CN117915327A - Internet of vehicles communication privacy contact discovery method, device, system, vehicle and medium - Google Patents
Internet of vehicles communication privacy contact discovery method, device, system, vehicle and medium Download PDFInfo
- Publication number
- CN117915327A CN117915327A CN202311827736.1A CN202311827736A CN117915327A CN 117915327 A CN117915327 A CN 117915327A CN 202311827736 A CN202311827736 A CN 202311827736A CN 117915327 A CN117915327 A CN 117915327A
- Authority
- CN
- China
- Prior art keywords
- vehicle
- ciphertext
- identity information
- global public
- certificate
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 32
- 238000004891 communication Methods 0.000 title claims abstract description 31
- 238000013475 authorization Methods 0.000 claims abstract description 48
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 10
- 238000012360 testing method Methods 0.000 claims abstract description 10
- 230000006870 function Effects 0.000 claims description 52
- 230000008569 process Effects 0.000 claims description 4
- 125000004122 cyclic group Chemical group 0.000 claims description 3
- 238000013507 mapping Methods 0.000 claims description 3
- 238000004364 calculation method Methods 0.000 description 8
- 238000005516 engineering process Methods 0.000 description 6
- 230000006855 networking Effects 0.000 description 5
- 238000011161 development Methods 0.000 description 4
- 239000012634 fragment Substances 0.000 description 4
- 238000010586 diagram Methods 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 238000007796 conventional method Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a method, a device, a system, a vehicle and a medium for finding privacy contact of internet of vehicles communication, wherein the method comprises the following steps: acquiring global public parameters generated by a certificate issuing center; generating a public and private key pair and identity information of the vehicle according to the global public parameters, and applying for a digital certificate to a certificate issuing center; receiving a ciphertext sent by an address book software server or an operator, wherein the ciphertext is an address book contact person message encrypted by utilizing a public key, identity information and global public parameters of a vehicle; when the vehicle owner agrees to the third party software to acquire the common contact, generating authorization according to the private key, the identity information, the digital certificate and the global public parameter of the vehicle, and sending the authorization and the ciphertext to the third party software, so that the third party software executes a test algorithm to calculate the common contact of different vehicle owners after receiving different ciphertexts and the authorization. The invention can realize the discovery function of the privacy contact person on the basis of encrypting the data without acquiring and verifying the digital certificate.
Description
Technical Field
The invention relates to a method, a device, a system, a vehicle and a medium for finding a communication privacy contact of the Internet of vehicles, belonging to the fields of information safety and privacy protection.
Background
With the rise of technologies such as the internet, a 5G network, a vehicle wireless communication technology and the like, an intelligent internet-connected vehicle has become a dominant development direction in the future of the vehicle industry. The intelligent network car constructs a complex and huge car networking system through the internet, the Ethernet and the V2X technology, and realizes high-degree interconnection and intercommunication among people, roads, clouds and App. The internet of vehicles is a system network for providing diversified function services by connecting a plurality of intelligent vehicles together through a new generation wireless network communication technology and completing information sharing and information utilization among the vehicles. However, since the internet of vehicles is part of the internet, various complex information security threats and risks are necessarily faced. In recent years, potential safety hazards and threats such as intrusion attack, data theft, information tampering and the like existing in a network terminal gradually penetrate into the field of the Internet of vehicles, and meanwhile, the special safety problem in the Internet of vehicles is continuously revealed.
The whole car networking ecological system can be divided into three layers, namely a car end, a pipe end and a cloud end. The vehicle-mounted terminal comprises an on-vehicle entertainment system, a user terminal, various sensors and other information receiving equipment. The pipe end comprises a data transmission communication technology among devices of the vehicle. Cloud is the core of the internet of vehicles. The cloud end mainly has data storage, data processing and various vehicle public service functions, and the data processing process is migrated to the cloud end, so that the flexibility of the vehicle-mounted end is ensured. The cloud is deployed around the calculation and monitoring management of the vehicle, so that the openness and sharing of the Internet of vehicles ecosystem are effectively improved.
At present, an application program installed at a vehicle end may be attacked when in communication with a cloud end, so that personal information of a user is revealed and stolen, and the running safety of the vehicle and the privacy information of the user are affected. In view of this, the data on the cloud server is stored in the form of ciphertext, so that occurrence of such events can be effectively prevented. In the internet of vehicles, the data transmitted by the vehicles and the server are generally transmitted in an encrypted mode, key negotiation is performed by using a public key cryptosystem, and then encrypted data is transmitted by using a symmetric cryptosystem. In the key negotiation stage, the sender needs to receive the digital certificate accepted and sent and verify, and then encrypts the negotiated symmetric key through the public key of the server and sends the encrypted symmetric key. If there are problems with network congestion, computational communication resource shortages, etc., the sender will not be able to obtain an accepted digital certificate. Meanwhile, the sender needs to perform communication of acquiring the digital certificate once before encrypting the data and calculates the authenticity of the digital certificate, which adds a lot of extra burden to the vehicle-mounted vehicle networking equipment with limited calculation resources. In addition, the following scenarios are also considered: when a vehicle owner installs a communication application program, such as WHATSAPPS, on the vehicle system, the first thing the application program needs to do is to check the address book of the vehicle owner to see which contacts in the address book of the vehicle owner also use their services. To achieve this, the application may of course ask the address book server or operator directly which users are in the owner's address book, which then tells WHATSAPPS, WHATSAPPS the owner's address book which users are also using their services by comparison with their internal database. It must be appreciated that using the simple approach described above basically means that the entire social graph of the vehicle owner would be leaked, for example if two business-sensitive information were being discussed using the software, the software would be able to monitor the content of their two conversations and leak to their competitors via the social graph.
Disclosure of Invention
In view of the above, the invention provides a method, a device, a system, a vehicle and a storage medium for finding a privacy contact person of internet of vehicles, which can realize the finding function of the privacy contact person on the basis that the data can be encrypted without acquiring and verifying a digital certificate.
A first object of the present invention is to provide a method for finding privacy contacts for internet of vehicles communication.
A second object of the present invention is to provide an internet of vehicles communication privacy contact discovery apparatus.
A third object of the present invention is to provide a system for finding privacy of internet of vehicles communication contacts.
A fourth object of the present invention is to provide a vehicle.
A fifth object of the present invention is to provide a computer-readable storage medium.
The first object of the invention is achieved by adopting the following technical scheme:
a privacy contact discovery method, the method comprising:
acquiring global public parameters generated by a certificate issuing center;
generating a public and private key pair and identity information of the vehicle according to the global public parameters, and applying for a digital certificate to a certificate issuing center;
Receiving a ciphertext sent by an address book software server or an operator, wherein the ciphertext is an address book contact person message encrypted by utilizing a public key, identity information and global public parameters of a vehicle;
when the vehicle owner agrees to the third party software to acquire the common contact, generating authorization according to the private key, the identity information, the digital certificate and the global public parameter of the vehicle, and sending the authorization and the ciphertext to the third party software, so that the third party software executes a test algorithm to calculate the common contact of different vehicle owners after receiving different ciphertexts and the authorization.
Further, the global common parameter generation process is as follows:
inputting a security parameter lambda, giving a bilinear cluster Wherein/>And/>Multiplication cyclic group of prime number p order, g is group/>E is the satisfaction/>Is a bilinear mapping relationship of (1);
Randomly selecting a private key Calculate public key/>Wherein/>The representation set {0,1,., p-1};
randomly selecting five hash functions Where lambda is the data length, hl is the hash function default output length, l is/>Is a length of (2);
according to bilinear groups Public key PK CA and five hash functions, output global public parameters/>
Further, the generating the public and private key pair and the identity information of the vehicle according to the global public parameter and applying for the digital certificate to the certificate issuing center specifically includes:
Randomly selecting a private key based on global public parameters Calculating a public key pk=g SK to generate identity information ID;
sending (ID, PK) to a certificate authority so that the certificate authority signs with a first hash function and a second hash function of a private key and a global public parameter of the certificate authority to generate a digital certificate, wherein the digital certificate is generated by the following steps:
Wherein H 1 is a first hash function, H 2 is a second hash function, and SK CA is a private key of a certificate authority;
and receiving the digital certificate returned by the certificate authority.
