CN112291186A - Internet of vehicles privacy protection method and system - Google Patents
Internet of vehicles privacy protection method and system Download PDFInfo
- Publication number
- CN112291186A CN112291186A CN201910679175.2A CN201910679175A CN112291186A CN 112291186 A CN112291186 A CN 112291186A CN 201910679175 A CN201910679175 A CN 201910679175A CN 112291186 A CN112291186 A CN 112291186A
- Authority
- CN
- China
- Prior art keywords
- vehicle
- pseudonym
- vehicles
- group
- identity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 25
- 238000012795 verification Methods 0.000 claims abstract description 27
- 230000006855 networking Effects 0.000 claims abstract description 16
- 230000003213 activating effect Effects 0.000 claims abstract description 12
- 230000004913 activation Effects 0.000 claims description 11
- 235000016496 Panda oleosa Nutrition 0.000 claims description 8
- 240000000220 Panda oleosa Species 0.000 claims description 8
- 230000000977 initiatory effect Effects 0.000 claims description 5
- 238000005516 engineering process Methods 0.000 abstract description 5
- 230000008569 process Effects 0.000 description 6
- 230000008859 change Effects 0.000 description 4
- 230000006854 communication Effects 0.000 description 4
- 230000004044 response Effects 0.000 description 4
- 238000004891 communication Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 238000012938 design process Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/16—Arrangements for providing special services to substations
- H04L12/18—Arrangements for providing special services to substations for broadcast or conference, e.g. multicast
- H04L12/185—Arrangements for providing special services to substations for broadcast or conference, e.g. multicast with management of multicast group membership
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
- H04L63/0421—Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/141—Setup of application sessions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/143—Termination or inactivation of sessions, e.g. event-controlled end of session
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention relates to the technical field of Internet of vehicles, in particular to a method and a system for protecting privacy of the Internet of vehicles. The car networking protection technology comprises the following steps: collecting vehicle data information, generating a pseudonym and a secret key and distributing the pseudonym and the secret key to vehicles; creating a group comprising a plurality of intersection extension areas and enabling vehicles which acquire the pseudonymphs and the secret keys to join the group; distributing temporary group identities to the vehicles which join the group, and exchanging the pseudonyms of the vehicles with other vehicles through the temporary group identities; and activating the current pseudonym of the vehicle after the pseudonym exchange is carried out so as to disconnect the link between the two vehicles after the pseudonym exchange. The car networking protection system comprises a registration module, a verification module and an encryption module. The method and the device prevent other people from stealing the privacy of the vehicle and prevent other people from restoring the motion track of the vehicle, thereby protecting the privacy of the vehicle and preventing the disclosure.
Description
Technical Field
The invention relates to the technical field of Internet of vehicles, in particular to a method and a system for protecting privacy of the Internet of vehicles.
Background
With the rapid development of cloud computing and social networks, the technology of internet of vehicles is developed. Generally, vehicles running on roads often need to use different positioning technologies, such as GPS positioning, WiFi access positioning, mobile phone positioning, and the like, to provide personalized location-based services for users, such as travel services, car navigation, location-aware advertisements, store service inquiries, hotel searches, hotel reservations, and the like. These services also reveal the privacy of the user's location while providing countless conveniences to the user's life.
In the existing market, in order to ensure the driving safety of the vehicle, the vehicle broadcasts own traffic heartbeat information every 300ms, wherein the heartbeat information comprises the speed, the direction, the position, the steering and the like of the vehicle. Since the positions of the two heartbeat broadcasts of the vehicle are generally only a few meters apart, it is easy for an attacker to correlate the heartbeat broadcasts of the same vehicle, so as to restore the motion track of the vehicle or track a specific vehicle.
Disclosure of Invention
In view of the above-mentioned shortcomings of the current car networking privacy protection, the invention provides a car networking privacy protection method and system, which can exchange the pseudonyms of the running vehicles and encrypt the dynamically-replaced pseudonym exchange process, thereby preventing the privacy of the vehicles from being leaked and preventing an attacker from restoring the motion track of the vehicles or tracking a specific vehicle.
