IEEE INTERNET OF THINGS JOURNAL, VOL. 6, NO. 2, APRIL 2019 3775
BLA: Blockchain-Assisted Lightweight Anonymous
Authentication for Distributed Vehicular
Fog Services
Yingying Yao, Xiaolin Chang , Member, IEEE, Jelena Miši
´
c , Fellow, IEEE,
Vojislav B. Miši
´
c
, Senior Member, IEEE, and Lin Li
Abstract—As modern vehicles and distributed fog services
advance apace, vehicular fog services (VFSs) are being expected
to span across multiple geo-distributed datacenters, which
inevitably leads to cross-datacenter authentication. Traditional
cross-datacenter authentication models are not suitable for
the scenario of high-speed moving vehicles accessing VFS,
because these models either ignored user privacy or ignored
the delay requirement of driving vehicles. This paper pro-
poses a blockchain-assisted lightweight anonymous authentica-
tion (BLA) mechanism for distributed VFS, which is provisioned
to driving vehicles. BLA can achieve the following advantages:
1) realizing a flexible cross-datacenter authentication, in which
a vehicle can decide whether to be reauthenticated or not when
it enters a new vehicular fog datacenter; 2) achieving anonymity,
and granting vehicle users the responsibility of preserving their
privacy; 3) it is lightweight by achieving noninteractivity between
vehicles and service managers (SMs), and eliminating the com-
munication between SMs in the authentication process, which
significantly reduces the communication delay; and 4) resisting
the attack that the database governed by one center is tampered
with. BLA achieves these advantages by effectively combining
modern cryptographical technology and blockchain technology.
These security features are demonstrated by carrying out secu-
rity analysis. Meanwhile, extensive simulations are conducted to
validate the efficiency and practicality of BLA.
Index Terms—Anonymous, blockchain, cross-datacenter
authentication, noninteractive, vehicular fog services (VFSs).
I. INTRODUCTION
A
VEHICULAR ad hoc network (VANET) is a subset
of a mobile ad hoc network (MANET) which consists
of mobile vehicles and roadside units (RSUs). Each vehicle
Manuscript received September 3, 2018; revised December 16, 2018;
accepted December 25, 2018. Date of publication January 9, 2019; date of
current version May 8, 2019. The work of Y. Yao was supported in part by
the China Scholarship Council and in part by the National Natural Science
Foundation of China under Grant 2018YJS023. The work of X. Chang was
supported by the National Natural Science Foundation of China under Grant
U183610024, Grant 61572066, and Grant 61502486. The work of J. Miši
´
cand
V. B . M i š i
´
c was supported by the National Science and Engineering Research
Council of Canada through AQ1 Discovery Grants. (Corresponding author:
Xiaolin Chang.)
Y. Yao, X. Chang, and L. Li are with the Beijing Key Laboratory of
Security and Privacy in Intelligent Transportation, Beijing Jiaotong University,
Beijing 100044, China (e-mail: 17112100@bjtu.edu.cn; xlchang@bjtu.edu.cn;
lilin@bjtu.edu.cn).
J. Miši
´
candV.B.Miši
´
c are with the Department of Computer
Science, Ryerson University, Toronto, ON M5B 2K3, Canada (e-mail:
jmisic@ryerson.ca; vmisic@ryerson.ca).
Digital Object Identifier 10.1109/JIOT.2019.2892009
is equipped with an on-board unit (OBU) and a group of
sensors. VANETs have been depending primarily on cloud
computing services for communication, computing, and stor-
age facilities [1]. The tremendous rise in the number of
connected vehicles and their ever-increasing mobility cre-
ate the demand for low latency and uninterrupted services.
Meeting the quality of service of users is an important chal-
lenge to vehicular cloud computing services that integrates
cloud computing with VANETs [2]. Therefore, vehicular fog
computing (VFC) [3] was proposed to overcome the chal-
lenges of efficient communication and computation with the
emergence of latest and advanced vehicular applications [4].
VFC is considered as one of the most potential techniques to
be highly beneficial for latency-sensitive applications which
is ideal for high-speed moving vehicles. Thus, there are
more and more attentions to the security and performance
of vehicular fog services (VFSs) during its applications and
popularizations.
There are several basic security and performance require-
ments of VFS, including authentication and privacy of vehi-
cles’ identities as well as real-time constraints and so on [5].
On one hand, each vehicle accessing VFS must be authenti-
cated for subsequent authorization decisions. Meanwhile, the
identity of a vehicle cannot be disclosed during the authentica-
tion process in order to ensure the privacy of vehicle users [6].
On the other hand, to accommodate the rapid movement of
vehicles, the authentication is required to be lightweight.
Various anonymous authentication mechanisms have been
proposed [7] for vehicle user privacy. They applied sym-
metric cryptography, public key infrastructure, identity-based
signature, certificateless signature, or group signature. All of
them relied on an administration center which created pre-
set trust relationship with vehicles. But the relationship can
fail when a vehicle moves to a new datacenter. To address
this problem, researchers explored cross-datacenter authentica-
tion. The existing cross-datacenter/cross-region/cross-domain
mechanisms [14]–[24] required multiple interactions among
OBUs, RSUs, and trusted authority, causing high communi-
cation delays. Furthermore, their databases are managed by
a single manager in these mechanisms, which cannot resist the
attack which the database governed by one center is tampered
with.
Recently, blockchain technology is attracting massive atten-
tion in both academia and industry [8]. A blockchain is
2327-4662
c
2019 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission.
See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.