Car manufacturers aim to enhance the use of two-factor authentication (2FA) to protect keyless entry systems in contemporary cars. Despite providing significant ease for users, keyless entry systems have become more s...Car manufacturers aim to enhance the use of two-factor authentication (2FA) to protect keyless entry systems in contemporary cars. Despite providing significant ease for users, keyless entry systems have become more susceptible to appealing attacks like relay attacks and critical fob hacking. These weaknesses present considerable security threats, resulting in unauthorized entry and car theft. The suggested approach combines a conventional keyless entry feature with an extra security measure. Implementing multi-factor authentication significantly improves the security of systems that allow keyless entry by reducing the likelihood of unauthorized access. Research shows that the benefits of using two-factor authentication, such as a substantial increase in security, far outweigh any minor drawbacks.展开更多
To ensure the access security of 6G,physical-layer authentication(PLA)leverages the randomness and space-time-frequency uniqueness of the channel to provide unique identity signatures for transmitters.Furthermore,the ...To ensure the access security of 6G,physical-layer authentication(PLA)leverages the randomness and space-time-frequency uniqueness of the channel to provide unique identity signatures for transmitters.Furthermore,the introduction of artificial intelligence(AI)facilitates the learning of the distribution characteristics of channel fingerprints,effectively addressing the uncertainties and unknown dynamic challenges in wireless link modeling.This paper reviews representative AI-enabled PLA schemes and proposes a graph neural network(GNN)-based PLA approach in response to the challenges existing methods face in identifying mobile users.Simulation results demonstrate that the proposed method outperforms six baseline schemes in terms of authentication accuracy.Furthermore,this paper outlines the future development directions of PLA.展开更多
With the rapid development and widespread adoption of Internet of Things(IoT)technology,the innovative concept of the Internet of Vehicles(IoV)has emerged,ushering in a new era of intelligent transportation.Since vehi...With the rapid development and widespread adoption of Internet of Things(IoT)technology,the innovative concept of the Internet of Vehicles(IoV)has emerged,ushering in a new era of intelligent transportation.Since vehicles are mobile entities,they move across different domains and need to communicate with the Roadside Unit(RSU)in various regions.However,open environments are highly susceptible to becoming targets for attackers,posing significant risks of malicious attacks.Therefore,it is crucial to design a secure authentication protocol to ensure the security of communication between vehicles and RSUs,particularly in scenarios where vehicles cross domains.In this paper,we propose a provably secure cross-domain authentication and key agreement protocol for IoV.Our protocol comprises two authentication phases:intra-domain authentication and cross-domain authentication.To ensure the security of our protocol,we conducted rigorous analyses based on the ROR(Real-or-Random)model and Scyther.Finally,we show in-depth comparisons of our protocol with existing ones from both security and performance perspectives,fully demonstrating its security and efficiency.展开更多
As the adoption of Vehicular Ad-hoc Networks(VANETs)grows,ensuring secure communication between smart vehicles and remote application servers(APPs)has become a critical challenge.While existing solutions focus on vari...As the adoption of Vehicular Ad-hoc Networks(VANETs)grows,ensuring secure communication between smart vehicles and remote application servers(APPs)has become a critical challenge.While existing solutions focus on various aspects of security,gaps remain in addressing both high security requirements and the resource-constrained nature of VANET environments.This paper proposes an extended-Kerberos protocol that integrates Physical Unclonable Function(PUF)for authentication and key agreement,offering a comprehensive solution to the security challenges in VANETs.The protocol facilitates mutual authentication and secure key agreement between vehicles and APPs,ensuring the confidentiality and integrity of vehicle-to-network(V2N)communications and preventing malicious data injection.Notably,by replacing traditional Kerberos password authentication with Challenge-Response Pairs(CRPs)generated by PUF,the protocol significantly reduces the risk of key leakage.The inherent properties of PUF—such as unclonability and unpredictability—make it an ideal defense against physical attacks,including intrusion,semi-intrusion,and side-channel attacks.The results of this study demonstrate that this approach not only enhances security but also optimizes communication efficiency,reduces latency,and improves overall user experience.The analysis proves that our protocol achieves at least 86%improvement in computational efficiency compared to some existed protocols.This is particularly crucial in resource-constrained VANET environments,where it enables efficient data transmission between vehicles and applications,reduces latency,and enhances the overall user experience.展开更多
As a model for the next generation of the Internet,the metaverse—a fully immersive,hyper-temporal virtual shared space—is transitioning from imagination to reality.At present,the metaverse has been widely applied in...As a model for the next generation of the Internet,the metaverse—a fully immersive,hyper-temporal virtual shared space—is transitioning from imagination to reality.At present,the metaverse has been widely applied in a variety of fields,including education,social entertainment,Internet of vehicles(IoV),healthcare,and virtual tours.In IoVs,researchers primarily focus on using the metaverse to improve the traffic safety of vehicles,while paying limited attention to passengers’social needs.At the same time,Social Internet ofVehicles(SIoV)introduces the concept of social networks in IoV to provide better resources and services for users.However,the problem of single interaction between SIoVand users has become increasingly prominent.In this paper,we first introduce a SIoVenvironment combined with the metaverse.In this environment,we adopt blockchain as the platform of the metaverse to provide a decentralized environment.Concerning passengers’social data may contain sensitive/private information,we then design an authentication and key agreement protocol calledMSIoV-AKAto protect the communications.Through formal security verifications in the real-or-random(ROR)model and using the AVISPA(Automated Validation of Internet Security Protocols and Applications)tool,we firmly verify the security of the protocol.Finally,detailed comparisons are made between our protocol and robust protocols/schemes in terms of computational cost and communication cost.In addition,we implement the MSIoV-AKA protocol in the Ethereum test network and Hyperledger Sawtooth to show the practicality.展开更多
