CN108600240B - Communication system and communication method thereof - Google Patents
Communication system and communication method thereof Download PDFInfo
- Publication number
- CN108600240B CN108600240B CN201810408721.4A CN201810408721A CN108600240B CN 108600240 B CN108600240 B CN 108600240B CN 201810408721 A CN201810408721 A CN 201810408721A CN 108600240 B CN108600240 B CN 108600240B
- Authority
- CN
- China
- Prior art keywords
- vehicle
- fog node
- digital certificate
- key
- service request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000004891 communication Methods 0.000 title claims abstract description 118
- 238000000034 method Methods 0.000 title claims abstract description 18
- 238000012795 verification Methods 0.000 claims abstract description 14
- 239000003595 mist Substances 0.000 claims description 6
- 230000002452 interceptive effect Effects 0.000 description 15
- 230000003993 interaction Effects 0.000 description 9
- 230000008569 process Effects 0.000 description 5
- 230000009471 action Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 239000002360 explosive Substances 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention provides a communication system and a communication method thereof, comprising the following steps: at least one vehicle and at least one fog node; the vehicle is used for signing the first service request by using an asymmetric vehicle private key when receiving the first service request sent by a user, and sending the vehicle digital certificate and the signed first service request to the defogging node; receiving and verifying a fog node digital certificate and signed first receipt information sent by a fog node; when the verification is passed, acquiring the decrypted first receipt information; and the fog node is used for receiving and verifying the vehicle digital certificate sent by the vehicle and the signed first service request, generating first receipt information when the verification is passed, signing the first receipt information by using a pre-acquired asymmetric fog node private key, and sending the pre-acquired fog node digital certificate and the signed first receipt information to the vehicle. The scheme can improve the safety of the communication between the vehicle and the fog node.
Description
Technical Field
The invention relates to the field of fog computing and Internet of vehicles safety, in particular to a communication system and a communication method thereof
Background
The car networking provides the development direction for solving the urban traffic problem as a part of wisdom traffic. In recent years, with the explosive increase of the number of vehicles and the data of the internet of vehicles, the bandwidth resource of the cloud computing network is seriously insufficient, and the characteristics of mobility and low time delay of the internet of vehicles cannot be met. The appearance of the fog nodes greatly improves the situation.
At present, the fog nodes are deployed at the edge of a network and have the characteristics of location awareness and low time delay, so that the fog nodes can be better applied to the Internet of vehicles. However, the vehicle as a mobile node in the internet of vehicles can only communicate with the fog node through the wireless mobile network, and compared with the traditional network, the channel security is poorer and the attack is more prone to be caused. If the vehicle end receives malicious attack, the privacy of the vehicle end is easily revealed. After the fog node is attacked, other vehicles served by the fog node face the threat of information leakage, and even the upper cloud environment connected with the fog node is affected, so that the safety of communication between the vehicles and the fog node is low.
Disclosure of Invention
The embodiment of the invention provides a communication system and a communication method thereof, which can improve the safety of communication between a vehicle and a fog node.
In a first aspect, an embodiment of the present invention provides a communication system, including:
at least one vehicle and at least one fog node;
each vehicle is used for signing the first service request by using a pre-acquired asymmetric vehicle private key when receiving the first service request sent by a user, and sending a pre-acquired vehicle digital certificate and the signed first service request to a mist sending node; when a fog node digital certificate and signed first receipt information sent by the fog node are received, verifying the fog node digital certificate and the signed first receipt information; when the verification is passed, acquiring the decrypted first receipt information;
each fog node is used for verifying the vehicle digital certificate and the signed first service request when receiving the vehicle digital certificate and the signed first service request sent by the vehicle, generating the first receipt information when the verification is passed, signing the first receipt information by using a pre-obtained asymmetric fog node private key, and sending the pre-obtained fog node digital certificate and the signed first receipt information to the vehicle.
Preferably, further comprising: a Certificate Authority (CA) center;
the vehicle is used for sending a vehicle certificate application carrying vehicle identity information to the CA in advance, and receiving a vehicle digital certificate and an asymmetric vehicle private key sent by the CA;
the fog node is used for sending a fog node certificate application carrying fog node identity information to the CA center in advance and receiving a fog node digital certificate and an asymmetric fog node private key sent by the CA center;
the CA center is used for generating the vehicle digital certificate and the asymmetric vehicle private key by using the vehicle identity information according to a preset encryption rule when receiving a vehicle certificate application carrying vehicle identity information sent by the vehicle, and sending the vehicle digital certificate and the asymmetric vehicle private key to the vehicle; and when a fog node certificate application carrying fog node identity information sent by the fog node is received, generating the fog node digital certificate and the asymmetric fog node private key by using the fog node identity information according to the encryption rule, and sending the fog node digital certificate and the asymmetric fog node private key to the fog node.
Preferably, the CA center is further configured to publish a pre-generated center public key;
the vehicle is used for determining whether the central public key can decrypt the fog node digital certificate, and if so, acquiring a fog node public key in the decrypted fog node digital certificate; decrypting the signed first receipt information by using the fog node public key;
the fog node is used for determining whether the central public key can decrypt the vehicle digital certificate, and if so, acquiring the vehicle public key in the decrypted vehicle digital certificate; decrypting the signed first service request using the vehicle public key.
Preferably, the vehicle is further configured to generate a symmetric root key according to a preset key rule when receiving a re-service request sent by the user; encrypting the symmetric root key and the re-service request by using the asymmetric vehicle private key to generate key negotiation information; sending the key negotiation information to the fog node; when encrypted receipt information sent by the fog node is received, decrypting the encrypted receipt information by using the symmetric root key to obtain the decrypted receipt information;
the fog node is further configured to decrypt the key agreement information by using the vehicle public key when receiving the key agreement information of the vehicle, and obtain the symmetric root key and the re-service request; generating re-receipt information corresponding to the re-service request; encrypting the receipt information again by using the symmetric root key; and sending the encrypted receipt information to the vehicle.
