Blockchain-Based One-Time Authentication for Secure V2X Communication Against Insiders and Authority Compromise Attacks

Abstract

One significant security challenge in vehicular networks is defending against malicious members’ attacks, including insiders and compromised authorities. Insiders are legitimate vehicles who have passed the registration process. Since they can exploit all the information related to the network and other members’ communication, it is easier to perform various attacks with a high impact. In addition, an authority takes charge of registering and managing legitimate vehicles. Thus, if the authority is compromised, it will cause significant damage to the system, including the leaking of private information, such as identity, location, and membership. Many authentication schemes have been proposed to protect vehicular communication from these security issues. However, most existing schemes still face the vulnerability of malicious members. Furthermore, most conventional schemes require additional interactions between the vehicles and infrastructure for authentication, which can cause communication overheads. To overcome these issues, we propose a novel blockchain-based one-time authentication scheme to protect vehicular communication against malicious members. One-time authentication provides higher security and efficiency as every message is authenticated with different proof at a time. We use publicly verifiable secret sharing with blockchain for this property, which brings two benefits. First, it prevents even an authority from obtaining members’ identities by distributing encrypted shares instead of their real identities. Second, it enables robust vehicular communication against insiders’ attacks by allowing a vehicle to send unique proof generated from its private information with messages. Receivers can authenticate the messages by comparing attached values to the information through the blockchain in a noninteractive manner. Security analysis shows that our scheme assures secure vehicle-to-everything communication against insider attacks, and efficiency analysis shows how both authentication and consensus delay change.