In order to achieve the above purpose, the embodiment of the invention adopts the following technical scheme:
in a first aspect, the invention provides a car networking protection method, and the car networking protection technology comprises the following steps: collecting vehicle data information, generating a pseudonym and a secret key and distributing the pseudonym and the secret key to vehicles; creating a group comprising a plurality of intersection extension areas and enabling vehicles obtaining pseudonymphs and secret keys to join the group; distributing temporary group identities to the vehicles which join the group, and exchanging the pseudonyms of the vehicles with other vehicles through the temporary group identities; and activating the current pseudonym of the vehicle after the pseudonym exchange is carried out so as to disconnect the link between the two vehicles after the pseudonym exchange.
According to one aspect of the invention, the specific steps of collecting vehicle data information, generating a key and distributing the key to the vehicle comprise: collecting the legal identity and the certificate of the vehicle and storing the legal identity and the certificate; generating a pseudonym and a secret key corresponding to the pseudonym; the pseudonym and the key corresponding to the pseudonym are distributed to the vehicle.
According to one aspect of the present invention, the step of joining the vehicle to the group by obtaining the pseudonym and the key comprises: the vehicle which obtains the pseudonym and the secret key initiates a group entry application; the identity of the vehicle is verified, and if the verification is successful, the vehicle is added into the group; if the verification fails, returning to the group application.
According to one aspect of the invention, the specific steps of verifying the identity of the vehicle include: calling vehicle data information; comparing the vehicle information of the vehicle initiating the group entering application with the vehicle data information, and if the comparison is successful, joining the group; if the comparison fails, returning to the group entry application.
According to one aspect of the invention, the specific steps of pseudonym exchange include: the vehicle initiates a pseudonymous name exchange request through the temporary group entering identity; verifying the vehicle information of the vehicle initiating the pseudonymous name exchange request, and encrypting the pseudonymous name exchange request if the vehicle information is successfully verified; returning the pseudonym exchange request if the verification fails; the other vehicle receives the encrypted pseudonym exchange request, decrypts the pseudonym exchange request and responds the pseudonym exchange request through the temporary group entry identity.
According to one aspect of the invention, the specific steps of encrypting the pseudonym exchange request include: converting the pseudonym exchange request into a ciphertext through a session key of the symmetric password; the session key is encrypted by public key cryptography.
According to one aspect of the present invention, the step of responding to the pseudonym exchange request via the temporary group entry identity comprises: if the other vehicle agrees to the pseudonym exchange request, the two vehicles establish a link and exchange pseudonyms by responding to an agreement signal through the temporary group entering identity; if the other vehicle does not agree with the request for exchanging the pseudonyms, the temporary group identity response rejection signal is used, the two vehicles do not establish the link, and the pseudonyms of the two vehicles are not exchanged.
According to one aspect of the invention, the specific step of activating the current pseudonym of the vehicle after the pseudonym interchange to disconnect the link between the two vehicles with the pseudonym interchange comprises: the vehicle initiates a pseudonymous name activation request; the two vehicles interchanging the pseudonym activate the pseudonym and disconnect the link.
In a second aspect, the present invention provides a car networking protection system, which includes a registration module, a verification module and an encryption module, wherein: the registration module is used for collecting vehicle data information, generating a pseudonym and a secret key, distributing the pseudonym and the secret key to vehicles, creating a group, distributing temporary group-entering identities to the vehicles after the vehicles enter the group, and activating the pseudonym; the verification module is used for verifying the vehicle information so as to verify whether the vehicle can join the group and verify whether the vehicle can carry out the pseudonym exchange; the encryption module encrypts the pseudonym of the vehicle qualified in vehicle information verification so as to prevent the vehicle information from being leaked.
According to one aspect of the present invention, the registration module includes an information acquisition unit, a storage unit, a key generation unit, a group creation unit, a temporary identity generation unit, and an activation unit, wherein: the information acquisition unit is used for acquiring the legal identity and the certificate of the vehicle and transmitting the legal identity and the certificate to the storage unit; the storage unit is used for storing the legal identity and the proof certificate of the vehicle, which are acquired by the information unit; the secret key generating unit generates a pseudonym and a secret key corresponding to the pseudonym according to the legal identity of the vehicle and the certification certificate and distributes the pseudonym and the secret key to the vehicle; a group creating unit creates a group; the temporary identity generating unit generates a temporary group and distributes the temporary group to vehicles joining the group; the activation unit is used for activating the pseudonym of the vehicle.
According to one aspect of the invention, the verification module comprises a first comparison unit and a second comparison unit, wherein: the first comparison unit is used for comparing the vehicle information applied for entering the group with the vehicle data information so as to judge whether the vehicle can join the group or not; the second comparison unit is used for comparing the vehicle information of the vehicle which raises the kana exchange request with the vehicle data information, thereby judging whether the vehicle can exchange the kana.
The implementation of the invention has the advantages that: the vehicle is provided with identifiability by generating a special secret key for the vehicle, and the subsequent protection of the secret key is facilitated; the group is created, and the temporary group identity is distributed to the vehicles, so that the vehicles can conveniently change the pseudonyms through the temporary group identity, the secret key is protected, and privacy disclosure is avoided; when the vehicle is linked, the vehicle is subjected to pseudonym exchange so that the pseudonym of the vehicle is in dynamic change, and the pseudonym exchange process is encrypted, so that the vehicle privacy is further prevented from being stolen by others, the vehicle motion track is prevented from being restored by others, and the vehicle privacy is protected and the vehicle leakage is prevented.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to these drawings without creative efforts.
Fig. 1 is a flowchart of a method for protecting privacy of a vehicle networking according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of a car networking privacy protection system according to an embodiment of the present invention.
Wherein the reference numerals are as follows:
1. a registration module; 2. a verification module; 3. and an encryption module.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In order to solve the problem that the privacy of the vehicle in the Internet of vehicles is easy to leak, the privacy protection method and the privacy protection system for the Internet of vehicles are provided, dynamic pseudonym exchange can be carried out on the running vehicle, and the dynamically changed pseudonym exchange process is encrypted, so that the privacy of the vehicle is prevented from being leaked, and an attacker is prevented from restoring the motion track of the vehicle or tracking a specific vehicle. The following describes a car networking privacy protection method and system with reference to fig. 1-2.
As shown in fig. 1, fig. 1 is a flowchart of a method for protecting privacy of a car networking according to an embodiment of the present invention, where the car networking protection technology includes the following steps:
step S1: and collecting vehicle data information, generating a pseudonym and a secret key and distributing the pseudonym and the secret key to the vehicle.
In this embodiment, the specific steps of collecting vehicle data information, generating a key, and distributing the key to a vehicle include: collecting the legal identity and the certificate of the vehicle and storing the legal identity and the certificate; generating a pseudonym and a secret key corresponding to the pseudonym; the pseudonym and a key corresponding to the pseudonym are distributed to the vehicle. In the application, the secret key comprises a public key, a private key and a certificate, in order to guarantee the safety of a ciphertext in the communication process, the public key is disclosed to the outside, and the private key is held by a vehicle user.
Step S2: a group containing a plurality of intersection extension areas is created and vehicles obtaining pseudonymphs and keys are allowed to join the group.
In a specific implementation manner, the specific step of joining the vehicle that acquires the pseudonym and the secret key to the group includes: the vehicle after obtaining the secret key initiates a group entering application; the identity of the vehicle is verified, and if the verification is successful, the vehicle is added into the group; if the verification fails, returning to the group application.
More specifically, the specific steps of verifying the identity of the vehicle include: calling vehicle data information; comparing the vehicle information of the vehicle initiating the group entering application with the vehicle data information, and if the comparison is successful, joining the group; if the comparison fails, returning the application. Typically, after the vehicle is returned to the group application, the key is retrieved and the vehicle is again referred to the group application.