Vehicular Ad-hoc Network(VANET)is a platform that facilitates Vehicle-to-Everything(V2X)interconnection.However,its open communication channels and high-speed mobility introduce security and privacy vulnerabilities.An...Vehicular Ad-hoc Network(VANET)is a platform that facilitates Vehicle-to-Everything(V2X)interconnection.However,its open communication channels and high-speed mobility introduce security and privacy vulnerabilities.Anonymous authentication is crucial in ensuring secure communication and privacy protection in VANET.However,existing anonymous authentication schemes are prone to single points of failure and often overlook the efficient tracking of the true identities of malicious vehicles after pseudonym changes.To address these challenges,we propose an efficient anonymous authentication scheme for blockchain-based VANET.By leveraging blockchain technology,our approach addresses the challenges of single points of failure and high latency,thereby enhancing the service stability and scalability of VANET.The scheme integrates homomorphic encryption and elliptic curve cryptography,allowing vehicles to independently generate new pseudonyms when entering a new domain without third-party assistance.Security analyses and simulation results demonstrate that our scheme achieves effective anonymous authentication in VANET.Moreover,the roadside unit can process 500 messages per 19 ms.As the number of vehicles in the communication domain grows,our scheme exhibits superior messageprocessing capabilities.展开更多
How to ensure the security of device access is a common concern in the Internet of Things(IoT)scenario with extremely high device connection density.To achieve efficient and secure network access for IoT devices with ...How to ensure the security of device access is a common concern in the Internet of Things(IoT)scenario with extremely high device connection density.To achieve efficient and secure network access for IoT devices with constrained resources,this paper proposes a lightweight physical-layer authentication protocol based on Physical Unclonable Function(PUF)and channel pre-equalization.PUF is employed as a secret carrier to provide authentication credentials for devices due to its hardware-based uniqueness and unclonable property.Meanwhile,the short-term reciprocity and spatio-temporal uniqueness of wireless channels are utilized to attach an authentication factor related to the spatio-temporal position of devices and to secure the transmission of authentication messages.The proposed protocol is analyzed formally and informally to prove its correctness and security against typical attacks.Simulation results show its robustness in various radio environments.Moreover,we illustrate the advantages of our protocol in terms of security features and complexity through performance comparison with existing authentication schemes.展开更多
To date,many previous studies have been proposed for driver authentication;however,these solutions have many shortcomings and are still far from practical for real-world applications.In this paper,we tackle the shortc...To date,many previous studies have been proposed for driver authentication;however,these solutions have many shortcomings and are still far from practical for real-world applications.In this paper,we tackle the shortcomings of the existing solutions and reach toward proposing a lightweight and practical authentication system,dubbed DriveMe,for identifying drivers on cars.Our novelty aspects are 1⃝Lightweight scheme that depends only on a single sensor data(i.e.,pressure readings)attached to the driver’s seat and belt.2⃝Practical evaluation in which one-class authentication models are trained from only the owner users and tested using data collected from both owners and attackers.3⃝Rapid Authentication to quickly identify drivers’identities using a few pressure samples collected within short durations(1,2,3,5,or 10 s).4⃝Realistic experiments where the sensory data is collected from real experiments rather than computer simulation tools.We conducted real experiments and collected about 13,200 samples and 22,800 samples of belt-only and seat-only datasets from all 12 users under different settings.To evaluate system effectiveness,we implemented extensive evaluation scenarios using four one-class detectors One-Class Support Vector Machine(OCSVM),Local Outlier Factor(LOF),Isolation Forest(IF),and Elliptic Envelope(EE),three dataset types(belt-only,seat-only,and fusion),and four different dataset sizes.Our average experimental results show that the system can authenticate the driver with an F1 score of 93.1%for seat-based data using OCSVM classifier,an F1 score of 98.53%for fusion-based data using LOF classifier,an F1 score of 91.65%for fusion-based data using IF classifier,and an F1 score of 95.79%for fusion-based data using EE classifier.展开更多
文摘Car manufacturers aim to enhance the use of two-factor authentication (2FA) to protect keyless entry systems in contemporary cars. Despite providing significant ease for users, keyless entry systems have become more susceptible to appealing attacks like relay attacks and critical fob hacking. These weaknesses present considerable security threats, resulting in unauthorized entry and car theft. The suggested approach combines a conventional keyless entry feature with an extra security measure. Implementing multi-factor authentication significantly improves the security of systems that allow keyless entry by reducing the likelihood of unauthorized access. Research shows that the benefits of using two-factor authentication, such as a substantial increase in security, far outweigh any minor drawbacks.
