Sign in to use this feature.

Years

Between: -

Subjects

remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline

Journals

Article Types

Countries / Regions

Search Results (19)

Search Parameters:
Keywords = anonymous credential systems

Order results
Result details
Results per page
Select all
Export citation of selected articles as:
34 pages, 1621 KB  
Article
Zero-Knowledge-Based Policy Enforcement for Privacy-Preserving Cross-Institutional Health Data Sharing on Blockchain
by Faisal Albalwy
Systems 2026, 14(4), 385; https://doi.org/10.3390/systems14040385 - 2 Apr 2026
Viewed by 1991
Abstract
This study presents ZK-EHR, a decentralized access control framework designed to enable secure and privacy-preserving sharing of encrypted electronic health records across institutional boundaries. Unlike existing blockchain-based EHR access control systems that expose user identities on-chain or lack cryptographic privacy guarantees, ZK-EHR decouples [...] Read more.
This study presents ZK-EHR, a decentralized access control framework designed to enable secure and privacy-preserving sharing of encrypted electronic health records across institutional boundaries. Unlike existing blockchain-based EHR access control systems that expose user identities on-chain or lack cryptographic privacy guarantees, ZK-EHR decouples authorization from identity disclosure by integrating zk-SNARK-based proofs with blockchain smart contracts to verify policy compliance without revealing user roles, affiliations, or credentials. The framework employs three differentiated actor roles—Patient (Data Owner), Doctor (Care Provider), and Researcher (Authorized Analyst)—with distinct policy-driven access workflows, a custom Groth16 zero-knowledge circuit for role-based constraint enforcement, and a modular architecture combining on-chain verification with off-chain encrypted storage via IPFS. Concrete design proposals for access revocation and replay attack prevention are introduced to address operational security requirements. The system was evaluated under multiple operational and adversarial scenarios. Experimental results indicate consistent on-chain verification latency (approximately 390 ms), reliable rejection of tampered submissions, and per-verification gas consumption of 216,631 gas. A comparative analysis against representative baseline systems demonstrates that ZK-EHR uniquely combines identity anonymity, on-chain cryptographic policy enforcement, and auditable encrypted record retrieval. These findings establish the feasibility of zk-SNARK-based access control for decentralized, verifiable, and privacy-aware EHR management. Full article
Show Figures

Figure 1

23 pages, 2056 KB  
Article
Blockchain and InterPlanetary Framework for Decentralized and Secure Electronic Health Record Management
by Samia Sayed, Muammar Shahrear Famous, Rashed Mazumder, Risala Tasin Khan, M. Shamim Kaiser, Mohammad Shahadat Hossain, Karl Andersson and Rahamatullah Khondoker
Blockchains 2025, 3(4), 12; https://doi.org/10.3390/blockchains3040012 - 28 Sep 2025
Cited by 2 | Viewed by 3155
Abstract
Blockchain is an emerging technology that is being used to create innovative solutions in many areas, including healthcare. Nowadays healthcare systems face challenges, especially with security, trust, and remote data access. As patient records are digitized and medical systems become more interconnected, the [...] Read more.
Blockchain is an emerging technology that is being used to create innovative solutions in many areas, including healthcare. Nowadays healthcare systems face challenges, especially with security, trust, and remote data access. As patient records are digitized and medical systems become more interconnected, the risk of sensitive data being exposed to cyber threats has grown. In this evolving time for healthcare, it is important to find a balance between the advantages of new technology and the protection of patient information. The combination of blockchain–InterPlanetary File System technology and conventional electronic health record (EHR) management has the potential to transform the healthcare industry by enhancing data security, interoperability, and transparency. However, a major issue that still exists in traditional healthcare systems is the continuous problem of remote data unavailability. This research examines practical methods for safely accessing patient data from any location at any time, with a special focus on IPFS servers and blockchain technology in addition to group signature encryption. Essential processes like maintaining the confidentiality of medical records and safe data transmission could be made easier by these technologies. Our proposed framework enables secure, remote access to patient data while preserving accessibility, integrity, and confidentiality using Ethereum blockchain, IPFS, and group signature encryption, demonstrating hospital-scale scalability and efficiency. Experiments show predictable throughput reduction with file size (200 → 90 tps), controlled latency growth (90 → 200 ms), and moderate gas increase (85k → 98k), confirming scalability and efficiency under varying healthcare workloads. Unlike prior blockchain–IPFS–encryption frameworks, our system demonstrates hospital-scale feasibility through the practical integration of group signatures, hierarchical key management, and off-chain erasure compliance. This design enables scalable anonymous authentication, immediate blocking of compromised credentials, and efficient key rotation without costly re-encryption. Full article
Show Figures