Step S3: and distributing the temporary group identity to the vehicles joining the group, and exchanging the pseudonyms of the vehicles with other vehicles through the temporary group identity.
In the actual design process, after the vehicles join the group, the pseudonyms can be continuously exchanged with other encountered vehicles in the area covered by the group, and the vehicles in the same group can directly exchange the pseudonyms, so that the uncertainty of the current pseudonyms of the vehicles after the pseudonyms are exchanged is increased, the privacy protection level of the vehicle positions is improved, and the pseudonym exchange rate is accelerated.
In the present application, the temporary intra-group identity is a communication method of a pseudonymous exchange request, that is, a communication for transmission and response of a vehicle to the pseudonymous exchange request.
In this embodiment, the pseudonym exchange specifically includes: the vehicle initiates a pseudonymous name exchange request through the temporary group entering identity; verifying the vehicle information of the vehicle initiating the pseudonymous name exchange request, and encrypting the pseudonymous name exchange request if the vehicle information is successfully verified; returning the pseudonym exchange request if the verification fails; the other vehicle receives the encrypted pseudonym exchange request, decrypts the pseudonym exchange request and responds the pseudonym exchange request through the temporary group entry identity. More specifically, if the other vehicle agrees to the request for exchanging the pseudonyms, the two vehicles establish a link and exchange the pseudonyms by responding to the agreement signal with the temporary group entry identity; if the other vehicle does not agree with the request for exchanging the pseudonyms, the temporary group identity response rejection signal is used, the two vehicles do not establish the link, and the pseudonyms of the two vehicles are not exchanged.
In a possible implementation manner, the specific steps of encrypting include: converting the pseudonym exchange request into a ciphertext through a session key of a symmetric password; the session key is encrypted by public key cryptography. In the actual operation process, a vehicle lifting a pseudonym exchange request sends the pseudonym exchange request through a public key in a secret key of the vehicle, a session secret key of a symmetric cipher encrypts the pseudonym exchange request to convert the pseudonym exchange request into a ciphertext, the public key cipher encrypts the session secret key, and after another vehicle receives the encrypted pseudonym exchange request, the received pseudonym exchange request is decrypted through a private key of the vehicle.
Step S4: and activating the current pseudonym of the vehicle after the pseudonym exchange is carried out so as to disconnect the link between the two vehicles after the pseudonym exchange.
In this embodiment, since the vehicle may need to leave the hybrid area, or the vehicle does not leave the hybrid area, but needs to be disconnected from other vehicles, the current pseudonym of the vehicle after the pseudonymization exchange needs to be activated to disconnect the link between the two vehicles with the pseudonymization exchange. Specifically, when the vehicle passes through the boundary of the vehicle mixing area, the vehicle receives the broadcast information and initiates a pseudonymous name activation request due to real-time broadcasting of the boundary of the mixing area; alternatively, the vehicle directly initiates a pseudonym activation request, the pseudonyms of two vehicles exchanging the pseudonym are activated, and the two vehicles are disconnected.
In summary, in the embodiment of the present invention, the vehicle is first distributed with the key, so that the vehicle has identifiability, and the subsequent protection of the key is facilitated; the group is created, and the temporary group identity is distributed to the vehicles, so that the vehicles can conveniently change the pseudonyms through the temporary group identity, the secret key is protected, and privacy disclosure is avoided; when the vehicle is linked, the vehicle is subjected to pseudonym exchange so that the pseudonym of the vehicle is in dynamic change, and the pseudonym exchange process is encrypted, so that the vehicle privacy is further prevented from being stolen by others, the vehicle motion track is prevented from being restored by others, and the vehicle privacy is protected and the vehicle leakage is prevented.
