Edge-Cloud Collaborative Searchable Attribute-Based Signcryption Approach for Internet of Vehicles
-
摘要: 动态开放的网络环境使车联网难免遭受窃听、数据篡改和伪造,传统云计算因高延迟难以满足海量数据的实时性需求,安全性和性能之间固有冲突制约着车联网发展。为了解决上述问题,该文专为车联网设计出边云协同可搜索属性签密方法,可允许授权用户无需解密密文,就能通过云端快速匹配机制高效检索所需信息。利用边缘计算下沉计算能力到网络边缘,协同云服务器、边缘服务器和车载终端设备共同工作。通过属性签密和线性秘密共享机制的融合,实现车联网数据的细粒度访问控制,更好保障数据的安全性。针对车载设备资源受限问题,解签密过程中的复杂运算外包给高性能边缘节点处理,减轻了车载终端的运算负担且提升了响应速度,能够很好适应车联网这种动态的资源受限复杂环境。Abstract:
Objective Dynamic and open environment of IoV brings the challenges for data security and real-time performance. Massive data interactions are vulnerable to malicious eavesdropping, tampering, forgery and replay attacks. Traditional cloud computing has inherent high latency and fails to meet millisecond-level real-time IoV demands, this leads to inefficient data transmission and potential traffic accident. Balancing of data security and real-time performance is critical bottleneck for large-scale deployment of IoV. Methods Edge-cloud collaborative searchable attribute-based signcryption method is proposed for IoV, it establishes multi-layer architecture including the cloud servers, edge servers and in-vehicle terminal devices. Access control is enforced by hybrid key and ciphertext policy from attribute-based signcryption and LSSS. To mitigate local decryption burden, bilinear operations are outsourced to edge nodes. SM9 is employed for trapdoor generation and signature authentication. Proposed method has the confidentiality, signature unforgeability and trapdoor unforgeability. Results and Discussions Our method has the superiority in IoV edge-cloud collaborative architecture for searchable attribute-based signcryption ( Tables 1 and4 ). Functional characteristics are inTable 1 .Figure 2 shows the change trend of total time as the number of attributes increases; total time of our method increases slightly but the growth rate is very slow; for effective outsourcing of intensive computing tasks to edge nodes, our method reduces local computing burden on user terminals. This calculation optimization is quantified by OE exceeding 96% (Table 4 ,Fig.5 ). Our method achieves an instantaneous retrieval capability by optimizing the search complexity to O(1) (Fig.4 ) using hash index. E2E search latency is controlled to acceptable level in IoV applications (Table 6 ), verifying its applicability for real-time data access. Known fromFigure 3 , with the increase of the number of attributes, the variation range of ciphertext size of our method is the smallest.Conclusions Our method achieves fine-grained access control, data confidentiality, integrity, and unforgeability, and it exhibits the advantages in computation and communication efficiency. By computation offloading mechanism, our method effectively addresses the resource constraints of on-board devices for dynamic, resource-sensitive and real-time IoV environments. -
