ArticlePDF Available

PPRP: Preserving-Privacy Route Planning Scheme in VANETs

December 2022
ACM Transactions on Internet Technology 22(4):18

December 2022
22(4):18

DOI:10.1145/3430507

Authors:

Yangfan Liang

Guilin University of Electronic Technology

Yining Liu

Guilin University of Electronic Technology

Route planning helps a vehicle to share a message with the roadside units (RSUs) on its path in advance, which greatly speeds the authentication between the vehicle and the RSUs when the vehicle enters the RSUs’ coverage. In addition, since only a small amount of necessary information needs to be shared between the vehicle and the RSUs, route planning can reduce the storage overhead of the vehicle’s on-board unit (OBU) and the RSUs. However, the message sharing requires the assistance of the certification authority (CA), which will lead CA easily to obtain the vehicle’s planning route. Although CA knows the vehicle’s registration information and helps the vehicle to communicate with RSUs, it is unacceptable that the path of their vehicle is obtained by CA for most drivers. In fact, vehicle’s sensitive information such as planning route, starting time, stop place, should be privacy for others including CA. Inspired with the method of oblivious transfer, a preserving-privacy route planning scheme in VANETs is proposed in this article, in which, a vehicle deduces the information of RSUs on its path with the help of CA, while CA knows nothing about which RSUs’ information has been deduced by the vehicle. Later, fast authentication or other service is easily achieved between the vehicle and the RSUs (V2R) with the pre-shared information. After V2R authentication, vehicles could easily communicate with adjacent vehicles with the help of RSUs (V2V). Finally, compared with related schemes, performance evaluation illustrates the proposed scheme is better in terms of time consumption.

Content uploaded by Yining Liu

Content may be subject to copyright.

Content uploaded by Yining Liu

Content may be subject to copyright.

PPRP: Preserving-Privacy Route Planning Scheme

in VANETs

YANGFAN LIANG and YINING LIU, School of Computer and Information Security, Guilin University

of Electronic Technology, Guilin, Guangxi

BRIJ B. GUPTA, Department of Computer Science and Information Engineering, Asia University, Taichung

413, Taiwan, & Lebanese American University, Beirut, 1102, Lebanon, & Center for Interdisciplinary Research

at University of Petroleum and Energy Studies (UPES), Dehradun, Uttarakhand, India, & Research and Inno-

vation Department, Skyline University College, Sharjah P.O. Box 1797, United Arab Emirates

Route planning helps a vehicle to share a message with the roadside units (RSUs) on its path in advance,

which greatly speeds the authentication between the vehicle and the RSUs when the vehicle enters the RSUs’

coverage. In addition, since only a small amount of necessary information needs to be shared between the

vehicle and the RSUs, route planning can reduce the storage overhead of the vehicle’s on-board unit (OBU)

and the RSUs. However, the message sharing requires the assistance of the certication authority (CA), which

will lead CA easily to obtain the vehicle’s planning route. Although CA knows the vehicle’s registration in-

formation and helps the vehicle to communicate with RSUs, it is unacceptable that the path of their vehicle

is obtained by CA for most drivers. In fact, vehicle’s sensitive information such as planning route, starting

time, stop place, should be privacy for others including CA. Inspired with the method of oblivious transfer,

a preserving-privacy route planning scheme in VANETs is proposed in this article, in which, a vehicle de-

duces the information of RSUs on its path with the help of CA, while CA knows nothing about which RSUs’

information has been deduced by the vehicle. Later, fast authentication or other service is easily achieved

between the vehicle and the RSUs (V2R) with the pre-shared information. After V2R authentication, vehicles

could easily communicate with adjacent vehicles with the help of RSUs (V2V). Finally, compared with related

schemes, performance evaluation illustrates the proposed scheme is better in terms of time consumption.

CCS Concepts: • Security and privacy →Security services;Network security;•Networks →Network

architectures;Network components

Additional Key Words and Phrases: VANETs, route planning privacy, oblivious transfer

ACM Reference format:

Yangfan Liang, Yining Liu, and Brij B. Gupta. 2022. PPRP: Preserving-Privacy Route Planning Scheme in

VANETs. ACM Trans. Internet Technol. 22, 4, Article 85 (December 2022), 18 pages.

https://doi.org/10.1145/3430507

This work is supported by Natural Science Foundation of China (no. 61662016 and no. 62072133), Key projects of Guangxi

Natural Science Foundation (no. 2018JJD170004).

Authors’ addresses: Y. Liang and Y. Liu, School of Computer and Information Security, Guilin University of Electronic Tech-

nology, Guilin, Guangxi; emails: afarloeng@163.com, ynliu@guet.edu.cn; B. B. Gupta, Department of Computer Science

and Information Engineering, Asia University, Taichung 413, Taiwan; email: gupta.brij@gmail.com.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee

provided that copies are not made or distributed for prot or commercial advantage and that copies bear this notice and

the full citation on the rst page. Copyrights for components of this work owned by others than ACM must be honored.

Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires

prior specic permission and/or a fee. Request permissions from permissions@acm.org.

1533-5399/2022/12-ART85 $15.00

https://doi.org/10.1145/3430507

ACM Transactions on Internet Technology, Vol. 22, No. 4, Article 85. Publication date: December 2022.

85:2 Y.Liangetal.

1 INTRODUCTION

In modern society, the increasing number of vehicles has brought about some problems, such as

trac congestion, trac accidents, and complicated trac conditions. To avoid these problems, it

is necessary to share the real-time information such as vehicle’s location and status, weather con-

ditions, road conditions, with other vehicles, and the surrounding equipment [Hsu et al. 2015; Zhu

et al. 2015]. Therefore, as an important part of the intelligent transportation systems (ITSs), ve-

hicular ad-hoc network (VANET) is widely researched, which usually consists of three compo-

nents: certication authority, on-board units (OBUs), and roadside units (RSUs). And two main

communication types in VANETs are respectively, Vehicle-to-Vehicle (V2V) communication and

Vehicle-to-Infrastructure (V2I) communication. As dened in IEEE Standard 1,609.2, both com-

munication styles follow dedicated short-range communication (DSRC) [Kenney 2011]proto-

col for wireless access in the vehicular environment (WAVE ) [Jiang and Delgrossi 2008].

The advent of intelligent vehicular applications and IoT technologies gives rise to data-intensive

challenges in ITS [Hussain et al. 2019]. Since messages are transmitted in an open wireless envi-

ronment, security and privacy are the critical challenges [Cheng and Liu 2020]. Specically, the

traditional security requirements at least including condentiality, authentication, and integrity,

ensure the transmitted message only to be recognized by the authorized entities [Song et al. 2020].

However, the traditional security goals are not enough for VANET, and the privacy requirement is

also necessary [Zhang et al. 2008]. Privacy requirement guarantees the sensitive or private infor-

mation cannot be known by others including the authorized entities even if the secure channel has

been established among them. For example, vehicle’ route information and departure time should

not be known by CA and RSUs.

In VANET, route planning is introduced in Ahmad et al. [2019] and is widely used for the envi-

ronment of self-driving vehicles [Hiraishi 2018]. In the route planning process, a vehicle selects its

destination and the favorite route, then the vehicle’s OBU establishes a link or shares a message

with the RSUs on its path. After soon, when the vehicle enters the corresponding RSUs’ coverage,

the very ecient authentication is achieved between the vehicle and these RSUs with the shared

message. Certainly, the message sharing between the vehicle and these RSUs requires the assis-

tance of CA, which easily exposes vehicle’s route privacy to CA. Since the vehicle’s route should

be privacy for all including CA and RSUs, how to protect the privacy among the authorized enti-

ties is vital for VANET. To address this issue, in this article, a preserving-privacy route planning

scheme in VANETs is proposed, and the main contributions are summarized as follows:

— In route planning, a vehicle rst plans its own path, so as to know the RSUs it will pass

by. Then, the vehicle obtains the authentication information of these RSUs from CA. In the

process of obtaining the information, it is ensured that CA does not know which RSUs’

information has been obtained by the vehicle. Therefore, CA cannot infer the vehicle’s path

from these RSUs. As a result, the vehicle’s path privacy is protected. After that, when the

vehicle enters the coverage of these RSUs, the rapid authentication between the vehicle and

these RSUs can be achieved with the information obtained from CA.

— After V2R authentication, vehicles easily communicates with adjacent vehicles through

OBUs installed in vehicles V2V by the assistance of RSUs.

— A detailed analysis shows that the proposed scheme could achieve privacy objectives in

VANETs. Moreover, we compare it with related schemes. The comparison results show that

our scheme is better performance in time consumption.

The rest of the article will be organized as follows. Section 2introduces lots of related works. Some

preliminaries is prepared in Section 3. Section 4describes the system model and the design goals.

ACM Transactions on Internet Technology, Vol. 22, No. 4, Article 85. Publication date: December 2022.

PPRP: Preserving-Privacy Route Planning Scheme in VANETs 85:3

Section 5describes the proposed preserving-privacy route planning scheme in VANETs in detail.

Comprehensive analysis and performance evaluation are described in Section 6. Finally, there is

the conclusion of the article.

2 RELATED WORKS

In this section, we introduction various authentication schemes addressing privacy and security

in traditional VANET respectively and discuss the benets and drawbacks of those protocols.