Preferably, the vehicle is further configured to determine whether the encrypted receipt information is received within a preset time limit, and if so, when a subsequent service request sent by the user is received, encrypt the subsequent service request by using the symmetric root key, generate new communication information, and send the new communication information to the cloud node; otherwise, when the subsequent service request is received, generating a new symmetric root key according to the key rule, encrypting the new symmetric root key and the subsequent service request by using the asymmetric vehicle private key to generate new communication information, and sending the new communication information to the fog node so that the fog node sends corresponding subsequent receipt information according to the new communication information.
Preferably, the cloud node is further configured to preset a service user list, and record the vehicle digital certificate, the vehicle public key, the last service time of the vehicle, the symmetric root key, and the time limit of the symmetric root key in the service user list; when the new communication information is received, performing:
s0: determining whether a symmetric root key corresponding to the vehicle exists in the service user list, if so, performing S1, otherwise, performing S3;
s1: determining whether the symmetric root key is valid according to the last service time and the time limit, if so, executing S2, otherwise, executing S3;
s2: decrypting the new communication information by using the symmetric root key, and updating the last service time in the service user list;
s3: and decrypting the new communication information by using the vehicle public key, and deleting the symmetric root key and the time limit of the symmetric root key in the service user list.
Preferably, the CA center is further configured to publish a certificate revocation list generated in advance;
the fog node is further configured to, when receiving the vehicle digital certificate and the signed first service request sent by the vehicle, determine whether the vehicle digital certificate is on the certificate revocation list, and if so, cancel the communication this time, otherwise, execute the first service request after verifying the vehicle digital certificate and the signature.
In a second aspect, an embodiment of the present invention provides a communication method based on any one of the communication systems in the first aspect, including:
each vehicle in at least one vehicle signs the first service request by using a pre-acquired asymmetric vehicle private key when receiving the first service request sent by a user, and sends a pre-acquired vehicle digital certificate and the signed first service request to a mist giving node; when a fog node digital certificate and signed first receipt information sent by the fog node are received, verifying the fog node digital certificate and the signed first receipt information; when the verification is passed, acquiring the decrypted first receipt information;
each of the at least one fog node verifies the vehicle digital certificate and the signed first service request when receiving the vehicle digital certificate and the signed first service request sent by the vehicle, generates the first receipt information when the verification is passed, signs the first receipt information by using a pre-obtained asymmetric fog node private key, and sends the pre-obtained fog node digital certificate and the signed first receipt information to the vehicle.
Preferably, before said signing the first service request with the pre-obtained asymmetric vehicle private key, further comprises:
the vehicle sends a vehicle certificate application carrying vehicle identity information to a CA center in advance, and receives a vehicle digital certificate and an asymmetric vehicle private key sent by the CA center;
before the signing the first receipt information by using the pre-acquired asymmetric fog node private key, further comprising:
the fog node sends a fog node certificate application carrying fog node identity information to the CA center in advance, and receives a fog node digital certificate and an asymmetric fog node private key sent by the CA center;
when the CA center receives a vehicle certificate application carrying vehicle identity information sent by the vehicle, the CA center generates the vehicle digital certificate and the asymmetric vehicle private key by using the vehicle identity information according to a preset encryption rule, and sends the vehicle digital certificate and the asymmetric vehicle private key to the vehicle; and when a fog node certificate application carrying fog node identity information sent by the fog node is received, generating the fog node digital certificate and the asymmetric fog node private key by using the fog node identity information according to the encryption rule, and sending the fog node digital certificate and the asymmetric fog node private key to the fog node.
Preferably, before the sending the vehicle digital certificate and the asymmetric vehicle private key to the vehicle, further comprises:
the CA center publishes a pre-generated certificate revocation list;
and when receiving the vehicle digital certificate and the signed first service request sent by the vehicle, the fog node determines whether the vehicle digital certificate is in the certificate revocation list, if so, cancels the communication, and otherwise, executes the first service request after verifying the vehicle digital certificate and the signature.
In the embodiment of the invention, before the vehicle interacts with the fog node, two communication parties need to acquire respective digital certificates firstly, so that when the fog node interacts with the vehicle, whether the identity of the vehicle is legal or not is determined according to the vehicle digital certificate, and when the identity of the fog node is legal, the fog node digital certificate and corresponding first receipt information are sent to the vehicle, so that the vehicle determines whether the identity of the fog node is legal or not according to the fog node digital certificate, and when and only when the identity of the fog node is legal, the first receipt information sent by the fog node is acquired. In summary, the vehicle digital certificate is sent to the external fog node and the fog node digital certificate sent by the external fog node is received, so that the two communication parties can use the digital certificates as the proof of identity authentication of the two communication parties and determine the validity of the identities of the two communication parties, and the safety of communication between the vehicle and the fog node can be improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.
Fig. 1 is a schematic structural diagram of a communication system according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of another communication system according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of another communication system according to an embodiment of the present invention;
fig. 4 is a flowchart of a communication method of a communication system according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer and more complete, the technical solutions in the embodiments of the present invention will be described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention, and based on the embodiments of the present invention, all other embodiments obtained by a person of ordinary skill in the art without creative efforts belong to the scope of the present invention.
As shown in fig. 1, an embodiment of the present invention provides a communication system, including: at least one vehicle 101 and at least one fog node 102;
each vehicle 101 is configured to, when receiving a first service request sent by a user, sign the first service request by using a pre-acquired asymmetric vehicle private key, and send a pre-acquired vehicle digital certificate and the signed first service request to the mist node 102; when the fog node digital certificate and the signed first receipt information sent by the fog node 102 are received, verifying the fog node digital certificate and the signed first receipt information; when the verification is passed, acquiring the decrypted first receipt information;
each fog node 102 is configured to verify the vehicle digital certificate and the signed first service request when receiving the vehicle digital certificate and the signed first service request sent by the vehicle 101, generate the first receipt information when the verification passes, sign the first receipt information by using a pre-obtained asymmetric fog node private key, and send the pre-obtained fog node digital certificate and the signed first receipt information to the vehicle 101.
In the embodiment of the invention, before the vehicle interacts with the fog node, two communication parties need to acquire respective digital certificates firstly, so that when the fog node interacts with the vehicle, whether the identity of the vehicle is legal or not is determined according to the vehicle digital certificate, and when the identity of the fog node is legal, the fog node digital certificate and corresponding first receipt information are sent to the vehicle, so that the vehicle determines whether the identity of the fog node is legal or not according to the fog node digital certificate, and when and only when the identity of the fog node is legal, the first receipt information sent by the fog node is acquired. In summary, the vehicle digital certificate is sent to the external fog node and the fog node digital certificate sent by the external fog node is received, so that the two communication parties can use the digital certificates as the proof of identity authentication of the two communication parties and determine the validity of the identities of the two communication parties, and the safety of communication between the vehicle and the fog node can be improved.
Based on the communication system shown in fig. 1, as shown in fig. 2, in an embodiment of the present invention, the communication system further includes: certificate authority CA center 201;
the vehicle 101 is configured to send a vehicle certificate application carrying vehicle identity information to the CA center 201 in advance, and receive a vehicle digital certificate and an asymmetric vehicle private key sent by the CA center 201;
the fog node 102 is configured to send a fog node certificate application carrying fog node identity information to the CA center 201 in advance, and receive a fog node digital certificate and an asymmetric fog node private key sent by the CA center 201;
the CA center 201 is configured to, when receiving a vehicle certificate application carrying vehicle identity information sent by the vehicle 101, generate the vehicle digital certificate and the asymmetric vehicle private key by using the vehicle identity information according to a preset encryption rule, and send the vehicle digital certificate and the asymmetric vehicle private key to the vehicle 101; when a fog node certificate application carrying fog node identity information sent by the fog node 102 is received, the fog node digital certificate and the asymmetric fog node private key are generated by using the fog node identity information according to the encryption rule, and the fog node digital certificate and the asymmetric fog node private key are sent to the fog node 102.
In the embodiment of the invention, before the interaction between the vehicle and the fog node, the vehicle respectively applies for certificate application to a credible CA center, so that the CA center respectively issues respective digital certificates for the vehicle and the fog node, and both communication parties use the digital certificates as the proof of identity authentication of both communication parties, thereby realizing the purpose of improving the safety of the communication between the vehicle and the fog node.
In an embodiment of the present invention, the CA center is further configured to publish a pre-generated center public key;
the vehicle is used for determining whether the central public key can decrypt the fog node digital certificate, and if so, acquiring a fog node public key in the decrypted fog node digital certificate; decrypting the signed first receipt information by using the fog node public key;
the fog node is used for determining whether the central public key can decrypt the vehicle digital certificate, and if so, acquiring the vehicle public key in the decrypted vehicle digital certificate; decrypting the signed first service request using the vehicle public key.
In the embodiment of the invention, because the asymmetric vehicle private key is arranged at the vehicle, the asymmetric fog node private key is arranged at the fog node, and other people cannot acquire the asymmetric vehicle private key and the asymmetric fog node private key, when the vehicle interacts information with the fog node, the asymmetric vehicle private key is used for signing the interactive information, and when the fog node interacts information with the vehicle, the asymmetric fog node private key is used for signing the interactive information, so that other people cannot forge the signed interactive information, when two communication parties determine that the corresponding interactive information can be decrypted, the identity of the other party can be determined to be legal, and when the other party is determined to be legal, the interaction is carried out again, so that the information of the two communication parties can be prevented from being stolen, and the safety of the communication between the vehicle and the fog node can be improved.
In an embodiment of the present invention, the vehicle is further configured to generate a symmetric root key according to a preset key rule when receiving a re-service request sent by the user; encrypting the symmetric root key and the re-service request by using the asymmetric vehicle private key to generate key negotiation information; sending the key negotiation information to the fog node; when encrypted receipt information sent by the fog node is received, decrypting the encrypted receipt information by using the symmetric root key to obtain the decrypted receipt information;
the fog node is further configured to decrypt the key agreement information by using the vehicle public key when receiving the key agreement information of the vehicle, and obtain the symmetric root key and the re-service request; generating re-receipt information corresponding to the re-service request; encrypting the receipt information again by using the symmetric root key; and sending the encrypted receipt information to the vehicle.
In the embodiment of the invention, after the two communication parties carry out mutual authentication of the digital certificates, the vehicle needs to carry out key agreement with the fog node so as to encrypt the interactive information by using the agreed symmetric root key. And the symmetric root key is used for encrypting the interactive information, so that the safety of the communication between the vehicle and the fog node can be improved, and the speed of encrypting the interactive information can be improved.
In an embodiment of the present invention, the vehicle is further configured to determine whether the re-receipt information after encryption is received within a preset time limit, and if so, when a subsequent service request sent by the user is received, encrypt the subsequent service request by using the symmetric root key, generate new communication information, and send the new communication information to the cloud node; otherwise, when the subsequent service request is received, generating a new symmetric root key according to the key rule, encrypting the new symmetric root key and the subsequent service request by using the asymmetric vehicle private key to generate new communication information, and sending the new communication information to the fog node so that the fog node sends corresponding subsequent receipt information according to the new communication information.
In the embodiment of the invention, after the vehicle receives the encrypted receipt information sent by the fog node again, the vehicle needs to determine whether to use the symmetric root key for authentication within a preset time limit, and when the determination exceeds the time limit, the vehicle needs to renegotiate a new symmetric root key by using the public key of the fog node, so that the communication safety of the vehicle and the fog node is improved.
