CN-122001670-A - Internet of vehicles data privacy protection and sharing method

Abstract

The invention provides an Internet of vehicles data privacy protection method aiming at the problems of data transmission privacy protection and sharing efficiency of an Internet of vehicles system, which comprises the steps that a data requester, a data owner and other entities need to register identities in an authorization mechanism, a user constructs a unique ID through hashing by acquiring biological characteristics, the data requester issues tasks through a blockchain, the data owner verifies the identities and rights of the data requester through intelligent contracts, the data owner uploads corresponding data after the data requester constructs a Circuit C, a proof generating instruction is executed, zero knowledge proof is generated, the data owner executes the proof instruction, the data owner encrypts and uploads the data to a cloud center, the cloud center encrypts and transmits the encrypted data to the data requester through a key of a lightweight re-encryption algorithm based on ECC, the data requester decrypts ciphertext by using a private key, and a TENDERMINT algorithm based on a consensus node is adopted to store data records in a blockchain. The invention optimizes the Internet of vehicles system by adopting the technology, further protects the data privacy, ensures that the privacy protection of the system meets the actual Internet of vehicles defending requirement, obviously improves the efficiency of data sharing, and obviously improves the security defending capability of the system.

Inventors

• WANG LIN
• SHI LEYI

Assignees

• 中国石油大学(华东)

Dates

Publication Date

20260508

Application Date

20260318

Claims (1)

1. 1. A method for protecting privacy and improving sharing efficiency of internet of vehicles, the method comprising the following steps: a. The authority examines the relevant qualification information of the data demander and the owner, grants access rights ACC i and access level GRADE i , and selects Hash function Hash () to calculate anonymous identity AID i = Hash(RID i Authorization mechanism calculates public key PK of participant based on AID i i The authority uploads the user registration information RE i = {AID i 、RID i 、ACC i 、GRADE i 、PK i to the blockchain The participant obtains the registration information RE i through the blockchain; Wherein, the angle mark i represents the user number, RID i is the true identity ID, AID i is the anonymous identity ID, and Hash () is the Hash transform function; b. Data demander applies for acquiring owner's vehicle data The data owner reads the anonymous identity of the data demander through the intelligent contract, acquires the access rights ACC i and grants the access rights GRADE i ; the data owner transmitting vehicle data; c. By verifying the compliance of data through zk-SNARKs, the data consumer builds Circuit C, the owner executes GenProof () algorithm, generates reliable zero knowledge proof and submits, the consumer compares the calculated result value R 'of zk-SNARKs and the hash value H' of the data owner through VerProof () algorithm, and the specific mechanism is as follows: Selecting a generator g and a cipher pair e, for a function f (u) =y, n variables in total, where m is the input/output variable, transposed into a form of a quadratic arithmetic program polynomial of degree d (equivalent to the number of operation formulas) and size n+1 ({ l i (x), r i (x), o i (x) }, i e {0,. }, n }, t (x)), sampling the random numbers s, ρ l , ρ r , α l , α r , α o , β, γ, ρ o = ρ l · ρ r , operand generator g l = g ρl , g r = g ρr , g o = g ρo , set the attestation key: , Setting a verification key: for input u, performing a calculation of f (u) to obtain values { v i } i∈{m+1,...,n} for all iterative intermediate variables, assigning all values to the unencrypted variable polynomial L (x) =l 0 (x) + for the variable polynomial Random numbers δ l , δ r and δ o are sampled to find h (x) =l (x) R (x) ⇒ +Delta l R(x) + δ l δ r t(x) - δ o , assigning the prover variable value to the encryption variable polynomial and applying zero knowledge delta-shift, And (2) and , Similarly, assign his alpha-shifted pair, And (2) and , Similarly, a consistency polynomial of variable value is allocated Calculation of the proof of the test Assigning the input/output value to the verifier's cryptographic polynomial, and bringing in/: In the same way And Also, check variable value consistency: Checking the effective value: If the knowledge is equal, the zero knowledge proof condition is satisfied; The data owner submits a data attestation request to the data requestor and records the blockchain. The anonymous identity AID i of the data owner, the vehicle operation data D and the timestamp T, generating the expansion information u= (D, T, AID i ), sending the expansion information u= (D, T, AID i ) as a challenge to the data demander, and giving a response if the verification is successful; d. Lightweight ECC-based proxy re-encryption and data integrity verification Elliptic curve E is defined over finite field Fp, base point G is a generator on elliptic curve with order of w, public key of data owner A is pk A =sk A G, public key of data consumer B is pk B =sk B G, where sk A ,sk B is private key; the realization steps are as follows: (1) System initialization, namely selecting elliptic curve parameters (such as curve type, base point G and order w), and generating a system public key and a main private key; (2) Generating a user key, namely generating a public-private key pair for A and B, wherein the private key of A is sk A , and the public key is pk A =sk A G; (3) Re-encryption key generation, A generates re-encryption keys from A to B, rk A →B=sk A ⋅pk B =sk A ⋅sk B G; (4) Encryption, A encrypts a message m by using a public key of the A, selecting a random number r E Zw, and calculating a ciphertext C A =(C 1 ,C 2 )=(r⋅G, m+H(r⋅pk A ), wherein H is a hash function; (5) Re-encrypting, namely re-encrypting the ciphertext by using a re-encryption key by the agent, wherein the re-encryption key is C B =(C 1 ,C 2 ´)=(r⋅G, m+H(r⋅rk A -B); (6) Decryption-data consumer B decrypts ciphertext using its own private key: m=c 2 ´−H(sk B ⋅C 1 ); e. Consensus The vehicle records are stored in the blockchain through the consensus node, and a TENDERMINT consensus mechanism based on the consensus node is designed by combining PBFT Bayesian fault tolerance and PoS rights and interests proving mechanism, so that throughput is improved and time delay is reduced during data transmission, and the method is as follows: (1) The proposal phase (Propose) in which the leader (Proposer) of the current round proposes a new block, the leader being determined by the weights in the verifier set (typically related to the number of tokens to be mortgage); (2) A pre-voting stage (Prevote) in which the verifier pre-votes the proposed block, and if the verifier receives more than 2/3 of the pre-votes, the next stage is entered; (3) A pre-commit stage (Precommit) in which the verifier pre-commits the block, and if the verifier receives more than 2/3 of the pre-commit, entering a commit stage; (4) Commit phase (Commit) the block is committed and added to the blockchain, and once committed, the block has finalize (Finality) and is irreversible.

