Trust Access Authentication in Vehicular Network Based on Blockchain

Shaoyong Guo＊,Xing HuZiqiang Zhou,Xinyan Wang,Feng QiLifang Gao

1 State Key Laboratory of Networking and Switching Technology,BUPT,Beijing 100876,China

2 State Grid Zhejiang Electric Power Co.,Ltd.Institute of Electric Power Science,Zhejiang 310007,China

3 State Grid Henan Electric Power Company Information and Communication Company,Henan 450052,China

4 State Grid Hebei Electric Power Company,Information and Communication Company,Hebei 050022,China

Abstract: Data sharing and privacy securing present extensive opportunities and challenges in vehicular network.This paper introduces `trust access authentication scheme' as a mechanism to achieve real-time monitoring and promote collaborative sharing for vehicles.Blockchain,which can provide secure authentication and protected privacy,is a crucial technology.However,traditional cloud computing performs poorly in supplying low-latency and fast-response services for moving vehicles.In this situation,edge computing enabled Blockchain network appeals to be a promising method,where moving vehicles can access storage or computing resource and get authenticated from Blockchain edge nodes directly.In this paper,a hierarchical architecture is proposed consist of vehicular network layer,Blockchain edge layer and Blockchain network layer.Through a authentication mechanism adopting digital signature algorithm,it achieves trusted authentication and ensures valid verification.Moreover,a caching scheme based on many-to-many matching is proposed to minimize average delivery delay of vehicles.Simulation results prove that the proposed caching scheme has a better performance than existing schemes based on centralized model or edge caching strategy in terms of hit ratio and average delay.

Keywords: blockchain; vehicular network;edge computing; authentication mechanism;many-to-many matching

I.INTRODUCTION

With the development of Industrial Internet of Things (IIoT) technologies in vehicular network,data sharing among different vehicles becomes necessary,which brings serious threats to data integrity and privacy security.A trust access authentication network is in urgent need to achieve real-time monitoring and promote collaborative sharing.As a popular technology applied to IIoT scenarios,Blockchain is paid increasing attention to provide secure authentication and protected privacy for vehicles.First proposed by Satoshi Nakamoto,it consists transaction blocks that can be verified and confirmed without centralized authentications [1],[2].

Existing works have been studied to apply Blockchain to various scenerios of IIoT.In[3],it proposed a reputation system based on Blockchain for data credibility assessment.Authors in [4]designed a prototype proving that a Blockchain based on-demand insurance system can be realized for vehicles.[5]introduced an autonomous negotiation selecting the most convenient electric vehicle charging station according to Blockchain.

However,the centralized model cannot cover all vehicles for they are usually mobile and geographically distributed.Moreover,data stream generated by innumerable cars causes heavy burden for core network.To improve efficiency of data processing,many novel schemes have also been proposed.Authors in[6],[7]considered parking vehicles as storage resource to enhance capacity,at the cost of increasing probability of revealing owners'privacy.[8],[9]improved network efficiency through Network Function Virtualization and a novel resource allocation algorithm.In [10],it established a hierarchical VEC offloading framework in cloud-based vehicular network.Nevertheless,long delivery latency and poor real-time monitoring are still issues to be solved.

Therefore,an edge computing enabled Blockchain network is introduced to improve real-time response and edge security.Edge computing is a new computing model whose nodes distribute geographically [11],[12].By allowing smart cars to access and utilize storage and computing resource from edge nodes,the system promote deployment of Blockchain in peer-to-peer networks.It enables direct authentication between vehicles and edge nodes,reduces load in Blockchain network,and achieves information sharing among Blockchain edge nodes.

Researchers consider to establish distributed trust framework through combining edge computing and Blockchain.[13]proposed a novel mobile edge computing enabled wireless blockchain framework,where the computation-intensive mining tasks can be offloaded to nearby edge nodes.Authors in [14]established a blockchain-based distributed cloud architecture with software defined network (SDN).It could provide low-cost,secure and on-demand access to the most competitive computing infrastructure based on fog computing,but authors ignored mobility of vehicles.In [15],it analyzed the advantages of facilitating blockchain applications in future mobile IoT system without specificapplications.

