Authors: Chao Lin, Debiao He, Xinyi Huang, ​Neeraj Kumar, and Kim-Kwang Raymond Choo
Title: BCPPA: A Blockchain-Based Conditional Privacy-Preserving Authentication Protocol for Vehicular Ad Hoc Networks
Journal: IEEE Transactions on Intelligent Transportation Systems
Abstract: While Vehicular Ad-hoc Networks (VANETs) can potentially improve driver safety and traffic management efficiency (e.g. through timely sharing of traffic status among vehicles), security and privacy are two ongoing issues that need to be addressed. Hence, security solutions such as conditional privacy-preserving authentication (CPPA) protocols have been proposed. However, CPPA protocols are generally far from being ready for deployment in VANETs, for example due key/certificate management limitations in PKI-based protocols or intractable private key updating in ID-based protocols. Although several blockchain-based CPPA (BCPPA) protocols have been proposed to mitigate these challenges, there still exist some intractabilities such as revoking private key, or frequent interactions, or requiring an idea hardware. Thus, in this paper, we are motivated to propose a novel BCPPA protocol without these existing issues. Specifically, we present a PKI-based solution (using a typical digital signature protocol, such as ECDSA) based on Ethereum (a public blockchain), which is designed to facilitate secure communication in VANETs. In other words, we combine the blockchain technology and a key derivation algorithm to realize an effective certificate management. This reduces the need for participating vehicles to store a large number of private keys. To reduce the verification time cost, our BCPPA supports replacing ECDSA with modified ECDSA for batch verification or directly adopting other PKI-based signatures with batch verification. In addition to introducing the concrete design, we also present the security requirements that our BCPPA protocol can satisfy. We then implement BCPPA in the Ethereum test network (i.e. Rinkeby) and provide simulations using VanetMobiSim and NS-2 to show its feasibility (i.e. milliseconds).  

摘要：车载网通过实时共享交通状态可以改善通行安全和交通管理效率，但也面临安全和隐私泄露问题。现有基于区块链的条件匿名认证协议（BCPPA）可以缓解现有CPPA协议面临的PKI体系下密钥或证书管理代价高、身份基体系下难以支持密钥更新等不足，但也仍面临密钥撤销、频繁交互、理想硬件等局限性。本文面向车载网场景利用以太坊公有链设计PKI体系下的基于区块链匿名认证协议，主要采用区块链技术、ECDSA算法和密钥派生算法进行实现，可以避免参与车辆预先存储大量的私钥，同时支持批量验证的ECDSA来进一步降低验证耗时。通过安全性分析、以太坊测试链网络仿真测试以及利用VanetMobiSim和NS-2的性能评估论证方案的可行性。