In an embodiment of the present invention, the cloud node is further configured to preset a service user list, and record the vehicle digital certificate, the vehicle public key, the last service time of the vehicle, the symmetric root key, and the time limit of the symmetric root key in the service user list; when the new communication information is received, performing:
s0: determining whether a symmetric root key corresponding to the vehicle exists in the service user list, if so, performing S1, otherwise, performing S3;
s1: determining whether the symmetric root key is valid according to the last service time and the time limit, if so, executing S2, otherwise, executing S3;
s2: decrypting the new communication information by using the symmetric root key, and updating the last service time in the service user list;
s3: and decrypting the new communication information by using the vehicle public key, and deleting the symmetric root key and the time limit of the symmetric root key in the service user list.
In the embodiment of the present invention, after determining that the identity of the vehicle is legal, the fog node needs to record the identity information of the vehicle, for example, the vehicle ID, the vehicle digital certificate, and the vehicle public key, into a preset service user list, so that when interacting with the vehicle again, the identity validity of the vehicle is determined again according to the information recorded in the service user list.
In an embodiment of the present invention, the CA center is further configured to publish a certificate revocation list generated in advance;
the fog node is further configured to, when receiving the vehicle digital certificate and the signed first service request sent by the vehicle, determine whether the vehicle digital certificate is on the certificate revocation list, and if so, cancel the communication this time, otherwise, execute the first service request after verifying the vehicle digital certificate and the signature.
In the embodiment of the present invention, when determining that the vehicle digital certificate of the vehicle is valid, the cloud node further needs to determine whether the vehicle digital certificate is valid according to the certificate revocation list. When the identity of the vehicle is determined to be legal and effective, information interaction is carried out with the vehicle, the probability that the fog node is attacked can be reduced, and therefore the safety of communication between the fog node and the vehicle can be improved.
In order to more clearly illustrate the technical solutions and advantages of the present invention, a detailed description is made of a communication system provided by an embodiment of the present invention, as shown in fig. 3, including:
the vehicle 301 is configured to send a vehicle certificate application carrying vehicle identity information to the CA center 302 in advance, and receive a vehicle digital certificate and an asymmetric vehicle private key sent by the CA center 302 according to the vehicle certificate application.
Specifically, before the vehicle interacts with the fog node, the vehicle digital certificate needs to be applied to the CA center first, so that when the vehicle interacts with the fog node, the fog node can determine whether the identity of the vehicle is legal or not through the vehicle digital certificate, and when the identity of the fog node is legal, the fog node interacts with the fog node, and therefore the purpose of improving the safety of communication between the vehicle and the fog node is achieved.
The fog node 303 is configured to send a fog node certificate application carrying fog node identity information to the CA center 302 in advance, and receive a fog node digital certificate and an asymmetric fog node private key sent by the CA center 302 according to the fog node certificate application.
Specifically, before the fog node interacts with the vehicle, the fog node digital certificate needs to be applied to the CA center first, so that when the fog node digital certificate interacts with the vehicle, the vehicle can determine whether the identity of the fog node is legal or not through the fog node digital certificate, and when the identity of the vehicle is legal, the fog node digital certificate interacts with the vehicle, and therefore the safety of communication between the vehicle and the fog node can be improved.
The CA center 302 is used for publishing a pre-generated center public key, generating a vehicle digital certificate and an asymmetric vehicle private key by using vehicle identity information in a vehicle certificate application according to a preset encryption rule when receiving the vehicle certificate application sent by the vehicle 301, and sending the vehicle digital certificate and the asymmetric vehicle private key to the vehicle 301; when a fog node certificate application sent by the fog node 303 is received, a fog node digital certificate and an asymmetric fog node private key are generated by using the fog node identity information in the fog node certificate application according to an encryption rule, and the fog node digital certificate and the asymmetric fog node private key are sent to the fog node 303.
Specifically, the CA center sends the fog node digital certificate and the asymmetric fog node private key to the fog node, and sends the vehicle digital certificate and the asymmetric vehicle private key to the vehicle, so that the safety of communication is improved when two communication parties carry out information interaction, and the two communication parties can use the digital certificate as the proof of identity authentication of the two communication parties.
The vehicle 301 is configured to, when receiving a first service request sent by a user, encrypt the first service request with an asymmetric vehicle private key, and send the encrypted first service request and a vehicle digital certificate to the cloud node 303.
Specifically, the first service request is encrypted by using the asymmetric vehicle private key, so that the security in the process of transmitting the first service request can be improved, and the vehicle digital certificate is sent, so that the fog node can determine whether the identity of the vehicle is legal or not through the digital certificate.
The cloud node 303 is configured to determine whether the central public key can decrypt the vehicle digital certificate when receiving the encrypted first service request and the vehicle digital certificate sent by the vehicle 301, and if so, obtain the vehicle public key in the decrypted vehicle digital certificate; and determining whether the vehicle digital certificate is revoked according to a certificate revocation list published in advance by the CA center 302, if so, cancelling the communication, otherwise, decrypting the signed first service request by using a vehicle public key, generating first receipt information corresponding to the first service request, signing the first receipt information by using an asymmetric foggy node private key, and sending the signed first receipt information and the foggy node public key to the vehicle 301.
Specifically, after receiving the vehicle digital certificate, the fog node verifies the authenticity of the vehicle digital certificate, can determine whether the identity of the vehicle is legal, and interacts with the vehicle if and only if the identity of the vehicle is legal. And the fog node digital certificate is sent to the vehicle, so that the vehicle can verify whether the identity of the fog node is legal or not through the fog node digital certificate, and the purpose of improving the communication safety of the fog node and the vehicle is achieved.