Security and privacy for vehicular communications are vital. In past years, a lot of authentication

schemes [Calandriello et al. 2007;Heetal.2015a; Raya and Hubaux 2005;Shim2012]havebeen

proposed for the security goals including condentiality, authentication, and integrity. Although

there is an advanced quantum key distribution systems [Pljonkin 2019], most of them are based

on asymmetric cryptosystems. And this needs a public key infrastructure (PKI) [Zhang et al.

2010] to generate a lot public/private keys that are used to generate and verify digital signatures

respectively. Therefore, each vehicle needs to store the public/private keys, which is not negligible

for resource-constrained vehicle’s OBU. For this reason, some researchers proposed an identity-

based (ID-based) public key encryption scheme. Usually, in ID-based scheme, the public key can

be computed from the identity and the corresponding private key is generated by PKG. Then, Shim

et al. designed a new ID-based signature scheme [Shim 2012], however, it uses complex bilinear

pairing operations, resulting in a high computational and communication delay. For the problem,

He et al. proposed an ID-based authentication scheme [He et al. 2015a] without bilinear pairing.

Consequently, computational complexity is reduced while achieving lower communication costs.

Previous works have addressed the security and eciency issues mentioned above. However, the

privacy requirement is not paid attention to enough.

Dierent from the traditional security requirements that ensure the transmitted message only

to be recognized by the authorized entities, privacy requirements guarantee the sensitive or pri-

vate information cannot be known by the authorized entities, under the assumption that the secure

channel has been established among them. For example, the vehicle’s route information and depar-

ture time should not be known by CA and RSUs. In recent years, a lot of schemes are designed to

protect vehicles’ privacy. The schemes can be classied into two categories: (1) Group signature-

based scheme (GSB), and (2) anonymous authentication scheme for VANETs.

GSB scheme is a method commonly used for privacy-preserving. In VANETs, the sending vehicle

privacy is guaranteed due to the anonymous authentication provided by the inherent property of

group signature (GS)[Alietal.2019]. The group consists of members and manager. The manager

signs messages on behalf of the whole group and only the manager can distinguish the signer

among group members.

Lin et al. [2007] proposed a group signature scheme for VANETs. In this scheme, the OBUs need

not store a lot of anonymous keys, meanwhile, the CA can eciently trace the malicious vehicle

if necessary. Shao et al. [2016] proposed a group signature-based scheme for V2V authentication

in VANETs. But it lacks forward and backward security properties and anti-collision [Zhao et al.

2015]. Wang et al. [2016] introduced an Ecient Conditional Privacy-Preserving (ECPB)au-

thentication scheme based on group signature for VANETs. This proposed work slightly improved

verication delay and average delay. In those group-based signatures, there is a tradeo between

the anonymity level and the group size. Although a large group size is more anonymous, it in-

creases the time needed to verify signatures. On the contrary, a small group size makes it easy

for the attacker to identify members of the group. As a result, anonymity is not ideally satised

[Pournaghi et al. 2018].

One of the most accepted approaches for anonymity is pseudonymity. Each vehicle is equipped

with a large number of pseudonyms issued by CA. Then, each pseudonym is used to sign multiple

ACM Transactions on Internet Technology, Vol. 22, No. 4, Article 85. Publication date: December 2022.

85:4 Y.Liangetal.

messages sent in a xed time interval. To prevent a pseudonym from being connected to an entity,

a pseudonym can only be used once, nally, it is discarded. This means a temporary fake identier

is used to replace the vehicle’s real identity. Therefore, sensitive information such as the vehicle’s

real ID, start time and real-time location is not easily linked to one physical vehicle. As a result,

anonymity and unlinkability are guaranteed. Liu et al. proposed the authentication scheme based

on SS called LVAP [Liu et al. 2015]. However, the scheme cannot protect the vehicles’ path because

vehicles use a same pseudonym for a long time, which may be tracked by adversaries. Hence,

it is necessary for more privacy to frequently change pseudonyms in Eckho et al. [2010]and

Pan et al. [2011]. Nonetheless, in the case of anonymity, there needs to be a certication author-

ity that can track the malicious vehicles. Because if one vehicle sends fake information to other

vehicles, which can damage the vehicle.

In the above schemes, CA is usually required to help generate the secret key or pseudonym. So,

it just guarantees the privacy between the vehicles and the vehicles, and between the vehicles and

the RSUs. The privacy of the vehicle to CA is not guaranteed, which means CA can easily access

the vehicle’s private information, such as the vehicle route, the starting time of the vehicle, and

so on. Inspired by vulnerability analysis for the authentication protocols [Alhaidary et al. 2018]

and cloud Environment [Kaushik and Gandhi 2019], a preserving-privacy route planning scheme

in VANETs is proposed in this article. In the proposed scheme, the privacy of the vehicle to CA

is ensured in the process of route planning. To be specic, in path planning, a vehicle rst plans

its own path so that it knows the RSUs it will pass through. The vehicle then obtains these RSUs’

authentication information from CA, meanwhile, it must be ensured that CA does not know which

RSUs’ information has been obtained. Therefore, CA cannot infer the vehicle’s path from these

RSUs so that the path privacy of the vehicle is protected from CA.

3 PRELIMINARIES

In this section, we introduce oblivious transfer (OT)andelliptical curve cryptosystem (ECC)

mainly used in this scheme.

Today, computers are increasingly being used for storing and retrieving information. Some of

this information is of a sensitive nature requiring adequate security measures to safeguard the

sensitive information. Hence, awareness about the various tools and techniques for securing the

information has become unavoidable [Gupta 2018]. Rabin et al. introduced OT to protect users’ pri-

vacy in electronic commerce and it is a basic cryptographic method in various privacy-preserving

technologies [Wang et al. 2020]. Although there are a lot of dierent OT schemes in terms of their

functionality, OT schemes can be usually generalized as k-out-nOT ( OTk

n) schemes. Usually, there

are two entities in a OTk

n. One is the sender who contains nmessages, the other is the receiver

who wants to obtain kmessages from the sender. Specically, the receiver can only get these k

messages that he has chosen, meanwhile, the sender knows nothing about what the receiver has

obtained. In addition, OTk

nis dened as follows. Alice knows nmessages and wants to send kof

them to Bob. Bob gets kof them with probability k!(n−k)!/n! and knows which ones he has ob-

tained, but Alice has no idea about which messages Bob has obtained [Mu et al. 2003]. Figure 1

shows the process of OT.

Moreover, ECC [He et al. 2015b] is a commonly encryption system in an elliptic curve, which

includes scalar multiplication, elliptic curve discrete logarithm problem (ECDLP), and com-

putational Die-Hellman (CDH) problem. Their denition is as follows:

Elliptic Curve: Let Fqbe a nite eld and a large prime number pis the order of Fq.Eis an

elliptic curve dened as: y2=x3+ax +b,where a,b∈Fqare constants. There is a group dened

on E,whoseorderisqand the generator is p. The set contains an innity point O.

ACM Transactions on Internet Technology, Vol. 22, No. 4, Article 85. Publication date: December 2022.

PPRP: Preserving-Privacy Route Planning Scheme in VANETs 85:5

Fig. 1. The process of Oblivious Transfer.

Scalar multiplication: Let P∈Gq,n∈Z∗

q,then the scalar multiplication is nP =P+P+···+P

(for a total of ntimes).

ECDLP: There are two random points P,Q∈G,and Q=x·P. It is hard to compute xfrom Q

in the polynomial-time t.

CDH: Given two random points Y,Q∈G,whereY=y·P,Q=x·P,andx,yare unknown

integers, it is hard to compute x·y·P[Koblitz 1987].

4 MODEL AND GOALS

In this section, we briey introduce the system model and design goals of the proposed scheme.

Figure 2shows the VANET system model used in this article and Figure 3shows a workow

owchart for entities within the system.

4.1 System Model

VANETs consists of three entities: certication authority (CA), roadside unity (RSU), and ve-

hicle,asshowninFigure2. Furthermore, in order to clearly describe the major operation of all

entities in the system model, the workow chart for each entity within the system is rendered in

Figure 3.

ACM Transactions on Internet Technology, Vol. 22, No. 4, Article 85. Publication date: December 2022.

85:6 Y.Liangetal.

Fig. 2. System model.

Fig. 3. Workflow flowchart for entities within the system.

CA: CA owns powerful computing and storage capabilities. And it is responsible for managing

the entire VANETs. Usually, CA stores RSUs’ and vehicles’ information, and assists in the authen-

tication between the RSUs and the vehicles. Although CA strictly complies with the protocol, it is

curious to deduce the private or sensitive information such as the vehicle’s start time and real-time

location with the legally received messages.

RSU: RSUs are deployed at the roadsides and communicate with CA via secure channels. RSUs

can not only provide certain services for vehicles within its coverage area, but also help the com-

munication between vehicles within its coverage area.

ACM Transactions on Internet Technology, Vol. 22, No. 4, Article 85. Publication date: December 2022.

PPRP: Preserving-Privacy Route Planning Scheme in VANETs 85:7

Vehicle: Vehicle is equipped with OBU and TPD modules. OBU is in charge of communication

with other OBUs, RSUs, and CA. And the deputy of TPD is to store the private information and

executes secure computing.

Adversary: The secure channel has been established among the authorized entities, In other

words, the attacker out of the system cannot monitor the public channels, impersonate the iden-

tity of the legitimate vehicle or RSU, and steal the information from TPD, and so on. Hence, in

the system, any entity that is curious to the private or sensitive information of other entities are

regarded as the active adversary, including CA, RSUs, and vehicle.

4.2 System Model

Under the assumption that the traditional security requirements at least including condentiality,

authentication, and integrity have been ensured, there are still privacy and utility goals that need

to be met.

Route privacy: In the necessary message sharing between vehicles and RSUs by the assistance

of CA. we need to prevent vehicles’ route privacy from CA. If it is not met by the system, CA can

easily get the path of any vehicle.

Anonymity: Any third party (except for CA) cannot obtain the vehicle’s true identity through

the message from a given vehicle. If it is not met by the system, the true identity of vehicle will be

exposed to everyone, increasing the risk of attack.

Traceability: Although a vehicle’s true identity is hidden from any other vehicle, CA can obtain

true identity of any vehicle if necessary. If it is not met by the system, in case there is a malicious

vehicle in the system, it cannot be identied by others, which will bring a potential risk to the

system security.

Unlinkability: No third party can link two authentication messages sent by the same vehicle.

Moreover, they cannot trace the vehicle through its messages. If it is not met by the system, an at-

tacker can externally distinguish whether two messages originate from the same vehicle, reducing

the security of the vehicle.

5 PROPOSED SCHEME

In this section, we describe the proposed scheme that consists of ve phases: Initial phase, Reg-

istration phase, Route planning phase, V2I authentication phase, and V2V Authentication phase.

In the initial phase, CA initializes and distributes system parameters. In addition, the RSUs’ basic

information is also stored in CA. In the registration phase, in order to join the vehicular network,

vehicles must be registered with CA. In route planning phase, vehicle needs to plan its path in

advance so that it knows which RSUs it will go through. Then, the necessary message is shared

between OBU and the RSUs with the collaboration of CA. Meanwhile, it is guaranteed that CA

cannot know which RSUs’ information is shared to the vehicle. In V2I authentication phase, since

information sharing between the RSUs and the vehicle has been completed in the previous phase,

the quick authentication can be implemented between vehicle and RSUs. In V2V authentication

phase, after V2I authentication, a vehicle can communicate with adjacent vehicles through OBUs

installed in vehicles by the assistance of RSUs.

5.1 Initial Phase

Let Fqbe a nite eld, qis a prime number to represent the size of the nite eld. And (a,b)∈Fq

is the parameter of elliptic curve G,andgis its generator, as represented in Table 1.

ACM Transactions on Internet Technology, Vol. 22, No. 4, Article 85. Publication date: December 2022.

85:8 Y.Liangetal.

Table 1. Main Notations

Notation Description

FqA nite eld, qis a prime number to represent the size of the nite eld

GA cyclic groups of order p

CA Certication authority

gA generator of G

pkCA ,skCA Public and private key of CA

HA secure hash function H:{0,1}∗→Zq

RSUiRSUiof number i

hA secure hash function h:{0,1}∗→Zq

KiThe session key that communicates with the RSUi

infiThe additional information of RSUi

pkj,skjPublic and private key of vehicle vj

rjVehicle vjselects a random number

AIDjThe pseudonym of vehicle vj,and jis the ID of the vehicle vj

vjThe vehicle of IDj

SjA parameter aiding necessary message sharing between OBU and RSUs

TjA parameter aiding necessary message sharing between OBU and RSUs

PathjThe number set of RSUs in the path of the vehicle vj

pass The relevant path information set

key The session key set

iThe key to encrypt relevant information of the RSUi.

CiAw×nciphertext matrix

AjThe ciphertext vector containing nciphertexts for each RSU on the path

Val uecur rent A temporary hash value currently used to aid V2V authentication

(1) CA generates a public/ secret key pair (pkCA,skCA),wherepkCA =д·skCA. And CA selects

the hash functions: H:{0,1}∗→Zq. CA assigns the number ito RSUiwithin its jurisdiction,

where i∈{0,1,...,n}.

(2) RSUiselects its symmetric key Ki∈Zqand sends it to CA via a secure manner. In addition,

Kineeds to be updated periodically such as every day, where i∈{0,1,...,n}.

(3) CA stores the RSU’s authentication information. The specic storage form is as follows:

{(1||K1||inf1)

(2||K2||inf2)

(······)

(i||Ki||infi)

(······)

(n||Kn||infn)}

where infiis additional information of RSUi,Kiis the symmetric key of RSUi,andi∈

{0,1,...,n}.

(4) CA publishes {G,i,д,H,pkCA}and keeps {skCA,Ki,infi}in secret.

5.2 Registration Phase

The vehicle vjis registered with local CA, the detailed process is as follows:

(1) Vehicle vj,j∈{0,1,...,n}generates a public/ secret key pair (pkj,skj),wherepkj=д·skj,

then vjsends {j,pkj}to CA via a secure manner.

ACM Transactions on Internet Technology, Vol. 22, No. 4, Article 85. Publication date: December 2022.

PPRP: Preserving-Privacy Route Planning Scheme in VANETs 85:9

(2) After CA receives the {j,pkj}, it selects a random number rjand generates pseudonym

AI D j=j⊕H(skCA||rj)for vj. And the AI D jis used in vehicle-to-vehicle and vehicle-to-

RSU communications, and helps CA to verify the legal identity of the vehicle. In addition,

AI D jneeds to be updated periodically such as every day.

(3) CA generates two parameters so that necessary message sharing is ensured between OBU

and RSUs in route planning phase.Sj=д·yj,Tj=Sj·yj,whereyj∈Gand j∈{0,1,...,n}.Fi-

nally, CA stores {j,AI Dj,rj,yj}in the database and sends {AID j,Sj}to the vehicle vjthrough

a secure channel.

5.3 Route Planning Phase

(1) The vehicle vjplans its route in advance, as represented in Figure 5. Suppose there are w

RSUs in the path of the vehicle vj, the RSUs’ number set is Path ={1,2,...,i,...,w}. Then, the

vehicle vjneeds to generate the relevant path information mj

path ={Rj

1,Rj

2,...,Rj

i,...,Rj

w}and

the corresponding session key mj

Key ={kj

1,kj

2,...,kj

i,...,kj

w}between CA and vj,inwhich,kj

is used to encrypt relevant information of the RSUi. In the specic generation process, vjselects

xj∈G, calculates kj

i=H(xj·Sj)and Rj

i=i·Sj+д·xj,wherei,j∈{0,1,...,n}. Then, the vehicle

vjselects a timestamp t1and calculates Requestj={epkCA(AI D j||mj

path ||t1),H(epkCA ),t1}. Finally,

vjsends Requestjto CA, where j∈{0,1,...,n}.

(2) On receiving Requestj, CA veries H(epkCA )and t1.Ift1and H(epkCA)are correct, vehicle

accepts Requestj. Otherwise, CA rejects it. Next, CA decrypt epkCA with private key skCA to get

AI D jand mj

path ={Rj

1,Rj

2,...,Rj

i,...,Rj

w},wherej∈{0,1,...,n}.

(3) CA queries the existence of a user with it’s pseudonym AI Djthrough a local database to de-

termine whether the vehicle vjis legitimate. If the vehicle vjis legitimate, CA takes the next

step. Otherwise, CA broadcasts that the user with the pseudonym AI Djis illegal, where j∈

{0,1,...,n}.

(4) CA generates a ciphertext vector Ci={e1

i,e2

i,...,es

i,...,en

i}containing nciphertexts for

each RSU on the path. Since there are wRSUs: {1,2,...,i,...,w}in the path of the vehicle vj.Fi-

nally, a w×nciphertext matrix Ajwill be generated and it contains the authentication information

of RSUs on the path. The ciphertext matrix is shown in Figure 4.

Suppose that RSUiis on the path of vehicle vj, the specic generation process of the ciphertext

vector for RSUiis as follows:

(i) CA generates ndierent session keys: {kj

1,kj

2,...,kj

s,...,kj

n}to encrypt the authentication

information for all nRSUs, where kj

s=H(yj·Rj

i−s·Tj),s∈{0,1,...,n},both yjand Tjare

parameters generated in registration stage to help generate ciphertext matrices, Rj

iis the path

parameter from the vehicle vj. In this case, it’s important to note that kj

s=kj

iwhen s=i,where

i,j,s∈{0,1,...,n},kj

iis the session key generated by the vehicle for decrypting the ciphertext

matrix Ajand kj

i=H(xj·Sj).The detailed proof is as follows:

s=H(yj·Rj

i−s·Tj)=H(yj·(i·Sj+д·xj)−s·Tj)=H((i·Tj−s·Tj)+yj·д·xj)=H(yj·д·xj)=

H(xj·Sj)=kj

where Rj

i=i·Sj+д·xj,Tj=yj·Sj,s=i,Sj=д·yj,andi,j,s∈{0,1,...,n}.

(ii) CA uses this ndierent session keys: {kj

1,kj

2,...,kj

s,...,kj

n}to encrypt the authentication

information for all nRSUs. In the end, CA gets a ciphertext vector Ci={e1

i,e2

i,...,es

i,...,en

i}for

RSUi,wherees

i=Eki

s(s||Ks||infs),i,j,s∈{0,1,...,n},infiis additional information of RSUi,and

Kiis the symmetric key of RSUi.

ACM Transactions on Internet Technology, Vol. 22, No. 4, Article 85. Publication date: December 2022.

85:10 Y. Liang et al.

Fig. 4. Ciphertext matrix.

