Lightweighted Mutual Authentication and Key Agreement in V2N IoV

Journal of Information Security Reserach ›› 2025, Vol. 11 ›› Issue (8): 753-.

Previous Articles Next Articles

Lightweighted Mutual Authentication and Key Agreement in V2N IoV

Liu Ya’nan1, Cao Lei1, Zhang Zheng1, Li Ge2, Qiu Shuo1, and Wang Suhao1

1(School of Network Security, Jinling Institute of Technology, Nanjing 211169)
2(School of Command and Control Engineering, Army Engineering University of PLA, Nanjing 210007)

Online:2025-08-28 Published:2025-08-28

车联网V2N中的轻量级双向认证与密钥协商

柳亚男1曹磊1张正1李戈2邱硕1王苏豪1

1(金陵科技学院网络安全学院南京211169)
2(中国人民解放军陆军工程大学指挥控制工程学院南京210007)

通讯作者: 曹磊硕士研究生.主要研究方向为车联网车辆的身份认证和密钥协商. 3389664953@qq.com
作者简介:柳亚男博士，副教授.主要研究方向为密码协议、物联网安全. yanan.liu@jit.edu.cn 曹磊硕士研究生.主要研究方向为车联网车辆的身份认证和密钥协商. 3389664953@qq.com 张正博士研究生，研究员.主要研究方向为网络安全、通信安全. zhangzheng@jit.edu.cn 李戈博士，讲师.主要研究方向为网络攻防技术、人工智能安全. 241298319@qq.com 邱硕博士，副教授.主要研究方向为云计算安全、隐私保护. shuoqiu@jit.edu.cn 王苏豪硕士研究生.主要研究方向为人工智能安全、入侵检测. 2307050012@stu.jit.edu.cn

Abstract

Abstract: Aiming at the scenario of vehicle secure access to application servers in the V2N (vehicle to network) environment, a Kerberos extension protocol is proposed based on the PUF (physical unclonable function). This protocol provides the twoway authentication and key agreement between the vehicle and the remoted application server and ensured the confidentiality and authentication of the V2N data transmission. The CRP (challenge response pair) generated by the PUF is used to replace the password in standard Kerberos to prevent the threats of key leakage caused by physical attacks such as intrusion, semiintrusion, sidechannel attacks, etc. The characteristics of Kerberos’s lightweighted twoway authentication protocol can overcome the defects of high calculation complexity and slow speed of the public key authentication algorithms, and effectively provide the secure data transmission between vehicles and application servers.

Key words: Kerberos, physical unclonable function (PUF), authentication, IoV(Internet of vehicles), lightweighted

摘要： 针对车联网(IoV)的V2N(vehicle to network)环境中车辆安全接入应用服务器场景，提出一种基于物理不可克隆函数(physical unclonable function, PUF)的Kerberos扩展协议PuKEV2N，实现车辆与远程应用服务器之间的双向认证和与密钥协商，保障V2N数据传输的保密性与认证性.利用PUF产生的激励响应对代替标准Kerberos的口令认证，从而防止攻击者通过入侵、半入侵或侧信道攻击等物理攻击造成的密钥泄露威胁.而Kerberos的轻量级双向认证协议，可以克服公钥认证算法计算复杂度高、速度慢的缺陷，高效实现车辆与应用服务器之间的安全数据传输.

关键词: Kerberos, 物理不可克隆函数, 身份认证, 车联网, 轻量

CLC Number:

TP309

柳亚男, 曹磊, 张正, 李戈, 邱硕, 王苏豪, . 车联网V2N中的轻量级双向认证与密钥协商[J]. 信息安全研究, 2025, 11(8): 753-.

