车载自组织网络中一种同时更改伪码算法

在车载自组织网络中,频繁更改伪码是一种被广泛接受的保护隐私方法。针对目前大部分更改伪码算法的有效性较低的问题,提出了一种有效的同时更改伪码算法。该算法通过在车辆周期性广播的信息中插入一个等待标识比特来提高车辆同时更改伪码的概率,从而提高更改伪码的成功率。模拟结果表明,该算法能够显著提高更改伪码的成功率,从而提高更改伪码的有效性,增强车辆的隐私保护。     

TAPCS: Traffic-aware pseudonym changing strategy for VANETs

Location privacy is one of the main challenges in Vehicular Ad-hoc Networks (VANETs), since weak protection may hinder the public acceptance of this technology. Frequently changing pseudonyms are commonly accepted as a solution to protect the location privacy in VANETs. However, a simple pseudonym change is not enough to provide the required protection. Although many pseudonym changing strategies have been proposed to enhance the location privacy protection provided by this approach, the development of an effective strategy is not yet achieved. In this paper, we propose a new pseudonym changing strategy called Traffic-Aware Pseudonym Changing Strategy (TAPCS). The aim of this strategy is to provide an effective location privacy protection against the different types of pseudonyms linking attacks that can be performed by a strong passive adversary model. TAPCS is a distributed pseudonym changing strategy and is one of the strategies that use the radio silence technique. Unlike the existing distributed pseudonym changing strategies that use this technique, TAPCS aims to provide a high level of location privacy protection without impacting the safety in the VANETs. The analytical evaluation and simulation results demonstrate the effectiveness of the proposed strategy.     

Restricted usage of anonymous credentials in vehicular ad hoc networks for misbehavior detection

The automobile industry is entering a new era of digitalization with major impact on human mobility and transportation infrastructures. A result of such a convergence between the automobile and information technologies is vehicular ad hoc network (VANET), a type of mobile ad hoc networks that has recently enjoyed a lot of attention from the industry, the research community, lawmakers and privacy activists. In VANET, vehicles frequently broadcast various types of messages, including location data. This enables innovative applications and improvements in safety and driving experience. As messages broadcasted in the VANET are digitally signed and the receiver must be able to verify the sender’s authentication and message integrity, there is a need to ensure broadcast authentication and protect driver’s anonymity. However, communication in VANETs takes place with high frequency, and malicious vehicles can hide behind anonymity in order to duplicate packets and get advantage over other vehicles in the network. Indeed, state-of-the-art approaches to privacy-preserving messages broadcast in the VANET typically ensure that each vehicle has a number of pseudonymous certificates that are changed regularly in order to thwart an automated tracing of its activities. However, the possibility of uncontrolled simultaneous use of pseudonyms by misbehaving vehicles remain unaddressed. This paper proposes a set of anonymous credential system based protocols for VANET that enables the detection and limitation of pseudonym/credential overspending. The revocation of the misbehaving vehicle can be also achieved through the proposed solutions. With the prototypical implementation of the proposed protocols, it has been shown that the successful detection of fraud, i.e., pseudonyms overspending and the subsequent revocation of credentials are possible in VANET.     

VANET中基于动态生成组的位置隐私保护方案*

针对现有的车载自组织网络(VANETs)位置隐私保护方案在假名更新时受到时间和邻居数目限制的问题,提出了一个基于邻近车辆的假名交换方案(PSNV)。在该方案中车辆在同一组内交换假名,并沿着移动路径累积所有的假名混合的机会,最大程度地提高位置隐私保护效果。此外,本文采用单向哈希链生成和更新假名,显著降低了假名管理的成本。大量的仿真和分析结果表明该方案有较好的隐私保护性能。     