Therefore, CA performs (i)–(ii) operations on the wRSUs on the vehicle path, and CA nally

gets a w×nciphertext matrix Aj. Finally, CA sends {Aj,H(Aj||t2),t2}to the vehicle vj,wheret2

is a timestamp.

(5) On receiving {Aj,H(Aj||t2),t2}, the vehicle vjveries H(Aj||t2)and t2.Ift2and H(Aj||t2)

are correct, the vehicle accepts Aj. Otherwise, the vehicle vjrejects it. Next, the vehicle vjuses w

symmetric keys {kj

1,kj

2,...,kj

i,...,kj

w}to decrypt the part of ciphertext from the matrix Aj,sothat

it can get the authentication information with the RSUs on its path. Here, we take es

ias an example

to briey decryption. Only when s=i,kj

s=kj

i.Therefore, the vehicle vjcan decrypt es

i. Hence, the

vehicle vjcan only get the information of RSUs on its path, and other RSUs’ information cannot

be obtained by the vehicle vj. At the same time, CA does not know which RSUs’ information has

been obtained by the vehicle vj. In the end, the vehicle vjobtains the authentication information

of wRSUs on its path, so that it can quickly authenticate with the RSUs in the future, where

i,j∈{0,1,...,n}.

5.4 V2I Authentication Phase

(1) When the vehicle vjenters the coverage range of RSUi, the vehicle vjsends {EKi

(i||AI D j||r||t3),H(EKi),t3}to RSUi,whereris a random number selected by the vehicle vj,andt3

is a timestamp, and i,j∈{0,1,...,n}.

(2) On receiving {EKi(i||AID j||r||t3),H(EKi),t3},RSUiveries H(EKi)and t3. If both are correct,

RSUidecrypts the message with the key Kito get r. Otherwise, RSUirejects it. Next, RSUisends

H(r+1)to the vehicle vj,wherei,j∈{0,1,...,n}.

(3) On receiving H(r+1), the vehicle vjveries whether the received H(r+1)is correct. If yes,

the V2I authentication succeeds. Otherwise, it fails.

5.5 V2V Authentication Phase

(1) Before V2V authentication, RSUineeds to do some work to help the next V2V authentication.

RSUigenerates a one-way hash chain, its hash values are used for vehicles’ communications within

a xed period. Due to the short lifetime of the hash values for strong security, they need to be

updated regularly. The hash chain is generated as follows:

(i) RSUichooses a hash function h:{0,1}∗→Zqand randomly selects a Seed ∈G.

(ii) RSUigenerates hash chains HC by the Seed and the hash function h.

h(Seed)→h2(Seed)→···→hn−1(Seed )→hn(Seed)

Valuen→Valuen−1→···→Value2→Value1

ACM Transactions on Internet Technology, Vol. 22, No. 4, Article 85. Publication date: December 2022.

PPRP: Preserving-Privacy Route Planning Scheme in VANETs 85:11

Fig. 5. Route planning phase via public channel.

(iii) The RSUistorages the hash chains HC.

(2) After the vehicle vjsuccessfully authenticates with the RSUi,theRSUiwill send {EKi

(i||AI D j||Valuecurr ent ||t4),H(EKi),t4}to the vehicle vj,whereValuecurr ent is a temporary hash

value currently used to aid V2V authentication, where i,j∈{1,2,...,n}.

(3) On receiving {EKi(i||AID j||Valuecurr ent ||t4),H(EKi),t4}, the vehicle vjveries H(EKi)and t4.

If both are correct, the vehicle vjdecrypts the message with the key Kito get Valuecur rent ,where

i,j∈{1,2,...,n}. However, the lifetime of Valuecurrent is short. Before the current Valuecurr ent

going to end, the RSUineeds to broadcast the new hash value to the vehicles in its coverage area.

ACM Transactions on Internet Technology, Vol. 22, No. 4, Article 85. Publication date: December 2022.

85:12 Y. Liang et al.

After the vehicle receives the new hash value, the vehicle will check whether the (1) holds. If so,

the vehicle accepts it; otherwise, it will be rejected.

Valueol d =H(Valuenew ).(1)

(4) The vehicle vjwants to send message Mjto the vehicle vl. Firstly, the vehicle vjcalculates the

relevant parameters, where djis the random number selected by the vehicle vj,tjis a timestamp,

and Kiis the session key between the vehicle vjand the RSUi. The calculation of the parameters

is as follows:

Dj=д·dj

i=Mj⊕Valuecur r ent

i=Dj⊕Valuecur rent

ψj=dj·H(AI D j||Ki||Dj||Mj||tj)

Then, the vehicle vjsends {AI Dj,C1

i,C2

i,ψj,tj}to the vehicle vl,wherei,j,l∈{1,2,...,n}.

(5) On receiving {AI D j,C1

i,C2

i,ψj,tj}, the vehicle vlveries the timestamp tj.Ifitfails,thevehicle

vlrejects it. Otherwise, the vehicle vluses Valuecurr ent to decrypt C1

iand C2

ifor obtaining Mjand

Dj. The decryption process is as follows, where i,j,l∈{1,2,...,n}.

Mj=C1

i⊕Valuecur r ent

Dj=C2

i⊕Valuecur rent

Finally, the vehicle vlcheck whether the (2) holds. If so, the vehicle vlaccepts the message Mj;

otherwise, it will be rejected.

д·ψj=Dj·H(AI D j||Ki||Dj||Mj||tj).(2)

Batch Verication: This method can support batch verication. Hence, the vehicle vlcan simul-

taneously verify multiple messages from other vehicles. After receiving messages from dierent

vehicles, the vehicle vlrandomly selects a set R={r1,r2,...,rn}, in addition, rj∈[1,2k]andkis

a small random integer. When all timestamps are valid, the vehiclevlchecks if the (3) holds. If so,

the vehicle vlaccepts all messages; otherwise, they will be rejected. Moreover, this way can resist

the attacks on ID-based batch signatures [Liu et al. 2014].









j=1

rj·ψj





·д=







j=1

Dj·rj·H(AI D j||Ki||Dj||Mj||tj)



.(3)

The detailed proof is as follows:

(n

j=1rj·ψj)·д=(n

j=1rj·dj·H(AI D j||Ki||Dj||Mj||tj)) ·д

=(n

j=1rj·dj·д·H(AI D j||Ki||Dj||Mj||tj))

=(n

j=1Dj·rj·H(AI D j||Ki||Dj||Mj||tj))

Where Dj=д·dj,ψj=dj·H(AI D j||Ki||Dj||Mj||tj),i,j,l∈{1,2,...,n}.

6 PERFORMANCE ANALYSIS

In this section, we analyze the privacy and utility of the proposed scheme about route privacy,

anonymity, traceability, and unlinkability. Then, we compare the time consumption of our scheme

with recent schemes for vehicular networks.

6.1 Privacy and Utility Analysis

Route privacy: In route planning, CA gets the relevant path information mj

path ={Rj

1,Rj

2,...,

i,...,Rj

w}from vehicle, Rj

i=i·Sj+д·xj,wherei,j∈{1,2,...,n}. If CA wants to deduce

number ifrom the relevant path information Rj

i, it needs to know Rj

i, the relevant parameter Sj,

the generator дand the random number xjchosen by the vehicle. Although CA knows Rj

iand Sj

ACM Transactions on Internet Technology, Vol. 22, No. 4, Article 85. Publication date: December 2022.

PPRP: Preserving-Privacy Route Planning Scheme in VANETs 85:13

Table 2. Performance Comparison

Our scheme [Kumar et al. 2020] [Cui et al. 2019] [Wang et al. 2019][Kamil and

Ogundoyin 2019]

route privacy Y N N N N

anonymity Y Y Y Y Y

traceability Y N Y Y Y

unlinkability Y Y Y Y Y

Table 3. The Definition and Time of the Primary Operations

Operations Denition Time(ms)

Hash Function TH: the execution time of one hash function

operation.

0.001

Addition in ECC TA−ECC : the execution time of one addition

operation-based ECC.

0.012

Scalar Multiplication in ECC TM−ECC :the execution time of one Scalar

multiplication operation-based ECC.

6.128

AES Encryption TE−AES : the execution time of one AES

encryption.

0.006

AES Decryption TD−AES : the execution time of one AES

decryption.

0.003

from the vehicle, CA cannot get xj.Becausexjis the random number chosen by the vehicle and

only the vehicle knows it. Therefore, CA cannot compute ifrom Rj

iand know which RSUs the

vehicle will pass. As a result, the vehicle’s route privacy is protected.

Anonymity: In registration phase, CA generates the pseudonym of vjby AI D j=j⊕H(skCA||rj),

where j∈{1,2,...,n}. Later, the true identity of the vehicle is hidden in the pseudonym. If RSUs

and other vehicles want to compute the real identity jfrom AI D j, they must obtain skCA and rj.

However, those information are stored in CA’s database and only CA can use it. Therefore, all

RSUs and other vehicles cannot obtain skCA and rj. And they cannot deduce the real identity j

from AI D j. Therefore, anonymity is guaranteed.

Traceability: Once the message is disputed, CA can extract vehicle’s real identity. Since AI D j=

j⊕H(skCA||rj)and skCA and rjare stored in the CA’s database, CA can get vehicle’s real identity

by computing j=AI D j⊕H(skCA||rj). Therefore, traceability is guaranteed.

