[Blockchain-5]BBARS: Blockchain-Based Anonymous Rewarding Scheme for V2G Networks

一 文章内容

摘要

背景和挑战:

在V2G(Vehicle-to-Grid)网络中,为鼓励BV(Battery-powered vehicle)的参与需要设置一定的奖励机制,但是扩大V2G网络部署会带来 安全隐私问题。

提出方法:

本文提出一种新概念:BBARS (V2G网络中基于区块链的匿名奖励机制),并给出了正式的 系统模型安全模型,通过两种不同的PKC(Public key cryptosystem)设计了详细的BBARS机制。

1 简介

1.1 相关工作

[Blockchain-5]BBARS: Blockchain-Based Anonymous Rewarding Scheme for V2G Networks

现有工作的不足:

It is still an open problem to solve the anonymity, unlinkability,untraceability simultaneously

1.2 文章贡献

  • 首次提出基于区块链的V2G网络中匿名奖励机制,并给出正式的系统模型和安全模型。并首次考虑CAG(Center Aggregator)的匿名和BV的匿名。
  • 付款方和收款方地址具有 不可链接性(无法建立奖励双方的联系)和 不可追踪性(不可找到付款方的地址)。
  • 使用两种PKC来设计BBARS机制,一种用于聚合签名,一种用于区块链

2 BBARS 机制

2.1 密码方案

(1)ECC 和 双线性对

[Blockchain-5]BBARS: Blockchain-Based Anonymous Rewarding Scheme for V2G Networks
[Blockchain-5]BBARS: Blockchain-Based Anonymous Rewarding Scheme for V2G Networks

(2)Aggregate signature & Ring signature

Aggravated signature

An aggregate signature scheme is a signature scheme which can aggregate many signatures on many distinct messages from many distinct users into one single signature.

Ring signature

For a secure ring signature,it is required that only users in the group member list can generate a valid signature and the signatures generated by different members are theoretically indistinguishable.

2.2 安全模型

2.2.1 安全目标

  • 1)BV、CAG和LAG间的互相认证
  • 2)BV的匿名性
  • 3)CAG的匿名性
  • 4)不可链接性

2.2.2 Definition-不可伪造性

1) 定义:

  • 拥有 概率多项式时间的敌手A赢得游戏的概率是可 忽略不计的,则称CAG的认证协议满足不可伪造性。

2) 过程:

  • Setup:生成系统参数,CAG生成公/私钥对(PKI),BV生成公/私钥对(By self),将系统参数、CAG的公钥、BV的公钥发送给敌手A;
  • 敌手A和挑战者C的交互:A可以选择性的向挑战者发送信息并得到回应:
    • Hash请求:A向C发送哈希请求,C创建哈希函数值并将其发送给A。或者,C访问哈希函数并用实际的哈希值响应A
    • Authentication请求:A使用不同的公钥和相应的信息(表示为ContiCont_iConti​.)发起请求,C创建认证信息σj\sigma _jσj​ 并返回给A.
  • 伪造:A使用公钥和相应的信息伪造有效认证ContContCont,A赢得游戏满足
    [Blockchain-5]BBARS: Blockchain-Based Anonymous Rewarding Scheme for V2G Networks
    其中p(k)是安全参数k的多项式,A赢得游戏的概率是不可忽略的。

2.3 BBARS架构

系统实体

  • CAG(Center Aggregator)
  • LAG(Local Aggregator)
  • BV(Battery powered vehicle)
  • Blockchain
    [Blockchain-5]BBARS: Blockchain-Based Anonymous Rewarding Scheme for V2G Networks

2.4 BBARS系统工作流程

2.4.1 Setup

1)Parameter type 1

  • 用途:Blockchain、Monero
  • E(椭圆曲线)、Fq\mathbb{F} _qFq​(有限域)、qqq(素数)、GGG(E(Fq)E(\mathbb{F} _q)E(Fq​)的生成点/基点)、l^\hat{l}l^(G的阶)、Fl^\mathbb{F}_{\hat{l}}Fl^​(由参数l^\hat{l}l^构成的有限域)
    [Blockchain-5]BBARS: Blockchain-Based Anonymous Rewarding Scheme for V2G Networks

2)Parameter type 2

  • 用途:Registration、Receipt、Certificate、Authentication、Revocation
    [Blockchain-5]BBARS: Blockchain-Based Anonymous Rewarding Scheme for V2G Networks

2.4.2 Contract-based authorization

ContiCont_iConti​包含:BV’s status information、reward for the service、service charge standard、payment method、(Ai,Bi)(A_i,B_i)(Ai​,Bi​)

  • CAG首先用自己的私钥z和收到的ContiCont_iConti​生成签名σi=zH(Conti)\sigma _i =zH(Cont_i)σi​=zH(Conti​)
  • 在Tab表中记录BV的地址Ai,Bi(Ai,Bi)(Ai,Bi)
  • CAG将(Conti,σi)(Cont_i,\sigma _i)(Conti​,σi​)发给BViBV_iBVi​
  • CAG发送更新的Tab表给LAGs