As shown in fig. 2, fig. 2 is a schematic structural diagram of a car networking protection system according to an embodiment of the present invention, where the car networking protection system includes a registration module 1, a verification module 2, and an encryption module 3, where: the registration module 1 is used for collecting vehicle data information, generating a pseudonym and a secret key, distributing the pseudonym and the secret key to vehicles, creating a group, distributing temporary group-entering identities to the vehicles after the vehicles enter the group, and activating the pseudonym; the verification module 2 is used for verifying the vehicle information to verify whether the vehicle can join the group and verify whether the vehicle can carry out the pseudonym exchange; the encryption module 3 encrypts the pseudonym of the vehicle qualified in the vehicle information verification to prevent the vehicle information from being leaked.
In the actual operation process, firstly, the registration module 1 collects vehicle data information, generates a secret key and distributes the secret key to vehicles, then a group is created, the vehicles receive the secret key and then initiate a group entering application, the verification module 2 receives the group entering application and verifies the vehicle information of the vehicles, namely the vehicle information of the vehicles is compared with the vehicle data information collected by the registration module 1, and if the comparison is successful, the vehicles are added into the group; if the comparison fails, the application is returned, and the vehicle returned to the group application acquires the secret key again through the registration module 1.
Secondly, after the vehicles successfully join the group, the registration module 1 distributes a temporary group entering identity to the vehicles, the vehicles initiate a pseudonymous name exchange request through the temporary group entering identity, the verification module 2 verifies the vehicle information of the vehicles which raise the pseudonymous name exchange request, namely the vehicle information of the vehicles is compared with the vehicle data information collected by the registration module 1, and if the comparison is successful, the encryption module 3 encrypts the pseudonymous name exchange request; if the comparison fails, the pseudonym exchange request is returned.
Finally, the encryption module 3 sends the encrypted pseudonym exchange request to another vehicle, the other vehicle receives the pseudonym exchange request, decrypts the pseudonym exchange request, and responds to the pseudonym exchange request through the temporary group entry identity, and further, if the vehicle agrees to exchange pseudonyms, responds to an agreement signal, and the two vehicles establish a link and exchange pseudonyms; otherwise, in response to the disagreement signal, the two vehicles do not establish a link and do not exchange pseudonyms.
Further, when the vehicle needs to leave the hybrid area, or the vehicle does not leave the hybrid area but needs to be disconnected from other vehicles, the current pseudonym of the vehicle subjected to the pseudonym interchange is activated to disconnect the link between the two vehicles subjected to the pseudonym interchange. Specifically, since the mixed region boundary is broadcast in real time, when the vehicle travels through the vehicle mixed region boundary, the vehicle receives the broadcast information and initiates a pseudonymization request; alternatively, the vehicle directly initiates a pseudonym activation request, the pseudonyms of two vehicles exchanging the pseudonym are activated, and the two vehicles are disconnected.
In this embodiment, the registration module 1 includes an information acquisition unit, a storage unit, a key generation unit, a group creation unit, a temporary identity generation unit, and an activation unit, where: the information acquisition unit is used for acquiring vehicle data information, namely acquiring the legal identity and the proof certificate of the vehicle and transmitting the acquired legal identity and the proof certificate of the vehicle to the storage unit; the storage unit is used for storing the vehicle data information acquired by the information acquisition unit, and further, the information acquisition unit acquires the legal identity and the certificate of the vehicle and then sends the legal identity and the certificate to the registration list for storage; the secret key generating unit generates a pseudonym and a secret key corresponding to the pseudonym according to the legal identity of the vehicle and the certification certificate and distributes the pseudonym and the secret key to the vehicle; a group creating unit creates a group; the temporary identity generating unit generates a temporary group entering identity and distributes the temporary group entering identity to vehicles joining the group; the activation unit is used for activating the pseudonym of the vehicle. In the present application, the key generation unit may employ a password generator.