文摘To ensure the access security of 6G,physical-layer authentication(PLA)leverages the randomness and space-time-frequency uniqueness of the channel to provide unique identity signatures for transmitters.Furthermore,the introduction of artificial intelligence(AI)facilitates the learning of the distribution characteristics of channel fingerprints,effectively addressing the uncertainties and unknown dynamic challenges in wireless link modeling.This paper reviews representative AI-enabled PLA schemes and proposes a graph neural network(GNN)-based PLA approach in response to the challenges existing methods face in identifying mobile users.Simulation results demonstrate that the proposed method outperforms six baseline schemes in terms of authentication accuracy.Furthermore,this paper outlines the future development directions of PLA.
基金supported by the Startup Foundation for Introducing Talent of Nanjing University of Information Science and Technology and Natural Science Foundation of Shandong Province,China(Grant no.ZR202111230202).
文摘With the rapid development and widespread adoption of Internet of Things(IoT)technology,the innovative concept of the Internet of Vehicles(IoV)has emerged,ushering in a new era of intelligent transportation.Since vehicles are mobile entities,they move across different domains and need to communicate with the Roadside Unit(RSU)in various regions.However,open environments are highly susceptible to becoming targets for attackers,posing significant risks of malicious attacks.Therefore,it is crucial to design a secure authentication protocol to ensure the security of communication between vehicles and RSUs,particularly in scenarios where vehicles cross domains.In this paper,we propose a provably secure cross-domain authentication and key agreement protocol for IoV.Our protocol comprises two authentication phases:intra-domain authentication and cross-domain authentication.To ensure the security of our protocol,we conducted rigorous analyses based on the ROR(Real-or-Random)model and Scyther.Finally,we show in-depth comparisons of our protocol with existing ones from both security and performance perspectives,fully demonstrating its security and efficiency.
基金supported in part by the Jiangsu“Qing Lan Project”,Natural Science Foundation of the Jiangsu Higher Education Institutions of China(Major Research Project:23KJA520007)Postgraduate Research&Practice Innovation Program of Jiangsu Province(No.SJCX25_1303).
文摘As the adoption of Vehicular Ad-hoc Networks(VANETs)grows,ensuring secure communication between smart vehicles and remote application servers(APPs)has become a critical challenge.While existing solutions focus on various aspects of security,gaps remain in addressing both high security requirements and the resource-constrained nature of VANET environments.This paper proposes an extended-Kerberos protocol that integrates Physical Unclonable Function(PUF)for authentication and key agreement,offering a comprehensive solution to the security challenges in VANETs.The protocol facilitates mutual authentication and secure key agreement between vehicles and APPs,ensuring the confidentiality and integrity of vehicle-to-network(V2N)communications and preventing malicious data injection.Notably,by replacing traditional Kerberos password authentication with Challenge-Response Pairs(CRPs)generated by PUF,the protocol significantly reduces the risk of key leakage.The inherent properties of PUF—such as unclonability and unpredictability—make it an ideal defense against physical attacks,including intrusion,semi-intrusion,and side-channel attacks.The results of this study demonstrate that this approach not only enhances security but also optimizes communication efficiency,reduces latency,and improves overall user experience.The analysis proves that our protocol achieves at least 86%improvement in computational efficiency compared to some existed protocols.This is particularly crucial in resource-constrained VANET environments,where it enables efficient data transmission between vehicles and applications,reduces latency,and enhances the overall user experience.
基金supported by the Startup Foundation for Introducing Talent of Nanjing University of Information Science and Technology and Natural Science Foundation of Shandong Province,China(Grant no.ZR202111230202).
