Research On Key Technologies Of Security And Privacy Protection In Service Of VANETs

With the development and popularization of big data,artificial intelligence,the Internet of things,and cloud computing,Vehicular Ad Hoc Networks(VANETs),as the core of intelligent vehicles and intelligent transportation in the future,have been valued by countries all over the world.VANETs have become an important symbol to measure national industrial,scientific,and technological strength.However,in recent years,information security of VANETs incidents occur frequently,which seriously threatens the privacy of users and even the safety of life and property and hinders the healthy development and application of VANETs.This thesis focuses on two kinds of typical services in VANETs–communication service and outsourcing service.Firstly,we analyze the security threats and corresponding security protection requirements faced by vehicle users in these two types of services.Then some key security and privacy protection technologies are studied,and corresponding solutions are proposed.Among them,in the communication service,for group communication and routing communication scenarios,a blockchain based mutual-healing group key management scheme and location privacy-enhanced location anonymous routing scheme are proposed,respectively.In the outsourcing service,for the two different scenarios of cloud service–semi-trusted and malicious,a low leakage secure outsourced range query scheme and a verifiable secure outsourced range query scheme are proposed,respectively.Through the above researches,we systematically and comprehensively solve the security and privacy problems faced by the VANETs in communication and outsourcing services,which provides a fundamental guarantee for the national strategic deployment of VANETs.The main research results of this thesis are as follows:1.Aiming at the problem that the unstable communication link leads to the loss of group key update messages in the group communication service of VANETs,a blockchain based mutual-healing group key management scheme in the VANETs is proposed.Specially,this thesis first introduces blockchain technology.By redefining its storage structure and chain relationship,a private blockchain of VANETs with the writing right only in its key management center is designed to realize the distribution and storage of vehicle group keys and establish a dynamic trust relationship between vehicles.Then,on this basis,for two different attacker models,a basic mutual-healing protocol and an enhanced one are designed respectively to ensure that the vehicle can safely recover the lost group key with the help of its neighbors.Security analysis and extensive experiments show that,compared with the existing mutual-healing schemes,our proposed solution can effectively resist various attacks with small overhead on time and storage to provide secure group communication service.2.For the existing routing communication service in VANETs,there is a problem with the destination and intermediate vehicle’s location privacy leakage.this thesis proposes a location-based anonymous routing scheme with enhanced privacy protection in VANETs.Specifically,in the vehicle location management stage,roadside unit-assisted location management with location privacy protection is proposed that prevents the destination vehicle’s location from being leaked by the arbitrary query.Then,a message routing based on location ciphertext with high privacy protection is designed by order revealing encryption to establish a multi-hop routing between the source and destination vehicle only by comparing the encrypted locations between intermediate vehicles.Security analysis shows that our proposed scheme can effectively provide location privacy protection for the intermediate and the destination vehicles in the routing process and ensure end-to-end secure communication between the source and destination vehicles.In addition,extensive experiments indicate that the proposed scheme is superior to the state-of-the-art solutions regarding transmission delay and packet delivery rate.3.The existing secure outsourced range query scheme under the semi-trusted cloud server scenario has the problems of weak privacy protection and low query performance,which makes it difficult to meet the privacy protection and timeliness requirements in VANETs.This thesis proposes a low information leakage secure outsourced range query scheme in the VANETs.Specially,to protect the outsourced data privacy,a novel range-matched encoding method is designed,which not only hides the order relationship of data,but also avoids the leakage of additional information such as the index of most significant different bit or block.Meanwhile,to protect query privacy,a novel query token generation algorithm is designed based on non-deterministic order-preserving perturbation and padding to hide the query pattern.Finally,this paper designs an efficient range comparison algorithm based on the XOR filter and multiple hash function.Security analysis and experiments show that,compared with the existing state-of-the-art schemes,our proposed solution not only enhances the protection of data privacy and query privacy,but also significantly improves query performance as well as reduces the storage overhead of outsourced encrypted data.It can be well applied to the range query service in VANETs.4.In existing secure outsourced range query schemes under the malicious cloud server scenario,it is difficult to balance the false positive and query efficiency,and also a large amount of dirty data is difficult to be detected.They can not meet the timeliness and reliability requirements of the data query service in VANETs.To address the above problems,this thesis proposes a verifiable secure outsourced range query scheme on VANETs.Firstly,using the cuckoo filter and prefix coding technology,an encrypted range comparison algorithm supporting the elimination of false positive by post-verification is designed,balancing the false positive and query efficiency.Then,on this basis,an efficient,secure outsourced range query scheme supporting verifiability is designed by using a cryptographic multiset accumulator and prefix index tree.Security analysis and experimental results show that,compared with the existing schemes,the proposed scheme can effectively detect whether the cloud server performs a lazy query in terms of correctness verification.In addition,the query efficiency is also improved.