These articles mentioned above have dedicated to solve trust access problems,while they ignore mobility and high standard for low-latency services in vehicular networks.In this paper,we establish a distributed trust access authentication system for vehicular network,where a hierarchical architecture is constructed combining Blockchain network and edge computing,to support collaborative sharing and valid authentication.Blockchain network is adopted as the underlying architecture for recording device information and protecting privacy.And edge computing enables to lower delivery latency and improve response.Additionally,an authentication mechanism according to digital signature algorithm is designed to ensure data security and privacy protection.Furthermore,a caching scheme according to many-to-many matching is proposed,aiming to minimize vehicle latency in delivering.Main contributions of this paper can be summarized as follows:

· A hierarchical architecture including vehicular network layer,Blockchain edge layer and Blockchain network layer is established.It achieves trust access for vehicles and collaborative sharing among different vehicular network.Therefore,it enhances network capability,lowers delivery latency and improves authentication speed.

· An authentication mechanism based on Blockchain is designed,achieving trust access authenticating and reliable verifying for vehicles.Considering frequent connections among nodes and vehicles,a digital signature algorithm is applied to prevent links from being attacked.

· An edge caching scheme according to many-to-many matching is proposed.Through optimizing caching strategy dynamically,it can minimize average delay and promote collaborative sharing performance.

Fig.1.System architecture.

II.SYSTEM MODEL

In this section,we demonstrate a broad overview of our proposed architecture and introduce authentication process for a vehicle to register in blockchain network through edge nodes.

2.1 Block hierarchical architecture

Different from previous studies which applied Blockchain in IIoT scenario adopting cloud model [16],[17],we establish a three-layer architecture combining edge computing to realize trust access and handle long transmission delay.As shown in figure 1,it consists of vehicular network layer,Blockchain edge layer,and Blockchain network layer.Function of each layer is described as follows:

·Vehicular Network Layer:As the widespread use of IIoT technologies in vehicular network,smart vehicles are equipped with many sensors that collect data and transfer it to other layer.It gets crucial for them to achieve secure communication and protected privacy as they lack access control mechanism and encryption.Moreover,long communication latency in Blockchain network is also unbearable for a car moving with high speed.

·Blockchain Edge Layer:Blockchain edge nodes can synchronize and update device information based on vehicle activity as a Blockchain network client.They register vehicles in Blockchain and create smart contract after obtaining authority from vehicles.Furthermore,information sharing through channels between edge nodes helps to reduce delivery latency for vehicles and relieve traffic jam in the Blockchain network.

·Blockchain Network Layer:Blockchain network provides a decentralized service of storing device information and creating smart contract.It's a distributed ledger which can orderly store and record device information and transaction.Each recorder in the ledger acts as a time constraint and a unique cryptographic signature.

2.2 Delivery model

In the system,distribution of edge nodes follows PPP ...Poisson Point Process (PPP) with intensity ofλB,andλBrepresents the initial number of nodes per square kilometers [18].Their set is denoted asB= {B1,B2,…,BN}.Set ofMvehicles isV={V1,V2,…,VM},which deploys randomly in the area.

A dedicated frequency band of bandwidthWiis allocated to the downlink channels from the Blockchain network toBi.For collaborative sharing among edge nodes is crucial to improve edge security and edge process,vehicles can also get requested data from nearby nodes having cached its information via connected node.On case that none of nodes cache the device information,the vehicle need to obtain response from the Blockchain network.For the sake of simplify,we think Blockchain network supplies a fixed download rate ofR0.As core network is usually located far from devices in the edge,it's believed thatR0is lower than download rate supported by connected nodes.

To show connections between edge nodes and vehicles,a location matrix is defined by

Due to limited caching capacity,Birequires to determine whether to cache device information ofVj.A caching matrix is defined as

III.BLOCKCHAIN BASED AUTHENTICATION MECHANISM

To supply trust access authenticating for vehicles and guarantee valid verification and confirmation among edge nodes and moving vehicles,an authentication mechanism based on Blockchain is designed as follows.

3.1 Trust access authentication

Figure 2 demonstrates the process for a vehicle to get authenticated in the Blockchain network.Firstly,the vehicle information and privacy policy will be uploaded to Blockchain edge nodes from the vehicle and then be delivered to Blockchain.Then the Blockchain network generates a block and invokes transactions to store device information and associated privacy.A unique ID and a pair of keys shall be distributed to the vehicle.After authorized by the vehicle,Blockchain creates a smart contract for it.