一种基于区块链的车联网安全认证协议

针对车联网环境下,车辆节点快速移动造成的中心服务器认证效率低、车辆隐私保护差等问题,提出了一种基于区块链的车联网安全认证协议。该协议利用Fabric联盟链存储车辆临时公钥与临时假名,通过调用智能合约,完成车辆身份认证,同时协商出会话密钥,保证通信过程中数据的完整性与机密性;利用假名机制有效避免了车辆在数据传输过程中身份隐私泄露的风险;使用RAFT共识算法高效达成数据共识。经安全性分析与实验结果表明,所提协议具有抵抗多种网络攻击的能力,且计算开销低、区块链存储性能好,能够满足车联网通信的实时要求。     

Exploiting blockchain for dependable services in zero-trust vehicular networks

The sixth-generation (6G) wireless communication system is envisioned be cable of providing highly dependable services by integrating with native reliable and trustworthy functionalities. Zero-trust vehicular networks is one of the typical scenarios for 6G dependable services. Under the technical framework of vehicle-and-roadside collaboration, more and more on-board devices and roadside infrastructures will communicate for information exchange. The reliability and security of the vehicle-and-roadside collaboration will directly affect the transportation safety. Considering a zero-trust vehicular environment, to prevent malicious vehicles from uploading false or invalid information, we propose a malicious vehicle identity disclosure approach based on the Shamir secret sharing scheme. Meanwhile, a two-layer consortium blockchain architecture and smart contracts are designed to protect the identity and privacy of benign vehicles as well as the security of their private data. After that, in order to improve the efficiency of vehicle identity disclosure, we present an inspection policy based on zero-sum game theory and a roadside unit incentive mechanism jointly using contract theory and subjective logic model. We verify the performance of the entire zero-trust solution through extensive simulation experiments. On the premise of protecting the vehicle privacy, our solution is demonstrated to significantly improve the reliability and security of 6G vehicular networks.     

Identity privacy-based reliable routing method in VANETs

In vehicular ad hoc networks (VANETs), reliable transmission and privacy of vehicles are two important issues. When vehicles are in the fast-moving environment, this paper proposes a Dynamic ID scheme which can protect the privacy of vehicles’ identity. In this paper, we divide the message transferring model into the uploading process and the downloading process. The uploading process has four stages, including the Connection establishment, the game, the detecting process and the messages sending process. In the four stages, this paper uses the Dynamic ID scheme, realizing the identity privacy. In the communication of ensuring the privacy, this paper builds a game model which is based on the reliability and the frequency of contacts, accomplishing the reliable transmission. Finally, the results of the simulation demonstrate that the presented method, the Identity Privacy-based Reliable Routing method (IPRR), cannot only increase the delivery ratio, but also reduce the end to end delay and the overhead ratio of the Network.     

车联网隐私保护技术研究

随着汽车智能化、网联化程度的不断加深,车辆、用户及第三方机构之间的数据共享日益成为刚需,由车辆、用户、路边单元等通信实体之间构建的网络车联网应运而生,而车联网的高移动性和网络拓扑多变性使其更容易遭受攻击,进而导致严重的车联网用户隐私泄露问题。如何平衡数据共享和隐私保护之间的关系成为车联网产业发展所面临的一个关键挑战。近年来,学术界针对车联网隐私保护问题进行了深入的研究,并提出了一系列解决方案,然而,目前缺少对这些方案从隐私属性方面进行分析。为此,本文首先从车联网的系统架构、通信场景及标准进行阐述。然后对车联网隐私保护的需求、攻击模型及隐私度量方法进行分析与总结。在此基础上从车联网身份隐私、匿名认证位置隐私和车联网位置服务隐私三个方面出发,介绍了匿名认证、假名变更、同态加密、不经意传输等技术对保护车联网用户隐私起到的重要作用,并讨论了方案的基本原理及代表性实现方法,将方案的隐私性从不可链接性、假名性、匿名性、不可检测性、不可观察性几个方面进行了分析与总结。最后探讨了车联网隐私保护技术当前面临的挑战及进一步研究方向,并提出了去中心化的车辆身份隐私技术以保护车辆身份隐私、自适应假名变更技术以支持匿名认证、满足个性化隐私需求的位置服务隐私保护技术,以期望进一步推动车联网隐私保护技术研究的发展与应用。     