Figure 1

22 pages, 2027 KB  
Article
Blockchain-Based Identity Management System Prototype for Enhanced Privacy and Security
by Haifa Mohammed Alanzi and Mohammad Alkhatib
Electronics 2025, 14(13), 2605; https://doi.org/10.3390/electronics14132605 - 27 Jun 2025
Cited by 6 | Viewed by 4388
Abstract
An Identity Management System (IDMS) is responsible for managing and organizing identities and credentials exchanged between users, Identity Providers (IDPs), and Service Providers (SPs). The primary goal of IDMS is to ensure the confidentiality and privacy of users’ personal data. Traditional IDMS relies [...] Read more.
An Identity Management System (IDMS) is responsible for managing and organizing identities and credentials exchanged between users, Identity Providers (IDPs), and Service Providers (SPs). The primary goal of IDMS is to ensure the confidentiality and privacy of users’ personal data. Traditional IDMS relies on a third party to store user information and authenticate the user. However, this approach poses threats to user privacy and increases the risk of single point of failure (SPOF), user tracking, and data unavailability. In contrast, decentralized IDMSs that use blockchain technology offer potential solutions to these issues as they offer powerful features including immutability, transparency, anonymity, and decentralization. Despite its advantages, blockchain technology also suffers from limitations related to performance, third-party control, weak authentication, and data leakages. Furthermore, some blockchain-based IDMSs still exhibit centralization issues, which can compromise user privacy and create SPOF risks. This study proposes a decentralized IDMS that leverages blockchain and smart contract technologies to address the shortcomings of traditional IDMSs. The proposed system also utilizes the Interplanetary file system (IPFS) to enhance the scalability and performance by reducing the on-chain storage load. Additionally, the proposed IDMS employs the Elliptic Curve Integrated Encryption Scheme (ECIES) to provide an extra layer of security to protect users’ sensitive information while improving the performance of the systems’ transactions. Security analysis and experimental results demonstrated that the proposed IDMS offers significant security and performance advantages compared to its counterparts. Full article
Show Figures

Figure 1

26 pages, 588 KB  
Article
An Identity Management Scheme Based on Multi-Factor Authentication and Dynamic Trust Evaluation for Telemedicine
by Yishan Wu, Mengxue Pang, Jianqiang Ma, Wei Ou, Qiuling Yue and Wenbao Han
Sensors 2025, 25(7), 2118; https://doi.org/10.3390/s25072118 - 27 Mar 2025
Cited by 6 | Viewed by 2535
Abstract
Telemedicine diagnosis has become a more flexible and convenient way to receive diagnoses, which is of great significance in enhancing diagnosis, cutting costs, and serving remote users. However, telemedicine faces many security problems, such as the complexity of user authentication, the balance of [...] Read more.
Telemedicine diagnosis has become a more flexible and convenient way to receive diagnoses, which is of great significance in enhancing diagnosis, cutting costs, and serving remote users. However, telemedicine faces many security problems, such as the complexity of user authentication, the balance of the existing biometric factor authentication scheme, the unpredictability of user behavior, and the difficulty of unified authentication due to the differences in the security standards and authentication mechanisms of different trust domains, which affect the sustainable development of telemedicine. To address the above issues, this paper presents an identity management scheme based on multi-factor authentication and dynamic trust evaluation for telemedicine. Its authentication combines iris recognition for secure biometric verification, smart cards for encrypted credential storage, and static passwords for supplementary verification, addressing scenarios like facial coverage in medical settings. The scheme dynamically adjusts authentication based on attack rates, login anomalies, and service durations. By integrating ShangMi cryptographic algorithms and blockchain, it optimizes performance, achieving 35% lower communication overhead than previous protocols. A security analysis shows it resists impersonation, man-in-the-middle, and password modification attacks while preserving user anonymity. System evaluation meets authoritative standards, validating its practicality. This scheme balances security and efficiency, providing a strong basis for telemedicine’s long-term viability. Full article
(This article belongs to the Section Electronic Sensors)
Show Figures