[Blockchain-5]BBARS: Blockchain-Based Anonymous Rewarding Scheme for V2G Networks

2.4.3 Anonymous service and receipt

[Blockchain-5]BBARS: Blockchain-Based Anonymous Rewarding Scheme for V2G Networks
BViBV_iBVi​访问V2GV2GV2G网络并且为电网提供服务,它向LAGjLAG_jLAGj​提供(Conti,σi)(Cont_i,\sigma _i)(Conti​,σi​),验证过程如下:

  • LAGjLAG_jLAGj​收到大量(Conti,σi)(Cont_i,\sigma _i)(Conti​,σi​)对,其中iIi \in \mathbb{I}i∈I
  • LAGjLAG_jLAGj​选区随机数αiFp\alpha _i \in \mathbb{\mathbb{F}}_pαi​∈Fp​,验证e(iIαiσi,P)=e(iIαiH(Conti),Z)e(\underset{i \in \mathbb{I}}{\sum}\alpha_i \sigma_i,P)=e(\underset{i \in \mathbb{I}}{\sum}\alpha_i H(Cont_i),Z)e(i∈I∑​αi​σi​,P)=e(i∈I∑​αi​H(Conti​),Z)不成立则拒绝,否则执行下列步骤
    [Blockchain-5]BBARS: Blockchain-Based Anonymous Rewarding Scheme for V2G Networks
  • 对所有iIi \in \mathbb{I}i∈I,LAGjLAG_jLAGj​从ContiCont_iConti​提取出相应公钥(Ai,Bi)(Ai,Bi)(Ai,Bi),判断(Ai,Bi)(Ai,Bi)(Ai,Bi)是否属于TabTabTab表,成立则接受服务,否则拒绝
  • BViBV_iBVi​为电网提供了服务,LAGjLAG_jLAGj​生成相应的receiptreceiptreceipt:
    • BVBVBV的服务和相应奖励为信息mi,jm_i,_jmi​,j​.LAGjLAG_jLAGj​计算σi,j=ljH(mi,j,Ai,Bi)\sigma _i,_j = l_jH(m_i,_j, Ai, Bi)σi​,j​=lj​H(mi​,j​,Ai,Bi)
    • LAGjLAG_jLAGj​给CAGCAGCAG和BViBV_iBVi​都发送(mi,j,Ai,Bi,σi,j)(m_i,_j , Ai, Bi, \sigma _i,_j)(mi​,j​,Ai,Bi,σi​,j​)

PS: Receipt(BVi): (mi,j,Ai,Bi,σi,j)(m_i,_j , Ai, Bi, \sigma _i,_j)(mi​,j​,Ai,Bi,σi​,j​)Certificate(CAG):(mi,j,Ai,Bi,σi,j)(m_i,_j , Ai, Bi, \sigma _i,_j)(mi​,j​,Ai,Bi,σi​,j​)

2.4.4 Reward from CAG

[Blockchain-5]BBARS: Blockchain-Based Anonymous Rewarding Scheme for V2G Networks,

  • CAGCAGCAG接受到LAGjLAG_jLAGj​发送的(mi,j,Ai,Bi,σi,j)(m_i,_j , Ai, Bi, \sigma _i,_j)(mi​,j​,Ai,Bi,σi​,j​),选取随机数βi,jFp,iI,jJ\beta _i,_j \in \mathbb{F}_p,i \in \mathbb{I}, j \in \mathbb{J}βi​,j​∈Fp​,i∈I,j∈J
    验证下列等式是否成立:
    [Blockchain-5]BBARS: Blockchain-Based Anonymous Rewarding Scheme for V2G Networks
    如果不成立则拒绝,成立则继续
    [Blockchain-5]BBARS: Blockchain-Based Anonymous Rewarding Scheme for V2G Networks
  • 对于特定BViBV_iBVi​,CAGCAGCAG解压接收的消息并提取其地址(Ai,Bi(A_i,B_i)(Ai​,Bi​),选取随机数rFl^r \in \mathbb{F}^*_ {\hat{l}}r∈Fl^∗​,然后计算BViBV_iBVi​的一次性公钥(One-Time Public Key)Pi^=H1(rAi)G+Bi\hat{P_i}=H_1(rA_i)G+B_iPi​^​=H1​(rAi​)G+Bi​
  • CAG可以解压信息mi,jm_i,_jmi​,j​得到奖励金额bali,jbal_i,_jbali​,j​,然后计算总的奖励金额bali=jJbali,jbal_i=\underset{j \in \mathbb{J}}{\sum}bal_i,_jbali​=j∈J∑​bali​,j​,CAGCAGCAG可以从区块链读取总的奖励金额balbalbal,因此CAGCAGCAG准备了J+1\mathbb{J}+1J+1个输出:分别为上一步计算的一次性公钥(即地址)Pi^\hat{P_i}Pi​^​和balibal_ibali​包含JJJ个元素。为了简化,将输出和一些元数据表示为信息mmm,例如:对于每一个BViBV_iBVi​,mmm包含RRR和(Pi^,bali)(\hat{P_i},bal_i)(Pi​^​,bali​),其中R=rGR=rGR=rG
  • CAG用私钥zzz计算对消息mmm的签名再哈希A=H2(Signz(m))A=H_2(Sign_z(m))A=H2​(Signz​(m))
  • 最终步骤:
    [Blockchain-5]BBARS: Blockchain-Based Anonymous Rewarding Scheme for V2G Networks
    • 通过上述构造,CAG首先计算:
      Li={qiGifi=sqiG+wiPiifisL_i=\left\{\begin{matrix}q_iG & if & i=s\\ q_iG+w_iP_i & if & i \neq s\end{matrix}\right.Li​={qi​Gqi​G+wi​Pi​​ifif​i=si̸​=s​ Ri={qiH2(Pi)ifi=sqiH2(Pi)+wiIifisR_i=\left\{\begin{matrix}q_iH_2(P_i) & if & i=s\\ q_iH_2(P_i)+w_iI & if & i \neq s\end{matrix}\right.Ri​={qi​H2​(Pi​)qi​H2​(Pi​)+wi​I​ifif​i=si̸​=s​
    • 然后计算c=H1(m,A,L0,...,Ln,R0,...,Rn)c=H_1(m,A,L_0,...,L_n,R_0,...,R_n)c=H1​(m,A,L0​,...,Ln​,R0​,...,Rn​)和下列值:
      ci={wiifiscisciifi=sc_i=\left\{\begin{matrix}w_i & if & i \neq s\\ c-\underset{i \neq s}{\sum}c_i& if & i = s\end{matrix}\right.ci​={wi​c−i̸​=s∑​ci​​ifif​i̸​=si=s​ ri={qiifisqscsxsifi=sr_i=\left\{\begin{matrix}q_i & if & i\neq s\\ q_s-c_sx_s & if & i = s\end{matrix}\right.ri​={qi​qs​−cs​xs​​ifif​i̸​=si=s​
      最终的签名(环签名)为:σ=(I,A,c0,...,cn,r0,...rn)\sigma=(I,A,c_0,...,c_n,r_0,...r_n)σ=(I,A,c0​,...,cn​,r0​,...rn​)