表 2 运算符号说明(ms)
符号及含义 执行一次双线性对操作: $ 1{T}_{\mathrm{p}} $ 执行一次指数操作:$ {1T}_{\mathrm{e}} $ 执行一次乘法操作:$ 1{T}_{\mathrm{m}} $ 执行一次哈希函数操作:$ 1{T}_{\mathrm{h}} $ 耗时 4.843 7.941 0.043 0.003 
下载: 导出CSV
表 3 计算开销分析
对比方法 总体时间开销 密文大小 文献[9] $ (4+4n){T}_{\mathrm{e}}+3{T}_{\mathrm{m}}+{T}_{\mathrm{h}}+{T}_{\mathrm{p}} $ $ \left(\begin{matrix}2n+7\\ \end{matrix}\right)\left| {G}_{1}\right| $ 文献[10] $ {(6n+10)T}_{\mathrm{e}}+{T}_{\mathrm{m}}+2{T}_{\mathrm{p}}+(3n+2){T}_{\mathrm{h}} $ $ 4\left| {Z}_{p}\right| +6\left| {G}_{1}\right| +\left(n+1\right)\left| {G}_{\mathrm{T}}\right| $ 文献[11] $ {\left(3n+7\right){{T}_{\mathrm{e}}}+3T}_{\mathrm{h}}+(n+5){T}_{\mathrm{m}}+4{T}_{\mathrm{p}} $ $ 2\left| {Z}_{p}\right| +(2n+3)\left| {G}_{1}\right| $ ECCSABSCM $ 2{T}_{\mathrm{e}}+\left(4n+9\right){T}_{\mathrm{m}}+(n+4{)T}_{\mathrm{p}}+(2n+5){T}_{\mathrm{h}} $ $ \left| {Z}_{p}\right| +\left(n+2\right)\left| {G}_{1}\right| +2\left| {G}_{2}\right| $
下载: 导出CSV
表 4 解签密计算任务外包效率分析
属性数量 $ 10 $ $ 30 $ $ 50 $ 70 90 $ {T}_{\mathrm{t}}(\text{ms}) $ 108.71 306.66 504.64 702.63 900.60 $ {T}_{\mathrm{r}}(\text{ms}) $ 16.66 20.92 25.18 29.44 33.70 $ \text{OE}(\% ) $ 84.67 93.18 95.01 95.81 96.26
下载: 导出CSV
表 5 端到端搜索延迟构成(ms)
属性数量 $ 10 $ $ 30 $ $ 50 $ 70 90 $ {T}_{\text{Calc}} $ 137.31 337.86 538.43 738.99 939.55 $ {T}_{\text{Comm}} $ 80.00 80.00 80.00 80.00 80.00 $ {T}_{\mathrm{E}2\mathrm{E}} $ 217.31 417.86 618.43 818.99 1019.55
下载: 导出CSV
-
[1] LIU Jianhang, XUE Kunlei, MIAO Qinghai, et al. MCVCO: Multi-MEC cooperative vehicular computation offloading[J]. IEEE Transactions on Intelligent Vehicles, 2024, 9(1): 813–826. doi: 10.1109/TIV.2023.3299381. [2] HADDAJI A, AYED S, and CHAARI FOURATI L. IoV security and privacy survey: Issues, countermeasures, and challenges[J]. The Journal of Supercomputing, 2024, 80(15): 23018–23082. doi: 10.1007/s11227-024-06269-5. [3] TANG Chaogang, CHEN Wei, ZHU Chunsheng, et al. When cache meets vehicular edge computing: Architecture, key issues, and challenges[J]. IEEE Wireless Communications, 2022, 29(4): 56–62. doi: 10.1109/MWC.202.2100159. [4] QUAN Haoyu, ZHANG Qingmiao, and ZHAO Junhui. Federated learning assisted intelligent IoV mobile edge computing[J]. IEEE Transactions on Green Communications and Networking, 2025, 9(1): 228–241. doi: 10.1109/TGCN.2024.3421357. [5] DAMSGAARD H J, OMETOV A, and NURMI J. Approximation opportunities in edge computing hardware: A systematic literature review[J]. ACM Computing Surveys, 2023, 55(12): 252. doi: 10.1145/3572772. [6] 董裕民, 张静, 谢昌佐, 等. 云边端架构下边缘智能计算关键问题综述: 计算优化与计算卸载[J]. 电子与信息学报, 2024, 46(3): 765–776. doi: 10.11999/JEIT230390.DONG Yumin, ZHANG Jing, XIE Changzuo, et al. A survey of key issues in edge intelligent computing under cloud-edge-terminal architecture: Computing optimization and computing offloading[J]. Journal of Electronics & Information Technology, 2024, 46(3): 765–776. doi: 10.11999/JEIT230390. [7] DENG Ningzhi, DENG Shaojiang, HU Chunqiang, et al. An efficient revocable attribute-based signcryption scheme with outsourced unsigncryption in cloud computing[J]. IEEE Access, 2020, 8: 42805–42815. doi: 10.1109/ACCESS.2019.2963233. [8] YU Huifang and BAI Xiaoping. Identity-based searchable attribute signcryption in lattice for a blockchain-based medical system[J]. Frontiers of Information Technology & Electronic Engineering, 2024, 25(3): 461–471. doi: 10.1631/FITEE.2300248. [9] 牛淑芬, 王卫芳, 董润园, 等. 云边协同下支持等值测试的属性基广播签密方案[J]. 计算机科学与探索, 2025, 19(8): 2241–2250. doi: 10.3778/j.issn.1673-9418.2410023.NIU Shufen, WANG Weifang, DONG Runyuan, et al. Attribute-based broadcast signcryption scheme with equivalence testing support under cloud-edge collaboration[J]. Journal of Frontiers of Computer Science and Technology, 2025, 19(8): 2241–2250. doi: 10.3778/j.issn.1673-9418.2410023. [10] 牛淑芬, 周思玮, 吕锐曦, 等. 医疗社交网络中基于云计算的属性基签密方案[J]. 电子与信息学报, 2023, 45(3): 884–893. doi: 10.11999/JEIT220070.NIU Shufen, ZHOU Siwei, LÜ Ruixi, et al. Attribute-base signcryption scheme based on cloud computing in mobile medical social network[J]. Journal of Electronics & Information Technology, 2023, 45(3): 884–893. doi: 10.11999/JEIT220070. [11] ELTAYIEB N, ELHABOB R, HASSAN A, et al. A blockchain-based attribute-based signcryption scheme to secure data sharing in the cloud[J]. Journal of Systems Architecture, 2020, 102: 101653. doi: 10.1016/j.sysarc.2019.101653. [12] 万云飞, 彭长根, 谭伟杰, 等. 基于国密SM9的边云协同属性基签密方案[J]. 信息安全研究, 2025, 11(2): 115–121. doi: 10.12379/j.issn.2096-1057.2025.02.03.WAN Yunfei, PENG Changgen, TAN Weijie, et al. Edge cloud collaborative attribute-based signcryption scheme based on state secret SM9[J]. Journal of Information Security Research, 2025, 11(2): 115–121. doi: 10.12379/j.issn.2096-1057.2025.02.03. [13] 王惠, 王峥. 工业物联网中基于区块链的属性基签密方案[J]. 计算机工程与设计, 2024, 45(10): 2888–2896. doi: 10.16208/j.issn1000-7024.2024.10.002.WANG Hui and WANG Zheng. Attribute based signcryption scheme based on blockchain in industrial internet of things[J]. Computer Engineering and Design, 2024, 45(10): 2888–2896. doi: 10.16208/j.issn1000-7024.2024.10.002. [14] 赖建昌, 黄欣沂, 何德彪, 等. 国密SM9数字签名和密钥封装算法的安全性分析[J]. 中国科学: 信息科学, 2021, 51(11): 1900–1913. doi: 10.1360/SSI-2021-0049.LAI Jianchang, HUANG Xinyi, HE Debiao, et al. Security analysis of SM9 digital signature and key encapsulation[J]. Scientia Sinica Informationis, 2021, 51(11): 1900–1913. doi: 10.1360/SSI-2021-0049. [15] QIAO Zirui, CAO Lei, ZHU Yasi, et al. DADD: Direct authentication with vehicles from different domains[J]. IEEE Transactions on Intelligent Transportation Systems, 2025, 26(10): 16811–16825. doi: 10.1109/TITS.2025.3575535. -
图(5) / 表(5)
计量
- 文章访问数: 52
- HTML全文浏览量: 19
- PDF下载量: 9
- 被引次数: 0
下载:
