Luo Changyuan, Li Duan, Khan Muhammad Saad
School of Information Engineering, Zhengzhou Shengda University, Zhengzhou, Henan Province, China.
School of Electronic Information, Zhengzhou University of Light Industry, Zhengzhou, Henan Province, China.
Sci Rep. 2024 Nov 7;14(1):27079. doi: 10.1038/s41598-024-77992-5.
Certificateless public key infrastructure (PKI) avoids the key escrow problem associated with identity-based PKI and has recently been widely employed in anonymous communication schemes for vehicular adhoc networks (VANETs). In existing certificateless anonymous signcryption schemes for VANETs, vulnerabilities such as potential attacks involving the substitution of pseudonyms and the forging of pseudonymous public-private key pairs exist due to the lack of "identity-key binding" and "non-linearity processing of public-private key pairs." To address this issue, we propose an improved certificateless anonymous signcryption scheme based on elliptic curve cryptography. The scheme incorporates bilinear pairing as one of the authentication mechanisms, designs pseudonym generation algorithms and public-private key pair structures, and introduces a pseudonym verification mechanism. The correctness of the scheme is proven under the random oracle model, and its security is extensively demonstrated through detailed discussions on its confidentiality, authentication, unforgeability, anonymity, and traceability. Furthermore, the time and space complexity of the scheme are calculated. By comparing with recently published certificateless signcryption schemes, it is shown that the proposed scheme offers higher security with smaller computational and communication overheads. This certificateless vehicular network signcryption algorithm provides an efficient encryption solution for anonymous communication in vehicular networks, thereby ensuring the rapid development of secure technology for intelligent connected vehicle super terminals.
无证书公钥基础设施(PKI)避免了与基于身份的PKI相关的密钥托管问题,最近已广泛应用于车载自组织网络(VANET)的匿名通信方案中。在现有的用于VANET的无证书匿名签密方案中,由于缺乏“身份-密钥绑定”和“公私钥对的非线性处理”,存在诸如涉及假名替换和伪造假名公私钥对等潜在攻击的漏洞。为了解决这个问题,我们提出了一种基于椭圆曲线密码学的改进的无证书匿名签密方案。该方案将双线性配对作为认证机制之一,设计了假名生成算法和公私钥对结构,并引入了假名验证机制。在随机预言模型下证明了该方案的正确性,并通过对其保密性、认证性、不可伪造性、匿名性和可追溯性的详细讨论,广泛证明了其安全性。此外,计算了该方案的时间和空间复杂度。通过与最近发表的无证书签密方案进行比较,结果表明所提方案具有更高的安全性,且计算和通信开销更小。这种无证书车载网络签密算法为车载网络中的匿名通信提供了一种高效的加密解决方案,从而确保了智能网联汽车超级终端安全技术的快速发展。