(1) The material of the article is extracted from
Unit information|Guangdong University of Technology + Beijing Post and Telecommunications Dr. Hao Min’s team
Data source|Journal of Electronics and Information Science
Fund Project|National Key R&D Program
(2) Text
With the successive launch of the 5G packages of the three major operators at the end of 2019, it is announced that my country's fifth-generation wireless communication network (5G) has officially entered the commercial stage. 5G technology featuring application scenarios such as enhanced mobile broadband (eMBB), massive machine type communication (mMTC) and highly reliable low-latency communication (uRLLC) enables applications such as autonomous driving, telemedicine and smart grid, and helps People build a smart world where everything is connected.
However, according to expert predictions, the 5G network obviously cannot meet the network needs in 2030 and beyond. In addition, the first 6G Communication Perception Integration Academic Symposium held in Chengdu also pointed out that while the 6G network has strong communication capabilities, it will also Become the "nerve center" connecting the physical world and the digital world.
Therefore, major scientific research institutes and corporate R&D departments around the world have organized the research and development of the sixth-generation wireless communication network technology (6G); Huawei's "6G: A New Journey for Wireless Communication" white paper .
This issue recommends the review published by the team of Guangdong University of Technology + Dr. Hao Min of Beijing Post and Telecommunications in "Journal of Electronics and Information Technology", Volume 44, Issue 9, 2022: "Blockchain-Enabled 6G Zero-Trust IoV Trusted Access Solution" .
The 6G network will bring a new paradigm of ubiquitous intelligence with on-demand services in all scenarios, in which trusted and reliable network services are the key technical indicators of ubiquitous intelligence. Facing the communication requirements of 6G zero-trust network, this paper uses blockchain as a "trust bridge" to study the trusted and reliable access management method in edge computing of 6G Internet of Vehicles.
A zero-knowledge authentication algorithm based on 2 residuals is used to complete the mutual authentication and authorization between the base station and the vehicle without exposing the privacy of the vehicle. Then, in order to improve the verification efficiency and save the energy consumption of the base station, a roadside redundant computing power incentive model based on the contract theory is established, and a part of the verification tasks of the base station are allocated to the edge server or the parking vehicle, and then the corresponding rewards are given. Finally, a 6G zero-trust Internet of Vehicles architecture based on a double-layer blockchain is established, and the main chain maintained by the base station group and the auxiliary chain maintained by the edge computing power are used to record important parameters of the Internet of Vehicles authentication, so as to realize the trustworthiness of the zero-trust network environment access. Compared with the existing methods, the method described in this paper significantly improves the efficiency of vehicle verification, reduces the energy consumption of the base station, and has higher security without revealing the privacy of the vehicle. The highlights of the paper are organized as follows.
01 System Architecture
02 Zero knowledge proof
Zero-knowledge proof is divided into interactive or non-interactive, but no matter which way, the following three security features must be followed:
1) If the prover is legal, then the verification result must be accepted, and there will be no rejection;
2) If the prover is not legal, the probability of acceptance by the verifier is extremely small and can be ignored;
3) After the verification is completed, the verifier cannot obtain the privacy of any prover through the interactive data.
03 Solution introduction
1) Based on 2 remaining vehicle identity verifications
a. Initialization phase
Before the new car goes on the road, the traffic control department will give the vehicle a label and a communication key. The base station and verification server maintain and use these data to verify the identity of the vehicle. At the same time, the base station will also use these data to calculate evidence to prove the legitimacy of its identity to the vehicle.
b. Verification phase
2) Redundant computing power incentive mechanism
The RSUs and parked vehicles within the service range of the base station are collectively referred to as edge computing power, which has heterogeneous computing capabilities, credibility, and willingness to participate. The base station needs to give reasonable remuneration, so as to motivate the edge computing power to help the base station complete the vehicle verification task. Compared with the RSU fixed on the roadside, the parked vehicle may leave the range of the base station at any time. If the verification task is deployed to the parked vehicle rashly, the verification may be interrupted. In addition, in order to ensure their own privacy and security, parked vehicles will not expose their travel plans to the base station, which leads to information asymmetry between the base station and parked vehicles.
In order to reduce verification energy consumption and improve verification efficiency, the base station has established a roadside redundant computing power incentive mechanism based on contract theory. The base station invites RSUs and parked vehicles to participate in vehicle identity verification under the condition of information asymmetry and gives rewards.
3) Block structure
4) Security analysis
The malicious vehicle was not initialized under the authorization of the traffic control department, resulting in the inability to obtain public parameters and real vehicle keys, so that the malicious vehicle could not generate the expected identity evidence of the base station during the verification process, and was finally judged as illegal access.
During the communication process, if there is a malicious attacker who intercepts the interaction data, it can only obtain the encrypted vehicle privacy, and cannot decrypt and modify the vehicle privacy information. In addition, the pseudo-tag of the vehicle maintained in the auxiliary chain has nothing to do with the real identity of the vehicle, and will not cause vehicle privacy leakage. Therefore, the identity evidence generated by legal vehicles according to the verification strategy will definitely meet the expectations of the verification algorithm and will not leak private information.
04 Simulation experiment
05 Conclusion
A trusted access method and security architecture are proposed for 6G zero-trust Internet of Vehicles, which solves the problem of vehicle verification and authorization in a zero-trust network environment. The identity evidence is obtained between the vehicle and the base station by calculating the 2 residuals and the hash value of the identity key, and the identity verification is determined by exchanging evidence and checking. In order to reduce verification energy consumption and improve verification efficiency, the base station has established a roadside redundant computing power incentive mechanism based on contract theory. The base station invites RSUs and parked vehicles to participate in vehicle identity verification under the condition of information asymmetry and gives rewards. In addition, in order to improve the cross-domain performance of the verification strategy and avoid interruption of vehicle tasks due to identity verification, a two-layer blockchain combining the main chain and the auxiliary chain is used to build a trust bridge between the vehicle and the base station. Through security analysis and comparison with existing methods, the method significantly improves vehicle verification efficiency without revealing vehicle privacy, reduces base station energy consumption, and has higher security. As the 6G Internet of Vehicles business is more intensive, further reducing the delay of identity verification is the focus of the next research work.