research article message authentication mechanism and privacy protection...
TRANSCRIPT
Research ArticleMessage Authentication Mechanism and Privacy Protection inthe Context of Vehicular Ad Hoc Networks
Hsin-Te Wu1 Alan Dahgwo Yein2 and Wen-Shyong Hsieh34
1Department of Information Management Fortune Institute of Technology Kaohsiung Taiwan2Department of Information Management Shu-Te University Kaohsiung Taiwan3Department of Computer Science and Engineering National Sun Yat-sen University Kaohsiung Taiwan4Department of Computer and Communication Shu-Te University Kaohsiung Taiwan
Correspondence should be addressed to Hsin-Te Wu wuhsintefotechedutw
Received 14 September 2014 Accepted 10 December 2014
Academic Editor Mo Li
Copyright copy 2015 Hsin-Te Wu et al This is an open access article distributed under the Creative Commons Attribution Licensewhich permits unrestricted use distribution and reproduction in any medium provided the original work is properly cited
Vehicular ad hoc networks (VANETs) have been widely researched in recent years VANETs are used mostly for road safety andtraffic efficiency therefore it is imperative that the communication between vehicles is rapid and secure in a VANET environmentIn the present study bilinear pairings were used to construct a complete message authentication scheme This scheme providedthe following features (1) vehicle or roadside unit (RSU) parameters were determined via a hierarchical protocol which preventedpotentially a large computational overhead for a single node (2) message broadcasts and private communications between vehiclesin the transmission range of the same RSU were enabled (3) message broadcasts and private communications between vehiclesin the transmission ranges of different RSUs were enabled (4) a fast handoff mechanism was established for vehicles in thetransmission ranges of different RSUs and (5) mechanisms formessage broadcasts and private communication were established forvehicles in areas where RSUs were sparsely located Based on the experimental results our scheme was confirmed to be superior toprevious schemes In terms of security our scheme offered the following features confidentialitymessage integrity nonrepudiationconditional anonymity and conditional untraceability
1 Introduction
Vehicular ad hoc networks (VANETs) have been widelyresearched in recent years VANETs are mobile networksin which vehicles equipped with on-board units (OBUs)communicate with each other or roadside units (RSUs) [1 2]Vehicles can broadcast traffic information to one another overVANETs [3] In addition passengers can communicate withpassengers in other vehicles or send electronic mail usinghand-held devices over VANETs [4] VANETs have drawnspecial attention for traffic safety and management [5 6]The information exchanged between vehicles over VANETsenhances road safety and improves traffic efficiency Gener-ally there are two different modes in VANETs for sendingmessages themessage broadcastmode inwhich neighboringvehicles may provide one another with up-to-date proximalvehicle state information via message broadcasts and theone-hop broadcast mode in which a vehicle can send
messages to one other specific vehicle One-hop broadcastsare mainly used for private communication between vehicles
There are two vehicular communication modes inVANETs [7] vehicle-to-vehicle communication (IVC) andRSU-to-vehicle communication (RVC) IVC allows eachvehicle to broadcast information to other vehicles or sendinformation to one specific vehicle via others RVC allowsvehicles to exchange information with one another withinthe broadcast range or communicate with and obtain infor-mation from other vehicles via wireless-device equippedRSUs VANETs enable vehicles to exchange up-to-date trafficinformation which improves the flow of traffic and drivingsafety However if the information is modified or falsified bya malicious vehicle user serious consequences such as trafficcongestion and even a traffic accident can occur A schemefor ensuring information security is proposed in the presentstudy
Hindawi Publishing CorporationMathematical Problems in EngineeringVolume 2015 Article ID 569526 11 pageshttpdxdoiorg1011552015569526
2 Mathematical Problems in Engineering
A message authentication scheme for VANETs shouldtake the following problems into consideration (1) theexchange of information between vehicles in VANETs isaccomplished throughwireless communicationTherefore tobe timely the volume of information cannot be excessivelyhigh nor can themethod formessage authentication be exces-sively complicated (2) Vehicles should be able to not onlybroadcast information but additionally communicate pri-vately with other devices (3)Vehicles use a short-range wire-less communication technique to communicate with RSUsand are usually moving at high speeds requiring frequenthandoffswith RSUs Handoff schemes with long computationtimes adversely affect the communication quality (4) RSUsmay be available only on main roads and not on minor ones
In the present study a complete message authenticationscheme is constructed using the bilinear pairings techniqueThe encryption scheme from bilinear pairings is appropriatefor VANETs The parameters for each node in this study aregenerated in a hierarchical way The long-term parametersfor each vehicle are generated by the trusted authority (TA)Vehicles use their long-term parameters to perform identity(ID) authenticationwithRSUs and then gain trust from themRSUs then produce short-term parameters for the vehiclesthat allow them to broadcast information and conduct privatecommunications When the vehicles are not within thetransmission range of any RSUs they can use their long-term parameters to broadcast information and communicateprivately with one another The trust gained from one RSUenables the vehicle to perform handoffs with other RSUsBased on the experimental results the scheme proposed inthis study shows excellent performance and is superior toother schemes in the literature
2 Related Works
The conventional public key infrastructure (PKI) schemewas used in [8] Assuming that a certificate authority (CA)provides each vehicle with a digital certificate of identitythat is a private key together with its associated public keythe vehicle can then use the asymmetric key for signing andverifying a message However the computational complexityincreases when a vehicle uses the PKI for message signatureand verification resulting in communication overhead Inaddition for the purposes of privacy and untraceability avehiclemust constantly change its certificate which adverselyaffects the CA overhead
A solution is defined in [9] in which vehicles can generatepublicprivate key pairs on their own The benefits lie in thefact that a vehicle uses a different key each time it sends amessage and that the vehicle is not required to update therelated parameters with the CA Assuming that there is acryptographic device or black box installed in each vehicleand in each black box there are an asymmetric key and acertificate issued by the CA the black box generates thepublicprivate key pair for the vehicle However the pub-licprivate key pair is the continuous product of two valuesresulting in each key pair having a long message length Thislong message length may result in communication overheadwhen the vehicle is sending messages
The scheme for vehicular communications used in [10]was constructed with a hierarchy in which the keys were gen-erated in a top-to-bottom manner The hierarchical methodallows vehicles to generate parameters such as their IDsthrough RSUs which mitigates the key escrow problem inthe CA The generated keys are reliable and nonforgeableHowever this scheme requires the use of vehicle certificatesThus the information exchanged between vehicles is verifiedvia the contents of the certificates The requirement for acertificate with each message may nevertheless result in datapacket overhead In addition message encryption based onbilinear pairings may result in computation overhead
In [11] to provide network access services a vehicle mustestablish a common key with the recipient vehicle via abroadcast message The common key ensures the security ofthe subsequent information exchange authentication mes-sage integrity and nonrepudiation However the commonkey is established using the identity-based cryptography(IBC) scheme which is based on bilinear pairings Theestablishment of a shared common key with each vehicle mayresult in vehicle computation overhead The authors in [11]did not discuss the problems of rekeying and pseudonymchanges These problems are significant in vehicle networkswarranting resolution A dynamic privacy-preserving keymanagement scheme for location-based services in VANETswas proposed in [12] This scheme ensures the anonymousauthentication of a vehicle and enables double-registrationdetection In addition each vehicle can use a one-way hashfunction to update the vehicles new session key Howeverthe computations for message signature and verificationpresented in [12] are complicated and the author did notinvestigate a private communication scheme
In [13] an elliptic curve digital signature algorithm(ECDSA) was used for message authentication The currentposition information is used together with the ECDSA forsigning messages from anonymous IDs Other vehicles donot require a third-party public key certificate for messageauthentication However the authors did not discuss theproblems of rekeying and private communication
The delay in long-term verification of centralized AAAarchitecture in literature [14] has been alleviated In thispaper a set of network security approaches based on bilinearDiffie-Hellman (BDH) problem are proposed to protectthe privacy of vehicles and network security of portableelectronic currency in VANETs environment However theproposed method requires a key to be generated at regularintervals on each vehicle in advance for privacy which is abig burden for the vehicle
In literature [15] a set of network security mechanismsbased on chameleon hashing was proposed to ensure vehicleprivacy and network communications security in VANETsHowever owing to computational complexity and packetlength of chameleon hashing it constitutes a big burden forVANETs
In literature [16] a set of network security mecha-nisms based on bilinear pairing was proposed Althoughit can ensure network communications security of vehiclesin VANETs it does not provide private communicationsbetween vehicles Besides the changes of relevant parameters
Mathematical Problems in Engineering 3
for vehicles involved have to be updated via TA Therefore ithas a centralized authentication issue
3 Background
This section will introduce the technologies used in themethod developed in this study Section 31 introduces bilin-ear pairing and hard problems Section 32 discusses Bonehand Franklins ID-based encryption Section 33 discussesShamirs ID-based cryptosystem and Section 34 covers bilin-ear Diffie-Hellman message authentication
31 Bilinear Pairings and Hard Problems Let 1198661and 119866
2
denote an additive and a multiplicative group and both ofthem with prime order 119902 Let 119875 be generator of 119866
1and let
119890 1198661times 1198661
rarr 1198662be a bilinear mapping with the following
properties
(1) Bilinear
119890 = (119886119875 119887119875) = 119890 (119875 119875)119886119887
119890 (119886 sdot 119875 + 119887 sdot 119875 119875) = 119890 (119886 sdot 119875 119875) 119890 (119887 sdot 119875 119875)
forall119875 isin 1198661 119886 119887 isin 119885
lowast
119902
(1)
(2) Nondegeneracy exist119875 isin 1198661such that 119890(119875 119875) = 1 That
is the mapping does not send all pairs in 1198661times 1198661to
the identity in 1198662
(3) Computable there exists an efficient algorithm tocompute 119890(119875 119875) for all 119875 isin 119866
1
The bilinear map 119890 can be implemented using the Weil[9] and Tate [10] pairings on elliptic curves We consider theimplementation of a Tate pairing on a MiyajindashNakabayashindashTakano (MNT) curve [11] with embedding degree 6 where1198661is represented by 161 bits and the order 119902 is represented by
160 bitsThe following part will define and specify various relevant
mathematical problems [12] whichwill be applied in the essaysubsequently
Bilinear Diffie-Hellman problem
Given (119875 119886119875 119887119875 119888119875) isin 1198661 where 119886 119887 119888 isin 119885lowast
119902
compute 119890 = (119875 119875)119886119887119888
Elliptic curve discrete logarithm problem (ECDLP)
Given two elements119875119876 isin 1198661 find an integer 119886 isin 119885lowast
119902
such that 119876 = 119886119875
32 ID-Based Encryption We used ID-based encryption [17]to encrypt and decrypt messages A private key generator(PKG) chooses a randomnumber 119892PKG isin 119885lowast
119902as itsmaster key
and selects two distinct hash functions 1198671 0 1lowast rarr 119866
1
and 1198672 1198662
rarr 0 1lowast Given a user 119894 with an identity ID119894isin
0 1lowast any party can obtain the userrsquos public key PUID119894 =
1198671(ID119894) The PKG sets the userrsquos private key PRID119894 = 119892PKG sdot
1198671(ID119894) User 119894 chooses 119904ID119894 isin 119885lowast
119902as herhis own secret value
and sets 119863ID119894 = 119904ID119894 sdot 119875 In the final step the PKG publishesthe system parameters (119902 119866
1 1198662 119890 119875 119863ID119894 ID119894 1198671 1198672) and
withholds 119904ID119894
Encrypt To encrypt a message 119872 isin 0 1lowast for the user withidentity ID
119894is as follows
(1) Choose a random number 119903 isin 119885lowast119875
(2) Set the cipher text 119862 to be
119862 = 119864IBC (119903119872PUID119894 119863ID119894)
= 119903 sdot 119875119872 oplus 1198672(119890 (PUID119894 119863ID119894)
119903
)
(2)
Decryption Let 119862 = ⟨119880119881⟩ To decrypt 119862 using the secretvalue 119904ID119894 compute119863IBC(119904ID119894 119862) = 119881oplus119867
2(119890(119904ID119894PUID119894 119880)) =
119872 where
119881 oplus 1198672(119890 (119904ID119894PUID119894 119880))
= 119872 oplus 1198672(119890 (PUID119894 119903119863ID119894)) oplus 119867
2(119890 (119904ID119894PUID119894 119903119875))
= 119872 oplus 1198672(119890 (PUID119894 119903119904ID119894119875)) oplus 119867
2(119890 (119904ID119894PUID119894 119903119875))
= 119872 oplus 1198672(119890 (PUID119894 119903119904ID119894119875)) oplus 119867
2(119890 (PUID119894 119903119904ID119894119875))
= 119872
(3)
33 ID-Based Cryptosystem The advantage of ID-basedcryptosystems [17] is that public key certificates are nolonger needless and this possibly causes a saving of spacerequirements Besides it also reduces the key managementcost which is a heavy burden in conventional public keyinfrastructure (PKI) However it has a serious drawbackcalled key escrow problem PKG is responsible for generatinga userrsquos private key so it can decrypt any ciphertext or forgeany userrsquos signature on any message
34 Message Authentication Based on the Bilinear HardProblems (BHD) Method In this study message signaturesand verification are established based on the BDH methodIn this scheme user 119894 selects a random number ℎ
119894isin 119885lowast119902as
the secret value calculates the public value (119861119894) and then
broadcasts 119861119894to all other users Notations of the BDH list the
notation used in this study User 119894 broadcasts message119872119894119895by
executing the following steps
(1) User 119894 calculates 119908119894119895
= 119867(119872119894119895
119879119895) mod 119901
(2) User 119894 calculates ℎ119894
= 119910119894119895
lowast 119908119894119895
+ 119903119894119895 where
119910119894119895
represents the quotient and 119903119894119895
represents theremainder
(3) User 119894 broadcasts ⟨119872119894119895 119910119894119895
sdot 119875 ID119894 119879119895 119890(119875 119903
119894119895sdot 119875)⟩
Other users can then verify the message upon receipt byexecuting the following steps
(1) Calculate 119908119894119895
= 119867(119872119894119895
119879119895) mod 119901
4 Mathematical Problems in Engineering
(2) Check whether 119890(119908119894119895
sdot 119875 119910119894119895
sdot 119875) + 119890(119875 119903119894119895
sdot 119875) =
119890(119875 119875)ℎ119894
= 119861119894
If the equality in step (2) is satisfied then this condition ver-ifies that the user 119894 sent the message During the verificationprocess other users receive only119910
119894119895sdot119875 119890(119875 119903
119894119895sdot119875)119908
119894119895and119861
119894
Based on elliptic curves and the discrete logarithm problem(ECDLP) ℎ
119894cannot be calculated without 119910
119894119895sdot 119875 and 119861
119894
Therefore message security is ensured Furthermore becauseℎ119894belongs to the user alone nonrepudiation of the message
is also ensured
4 Message Authentication Scheme
The scheme proposed in this study consists of five parts(1) system initialization and RSU registration (2) intra-RSUmessage authentication (3) inter-RSU message authentica-tion (4) handoff and (5) message authentication when RSUsare not available
41 System Model Figure 1 shows the system environmentused in this study We assume that the TA is a legal organiza-tion and is responsible for the security of the entire networkWhen there is an attack on the network infrastructure from amalicious node the TA will broadcast the true identity of thenode and take necessary actionWe further assume that RSUsare installed on streetlights or traffic signs on main roads andthere are no RSUs installed on minor roads Each vehicleis equipped with an OBU Communication between the TAand RSUs is via a wired network whereas communicationbetween OBUs and the TA is via an IEEE 80211p wirelessnetwork Notation used in this paper lists the notation usedin this study
42 System Initialization Given the bilinear parameters(119902 1198661 1198662 119890 119875) as defined in Section 31 the TA sets up the
system by executing the following steps
(1) The TA chooses ℎID119905TA isin 119885lowast
119902as its secret value
(2) The TA selects three hash functions 119867 0 1lowast rarr
119885lowast1199021198671 0 1lowast rarr 119866
1 and119867
2 1198662
rarr 0 1lowast(3) The TA calculates 119861ID119905TA = 119890(ℎID119905TA119875 119875) as its public
value(4) The TA sets119863ID119905TA = ℎID119905TA sdot 119875(5) The TA sets PUID119905TA = 119867
1(ID119905TA)
(6) The TA sets PRID119905TA = ℎID119905TA1198671(ID119905TA)
The TA broadcasts the parameters (ID119905TA 119861ID119905TA 119863ID119905TA
1198671198671 1198672) while (PR
119905TA ℎID119905TA) remain undisclosed Inaddition the TA sets the related parameters for each RSU byexecuting the following steps
(1) The node 119877119877chooses ℎID119905119877119877 isin 119885lowast
119902as its secret value
(2) It calculates 119861ID119905119877119877= 119890(ℎID119905119877119877
119875 119875) as its public value
(3) It sets119863ID119905119877119877= ℎID119905119877119877
sdot 119875
Vb
Va
R2R1
VcR3
Ve
Vd
R4
TA
Figure 1 System environment
(4) It sets PUID119905119877119877= 1198671(ID119905119877119877
)
The TA sets up the system by executing the followingsteps
(1) Set PRID119905119877119877= ℎID119905TA1198671(ID119905119877119877)
(2) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119905119877119877
) ID119905119877119877
119879119897ID119905119877119877
) mod 119901
(3) Calculate 119910ID119905TA 119895 = ℎID119905TA119908ID119905TA 119895 119890(119903ID119905TA 119895 sdot 119875 119875)
The RSU 119877119877broadcasts the parameters (ID
119905119877119877 119861ID119905119877119877
119863ID119905119877119877 119890(119903ID119905TA 119895 sdot119875 119875) 119910ID119905TA119875 119879119897ID119905119877119877
) and does not disclosethe parameters (ℎID119905119877119877
PRID119905119877119877) All nodes can verify the
legitimacy of the ID of the RSU by executing the followingsteps
(1) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119905119877119877
) ID119905119877119877
119879119897ID119905119877119877
) mod 119901
(2) Calculate 1198611015840ID119905TA = 119890(119908ID119905TA 119895 sdot 119875 119910ID119905TA 119895 sdot 119875) +
119890(119875 119903ID119905TA 119895 sdot 119875) = 119890(119875 119875)ℎID119905TA
(3) Check if 119861ID119905TA
= 1198611015840ID119905TA
TheTA generates the related parameters for the vehicle byexecuting the following steps
(1) The node 119881 chooses ℎID119894119881 isin 119885lowast119902as its secret value
(2) It calculates 119861ID119894119881 = 119890(ℎID119894119881119875 119875) as its public value(3) It sets119863ID119894119881 = ℎID119894119881 sdot 119875(4) It selects an anonymous identity ID
119894 and all users
can obtain its public key by computing PUID119894119881 =
1198671(ID119894119881
)
The TA sets up the system by executing the followingsteps
Mathematical Problems in Engineering 5
(1) Set PRID119894119881 = ℎID119905TA1198671(ID119894119881)
(2) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119894119881) ID
119894119881
119879119897ID119894119881) mod 119901
(3) Calculate 119910ID119905TA 119895 = ℎID119905TA119908ID119905TA 119895 119890(119903ID119894TA 119895 sdot 119875 119875)
Each vehicle broadcasts the parameters (ID119894119881
119861ID119894119881
119863ID119894119881 119890(119903ID119905TA 119895 sdot 119875 119875) 119910ID119905TA 119895119875 119879119897ID119894119881) and does not disclosethe parameters (ℎID119894119881 PRID119894119881) The TA records the parame-ters (ID
119905119881 ID119894119881
119861ID119894119881 119863ID119894119881 119879ID119894119881119895) for each vehicleEach vehicle or RSU can verify the legitimacy of the
vehicle ID by executing the following steps
(1) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119894119881) ID
119894119881
119879119897ID119894119881) mod 119901
(2) Calculate 1198611015840ID119905TA = 119890(119908ID119905TA 119895 sdot 119875 119910ID119905TA 119895 sdot 119875) +
119890(119875 119903ID119905TA 119895 sdot 119875) = 119890(119875 119875)ℎID119905TA
(3) Check if 119861ID119905TA
= 1198611015840ID119905TA If the equality is satisfiedthen the user is legal
43 Registration When a vehicle 119881119886is within the transmis-
sion range of RSU 1198771 the vehicle 119881
119886and 119877
1will send an ID
verification request to each other After successful verifica-tion RSU 119877
1will then generate the short-term parameters
for119881119886 Vehicle119881
119886can retain its anonymity and security using
the short-term parameters by executing the following steps
(1) Use the identity-based cryptography (IBC) techniqueto generatethe common session key for RSU 119877
1and
vehicle 119881119886 Vehicle 119881
119886uses its own private key and
the public key of RSU 1198771to generate the common
session key The public key of RSU 1198771is calculated
from the true ID of RSU1198771Therefore vehicle119881
119886does
not require the public key of RSU 1198771 The calculation
is as follows
SK119881119886minus1198771
= 119890 (PRID119894119881119886PUID1199051198771
)
= 119890 (PUID119894119881119886 ℎID119905TAPUID1199051198771
) = SK1198771minus119881119886
(4)
Because the TA generates the private keys for bothRSU 119877
1and vehicle 119881
119886 the common session keys
generated from RSU 1198771and vehicle 119881
119886are the same
Therefore RSU 1198771and vehicle 119881
119886can communicate
with each other privately(2) 119881119886generates the short-term parameters ID
119901119881119905 119861ID119901119881119905
and 119863ID119901119881119905
and uses symmetric encryption toencrypt the common session key (SK
119881119886minus1198771) as a
security key The encryption is supplemented bythe plain-text parameters (ID
119894119881119886 119861ID119894119881119886
119890(119903ID119905TA 119895 sdot
119875 119875) 119910ID119905TA 119895119875 119879119897ID119894119881119886) The calculation is as follows
119862 = SE (ID119901119881119905
119861ID119901119881119905 119863ID119901119881119905
119879119895)SK119881119886minus1198771
(5)
Vehicle 119881119886sends the message 119862 ID
119894119881119886 119861ID119894119881119886
119890(119903ID119905TA 119895 sdot 119875 119875) 119910ID119905TA 119895119875 119879119897ID119894119881119886
to 1198771
(3) When RSU 1198771receives the message 119877
1first verifies
whether the parameters of vehicle 119881119886are within the
valid limits through the following steps
(31) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119894119881119886
) ID119894119881119886
119879119897ID119894119881119886
) mod 119901
(32) Calculate 1198611015840ID119905TA = 119890(119908ID119905TA 119895 sdot 119875 119910ID119905TA 119895 sdot 119875) +
119890(119875 119903ID119905TA 119895 sdot 119875) = 119890(119875 119875)ℎID119905TA
(33) Check if 119861ID119905TA
= 1198611015840ID119905TA If the equality issatisfied then the user is legal
(4) To decrypt the encrypted message RSU 1198771first cal-
culates the common session key shared with vehicle119881119886 Then RSU 119877
1uses the common session key to
decrypt the message The calculation is as follows
SK1198771minus119881119886
= 119890 (PRID1199051198771PUID119894119881119886
)
= 119890 (PUID1199051198771 ℎID119905TAPUID119894119881119886
) = SK119881119886minus1198771
(6)
(5) RSU 1198771calculates the private key the common secret
key and the signature of 119881119886 The calculations are as
follows
(51) 1198771calculates PRID119901119881119886
as its private key(52) 119877
1chooses 119862ID119901119881119886
isin 119885lowast119902as its common secret
key(53) 119877
1calculates 119910ID1199051198771 119895 = ℎID1199051198771
119908ID1199051198771 119895 119890(119903ID1199051198771 119895 sdot
119875 119875) 119908ID1199051198772 119895= 119867(119867
2(119861ID119901119881119886
) ID119901119881119886
119879119897ID119901119881119886
) mod 119901
(6) RSU 1198771encrypts the parameters (PRID119901119881119886
119862ID119901119881119886)
using the common session key The calculation is asfollows
119862 = SE (PRID119901119881119886 119862ID119901119881119886
119879119895)SK1198771minus119881119886
(7)
RSU 1198771sends the message 119862 ID
119894119881119886 119890(119903ID1199051198771 119895
sdot
119875 119875) 119910ID1199051198771 119895119875 119879119897ID119901119881119886
to vehicle 119881119886
(7) When vehicle119881119886receives themessage the vehicle uses
the common session key to decrypt the message(8) 1198771
records (ID119894119881119886
ID119901119881119886
119861ID119901119881119886 119863ID119901119881119886
119862ID1199051198771 119895
119879119897ID119901119881119886
) and publishes (ID119901119881119886
119861ID119901119881119886 119863ID119901119881119886
119890(119903ID1199051198771 119895sdot 119875 119875) 119910ID1199051198771 119895
119875 119879119897ID119901119881119886
) to all vehicles in itsdomain
To improve the efficiency of the handoff process RSU 1198771
generates a common secret key for vehicle 119881119886and each RSU
RSU 1198771uses a one-way hash chain [13] to generate 119898 keys
6 Mathematical Problems in Engineering
Table 1 RID-key table
ID of RSUNew ID ofvehicle
(handoff)
ID of vehicle(RSU
generate)
ID of vehicle(TA generate)
Commonsecret key
Expire timeof commonsecret key
BDH value ofvehicle
Data key ofvehicle
Expire timeof key
1198771 ID1015840
119901119881119886ID119901119881119886
ID119894119881119886
119896ID119901119881119886 1198771119879119897ID1015840119901119881119886
119861ID119901119881119886119863ID119901119881119886
119879119897ID119901119881119886
119877119898 ID10158401015840
119901119881119886ID119901119881119886
ID119894119881119886
119896ID119901119881119886 119877119898119879119897ID10158401015840119901119881119886
non non non1198771 ID1015840
119901119881119887ID119901119881119887
ID119894119881119887
119896ID1199011198811198871198771
119879119897ID1015840119901119881119887
119861ID119901119881119887
119863ID119901119881119887
119879119897ID119901119881
119887
119877119898minus1 ID10158401015840
119901119881119887ID119901119881119887
ID119894119881119887
119896ID119901119881119887119877119898
119879119897ID10158401015840119901119881119887
non non non
119896ID119901119881119886 119877119898 119896ID119901119881119886 119877119898minus1
119896ID119901119881119886 1198771Themethod for generating
the keys is as follows
119865 (119862ID119901119881119886 PRID119901119881119886
) = 119896ID119901119881119886 119877119898
119865 (119896ID119901119881119886 119877119898 PRID119901119881119886
) = 119896ID119901119881119886 119877119898minus1
119865 (119896ID119901119881119886 1198772 PRID119901119881119886
) = 119896ID119901119881119886 1198771
(8)
RSU 1198771uses a one-way hash chain [13] to generate 119898
anonymous IDs ID1015840119901119881119886
ID10158401015840119901119881119886
ID101584010158401015840119901119881119886
The method forgenerating the IDs is as follows
119865 (ID119901119881119886
PRID119901119881119886) = ID1015840
119901119881119886
119865 (ID1015840119901119881119886
PRID119901119881119886) = ID10158401015840
119901119881119886
119865 (ID10158401015840119901119881119886
PRID119901119881119886) = ID101584010158401015840
119901119881119886
(9)
Each RSU has two tables an RID-key table and an SID-key table The RID-key table is used to store the relatedparameters generated by RSU (Table 1) RSU 119877
1uses the
common session key that it shares with each RSU to encryptthe common secret key that vehicle 119881
119886has with each RSU
and the anonymous ID RSU 1198771then sends the encrypted
message to other RSUs When another RSU receives theencrypted message that RSU first uses the common sessionkey that it shares with RSU 119877
1to decrypt the message
and then stores the parameters for vehicle 119881119886in the table
(Table 2) Because vehicle 119881119886has the related parameters
(PRID119901119881119886 ID119901119881119886
119862ID119901119881119886) it can generate a common secret key
shared with each RSU and an anonymous ID on its ownTheparameters are stored in the table (Table 3) The parametersfor vehicle 119881
119886do not permit any one RSU to obtain the
parameters that vehicle 119881119886shares with other RSUs Because
other RSUs cannot obtain the private key and the commonsecret key of vehicle 119881
119886 the security of vehicle 119881
119886is ensured
44 Intra-RSU Message Authentication Vehicle 119881119886broad-
castsmessages to other vehicleswithin the transmission rangeof an RSU The calculations are as follows
(1) Vehicle 119881119886uses the BDH method to authorize a
message signature The calculations are as follows
(11) Vehicle 119881119886calculates 119908ID119901119881119886 119895
= 119867(119872ID119901119881119886 119895
ID119901119881119886
119879119895) mod 119901
(12) Vehicle119881119886calculates 119910ID119901119881119886 119895 = ℎID119901119881119886 119895
119908ID119901119881119886 119895
119890(119903ID119901119881119886 119895sdot 119875 119875) ∘
(13) Vehicle 119881119886broadcasts the message ⟨119872ID119901119881119886 119895
119861ID119901119881119886 119863ID119901119881119886
119890(119903ID119901119881119886 119895sdot 119875 119875) 119910ID119901119881119886 119895
119875 ID119901119881119886
119879119895⟩ to other vehicles within range
(2) When other vehicles receive the message they canverify the authenticity of the message The calcula-tions are as follows
(21) Calculate 119908ID119901119881119886 119895= 119867(119872ID119901119881119886 119895
ID119901119881119886
119879119895) mod 119901 ∘
(22) Calculate 1198611015840ID119901119881119886= 119890(119908ID119901119881119886 119895
sdot 119875 119910ID119901119881119886 119895sdot 119875) +
119890(119903ID119901119881119886 119895sdot 119875 119875) = 119890(119875 119875)
ℎID119905TA
(23) Check if 119861ID119901119881119886
= 1198611015840ID119901119881119886 If the equality is
satisfied then vehicle 119881119886sent the message
Assuming that two vehicles within the transmission rangeof a given RSU want to send private messages to eachother (Figure 1) vehicle 119881
119886and vehicle 119881
119887will calculate their
common key The calculation is as follows
SK119881119886minus119881119887
= 119890 (PRID119901119881119886PUID119901119881
119887
)
= 119890 (PUID119901119881119886 ℎID119905119877119877
PUID119901119881119887
) = SK119881119887minus119881119886
(10)
Then vehicle 119881119886uses the common session key (SK
119881119886minus119881119887)
to first encrypt the message and then send it to vehicle 119881119886
When119881119887receives the encrypted message the vehicle uses the
common session key (SK119881119887minus119881119886
) to decrypt the message andthen obtain the contents of the messageThe benefits of usingIBC lie in the fact that the other vehiclersquos public key can beeasily calculated based on its ID and that the common sessionkey can be calculated based on the other vehiclersquos public key
Mathematical Problems in Engineering 7
Table 2 SID-key table
New ID ofvehicle(handoff)
Informed byRSU
Commonsecret key
Expire timeof commonsecret key
BDH value ofvehicle
Data key ofvehicle
Expire timeof key
ID1015840119901119881119905
1198777
119896ID119901119881119905 1198771119879119897ID1015840119901119881119905
non non non
ID10158401015840119901119881119905minus7
119877119898
119896ID119901119881119905minus7 1198771119879119897ID10158401015840119901119881119905minus7
non non nonID1015840119901119881119888
119877119898minus2
119896ID119901119881119888 1198771119879119897ID1015840119901119881119888
119861ID119901119881119888119863ID119901119881119888
119879119897ID119901119881119888
ID10158401015840119901119881119889
1198777
119896ID1199011198811198891198771
119879119897ID10158401015840119901119881119889
119861ID119901119881119889
119863ID119901119881119889
119879119897ID119901119881
119889
Table 3 SID issue table
ID of RSUNew ID ofvehicle
(handoff)
ID of vehicle(RSU generate)
ID of vehicle(TA generate)
Commonsecret key
Private key(RSU) Secret value Expire time
of key
1198771 ID1015840
119901119881119886ID119901119881119886
ID119894119881119886
119896ID119901119881119886 1198771PRID119901119881119886
ℎID119901119881119886119879119897ID119901119881119886
119877119898 ID10158401015840
119901119881119886ID119901119881119886
ID119894119881119886
119896ID119901119881119886 119877119898 non non non
and its own private key Conversely the other vehicle can alsocalculate the common session key because the secret value ofthe common session key is the same
45 Inter-RSU Message Authentication Assuming that vehi-cle 119881119886wants to broadcast a message within the transmission
ranges of several RSUs and uses the BDH signature toensure the security of the message vehicle 119881
119886will first send
the parameters ⟨119872ID119901119881119886 119895 119890(119903ID119901119881119886 119895
sdot 119875 119875) 119910ID119901119881119886 119895119875 119861ID119901119881119886
ID119901119881119886
119910ID1199051198771 119895sdot119875 119890(119903ID1199051198771 119895
sdot119875 119875) sdot119879119897ID119901119881119905
119879119895⟩ to nearby RSUs
and then the RSUs will relay the message to other vehiclesThen other vehicles will first verify the legitimacy of vehicle119881119886by calculating 119908ID1199051198771 119895
= 119867(1198672(119861ID119901119881119886
) ID119901119881119886
119879119897ID119901119881119886
) mod 119901 and then calculating 119890(119908ID1199051198771 119895119875 119910ID1199051198771 119895
119875) +
119890(119903ID1199051198771 119895119875 119875) = 1198611015840IDID1199051198771
If it is the case then it proves thatvehicle 119881
119886is the legitimate user of RSU 119877
1
Other vehicles will verify the authenticity of the mes-sage from vehicle 119881
119886by first calculating 119908ID119901119881119886 119895
=
119867(119872ID119901119881119886 119895 ID
119901119881119886 119879119895) mod 119901 and then calculating
119890(119908ID119901119881119886 119895119875 119910ID119901119881119886 119895
119875) + 119890(119903ID119901119881119886 119895119875 119875) = 1198611015840ID119901119881119886 119895
If it is thecase then the message was sent from vehicle 119881
119886
In private communications the secret private key valueof each vehicle is different because there are multiple RSUsTherefore an ID-based encryption method should be usedLet vehicle 119881
119886and vehicle 119881
119888calculate their common session
keys Assuming that vehicle 119881119886wants to privately commu-
nicate with vehicle 119881119888 which is within the transmission
range of a different RSU vehicle 119881119888will first encrypt the
message Vehicle 119881119886will then calculate the public key using
the anonymous ID of vehicle 119881119888 Upon obtaining the data
key for vehicle 119881119888 vehicle 119881
119886will encrypt the message using
the public key and the data key of vehicle 119881119888 The calculation
is as follows
119862 = 119864IBC (119903119872PUID119901119881119888 119863ID119901119881119888
)
= 119903 sdot 119875119872 oplus 1198672(119890 (PUID119901119881119888
119863ID119901119881119888)119903
)
119872 = 119890 (PRID119901119881119886PUID119901119881119888
)
(11)
Subsequently vehicle 119881119888uses the private key to decrypt
the message Equation (2) shows the decryption methodVehicle 119881
119888then uses ID-based encryption to generate an
encrypted message for vehicle 119881119886 The calculation is as
follows
119862 = 119864IBC (119903119872PUID119901119881119886 119863ID119901119881119886
)
= 119903 sdot 119875119872 oplus 1198672(119890 (PUID119901119881119886
119863ID119901119881119886)119903
)
119872 = 119890 (PRID119901119881119886PUID119901119881119888
) + 119890 (PRID119901119881119888PUID119901119881119886
)
(12)
Vehicle 119881119886uses the private key to decrypt the message
Equation (2) shows the decryption method When vehicle119881119886
receives thecommon session key that it shares with vehicle119881119888
119881119886can communicate with vehicle 119881
119888privately The common
session key is
SK119881119886minus119881119888
= 119890 (PRID119901119881119886PUID119901119881119888
) + 119890 (PRID119901119881119888PUID119901119881119886
)
= SK119881119888minus119881119886
(13)
8 Mathematical Problems in Engineering
46 Handoff Problem When vehicle 119881119886comes within the
transmission range of the next RSU (1198772) vehicle 119881
119886will first
inquire for the common secret key that it shares with RSU 1198772
in Table 3 and then initiate the handoff The calculation is asfollows
(1) Vehicle 119881119886
first generates short-term parameters119861ID119901119881119905
119863ID119901119881119905and uses the common secret key
(119896ID119901119881119886 1198772) to encrypt the parametersThen vehicle119881119886
sends the parameters and its anonymous ID to RSU1198772
(2) RSU 1198772inquires for the common secret key and the
time of validity that it shares with vehicle119881119886in Table 2
based on the anonymous ID of vehicle 119881119886 If the time
of validity has expired then vehicle 119881119886will reregister
with RSU (Section 42) If the time of validity has notexpired 119877
2will generate the short-term parameters
for vehicle 119881119886 The calculations are as follows
(21) 1198772calculates PRID119901119881119886
as its private key(22) 119877
2calculates119908ID1199051198772 119895
= 119867(1198672(119861ID119901119881119886
) ID119901119881119886
119879119897ID119901119881119886
) mod 119901(23) 119877
2calculates 119910ID1199051198772 119895 = ℎID1199051198772
119908ID1199051198772 119895 119890(119903ID1199051198772 119895 sdot
119875 119875)
(3) RSU 1198771uses the common secret key to encrypt the
parameters (PRID119901119881119886 119862ID119901119881119886
) The calculation is asfollows
119862 = SE (PRID119901119881119886 CID119901119881119886
119879119895)SK1198771minus119881119886
(14)
RSU 1198771sends the message 119862 ID
119894119881119886 119890(119903ID1199051198771 119895
sdot
119875 119875) 119910ID1199051198771 119895119875 119879119897ID119901119881119886
to vehicle 119881119886
(4) When vehicle119881119886receives themessage the vehicle uses
the common secret key to decrypt the message(5) 1198771
records (ID119894119881119886
ID119901119881119886
119861ID119901119881119886 119863ID119901119881119886
119862ID1199051198771 119895
119879119897ID119901119881119886
) and publishes (ID119901119881119886
119861ID119901119881119886 119863ID119901119881119886
119890(119903ID1199051198771 119895sdot 119875 119875) 119910ID1199051198771 119895
119875 119879119897ID119901119881119886
) to all vehicles in itsdomain
47 Message Authentication When RSUs Are Not AvailableWhen RSUs are not available vehicles can broadcast mes-sages and conduct private communications using the param-eters generated by the TA by executing the following steps
(1) Vehicle 119881119889uses the BDH signature method to autho-
rize a message signature The calculations are asfollows
(11) Vehicle 119881119889calculates 119908ID119894119881
119889119895
= 119867(119872ID119894119881119889119895
ID119894119881119889
119879119895) mod 119901
(12) Vehicle 119881119889calculates 119910ID119894119881
119889119895
= ℎID119894119881119889119895119908ID119894119881
119889119895
119890(119903ID119894119881119889119895sdot 119875 119875)
(13) Vehicle 119881119889broadcasts the message ⟨119872ID119894119881
119889119895
119861ID119894119881119889
119863ID119894119881119889
119890(119903ID119894119881119889119895
sdot 119875 119875) 119910ID119894119881119889119895119875 ID119894119881119889
119879119895 119890(119903ID119905TA 119895 sdot 119875 119875) 119910ID119905TA 119895119875⟩ to other vehicles
(2) Other vehicles first verify the ID of vehicle 119881119889 The
calculations are as follows
(21) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119894119881
119889
) ID119894119881119889
119879119897ID119894119881
119889
) mod 119901
(22) Calculate 1198611015840ID119905TA = 119890(119908ID119905TA 119895 sdot 119875 119910ID119905TA 119895 sdot 119875) +119890(119875 119903ID119905TA 119895 sdot 119875) = 119890(119875 119875)
ℎID119905TA
(23) Check if 119861ID119905TA
= 1198611015840ID119905TA If the equality issatisfied then the user is legal
(3) Other vehicles then verify the authenticity of themessage The calculations are as follows
(31) Calculate 119908ID119894119881119889119895
= 119867(119872ID119894119881119889119895
ID119894119881119889
119879119895) mod 119901
(32) Calculate 1198611015840ID119894119881119889
= 119890(119908ID119894119881119889119895
sdot 119875 119910ID119894119881119889119895
sdot 119875) +
119890(119903ID119894119881119889119895sdot 119875 119875) = 119890(119875 119875)
ℎID119905TA
(33) Check if 119861ID119894119881119889
= 1198611015840ID119894119881119889
Satisfaction of theequality is proof that vehicle 119881
119889sent the mes-
sage
Assuming that two vehicles within the transmission rangeof the same RSU want to communicate privately with eachother (Figure 1) vehicle 119881
119889and vehicle 119881
119890will calculate their
common key The calculation is as follows
SK119881119889minus119881119890
= 119890 (PRID119894119881119889
PUID119894119881119890)
= 119890 (PUID119894119881119889
ℎID119905TAPUID119894119881119890) = SK
119881119890minus119881119889
(15)
Subsequently vehicle 119881119889uses the common session key
(SK119881119889minus119881119890
