The Internet of Vehicles (IoV) aims to provide a new convenient, comfortable, and safe driving way, and in turn enables intelligent transportation through wireless communications among road-side units, on-board units (OBUs), phones, and other devices inside a vehicle. However, significantly increasing reliance on wireless communication, control, and computing technology makes IoV more vulnerable to potential attacks, such as remote intrusion, control, and trajectory tracking. Therefore, efficient authentication solutions preventing unauthorized visitors need to be addressed to cope with these issues. Hence, in this paper we focus on the security and privacy-preserving by developing a dual authentication scheme for IoV according to its different scenarios. First, the OBU self-generates an anonymous identity and temporary encryption key to open an authentication session. Second, the legitimacy of the vehicle’s real and anonymous identity can be verified by trust authority (TA). After that, the vehicle’s reputation is evaluated according to its history interactive behavior and the session key for V2V can be finally established. There are three major advantages, including privacy-preserving and security enhancement without a burden of key management in the condition of acceptable time delay range, introducing trust evaluation into authentication protocol, as well as considering the vehicle behavior attributes in the new reputation evaluation method. In addition, we also prove the correctness of this scheme using the Burrows–Abadi–Needham (BAN) logic, and the performance comparison against the existing schemes is given as well.
Read full abstract