Figure 1

26 pages, 2439 KB  
Review
On Advances of Anonymous Credentials—From Traditional to Post-Quantum
by Madusha Chathurangi, Qinyi Li and Ernest Foo
Cryptography 2025, 9(1), 8; https://doi.org/10.3390/cryptography9010008 - 26 Jan 2025
Cited by 4 | Viewed by 5830
Abstract
Anonymous credential (AC) systems are privacy-preserving authentication mech-anisms that allow users to prove that they have valid credentials anonymously. These systems provide a powerful tool for several practical applications, such as anonymous pay-ment systems in e-commerce, preserving robust privacy protection for users. Most [...] Read more.
Anonymous credential (AC) systems are privacy-preserving authentication mech-anisms that allow users to prove that they have valid credentials anonymously. These systems provide a powerful tool for several practical applications, such as anonymous pay-ment systems in e-commerce, preserving robust privacy protection for users. Most existing AC systems are constructed using traditional number-theoretic approaches, making them insecure under quantum attacks. With four decades of research in anonymous credential systems, there is a need for a comprehensive review that identifies the design structures of AC systems, organizes the research trends, and highlights unaddressed gaps for the future development of AC, especially bringing AC to post-quantum cryptography. This work is a complete study describing AC systems, as well as their architecture, components, security, and performance. Additionally, real-world implementations of various applications are identified, analyzed, and compared according to the design structure. Lastly, the challenges hindering the shift toward the quantumly secure lattice-based AC designs are discussed. Full article
Show Figures

Figure 1

15 pages, 525 KB  
Article
A Lightweight ECC-Based Authentication and Key Agreement Protocol for IoT with Dynamic Authentication Credentials
by Momo Li and Shunfang Hu
Sensors 2024, 24(24), 7967; https://doi.org/10.3390/s24247967 - 13 Dec 2024
Cited by 23 | Viewed by 4247
Abstract
Due to the openness of communication channels and the sensitivity of the data being collected and transmitted, securing data access and communication in IoT systems requires robust ECC-based authentication and key agreement (AKA) protocols. However, designing an AKA protocol for IoT presents significant [...] Read more.
Due to the openness of communication channels and the sensitivity of the data being collected and transmitted, securing data access and communication in IoT systems requires robust ECC-based authentication and key agreement (AKA) protocols. However, designing an AKA protocol for IoT presents significant challenges, as most IoT sensors are deployed in resource-constrained, unattended environments with limited computational power, connectivity, and storage. To achieve anonymous authentication, existing solutions typically rely on shared temporary public keys to mask device IDs or validate sender certificates, which increases the computational overhead. Furthermore, these protocols often fail to address crucial security concerns, such as nonresistance to ephemeral secret leakage (ESL) attacks and a lack of perfect forward security. To mitigate the computational burden, we propose a dynamic authenticated credentials (DACs) synchronization framework for anonymous authentication. Then, we introduce an ECC-based AKA scheme that employs DACs in place of temporary public keys or sender credentials, enabling efficient and secure anonymous authentication. The security of the proposed protocol was rigorously verified under the Real-or-Oracle model and validated using ProVerif. Performance comparisons demonstrate that our scheme offered significant improvements in security, with an over 37% reduction in communication cost and computational overhead. Full article
(This article belongs to the Special Issue IoT-Enabled Smart Everything Cyber-Physical Systems)
Show Figures

Figure 1

14 pages, 377 KB  
Article
Anonymous Access System with Limited Number of Uses in a Trustless Environment
by Francesc Garcia-Grau, Jordi Herrera-Joancomartí and Aleix Dorca Josa
Appl. Sci. 2024, 14(19), 8581; https://doi.org/10.3390/app14198581 - 24 Sep 2024
Cited by 2 | Viewed by 1762
Abstract
This article proposes a novel method for managing usage counters within an anonymous credential system, addressing the limitation of traditional anonymous credentials in tracking repeated use. The method takes advantage of blockchain technology through Smart Contracts deployed on the Ethereum network to enforce [...] Read more.
This article proposes a novel method for managing usage counters within an anonymous credential system, addressing the limitation of traditional anonymous credentials in tracking repeated use. The method takes advantage of blockchain technology through Smart Contracts deployed on the Ethereum network to enforce a predetermined maximum number of uses for a given credential. Users retain control over increments by providing zero-knowledge proofs (ZKPs) demonstrating private key possession and agreement on the increment value. This approach prevents replay attacks and ensures transparency and security. A prototype implementation on a private Ethereum blockchain demonstrates the feasibility and efficiency of the proposed method, paving the way for its potential deployment in real-world applications requiring both anonymity and usage tracking. Full article
(This article belongs to the Collection Innovation in Information Security)
Show Figures

Figure 1

15 pages, 381 KB  
Article
Enhancing Security and Privacy in Healthcare Systems Using a Lightweight RFID Protocol
by Muhammad Ayaz Khan, Subhan Ullah, Tahir Ahmad, Khwaja Jawad and Attaullah Buriro
Sensors 2023, 23(12), 5518; https://doi.org/10.3390/s23125518 - 12 Jun 2023
Cited by 26 | Viewed by 5092
Abstract
Exploiting Radio Frequency Identification (RFID) technology in healthcare systems has become a common practice, as it ensures better patient care and safety. However, these systems are prone to security vulnerabilities that can jeopardize patient privacy and the secure management of patient credentials. This [...] Read more.
Exploiting Radio Frequency Identification (RFID) technology in healthcare systems has become a common practice, as it ensures better patient care and safety. However, these systems are prone to security vulnerabilities that can jeopardize patient privacy and the secure management of patient credentials. This paper aims to advance state-of-the-art approaches by developing more secure and private RFID-based healthcare systems. More specifically, we propose a lightweight RFID protocol that safeguards patients’ privacy in the Internet of Healthcare Things (IoHT) domain by utilizing pseudonyms instead of real IDs, thereby ensuring secure communication between tags and readers. The proposed protocol has undergone rigorous testing and has been proven to be secure against various security attacks. This article provides a comprehensive overview of how RFID technology is used in healthcare systems and benchmarks the challenges faced by these systems. Then, it reviews the existing RFID authentication protocols proposed for IoT-based healthcare systems in terms of their strengths, challenges, and limitations. To overcome the limitations of existing approaches, we proposed a protocol that addresses the anonymity and traceability issues in existing schemes. Furthermore, we demonstrated that our proposed protocol had a lower computational cost than existing protocols and ensured better security. Finally, our proposed lightweight RFID protocol ensured strong security against known attacks and protected patient privacy using pseudonyms instead of real IDs. Full article
(This article belongs to the Special Issue Security in IoT Environments)
Show Figures

Figure 1

14 pages, 2922 KB  
Article
A Study on the Interoperability Technology of Digital Identification Based on WACI Protocol with Multiparty Distributed Signature
by Jihwan Kim, Pyung Kim, Daeseon Choi and Younho Lee
Sensors 2023, 23(8), 4061; https://doi.org/10.3390/s23084061 - 17 Apr 2023
Cited by 5 | Viewed by 3569
Abstract
In digital identity authentication, credentials are typically stored in a digital wallet and authenticated through a single key-based signature and public key verification. However, ensuring compatibility between systems and credentials can be challenging and the existing architecture can create a single point of [...] Read more.
In digital identity authentication, credentials are typically stored in a digital wallet and authenticated through a single key-based signature and public key verification. However, ensuring compatibility between systems and credentials can be challenging and the existing architecture can create a single point of failure, which can hinder system stability and prevent data interchange. To address this problem, we propose a multiparty distributed signature structure using FROST, a Schnorr signature-based threshold signature algorithm, applied to the WACI protocol framework for credential interaction. This approach eliminates a single point of failure and secures the signer’s anonymity. Additionally, by following standard interoperability protocol procedures, we can ensure interoperability during the exchange of digital wallets and credentials. This paper presents a method that combines a multiparty distributed signature algorithm and an interoperability protocol, and discusses the implementation results. Full article
(This article belongs to the Section Internet of Things)
Show Figures

Figure 1

25 pages, 2240 KB  
Article
Distributed and Federated Authentication Schemes Based on Updatable Smart Contracts
by Keunok Kim, Jihyeon Ryu, Hakjun Lee, Youngsook Lee and Dongho Won
Electronics 2023, 12(5), 1217; https://doi.org/10.3390/electronics12051217 - 3 Mar 2023
Cited by 13 | Viewed by 2377
Abstract
Federated authentication, such as Google ID, enables users to conveniently access multiple websites using a single login credential. Despite this convenience, securing federated authentication services requires addressing a single point of failure, which can result from using a centralized authentication server. In addition, [...] Read more.
Federated authentication, such as Google ID, enables users to conveniently access multiple websites using a single login credential. Despite this convenience, securing federated authentication services requires addressing a single point of failure, which can result from using a centralized authentication server. In addition, because the same login credentials are used, anonymity and protection against user impersonation attacks must be ensured. Recently, researchers introduced distributed authentication schemes based on blockchains and smart contracts (SCs) for systems that require high availability and reliability. Data on a blockchain are immutable, and deployed SCs cannot be changed or tampered with. Nonetheless, updates may be necessary to fix programming bugs or modify business logic. Recently, methods for updating SCs to address these issues have been investigated. Therefore, this study proposes a distributed and federated authentication scheme that uses SCs to overcome a single point of failure. Additionally, an updatable SC is designed to fix programming bugs, add to the function of an SC, or modify business logic. ProVerif, which is a widely known cryptographic protocol verification tool, confirms that the proposed scheme can provide protection against various security threats, such as single point of failure, user impersonation attacks, and user anonymity, which is vital in federated authentication services. In addition, the proposed scheme exhibits a performance improvement of 71% compared with other related schemes. Full article
(This article belongs to the Special Issue Data Driven Security)
Show Figures

Figure 1

26 pages, 1433 KB  
Article
PriSign, A Privacy-Preserving Single Sign-On System for Cloud Environments
by Rui Shi, Yang Yang, Huiqin Xie, Huamin Feng, Guozhen Shi and Jianyi Zhang
Appl. Sci. 2023, 13(2), 727; https://doi.org/10.3390/app13020727 - 4 Jan 2023
Cited by 2 | Viewed by 3816
Abstract
Anonymous single sign-on systems allow users to use a single credential to access multiple services protected by verifiers without revealing their personal information, which is especially important due to privacy regulations such as GDPR. In this paper, we introduce a new strong privacy-preserving [...] Read more.
Anonymous single sign-on systems allow users to use a single credential to access multiple services protected by verifiers without revealing their personal information, which is especially important due to privacy regulations such as GDPR. In this paper, we introduce a new strong privacy-preserving single sign-on scheme, dubbed PriSign, based on our proposed attribute-based credential with traceability (ABCT), attribute-based credential with blindness (ABCB), and threshold inner-product functional encryption (TIPFE). Compared with the existing state-of-the-art solutions, PriSign presents three improvements: (1) users can obtain different types of tickets according to the attribute disclosure policies enforced by the ticket issuer to support fine-grained access control; (2) users can hide access tokens and designate a verifier for tokens according to a verifier’s policy jointly issued by multiple policymakers, meaning that non-designated verifiers cannot obtain any information about the tokens; (3) we innovatively use a threshold approach to issue policy keys online in order for verifiers to achieve proxy re-verification services in an unstable cloud environment. We implement PriSign and compare the performance with other ASSO systems in the personal laptop, and the results prove its practicability. Full article
(This article belongs to the Special Issue Applied Information Security and Cryptography)
Show Figures

Figure 1

20 pages, 1489 KB  
Systematic Review
Towards Improving Privacy and Security of Identity Management Systems Using Blockchain Technology: A Systematic Review
by Haifa Alanzi and Mohammad Alkhatib
Appl. Sci. 2022, 12(23), 12415; https://doi.org/10.3390/app122312415 - 4 Dec 2022
Cited by 44 | Viewed by 8538
Abstract
An identity management system (IDMS) manages and organizes identities and credentials information exchanged between users, identity providers (IDPs), and service providers (SPs) to ensure confidentiality and enhance privacy of users’ personal data. Traditional or centralized IDMS rely on a third party to store [...] Read more.
An identity management system (IDMS) manages and organizes identities and credentials information exchanged between users, identity providers (IDPs), and service providers (SPs) to ensure confidentiality and enhance privacy of users’ personal data. Traditional or centralized IDMS rely on a third party to store a user’s personal information, authenticate the user, and organize the entire process. This clearly constitutes threats to the privacy of the user, in addition to other issues, such as single point of failure (SPOF), user tracking, and data availability issues. Blockchain technology has many useful features that can contribute to solving traditional IDMS issues, such as decentralization, immutability, and anonymity. Blockchain represents an attractive solution for many issues related to traditional IDMS, including privacy, third-party control, data leakage, and SPOF, supported by Distributed Ledger Technology (DLT) security features and powerful smart contracts technology. The current study presents a systematic literature review and analysis for recently proposed solutions that adopt the traditional centralized approach, as well as solutions based on blockchain technology. The study also aims to provide a deep understanding of proposed IDMS solutions and best practices, and highlight the research gaps and open issues related to IDMSs and users’ privacy. In particular, the current research focuses on analyzing the blockchain-based solutions and illustrating their strengths and weaknesses, as well as highlighting the promising blockchain technology framework that can be utilized to enhance privacy and solve security issues in a centralized IDMS. Such a study is an important step towards developing efficient solutions that address the pressing needs in the field. Full article
Show Figures

Figure 1

34 pages, 5193 KB  
Article
ECQV-Based Lightweight Revocable Authentication Protocol for Electric Vehicle Charging
by Abdullah M. Almuhaideb and Sammar S. Algothami
Big Data Cogn. Comput. 2022, 6(4), 102; https://doi.org/10.3390/bdcc6040102 - 27 Sep 2022
Cited by 8 | Viewed by 3952
Abstract
In the near future, using electric vehicles will almost certainly be required for the sustainability of nature and our planet. The most significant challenge that users are concerned about is the availability of electric vehicle charging stations. Therefore, to maximize the availability of [...] Read more.
In the near future, using electric vehicles will almost certainly be required for the sustainability of nature and our planet. The most significant challenge that users are concerned about is the availability of electric vehicle charging stations. Therefore, to maximize the availability of electric vehicle charging stations, we suggest taking benefit from individual sellers who produce renewable energy from their homes or electric vehicle owners who have charging piles installed in their homes. However, energy services that are rapidly being offered by these businesses do not have a trust connection developed with the consumers and stakeholders in these new systems. Exchange of data related to electric vehicles and energy aggregators can be used to identify users’ behavior and compromise their privacy. Consequently, it is necessary to set up a charging system that will guarantee privacy and security. Several electric vehicle charging systems have been proposed to provide security and privacy preservation. However, ensuring anonymity alone is not enough to guarantee protection from reconstructing the victim vehicle’s route by the tracking adversary, even if the exchanged messages are completely anonymous. Furthermore, anonymity should not be absolute in order to protect the system and function as necessary by all entities. In this research, we propose an effective, secure, and privacy-preserving authentication method based on the Elliptic Curve Qu–Vanstone for an electric vehicle charging system. The proposed scheme provides all the necessary requirements and a reauthentication protocol to minimize the overhead of subsequent authentication processes. To create credentials and validate electric vehicles and energy aggregators, the scheme makes use of the Elliptic Curve Qu–Vanstone implicit certificate mechanism. The new protocols give EVs security and privacy while cutting computational time by 95% thanks to reauthentication, as demonstrated by the performance comparison with earlier works. Full article
Show Figures

Figure 1

22 pages, 497 KB  
Article
A Distributed Model for Privacy Preserving V2I Communication with Strong Unframeability and Efficient Revocation
by Panayiotis Kalogeropoulos, Dimitris Papanikas and Panayiotis Kotzanikolaou
J. Cybersecur. Priv. 2022, 2(4), 778-799; https://doi.org/10.3390/jcp2040040 - 20 Sep 2022
Cited by 4 | Viewed by 10611
Abstract
Although Vehicle to Infrastructure (V2I) communications greatly improve the efficiency of early warning systems for car safety, communication privacy is an important concern. Although solutions exist in the literature for privacy preserving VANET communications, they usually require high trust assumptions for a single [...] Read more.
Although Vehicle to Infrastructure (V2I) communications greatly improve the efficiency of early warning systems for car safety, communication privacy is an important concern. Although solutions exist in the literature for privacy preserving VANET communications, they usually require high trust assumptions for a single authority. In this paper we propose a distributed trust model for privacy preserving V2I communications. Trust is distributed among a certification authority that issues the vehicles’ credentials, and a signing authority that anonymously authenticates V2I messages in a zero knowledge manner. Anonymity is based on bilinear pairings and partially blind signatures. In addition, our system supports enhanced conditional privacy since both authorities and the relevant RSU need to collaborate to trace a message back to a vehicle, while efficient certificateless revocation is supported. Moreover, our scheme provides strong unframeability for honest vehicles. Even if all the entities collude, it is not possible to frame a honest vehicle, by tracing a forged message back to an honest vehicle. The proposed scheme concurrently achieves conditional privacy and strong unframeabilty for vehicles, without assuming a fully trusted authority. Our evaluation results show that the system allows RSUs to efficiently handle multiple messages per second, which suffices for real world implementations. Full article
(This article belongs to the Special Issue Cybersecurity in the Transportation Ecosystem)
Show Figures

Figure 1

26 pages, 3889 KB  
Article
Efficient Privacy-Preserving and Secure Authentication for Electric-Vehicle-to-Electric-Vehicle-Charging System Based on ECQV
by Abdullah M. Almuhaideb and Sammar S. Algothami
J. Sens. Actuator Netw. 2022, 11(2), 28; https://doi.org/10.3390/jsan11020028 - 9 Jun 2022
Cited by 29 | Viewed by 6202
Abstract
The use of Electric Vehicles (EVs) is almost inevitable in the near future for the sake of the environment and our plant’s long-term sustainability. The availability of an Electric-Vehicle-Charging Station (EVCS) is the key challenge that owners are worried about. Therefore, we suggest [...] Read more.
The use of Electric Vehicles (EVs) is almost inevitable in the near future for the sake of the environment and our plant’s long-term sustainability. The availability of an Electric-Vehicle-Charging Station (EVCS) is the key challenge that owners are worried about. Therefore, we suggest benefiting from individual EVs that have excess energy and are willing to share it with other EVs in order to maximize the availability of EVCSs without the need to rely on the existing charging infrastructure. The Internet of Electric Vehicles (IoEV) is gradually gaining traction, allowing for a more efficient and intelligent transportation system by leveraging these capabilities between EVs. However, the IoEV is considered a trustless environment, with untrustworthy trading partners such as data sellers, buyers, and brokers. Data exchanged between the EV and the Energy AGgregator (EAG) or EV/EV can be used to analyze users’ behavior and compromise their privacy. Thus, a Vehicle-to-Vehicle (V2V)-charging system that is both secure and private must be established. Several V2V-charging systems with security and privacy features have been proposed. However, even if the transmitted communications are entirely anonymous, anonymity alone will not prevent the tracking adversary from reconstructing the target vehicle’s route. These systems frequently fail to find a balance between privacy concerns (e.g., trade traceability to achieve anonymity, and so on) and security measures. In this paper, we propose an efficient privacy-preserving and secure authentication based on Elliptic Curve Qu–Vanstone (ECQV) for a V2V-charging system that fulfils the essential requirements and re-authentication protocol in order to reduce the overhead of future authentication processes. The proposed scheme utilizes the ECQV implicit-certificate mechanism to create credentials and authenticate EVs. The proposed protocols provide efficient security and privacy to EVs, as well as an 88% reduction in computational time through re-authentication, as compared to earlier efforts. Full article
(This article belongs to the Special Issue Feature Papers in Network Security and Privacy)
Show Figures

Figure 1

Back to TopTop