) to encrypt the message and send the message tovehicle 119881
119890 When vehicle 119881
119890receives the encrypted message
it uses the common session key (SK119881119890minus119881119889
) to decrypt themessage and obtain the contents of the message
5 Security and Performance Analysis
This section gives a security analysis to demonstrate that themethod developed in this study can provide confidentialityauthentication nonrepudiation conditional anonymity andconditional untraceability A performance analysis is con-ducted by comparing the results of the present study withthose in [12ndash15]
51 Security Analysis The following subsections discuss thespecific aspects of the security analysis of the proposedmethod
(1) Confidentiality Assuming that the ID of every node isnot repeated as confidential communications are occurring
Mathematical Problems in Engineering 9
Table 4 The comparison of property
Property Method[12] [13] [14] [15] Proposed method
Security and privacy preservation YES YES YES YES YESDo need the certificate NO NO NO YES NODo need the help of RSU forauthentication NO NO NO NO NO
PKI-based system NO NO NO NO NOCommunication within different RSU YES YES YES YES YESPrivacy communicate NO NO NO NO YES
among vehicles within the range of a single RSU the propertyof IBC is used to establish the common session keys Thecommon session key of a vehicle is calculated based on thebilinear pairings map According to the elliptic curve discretelogarithm problem (ECDLP) the common session key of amalicious node 119887 and node 119886 is SK
119887-119886 It is difficult for node119887 to determine a secret value from SK
119887-119886 node brsquos privatekey (PR
119887) and node arsquos public key (PU
119886) Other vehicles are
unable to calculate the common session key from their ownprivate keys and the public keys of nodes 119886 and 119887 and thusthe security of confidential communications is ensured
(2) Authentication and Nonrepudiation As a vehicle registersand gains the trust of an RSU the RSU will broadcast thevehiclersquos 119866
2value to all vehicles within range and that
specific 1198662represents the vehicle itself The parameters
⟨119872ID119895 119861ID 119863ID 119910ID119895119875 ID 119879119895⟩ are broadcast as the vehicle is
broadcasting messages Other vehicles will calculate 119908ID119895 =119867(119872ID119895 ID 119879ID119895) mod 119901 upon receipt of the messagesand then calculate 1198611015840ID = 119890(119908ID0119875 119910ID119895119875) + 119890(119903ID0119875 119875) =
119890(119875 119875)ℎID Other vehicles are unable to calculate 119910ID119895 from119910ID119895119875 based on the ECDLP but 119903ID0 119910ID119895 and 119908ID119895 canbe calculated from the parameters 119861ID 119910ID119895119875 based onthe BDH method provided that the equality 119861ID = 1198611015840IDwhich is calculated from the messages of the vehicle issatisfiedTherefore the vehicle sending themessages achievesundeniability and the source of the messages is known
(3) Conditional Anonymity The true ID of a vehicle is knownonly to the TA An anonymous ID (ID
119894) is used when a
vehicle registers with the TA and this anonymous ID (ID119894)
is renewed every time the vehicle registers with the TA Avehicle will renegotiate a new anonymous ID (ID
119901) within
the range of every RSU Therefore it is difficult for anothervehicle to obtain the true ID of the vehicle by tracking ID
119894
from ID119901because the true IDs of the vehicles are known
only to the TA and the individual vehicles bearing those IDsEvery RSU knows the anonymous ID (ID
119894) of each vehicle
but each vehicle has a different ID (ID119901) for every RSU which
prevents malicious RSUs from tracking the current locationof the vehicle
(4) Conditional Untraceability When a vehicle is involvedin a criminal act an RSU is able to trace the anonymousID (ID
119894) from the vehiclersquos anonymous ID (ID
119901) The RSU
Table 5 Bilinear pairings execution time in milliseconds
Notations Descriptions Execution time (ms)119879119901
Pairing operation asymp45119879119898
Point multiplication asymp06119879119890
Field exponentiation asymp054
Table 6 RSAHMAC execution time in milliseconds
Notations Descriptions Execution time (ms)ASE RSA encryption 019ASD RSA decryption 465HMAC HMAC 0002SE AES encryption lt019SD AES decryption lt465
Table 7 The length of the parameters
Parameters Length (bit) Parameters Length (bit)1198661
160 AES 1281198662
160 Variable 32HMAC 160 Message (119872) 1024RSA 1024 Random number (119903) 128
transmits ID119894to the TA which in turn identifies the true ID
of the vehicle with the identity ID119894 Every vehicular parameter
will eventually expire therefore ensuring the validity of theanonymous ID of a vehicle
52 Performance Analysis The method developed in thisstudy was compared with those in [12ndash15] regarding perfor-mance execution time and data volume Table 4 comparesthe results of the present study and those of [12ndash15] showingthat the method developed in the present study is superior tothe other methods
To analyze efficiency the times required for a message tobe broadcast and verified in the present study and in [12ndash15] were calculated and the results are listed in Tables 5ndash7 Table 8 shows the results of the efficiency analysis Theexperimental results show that the method proposed in thispaper is superior to those in other literatures regardless ofcomputational complexity and packet length The networksecurity mechanisms proposed in literature [14] and thispaper are both based on the use of bilinear pairing so allthe packet lengths are within a reasonable range However in
10 Mathematical Problems in Engineering
Table 8 Performance analysis
Property Method[12] [13] [14] [15] Proposed method
The broadcast message
Signing5 lowast 119879119898+ 3 lowast 119879
119901
Verification4 lowast 119879119898+ 4 lowast 119879
119901
Signing1 lowast 119879119901
Verification3 lowast 119879119901
Signing5 lowast 119879119898
Verification6 lowast 119879119898+ 1 lowast 119879
119901
Signing2 lowast 119879119898
Verification2 lowast 119879119898
Signing119879119901+ 2 lowast 119879
119898
Verification119879119901+ 119879119898
Spending time 364ms 18ms 111ms 18ms 108msThe length of ciphertext 1112 bits 480 bits 480 bits (160 lowast 160) + 320 bits 480 bitsHandoff 3 lowast 119879
119901NA 4 lowast 119879
119898+ 2 lowast 119879
1199015 lowast 119879119898
2 lowast SE + 2 lowast SDSpending time 135ms NA 114ms 3ms lt968msThe length of ciphertext 480 bits NA 1280 bits 160 lowast 160 lowast 160 bits 2048 bits
Communication betweendifferent RSUs
Signing5 lowast 119879119898+ 3 lowast 119879
119901
Verification4 lowast 119879119898+ 4 lowast 119879
119901
Signing1 lowast 119879119901
Verification3 lowast 119879119901
Signing5 lowast 119879119898
Verification6 lowast 119879119898+ 1 lowast 119879
119901
Signing2 lowast 119879119898
Verification2 lowast 119879119898
Signing119879119901+ 2 lowast 119879
119898
Verification2 lowast 119879119901+ 2 lowast 119879
119898
Spending time 364ms 18ms 111ms 18ms 159msThe length of ciphertext 1112 bits 480 bits 480 bits (160 lowast 160) + 320 bits 960 bits
Privacy communicate NA NA NA NA
Signing119879119875+ SE
Verification119879119901+ SD
Spending time NA NA NA NA lt1384msThe length of ciphertext NA NA NA NA 1024 bits
computational complexity the proposed method is superiorto that of literature [14] In literature [15] there are networksecurity mechanisms based on chameleon hashing whichemploy exponential calculation The multiplication resultof three values will be huge Although the computationalcomplexity is not high the transfer of large amounts ofpackets will affect network bandwidth and also cause packetlosses in VANETs environment
6 Conclusion
VANETs improve transportation safety and efficiency If theinformation shared between vehicles is tampered with therewill be dire consequences such as vehicle collisions Thescheme proposed in this study ensures the security of theinformation shared between vehicles and is superior to otherschemes in terms of message verification and handoff Addi-tionally in terms of security the scheme in this study ensuresconditional untraceability conditional anonymity authenti-cation and nonrepudiation Future work will include supple-menting the scheme proposed in this study with revocationand trust mechanisms to corroborate the security scheme
Notations
Notations of the BDH
ℎ119894 The user 119894 chooses a random number ℎ
119894isin 119885lowast119902
as its secret value119861119894 The public value of user 119894 such that 119890(ℎ
119894119875 119875)
119910119894119895 The 119910
119894119895is the quotient
119903119894119895 The 119903
119894119895is the remainder
119908119894119895 119908119894119895
= 119867(119872119894119895
119879119895) mod 119901
Notation Used in This Paper
119890 Bilinear mapping1198661 Additive group
1198662 Multiplicative group
119875 Generator of 1198661
SE(sdot) A secure symmetric encryption algorithm119864IBC(sdot) ID-based encryption119863IBC(sdot) ID-based decryptPU119896 Public key of node 119896
PR119896 Private key of node 119896
119863119896 Data key of node 119896
ID119905119896 Real identity of node 119896
ID119894119896 Original pseudonym of node 119896
ID119901119896 Requested pseudonym of node 119896
ℎ119896 Secret value of node 119896
119862119894 Handoff secret value
119861119896 The public value of user 119896 such that 119890(ℎ
119894119875 119875)
SK119896-119895 The common session key between node 119896
and node 119895
119896119894-119895 The common secret key between node 119894 and
node 119895
119885lowast119902 119885lowast
119902is the finite field of mod 119902
119867(sdot) Hash function such that 0 1lowast rarr 119885lowast119902
1198671(sdot) Hash function such that 0 1lowast rarr 119866lowast
1
1198672(sdot) Hash function such that 119866lowast
2rarr 0 1lowast
Mathematical Problems in Engineering 11
119879119895 Time interval 119895
119879119897119894 Lifetime of the corresponding parameters
The message concatenation operation whichappends several messages together in aspecial format
Conflict of Interests
The authors declare that there is no conflict of interestsregarding the publication of this paper
Acknowledgments
This paper is the partial result of project MOST103-2632-E-366-001 and 103-2221-E-268-003 The authors would like tothank the supporting of Ministry of Science and TechnologyTaiwan
References
[1] IEEE ldquoDraft amendment for wireless access in vehicularenvironments (WAVE)rdquo IEEE P80211pD6 2009
[2] Dedicated Short Range Communication (DSRC) httpgrouperieeeorggroupsscc32dsrcindexhtml
[3] US Department of Transportation and National HighwayTraffic Safety Administration Vehicle Safety CommunicationsProject 2006
[4] C Xu F Zhao J Guan H Zhang and G M MunteanldquoQoE-driven user-centric vod services in urban multihomedP2P-based vehicular networksrdquo IEEE Transactions on VehicularTechnology vol 62 no 5 pp 2273ndash2289 2013
[5] GMarfiaM Roccetti A Amoroso andG Pau ldquoSafe driving inLA report from the greatest intervehicular accident detectiontest everrdquo IEEE Transactions on Vehicular Technology vol 62no 2 pp 522ndash535 2013
[6] R Lu X Lin Z Shi and X S Shen ldquoA lightweight conditionalprivacy-preservation protocol for vehicular traffic-monitoringsystemsrdquo IEEE Intelligent Systems vol 28 no 3 pp 62ndash65 2013
[7] IEEETrial-Use Standard ldquoIEEETrial-Use Standard forWirelessAccess in Vehicular Environments (WAVE) Networking Ser-vicesrdquo IEEE 1609 2006
[8] J-P Hubaux S Capkun and J Luo ldquoThe security and privacyof smart vehiclesrdquo IEEE Security and Privacy vol 2 no 3 pp49ndash55 2004
[9] G Kounga T Walter and S Lachmund ldquoProving reliabilityof anonymous information in VANETsrdquo IEEE Transactions onVehicular Technology vol 58 no 6 pp 2977ndash2989 2009
[10] A Wasef Y Jiang and X Shen ldquoDCS an efficient distributed-certificate-service scheme for vehicular networksrdquo IEEE Trans-actions onVehicular Technology vol 59 no 2 pp 533ndash549 2010
[11] J Sun C Zhang Y Zhang and Y Fang ldquoAn identity-basedsecurity system for user privacy in vehicular ad hoc networksrdquoIEEE Transactions on Parallel and Distributed Systems vol 21no 9 pp 1227ndash1239 2010
[12] R Lu X Lin X Liang and X Shen ldquoA dynamic privacy-preserving keymanagement scheme for location-based servicesin VANETsrdquo IEEE Transactions on Intelligent TransportationSystems vol 13 no 1 pp 127ndash139 2012
[13] S Biswas and J Misic ldquoA cross-layer approach to privacy-preserving authentication in WAVE-enabled VANETsrdquo IEEE
Transactions on Vehicular Technology vol 62 no 5 pp 2182ndash2192 2013
[14] L-Y Yeh and J-L Huang ldquoPBS a portable billing schemewith fine-grained access control for service-oriented vehicularnetworksrdquo IEEE Transactions on Mobile Computing vol 13 no11 pp 2606ndash2619 2014
[15] S Guo D Zeng and Y Xiang ldquoChameleon hashing forsecure and privacy-preserving vehicular communicationsrdquoIEEE Transactions on Parallel and Distributed Systems vol 25no 11 pp 2794ndash2803 2014
[16] T W Chim S M Yiu L C K Hui and V O K Li ldquoVSPNVANET-based secure and privacy-preserving navigationrdquo IEEETransactions on Computers vol 63 no 2 pp 510ndash524 2014
[17] D Boneh and M K Franklin ldquoIdentity-based encryption fromthe weil pairingrdquo in Advances in CryptologymdashCRYPTO 200121st Annual International CryptologyConference Santa BarbaraCalifornia USA August 19ndash23 2001 Proceedings vol 2139 ofLectureNotes in Computer Science pp 213ndash229 Springer BerlinGermany 2001
Submit your manuscripts athttpwwwhindawicom
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Mathematical Problems in Engineering
Hindawi Publishing Corporationhttpwwwhindawicom
Differential EquationsInternational Journal of
Volume 2014
Applied MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Probability and StatisticsHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Mathematical PhysicsAdvances in
Complex AnalysisJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
OptimizationJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
CombinatoricsHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
International Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Operations ResearchAdvances in
Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Function Spaces
Abstract and Applied AnalysisHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
International Journal of Mathematics and Mathematical Sciences
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
The Scientific World JournalHindawi Publishing Corporation httpwwwhindawicom Volume 2014
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Algebra
Discrete Dynamics in Nature and Society
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Decision SciencesAdvances in
Discrete MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom
Volume 2014 Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Stochastic AnalysisInternational Journal of
2 Mathematical Problems in Engineering
A message authentication scheme for VANETs shouldtake the following problems into consideration (1) theexchange of information between vehicles in VANETs isaccomplished throughwireless communicationTherefore tobe timely the volume of information cannot be excessivelyhigh nor can themethod formessage authentication be exces-sively complicated (2) Vehicles should be able to not onlybroadcast information but additionally communicate pri-vately with other devices (3)Vehicles use a short-range wire-less communication technique to communicate with RSUsand are usually moving at high speeds requiring frequenthandoffswith RSUs Handoff schemes with long computationtimes adversely affect the communication quality (4) RSUsmay be available only on main roads and not on minor ones
In the present study a complete message authenticationscheme is constructed using the bilinear pairings techniqueThe encryption scheme from bilinear pairings is appropriatefor VANETs The parameters for each node in this study aregenerated in a hierarchical way The long-term parametersfor each vehicle are generated by the trusted authority (TA)Vehicles use their long-term parameters to perform identity(ID) authenticationwithRSUs and then gain trust from themRSUs then produce short-term parameters for the vehiclesthat allow them to broadcast information and conduct privatecommunications When the vehicles are not within thetransmission range of any RSUs they can use their long-term parameters to broadcast information and communicateprivately with one another The trust gained from one RSUenables the vehicle to perform handoffs with other RSUsBased on the experimental results the scheme proposed inthis study shows excellent performance and is superior toother schemes in the literature
2 Related Works
The conventional public key infrastructure (PKI) schemewas used in [8] Assuming that a certificate authority (CA)provides each vehicle with a digital certificate of identitythat is a private key together with its associated public keythe vehicle can then use the asymmetric key for signing andverifying a message However the computational complexityincreases when a vehicle uses the PKI for message signatureand verification resulting in communication overhead Inaddition for the purposes of privacy and untraceability avehiclemust constantly change its certificate which adverselyaffects the CA overhead
A solution is defined in [9] in which vehicles can generatepublicprivate key pairs on their own The benefits lie in thefact that a vehicle uses a different key each time it sends amessage and that the vehicle is not required to update therelated parameters with the CA Assuming that there is acryptographic device or black box installed in each vehicleand in each black box there are an asymmetric key and acertificate issued by the CA the black box generates thepublicprivate key pair for the vehicle However the pub-licprivate key pair is the continuous product of two valuesresulting in each key pair having a long message length Thislong message length may result in communication overheadwhen the vehicle is sending messages
The scheme for vehicular communications used in [10]was constructed with a hierarchy in which the keys were gen-erated in a top-to-bottom manner The hierarchical methodallows vehicles to generate parameters such as their IDsthrough RSUs which mitigates the key escrow problem inthe CA The generated keys are reliable and nonforgeableHowever this scheme requires the use of vehicle certificatesThus the information exchanged between vehicles is verifiedvia the contents of the certificates The requirement for acertificate with each message may nevertheless result in datapacket overhead In addition message encryption based onbilinear pairings may result in computation overhead
In [11] to provide network access services a vehicle mustestablish a common key with the recipient vehicle via abroadcast message The common key ensures the security ofthe subsequent information exchange authentication mes-sage integrity and nonrepudiation However the commonkey is established using the identity-based cryptography(IBC) scheme which is based on bilinear pairings Theestablishment of a shared common key with each vehicle mayresult in vehicle computation overhead The authors in [11]did not discuss the problems of rekeying and pseudonymchanges These problems are significant in vehicle networkswarranting resolution A dynamic privacy-preserving keymanagement scheme for location-based services in VANETswas proposed in [12] This scheme ensures the anonymousauthentication of a vehicle and enables double-registrationdetection In addition each vehicle can use a one-way hashfunction to update the vehicles new session key Howeverthe computations for message signature and verificationpresented in [12] are complicated and the author did notinvestigate a private communication scheme
In [13] an elliptic curve digital signature algorithm(ECDSA) was used for message authentication The currentposition information is used together with the ECDSA forsigning messages from anonymous IDs Other vehicles donot require a third-party public key certificate for messageauthentication However the authors did not discuss theproblems of rekeying and private communication
The delay in long-term verification of centralized AAAarchitecture in literature [14] has been alleviated In thispaper a set of network security approaches based on bilinearDiffie-Hellman (BDH) problem are proposed to protectthe privacy of vehicles and network security of portableelectronic currency in VANETs environment However theproposed method requires a key to be generated at regularintervals on each vehicle in advance for privacy which is abig burden for the vehicle
In literature [15] a set of network security mechanismsbased on chameleon hashing was proposed to ensure vehicleprivacy and network communications security in VANETsHowever owing to computational complexity and packetlength of chameleon hashing it constitutes a big burden forVANETs
In literature [16] a set of network security mecha-nisms based on bilinear pairing was proposed Althoughit can ensure network communications security of vehiclesin VANETs it does not provide private communicationsbetween vehicles Besides the changes of relevant parameters
Mathematical Problems in Engineering 3
for vehicles involved have to be updated via TA Therefore ithas a centralized authentication issue
3 Background
This section will introduce the technologies used in themethod developed in this study Section 31 introduces bilin-ear pairing and hard problems Section 32 discusses Bonehand Franklins ID-based encryption Section 33 discussesShamirs ID-based cryptosystem and Section 34 covers bilin-ear Diffie-Hellman message authentication
31 Bilinear Pairings and Hard Problems Let 1198661and 119866
2
denote an additive and a multiplicative group and both ofthem with prime order 119902 Let 119875 be generator of 119866
1and let
119890 1198661times 1198661
rarr 1198662be a bilinear mapping with the following
properties
(1) Bilinear
119890 = (119886119875 119887119875) = 119890 (119875 119875)119886119887
119890 (119886 sdot 119875 + 119887 sdot 119875 119875) = 119890 (119886 sdot 119875 119875) 119890 (119887 sdot 119875 119875)
forall119875 isin 1198661 119886 119887 isin 119885
lowast
119902
(1)
(2) Nondegeneracy exist119875 isin 1198661such that 119890(119875 119875) = 1 That
is the mapping does not send all pairs in 1198661times 1198661to
the identity in 1198662
(3) Computable there exists an efficient algorithm tocompute 119890(119875 119875) for all 119875 isin 119866
1
The bilinear map 119890 can be implemented using the Weil[9] and Tate [10] pairings on elliptic curves We consider theimplementation of a Tate pairing on a MiyajindashNakabayashindashTakano (MNT) curve [11] with embedding degree 6 where1198661is represented by 161 bits and the order 119902 is represented by
160 bitsThe following part will define and specify various relevant
mathematical problems [12] whichwill be applied in the essaysubsequently
Bilinear Diffie-Hellman problem
Given (119875 119886119875 119887119875 119888119875) isin 1198661 where 119886 119887 119888 isin 119885lowast
119902
compute 119890 = (119875 119875)119886119887119888
Elliptic curve discrete logarithm problem (ECDLP)
Given two elements119875119876 isin 1198661 find an integer 119886 isin 119885lowast
119902
such that 119876 = 119886119875
32 ID-Based Encryption We used ID-based encryption [17]to encrypt and decrypt messages A private key generator(PKG) chooses a randomnumber 119892PKG isin 119885lowast
119902as itsmaster key
and selects two distinct hash functions 1198671 0 1lowast rarr 119866
1
and 1198672 1198662
rarr 0 1lowast Given a user 119894 with an identity ID119894isin
0 1lowast any party can obtain the userrsquos public key PUID119894 =
1198671(ID119894) The PKG sets the userrsquos private key PRID119894 = 119892PKG sdot
1198671(ID119894) User 119894 chooses 119904ID119894 isin 119885lowast
119902as herhis own secret value
and sets 119863ID119894 = 119904ID119894 sdot 119875 In the final step the PKG publishesthe system parameters (119902 119866
1 1198662 119890 119875 119863ID119894 ID119894 1198671 1198672) and
withholds 119904ID119894
Encrypt To encrypt a message 119872 isin 0 1lowast for the user withidentity ID
119894is as follows
(1) Choose a random number 119903 isin 119885lowast119875
(2) Set the cipher text 119862 to be
119862 = 119864IBC (119903119872PUID119894 119863ID119894)
= 119903 sdot 119875119872 oplus 1198672(119890 (PUID119894 119863ID119894)
119903
)
(2)
Decryption Let 119862 = ⟨119880119881⟩ To decrypt 119862 using the secretvalue 119904ID119894 compute119863IBC(119904ID119894 119862) = 119881oplus119867
2(119890(119904ID119894PUID119894 119880)) =
119872 where
119881 oplus 1198672(119890 (119904ID119894PUID119894 119880))
= 119872 oplus 1198672(119890 (PUID119894 119903119863ID119894)) oplus 119867
2(119890 (119904ID119894PUID119894 119903119875))
= 119872 oplus 1198672(119890 (PUID119894 119903119904ID119894119875)) oplus 119867
2(119890 (119904ID119894PUID119894 119903119875))
= 119872 oplus 1198672(119890 (PUID119894 119903119904ID119894119875)) oplus 119867
2(119890 (PUID119894 119903119904ID119894119875))
= 119872
(3)
33 ID-Based Cryptosystem The advantage of ID-basedcryptosystems [17] is that public key certificates are nolonger needless and this possibly causes a saving of spacerequirements Besides it also reduces the key managementcost which is a heavy burden in conventional public keyinfrastructure (PKI) However it has a serious drawbackcalled key escrow problem PKG is responsible for generatinga userrsquos private key so it can decrypt any ciphertext or forgeany userrsquos signature on any message
34 Message Authentication Based on the Bilinear HardProblems (BHD) Method In this study message signaturesand verification are established based on the BDH methodIn this scheme user 119894 selects a random number ℎ
119894isin 119885lowast119902as
the secret value calculates the public value (119861119894) and then
broadcasts 119861119894to all other users Notations of the BDH list the
notation used in this study User 119894 broadcasts message119872119894119895by
executing the following steps
(1) User 119894 calculates 119908119894119895
= 119867(119872119894119895
119879119895) mod 119901
(2) User 119894 calculates ℎ119894
= 119910119894119895
lowast 119908119894119895
+ 119903119894119895 where
119910119894119895
represents the quotient and 119903119894119895
represents theremainder
(3) User 119894 broadcasts ⟨119872119894119895 119910119894119895
sdot 119875 ID119894 119879119895 119890(119875 119903
119894119895sdot 119875)⟩
Other users can then verify the message upon receipt byexecuting the following steps
(1) Calculate 119908119894119895
= 119867(119872119894119895
119879119895) mod 119901
4 Mathematical Problems in Engineering
(2) Check whether 119890(119908119894119895
sdot 119875 119910119894119895
sdot 119875) + 119890(119875 119903119894119895
sdot 119875) =
119890(119875 119875)ℎ119894
= 119861119894
If the equality in step (2) is satisfied then this condition ver-ifies that the user 119894 sent the message During the verificationprocess other users receive only119910
119894119895sdot119875 119890(119875 119903
119894119895sdot119875)119908
119894119895and119861
119894
Based on elliptic curves and the discrete logarithm problem(ECDLP) ℎ
119894cannot be calculated without 119910
119894119895sdot 119875 and 119861
119894
Therefore message security is ensured Furthermore becauseℎ119894belongs to the user alone nonrepudiation of the message
is also ensured
4 Message Authentication Scheme
The scheme proposed in this study consists of five parts(1) system initialization and RSU registration (2) intra-RSUmessage authentication (3) inter-RSU message authentica-tion (4) handoff and (5) message authentication when RSUsare not available
41 System Model Figure 1 shows the system environmentused in this study We assume that the TA is a legal organiza-tion and is responsible for the security of the entire networkWhen there is an attack on the network infrastructure from amalicious node the TA will broadcast the true identity of thenode and take necessary actionWe further assume that RSUsare installed on streetlights or traffic signs on main roads andthere are no RSUs installed on minor roads Each vehicleis equipped with an OBU Communication between the TAand RSUs is via a wired network whereas communicationbetween OBUs and the TA is via an IEEE 80211p wirelessnetwork Notation used in this paper lists the notation usedin this study
42 System Initialization Given the bilinear parameters(119902 1198661 1198662 119890 119875) as defined in Section 31 the TA sets up the
system by executing the following steps
(1) The TA chooses ℎID119905TA isin 119885lowast
119902as its secret value
(2) The TA selects three hash functions 119867 0 1lowast rarr
119885lowast1199021198671 0 1lowast rarr 119866
1 and119867
2 1198662
rarr 0 1lowast(3) The TA calculates 119861ID119905TA = 119890(ℎID119905TA119875 119875) as its public
value(4) The TA sets119863ID119905TA = ℎID119905TA sdot 119875(5) The TA sets PUID119905TA = 119867
1(ID119905TA)
(6) The TA sets PRID119905TA = ℎID119905TA1198671(ID119905TA)
The TA broadcasts the parameters (ID119905TA 119861ID119905TA 119863ID119905TA
1198671198671 1198672) while (PR
119905TA ℎID119905TA) remain undisclosed Inaddition the TA sets the related parameters for each RSU byexecuting the following steps
(1) The node 119877119877chooses ℎID119905119877119877 isin 119885lowast
119902as its secret value
(2) It calculates 119861ID119905119877119877= 119890(ℎID119905119877119877
119875 119875) as its public value
(3) It sets119863ID119905119877119877= ℎID119905119877119877
sdot 119875
Vb
Va
R2R1
VcR3
Ve
Vd
R4
TA
Figure 1 System environment
(4) It sets PUID119905119877119877= 1198671(ID119905119877119877
)
The TA sets up the system by executing the followingsteps
(1) Set PRID119905119877119877= ℎID119905TA1198671(ID119905119877119877)
(2) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119905119877119877
) ID119905119877119877
119879119897ID119905119877119877
) mod 119901
(3) Calculate 119910ID119905TA 119895 = ℎID119905TA119908ID119905TA 119895 119890(119903ID119905TA 119895 sdot 119875 119875)
The RSU 119877119877broadcasts the parameters (ID
119905119877119877 119861ID119905119877119877
119863ID119905119877119877 119890(119903ID119905TA 119895 sdot119875 119875) 119910ID119905TA119875 119879119897ID119905119877119877
) and does not disclosethe parameters (ℎID119905119877119877
PRID119905119877119877) All nodes can verify the
legitimacy of the ID of the RSU by executing the followingsteps
(1) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119905119877119877
) ID119905119877119877
119879119897ID119905119877119877
) mod 119901
(2) Calculate 1198611015840ID119905TA = 119890(119908ID119905TA 119895 sdot 119875 119910ID119905TA 119895 sdot 119875) +
119890(119875 119903ID119905TA 119895 sdot 119875) = 119890(119875 119875)ℎID119905TA
(3) Check if 119861ID119905TA
= 1198611015840ID119905TA
TheTA generates the related parameters for the vehicle byexecuting the following steps
(1) The node 119881 chooses ℎID119894119881 isin 119885lowast119902as its secret value
(2) It calculates 119861ID119894119881 = 119890(ℎID119894119881119875 119875) as its public value(3) It sets119863ID119894119881 = ℎID119894119881 sdot 119875(4) It selects an anonymous identity ID
119894 and all users
can obtain its public key by computing PUID119894119881 =
1198671(ID119894119881
)
The TA sets up the system by executing the followingsteps
Mathematical Problems in Engineering 5
(1) Set PRID119894119881 = ℎID119905TA1198671(ID119894119881)
(2) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119894119881) ID
119894119881
119879119897ID119894119881) mod 119901
(3) Calculate 119910ID119905TA 119895 = ℎID119905TA119908ID119905TA 119895 119890(119903ID119894TA 119895 sdot 119875 119875)
Each vehicle broadcasts the parameters (ID119894119881
119861ID119894119881
119863ID119894119881 119890(119903ID119905TA 119895 sdot 119875 119875) 119910ID119905TA 119895119875 119879119897ID119894119881) and does not disclosethe parameters (ℎID119894119881 PRID119894119881) The TA records the parame-ters (ID
119905119881 ID119894119881
119861ID119894119881 119863ID119894119881 119879ID119894119881119895) for each vehicleEach vehicle or RSU can verify the legitimacy of the
vehicle ID by executing the following steps
(1) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119894119881) ID
119894119881
119879119897ID119894119881) mod 119901
(2) Calculate 1198611015840ID119905TA = 119890(119908ID119905TA 119895 sdot 119875 119910ID119905TA 119895 sdot 119875) +
119890(119875 119903ID119905TA 119895 sdot 119875) = 119890(119875 119875)ℎID119905TA
(3) Check if 119861ID119905TA
= 1198611015840ID119905TA If the equality is satisfiedthen the user is legal
43 Registration When a vehicle 119881119886is within the transmis-
sion range of RSU 1198771 the vehicle 119881
119886and 119877
1will send an ID
verification request to each other After successful verifica-tion RSU 119877
1will then generate the short-term parameters
for119881119886 Vehicle119881
119886can retain its anonymity and security using
the short-term parameters by executing the following steps
(1) Use the identity-based cryptography (IBC) techniqueto generatethe common session key for RSU 119877
1and
vehicle 119881119886 Vehicle 119881
119886uses its own private key and
the public key of RSU 1198771to generate the common
session key The public key of RSU 1198771is calculated
from the true ID of RSU1198771Therefore vehicle119881
119886does
not require the public key of RSU 1198771 The calculation
is as follows
SK119881119886minus1198771
= 119890 (PRID119894119881119886PUID1199051198771
)
= 119890 (PUID119894119881119886 ℎID119905TAPUID1199051198771
) = SK1198771minus119881119886
(4)
Because the TA generates the private keys for bothRSU 119877
1and vehicle 119881
119886 the common session keys
generated from RSU 1198771and vehicle 119881
119886are the same
Therefore RSU 1198771and vehicle 119881
119886can communicate
with each other privately(2) 119881119886generates the short-term parameters ID
119901119881119905 119861ID119901119881119905
and 119863ID119901119881119905
and uses symmetric encryption toencrypt the common session key (SK
119881119886minus1198771) as a
security key The encryption is supplemented bythe plain-text parameters (ID
119894119881119886 119861ID119894119881119886
119890(119903ID119905TA 119895 sdot
119875 119875) 119910ID119905TA 119895119875 119879119897ID119894119881119886) The calculation is as follows
119862 = SE (ID119901119881119905
119861ID119901119881119905 119863ID119901119881119905
119879119895)SK119881119886minus1198771
(5)
Vehicle 119881119886sends the message 119862 ID
119894119881119886 119861ID119894119881119886
119890(119903ID119905TA 119895 sdot 119875 119875) 119910ID119905TA 119895119875 119879119897ID119894119881119886
to 1198771
(3) When RSU 1198771receives the message 119877
1first verifies
whether the parameters of vehicle 119881119886are within the
valid limits through the following steps
(31) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119894119881119886
) ID119894119881119886
119879119897ID119894119881119886
) mod 119901
(32) Calculate 1198611015840ID119905TA = 119890(119908ID119905TA 119895 sdot 119875 119910ID119905TA 119895 sdot 119875) +
119890(119875 119903ID119905TA 119895 sdot 119875) = 119890(119875 119875)ℎID119905TA
(33) Check if 119861ID119905TA
= 1198611015840ID119905TA If the equality issatisfied then the user is legal
(4) To decrypt the encrypted message RSU 1198771first cal-
culates the common session key shared with vehicle119881119886 Then RSU 119877
1uses the common session key to
decrypt the message The calculation is as follows
SK1198771minus119881119886
= 119890 (PRID1199051198771PUID119894119881119886
)
= 119890 (PUID1199051198771 ℎID119905TAPUID119894119881119886
) = SK119881119886minus1198771
(6)
(5) RSU 1198771calculates the private key the common secret
key and the signature of 119881119886 The calculations are as
follows
(51) 1198771calculates PRID119901119881119886
as its private key(52) 119877
1chooses 119862ID119901119881119886
isin 119885lowast119902as its common secret
key(53) 119877
1calculates 119910ID1199051198771 119895 = ℎID1199051198771
119908ID1199051198771 119895 119890(119903ID1199051198771 119895 sdot
119875 119875) 119908ID1199051198772 119895= 119867(119867
2(119861ID119901119881119886
) ID119901119881119886
119879119897ID119901119881119886
) mod 119901
(6) RSU 1198771encrypts the parameters (PRID119901119881119886
119862ID119901119881119886)
using the common session key The calculation is asfollows
119862 = SE (PRID119901119881119886 119862ID119901119881119886
119879119895)SK1198771minus119881119886
(7)
RSU 1198771sends the message 119862 ID
119894119881119886 119890(119903ID1199051198771 119895
sdot
119875 119875) 119910ID1199051198771 119895119875 119879119897ID119901119881119886
to vehicle 119881119886
(7) When vehicle119881119886receives themessage the vehicle uses
the common session key to decrypt the message(8) 1198771
records (ID119894119881119886
ID119901119881119886
119861ID119901119881119886 119863ID119901119881119886
119862ID1199051198771 119895
119879119897ID119901119881119886
) and publishes (ID119901119881119886
119861ID119901119881119886 119863ID119901119881119886
119890(119903ID1199051198771 119895sdot 119875 119875) 119910ID1199051198771 119895
119875 119879119897ID119901119881119886
) to all vehicles in itsdomain
To improve the efficiency of the handoff process RSU 1198771
generates a common secret key for vehicle 119881119886and each RSU
RSU 1198771uses a one-way hash chain [13] to generate 119898 keys
6 Mathematical Problems in Engineering
Table 1 RID-key table
ID of RSUNew ID ofvehicle
(handoff)
ID of vehicle(RSU
generate)
ID of vehicle(TA generate)
Commonsecret key
Expire timeof commonsecret key
BDH value ofvehicle
Data key ofvehicle
Expire timeof key
1198771 ID1015840
119901119881119886ID119901119881119886
ID119894119881119886
119896ID119901119881119886 1198771119879119897ID1015840119901119881119886
119861ID119901119881119886119863ID119901119881119886
119879119897ID119901119881119886
119877119898 ID10158401015840
119901119881119886ID119901119881119886
ID119894119881119886
119896ID119901119881119886 119877119898119879119897ID10158401015840119901119881119886
non non non1198771 ID1015840
119901119881119887ID119901119881119887
ID119894119881119887
119896ID1199011198811198871198771
119879119897ID1015840119901119881119887
119861ID119901119881119887
119863ID119901119881119887
119879119897ID119901119881
119887
119877119898minus1 ID10158401015840
119901119881119887ID119901119881119887
ID119894119881119887
119896ID119901119881119887119877119898
119879119897ID10158401015840119901119881119887
non non non
119896ID119901119881119886 119877119898 119896ID119901119881119886 119877119898minus1
119896ID119901119881119886 1198771Themethod for generating
the keys is as follows
119865 (119862ID119901119881119886 PRID119901119881119886
) = 119896ID119901119881119886 119877119898
119865 (119896ID119901119881119886 119877119898 PRID119901119881119886
) = 119896ID119901119881119886 119877119898minus1
119865 (119896ID119901119881119886 1198772 PRID119901119881119886
) = 119896ID119901119881119886 1198771
(8)
RSU 1198771uses a one-way hash chain [13] to generate 119898
anonymous IDs ID1015840119901119881119886
ID10158401015840119901119881119886
ID101584010158401015840119901119881119886
The method forgenerating the IDs is as follows
119865 (ID119901119881119886
PRID119901119881119886) = ID1015840
119901119881119886
119865 (ID1015840119901119881119886
PRID119901119881119886) = ID10158401015840
119901119881119886
119865 (ID10158401015840119901119881119886
PRID119901119881119886) = ID101584010158401015840
119901119881119886
(9)
Each RSU has two tables an RID-key table and an SID-key table The RID-key table is used to store the relatedparameters generated by RSU (Table 1) RSU 119877
1uses the
common session key that it shares with each RSU to encryptthe common secret key that vehicle 119881
119886has with each RSU
and the anonymous ID RSU 1198771then sends the encrypted
message to other RSUs When another RSU receives theencrypted message that RSU first uses the common sessionkey that it shares with RSU 119877
1to decrypt the message
and then stores the parameters for vehicle 119881119886in the table
(Table 2) Because vehicle 119881119886has the related parameters
(PRID119901119881119886 ID119901119881119886
119862ID119901119881119886) it can generate a common secret key
shared with each RSU and an anonymous ID on its ownTheparameters are stored in the table (Table 3) The parametersfor vehicle 119881
119886do not permit any one RSU to obtain the
parameters that vehicle 119881119886shares with other RSUs Because
other RSUs cannot obtain the private key and the commonsecret key of vehicle 119881
119886 the security of vehicle 119881
119886is ensured
44 Intra-RSU Message Authentication Vehicle 119881119886broad-
castsmessages to other vehicleswithin the transmission rangeof an RSU The calculations are as follows
(1) Vehicle 119881119886uses the BDH method to authorize a
message signature The calculations are as follows
(11) Vehicle 119881119886calculates 119908ID119901119881119886 119895
= 119867(119872ID119901119881119886 119895
ID119901119881119886
119879119895) mod 119901
(12) Vehicle119881119886calculates 119910ID119901119881119886 119895 = ℎID119901119881119886 119895
119908ID119901119881119886 119895
119890(119903ID119901119881119886 119895sdot 119875 119875) ∘
(13) Vehicle 119881119886broadcasts the message ⟨119872ID119901119881119886 119895
119861ID119901119881119886 119863ID119901119881119886
119890(119903ID119901119881119886 119895sdot 119875 119875) 119910ID119901119881119886 119895
119875 ID119901119881119886
119879119895⟩ to other vehicles within range
(2) When other vehicles receive the message they canverify the authenticity of the message The calcula-tions are as follows
(21) Calculate 119908ID119901119881119886 119895= 119867(119872ID119901119881119886 119895
ID119901119881119886
119879119895) mod 119901 ∘
(22) Calculate 1198611015840ID119901119881119886= 119890(119908ID119901119881119886 119895
sdot 119875 119910ID119901119881119886 119895sdot 119875) +
119890(119903ID119901119881119886 119895sdot 119875 119875) = 119890(119875 119875)
ℎID119905TA
(23) Check if 119861ID119901119881119886
= 1198611015840ID119901119881119886 If the equality is
satisfied then vehicle 119881119886sent the message
Assuming that two vehicles within the transmission rangeof a given RSU want to send private messages to eachother (Figure 1) vehicle 119881
119886and vehicle 119881
119887will calculate their
common key The calculation is as follows
SK119881119886minus119881119887
= 119890 (PRID119901119881119886PUID119901119881
119887
)
= 119890 (PUID119901119881119886 ℎID119905119877119877
PUID119901119881119887
) = SK119881119887minus119881119886
(10)
Then vehicle 119881119886uses the common session key (SK
119881119886minus119881119887)
to first encrypt the message and then send it to vehicle 119881119886
When119881119887receives the encrypted message the vehicle uses the