Unlinkability: Because the pseudonym of each vehicle is updated periodically, so it is impossible

for an adversary to connect multiple messages from the same vehicle.

6.2 Performance Evaluation

In this section, we analyze the merits and the time consumption of the proposed scheme and

compare it with recent schemes for vehicular networks. Firstly, the utility and privacy comparison

results listed in Table 2shows that our protocol can achieve more merits. Then, in order to do the

comparison of time consumption, the implementation is performed on a laptop that consists of an

Intel Core i5 processor with 1.6 GHz clock frequency, 4 GB 1,600 MHz DDR3 memory, and runs

macOS HighSierra operation system using C and python language. The results (average operation

times) of the implementation are shown in Table 3[Xu et al. 2019]. In addition, since the given

operations dominate the speeds of the authentication, we only discuss those operations and ignore

the other operations such as concatenation and XOR.

ACM Transactions on Internet Technology, Vol. 22, No. 4, Article 85. Publication date: December 2022.

85:14 Y. Liang et al.

Table 4. The Execution time of RSU in V2R

Scheme Verify a single vehicle Verify nvehicles

Our scheme TD−AES +2THn(TD−AE S +2TH)

[Kumaretal.2020] 5TM−ECC +2THn(5TM−ECC +2TH)

[Cui et al. 2019] 3TM−ECC +2TA−ECC +2TH(n+2)TM−ECC +

(2n)TA−ECC +(2n)TH

[Wang et al. 2019] 8TM−ECC +2TA−ECC +

2TE−AES +2TD−AES +6TH

n(8TM−ECC +2TA−ECC +

2TE−AES +2TD−AES +6TH)

[Kamil and Ogundoyin 2019] 2TM−ECC +2TA−ECC +TH2TM−ECC +n(TA−ECC +TH)

Table 5. The Execution Time of Vehicle in V2V

Scheme Verify a single-vehicle Verify nvehicles

Our scheme 2TM−ECC +TH(n+1)TM−ECC

[Kumaretal.2020] 5TM−ECC +2THn(5TM−ECC +2TH)

[Cui et al. 2019] 3TM−ECC +2TA−ECC +2TH(n+2)TM−ECC +(2n)TA−EC C +(2n)TH

Fig. 6. Comparison of authentication time in V2R (a).

The total execution time of each phase is related to the number of RSUs. For example, the

urban area of Beijing is about 1,401 square kilometers. The communication range of a RSU is

about 1,000 m and the area that the RSU can cover is about 3 square kilometers. Therefore, the

urban area of Beijing requires about 500 RSUs. In some jammed areas, more RSUs are needed,

we assume that the maximum number of RSU is 1,000. In V2R, TPD computes Requestj=

{epkCA(AI D j||mj

path ||t1),H(epkCA ),t1}. So, when there are nRSUs along the path, the time of com-

puting is (3n+2)TM−ECC +nTA−ECC +(n+1)TH. Next, CA veries H(epkCA ),decryptsepkCA with

private key skCA to get AI D jand mj

path, generates {Aj,H(Aj||t2),t2}. When there are nRSUs along

the path, the time spent by CA is (2n2+3)TM−ECC +n2TA−ECC +n2TE−AES +2TH. Then, TPD veries

ACM Transactions on Internet Technology, Vol. 22, No. 4, Article 85. Publication date: December 2022.

PPRP: Preserving-Privacy Route Planning Scheme in VANETs 85:15

Fig. 7. Comparison of authentication time in V2R (b).

Fig. 8. Comparison of authentication time in V2V (a).

H(Aj||t2)and decrypts the part of ciphertext from the matrix Aj. When there are nRSUs along the

path, the time of decryption by TPD is nTD−AES +TH.

In Table 4, we compare the verication time of the proposed scheme, [Cui et al. 2019;Kumar

et al. 2020;Wangetal.2019], and [Kamil and Ogundoyin 2019] in the V2R authentication Phase.

The performance simulation in authentication is illustrated in Figures 6and 9. The results show

the proposed scheme calculation time is better than others. In Table 5, we compare the verication

time of the proposed scheme, [Kumar et al. 2020] and [Cui et al. 2019] in the V2V authentication

ACM Transactions on Internet Technology, Vol. 22, No. 4, Article 85. Publication date: December 2022.

85:16 Y. Liang et al.

Fig. 9. Comparison of authentication time in V2V (b).

Phase. The performance simulation in V2V authentication is illustrated in Figures 7,8and 9.The

results show the proposed scheme calculation time is better than others.

7 CONCLUSIONS

In VANET, most authentication protocols do not take the risk of vehicle privacy leakage to CA into

account. Therefore, we propose a privacy-preserving route planning scheme for VANETs, which

protects vehicles’ route privacy from CA. In the proposed scheme, for the purpose of fast and

ecient V2R authentication, a vehicle needs to plan its own path. In route planning, the necessary

message sharing between the vehicle and the RSUs requires the assistance of CA. Meanwhile,

the proposed scheme ensures that CA does not know which RSUs’ information is shared with

the vehicle. Hence, CA cannot infer the path privacy of the vehicle from the RSUs it passes by.

After V2R authentication, the vehicle can eectively communicate with adjacent vehicles by the

assistance of RSUs. As a result, ecient V2R and V2V authentication is realized and path privacy is

protected from CA in our scheme. Besides, compared with recent schemes, the proposed scheme

not only met basic security requirements such as condentiality, authentication, integrity, and

traceability in VANET, but also implemented the privacy-preserving in route planning. Finally,

analysis shows the proposed scheme performance evaluation also presents the advantages in terms

of computational cost. In the future, our work can benet to the vehicular environment.

ACKNOWLEDGMENTS

The authors would like to thank Natural Science Foundation of China and Key projects of Guangxi

Natural Science Foundation.

REFERENCES

A. Ahmad, S. Din, A. Paul, G. Jeon, M. Aloqaily, and M. Ahmad. 2019. Real-time route planning and data dissemination

for urban scenarios using the internet of things. IEEE Wireless Communications 26, 6 (December 2019), 50–55. https:

//doi.org/10.1109/MWC.001.1900151

ACM Transactions on Internet Technology, Vol. 22, No. 4, Article 85. Publication date: December 2022.

PPRP: Preserving-Privacy Route Planning Scheme in VANETs 85:17

M. Alhaidary, S. M. M. Rahman, M. Zakariah, M. S. Hossain, A. Alamri, M. S. M. Haque, and B. B. Gupta. 2018. Vulnerability

analysis for the authentication protocols in trusted computing platforms and a proposed enhancement of the opad

protocol. IEEE Access 6 (2018), 6071–6081. https://doi.org/10.1109/ACCESS.2017.2789301

I. Ali, A. Hassan, and F. Li. 2019. Authentication and privacy schemes for vehicular ad hoc networks (VANETs): A survey.

Vehicular Communications 16 (April 2019), 45–61.

G. Calandriello, P. Papadimitratos, J. P. Hubaux, and A. Lioy. 2007. Ecient and robust pseudonymous authentication in

VANET. In Proceedings of the 4th ACM International Workshop on Vehicular ad hoc Networks. 19–28.

H. Cheng and Y. Liu. 2020. An improved RSU-based authentication scheme for VANET. Journal of Internet Technology 21, 4

(July 2020).

J. Cui, D. Wu, J. Zhang, Y. Xu, and H. Zhong. 2019. An ecient authentication scheme based on semi-trusted authority in

VANETs. IEEE Transactions on Vehicular Technology 68, 3 (2019), 2972–2986.

D. Eckho, C. Sommer, T. Gansen, R. German, and F. Dressler. 2010. Strong and aordable location privacy in VANETs:

Identity diusion using time-slots and swapping. In Proceedings of the 2010 IEEE Vehicular Networking Conference. IEEE,

174–181.

B. B. Gupta. 2018. Computer and Cyber Security: Principles, Algorithm, Applications, and Perspectives. CRC Press.

D. He, S. Zeadally, B. Xu, and X. Huang. 2015a. An ecient identity-based conditional privacy-preserving authentication

scheme for vehicular adhoc networks. IEEE Transactions on Information Forensics & Security 10, 12 (December 2015),

2681–2691.

D. He, S. Zeadally, B. Xu, and X. Huang. 2015b. An ecient identity-based conditional privacy preserving authentication

scheme for vehicular ad hoc networks. IEEE Transactions on Information Forensics & Security 10, 12 (December 2015),

2681–2691. https://doi.org/10.1109/TIFS.2015.2473820

Hironori Hiraishi. 2018. Passenger condition based route-planning for cognitive vehicle system. International Journal of

Software Science and Computational Intelligence 10, 2 (2018), 25–35. https://doi.org/10.4018/IJSSCI.2018040102

C. Y. Hsu, C. S. Yang, L. C. Yu, C. F. Lin, H. H. Yao, D. Y. Chen, K. R. Lai, and P. C. Chang. 2015. Development of a cloud-based

service framework for energy conservation in a sustainable intelligent transportation system. International Journal of

Production Economics 164 (June 2015), 454–461.

M. M. Hussain and M. S. Beg. 2019. Using vehicles as fog infrastructures for transportation cyber-physical systems (T-CPS):

Fog computing for vehicular networks. International Journal of Software Science and Computational Intelligence (IJSSCI)

11, 1 (2019), 47–69.