In order to verify the group entering application of the vehicle and the kana exchanging request of the vehicle, the verification module 2 comprises a first comparison unit and a second comparison unit, wherein the first comparison unit is used for comparing the vehicle information applied to the group entering with the vehicle data information stored in the storage unit so as to judge whether the vehicle can join the group, and the second comparison unit is used for comparing the vehicle information of the vehicle for lifting the kana exchanging request with the vehicle data information stored in the storage unit so as to judge whether the vehicle can exchange the kana, and if the vehicle is successfully verified, the kana exchanging request is sent to the encryption module for encryption; and if the verification fails, returning the pseudonym exchange request, thereby further ensuring the security of pseudonym exchange and avoiding privacy disclosure.
In this application, the encryption module includes a symmetric cryptographic unit and a public key cryptographic unit, the symmetric cryptographic unit encrypts the pseudonym exchange request verified by the second comparison unit through a session key thereof, and the public key cryptographic unit encrypts the session key.
In summary, the embodiment of the present invention provides, through setting the registration module, convenience for distributing a pseudonym and a secret key corresponding to the pseudonym to the vehicle, so as to facilitate protecting the secret key; then, a group is established through a registration module so that vehicles can be located in the same group and pseudonyms can be directly exchanged; in addition, the vehicle group application and the pseudonym exchange request are verified through the verification module, so that the vehicle is prevented from establishing a link with other vehicles which are not subjected to identity verification, and information leakage is prevented; the pseudonym exchange request in the communication process is encrypted through the encryption module so as to further protect the vehicle information of the vehicle and prevent leakage or tracking and restoring by others.
The above description is only an embodiment of the present invention, but the scope of the present invention is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present invention disclosed herein are intended to be covered by the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the appended claims.
Claims (10)
1. The Internet of vehicles protection method is characterized by comprising the following steps:
collecting vehicle data information, generating a pseudonym and a secret key and distributing the pseudonym and the secret key to vehicles;
creating a group comprising a plurality of intersection extension areas and enabling vehicles which acquire the pseudonymphs and the secret keys to join the group;
distributing a temporary group identity to the vehicles joining the group, and exchanging the pseudonyms of the vehicles with other vehicles through the temporary group identity;
and activating the current pseudonym of the vehicle after the pseudonym exchange is carried out so as to disconnect the link between the two vehicles after the pseudonym exchange.
2. The internet of vehicles protection method according to claim 1, wherein the specific steps of collecting vehicle data information, generating a key and distributing the key to the vehicle comprise:
collecting the legal identity and the certificate of the vehicle and storing the legal identity and the certificate;
generating a pseudonym and a secret key corresponding to the pseudonym;
and distributing the pseudonym and the secret key corresponding to the pseudonym to the vehicle.
3. The internet of vehicles protection method according to claim 1, wherein the step of joining the vehicle that obtained the pseudonym and the key to the group comprises:
the vehicle which acquires the pseudonym and the secret key initiates a group entry application;
the identity of the vehicle is verified, and if the identity of the vehicle is successfully verified, the vehicle is added into the group; if the verification fails, returning to the group application.
4. The Internet of vehicles protection method according to claim 1, wherein the specific steps of pseudonym exchange include:
the vehicle initiates a pseudonymous name exchange request through the temporary group entering identity;
verifying the vehicle information of the vehicle initiating the pseudonymous name exchange request, and encrypting the pseudonymous name exchange request if the vehicle information is successfully verified; returning the pseudonym exchange request if the verification fails;
and the other vehicle receives the encrypted pseudonym exchange request, decrypts the pseudonym exchange request and responds the pseudonym exchange request through the temporary group entry identity.
5. The Internet of vehicles protection method according to claim 4, wherein the specific step of encrypting the pseudonymous exchange request comprises:
converting the pseudonym exchange request into a ciphertext through a session key of a symmetric password;
the session key is encrypted by public key cryptography.
6. The Internet of vehicles protection method of claim 4, wherein the step of responding to the pseudonymous name exchange request via the temporary swarm identity comprises:
if the other vehicle agrees to the pseudonymous name exchange request, the two vehicles establish a link and exchange pseudonymous names by responding to an agreement signal through the temporary group entry identity;
and if the other vehicle does not agree with the pseudonym exchange request, responding to a rejection signal through the temporary group entry identity, wherein the two vehicles do not establish a link and do not exchange pseudonyms of the two vehicles.
7. The internet of vehicles protection method of claim 1, wherein the specific step of activating the current pseudonym of the vehicle after the pseudonym interchange to disconnect the link between two vehicles with pseudonym interchange comprises:
the vehicle initiates a pseudonymous name activation request;
the vehicles interchanging the kana activate their current kana and disconnect the link between the two vehicles, respectively.
8. The utility model provides a car networking protection system, its characterized in that car networking protection system includes registration module, verification module and encryption module, wherein:
the registration module is used for collecting vehicle data information, generating a pseudonym and a secret key, distributing the pseudonym and the secret key to vehicles, creating a group, distributing temporary group-entering identities to the vehicles after the vehicles enter the group, and activating the pseudonym;
the verification module is used for verifying vehicle information so as to verify whether the vehicle can join the group and verify whether the vehicle can carry out pseudonym exchange;
the encryption module encrypts the pseudonym of the vehicle qualified in vehicle information verification so as to prevent the vehicle information from being leaked.
9. The internet of vehicles protection system of claim 8, wherein the registration module includes an information acquisition unit, a storage unit, a key generation unit, a group creation unit, a temporary identity generation unit, and an activation unit, wherein:
the information acquisition unit is used for acquiring the legal identity and the certificate of the vehicle and transmitting the legal identity and the certificate to the storage unit;
the storage unit is used for storing the legal identity and the proof certificate of the vehicle acquired by the information unit;
the secret key generating unit generates a pseudonym and a secret key corresponding to the pseudonym according to the legal identity and the proof certificate of the vehicle and distributes the pseudonym and the secret key to the vehicle;
the group creating unit creates a group;
the temporary identity generating unit generates a temporary group entering identity and distributes the temporary group entering identity to vehicles joining the group;
the activation unit is used for activating the pseudonym of the vehicle.
10. The internet of vehicles protection system of claim 8, wherein the verification module comprises a first comparison unit and a second comparison unit, wherein:
the first comparison unit is used for comparing the vehicle information applied for entering the group with the vehicle data information so as to judge whether the vehicle can join the group or not;
the second comparison unit is used for comparing the vehicle information of the vehicle which raises the pseudonym exchange request with the vehicle data information, so as to judge whether the vehicle can exchange the pseudonym.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910679175.2A CN112291186A (en) | 2019-07-25 | 2019-07-25 | Internet of vehicles privacy protection method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910679175.2A CN112291186A (en) | 2019-07-25 | 2019-07-25 | Internet of vehicles privacy protection method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112291186A true CN112291186A (en) | 2021-01-29 |
Family
ID=74419575
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910679175.2A Pending CN112291186A (en) | 2019-07-25 | 2019-07-25 | Internet of vehicles privacy protection method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112291186A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115002157A (en) * | 2022-06-01 | 2022-09-02 | 中国银行股份有限公司 | A vehicle pseudonym conversion method and device, electronic device, and storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106572088A (en) * | 2016-10-20 | 2017-04-19 | 河南工业大学 | Vehicle-mounted self-organizing network pseudonym conversion method based on virtual user |
| CN108282757A (en) * | 2018-01-24 | 2018-07-13 | 电子科技大学 | VANET method for secret protection under a kind of mobile cloud service |
| CN109561383A (en) * | 2018-12-17 | 2019-04-02 | 昆明理工大学 | A kind of location privacy protection method based on dynamic assumed name exchange area |
| CN109788482A (en) * | 2019-02-26 | 2019-05-21 | 武汉大学 | A method and system for anonymous authentication of messages between vehicles in a car networking environment |
| CN109922475A (en) * | 2019-04-19 | 2019-06-21 | 郑州轻工业学院 | Vehicle authentication and message verification method under In-vehicle networking environment |
| CN113242222A (en) * | 2021-04-30 | 2021-08-10 | 桂林电子科技大学 | Vehicle path planning method with privacy protection |
-
2019
- 2019-07-25 CN CN201910679175.2A patent/CN112291186A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106572088A (en) * | 2016-10-20 | 2017-04-19 | 河南工业大学 | Vehicle-mounted self-organizing network pseudonym conversion method based on virtual user |
| CN108282757A (en) * | 2018-01-24 | 2018-07-13 | 电子科技大学 | VANET method for secret protection under a kind of mobile cloud service |
| CN109561383A (en) * | 2018-12-17 | 2019-04-02 | 昆明理工大学 | A kind of location privacy protection method based on dynamic assumed name exchange area |
| CN109788482A (en) * | 2019-02-26 | 2019-05-21 | 武汉大学 | A method and system for anonymous authentication of messages between vehicles in a car networking environment |
| CN109922475A (en) * | 2019-04-19 | 2019-06-21 | 郑州轻工业学院 | Vehicle authentication and message verification method under In-vehicle networking environment |
| CN113242222A (en) * | 2021-04-30 | 2021-08-10 | 桂林电子科技大学 | Vehicle path planning method with privacy protection |
Non-Patent Citations (3)
| Title |
|---|
| 刘宴兵: "《车联网认证机制和信任模型》", 《北京邮电大学学报》 * |
| 张彬: "《VANET中基于动态生成组的位置隐私保护方案》", 《计算机应用研究》 * |
| 聂大成: "《车联网终端安全防护技术研究》", 《通信技术》 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115002157A (en) * | 2022-06-01 | 2022-09-02 | 中国银行股份有限公司 | A vehicle pseudonym conversion method and device, electronic device, and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11258598B2 (en) | Smartphones based vehicle access | |
| US7023995B2 (en) | Secure location-based services system and method | |
| CN111355745B (en) | Cross-domain identity authentication method based on edge computing network architecture | |
| EP2037621B1 (en) | Method and device for deriving local interface key | |
| Förster et al. | PUCA: A pseudonym scheme with strong privacy guarantees for vehicular ad-hoc networks | |
| CN103037306B (en) | Privacy protection method based on location service in scene of Internet of Things (IOT) | |
| CN100589381C (en) | A method for keeping user identity secret in communication system | |
| JP2001320760A (en) | Method for provide position data about mobile terminal | |
| CN107181742A (en) | A kind of shared bicycle electronic lock system and its method for unlocking | |
| US20100205435A1 (en) | Method for implementing location based services, method for broadcasting geographic location information of base station, and device thereof | |
| JP2002540748A (en) | Compliance with legal requirements for mobile devices | |
| CN101540669A (en) | Method for distributing keys and protecting information for wireless mobile communication network | |
| CN107493165B (en) | Internet of vehicles authentication and key agreement method with strong anonymity | |
| JP2012227672A (en) | Inter-vehicle/road-to-vehicle communication system | |
| US11588622B2 (en) | Securing outside-vehicle communication using IBC | |
| CN111698263A (en) | Beidou satellite navigation data transmission method and system | |
| Chen et al. | Provably secure authentication scheme for fog computing-enabled intelligent social internet of vehicles | |
| CN108933665A (en) | Lightweight V2I group communications identities indentification protocol applies the method in VANETs | |
| Grecas et al. | Introduction of the asymmetric cryptography in GSM, GPRS, UMTS, and its public key infrastructure integration | |
| Huang et al. | Secure pervasive social communications based on trust in a distributed way | |
| CN112291186A (en) | Internet of vehicles privacy protection method and system | |
| CN112804659B (en) | Internet of vehicles safety communication method | |
| CN113316139A (en) | Wireless network access method and wireless access point | |
| CN101483469A (en) | Satellite network safe routing implementing method based on mobile proxy | |
| CN101388801B (en) | Lawful interception method, system and server |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210129 |
|
| RJ01 | Rejection of invention patent application after publication |