A smart contract is scripts stored on the Blockchain with a unique address.It executes independently and automatically in a prescribed manner on every node in the network,according to the data that was included in the triggering transaction [19].By sending transaction to the address,trusted nodes in the system can access to the smart contract and invoke its function,which enables direct authentication for registered vehicles without revealing device privacy.

To achieve user control over Blockchain network,a pair of private key and public key will be distributed to vehicles.The private key shall be kept confidentially to sign or modify the transactions.The public key of vehicles can be delivered to edge nodes,allowing them to download device information with permission.Thus when moving vehicles enter coverage of different edge nodes,they can delivery public keys to nodes and get authenticated directly.

Blockchain based vehicular network ensures the valid authentication,integrity and nonrepudiation in device registering through smart contracts,asymmetric cryptography mechanism and so on.It allows us to have a distributed peer-to-peer network where non-trusting vehicles can interact with each other without a trusted intermediary,in a verifiable manner.In this way,we realize trust access authenticating for vehicles and shorten certificating latency in moving.

Fig.2.Overview of the Blockchain based vehicular network.

3.2 Veri fication and con firmation according to digital signature algorithm

Vehicles should be verified by edge nodes and receive confirmation before getting accessed to them when entering coverage of new nodes.In the communication process,applying digital signature algorithm is necessary to prevent messages being attacked and tampered,for frequent contacts between edge nodes and vehicles are lacked of monitoring measurement.A typical digital signature algorithm used in Blockchain is Elliptic Curve Digital signature algorithm (ECDSA) based on Elliptic Curve Discrete Logarithm Problem (ECDLP) [20].

LetEE/pdenote a plane curveEover a prime finite fieldEp,including all the points satisfyingy=x3+ax+bwith the discriminant of the Weierstrass equation Δ= 4a3+ 2 7b2≠0.All point onEand infinity pointOform a cyclic groupG.Scalar multiplication can be computed as:tP=P+P+ …+P(t times),wherePis a generator ofGwith ordern.In ECDLP,givenGwith prime ordern,a generatorPofGandaP,it is computationally infeasible to derivea.Therefore,ECDSA can guarantee security based of the intractability of ECDLP.Assume thatG1andG2are cyclic group with the same prime orderq,whereG1is an additive cyclic group andG2is a multiplicative cyclic group.De finee:G1×G1→G2,and a formulation can be written:

The algorithm can be devided in 4 steps as follows:

3.2.1 Setup

Blockchain edge nodes choose a numbers∈as master private key and computes master public keyPKBE=s·P.Two secure hash functions are chosen:will be broadcast in the system as public parameters.

3.2.2 Abstract

After registering in the Blockchain network forVj,Biassigns the private key to the vehicle,achieving user controlling on privacy policy.Given public parameters andVj's IDIDj,Biselects a random numberand calculates following formulations:

Then (Rj,vj) is transmitted toVjas the private key fromBi.Vjcan validate the private key through checking whether the following equation is hold:

When the equation is satisfied,Vjcan confirm reliability of the node private key received fromBi.

3.2.3 Sign

In communicating with edge nodes,Vjshall sign a messagemwith public parameters.

It selects a random numberxj∈Zq*as the private key and computes public key,PKj=xj·P.

According to ECDSA,we have:

Therefore,Vj's signature for the messagemis (m,PKj,uj).

3.2.4 Verify

Upon receivng signature (m,PKj,uj) fromVj,Biveri fies the validity of messages through an examing equation:

If and only if the equation is proved to be true,willBiaccept the signature and open access to the vehicle.

To sum up,the digital signature algorithm plays an important role in verifying and confirming,ensuring data integrity,accessibility and security in transmitting between edge nodes and vehicles.

IV.CACHING SCHEME BASED ON MANY-TO-MANY MATCHING ALGORITHM

In this section,a caching scheme based on many-to-many matching algorithm is put forward.It can adjust resource allocating strategy of caching capacity dynamically as vehicles'location changes,satisfying their demand for low-latency and fast-response service.

