Privacy-preserving batch verification signature scheme based on blockchain for Vehicular Ad-Hoc Networks

https://doi.org/10.1016/j.jisa.2020.102698Get rights and content

Abstract

Along with the development of Internet of Things (IoT) technology and Vehicular Ad-Hoc Networks (VANETs), security and effectiveness of road utilization have also been greatly improved. Currently, many certificateless signature schemes have been proposed to improve the communication speed while protecting the communication contents and real identities of the vehicles. Among others, some schemes realize batch verification or aggregation of multiple signatures. However, they either incur high calculation costs or cannot execute the operation of batch verification successfully. In this paper, we propose an efficient and privacy-preserving certificateless public key signature scheme based on the blockchain. Firstly, our scheme provides support for batch verification and aggregation of the signatures, and has lower calculation cost compared with the previous ones. Secondly, our scheme adds two blockchains to the structure in order to protect the identity privacy of the vehicles. Utilizing the immutability and openness of the blockchain, all nodes in VANETs can verify whether the identity of the vehicle is legal. Therefore, the scheme can greatly reduce the risk of privacy disclosure, and the pseudo-identities can be generated by the vehicles themselves. Thirdly, our scheme can realize traceability of the vehicles, which means the real identities of the vehicles can be revealed if they commit an illegal behavior. The experimental results show that our scheme can greatly reduce the computational cost of the vehicles and provide the functions of batch verification and aggregation. Therefore, the proposed scheme can simultaneously improve security and efficiency of the signature schemes for VANETs.

Introduction

With the popularization of vehicles in modern city life, the development and use of intelligent transportation systems (ITS) have attracted more and more attention [1]. Wireless communication and Internet of Things (IoT) technology enables vehicles to communicate with the infrastructure on the roadside and other vehicles effectively and quickly. The network that supports the above communication, called VANET, is an important part of ITS. VANET can improve traffic efficiency and reduce the risk of traffic congestion and accidents because it allows important traffic driving information to be shared between vehicles. VANET is generally divided into two kinds of communication: vehicle to vehicle communication (V2V) and vehicle to infrastructure communication (V2I) [2].

VANET mainly works for effective management as well as direct traffic by exchanging security information. Since the security information is transmitted through wireless technology, VANET is vulnerable to resist some malicious attacks. So far, there have been a lot of works on message and identity authentication in VANETs, and they can be roughly classified into three categories: certificate-based cryptosystems, identity-based cryptosystems, and certificateless-based cryptosystems. In the schemes based on public key infrastructure (PKI), many certificates are used to manage the vehicle’s public keys by the certification authority (CA), which may be a heavy burden for computing power and storage capacity [3], [4]. To reduce the burden of such schemes, Shamir first introduced identity-based cryptography (IDC) in 1984 [5], [6]. In IDC, the public key does not require a certificate but it derives from the user’s personally identifiable information. IDC has also derived a new problem: the signature of the user can be forged by the private key generator (PKG) with the user’s private key, which is called the key escrow problem. For the integration of the advantages of these two methods, a certificateless scheme was proposed by Riyami and Paterson in 2003 [7]. Since then, many researchers have proposed a lot of certificateless-based signature schemes [8], [9], [10], [11], [12], [13], [14]. Many of these schemes are constructed by bilinear pairings and have the functions of batch verification or signature aggregation. These properties can reduce the verification time and improve the calculation efficiency significantly.

There are many signature schemes based on PKI and IDC in VANETs. Due to their own disadvantages, certificateless signature schemes have received widespread attention. In 2014, a new certificateless (CL) signature scheme was designed by Malip et al. [10]. In their scheme, three point multiplication operations are used to compute a signature, and four bilinear pairings are used for a verification. However, their scheme cannot verify the signatures in batches and does not realize identity anonymity and traceability. In 2015, a CL signature scheme with conditional privacy protection was designed by Horng et al. [12], which not only provides the batch verification and aggregation of signatures, but also guarantees the anonymity and traceability of the vehicles. However, the scheme requires high computational costs. That is, two point multiplications are needed to compute a signature, three bilinear pairings and one point multiplication are needed to perform verification. In 2019, Zhang et al. designed a scheme which can resist four kinds of signature forgery attacks in the standard model [15]. This scheme also achieves better performance, and only one point multiplication is used during the signature process. At the same time, only one bilinear pair operation and two point multiplications are used for a verification. However, the scheme cannot realize the functions of batch verification and aggregation of signatures, and it cannot provide the anonymity and traceability of the vehicles. Recently, a new CL signature scheme was proposed by Ali et al. [16]. The scheme only needs a point multiplication for computing a signature, and a bilinear pairing and a point multiplication for a verification. However, their scheme cannot provide the functions of batch verification and signature aggregation. Thus, we need to design a scheme which provides batch verification and signature aggregation in VANETs and guarantees the anonymity and traceability of the vehicle.

In practice, since VANETs consist of a large number of vehicles in high speed, the communication time of the vehicles must be reduced to achieve exchanging messages efficiently. As known, most of the certificateless signature schemes are constructed by using bilinear pairings on elliptic curves, and the computational costs of bilinear pairings are very high. Therefore, the number of the bilinear pairings must be reduced if the communication delay needs to be shortened.

In this paper, we propose an efficient certificateless signaturescheme based on the blockchain. Firstly, our scheme verifies a single signature by using only two bilinear pairing operations. Compared with the previous ones, our scheme greatly reduces the computational cost. Our scheme also supports the batch verification and aggregation of signatures, which can significantly speed up the verification process and reduce the verification time. Secondly, our scheme uses two Merkle Tree structures to store and revoke the vehicles’ pseudo-identities. Thus, the proposed scheme can protect the privacy of the vehicles, and update the inherent structure and the storage method of the vehicle network. Moreover, the vehicle can generate the pseudo-identities itself without the participation of a trusted third party. This not only improves the performance but also reduces the dangers of privacy leakage of the vehicles due to the use of the untrusted third party. Finally, our scheme ensures the traceability of identities in order to prevent illegal behaviors of vehicles. In addition, our scheme provides strict security proof and shows its security against different types of attacks. In detail, the scheme is provably secure under the random oracle model based on the difficulty of solving the Computational Diffie-Hellman (CDH) problem.

Section snippets

Preliminaries

This section mainly introduces the notions of the blockchain and bilinear pairing, VANETs models and security requirements of the scheme.

System model and definitions

In this section, we review some definitions and the system model introduced in this paper.

The proposed signature scheme

In this section, we will introduce our batch verification signature scheme based on blockchain for VANETs and its aggregation functions.

Security analysis

This section first proves the security of our scheme in the random oracle model, and then compares its efficiency with those of the previous ones.

Performance analysis

This section experimentally compares the computational cost of our scheme with those of the previous ones for VAN ETs. We separately use Tbp,Tsm,Tpa to represent the implementation time of a bilinear pairing, a scalar multiplication and a point addition in G1.

In order to efficiently perform operations in cryptography, we use a JPBC library in JAVA. The hardware environment is as follows: Intel i5-8250 1.80 GHz computer, 8 GB of memory and running Windows 10 operating system. Using bilinear

Conclusion

This paper proposes an efficient certificateless signature scheme based on the blockchain and provides privacy-preserving authentication to communicate in VANETs. Our scheme reduces the use of bilinear pairings, and the computational cost of message signature verification on the RSU is decreased. Besides, batch verification and aggregation of the signature are also supported by our proposed scheme, which can significantly improve the communication efficiency in VANETs.

In the future, the

Declaration of Competing Interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Acknowledgments

The work described in this paper was supported by the National Natural Science Foundation of China (Grant No. U1736120, U1636206, 61525203), Natural Science Foundation of Shanghai, China (20ZR1419700), and National Key R&D Program of China (2020YFC1523004).

References (20)

There are more references available in the full text version of this article.

Cited by (25)

  • Security of Vehicular Ad Hoc Networks using blockchain: A comprehensive review

    2022, Vehicular Communications
    Citation Excerpt :

    By completing a two-stage validation, these learnt models are coupled with blockchain to assure the reliability of shared data. Ren et al. [115] presented a privacy-preserving public key signing technique based on blockchain. This approach is used for batch signature verification and aggregation with the least amount of computing time.

View all citing articles on Scopus
View full text