Automated buyer profiling control based on human privacy attitudes

In e-commerce applications, vendors can construct detailed profiles about customers’ preferences, which is known as buyer profiling. These profiles can then be used by vendors in order to perform practices such as price discrimination, poor judgment, etc. The use of pseudonyms and, specially, changing pseudonyms from time to time are known to minimize profiling, minimizing the capacity of vendors to perform such practices in turn. Although there are some frameworks and tools that support pseudonym change, there are few proposals that suggest or directly change the pseudonym in an automated fashion. Instead, users are usually provided with the mechanisms to change pseudonyms but without any advise on when they should actually use these mechanisms. In this paper, we present an approach to control buyer profiling by means of automated pseudonym changes performed according to human privacy attitudes. We also present an application scenario and an evaluation of our proposal.     

EPA: An efficient and privacy-aware revocation mechanism for vehicular ad hoc networks

Security is vital for the reliable operation of vehicular ad hoc networks (VANETs). One of the critical security issues is the revocation of misbehaving vehicles. While essential, revocation checking can leak private information. In particular, repositories receiving the certificate status queries could infer the identity of the vehicles posing the query and the target of the query. An important loss of privacy results from this ability to tie the checking vehicle with the query’s target, due to their likely willingness to communicate. In this paper, we propose an Efficient and Privacy-Aware revocation Mechanism (EPA) based on the use of Merkle Hash Trees (MHT) and a Crowds-based anonymous protocol, which replaces the time-consuming certificate revocation lists checking process. EPA provides explicit, concise, authenticated and unforgeable information about the revocation status of each certificate while preserving the users’ privacy. Moreover, EPA reduces the security overhead for certificate status checking, and enhances the availability and usability of the revocation data. By conducting a detailed performance evaluation, EPA is demonstrated to be reliable, efficient, and scalable.     

一种基于伪距离的VANETs的节点位置安全算法

由于VANETs的车辆的快速移动,基于地理位置的路由协议广泛应用于VANETs。车辆周期广播位置信息来建立路由,导致车辆的位置信息容易遭受泄露。为此,提出基于伪距离的位置隐私保护(false-based location pri-vacy protection,FLPP)路由协议。在FLPP中,通过转发节点到目标节点的伪距离而不是真实距离来建立路由,通过巧妙地设置节点的定时器来保护节点的位置信息,同时采用别名策略隐藏身份信息。仿真结果表明,FLPP具有较高的数据传输率以及位置隐私保护力度。     

具有隐私保护的动态高效车载云管理方案

由车辆自主形成的车载云用于交通传感数据的本地化处理和消耗,实现高时效性的智能交通管理。针对车载云的高度动态性、自组织性和高时效性特点及其车联网中用户身份和位置隐私保护需求带来的车载云管理挑战,设计了基于非对称群密钥协商协议的动态自组织车载云管理方案,通过车辆自组织的群密钥协商自动形成车载云,利用群密钥控制车载云服务提供与访问,利用群密钥更新动态管理车载云。该方案使用可追踪的一次性假名技术实现车辆的匿名认证和条件隐私保护,并在群密钥协商阶段只使用一次双线性,使运算实现了更高的效率;密钥协商和更新过程利用支持批量验证的轻量级签名实现高效的消息源认证和完整性认证,在确保效率的前提下保证自组织环境下车载云通信的安全性;密钥协商协议的动态密钥更新机制实现车载云中车辆的动态加入或退出,适应车载云的动态性特点。在随机预言机模型和求逆计算Diffie-Hellman（ICDH）问题困难假设下,证明了非对称群密钥协商方案满足选择明文安全性。安全性分析显示所提方案能够保护车辆用户的身份和位置隐私,能够实现恶意车辆的合法追踪,保证通信的保密性、完整性和防假冒以及车载云动态管理的前向安全性。性能对比分析证明所提方案在实现相同功能和满足相同安全性的情况下具有一定的通信和计算效率优势。     

The masquerade: Gender,identity, and writing for the web

This article explores the nature of gender in cyberspace by reporting a case study of two classes that used online posting of student papers to facilitate peer response critiquing. When posting their papers, students could use their real identities or pseudonyms. In the study, we track online responses, breaking them down by gender and identity. The diversity of pseudonyms chosen, the way those choices impacted students' writing, and the types of responses generated by both pseudonyms and real names are examined. The nature of the pseudonym selection process and its implications for Web-based writing are also considered. This investigation sheds light on a number of important Internet writing issues. First, it reveals how some students feel disempowered by their own gender, in particular how many women may feel that choosing a male pseudonym is necessary for credibility. Second, it sheds light on the readers' responses to particular identities. Finally, we consider the significance of gender choices in terms of classroom conflict.     

车载网络中隐私保护方法

针对车载网络通信中存在车辆隐私性保护问题,提出一个K-匿名链隐私保护机制。在查询节点处构建k匿名空间,并将包含此k个车辆的最小边界矩阵作为位置数据进行转发,转发过程中构造一条匿名链来混淆身份信息与位置信息的一一对应关系,从而大大降低被攻击成功的概率。通过对该机制安全性及仿真实验结果的分析,该机制能很好地保护车载网络中车辆的位置隐私,提高了车载网络通信的安全性及隐私性。     

基于车联网的合谋攻击研究

车联网系统中的Sybil攻击检测方案大多使用匿名认证来保障车辆隐私安全,但这种认证方式在面对恶意车辆之间合谋发动Sybil攻击时将不具有有效性.本文阐述了现有的车联网身份认证技术中存在合谋攻击,并提出了一种较为有效的检测方案.     

LESPP: lightweight and efficient strong privacy preserving authentication scheme for secure VANET communication

Authentication in vehicular ad-hoc network (VANET) is still a research challenge, as it requires not only secure and efficient authentication, but also privacy preservation. In this paper, we proposed a lightweight and efficient authentication scheme (LESPP) with strong privacy preservation for secure VANET communication. The proposed scheme utilizes self-generated pseudo identity to guarantee both privacy preservation and conditional traceability, and it only requires a lightweight symmetric encryption and message authentication code (MAC) generation for message signing and a fast MAC re-generation for verification. Compared with currently existing public key based schemes, the proposed scheme significantly reduces computation cost by \(10^2\)–\(10^3\) times and decreases communication overhead by 41.33–77.60 %, thus achieving resilience to denial of service (DoS) attack. In LESPP, only key management center can expose a vehicle’s real identity from its pseudo identity, therefore, LESPP provides strong privacy preservation so that the adversaries cannot trace any vehicles, even if all roadside units are compromised. Furthermore, vehicles in LESPP need not maintain certificate revocation list (CRL), so any CRL related overhead is avoided. Extensive simulations reveal that the novel scheme is feasible and has an outstanding performance of nearly 0 ms network delay and 0 % packet loss ratio, which are especially appropriate for realtime emergency event reporting applications.     

MoVES: A framework for parallel and distributed simulation of wireless vehicular ad hoc networks

In this paper, we illustrate a Mobile Wireless Vehicular Environment Simulation (MoVES) framework for the parallel and distributed simulation of vehicular wireless ad hoc networks (VANETs). The proposed framework supports extensible, module-based and layered modeling, and scalable, accurate and efficient simulation of vehicular scenarios integrated with wireless communication and mobile services/applications. The vehicular layer includes models for vehicles, synthetic and trace-driven mobility, driver behavior, GPS-based street maps, intersection policies and traffic lights. The wireless communication layer currently includes models for physical propagation, and a network protocol stack including IEEE 802.11 Medium Access Control, up to the Application layer. MoVES provides a platform for microscopic modeling and simulation-based analysis of wireless vehicular scenarios and communication-based services and applications, like Intelligent Transportation Systems, communication-based monitoring/control and info-mobility services. The framework includes design solutions for scalable, accurate and efficient parallel and distributed simulation of complex, vehicular communication scenarios executed over cost-effective, commercial-off-the-shelf (COTS) simulation architectures. Dynamic model partition and adaptation-based load balancing solutions have been designed by exploiting common assumptions and model characteristics, in a user-transparent way. Test-bed performance evaluation for realistic scenarios has shown the effectiveness of MoVES in terms of simulation efficiency, scalability, adaptation and simulation accuracy.     