Description

Internet of vehicles data privacy protection and sharing method Technical Field The invention belongs to the field of network security, and particularly relates to a method for protecting and sharing data privacy of the Internet of vehicles. Background With the rapid development of information technology, the security threat faced by the internet of vehicles system is increasing. The contradiction between data sharing and privacy protection among vehicles seriously threatens the safety of vehicle users and the safety of a vehicle networking system. In recent years, blockchain technology, zero knowledge proof technology and the like are gradually applied to solve the problem of data sharing privacy protection because the traditional defense technology cannot resist diversified and hidden network attack means. The blockchain is used as a tamper-resistant distributed ledger, and can construct a trusted ledger in an untrusted environment. In the blockchain, all participants can verify and forward the transaction and maintain a consistent ledger throughout the network using consensus algorithms. Each block of the distributed ledger records a series of transactions and hashes of the previous block, so that the current block is linked to the previous block. At the heart of second generation blockchain technology, the essence of the smart contract is an executable digital protocol. The intelligent contract has the characteristics of programmability and legalization, and is widely applied in the fields of finance, digital asset management and the like. Considering that relevant records of vehicle data are packaged and stored in a block chain through consensus nodes, and through analysis, a consensus algorithm based on the consensus nodes is designed as the most suitable consensus mechanism, so that throughput can be improved and time delay can be reduced during data transmission. In order to improve the security defense capability of the internet of vehicles system, the data interaction privacy protection capability of the system should be emphasized, so that the system can effectively resist malicious attacks when aggregating data. At present, defense decision research on the internet of vehicles system is mainly focused on point-to-point data transmission, roadbed unit-vehicle data transmission research and the like, and privacy protection is carried out through entity units, and optimization problems of introducing blockchains and data sharing are not considered. Zero knowledge proof is an encryption protocol. It can prove knowledge understanding to the verifier without revealing any information outside its knowledge. Because of the unknowns and variability of the network attack and defense environment, the real-time performance required by the internet of vehicles cannot be met by utilizing fixed control parameters, namely, zk-SNARKs (zero-knowledge succinct non-interactive knowledge demonstration) is selected, and only one round of interaction between a prover and a verifier is required. An elliptic curve encryption (Elliptic Curve Cryptography, ECC) technology is selected as a bottom technology and is integrated into a proxy re-encryption technology, so that authority delegation in data sharing is realized. The lightweight characteristic of the method is derived from the high efficiency of ECC, and double linear pair operation with high calculation cost is avoided. Therefore, the algorithm is introduced into the Internet of vehicles system, so that the system can resist malicious attacks of various entities in a complex network environment, protect data privacy and effectively improve the efficiency of data sharing among different entities. Disclosure of Invention The invention provides an Internet of vehicles data privacy protection method aiming at the problems of data transmission privacy protection and sharing efficiency of an Internet of vehicles system, which comprises the steps that a data requester, a data owner and other entities need to register identities in an authorization mechanism, a user constructs a unique ID through hashing by acquiring biological characteristics, the data requester issues tasks through a blockchain, the data owner verifies the identities and rights of the data requester through intelligent contracts, the data owner uploads corresponding data after the data requester constructs a Circuit C, a proof generating instruction is executed, zero knowledge proof is generated, the data owner executes the proof instruction, the data owner encrypts and uploads the data to a cloud center, the cloud center encrypts and transmits the encrypted data to the data requester through a key of a lightweight re-encryption algorithm based on ECC, the data requester decrypts ciphertext by using a private key, and a TENDERMINT algorithm based on a consensus node is adopted to store data records in a blockchain. The invention optimizes the Internet of vehicles system by adopting the technology, furthe