common session key (SK119881119887minus119881119886
) to decrypt the message andthen obtain the contents of the messageThe benefits of usingIBC lie in the fact that the other vehiclersquos public key can beeasily calculated based on its ID and that the common sessionkey can be calculated based on the other vehiclersquos public key
Mathematical Problems in Engineering 7
Table 2 SID-key table
New ID ofvehicle(handoff)
Informed byRSU
Commonsecret key
Expire timeof commonsecret key
BDH value ofvehicle
Data key ofvehicle
Expire timeof key
ID1015840119901119881119905
1198777
119896ID119901119881119905 1198771119879119897ID1015840119901119881119905
non non non
ID10158401015840119901119881119905minus7
119877119898
119896ID119901119881119905minus7 1198771119879119897ID10158401015840119901119881119905minus7
non non nonID1015840119901119881119888
119877119898minus2
119896ID119901119881119888 1198771119879119897ID1015840119901119881119888
119861ID119901119881119888119863ID119901119881119888
119879119897ID119901119881119888
ID10158401015840119901119881119889
1198777
119896ID1199011198811198891198771
119879119897ID10158401015840119901119881119889
119861ID119901119881119889
119863ID119901119881119889
119879119897ID119901119881
119889
Table 3 SID issue table
ID of RSUNew ID ofvehicle
(handoff)
ID of vehicle(RSU generate)
ID of vehicle(TA generate)
Commonsecret key
Private key(RSU) Secret value Expire time
of key
1198771 ID1015840
119901119881119886ID119901119881119886
ID119894119881119886
119896ID119901119881119886 1198771PRID119901119881119886
ℎID119901119881119886119879119897ID119901119881119886
119877119898 ID10158401015840
119901119881119886ID119901119881119886
ID119894119881119886
119896ID119901119881119886 119877119898 non non non
and its own private key Conversely the other vehicle can alsocalculate the common session key because the secret value ofthe common session key is the same
45 Inter-RSU Message Authentication Assuming that vehi-cle 119881119886wants to broadcast a message within the transmission
ranges of several RSUs and uses the BDH signature toensure the security of the message vehicle 119881
119886will first send
the parameters ⟨119872ID119901119881119886 119895 119890(119903ID119901119881119886 119895
sdot 119875 119875) 119910ID119901119881119886 119895119875 119861ID119901119881119886
ID119901119881119886
119910ID1199051198771 119895sdot119875 119890(119903ID1199051198771 119895
sdot119875 119875) sdot119879119897ID119901119881119905
119879119895⟩ to nearby RSUs
and then the RSUs will relay the message to other vehiclesThen other vehicles will first verify the legitimacy of vehicle119881119886by calculating 119908ID1199051198771 119895
= 119867(1198672(119861ID119901119881119886
) ID119901119881119886
119879119897ID119901119881119886
) mod 119901 and then calculating 119890(119908ID1199051198771 119895119875 119910ID1199051198771 119895
119875) +
119890(119903ID1199051198771 119895119875 119875) = 1198611015840IDID1199051198771
If it is the case then it proves thatvehicle 119881
119886is the legitimate user of RSU 119877
1
Other vehicles will verify the authenticity of the mes-sage from vehicle 119881
119886by first calculating 119908ID119901119881119886 119895
=
119867(119872ID119901119881119886 119895 ID
119901119881119886 119879119895) mod 119901 and then calculating
119890(119908ID119901119881119886 119895119875 119910ID119901119881119886 119895
119875) + 119890(119903ID119901119881119886 119895119875 119875) = 1198611015840ID119901119881119886 119895
If it is thecase then the message was sent from vehicle 119881
119886
In private communications the secret private key valueof each vehicle is different because there are multiple RSUsTherefore an ID-based encryption method should be usedLet vehicle 119881
119886and vehicle 119881
119888calculate their common session
keys Assuming that vehicle 119881119886wants to privately commu-
nicate with vehicle 119881119888 which is within the transmission
range of a different RSU vehicle 119881119888will first encrypt the
message Vehicle 119881119886will then calculate the public key using
the anonymous ID of vehicle 119881119888 Upon obtaining the data
key for vehicle 119881119888 vehicle 119881
119886will encrypt the message using
the public key and the data key of vehicle 119881119888 The calculation
is as follows
119862 = 119864IBC (119903119872PUID119901119881119888 119863ID119901119881119888
)
= 119903 sdot 119875119872 oplus 1198672(119890 (PUID119901119881119888
119863ID119901119881119888)119903
)
119872 = 119890 (PRID119901119881119886PUID119901119881119888
)
(11)
Subsequently vehicle 119881119888uses the private key to decrypt
the message Equation (2) shows the decryption methodVehicle 119881
119888then uses ID-based encryption to generate an
encrypted message for vehicle 119881119886 The calculation is as
follows
119862 = 119864IBC (119903119872PUID119901119881119886 119863ID119901119881119886
)
= 119903 sdot 119875119872 oplus 1198672(119890 (PUID119901119881119886
119863ID119901119881119886)119903
)
119872 = 119890 (PRID119901119881119886PUID119901119881119888
) + 119890 (PRID119901119881119888PUID119901119881119886
)
(12)
Vehicle 119881119886uses the private key to decrypt the message
Equation (2) shows the decryption method When vehicle119881119886
receives thecommon session key that it shares with vehicle119881119888
119881119886can communicate with vehicle 119881
119888privately The common
session key is
SK119881119886minus119881119888
= 119890 (PRID119901119881119886PUID119901119881119888
) + 119890 (PRID119901119881119888PUID119901119881119886
)
= SK119881119888minus119881119886
(13)
8 Mathematical Problems in Engineering
46 Handoff Problem When vehicle 119881119886comes within the
transmission range of the next RSU (1198772) vehicle 119881
119886will first
inquire for the common secret key that it shares with RSU 1198772
in Table 3 and then initiate the handoff The calculation is asfollows
(1) Vehicle 119881119886
first generates short-term parameters119861ID119901119881119905
119863ID119901119881119905and uses the common secret key
(119896ID119901119881119886 1198772) to encrypt the parametersThen vehicle119881119886
sends the parameters and its anonymous ID to RSU1198772
(2) RSU 1198772inquires for the common secret key and the
time of validity that it shares with vehicle119881119886in Table 2
based on the anonymous ID of vehicle 119881119886 If the time
of validity has expired then vehicle 119881119886will reregister
with RSU (Section 42) If the time of validity has notexpired 119877
2will generate the short-term parameters
for vehicle 119881119886 The calculations are as follows
(21) 1198772calculates PRID119901119881119886
as its private key(22) 119877
2calculates119908ID1199051198772 119895
= 119867(1198672(119861ID119901119881119886
) ID119901119881119886
119879119897ID119901119881119886
) mod 119901(23) 119877
2calculates 119910ID1199051198772 119895 = ℎID1199051198772
119908ID1199051198772 119895 119890(119903ID1199051198772 119895 sdot
119875 119875)
(3) RSU 1198771uses the common secret key to encrypt the
parameters (PRID119901119881119886 119862ID119901119881119886
) The calculation is asfollows
119862 = SE (PRID119901119881119886 CID119901119881119886
119879119895)SK1198771minus119881119886
(14)
RSU 1198771sends the message 119862 ID
119894119881119886 119890(119903ID1199051198771 119895
sdot
119875 119875) 119910ID1199051198771 119895119875 119879119897ID119901119881119886
to vehicle 119881119886
(4) When vehicle119881119886receives themessage the vehicle uses
the common secret key to decrypt the message(5) 1198771
records (ID119894119881119886
ID119901119881119886
119861ID119901119881119886 119863ID119901119881119886
119862ID1199051198771 119895
119879119897ID119901119881119886
) and publishes (ID119901119881119886
119861ID119901119881119886 119863ID119901119881119886
119890(119903ID1199051198771 119895sdot 119875 119875) 119910ID1199051198771 119895
119875 119879119897ID119901119881119886
) to all vehicles in itsdomain
47 Message Authentication When RSUs Are Not AvailableWhen RSUs are not available vehicles can broadcast mes-sages and conduct private communications using the param-eters generated by the TA by executing the following steps
(1) Vehicle 119881119889uses the BDH signature method to autho-
rize a message signature The calculations are asfollows
(11) Vehicle 119881119889calculates 119908ID119894119881
119889119895
= 119867(119872ID119894119881119889119895
ID119894119881119889
119879119895) mod 119901
(12) Vehicle 119881119889calculates 119910ID119894119881
119889119895
= ℎID119894119881119889119895119908ID119894119881
119889119895
119890(119903ID119894119881119889119895sdot 119875 119875)
(13) Vehicle 119881119889broadcasts the message ⟨119872ID119894119881
119889119895
119861ID119894119881119889
119863ID119894119881119889
119890(119903ID119894119881119889119895
sdot 119875 119875) 119910ID119894119881119889119895119875 ID119894119881119889
119879119895 119890(119903ID119905TA 119895 sdot 119875 119875) 119910ID119905TA 119895119875⟩ to other vehicles
(2) Other vehicles first verify the ID of vehicle 119881119889 The
calculations are as follows
(21) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119894119881
119889
) ID119894119881119889
119879119897ID119894119881
119889
) mod 119901
(22) Calculate 1198611015840ID119905TA = 119890(119908ID119905TA 119895 sdot 119875 119910ID119905TA 119895 sdot 119875) +119890(119875 119903ID119905TA 119895 sdot 119875) = 119890(119875 119875)
ℎID119905TA
(23) Check if 119861ID119905TA
= 1198611015840ID119905TA If the equality issatisfied then the user is legal
(3) Other vehicles then verify the authenticity of themessage The calculations are as follows
(31) Calculate 119908ID119894119881119889119895
= 119867(119872ID119894119881119889119895
ID119894119881119889
119879119895) mod 119901
(32) Calculate 1198611015840ID119894119881119889
= 119890(119908ID119894119881119889119895
sdot 119875 119910ID119894119881119889119895
sdot 119875) +
119890(119903ID119894119881119889119895sdot 119875 119875) = 119890(119875 119875)
ℎID119905TA
(33) Check if 119861ID119894119881119889
= 1198611015840ID119894119881119889
Satisfaction of theequality is proof that vehicle 119881
119889sent the mes-
sage
Assuming that two vehicles within the transmission rangeof the same RSU want to communicate privately with eachother (Figure 1) vehicle 119881
119889and vehicle 119881
119890will calculate their
common key The calculation is as follows
SK119881119889minus119881119890
= 119890 (PRID119894119881119889
PUID119894119881119890)
= 119890 (PUID119894119881119889
ℎID119905TAPUID119894119881119890) = SK
119881119890minus119881119889
(15)
Subsequently vehicle 119881119889uses the common session key
(SK119881119889minus119881119890
) to encrypt the message and send the message tovehicle 119881
119890 When vehicle 119881
119890receives the encrypted message
it uses the common session key (SK119881119890minus119881119889
) to decrypt themessage and obtain the contents of the message
5 Security and Performance Analysis
This section gives a security analysis to demonstrate that themethod developed in this study can provide confidentialityauthentication nonrepudiation conditional anonymity andconditional untraceability A performance analysis is con-ducted by comparing the results of the present study withthose in [12ndash15]
51 Security Analysis The following subsections discuss thespecific aspects of the security analysis of the proposedmethod
(1) Confidentiality Assuming that the ID of every node isnot repeated as confidential communications are occurring
Mathematical Problems in Engineering 9
Table 4 The comparison of property
Property Method[12] [13] [14] [15] Proposed method
Security and privacy preservation YES YES YES YES YESDo need the certificate NO NO NO YES NODo need the help of RSU forauthentication NO NO NO NO NO
PKI-based system NO NO NO NO NOCommunication within different RSU YES YES YES YES YESPrivacy communicate NO NO NO NO YES
among vehicles within the range of a single RSU the propertyof IBC is used to establish the common session keys Thecommon session key of a vehicle is calculated based on thebilinear pairings map According to the elliptic curve discretelogarithm problem (ECDLP) the common session key of amalicious node 119887 and node 119886 is SK
119887-119886 It is difficult for node119887 to determine a secret value from SK
119887-119886 node brsquos privatekey (PR
119887) and node arsquos public key (PU
119886) Other vehicles are
unable to calculate the common session key from their ownprivate keys and the public keys of nodes 119886 and 119887 and thusthe security of confidential communications is ensured
(2) Authentication and Nonrepudiation As a vehicle registersand gains the trust of an RSU the RSU will broadcast thevehiclersquos 119866
2value to all vehicles within range and that
specific 1198662represents the vehicle itself The parameters
⟨119872ID119895 119861ID 119863ID 119910ID119895119875 ID 119879119895⟩ are broadcast as the vehicle is
broadcasting messages Other vehicles will calculate 119908ID119895 =119867(119872ID119895 ID 119879ID119895) mod 119901 upon receipt of the messagesand then calculate 1198611015840ID = 119890(119908ID0119875 119910ID119895119875) + 119890(119903ID0119875 119875) =
119890(119875 119875)ℎID Other vehicles are unable to calculate 119910ID119895 from119910ID119895119875 based on the ECDLP but 119903ID0 119910ID119895 and 119908ID119895 canbe calculated from the parameters 119861ID 119910ID119895119875 based onthe BDH method provided that the equality 119861ID = 1198611015840IDwhich is calculated from the messages of the vehicle issatisfiedTherefore the vehicle sending themessages achievesundeniability and the source of the messages is known
(3) Conditional Anonymity The true ID of a vehicle is knownonly to the TA An anonymous ID (ID
119894) is used when a
vehicle registers with the TA and this anonymous ID (ID119894)
is renewed every time the vehicle registers with the TA Avehicle will renegotiate a new anonymous ID (ID
119901) within
the range of every RSU Therefore it is difficult for anothervehicle to obtain the true ID of the vehicle by tracking ID
119894
from ID119901because the true IDs of the vehicles are known
only to the TA and the individual vehicles bearing those IDsEvery RSU knows the anonymous ID (ID
119894) of each vehicle
but each vehicle has a different ID (ID119901) for every RSU which
prevents malicious RSUs from tracking the current locationof the vehicle
(4) Conditional Untraceability When a vehicle is involvedin a criminal act an RSU is able to trace the anonymousID (ID
119894) from the vehiclersquos anonymous ID (ID
119901) The RSU
Table 5 Bilinear pairings execution time in milliseconds
Notations Descriptions Execution time (ms)119879119901
Pairing operation asymp45119879119898
Point multiplication asymp06119879119890
Field exponentiation asymp054
Table 6 RSAHMAC execution time in milliseconds
Notations Descriptions Execution time (ms)ASE RSA encryption 019ASD RSA decryption 465HMAC HMAC 0002SE AES encryption lt019SD AES decryption lt465
Table 7 The length of the parameters
Parameters Length (bit) Parameters Length (bit)1198661
160 AES 1281198662
160 Variable 32HMAC 160 Message (119872) 1024RSA 1024 Random number (119903) 128
transmits ID119894to the TA which in turn identifies the true ID
of the vehicle with the identity ID119894 Every vehicular parameter
will eventually expire therefore ensuring the validity of theanonymous ID of a vehicle
52 Performance Analysis The method developed in thisstudy was compared with those in [12ndash15] regarding perfor-mance execution time and data volume Table 4 comparesthe results of the present study and those of [12ndash15] showingthat the method developed in the present study is superior tothe other methods
To analyze efficiency the times required for a message tobe broadcast and verified in the present study and in [12ndash15] were calculated and the results are listed in Tables 5ndash7 Table 8 shows the results of the efficiency analysis Theexperimental results show that the method proposed in thispaper is superior to those in other literatures regardless ofcomputational complexity and packet length The networksecurity mechanisms proposed in literature [14] and thispaper are both based on the use of bilinear pairing so allthe packet lengths are within a reasonable range However in
10 Mathematical Problems in Engineering
Table 8 Performance analysis
Property Method[12] [13] [14] [15] Proposed method
The broadcast message
Signing5 lowast 119879119898+ 3 lowast 119879
119901
Verification4 lowast 119879119898+ 4 lowast 119879
119901
Signing1 lowast 119879119901
Verification3 lowast 119879119901
Signing5 lowast 119879119898
Verification6 lowast 119879119898+ 1 lowast 119879
119901
Signing2 lowast 119879119898
Verification2 lowast 119879119898
Signing119879119901+ 2 lowast 119879
119898
Verification119879119901+ 119879119898
Spending time 364ms 18ms 111ms 18ms 108msThe length of ciphertext 1112 bits 480 bits 480 bits (160 lowast 160) + 320 bits 480 bitsHandoff 3 lowast 119879
119901NA 4 lowast 119879
119898+ 2 lowast 119879
1199015 lowast 119879119898
2 lowast SE + 2 lowast SDSpending time 135ms NA 114ms 3ms lt968msThe length of ciphertext 480 bits NA 1280 bits 160 lowast 160 lowast 160 bits 2048 bits
Communication betweendifferent RSUs
Signing5 lowast 119879119898+ 3 lowast 119879
119901
Verification4 lowast 119879119898+ 4 lowast 119879
119901
Signing1 lowast 119879119901
Verification3 lowast 119879119901
Signing5 lowast 119879119898
Verification6 lowast 119879119898+ 1 lowast 119879
119901
Signing2 lowast 119879119898
Verification2 lowast 119879119898
Signing119879119901+ 2 lowast 119879
119898
Verification2 lowast 119879119901+ 2 lowast 119879
119898
Spending time 364ms 18ms 111ms 18ms 159msThe length of ciphertext 1112 bits 480 bits 480 bits (160 lowast 160) + 320 bits 960 bits
Privacy communicate NA NA NA NA
Signing119879119875+ SE
Verification119879119901+ SD
Spending time NA NA NA NA lt1384msThe length of ciphertext NA NA NA NA 1024 bits
computational complexity the proposed method is superiorto that of literature [14] In literature [15] there are networksecurity mechanisms based on chameleon hashing whichemploy exponential calculation The multiplication resultof three values will be huge Although the computationalcomplexity is not high the transfer of large amounts ofpackets will affect network bandwidth and also cause packetlosses in VANETs environment
6 Conclusion
VANETs improve transportation safety and efficiency If theinformation shared between vehicles is tampered with therewill be dire consequences such as vehicle collisions Thescheme proposed in this study ensures the security of theinformation shared between vehicles and is superior to otherschemes in terms of message verification and handoff Addi-tionally in terms of security the scheme in this study ensuresconditional untraceability conditional anonymity authenti-cation and nonrepudiation Future work will include supple-menting the scheme proposed in this study with revocationand trust mechanisms to corroborate the security scheme
Notations
Notations of the BDH
ℎ119894 The user 119894 chooses a random number ℎ
119894isin 119885lowast119902
as its secret value119861119894 The public value of user 119894 such that 119890(ℎ
119894119875 119875)
119910119894119895 The 119910
119894119895is the quotient
119903119894119895 The 119903
119894119895is the remainder
119908119894119895 119908119894119895
= 119867(119872119894119895
119879119895) mod 119901
Notation Used in This Paper
119890 Bilinear mapping1198661 Additive group
1198662 Multiplicative group
119875 Generator of 1198661
SE(sdot) A secure symmetric encryption algorithm119864IBC(sdot) ID-based encryption119863IBC(sdot) ID-based decryptPU119896 Public key of node 119896
PR119896 Private key of node 119896
119863119896 Data key of node 119896
ID119905119896 Real identity of node 119896
ID119894119896 Original pseudonym of node 119896
ID119901119896 Requested pseudonym of node 119896
ℎ119896 Secret value of node 119896
119862119894 Handoff secret value
119861119896 The public value of user 119896 such that 119890(ℎ
119894119875 119875)
SK119896-119895 The common session key between node 119896
and node 119895
119896119894-119895 The common secret key between node 119894 and
node 119895
119885lowast119902 119885lowast
119902is the finite field of mod 119902
119867(sdot) Hash function such that 0 1lowast rarr 119885lowast119902
1198671(sdot) Hash function such that 0 1lowast rarr 119866lowast
1
1198672(sdot) Hash function such that 119866lowast
2rarr 0 1lowast
Mathematical Problems in Engineering 11
119879119895 Time interval 119895
119879119897119894 Lifetime of the corresponding parameters
The message concatenation operation whichappends several messages together in aspecial format
Conflict of Interests
The authors declare that there is no conflict of interestsregarding the publication of this paper
Acknowledgments
This paper is the partial result of project MOST103-2632-E-366-001 and 103-2221-E-268-003 The authors would like tothank the supporting of Ministry of Science and TechnologyTaiwan
References
[1] IEEE ldquoDraft amendment for wireless access in vehicularenvironments (WAVE)rdquo IEEE P80211pD6 2009
[2] Dedicated Short Range Communication (DSRC) httpgrouperieeeorggroupsscc32dsrcindexhtml
[3] US Department of Transportation and National HighwayTraffic Safety Administration Vehicle Safety CommunicationsProject 2006
[4] C Xu F Zhao J Guan H Zhang and G M MunteanldquoQoE-driven user-centric vod services in urban multihomedP2P-based vehicular networksrdquo IEEE Transactions on VehicularTechnology vol 62 no 5 pp 2273ndash2289 2013
[5] GMarfiaM Roccetti A Amoroso andG Pau ldquoSafe driving inLA report from the greatest intervehicular accident detectiontest everrdquo IEEE Transactions on Vehicular Technology vol 62no 2 pp 522ndash535 2013
[6] R Lu X Lin Z Shi and X S Shen ldquoA lightweight conditionalprivacy-preservation protocol for vehicular traffic-monitoringsystemsrdquo IEEE Intelligent Systems vol 28 no 3 pp 62ndash65 2013
[7] IEEETrial-Use Standard ldquoIEEETrial-Use Standard forWirelessAccess in Vehicular Environments (WAVE) Networking Ser-vicesrdquo IEEE 1609 2006
[8] J-P Hubaux S Capkun and J Luo ldquoThe security and privacyof smart vehiclesrdquo IEEE Security and Privacy vol 2 no 3 pp49ndash55 2004
[9] G Kounga T Walter and S Lachmund ldquoProving reliabilityof anonymous information in VANETsrdquo IEEE Transactions onVehicular Technology vol 58 no 6 pp 2977ndash2989 2009
[10] A Wasef Y Jiang and X Shen ldquoDCS an efficient distributed-certificate-service scheme for vehicular networksrdquo IEEE Trans-actions onVehicular Technology vol 59 no 2 pp 533ndash549 2010
[11] J Sun C Zhang Y Zhang and Y Fang ldquoAn identity-basedsecurity system for user privacy in vehicular ad hoc networksrdquoIEEE Transactions on Parallel and Distributed Systems vol 21no 9 pp 1227ndash1239 2010
[12] R Lu X Lin X Liang and X Shen ldquoA dynamic privacy-preserving keymanagement scheme for location-based servicesin VANETsrdquo IEEE Transactions on Intelligent TransportationSystems vol 13 no 1 pp 127ndash139 2012
[13] S Biswas and J Misic ldquoA cross-layer approach to privacy-preserving authentication in WAVE-enabled VANETsrdquo IEEE
Transactions on Vehicular Technology vol 62 no 5 pp 2182ndash2192 2013
[14] L-Y Yeh and J-L Huang ldquoPBS a portable billing schemewith fine-grained access control for service-oriented vehicularnetworksrdquo IEEE Transactions on Mobile Computing vol 13 no11 pp 2606ndash2619 2014
[15] S Guo D Zeng and Y Xiang ldquoChameleon hashing forsecure and privacy-preserving vehicular communicationsrdquoIEEE Transactions on Parallel and Distributed Systems vol 25no 11 pp 2794ndash2803 2014
[16] T W Chim S M Yiu L C K Hui and V O K Li ldquoVSPNVANET-based secure and privacy-preserving navigationrdquo IEEETransactions on Computers vol 63 no 2 pp 510ndash524 2014
[17] D Boneh and M K Franklin ldquoIdentity-based encryption fromthe weil pairingrdquo in Advances in CryptologymdashCRYPTO 200121st Annual International CryptologyConference Santa BarbaraCalifornia USA August 19ndash23 2001 Proceedings vol 2139 ofLectureNotes in Computer Science pp 213ndash229 Springer BerlinGermany 2001
Submit your manuscripts athttpwwwhindawicom
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Mathematical Problems in Engineering
Hindawi Publishing Corporationhttpwwwhindawicom
Differential EquationsInternational Journal of
Volume 2014
Applied MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Probability and StatisticsHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Mathematical PhysicsAdvances in
Complex AnalysisJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
OptimizationJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
CombinatoricsHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
International Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Operations ResearchAdvances in
Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Function Spaces
Abstract and Applied AnalysisHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
International Journal of Mathematics and Mathematical Sciences
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
The Scientific World JournalHindawi Publishing Corporation httpwwwhindawicom Volume 2014
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Algebra
Discrete Dynamics in Nature and Society
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Decision SciencesAdvances in
Discrete MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom
Volume 2014 Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Stochastic AnalysisInternational Journal of
Mathematical Problems in Engineering 3
for vehicles involved have to be updated via TA Therefore ithas a centralized authentication issue
3 Background
This section will introduce the technologies used in themethod developed in this study Section 31 introduces bilin-ear pairing and hard problems Section 32 discusses Bonehand Franklins ID-based encryption Section 33 discussesShamirs ID-based cryptosystem and Section 34 covers bilin-ear Diffie-Hellman message authentication
31 Bilinear Pairings and Hard Problems Let 1198661and 119866
2
denote an additive and a multiplicative group and both ofthem with prime order 119902 Let 119875 be generator of 119866
1and let
119890 1198661times 1198661
rarr 1198662be a bilinear mapping with the following
properties
(1) Bilinear
119890 = (119886119875 119887119875) = 119890 (119875 119875)119886119887
119890 (119886 sdot 119875 + 119887 sdot 119875 119875) = 119890 (119886 sdot 119875 119875) 119890 (119887 sdot 119875 119875)
forall119875 isin 1198661 119886 119887 isin 119885
lowast
119902
(1)
(2) Nondegeneracy exist119875 isin 1198661such that 119890(119875 119875) = 1 That
is the mapping does not send all pairs in 1198661times 1198661to
the identity in 1198662
(3) Computable there exists an efficient algorithm tocompute 119890(119875 119875) for all 119875 isin 119866
1
The bilinear map 119890 can be implemented using the Weil[9] and Tate [10] pairings on elliptic curves We consider theimplementation of a Tate pairing on a MiyajindashNakabayashindashTakano (MNT) curve [11] with embedding degree 6 where1198661is represented by 161 bits and the order 119902 is represented by
160 bitsThe following part will define and specify various relevant
mathematical problems [12] whichwill be applied in the essaysubsequently
Bilinear Diffie-Hellman problem
Given (119875 119886119875 119887119875 119888119875) isin 1198661 where 119886 119887 119888 isin 119885lowast
119902
compute 119890 = (119875 119875)119886119887119888
Elliptic curve discrete logarithm problem (ECDLP)
Given two elements119875119876 isin 1198661 find an integer 119886 isin 119885lowast
119902
such that 119876 = 119886119875
32 ID-Based Encryption We used ID-based encryption [17]to encrypt and decrypt messages A private key generator(PKG) chooses a randomnumber 119892PKG isin 119885lowast
119902as itsmaster key
and selects two distinct hash functions 1198671 0 1lowast rarr 119866
1
and 1198672 1198662
rarr 0 1lowast Given a user 119894 with an identity ID119894isin
0 1lowast any party can obtain the userrsquos public key PUID119894 =
1198671(ID119894) The PKG sets the userrsquos private key PRID119894 = 119892PKG sdot
1198671(ID119894) User 119894 chooses 119904ID119894 isin 119885lowast
119902as herhis own secret value
and sets 119863ID119894 = 119904ID119894 sdot 119875 In the final step the PKG publishesthe system parameters (119902 119866
1 1198662 119890 119875 119863ID119894 ID119894 1198671 1198672) and
withholds 119904ID119894
Encrypt To encrypt a message 119872 isin 0 1lowast for the user withidentity ID
119894is as follows
(1) Choose a random number 119903 isin 119885lowast119875
(2) Set the cipher text 119862 to be
119862 = 119864IBC (119903119872PUID119894 119863ID119894)
= 119903 sdot 119875119872 oplus 1198672(119890 (PUID119894 119863ID119894)
119903
)
(2)
Decryption Let 119862 = ⟨119880119881⟩ To decrypt 119862 using the secretvalue 119904ID119894 compute119863IBC(119904ID119894 119862) = 119881oplus119867
2(119890(119904ID119894PUID119894 119880)) =
119872 where
119881 oplus 1198672(119890 (119904ID119894PUID119894 119880))
= 119872 oplus 1198672(119890 (PUID119894 119903119863ID119894)) oplus 119867
2(119890 (119904ID119894PUID119894 119903119875))
= 119872 oplus 1198672(119890 (PUID119894 119903119904ID119894119875)) oplus 119867
2(119890 (119904ID119894PUID119894 119903119875))
= 119872 oplus 1198672(119890 (PUID119894 119903119904ID119894119875)) oplus 119867
2(119890 (PUID119894 119903119904ID119894119875))
= 119872
(3)
33 ID-Based Cryptosystem The advantage of ID-basedcryptosystems [17] is that public key certificates are nolonger needless and this possibly causes a saving of spacerequirements Besides it also reduces the key managementcost which is a heavy burden in conventional public keyinfrastructure (PKI) However it has a serious drawbackcalled key escrow problem PKG is responsible for generatinga userrsquos private key so it can decrypt any ciphertext or forgeany userrsquos signature on any message
34 Message Authentication Based on the Bilinear HardProblems (BHD) Method In this study message signaturesand verification are established based on the BDH methodIn this scheme user 119894 selects a random number ℎ
119894isin 119885lowast119902as
the secret value calculates the public value (119861119894) and then
broadcasts 119861119894to all other users Notations of the BDH list the
notation used in this study User 119894 broadcasts message119872119894119895by
executing the following steps
(1) User 119894 calculates 119908119894119895
= 119867(119872119894119895
119879119895) mod 119901
(2) User 119894 calculates ℎ119894
= 119910119894119895
lowast 119908119894119895
+ 119903119894119895 where
119910119894119895
represents the quotient and 119903119894119895
represents theremainder
(3) User 119894 broadcasts ⟨119872119894119895 119910119894119895
sdot 119875 ID119894 119879119895 119890(119875 119903
119894119895sdot 119875)⟩
Other users can then verify the message upon receipt byexecuting the following steps
(1) Calculate 119908119894119895
= 119867(119872119894119895
119879119895) mod 119901
4 Mathematical Problems in Engineering
(2) Check whether 119890(119908119894119895
sdot 119875 119910119894119895
sdot 119875) + 119890(119875 119903119894119895
sdot 119875) =
119890(119875 119875)ℎ119894
= 119861119894
If the equality in step (2) is satisfied then this condition ver-ifies that the user 119894 sent the message During the verificationprocess other users receive only119910
119894119895sdot119875 119890(119875 119903
119894119895sdot119875)119908
119894119895and119861
119894
Based on elliptic curves and the discrete logarithm problem(ECDLP) ℎ
119894cannot be calculated without 119910
119894119895sdot 119875 and 119861
119894
Therefore message security is ensured Furthermore becauseℎ119894belongs to the user alone nonrepudiation of the message
is also ensured
4 Message Authentication Scheme
The scheme proposed in this study consists of five parts(1) system initialization and RSU registration (2) intra-RSUmessage authentication (3) inter-RSU message authentica-tion (4) handoff and (5) message authentication when RSUsare not available
41 System Model Figure 1 shows the system environmentused in this study We assume that the TA is a legal organiza-tion and is responsible for the security of the entire networkWhen there is an attack on the network infrastructure from amalicious node the TA will broadcast the true identity of thenode and take necessary actionWe further assume that RSUsare installed on streetlights or traffic signs on main roads andthere are no RSUs installed on minor roads Each vehicleis equipped with an OBU Communication between the TAand RSUs is via a wired network whereas communicationbetween OBUs and the TA is via an IEEE 80211p wirelessnetwork Notation used in this paper lists the notation usedin this study
42 System Initialization Given the bilinear parameters(119902 1198661 1198662 119890 119875) as defined in Section 31 the TA sets up the
system by executing the following steps
(1) The TA chooses ℎID119905TA isin 119885lowast
119902as its secret value
(2) The TA selects three hash functions 119867 0 1lowast rarr
119885lowast1199021198671 0 1lowast rarr 119866
1 and119867
2 1198662
rarr 0 1lowast(3) The TA calculates 119861ID119905TA = 119890(ℎID119905TA119875 119875) as its public
value(4) The TA sets119863ID119905TA = ℎID119905TA sdot 119875(5) The TA sets PUID119905TA = 119867
1(ID119905TA)
(6) The TA sets PRID119905TA = ℎID119905TA1198671(ID119905TA)
The TA broadcasts the parameters (ID119905TA 119861ID119905TA 119863ID119905TA
1198671198671 1198672) while (PR
119905TA ℎID119905TA) remain undisclosed Inaddition the TA sets the related parameters for each RSU byexecuting the following steps
(1) The node 119877119877chooses ℎID119905119877119877 isin 119885lowast
119902as its secret value
(2) It calculates 119861ID119905119877119877= 119890(ℎID119905119877119877
119875 119875) as its public value
(3) It sets119863ID119905119877119877= ℎID119905119877119877
sdot 119875
Vb
Va
R2R1
VcR3
Ve
Vd
R4
TA
Figure 1 System environment
(4) It sets PUID119905119877119877= 1198671(ID119905119877119877
)
The TA sets up the system by executing the followingsteps
(1) Set PRID119905119877119877= ℎID119905TA1198671(ID119905119877119877)
(2) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119905119877119877
) ID119905119877119877
119879119897ID119905119877119877
) mod 119901
(3) Calculate 119910ID119905TA 119895 = ℎID119905TA119908ID119905TA 119895 119890(119903ID119905TA 119895 sdot 119875 119875)
The RSU 119877119877broadcasts the parameters (ID
119905119877119877 119861ID119905119877119877
119863ID119905119877119877 119890(119903ID119905TA 119895 sdot119875 119875) 119910ID119905TA119875 119879119897ID119905119877119877
) and does not disclosethe parameters (ℎID119905119877119877
PRID119905119877119877) All nodes can verify the
legitimacy of the ID of the RSU by executing the followingsteps
(1) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119905119877119877
) ID119905119877119877
119879119897ID119905119877119877
) mod 119901
(2) Calculate 1198611015840ID119905TA = 119890(119908ID119905TA 119895 sdot 119875 119910ID119905TA 119895 sdot 119875) +
119890(119875 119903ID119905TA 119895 sdot 119875) = 119890(119875 119875)ℎID119905TA
(3) Check if 119861ID119905TA
= 1198611015840ID119905TA
TheTA generates the related parameters for the vehicle byexecuting the following steps
(1) The node 119881 chooses ℎID119894119881 isin 119885lowast119902as its secret value
(2) It calculates 119861ID119894119881 = 119890(ℎID119894119881119875 119875) as its public value(3) It sets119863ID119894119881 = ℎID119894119881 sdot 119875(4) It selects an anonymous identity ID
119894 and all users
can obtain its public key by computing PUID119894119881 =
1198671(ID119894119881
)
The TA sets up the system by executing the followingsteps
Mathematical Problems in Engineering 5
(1) Set PRID119894119881 = ℎID119905TA1198671(ID119894119881)
(2) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119894119881) ID
119894119881
119879119897ID119894119881) mod 119901
(3) Calculate 119910ID119905TA 119895 = ℎID119905TA119908ID119905TA 119895 119890(119903ID119894TA 119895 sdot 119875 119875)
Each vehicle broadcasts the parameters (ID119894119881
119861ID119894119881
119863ID119894119881 119890(119903ID119905TA 119895 sdot 119875 119875) 119910ID119905TA 119895119875 119879119897ID119894119881) and does not disclosethe parameters (ℎID119894119881 PRID119894119881) The TA records the parame-ters (ID
119905119881 ID119894119881
119861ID119894119881 119863ID119894119881 119879ID119894119881119895) for each vehicleEach vehicle or RSU can verify the legitimacy of the
vehicle ID by executing the following steps
(1) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119894119881) ID
119894119881
119879119897ID119894119881) mod 119901
(2) Calculate 1198611015840ID119905TA = 119890(119908ID119905TA 119895 sdot 119875 119910ID119905TA 119895 sdot 119875) +
119890(119875 119903ID119905TA 119895 sdot 119875) = 119890(119875 119875)ℎID119905TA
(3) Check if 119861ID119905TA
= 1198611015840ID119905TA If the equality is satisfiedthen the user is legal
43 Registration When a vehicle 119881119886is within the transmis-
sion range of RSU 1198771 the vehicle 119881
119886and 119877
1will send an ID
verification request to each other After successful verifica-tion RSU 119877
1will then generate the short-term parameters
for119881119886 Vehicle119881
119886can retain its anonymity and security using
the short-term parameters by executing the following steps
(1) Use the identity-based cryptography (IBC) techniqueto generatethe common session key for RSU 119877
1and
vehicle 119881119886 Vehicle 119881
119886uses its own private key and
the public key of RSU 1198771to generate the common
session key The public key of RSU 1198771is calculated
from the true ID of RSU1198771Therefore vehicle119881
119886does
not require the public key of RSU 1198771 The calculation
is as follows
SK119881119886minus1198771
= 119890 (PRID119894119881119886PUID1199051198771
)
= 119890 (PUID119894119881119886 ℎID119905TAPUID1199051198771
) = SK1198771minus119881119886
(4)
Because the TA generates the private keys for bothRSU 119877
1and vehicle 119881
119886 the common session keys
generated from RSU 1198771and vehicle 119881
119886are the same
Therefore RSU 1198771and vehicle 119881
119886can communicate
with each other privately(2) 119881119886generates the short-term parameters ID
119901119881119905 119861ID119901119881119905
and 119863ID119901119881119905
and uses symmetric encryption toencrypt the common session key (SK
119881119886minus1198771) as a
security key The encryption is supplemented bythe plain-text parameters (ID
119894119881119886 119861ID119894119881119886
119890(119903ID119905TA 119895 sdot
119875 119875) 119910ID119905TA 119895119875 119879119897ID119894119881119886) The calculation is as follows
119862 = SE (ID119901119881119905
119861ID119901119881119905 119863ID119901119881119905
119879119895)SK119881119886minus1198771
(5)
Vehicle 119881119886sends the message 119862 ID
119894119881119886 119861ID119894119881119886
119890(119903ID119905TA 119895 sdot 119875 119875) 119910ID119905TA 119895119875 119879119897ID119894119881119886
to 1198771
(3) When RSU 1198771receives the message 119877
1first verifies
whether the parameters of vehicle 119881119886are within the
valid limits through the following steps
(31) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119894119881119886
) ID119894119881119886
119879119897ID119894119881119886
) mod 119901
(32) Calculate 1198611015840ID119905TA = 119890(119908ID119905TA 119895 sdot 119875 119910ID119905TA 119895 sdot 119875) +
119890(119875 119903ID119905TA 119895 sdot 119875) = 119890(119875 119875)ℎID119905TA
(33) Check if 119861ID119905TA
= 1198611015840ID119905TA If the equality issatisfied then the user is legal
(4) To decrypt the encrypted message RSU 1198771first cal-
culates the common session key shared with vehicle119881119886 Then RSU 119877
1uses the common session key to
decrypt the message The calculation is as follows
SK1198771minus119881119886
= 119890 (PRID1199051198771PUID119894119881119886
)
= 119890 (PUID1199051198771 ℎID119905TAPUID119894119881119886
) = SK119881119886minus1198771
(6)
(5) RSU 1198771calculates the private key the common secret
key and the signature of 119881119886 The calculations are as
follows
(51) 1198771calculates PRID119901119881119886
as its private key(52) 119877
1chooses 119862ID119901119881119886
isin 119885lowast119902as its common secret
key(53) 119877
1calculates 119910ID1199051198771 119895 = ℎID1199051198771
119908ID1199051198771 119895 119890(119903ID1199051198771 119895 sdot
119875 119875) 119908ID1199051198772 119895= 119867(119867
2(119861ID119901119881119886
) ID119901119881119886
119879119897ID119901119881119886
) mod 119901
(6) RSU 1198771encrypts the parameters (PRID119901119881119886
119862ID119901119881119886)
using the common session key The calculation is asfollows
119862 = SE (PRID119901119881119886 119862ID119901119881119886
119879119895)SK1198771minus119881119886
(7)
RSU 1198771sends the message 119862 ID
119894119881119886 119890(119903ID1199051198771 119895
sdot
119875 119875) 119910ID1199051198771 119895119875 119879119897ID119901119881119886
to vehicle 119881119886
(7) When vehicle119881119886receives themessage the vehicle uses
the common session key to decrypt the message(8) 1198771
records (ID119894119881119886
ID119901119881119886
119861ID119901119881119886 119863ID119901119881119886
119862ID1199051198771 119895
119879119897ID119901119881119886
) and publishes (ID119901119881119886
119861ID119901119881119886 119863ID119901119881119886
119890(119903ID1199051198771 119895sdot 119875 119875) 119910ID1199051198771 119895
119875 119879119897ID119901119881119886
) to all vehicles in itsdomain
To improve the efficiency of the handoff process RSU 1198771
generates a common secret key for vehicle 119881119886and each RSU
RSU 1198771uses a one-way hash chain [13] to generate 119898 keys
6 Mathematical Problems in Engineering
Table 1 RID-key table
ID of RSUNew ID ofvehicle
(handoff)
ID of vehicle(RSU
generate)
ID of vehicle(TA generate)
Commonsecret key
Expire timeof commonsecret key
BDH value ofvehicle
Data key ofvehicle
Expire timeof key
1198771 ID1015840
119901119881119886ID119901119881119886
ID119894119881119886
119896ID119901119881119886 1198771119879119897ID1015840119901119881119886
119861ID119901119881119886119863ID119901119881119886
119879119897ID119901119881119886
119877119898 ID10158401015840
119901119881119886ID119901119881119886
ID119894119881119886
119896ID119901119881119886 119877119898119879119897ID10158401015840119901119881119886
non non non1198771 ID1015840
119901119881119887ID119901119881119887
ID119894119881119887
119896ID1199011198811198871198771
119879119897ID1015840119901119881119887
119861ID119901119881119887
119863ID119901119881119887
119879119897ID119901119881
119887
119877119898minus1 ID10158401015840
119901119881119887ID119901119881119887
ID119894119881119887
119896ID119901119881119887119877119898