Further, the address book contact person message encrypted by using the public key, the identity information and the global public parameter of the vehicle has the following formula:
C1=gr
Wherein r is a random number, m is an address book contact message to be encrypted, H 1 is a first hash function, H 2 is a second hash function, H 3 is a third hash function, H 4 is a fourth hash function, and H 5 is a fifth hash function.
Further, the generating authorization according to the private key, the identity information, the digital certificate and the global public parameter of the vehicle specifically includes:
Using the private key SK of the vehicle, the identity information ID, the digital certificate first portion Cret 1, and the second hash function H 2 of the global public parameter, the authorization Atuh =h 2(ID)SK·Cret1 is calculated.
The second object of the invention is achieved by adopting the following technical scheme:
An internet of vehicles communication privacy contact discovery apparatus, the apparatus comprising:
the acquisition module is used for acquiring global public parameters generated by the certificate issuing center;
The certificate generation module is used for generating a public and private key pair and identity information of the vehicle according to the global public parameters and applying a digital certificate to the certificate issuing center;
the system comprises a ciphertext receiving module, a contact list server and a global public parameter receiving module, wherein the ciphertext receiving module is used for receiving ciphertext sent by the contact list software server or an operator, and the ciphertext is an address list contact person message encrypted by utilizing a public key, identity information and the global public parameter of the vehicle;
And the authorization and matching module is used for generating authorization according to the private key, the identity information and the digital certificate of the vehicle when the vehicle owner agrees to the third party software to acquire the common contact, and sending the authorization and the ciphertext to the third party software so that the third party software can execute a test algorithm to obtain the common contact of different vehicle owners after receiving different ciphertexts and the authorization.
The third object of the invention is achieved by adopting the following technical scheme:
The system comprises a certificate issuing center, at least two vehicles, an address book server/operator and third party software, wherein the certificate issuing center, the address book server/operator and the third party software are respectively connected with the vehicles, and the address book server/operator is connected with the certificate issuing center;
the certificate issuing center is used for generating global public parameters and digital certificates;
The address book server/operator is used for encrypting the address book contact person information by utilizing the public key, the identity information and the global public parameter of the vehicle to generate a ciphertext;
The third party software is used for executing a test algorithm to obtain common contacts of different vehicle owners after receiving different ciphertexts and authorizations;
The vehicle is used for generating a public and private key pair and identity information of the vehicle and applying a digital certificate to a certificate issuing center; receiving ciphertext sent by an address book software server or an operator; when the vehicle owner agrees that the third party software obtains the common contact person, generating authorization according to the private key, the identity information, the digital certificate and the global public parameter of the vehicle, and sending the authorization and the ciphertext to the third party software; and decrypting the ciphertext using the private key, the identity information, the digital certificate, and the global public parameter of the vehicle.
Further, the decrypting the ciphertext using the private key, the identity information, the digital certificate and the global public parameter of the vehicle specifically includes:
Decrypting the third ciphertext segment of the ciphertext using the private key SK of the vehicle, the digital certificate second part Cret 2, the first ciphertext segment C 1 of the ciphertext, the identity information ID, and the fifth hash function H 5 of the global public parameter To recover contact m.
The fourth object of the invention is achieved by adopting the following technical scheme:
A vehicle comprises a processor and a memory for storing a program executable by the processor, wherein the privacy contact discovery method is realized when the processor executes the program stored in the memory.
The fifth object of the present invention is achieved by adopting the following technical scheme:
a computer readable storage medium storing a program which, when executed by a processor, implements the privacy contact discovery method described above.
Compared with the prior art, the invention has the following beneficial effects:
1. The invention solves the problem that the verification certificate is required to be obtained before encryption in the traditional public key system, the acquisition and inquiry of the digital certificate are an indispensable link, the digital certificate plays a role of identity authentication, the public key and the identity are bound together through the digital certificate, and the binding is realized by signing the public key and the identity through an authentication center. Before encryption, in order to verify whether the public key corresponds to the identity, the sender generally obtains the digital certificate of the receiver and performs signature verification. In the invention, the digital certificate is used as a part of decryption, and no legal digital certificate can not finish the decryption, so that the problems are solved skillfully, and meanwhile, the due function of the digital certificate is reserved.