D. Jiang and L. Delgrossi. 2008. IEEE 802.11p: Towards an international standard for wireless access in vehicular environ-

ments. In Proceedings of the Vehicular Technology Conference. IEEE, Singapore, 2036–2040.

I. A. Kamil and S. O. Ogundoyin. 2019. An improved certicateless aggregate signature scheme without bilinear pairings

for vehicular ad hoc networks. Journal of Information Security and Applications 44 (February 2019), 184–200.

S. Kaushik and C. Gandhi. 2019. Ensure hierarchal identity based data security in cloud environment. International Journal

of Cloud Applications and Computing (IJCAC), 9, 4 (2019), 21–36.

J. B. Kenney. 2011. Dedicated short-range communications (DSRC) standards in the united states. In Proceedings of the IEEE.

99, 7 (July 2011), 1162–1182.

N. Koblitz. 1987. Elliptic curve cryptosystems. Mathematics of Computation 48, 177 (1987), 203–209. https://doi.org/10.2307/

2007884

V. Kumar, M. Ahmad, D. Mishra, S. Kumari, and M. K. Khan. 2020. RSEAP: RFID based secure and ecient authentication

protocol for vehicular cloud computing. Vehicular Communications 22 (April 2020), 100213.1–100213.13.

X. Sun, X. Lin, P. Ho, and X. S. Shen. 2007. A secure and privacy preserving protocol for vehicular communication. IEEE

Trans. Veh. Technol 56 (2007), 3442–3456.

J. K. Liu, T. H. Yuen, M. H. Au, and W. Susilo. 2014. Improvements on an authentication scheme for vehicular sensor

networks. Expert Systems with Applications 41, 5 (2014), 2559–2564.

Y. Liu, L. Wang, and H. Chen. 2015. Message authentication using proxy vehicles in vehicular ad hoc networks. IEEE

Transactions on Vehicular Technology 64, 8 (August 2015), 3697–3710.

Y. Mu, J. Zhang, V. Varadharajan, and Y. Lin. 2003. Robust non-interactive oblivious transfer. IEEE Communications Letters

7, 4 (April 2003), 153–155. https://doi.org/10.1109/LCOMM.2003.811213

Y. Pan, J. Li, L. Feng, and B. Xu. 2011. An analytical model for random changing pseudonyms scheme in VANETs. In

Proceedings of the International Conference on Network Computing & Information Security. 141–145. https://doi.org/10.

1109/NCIS.2011.127

A. P. Pljonkin. 2019. Vulnerability of the synchronization process in the quantum key distribution system. International

Journal of Cloud Applications and Computing 9, 1 (2019), 50–58. https://doi.org/10.4018/IJCAC.2019010104

S. M. Pournaghi, B. Zahednejad, M. Bayat, and Y. Farjami. 2018. NECPPA: A novel and ecient conditional privacy-

preserving authentication scheme for VANET. Computer Networks 134, 7 (April 2018), 78–92.

ACM Transactions on Internet Technology, Vol. 22, No. 4, Article 85. Publication date: December 2022.

85:18 Y. Liang et al.

M. Raya and J. Hubaux. 2005. The security of vehicular ad hoc networks. In Proceedings of the 3rd ACM Workshop on Security

of ad Hoc and Sensor Networks. ACM Press, 11–21.

J. Shao, X. Lin, R. Lu, and C. Zuo. 2016. A threshold anonymous authentication protocol for VANETs. IEEE Transactions on

Vehicular Technology 65, 3 (March 2016), 1711–1720. https://doi.org/10.1109/TVT.2015.2405853

K. A. Shim. 2012. An ecient conditional privacy-preserving authentication scheme for vehicular sensor networks. IEEE

Transactions on Vehicular Technology 61, 4 (May 2012), 1874–1883. https://doi.org/10.1109/TVT.2012.2186992

J. Song, Y. Liu, J. Shao, and C. Tang. 2020. A dynamic membership data aggregation (DMDA) protocol for smart grid. IEEE

Systems Journal 14, 1 (March 2020), 900–908. https://doi.org/10.1109/JSYST.2019.2912415

B. Wang, Y. Wang, R. Chen, and F. Li. 2019. A practical authentication framework for VANETs. Security and Communication

Networks 2019 (May 2019), 1–11. https://doi.org/10.1155/2019/4752612

X. Wang, X. Kuang, J. Li, J. Li, X. Chen, and Z. Liu. 2020. Oblivious transfer for privacy-preserving in VANET’s feature

matching. IEEE Transactions on Intelligent Transportation Systems, 22, 7 (2020), 4359–4366.

Y. Wang, H. Zhong, Y. Xu, J. Cui, and F. Guo. 2016. Ecient extensible conditional privacy-preserving authentication

scheme supporting batch verication for VANETs. Security and Communication Networks 9, 18 (2016), 5460–5471.

Y. Xu, Y. Xun, I. Khalil, Y. Zeng, X. Huang, S. Nepal, X. Yang, and H. Cui. 2019. A lightweight authentication scheme for

vehicular ad hoc networks based on MSR. Vehicular Communications 15 (January 2019), 16–27.

C. Zhang, R. Lu, X. Lin, P. H. Ho, and X. Shen. 2008. An ecient identity-based batch verication scheme for vehicular

sensor networks. In Proceedings of the IEEE INFOCOM 2008-The 27th Conference on Computer Communications. IEEE,

246–250.

L. Zhang, Q. Wu, A. Solanas, and J. Domingo-Ferrer. 2010. A scalable robust authentication protocol for secure vehicular

communications. IEEE Transactions on Vehicular Technology 59, 4 (May 2010), 1606–1617. https://doi.org/10.1109/TVT.

2009.2038222

Z. Zhao, J. Chen, Y. Zhang, and L. Dang. 2015. An ecient revocable group signature scheme in vehicular ad hoc networks.

Ksii Transactions on Internet & Information Systems 9, 10 (October 2015), 4250–4267.

H. Zhu, X. Y. He, X. M. Liu, and H. Li. 2015. PTFA: A secure and privacy-preserving trac ow analysis scheme for

intelligent transportation system. International Journal of Embedded Systems 8, 1 (December 2015), 8–86.

Received 1 August 2020; revised 17 September 2020; accepted 16 October 2020

ACM Transactions on Internet Technology, Vol. 22, No. 4, Article 85. Publication date: December 2022.

A Privacy-Preserving V2I Fast Authentication Scheme in VANETs

Article

Full-text available

Jun 2024

Due to the characteristics of high-speed movement of vehicles, authentication between vehicles and roadside units (RSUs) needs to be performed quickly. Vehicles can obtain the authentication information of the relevant RSUs from the certification authority (CA) in advance through route planning. Fast authentication can be performed when the vehicle enters the RSU range. However, in most of the current vehicle-to-infrastructure (V2I) fast authentication schemes, when the vehicle requests the authentication information of an RSU from the CA, the vehicle often needs to provide the CA with the travel path information, which leads to the CA easily obtaining the travel path of the vehicle. In addition, the CA encrypts the private keys of RSUs and sends them to vehicles as authentication keys, and the vehicles can obtain the private key information of RSUs directly after decryption. Once the private keys of RSUs are leaked, vehicular ad hoc networks (VANETs) can be attacked by malicious access. In order to protect the confidentiality of RSU private keys and the route privacy of vehicles, we propose a privacy-preserving V2I fast authentication scheme in VANETs. The scheme realizes the confidentiality of RSU private keys and the route privacy protection of vehicles by improving the oblivious transfer (OT) algorithm. Security analysis proves that our scheme has good privacy and attack resistance. Finally, performance evaluation shows that the proposed scheme performs better in terms of computational overhead and communication overhead compared to related schemes.

Unlocking the Potential of VANETs: Trust-Based Authentication and Deep Learning for Enhanced Security and Efficiency

Preprint

Full-text available

Jun 2023

Vehicular Adhoc Networks (VANETs) are emerging as a crucial component in the development of Intelligent Transportation Systems (ITS). These networks aim to enhance traffic operations, increase safety, and facilitate communication between vehicles and infrastructure. However, VANETs face significant privacy and security challenges. This study proposes a novel approach to address VANET energy efficiency and privacy analysis using a trust-based authentication system and deep learning methods. Attention layer integrated gradient kernel vector flow neural networks are utilized for classifying monitored data to detect malicious users. The hybrid multipath energy-efficient routing protocol contributes to improved energy efficiency. The experimental analysis evaluates energy efficiency, latency, throughput, packet delivery ratio, computational cost, and communication overhead, and trust value analysis. The proposed technique achieved energy efficiency of 99%, latency of 63%, throughput of 95%, PDR of 88%, computational cost of 57%, communication overhead of 59%, and trust value analysis of 77%. The experimental analysis reveals promising results in various performance metrics, demonstrating the potential of this approach in ensuring passenger and driver safety while addressing communication and security challenges in VANETs.

Privacy and security issues surrounding vehicular Adhoc networks

Article

Full-text available

Dec 2023

Emmanuel Asituha

Vehicular Ad-Hoc Networks (VANETs) is a type of mobile ad hoc network (MANET) specifically designed for communication among vehicles on the road. VANETs enable vehicles to communicate with each other and with roadside infrastructure, forming a dynamic and self-organizing network without the need for a fixed communication infrastructure. Security concerns in VANETs encompass a range of threats, including Authentication and Authorization attacks, Sybil attacks, Denial-of-Service incidents, Location spoofing, and Eavesdropping. Privacy, on the other hand, is a paramount concern in VANETs due to the sensitive nature of location-based data, Identity Disclosure, and user consent Control. The paper emphasizes the necessity for robust security mechanisms and outlines specific requirements for safeguarding VANETs. Proposed mitigation measures, including cryptographic techniques and authentication mechanisms, are critically assessed for their effectiveness and feasibility. The findings provide a comprehensive understanding of the complexities surrounding privacy and security in VANETs, contributing valuable insights for the development of resilient and privacy-preserving vehicular communication systems.

