Improving Vehicular Network Authentication with Teegraph: A Hashgraph-Based Efficiency Approach
Abstract
1. Introduction
- Harnesses Trusted Execution Environments (TEEs): The algorithm leverages hardware-based assurances to enforce the self-parent only-once rule, preventing fork attacks at the event level.
- Employs a DAG and optimized gossip protocol: This rapidly disseminates events and achieves local consensus without global coordination, reducing the number of communication rounds [5].
- Dynamically adapts consensus parameters: This tunes gossip intervals and neighbor selection based on traffic density and VANET topological changes.
- Implements a resource-saving mechanism: This halts gossip transmission once all pending transactions have been confirmed, reducing bandwidth and storage usage.
2. Related Work
- Transaction packaging within trusted enclaves;
- Random neighbor selection and event dissemination via gossip;
- Local DAG updates and vote computation;
- On-demand cessation of gossip once all pending transactions are confirmed.
3. System Model: Existing Framework, Advantages, and Limitations
Complexity Reduction Through HASHGRAPH
4. Teegraph System Architecture
4.1. Core Consensus Mechanism
- Its self-parent, the immediately preceding event in the same column;
4.1.1. DAG Structure and Gossip
4.1.2. Parallel Event Exchange
4.1.3. Vote Tally and Finalization
4.1.4. Algorithmic Workflow
Algorithm 1 TEE-backed gossip and local consensus. |
Require: Local DAG , event queue Transmission thread (parallel):
Reception & consensus thread (parallel):
|
4.2. TEE-Based Security Enhancements
Algorithm 2 TEE-enforced single-use self-parent. |
Require: Event , stored hash Ensure: Signed event or
|
4.3. Decentralized Identity Management
4.4. Privacy-Preserving Queries
4.5. Performance and Adaptation Features
4.5.1. Resource-Saving Mechanism
4.5.2. Teegraph Correction
4.5.3. VANET-Adaptation Pseudocode
Algorithm 3 Teegraph adaptation for VANET environments. |
Require: Communication range, traffic density, vehicle speed, geo-routing algorithm Ensure: Performance metrics
|
5. Proposed Scenario
- The Adaptive Gossip layer continuously selects gossip peers based on instantaneous traffic density and vehicle speed measurements, maximizing dissemination speed while maintaining robustness under partitioning [11].
- The resource-saving mechanism invokes pauseGossip() as soon as the local DAG consensus confirms all outstanding events, reducing redundant message propagation and storage by approximately 40% [13].
- AuthManager: Monitors RSU handovers, requests new pseudonyms from the TA, and securely stores them in the enclave.
- CommManager: Validates incoming events, invokes the Safety Prioritization and Adaptive Gossip modules, appends and signs new DAG events, and triggers resource-saving checks.
- Scenario Controller Algorithm
Algorithm 4 VANET–Teegraph scenario controller. |
Require: communicationRange, trafficDensity, vehicleSpeed Ensure: continuous, secure node operation Initialization:
|
Experimental Setup
6. Results and Evaluation
6.1. Probability of Dropout (POL)
Algorithm 5 POL simulation. |
Require: RSU range r, speed v, rekeying interval , runs N Ensure: Estimated dropout probability
|
6.2. Key-Transfer Latency and Throughput
- Throughput: Sustained throughput exceeds 550 events/s, outperforming Hashgraph (420 events/s) and PBFT (200 events/s) thanks to parallel gossip and compact aggregate signatures [35].
- Resource usage: CPU utilization on RSUs remains below 65% versus 85% for Hashgraph, owing to the resource-saving gossip halt when all transactions are confirmed [34].
Metric | VANET-Teegraph | Hashgraph | PBFT |
---|---|---|---|
Latency (ms) | 58 | 92 | 135 |
Throughput (events/s) | 550 | 420 | 200 |
CPU utilization (%) | 65 | 85 | 90 |
6.3. Experiments for TEE
Algorithm 6 TEE benchmarking procedure. |
Require: Payload count N, thread count T, payload size S in bytes Ensure: Timing arrays: signingTimes[], verificationTimes[]
Parallel Signing:
|
6.4. Latency Under Varying Network Delays
6.5. Visualization: Experiments for Performance and Latency Assessment
6.5.1. Scenario 1: Node-Count Scaling
6.5.2. Scenario 2: Scalability to 150 Nodes
6.5.3. Scenario 3: Network-Latency Resilience
6.5.4. Scenario 4: Fault Churn and “Fail-Skip”
6.6. Validation of Encrypted Query Performance (TELEX/HeX)
- Query latency: Time from token creation to result verification.