2. The method and the device solve the privacy protection problem of searching the common contact in the third party software. In the conventional method, searching for the common contact is generally achieved by comparing address books among different people through plaintext by third party software. The method and the device can cause the leakage of personal privacy to the third party software, and if the third party software is malicious, the personal information can be sold, so that the third party software can not obtain any information of the contact in the user address book when calculating the common contact through the technology for realizing ciphertext comparison, thereby protecting the privacy of the user; meanwhile, the authorization of the user is not obtained, and although the third party software receives the ciphertext of the address book of the user, the third party software cannot perform any meaningful operation on the ciphertext, and the action provides one more layer of guarantee for the privacy protection of the contact person of the user.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and other drawings may be obtained according to the structures shown in these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a block diagram of a communication privacy contact discovery system for internet of vehicles according to embodiment 1 of the present invention.
Fig. 2 is a flowchart of an implementation of the internet of vehicles communication privacy contact discovery system according to embodiment 1 of the present invention.
Fig. 3 is a schematic diagram of a method for finding privacy of internet of vehicles communication contacts according to embodiment 1 of the present invention.
Fig. 4 is a flowchart of a method for finding privacy in internet of vehicles communication in accordance with embodiment 1 of the present invention.
Fig. 5 is a block diagram of the structure of the internet of vehicles communication privacy contact discovery apparatus according to embodiment 2 of the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments, and all other embodiments obtained by those skilled in the art without making any inventive effort based on the embodiments of the present invention are within the scope of protection of the present invention.
Example 1:
With the development of new energy automobiles, intelligent automobiles have become a main development direction of various new energy brands. Similar to a smart phone, a vehicle-mounted vehicle system has various intelligent functions such as entertainment, networking, automatic driving and the like in addition to the traditional functions. The high-speed development of the vehicle-mounted system also brings more risks, and from the aspects of network security and privacy protection, the vehicle-mounted software contains a large amount of personal sensitive information, but the vehicle networking security industry is started just soon, so that the problem of personal information privacy protection of the vehicle cannot be completely solved. Consider one such scenario: when a user purchases a new car, in order to acquire intelligent experience of the new car, software is generally downloaded in a car machine system, a social function of some software owners can apply for acquiring an address book of the car owner to use a common contact function, if an address book software server or an operator used by the car owner directly sends all contacts of the car owner to third party software, the third party software can easily acquire an interpersonal relationship network of the car owner so as to infer various privacy information such as identity, family and the like of the car owner, and even more, if the third party software is malicious, illegal activities are carried out on the contacts of the car owner in the name of the car owner; the third party software is verified to be legal and compliant, and there is no reason for the third party software to know all contacts of the vehicle owner, because a server of the third party software may be attacked by a hacker to cause data leakage; in order to solve the problem, the method is adopted to encrypt the public keys of all the contacts by the vehicle owner and then send the encrypted public keys to the third party software, the third party software can calculate the common contacts of the vehicle owner only after the authorization of the vehicle owner, and the third party software does not know the specific information of the vehicle owner contacts no matter before calculation or after calculation.
As shown in fig. 1, the embodiment provides a system for finding privacy contact of internet of vehicles communication, which is applicable to internet of vehicles software and comprises a certificate issuing center, vehicles, address book servers/operators and third party software, wherein the number of vehicles is at least two, the certificate issuing center, the address book servers/operators and the third party software are respectively connected with the vehicles, and the address book servers/operators are connected with the certificate issuing center.