Provably Secure Conditional-Privacy Access Control Protocol for Intelligent Customers-Centric Communication in VANET

Article

Jan 2023

Globally, the development of Intelligent Cyber-Physical Transportation Systems (ICTS) aims to tackle several challenges, including reducing traffic accidents and fuel usage, alleviating congestion, shortening travel time, and enhancing overall transportation safety. These systems leverage advanced customer-centric communication and networked control methods, such as inter-vehicle, vehicle-to-roadside (V2R), and vehicle-to-vehicle (V2V) communication through the use of vehicular ad hoc networks (VANETs) to cover all aspects of transportation-based information. In existing systems, once devices are registered with a Trusted Authority (TA), subsequent authentication still relies on the TA’s assistance. However, these devices typically remain stationary, and frequent interaction with the TA becomes impractical and costly in highly mobile VANET environments. To address this challenge, we propose a secure access control protocol with conditional privacy for VANETs. Unlike other protocols, our protocol does not require the TA’s involvement during authentication between vehicles and RSUs. Additionally, our protocol leverages pseudonym mechanisms to provide conditional privacy, enabling legitimate vehicles to remain anonymous while malicious ones can be tracked. Our proposed scheme is supported by both formal and informal security analyses and has been shown to be secure against several known attacks in VANETs. Furthermore, compared to relevant studies, our protocol achieves 30.2505% of efficiency in terms of computation cost and 11.09276% of efficiency in terms of communication cost, respectively.

A New Privacy-Preserving Data Publishing Algorithm Utilizing Connectivity-Based Outlier Factor and Mondrian Techniques

Article

Full-text available

Aug 2023
CMC-COMPUT MATER CON

Developing a privacy-preserving data publishing algorithm that stops individuals from disclosing their identities while not ignoring data utility remains an important goal to achieve. Because finding the trade-off between data privacy and data utility is an NP-hard problem and also a current research area. When existing approaches are investigated, one of the most significant difficulties discovered is the presence of outlier data in the datasets. Outlier data has a negative impact on data utility. Furthermore, k-anonymity algorithms, which are commonly used in the literature, do not provide adequate protection against outlier data. In this study, a new data anonymization algorithm is devised and tested for boosting data utility by incorporating an outlier data detection mechanism into the Mondrian algorithm. The connectivity-based outlier factor (COF) algorithm is used to detect outliers. Mondrian is selected because of its capacity to anonymize multidimensional data while meeting the needs of real-world data. COF, on the other hand, is used to discover outliers in high-dimensional datasets with complicated structures. The proposed algorithm generates more equivalence classes than the Mondrian algorithm and provides greater data utility than previous algorithms based on k-anonymization. In addition, it outperforms other algorithms in the discernibility metric (DM), normalized average equivalence class size (Cavg), global certainty penalty (GCP), query error rate, classification accuracy (CA), and F-measure metrics. Moreover, the increase in the values of the GCP and error rate metrics demonstrates that the proposed algorithm facilitates obtaining higher data utility by grouping closer data points when compared to other algorithms.

A Lightweight Privacy-preserving Path Selection Scheme in VANETs

Article

Jul 2023

With the rapid development of edge computing, artificial intelligence and other technologies, intelligent transportation services in the vehicular ad hoc networks (VANETs) such as in-vehicle navigation and distress alert are increasingly being widely used in life. Currently, road navigation is an essential service in the vehicle network. However, when a user employs the road navigation service, his private data maybe exposed to roadside nodes. Meanwhile, when the trusted authorization sends the navigation route data to the user, the user can obtain all the road data. Especially, other unrequested data might be related to the military. Therefore, how to achieve secure and efficient road navigation while protecting privacy is a crucial issue. In this paper, we propose a privacy-preserving path selection protocol that supports a token as the object in the oblivious transfers, which effectively reduces the communication overhead. In addition, a lightweight dual authentication and group key negotiation protocol is provided to support dynamic joining or leaving of group members. Moreover, it can guarantee the security of forward data. After experimental analysis, the proposed protocol has high security and efficiency.

Adaptive and Convex Optimization-Inspired Workflow Scheduling for Cloud Environment

Article

Full-text available

Jan 2023

Scheduling large-scale and resource-intensive workflows in cloud infrastructure is one of the main challenges for cloud service providers (CSPs). Cloud infrastructure is more efficient when virtual machines and other resources work up to their full potential. The main factor that influences the quality of cloud services is the distribution of workflow on virtual machines (VMs). Scheduling tasks to VMs depends on the type of workflow and mechanism of resource allocation. Scientific workflows include large-scale data transfer and consume intensive resources of cloud infrastructures. Therefore, scheduling of tasks from scientific workflows on VMs requires efficient and optimized workflow scheduling techniques. This paper proposes an optimised workflow scheduling approach that aims to improve the utilization of cloud resources without increasing execution time and execution cost.

Unlinkable Signcryption Scheme for Multi-Receiver in VANETs

Article

Full-text available

Apr 2023

An increasing number of researchers are turning their attention to signcryption, particularly in the context of multi-receiver communication scenarios, due to its ability to simultaneously provide authentication, integrity, and confidentiality of messages. However, existing signcryption schemes have not been able to fully implement sender unlinkability. Specifically, when a sender signcrypts a secret message and obtains the corresponding ciphertext, the intended recipient must use the sender’s identity or public key to complete the unsigncryption process and retrieve the plaintext. Consequently, the recipient can link the sender via the same identity or public key. To address this issue, we present an Unlinkable Signcryption Scheme for Multi-Receiver (USS-MR). With Chinese Remainder Theorem (CRT), our USS-MR enables a vehicle to send the same secret message to a group of RoadSide Units (RSUs). Additionally, when a new message requires signcryption, the vehicle generates a new key pair, making it impossible for any RSU to link the vehicle through its public key. In our USS-MR, we have adopted a pseudonym mechanism to provide conditional privacy, which hides the real identity of the vehicle through the use of pseudonyms and avoids linking it to the identity. Moreover, if a vehicle is found to engage in malicious behavior, it will not only be tracked but also subjected to revocation. Comprehensive security analyses demonstrate that our USS-MR satisfies various security, privacy, and functionality requirements and effectively resists common attacks in Vehicular Ad-hoc Networks (VANETs). Finally, our USS-MR demonstrates certain advantages in terms of computation and communication when compared to relevant studies. In particular, our USS-MR maintains a consistent communication burden of 388 bytes.

HPRoP: Hierarchical Privacy-Preserving Route Planning for Smart Cities

Article

Aug 2023

Route Planning Systems (RPS) are a core component of autonomous personal transport systems essential for safe and efficient navigation of dynamic urban environments with the support of edge-based smart city infrastructure, but they also raise concerns about user route privacy in the context of both privately-owned and commercial vehicles. Numerous high profile data breaches in recent years have fortunately motivated research on privacy-preserving RPS, but most of them are rendered impractical by greatly increased communication and processing overhead. We address this by proposing an approach called Hierarchical Privacy-Preserving Route Planning (HPRoP) which divides and distributes the route planning task across multiple levels, and protects locations along the entire route. This is done by combining Inertial Flow partitioning, Private Information Retrieval (PIR), and Edge Computing techniques with our novel route planning heuristic algorithm. Normalized metrics were also formulated to quantify the privacy of the source/destination points ( endpoint location privacy ) and the route itself ( route privacy ). Evaluation on a simulated road network showed that HPRoP reliably produces routes differing only by $\le 20\% $ in length from optimal shortest paths, with completion times within ∼ 25 seconds which is reasonable for a PIR-based approach. On top of this, more than half of the produced routes achieved near-optimal endpoint location privacy (∼ 1.0) and good route privacy (≥ 0.8).

Facilitating innovation in the API economy: Privacy-enhanced and novelty-aware API recommendation for enterprises

Article

Full-text available

Jun 2023

Web APIs provide enterprises with a new way of driving innovations of new technology with limited resources. API recommendations greatly alleviate the selection burdens of enterprises in identifying potential useful APIs to meet their business demands. However, these approaches disregard the privacy leakage risk in cross-platform collaboration and the popularity bias in recommendation. To address these issues, first, we introduce MinHash, an instance of locality-sensitive hashing, into a collaborative filtering technique and propose a novel, privacy-enhanced, API recommendation approach. Second, we present a simulation algorithm to analyze the popularity bias in API recommendation. Third, we mitigate popularity bias by improving the novelty of recommendation results with an adaptive reweighting mechanism. Last, comprehensive experiments are conducted on a real-world dataset collected from ProgrammableWeb. Experimental results show that our proposed approach can effectively preserve usage data privacy and mitigate popularity bias at a minimum cost in accuracy.

