Biblio

As an extension of Internet of Things (IoT) in transportation sector, the Internet of Vehicles (IoV) can greatly facilitate vehicle management and route planning. With ever-increasing penetration of IoV, the security and privacy of driving data should be guaranteed. Moreover, since vehicles are often left unattended with minimum human interventions, the onboard sensors are vulnerable to physical attacks. Therefore, the physically secure authentication and key agreement (AKA) protocol is urgently needed for IoV to implement access control and information protection. In this paper, physical unclonable function (PUF) is introduced in the AKA protocol to ensure that the system is secure even if the user devices or sensors are compromised. Specifically, PUF, as a hardware fingerprint generator, eliminates the storage of any secret information in user devices or vehicle sensors. By combining password with PUF, the user device cannot be used by someone else to be successfully authenticated as the user. By resorting to public key cryptography, the proposed protocol can provide anonymity and desynchronization resilience. Finally, the elaborate security analysis demonstrates that the proposed protocol is free from the influence of known attacks and can achieve expected security properties, and the performance evaluation indicates the efficiency of our protocol.