2.4.5 Verification and Gain

收到消息mmm的签名σ\sigmaσ后,验证者对签名的有效性进行验证:

  • 计算:Li=riG+ciPi,Ri=riH2(Pi)+ciIL_i'=r_iG+c_iP_i, R_i'=r_iH_2(P_i)+c_iILi′​=ri​G+ci​Pi​,Ri′​=ri​H2​(Pi​)+ci​I
  • 验证者检查等式:ni=0ci=H1(m,A,L0,...Ln,R0,...,Rn)mod  l^\sum_{n}^{i=0}c_i=H_1(m,A,L_0',...L_n',R_0',...,R_n') \mod \hat{l}∑ni=0​ci​=H1​(m,A,L0′​,...Ln′​,R0′​,...,Rn′​)modl^,成立则继续
  • 验证者检查镜像I=xsH2(Ps)I=x_sH_2(P_s)I=xs​H2​(Ps​)是否在以前的签名中出现过,如果是则拒绝,否则接受σ\sigmaσ

PS:奖励balibal_ibali​发送到Pi^\hat{P_i}Pi​^​,balcbal_cbalc​发送到Pc^\hat{P_c}Pc​^​(新选定的存储剩余奖金的地址)

接受签名σ\sigmaσ后,BViBV_iBVi​获取奖励:

  • 提取消息mmm中的RRR和(Pi^,bali)(\hat{P_i},bal_i)(Pi​^​,bali​)
  • 计算Pi=H1(aiR)G+BiP_i '=H_1(a_iR)G+B_iPi′​=H1​(ai​R)G+Bi​ 并判断Pi^=Pi\hat{P_i} = P_i'Pi​^​=Pi′​是否成立,成立则继续
  • BViBV_iBVi​计算xi=H1(aiR)+bix_i=H_1(a_iR)+b_ixi​=H1​(ai​R)+bi​,满足Pi^=xiG\hat{P_i}=x_iGPi​^​=xi​G,因为BViBV_iBVi​拥有自己的私钥(ai,bi)(a_i,b_i)(ai​,bi​)

3 实验结果

3.1 CAG在Contract-based authorization阶段时间开销和LAG在Anonymous service and receipt阶段时间开销比较

[Blockchain-5]BBARS: Blockchain-Based Anonymous Rewarding Scheme for V2G Networks

3.2 CAG在Reward from CAG阶段时间开销(不同J\mathbb{J}J)

[Blockchain-5]BBARS: Blockchain-Based Anonymous Rewarding Scheme for V2G Networks

3.3 CAG在Reward from CAG阶段时间开销(不同I\mathbb{I}I)

[Blockchain-5]BBARS: Blockchain-Based Anonymous Rewarding Scheme for V2G Networks

3.4 区块链在Verification and Gain阶段时间开销

[Blockchain-5]BBARS: Blockchain-Based Anonymous Rewarding Scheme for V2G Networks

上一篇:Windows为微软拼音导入双拼方案


下一篇:Managing Heap Memory