Mixed-Signal Integrated System Lab (MSIS), School of Electronics Engineering, Chungbuk National University, Cheongju 28644, Korea.
Electronics Research Institute (ERI), El Nozha, Cairo 12622, Egypt.
Sensors (Basel). 2022 Jan 3;22(1):331. doi: 10.3390/s22010331.
Many group key management protocols have been proposed to manage key generation and distribution of vehicular communication. However, most of them suffer from high communication and computation costs due to the complex elliptic curve and bilinear pairing cryptography. Many shared secret protocols have been proposed using polynomial evaluation and interpolation to solve the previous complexity issues. This paper proposes an efficient centralized threshold shared secret protocol based on the Shamir secret sharing technique and supporting key authentication using Hashed Message Authentication Code Protocol (HMAC). The proposed protocol allows the group manager to generate a master secret key for a group of n vehicles and split this key into secret shares; each share is distributed securely to every group member. t-of-n vehicles must recombine their secret shares and recover the original secret key. The acceptance of the recovered key is based on the correctness of the received HMAC signature to verify the group manager's identity and ensure the key confidentiality. The proposed protocol is unconditionally secure and unbreakable using infinite computing power as t, or more than t secret shares are required to reconstruct the key. In contrast, attackers with t-1 secret shares cannot leak any information about the original secret key. Moreover, the proposed protocol reduces the computation cost due to using polynomial evaluation to generate the secret key and interpolation to recover the secret key, which is very simple and lightweight compared with the discrete logarithm computation cost in previous protocols. In addition, utilizing a trusted group manager that broadcasts some public information is important for the registered vehicles to reconstruct the key and eliminate secure channels between vehicles. The proposed protocol reduces the communication cost in terms of transmitted messages between vehicles from 2(t-1) messages in previous shared secret protocols to zero messages. Moreover, it reduces the received messages at vehicles from 2t to two messages. At the same time, it allows vehicles to store only a single secret share compared with other shared secret protocols that require storage of t secret shares. The proposed protocol security level outperforms the other shared secret protocols security, as it supports key authentication and confidentiality using HMAC that prevents attackers from compromising or faking the key.
许多群组密钥管理协议已经被提出,用于管理车载通信的密钥生成和分发。然而,由于复杂的椭圆曲线和双线性配对密码学,大多数协议都存在较高的通信和计算成本。许多共享秘密协议已经被提出,使用多项式评估和插值来解决以前的复杂性问题。本文提出了一种基于 Shamir 秘密共享技术的高效集中式门限共享秘密协议,并支持使用哈希消息认证码协议 (HMAC) 进行密钥认证。该协议允许群组管理器为一组 n 辆车辆生成主密钥,并将该密钥分割成秘密份额;每个份额都安全地分发给每个群组成员。t-of-n 辆车必须重新组合他们的秘密份额并恢复原始密钥。恢复密钥的接受基于接收到的 HMAC 签名的正确性,以验证群组管理器的身份并确保密钥机密性。该协议在使用无限计算能力的情况下是无条件安全和不可破解的,即需要 t 个或更多的秘密份额才能重建密钥。相比之下,攻击者拥有 t-1 个秘密份额,无法泄露任何关于原始秘密密钥的信息。此外,由于使用多项式评估生成密钥和插值恢复密钥,该协议降低了计算成本,这与以前协议中的离散对数计算成本相比非常简单和轻量级。此外,利用信任的群组管理器广播一些公共信息对于注册车辆重建密钥和消除车辆之间的安全通道非常重要。该协议在车辆之间传输的消息数量上降低了通信成本,从以前的共享秘密协议中的 2(t-1)条消息减少到零条消息。此外,它将车辆接收的消息数量从 2t 减少到两条消息。同时,与需要存储 t 个秘密份额的其他共享秘密协议相比,它允许车辆仅存储单个秘密份额。与其他共享秘密协议相比,该协议的安全性更高,因为它支持使用 HMAC 进行密钥认证和机密性,这可以防止攻击者篡改或伪造密钥。
