司 Multipath key relay method, transmitting device, receiving device and related equipment
CN112702712A (en) * 2020-12-25 2021-04-23 江苏鸣实纯钧科技有限公司 Method and system for encrypted data transmission of vehicle-mounted terminal
CN114499863A (en) * 2022-04-15 2022-05-13 深圳市永达电子信息股份有限公司 Multi-party authentication method based on time division and space division and computer readable storage medium
CN114499863B (en) * 2022-04-15 2022-08-23 深圳市永达电子信息股份有限公司 Multi-party authentication method based on time division and space division and computer readable storage medium
CN114553597A (en) * 2022-04-22 2022-05-27 中国长江三峡集团有限公司 Power equipment operation and maintenance data transmission management method and system

Similar Documents

Publication Publication Date Title
CN109996215A (en) A kind of multi-path communications method based on privacy sharing under vehicular ad hoc network network environment
CN108964919B (en) Lightweight anonymous authentication method with privacy protection based on Internet of vehicles
Chan et al. Random key predistribution schemes for sensor networks
Chan et al. Key distribution techniques for sensor networks
Chuang et al. TEAM: Trust-extended authentication mechanism for vehicular ad hoc networks
Alagheband et al. Dynamic and secure key management model for hierarchical heterogeneous sensor networks
Dai et al. Pairing-free certificateless aggregate signcryption scheme for vehicular sensor networks
EP2416524A2 (en) System and method for secure transaction of data between wireless communication device and server
CN113452764B (en) SM 9-based vehicle networking V2I bidirectional authentication method
CN101888295A (en) Distributed Multiple Security Authentication Method
CN120200750B (en) Secure communication system and method for vehicle-mounted ad hoc networks based on NTRU lattice cryptography
Jasim et al. Secure and energy-efficient data aggregation method based on an access control model
CN111726346A (en) Data secure transmission method, device and system
Ying et al. Efficient authentication protocol for secure vehicular communications
Alimohammadi et al. Performance analysis of cryptography methods for secure message exchanging in VANET
Chuang et al. PPAS: A privacy preservation authentication scheme for vehicle-to-infrastructure communication networks
Nyangaresi et al. Message verification protocol based on bilinear pairings and elliptic curves for enhanced security in vehicular ad hoc networks
Otero-García et al. Onion Routing Key Distribution for QKDN
Raw et al. Security issues and solutions in Vehicular Ad hoc Network: A review approach
CN111245611B (en) Anti-quantum computation identity authentication method and system based on secret sharing and wearable equipment
CN119341729A (en) A certificateless proxy authentication method based on conditional privacy protection in vehicle-connected grid
Bianchi et al. DynamiQS: Quantum Secure Authentication for dynamic charging of electric vehicles
CN114826716B (en) Internet of vehicles condition privacy protection method based on certificate-free group signcryption
Sandou et al. Secured routing in VANETs using lightweight authentication and key agreement protocol
Al-Samhouri et al. Post-Quantum Cryptography for Wireless Sensor Network Using Key Agreement Super Singular on Hyperelliptic Curve

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20190709

RJ01 Rejection of invention patent application after publication