119879119897ID10158401015840119901119881119887
non non non
119896ID119901119881119886 119877119898 119896ID119901119881119886 119877119898minus1
119896ID119901119881119886 1198771Themethod for generating
the keys is as follows
119865 (119862ID119901119881119886 PRID119901119881119886
) = 119896ID119901119881119886 119877119898
119865 (119896ID119901119881119886 119877119898 PRID119901119881119886
) = 119896ID119901119881119886 119877119898minus1
119865 (119896ID119901119881119886 1198772 PRID119901119881119886
) = 119896ID119901119881119886 1198771
(8)
RSU 1198771uses a one-way hash chain [13] to generate 119898
anonymous IDs ID1015840119901119881119886
ID10158401015840119901119881119886
ID101584010158401015840119901119881119886
The method forgenerating the IDs is as follows
119865 (ID119901119881119886
PRID119901119881119886) = ID1015840
119901119881119886
119865 (ID1015840119901119881119886
PRID119901119881119886) = ID10158401015840
119901119881119886
119865 (ID10158401015840119901119881119886
PRID119901119881119886) = ID101584010158401015840
119901119881119886
(9)
Each RSU has two tables an RID-key table and an SID-key table The RID-key table is used to store the relatedparameters generated by RSU (Table 1) RSU 119877
1uses the
common session key that it shares with each RSU to encryptthe common secret key that vehicle 119881
119886has with each RSU
and the anonymous ID RSU 1198771then sends the encrypted
message to other RSUs When another RSU receives theencrypted message that RSU first uses the common sessionkey that it shares with RSU 119877
1to decrypt the message
and then stores the parameters for vehicle 119881119886in the table
(Table 2) Because vehicle 119881119886has the related parameters
(PRID119901119881119886 ID119901119881119886
119862ID119901119881119886) it can generate a common secret key
shared with each RSU and an anonymous ID on its ownTheparameters are stored in the table (Table 3) The parametersfor vehicle 119881
119886do not permit any one RSU to obtain the
parameters that vehicle 119881119886shares with other RSUs Because
other RSUs cannot obtain the private key and the commonsecret key of vehicle 119881
119886 the security of vehicle 119881
119886is ensured
44 Intra-RSU Message Authentication Vehicle 119881119886broad-
castsmessages to other vehicleswithin the transmission rangeof an RSU The calculations are as follows
(1) Vehicle 119881119886uses the BDH method to authorize a
message signature The calculations are as follows
(11) Vehicle 119881119886calculates 119908ID119901119881119886 119895
= 119867(119872ID119901119881119886 119895
ID119901119881119886
119879119895) mod 119901
(12) Vehicle119881119886calculates 119910ID119901119881119886 119895 = ℎID119901119881119886 119895
119908ID119901119881119886 119895
119890(119903ID119901119881119886 119895sdot 119875 119875) ∘
(13) Vehicle 119881119886broadcasts the message ⟨119872ID119901119881119886 119895
119861ID119901119881119886 119863ID119901119881119886
119890(119903ID119901119881119886 119895sdot 119875 119875) 119910ID119901119881119886 119895
119875 ID119901119881119886
119879119895⟩ to other vehicles within range
(2) When other vehicles receive the message they canverify the authenticity of the message The calcula-tions are as follows
(21) Calculate 119908ID119901119881119886 119895= 119867(119872ID119901119881119886 119895
ID119901119881119886
119879119895) mod 119901 ∘
(22) Calculate 1198611015840ID119901119881119886= 119890(119908ID119901119881119886 119895
sdot 119875 119910ID119901119881119886 119895sdot 119875) +
119890(119903ID119901119881119886 119895sdot 119875 119875) = 119890(119875 119875)
ℎID119905TA
(23) Check if 119861ID119901119881119886
= 1198611015840ID119901119881119886 If the equality is
satisfied then vehicle 119881119886sent the message
Assuming that two vehicles within the transmission rangeof a given RSU want to send private messages to eachother (Figure 1) vehicle 119881
119886and vehicle 119881
119887will calculate their
common key The calculation is as follows
SK119881119886minus119881119887
= 119890 (PRID119901119881119886PUID119901119881
119887
)
= 119890 (PUID119901119881119886 ℎID119905119877119877
PUID119901119881119887
) = SK119881119887minus119881119886
(10)
Then vehicle 119881119886uses the common session key (SK
119881119886minus119881119887)
to first encrypt the message and then send it to vehicle 119881119886
When119881119887receives the encrypted message the vehicle uses the
common session key (SK119881119887minus119881119886
) to decrypt the message andthen obtain the contents of the messageThe benefits of usingIBC lie in the fact that the other vehiclersquos public key can beeasily calculated based on its ID and that the common sessionkey can be calculated based on the other vehiclersquos public key
Mathematical Problems in Engineering 7
Table 2 SID-key table
New ID ofvehicle(handoff)
Informed byRSU
Commonsecret key
Expire timeof commonsecret key
BDH value ofvehicle
Data key ofvehicle
Expire timeof key
ID1015840119901119881119905
1198777
119896ID119901119881119905 1198771119879119897ID1015840119901119881119905
non non non
ID10158401015840119901119881119905minus7
119877119898
119896ID119901119881119905minus7 1198771119879119897ID10158401015840119901119881119905minus7
non non nonID1015840119901119881119888
119877119898minus2
119896ID119901119881119888 1198771119879119897ID1015840119901119881119888
119861ID119901119881119888119863ID119901119881119888
119879119897ID119901119881119888
ID10158401015840119901119881119889
1198777
119896ID1199011198811198891198771
119879119897ID10158401015840119901119881119889
119861ID119901119881119889
119863ID119901119881119889
119879119897ID119901119881
119889
Table 3 SID issue table
ID of RSUNew ID ofvehicle
(handoff)
ID of vehicle(RSU generate)
ID of vehicle(TA generate)
Commonsecret key
Private key(RSU) Secret value Expire time
of key
1198771 ID1015840
119901119881119886ID119901119881119886
ID119894119881119886
119896ID119901119881119886 1198771PRID119901119881119886
ℎID119901119881119886119879119897ID119901119881119886
119877119898 ID10158401015840
119901119881119886ID119901119881119886
ID119894119881119886
119896ID119901119881119886 119877119898 non non non
and its own private key Conversely the other vehicle can alsocalculate the common session key because the secret value ofthe common session key is the same
45 Inter-RSU Message Authentication Assuming that vehi-cle 119881119886wants to broadcast a message within the transmission
ranges of several RSUs and uses the BDH signature toensure the security of the message vehicle 119881
119886will first send
the parameters ⟨119872ID119901119881119886 119895 119890(119903ID119901119881119886 119895
sdot 119875 119875) 119910ID119901119881119886 119895119875 119861ID119901119881119886
ID119901119881119886
119910ID1199051198771 119895sdot119875 119890(119903ID1199051198771 119895
sdot119875 119875) sdot119879119897ID119901119881119905
119879119895⟩ to nearby RSUs
and then the RSUs will relay the message to other vehiclesThen other vehicles will first verify the legitimacy of vehicle119881119886by calculating 119908ID1199051198771 119895
= 119867(1198672(119861ID119901119881119886
) ID119901119881119886
119879119897ID119901119881119886
) mod 119901 and then calculating 119890(119908ID1199051198771 119895119875 119910ID1199051198771 119895
119875) +
119890(119903ID1199051198771 119895119875 119875) = 1198611015840IDID1199051198771
If it is the case then it proves thatvehicle 119881
119886is the legitimate user of RSU 119877
1
Other vehicles will verify the authenticity of the mes-sage from vehicle 119881
119886by first calculating 119908ID119901119881119886 119895
=
119867(119872ID119901119881119886 119895 ID
119901119881119886 119879119895) mod 119901 and then calculating
119890(119908ID119901119881119886 119895119875 119910ID119901119881119886 119895
119875) + 119890(119903ID119901119881119886 119895119875 119875) = 1198611015840ID119901119881119886 119895
If it is thecase then the message was sent from vehicle 119881
119886
In private communications the secret private key valueof each vehicle is different because there are multiple RSUsTherefore an ID-based encryption method should be usedLet vehicle 119881
119886and vehicle 119881
119888calculate their common session
keys Assuming that vehicle 119881119886wants to privately commu-
nicate with vehicle 119881119888 which is within the transmission
range of a different RSU vehicle 119881119888will first encrypt the
message Vehicle 119881119886will then calculate the public key using
the anonymous ID of vehicle 119881119888 Upon obtaining the data
key for vehicle 119881119888 vehicle 119881
119886will encrypt the message using
the public key and the data key of vehicle 119881119888 The calculation
is as follows
119862 = 119864IBC (119903119872PUID119901119881119888 119863ID119901119881119888
)
= 119903 sdot 119875119872 oplus 1198672(119890 (PUID119901119881119888
119863ID119901119881119888)119903
)
119872 = 119890 (PRID119901119881119886PUID119901119881119888
)
(11)
Subsequently vehicle 119881119888uses the private key to decrypt
the message Equation (2) shows the decryption methodVehicle 119881
119888then uses ID-based encryption to generate an
encrypted message for vehicle 119881119886 The calculation is as
follows
119862 = 119864IBC (119903119872PUID119901119881119886 119863ID119901119881119886
)
= 119903 sdot 119875119872 oplus 1198672(119890 (PUID119901119881119886
119863ID119901119881119886)119903
)
119872 = 119890 (PRID119901119881119886PUID119901119881119888
) + 119890 (PRID119901119881119888PUID119901119881119886
)
(12)
Vehicle 119881119886uses the private key to decrypt the message
Equation (2) shows the decryption method When vehicle119881119886
receives thecommon session key that it shares with vehicle119881119888
119881119886can communicate with vehicle 119881
119888privately The common
session key is
SK119881119886minus119881119888
= 119890 (PRID119901119881119886PUID119901119881119888
) + 119890 (PRID119901119881119888PUID119901119881119886
)
= SK119881119888minus119881119886
(13)
8 Mathematical Problems in Engineering
46 Handoff Problem When vehicle 119881119886comes within the
transmission range of the next RSU (1198772) vehicle 119881
119886will first
inquire for the common secret key that it shares with RSU 1198772
in Table 3 and then initiate the handoff The calculation is asfollows
(1) Vehicle 119881119886
first generates short-term parameters119861ID119901119881119905
119863ID119901119881119905and uses the common secret key
(119896ID119901119881119886 1198772) to encrypt the parametersThen vehicle119881119886
sends the parameters and its anonymous ID to RSU1198772
(2) RSU 1198772inquires for the common secret key and the
time of validity that it shares with vehicle119881119886in Table 2
based on the anonymous ID of vehicle 119881119886 If the time
of validity has expired then vehicle 119881119886will reregister
with RSU (Section 42) If the time of validity has notexpired 119877
2will generate the short-term parameters
for vehicle 119881119886 The calculations are as follows
(21) 1198772calculates PRID119901119881119886
as its private key(22) 119877
2calculates119908ID1199051198772 119895
= 119867(1198672(119861ID119901119881119886
) ID119901119881119886
119879119897ID119901119881119886
) mod 119901(23) 119877
2calculates 119910ID1199051198772 119895 = ℎID1199051198772
119908ID1199051198772 119895 119890(119903ID1199051198772 119895 sdot
119875 119875)
(3) RSU 1198771uses the common secret key to encrypt the
parameters (PRID119901119881119886 119862ID119901119881119886
) The calculation is asfollows
119862 = SE (PRID119901119881119886 CID119901119881119886
119879119895)SK1198771minus119881119886
(14)
RSU 1198771sends the message 119862 ID
119894119881119886 119890(119903ID1199051198771 119895
sdot
119875 119875) 119910ID1199051198771 119895119875 119879119897ID119901119881119886
to vehicle 119881119886
(4) When vehicle119881119886receives themessage the vehicle uses
the common secret key to decrypt the message(5) 1198771
records (ID119894119881119886
ID119901119881119886
119861ID119901119881119886 119863ID119901119881119886
119862ID1199051198771 119895
119879119897ID119901119881119886
) and publishes (ID119901119881119886
119861ID119901119881119886 119863ID119901119881119886
119890(119903ID1199051198771 119895sdot 119875 119875) 119910ID1199051198771 119895
119875 119879119897ID119901119881119886
) to all vehicles in itsdomain
47 Message Authentication When RSUs Are Not AvailableWhen RSUs are not available vehicles can broadcast mes-sages and conduct private communications using the param-eters generated by the TA by executing the following steps
(1) Vehicle 119881119889uses the BDH signature method to autho-
rize a message signature The calculations are asfollows
(11) Vehicle 119881119889calculates 119908ID119894119881
119889119895
= 119867(119872ID119894119881119889119895
ID119894119881119889
119879119895) mod 119901
(12) Vehicle 119881119889calculates 119910ID119894119881
119889119895
= ℎID119894119881119889119895119908ID119894119881
119889119895
119890(119903ID119894119881119889119895sdot 119875 119875)
(13) Vehicle 119881119889broadcasts the message ⟨119872ID119894119881
119889119895
119861ID119894119881119889
119863ID119894119881119889
119890(119903ID119894119881119889119895
sdot 119875 119875) 119910ID119894119881119889119895119875 ID119894119881119889
119879119895 119890(119903ID119905TA 119895 sdot 119875 119875) 119910ID119905TA 119895119875⟩ to other vehicles
(2) Other vehicles first verify the ID of vehicle 119881119889 The
calculations are as follows
(21) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119894119881
119889
) ID119894119881119889
119879119897ID119894119881
119889
) mod 119901
(22) Calculate 1198611015840ID119905TA = 119890(119908ID119905TA 119895 sdot 119875 119910ID119905TA 119895 sdot 119875) +119890(119875 119903ID119905TA 119895 sdot 119875) = 119890(119875 119875)
ℎID119905TA
(23) Check if 119861ID119905TA
= 1198611015840ID119905TA If the equality issatisfied then the user is legal
(3) Other vehicles then verify the authenticity of themessage The calculations are as follows
(31) Calculate 119908ID119894119881119889119895
= 119867(119872ID119894119881119889119895
ID119894119881119889
119879119895) mod 119901
(32) Calculate 1198611015840ID119894119881119889
= 119890(119908ID119894119881119889119895
sdot 119875 119910ID119894119881119889119895
sdot 119875) +
119890(119903ID119894119881119889119895sdot 119875 119875) = 119890(119875 119875)
ℎID119905TA
(33) Check if 119861ID119894119881119889
= 1198611015840ID119894119881119889
Satisfaction of theequality is proof that vehicle 119881
119889sent the mes-
sage
Assuming that two vehicles within the transmission rangeof the same RSU want to communicate privately with eachother (Figure 1) vehicle 119881
119889and vehicle 119881
119890will calculate their
common key The calculation is as follows
SK119881119889minus119881119890
= 119890 (PRID119894119881119889
PUID119894119881119890)
= 119890 (PUID119894119881119889
ℎID119905TAPUID119894119881119890) = SK
119881119890minus119881119889
(15)
Subsequently vehicle 119881119889uses the common session key
(SK119881119889minus119881119890
) to encrypt the message and send the message tovehicle 119881
119890 When vehicle 119881
119890receives the encrypted message
it uses the common session key (SK119881119890minus119881119889
) to decrypt themessage and obtain the contents of the message
5 Security and Performance Analysis
This section gives a security analysis to demonstrate that themethod developed in this study can provide confidentialityauthentication nonrepudiation conditional anonymity andconditional untraceability A performance analysis is con-ducted by comparing the results of the present study withthose in [12ndash15]
51 Security Analysis The following subsections discuss thespecific aspects of the security analysis of the proposedmethod
(1) Confidentiality Assuming that the ID of every node isnot repeated as confidential communications are occurring
Mathematical Problems in Engineering 9
Table 4 The comparison of property
Property Method[12] [13] [14] [15] Proposed method
Security and privacy preservation YES YES YES YES YESDo need the certificate NO NO NO YES NODo need the help of RSU forauthentication NO NO NO NO NO
PKI-based system NO NO NO NO NOCommunication within different RSU YES YES YES YES YESPrivacy communicate NO NO NO NO YES
among vehicles within the range of a single RSU the propertyof IBC is used to establish the common session keys Thecommon session key of a vehicle is calculated based on thebilinear pairings map According to the elliptic curve discretelogarithm problem (ECDLP) the common session key of amalicious node 119887 and node 119886 is SK
119887-119886 It is difficult for node119887 to determine a secret value from SK
119887-119886 node brsquos privatekey (PR
119887) and node arsquos public key (PU
119886) Other vehicles are
unable to calculate the common session key from their ownprivate keys and the public keys of nodes 119886 and 119887 and thusthe security of confidential communications is ensured
(2) Authentication and Nonrepudiation As a vehicle registersand gains the trust of an RSU the RSU will broadcast thevehiclersquos 119866
2value to all vehicles within range and that
specific 1198662represents the vehicle itself The parameters
⟨119872ID119895 119861ID 119863ID 119910ID119895119875 ID 119879119895⟩ are broadcast as the vehicle is
broadcasting messages Other vehicles will calculate 119908ID119895 =119867(119872ID119895 ID 119879ID119895) mod 119901 upon receipt of the messagesand then calculate 1198611015840ID = 119890(119908ID0119875 119910ID119895119875) + 119890(119903ID0119875 119875) =
119890(119875 119875)ℎID Other vehicles are unable to calculate 119910ID119895 from119910ID119895119875 based on the ECDLP but 119903ID0 119910ID119895 and 119908ID119895 canbe calculated from the parameters 119861ID 119910ID119895119875 based onthe BDH method provided that the equality 119861ID = 1198611015840IDwhich is calculated from the messages of the vehicle issatisfiedTherefore the vehicle sending themessages achievesundeniability and the source of the messages is known
(3) Conditional Anonymity The true ID of a vehicle is knownonly to the TA An anonymous ID (ID
119894) is used when a
vehicle registers with the TA and this anonymous ID (ID119894)
is renewed every time the vehicle registers with the TA Avehicle will renegotiate a new anonymous ID (ID
119901) within
the range of every RSU Therefore it is difficult for anothervehicle to obtain the true ID of the vehicle by tracking ID
119894
from ID119901because the true IDs of the vehicles are known
only to the TA and the individual vehicles bearing those IDsEvery RSU knows the anonymous ID (ID
119894) of each vehicle
but each vehicle has a different ID (ID119901) for every RSU which
prevents malicious RSUs from tracking the current locationof the vehicle
(4) Conditional Untraceability When a vehicle is involvedin a criminal act an RSU is able to trace the anonymousID (ID
119894) from the vehiclersquos anonymous ID (ID
119901) The RSU
Table 5 Bilinear pairings execution time in milliseconds
Notations Descriptions Execution time (ms)119879119901
Pairing operation asymp45119879119898
Point multiplication asymp06119879119890
Field exponentiation asymp054
Table 6 RSAHMAC execution time in milliseconds
Notations Descriptions Execution time (ms)ASE RSA encryption 019ASD RSA decryption 465HMAC HMAC 0002SE AES encryption lt019SD AES decryption lt465
Table 7 The length of the parameters
Parameters Length (bit) Parameters Length (bit)1198661
160 AES 1281198662
160 Variable 32HMAC 160 Message (119872) 1024RSA 1024 Random number (119903) 128
transmits ID119894to the TA which in turn identifies the true ID
of the vehicle with the identity ID119894 Every vehicular parameter
will eventually expire therefore ensuring the validity of theanonymous ID of a vehicle
52 Performance Analysis The method developed in thisstudy was compared with those in [12ndash15] regarding perfor-mance execution time and data volume Table 4 comparesthe results of the present study and those of [12ndash15] showingthat the method developed in the present study is superior tothe other methods
To analyze efficiency the times required for a message tobe broadcast and verified in the present study and in [12ndash15] were calculated and the results are listed in Tables 5ndash7 Table 8 shows the results of the efficiency analysis Theexperimental results show that the method proposed in thispaper is superior to those in other literatures regardless ofcomputational complexity and packet length The networksecurity mechanisms proposed in literature [14] and thispaper are both based on the use of bilinear pairing so allthe packet lengths are within a reasonable range However in
10 Mathematical Problems in Engineering
Table 8 Performance analysis
Property Method[12] [13] [14] [15] Proposed method
The broadcast message
Signing5 lowast 119879119898+ 3 lowast 119879
119901
Verification4 lowast 119879119898+ 4 lowast 119879
119901
Signing1 lowast 119879119901
Verification3 lowast 119879119901
Signing5 lowast 119879119898
Verification6 lowast 119879119898+ 1 lowast 119879
119901
Signing2 lowast 119879119898
Verification2 lowast 119879119898
Signing119879119901+ 2 lowast 119879
119898
Verification119879119901+ 119879119898
Spending time 364ms 18ms 111ms 18ms 108msThe length of ciphertext 1112 bits 480 bits 480 bits (160 lowast 160) + 320 bits 480 bitsHandoff 3 lowast 119879
119901NA 4 lowast 119879
119898+ 2 lowast 119879
1199015 lowast 119879119898
2 lowast SE + 2 lowast SDSpending time 135ms NA 114ms 3ms lt968msThe length of ciphertext 480 bits NA 1280 bits 160 lowast 160 lowast 160 bits 2048 bits
Communication betweendifferent RSUs
Signing5 lowast 119879119898+ 3 lowast 119879
119901
Verification4 lowast 119879119898+ 4 lowast 119879
119901
Signing1 lowast 119879119901
Verification3 lowast 119879119901
Signing5 lowast 119879119898
Verification6 lowast 119879119898+ 1 lowast 119879
119901
Signing2 lowast 119879119898
Verification2 lowast 119879119898
Signing119879119901+ 2 lowast 119879
119898
Verification2 lowast 119879119901+ 2 lowast 119879
119898
Spending time 364ms 18ms 111ms 18ms 159msThe length of ciphertext 1112 bits 480 bits 480 bits (160 lowast 160) + 320 bits 960 bits
Privacy communicate NA NA NA NA
Signing119879119875+ SE
Verification119879119901+ SD
Spending time NA NA NA NA lt1384msThe length of ciphertext NA NA NA NA 1024 bits
computational complexity the proposed method is superiorto that of literature [14] In literature [15] there are networksecurity mechanisms based on chameleon hashing whichemploy exponential calculation The multiplication resultof three values will be huge Although the computationalcomplexity is not high the transfer of large amounts ofpackets will affect network bandwidth and also cause packetlosses in VANETs environment
6 Conclusion
VANETs improve transportation safety and efficiency If theinformation shared between vehicles is tampered with therewill be dire consequences such as vehicle collisions Thescheme proposed in this study ensures the security of theinformation shared between vehicles and is superior to otherschemes in terms of message verification and handoff Addi-tionally in terms of security the scheme in this study ensuresconditional untraceability conditional anonymity authenti-cation and nonrepudiation Future work will include supple-menting the scheme proposed in this study with revocationand trust mechanisms to corroborate the security scheme
Notations
Notations of the BDH
ℎ119894 The user 119894 chooses a random number ℎ
119894isin 119885lowast119902
as its secret value119861119894 The public value of user 119894 such that 119890(ℎ
119894119875 119875)
119910119894119895 The 119910
119894119895is the quotient
119903119894119895 The 119903
119894119895is the remainder
119908119894119895 119908119894119895
= 119867(119872119894119895
119879119895) mod 119901
Notation Used in This Paper
119890 Bilinear mapping1198661 Additive group
1198662 Multiplicative group
119875 Generator of 1198661
SE(sdot) A secure symmetric encryption algorithm119864IBC(sdot) ID-based encryption119863IBC(sdot) ID-based decryptPU119896 Public key of node 119896
PR119896 Private key of node 119896
119863119896 Data key of node 119896
ID119905119896 Real identity of node 119896
ID119894119896 Original pseudonym of node 119896
ID119901119896 Requested pseudonym of node 119896
ℎ119896 Secret value of node 119896
119862119894 Handoff secret value
119861119896 The public value of user 119896 such that 119890(ℎ
119894119875 119875)
SK119896-119895 The common session key between node 119896
and node 119895
119896119894-119895 The common secret key between node 119894 and
node 119895
119885lowast119902 119885lowast
119902is the finite field of mod 119902
119867(sdot) Hash function such that 0 1lowast rarr 119885lowast119902
1198671(sdot) Hash function such that 0 1lowast rarr 119866lowast
1
1198672(sdot) Hash function such that 119866lowast
2rarr 0 1lowast
Mathematical Problems in Engineering 11
119879119895 Time interval 119895
119879119897119894 Lifetime of the corresponding parameters
The message concatenation operation whichappends several messages together in aspecial format
Conflict of Interests
The authors declare that there is no conflict of interestsregarding the publication of this paper
Acknowledgments
This paper is the partial result of project MOST103-2632-E-366-001 and 103-2221-E-268-003 The authors would like tothank the supporting of Ministry of Science and TechnologyTaiwan
References
[1] IEEE ldquoDraft amendment for wireless access in vehicularenvironments (WAVE)rdquo IEEE P80211pD6 2009
[2] Dedicated Short Range Communication (DSRC) httpgrouperieeeorggroupsscc32dsrcindexhtml
[3] US Department of Transportation and National HighwayTraffic Safety Administration Vehicle Safety CommunicationsProject 2006
[4] C Xu F Zhao J Guan H Zhang and G M MunteanldquoQoE-driven user-centric vod services in urban multihomedP2P-based vehicular networksrdquo IEEE Transactions on VehicularTechnology vol 62 no 5 pp 2273ndash2289 2013
[5] GMarfiaM Roccetti A Amoroso andG Pau ldquoSafe driving inLA report from the greatest intervehicular accident detectiontest everrdquo IEEE Transactions on Vehicular Technology vol 62no 2 pp 522ndash535 2013
[6] R Lu X Lin Z Shi and X S Shen ldquoA lightweight conditionalprivacy-preservation protocol for vehicular traffic-monitoringsystemsrdquo IEEE Intelligent Systems vol 28 no 3 pp 62ndash65 2013
[7] IEEETrial-Use Standard ldquoIEEETrial-Use Standard forWirelessAccess in Vehicular Environments (WAVE) Networking Ser-vicesrdquo IEEE 1609 2006
[8] J-P Hubaux S Capkun and J Luo ldquoThe security and privacyof smart vehiclesrdquo IEEE Security and Privacy vol 2 no 3 pp49ndash55 2004
[9] G Kounga T Walter and S Lachmund ldquoProving reliabilityof anonymous information in VANETsrdquo IEEE Transactions onVehicular Technology vol 58 no 6 pp 2977ndash2989 2009
[10] A Wasef Y Jiang and X Shen ldquoDCS an efficient distributed-certificate-service scheme for vehicular networksrdquo IEEE Trans-actions onVehicular Technology vol 59 no 2 pp 533ndash549 2010
[11] J Sun C Zhang Y Zhang and Y Fang ldquoAn identity-basedsecurity system for user privacy in vehicular ad hoc networksrdquoIEEE Transactions on Parallel and Distributed Systems vol 21no 9 pp 1227ndash1239 2010
[12] R Lu X Lin X Liang and X Shen ldquoA dynamic privacy-preserving keymanagement scheme for location-based servicesin VANETsrdquo IEEE Transactions on Intelligent TransportationSystems vol 13 no 1 pp 127ndash139 2012
[13] S Biswas and J Misic ldquoA cross-layer approach to privacy-preserving authentication in WAVE-enabled VANETsrdquo IEEE
Transactions on Vehicular Technology vol 62 no 5 pp 2182ndash2192 2013
[14] L-Y Yeh and J-L Huang ldquoPBS a portable billing schemewith fine-grained access control for service-oriented vehicularnetworksrdquo IEEE Transactions on Mobile Computing vol 13 no11 pp 2606ndash2619 2014
[15] S Guo D Zeng and Y Xiang ldquoChameleon hashing forsecure and privacy-preserving vehicular communicationsrdquoIEEE Transactions on Parallel and Distributed Systems vol 25no 11 pp 2794ndash2803 2014
[16] T W Chim S M Yiu L C K Hui and V O K Li ldquoVSPNVANET-based secure and privacy-preserving navigationrdquo IEEETransactions on Computers vol 63 no 2 pp 510ndash524 2014
[17] D Boneh and M K Franklin ldquoIdentity-based encryption fromthe weil pairingrdquo in Advances in CryptologymdashCRYPTO 200121st Annual International CryptologyConference Santa BarbaraCalifornia USA August 19ndash23 2001 Proceedings vol 2139 ofLectureNotes in Computer Science pp 213ndash229 Springer BerlinGermany 2001
Submit your manuscripts athttpwwwhindawicom
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Mathematical Problems in Engineering
Hindawi Publishing Corporationhttpwwwhindawicom
Differential EquationsInternational Journal of
Volume 2014
Applied MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Probability and StatisticsHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Mathematical PhysicsAdvances in
Complex AnalysisJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
OptimizationJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
CombinatoricsHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
International Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Operations ResearchAdvances in
Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Function Spaces
Abstract and Applied AnalysisHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
International Journal of Mathematics and Mathematical Sciences
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
The Scientific World JournalHindawi Publishing Corporation httpwwwhindawicom Volume 2014
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Algebra
Discrete Dynamics in Nature and Society
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Decision SciencesAdvances in
Discrete MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom
Volume 2014 Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Stochastic AnalysisInternational Journal of
4 Mathematical Problems in Engineering
(2) Check whether 119890(119908119894119895
sdot 119875 119910119894119895
sdot 119875) + 119890(119875 119903119894119895
sdot 119875) =
119890(119875 119875)ℎ119894
= 119861119894
If the equality in step (2) is satisfied then this condition ver-ifies that the user 119894 sent the message During the verificationprocess other users receive only119910
119894119895sdot119875 119890(119875 119903
119894119895sdot119875)119908
119894119895and119861
119894
Based on elliptic curves and the discrete logarithm problem(ECDLP) ℎ
119894cannot be calculated without 119910
119894119895sdot 119875 and 119861
119894
Therefore message security is ensured Furthermore becauseℎ119894belongs to the user alone nonrepudiation of the message
is also ensured
4 Message Authentication Scheme
The scheme proposed in this study consists of five parts(1) system initialization and RSU registration (2) intra-RSUmessage authentication (3) inter-RSU message authentica-tion (4) handoff and (5) message authentication when RSUsare not available
41 System Model Figure 1 shows the system environmentused in this study We assume that the TA is a legal organiza-tion and is responsible for the security of the entire networkWhen there is an attack on the network infrastructure from amalicious node the TA will broadcast the true identity of thenode and take necessary actionWe further assume that RSUsare installed on streetlights or traffic signs on main roads andthere are no RSUs installed on minor roads Each vehicleis equipped with an OBU Communication between the TAand RSUs is via a wired network whereas communicationbetween OBUs and the TA is via an IEEE 80211p wirelessnetwork Notation used in this paper lists the notation usedin this study
42 System Initialization Given the bilinear parameters(119902 1198661 1198662 119890 119875) as defined in Section 31 the TA sets up the
system by executing the following steps
(1) The TA chooses ℎID119905TA isin 119885lowast
119902as its secret value
(2) The TA selects three hash functions 119867 0 1lowast rarr
119885lowast1199021198671 0 1lowast rarr 119866
1 and119867
2 1198662
rarr 0 1lowast(3) The TA calculates 119861ID119905TA = 119890(ℎID119905TA119875 119875) as its public
value(4) The TA sets119863ID119905TA = ℎID119905TA sdot 119875(5) The TA sets PUID119905TA = 119867
1(ID119905TA)
(6) The TA sets PRID119905TA = ℎID119905TA1198671(ID119905TA)
The TA broadcasts the parameters (ID119905TA 119861ID119905TA 119863ID119905TA
1198671198671 1198672) while (PR
119905TA ℎID119905TA) remain undisclosed Inaddition the TA sets the related parameters for each RSU byexecuting the following steps
(1) The node 119877119877chooses ℎID119905119877119877 isin 119885lowast
119902as its secret value
(2) It calculates 119861ID119905119877119877= 119890(ℎID119905119877119877
119875 119875) as its public value
(3) It sets119863ID119905119877119877= ℎID119905119877119877
sdot 119875
Vb
Va
R2R1
VcR3
Ve
Vd
R4
TA
Figure 1 System environment
(4) It sets PUID119905119877119877= 1198671(ID119905119877119877
)
The TA sets up the system by executing the followingsteps
(1) Set PRID119905119877119877= ℎID119905TA1198671(ID119905119877119877)
(2) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119905119877119877
) ID119905119877119877
119879119897ID119905119877119877
) mod 119901
(3) Calculate 119910ID119905TA 119895 = ℎID119905TA119908ID119905TA 119895 119890(119903ID119905TA 119895 sdot 119875 119875)
The RSU 119877119877broadcasts the parameters (ID
119905119877119877 119861ID119905119877119877
119863ID119905119877119877 119890(119903ID119905TA 119895 sdot119875 119875) 119910ID119905TA119875 119879119897ID119905119877119877
) and does not disclosethe parameters (ℎID119905119877119877
PRID119905119877119877) All nodes can verify the
legitimacy of the ID of the RSU by executing the followingsteps
(1) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119905119877119877
) ID119905119877119877
119879119897ID119905119877119877
) mod 119901
(2) Calculate 1198611015840ID119905TA = 119890(119908ID119905TA 119895 sdot 119875 119910ID119905TA 119895 sdot 119875) +
119890(119875 119903ID119905TA 119895 sdot 119875) = 119890(119875 119875)ℎID119905TA
(3) Check if 119861ID119905TA
= 1198611015840ID119905TA
TheTA generates the related parameters for the vehicle byexecuting the following steps
(1) The node 119881 chooses ℎID119894119881 isin 119885lowast119902as its secret value
(2) It calculates 119861ID119894119881 = 119890(ℎID119894119881119875 119875) as its public value(3) It sets119863ID119894119881 = ℎID119894119881 sdot 119875(4) It selects an anonymous identity ID
119894 and all users
can obtain its public key by computing PUID119894119881 =
1198671(ID119894119881
)
The TA sets up the system by executing the followingsteps
Mathematical Problems in Engineering 5
(1) Set PRID119894119881 = ℎID119905TA1198671(ID119894119881)
(2) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119894119881) ID
119894119881
119879119897ID119894119881) mod 119901
(3) Calculate 119910ID119905TA 119895 = ℎID119905TA119908ID119905TA 119895 119890(119903ID119894TA 119895 sdot 119875 119875)
Each vehicle broadcasts the parameters (ID119894119881
119861ID119894119881
119863ID119894119881 119890(119903ID119905TA 119895 sdot 119875 119875) 119910ID119905TA 119895119875 119879119897ID119894119881) and does not disclosethe parameters (ℎID119894119881 PRID119894119881) The TA records the parame-ters (ID
119905119881 ID119894119881
119861ID119894119881 119863ID119894119881 119879ID119894119881119895) for each vehicleEach vehicle or RSU can verify the legitimacy of the
vehicle ID by executing the following steps
(1) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119894119881) ID
119894119881
119879119897ID119894119881) mod 119901
(2) Calculate 1198611015840ID119905TA = 119890(119908ID119905TA 119895 sdot 119875 119910ID119905TA 119895 sdot 119875) +
119890(119875 119903ID119905TA 119895 sdot 119875) = 119890(119875 119875)ℎID119905TA
(3) Check if 119861ID119905TA
= 1198611015840ID119905TA If the equality is satisfiedthen the user is legal
43 Registration When a vehicle 119881119886is within the transmis-
sion range of RSU 1198771 the vehicle 119881
119886and 119877
1will send an ID
verification request to each other After successful verifica-tion RSU 119877
1will then generate the short-term parameters
for119881119886 Vehicle119881
119886can retain its anonymity and security using
the short-term parameters by executing the following steps
(1) Use the identity-based cryptography (IBC) techniqueto generatethe common session key for RSU 119877
1and
vehicle 119881119886 Vehicle 119881
119886uses its own private key and
the public key of RSU 1198771to generate the common
session key The public key of RSU 1198771is calculated
from the true ID of RSU1198771Therefore vehicle119881
119886does
not require the public key of RSU 1198771 The calculation
is as follows
SK119881119886minus1198771
= 119890 (PRID119894119881119886PUID1199051198771
)
= 119890 (PUID119894119881119886 ℎID119905TAPUID1199051198771
) = SK1198771minus119881119886
(4)
Because the TA generates the private keys for bothRSU 119877
1and vehicle 119881
119886 the common session keys
generated from RSU 1198771and vehicle 119881
119886are the same
Therefore RSU 1198771and vehicle 119881
119886can communicate
with each other privately(2) 119881119886generates the short-term parameters ID
119901119881119905 119861ID119901119881119905
and 119863ID119901119881119905
and uses symmetric encryption toencrypt the common session key (SK
119881119886minus1198771) as a
security key The encryption is supplemented bythe plain-text parameters (ID
119894119881119886 119861ID119894119881119886
119890(119903ID119905TA 119895 sdot
119875 119875) 119910ID119905TA 119895119875 119879119897ID119894119881119886) The calculation is as follows
119862 = SE (ID119901119881119905
119861ID119901119881119905 119863ID119901119881119905
119879119895)SK119881119886minus1198771
(5)
Vehicle 119881119886sends the message 119862 ID
119894119881119886 119861ID119894119881119886
119890(119903ID119905TA 119895 sdot 119875 119875) 119910ID119905TA 119895119875 119879119897ID119894119881119886
to 1198771
(3) When RSU 1198771receives the message 119877
1first verifies
whether the parameters of vehicle 119881119886are within the
valid limits through the following steps
(31) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119894119881119886
) ID119894119881119886
119879119897ID119894119881119886
) mod 119901
(32) Calculate 1198611015840ID119905TA = 119890(119908ID119905TA 119895 sdot 119875 119910ID119905TA 119895 sdot 119875) +
119890(119875 119903ID119905TA 119895 sdot 119875) = 119890(119875 119875)ℎID119905TA
(33) Check if 119861ID119905TA
= 1198611015840ID119905TA If the equality issatisfied then the user is legal
(4) To decrypt the encrypted message RSU 1198771first cal-
culates the common session key shared with vehicle119881119886 Then RSU 119877
1uses the common session key to
decrypt the message The calculation is as follows
SK1198771minus119881119886
= 119890 (PRID1199051198771PUID119894119881119886
)
= 119890 (PUID1199051198771 ℎID119905TAPUID119894119881119886
) = SK119881119886minus1198771
(6)
(5) RSU 1198771calculates the private key the common secret
key and the signature of 119881119886 The calculations are as
follows
(51) 1198771calculates PRID119901119881119886
as its private key(52) 119877
1chooses 119862ID119901119881119886
isin 119885lowast119902as its common secret
key(53) 119877
1calculates 119910ID1199051198771 119895 = ℎID1199051198771
119908ID1199051198771 119895 119890(119903ID1199051198771 119895 sdot
119875 119875) 119908ID1199051198772 119895= 119867(119867
2(119861ID119901119881119886
) ID119901119881119886
119879119897ID119901119881119886
) mod 119901
(6) RSU 1198771encrypts the parameters (PRID119901119881119886
119862ID119901119881119886)
using the common session key The calculation is asfollows
119862 = SE (PRID119901119881119886 119862ID119901119881119886
119879119895)SK1198771minus119881119886
(7)
RSU 1198771sends the message 119862 ID
119894119881119886 119890(119903ID1199051198771 119895
sdot
119875 119875) 119910ID1199051198771 119895119875 119879119897ID119901119881119886
to vehicle 119881119886
(7) When vehicle119881119886receives themessage the vehicle uses
the common session key to decrypt the message(8) 1198771
records (ID119894119881119886
ID119901119881119886
119861ID119901119881119886 119863ID119901119881119886
119862ID1199051198771 119895
119879119897ID119901119881119886
) and publishes (ID119901119881119886
119861ID119901119881119886 119863ID119901119881119886
119890(119903ID1199051198771 119895sdot 119875 119875) 119910ID1199051198771 119895
119875 119879119897ID119901119881119886
) to all vehicles in itsdomain
To improve the efficiency of the handoff process RSU 1198771
generates a common secret key for vehicle 119881119886and each RSU
RSU 1198771uses a one-way hash chain [13] to generate 119898 keys
6 Mathematical Problems in Engineering
Table 1 RID-key table
ID of RSUNew ID ofvehicle
(handoff)
ID of vehicle(RSU
generate)
ID of vehicle(TA generate)
Commonsecret key
Expire timeof commonsecret key
BDH value ofvehicle
Data key ofvehicle
Expire timeof key
1198771 ID1015840
119901119881119886ID119901119881119886
ID119894119881119886
119896ID119901119881119886 1198771119879119897ID1015840119901119881119886
119861ID119901119881119886119863ID119901119881119886
119879119897ID119901119881119886
119877119898 ID10158401015840
119901119881119886ID119901119881119886
ID119894119881119886
119896ID119901119881119886 119877119898119879119897ID10158401015840119901119881119886
non non non1198771 ID1015840
119901119881119887ID119901119881119887
ID119894119881119887
119896ID1199011198811198871198771
119879119897ID1015840119901119881119887
119861ID119901119881119887
119863ID119901119881119887
119879119897ID119901119881
119887
119877119898minus1 ID10158401015840
119901119881119887ID119901119881119887
ID119894119881119887
119896ID119901119881119887119877119898
119879119897ID10158401015840119901119881119887
non non non
119896ID119901119881119886 119877119898 119896ID119901119881119886 119877119898minus1
119896ID119901119881119886 1198771Themethod for generating
the keys is as follows
119865 (119862ID119901119881119886 PRID119901119881119886
) = 119896ID119901119881119886 119877119898
119865 (119896ID119901119881119886 119877119898 PRID119901119881119886
) = 119896ID119901119881119886 119877119898minus1
119865 (119896ID119901119881119886 1198772 PRID119901119881119886
) = 119896ID119901119881119886 1198771
(8)
RSU 1198771uses a one-way hash chain [13] to generate 119898
anonymous IDs ID1015840119901119881119886
ID10158401015840119901119881119886
ID101584010158401015840119901119881119886
The method forgenerating the IDs is as follows
119865 (ID119901119881119886
PRID119901119881119886) = ID1015840
119901119881119886
119865 (ID1015840119901119881119886
PRID119901119881119886) = ID10158401015840
119901119881119886
119865 (ID10158401015840119901119881119886
PRID119901119881119886) = ID101584010158401015840
119901119881119886
(9)
Each RSU has two tables an RID-key table and an SID-key table The RID-key table is used to store the relatedparameters generated by RSU (Table 1) RSU 119877
1uses the
common session key that it shares with each RSU to encryptthe common secret key that vehicle 119881
119886has with each RSU
and the anonymous ID RSU 1198771then sends the encrypted
message to other RSUs When another RSU receives theencrypted message that RSU first uses the common sessionkey that it shares with RSU 119877
1to decrypt the message
and then stores the parameters for vehicle 119881119886in the table
(Table 2) Because vehicle 119881119886has the related parameters
(PRID119901119881119886 ID119901119881119886
119862ID119901119881119886) it can generate a common secret key
shared with each RSU and an anonymous ID on its ownTheparameters are stored in the table (Table 3) The parametersfor vehicle 119881
119886do not permit any one RSU to obtain the
parameters that vehicle 119881119886shares with other RSUs Because
other RSUs cannot obtain the private key and the commonsecret key of vehicle 119881
119886 the security of vehicle 119881
119886is ensured
44 Intra-RSU Message Authentication Vehicle 119881119886broad-
castsmessages to other vehicleswithin the transmission rangeof an RSU The calculations are as follows
(1) Vehicle 119881119886uses the BDH method to authorize a
message signature The calculations are as follows
(11) Vehicle 119881119886calculates 119908ID119901119881119886 119895
= 119867(119872ID119901119881119886 119895
ID119901119881119886
119879119895) mod 119901
(12) Vehicle119881119886calculates 119910ID119901119881119886 119895 = ℎID119901119881119886 119895
119908ID119901119881119886 119895
119890(119903ID119901119881119886 119895sdot 119875 119875) ∘
(13) Vehicle 119881119886broadcasts the message ⟨119872ID119901119881119886 119895
119861ID119901119881119886 119863ID119901119881119886
119890(119903ID119901119881119886 119895sdot 119875 119875) 119910ID119901119881119886 119895
119875 ID119901119881119886
119879119895⟩ to other vehicles within range
(2) When other vehicles receive the message they canverify the authenticity of the message The calcula-tions are as follows
(21) Calculate 119908ID119901119881119886 119895= 119867(119872ID119901119881119886 119895
ID119901119881119886
119879119895) mod 119901 ∘
(22) Calculate 1198611015840ID119901119881119886= 119890(119908ID119901119881119886 119895
sdot 119875 119910ID119901119881119886 119895sdot 119875) +
119890(119903ID119901119881119886 119895sdot 119875 119875) = 119890(119875 119875)
ℎID119905TA
(23) Check if 119861ID119901119881119886
= 1198611015840ID119901119881119886 If the equality is
satisfied then vehicle 119881119886sent the message
Assuming that two vehicles within the transmission rangeof a given RSU want to send private messages to eachother (Figure 1) vehicle 119881
119886and vehicle 119881
119887will calculate their
common key The calculation is as follows
SK119881119886minus119881119887
= 119890 (PRID119901119881119886PUID119901119881
119887
)
= 119890 (PUID119901119881119886 ℎID119905119877119877
PUID119901119881119887
) = SK119881119887minus119881119886
(10)
Then vehicle 119881119886uses the common session key (SK
119881119886minus119881119887)
to first encrypt the message and then send it to vehicle 119881119886
When119881119887receives the encrypted message the vehicle uses the
common session key (SK119881119887minus119881119886
) to decrypt the message andthen obtain the contents of the messageThe benefits of usingIBC lie in the fact that the other vehiclersquos public key can beeasily calculated based on its ID and that the common sessionkey can be calculated based on the other vehiclersquos public key
Mathematical Problems in Engineering 7
Table 2 SID-key table
New ID ofvehicle(handoff)
Informed byRSU
Commonsecret key
Expire timeof commonsecret key
BDH value ofvehicle
Data key ofvehicle
Expire timeof key
ID1015840119901119881119905
1198777
119896ID119901119881119905 1198771119879119897ID1015840119901119881119905
non non non
ID10158401015840119901119881119905minus7
119877119898
119896ID119901119881119905minus7 1198771119879119897ID10158401015840119901119881119905minus7
non non nonID1015840119901119881119888
119877119898minus2
119896ID119901119881119888 1198771119879119897ID1015840119901119881119888
119861ID119901119881119888119863ID119901119881119888
119879119897ID119901119881119888
ID10158401015840119901119881119889
1198777
119896ID1199011198811198891198771
119879119897ID10158401015840119901119881119889
119861ID119901119881119889
119863ID119901119881119889
119879119897ID119901119881
119889
Table 3 SID issue table
ID of RSUNew ID ofvehicle
(handoff)
ID of vehicle(RSU generate)
ID of vehicle(TA generate)
Commonsecret key
Private key(RSU) Secret value Expire time
of key
1198771 ID1015840
119901119881119886ID119901119881119886
ID119894119881119886
119896ID119901119881119886 1198771PRID119901119881119886
ℎID119901119881119886119879119897ID119901119881119886
119877119898 ID10158401015840
119901119881119886ID119901119881119886
ID119894119881119886
119896ID119901119881119886 119877119898 non non non
and its own private key Conversely the other vehicle can alsocalculate the common session key because the secret value ofthe common session key is the same
45 Inter-RSU Message Authentication Assuming that vehi-cle 119881119886wants to broadcast a message within the transmission
ranges of several RSUs and uses the BDH signature toensure the security of the message vehicle 119881
119886will first send
the parameters ⟨119872ID119901119881119886 119895 119890(119903ID119901119881119886 119895
sdot 119875 119875) 119910ID119901119881119886 119895119875 119861ID119901119881119886
ID119901119881119886
119910ID1199051198771 119895sdot119875 119890(119903ID1199051198771 119895
sdot119875 119875) sdot119879119897ID119901119881119905
119879119895⟩ to nearby RSUs
and then the RSUs will relay the message to other vehiclesThen other vehicles will first verify the legitimacy of vehicle119881119886by calculating 119908ID1199051198771 119895
= 119867(1198672(119861ID119901119881119886
) ID119901119881119886
119879119897ID119901119881119886
) mod 119901 and then calculating 119890(119908ID1199051198771 119895119875 119910ID1199051198771 119895
119875) +
119890(119903ID1199051198771 119895119875 119875) = 1198611015840IDID1199051198771
If it is the case then it proves thatvehicle 119881
119886is the legitimate user of RSU 119877
1
Other vehicles will verify the authenticity of the mes-sage from vehicle 119881
119886by first calculating 119908ID119901119881119886 119895
=
119867(119872ID119901119881119886 119895 ID
119901119881119886 119879119895) mod 119901 and then calculating
119890(119908ID119901119881119886 119895119875 119910ID119901119881119886 119895
119875) + 119890(119903ID119901119881119886 119895119875 119875) = 1198611015840ID119901119881119886 119895
If it is thecase then the message was sent from vehicle 119881
119886
In private communications the secret private key valueof each vehicle is different because there are multiple RSUsTherefore an ID-based encryption method should be usedLet vehicle 119881
119886and vehicle 119881
119888calculate their common session
keys Assuming that vehicle 119881119886wants to privately commu-
nicate with vehicle 119881119888 which is within the transmission
range of a different RSU vehicle 119881119888will first encrypt the
message Vehicle 119881119886will then calculate the public key using
the anonymous ID of vehicle 119881119888 Upon obtaining the data
key for vehicle 119881119888 vehicle 119881
119886will encrypt the message using
the public key and the data key of vehicle 119881119888 The calculation
is as follows
119862 = 119864IBC (119903119872PUID119901119881119888 119863ID119901119881119888
)
= 119903 sdot 119875119872 oplus 1198672(119890 (PUID119901119881119888
119863ID119901119881119888)119903
)
119872 = 119890 (PRID119901119881119886PUID119901119881119888
)
(11)
Subsequently vehicle 119881119888uses the private key to decrypt
the message Equation (2) shows the decryption methodVehicle 119881
119888then uses ID-based encryption to generate an
encrypted message for vehicle 119881119886 The calculation is as
follows
119862 = 119864IBC (119903119872PUID119901119881119886 119863ID119901119881119886
)
= 119903 sdot 119875119872 oplus 1198672(119890 (PUID119901119881119886
119863ID119901119881119886)119903
)
119872 = 119890 (PRID119901119881119886PUID119901119881119888
) + 119890 (PRID119901119881119888PUID119901119881119886
)
(12)
Vehicle 119881119886uses the private key to decrypt the message
Equation (2) shows the decryption method When vehicle119881119886
receives thecommon session key that it shares with vehicle119881119888
119881119886can communicate with vehicle 119881
119888privately The common
session key is
SK119881119886minus119881119888
= 119890 (PRID119901119881119886PUID119901119881119888
) + 119890 (PRID119901119881119888PUID119901119881119886
)
= SK119881119888minus119881119886
(13)
8 Mathematical Problems in Engineering
46 Handoff Problem When vehicle 119881119886comes within the
transmission range of the next RSU (1198772) vehicle 119881
119886will first
inquire for the common secret key that it shares with RSU 1198772
in Table 3 and then initiate the handoff The calculation is asfollows
(1) Vehicle 119881119886
first generates short-term parameters119861ID119901119881119905
119863ID119901119881119905and uses the common secret key
(119896ID119901119881119886 1198772) to encrypt the parametersThen vehicle119881119886
sends the parameters and its anonymous ID to RSU1198772
(2) RSU 1198772inquires for the common secret key and the
time of validity that it shares with vehicle119881119886in Table 2
based on the anonymous ID of vehicle 119881119886 If the time
of validity has expired then vehicle 119881119886will reregister
with RSU (Section 42) If the time of validity has notexpired 119877
2will generate the short-term parameters
for vehicle 119881119886 The calculations are as follows
(21) 1198772calculates PRID119901119881119886
as its private key(22) 119877
2calculates119908ID1199051198772 119895
= 119867(1198672(119861ID119901119881119886
) ID119901119881119886
119879119897ID119901119881119886
) mod 119901(23) 119877
2calculates 119910ID1199051198772 119895 = ℎID1199051198772
119908ID1199051198772 119895 119890(119903ID1199051198772 119895 sdot
119875 119875)
(3) RSU 1198771uses the common secret key to encrypt the
parameters (PRID119901119881119886 119862ID119901119881119886
) The calculation is asfollows
119862 = SE (PRID119901119881119886 CID119901119881119886
119879119895)SK1198771minus119881119886
(14)
RSU 1198771sends the message 119862 ID
119894119881119886 119890(119903ID1199051198771 119895
sdot
119875 119875) 119910ID1199051198771 119895119875 119879119897ID119901119881119886
to vehicle 119881119886
(4) When vehicle119881119886receives themessage the vehicle uses
the common secret key to decrypt the message(5) 1198771
records (ID119894119881119886
ID119901119881119886
119861ID119901119881119886 119863ID119901119881119886
119862ID1199051198771 119895
119879119897ID119901119881119886
) and publishes (ID119901119881119886
119861ID119901119881119886 119863ID119901119881119886
119890(119903ID1199051198771 119895sdot 119875 119875) 119910ID1199051198771 119895
119875 119879119897ID119901119881119886
) to all vehicles in itsdomain
47 Message Authentication When RSUs Are Not AvailableWhen RSUs are not available vehicles can broadcast mes-sages and conduct private communications using the param-eters generated by the TA by executing the following steps
(1) Vehicle 119881119889uses the BDH signature method to autho-
rize a message signature The calculations are asfollows
(11) Vehicle 119881119889calculates 119908ID119894119881
119889119895
= 119867(119872ID119894119881119889119895
ID119894119881119889
119879119895) mod 119901
(12) Vehicle 119881119889calculates 119910ID119894119881
119889119895
= ℎID119894119881119889119895119908ID119894119881
119889119895
119890(119903ID119894119881119889119895sdot 119875 119875)
(13) Vehicle 119881119889broadcasts the message ⟨119872ID119894119881
119889119895
119861ID119894119881119889
119863ID119894119881119889
119890(119903ID119894119881119889119895
sdot 119875 119875) 119910ID119894119881119889119895119875 ID119894119881119889
119879119895 119890(119903ID119905TA 119895 sdot 119875 119875) 119910ID119905TA 119895119875⟩ to other vehicles
(2) Other vehicles first verify the ID of vehicle 119881119889 The
calculations are as follows
(21) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119894119881
119889
) ID119894119881119889
119879119897ID119894119881
119889
) mod 119901
(22) Calculate 1198611015840ID119905TA = 119890(119908ID119905TA 119895 sdot 119875 119910ID119905TA 119895 sdot 119875) +119890(119875 119903ID119905TA 119895 sdot 119875) = 119890(119875 119875)
ℎID119905TA
(23) Check if 119861ID119905TA
= 1198611015840ID119905TA If the equality issatisfied then the user is legal
(3) Other vehicles then verify the authenticity of themessage The calculations are as follows
(31) Calculate 119908ID119894119881119889119895
= 119867(119872ID119894119881119889119895
ID119894119881119889
119879119895) mod 119901
(32) Calculate 1198611015840ID119894119881119889
= 119890(119908ID119894119881119889119895
sdot 119875 119910ID119894119881119889119895
sdot 119875) +
119890(119903ID119894119881119889119895sdot 119875 119875) = 119890(119875 119875)
ℎID119905TA
(33) Check if 119861ID119894119881119889
= 1198611015840ID119894119881119889
Satisfaction of theequality is proof that vehicle 119881
119889sent the mes-
sage
Assuming that two vehicles within the transmission rangeof the same RSU want to communicate privately with eachother (Figure 1) vehicle 119881
119889and vehicle 119881
119890will calculate their
common key The calculation is as follows
SK119881119889minus119881119890
= 119890 (PRID119894119881119889
PUID119894119881119890)
= 119890 (PUID119894119881119889
ℎID119905TAPUID119894119881119890) = SK
119881119890minus119881119889
(15)
Subsequently vehicle 119881119889uses the common session key
(SK119881119889minus119881119890
) to encrypt the message and send the message tovehicle 119881
119890 When vehicle 119881
119890receives the encrypted message
it uses the common session key (SK119881119890minus119881119889
) to decrypt themessage and obtain the contents of the message
5 Security and Performance Analysis
This section gives a security analysis to demonstrate that themethod developed in this study can provide confidentialityauthentication nonrepudiation conditional anonymity andconditional untraceability A performance analysis is con-ducted by comparing the results of the present study withthose in [12ndash15]
51 Security Analysis The following subsections discuss thespecific aspects of the security analysis of the proposedmethod
(1) Confidentiality Assuming that the ID of every node isnot repeated as confidential communications are occurring
Mathematical Problems in Engineering 9
Table 4 The comparison of property
Property Method[12] [13] [14] [15] Proposed method
Security and privacy preservation YES YES YES YES YESDo need the certificate NO NO NO YES NODo need the help of RSU forauthentication NO NO NO NO NO
PKI-based system NO NO NO NO NOCommunication within different RSU YES YES YES YES YESPrivacy communicate NO NO NO NO YES
among vehicles within the range of a single RSU the propertyof IBC is used to establish the common session keys Thecommon session key of a vehicle is calculated based on thebilinear pairings map According to the elliptic curve discretelogarithm problem (ECDLP) the common session key of amalicious node 119887 and node 119886 is SK
119887-119886 It is difficult for node119887 to determine a secret value from SK
119887-119886 node brsquos privatekey (PR
119887) and node arsquos public key (PU
119886) Other vehicles are
unable to calculate the common session key from their ownprivate keys and the public keys of nodes 119886 and 119887 and thusthe security of confidential communications is ensured
(2) Authentication and Nonrepudiation As a vehicle registersand gains the trust of an RSU the RSU will broadcast thevehiclersquos 119866
2value to all vehicles within range and that
specific 1198662represents the vehicle itself The parameters
⟨119872ID119895 119861ID 119863ID 119910ID119895119875 ID 119879119895⟩ are broadcast as the vehicle is
broadcasting messages Other vehicles will calculate 119908ID119895 =119867(119872ID119895 ID 119879ID119895) mod 119901 upon receipt of the messagesand then calculate 1198611015840ID = 119890(119908ID0119875 119910ID119895119875) + 119890(119903ID0119875 119875) =
119890(119875 119875)ℎID Other vehicles are unable to calculate 119910ID119895 from119910ID119895119875 based on the ECDLP but 119903ID0 119910ID119895 and 119908ID119895 canbe calculated from the parameters 119861ID 119910ID119895119875 based onthe BDH method provided that the equality 119861ID = 1198611015840IDwhich is calculated from the messages of the vehicle issatisfiedTherefore the vehicle sending themessages achievesundeniability and the source of the messages is known
(3) Conditional Anonymity The true ID of a vehicle is knownonly to the TA An anonymous ID (ID
119894) is used when a
vehicle registers with the TA and this anonymous ID (ID119894)
is renewed every time the vehicle registers with the TA Avehicle will renegotiate a new anonymous ID (ID
119901) within
the range of every RSU Therefore it is difficult for anothervehicle to obtain the true ID of the vehicle by tracking ID
119894
from ID119901because the true IDs of the vehicles are known
only to the TA and the individual vehicles bearing those IDsEvery RSU knows the anonymous ID (ID
119894) of each vehicle
but each vehicle has a different ID (ID119901) for every RSU which
prevents malicious RSUs from tracking the current locationof the vehicle
(4) Conditional Untraceability When a vehicle is involvedin a criminal act an RSU is able to trace the anonymousID (ID
119894) from the vehiclersquos anonymous ID (ID
119901) The RSU
Table 5 Bilinear pairings execution time in milliseconds
Notations Descriptions Execution time (ms)119879119901
Pairing operation asymp45119879119898
Point multiplication asymp06119879119890
Field exponentiation asymp054
Table 6 RSAHMAC execution time in milliseconds
Notations Descriptions Execution time (ms)ASE RSA encryption 019ASD RSA decryption 465HMAC HMAC 0002SE AES encryption lt019SD AES decryption lt465
Table 7 The length of the parameters
Parameters Length (bit) Parameters Length (bit)1198661
160 AES 1281198662
160 Variable 32HMAC 160 Message (119872) 1024RSA 1024 Random number (119903) 128
transmits ID119894to the TA which in turn identifies the true ID
of the vehicle with the identity ID119894 Every vehicular parameter
will eventually expire therefore ensuring the validity of theanonymous ID of a vehicle
52 Performance Analysis The method developed in thisstudy was compared with those in [12ndash15] regarding perfor-mance execution time and data volume Table 4 comparesthe results of the present study and those of [12ndash15] showingthat the method developed in the present study is superior tothe other methods
To analyze efficiency the times required for a message tobe broadcast and verified in the present study and in [12ndash15] were calculated and the results are listed in Tables 5ndash7 Table 8 shows the results of the efficiency analysis Theexperimental results show that the method proposed in thispaper is superior to those in other literatures regardless ofcomputational complexity and packet length The networksecurity mechanisms proposed in literature [14] and thispaper are both based on the use of bilinear pairing so allthe packet lengths are within a reasonable range However in
10 Mathematical Problems in Engineering
Table 8 Performance analysis
Property Method[12] [13] [14] [15] Proposed method
The broadcast message
Signing5 lowast 119879119898+ 3 lowast 119879
119901
Verification4 lowast 119879119898+ 4 lowast 119879
119901
Signing1 lowast 119879119901
Verification3 lowast 119879119901
Signing5 lowast 119879119898
Verification6 lowast 119879119898+ 1 lowast 119879
119901
Signing2 lowast 119879119898
Verification2 lowast 119879119898
Signing119879119901+ 2 lowast 119879
119898
Verification119879119901+ 119879119898
Spending time 364ms 18ms 111ms 18ms 108msThe length of ciphertext 1112 bits 480 bits 480 bits (160 lowast 160) + 320 bits 480 bitsHandoff 3 lowast 119879
119901NA 4 lowast 119879
119898+ 2 lowast 119879
1199015 lowast 119879119898
2 lowast SE + 2 lowast SDSpending time 135ms NA 114ms 3ms lt968msThe length of ciphertext 480 bits NA 1280 bits 160 lowast 160 lowast 160 bits 2048 bits
Communication betweendifferent RSUs
Signing5 lowast 119879119898+ 3 lowast 119879
119901
Verification4 lowast 119879119898+ 4 lowast 119879
119901
Signing1 lowast 119879119901
Verification3 lowast 119879119901
Signing5 lowast 119879119898
Verification6 lowast 119879119898+ 1 lowast 119879
119901
Signing2 lowast 119879119898
Verification2 lowast 119879119898
Signing119879119901+ 2 lowast 119879
119898
Verification2 lowast 119879119901+ 2 lowast 119879
119898
Spending time 364ms 18ms 111ms 18ms 159msThe length of ciphertext 1112 bits 480 bits 480 bits (160 lowast 160) + 320 bits 960 bits
Privacy communicate NA NA NA NA
Signing119879119875+ SE
Verification119879119901+ SD
Spending time NA NA NA NA lt1384msThe length of ciphertext NA NA NA NA 1024 bits
computational complexity the proposed method is superiorto that of literature [14] In literature [15] there are networksecurity mechanisms based on chameleon hashing whichemploy exponential calculation The multiplication resultof three values will be huge Although the computationalcomplexity is not high the transfer of large amounts ofpackets will affect network bandwidth and also cause packetlosses in VANETs environment
6 Conclusion
VANETs improve transportation safety and efficiency If theinformation shared between vehicles is tampered with therewill be dire consequences such as vehicle collisions Thescheme proposed in this study ensures the security of theinformation shared between vehicles and is superior to otherschemes in terms of message verification and handoff Addi-tionally in terms of security the scheme in this study ensuresconditional untraceability conditional anonymity authenti-cation and nonrepudiation Future work will include supple-menting the scheme proposed in this study with revocationand trust mechanisms to corroborate the security scheme
Notations
Notations of the BDH
ℎ119894 The user 119894 chooses a random number ℎ
119894isin 119885lowast119902
as its secret value119861119894 The public value of user 119894 such that 119890(ℎ
119894119875 119875)
119910119894119895 The 119910
119894119895is the quotient
119903119894119895 The 119903
119894119895is the remainder
119908119894119895 119908119894119895
= 119867(119872119894119895
119879119895) mod 119901
Notation Used in This Paper
119890 Bilinear mapping1198661 Additive group
1198662 Multiplicative group
119875 Generator of 1198661
SE(sdot) A secure symmetric encryption algorithm119864IBC(sdot) ID-based encryption119863IBC(sdot) ID-based decryptPU119896 Public key of node 119896
PR119896 Private key of node 119896
119863119896 Data key of node 119896
ID119905119896 Real identity of node 119896
ID119894119896 Original pseudonym of node 119896
ID119901119896 Requested pseudonym of node 119896
ℎ119896 Secret value of node 119896
119862119894 Handoff secret value
119861119896 The public value of user 119896 such that 119890(ℎ
119894119875 119875)
SK119896-119895 The common session key between node 119896
and node 119895
119896119894-119895 The common secret key between node 119894 and
node 119895
119885lowast119902 119885lowast
119902is the finite field of mod 119902
119867(sdot) Hash function such that 0 1lowast rarr 119885lowast119902
1198671(sdot) Hash function such that 0 1lowast rarr 119866lowast
1
1198672(sdot) Hash function such that 119866lowast
2rarr 0 1lowast
Mathematical Problems in Engineering 11
119879119895 Time interval 119895
119879119897119894 Lifetime of the corresponding parameters
The message concatenation operation whichappends several messages together in aspecial format
Conflict of Interests
The authors declare that there is no conflict of interestsregarding the publication of this paper
Acknowledgments
This paper is the partial result of project MOST103-2632-E-366-001 and 103-2221-E-268-003 The authors would like tothank the supporting of Ministry of Science and TechnologyTaiwan
References
[1] IEEE ldquoDraft amendment for wireless access in vehicularenvironments (WAVE)rdquo IEEE P80211pD6 2009
[2] Dedicated Short Range Communication (DSRC) httpgrouperieeeorggroupsscc32dsrcindexhtml
[3] US Department of Transportation and National HighwayTraffic Safety Administration Vehicle Safety CommunicationsProject 2006
[4] C Xu F Zhao J Guan H Zhang and G M MunteanldquoQoE-driven user-centric vod services in urban multihomedP2P-based vehicular networksrdquo IEEE Transactions on VehicularTechnology vol 62 no 5 pp 2273ndash2289 2013
[5] GMarfiaM Roccetti A Amoroso andG Pau ldquoSafe driving inLA report from the greatest intervehicular accident detectiontest everrdquo IEEE Transactions on Vehicular Technology vol 62no 2 pp 522ndash535 2013
[6] R Lu X Lin Z Shi and X S Shen ldquoA lightweight conditionalprivacy-preservation protocol for vehicular traffic-monitoringsystemsrdquo IEEE Intelligent Systems vol 28 no 3 pp 62ndash65 2013
[7] IEEETrial-Use Standard ldquoIEEETrial-Use Standard forWirelessAccess in Vehicular Environments (WAVE) Networking Ser-vicesrdquo IEEE 1609 2006
[8] J-P Hubaux S Capkun and J Luo ldquoThe security and privacyof smart vehiclesrdquo IEEE Security and Privacy vol 2 no 3 pp49ndash55 2004
[9] G Kounga T Walter and S Lachmund ldquoProving reliabilityof anonymous information in VANETsrdquo IEEE Transactions onVehicular Technology vol 58 no 6 pp 2977ndash2989 2009
[10] A Wasef Y Jiang and X Shen ldquoDCS an efficient distributed-certificate-service scheme for vehicular networksrdquo IEEE Trans-actions onVehicular Technology vol 59 no 2 pp 533ndash549 2010
[11] J Sun C Zhang Y Zhang and Y Fang ldquoAn identity-basedsecurity system for user privacy in vehicular ad hoc networksrdquoIEEE Transactions on Parallel and Distributed Systems vol 21no 9 pp 1227ndash1239 2010
[12] R Lu X Lin X Liang and X Shen ldquoA dynamic privacy-preserving keymanagement scheme for location-based servicesin VANETsrdquo IEEE Transactions on Intelligent TransportationSystems vol 13 no 1 pp 127ndash139 2012
[13] S Biswas and J Misic ldquoA cross-layer approach to privacy-preserving authentication in WAVE-enabled VANETsrdquo IEEE
Transactions on Vehicular Technology vol 62 no 5 pp 2182ndash2192 2013
[14] L-Y Yeh and J-L Huang ldquoPBS a portable billing schemewith fine-grained access control for service-oriented vehicularnetworksrdquo IEEE Transactions on Mobile Computing vol 13 no11 pp 2606ndash2619 2014
[15] S Guo D Zeng and Y Xiang ldquoChameleon hashing forsecure and privacy-preserving vehicular communicationsrdquoIEEE Transactions on Parallel and Distributed Systems vol 25no 11 pp 2794ndash2803 2014
[16] T W Chim S M Yiu L C K Hui and V O K Li ldquoVSPNVANET-based secure and privacy-preserving navigationrdquo IEEETransactions on Computers vol 63 no 2 pp 510ndash524 2014
[17] D Boneh and M K Franklin ldquoIdentity-based encryption fromthe weil pairingrdquo in Advances in CryptologymdashCRYPTO 200121st Annual International CryptologyConference Santa BarbaraCalifornia USA August 19ndash23 2001 Proceedings vol 2139 ofLectureNotes in Computer Science pp 213ndash229 Springer BerlinGermany 2001
Submit your manuscripts athttpwwwhindawicom
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Mathematical Problems in Engineering
Hindawi Publishing Corporationhttpwwwhindawicom
Differential EquationsInternational Journal of
Volume 2014
Applied MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Probability and StatisticsHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Mathematical PhysicsAdvances in
Complex AnalysisJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
OptimizationJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
CombinatoricsHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
International Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Operations ResearchAdvances in
Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Function Spaces
Abstract and Applied AnalysisHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
International Journal of Mathematics and Mathematical Sciences
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
The Scientific World JournalHindawi Publishing Corporation httpwwwhindawicom Volume 2014
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Algebra
Discrete Dynamics in Nature and Society
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Decision SciencesAdvances in
Discrete MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom
Volume 2014 Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Stochastic AnalysisInternational Journal of
Mathematical Problems in Engineering 5
(1) Set PRID119894119881 = ℎID119905TA1198671(ID119894119881)
(2) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119894119881) ID
119894119881
119879119897ID119894119881) mod 119901
(3) Calculate 119910ID119905TA 119895 = ℎID119905TA119908ID119905TA 119895 119890(119903ID119894TA 119895 sdot 119875 119875)
Each vehicle broadcasts the parameters (ID119894119881
119861ID119894119881
119863ID119894119881 119890(119903ID119905TA 119895 sdot 119875 119875) 119910ID119905TA 119895119875 119879119897ID119894119881) and does not disclosethe parameters (ℎID119894119881 PRID119894119881) The TA records the parame-ters (ID
119905119881 ID119894119881
119861ID119894119881 119863ID119894119881 119879ID119894119881119895) for each vehicleEach vehicle or RSU can verify the legitimacy of the
vehicle ID by executing the following steps
(1) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119894119881) ID
119894119881
119879119897ID119894119881) mod 119901
(2) Calculate 1198611015840ID119905TA = 119890(119908ID119905TA 119895 sdot 119875 119910ID119905TA 119895 sdot 119875) +
119890(119875 119903ID119905TA 119895 sdot 119875) = 119890(119875 119875)ℎID119905TA
(3) Check if 119861ID119905TA
= 1198611015840ID119905TA If the equality is satisfiedthen the user is legal
43 Registration When a vehicle 119881119886is within the transmis-
sion range of RSU 1198771 the vehicle 119881
119886and 119877
1will send an ID
verification request to each other After successful verifica-tion RSU 119877
1will then generate the short-term parameters
for119881119886 Vehicle119881
119886can retain its anonymity and security using
the short-term parameters by executing the following steps
(1) Use the identity-based cryptography (IBC) techniqueto generatethe common session key for RSU 119877
1and
vehicle 119881119886 Vehicle 119881
119886uses its own private key and
the public key of RSU 1198771to generate the common
session key The public key of RSU 1198771is calculated
from the true ID of RSU1198771Therefore vehicle119881
119886does
not require the public key of RSU 1198771 The calculation
is as follows
SK119881119886minus1198771
= 119890 (PRID119894119881119886PUID1199051198771
)
= 119890 (PUID119894119881119886 ℎID119905TAPUID1199051198771
) = SK1198771minus119881119886
(4)
Because the TA generates the private keys for bothRSU 119877
1and vehicle 119881
119886 the common session keys
generated from RSU 1198771and vehicle 119881
119886are the same
Therefore RSU 1198771and vehicle 119881
119886can communicate
with each other privately(2) 119881119886generates the short-term parameters ID
119901119881119905 119861ID119901119881119905
and 119863ID119901119881119905
and uses symmetric encryption toencrypt the common session key (SK
119881119886minus1198771) as a
security key The encryption is supplemented bythe plain-text parameters (ID
119894119881119886 119861ID119894119881119886
119890(119903ID119905TA 119895 sdot
119875 119875) 119910ID119905TA 119895119875 119879119897ID119894119881119886) The calculation is as follows
119862 = SE (ID119901119881119905
119861ID119901119881119905 119863ID119901119881119905
119879119895)SK119881119886minus1198771
(5)
Vehicle 119881119886sends the message 119862 ID
119894119881119886 119861ID119894119881119886
119890(119903ID119905TA 119895 sdot 119875 119875) 119910ID119905TA 119895119875 119879119897ID119894119881119886
to 1198771
(3) When RSU 1198771receives the message 119877
1first verifies
whether the parameters of vehicle 119881119886are within the
valid limits through the following steps
(31) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119894119881119886
) ID119894119881119886
119879119897ID119894119881119886
) mod 119901
(32) Calculate 1198611015840ID119905TA = 119890(119908ID119905TA 119895 sdot 119875 119910ID119905TA 119895 sdot 119875) +
119890(119875 119903ID119905TA 119895 sdot 119875) = 119890(119875 119875)ℎID119905TA
(33) Check if 119861ID119905TA
= 1198611015840ID119905TA If the equality issatisfied then the user is legal
(4) To decrypt the encrypted message RSU 1198771first cal-
culates the common session key shared with vehicle119881119886 Then RSU 119877
1uses the common session key to
decrypt the message The calculation is as follows
SK1198771minus119881119886
= 119890 (PRID1199051198771PUID119894119881119886
)
= 119890 (PUID1199051198771 ℎID119905TAPUID119894119881119886
) = SK119881119886minus1198771
(6)
(5) RSU 1198771calculates the private key the common secret
key and the signature of 119881119886 The calculations are as
follows
(51) 1198771calculates PRID119901119881119886
as its private key(52) 119877
1chooses 119862ID119901119881119886
isin 119885lowast119902as its common secret
key(53) 119877
1calculates 119910ID1199051198771 119895 = ℎID1199051198771
119908ID1199051198771 119895 119890(119903ID1199051198771 119895 sdot
119875 119875) 119908ID1199051198772 119895= 119867(119867
2(119861ID119901119881119886
) ID119901119881119886
119879119897ID119901119881119886
) mod 119901
(6) RSU 1198771encrypts the parameters (PRID119901119881119886
119862ID119901119881119886)
using the common session key The calculation is asfollows
119862 = SE (PRID119901119881119886 119862ID119901119881119886
119879119895)SK1198771minus119881119886
(7)
RSU 1198771sends the message 119862 ID
119894119881119886 119890(119903ID1199051198771 119895
sdot
119875 119875) 119910ID1199051198771 119895119875 119879119897ID119901119881119886
to vehicle 119881119886
(7) When vehicle119881119886receives themessage the vehicle uses
the common session key to decrypt the message(8) 1198771
records (ID119894119881119886
ID119901119881119886
119861ID119901119881119886 119863ID119901119881119886
119862ID1199051198771 119895
119879119897ID119901119881119886
) and publishes (ID119901119881119886
119861ID119901119881119886 119863ID119901119881119886
119890(119903ID1199051198771 119895sdot 119875 119875) 119910ID1199051198771 119895
119875 119879119897ID119901119881119886
) to all vehicles in itsdomain
To improve the efficiency of the handoff process RSU 1198771
generates a common secret key for vehicle 119881119886and each RSU
RSU 1198771uses a one-way hash chain [13] to generate 119898 keys
6 Mathematical Problems in Engineering
Table 1 RID-key table
ID of RSUNew ID ofvehicle
(handoff)
ID of vehicle(RSU
generate)
ID of vehicle(TA generate)
Commonsecret key
Expire timeof commonsecret key
BDH value ofvehicle
Data key ofvehicle
Expire timeof key
1198771 ID1015840
119901119881119886ID119901119881119886
ID119894119881119886
119896ID119901119881119886 1198771119879119897ID1015840119901119881119886
119861ID119901119881119886119863ID119901119881119886
119879119897ID119901119881119886
119877119898 ID10158401015840
119901119881119886ID119901119881119886
ID119894119881119886
119896ID119901119881119886 119877119898119879119897ID10158401015840119901119881119886
non non non1198771 ID1015840
119901119881119887ID119901119881119887
ID119894119881119887
119896ID1199011198811198871198771
119879119897ID1015840119901119881119887
119861ID119901119881119887
119863ID119901119881119887
119879119897ID119901119881
119887
119877119898minus1 ID10158401015840
119901119881119887ID119901119881119887
ID119894119881119887
119896ID119901119881119887119877119898
119879119897ID10158401015840119901119881119887
non non non
119896ID119901119881119886 119877119898 119896ID119901119881119886 119877119898minus1
119896ID119901119881119886 1198771Themethod for generating
the keys is as follows
119865 (119862ID119901119881119886 PRID119901119881119886
) = 119896ID119901119881119886 119877119898
119865 (119896ID119901119881119886 119877119898 PRID119901119881119886
) = 119896ID119901119881119886 119877119898minus1
119865 (119896ID119901119881119886 1198772 PRID119901119881119886
) = 119896ID119901119881119886 1198771
(8)
RSU 1198771uses a one-way hash chain [13] to generate 119898
anonymous IDs ID1015840119901119881119886
ID10158401015840119901119881119886
ID101584010158401015840119901119881119886
The method forgenerating the IDs is as follows
119865 (ID119901119881119886
PRID119901119881119886) = ID1015840
119901119881119886
119865 (ID1015840119901119881119886
PRID119901119881119886) = ID10158401015840
119901119881119886
119865 (ID10158401015840119901119881119886
PRID119901119881119886) = ID101584010158401015840
119901119881119886
(9)
Each RSU has two tables an RID-key table and an SID-key table The RID-key table is used to store the relatedparameters generated by RSU (Table 1) RSU 119877
1uses the
common session key that it shares with each RSU to encryptthe common secret key that vehicle 119881
119886has with each RSU
and the anonymous ID RSU 1198771then sends the encrypted
message to other RSUs When another RSU receives theencrypted message that RSU first uses the common sessionkey that it shares with RSU 119877
1to decrypt the message
and then stores the parameters for vehicle 119881119886in the table
(Table 2) Because vehicle 119881119886has the related parameters
(PRID119901119881119886 ID119901119881119886
119862ID119901119881119886) it can generate a common secret key
shared with each RSU and an anonymous ID on its ownTheparameters are stored in the table (Table 3) The parametersfor vehicle 119881
119886do not permit any one RSU to obtain the
parameters that vehicle 119881119886shares with other RSUs Because
other RSUs cannot obtain the private key and the commonsecret key of vehicle 119881
119886 the security of vehicle 119881
119886is ensured
44 Intra-RSU Message Authentication Vehicle 119881119886broad-
castsmessages to other vehicleswithin the transmission rangeof an RSU The calculations are as follows
(1) Vehicle 119881119886uses the BDH method to authorize a
message signature The calculations are as follows
(11) Vehicle 119881119886calculates 119908ID119901119881119886 119895
= 119867(119872ID119901119881119886 119895
ID119901119881119886
119879119895) mod 119901
(12) Vehicle119881119886calculates 119910ID119901119881119886 119895 = ℎID119901119881119886 119895
119908ID119901119881119886 119895
119890(119903ID119901119881119886 119895sdot 119875 119875) ∘
(13) Vehicle 119881119886broadcasts the message ⟨119872ID119901119881119886 119895
119861ID119901119881119886 119863ID119901119881119886
119890(119903ID119901119881119886 119895sdot 119875 119875) 119910ID119901119881119886 119895
119875 ID119901119881119886
119879119895⟩ to other vehicles within range
(2) When other vehicles receive the message they canverify the authenticity of the message The calcula-tions are as follows
(21) Calculate 119908ID119901119881119886 119895= 119867(119872ID119901119881119886 119895
ID119901119881119886
119879119895) mod 119901 ∘
(22) Calculate 1198611015840ID119901119881119886= 119890(119908ID119901119881119886 119895
sdot 119875 119910ID119901119881119886 119895sdot 119875) +
119890(119903ID119901119881119886 119895sdot 119875 119875) = 119890(119875 119875)
ℎID119905TA
(23) Check if 119861ID119901119881119886
= 1198611015840ID119901119881119886 If the equality is
satisfied then vehicle 119881119886sent the message
Assuming that two vehicles within the transmission rangeof a given RSU want to send private messages to eachother (Figure 1) vehicle 119881
119886and vehicle 119881
119887will calculate their
common key The calculation is as follows
SK119881119886minus119881119887
= 119890 (PRID119901119881119886PUID119901119881
119887
)
= 119890 (PUID119901119881119886 ℎID119905119877119877
PUID119901119881119887
) = SK119881119887minus119881119886
(10)
Then vehicle 119881119886uses the common session key (SK
119881119886minus119881119887)
to first encrypt the message and then send it to vehicle 119881119886
When119881119887receives the encrypted message the vehicle uses the
common session key (SK119881119887minus119881119886
) to decrypt the message andthen obtain the contents of the messageThe benefits of usingIBC lie in the fact that the other vehiclersquos public key can beeasily calculated based on its ID and that the common sessionkey can be calculated based on the other vehiclersquos public key
Mathematical Problems in Engineering 7
Table 2 SID-key table
New ID ofvehicle(handoff)
Informed byRSU
Commonsecret key
Expire timeof commonsecret key
BDH value ofvehicle
Data key ofvehicle
Expire timeof key
ID1015840119901119881119905
1198777
119896ID119901119881119905 1198771119879119897ID1015840119901119881119905
non non non
ID10158401015840119901119881119905minus7
119877119898
119896ID119901119881119905minus7 1198771119879119897ID10158401015840119901119881119905minus7
non non nonID1015840119901119881119888
119877119898minus2
119896ID119901119881119888 1198771119879119897ID1015840119901119881119888
119861ID119901119881119888119863ID119901119881119888
119879119897ID119901119881119888
ID10158401015840119901119881119889
1198777
119896ID1199011198811198891198771
119879119897ID10158401015840119901119881119889
119861ID119901119881119889
119863ID119901119881119889
119879119897ID119901119881
119889
Table 3 SID issue table
ID of RSUNew ID ofvehicle
(handoff)
ID of vehicle(RSU generate)
ID of vehicle(TA generate)
Commonsecret key
Private key(RSU) Secret value Expire time
of key
1198771 ID1015840
119901119881119886ID119901119881119886
ID119894119881119886
119896ID119901119881119886 1198771PRID119901119881119886
ℎID119901119881119886119879119897ID119901119881119886
119877119898 ID10158401015840
119901119881119886ID119901119881119886
ID119894119881119886
119896ID119901119881119886 119877119898 non non non
and its own private key Conversely the other vehicle can alsocalculate the common session key because the secret value ofthe common session key is the same
45 Inter-RSU Message Authentication Assuming that vehi-cle 119881119886wants to broadcast a message within the transmission
ranges of several RSUs and uses the BDH signature toensure the security of the message vehicle 119881
119886will first send
the parameters ⟨119872ID119901119881119886 119895 119890(119903ID119901119881119886 119895
sdot 119875 119875) 119910ID119901119881119886 119895119875 119861ID119901119881119886
ID119901119881119886
119910ID1199051198771 119895sdot119875 119890(119903ID1199051198771 119895
sdot119875 119875) sdot119879119897ID119901119881119905
119879119895⟩ to nearby RSUs
