SE-CPPA: A Secure and Efficient Conditional Privacy-Preserving Authentication Scheme in Vehicular Ad-Hoc Networks

Communications between nodes in Vehicular Ad-Hoc Networks (VANETs) are inherently vulnerable to security attacks, which may mean disruption to the system. Therefore, the security and privacy issues in VANETs are entitled to be the most important. To address these issues, the existing Conditional Privacy-Preserving Authentication (CPPA) schemes based on either public key infrastructure, group signature, or identity have been proposed. However, an attacker could impersonate an authenticated node in these schemes for broadcasting fake messages. Besides, none of these schemes have satisfactorily addressed the performance efficiency related to signing and verifying safety traffic-related messages. For resisting impersonation attacks and achieving better performance efficiency, a Secure and Efficient Conditional Privacy-Preserving Authentication (SE-CPPA) scheme is proposed in this paper. The proposed SE-CPPA scheme is based on the cryptographic hash function and bilinear pair cryptography for the signing and verifying of messages. Through security analysis and comparison, the proposed SE-CPPA scheme can accomplish security goals in terms of formal and informal analysis. More precisely, to resist impersonation attacks, the true identity of the vehicle stored in the tamper-proof device (TPD) is frequently updated, having a short period of validity. Since the MapToPoint hash function and a large number of cryptography operations are not employed, simulation results show that the proposed SE-CPPA scheme outperforms the existing schemes in terms of computation and communication costs. Finally, the proposed SE-CPPA scheme reduces the computation costs of signing the message and verifying the message by 99.95% and 35.93%, respectively. Meanwhile, the proposed SE-CPPA scheme reduces the communication costs of the message size by 27.3%.

Privacy-Preserving Scheme in the Blockchain Based on Group Signature with Multiple Managers

Group signature can provide the privacy-preserving authentication mechanism for the blockchain. In the traditional blockchain privacy-preserving scheme based on the group signature, there is only one group manager to revoke the anonymity. Thus, the traditional scheme will have single point of failure and key escrow problems. To solve these problems, we propose a privacy-preserving scheme in the blockchain based on the group signature with multiple managers. Our scheme is constructed based on bilinear pairing and the technique of distributed key generation. Finally, we analyze the application of the proposed scheme in the field of blockchain-based provable data possession (PDP), as well as the correctness and security of the scheme.

A Fair and Privacy-Preserving Image Trading System Based on Blockchain and Group Signature

With the rise of digital images in our daily lives, there is a growing need to provide an image trading market where people can monetize their images and get desired images at prices that fit their budget. Those images are usually uploaded and stored onto centralized image trading service providers’ servers and the transactions for image trading are processed by these providers. Unfortunately, transaction unfairness and users’ privacy breaches have become major concerns since the service providers might be untrusted and able to manipulate image trading prices and infer users’ private information. Recently, several approaches have been proposed to address the unfairness issue by using the decentralized ledger technique and smart contract, but users’ privacy protection is not considered. In this paper, we propose a fair and privacy-preserving protocol that supports image fair exchange and protect user privacy. In particular, we exploit blockchain and Merkle tree to construct a fair image trading protocol with low communication overhead based on smart contract, which serves as an external judge that resolves disputes between buyers and sellers in image transactions. Moreover, we extend a popular short group signature scheme to protect users’ identity privacy, prevent linkability of transactions from being inferred, and ensure traceability of malicious users who may sell fake images and/or refuse to pay. Finally, we design and build a practical and open-source image trading system to evaluate the performance of our proposed protocol. Experimental results demonstrate its effectiveness and efficiency in real-world applications.