An Improved RSU-based Authentication Scheme for VANET

Article

Full-text available

Jan 2024

A Practical Authentication Framework for VANETs

Article

Full-text available

May 2019

In vehicular ad hoc networks (VANETs), conditional privacy preserving authentication (CPPA) scheme is widely deployed to solve security and privacy issues. Existing CPPA schemes usually require ideal tamper-proof devices (TPDs) on vehicles which, however, might be infeasible or do not exist in reality due to high security requirements. To address this problem, we propose a practical framework of CPPA scheme that supports more realistic TPDs which are less secure correspondingly. We demonstrate that this framework also manages to achieve nonframeability in addition to other security objectives including nonrepudiation, conditional privacy preserving, and unlinkability. Moreover, performance analysis shows that our framework has better efficiency in authentication. All these features make our framework practical for VANETs.

A Dynamic Membership Data Aggregation (DMDA) Protocol for Smart Grid

Article

Full-text available

May 2019

In order to protect the privacy of individual data, meantime guaranteeing the utility of big data, the privacy preserving data aggregation is widely researched, which is a feasible solution since it not only preserves the statistical feature of the original data, but also masks single user’s data. With smart meter owning the capability of connecting to Internet, the aggregation area extends to the virtual area rather than a traditional physical area. However, in a virtual aggregation area, the users’ membership maybe frequently changes, if while executing the aggregation protocol for the traditional area, the overhead is not ignorable. In this paper, the homomorphic encryption and ID-based signature are employed to design a dynamic membership data aggregation (DMDA) scheme, which reduces the complexity on a new user’s joining and an old user’s quitting. In addition, the operation center obtains the sum of the data in the virtual aggregation area, meantime knows nothing about single user’s data. Comparing with traditional privacy-preserving data aggregation scheme, DMDA is more suitable for next-generation smart grid and other Internet of Things environments.

Using Vehicles as Fog Infrastructures for Transportation Cyber-Physical Systems (T-CPS): Fog Computing for Vehicular Networks

Article

Full-text available

Jan 2019

The advent of intelligent vehicular applications and IoT technologies gives rise to data-intensive challenges across different architectural layers of an intelligent transportation system (ITS). Without powerful communication and computational infrastructure, various vehicular applications and services will still stay in the concept phase and cannot be put into practice in daily life. The current cloud computing and cellular set-ups are far from perfect because they are highly dependent on, and bear the cost of additional infrastructure deployment. Thus, the geo-distributed ITS components require a paradigm shift from centralized cloud-scale processing to edge centered fog computing (FC) paradigms. FC outspreads the computing facilities into the edge of a network, offering location-awareness, latency-sensitive monitoring, and intelligent control. In this article, the authors identify the mission-critical computing needs of the next generation ITS applications and highlight the scopes of FC based solutions towards addressing them. Then, the authors discuss the scenarios where the underutilized communication and computational resources available in connected vehicles can be brought in to perform the role of FC infrastructures. Then the authors present a service-oriented software architecture (SOA) for FC-based Big Data Analytics in ITS applications. The authors also provide a detailed analysis of the potential challenges of using connected vehicles as FC infrastructures along with future research directions.

Oblivious Transfer for Privacy-Preserving in VANET's Feature Matching

Article

Feb 2020

In the feature matching of some Vehicular Ad Hoc Network (VANET) technologies, users’ privacy disclosure issue has seriously threatened personal safety and caused considerable economic loss. In this paper, we proposed Oblivious Transfer (OT) protocol and Private Set Intersection (PSI) protocol to protect the users’ privacy in the situation of VANET’s feature matching. In our schema, an efficient $k$ -out-of- $n$ OT protocol is constructed. Then, this OT protocol is adopted to give a PSI protocol with equality test. Based on the PSI protocol, the two parties of VANET can obtain the intersection of their characteristic sets and any information outside such intersection is unavailable. Accordingly, internal attacker fails to get any useful information from the two parties in the feature matching, and the two parties cannot obtain extra data of each other. Moreover, to reduce the computational cost of the OT protocol, the non-communicative algebraic structure–group ring $Z_{q}[S_{m}]$ is employed. In addition, we analyzed that the proposed scheme does not use complex calculations and can resist against the current quantum attacks.

Real-Time Route Planning and Data Dissemination for Urban Scenarios Using the Internet of Things

Article

Dec 2019

Vehicular ad hoc networks (VANETs) have gained interest because of their applicability and significance in the fields of traffic management, road monitoring and safety, infotainment, and on-demand services. Route planning in vehicular networks based on efficient collection of real-time data can effectively mitigate traffic congestion problems in urban areas. Furthermore, real-time data is shared by using an effective sharing mechanism to avoid redundancy of the collected information. However, dynamic route replanning and effective sharing mechanisms based on real-time data are still challenging problems. Therefore, the aim of this article is to describe route planning and data dissemination in real time using the Internet of Things paradigm. This objective is achieved by a novel data dissemination technique for information sharing among the roadside units in a hybrid VANET intelligent transportation system (Hybrid- VITS). Hybrid-VITS comprises VANETs, vehicular traffic servers, and a 5G-based cellular system of public transportation. By considering the traffic congestion in urban areas, the optimal path is calculated to replan routes based on the k shortest path algorithm, and a load balancing technique is adopted to avoid further congestion.

RSEAP: RFID based secure and efficient authentication protocol for vehicular cloud computing

Article

Nov 2019

Vehicular cloud computing (VCC) is an emerging research area, which comprises cloud, vehicular networking and Internet of Things (IoT) technologies. VCC presents vehicle-to-vehicle, vehicle-to-infrastructure or vehicle-to-device communication, where vehicles are equipped with communication sensing capacities. VCC is utilizing vehicle resources, cloud infrastructure and IoT environment. However, maintaining the security of communication and privacy of communicators are two major challenges in VCC. To achieve the goal of secure communication along with anonymity, we propose an elliptic curve cryptography (ECC) based authentication framework for VCC, which is equipped with a radio frequency identification (RFID). We prove the claim of secure communication using formal security analysis in the random oracle model and information analysis. Moreover, we prove the proposed protocol security against a replay attack and man-in-the-middle attack using the simulation tool “AVISPA”. We discuss and evaluate the performance of the proposed framework and compare it with related schemes on desirable performance parameters. Our analysis indicates that the proposed framework achieves all desirable security attributes and supports efficient communication.

Ensure Hierarchal Identity Based Data Security in Cloud Environment

Article

Oct 2019

Cloud computing has emerged as a new promising field in the internet. It can be thought as a new architecture for the next generation of IT enterprises. It allows the user to access virtualized resources over the internet which can be dynamically scaled. Here, the owner's data is stored at a distributed data centre, which are responsible for its security constraints such as access control and data transmission to user. As the owner does not have physical access on their own data, the data centres are not trustworthy, this resulted in the cloud data security demand. Today, many cloud service providers (CSPs) are using the asymmetric and public key cryptography (PKG) for authenticating and data security purposes using the digital identity of the user. To this end, this article focuses on cloud data storage and its delivery to authorized user. For this purpose, a hierarchal identity-based cryptography method is used for data security and checking the data integrity, in order to make sure that there is no alteration or modification done by a malicious attacker or CSP for its own benefit.

Authentication and privacy schemes for vehicular ad hoc networks (VANETs): A survey

Article

Feb 2019

The intelligent transportation system (ITS) is made possible and practical due to vehicular ad hoc networks (VANETs) that helps improve drivers safeties and traffic efficiency on road by interchanging traffic-related information among vehicles and infrastructures. However, due to the open wireless access medium, the security and privacy of this information become quite critical in VANETs. The attackers could capture, intercept, alter, replay and delete the traffic-related information and could compromise the security of VANETs. Therefore, to ensure security and privacy of the traffic-related information in VANETs is the hot research area of nowadays. In this context, lots of research works have been done to secure vehicular communications. However, these works did not address the security issues in terms of security requirements, security attacks, and efficiency in performance, properly. In this paper, several authentication and privacy schemes have been classified and discussed their mechanisms, strengths and limitations, security requirements, attacks, and performance parameters. Finally, we identified some open research challenges in the domain of VANETs security.

An Efficient Authentication Scheme Based on Semi-trusted Authority in VANETs

Article

Jan 2019

With the development of intelligent transportation systems, vehicular ad hoc networks (VANETs) are widely used in safety driving and so on. However, existing signature schemes, such as pseudonym- and group-based schemes, have certain problems such as the need for a certificate distribution and certificate revocation lists (CRLs). With such schemes, the vehicle needs to store a valid certificate generated by the management center. Simultaneously, the receiver needs to check the CRLs prior to message authentication. CRLs require large amounts of storage space and computational and communication resources. In addition, many such schemes are based on a trusted authority and do not meet real-world needs. Thus, we propose an efficient authentication scheme based on semi-trusted authority in VANETs. In this scheme, we combine the self-healing key distribution method with a certificateless signature in a semi-trusted authority environment such that the receivers do not require querying the CRLs. Therefore, the vehicles do not need to store the CRLs, thereby saving storage space and communication resources. This also reduces the computational costs and improves the efficiency of the message authentication. Moreover, because the proposed scheme is based on a semi-trusted authority, it is a more realistic approach.

PPRP: Preserving-Privacy Route Planning Scheme in VANETs

Abstract

Recommended publications

Robust Conditional Privacy-Preserving Authentication based on Pseudonym Root with Cuckoo Filter in V...

LVAP: Lightweight V2I authentication protocol using group communication in VANETs

PLVA: Privacy-Preserving and Lightweight V2I Authentication Protocol

An improved EAAP scheme for vehicular ad hoc networks