Vehicular ad hoc network (VANET) has been a promising technology in smart transportation system, which can enable information exchange between vehicles and roadside units (RSUs). However, the privacy of vehicles and RSUs is a critical challenge in VANET, as they may expose sensitive information to malicious attackers or unauthorized parties. Many existing authenticated key agreement (AKA) schemes aim to protect the privacy of vehicles and RSUs, but they often neglect the physical security of the devices involved in the communication. Therefore, we propose an efficient and privacy-preserving AKA scheme in VANET, which embeds physical unclonable function (PUF) and fuzzy extraction (FE) technology. PUF is a physical device that generates random strings based on their intrinsic characteristics and external inputs, which can protect the secrets in the devices from being stolen by attackers. FE can compensate for the drawbacks of PUF affected by environmental factors. Our scheme preserves the identity privacy of legitimate RSUs and vehicles, as well as intercepts and traces the identity of malicious attackers. In addition, we eliminate the involvement of the third party (TP) in the AKA phase to better meet the high-speed driving of vehicles. Finally, we conduct formal and informal security analyses in random oracle model (ROM), which prove that our scheme can resist various attacks. We also show in the performance analysis that our scheme has the lowest computational cost, communication overhead, and total energy consumption.
Read full abstract