As shown in fig. 2, the specific implementation process of the internet of vehicles communication privacy contact discovery system of the embodiment is as follows:
(1) System initialization
The system initialization is completed through the certificate authority, and specifically comprises the following steps:
inputting a security parameter lambda, giving a bilinear cluster Wherein/>And/>Multiplication cyclic group of prime number p order, g is group/>E is the satisfaction/>Is a bilinear mapping relationship of (1);
Randomly selecting a private key Calculate public key/>Wherein/>The representation set {0,1,., p-1};
randomly selecting five hash functions Where lambda is the data length, hl is the hash function default output length, l is/>Is a length of (2);
according to bilinear groups Public key PK CA and five hash functions, output global public parameters/>
(2) Vehicle public and private key pair generation and digital certificate application
Taking vehicle A as an example, inputting global public parameters, and randomly selecting private keys by vehicle AComputing public keysThe vehicle's own identity information ID A is generated and transmitted (ID A,PKA) to the certificate authority.
After receiving (ID A,PKA), the certificate issuing center signs the private key of the certificate issuing center and the first hash function and the second hash function to generate a certificate: And returned to vehicle a.
(3) Address book encryption
The address book server/operator encrypts the address book contact person (i.e. the owner contact person) message and sends the encrypted message to the vehicle, and the method specifically comprises the following steps:
After receiving the global public parameters, the address book server/operator encrypts the address book contact person information by utilizing the public key, the identity information and the global public parameters of the vehicle to generate ciphertext, wherein the ciphertext is represented by the following formula:
C1,A=gr
Wherein r is a random number, m A is an address book contact message to be encrypted, H 1 is a first hash function, H 2 is a second hash function, H 3 is a third hash function, H 4 is a fourth hash function, and H 5 is a fifth hash function.
(4) Address book decryption
The vehicle decrypts the ciphertext by using the private key, the identity information, the digital certificate and the global public parameter, taking the vehicle A as an example, the vehicle A specifically comprises:
decrypting the third ciphertext fragment of the ciphertext using the private key SK A of the vehicle A, the digital certificate second part Cret 2,A, the first ciphertext fragment C 1,A of the ciphertext, the identity information ID A, and the fifth hash function H 5 of the global public parameter To recover contact m A.
(5) Generating authorization
The vehicle generates authorization according to private keys, identity information, digital certificates and global public parameters, taking vehicle A and vehicle B as examples, and specifically comprises:
Authorization is calculated using private key SK A of vehicle A, identity information ID A, digital certificate first portion Cret 1,A, and second hash function H 2 of global public parameters
Calculating authorization using private key SK B of vehicle B, identity information ID B, digital certificate first portion Cret 1,B, and second hash function H 2 of global public parameters
(6) Privacy common contact matching
The private common contact discovery is completed through third party software, and specifically comprises the following steps:
And receiving authorization and ciphertext given by two vehicle users, matching address book ciphertext of the two vehicle users and returning a common contact result, wherein the two vehicle users are vehicle A and vehicle B respectively and represent different users.
Calculation using the first ciphertext fragment C 1,A of the ciphertext C A of vehicle A and the authorization Atuh A Restoring the hash value H 3(mA of the contact in ciphertext C A).
Calculation using the first ciphertext fragment C 1,B of the ciphertext C B of the vehicle B and the authorization Atuh B Restoring the hash value H 3(mB of the contact in the ciphertext C B
If H 3(mA)=H3(mB), the address book of the two vehicle owners contains the common contact.
As shown in fig. 3 and 4, the present embodiment provides a method for finding privacy contact of internet of vehicles communication, which is mainly implemented through the steps (2), (3), (5) and (6) above, and specifically includes the following steps:
s401, acquiring global public parameters generated by a certificate authority.
S402, generating a public and private key pair and identity information of the vehicle according to the global public parameters, and applying for a digital certificate to a certificate issuing center.
S403, receiving ciphertext sent by the address book software server or the operator.
If the owner agrees that the third party software obtains the common contact, step S404 is executed, otherwise, no authorization is generated.
S404, generating authorization according to the private key, the identity information, the digital certificate and the global public parameter of the vehicle, and sending the authorization and the ciphertext to the third party software, so that the third party software executes a test algorithm to obtain common contacts of different vehicle owners after receiving different ciphertexts and the authorization.