- Bandwidth overhead: Size of encrypted index lookups and verifiable proofs.
- CPU utilization: Enclave and host CPU load during query processing.
6.7. vDID Authentication Latency Reduction
- End-to-end authentication latency: From handover initiation to RSU acceptance.
- RSU CPU load: Peak and average utilization during bursts.
- Network messages: Number of TA lookups versus on-ledger DID checks.
7. Discussion
8. Conclusions and Future Research
- Integrating modular Byzantine-fault-tolerant libraries to streamline state replication.
- Adopting decentralized identity frameworks for enhanced interoperability.
- Embedding AI/ML models for real-time tuning of gossip parameters.
- Exploring hybrid edge–cloud architectures for offloading intensive consensus tasks.
- Extending security evaluations to advanced adversarial models.
- Conducting real-world prototyping and interoperability testing against ITS standards.
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Conflicts of Interest
References
- Lu, Z.; Shu, W.; Li, Y. An Anti-Collision Algorithm for Self-Organizing Vehicular Ad-Hoc Network Using Deep Learning. IEEE Trans. Intell. Transp. Syst. 2023, 25, 2779–2791. [Google Scholar] [CrossRef]
- Sedar, R.; Vázquez-Gallego, F.; Casellas, R.; Vilalta, R.; Muñoz, R.; Silva, R.; Dizambourg, L.; Fernández Barciela, A.E.; Vilajosana, X.; Datta, S.K.; et al. Standards-Compliant Multi-Protocol On-Board Unit for the Evaluation of Connected and Automated Mobility Services in Multi-Vendor Environments. Sensors 2021, 21, 2090. [Google Scholar] [CrossRef]
- Lo, W.; Alqahtani, H.; Thakur, K.; Almadhor, A.; Chander, S.; Kumar, G. A Hybrid Deep Learning Based Intrusion Detection System Using Spatial-Temporal Representation of In-Vehicle Network Traffic. Veh. Commun. 2022, 35, 100471. [Google Scholar] [CrossRef]
- Mahmood, J.; Duan, Z.; Yang, Y.; Wang, Q.; Nebhen, J.; Bhutta, M.N.M. Security in Vehicular Ad Hoc Networks: Challenges and Countermeasures. Secur. Commun. Netw. 2021, 2021, 9997771. [Google Scholar] [CrossRef]
- Lamport, L.; Schneider, F.B. Verifying Hyperproperties With TLA. In Proceedings of the 2021 IEEE 34th Computer Security Foundations Symposium (CSF), Dubrovnik, Croatia, 21–25 June 2021; pp. 1–16. [Google Scholar] [CrossRef]
- AlMarshoud, M.; Sabir Kiraz, M.; Al-Bayatti, A.H. Security, Privacy, and Decentralized Trust Management in VANETs: A Review of Current Research and Future Directions. ACM Comput. Surv. 2024, 56, 1–39. [Google Scholar] [CrossRef]
- Ilyas, I.; Din, I.U.; Alourani, A.; Ashraf, M.U. Lightweight Consortium Blockchain-Enabled Secured Vehicular ad Hoc Network Using Certificateless Conditional Privacy-Preserving Authentication Mechanism. PLoS ONE 2024, 19, e0310267. [Google Scholar] [CrossRef] [PubMed]
- Guo, Z.; Pan, H.; He, A.; Dai, Y.; Huang, X.; Si, X.; Yuen, C.; Zhang, Y. Trusted Execution Environments for Blockchain: Towards Robust, Private, and Scalable Distributed Ledgers. IEEE Internet Things J. 2025. [Google Scholar] [CrossRef]
- Corradini, F.; Marcelletti, A.; Morichetta, A.; Polini, A.; Re, B.; Tiezzi, F. A Flexible Approach to Multi-party Business Process Execution on Blockchain. Future Gener. Comput. Syst. 2023, 147, 219–234. [Google Scholar] [CrossRef]
- Lind, J.; Naor, O.; Eyal, I.; Kelbert, F.; Sirer, E.G.; Pietzuch, P. Teechain: A Secure Payment Network with Asynchronous Blockchain Access. In Proceedings of the 28th USENIX Security Symposium (USENIX Security 19), Santa Clara, CA, USA, 14–16 August 2019; pp. 1235–1252. [Google Scholar] [CrossRef]
- Liu, C.; Guo, H.; Xu, M.; Wang, S.; Yu, D.; Yu, J.; Cheng, X. Extending On-Chain Trust to Off-Chain – Trustworthy Blockchain Data Collection Using Trusted Execution Environment (TEE). IEEE Trans. Comput. 2022, 71, 3268–3280. [Google Scholar] [CrossRef]
- Wu, H.; Yue, C.; Zhang, L.; Li, Y.; Imran, M.A. When Distributed Consensus Meets Wireless Connected Autonomous Systems: A Review and A DAG-based Approach. IEEE Netw. 2024, 39, 261–269. [Google Scholar] [CrossRef]
- Jha, S.; Jha, N.; Prashar, D.; Ahmad, S.; Alouffi, B.; Alharbi, A. Integrated IoT-based secure and efficient key management framework using hashgraphs for autonomous vehicles to ensure road safety. Sensors 2022, 22, 2529. [Google Scholar] [CrossRef]
- Alkhalifa, I.S.; Almogren, A.S. Enhancing Security and Scalability in Vehicular Networks: A Bayesian DAG Blockchain Approach with Edge-Assisted RSU. IEEE Access 2024, 12, 116558–116571. [Google Scholar] [CrossRef]
- Mukathe, D.; Di, W.; Ahmed, W.; Worku, T. Blockchain-Powered Authenticated Key Agreement Scheme With Reputation-Incentive Mechanism for Vehicle-to-Vehicle Communication in IoV. IEEE Internet Things J. 2025. [Google Scholar] [CrossRef]
- Sarker, A.; Byun, S.; Fan, W.; Chang, S.-Y. Blockchain-Based Root of Trust Management in Security Credential Management System for Vehicular Communications. In Proceedings of the 36th Annual ACM Symposium on Applied Computing, Virtual, 22–26 March 2021; pp. 223–231. [Google Scholar] [CrossRef]
- Wang, W.; Hoang, D.T.; Hu, P.; Xiong, Z.; Niyato, D.; Wang, P.; Wen, Y.; Kim, D.I. A Survey on Consensus Mechanisms and Mining Strategy Management in Blockchain Networks. IEEE Access 2019, 7, 22328–22370. [Google Scholar] [CrossRef]
- Wang, Y.; Yuan, L.; Jiao, W.; Qiang, Y.; Zhao, J.; Yang, Q.; Li, K. A Fast and Secured Vehicle-to-Vehicle Energy Trading Based on Blockchain Consensus in the Internet of Electric Vehicles. IEEE Trans. Veh. Technol. 2023, 72, 7827–7843. [Google Scholar] [CrossRef]
- Al-Shareeda, M.A.; Anbar, M.; Manickam, S.; Hasbullah, I.H. A Secure Pseudonym-Based Conditional Privacy-Preservation Authentication Scheme in Vehicular Ad Hoc Networks. Sensors 2022, 22, 1696. [Google Scholar] [CrossRef] [PubMed]
- Al-Shareeda, M.A.; Anbar, M.; Manickam, S.; Hasbullah, I.H. Towards Identity-Based Conditional Privacy-Preserving Authentication Scheme for Vehicular Ad Hoc Networks. IEEE Access 2021, 9, 113226–113238. [Google Scholar] [CrossRef]
- Saha, S.; Kumar, V.V.; Niveditha, V.R.; Kannan, V.A.; Gunasekaran, K.; Venkatesan, K. Cluster-Based Protocol for Prioritized Message Communication in VANET. IEEE Access 2023, 11, 67434–67442. [Google Scholar] [CrossRef]
- Kong, M.; Zhao, J.; Sun, X.; Nie, Y. Secure and Efficient Computing Resource Management in Blockchain-Based Vehicular Fog Computing. China Commun. 2021, 18, 115–125. [Google Scholar] [CrossRef]
- Azam, F.; Yadav, S.K.; Priyadarshi, N.; Padmanaban, S.; Bansal, R.C. A comprehensive review of authentication schemes in vehicular ad-hoc network. IEEE Access 2021, 9, 31309–31321. [Google Scholar] [CrossRef]
- Fei, S.; Yan, Z.; Xie, H.; Liu, G. Sec-E2E: End-to-end communication security in LS-HetNets based on blockchain. IEEE Trans. Netw. Sci. Eng. 2023, 11, 761–778. [Google Scholar] [CrossRef]
- Weber, J.S.; Neves, M.; Ferreto, T. VANET simulators: An updated review. J. Braz. Comput. Soc. 2021, 27, 8. [Google Scholar] [CrossRef]
- Wu, H.; Tang, Y.; Shen, Z.; Tao, J.; Lin, C.; Peng, Z. TELEX: Two-Level Learned Index for Rich Queries on Enclave-based Blockchain Systems. IEEE Trans. Knowl. Data Eng. 2025, 37, 4299–4313. [Google Scholar] [CrossRef]
- Wang, W.; Hu, B.; Peng, Z.; Zhong, M.; Zhang, Z.; Liu, Z.; Zhang, G.; Zhou, J. GARCIA: Powering Representations of Long-tail Query with Multi–granularity Contrastive Learning. In Proceedings of the 2023 IEEE 39th International Conference on Data Engineering (ICDE), Anaheim, CA, USA, 3–7 April 2023; pp. 3182–3195. [Google Scholar] [CrossRef]
- Chen, Y.; Zhang, Y.; Zhuang, Y.; Miao, K.; Pouriyeh, S.; Han, M. Efficient and Secure Blockchain Consensus Algorithm for Heterogeneous Industrial Internet of Things Nodes Based on Double-DAG. IEEE Trans. Ind. Inform. 2024, 20, 6300–6312. [Google Scholar] [CrossRef]
- Zhang, J.; Gao, J.; Wang, K.; Wu, Z.; Li, Y.; Guan, Z.; Chen, Z. TBFT: Efficient Byzantine Fault Tolerance Using Trusted Execution Environment. In Proceedings of the ICC 2022-IEEE International Conference on Communications, Seoul, Republic of Korea, 16–20 May 2022; pp. 1004–1009. [Google Scholar] [CrossRef]
- W3C Credentials Community Group. Decentralized Identifiers (DIDs) v1.0. 2022. Available online: https://www.w3.org/TR/did-core/ (accessed on 22 July 2025).
- Hyperledger Aries Community. Aries Cloud Agent Python (ACAPy). 2021. Available online: https://github.com/hyperledger/aries-cloudagent-python (accessed on 22 July 2025).