The vehicle 301 is used for determining whether the central public key can decrypt the fog node digital certificate or not when receiving the signed first receipt information and the fog node digital certificate sent by the fog node 303, if so, obtaining the fog node public key in the decrypted fog node digital certificate, decrypting the signed first receipt information by using the fog node public key, obtaining the decrypted first receipt information, and executing the first receipt information; when a re-service request sent by a user is received, a symmetric root key is generated according to a preset key rule, the symmetric root key and the re-service request are encrypted by using an asymmetric vehicle private key to generate key negotiation information, and the key negotiation information is sent to the fog node 303.
Specifically, when the identity of the fog node is determined to be legal, the vehicle needs to generate a symmetric root key, and send the symmetric root key to the fog node, so that both communication parties complete key agreement, and the speed of encrypting the interactive information is increased on the basis of improving the communication security of the vehicle and the fog node.
The cloud node 303 is configured to decrypt the key agreement information by using the vehicle public key when receiving the key agreement information sent by the vehicle 301, and obtain a symmetric root key and a re-service request in the decrypted key agreement; the receipt re-issuing information corresponding to the re-service request is generated, the receipt re-issuing information is encrypted by the symmetric root key, and the encrypted receipt re-issuing information is transmitted to the vehicle 301.
Specifically, after the fog node completes key agreement with the vehicle, the symmetric root key obtained through the key agreement encrypts the receipt information again, so that the encryption speed is increased on the basis of improving the communication security with the vehicle.
The vehicle 301 is configured to, upon receiving the encrypted receipt information sent by the fog node 303, decrypt the encrypted receipt information with the symmetric root key, obtain the decrypted receipt information, execute the receipt information, and perform:
determining whether the encrypted receipt information is received within a preset time limit;
if so, when a subsequent service request sent by the user is received, encrypting the subsequent service request by using the symmetric root key, and sending the encrypted subsequent service request to the fog node 303;
otherwise, when a subsequent service request is made, a new symmetric root key is generated according to the key rule, the new symmetric root key and the subsequent service request are encrypted by using the asymmetric vehicle private key to generate communication information, and the communication information is sent to the fog node 303.
Specifically, after the vehicle completes the key agreement with the fog node, it needs to determine whether the vehicle uses the symmetric root key for authentication within a preset time limit, that is, the symmetric root key is used for decrypting the interactive information, if so, the vehicle continues to use the symmetric root key for interaction, otherwise, in order to avoid the symmetric root key being obtained by others, a new symmetric root key needs to be formed, and new key agreement is performed.
In summary, the identity process of the vehicle is authenticated by the fog node as follows:
a: and when the vehicle sends identity information to the fog node, wherein the identity information comprises a vehicle digital certificate or a symmetric root key.
B: the fog node, upon receiving the identity information, determines whether the vehicle is in a service user list, and if the vehicle is in the service user list:
determining whether symmetric root keys in a service user list are still valid
If so, authenticating the vehicle using the symmetric root key, and performing D.
And if the vehicle is invalid, authenticating the vehicle by using the vehicle public key in the service user list, and executing D.
C: if the vehicle is not on the service user list, the vehicle digital certificate is authenticated by the central public key.
D: and inquiring the certificate revocation list to determine the validity of the vehicle digital certificate.
E: and after the authentication is finished, the fog node updates the service user list.
As shown in fig. 4, an embodiment of the present invention provides a communication method of a communication system as described in any one of the above embodiments, where the method may include the following steps:
step 401: each vehicle in at least one vehicle signs the first service request by using a pre-acquired asymmetric vehicle private key when receiving the first service request sent by a user, and sends a pre-acquired vehicle digital certificate and the signed first service request to a mist giving node; when a fog node digital certificate and signed first receipt information sent by the fog node are received, verifying the fog node digital certificate and the signed first receipt information; when the verification is passed, acquiring the decrypted first receipt information;
step 402: each of the at least one fog node verifies the vehicle digital certificate and the signed first service request when receiving the vehicle digital certificate and the signed first service request sent by the vehicle, generates the first receipt information when the verification is passed, signs the first receipt information by using a pre-obtained asymmetric fog node private key, and sends the pre-obtained fog node digital certificate and the signed first receipt information to the vehicle.
In the embodiment of the invention, before the vehicle interacts with the fog node, two communication parties need to acquire respective digital certificates firstly, so that when the fog node interacts with the vehicle, whether the identity of the vehicle is legal or not is determined according to the vehicle digital certificate, and when the identity of the fog node is legal, the fog node digital certificate and corresponding first receipt information are sent to the vehicle, so that the vehicle determines whether the identity of the fog node is legal or not according to the fog node digital certificate, and when and only when the identity of the fog node is legal, the first receipt information sent by the fog node is acquired. In summary, the vehicle digital certificate is sent to the external fog node and the fog node digital certificate sent by the external fog node is received, so that the two communication parties can use the digital certificates as the proof of identity authentication of the two communication parties and determine the validity of the identities of the two communication parties, and the safety of communication between the vehicle and the fog node can be improved.
In an embodiment of the present invention, before the signing the first service request with the pre-obtained asymmetric vehicle private key, the signing further includes:
the vehicle sends a vehicle certificate application carrying vehicle identity information to a CA center in advance, and receives a vehicle digital certificate and an asymmetric vehicle private key sent by the CA center;
before the signing the first receipt information by using the pre-acquired asymmetric fog node private key, further comprising:
the fog node sends a fog node certificate application carrying fog node identity information to the CA center in advance, and receives a fog node digital certificate and an asymmetric fog node private key sent by the CA center;
when the CA center receives a vehicle certificate application carrying vehicle identity information sent by the vehicle, the CA center generates the vehicle digital certificate and the asymmetric vehicle private key by using the vehicle identity information according to a preset encryption rule, and sends the vehicle digital certificate and the asymmetric vehicle private key to the vehicle; and when a fog node certificate application carrying fog node identity information sent by the fog node is received, generating the fog node digital certificate and the asymmetric fog node private key by using the fog node identity information according to the encryption rule, and sending the fog node digital certificate and the asymmetric fog node private key to the fog node.
In an embodiment of the present invention, before the sending the vehicle digital certificate and the asymmetric vehicle private key to the vehicle, further includes:
the CA center publishes a pre-generated certificate revocation list;
and when receiving the vehicle digital certificate and the signed first service request sent by the vehicle, the fog node determines whether the vehicle digital certificate is in the certificate revocation list, if so, cancels the communication, and otherwise, executes the first service request after verifying the vehicle digital certificate and the signature.
The embodiments of the invention have at least the following beneficial effects:
1. in the first embodiment of the invention, before the vehicle interacts with the fog node, two communication parties need to acquire respective digital certificates first, so that when the fog node interacts with the vehicle, whether the identity of the vehicle is legal or not is determined according to the vehicle digital certificate, and when the identity of the fog node is legal, the fog node digital certificate and corresponding first receipt information are sent to the vehicle, so that the vehicle determines whether the identity of the fog node is legal or not according to the fog node digital certificate, and when and only when the identity of the fog node is legal, the first receipt information sent by the fog node is acquired. In summary, the vehicle digital certificate is sent to the external fog node and the fog node digital certificate sent by the external fog node is received, so that the two communication parties can use the digital certificates as the proof of identity authentication of the two communication parties and determine the validity of the identities of the two communication parties, and the safety of communication between the vehicle and the fog node can be improved.
2. In the first embodiment of the invention, before the interaction between the vehicle and the fog node, the vehicle respectively applies for certificate applications to the credible CA center, so that the CA center can respectively issue respective digital certificates for the vehicle and the fog node, and the two communication parties use the digital certificates as the proof of identity authentication of the two communication parties, thereby realizing the purpose of improving the security of the communication between the vehicle and the fog node.
3. In the first embodiment of the invention, as the asymmetric vehicle private key is arranged at the vehicle, the asymmetric fog node private key is arranged at the fog node, and other people cannot acquire the asymmetric vehicle private key and the asymmetric fog node private key, when the vehicle interacts information with the fog node, the asymmetric vehicle private key is used for signing the interactive information, and when the fog node interacts information with the vehicle, the asymmetric fog node private key is used for signing the interactive information, so that other people cannot forge the signed interactive information, when two communication parties determine that the corresponding interactive information can be decrypted, the identity of the other party can be determined to be legal, and when the other party is determined to be legal, the interaction is carried out again, so that the information of the two communication parties can be prevented from being stolen, and the safety of the communication between the vehicle and the fog node can be improved.
4. In an embodiment of the present invention, after the two communication parties perform mutual authentication of the digital certificates, the vehicle needs to perform key agreement with the cloud node, so that the agreed symmetric root key is used to encrypt the interaction information. And the symmetric root key is used for encrypting the interactive information, so that the safety of the communication between the vehicle and the fog node can be improved, and the speed of encrypting the interactive information can be improved.
5. In one embodiment of the invention, after the vehicle receives the encrypted receipt information sent by the fog node again, the vehicle needs to determine whether to use the symmetric root key for authentication within a preset time limit, and when the determination exceeds the time limit, the vehicle needs to renegotiate a new symmetric root key by using the public key of the fog node, so that the security of communication between the vehicle and the fog node is improved.
6. In one embodiment of the present invention, after determining that the identity of the vehicle is legal, the fog node needs to record the identity information of the vehicle, for example, the vehicle ID, the vehicle digital certificate, and the vehicle public key, into a preset service user list, so that when interacting with the vehicle again, the fog node determines the validity of the identity of the vehicle again according to the information recorded in the service user list.
7. In an embodiment of the present invention, when determining that the vehicle digital certificate of the vehicle is valid, the cloud node further needs to determine whether the vehicle digital certificate is valid according to the certificate revocation list. When the identity of the vehicle is determined to be legal and effective, information interaction is carried out with the vehicle, the probability that the fog node is attacked can be reduced, and therefore the safety of communication between the fog node and the vehicle can be improved.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising a" does not exclude the presence of other similar elements in a process, method, article, or apparatus that comprises the element.
Finally, it is to be noted that: the above description is only a preferred embodiment of the present invention, and is only used to illustrate the technical solutions of the present invention, and not to limit the protection scope of the present invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention shall fall within the protection scope of the present invention.
Claims (7)
1. A communication system, comprising: at least one vehicle and at least one fog node;
each vehicle is used for signing the first service request by using a pre-acquired asymmetric vehicle private key when receiving the first service request sent by a user, and sending a pre-acquired vehicle digital certificate and the signed first service request to a mist sending node; when a fog node digital certificate and signed first receipt information sent by the fog node are received, verifying the fog node digital certificate and the signed first receipt information; when the verification is passed, acquiring the decrypted first receipt information;
each fog node is used for verifying the vehicle digital certificate and the signed first service request when receiving the vehicle digital certificate and the signed first service request sent by the vehicle, generating the first receipt information when the verification is passed, signing the first receipt information by using a pre-obtained asymmetric fog node private key, and sending the pre-obtained fog node digital certificate and the signed first receipt information to the vehicle; further comprising: a Certificate Authority (CA) center;
the vehicle is used for sending a vehicle certificate application carrying vehicle identity information to the CA in advance, and receiving a vehicle digital certificate and an asymmetric vehicle private key sent by the CA;
the fog node is used for sending a fog node certificate application carrying fog node identity information to the CA center in advance and receiving a fog node digital certificate and an asymmetric fog node private key sent by the CA center;
the CA center is used for generating the vehicle digital certificate and the asymmetric vehicle private key by using the vehicle identity information according to a preset encryption rule when receiving a vehicle certificate application carrying vehicle identity information sent by the vehicle, and sending the vehicle digital certificate and the asymmetric vehicle private key to the vehicle; when a fog node certificate application carrying fog node identity information sent by the fog node is received, generating the fog node digital certificate and the asymmetric fog node private key by using the fog node identity information according to the encryption rule, and sending the fog node digital certificate and the asymmetric fog node private key to the fog node;
the CA center is further used for publishing a pre-generated center public key;
the vehicle is used for determining whether the central public key can decrypt the fog node digital certificate, and if so, acquiring a fog node public key in the decrypted fog node digital certificate; decrypting the signed first receipt information by using the fog node public key;
the fog node is used for determining whether the central public key can decrypt the vehicle digital certificate, and if so, acquiring the vehicle public key in the decrypted vehicle digital certificate; decrypting the signed first service request using the vehicle public key;
the vehicle is further used for generating a symmetric root key according to a preset key rule when receiving a re-service request sent by the user; encrypting the symmetric root key and the re-service request by using the asymmetric vehicle private key to generate key negotiation information; sending the key negotiation information to the fog node; when encrypted receipt information sent by the fog node is received, decrypting the encrypted receipt information by using the symmetric root key to obtain the decrypted receipt information;
the fog node is further configured to decrypt the key agreement information by using the vehicle public key when receiving the key agreement information of the vehicle, and obtain the symmetric root key and the re-service request; generating re-receipt information corresponding to the re-service request; encrypting the receipt information again by using the symmetric root key; and sending the encrypted receipt information to the vehicle.
2. The communication system of claim 1,
the vehicle is further used for determining whether the encrypted receipt information is received again within a preset time limit, if so, when a subsequent service request sent by the user is received, the subsequent service request is encrypted by using the symmetric root key, new communication information is generated, and the new communication information is sent to the fog node; otherwise, when the subsequent service request is received, generating a new symmetric root key according to the key rule, encrypting the new symmetric root key and the subsequent service request by using the asymmetric vehicle private key to generate new communication information, and sending the new communication information to the fog node so that the fog node sends corresponding subsequent receipt information according to the new communication information.
3. The communication system of claim 2,
the fog node is further configured to preset a service user list, and record the vehicle digital certificate, the vehicle public key, the last service time of the vehicle, the symmetric root key, and the time limit of the symmetric root key in the service user list; when the new communication information is received, performing:
s0: determining whether a symmetric root key corresponding to the vehicle exists in the service user list, if so, performing S1, otherwise, performing S3;
s1: determining whether the symmetric root key is valid according to the last service time and the time limit, if so, executing S2, otherwise, executing S3;
s2: decrypting the new communication information by using the symmetric root key, and updating the last service time in the service user list;
s3: and decrypting the new communication information by using the vehicle public key, and deleting the symmetric root key and the time limit of the symmetric root key in the service user list.
4. The communication system according to any of claims 2 to 3,
the CA center is further used for publishing a certificate revocation list generated in advance;
the fog node is further configured to, when receiving the vehicle digital certificate and the signed first service request sent by the vehicle, determine whether the vehicle digital certificate is on the certificate revocation list, and if so, cancel the communication this time, otherwise, execute the first service request after verifying the vehicle digital certificate and the signature.
5. A communication method based on the communication system of any one of claims 1 to 4, comprising:
each vehicle in at least one vehicle signs the first service request by using a pre-acquired asymmetric vehicle private key when receiving the first service request sent by a user, and sends a pre-acquired vehicle digital certificate and the signed first service request to a mist giving node; when a fog node digital certificate and signed first receipt information sent by the fog node are received, verifying the fog node digital certificate and the signed first receipt information; when the verification is passed, acquiring the decrypted first receipt information;
each of the at least one fog node verifies the vehicle digital certificate and the signed first service request when receiving the vehicle digital certificate and the signed first service request sent by the vehicle, generates the first receipt information when the verification is passed, signs the first receipt information by using a pre-obtained asymmetric fog node private key, and sends the pre-obtained fog node digital certificate and the signed first receipt information to the vehicle.
6. The communication system of claim 5,
prior to said signing said first service request with said pre-obtained asymmetric vehicle private key, further comprising:
the vehicle sends a vehicle certificate application carrying vehicle identity information to a CA center in advance, and receives a vehicle digital certificate and an asymmetric vehicle private key sent by the CA center;
before the signing the first receipt information by using the pre-acquired asymmetric fog node private key, further comprising:
the fog node sends a fog node certificate application carrying fog node identity information to the CA center in advance, and receives a fog node digital certificate and an asymmetric fog node private key sent by the CA center;
when the CA center receives a vehicle certificate application carrying vehicle identity information sent by the vehicle, the CA center generates the vehicle digital certificate and the asymmetric vehicle private key by using the vehicle identity information according to a preset encryption rule, and sends the vehicle digital certificate and the asymmetric vehicle private key to the vehicle; and when a fog node certificate application carrying fog node identity information sent by the fog node is received, generating the fog node digital certificate and the asymmetric fog node private key by using the fog node identity information according to the encryption rule, and sending the fog node digital certificate and the asymmetric fog node private key to the fog node.
7. The communication system of claim 6,
prior to said sending said vehicle digital certificate and said asymmetric vehicle private key to said vehicle, further comprising:
the CA center publishes a pre-generated certificate revocation list;
and when receiving the vehicle digital certificate and the signed first service request sent by the vehicle, the fog node determines whether the vehicle digital certificate is in the certificate revocation list, if so, cancels the communication, and otherwise, executes the first service request after verifying the vehicle digital certificate and the signature.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810408721.4A CN108600240B (en) | 2018-05-02 | 2018-05-02 | Communication system and communication method thereof |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810408721.4A CN108600240B (en) | 2018-05-02 | 2018-05-02 | Communication system and communication method thereof |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108600240A CN108600240A (en) | 2018-09-28 |
CN108600240B true CN108600240B (en) | 2020-11-10 |
Family
ID=63619508
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810408721.4A Active CN108600240B (en) | 2018-05-02 | 2018-05-02 | Communication system and communication method thereof |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108600240B (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10869190B2 (en) * | 2018-07-13 | 2020-12-15 | Micron Technology, Inc. | Secure vehicular services communication |
CN109474577A (en) * | 2018-10-17 | 2019-03-15 | 太原市高远时代科技有限公司 | A kind of Internet of Things network edge O&M equipment with safety permission function |
CN110430063B (en) * | 2019-07-26 | 2020-05-19 | 绍兴文理学院 | Mist computing architecture-based anonymous identity authentication method for heterogeneous sensor network nodes |
Family Cites Families (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102075522B (en) * | 2010-12-22 | 2012-07-04 | 北京航空航天大学 | Secure certification and transaction method with combination of digital certificate and one-time password |
JP5926441B2 (en) * | 2012-04-01 | 2016-05-25 | オーセンティファイ・インクAuthentify Inc. | Secure authentication in multi-party systems |
CN103684768A (en) * | 2012-09-10 | 2014-03-26 | 中国银联股份有限公司 | POS system and method for bidirectional authentication in POS system |
CN103312691A (en) * | 2013-04-19 | 2013-09-18 | 无锡成电科大科技发展有限公司 | Method and system for authenticating and accessing cloud platform |
US10931456B2 (en) * | 2014-06-26 | 2021-02-23 | Comcast Cable Communications, Llc | Secure router authentication |
CN104811941B (en) * | 2015-04-30 | 2018-09-11 | 福建星网锐捷网络有限公司 | Offline secure virtual machine management method and device |
US20170048308A1 (en) * | 2015-08-13 | 2017-02-16 | Saad Bin Qaisar | System and Apparatus for Network Conscious Edge to Cloud Sensing, Analytics, Actuation and Virtualization |
EP3291504B1 (en) * | 2016-08-30 | 2020-03-11 | Wacom Co., Ltd. | Authentication and secure transmission of data between signature devices and host computers using transport layer security |
CN107071033A (en) * | 2017-04-20 | 2017-08-18 | 济南浪潮高新科技投资发展有限公司 | A kind of car networking deployment system calculated based on mist |
CN107679847B (en) * | 2017-09-07 | 2021-05-11 | 广东工业大学 | Mobile transaction privacy protection method based on near field communication bidirectional identity authentication |
-
2018
- 2018-05-02 CN CN201810408721.4A patent/CN108600240B/en active Active
Non-Patent Citations (1)
Title |
---|
车载自组网Sybil攻击检测方案研究综述;李春彦,王良民;《计算机科学》;20141115;全文 * |
Also Published As
Publication number | Publication date |
---|---|
CN108600240A (en) | 2018-09-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109788482B (en) | Method and system for anonymous authentication of messages between vehicles in Internet of vehicles environment | |
CN107919956B (en) | End-to-end safety guarantee method in cloud environment facing to Internet of things | |
CN109412816B (en) | Anonymous communication system and method for vehicle-mounted network based on ring signature | |
CN108964919B (en) | Lightweight anonymous authentication method with privacy protection based on Internet of vehicles | |
CN104683112B (en) | A kind of car car safety communicating method that certification is assisted based on RSU | |
Priyadharshini et al. | A secure hash message authentication code to avoid certificate revocation list checking in vehicular adhoc networks | |
CN109005542B (en) | 5G Internet of vehicles rapid message authentication method based on reputation system | |
CN113596778A (en) | Vehicle networking node anonymous authentication method based on block chain | |
CN109362062B (en) | ID-based group signature-based VANETs anonymous authentication system and method | |
WO2009079916A1 (en) | A method for generating a key pair and transmitting a public key or a certificate application document securely | |
CN112073964B (en) | Unmanned aerial vehicle and base station communication identity authentication method based on elliptic curve encryption | |
CN109561383A (en) | A kind of location privacy protection method based on dynamic assumed name exchange area | |
CN108600240B (en) | Communication system and communication method thereof | |
Ahamed et al. | EMBA: An efficient anonymous mutual and batch authentication schemes for vanets | |
CN112437108A (en) | Decentralized identity authentication device and method for privacy protection of Internet of vehicles | |
CN117278330B (en) | Lightweight networking and secure communication method for electric power Internet of things equipment network | |
Amin et al. | An enhanced anonymity resilience security protocol for vehicular ad-hoc network with scyther simulation | |
CN108683506B (en) | Digital certificate application method, system, fog node and certificate authority | |
CN108933665B (en) | Method for applying lightweight V2I group communication authentication protocol in VANETs | |
CN112243234A (en) | Identity-based privacy security protection method for Internet of vehicles | |
CN114884698A (en) | Kerberos and IBC security domain cross-domain authentication method based on alliance chain | |
CN111092732A (en) | Anonymous authentication method based on certificateless group signature in Internet of vehicles | |
CN114726583B (en) | Trusted hardware cross-chain transaction privacy protection system and method based on blockchain distributed identification | |
Sun et al. | Ridra: A rigorous decentralized randomized authentication in VANETs | |
CN117220877A (en) | Certificate-free aggregation signature method for protecting private key applicable to Internet of vehicles |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
TA01 | Transfer of patent application right | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20201015 Address after: 250100 Ji'nan high tech Zone, Shandong, No. 1036 wave road Applicant after: INSPUR GROUP Co.,Ltd. Address before: 250100, Ji'nan province high tech Zone, Sun Village Branch Road, No. 2877, building, floor, building, on the first floor Applicant before: JINAN INSPUR HI-TECH INVESTMENT AND DEVELOPMENT Co.,Ltd. |
|
GR01 | Patent grant | ||
GR01 | Patent grant |