Let’s Talk About Privacy Protection Technology in Internet of Vehicles
2024.10.10
1. Introduction
As people's economic living standards continue to improve, the transportation industry has been vigorously developed. The scale of my country's automobile market is constantly expanding, and the proportion of families or individuals owning private cars is increasing year by year. According to statistics from the Ministry of Public Security, by the end of 2023, my country's motor vehicle ownership will reach 435 million, of which 336 million will be cars; the number of motor vehicle drivers will reach 523 million, of which 486 million will be car drivers; the number of newly registered motor vehicles in 2023 will be 34.8 million, of which 24.56 million will be newly registered cars [1]. The sharp increase in the number of motor vehicles has led to serious congestion on urban roads and frequent traffic accidents, causing loss of life and property to the country and the people. According to past data from the China Statistical Yearbook, about 60,000 people die in traffic accidents in my country every year, and the direct property losses caused by traffic accidents are between 1.04 billion and 1.45 billion yuan [2]. In order to improve the level of traffic management, ensure driving safety, and improve driving experience, vehicle networking technology has emerged. The Internet of Vehicles (IoV) technology is supported by wireless communication technology. Through the sensor equipment, on-board equipment and communication modules on the vehicle, it realizes low-latency and high-reliability communication between vehicles, vehicles and people, vehicles and road infrastructure, vehicles and networks, and vehicles and everything else. It can thus mine important traffic environment information, effectively monitor the operation status of vehicles according to different functional requirements, and provide comprehensive services [3][4]. The classic IoV communication structure reference model is shown in Figure 1.
Communication in the Internet of Vehicles is mainly carried out in wireless channels, and the openness and inclusiveness of wireless channels make them vulnerable to various security attacks [5]. On the one hand, some criminals can carry out contactless remote attacks on vehicles, such as arbitrarily controlling the vehicle's windows, rearview mirrors, music players, etc., and even causing the car to suddenly accelerate, brake, and turn while driving, which poses a serious threat to the driver's life safety. In August 2015, security researchers Charlie Miller and Chris Valasek demonstrated how they remotely hacked into a moving Jeep Compass SUV and controlled the vehicle's key systems, including the engine, transmission, brakes, and steering. This intrusion was carried out by exploiting a vulnerability in Chrysler's Uconnect vehicle system. The incident eventually prompted Chrysler to announce the recall of 1.4 million related models. On the other hand, each smart connected car has the ability to collect and transmit data, and can obtain sensitive information such as the owner's identity, driving trajectory, driving habits, address book, and call content. Once this information is obtained by attackers, it is easy to increase the probability of committing crimes, such as vehicle theft, harassment, kidnapping, etc. Therefore, data privacy protection of the Internet of Vehicles has always been one of the important research directions of the Internet of Vehicles. This paper first introduces the classification of privacy protection in the Internet of Vehicles, and then focuses on the Internet of Vehicles privacy protection technology based on blockchain.
2. Background
2.1 Privacy Protection in Internet of Vehicles
According to the object of privacy protection, Internet of Vehicles privacy protection can be divided into three types: identity privacy protection[6], location privacy protection[7] and trajectory privacy protection[8].
(1) Identity privacy protection
Identity privacy protection is to ensure that users' personal identity information is not illegally obtained and used when using Internet of Vehicles services. Commonly used methods include the following:
- Anonymous authentication technology: protect user identity through anonymous identity and use pseudonym change technology to periodically change user identity tags.
- Digital certificates and digital signatures: Use digital certificates, digital signatures, and data encryption technology based on commercial encryption to achieve secure communication between the in-vehicle information interaction system and external devices.
- Based on homomorphic encryption and blockchain technology: By using homomorphic encryption technology in blockchain, data can be processed and analyzed without leaking the original data, effectively protecting user privacy.
(2) Location privacy protection
Location privacy protection is to ensure that the vehicle's location information is not illegally obtained and used when users use Internet of Vehicles services. Commonly used methods include the following:
- Personalized location privacy protection scheme based on differential privacy: By defining a normalized decision matrix to describe the efficiency and privacy effect of the navigation recommendation route, the multi-attribute theory is introduced to establish a utility model, and the user's privacy preference is integrated into the model to select the most efficient driving route. In addition, considering the user's privacy preference needs, the distance ratio is used as a measurement indicator to allocate a suitable privacy budget for the user and determine the range of false location generation.
- Based on clustering and deep learning: The temporal and spatial features of the trajectory are extracted through the temporal graph convolutional network (T-GCN) model, and combined with differential privacy technology, an appropriate amount of noise is added to the data to achieve privacy protection and resist background knowledge attacks.
- Based on homomorphic encryption and blockchain technology: same-identity privacy protection.
(3) Trajectory privacy protection
The collection of vehicle trajectory data helps to alleviate the pressure of traffic management systems in terms of traffic congestion and tracking of vehicles involved in accidents. Therefore, research related to vehicle trajectory privacy protection has attracted widespread attention. Some scholars use homomorphic encryption technology to achieve trajectory privacy protection by sharing keys between vehicles. However, this method of sharing keys has limitations and can only be applied to environments with high vehicle density. Other scholars have proposed a trajectory privacy strategy using multiple mixed areas. By constantly changing pseudonyms, the pseudonyms are made unlinkable, protecting the privacy of vehicle trajectories. In addition, some scholars have proposed a route reporting scheme with privacy protection, which uses a combination of homomorphic encryption and error checking and correction technology to hide and aggregate vehicle paths. It not only protects the driver's trajectory privacy, but also prevents collusion attacks between malicious vehicles.
In addition, according to the implementation mechanism of privacy protection, Internet of Vehicles privacy protection can be divided into three types: anonymity-based privacy protection, fuzziness-based privacy protection, and encryption-based privacy protection.
(1) Privacy protection based on anonymity/pseudonymity
The privacy protection mechanism based on anonymity is to hide the real identity/location of the vehicle anonymously to protect the identity/location privacy of the user[9]. The k-anonymity technology[10] is often used in the privacy protection mechanism based on anonymity. Its core idea is to perform k-anonymization on the identity/location of the user. According to the maximum entropy principle, k suitable vehicles with the closest historical request probability are found, and the real vehicle is hidden in these k vehicles, thereby protecting the identity or location privacy of the vehicle. However, in the privacy protection mechanism based on anonymity, a trusted third-party anonymous server (such as CA) is generally required. Due to the existence of the third-party anonymous server, the privacy protection mechanism based on anonymity is only suitable for centralized applications. Moreover, when the number of users is large, the anonymous server is prone to bottleneck effect, which seriously affects the service response time and user satisfaction; when the number of users is small, it is difficult for the anonymous server to achieve k-anonymization in a short time, resulting in the failure of the privacy protection mechanism based on anonymity.
(2) Privacy protection based on fuzziness
In the privacy protection mechanism based on fuzziness, the method of changing data attributes is usually adopted to protect user privacy. False data is directly used for communication, so as not to disclose the real data information of the user. For example, random data perturbation technology is used to add random noise to the actual data of the user. Since the privacy protection mechanism based on fuzziness will produce a large information loss, it will seriously affect the service quality of the Internet of Vehicles. Therefore, in the actual application of the Internet of Vehicles, the privacy protection mechanism based on fuzziness is generally not adopted to protect user privacy.
(3) Privacy protection based on encryption
The privacy protection mechanism based on encryption is an important means of information protection. Commonly used encryption technologies include: group signature, bilinear mapping, public key infrastructure encryption, and elliptic curve encryption. However, the privacy protection mechanism based on encryption has high performance requirements on the user's terminal device, such as storage and computing power.
2.2 Internet of Vehicles Blockchain:
In 2008, a person with the pseudonym Satoshi Nakamoto first proposed blockchain technology in the article “Bitcoin: A Peer-to-Peer Electronic Cash System”. Blockchain technology is a data storage architecture that includes computer technologies such as distributed data storage, peer-to-peer transmission, consensus mechanism, and encryption algorithm. It can effectively reduce data management costs, improve work efficiency, and protect data integrity[11].
The core features of blockchain include:
(1) Decentralization
Blockchain does not rely on centralized management agencies or hardware facilities, and data is maintained by multiple nodes in the network.
(2) Cannot be tampered with
Once data is written to the blockchain, it cannot be changed or deleted, ensuring the integrity and authenticity of the data.
(3) Transparency
Data on the blockchain is open to all network participants, ensuring a high degree of transparency.
(4) Security
Protect data using encryption technology to prevent unauthorized access and tampering.
(5) Traceability
Every transaction on the blockchain is recorded, and the source and flow of assets can be traced.
Blockchain is essentially a chain data structure. It uses asymmetric cryptographic algorithms, consensus mechanisms, distributed storage and other methods to make the data stored on the chain difficult to be tampered with and deleted[12]. Due to the above excellent characteristics, blockchain has brought technological innovation to the Internet of Vehicles industry. The combination of the two has become one of the current hot topics for research institutions, organizations and companies at home and abroad[13]. The entities and technologies in the Internet of Vehicles blockchain form a hierarchical architecture as shown in Figure 2. The specific technologies at each level are introduced as follows:
Figure 2: IoV blockchain hierarchy
Architecture
(1) Application layer
The highest layer in the Internet of Vehicles system mainly refers to the layer for analysis and application based on Internet of Vehicles data. This layer can process and analyze the data of vehicles and traffic infrastructure to realize applications such as auto insurance services and risk assessment. The main function of the Internet of Vehicles application layer is to provide real-time, accurate and useful traffic information to car owners, traffic management departments and other relevant organizations to improve traffic safety and efficiency.
(2) Blockchain layer
The data management and exchange layer implemented by blockchain technology in the Internet of Vehicles system can encrypt, store, verify and exchange data of vehicles and road facilities, thereby improving the security, reliability and transparency of data. The main function of the Internet of Vehicles blockchain layer is to provide a decentralized data exchange platform, based on technologies such as smart contracts and cross-chain mechanisms, to make data exchange between vehicles and transportation infrastructure safer, more reliable and more efficient.
(3) Network layer
The network architecture and communication protocols in the Internet of Vehicles system are mainly responsible for transmitting the data collected by the perception layer to the application layer for processing and analysis. Network communication between vehicles mainly refers to the communication between vehicles and transportation infrastructure. This communication requires the use of specific protocols and technologies, including vehicle-to-vehicle communication, vehicle-road cooperative communication, and vehicle-to-infrastructure communication, to achieve information exchange and coordinated driving between vehicles.
(4) Perception layer
The most basic layer of the Internet of Vehicles system is mainly responsible for collecting data from vehicles and traffic infrastructure, including information such as vehicle location, speed, status and environment, so as to realize the perception and monitoring of traffic conditions. The perception layer is usually composed of devices such as GPS, mobile phones and sensors, which can be installed on vehicles and traffic infrastructure, and communicate with vehicles and traffic management centers to transmit traffic data in real time. The data of the perception layer can be transmitted to the Internet of Vehicles system center through on-board communication equipment or wireless networks for data processing and analysis, providing a more scientific basis for traffic management.
3. Internet of Vehicles Privacy Protection Technology Based on Blockchain
Internet of Vehicles privacy protection can prevent the leakage of sensitive information of vehicles/users. At present, Internet of Vehicles identity privacy protection mostly adopts anonymous authentication schemes, and location privacy protection mostly adopts fuzzy, mixed area, k-anonymous schemes. However, the above schemes do not solve the problems of single point failure and unstable services. Blockchain records the transactions of all parties in a distributed, transparent and tamper-proof manner, providing a new solution for Internet of Vehicles privacy protection. Existing Internet of Vehicles privacy protection research based on blockchain mainly includes identity privacy protection and location privacy protection.
(1) Vehicle identity privacy protection based on blockchain
The research on vehicle identity privacy protection based on blockchain is mainly divided into two categories: anonymous authentication-based and pseudonym-based.
① Vehicle identity privacy protection based on anonymous authentication
Existing vehicle identity privacy schemes based on anonymous authentication mostly use encryption, noise addition, mixing and other methods to process identity identification, so that malicious nodes cannot obtain the real identity of the vehicle. However, centralized anonymous authentication schemes are prone to central entity performance bottlenecks and single point failure problems. To address this problem, reference [14] proposed that drivers obtain public and private keys and system keys based on vehicle information after registering with the root trust institution, and store biometrics such as fingerprints in the root blockchain, thereby effectively protecting the real identity of the vehicle. Reference [15] proposed a lightweight anonymous authentication scheme based on blockchain and fog computing for vehicle fog services. The vehicle randomly selects an integer as part of the private key from the system parameters of the audit department based on the additive cyclic group of the elliptic curve, and uses the private key to encrypt the identity information and send it to the audit department. The audit department uses its own public key to encrypt the identity information to ensure the privacy of the real identity of the vehicle.
② Vehicle identity privacy protection based on pseudonym authentication
The vehicle identity privacy protection scheme based on blockchain and pseudonym authentication uses an unforgeable block structure to store and distribute the vehicle's pseudo-identity to ensure the reliability and privacy of authentication. Reference [16] proposes that a trust agency randomly generates a one-time pseudonym hidden identity identification code for vehicle communication based on elliptic curve parameters to achieve privacy protection of vehicle identity, and uses a consortium blockchain to review and verify edge communication data, and records the verified data in the blockchain to ensure data traceability. Reference [17] proposes a private chain composed of TAs to store real identities and pseudo-identities for VANET to support identity authentication in a specific area and ensure the privacy and reliability of identity authentication; at the same time, a local chain composed of RSUs stores event messages such as traffic congestion to ensure the security of message dissemination.
(2) Vehicle location privacy protection based on blockchain
Currently, in the research on vehicle location privacy protection based on blockchain, encryption-based and k-anonymity-based schemes have become the mainstream research hotspots.
① Vehicle location privacy protection based on encryption
Encryption-based location privacy protection uses encryption algorithms to encrypt the vehicle's location information, making it difficult for other nodes to obtain the vehicle's true location information. Reference [18] proposed using blockchain to achieve distributed location privacy protection for vehicle-based spatial crowdsourcing applications.
② Vehicle location privacy protection based on k-anonymity
The location privacy protection based on k-anonymity uses the locations of k participants to construct an anonymous invisible area, so that the vehicle can contact at least "k-1" participants in the anonymous invisible area, effectively protecting the location privacy of the vehicle. Reference [19] proposes that the vehicle registers on the RA to obtain a pseudonym and initial trust value, and stores it on the RSU blockchain in the form of a transaction bill so that the vehicle can query the trust value at any time. When constructing the invisible area, the vehicle combines the historical trust record based on the Dirichlet distribution and the current behavior to calculate the trust value of the cooperative vehicle, and sends the vehicle's expired pseudonym and new trust value to the RSU, realizing the vehicle location privacy in the process of building a trusted invisible area.
4. Conclusion
With the vigorous development of Internet of Vehicles technology, more and more vehicle data involve information exchange and sharing between different fields. In this context, the privacy protection of Internet of Vehicles data has become one of the current research hotspots. This paper first introduces the classification of Internet of Vehicles privacy protection, and then focuses on the Internet of Vehicles privacy protection technology based on blockchain. Overall, the current Internet of Vehicles privacy protection technology still has some shortcomings. Only by continuously exploring more efficient and robust privacy protection technologies can we provide a strong guarantee for the sustainable development of the Internet of Vehicles.
References
[1] The number of motor vehicles in China has reached 435 million, the number of drivers has reached 523 million, and the number of new energy vehicles has exceeded 20 million [R]. Ministry of Public Security website. 2024.
[2] National Bureau of Statistics of the People’s Republic of China. China Statistical Yearbook[M]. Beijing: China Statistics Press, 2020.
[3]Olteanu AM,Humbert M,Huguenin K,et al.The(Co-) location Sharing Game[J].Proceedings on Privacy Enhancing Technologies,2019,2019(2):5-25.
[4]Zhang J, Yang F, Ma Z, et al.A Decentralized Location Privacy-Preserving Spatial Crowdsourcing for Internet of Vehicles[J]. IEEE Transactions on Intelligent Transportation Systems, 22[2024-08-29].
[5]Li Y, Tao X, Zhang X, et al. Privacy-Preserved Federated Learning for Autonomous Driving[J]. IEEE Transactions on Intelligent Transportation Systems, 2021, PP(99):1-12.
[6]Jie C,Wenyu X,Hong Z,et al.Privacy-Preserving Authentication Using a Double Pseudonym for Internet of Vehicles[J].Sensors,2018,18(5):1453-.
[7]Tyagi AK,Sreenath N.Location privacy preserving techniques for location based services over road networks[C]//2015 International Conference on Communications and Signal Processing (ICCSP).IEEE,2015.
[8] Zhang S, Wang G, Liu Q, et al. A trajectory privacy-preserving scheme based on query exchange in mobile social networks [J]. Soft Computing, 2017.
[9]Takabi H,Joshi JBD,Karimi H AA collaborative k-anonymity approach for location privacy in location-based services[C]//International Conference on Collaborative Computing: Networking.IEEE,2009.
[10]Frster D.Decentralized Enforcement of k-Anonymity for Location Privacy Using Secret Sharing[J].Springer Fachmedien Wiesbaden,2017.
[11] Cai Xiaoqing, Deng Yao, Zhang Liang, Shi Jiuchen, Chen Quan, Zheng Wenli, Liu Zhiqiang, Long Yu, Wang Kun, Li Chao, Guo Minyi. Blockchain principles and core technologies[J]. Chinese Journal of Computers, 2021, 44(01): 84-131.
[12]Ii JPH,Vachino M E.Blockchain Compliance With Federal Cryptographic Information-Processing Standards[J].IEEE Security and Privacy Magazine,2020,18(1):65-70.
[13] Lu Pengcheng, Feng Jing, Cai Libing, Si Yanfeng. Research on security protection and technology development trends of Internet of Vehicles[I]. Confidentiality Science and Technology, 2021, (07): 4-10.
[14]Noh J, Jeon S, Cho S. Distributed Blockchain-Based Message Authentication Scheme for Connected Vehicles[J]. Electronics, 2020, 9(1):74-.
[15]Yao Y, Chang
[16]Mei Q, Xiong H, Zhao Y, et al.Toward Blockchain-Enabled IoV with Edge Computing: Efficient and Privacy-Preserving Vehicular Communication and Dynamic Updating[C]//2021 IEEE Conference on Dependable and Secure Computing (DSC) .IEEE,2021.
[17]Guehguih B, Lu H.Blockchain-Based Privacy-Preserving Authentication and Message Dissemination Scheme for VANET[J].2019.
[18] Zhang J, Yang F, Ma Z, et al. A Decentralized Location Privacy-Preserving Spatial Crowdsourcing for Internet of Vehicles[J]. IEEE Transactions on Intelligent Transportation Systems, 2020, PP(99):1-15.
[19]Bin Luo, Xinghua Li, Jian Weng, et al. Blockchain Enabled Trust-Based Location Privacy Protection Scheme in VANET[J]. IEEE Transactions on Vehicular Technology, 2020, 69(2): 2034-2048.