It should be noted that although the method operations of the above embodiments are depicted in the drawings in a particular order, this does not require or imply that the operations must be performed in that particular order or that all illustrated operations be performed in order to achieve desirable results. Rather, the depicted steps may change the order of execution. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step to perform, and/or one step decomposed into multiple steps to perform.
Example 2:
As shown in fig. 5, the embodiment provides a device for discovering a privacy contact of internet of vehicles communication, which includes an acquisition module 501, a certificate generation module 502, a ciphertext receiving module 503 and an authorization and matching module 504, and specific functions of the modules are as follows:
An obtaining module 501, configured to obtain a global public parameter generated by a certificate authority;
The certificate generation module 502 is configured to generate a public-private key pair and identity information of a vehicle according to global public parameters, and apply for a digital certificate to a certificate issuing center;
The ciphertext receiving module 503 is configured to receive a ciphertext sent by an address book software server or an operator, where the ciphertext is an address book contact message encrypted by using a public key of a vehicle and a global public parameter;
and the authorization and matching module 504 is configured to generate authorization according to the private key, the identity information and the digital certificate of the vehicle when the vehicle owner agrees to the third party software to obtain the common contact, and send the authorization and the ciphertext to the third party software, so that the third party software performs a test algorithm to obtain the common contact of different vehicle owners after receiving different ciphertexts and the authorization.
It should be noted that, the apparatus provided in the foregoing embodiment is only exemplified by the division of the foregoing functional modules, and in practical application, the foregoing functional allocation may be performed by different functional modules according to needs, that is, the internal structure is divided into different functional modules, so as to perform all or part of the functions described above.
Example 3:
the present embodiment provides a computer-readable storage medium storing a computer program which, when executed by a processor, implements the internet of vehicles communication privacy contact discovery method of the above embodiment 1, as follows:
acquiring global public parameters generated by a certificate issuing center;
generating a public and private key pair and identity information of the vehicle according to the global public parameters, and applying for a digital certificate to a certificate issuing center;
Receiving a ciphertext sent by an address book software server or an operator, wherein the ciphertext is an address book contact person message encrypted by utilizing a public key, identity information and global public parameters of a vehicle;
when the vehicle owner agrees to the third party software to acquire the common contact, generating authorization according to the private key, the identity information, the digital certificate and the global public parameter of the vehicle, and sending the authorization and the ciphertext to the third party software, so that the third party software executes a test algorithm to calculate the common contact of different vehicle owners after receiving different ciphertexts and the authorization.
The computer readable storage medium of the present embodiment may be a computer readable signal medium or a computer readable storage medium or any combination of the two. The computer readable storage medium can be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples of the computer-readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
In summary, the invention solves the problem that the digital certificate needs to be obtained to verify the identity of the receiver before encryption in the traditional public key encryption system by putting the digital certificate into the decryption stage, reduces the communication and calculation cost, and is friendly to equipment with limited calculation resources in the Internet of vehicles, such as vehicle terminal equipment; meanwhile, the privacy protection of the function of the common contact person in the Internet of vehicles software is realized, so that the Internet of vehicles third party software cannot learn any information of the user address book when acquiring the common contact person of the user.
The above-mentioned embodiments are only preferred embodiments of the present invention, but the protection scope of the present invention is not limited thereto, and any person skilled in the art can make equivalent substitutions or modifications according to the technical solution and the inventive concept of the present invention within the scope of the present invention disclosed in the present invention patent, and all those skilled in the art belong to the protection scope of the present invention.
Claims (10)
1. A method for finding privacy contact for internet of vehicles communication, the method comprising:
acquiring global public parameters generated by a certificate issuing center;
generating a public and private key pair and identity information of the vehicle according to the global public parameters, and applying for a digital certificate to a certificate issuing center;
Receiving a ciphertext sent by an address book software server or an operator, wherein the ciphertext is an address book contact person message encrypted by utilizing a public key, identity information and global public parameters of a vehicle;
when the vehicle owner agrees to the third party software to acquire the common contact, generating authorization according to the private key, the identity information, the digital certificate and the global public parameter of the vehicle, and sending the authorization and the ciphertext to the third party software, so that the third party software executes a test algorithm to calculate the common contact of different vehicle owners after receiving different ciphertexts and the authorization.
