P2BA: A Privacy-Preserving Protocol With Batch Authentication Against Semi-Trusted RSUs in Vehicular Ad Hoc Networks

Abstract

Vehicular Ad-hoc Networks (VANETs) supporting the seamless operation of autonomous vehicles introduce various network-connected devices. The widespread devices are engaged in VANETs so that users can enjoy advantageous computing and reliable services. The combination brings in massive real-time message propagation and dissemination, which would be leveraged by the adversaries to perform data association, integration analysis and privacy mining. To address such challenges, existing authentication schemes use <inline-formula> <tex-math notation= LaTeX >$n$ </tex-math></inline-formula> pseudonym certificates for pre-defined <inline-formula> <tex-math notation= LaTeX >$k$ </tex-math></inline-formula> times and try to keep the vehicles anonymous. These schemes require fresh certificates for each authentication process, which cost more communication and storage resources. In this paper, we propose a novel privacy-preserving authentication protocol (P2BA) in bilinear groups, where a registered vehicle signs a traffic-related message and sends it to the nearby Road-side Unit (RSU) together with its blinded certificate. The RSU is able to independently check the message for validity based on a non-interactive zero-knowledge proof protocol. In this way, the computation time has been reduced from <inline-formula> <tex-math notation= LaTeX >$\\mathcal {O}(n)$ </tex-math></inline-formula> to <inline-formula> <tex-math notation= LaTeX >$\\mathcal {O}(1)$ </tex-math></inline-formula> while the storage overhead from <inline-formula> <tex-math notation= LaTeX >$\\mathcal {O}(nk)$ </tex-math></inline-formula> to <inline-formula> <tex-math notation= LaTeX >$\\mathcal {O}(n)$ </tex-math></inline-formula> compared to anonymous authentication protocols. Moreover, our scheme provides privacy properties such as anonymity and unlinkability. The simulations show that the message authentication can be processed by individual RSUs within 1 ms under the batch-enabled scheme, which outperforms the existing schemes in terms of computation overhead and latency.