4.1 Caching model

According to [22],the arrival rates of vehicles follows Poisson distribution with parameterλ,and their duration time follows an exponential distribution having expected valueµ.Defineηλµ=/.LetMmaxrepresent maximal number that Blockchain edge nodes can support.Then probability ofkvehicles' coming can be calculated as:

Based on eq.(9),expected number of vehicles in the whole system can be calculated as follows::

Assume that data size of device information forVjisdaj,and size of required data issj.Caching capacity ofBiis denoted byCapi.DefinePias transmission power ofBi,andas noise power ofVj.According to [21],pathloss betweenBiandVjcan be modeled aswheredi j,is distance between them,andαis path-loss exponent.fi j,represents coefficient of Rayleigh fading betweenBiandVj.To eliminate interference among channels distributed from Blockchain edge nodes to devices,all the downlink channels are independent and identically distributed.WhenBicoversVj,transmission rate between them can be calculated based on signal to interference plus noise ratio[18]:

To evaluate performance of the caching scheme,hit ratio is used to denote probability that edge node caches information of covered vehicles.Hit ratio ofBican be calculated as:

Hence total hit ratio for edge nodes is:

4.2 Delivery latency for vehicles

When a vehicle expects to obtain response from higher layer,it has three options with different delivery latency.We give analysis of all choices in next parts.

4.2.1 Latency to connected edge nodes

Vjis able to download data fromBidirectly if it is coverd byBiand finds device information in the node.In other words,li,j·ci,j=1.According to (11),latency for vehicles obtaining information from connected nodes is:

4.2.2 Latency to nearby edge nodes

If information ofVjis not available in connetcted nodeBi,Vjcan fetch information fromBkthroughBi.Distance between them is expressed asDi k,.LetBi k,be average bandwidth on the path,and transmission delay fromBktoBiis:

Given weight factorβi j,related to network core congestion,transmission latency from nearby nodeBktoVjaccording to (14)-(15) is:

4.2.3 Latency to the BlockChain network

If no edge nodes cache device information,Vjhas to submit requests to the Blockchain network.For simplification,the Blockchain network is regarded as the ( 1)N+thedge node,which can be denoted byBN+1.Given transmission rateR0and weight factorγ,delay from Blockchain network toVjcan be calculated as:

Above all,transmission delay thatVjneed to fetch data from higher layer is:

To minimize average latency,the optimization problem can be formulated as:

Obviously,Total caching size shouldn't exceed capacity of storage space of Blockchain edge nodes.The optimization problem is an integer programming problem,which is NP-hard.We intend to solve it with many-to-many matching.

4.3 Algorithm based on many-tomany matching

In this part,a many-to-many matching is proposed to solve optimizing problem.According to [23],Blockchain edge nodes and vehicles are two set of players in the matching,which are individually rational.Based on delivery delay and caching size,a utility function is defined to represent system cost ifBidetermines to allocate caching capacity toVj:

whereρis the weight factor for caching resource.Specially,wheniequals toN+1,the vehicle intends to cache terminal information in Blockchain network.Lower costs mean that edge nodes can provide low-latency service for vehicles with small storage size.Observing the utility function over each vehicle,Bihas a preference list on all vehicles,represented byVehicles with high preferences can get priority in resource allocating of caching capacity.As node prefers to choose vehicle with lower expenses,we set,

Furthermore,each vehicle has different preference over edge nodes and Blockchain network.Therefore,a preference list is set,de-noted bywhere

On the basis of preference lists,a many-to-many matching algorithm between BEs(Blockchain edge nodes and Blockchain network) and vehicles is designed as algorithm 1 described.After initializing,the preference lists of BEs and vehicles,i.e.,Φiand Ψj,are constructed,and their pointers move to the most preferred objects in the lists.At each round vehicles which have not been responded in past rounds will move pointer to preferred BE and submit requests.Observing behaviors of vehicles,each BE chooses its most preferred vehicle in the preference list until all caching capacity has been allocated.At the end of each round,if vehicle is accepted by BE,pointer of its preference list remains unchanged and the caching matrix is updated.Otherwise,the pointer of rejected vehicle will move to the next BE in list.In next round,the vehicle requests for caching space to the new BE.The matching repeats in circulations till all vehicle information have been cached in suitable BEs.And the caching matrix Ci j,shows the optimizing results.Based on the matching algorithm,we can calculate the minimum average delivery latencyT(C).

Lemma 1.Following the algorithm 1,the caching optimization will ultimately converge and achieve a stable matching result.

Proof.For each vehicle in the matching algorithm,the pointer of the vehicle's preference list moves in one direction.It chooses the most preferred BE to cache device information firstly,aiming to obtain minimizing delay.If its request is rejected by the BE,the pointer moves to the suboptimal BE.Above processes repeat until one BE meets demand of the vehicle.In this way,the vehicle cannot achieve a lower latency through moving the pointer back.

Therefore,when the pointer of each vehicle moves to the end of preference list,it has evaluated all BEs and has chosen one.In other words,it cannot gain higher utility by unilaterally changing caching location and submitting request for other BEs.Furthermore,through multi-rounds of matching algorithm,each BE has traversed all vehicles and has distributed caching capacity in an optimized way.According to [20],when two preference list in the matching market is substitutable,a pairwise stable matching always exists.Above all,the caching optimization will ultimately converge and achieve a stable matching result.

Algorithm 1.Many-to-many matching algorithm for caching problem.1: Initialize matrixs Li j i j, ,=■ ■■■lN M×,Ci ji j, ,=■ ■■■cN M×.2: for Bi do 3: Construct a preference list on vehicles based on (21);4: One pointer is set as the indicator pointing at the vehicle with highest value in preference list;5: end for 6: for Vj do 7: Construct the preference list on all BEs according to (22);8: One pointer is set pointing at the largest item in the list;9: end for 10: Set flag jV j,∀ ∈ ,to show whether the vehicle has been chosen by BEs in last round,but discarded in current round.Initially,flagj=0;11: while the pointers of all BEs have not scanned all vehicles do 12: for Vj whose information have not been cached do 13: if flagj=0 14: The pointer keeps current position in the preference list of Vj;15: else 16: The pointer moves to the next position in the preference list of Vj;17: end if 18: The vehicle submits requests to pointed BE with required caching size;19: end for 20: for Bi do 21: if the available caching capacity of Bi exceeds the requirement space of vehicles then 22: Bi allocates caching space to the most preferred vehicle whose pointer points to Bi.Set ci j,=1;23: else 24: Bi rejects the request of Vj.Set flagj=1;25: end if 26: end for 27: end while 28: Calculate T(C) according to (19);

V.SIMULATION RESULTS AND ANALYSIS

5.1 Security analysis

CIA triad is basically guidelines which are set for information security in an organization,known as confidentiality,integrity,and availability [24].Confidentiality makes sure that only the authorized user is able to read the message.Integrity guarantees the message is correct and trustworthy in transmitting,and availability means that the data is accessible to authorized users only.In this article,the Blockchain network achieves confidentiality via smart contracts and asymmetric encryptions.To ensure data integrity,the digital signature algorithm adopted in authentication mechanism is designed,protecting communication among edge nodes and vehicles in open environment.In order to increase availability,vehicles are protected from unauthorized requests.Edge nodes cannot access to vehicle information and privacy without public key distributed from the vehicle.Moreover,the caching scheme improves data sharing among platforms on the basis of getting authority from vehicles.Therefore,minimizing latency has no impact on vehicle availability.In summary,the Blockchain based vehicular network makes improvements in CIA triad.

5.2 Simulation performance

In this section,we evaluate performance ofour proposed system with simulator in Matlab.In simulation model,capacity of edge nodes is 1 GB,and size of device information ranges from 10 MB to 50 MB.Vehicles gain data from nodes with size of 1 MB.Transmission rate between nodes is 15 Mbps.For simplify,all the BEs have the same transmission powerPand channel fading coefficients.The arrival of mobile terminals is decided by Poisson distribution with parameterλ,and departure time follows exponentially distribution with indexµ.Parameters used in the simulation is list as Table.1 shows.

TableI.Simulation parameters.

To better evaluate the proposed caching scheme in this article,we study different mechanism that vehicles gain informtion from higher layer in vehicular network as below:

· Blockchain network based scheme (BCBS):

vehicles can authenticate and fetch informa

tion from the Blockchain network directly.· Least recently arrived based scheme(LRBS): information of the vehicle which arrived the node earliest will be removed from caching space,and Blockchain edge node replaces it with newly coming device information.

· Many-to-many matching algorithm based system (MMBS): according to our proposed scheme,edge nodes can verify vehicles and allocate caching capacity to them dynamically and efficiently.

In simulation,experiments are conducted with different parameters changing,i.e.,total number of vehicless,intensity of edge nodes in the network and caching capacity of nodes,to perform proposed scheme by comparison with BCBS and LRBS in terms of average delivery delay and hit ratio.

Figure 3 shows changes of hit ratio and average delivery delay versus total number of vehicles under 3 situations.Hit ratio of BCBS always equals to 1 for all terminal's information are cached in Blockchain network.Following rising amount of terminal,values of hit ratio in BPBS and LRBS are close to 1 and decline gradually.When it comes to average delivery delay,values of 3 curves rise with mobile terminals increasing.Among them BCBS has the biggest latency,since fetching data from Blochchain network for terminals goes through the longest transmission distance.Under BPBS and LRBE,their changes of curves are similar when there are a few vehicles in network.With terminal amount increasing,BPBS has a lower latency and higher hit ratio than LRBS.Reasons are that though vehicle's demand for caching capacity surpasses available space of nodes,BPBS can allocate caching capacity efficiently and dynamically by considering terminal number and caching size to minimum average delay.

Figure 4 represents influence of arrival intervalλ-1.Whenλ-1gets greater,average delivery delay decreases.High arrival rate means vehicles staying in this area are fewer.Thus a larger proporation of vehicles can cache information in nodes with lower latency.It's observed that LRBS may has a better performance than BPBS for it caches terminal information in connected node with priority.And BCBS undertakes the largest delay.

In figure 5,average delivery delay decreases in pace withµ-1getting larger.When departure interval increases,more cars are left in this area,causing caching burden to edge nodes or Blockchain network.Moreover,delivery latency will get higher.Increasing speed of curves also becomes faster.Among three schemes,BPBS has the smallest average delay benefited from collaborative sharing among nodes.

Finally,we examine performance of proposed scheme with different average caching capacity of Blockchain edge nodes when number of nodes varies within this area.

Figure 6 shows changes of hit ratio with different average caching capacity of edge nodes when number of nodes varies.When caching space increases ranging from 400 MB to 2400 MB,a larger proportion of mobile terminals' information which can be cached in nodes arises.For the node can meet demands of more requested vehicles.Moreover,as node intensity rising,hit ratio can also get higher until it comes near to 1.With more edge nodes deployed in system,the system caching capacity can be enhanced to supply low-latency services for vehicles.Additionly,collaborative sharing between nodes will occure more frequently.

Fig.3.Hit ratio and aveage delivery delay with different total number of vehicles.

Fig.4.Average delivery delay with different arrival interval of vehicles.

Fig.5.Average delivery delay with different departure interval of vehicles.

Fig.6.Hit ratio with different cache capacity of Blockchain edge nodes.

Fig.7.Average delivery delay with different cache capacity of Blockchain edge nodes.

On the contrary,average delivery delay declines constantly when caching capacity or amount of nodes increase as figure 7 shows.If caching capacity improves,vehicles can cache device information in connected edge node and fetch authority from it directly.By this way,transmission latency is reduced and utimately keeps unchanged when all vehicles can cache information in connected nodes.

VI.CONCLUSION AND FUTURE WORK}

To achieve fast authentication for vehicles and collaborative sharing among vehicular networks,a distributed trust access authentication system is proposed based on Blockchain network and edge computing in this article.Therefore,a hierarchical architecture is established consist of vehicular network layer,Blockchain edge layer and Blockchain network layer.Additionally,an authentication mechanism ensures data confidentiality,integrity and accessibility in communicating between vehicles and edge nodes,relying on the Blockchain network and digital signature algorithm.Furthermore,to avoid heavy burden for Blockchain network and optimize transmission latency,we propose a caching scheme based on many-to-many matching algorithm which can realize cooperation between nodes and adjust caching strategy efficiently by taking vehicle amounts and network caching condition into account.Simulation results prove that the proposed caching scheme has a higher hit ratio and lower delivery latency than other caching schemes on the basis of security.

In future work,we will apply this mechanism to various scenarios of IIoT to promote cooperation among IIoT platforms,and further optimize performance and accessibility.