2. The internet of vehicles communication privacy contact discovery method according to claim 1, wherein the global public parameter generation process is as follows:
inputting a security parameter lambda, giving a bilinear cluster Wherein/>And/>Multiplication cyclic group of prime number p order, g is group/>E is the satisfaction/>Is a bilinear mapping relationship of (1);
Randomly selecting a private key Calculate public key/>Wherein/>The representation set {0,1,., p-1};
five hash functions H 1 are randomly selected: H2:/>H3:{0,1}λ→{0,1}hl,H4:H5:/> Where lambda is the data length, hl is the hash function default output length, l is/> Is a length of (2);
according to bilinear groups Public key PK CA and five hash functions, output global public parameters/>
3. The method for finding privacy contact of internet of vehicles according to claim 1, wherein the generating public-private key pair and identity information of vehicles according to global public parameters and applying digital certificates to certificate issuing centers specifically comprises:
Randomly selecting a private key based on global public parameters Calculating a public key pk=g SK to generate identity information ID;
Sending (ID, PK) to a certificate authority so that the certificate authority signs with a first hash function and a second hash function of a private key and a global public parameter of the certificate authority to generate a digital certificate, wherein the digital certificate is generated by the following steps:
Wherein H 1 is a first hash function, H 2 is a second hash function, and SK CA is a private key of a certificate authority;
cret 1,Cret2 is to receive a digital certificate returned from a certificate authority.
4. The method of claim 1, wherein the address book contact message encrypted using the public key of the vehicle, the identity information and the global public parameter is represented by the following formula:
C1=gr
Wherein r is a random number, m is an address book contact message to be encrypted, H 1 is a first hash function, H 2 is a second hash function, H 3 is a third hash function, H 4 is a fourth hash function, and H 5 is a fifth hash function.
5. The method for finding privacy contact of internet of vehicles according to claim 1, wherein the generating authorization according to private key, identity information, digital certificate and global public parameter of vehicles specifically comprises:
Using the private key SK of the vehicle, the identity information ID, the digital certificate first portion Cret 1, and the second hash function H 2 of the global public parameter, the authorization Atuh =h 2(ID)SK·Cret1 is calculated.
6. An internet of vehicles communication privacy contact discovery apparatus, the apparatus comprising:
the acquisition module is used for acquiring global public parameters generated by the certificate issuing center;
The certificate generation module is used for generating a public and private key pair and identity information of the vehicle according to the global public parameters and applying a digital certificate to the certificate issuing center;
the system comprises a ciphertext receiving module, a contact list server and a global public parameter receiving module, wherein the ciphertext receiving module is used for receiving ciphertext sent by the contact list software server or an operator, and the ciphertext is an address list contact person message encrypted by utilizing a public key, identity information and the global public parameter of the vehicle;
And the authorization and matching module is used for generating authorization according to the private key, the identity information and the digital certificate of the vehicle when the vehicle owner agrees to the third party software to acquire the common contact, and sending the authorization and the ciphertext to the third party software so that the third party software can execute a test algorithm to obtain the common contact of different vehicle owners after receiving different ciphertexts and the authorization.
7. The system is characterized by comprising a certificate issuing center, at least two vehicles, an address book server/operator and third party software, wherein the certificate issuing center, the address book server/operator and the third party software are respectively connected with the vehicles, and the address book server/operator is connected with the certificate issuing center;
the certificate issuing center is used for generating global public parameters and digital certificates;
The address book server/operator is used for encrypting the address book contact person information by utilizing the public key, the identity information and the global public parameter of the vehicle to generate a ciphertext;
The third party software is used for executing a test algorithm to obtain common contacts of different vehicle owners after receiving different ciphertexts and authorizations;
The vehicle is used for acquiring global public parameters generated by a certificate issuing center; generating a public and private key pair and identity information of the vehicle according to the global public parameters, and applying for a digital certificate to a certificate issuing center; receiving ciphertext sent by an address book software server or an operator; when the vehicle owner agrees that the third party software obtains the common contact person, generating authorization according to the private key, the identity information, the digital certificate and the global public parameter of the vehicle, and sending the authorization and the ciphertext to the third party software; and decrypting the ciphertext using the private key, the identity information, the digital certificate, and the global public parameter of the vehicle.
8. The internet of vehicles communication privacy contact discovery system of claim 7, wherein decrypting the ciphertext using the private key, the identity information, the digital certificate, and the global public parameter of the vehicle, comprises:
Decrypting the third ciphertext segment of the ciphertext using the private key SK of the vehicle, the digital certificate second part Cret 2, the first ciphertext segment C 1 of the ciphertext, the identity information ID, and the fifth hash function H 5 of the global public parameter To recover contact m.
9. A vehicle comprising a processor and a memory for storing a program executable by the processor, wherein the processor, when executing the program stored in the memory, implements the internet of vehicles communication privacy contact discovery method of any one of claims 1-5.
10. A computer readable storage medium storing a program, wherein the program, when executed by a processor, implements the privacy contact discovery method of any one of claims 1-5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311827736.1A CN117915327A (en) | 2023-12-27 | 2023-12-27 | Internet of vehicles communication privacy contact discovery method, device, system, vehicle and medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311827736.1A CN117915327A (en) | 2023-12-27 | 2023-12-27 | Internet of vehicles communication privacy contact discovery method, device, system, vehicle and medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117915327A true CN117915327A (en) | 2024-04-19 |
Family
ID=90687108
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311827736.1A Pending CN117915327A (en) | 2023-12-27 | 2023-12-27 | Internet of vehicles communication privacy contact discovery method, device, system, vehicle and medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117915327A (en) |
-
2023
- 2023-12-27 CN CN202311827736.1A patent/CN117915327A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Zhang et al. | Privacy-preserving cloud establishment and data dissemination scheme for vehicular cloud | |
| CN112671798B (en) | Service request method, device and system in Internet of vehicles | |
| Saxena et al. | Authentication scheme for flexible charging and discharging of mobile vehicles in the V2G networks | |
| CN110324335B (en) | Automobile software upgrading method and system based on electronic mobile certificate | |
| Wachsmann et al. | Lightweight anonymous authentication with TLS and DAA for embedded mobile devices | |
| CN107105060A (en) | A kind of method for realizing electric automobile information security | |
| CN110830245B (en) | Anti-quantum-computation distributed Internet of vehicles method and system based on identity secret sharing and implicit certificate | |
| CN110365486B (en) | Certificate application method, device and equipment | |
| CN110881177B (en) | Anti-quantum computing distributed Internet of vehicles method and system based on identity secret sharing | |
| CN107493165B (en) | Internet of vehicles authentication and key agreement method with strong anonymity | |
| Chow et al. | Server-aided signatures verification secure against collusion attack | |
| CN105282179A (en) | Family Internet of things security control method based on CPK | |
| CN113660197B (en) | Obfuscated data aggregation privacy protection method, system, device, medium and terminal | |
| CN110020869B (en) | Method, device and system for generating block chain authorization information | |
| CN111246474B (en) | Base station authentication method and device | |
| CN111565182B (en) | Vehicle diagnosis method and device and storage medium | |
| CN112766962A (en) | Method for receiving and sending certificate, transaction system, storage medium and electronic device | |
| CN113285932B (en) | Method for acquiring edge service, server and edge device | |
| CN113781678A (en) | Vehicle Bluetooth key generation and authentication method and system under network-free environment | |
| CN109314644A (en) | Data providing system, data protecting device, data offering method and computer program | |
| CN112396735A (en) | Internet automobile digital key safety authentication method and device | |
| Qin et al. | An ECC-based access control scheme with lightweight decryption and conditional authentication for data sharing in vehicular networks | |
| CN113572795B (en) | Vehicle safety communication method, system and vehicle-mounted terminal | |
| CN109272314A (en) | A kind of safety communicating method and system cooperateing with signature calculation based on two sides | |
| Sun et al. | Ridra: A rigorous decentralized randomized authentication in VANETs |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |