# A Reliable and Privacy-Preserving Vehicular Energy Trading Scheme Using Decentralized Identifiers

^{1}

^{2}

^{*}

## Abstract

**:**

## 1. Introduction

_{2}emissions, electric vehicles (EVs) have become critical as a primary mode of transportation by offering emission-free operation. However, the widespread distribution of EVs is creating problems for EV users, who are limited in time and space to charge their EVs. To address these issues and ensure smooth travel for EV users, it is necessary to expand the EV charging infrastructure, which may involve converting existing fossil fuel gas stations into electric-only charging stations and/or constructing new charging stations [1,2].

#### 1.1. Motivation

#### 1.2. Contributions

- •
- We propose a reliable and privacy-preserving vehicular energy trading scheme using decentralized identifiers (DIDs) and verifiable credential (VC) technologies. The energy purchaser’s DID is not revealed during the authentication process at the reservation phase. Additionally, completed transaction information is not recorded in a public ledger but in VCs.
- •
- In order to ensure reliability in energy trading, the initial VC shared during the reservation phase is incomplete. When the transaction parties successfully perform the energy trade, the signature of the CS is added to the VC, and it becomes valid.
- •
- We analyze the proposed scheme using an ROR model and AVISPA simulation for demonstrating it resists malicious attacks and attains security features.
- •
- We compare the performance and security features of the proposed scheme and related works to showcase the security and efficiency of our approach.

## 2. Related Work

#### 2.1. Decentralized Energy Trading System for Electric Vehicles

- •
**Elimination of single points of failure**: In a centralized system, all information is processed through a central authority, creating a vulnerability. Blockchain decentralizes transaction processing, reducing the risk of system-wide failure due to a single compromised node.- •
**Data integrity and immutability**: Blockchain records transactions in a manner that ensures data cannot be tampered with. This immutability is crucial for maintaining accurate and trustworthy records in EV energy trading systems, which allows for robust auditing and accountability.- •
**Enhanced security through decentralization**: By distributing transactions across a network of nodes, blockchain-based systems are inherently more secure against cyber-attacks. Encrypted data and consensus-based verification methods provide additional layers of protection.- •
**Increased trust and transparency**: In a blockchain-based system, all participants can view the transaction history, which enhances transparency. This transparency builds trust among users, as they can independently verify the accuracy and legitimacy of transactions.

#### 2.2. Privacy Protection and Reliability Research for Decentralized Energy Trading Systems

## 3. Preliminaries

#### 3.1. Elliptic Curve Cryptosystem (ECC)

- Elliptic curve discrete logarithm problem (ECDLP): given a base point G and point $A=\alpha \xb7G$, it is difficult to find the $\alpha \in {\mathbb{Z}}_{p}$ in probability polynomial time.
- Elliptic curve decisional Diffie–Hellman problem (ECDDHP): given a base points G and two points $A=\alpha \xb7G$ and $B=\beta \xb7G$, it is difficult to compute ${Q}_{1}=\alpha \xb7\beta \xb7G$ in probability polynomial time.

#### 3.2. Elliptic Curve Pedersen Commitment

- Setup: Let G be a random generator point on ${E}_{p}(a,b)$ and $H={x}_{H}\xb7G$ be a chosen generator point, where ${x}_{H}\in {Z}_{p}$. The trusted authority publishes $(p,{E}_{p}(a,b),G,H)$.
- Commit: The committer creates a commitment C; $x,r\in {Z}_{p}$ are random numbers, and $C(x,r)=x\xb7G+r\xb7H$, where $C(x,r)$ represents a dedicated value created by the committer.
- Open: To confirm the authenticity of C, the committer reveals x and r, and the verifier checks if $C=x\xb7G+r\xb7H$.

#### 3.3. Decentralized Identifiers (DIDs)

#### 3.4. Verifiable Credentials (VCs)

## 4. Proposed Model

**Electric vehicles (EVs)**: EVs embedded with OBU devices can communicate with external entities through dedicated short range communication (DSRC) or wireless access in vehicular environment (WAVE) and store data securely. Bidirectional EVs can purchase energy (charge) from electric vehicle supply equipment (EVSE) and sell energy to external loads (discharge). In this paper, we refer to the first vehicle as the energy purchaser and the second vehicle as the energy seller.**Energy seller (ES)**: To sell surplus energy, the ES generates a bid containing the selling price, transaction time, energy volume, and other relevant information; then, it sends it to other EVs via the RSU. When the ES receives a message from an EP seeking to reserve an energy transaction, it verifies the message and shares the incomplete credentials and session key with the EP. Subsequently, the ES transfers energy and commitment to the promised CS according to the credential information and then completes the credentials by adding the signature received from the CS.**Energy purchaser (EP)**: After selecting the optimal bid price, the EP sends a reservation message to the ES to plan energy trading. In the reservation phase, the EP shares incomplete credentials and a session key with the ES. When the EP arrives at the promised CS, the EP proves its commitment to the ES using the session key. If the proof is correct, the ES gets the energy stored in the CS.In this paper, RSU only provides a wide range of wireless communication services to EVs.**Smart charging stations (CSs)**: CSs are equipped with battery energy storage and a communication module for EV charging services. The CS receives the commitment and energy from the ES and stores it. The stored energy is passed on to the EP, who proves the same commitment. CSs are a type of semi-trusted authority. Even if the charging station is attacked by a malicious attacker, there is no advantage to the attacker because the charging station does not have specific information about the energy trading.**Blockchain**: The proposed energy trading system utilizes a public blockchain. Public blockchains are fully decentralized infrastructures, allowing all nodes on the network to easily participate without the intervention of a trusted authority and preventing single points of failure. To ensure that all participants in the system agree on a single source of truth, consensus algorithms are employed. In our system, this source comprises DID documents rather than energy trading information between EVs.

## 5. Proposed Scheme

#### 5.1. Initialization Phase

#### 5.2. DID Generation Phase

#### 5.3. Submitting Bids Phase

**Step 1:**$E{S}_{i}$ user enters identity $I{D}_{i}$ and password $P{W}_{i}$ and computes $h\left(I{D}_{i}\right|\left|P{W}_{i}\right)$, ${b}_{i}^{*}={A}_{i}\oplus h(I{D}_{i}\left|\right|P{W}_{i})$, $HP{W}_{i}^{*}=h(P{W}_{i}\left|\right|{b}_{i}^{*})$, ${B}_{i}^{*}=h(I{D}_{i}\left|\right|HP{W}_{i}^{*}\left|\right|{b}_{i}^{*})$. Then, $E{S}_{i}$ verifies whether ${B}_{i}\stackrel{?}{=}{B}_{i}^{*}$. If it matches, $E{S}_{i}$ generates a random number ${x}_{i}\in {Z}_{p}$ and a current timestamp ${T}_{i}$ and computes ${X}_{i}={x}_{i}\xb7G$, $HM{S}_{1}=h(amoun{t}_{i}\left|\right|pric{e}_{i}\left|\right|DI{D}_{i}\left|\right|ex{t}_{i}\left|\right|{T}_{i})$, signature ${\delta}_{i}={x}_{i}+HM{S}_{i}\xb7S{K}_{i}$, and a bid $bi{d}_{i}=\{amoun{t}_{i},pric{e}_{i},{X}_{i},DI{D}_{i},ex{t}_{i}\}$ to sell surplus energy, where $amoun{t}_{i},pric{e}_{i},ex{t}_{i}$ denote an amount of energy to sell, a selling price, an expiration time for the transaction, respectively. $E{S}_{i}$ propagates $\{bi{d}_{i},{\delta}_{i},{T}_{i}\}$.**Step 2:**$E{P}_{j}$ checks the freshness of timestamp $|{T}_{2}-{T}_{1}|\le \u25b5T$ and uses $DI{D}_{i}$ to retrieve the corresponding DID document. Then, $E{P}_{j}$ computes $HM{S}_{1}^{*}=h(amoun{t}_{i}\left|\right|$$pric{e}_{i}\left|\right|DI{D}_{i}\left|\right|ex{t}_{i}\left|\right|{T}_{i})$ and checks whether ${\delta}_{i}\xb7G={X}_{i}+HM{S}_{1}^{*}\xb7P{K}_{i}$. It is essential for $E{P}_{j}$ to select the best bid and, at the same time, check the validity of the bid.

#### 5.4. Reservation Phase

**Step 1:**$E{P}_{j}$ inputs $I{D}_{j}$ and $P{W}_{j}$ and then computes $h\left(I{D}_{j}\right|\left|P{W}_{j}\right)$, ${b}_{j}^{*}={A}_{j}\oplus h(I{D}_{j}\left|\right|P{W}_{j})$, $HP{W}_{j}^{*}=h(P{W}_{j}\left|\right|{b}_{j}^{*})$, ${B}_{j}^{*}=h(I{D}_{j}\left|\right|HP{W}_{j}^{*}\left|\right|{b}_{j}^{*})$. $E{S}_{j}$ checks ${B}_{j}\stackrel{?}{=}{B}_{j}^{*}$. If it is valid, $E{P}_{j}$ generates a random number ${y}_{j}$ and a timestamp ${T}_{3}$ and computes ${Y}_{j}={y}_{j}\xb7G$, $E{K}_{ij}=h({y}_{j}\xb7{X}_{i})$, $E{M}_{1}=E{K}_{ij}\oplus (bil{l}_{i},DI{D}_{j})$, $Sym{K}_{E{S}_{i}-E{P}_{j}}=h({X}_{i}\xb7s{k}_{j}\left|\right|{y}_{j}\xb7P{K}_{i})$, $HM{P}_{1}=h(bil{l}_{i}\left|\right|{T}_{3}\left|\right|{Y}_{j}\left|\right|Sym{K}_{E{S}_{i}-E{P}_{j}})$, ${\delta}_{j}={y}_{j}+HM{P}_{1}\xb7S{K}_{j})$. Then, $E{P}_{j}$ sends $\{E{M}_{1},{Y}_{j},{\delta}_{j},{T}_{3}\}$ to $E{S}_{i}$.**Step 2:**$E{S}_{i}$ checks the timestamp ${T}_{3}$ and computes $E{K}_{ij}=h({x}_{i}\xb7{Y}_{j})$, $(bil{l}_{i},DI{D}_{j})=E{M}_{1}\oplus E{K}_{ij}$. Then, $E{S}_{i}$ retrieves $DI{D}_{j}$’s document using $DI{D}_{j}$ to obtain $P{K}_{j}$ and computes $Sym{K}_{E{S}_{i}-E{P}_{j}}=h({x}_{i}\xb7P{K}_{j}\left|\right|{Y}_{j}\xb7S{K}_{i})$, $HM{P}_{1}^{*}=h(bil{l}_{i}\left|\right|{T}_{3}\left|\right|{Y}_{j}\left|\right|Sym{K}_{E{S}_{i}-E{P}_{j}})$. $E{S}_{i}$ verifies the signature ${\delta}_{j}$ through ${\delta}_{j}\xb7G\stackrel{?}{=}{Y}_{j}+HM{P}_{1}^{*}\xb7P{K}_{j}$.**Step 3:**When $E{S}_{i}$ and $E{P}_{j}$ select the optimal charging station $G{S}_{z}$ for energy trading, $E{S}_{i}$ generates a temporary credential $VC{t}_{rsv}$ recording a signature and information about the negotiated transaction and sends $VC{t}_{rsv}$ encrypted with $Sym{K}_{E{S}_{i}-E{P}_{j}}$ to $E{P}_{j}$.**Step 4:**$E{P}_{j}$ decrypts the $En{c}_{SymK}\left(VC{t}_{rsv}\right)$ using $Sym{K}_{E{S}_{i}-E{P}_{j}}$ and verifies the signature of $E{S}_{i}$ recorded in $VC{t}_{rsv}$. After that, $E{P}_{j}$ adds payment information and a signature to $VC{t}_{rsv}$. Then, $E{P}_{j}$ sends $VC{t}_{rsv}^{*}$ encrypted with $Sym{K}_{E{S}_{i}-E{P}_{j}}$ to $E{S}_{i}$ and stores $VC{t}_{rsv}^{*}$.**Step 5:**$E{S}_{i}$ decrypts $En{c}_{SymK}\left(VC{t}_{rsv}^{*}\right)$ using $Sym{K}_{E{S}_{i}-E{P}_{j}}$ and verifies the signature of $E{P}_{j}$ recorded in $VC{t}_{rsv}^{*}$. Then, $E{S}_{i}$ stores $VC{t}_{rsv}^{*}$.

#### 5.5. Charging Phase

#### 5.5.1. $E{S}_{i}$ Discharging

**Step 1:**$E{S}_{i}$ generates an ${n}_{i}\in {Z}_{p}$ and a timestamp ${T}_{5}$. Next, $E{S}_{i}$ computes ${N}_{i}={n}_{i}\xb7G$, $A{K}_{iz}={n}_{i}\xb7P{K}_{z}$, $HIF=h\left(inf\right|\left|pay\right)$, $Com=Sym{K}_{E{S}_{i}-E{P}_{j}}\xb7G+HIF\xb7H$, $ES{M}_{1}=A{K}_{iz}\oplus \left(HIF\right||DI{D}_{i}\left|\right|Com)$, ${\delta}_{i2}={n}_{i}+h\left(HIF\right|\left|Com\right||{N}_{i}\left|\right|{T}_{5})\xb7S{K}_{i}$ and sends $\{ES{M}_{1},$${N}_{i},{\delta}_{i2},{T}_{5}\}$ to $G{S}_{z}$**Step 2:**$G{S}_{z}$ checks the freshness of the ${T}_{5}$ and calculates $A{K}_{iz}={N}_{i}\xb7S{K}_{z}$, $\left(HIF\right||DI{D}_{i}$$\left|\right|Com)=ES{M}_{1}\oplus A{K}_{iz}$. If ${\delta}_{i2}\xb7G={N}_{i}+h\left(HIF\right|\left|Com\right||{N}_{i}\left|\right|{T}_{5})\xb7P{K}_{i}$ matches, $G{S}_{z}$ generates $Si{g}_{s{k}_{z}}\left(HIF\right)$ and sends $ES{M}_{2}=A{K}_{iz}\oplus Si{g}_{s{k}_{z}}\left(HIF\right)$ to $E{S}_{i}$.**Step 3:**$E{S}_{i}$ calculates $Si{g}_{s{k}_{z}}\left(HIF\right)=ES{M}_{2}\oplus A{K}_{iz}$ and verifies $Si{g}_{s{k}_{z}}\left(HIF\right)$ using $G{S}_{z}$’s public key. If the signature is valid, $E{S}_{i}$ records $Si{g}_{s{k}_{z}}\left(HIF\right)$ in $V{C}_{rsv}^{*}$ and transmits vehicular energy and $price$ to $G{S}_{z}$.**Step 4:**$G{S}_{z}$ stores $\{Com,price\}$ in a database and energy in battery storage.

#### 5.5.2. $E{P}_{j}$ Charging

**Step 1:**$E{P}_{j}$ generates random numbers ${m}_{j}$, ${l}_{j}\in {Z}_{j}$ and timestamps ${T}_{7}$ and computes ${M}_{j}={m}_{j}\xb7G$, ${L}_{j}={l}_{j}\xb7H$, $EP{M}_{1}={M}_{j}+{L}_{j}$, $A{K}_{jz}={m}_{j}\xb7P{K}_{z}$, $HIF=h\left(Inf\right|\left|pay\right)$, $Co{m}^{*}=Sym{K}_{E{S}_{i}-E{P}_{j}}\xb7G+HIF\xb7H$, $EP{M}_{2}=A{K}_{jz}\oplus \left(HIF\right||Co{m}^{*}\left|\right|EP{M}_{1})$, $EP{M}_{3}=h\left(HIF\right||Co{m}^{*}\left|\right|EP{M}_{1}\left|\right|{T}_{7}\left|\right|{M}_{j})$. Then, $E{P}_{j}$ sends $\{EP{M}_{2},EP{M}_{3},{M}_{j},{T}_{7}\}$ to $C{S}_{z}$.**Step 2:**After receiving the message from $E{P}_{j}$, $C{S}_{z}$ verifies the freshness of the message. $C{S}_{z}$ calculates $A{K}_{jz}={M}_{j}\xb7S{K}_{z}$, $\left(HIF\right||Co{m}^{*}\left|\right|EP{M}_{1})=EP{M}_{2}\oplus A{K}_{iz}$, $EP{M}_{3}^{*}=h\left(HIF\right|\left|Com\right||EP{M}_{1}\left|\right|{T}_{7}\left|\right|{M}_{j})$ and checks whether $EP{M}_{3}\stackrel{?}{=}EP{M}_{3}^{*}$ is correct. If it is correct, $C{S}_{z}$ retrieves $Com$ and sends a random number ${e}_{z}\in {Z}_{p}$ to $E{P}_{j}$.**Step 3:**$E{P}_{j}$ computes $\alpha ={m}_{j}+e\xb7Sym{K}_{E{S}_{i}-E{P}_{j}}$, $\beta ={l}_{j}+e\xb7HIF$ and submits $\{\alpha ,\beta \}$ to $C{S}_{z}$**Step 4:**If $\alpha \xb7G+\beta \xb7H\stackrel{?}{=}EP{M}_{1}+Com$ is correct, $C{S}_{z}$ generates $Si{g}_{s{k}_{z}}\left(HIF\right)$, $EP{M}_{4}=A{K}_{iz}\oplus Si{g}_{s{k}_{z}}\left(HIF\right)$ and transfers $\left\{EP{M}_{4}\right\},Energy$ to $E{P}_{j}$.**Step 5:**$E{P}_{j}$ calculates $Si{g}_{s{k}_{z}}\left(HIF\right)=EP{M}_{4}\oplus A{K}_{jz}$ and verifies $Si{g}_{s{k}_{z}}\left(HIF\right)$ using $G{S}_{z}$’s public key. If the signature is valid, $E{P}_{j}$ records $Si{g}_{s{k}_{z}}\left(HIF\right)$ in $V{C}_{rsv}^{*}$.

## 6. Security Analysis

#### 6.1. Informal Analysis

- Impersonation attack: Malicious attackers can attempt to impersonate a legitimate vehicle. However, as mentioned in Section 3.1, due to ECDLP and ECDDHP, attackers find it challenging to compute the vehicle’s private key $S{K}_{x}$ and session key $Sym{K}_{E{S}_{i}-E{P}_{j}}$, making it difficult to impersonate a legitimate vehicle. Therefore, the proposed scheme is secure against an impersonation attack.
- Replay attack: Attackers can intercept messages transmitted over a public channel and resend or delay them to obtain sensitive information or to execute other security attacks. However, since messages transmitted over the public channel include timestamps and random numbers, recipients can verify the freshness of the message. Therefore, the proposed scheme is secure against replay attacks.
- Man-in-the-middle (MITM) attack: Attackers can participate in communication between two legitimate vehicles during the reservation phase to collect valuable information about the users and to later attempt to forge messages using this information. However, due to the use of one-way hash functions, random numbers, and timestamps, the integrity and freshness of the message is ensured. Additionally, since signatures ${\delta}_{x}$ are generated using private keys $S{K}_{x}$, attackers cannot create valid authentication messages. Therefore, the proposed scheme is secure against a man-in-the-middle attack.
- Confidentiality: In the proposed scheme, the DID of the energy purchaser is not exposed in order to conceal transactions between the energy seller and purchaser. However, the DID of the energy seller is exposed to publicly verify the legitimacy of the seller and invoices. Additionally, the charging station, which manages the energy received from the energy seller, provides energy only to vehicles that present the correct commitment $Com$, thus not requiring information about the energy purchaser. Moreover, only the parties involved in the energy transaction possess verifiable credentials to prove their participation.
- Reliability: To ensure the reliability of energy transactions between two vehicles in the proposed scheme, both vehicles share verifiable credentials during the reservation phase. These credentials are not valid until they obtain the signature from the charging station. As both vehicles successfully delegate and accept energy through the charging station, they can complete their credentials by obtaining the signature value from the charging station. Therefore, the proposed scheme provides reliability to energy traders so that they can proceed with the normal energy trading process.
- Mutual authentication: $E{S}_{i}$ and $E{P}_{j}$ authenticate each other. $E{S}_{i}$ authenticates $E{P}_{j}$ by checking whether ${\delta}_{j}\xb7G\stackrel{?}{=}{Y}_{j}+HM{P}_{1}^{*}\xb7P{K}_{j}$ is correct during the reservation phase. $E{P}_{j}$ authenticates $E{S}_{i}$ by verifying whether ${\delta}_{i}\xb7G\stackrel{?}{=}{X}_{i}+HM{S}_{1}^{*}\xb7P{K}_{i}$ is correct during the submitting bids phase. Therefore, the proposed scheme ensures mutual authentication.

#### 6.2. Formal Analysis

#### 6.2.1. ROR model

**Theorem 1.**

**Proof.**

**Game 0:**${G}_{0}$ is considered to be $\mathcal{A}$’s real attacks in our proposed scheme. $\mathcal{A}$ picks a random bit c at the beginning of ${G}_{0}$. Then, we obtain the following equation:$$Ad{v}_{\mathcal{A}}\left(t\right)=|2Pr\left[Suc{c}_{{G}_{0}}\right]-1|.$$**Game 1:**${G}_{1}$ indicates that $\mathcal{A}$ executes an eavesdropping attack, in which the transmitted messages are intercepted between ${\mathcal{P}}_{ES}^{t1}$ and ${\mathcal{P}}_{EP}^{t2}$. For this game, $\mathcal{A}$ executes a $Execute({\mathcal{P}}_{ES}^{t},{\mathcal{P}}_{EP}^{t})$ query to obtain the communicated messages. After the end of this game, $\mathcal{A}$ carries out $Reveal$, and $Test$ queries to compromise session key $Sym{K}_{E{S}_{i}-E{P}_{j}}$. To derive $Sym{K}_{E{S}_{i}-E{P}_{j}}$, $\mathcal{A}$ needs the short-term secret values ${x}_{i}$ and ${y}_{j}$ and private keys $S{K}_{i}$ and $S{K}_{j}$. Hence, $\mathcal{A}$’s probability of winning ${G}_{1}$ by eavesdropping on the messages does not increase. Therefore, we obtain the result as follows:$$Pr\left[Suc{c}_{{G}_{1}}\right]=Pr\left[Suc{c}_{{G}_{0}}\right].$$**Game 2:**${G}_{2}$ is considered to be active/passive attacks by executing $Send$ and $Hash$ queries to find hash collision. $\mathcal{A}$ can intercept the transmitted messages from the submitting bids phase to the reservation phase. The intercepted messages are safeguarded by the collision-resistant one-way hash function $h(\xb7)$. Furthermore, $\mathcal{A}$ tries to derive $Sym{K}_{E{S}_{i}-E{P}_{j}}=h({x}_{i}\xb7P{K}_{j}\left|\right|{Y}_{j}\xb7S{K}_{i})=h({X}_{i}\xb7s{k}_{j}\left|\right|{y}_{j}\xb7P{K}_{i})$ by using intercepted messages. However, $\mathcal{A}$ needs to break the ECDDHP (defined in Section 3.1) in polynomial time t, which is a computationally infeasible problem for $\mathcal{A}$ to derive $Sym{K}_{E{S}_{i}-E{P}_{j}}$. By applying the ECDDHP and the birthday paradox result, we obtain the inequality$$|Pr\left[Suc{c}_{{G}_{1}}\right]-Pr\left[Suc{c}_{{G}_{2}}\right]|\le \frac{{q}_{hash}^{2}}{2\left|Hash\right|}+\phantom{\rule{3.33333pt}{0ex}}Ad{v}_{\mathcal{A}}^{ECDDHP}\left(t\right).$$

#### 6.2.2. AVISPA Simulation

## 7. Performance Analysis

#### 7.1. Security Features

#### 7.2. Computation Cost Analysis

#### 7.3. Communication Cost Analysis

## 8. Conclusions

## Author Contributions

## Funding

## Data Availability Statement

## Conflicts of Interest

## References

- Global EV Outlook: Understanding the Electric Vehicle Landscapeto. 2020. Available online: https://www.ourenergypolicy.org/wp-content/uploads/2013/09/GlobalEVOutlook_2013.pdf (accessed on 8 April 2024).
- Electric Car Demand Growing, Global Market Hits 740,000 Units. Available online: https://cleantechnica.com/2015/03/28/ev-demand-growing-global-market-hits-740000-units/ (accessed on 8 April 2024).
- Mouli, G.R.C.; Kefayati, M.; Baldick, R.; Bauer, P. Integrated PV charging of EV fleet based on energy prices, V2G and offer of reserves. IEEE Trans. Smart Grid
**2019**, 10, 1313–1325. [Google Scholar] [CrossRef] - Zhong, W.; Xie, K.; Liu, Y.; Yang, C.; Xie, S. Topology-aware vehicle-to-grid energy trading for active distribution systems. IEEE Trans. Smart Grid
**2019**, 10, 2137–2147. [Google Scholar] [CrossRef] - Alvaro-Hermana, R.; Fraile-Ardanuy, J.; Zufiria, P.J.; Knapen, L.; Janssens, D. Peer to peer energy trading with electric vehicles. IEEE Intell. Transp. Syst. Mag.
**2016**, 8, 33–44. [Google Scholar] [CrossRef] - Shurrab, M.; Singh, S.; Otrok, H.; Mizouni, R.; Khadkikar, V.; Zeineldin, H. An efficient vehicle-to-vehicle (V2V) energy sharing framework. IEEE Internet Things J.
**2021**, 9, 5315–5328. [Google Scholar] [CrossRef] - Umesh, B.S.; Khadkikar, V.M.; Zeineldin, H.; Singh, S.; Otrok, H.; Mizouni, R. Direct electric vehicle to vehicle (V2V) power transfer using on-board drivetrain and motor windings. IEEE Trans. Ind. Electron.
**2021**, 69, 10765–10775. [Google Scholar] - Global EV Outlook. 2020. Available online: https://www.iea.org/reports/global-ev-outlook-2020 (accessed on 8 April 2024).
- Electric Vehicle Market by Component, Vehicle (Passenger Cars, CV), Propulsion (BEV, PHEV, FCEV), Vehicle Drive Type (FWD, RWD, AWD), Vehicle Top Speed (<125 mph, >125 mph), Charging Point, Vehicle Class, V2G, Region-Global Forecast 2030. Available online: https://www.marketsandmarkets.com/Market-Reports/electric-vehicle-market-209371461.html (accessed on 8 April 2024).
- Chekired, D.A.; Khoukhi, L.; Mouftah, H.T. Fog-computing-based energy storage in smart grid: A cut-off priority queuing model for plug-in electrified vehicle charging. IEEE Trans. Ind. Inform.
**2020**, 16, 3470–3482. [Google Scholar] [CrossRef] - Zhang, P.; Qian, K.; Zhou, C.; Stewart, B.G.; Hepburn, D.M. A methodology for optimization of power systems demand due to electric vehicle charging load. IEEE Trans. Power Syst.
**2012**, 27, 1628–1636. [Google Scholar] [CrossRef] - Chen, J.; Zhang, Y.; Su, W. An anonymous authentication scheme for plug-in electric vehicles joining to charging/discharging station in vehicle-to-Grid (V2G) networks. China Commun.
**2015**, 12, 9–19. [Google Scholar] [CrossRef] - Yan, Q.; Zhang, B.; Kezunovic, M. Optimized operational cost reduction for an EV charging station integrated with battery energy storage and PV generation. IEEE Trans. Smart Grid
**2019**, 10, 2096–2106. [Google Scholar] [CrossRef] - Li, Z.; Kang, J.; Yu, R.; Ye, D.; Deng, Q.; Zhang, Y. Consortium blockchain for secure energy trading in industrial Internet of Things. IEEE Trans. Ind. Informat.
**2018**, 14, 3690–3700. [Google Scholar] [CrossRef] - Aggarwal, S.; Kumar, N.; Gope, P. An efficient blockchain-based authentication scheme for energy-trading in V2G networks. IEEE Trans. Ind. Informat.
**2020**, 17, 6971–6980. [Google Scholar] [CrossRef] - Li, D.; Yang, Q.; An, D.; Yu, W.; Yang, X.; Fu, X. On location privacy-preserving online double auction for electric vehicles in microgrids. IEEE Internet Things J.
**2019**, 6, 5902–5915. [Google Scholar] [CrossRef] - Yucel, F.; Akkaya, K.; Bulut, E. Efficient and privacy preserving supplier matching for electric vehicle charging. Ad Hoc Netw.
**2019**, 90, 101730. [Google Scholar] [CrossRef] - Tandon, R.; Gupta, P.K. SV2VCS: A secure vehicle-to-vehicle communication scheme based on lightweight authentication and concurrent data collection trees. J. Ambient Intell. Human. Comput.
**2021**, 12, 9791–9807. [Google Scholar] [CrossRef] - He, Y.; Zhang, C.; Wu, B.; Geng, Z.; Xiao, K.; Li, H. A trusted architecture for EV shared charging based on blockchain technology. High-Confid. Comput.
**2021**, 1, 100001. [Google Scholar] [CrossRef] - Huang, X.; Xu, C.; Wang, P.; Liu, H. LNSC: A security model for electric vehicle and charging pile management based on blockchain ecosystem. IEEE Access
**2018**, 6, 13565–13574. [Google Scholar] [CrossRef] - Kang, J.; Yu, R.; Huang, X.; Maharjan, S.; Zhang, Y.; Hossain, E. Enabling localized peer-to-peer electricity trading among plug-in hybrid electric vehicles using consortium blockchains. IEEE Trans. Ind. Informat.
**2017**, 13, 3154–3164. [Google Scholar] [CrossRef] - Kim, M.; Lee, J.; Oh, J.; Park, K.; Park, Y.; Park, K. Blockchain based energy trading scheme for vehicle-to-vehicle using decentralized identifiers. Appl. Energy
**2022**, 322, 119445. [Google Scholar] [CrossRef] - Sun, G.; Dai, M.; Zhang, F.; Yu, H.; Du, X.; Guizani, M. Blockchain-enhanced high-confidence energy sharing in internet of electric vehicles. IEEE Internet Things J.
**2020**, 7, 7868–7882. [Google Scholar] [CrossRef] - Son, S.; Lee, J.; Kim, M.; Yu, S.; Das, A.K.; Park, Y. Design of blockchain-based lightweight V2I handover authentication protocol for VANET. IEEE Trans. Netw. Sci. Eng.
**2022**, 9, 1346–1358. [Google Scholar] [CrossRef] - Blockchain GDPR Privacy by Design. Available online: https://blockchain.ieee.org/images/files/pdf/blockchain-gdpr-privacy-by-design.pdf (accessed on 8 April 2024).
- Bernabe, J.B.; Canovas, J.L.; Hernandez-Ramos, J.L.; Moreno, R.T.; Skarmeta, A. Privacy-preserving solutions for blockchain: Review and challenges. IEEE Access
**2019**, 7, 164908–164940. [Google Scholar] [CrossRef] - Zhang, H.; Wang, J.; Ding, Y. Blockchain-based decentralized and secure keyless signature scheme for smart grid. Eenrgy
**2019**, 180, 955–967. [Google Scholar] [CrossRef] - Guan, Z.; Si, G.; Zhang, X.; Wu, L.; Guizani, N.; Du, X.; Ma, Y. Privacy-preserving and efficient aggregation based on blockchain for power grid communications in smart communities. IEEE Commun. Mag.
**2018**, 56, 82–88. [Google Scholar] [CrossRef] - Aitzhan, N.Z.; Svetinovic, D. Security and privacy in decentralized energy trading through multi-signatures, blockchain and anonymous messaging streams. IEEE Trans. Dependable Secur. Comput.
**2018**, 15, 840–852. [Google Scholar] [CrossRef] - Kumari, A.; Gupta, R.; Tanwar, S.; Tyagi, S.; Kumar, N. When blockchain meets smart grid: Secure energy trading in demand response management. IEEE Netw.
**2020**, 34, 299–305. [Google Scholar] [CrossRef] - Gai, K.; Wu, Y.; Zhu, L.; Qiu, M.; Shen, M. Privacy-preserving energy trading using consortium blockchain in smart grid. IEEE Trans. Ind. Inform.
**2019**, 15, 3548–3558. [Google Scholar] [CrossRef] - Guan, Z.; Lu, X.; Yang, W.; Wu, L.; Wang, N.; Zhang, Z. Achieving efficient and Privacy-preserving energy trading based on blockchain and ABE in smart grid. J. Parallel Distrib. Comput.
**2021**, 147, 34–45. [Google Scholar] [CrossRef] - Xia, S.; Lin, F.; Chen, Z.; Tang, C.; Ma, Y.; Yu, X. A bayesian game based vehicle-to-vehicle electricity trading scheme for blockchain-enabled internet of vehicles. IEEE Trans. Veh. Technol.
**2020**, 69, 6856–6868. [Google Scholar] [CrossRef] - Baza, M.; Sherif, A.; Mahmoud, M.M.E.A.; Bakiras, S.; Alasmary, W.; Abdallah, M.; Lin, X. Privacy-preserving blockchain-based energy trading schemes for electric vehicles. IEEE Trans. Veh. Technol.
**2021**, 70, 9369–9384. [Google Scholar] [CrossRef] - Li, M.; Hu, D.; Lal, C.; Conti, M.; Zhang, Z. Blockchain-enabled secure energy trading with verifiable fairness in industrial internet of things. IEEE Trans. Ind. Informat.
**2020**, 16, 6564–6574. [Google Scholar] [CrossRef] - Yahaya, A.S.; Javaid, N.; Almogren, A.; Ahmed, A.; Gulfam, S.M.; Radwan, A. A two-stage privacy preservation and secure peer-to-peer energy trading model using blockchain and cloud-based aggregator. IEEE Access
**2021**, 9, 143121–143137. [Google Scholar] [CrossRef] - Cui, J.; Wu, D.; Zhang, J.; Xu, Y.; Zhong, H. An efficient authentication scheme based on semi-trusted authority in VANETs. IEEE Trans. Veh. Technol.
**2019**, 68, 2972–2986. [Google Scholar] [CrossRef] - Chai, H.; Leng, S.; He, J.; Zhang, K.; Cheng, B. Cyberchain: Cybertwin empowered blockchain for lightweight and privacy-preserving authentication in internet of vehicles. IEEE Trans. Veh. Technol.
**2022**, 71, 4620–4631. [Google Scholar] [CrossRef] - Cani, A.S.; Bertino, E.; Yuan, D.; Meng, K.; Dong, Z.Y. SPrivAD: A secure and privacy-preserving mutually dependent authentication and data access scheme for smart communities. Comput. Secur.
**2022**, 115, 102610. [Google Scholar] - Decentralized Identifiers (DIDs) v1.0 Core Architecture, Data Model, and Representations. Available online: https://www.w3.org/TR/2021/PR-did-core-20210803/ (accessed on 8 April 2024).
- Verifiable Credentials Data Model 1.0 Expressing Verifiable Information on the Web. Available online: https://www.w3.org/TR/2021/REC-vc-data-model-20211109/ (accessed on 8 April 2024).
- Automated Validation of Internet Security Protocols and Applications. Available online: http://www.avispa-project.org/ (accessed on 8 April 2024).

Query | Description |
---|---|

$Execute({\mathcal{P}}_{ES}^{t1},{\mathcal{P}}_{EP}^{t2})$ | Under this query, $\mathcal{A}$ performs an eavesdropping attack between ${\mathcal{P}}_{ES}^{t}$ and ${\mathcal{P}}_{EP}^{t}$ over a public channel. |

$Send({\mathcal{P}}^{t},Msg)$ | Under this query, $\mathcal{A}$ can send the messages $Msg$ to the participant ${\mathcal{P}}^{t}$ and get the response message accordingly. |

$Reveal({\mathcal{P}}_{ES}^{t1},{\mathcal{P}}_{EP}^{t2})$ | Under this query, $\mathcal{A}$ compromises a current session key between ${\mathcal{P}}_{ES}^{t1}$ and ${\mathcal{P}}_{EP}^{t2}$. |

$Test\left({\mathcal{P}}^{t}\right)$ | An unbiased coin c is tossed prior to the start of the game, and the result is used to decide the output of the $Test$ query. If $\mathcal{A}$ receives $C=0$, the session key among ${\mathcal{P}}_{ES}^{t1}$ and ${\mathcal{P}}_{EP}^{t2}$ is fresh. If $\mathcal{A}$ receives $C\ne 0$, the session key is not fresh; otherwise, $\mathcal{A}$ obtains a null value (⊥). |

Security and Function Properties | Xia et al. [33] | Baza et al. [34] | Li et al. [35] | Yahaya et al. [36] | Proposed |
---|---|---|---|---|---|

$S{F}_{1}$ | ∘ | ∘ | ∘ | ∘ | ∘ |

$S{F}_{2}$ | ∘ | ∘ | ∘ | ∘ | ∘ |

$S{F}_{3}$ | ∘ | ∘ | ∘ | ∘ | ∘ |

$S{F}_{4}$ | ∘ | × | × | ∘ | ∘ |

$S{F}_{5}$ | − | ∘ | ∘ | ∘ | ∘ |

$S{F}_{6}$ | ∘ | ∘ | ∘ | ∘ | ∘ |

$S{F}_{7}$ | × | × | × | × | ∘ |

$S{F}_{8}$ | − | × | × | − | ∘ |

Notation | Depiction | Computation Cost |
---|---|---|

${T}_{hash}$ | one-way hash function | 0.003 ms |

${T}_{ecc}^{add}$ | point addition operation on elliptic curve | 0.013 ms |

${T}_{ecc}^{mul}$ | scalar point multiplication operation on elliptic curve | 2.373 ms |

${T}_{ecc}^{exp}$ | exponentiation operation on elliptic curve | 0.819 ms |

${T}_{pair}$ | bilinear pairing operation | 6.575 ms |

${T}_{sym}^{enc}$ | symmetric key encryption (e.g., AES-256) | 0.001 ms |

${T}_{sym}^{dec}$ | symmetric key decryption | 0.001 ms |

${T}_{asym}^{enc}$ | asymmetric key encryption (e.g., RSA) | 0.304 ms |

${T}_{asym}^{dec}$ | asymmetric key decryption | 2.405 ms |

${T}_{sig}^{gen}$ | signature generation | 0.173 ms |

${T}_{sig}^{ver}$ | signature verification | 4.194 ms |

Schemes | ${\mathbf{EP}}_{\mathit{j}}$ | ${\mathbf{ES}}_{\mathit{i}}$ | RSU/Energy Broker | Total Costs |
---|---|---|---|---|

[33] | ${T}_{asym}^{enc}$ | ${T}_{asym}^{enc}$ | $2{T}_{Dec-Asym}$ | $\approx 26.734$ ms |

$+{T}_{sig}^{gen}$ | $+{T}_{sig}^{gen}$ | $+4{T}_{sig}^{ver}$ | ||

$+{T}_{sig}^{ver}$ | ||||

$\approx 0.477$ ms | $\approx 4.671$ ms | $\approx 21.586$ ms | ||

[34] | $2{T}_{ecc}^{exp}+{T}_{sym}^{enc}$ | $2{T}_{ecc}^{exp}+2{T}_{sym}^{enc}$ | $N/A$ | $\approx 3.626$ ms |

$+{T}_{sym}^{dec}$ | $+{T}_{sig}^{gen}$ | |||

$+{T}_{sig}^{gen}$ | ||||

$\approx 1.813$ ms | $\approx 1.813$ ms | |||

[35] | ${T}_{hash}+{T}_{ecc}^{add}$ | $2{T}_{hash}+2{T}_{ecc}^{add}$ | $2{T}_{hash}+{T}_{ecc}^{add}$ | ≈ 82.451 ms |

$+2{T}_{ecc}^{mul}+4{T}_{ecc}^{exp}$ | $+{T}_{ecc}^{mul}+7{T}_{ecc}^{exp}$ | $+3{T}_{ecc}^{mul}+16{T}_{ecc}^{exp}$ | ||

$+4{T}_{sym}^{dec}+7{T}_{pair}$ | $+4{T}_{sym}^{enc}$ | |||

$\approx 8.038$ ms | $\approx 54.167$ ms | $\approx 20.246$ ms | ||

[36] | $4{T}_{hash}+3{T}_{ecc}^{mul}$ | $4{T}_{hash}+3{T}_{ecc}^{mul}$ | $N/A$ | $\approx 52.028$ ms |

$+7{T}_{ecc}^{exp}+2{T}_{pair}$ | $+7{T}_{ecc}^{exp}+2{T}_{pair}$ | |||

$\approx 26.014$ ms | $\approx 26.014$ ms | |||

Proposed scheme | $9{T}_{hash}+10{T}_{ecc}^{mul}+{T}_{ecc}^{add}$ | $9{T}_{hash}+11{T}_{ecc}^{mul}+1{T}_{ecc}^{add}$ | $2{T}_{hash}+6{T}_{ecc}^{mul}+3{T}_{ecc}^{add}$ | $\approx 81.668$ ms |

$+{T}_{sym}^{enc}+{T}_{sym}^{dec}$ | $+{T}_{sym}^{enc}+{T}_{sym}^{dec}$ | $+2{T}_{sig}^{gen}$ | ||

$+{T}_{sig}^{gen}+2{T}_{sig}^{ver}$ | $+{T}_{sig}^{gen}+2{T}_{sig}^{ver}$ | |||

$\approx 32.333$ ms | $\approx 34.706$ ms | $\approx 14.629$ ms |

Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |

© 2024 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).

## Share and Cite

**MDPI and ACS Style**

Kim, M.; Park, K.; Park, Y.
A Reliable and Privacy-Preserving Vehicular Energy Trading Scheme Using Decentralized Identifiers. *Mathematics* **2024**, *12*, 1450.
https://doi.org/10.3390/math12101450

**AMA Style**

Kim M, Park K, Park Y.
A Reliable and Privacy-Preserving Vehicular Energy Trading Scheme Using Decentralized Identifiers. *Mathematics*. 2024; 12(10):1450.
https://doi.org/10.3390/math12101450

**Chicago/Turabian Style**

Kim, Myeonghyun, Kisung Park, and Youngho Park.
2024. "A Reliable and Privacy-Preserving Vehicular Energy Trading Scheme Using Decentralized Identifiers" *Mathematics* 12, no. 10: 1450.
https://doi.org/10.3390/math12101450