and then the RSUs will relay the message to other vehiclesThen other vehicles will first verify the legitimacy of vehicle119881119886by calculating 119908ID1199051198771 119895
= 119867(1198672(119861ID119901119881119886
) ID119901119881119886
119879119897ID119901119881119886
) mod 119901 and then calculating 119890(119908ID1199051198771 119895119875 119910ID1199051198771 119895
119875) +
119890(119903ID1199051198771 119895119875 119875) = 1198611015840IDID1199051198771
If it is the case then it proves thatvehicle 119881
119886is the legitimate user of RSU 119877
1
Other vehicles will verify the authenticity of the mes-sage from vehicle 119881
119886by first calculating 119908ID119901119881119886 119895
=
119867(119872ID119901119881119886 119895 ID
119901119881119886 119879119895) mod 119901 and then calculating
119890(119908ID119901119881119886 119895119875 119910ID119901119881119886 119895
119875) + 119890(119903ID119901119881119886 119895119875 119875) = 1198611015840ID119901119881119886 119895
If it is thecase then the message was sent from vehicle 119881
119886
In private communications the secret private key valueof each vehicle is different because there are multiple RSUsTherefore an ID-based encryption method should be usedLet vehicle 119881
119886and vehicle 119881
119888calculate their common session
keys Assuming that vehicle 119881119886wants to privately commu-
nicate with vehicle 119881119888 which is within the transmission
range of a different RSU vehicle 119881119888will first encrypt the
message Vehicle 119881119886will then calculate the public key using
the anonymous ID of vehicle 119881119888 Upon obtaining the data
key for vehicle 119881119888 vehicle 119881
119886will encrypt the message using
the public key and the data key of vehicle 119881119888 The calculation
is as follows
119862 = 119864IBC (119903119872PUID119901119881119888 119863ID119901119881119888
)
= 119903 sdot 119875119872 oplus 1198672(119890 (PUID119901119881119888
119863ID119901119881119888)119903
)
119872 = 119890 (PRID119901119881119886PUID119901119881119888
)
(11)
Subsequently vehicle 119881119888uses the private key to decrypt
the message Equation (2) shows the decryption methodVehicle 119881
119888then uses ID-based encryption to generate an
encrypted message for vehicle 119881119886 The calculation is as
follows
119862 = 119864IBC (119903119872PUID119901119881119886 119863ID119901119881119886
)
= 119903 sdot 119875119872 oplus 1198672(119890 (PUID119901119881119886
119863ID119901119881119886)119903
)
119872 = 119890 (PRID119901119881119886PUID119901119881119888
) + 119890 (PRID119901119881119888PUID119901119881119886
)
(12)
Vehicle 119881119886uses the private key to decrypt the message
Equation (2) shows the decryption method When vehicle119881119886
receives thecommon session key that it shares with vehicle119881119888
119881119886can communicate with vehicle 119881
119888privately The common
session key is
SK119881119886minus119881119888
= 119890 (PRID119901119881119886PUID119901119881119888
) + 119890 (PRID119901119881119888PUID119901119881119886
)
= SK119881119888minus119881119886
(13)
8 Mathematical Problems in Engineering
46 Handoff Problem When vehicle 119881119886comes within the
transmission range of the next RSU (1198772) vehicle 119881
119886will first
inquire for the common secret key that it shares with RSU 1198772
in Table 3 and then initiate the handoff The calculation is asfollows
(1) Vehicle 119881119886
first generates short-term parameters119861ID119901119881119905
119863ID119901119881119905and uses the common secret key
(119896ID119901119881119886 1198772) to encrypt the parametersThen vehicle119881119886
sends the parameters and its anonymous ID to RSU1198772
(2) RSU 1198772inquires for the common secret key and the
time of validity that it shares with vehicle119881119886in Table 2
based on the anonymous ID of vehicle 119881119886 If the time
of validity has expired then vehicle 119881119886will reregister
with RSU (Section 42) If the time of validity has notexpired 119877
2will generate the short-term parameters
for vehicle 119881119886 The calculations are as follows
(21) 1198772calculates PRID119901119881119886
as its private key(22) 119877
2calculates119908ID1199051198772 119895
= 119867(1198672(119861ID119901119881119886
) ID119901119881119886
119879119897ID119901119881119886
) mod 119901(23) 119877
2calculates 119910ID1199051198772 119895 = ℎID1199051198772
119908ID1199051198772 119895 119890(119903ID1199051198772 119895 sdot
119875 119875)
(3) RSU 1198771uses the common secret key to encrypt the
parameters (PRID119901119881119886 119862ID119901119881119886
) The calculation is asfollows
119862 = SE (PRID119901119881119886 CID119901119881119886
119879119895)SK1198771minus119881119886
(14)
RSU 1198771sends the message 119862 ID
119894119881119886 119890(119903ID1199051198771 119895
sdot
119875 119875) 119910ID1199051198771 119895119875 119879119897ID119901119881119886
to vehicle 119881119886
(4) When vehicle119881119886receives themessage the vehicle uses
the common secret key to decrypt the message(5) 1198771
records (ID119894119881119886
ID119901119881119886
119861ID119901119881119886 119863ID119901119881119886
119862ID1199051198771 119895
119879119897ID119901119881119886
) and publishes (ID119901119881119886
119861ID119901119881119886 119863ID119901119881119886
119890(119903ID1199051198771 119895sdot 119875 119875) 119910ID1199051198771 119895
119875 119879119897ID119901119881119886
) to all vehicles in itsdomain
47 Message Authentication When RSUs Are Not AvailableWhen RSUs are not available vehicles can broadcast mes-sages and conduct private communications using the param-eters generated by the TA by executing the following steps
(1) Vehicle 119881119889uses the BDH signature method to autho-
rize a message signature The calculations are asfollows
(11) Vehicle 119881119889calculates 119908ID119894119881
119889119895
= 119867(119872ID119894119881119889119895
ID119894119881119889
119879119895) mod 119901
(12) Vehicle 119881119889calculates 119910ID119894119881
119889119895
= ℎID119894119881119889119895119908ID119894119881
119889119895
119890(119903ID119894119881119889119895sdot 119875 119875)
(13) Vehicle 119881119889broadcasts the message ⟨119872ID119894119881
119889119895
119861ID119894119881119889
119863ID119894119881119889
119890(119903ID119894119881119889119895
sdot 119875 119875) 119910ID119894119881119889119895119875 ID119894119881119889
119879119895 119890(119903ID119905TA 119895 sdot 119875 119875) 119910ID119905TA 119895119875⟩ to other vehicles
(2) Other vehicles first verify the ID of vehicle 119881119889 The
calculations are as follows
(21) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119894119881
119889
) ID119894119881119889
119879119897ID119894119881
119889
) mod 119901
(22) Calculate 1198611015840ID119905TA = 119890(119908ID119905TA 119895 sdot 119875 119910ID119905TA 119895 sdot 119875) +119890(119875 119903ID119905TA 119895 sdot 119875) = 119890(119875 119875)
ℎID119905TA
(23) Check if 119861ID119905TA
= 1198611015840ID119905TA If the equality issatisfied then the user is legal
(3) Other vehicles then verify the authenticity of themessage The calculations are as follows
(31) Calculate 119908ID119894119881119889119895
= 119867(119872ID119894119881119889119895
ID119894119881119889
119879119895) mod 119901
(32) Calculate 1198611015840ID119894119881119889
= 119890(119908ID119894119881119889119895
sdot 119875 119910ID119894119881119889119895
sdot 119875) +
119890(119903ID119894119881119889119895sdot 119875 119875) = 119890(119875 119875)
ℎID119905TA
(33) Check if 119861ID119894119881119889
= 1198611015840ID119894119881119889
Satisfaction of theequality is proof that vehicle 119881
119889sent the mes-
sage
Assuming that two vehicles within the transmission rangeof the same RSU want to communicate privately with eachother (Figure 1) vehicle 119881
119889and vehicle 119881
119890will calculate their
common key The calculation is as follows
SK119881119889minus119881119890
= 119890 (PRID119894119881119889
PUID119894119881119890)
= 119890 (PUID119894119881119889
ℎID119905TAPUID119894119881119890) = SK
119881119890minus119881119889
(15)
Subsequently vehicle 119881119889uses the common session key
(SK119881119889minus119881119890
) to encrypt the message and send the message tovehicle 119881
119890 When vehicle 119881
119890receives the encrypted message
it uses the common session key (SK119881119890minus119881119889
) to decrypt themessage and obtain the contents of the message
5 Security and Performance Analysis
This section gives a security analysis to demonstrate that themethod developed in this study can provide confidentialityauthentication nonrepudiation conditional anonymity andconditional untraceability A performance analysis is con-ducted by comparing the results of the present study withthose in [12ndash15]
51 Security Analysis The following subsections discuss thespecific aspects of the security analysis of the proposedmethod
(1) Confidentiality Assuming that the ID of every node isnot repeated as confidential communications are occurring
Mathematical Problems in Engineering 9
Table 4 The comparison of property
Property Method[12] [13] [14] [15] Proposed method
Security and privacy preservation YES YES YES YES YESDo need the certificate NO NO NO YES NODo need the help of RSU forauthentication NO NO NO NO NO
PKI-based system NO NO NO NO NOCommunication within different RSU YES YES YES YES YESPrivacy communicate NO NO NO NO YES
among vehicles within the range of a single RSU the propertyof IBC is used to establish the common session keys Thecommon session key of a vehicle is calculated based on thebilinear pairings map According to the elliptic curve discretelogarithm problem (ECDLP) the common session key of amalicious node 119887 and node 119886 is SK
119887-119886 It is difficult for node119887 to determine a secret value from SK
119887-119886 node brsquos privatekey (PR
119887) and node arsquos public key (PU
119886) Other vehicles are
unable to calculate the common session key from their ownprivate keys and the public keys of nodes 119886 and 119887 and thusthe security of confidential communications is ensured
(2) Authentication and Nonrepudiation As a vehicle registersand gains the trust of an RSU the RSU will broadcast thevehiclersquos 119866
2value to all vehicles within range and that
specific 1198662represents the vehicle itself The parameters
⟨119872ID119895 119861ID 119863ID 119910ID119895119875 ID 119879119895⟩ are broadcast as the vehicle is
broadcasting messages Other vehicles will calculate 119908ID119895 =119867(119872ID119895 ID 119879ID119895) mod 119901 upon receipt of the messagesand then calculate 1198611015840ID = 119890(119908ID0119875 119910ID119895119875) + 119890(119903ID0119875 119875) =
119890(119875 119875)ℎID Other vehicles are unable to calculate 119910ID119895 from119910ID119895119875 based on the ECDLP but 119903ID0 119910ID119895 and 119908ID119895 canbe calculated from the parameters 119861ID 119910ID119895119875 based onthe BDH method provided that the equality 119861ID = 1198611015840IDwhich is calculated from the messages of the vehicle issatisfiedTherefore the vehicle sending themessages achievesundeniability and the source of the messages is known
(3) Conditional Anonymity The true ID of a vehicle is knownonly to the TA An anonymous ID (ID
119894) is used when a
vehicle registers with the TA and this anonymous ID (ID119894)
is renewed every time the vehicle registers with the TA Avehicle will renegotiate a new anonymous ID (ID
119901) within
the range of every RSU Therefore it is difficult for anothervehicle to obtain the true ID of the vehicle by tracking ID
119894
from ID119901because the true IDs of the vehicles are known
only to the TA and the individual vehicles bearing those IDsEvery RSU knows the anonymous ID (ID
119894) of each vehicle
but each vehicle has a different ID (ID119901) for every RSU which
prevents malicious RSUs from tracking the current locationof the vehicle
(4) Conditional Untraceability When a vehicle is involvedin a criminal act an RSU is able to trace the anonymousID (ID
119894) from the vehiclersquos anonymous ID (ID
119901) The RSU
Table 5 Bilinear pairings execution time in milliseconds
Notations Descriptions Execution time (ms)119879119901
Pairing operation asymp45119879119898
Point multiplication asymp06119879119890
Field exponentiation asymp054
Table 6 RSAHMAC execution time in milliseconds
Notations Descriptions Execution time (ms)ASE RSA encryption 019ASD RSA decryption 465HMAC HMAC 0002SE AES encryption lt019SD AES decryption lt465
Table 7 The length of the parameters
Parameters Length (bit) Parameters Length (bit)1198661
160 AES 1281198662
160 Variable 32HMAC 160 Message (119872) 1024RSA 1024 Random number (119903) 128
transmits ID119894to the TA which in turn identifies the true ID
of the vehicle with the identity ID119894 Every vehicular parameter
will eventually expire therefore ensuring the validity of theanonymous ID of a vehicle
52 Performance Analysis The method developed in thisstudy was compared with those in [12ndash15] regarding perfor-mance execution time and data volume Table 4 comparesthe results of the present study and those of [12ndash15] showingthat the method developed in the present study is superior tothe other methods
To analyze efficiency the times required for a message tobe broadcast and verified in the present study and in [12ndash15] were calculated and the results are listed in Tables 5ndash7 Table 8 shows the results of the efficiency analysis Theexperimental results show that the method proposed in thispaper is superior to those in other literatures regardless ofcomputational complexity and packet length The networksecurity mechanisms proposed in literature [14] and thispaper are both based on the use of bilinear pairing so allthe packet lengths are within a reasonable range However in
10 Mathematical Problems in Engineering
Table 8 Performance analysis
Property Method[12] [13] [14] [15] Proposed method
The broadcast message
Signing5 lowast 119879119898+ 3 lowast 119879
119901
Verification4 lowast 119879119898+ 4 lowast 119879
119901
Signing1 lowast 119879119901
Verification3 lowast 119879119901
Signing5 lowast 119879119898
Verification6 lowast 119879119898+ 1 lowast 119879
119901
Signing2 lowast 119879119898
Verification2 lowast 119879119898
Signing119879119901+ 2 lowast 119879
119898
Verification119879119901+ 119879119898
Spending time 364ms 18ms 111ms 18ms 108msThe length of ciphertext 1112 bits 480 bits 480 bits (160 lowast 160) + 320 bits 480 bitsHandoff 3 lowast 119879
119901NA 4 lowast 119879
119898+ 2 lowast 119879
1199015 lowast 119879119898
2 lowast SE + 2 lowast SDSpending time 135ms NA 114ms 3ms lt968msThe length of ciphertext 480 bits NA 1280 bits 160 lowast 160 lowast 160 bits 2048 bits
Communication betweendifferent RSUs
Signing5 lowast 119879119898+ 3 lowast 119879
119901
Verification4 lowast 119879119898+ 4 lowast 119879
119901
Signing1 lowast 119879119901
Verification3 lowast 119879119901
Signing5 lowast 119879119898
Verification6 lowast 119879119898+ 1 lowast 119879
119901
Signing2 lowast 119879119898
Verification2 lowast 119879119898
Signing119879119901+ 2 lowast 119879
119898
Verification2 lowast 119879119901+ 2 lowast 119879
119898
Spending time 364ms 18ms 111ms 18ms 159msThe length of ciphertext 1112 bits 480 bits 480 bits (160 lowast 160) + 320 bits 960 bits
Privacy communicate NA NA NA NA
Signing119879119875+ SE
Verification119879119901+ SD
Spending time NA NA NA NA lt1384msThe length of ciphertext NA NA NA NA 1024 bits
computational complexity the proposed method is superiorto that of literature [14] In literature [15] there are networksecurity mechanisms based on chameleon hashing whichemploy exponential calculation The multiplication resultof three values will be huge Although the computationalcomplexity is not high the transfer of large amounts ofpackets will affect network bandwidth and also cause packetlosses in VANETs environment
6 Conclusion
VANETs improve transportation safety and efficiency If theinformation shared between vehicles is tampered with therewill be dire consequences such as vehicle collisions Thescheme proposed in this study ensures the security of theinformation shared between vehicles and is superior to otherschemes in terms of message verification and handoff Addi-tionally in terms of security the scheme in this study ensuresconditional untraceability conditional anonymity authenti-cation and nonrepudiation Future work will include supple-menting the scheme proposed in this study with revocationand trust mechanisms to corroborate the security scheme
Notations
Notations of the BDH
ℎ119894 The user 119894 chooses a random number ℎ
119894isin 119885lowast119902
as its secret value119861119894 The public value of user 119894 such that 119890(ℎ
119894119875 119875)
119910119894119895 The 119910
119894119895is the quotient
119903119894119895 The 119903
119894119895is the remainder
119908119894119895 119908119894119895
= 119867(119872119894119895
119879119895) mod 119901
Notation Used in This Paper
119890 Bilinear mapping1198661 Additive group
1198662 Multiplicative group
119875 Generator of 1198661
SE(sdot) A secure symmetric encryption algorithm119864IBC(sdot) ID-based encryption119863IBC(sdot) ID-based decryptPU119896 Public key of node 119896
PR119896 Private key of node 119896
119863119896 Data key of node 119896
ID119905119896 Real identity of node 119896
ID119894119896 Original pseudonym of node 119896
ID119901119896 Requested pseudonym of node 119896
ℎ119896 Secret value of node 119896
119862119894 Handoff secret value
119861119896 The public value of user 119896 such that 119890(ℎ
119894119875 119875)
SK119896-119895 The common session key between node 119896
and node 119895
119896119894-119895 The common secret key between node 119894 and
node 119895
119885lowast119902 119885lowast
119902is the finite field of mod 119902
119867(sdot) Hash function such that 0 1lowast rarr 119885lowast119902
1198671(sdot) Hash function such that 0 1lowast rarr 119866lowast
1
1198672(sdot) Hash function such that 119866lowast
2rarr 0 1lowast
Mathematical Problems in Engineering 11
119879119895 Time interval 119895
119879119897119894 Lifetime of the corresponding parameters
The message concatenation operation whichappends several messages together in aspecial format
Conflict of Interests
The authors declare that there is no conflict of interestsregarding the publication of this paper
Acknowledgments
This paper is the partial result of project MOST103-2632-E-366-001 and 103-2221-E-268-003 The authors would like tothank the supporting of Ministry of Science and TechnologyTaiwan
References
[1] IEEE ldquoDraft amendment for wireless access in vehicularenvironments (WAVE)rdquo IEEE P80211pD6 2009
[2] Dedicated Short Range Communication (DSRC) httpgrouperieeeorggroupsscc32dsrcindexhtml
[3] US Department of Transportation and National HighwayTraffic Safety Administration Vehicle Safety CommunicationsProject 2006
[4] C Xu F Zhao J Guan H Zhang and G M MunteanldquoQoE-driven user-centric vod services in urban multihomedP2P-based vehicular networksrdquo IEEE Transactions on VehicularTechnology vol 62 no 5 pp 2273ndash2289 2013
[5] GMarfiaM Roccetti A Amoroso andG Pau ldquoSafe driving inLA report from the greatest intervehicular accident detectiontest everrdquo IEEE Transactions on Vehicular Technology vol 62no 2 pp 522ndash535 2013
[6] R Lu X Lin Z Shi and X S Shen ldquoA lightweight conditionalprivacy-preservation protocol for vehicular traffic-monitoringsystemsrdquo IEEE Intelligent Systems vol 28 no 3 pp 62ndash65 2013
[7] IEEETrial-Use Standard ldquoIEEETrial-Use Standard forWirelessAccess in Vehicular Environments (WAVE) Networking Ser-vicesrdquo IEEE 1609 2006
[8] J-P Hubaux S Capkun and J Luo ldquoThe security and privacyof smart vehiclesrdquo IEEE Security and Privacy vol 2 no 3 pp49ndash55 2004
[9] G Kounga T Walter and S Lachmund ldquoProving reliabilityof anonymous information in VANETsrdquo IEEE Transactions onVehicular Technology vol 58 no 6 pp 2977ndash2989 2009
[10] A Wasef Y Jiang and X Shen ldquoDCS an efficient distributed-certificate-service scheme for vehicular networksrdquo IEEE Trans-actions onVehicular Technology vol 59 no 2 pp 533ndash549 2010
[11] J Sun C Zhang Y Zhang and Y Fang ldquoAn identity-basedsecurity system for user privacy in vehicular ad hoc networksrdquoIEEE Transactions on Parallel and Distributed Systems vol 21no 9 pp 1227ndash1239 2010
[12] R Lu X Lin X Liang and X Shen ldquoA dynamic privacy-preserving keymanagement scheme for location-based servicesin VANETsrdquo IEEE Transactions on Intelligent TransportationSystems vol 13 no 1 pp 127ndash139 2012
[13] S Biswas and J Misic ldquoA cross-layer approach to privacy-preserving authentication in WAVE-enabled VANETsrdquo IEEE
Transactions on Vehicular Technology vol 62 no 5 pp 2182ndash2192 2013
[14] L-Y Yeh and J-L Huang ldquoPBS a portable billing schemewith fine-grained access control for service-oriented vehicularnetworksrdquo IEEE Transactions on Mobile Computing vol 13 no11 pp 2606ndash2619 2014
[15] S Guo D Zeng and Y Xiang ldquoChameleon hashing forsecure and privacy-preserving vehicular communicationsrdquoIEEE Transactions on Parallel and Distributed Systems vol 25no 11 pp 2794ndash2803 2014
[16] T W Chim S M Yiu L C K Hui and V O K Li ldquoVSPNVANET-based secure and privacy-preserving navigationrdquo IEEETransactions on Computers vol 63 no 2 pp 510ndash524 2014
[17] D Boneh and M K Franklin ldquoIdentity-based encryption fromthe weil pairingrdquo in Advances in CryptologymdashCRYPTO 200121st Annual International CryptologyConference Santa BarbaraCalifornia USA August 19ndash23 2001 Proceedings vol 2139 ofLectureNotes in Computer Science pp 213ndash229 Springer BerlinGermany 2001
Submit your manuscripts athttpwwwhindawicom
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Mathematical Problems in Engineering
Hindawi Publishing Corporationhttpwwwhindawicom
Differential EquationsInternational Journal of
Volume 2014
Applied MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Probability and StatisticsHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Mathematical PhysicsAdvances in
Complex AnalysisJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
OptimizationJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
CombinatoricsHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
International Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Operations ResearchAdvances in
Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Function Spaces
Abstract and Applied AnalysisHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
International Journal of Mathematics and Mathematical Sciences
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
The Scientific World JournalHindawi Publishing Corporation httpwwwhindawicom Volume 2014
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Algebra
Discrete Dynamics in Nature and Society
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Decision SciencesAdvances in
Discrete MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom
Volume 2014 Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Stochastic AnalysisInternational Journal of
6 Mathematical Problems in Engineering
Table 1 RID-key table
ID of RSUNew ID ofvehicle
(handoff)
ID of vehicle(RSU
generate)
ID of vehicle(TA generate)
Commonsecret key
Expire timeof commonsecret key
BDH value ofvehicle
Data key ofvehicle
Expire timeof key
1198771 ID1015840
119901119881119886ID119901119881119886
ID119894119881119886
119896ID119901119881119886 1198771119879119897ID1015840119901119881119886
119861ID119901119881119886119863ID119901119881119886
119879119897ID119901119881119886
119877119898 ID10158401015840
119901119881119886ID119901119881119886
ID119894119881119886
119896ID119901119881119886 119877119898119879119897ID10158401015840119901119881119886
non non non1198771 ID1015840
119901119881119887ID119901119881119887
ID119894119881119887
119896ID1199011198811198871198771
119879119897ID1015840119901119881119887
119861ID119901119881119887
119863ID119901119881119887
119879119897ID119901119881
119887
119877119898minus1 ID10158401015840
119901119881119887ID119901119881119887
ID119894119881119887
119896ID119901119881119887119877119898
119879119897ID10158401015840119901119881119887
non non non
119896ID119901119881119886 119877119898 119896ID119901119881119886 119877119898minus1
119896ID119901119881119886 1198771Themethod for generating
the keys is as follows
119865 (119862ID119901119881119886 PRID119901119881119886
) = 119896ID119901119881119886 119877119898
119865 (119896ID119901119881119886 119877119898 PRID119901119881119886
) = 119896ID119901119881119886 119877119898minus1
119865 (119896ID119901119881119886 1198772 PRID119901119881119886
) = 119896ID119901119881119886 1198771
(8)
RSU 1198771uses a one-way hash chain [13] to generate 119898
anonymous IDs ID1015840119901119881119886
ID10158401015840119901119881119886
ID101584010158401015840119901119881119886
The method forgenerating the IDs is as follows
119865 (ID119901119881119886
PRID119901119881119886) = ID1015840
119901119881119886
119865 (ID1015840119901119881119886
PRID119901119881119886) = ID10158401015840
119901119881119886
119865 (ID10158401015840119901119881119886
PRID119901119881119886) = ID101584010158401015840
119901119881119886
(9)
Each RSU has two tables an RID-key table and an SID-key table The RID-key table is used to store the relatedparameters generated by RSU (Table 1) RSU 119877
1uses the
common session key that it shares with each RSU to encryptthe common secret key that vehicle 119881
119886has with each RSU
and the anonymous ID RSU 1198771then sends the encrypted
message to other RSUs When another RSU receives theencrypted message that RSU first uses the common sessionkey that it shares with RSU 119877
1to decrypt the message
and then stores the parameters for vehicle 119881119886in the table
(Table 2) Because vehicle 119881119886has the related parameters
(PRID119901119881119886 ID119901119881119886
119862ID119901119881119886) it can generate a common secret key
shared with each RSU and an anonymous ID on its ownTheparameters are stored in the table (Table 3) The parametersfor vehicle 119881
119886do not permit any one RSU to obtain the
parameters that vehicle 119881119886shares with other RSUs Because
other RSUs cannot obtain the private key and the commonsecret key of vehicle 119881
119886 the security of vehicle 119881
119886is ensured
44 Intra-RSU Message Authentication Vehicle 119881119886broad-
castsmessages to other vehicleswithin the transmission rangeof an RSU The calculations are as follows
(1) Vehicle 119881119886uses the BDH method to authorize a
message signature The calculations are as follows
(11) Vehicle 119881119886calculates 119908ID119901119881119886 119895
= 119867(119872ID119901119881119886 119895
ID119901119881119886
119879119895) mod 119901
(12) Vehicle119881119886calculates 119910ID119901119881119886 119895 = ℎID119901119881119886 119895
119908ID119901119881119886 119895
119890(119903ID119901119881119886 119895sdot 119875 119875) ∘
(13) Vehicle 119881119886broadcasts the message ⟨119872ID119901119881119886 119895
119861ID119901119881119886 119863ID119901119881119886
119890(119903ID119901119881119886 119895sdot 119875 119875) 119910ID119901119881119886 119895
119875 ID119901119881119886
119879119895⟩ to other vehicles within range
(2) When other vehicles receive the message they canverify the authenticity of the message The calcula-tions are as follows
(21) Calculate 119908ID119901119881119886 119895= 119867(119872ID119901119881119886 119895
ID119901119881119886
119879119895) mod 119901 ∘
(22) Calculate 1198611015840ID119901119881119886= 119890(119908ID119901119881119886 119895
sdot 119875 119910ID119901119881119886 119895sdot 119875) +
119890(119903ID119901119881119886 119895sdot 119875 119875) = 119890(119875 119875)
ℎID119905TA
(23) Check if 119861ID119901119881119886
= 1198611015840ID119901119881119886 If the equality is
satisfied then vehicle 119881119886sent the message
Assuming that two vehicles within the transmission rangeof a given RSU want to send private messages to eachother (Figure 1) vehicle 119881
119886and vehicle 119881
119887will calculate their
common key The calculation is as follows
SK119881119886minus119881119887
= 119890 (PRID119901119881119886PUID119901119881
119887
)
= 119890 (PUID119901119881119886 ℎID119905119877119877
PUID119901119881119887
) = SK119881119887minus119881119886
(10)
Then vehicle 119881119886uses the common session key (SK
119881119886minus119881119887)
to first encrypt the message and then send it to vehicle 119881119886
When119881119887receives the encrypted message the vehicle uses the
common session key (SK119881119887minus119881119886
) to decrypt the message andthen obtain the contents of the messageThe benefits of usingIBC lie in the fact that the other vehiclersquos public key can beeasily calculated based on its ID and that the common sessionkey can be calculated based on the other vehiclersquos public key
Mathematical Problems in Engineering 7
Table 2 SID-key table
New ID ofvehicle(handoff)
Informed byRSU
Commonsecret key
Expire timeof commonsecret key
BDH value ofvehicle
Data key ofvehicle
Expire timeof key
ID1015840119901119881119905
1198777
119896ID119901119881119905 1198771119879119897ID1015840119901119881119905
non non non
ID10158401015840119901119881119905minus7
119877119898
119896ID119901119881119905minus7 1198771119879119897ID10158401015840119901119881119905minus7
non non nonID1015840119901119881119888
119877119898minus2
119896ID119901119881119888 1198771119879119897ID1015840119901119881119888
119861ID119901119881119888119863ID119901119881119888
119879119897ID119901119881119888
ID10158401015840119901119881119889
1198777
119896ID1199011198811198891198771
119879119897ID10158401015840119901119881119889
119861ID119901119881119889
119863ID119901119881119889
119879119897ID119901119881
119889
Table 3 SID issue table
ID of RSUNew ID ofvehicle
(handoff)
ID of vehicle(RSU generate)
ID of vehicle(TA generate)
Commonsecret key
Private key(RSU) Secret value Expire time
of key
1198771 ID1015840
119901119881119886ID119901119881119886
ID119894119881119886
119896ID119901119881119886 1198771PRID119901119881119886
ℎID119901119881119886119879119897ID119901119881119886
119877119898 ID10158401015840
119901119881119886ID119901119881119886
ID119894119881119886
119896ID119901119881119886 119877119898 non non non
and its own private key Conversely the other vehicle can alsocalculate the common session key because the secret value ofthe common session key is the same
45 Inter-RSU Message Authentication Assuming that vehi-cle 119881119886wants to broadcast a message within the transmission
ranges of several RSUs and uses the BDH signature toensure the security of the message vehicle 119881
119886will first send
the parameters ⟨119872ID119901119881119886 119895 119890(119903ID119901119881119886 119895
sdot 119875 119875) 119910ID119901119881119886 119895119875 119861ID119901119881119886
ID119901119881119886
119910ID1199051198771 119895sdot119875 119890(119903ID1199051198771 119895
sdot119875 119875) sdot119879119897ID119901119881119905
119879119895⟩ to nearby RSUs
and then the RSUs will relay the message to other vehiclesThen other vehicles will first verify the legitimacy of vehicle119881119886by calculating 119908ID1199051198771 119895
= 119867(1198672(119861ID119901119881119886
) ID119901119881119886
119879119897ID119901119881119886
) mod 119901 and then calculating 119890(119908ID1199051198771 119895119875 119910ID1199051198771 119895
119875) +
119890(119903ID1199051198771 119895119875 119875) = 1198611015840IDID1199051198771
If it is the case then it proves thatvehicle 119881
119886is the legitimate user of RSU 119877
1
Other vehicles will verify the authenticity of the mes-sage from vehicle 119881
119886by first calculating 119908ID119901119881119886 119895
=
119867(119872ID119901119881119886 119895 ID
119901119881119886 119879119895) mod 119901 and then calculating
119890(119908ID119901119881119886 119895119875 119910ID119901119881119886 119895
119875) + 119890(119903ID119901119881119886 119895119875 119875) = 1198611015840ID119901119881119886 119895
If it is thecase then the message was sent from vehicle 119881
119886
In private communications the secret private key valueof each vehicle is different because there are multiple RSUsTherefore an ID-based encryption method should be usedLet vehicle 119881
119886and vehicle 119881
119888calculate their common session
keys Assuming that vehicle 119881119886wants to privately commu-
nicate with vehicle 119881119888 which is within the transmission
range of a different RSU vehicle 119881119888will first encrypt the
message Vehicle 119881119886will then calculate the public key using
the anonymous ID of vehicle 119881119888 Upon obtaining the data
key for vehicle 119881119888 vehicle 119881
119886will encrypt the message using
the public key and the data key of vehicle 119881119888 The calculation
is as follows
119862 = 119864IBC (119903119872PUID119901119881119888 119863ID119901119881119888
)
= 119903 sdot 119875119872 oplus 1198672(119890 (PUID119901119881119888
119863ID119901119881119888)119903
)
119872 = 119890 (PRID119901119881119886PUID119901119881119888
)
(11)
Subsequently vehicle 119881119888uses the private key to decrypt
the message Equation (2) shows the decryption methodVehicle 119881
119888then uses ID-based encryption to generate an
encrypted message for vehicle 119881119886 The calculation is as
follows
119862 = 119864IBC (119903119872PUID119901119881119886 119863ID119901119881119886
)
= 119903 sdot 119875119872 oplus 1198672(119890 (PUID119901119881119886
119863ID119901119881119886)119903
)
119872 = 119890 (PRID119901119881119886PUID119901119881119888
) + 119890 (PRID119901119881119888PUID119901119881119886
)
(12)
Vehicle 119881119886uses the private key to decrypt the message
Equation (2) shows the decryption method When vehicle119881119886
receives thecommon session key that it shares with vehicle119881119888
119881119886can communicate with vehicle 119881
119888privately The common
session key is
SK119881119886minus119881119888
= 119890 (PRID119901119881119886PUID119901119881119888
) + 119890 (PRID119901119881119888PUID119901119881119886
)
= SK119881119888minus119881119886
(13)
8 Mathematical Problems in Engineering
46 Handoff Problem When vehicle 119881119886comes within the
transmission range of the next RSU (1198772) vehicle 119881
119886will first
inquire for the common secret key that it shares with RSU 1198772
in Table 3 and then initiate the handoff The calculation is asfollows
(1) Vehicle 119881119886
first generates short-term parameters119861ID119901119881119905
119863ID119901119881119905and uses the common secret key
(119896ID119901119881119886 1198772) to encrypt the parametersThen vehicle119881119886
sends the parameters and its anonymous ID to RSU1198772
(2) RSU 1198772inquires for the common secret key and the
time of validity that it shares with vehicle119881119886in Table 2
based on the anonymous ID of vehicle 119881119886 If the time
of validity has expired then vehicle 119881119886will reregister
with RSU (Section 42) If the time of validity has notexpired 119877
2will generate the short-term parameters
for vehicle 119881119886 The calculations are as follows
(21) 1198772calculates PRID119901119881119886
as its private key(22) 119877
2calculates119908ID1199051198772 119895
= 119867(1198672(119861ID119901119881119886
) ID119901119881119886
119879119897ID119901119881119886
) mod 119901(23) 119877
2calculates 119910ID1199051198772 119895 = ℎID1199051198772
119908ID1199051198772 119895 119890(119903ID1199051198772 119895 sdot
119875 119875)
(3) RSU 1198771uses the common secret key to encrypt the
parameters (PRID119901119881119886 119862ID119901119881119886
) The calculation is asfollows
119862 = SE (PRID119901119881119886 CID119901119881119886
119879119895)SK1198771minus119881119886
(14)
RSU 1198771sends the message 119862 ID
119894119881119886 119890(119903ID1199051198771 119895
sdot
119875 119875) 119910ID1199051198771 119895119875 119879119897ID119901119881119886
to vehicle 119881119886
(4) When vehicle119881119886receives themessage the vehicle uses
the common secret key to decrypt the message(5) 1198771
records (ID119894119881119886
ID119901119881119886
119861ID119901119881119886 119863ID119901119881119886
119862ID1199051198771 119895
119879119897ID119901119881119886
) and publishes (ID119901119881119886
119861ID119901119881119886 119863ID119901119881119886
119890(119903ID1199051198771 119895sdot 119875 119875) 119910ID1199051198771 119895
119875 119879119897ID119901119881119886
) to all vehicles in itsdomain
47 Message Authentication When RSUs Are Not AvailableWhen RSUs are not available vehicles can broadcast mes-sages and conduct private communications using the param-eters generated by the TA by executing the following steps
(1) Vehicle 119881119889uses the BDH signature method to autho-
rize a message signature The calculations are asfollows
(11) Vehicle 119881119889calculates 119908ID119894119881
119889119895
= 119867(119872ID119894119881119889119895
ID119894119881119889
119879119895) mod 119901
(12) Vehicle 119881119889calculates 119910ID119894119881
119889119895
= ℎID119894119881119889119895119908ID119894119881
119889119895
119890(119903ID119894119881119889119895sdot 119875 119875)
(13) Vehicle 119881119889broadcasts the message ⟨119872ID119894119881
119889119895
119861ID119894119881119889
119863ID119894119881119889
119890(119903ID119894119881119889119895
sdot 119875 119875) 119910ID119894119881119889119895119875 ID119894119881119889
119879119895 119890(119903ID119905TA 119895 sdot 119875 119875) 119910ID119905TA 119895119875⟩ to other vehicles
(2) Other vehicles first verify the ID of vehicle 119881119889 The
calculations are as follows
(21) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119894119881
119889
) ID119894119881119889
119879119897ID119894119881
119889
) mod 119901
(22) Calculate 1198611015840ID119905TA = 119890(119908ID119905TA 119895 sdot 119875 119910ID119905TA 119895 sdot 119875) +119890(119875 119903ID119905TA 119895 sdot 119875) = 119890(119875 119875)
ℎID119905TA
(23) Check if 119861ID119905TA
= 1198611015840ID119905TA If the equality issatisfied then the user is legal
(3) Other vehicles then verify the authenticity of themessage The calculations are as follows
(31) Calculate 119908ID119894119881119889119895
= 119867(119872ID119894119881119889119895
ID119894119881119889
119879119895) mod 119901
(32) Calculate 1198611015840ID119894119881119889
= 119890(119908ID119894119881119889119895
sdot 119875 119910ID119894119881119889119895
sdot 119875) +
119890(119903ID119894119881119889119895sdot 119875 119875) = 119890(119875 119875)
ℎID119905TA
(33) Check if 119861ID119894119881119889
= 1198611015840ID119894119881119889
Satisfaction of theequality is proof that vehicle 119881
119889sent the mes-
sage
Assuming that two vehicles within the transmission rangeof the same RSU want to communicate privately with eachother (Figure 1) vehicle 119881
119889and vehicle 119881
119890will calculate their
common key The calculation is as follows
SK119881119889minus119881119890
= 119890 (PRID119894119881119889
PUID119894119881119890)
= 119890 (PUID119894119881119889
ℎID119905TAPUID119894119881119890) = SK
119881119890minus119881119889
(15)
Subsequently vehicle 119881119889uses the common session key
(SK119881119889minus119881119890
) to encrypt the message and send the message tovehicle 119881
119890 When vehicle 119881
119890receives the encrypted message
it uses the common session key (SK119881119890minus119881119889
) to decrypt themessage and obtain the contents of the message
5 Security and Performance Analysis
This section gives a security analysis to demonstrate that themethod developed in this study can provide confidentialityauthentication nonrepudiation conditional anonymity andconditional untraceability A performance analysis is con-ducted by comparing the results of the present study withthose in [12ndash15]
51 Security Analysis The following subsections discuss thespecific aspects of the security analysis of the proposedmethod
(1) Confidentiality Assuming that the ID of every node isnot repeated as confidential communications are occurring
Mathematical Problems in Engineering 9
Table 4 The comparison of property
Property Method[12] [13] [14] [15] Proposed method
Security and privacy preservation YES YES YES YES YESDo need the certificate NO NO NO YES NODo need the help of RSU forauthentication NO NO NO NO NO
PKI-based system NO NO NO NO NOCommunication within different RSU YES YES YES YES YESPrivacy communicate NO NO NO NO YES
among vehicles within the range of a single RSU the propertyof IBC is used to establish the common session keys Thecommon session key of a vehicle is calculated based on thebilinear pairings map According to the elliptic curve discretelogarithm problem (ECDLP) the common session key of amalicious node 119887 and node 119886 is SK
119887-119886 It is difficult for node119887 to determine a secret value from SK
119887-119886 node brsquos privatekey (PR
119887) and node arsquos public key (PU
119886) Other vehicles are
unable to calculate the common session key from their ownprivate keys and the public keys of nodes 119886 and 119887 and thusthe security of confidential communications is ensured
(2) Authentication and Nonrepudiation As a vehicle registersand gains the trust of an RSU the RSU will broadcast thevehiclersquos 119866
2value to all vehicles within range and that
specific 1198662represents the vehicle itself The parameters
⟨119872ID119895 119861ID 119863ID 119910ID119895119875 ID 119879119895⟩ are broadcast as the vehicle is
broadcasting messages Other vehicles will calculate 119908ID119895 =119867(119872ID119895 ID 119879ID119895) mod 119901 upon receipt of the messagesand then calculate 1198611015840ID = 119890(119908ID0119875 119910ID119895119875) + 119890(119903ID0119875 119875) =
119890(119875 119875)ℎID Other vehicles are unable to calculate 119910ID119895 from119910ID119895119875 based on the ECDLP but 119903ID0 119910ID119895 and 119908ID119895 canbe calculated from the parameters 119861ID 119910ID119895119875 based onthe BDH method provided that the equality 119861ID = 1198611015840IDwhich is calculated from the messages of the vehicle issatisfiedTherefore the vehicle sending themessages achievesundeniability and the source of the messages is known
(3) Conditional Anonymity The true ID of a vehicle is knownonly to the TA An anonymous ID (ID
119894) is used when a
vehicle registers with the TA and this anonymous ID (ID119894)
is renewed every time the vehicle registers with the TA Avehicle will renegotiate a new anonymous ID (ID
119901) within
the range of every RSU Therefore it is difficult for anothervehicle to obtain the true ID of the vehicle by tracking ID
119894
from ID119901because the true IDs of the vehicles are known
only to the TA and the individual vehicles bearing those IDsEvery RSU knows the anonymous ID (ID
119894) of each vehicle
but each vehicle has a different ID (ID119901) for every RSU which
prevents malicious RSUs from tracking the current locationof the vehicle
(4) Conditional Untraceability When a vehicle is involvedin a criminal act an RSU is able to trace the anonymousID (ID
119894) from the vehiclersquos anonymous ID (ID
119901) The RSU
Table 5 Bilinear pairings execution time in milliseconds
Notations Descriptions Execution time (ms)119879119901
Pairing operation asymp45119879119898
Point multiplication asymp06119879119890
Field exponentiation asymp054
Table 6 RSAHMAC execution time in milliseconds
Notations Descriptions Execution time (ms)ASE RSA encryption 019ASD RSA decryption 465HMAC HMAC 0002SE AES encryption lt019SD AES decryption lt465
Table 7 The length of the parameters
Parameters Length (bit) Parameters Length (bit)1198661
160 AES 1281198662
160 Variable 32HMAC 160 Message (119872) 1024RSA 1024 Random number (119903) 128
transmits ID119894to the TA which in turn identifies the true ID
of the vehicle with the identity ID119894 Every vehicular parameter
will eventually expire therefore ensuring the validity of theanonymous ID of a vehicle
52 Performance Analysis The method developed in thisstudy was compared with those in [12ndash15] regarding perfor-mance execution time and data volume Table 4 comparesthe results of the present study and those of [12ndash15] showingthat the method developed in the present study is superior tothe other methods
To analyze efficiency the times required for a message tobe broadcast and verified in the present study and in [12ndash15] were calculated and the results are listed in Tables 5ndash7 Table 8 shows the results of the efficiency analysis Theexperimental results show that the method proposed in thispaper is superior to those in other literatures regardless ofcomputational complexity and packet length The networksecurity mechanisms proposed in literature [14] and thispaper are both based on the use of bilinear pairing so allthe packet lengths are within a reasonable range However in
10 Mathematical Problems in Engineering
Table 8 Performance analysis
Property Method[12] [13] [14] [15] Proposed method
The broadcast message
Signing5 lowast 119879119898+ 3 lowast 119879
119901
Verification4 lowast 119879119898+ 4 lowast 119879
119901
Signing1 lowast 119879119901
Verification3 lowast 119879119901
Signing5 lowast 119879119898
Verification6 lowast 119879119898+ 1 lowast 119879
119901
Signing2 lowast 119879119898
Verification2 lowast 119879119898
Signing119879119901+ 2 lowast 119879
119898
Verification119879119901+ 119879119898
Spending time 364ms 18ms 111ms 18ms 108msThe length of ciphertext 1112 bits 480 bits 480 bits (160 lowast 160) + 320 bits 480 bitsHandoff 3 lowast 119879
119901NA 4 lowast 119879
119898+ 2 lowast 119879
1199015 lowast 119879119898
2 lowast SE + 2 lowast SDSpending time 135ms NA 114ms 3ms lt968msThe length of ciphertext 480 bits NA 1280 bits 160 lowast 160 lowast 160 bits 2048 bits
Communication betweendifferent RSUs
Signing5 lowast 119879119898+ 3 lowast 119879
119901
Verification4 lowast 119879119898+ 4 lowast 119879
119901
Signing1 lowast 119879119901
Verification3 lowast 119879119901
Signing5 lowast 119879119898
Verification6 lowast 119879119898+ 1 lowast 119879
119901
Signing2 lowast 119879119898
Verification2 lowast 119879119898
Signing119879119901+ 2 lowast 119879
119898
Verification2 lowast 119879119901+ 2 lowast 119879
119898
Spending time 364ms 18ms 111ms 18ms 159msThe length of ciphertext 1112 bits 480 bits 480 bits (160 lowast 160) + 320 bits 960 bits
Privacy communicate NA NA NA NA
Signing119879119875+ SE
Verification119879119901+ SD
Spending time NA NA NA NA lt1384msThe length of ciphertext NA NA NA NA 1024 bits
computational complexity the proposed method is superiorto that of literature [14] In literature [15] there are networksecurity mechanisms based on chameleon hashing whichemploy exponential calculation The multiplication resultof three values will be huge Although the computationalcomplexity is not high the transfer of large amounts ofpackets will affect network bandwidth and also cause packetlosses in VANETs environment
6 Conclusion
VANETs improve transportation safety and efficiency If theinformation shared between vehicles is tampered with therewill be dire consequences such as vehicle collisions Thescheme proposed in this study ensures the security of theinformation shared between vehicles and is superior to otherschemes in terms of message verification and handoff Addi-tionally in terms of security the scheme in this study ensuresconditional untraceability conditional anonymity authenti-cation and nonrepudiation Future work will include supple-menting the scheme proposed in this study with revocationand trust mechanisms to corroborate the security scheme
Notations
Notations of the BDH
ℎ119894 The user 119894 chooses a random number ℎ
119894isin 119885lowast119902
as its secret value119861119894 The public value of user 119894 such that 119890(ℎ
119894119875 119875)
119910119894119895 The 119910
119894119895is the quotient
119903119894119895 The 119903
119894119895is the remainder
119908119894119895 119908119894119895
= 119867(119872119894119895
119879119895) mod 119901
Notation Used in This Paper
119890 Bilinear mapping1198661 Additive group
1198662 Multiplicative group
119875 Generator of 1198661
SE(sdot) A secure symmetric encryption algorithm119864IBC(sdot) ID-based encryption119863IBC(sdot) ID-based decryptPU119896 Public key of node 119896
PR119896 Private key of node 119896
119863119896 Data key of node 119896
ID119905119896 Real identity of node 119896
ID119894119896 Original pseudonym of node 119896
ID119901119896 Requested pseudonym of node 119896
ℎ119896 Secret value of node 119896
119862119894 Handoff secret value
119861119896 The public value of user 119896 such that 119890(ℎ
119894119875 119875)
SK119896-119895 The common session key between node 119896
and node 119895
119896119894-119895 The common secret key between node 119894 and
node 119895
119885lowast119902 119885lowast
119902is the finite field of mod 119902
119867(sdot) Hash function such that 0 1lowast rarr 119885lowast119902
1198671(sdot) Hash function such that 0 1lowast rarr 119866lowast
1
1198672(sdot) Hash function such that 119866lowast
2rarr 0 1lowast
Mathematical Problems in Engineering 11
119879119895 Time interval 119895
119879119897119894 Lifetime of the corresponding parameters
The message concatenation operation whichappends several messages together in aspecial format
Conflict of Interests
The authors declare that there is no conflict of interestsregarding the publication of this paper
Acknowledgments
This paper is the partial result of project MOST103-2632-E-366-001 and 103-2221-E-268-003 The authors would like tothank the supporting of Ministry of Science and TechnologyTaiwan
References
[1] IEEE ldquoDraft amendment for wireless access in vehicularenvironments (WAVE)rdquo IEEE P80211pD6 2009
[2] Dedicated Short Range Communication (DSRC) httpgrouperieeeorggroupsscc32dsrcindexhtml
[3] US Department of Transportation and National HighwayTraffic Safety Administration Vehicle Safety CommunicationsProject 2006
[4] C Xu F Zhao J Guan H Zhang and G M MunteanldquoQoE-driven user-centric vod services in urban multihomedP2P-based vehicular networksrdquo IEEE Transactions on VehicularTechnology vol 62 no 5 pp 2273ndash2289 2013
[5] GMarfiaM Roccetti A Amoroso andG Pau ldquoSafe driving inLA report from the greatest intervehicular accident detectiontest everrdquo IEEE Transactions on Vehicular Technology vol 62no 2 pp 522ndash535 2013
[6] R Lu X Lin Z Shi and X S Shen ldquoA lightweight conditionalprivacy-preservation protocol for vehicular traffic-monitoringsystemsrdquo IEEE Intelligent Systems vol 28 no 3 pp 62ndash65 2013
[7] IEEETrial-Use Standard ldquoIEEETrial-Use Standard forWirelessAccess in Vehicular Environments (WAVE) Networking Ser-vicesrdquo IEEE 1609 2006
[8] J-P Hubaux S Capkun and J Luo ldquoThe security and privacyof smart vehiclesrdquo IEEE Security and Privacy vol 2 no 3 pp49ndash55 2004
[9] G Kounga T Walter and S Lachmund ldquoProving reliabilityof anonymous information in VANETsrdquo IEEE Transactions onVehicular Technology vol 58 no 6 pp 2977ndash2989 2009
[10] A Wasef Y Jiang and X Shen ldquoDCS an efficient distributed-certificate-service scheme for vehicular networksrdquo IEEE Trans-actions onVehicular Technology vol 59 no 2 pp 533ndash549 2010
[11] J Sun C Zhang Y Zhang and Y Fang ldquoAn identity-basedsecurity system for user privacy in vehicular ad hoc networksrdquoIEEE Transactions on Parallel and Distributed Systems vol 21no 9 pp 1227ndash1239 2010
[12] R Lu X Lin X Liang and X Shen ldquoA dynamic privacy-preserving keymanagement scheme for location-based servicesin VANETsrdquo IEEE Transactions on Intelligent TransportationSystems vol 13 no 1 pp 127ndash139 2012
[13] S Biswas and J Misic ldquoA cross-layer approach to privacy-preserving authentication in WAVE-enabled VANETsrdquo IEEE
Transactions on Vehicular Technology vol 62 no 5 pp 2182ndash2192 2013
[14] L-Y Yeh and J-L Huang ldquoPBS a portable billing schemewith fine-grained access control for service-oriented vehicularnetworksrdquo IEEE Transactions on Mobile Computing vol 13 no11 pp 2606ndash2619 2014
[15] S Guo D Zeng and Y Xiang ldquoChameleon hashing forsecure and privacy-preserving vehicular communicationsrdquoIEEE Transactions on Parallel and Distributed Systems vol 25no 11 pp 2794ndash2803 2014
[16] T W Chim S M Yiu L C K Hui and V O K Li ldquoVSPNVANET-based secure and privacy-preserving navigationrdquo IEEETransactions on Computers vol 63 no 2 pp 510ndash524 2014
[17] D Boneh and M K Franklin ldquoIdentity-based encryption fromthe weil pairingrdquo in Advances in CryptologymdashCRYPTO 200121st Annual International CryptologyConference Santa BarbaraCalifornia USA August 19ndash23 2001 Proceedings vol 2139 ofLectureNotes in Computer Science pp 213ndash229 Springer BerlinGermany 2001
Submit your manuscripts athttpwwwhindawicom
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Mathematical Problems in Engineering
Hindawi Publishing Corporationhttpwwwhindawicom
Differential EquationsInternational Journal of
Volume 2014
Applied MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Probability and StatisticsHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Mathematical PhysicsAdvances in
Complex AnalysisJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
OptimizationJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
CombinatoricsHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
International Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Operations ResearchAdvances in
Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Function Spaces
Abstract and Applied AnalysisHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
International Journal of Mathematics and Mathematical Sciences
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
The Scientific World JournalHindawi Publishing Corporation httpwwwhindawicom Volume 2014
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Algebra
Discrete Dynamics in Nature and Society
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Decision SciencesAdvances in
Discrete MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom
Volume 2014 Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Stochastic AnalysisInternational Journal of
Mathematical Problems in Engineering 7
Table 2 SID-key table
New ID ofvehicle(handoff)
Informed byRSU
Commonsecret key
Expire timeof commonsecret key
BDH value ofvehicle
Data key ofvehicle
Expire timeof key
ID1015840119901119881119905
1198777
119896ID119901119881119905 1198771119879119897ID1015840119901119881119905
non non non
ID10158401015840119901119881119905minus7
119877119898
119896ID119901119881119905minus7 1198771119879119897ID10158401015840119901119881119905minus7
non non nonID1015840119901119881119888
119877119898minus2
119896ID119901119881119888 1198771119879119897ID1015840119901119881119888
119861ID119901119881119888119863ID119901119881119888
119879119897ID119901119881119888
ID10158401015840119901119881119889
1198777
119896ID1199011198811198891198771
119879119897ID10158401015840119901119881119889
119861ID119901119881119889
119863ID119901119881119889
119879119897ID119901119881
119889
Table 3 SID issue table
ID of RSUNew ID ofvehicle
(handoff)
ID of vehicle(RSU generate)
ID of vehicle(TA generate)
Commonsecret key
Private key(RSU) Secret value Expire time
of key
1198771 ID1015840
119901119881119886ID119901119881119886
ID119894119881119886
119896ID119901119881119886 1198771PRID119901119881119886
ℎID119901119881119886119879119897ID119901119881119886
119877119898 ID10158401015840
119901119881119886ID119901119881119886
ID119894119881119886
119896ID119901119881119886 119877119898 non non non
and its own private key Conversely the other vehicle can alsocalculate the common session key because the secret value ofthe common session key is the same
45 Inter-RSU Message Authentication Assuming that vehi-cle 119881119886wants to broadcast a message within the transmission
ranges of several RSUs and uses the BDH signature toensure the security of the message vehicle 119881
119886will first send
the parameters ⟨119872ID119901119881119886 119895 119890(119903ID119901119881119886 119895
sdot 119875 119875) 119910ID119901119881119886 119895119875 119861ID119901119881119886
ID119901119881119886
119910ID1199051198771 119895sdot119875 119890(119903ID1199051198771 119895
sdot119875 119875) sdot119879119897ID119901119881119905
119879119895⟩ to nearby RSUs
and then the RSUs will relay the message to other vehiclesThen other vehicles will first verify the legitimacy of vehicle119881119886by calculating 119908ID1199051198771 119895
= 119867(1198672(119861ID119901119881119886
) ID119901119881119886
119879119897ID119901119881119886
) mod 119901 and then calculating 119890(119908ID1199051198771 119895119875 119910ID1199051198771 119895
119875) +
119890(119903ID1199051198771 119895119875 119875) = 1198611015840IDID1199051198771
If it is the case then it proves thatvehicle 119881
119886is the legitimate user of RSU 119877
1
Other vehicles will verify the authenticity of the mes-sage from vehicle 119881
119886by first calculating 119908ID119901119881119886 119895
=
119867(119872ID119901119881119886 119895 ID
119901119881119886 119879119895) mod 119901 and then calculating
119890(119908ID119901119881119886 119895119875 119910ID119901119881119886 119895
119875) + 119890(119903ID119901119881119886 119895119875 119875) = 1198611015840ID119901119881119886 119895
If it is thecase then the message was sent from vehicle 119881
119886
In private communications the secret private key valueof each vehicle is different because there are multiple RSUsTherefore an ID-based encryption method should be usedLet vehicle 119881
119886and vehicle 119881
119888calculate their common session
keys Assuming that vehicle 119881119886wants to privately commu-
nicate with vehicle 119881119888 which is within the transmission
range of a different RSU vehicle 119881119888will first encrypt the
message Vehicle 119881119886will then calculate the public key using
the anonymous ID of vehicle 119881119888 Upon obtaining the data
key for vehicle 119881119888 vehicle 119881
119886will encrypt the message using
the public key and the data key of vehicle 119881119888 The calculation
is as follows
119862 = 119864IBC (119903119872PUID119901119881119888 119863ID119901119881119888
)
= 119903 sdot 119875119872 oplus 1198672(119890 (PUID119901119881119888
119863ID119901119881119888)119903
)
119872 = 119890 (PRID119901119881119886PUID119901119881119888
)
(11)
Subsequently vehicle 119881119888uses the private key to decrypt
the message Equation (2) shows the decryption methodVehicle 119881
119888then uses ID-based encryption to generate an
encrypted message for vehicle 119881119886 The calculation is as
follows
119862 = 119864IBC (119903119872PUID119901119881119886 119863ID119901119881119886
)
= 119903 sdot 119875119872 oplus 1198672(119890 (PUID119901119881119886
119863ID119901119881119886)119903
)
119872 = 119890 (PRID119901119881119886PUID119901119881119888
) + 119890 (PRID119901119881119888PUID119901119881119886
)
(12)
Vehicle 119881119886uses the private key to decrypt the message
Equation (2) shows the decryption method When vehicle119881119886
receives thecommon session key that it shares with vehicle119881119888
119881119886can communicate with vehicle 119881
119888privately The common
session key is
SK119881119886minus119881119888
= 119890 (PRID119901119881119886PUID119901119881119888
) + 119890 (PRID119901119881119888PUID119901119881119886
)
= SK119881119888minus119881119886
(13)
8 Mathematical Problems in Engineering
46 Handoff Problem When vehicle 119881119886comes within the
transmission range of the next RSU (1198772) vehicle 119881
119886will first
inquire for the common secret key that it shares with RSU 1198772
in Table 3 and then initiate the handoff The calculation is asfollows
(1) Vehicle 119881119886
first generates short-term parameters119861ID119901119881119905
119863ID119901119881119905and uses the common secret key
(119896ID119901119881119886 1198772) to encrypt the parametersThen vehicle119881119886
sends the parameters and its anonymous ID to RSU1198772
(2) RSU 1198772inquires for the common secret key and the
time of validity that it shares with vehicle119881119886in Table 2
based on the anonymous ID of vehicle 119881119886 If the time
of validity has expired then vehicle 119881119886will reregister
with RSU (Section 42) If the time of validity has notexpired 119877
2will generate the short-term parameters
for vehicle 119881119886 The calculations are as follows
(21) 1198772calculates PRID119901119881119886
as its private key(22) 119877
2calculates119908ID1199051198772 119895
= 119867(1198672(119861ID119901119881119886
) ID119901119881119886
119879119897ID119901119881119886
) mod 119901(23) 119877
2calculates 119910ID1199051198772 119895 = ℎID1199051198772
119908ID1199051198772 119895 119890(119903ID1199051198772 119895 sdot
119875 119875)
(3) RSU 1198771uses the common secret key to encrypt the
parameters (PRID119901119881119886 119862ID119901119881119886
) The calculation is asfollows
119862 = SE (PRID119901119881119886 CID119901119881119886
119879119895)SK1198771minus119881119886
(14)
RSU 1198771sends the message 119862 ID
119894119881119886 119890(119903ID1199051198771 119895
sdot
119875 119875) 119910ID1199051198771 119895119875 119879119897ID119901119881119886
to vehicle 119881119886
(4) When vehicle119881119886receives themessage the vehicle uses
the common secret key to decrypt the message(5) 1198771
records (ID119894119881119886
ID119901119881119886
119861ID119901119881119886 119863ID119901119881119886
119862ID1199051198771 119895
119879119897ID119901119881119886
) and publishes (ID119901119881119886
119861ID119901119881119886 119863ID119901119881119886
119890(119903ID1199051198771 119895sdot 119875 119875) 119910ID1199051198771 119895
119875 119879119897ID119901119881119886
) to all vehicles in itsdomain
47 Message Authentication When RSUs Are Not AvailableWhen RSUs are not available vehicles can broadcast mes-sages and conduct private communications using the param-eters generated by the TA by executing the following steps
(1) Vehicle 119881119889uses the BDH signature method to autho-
rize a message signature The calculations are asfollows
(11) Vehicle 119881119889calculates 119908ID119894119881
119889119895
= 119867(119872ID119894119881119889119895
ID119894119881119889
119879119895) mod 119901
(12) Vehicle 119881119889calculates 119910ID119894119881
119889119895
= ℎID119894119881119889119895119908ID119894119881
119889119895
119890(119903ID119894119881119889119895sdot 119875 119875)
(13) Vehicle 119881119889broadcasts the message ⟨119872ID119894119881
119889119895
119861ID119894119881119889
119863ID119894119881119889
119890(119903ID119894119881119889119895
sdot 119875 119875) 119910ID119894119881119889119895119875 ID119894119881119889
119879119895 119890(119903ID119905TA 119895 sdot 119875 119875) 119910ID119905TA 119895119875⟩ to other vehicles
(2) Other vehicles first verify the ID of vehicle 119881119889 The
calculations are as follows
(21) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119894119881
119889
) ID119894119881119889
119879119897ID119894119881
119889
) mod 119901
(22) Calculate 1198611015840ID119905TA = 119890(119908ID119905TA 119895 sdot 119875 119910ID119905TA 119895 sdot 119875) +119890(119875 119903ID119905TA 119895 sdot 119875) = 119890(119875 119875)
ℎID119905TA
(23) Check if 119861ID119905TA
= 1198611015840ID119905TA If the equality issatisfied then the user is legal
(3) Other vehicles then verify the authenticity of themessage The calculations are as follows
(31) Calculate 119908ID119894119881119889119895
= 119867(119872ID119894119881119889119895
ID119894119881119889
119879119895) mod 119901
(32) Calculate 1198611015840ID119894119881119889
= 119890(119908ID119894119881119889119895
sdot 119875 119910ID119894119881119889119895
sdot 119875) +
119890(119903ID119894119881119889119895sdot 119875 119875) = 119890(119875 119875)
ℎID119905TA
(33) Check if 119861ID119894119881119889
= 1198611015840ID119894119881119889
Satisfaction of theequality is proof that vehicle 119881
119889sent the mes-
sage
Assuming that two vehicles within the transmission rangeof the same RSU want to communicate privately with eachother (Figure 1) vehicle 119881
119889and vehicle 119881
119890will calculate their
common key The calculation is as follows
SK119881119889minus119881119890
= 119890 (PRID119894119881119889
PUID119894119881119890)
= 119890 (PUID119894119881119889
ℎID119905TAPUID119894119881119890) = SK
119881119890minus119881119889
(15)
Subsequently vehicle 119881119889uses the common session key
(SK119881119889minus119881119890
) to encrypt the message and send the message tovehicle 119881
119890 When vehicle 119881
119890receives the encrypted message
it uses the common session key (SK119881119890minus119881119889
) to decrypt themessage and obtain the contents of the message
5 Security and Performance Analysis
This section gives a security analysis to demonstrate that themethod developed in this study can provide confidentialityauthentication nonrepudiation conditional anonymity andconditional untraceability A performance analysis is con-ducted by comparing the results of the present study withthose in [12ndash15]
51 Security Analysis The following subsections discuss thespecific aspects of the security analysis of the proposedmethod
(1) Confidentiality Assuming that the ID of every node isnot repeated as confidential communications are occurring
Mathematical Problems in Engineering 9
Table 4 The comparison of property
Property Method[12] [13] [14] [15] Proposed method
Security and privacy preservation YES YES YES YES YESDo need the certificate NO NO NO YES NODo need the help of RSU forauthentication NO NO NO NO NO
PKI-based system NO NO NO NO NOCommunication within different RSU YES YES YES YES YESPrivacy communicate NO NO NO NO YES
among vehicles within the range of a single RSU the propertyof IBC is used to establish the common session keys Thecommon session key of a vehicle is calculated based on thebilinear pairings map According to the elliptic curve discretelogarithm problem (ECDLP) the common session key of amalicious node 119887 and node 119886 is SK
119887-119886 It is difficult for node119887 to determine a secret value from SK
119887-119886 node brsquos privatekey (PR
119887) and node arsquos public key (PU
119886) Other vehicles are
unable to calculate the common session key from their ownprivate keys and the public keys of nodes 119886 and 119887 and thusthe security of confidential communications is ensured
(2) Authentication and Nonrepudiation As a vehicle registersand gains the trust of an RSU the RSU will broadcast thevehiclersquos 119866
2value to all vehicles within range and that
specific 1198662represents the vehicle itself The parameters
⟨119872ID119895 119861ID 119863ID 119910ID119895119875 ID 119879119895⟩ are broadcast as the vehicle is
broadcasting messages Other vehicles will calculate 119908ID119895 =119867(119872ID119895 ID 119879ID119895) mod 119901 upon receipt of the messagesand then calculate 1198611015840ID = 119890(119908ID0119875 119910ID119895119875) + 119890(119903ID0119875 119875) =
119890(119875 119875)ℎID Other vehicles are unable to calculate 119910ID119895 from119910ID119895119875 based on the ECDLP but 119903ID0 119910ID119895 and 119908ID119895 canbe calculated from the parameters 119861ID 119910ID119895119875 based onthe BDH method provided that the equality 119861ID = 1198611015840IDwhich is calculated from the messages of the vehicle issatisfiedTherefore the vehicle sending themessages achievesundeniability and the source of the messages is known
(3) Conditional Anonymity The true ID of a vehicle is knownonly to the TA An anonymous ID (ID
119894) is used when a
vehicle registers with the TA and this anonymous ID (ID119894)
is renewed every time the vehicle registers with the TA Avehicle will renegotiate a new anonymous ID (ID
119901) within
the range of every RSU Therefore it is difficult for anothervehicle to obtain the true ID of the vehicle by tracking ID
119894
from ID119901because the true IDs of the vehicles are known
only to the TA and the individual vehicles bearing those IDsEvery RSU knows the anonymous ID (ID
119894) of each vehicle
but each vehicle has a different ID (ID119901) for every RSU which
prevents malicious RSUs from tracking the current locationof the vehicle
(4) Conditional Untraceability When a vehicle is involvedin a criminal act an RSU is able to trace the anonymousID (ID
119894) from the vehiclersquos anonymous ID (ID
119901) The RSU
Table 5 Bilinear pairings execution time in milliseconds
Notations Descriptions Execution time (ms)119879119901
Pairing operation asymp45119879119898
Point multiplication asymp06119879119890
Field exponentiation asymp054
Table 6 RSAHMAC execution time in milliseconds
Notations Descriptions Execution time (ms)ASE RSA encryption 019ASD RSA decryption 465HMAC HMAC 0002SE AES encryption lt019SD AES decryption lt465
Table 7 The length of the parameters
Parameters Length (bit) Parameters Length (bit)1198661
160 AES 1281198662
160 Variable 32HMAC 160 Message (119872) 1024RSA 1024 Random number (119903) 128
transmits ID119894to the TA which in turn identifies the true ID
of the vehicle with the identity ID119894 Every vehicular parameter
will eventually expire therefore ensuring the validity of theanonymous ID of a vehicle
52 Performance Analysis The method developed in thisstudy was compared with those in [12ndash15] regarding perfor-mance execution time and data volume Table 4 comparesthe results of the present study and those of [12ndash15] showingthat the method developed in the present study is superior tothe other methods
To analyze efficiency the times required for a message tobe broadcast and verified in the present study and in [12ndash15] were calculated and the results are listed in Tables 5ndash7 Table 8 shows the results of the efficiency analysis Theexperimental results show that the method proposed in thispaper is superior to those in other literatures regardless ofcomputational complexity and packet length The networksecurity mechanisms proposed in literature [14] and thispaper are both based on the use of bilinear pairing so allthe packet lengths are within a reasonable range However in
10 Mathematical Problems in Engineering
Table 8 Performance analysis
Property Method[12] [13] [14] [15] Proposed method
The broadcast message
Signing5 lowast 119879119898+ 3 lowast 119879
119901
Verification4 lowast 119879119898+ 4 lowast 119879
119901
Signing1 lowast 119879119901
Verification3 lowast 119879119901
Signing5 lowast 119879119898
Verification6 lowast 119879119898+ 1 lowast 119879
119901
Signing2 lowast 119879119898
Verification2 lowast 119879119898
Signing119879119901+ 2 lowast 119879
119898
Verification119879119901+ 119879119898
Spending time 364ms 18ms 111ms 18ms 108msThe length of ciphertext 1112 bits 480 bits 480 bits (160 lowast 160) + 320 bits 480 bitsHandoff 3 lowast 119879
119901NA 4 lowast 119879
119898+ 2 lowast 119879
1199015 lowast 119879119898
2 lowast SE + 2 lowast SDSpending time 135ms NA 114ms 3ms lt968msThe length of ciphertext 480 bits NA 1280 bits 160 lowast 160 lowast 160 bits 2048 bits
Communication betweendifferent RSUs
Signing5 lowast 119879119898+ 3 lowast 119879
119901
Verification4 lowast 119879119898+ 4 lowast 119879
119901
Signing1 lowast 119879119901
Verification3 lowast 119879119901
Signing5 lowast 119879119898
Verification6 lowast 119879119898+ 1 lowast 119879
119901
Signing2 lowast 119879119898
Verification2 lowast 119879119898
Signing119879119901+ 2 lowast 119879
119898
Verification2 lowast 119879119901+ 2 lowast 119879
119898
Spending time 364ms 18ms 111ms 18ms 159msThe length of ciphertext 1112 bits 480 bits 480 bits (160 lowast 160) + 320 bits 960 bits
Privacy communicate NA NA NA NA
Signing119879119875+ SE
Verification119879119901+ SD
Spending time NA NA NA NA lt1384msThe length of ciphertext NA NA NA NA 1024 bits
computational complexity the proposed method is superiorto that of literature [14] In literature [15] there are networksecurity mechanisms based on chameleon hashing whichemploy exponential calculation The multiplication resultof three values will be huge Although the computationalcomplexity is not high the transfer of large amounts ofpackets will affect network bandwidth and also cause packetlosses in VANETs environment
6 Conclusion
VANETs improve transportation safety and efficiency If theinformation shared between vehicles is tampered with therewill be dire consequences such as vehicle collisions Thescheme proposed in this study ensures the security of theinformation shared between vehicles and is superior to otherschemes in terms of message verification and handoff Addi-tionally in terms of security the scheme in this study ensuresconditional untraceability conditional anonymity authenti-cation and nonrepudiation Future work will include supple-menting the scheme proposed in this study with revocationand trust mechanisms to corroborate the security scheme
Notations
Notations of the BDH
ℎ119894 The user 119894 chooses a random number ℎ
119894isin 119885lowast119902
as its secret value119861119894 The public value of user 119894 such that 119890(ℎ
119894119875 119875)
119910119894119895 The 119910
119894119895is the quotient
119903119894119895 The 119903
119894119895is the remainder
119908119894119895 119908119894119895
= 119867(119872119894119895
119879119895) mod 119901
Notation Used in This Paper
119890 Bilinear mapping1198661 Additive group
1198662 Multiplicative group
119875 Generator of 1198661
SE(sdot) A secure symmetric encryption algorithm119864IBC(sdot) ID-based encryption119863IBC(sdot) ID-based decryptPU119896 Public key of node 119896
PR119896 Private key of node 119896
119863119896 Data key of node 119896
ID119905119896 Real identity of node 119896
ID119894119896 Original pseudonym of node 119896
ID119901119896 Requested pseudonym of node 119896
ℎ119896 Secret value of node 119896
119862119894 Handoff secret value
119861119896 The public value of user 119896 such that 119890(ℎ
119894119875 119875)
SK119896-119895 The common session key between node 119896
and node 119895
119896119894-119895 The common secret key between node 119894 and
node 119895
119885lowast119902 119885lowast
119902is the finite field of mod 119902
119867(sdot) Hash function such that 0 1lowast rarr 119885lowast119902
1198671(sdot) Hash function such that 0 1lowast rarr 119866lowast
1
1198672(sdot) Hash function such that 119866lowast
2rarr 0 1lowast
Mathematical Problems in Engineering 11
119879119895 Time interval 119895
119879119897119894 Lifetime of the corresponding parameters
The message concatenation operation whichappends several messages together in aspecial format
Conflict of Interests
The authors declare that there is no conflict of interestsregarding the publication of this paper
Acknowledgments
This paper is the partial result of project MOST103-2632-E-366-001 and 103-2221-E-268-003 The authors would like tothank the supporting of Ministry of Science and TechnologyTaiwan
References
[1] IEEE ldquoDraft amendment for wireless access in vehicularenvironments (WAVE)rdquo IEEE P80211pD6 2009
[2] Dedicated Short Range Communication (DSRC) httpgrouperieeeorggroupsscc32dsrcindexhtml
[3] US Department of Transportation and National HighwayTraffic Safety Administration Vehicle Safety CommunicationsProject 2006
[4] C Xu F Zhao J Guan H Zhang and G M MunteanldquoQoE-driven user-centric vod services in urban multihomedP2P-based vehicular networksrdquo IEEE Transactions on VehicularTechnology vol 62 no 5 pp 2273ndash2289 2013
[5] GMarfiaM Roccetti A Amoroso andG Pau ldquoSafe driving inLA report from the greatest intervehicular accident detectiontest everrdquo IEEE Transactions on Vehicular Technology vol 62no 2 pp 522ndash535 2013
[6] R Lu X Lin Z Shi and X S Shen ldquoA lightweight conditionalprivacy-preservation protocol for vehicular traffic-monitoringsystemsrdquo IEEE Intelligent Systems vol 28 no 3 pp 62ndash65 2013
[7] IEEETrial-Use Standard ldquoIEEETrial-Use Standard forWirelessAccess in Vehicular Environments (WAVE) Networking Ser-vicesrdquo IEEE 1609 2006
[8] J-P Hubaux S Capkun and J Luo ldquoThe security and privacyof smart vehiclesrdquo IEEE Security and Privacy vol 2 no 3 pp49ndash55 2004
[9] G Kounga T Walter and S Lachmund ldquoProving reliabilityof anonymous information in VANETsrdquo IEEE Transactions onVehicular Technology vol 58 no 6 pp 2977ndash2989 2009
[10] A Wasef Y Jiang and X Shen ldquoDCS an efficient distributed-certificate-service scheme for vehicular networksrdquo IEEE Trans-actions onVehicular Technology vol 59 no 2 pp 533ndash549 2010
[11] J Sun C Zhang Y Zhang and Y Fang ldquoAn identity-basedsecurity system for user privacy in vehicular ad hoc networksrdquoIEEE Transactions on Parallel and Distributed Systems vol 21no 9 pp 1227ndash1239 2010
[12] R Lu X Lin X Liang and X Shen ldquoA dynamic privacy-preserving keymanagement scheme for location-based servicesin VANETsrdquo IEEE Transactions on Intelligent TransportationSystems vol 13 no 1 pp 127ndash139 2012
[13] S Biswas and J Misic ldquoA cross-layer approach to privacy-preserving authentication in WAVE-enabled VANETsrdquo IEEE
Transactions on Vehicular Technology vol 62 no 5 pp 2182ndash2192 2013
[14] L-Y Yeh and J-L Huang ldquoPBS a portable billing schemewith fine-grained access control for service-oriented vehicularnetworksrdquo IEEE Transactions on Mobile Computing vol 13 no11 pp 2606ndash2619 2014
[15] S Guo D Zeng and Y Xiang ldquoChameleon hashing forsecure and privacy-preserving vehicular communicationsrdquoIEEE Transactions on Parallel and Distributed Systems vol 25no 11 pp 2794ndash2803 2014
[16] T W Chim S M Yiu L C K Hui and V O K Li ldquoVSPNVANET-based secure and privacy-preserving navigationrdquo IEEETransactions on Computers vol 63 no 2 pp 510ndash524 2014
[17] D Boneh and M K Franklin ldquoIdentity-based encryption fromthe weil pairingrdquo in Advances in CryptologymdashCRYPTO 200121st Annual International CryptologyConference Santa BarbaraCalifornia USA August 19ndash23 2001 Proceedings vol 2139 ofLectureNotes in Computer Science pp 213ndash229 Springer BerlinGermany 2001
Submit your manuscripts athttpwwwhindawicom
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Mathematical Problems in Engineering
Hindawi Publishing Corporationhttpwwwhindawicom
Differential EquationsInternational Journal of
Volume 2014
Applied MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Probability and StatisticsHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Mathematical PhysicsAdvances in
Complex AnalysisJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
OptimizationJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
CombinatoricsHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
International Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Operations ResearchAdvances in
Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Function Spaces
Abstract and Applied AnalysisHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
International Journal of Mathematics and Mathematical Sciences
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
The Scientific World JournalHindawi Publishing Corporation httpwwwhindawicom Volume 2014
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Algebra
Discrete Dynamics in Nature and Society
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Decision SciencesAdvances in
Discrete MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom
Volume 2014 Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Stochastic AnalysisInternational Journal of
8 Mathematical Problems in Engineering
46 Handoff Problem When vehicle 119881119886comes within the
transmission range of the next RSU (1198772) vehicle 119881
119886will first
inquire for the common secret key that it shares with RSU 1198772
in Table 3 and then initiate the handoff The calculation is asfollows
(1) Vehicle 119881119886
first generates short-term parameters119861ID119901119881119905
119863ID119901119881119905and uses the common secret key
(119896ID119901119881119886 1198772) to encrypt the parametersThen vehicle119881119886
sends the parameters and its anonymous ID to RSU1198772
(2) RSU 1198772inquires for the common secret key and the
time of validity that it shares with vehicle119881119886in Table 2
based on the anonymous ID of vehicle 119881119886 If the time
of validity has expired then vehicle 119881119886will reregister
with RSU (Section 42) If the time of validity has notexpired 119877
2will generate the short-term parameters
for vehicle 119881119886 The calculations are as follows
(21) 1198772calculates PRID119901119881119886
as its private key(22) 119877
2calculates119908ID1199051198772 119895
= 119867(1198672(119861ID119901119881119886
) ID119901119881119886
119879119897ID119901119881119886
) mod 119901(23) 119877
2calculates 119910ID1199051198772 119895 = ℎID1199051198772
119908ID1199051198772 119895 119890(119903ID1199051198772 119895 sdot
119875 119875)
(3) RSU 1198771uses the common secret key to encrypt the
parameters (PRID119901119881119886 119862ID119901119881119886
) The calculation is asfollows
119862 = SE (PRID119901119881119886 CID119901119881119886
119879119895)SK1198771minus119881119886
(14)
RSU 1198771sends the message 119862 ID
119894119881119886 119890(119903ID1199051198771 119895
sdot
119875 119875) 119910ID1199051198771 119895119875 119879119897ID119901119881119886
to vehicle 119881119886
(4) When vehicle119881119886receives themessage the vehicle uses
the common secret key to decrypt the message(5) 1198771
records (ID119894119881119886
ID119901119881119886
119861ID119901119881119886 119863ID119901119881119886
119862ID1199051198771 119895
119879119897ID119901119881119886
) and publishes (ID119901119881119886
119861ID119901119881119886 119863ID119901119881119886
119890(119903ID1199051198771 119895sdot 119875 119875) 119910ID1199051198771 119895
119875 119879119897ID119901119881119886
) to all vehicles in itsdomain
47 Message Authentication When RSUs Are Not AvailableWhen RSUs are not available vehicles can broadcast mes-sages and conduct private communications using the param-eters generated by the TA by executing the following steps
(1) Vehicle 119881119889uses the BDH signature method to autho-
rize a message signature The calculations are asfollows
(11) Vehicle 119881119889calculates 119908ID119894119881
119889119895
= 119867(119872ID119894119881119889119895
ID119894119881119889
119879119895) mod 119901
(12) Vehicle 119881119889calculates 119910ID119894119881
119889119895
= ℎID119894119881119889119895119908ID119894119881
119889119895
119890(119903ID119894119881119889119895sdot 119875 119875)
(13) Vehicle 119881119889broadcasts the message ⟨119872ID119894119881
119889119895
119861ID119894119881119889
119863ID119894119881119889
119890(119903ID119894119881119889119895
sdot 119875 119875) 119910ID119894119881119889119895119875 ID119894119881119889
119879119895 119890(119903ID119905TA 119895 sdot 119875 119875) 119910ID119905TA 119895119875⟩ to other vehicles
(2) Other vehicles first verify the ID of vehicle 119881119889 The
calculations are as follows
(21) Calculate 119908ID119905TA 119895 = 119867(1198672(119861ID119894119881
119889
) ID119894119881119889
119879119897ID119894119881
119889
) mod 119901
(22) Calculate 1198611015840ID119905TA = 119890(119908ID119905TA 119895 sdot 119875 119910ID119905TA 119895 sdot 119875) +119890(119875 119903ID119905TA 119895 sdot 119875) = 119890(119875 119875)
ℎID119905TA
(23) Check if 119861ID119905TA
= 1198611015840ID119905TA If the equality issatisfied then the user is legal
(3) Other vehicles then verify the authenticity of themessage The calculations are as follows
(31) Calculate 119908ID119894119881119889119895
= 119867(119872ID119894119881119889119895
ID119894119881119889
119879119895) mod 119901
(32) Calculate 1198611015840ID119894119881119889
= 119890(119908ID119894119881119889119895
sdot 119875 119910ID119894119881119889119895
sdot 119875) +
119890(119903ID119894119881119889119895sdot 119875 119875) = 119890(119875 119875)
ℎID119905TA
(33) Check if 119861ID119894119881119889
= 1198611015840ID119894119881119889
Satisfaction of theequality is proof that vehicle 119881
119889sent the mes-
sage
Assuming that two vehicles within the transmission rangeof the same RSU want to communicate privately with eachother (Figure 1) vehicle 119881
119889and vehicle 119881
119890will calculate their
common key The calculation is as follows
SK119881119889minus119881119890
= 119890 (PRID119894119881119889
PUID119894119881119890)
= 119890 (PUID119894119881119889
ℎID119905TAPUID119894119881119890) = SK
119881119890minus119881119889
(15)
Subsequently vehicle 119881119889uses the common session key
(SK119881119889minus119881119890
) to encrypt the message and send the message tovehicle 119881
119890 When vehicle 119881
119890receives the encrypted message
it uses the common session key (SK119881119890minus119881119889
) to decrypt themessage and obtain the contents of the message
5 Security and Performance Analysis
This section gives a security analysis to demonstrate that themethod developed in this study can provide confidentialityauthentication nonrepudiation conditional anonymity andconditional untraceability A performance analysis is con-ducted by comparing the results of the present study withthose in [12ndash15]
51 Security Analysis The following subsections discuss thespecific aspects of the security analysis of the proposedmethod
(1) Confidentiality Assuming that the ID of every node isnot repeated as confidential communications are occurring
Mathematical Problems in Engineering 9
Table 4 The comparison of property
Property Method[12] [13] [14] [15] Proposed method
Security and privacy preservation YES YES YES YES YESDo need the certificate NO NO NO YES NODo need the help of RSU forauthentication NO NO NO NO NO
PKI-based system NO NO NO NO NOCommunication within different RSU YES YES YES YES YESPrivacy communicate NO NO NO NO YES
among vehicles within the range of a single RSU the propertyof IBC is used to establish the common session keys Thecommon session key of a vehicle is calculated based on thebilinear pairings map According to the elliptic curve discretelogarithm problem (ECDLP) the common session key of amalicious node 119887 and node 119886 is SK
119887-119886 It is difficult for node119887 to determine a secret value from SK
119887-119886 node brsquos privatekey (PR
119887) and node arsquos public key (PU
119886) Other vehicles are
unable to calculate the common session key from their ownprivate keys and the public keys of nodes 119886 and 119887 and thusthe security of confidential communications is ensured
(2) Authentication and Nonrepudiation As a vehicle registersand gains the trust of an RSU the RSU will broadcast thevehiclersquos 119866
2value to all vehicles within range and that
specific 1198662represents the vehicle itself The parameters
⟨119872ID119895 119861ID 119863ID 119910ID119895119875 ID 119879119895⟩ are broadcast as the vehicle is
broadcasting messages Other vehicles will calculate 119908ID119895 =119867(119872ID119895 ID 119879ID119895) mod 119901 upon receipt of the messagesand then calculate 1198611015840ID = 119890(119908ID0119875 119910ID119895119875) + 119890(119903ID0119875 119875) =
119890(119875 119875)ℎID Other vehicles are unable to calculate 119910ID119895 from119910ID119895119875 based on the ECDLP but 119903ID0 119910ID119895 and 119908ID119895 canbe calculated from the parameters 119861ID 119910ID119895119875 based onthe BDH method provided that the equality 119861ID = 1198611015840IDwhich is calculated from the messages of the vehicle issatisfiedTherefore the vehicle sending themessages achievesundeniability and the source of the messages is known
(3) Conditional Anonymity The true ID of a vehicle is knownonly to the TA An anonymous ID (ID
119894) is used when a
vehicle registers with the TA and this anonymous ID (ID119894)
is renewed every time the vehicle registers with the TA Avehicle will renegotiate a new anonymous ID (ID
119901) within
the range of every RSU Therefore it is difficult for anothervehicle to obtain the true ID of the vehicle by tracking ID
119894
from ID119901because the true IDs of the vehicles are known
only to the TA and the individual vehicles bearing those IDsEvery RSU knows the anonymous ID (ID
119894) of each vehicle
but each vehicle has a different ID (ID119901) for every RSU which
prevents malicious RSUs from tracking the current locationof the vehicle
(4) Conditional Untraceability When a vehicle is involvedin a criminal act an RSU is able to trace the anonymousID (ID
119894) from the vehiclersquos anonymous ID (ID
119901) The RSU
Table 5 Bilinear pairings execution time in milliseconds
Notations Descriptions Execution time (ms)119879119901
Pairing operation asymp45119879119898
Point multiplication asymp06119879119890
Field exponentiation asymp054
Table 6 RSAHMAC execution time in milliseconds
Notations Descriptions Execution time (ms)ASE RSA encryption 019ASD RSA decryption 465HMAC HMAC 0002SE AES encryption lt019SD AES decryption lt465
Table 7 The length of the parameters
Parameters Length (bit) Parameters Length (bit)1198661
160 AES 1281198662
160 Variable 32HMAC 160 Message (119872) 1024RSA 1024 Random number (119903) 128
transmits ID119894to the TA which in turn identifies the true ID
of the vehicle with the identity ID119894 Every vehicular parameter
will eventually expire therefore ensuring the validity of theanonymous ID of a vehicle
52 Performance Analysis The method developed in thisstudy was compared with those in [12ndash15] regarding perfor-mance execution time and data volume Table 4 comparesthe results of the present study and those of [12ndash15] showingthat the method developed in the present study is superior tothe other methods
To analyze efficiency the times required for a message tobe broadcast and verified in the present study and in [12ndash15] were calculated and the results are listed in Tables 5ndash7 Table 8 shows the results of the efficiency analysis Theexperimental results show that the method proposed in thispaper is superior to those in other literatures regardless ofcomputational complexity and packet length The networksecurity mechanisms proposed in literature [14] and thispaper are both based on the use of bilinear pairing so allthe packet lengths are within a reasonable range However in
10 Mathematical Problems in Engineering
Table 8 Performance analysis
Property Method[12] [13] [14] [15] Proposed method
The broadcast message
Signing5 lowast 119879119898+ 3 lowast 119879
119901
Verification4 lowast 119879119898+ 4 lowast 119879
119901
Signing1 lowast 119879119901
Verification3 lowast 119879119901
Signing5 lowast 119879119898
Verification6 lowast 119879119898+ 1 lowast 119879
119901
Signing2 lowast 119879119898
Verification2 lowast 119879119898
Signing119879119901+ 2 lowast 119879
119898
Verification119879119901+ 119879119898
Spending time 364ms 18ms 111ms 18ms 108msThe length of ciphertext 1112 bits 480 bits 480 bits (160 lowast 160) + 320 bits 480 bitsHandoff 3 lowast 119879
119901NA 4 lowast 119879
119898+ 2 lowast 119879
1199015 lowast 119879119898
2 lowast SE + 2 lowast SDSpending time 135ms NA 114ms 3ms lt968msThe length of ciphertext 480 bits NA 1280 bits 160 lowast 160 lowast 160 bits 2048 bits
Communication betweendifferent RSUs
Signing5 lowast 119879119898+ 3 lowast 119879
119901
Verification4 lowast 119879119898+ 4 lowast 119879
119901
Signing1 lowast 119879119901
Verification3 lowast 119879119901
Signing5 lowast 119879119898
Verification6 lowast 119879119898+ 1 lowast 119879
119901
Signing2 lowast 119879119898
Verification2 lowast 119879119898
Signing119879119901+ 2 lowast 119879
119898
Verification2 lowast 119879119901+ 2 lowast 119879
119898
Spending time 364ms 18ms 111ms 18ms 159msThe length of ciphertext 1112 bits 480 bits 480 bits (160 lowast 160) + 320 bits 960 bits
Privacy communicate NA NA NA NA
Signing119879119875+ SE
Verification119879119901+ SD
Spending time NA NA NA NA lt1384msThe length of ciphertext NA NA NA NA 1024 bits
computational complexity the proposed method is superiorto that of literature [14] In literature [15] there are networksecurity mechanisms based on chameleon hashing whichemploy exponential calculation The multiplication resultof three values will be huge Although the computationalcomplexity is not high the transfer of large amounts ofpackets will affect network bandwidth and also cause packetlosses in VANETs environment
6 Conclusion
VANETs improve transportation safety and efficiency If theinformation shared between vehicles is tampered with therewill be dire consequences such as vehicle collisions Thescheme proposed in this study ensures the security of theinformation shared between vehicles and is superior to otherschemes in terms of message verification and handoff Addi-tionally in terms of security the scheme in this study ensuresconditional untraceability conditional anonymity authenti-cation and nonrepudiation Future work will include supple-menting the scheme proposed in this study with revocationand trust mechanisms to corroborate the security scheme
Notations
Notations of the BDH
ℎ119894 The user 119894 chooses a random number ℎ
119894isin 119885lowast119902
as its secret value119861119894 The public value of user 119894 such that 119890(ℎ
119894119875 119875)
119910119894119895 The 119910
119894119895is the quotient
119903119894119895 The 119903
119894119895is the remainder
119908119894119895 119908119894119895
= 119867(119872119894119895
119879119895) mod 119901
Notation Used in This Paper
119890 Bilinear mapping1198661 Additive group
1198662 Multiplicative group
119875 Generator of 1198661
SE(sdot) A secure symmetric encryption algorithm119864IBC(sdot) ID-based encryption119863IBC(sdot) ID-based decryptPU119896 Public key of node 119896
PR119896 Private key of node 119896
119863119896 Data key of node 119896
ID119905119896 Real identity of node 119896
ID119894119896 Original pseudonym of node 119896
ID119901119896 Requested pseudonym of node 119896
ℎ119896 Secret value of node 119896
119862119894 Handoff secret value
119861119896 The public value of user 119896 such that 119890(ℎ
119894119875 119875)
SK119896-119895 The common session key between node 119896
and node 119895
119896119894-119895 The common secret key between node 119894 and
node 119895
119885lowast119902 119885lowast
119902is the finite field of mod 119902
119867(sdot) Hash function such that 0 1lowast rarr 119885lowast119902
1198671(sdot) Hash function such that 0 1lowast rarr 119866lowast
1
1198672(sdot) Hash function such that 119866lowast
2rarr 0 1lowast
Mathematical Problems in Engineering 11
119879119895 Time interval 119895
119879119897119894 Lifetime of the corresponding parameters
The message concatenation operation whichappends several messages together in aspecial format
Conflict of Interests
The authors declare that there is no conflict of interestsregarding the publication of this paper
Acknowledgments
This paper is the partial result of project MOST103-2632-E-366-001 and 103-2221-E-268-003 The authors would like tothank the supporting of Ministry of Science and TechnologyTaiwan
References
[1] IEEE ldquoDraft amendment for wireless access in vehicularenvironments (WAVE)rdquo IEEE P80211pD6 2009
[2] Dedicated Short Range Communication (DSRC) httpgrouperieeeorggroupsscc32dsrcindexhtml
[3] US Department of Transportation and National HighwayTraffic Safety Administration Vehicle Safety CommunicationsProject 2006
[4] C Xu F Zhao J Guan H Zhang and G M MunteanldquoQoE-driven user-centric vod services in urban multihomedP2P-based vehicular networksrdquo IEEE Transactions on VehicularTechnology vol 62 no 5 pp 2273ndash2289 2013
[5] GMarfiaM Roccetti A Amoroso andG Pau ldquoSafe driving inLA report from the greatest intervehicular accident detectiontest everrdquo IEEE Transactions on Vehicular Technology vol 62no 2 pp 522ndash535 2013
[6] R Lu X Lin Z Shi and X S Shen ldquoA lightweight conditionalprivacy-preservation protocol for vehicular traffic-monitoringsystemsrdquo IEEE Intelligent Systems vol 28 no 3 pp 62ndash65 2013
[7] IEEETrial-Use Standard ldquoIEEETrial-Use Standard forWirelessAccess in Vehicular Environments (WAVE) Networking Ser-vicesrdquo IEEE 1609 2006
[8] J-P Hubaux S Capkun and J Luo ldquoThe security and privacyof smart vehiclesrdquo IEEE Security and Privacy vol 2 no 3 pp49ndash55 2004
[9] G Kounga T Walter and S Lachmund ldquoProving reliabilityof anonymous information in VANETsrdquo IEEE Transactions onVehicular Technology vol 58 no 6 pp 2977ndash2989 2009
[10] A Wasef Y Jiang and X Shen ldquoDCS an efficient distributed-certificate-service scheme for vehicular networksrdquo IEEE Trans-actions onVehicular Technology vol 59 no 2 pp 533ndash549 2010
[11] J Sun C Zhang Y Zhang and Y Fang ldquoAn identity-basedsecurity system for user privacy in vehicular ad hoc networksrdquoIEEE Transactions on Parallel and Distributed Systems vol 21no 9 pp 1227ndash1239 2010
[12] R Lu X Lin X Liang and X Shen ldquoA dynamic privacy-preserving keymanagement scheme for location-based servicesin VANETsrdquo IEEE Transactions on Intelligent TransportationSystems vol 13 no 1 pp 127ndash139 2012
[13] S Biswas and J Misic ldquoA cross-layer approach to privacy-preserving authentication in WAVE-enabled VANETsrdquo IEEE
Transactions on Vehicular Technology vol 62 no 5 pp 2182ndash2192 2013
[14] L-Y Yeh and J-L Huang ldquoPBS a portable billing schemewith fine-grained access control for service-oriented vehicularnetworksrdquo IEEE Transactions on Mobile Computing vol 13 no11 pp 2606ndash2619 2014
[15] S Guo D Zeng and Y Xiang ldquoChameleon hashing forsecure and privacy-preserving vehicular communicationsrdquoIEEE Transactions on Parallel and Distributed Systems vol 25no 11 pp 2794ndash2803 2014
[16] T W Chim S M Yiu L C K Hui and V O K Li ldquoVSPNVANET-based secure and privacy-preserving navigationrdquo IEEETransactions on Computers vol 63 no 2 pp 510ndash524 2014
[17] D Boneh and M K Franklin ldquoIdentity-based encryption fromthe weil pairingrdquo in Advances in CryptologymdashCRYPTO 200121st Annual International CryptologyConference Santa BarbaraCalifornia USA August 19ndash23 2001 Proceedings vol 2139 ofLectureNotes in Computer Science pp 213ndash229 Springer BerlinGermany 2001
Submit your manuscripts athttpwwwhindawicom
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Mathematical Problems in Engineering
Hindawi Publishing Corporationhttpwwwhindawicom
Differential EquationsInternational Journal of
Volume 2014
Applied MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Probability and StatisticsHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Mathematical PhysicsAdvances in
Complex AnalysisJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
OptimizationJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
CombinatoricsHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
International Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Operations ResearchAdvances in
Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Function Spaces
Abstract and Applied AnalysisHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
International Journal of Mathematics and Mathematical Sciences
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
The Scientific World JournalHindawi Publishing Corporation httpwwwhindawicom Volume 2014
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Algebra
Discrete Dynamics in Nature and Society
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Decision SciencesAdvances in
Discrete MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom
Volume 2014 Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Stochastic AnalysisInternational Journal of
Mathematical Problems in Engineering 9
Table 4 The comparison of property
Property Method[12] [13] [14] [15] Proposed method
Security and privacy preservation YES YES YES YES YESDo need the certificate NO NO NO YES NODo need the help of RSU forauthentication NO NO NO NO NO
PKI-based system NO NO NO NO NOCommunication within different RSU YES YES YES YES YESPrivacy communicate NO NO NO NO YES
among vehicles within the range of a single RSU the propertyof IBC is used to establish the common session keys Thecommon session key of a vehicle is calculated based on thebilinear pairings map According to the elliptic curve discretelogarithm problem (ECDLP) the common session key of amalicious node 119887 and node 119886 is SK
119887-119886 It is difficult for node119887 to determine a secret value from SK
119887-119886 node brsquos privatekey (PR
119887) and node arsquos public key (PU
119886) Other vehicles are
unable to calculate the common session key from their ownprivate keys and the public keys of nodes 119886 and 119887 and thusthe security of confidential communications is ensured
(2) Authentication and Nonrepudiation As a vehicle registersand gains the trust of an RSU the RSU will broadcast thevehiclersquos 119866
2value to all vehicles within range and that
specific 1198662represents the vehicle itself The parameters
⟨119872ID119895 119861ID 119863ID 119910ID119895119875 ID 119879119895⟩ are broadcast as the vehicle is
broadcasting messages Other vehicles will calculate 119908ID119895 =119867(119872ID119895 ID 119879ID119895) mod 119901 upon receipt of the messagesand then calculate 1198611015840ID = 119890(119908ID0119875 119910ID119895119875) + 119890(119903ID0119875 119875) =
119890(119875 119875)ℎID Other vehicles are unable to calculate 119910ID119895 from119910ID119895119875 based on the ECDLP but 119903ID0 119910ID119895 and 119908ID119895 canbe calculated from the parameters 119861ID 119910ID119895119875 based onthe BDH method provided that the equality 119861ID = 1198611015840IDwhich is calculated from the messages of the vehicle issatisfiedTherefore the vehicle sending themessages achievesundeniability and the source of the messages is known
(3) Conditional Anonymity The true ID of a vehicle is knownonly to the TA An anonymous ID (ID
119894) is used when a
vehicle registers with the TA and this anonymous ID (ID119894)
is renewed every time the vehicle registers with the TA Avehicle will renegotiate a new anonymous ID (ID
119901) within
the range of every RSU Therefore it is difficult for anothervehicle to obtain the true ID of the vehicle by tracking ID
119894
from ID119901because the true IDs of the vehicles are known
only to the TA and the individual vehicles bearing those IDsEvery RSU knows the anonymous ID (ID
119894) of each vehicle
but each vehicle has a different ID (ID119901) for every RSU which
prevents malicious RSUs from tracking the current locationof the vehicle
(4) Conditional Untraceability When a vehicle is involvedin a criminal act an RSU is able to trace the anonymousID (ID
119894) from the vehiclersquos anonymous ID (ID
119901) The RSU
Table 5 Bilinear pairings execution time in milliseconds
Notations Descriptions Execution time (ms)119879119901
Pairing operation asymp45119879119898
Point multiplication asymp06119879119890
Field exponentiation asymp054
Table 6 RSAHMAC execution time in milliseconds
Notations Descriptions Execution time (ms)ASE RSA encryption 019ASD RSA decryption 465HMAC HMAC 0002SE AES encryption lt019SD AES decryption lt465
Table 7 The length of the parameters
Parameters Length (bit) Parameters Length (bit)1198661
160 AES 1281198662
160 Variable 32HMAC 160 Message (119872) 1024RSA 1024 Random number (119903) 128
transmits ID119894to the TA which in turn identifies the true ID
of the vehicle with the identity ID119894 Every vehicular parameter
will eventually expire therefore ensuring the validity of theanonymous ID of a vehicle
52 Performance Analysis The method developed in thisstudy was compared with those in [12ndash15] regarding perfor-mance execution time and data volume Table 4 comparesthe results of the present study and those of [12ndash15] showingthat the method developed in the present study is superior tothe other methods
To analyze efficiency the times required for a message tobe broadcast and verified in the present study and in [12ndash15] were calculated and the results are listed in Tables 5ndash7 Table 8 shows the results of the efficiency analysis Theexperimental results show that the method proposed in thispaper is superior to those in other literatures regardless ofcomputational complexity and packet length The networksecurity mechanisms proposed in literature [14] and thispaper are both based on the use of bilinear pairing so allthe packet lengths are within a reasonable range However in
10 Mathematical Problems in Engineering
Table 8 Performance analysis
Property Method[12] [13] [14] [15] Proposed method
The broadcast message
Signing5 lowast 119879119898+ 3 lowast 119879
119901
Verification4 lowast 119879119898+ 4 lowast 119879
119901
Signing1 lowast 119879119901
Verification3 lowast 119879119901
Signing5 lowast 119879119898
Verification6 lowast 119879119898+ 1 lowast 119879
119901
Signing2 lowast 119879119898
Verification2 lowast 119879119898
Signing119879119901+ 2 lowast 119879
119898
Verification119879119901+ 119879119898
Spending time 364ms 18ms 111ms 18ms 108msThe length of ciphertext 1112 bits 480 bits 480 bits (160 lowast 160) + 320 bits 480 bitsHandoff 3 lowast 119879
119901NA 4 lowast 119879
119898+ 2 lowast 119879
1199015 lowast 119879119898
2 lowast SE + 2 lowast SDSpending time 135ms NA 114ms 3ms lt968msThe length of ciphertext 480 bits NA 1280 bits 160 lowast 160 lowast 160 bits 2048 bits
Communication betweendifferent RSUs
Signing5 lowast 119879119898+ 3 lowast 119879
119901
Verification4 lowast 119879119898+ 4 lowast 119879
119901
Signing1 lowast 119879119901
Verification3 lowast 119879119901
Signing5 lowast 119879119898
Verification6 lowast 119879119898+ 1 lowast 119879
119901
Signing2 lowast 119879119898
Verification2 lowast 119879119898
Signing119879119901+ 2 lowast 119879
119898
Verification2 lowast 119879119901+ 2 lowast 119879
119898
Spending time 364ms 18ms 111ms 18ms 159msThe length of ciphertext 1112 bits 480 bits 480 bits (160 lowast 160) + 320 bits 960 bits
Privacy communicate NA NA NA NA
Signing119879119875+ SE
Verification119879119901+ SD
Spending time NA NA NA NA lt1384msThe length of ciphertext NA NA NA NA 1024 bits
computational complexity the proposed method is superiorto that of literature [14] In literature [15] there are networksecurity mechanisms based on chameleon hashing whichemploy exponential calculation The multiplication resultof three values will be huge Although the computationalcomplexity is not high the transfer of large amounts ofpackets will affect network bandwidth and also cause packetlosses in VANETs environment
6 Conclusion
VANETs improve transportation safety and efficiency If theinformation shared between vehicles is tampered with therewill be dire consequences such as vehicle collisions Thescheme proposed in this study ensures the security of theinformation shared between vehicles and is superior to otherschemes in terms of message verification and handoff Addi-tionally in terms of security the scheme in this study ensuresconditional untraceability conditional anonymity authenti-cation and nonrepudiation Future work will include supple-menting the scheme proposed in this study with revocationand trust mechanisms to corroborate the security scheme
Notations
Notations of the BDH
ℎ119894 The user 119894 chooses a random number ℎ
119894isin 119885lowast119902
as its secret value119861119894 The public value of user 119894 such that 119890(ℎ
119894119875 119875)
119910119894119895 The 119910
119894119895is the quotient
119903119894119895 The 119903
119894119895is the remainder
119908119894119895 119908119894119895
= 119867(119872119894119895
119879119895) mod 119901
Notation Used in This Paper
119890 Bilinear mapping1198661 Additive group
1198662 Multiplicative group
119875 Generator of 1198661
SE(sdot) A secure symmetric encryption algorithm119864IBC(sdot) ID-based encryption119863IBC(sdot) ID-based decryptPU119896 Public key of node 119896
PR119896 Private key of node 119896
119863119896 Data key of node 119896
ID119905119896 Real identity of node 119896
ID119894119896 Original pseudonym of node 119896
ID119901119896 Requested pseudonym of node 119896
ℎ119896 Secret value of node 119896
119862119894 Handoff secret value
119861119896 The public value of user 119896 such that 119890(ℎ
119894119875 119875)
SK119896-119895 The common session key between node 119896
and node 119895
119896119894-119895 The common secret key between node 119894 and
node 119895
119885lowast119902 119885lowast
119902is the finite field of mod 119902
119867(sdot) Hash function such that 0 1lowast rarr 119885lowast119902
1198671(sdot) Hash function such that 0 1lowast rarr 119866lowast
1
1198672(sdot) Hash function such that 119866lowast
2rarr 0 1lowast
Mathematical Problems in Engineering 11
119879119895 Time interval 119895
119879119897119894 Lifetime of the corresponding parameters
The message concatenation operation whichappends several messages together in aspecial format
Conflict of Interests
The authors declare that there is no conflict of interestsregarding the publication of this paper
Acknowledgments
This paper is the partial result of project MOST103-2632-E-366-001 and 103-2221-E-268-003 The authors would like tothank the supporting of Ministry of Science and TechnologyTaiwan
References
[1] IEEE ldquoDraft amendment for wireless access in vehicularenvironments (WAVE)rdquo IEEE P80211pD6 2009
[2] Dedicated Short Range Communication (DSRC) httpgrouperieeeorggroupsscc32dsrcindexhtml
[3] US Department of Transportation and National HighwayTraffic Safety Administration Vehicle Safety CommunicationsProject 2006
[4] C Xu F Zhao J Guan H Zhang and G M MunteanldquoQoE-driven user-centric vod services in urban multihomedP2P-based vehicular networksrdquo IEEE Transactions on VehicularTechnology vol 62 no 5 pp 2273ndash2289 2013
[5] GMarfiaM Roccetti A Amoroso andG Pau ldquoSafe driving inLA report from the greatest intervehicular accident detectiontest everrdquo IEEE Transactions on Vehicular Technology vol 62no 2 pp 522ndash535 2013
[6] R Lu X Lin Z Shi and X S Shen ldquoA lightweight conditionalprivacy-preservation protocol for vehicular traffic-monitoringsystemsrdquo IEEE Intelligent Systems vol 28 no 3 pp 62ndash65 2013
[7] IEEETrial-Use Standard ldquoIEEETrial-Use Standard forWirelessAccess in Vehicular Environments (WAVE) Networking Ser-vicesrdquo IEEE 1609 2006
[8] J-P Hubaux S Capkun and J Luo ldquoThe security and privacyof smart vehiclesrdquo IEEE Security and Privacy vol 2 no 3 pp49ndash55 2004
[9] G Kounga T Walter and S Lachmund ldquoProving reliabilityof anonymous information in VANETsrdquo IEEE Transactions onVehicular Technology vol 58 no 6 pp 2977ndash2989 2009
[10] A Wasef Y Jiang and X Shen ldquoDCS an efficient distributed-certificate-service scheme for vehicular networksrdquo IEEE Trans-actions onVehicular Technology vol 59 no 2 pp 533ndash549 2010
[11] J Sun C Zhang Y Zhang and Y Fang ldquoAn identity-basedsecurity system for user privacy in vehicular ad hoc networksrdquoIEEE Transactions on Parallel and Distributed Systems vol 21no 9 pp 1227ndash1239 2010
[12] R Lu X Lin X Liang and X Shen ldquoA dynamic privacy-preserving keymanagement scheme for location-based servicesin VANETsrdquo IEEE Transactions on Intelligent TransportationSystems vol 13 no 1 pp 127ndash139 2012
[13] S Biswas and J Misic ldquoA cross-layer approach to privacy-preserving authentication in WAVE-enabled VANETsrdquo IEEE
Transactions on Vehicular Technology vol 62 no 5 pp 2182ndash2192 2013
[14] L-Y Yeh and J-L Huang ldquoPBS a portable billing schemewith fine-grained access control for service-oriented vehicularnetworksrdquo IEEE Transactions on Mobile Computing vol 13 no11 pp 2606ndash2619 2014
[15] S Guo D Zeng and Y Xiang ldquoChameleon hashing forsecure and privacy-preserving vehicular communicationsrdquoIEEE Transactions on Parallel and Distributed Systems vol 25no 11 pp 2794ndash2803 2014
[16] T W Chim S M Yiu L C K Hui and V O K Li ldquoVSPNVANET-based secure and privacy-preserving navigationrdquo IEEETransactions on Computers vol 63 no 2 pp 510ndash524 2014
[17] D Boneh and M K Franklin ldquoIdentity-based encryption fromthe weil pairingrdquo in Advances in CryptologymdashCRYPTO 200121st Annual International CryptologyConference Santa BarbaraCalifornia USA August 19ndash23 2001 Proceedings vol 2139 ofLectureNotes in Computer Science pp 213ndash229 Springer BerlinGermany 2001
Submit your manuscripts athttpwwwhindawicom
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Mathematical Problems in Engineering
Hindawi Publishing Corporationhttpwwwhindawicom
Differential EquationsInternational Journal of
Volume 2014
Applied MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Probability and StatisticsHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Mathematical PhysicsAdvances in
Complex AnalysisJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
OptimizationJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
CombinatoricsHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
International Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Operations ResearchAdvances in
Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Function Spaces
Abstract and Applied AnalysisHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
International Journal of Mathematics and Mathematical Sciences
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
The Scientific World JournalHindawi Publishing Corporation httpwwwhindawicom Volume 2014
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Algebra
Discrete Dynamics in Nature and Society
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Decision SciencesAdvances in
Discrete MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom
Volume 2014 Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Stochastic AnalysisInternational Journal of
10 Mathematical Problems in Engineering
Table 8 Performance analysis
Property Method[12] [13] [14] [15] Proposed method
The broadcast message
Signing5 lowast 119879119898+ 3 lowast 119879
119901
Verification4 lowast 119879119898+ 4 lowast 119879
119901
Signing1 lowast 119879119901
Verification3 lowast 119879119901
Signing5 lowast 119879119898
Verification6 lowast 119879119898+ 1 lowast 119879
119901
Signing2 lowast 119879119898
Verification2 lowast 119879119898
Signing119879119901+ 2 lowast 119879
119898
Verification119879119901+ 119879119898
Spending time 364ms 18ms 111ms 18ms 108msThe length of ciphertext 1112 bits 480 bits 480 bits (160 lowast 160) + 320 bits 480 bitsHandoff 3 lowast 119879
119901NA 4 lowast 119879
119898+ 2 lowast 119879
1199015 lowast 119879119898
2 lowast SE + 2 lowast SDSpending time 135ms NA 114ms 3ms lt968msThe length of ciphertext 480 bits NA 1280 bits 160 lowast 160 lowast 160 bits 2048 bits
Communication betweendifferent RSUs
Signing5 lowast 119879119898+ 3 lowast 119879
119901
Verification4 lowast 119879119898+ 4 lowast 119879
119901
Signing1 lowast 119879119901
Verification3 lowast 119879119901
Signing5 lowast 119879119898
Verification6 lowast 119879119898+ 1 lowast 119879
119901
Signing2 lowast 119879119898
Verification2 lowast 119879119898
Signing119879119901+ 2 lowast 119879
119898
Verification2 lowast 119879119901+ 2 lowast 119879
119898
Spending time 364ms 18ms 111ms 18ms 159msThe length of ciphertext 1112 bits 480 bits 480 bits (160 lowast 160) + 320 bits 960 bits
Privacy communicate NA NA NA NA
Signing119879119875+ SE
Verification119879119901+ SD
Spending time NA NA NA NA lt1384msThe length of ciphertext NA NA NA NA 1024 bits
computational complexity the proposed method is superiorto that of literature [14] In literature [15] there are networksecurity mechanisms based on chameleon hashing whichemploy exponential calculation The multiplication resultof three values will be huge Although the computationalcomplexity is not high the transfer of large amounts ofpackets will affect network bandwidth and also cause packetlosses in VANETs environment
6 Conclusion
VANETs improve transportation safety and efficiency If theinformation shared between vehicles is tampered with therewill be dire consequences such as vehicle collisions Thescheme proposed in this study ensures the security of theinformation shared between vehicles and is superior to otherschemes in terms of message verification and handoff Addi-tionally in terms of security the scheme in this study ensuresconditional untraceability conditional anonymity authenti-cation and nonrepudiation Future work will include supple-menting the scheme proposed in this study with revocationand trust mechanisms to corroborate the security scheme
Notations
Notations of the BDH
ℎ119894 The user 119894 chooses a random number ℎ
119894isin 119885lowast119902
as its secret value119861119894 The public value of user 119894 such that 119890(ℎ
119894119875 119875)
119910119894119895 The 119910
119894119895is the quotient
119903119894119895 The 119903
119894119895is the remainder
119908119894119895 119908119894119895
= 119867(119872119894119895
119879119895) mod 119901
Notation Used in This Paper
119890 Bilinear mapping1198661 Additive group
1198662 Multiplicative group
119875 Generator of 1198661
SE(sdot) A secure symmetric encryption algorithm119864IBC(sdot) ID-based encryption119863IBC(sdot) ID-based decryptPU119896 Public key of node 119896
PR119896 Private key of node 119896
119863119896 Data key of node 119896
ID119905119896 Real identity of node 119896
ID119894119896 Original pseudonym of node 119896
ID119901119896 Requested pseudonym of node 119896
ℎ119896 Secret value of node 119896
119862119894 Handoff secret value
119861119896 The public value of user 119896 such that 119890(ℎ
119894119875 119875)
SK119896-119895 The common session key between node 119896
and node 119895
119896119894-119895 The common secret key between node 119894 and
node 119895
119885lowast119902 119885lowast
119902is the finite field of mod 119902
119867(sdot) Hash function such that 0 1lowast rarr 119885lowast119902
1198671(sdot) Hash function such that 0 1lowast rarr 119866lowast
1
1198672(sdot) Hash function such that 119866lowast
2rarr 0 1lowast
Mathematical Problems in Engineering 11
119879119895 Time interval 119895
119879119897119894 Lifetime of the corresponding parameters
The message concatenation operation whichappends several messages together in aspecial format
Conflict of Interests
The authors declare that there is no conflict of interestsregarding the publication of this paper
Acknowledgments
This paper is the partial result of project MOST103-2632-E-366-001 and 103-2221-E-268-003 The authors would like tothank the supporting of Ministry of Science and TechnologyTaiwan
References
[1] IEEE ldquoDraft amendment for wireless access in vehicularenvironments (WAVE)rdquo IEEE P80211pD6 2009
[2] Dedicated Short Range Communication (DSRC) httpgrouperieeeorggroupsscc32dsrcindexhtml
[3] US Department of Transportation and National HighwayTraffic Safety Administration Vehicle Safety CommunicationsProject 2006
[4] C Xu F Zhao J Guan H Zhang and G M MunteanldquoQoE-driven user-centric vod services in urban multihomedP2P-based vehicular networksrdquo IEEE Transactions on VehicularTechnology vol 62 no 5 pp 2273ndash2289 2013
[5] GMarfiaM Roccetti A Amoroso andG Pau ldquoSafe driving inLA report from the greatest intervehicular accident detectiontest everrdquo IEEE Transactions on Vehicular Technology vol 62no 2 pp 522ndash535 2013
[6] R Lu X Lin Z Shi and X S Shen ldquoA lightweight conditionalprivacy-preservation protocol for vehicular traffic-monitoringsystemsrdquo IEEE Intelligent Systems vol 28 no 3 pp 62ndash65 2013
[7] IEEETrial-Use Standard ldquoIEEETrial-Use Standard forWirelessAccess in Vehicular Environments (WAVE) Networking Ser-vicesrdquo IEEE 1609 2006
[8] J-P Hubaux S Capkun and J Luo ldquoThe security and privacyof smart vehiclesrdquo IEEE Security and Privacy vol 2 no 3 pp49ndash55 2004
[9] G Kounga T Walter and S Lachmund ldquoProving reliabilityof anonymous information in VANETsrdquo IEEE Transactions onVehicular Technology vol 58 no 6 pp 2977ndash2989 2009
[10] A Wasef Y Jiang and X Shen ldquoDCS an efficient distributed-certificate-service scheme for vehicular networksrdquo IEEE Trans-actions onVehicular Technology vol 59 no 2 pp 533ndash549 2010
[11] J Sun C Zhang Y Zhang and Y Fang ldquoAn identity-basedsecurity system for user privacy in vehicular ad hoc networksrdquoIEEE Transactions on Parallel and Distributed Systems vol 21no 9 pp 1227ndash1239 2010
[12] R Lu X Lin X Liang and X Shen ldquoA dynamic privacy-preserving keymanagement scheme for location-based servicesin VANETsrdquo IEEE Transactions on Intelligent TransportationSystems vol 13 no 1 pp 127ndash139 2012
[13] S Biswas and J Misic ldquoA cross-layer approach to privacy-preserving authentication in WAVE-enabled VANETsrdquo IEEE
Transactions on Vehicular Technology vol 62 no 5 pp 2182ndash2192 2013
[14] L-Y Yeh and J-L Huang ldquoPBS a portable billing schemewith fine-grained access control for service-oriented vehicularnetworksrdquo IEEE Transactions on Mobile Computing vol 13 no11 pp 2606ndash2619 2014
[15] S Guo D Zeng and Y Xiang ldquoChameleon hashing forsecure and privacy-preserving vehicular communicationsrdquoIEEE Transactions on Parallel and Distributed Systems vol 25no 11 pp 2794ndash2803 2014
[16] T W Chim S M Yiu L C K Hui and V O K Li ldquoVSPNVANET-based secure and privacy-preserving navigationrdquo IEEETransactions on Computers vol 63 no 2 pp 510ndash524 2014
[17] D Boneh and M K Franklin ldquoIdentity-based encryption fromthe weil pairingrdquo in Advances in CryptologymdashCRYPTO 200121st Annual International CryptologyConference Santa BarbaraCalifornia USA August 19ndash23 2001 Proceedings vol 2139 ofLectureNotes in Computer Science pp 213ndash229 Springer BerlinGermany 2001
Submit your manuscripts athttpwwwhindawicom
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Mathematical Problems in Engineering
Hindawi Publishing Corporationhttpwwwhindawicom
Differential EquationsInternational Journal of
Volume 2014
Applied MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Probability and StatisticsHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Mathematical PhysicsAdvances in
Complex AnalysisJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
OptimizationJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
CombinatoricsHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
International Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Operations ResearchAdvances in
Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Function Spaces
Abstract and Applied AnalysisHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
International Journal of Mathematics and Mathematical Sciences
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
The Scientific World JournalHindawi Publishing Corporation httpwwwhindawicom Volume 2014
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Algebra
Discrete Dynamics in Nature and Society
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Decision SciencesAdvances in
Discrete MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom
Volume 2014 Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Stochastic AnalysisInternational Journal of
Mathematical Problems in Engineering 11
119879119895 Time interval 119895
119879119897119894 Lifetime of the corresponding parameters
The message concatenation operation whichappends several messages together in aspecial format
Conflict of Interests
The authors declare that there is no conflict of interestsregarding the publication of this paper
Acknowledgments
This paper is the partial result of project MOST103-2632-E-366-001 and 103-2221-E-268-003 The authors would like tothank the supporting of Ministry of Science and TechnologyTaiwan
References
[1] IEEE ldquoDraft amendment for wireless access in vehicularenvironments (WAVE)rdquo IEEE P80211pD6 2009
[2] Dedicated Short Range Communication (DSRC) httpgrouperieeeorggroupsscc32dsrcindexhtml
[3] US Department of Transportation and National HighwayTraffic Safety Administration Vehicle Safety CommunicationsProject 2006
[4] C Xu F Zhao J Guan H Zhang and G M MunteanldquoQoE-driven user-centric vod services in urban multihomedP2P-based vehicular networksrdquo IEEE Transactions on VehicularTechnology vol 62 no 5 pp 2273ndash2289 2013
[5] GMarfiaM Roccetti A Amoroso andG Pau ldquoSafe driving inLA report from the greatest intervehicular accident detectiontest everrdquo IEEE Transactions on Vehicular Technology vol 62no 2 pp 522ndash535 2013
[6] R Lu X Lin Z Shi and X S Shen ldquoA lightweight conditionalprivacy-preservation protocol for vehicular traffic-monitoringsystemsrdquo IEEE Intelligent Systems vol 28 no 3 pp 62ndash65 2013
[7] IEEETrial-Use Standard ldquoIEEETrial-Use Standard forWirelessAccess in Vehicular Environments (WAVE) Networking Ser-vicesrdquo IEEE 1609 2006
[8] J-P Hubaux S Capkun and J Luo ldquoThe security and privacyof smart vehiclesrdquo IEEE Security and Privacy vol 2 no 3 pp49ndash55 2004
[9] G Kounga T Walter and S Lachmund ldquoProving reliabilityof anonymous information in VANETsrdquo IEEE Transactions onVehicular Technology vol 58 no 6 pp 2977ndash2989 2009
[10] A Wasef Y Jiang and X Shen ldquoDCS an efficient distributed-certificate-service scheme for vehicular networksrdquo IEEE Trans-actions onVehicular Technology vol 59 no 2 pp 533ndash549 2010
[11] J Sun C Zhang Y Zhang and Y Fang ldquoAn identity-basedsecurity system for user privacy in vehicular ad hoc networksrdquoIEEE Transactions on Parallel and Distributed Systems vol 21no 9 pp 1227ndash1239 2010
[12] R Lu X Lin X Liang and X Shen ldquoA dynamic privacy-preserving keymanagement scheme for location-based servicesin VANETsrdquo IEEE Transactions on Intelligent TransportationSystems vol 13 no 1 pp 127ndash139 2012
[13] S Biswas and J Misic ldquoA cross-layer approach to privacy-preserving authentication in WAVE-enabled VANETsrdquo IEEE
Transactions on Vehicular Technology vol 62 no 5 pp 2182ndash2192 2013
[14] L-Y Yeh and J-L Huang ldquoPBS a portable billing schemewith fine-grained access control for service-oriented vehicularnetworksrdquo IEEE Transactions on Mobile Computing vol 13 no11 pp 2606ndash2619 2014
[15] S Guo D Zeng and Y Xiang ldquoChameleon hashing forsecure and privacy-preserving vehicular communicationsrdquoIEEE Transactions on Parallel and Distributed Systems vol 25no 11 pp 2794ndash2803 2014
[16] T W Chim S M Yiu L C K Hui and V O K Li ldquoVSPNVANET-based secure and privacy-preserving navigationrdquo IEEETransactions on Computers vol 63 no 2 pp 510ndash524 2014
[17] D Boneh and M K Franklin ldquoIdentity-based encryption fromthe weil pairingrdquo in Advances in CryptologymdashCRYPTO 200121st Annual International CryptologyConference Santa BarbaraCalifornia USA August 19ndash23 2001 Proceedings vol 2139 ofLectureNotes in Computer Science pp 213ndash229 Springer BerlinGermany 2001
Submit your manuscripts athttpwwwhindawicom
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Mathematical Problems in Engineering
Hindawi Publishing Corporationhttpwwwhindawicom
Differential EquationsInternational Journal of
Volume 2014
Applied MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Probability and StatisticsHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Mathematical PhysicsAdvances in
Complex AnalysisJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
OptimizationJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
CombinatoricsHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
International Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Operations ResearchAdvances in
Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Function Spaces
Abstract and Applied AnalysisHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
International Journal of Mathematics and Mathematical Sciences
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
The Scientific World JournalHindawi Publishing Corporation httpwwwhindawicom Volume 2014
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Algebra
Discrete Dynamics in Nature and Society
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Decision SciencesAdvances in
Discrete MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom
Volume 2014 Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Stochastic AnalysisInternational Journal of
Submit your manuscripts athttpwwwhindawicom
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Mathematical Problems in Engineering
Hindawi Publishing Corporationhttpwwwhindawicom
Differential EquationsInternational Journal of
Volume 2014
Applied MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Probability and StatisticsHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Mathematical PhysicsAdvances in
Complex AnalysisJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
OptimizationJournal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
CombinatoricsHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
International Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Operations ResearchAdvances in
Journal of
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Function Spaces
Abstract and Applied AnalysisHindawi Publishing Corporationhttpwwwhindawicom Volume 2014
International Journal of Mathematics and Mathematical Sciences
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
The Scientific World JournalHindawi Publishing Corporation httpwwwhindawicom Volume 2014
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Algebra
Discrete Dynamics in Nature and Society
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Decision SciencesAdvances in
Discrete MathematicsJournal of
Hindawi Publishing Corporationhttpwwwhindawicom
Volume 2014 Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014
Stochastic AnalysisInternational Journal of