文摘As a model for the next generation of the Internet,the metaverse—a fully immersive,hyper-temporal virtual shared space—is transitioning from imagination to reality.At present,the metaverse has been widely applied in a variety of fields,including education,social entertainment,Internet of vehicles(IoV),healthcare,and virtual tours.In IoVs,researchers primarily focus on using the metaverse to improve the traffic safety of vehicles,while paying limited attention to passengers’social needs.At the same time,Social Internet ofVehicles(SIoV)introduces the concept of social networks in IoV to provide better resources and services for users.However,the problem of single interaction between SIoVand users has become increasingly prominent.In this paper,we first introduce a SIoVenvironment combined with the metaverse.In this environment,we adopt blockchain as the platform of the metaverse to provide a decentralized environment.Concerning passengers’social data may contain sensitive/private information,we then design an authentication and key agreement protocol calledMSIoV-AKAto protect the communications.Through formal security verifications in the real-or-random(ROR)model and using the AVISPA(Automated Validation of Internet Security Protocols and Applications)tool,we firmly verify the security of the protocol.Finally,detailed comparisons are made between our protocol and robust protocols/schemes in terms of computational cost and communication cost.In addition,we implement the MSIoV-AKA protocol in the Ethereum test network and Hyperledger Sawtooth to show the practicality.
基金supported by the National Natural Science Foundation of China under Grant U2001213.
文摘Vehicular Ad-hoc Network(VANET)is a platform that facilitates Vehicle-to-Everything(V2X)interconnection.However,its open communication channels and high-speed mobility introduce security and privacy vulnerabilities.Anonymous authentication is crucial in ensuring secure communication and privacy protection in VANET.However,existing anonymous authentication schemes are prone to single points of failure and often overlook the efficient tracking of the true identities of malicious vehicles after pseudonym changes.To address these challenges,we propose an efficient anonymous authentication scheme for blockchain-based VANET.By leveraging blockchain technology,our approach addresses the challenges of single points of failure and high latency,thereby enhancing the service stability and scalability of VANET.The scheme integrates homomorphic encryption and elliptic curve cryptography,allowing vehicles to independently generate new pseudonyms when entering a new domain without third-party assistance.Security analyses and simulation results demonstrate that our scheme achieves effective anonymous authentication in VANET.Moreover,the roadside unit can process 500 messages per 19 ms.As the number of vehicles in the communication domain grows,our scheme exhibits superior messageprocessing capabilities.
基金supported by National Natural Science Foundation of China(No.61931020,No.U19B2024 and No.62371462).
文摘How to ensure the security of device access is a common concern in the Internet of Things(IoT)scenario with extremely high device connection density.To achieve efficient and secure network access for IoT devices with constrained resources,this paper proposes a lightweight physical-layer authentication protocol based on Physical Unclonable Function(PUF)and channel pre-equalization.PUF is employed as a secret carrier to provide authentication credentials for devices due to its hardware-based uniqueness and unclonable property.Meanwhile,the short-term reciprocity and spatio-temporal uniqueness of wireless channels are utilized to attach an authentication factor related to the spatio-temporal position of devices and to secure the transmission of authentication messages.The proposed protocol is analyzed formally and informally to prove its correctness and security against typical attacks.Simulation results show its robustness in various radio environments.Moreover,we illustrate the advantages of our protocol in terms of security features and complexity through performance comparison with existing authentication schemes.
基金supported by the Institute of Information&Communications Technology Planning&Evaluation(1ITP)(Project Nos.RS-2024-00438551,30%,2022-11220701,30%,2021-0-01816,30%)the National Research Foundation of Korea(NRF)grant funded by the Korean Government(Project No.RS2023-00208460,10%).
文摘To date,many previous studies have been proposed for driver authentication;however,these solutions have many shortcomings and are still far from practical for real-world applications.In this paper,we tackle the shortcomings of the existing solutions and reach toward proposing a lightweight and practical authentication system,dubbed DriveMe,for identifying drivers on cars.Our novelty aspects are 1⃝Lightweight scheme that depends only on a single sensor data(i.e.,pressure readings)attached to the driver’s seat and belt.2⃝Practical evaluation in which one-class authentication models are trained from only the owner users and tested using data collected from both owners and attackers.3⃝Rapid Authentication to quickly identify drivers’identities using a few pressure samples collected within short durations(1,2,3,5,or 10 s).4⃝Realistic experiments where the sensory data is collected from real experiments rather than computer simulation tools.We conducted real experiments and collected about 13,200 samples and 22,800 samples of belt-only and seat-only datasets from all 12 users under different settings.To evaluate system effectiveness,we implemented extensive evaluation scenarios using four one-class detectors One-Class Support Vector Machine(OCSVM),Local Outlier Factor(LOF),Isolation Forest(IF),and Elliptic Envelope(EE),three dataset types(belt-only,seat-only,and fusion),and four different dataset sizes.Our average experimental results show that the system can authenticate the driver with an F1 score of 93.1%for seat-based data using OCSVM classifier,an F1 score of 98.53%for fusion-based data using LOF classifier,an F1 score of 91.65%for fusion-based data using IF classifier,and an F1 score of 95.79%for fusion-based data using EE classifier.