References

［1］王雪聪. 基于V2X安全芯片的5G车联网安全［J］. 信息安全研究, 2020, 6(8): 705709［2］陈葳葳, 曹利, 邵长虹. 基于区块链技术的车联网高效匿名认证方案［J］. 计算机应用, 2020, 40(10): 29922999［3］Altaf F, Maity S. PLHAS: Privacypreserving localized hybrid authentication scheme for large scale vehicular ad hoc networks［J］. Vehicular Communications, 2021, 30: 100347［4］刘晴. 车联网中隐私保护和安全认证技术的研究［D］. 南京: 南京邮电大学, 2022［5］杨玉娟. 基于区块链的车联网匿名身份认证机制的研究与实现［D］. 南京: 南京邮电大学, 2023［6］Guo R, Dong R H, Li X, et al. DRCLAS: An efficient certificateless aggregate signature scheme with dynamic revocation in vehicular adhoc networks［J］. Vehicular Communications, 2024, 47: 100763［7］Neuman B C, Ts’o T. Kerberos: An authentication service for computer networks［J］. IEEE Communications Magazine, 1994, 32(9): 3338［8］王冠, 苗艺雪. 基于Intel SGX的Kerberos安全增强方案［J］. 信息安全研究, 2021, 7(4): 374383［9］Zhu L, Tung B. Public Key Cryptography for Initial authentication in kerberos (PKINIT)［ROL］. 2006 ［20240501］. https:www.rfceditor.orgrfcrfc4556［10］Sutradhar M R, Sultana N, Dey H, et al. A new version of Kerberos authentication protocol using ECC and threshold cryptography for cloud security［C］ Proc of the 7th Joint Int Conf on Informatics, Electronics & Vision (ICIEV) and the 2nd Int Conf on Imaging, Vision & Pattern Recognition (icIVPR). Piscataway, NJ: IEEE, 2018: 239244［11］叶子瑞, 王晓菲, 尚颖, 等. 无线自组织网络身份认证技术研究［J］. 网络安全技术与应用, 2023 (9): 7376［12］Maes R. Physically Unclonable Functions: Constructions, Properties and Applications［M］. Berlin: Springer, 2013［13］柳亚男, 张正, 邱硕, 等. WSN中基于物理不可克隆函数的簇内密钥分配［J］. 计算机工程, 2020, 46(9): 163171［14］韩宇. 基于PUF的密钥存储安全技术［J］. 信息技术与信息化, 2020 (12): 8284［15］侯琬钰, 孙钰, 李大伟, 等. 基于PUF的5G车联网V2V匿名认证与密钥协商协议［J］. 计算机研究与发展, 2021, 58(10): 22652277［16］齐国印. 车辆自组织网络中的轻量级身份认证研究［D］. 南京: 南京邮电大学, 2022［17］张航, 梁杨帆, 黄娟, 等. 抵抗物理窃取的5G车联网匿名认证协议［J］. 桂林电子科技大学学报, 2023, 43(5): 405412［18］谭伟杰, 杨雨婷, 牛坤, 等. 基于MIPUF的V2X车联网通信安全认证协议［J］. 信息网络安全, 2023, 23(12): 3848［19］Li S S, Huang Y C, Yu B, et al. Low cost Internet of things security communication scheme based on PUF［J］. Acta Electronica Sinica, 2019, 47(4): 812817［20］Chatterjee U, Chakraborty R S, Mukhopadhyay D. A PUF based secure communication protocol for IoT［J］. ACM Trans on Embedded Computing Systems, 2017, 16(3): 125

[1]	. A PUFbased Identity Authentication and Key Negotiation Protocol for Telemedicine [J]. Journal of Information Security Reserach, 2025, 11(7): 626-.
[2]	. Research and Implementation of a Blockchainbased Biometric #br# Information Sharing Scheme#br# [J]. Journal of Information Security Reserach, 2025, 11(5): 402-.
[3]	. Design and Verification of V2V Authentication and Key Exchange Protocol for Internet of Vehicles [J]. Journal of Information Security Reserach, 2025, 11(5): 465-.
[4]	. Multiaccess Controls for Defense Against Smart Contract Reentry Attacks [J]. Journal of Information Security Reserach, 2025, 11(4): 333-.
[5]	. Group Key Management Mechanism for Internet of Vehicles [J]. Journal of Information Security Reserach, 2025, 11(2): 139-.
[6]	. An Anonymous Roaming Authentication Scheme for Mobile Network [J]. Journal of Information Security Reserach, 2024, 10(9): 856-.
[7]	. Research on Identity Authentication Technology Based on Block Chain and PKI [J]. Journal of Information Security Reserach, 2024, 10(2): 148-.
[8]	. Twoway Authentication Scheme for Railway Time Synchronization Protocol [J]. Journal of Information Security Reserach, 2024, 10(12): 1165-.
[9]	. Research on Security Verification of RFID Authentication Protocol #br# Based on Model Checking#br# [J]. Journal of Information Security Reserach, 2024, 10(11): 1043-.
[10]	. Blockchainbased Multifactor Crossdomain Authentication Scheme for IoV [J]. Journal of Information Security Reserach, 2024, 10(11): 1074-.
[11]	. Zerotrust Dynamic Authentication to Resist APT Identity Compromise [J]. Journal of Information Security Reserach, 2024, 10(10): 928-.
[12]	. Security Protection and Research of ModbusTCP Protocol Based on National Secret Algorithm [J]. Journal of Information Security Reserach, 2024, 10(1): 20-.
[13]	. Distributed Authentication Model Under Power IoT Zero Trust Architecture [J]. Journal of Information Security Reserach, 2024, 10(1): 67-.
[14]	. Application and Implementation of Commercial Cryptographic Algorithm in Securities Industry [J]. Journal of Information Security Reserach, 2023, 9(7): 707-.
[15]	. Research on Data Sharing Management Based on Attributebased Encryption#br# #br# [J]. Journal of Information Security Reserach, 2023, 9(11): 1061-.

Lightweighted Mutual Authentication and Key Agreement in V2N IoV

车联网V2N中的轻量级双向认证与密钥协商

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics