Research On Trusted IoV Direct Anonymous Attestation Technology Intergrated With Mimic Defense

As a special kind of wireless network,Io V(Internet of Vehicles)not only faces various traditional security threats in conventional wireless communication networks,but also has new security requirements due to its own unique properties.More specifically,in Io V there are higher requirements for privacy protection when accessing authentication because of factors such as high-speed movement of nodes,conflicts between users and service providers,and brand differences.As a result,we need to design an efficient,real-time and reliable anonymous access authentication system.In this thesis,the trusted anonymous authentication mechanism is studied in depth and ported to the Io V platform for the security requirements of Io V.The mimic defense mechanism is also introduced to enhance the security of authentication protocols within a single trust domain and trusted third parties in cross-domain scenarios.The main research content and innovation points are as follows:1.Trusted computing is introduced into Io V,and a complete Io V trusted security model is constructed.In this model,a TPM chip is first implanted in all vehicle nodes involved in communication to build a trusted root,and a trust transfer chain is formed step by step to constitute a trusted computing platform,which ensures the trustworthiness of the vehicle terminal and guarantees the security of the system from the source.Then,through the anonymous authentication technology of the trusted platform,the trusted environment is extended to a larger trust domain,which solves the problems of vehicle identity authentication,trusted proof of cloud servers,and integrity verification,ensuring trusted services between each node and cloud servers in the Io V.2.For the unique security requirements of Io V,a direct anonymous authentication protocol V-DAA(Vehicle-DAA)based on TPMv2.0 is proposed as the authentication mechanism for each node access in Io V system.Firstly,we modify the interface command of TPM(Trusted Platform Module)so that the computational overhead of the node platform is reduced when performing the authentication protocol.The tamper-evident nature of the Verify protocol link is then enhanced by introducing a mimic defense mechanism at the Verifier entity with multiple heterogeneous redundant executors.Although a part of the computational efficiency is sacrificed by adopting the mimic defense,this part of the overhead is mainly concentrated at the Verifier entity and has no impact on the computational volume of TPM.The behavior of the heterogeneous executors in the mimic defense mechanism is unpredictable to the outside world,and the attacker cannot speculate by recording the actions of the heterogeneous executors and using a priori knowledge,which ensures the anonymity of the user and enhances the security of the entire connected Io V system.3.A cross-domain anonymous authentication scheme CDV-DAA(Cross-Domain Vehicle DAA)is proposed on the basis of V-DAA for the cross-domain authentication problem of Io V.CDV-DAA maintains the safety intensity of V-DAA,and also introduces the mimic defense mechanism.Because the third party in the protocol level is generally considered to be trusted during cross-domain authentication,but in the practical application scenario of Io V there is a security risk of the cloud server.The security of Trusted Auditor(TA)is systematically guaranteed by Dynamic Heterogeneous Redundancy(DHR),which is composed of multiple heterogeneous executors,and is able to fix the security issues of existing solutions.The CDVDAA scheme combined with the mimic defense mechanism is optimized in terms of efficiency and greatly improved in terms of security.Quantitative comparisons and qualitative analysis are given in the thesis to provide security for cross-domain authentication of Io V(Internet of Vehicle)systems.