VANET中基于RSU辅助签名环形成的方案

车辆自组织网络(Vehicular Ad-hoc Network,VANET)使交通系统更加智能和高效。信道的开放性以及车辆移动的高速性等特点,导致VANET存在诸如身份、传输数据以及位置等隐私信息泄露问题。目前,针对VANET的身份隐私泄露问题,越来越多的学者采用基于环签名的方案,但是车辆如何在行驶过程中与周围车辆组成签名环一直是一个难解决的问题。针对基础设施部署较完善地区,文中提出一种基于RSU(Road-Side Unit)辅助签名环形成的方案。该方案通过RSU收集覆盖区域内车辆的公钥并广播公钥集,从而确定区域内车辆的签名环,并利用双线性对映射实现RSU与车辆间消息传输的基于身份加密的过程。安全分析和实验证明,所提方案在基础设施较完善地区能够拥有较好的效率和安全性。     

Transaction pseudonyms in mobile environments

Network Operators start to offer formerly hidden services such as location service, messaging services and presence services. This fosters the development of a new class of innovative context aware applications that are operated by third party application providers. However, without the implementation of proper privacy protection mechanisms, location and presence information, that is processed by third party application providers, may also imply severe risks to users. If no privacy protection is foreseen, the user’s identity could be used maliciously which renders such applications dangerous. To protect the user’s sensitive data such as location information we propose a novel service architecture which fosters the development of innovative applications that brings together internet applications with telco services. An underlying privacy enhancing mechanism that is based on the notion of pseudonyms allows even untrusted third party application providers to access sensitive data provided by telco services such as location, presence or messaging services. Due to their high security, pseudonyms guarantee that the user’s identity is kept secret towards the untrusted application providers. Due to its low computational complexity this pseudonym generation scheme can also be implemented on devices such as mobile phones and digital assistants with only little computational power and restricted memory capabilities. To illustrate our approach, we demonstrate a transportation ticket application that implements the proposed service architecture. This application allows the use of transportation tickets which are extended by the location-tracking functionality. Similar to the well known paper based transportation tickets our solution supports anonymity of users even if the ticket application “knows” the location of the holder. Oliver Jorns is a researcher at the Telecommunications Research Center in Vienna and is also a Lecturer at the University of Vienna. Oliver Jung is employed as a Senior Researcher at the Telecommunications Research Center Vienna. He is also member of ISO/IEC JTC1 SC27 (IT security techniques). Gerald Quirchmayr is Professor at the Institute for Computer Science and Business Informatics at the University of Vienna and since January 2005 he heads the Department of Distributed and Multimedia Systems, Faculty of Computer Science, at the University of Vienna.     

Group-based protocol and mobility model for VANETs to offer internet access

Some public transport vehicles embed devices that allow passengers to connect to Internet while traveling. These vehicles are true mobile Internet access zones inside public paths. These zones could be used by other vehicles moving close to them in order to have Internet access. At the same time, other vehicles in the influence area could be used as relay nodes which would increase this access area. In this paper, we present a group-based protocol and mobility model for vehicular ad hoc networks (VANETs) where each public transport vehicle forms a group of vehicles. They can access and allow access to Internet though the public transport vehicle. Each vehicle is moving inside the group and can leave and join any group at will, while all groups are moving. First, we will show the algorithm and protocol to achieve our purpose. Then, we will study the probability of having Internet access in order to demonstrate that it is a feasible proposal. Finally, we simulate a study case based on real values in order to obtain the performance of our proposal in terms of several network parameters such as the number of hops per route, the network traffic, the page response time, network delay, network load and so on.