- Valadares, D.C.G.; Sobrinho, Á.A.d.C.C.; Perkusich, A.; Gorgonio, K.C. Formal Verification of a Trusted Execution Environment-Based Architecture for IoT Applications. IEEE Internet Things J. 2021, 8, 17199–17210. [Google Scholar] [CrossRef]
- Ren, Y.; Chen, X.; Guo, S.; Guo, S.; Xiong, A. Blockchain-Based VEC Network Trust Management: A DRL Algorithm for Vehicular Service Offloading and Migration. IEEE Trans. Veh. Technol. 2021, 70, 8148–8160. [Google Scholar] [CrossRef]
- Lang, P.; Tian, D.; Duan, X.; Zhou, J.; Sheng, Z.; Leung, V.C.M. Blockchain-Based Cooperative Computation Offloading and Secure Handover in Vehicular Edge Computing Networks. IEEE Trans. Intell. Veh. 2023, 8, 3839–3853. [Google Scholar] [CrossRef]
- Teoh, B.P.C. Navigating the blockchain trilemma: A supply chain dilemma. In Advanced Maritime Technologies and Applications: Papers from the ICMAT 2021; Springer: Cham, Switzerland, 2022; pp. 291–300. [Google Scholar] [CrossRef]
- Chen, X.; Ma, T.; Er-Rahmadi, B.; Hillston, J.; Yuan, G. Parallel Byzantine Consensus Based on Hierarchical Architecture and Trusted Hardware. IEEE Trans. Dependable Secur. Comput. 2024, 21, 5493–5508. [Google Scholar] [CrossRef]
- Fei, S.; Yan, Z.; Ding, W.; Xie, H. Security Vulnerabilities of SGX and Countermeasures: A Survey. ACM Comput. Surv. 2021, 54, 1–36. [Google Scholar] [CrossRef]
Framework | Description |
---|---|
Veins (SUMO + ns-3) | SUMO generates vehicle mobility (100 vehicles/km2 urban grid); ns-3 simulates IEEE 802.11p communications. |
Custom Python Simulator | Models each OBU/RSU as a thread generating events at interval r, propagating in p ms, and executing Teegraph consensus and query protocols. |
Component | Specification |
---|---|
CPU | Intel® Core™ i7 (8th Gen) with SGX support |
Memory | 8 GB RAM |
Enclave execution | Python ThreadPoolExecutor with 16 worker threads inside SGX enclaves for signing/verification workloads |
Parameter | Value/Range |
---|---|
Vehicle density | 100 vehicles/km2 |
Node counts | 4–50 for baseline consensus; up to 150 for scalability tests |
Network latency () | Fixed at 200 ms; randomized in [200, 500] ms; or swept from 200 ms to 2 s |
Fault injection | Up to 30% Byzantine nodes; “fail-skip” timeout of 500 ms |
Metric | Definition |
---|---|
(throughput) | Number of events committed per second. |
(consensus latency) | Mean time from event creation to local confirmation. |
Authentication latency | Time from RSU handover initiation to successful vehicle authentication. |
Query latency | Time from encrypted query token generation to proof verification (TELEX/HeX). |
CPU utilization | Host and enclave CPU load during peak consensus and query operations. |
Probability of dropout (POL) | Likelihood that a vehicle leaves a key-change zone before rekeying completes. |
Signing (ms) | Verification (ms) | |||
---|---|---|---|---|
System | Median | P99 | Median | P99 |
VANET–Teegraph | 1.2 | 2.0 | 0.9 | 1.5 |
MinBFT | 2.8 | 4.0 | 1.6 | 2.5 |
Query Type | Median Latency (ms) | P99 Latency (ms) | Bandwidth (KB) |
---|---|---|---|
Range (time window) | 450 | 780 | 8.2 |
Keyword (region tag) | 320 | 550 | 6.5 |
Metric | TA Model | vDID Model |
---|---|---|
Median latency (ms) | 80 | 56 |
P99 latency (ms) | 150 | 105 |
Avg. RSU CPU load (%) | 70 | 56 |
TA lookup messages/node | 1.0 | 0.1 |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2025 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Cádiz, R.J.; Nicolas-Sans, R.; Tamámes, J.F. Improving Vehicular Network Authentication with Teegraph: A Hashgraph-Based Efficiency Approach. Sensors 2025, 25, 4856. https://doi.org/10.3390/s25154856
Cádiz RJ, Nicolas-Sans R, Tamámes JF. Improving Vehicular Network Authentication with Teegraph: A Hashgraph-Based Efficiency Approach. Sensors. 2025; 25(15):4856. https://doi.org/10.3390/s25154856
Chicago/Turabian StyleCádiz, Rubén Juárez, Ruben Nicolas-Sans, and José Fernández Tamámes. 2025. "Improving Vehicular Network Authentication with Teegraph: A Hashgraph-Based Efficiency Approach" Sensors 25, no. 15: 4856. https://doi.org/10.3390/s25154856
APA StyleCádiz, R. J., Nicolas-Sans, R., & Tamámes, J. F. (2025). Improving Vehicular Network Authentication with Teegraph: A Hashgraph-Based Efficiency Approach. Sensors, 25(15), 4856. https://doi.org/10.3390/s25154856