VC-MAKA: Mutual Authentication and Key Agreement Protocol Based on Verifiable Commitment for Internet of Vehicles

The Internet of Vehicles (IoV) is a specific instance of the Internet of Things (IoT) in the transportation field, driven by application requirements, such as intelligent traffic services and automatic vehicle control, can improve road safety and enhancing transmission efficiency. However, highly open networks tend to bring more security threats, and secure authentication becomes an important guarantee for reliable communication. Traditional IoT authentication and key agreement methods are costly, inefficient, and rely on the third-party trusted institutions, making them unsuitable for direct application in IoV systems. To meet the security authentication needs of IoV, and improve authentication efficiency and anonymity, this article proposes a verifiable commitment-based mutual authentication and key agreement protocol, called mutual authentication and key agreement protocol based on verifiable commitment (VC-MAKA). In VC-MAKA, we construct a verifiable commitment scheme where the verifier can verify the committed secret. Furthermore, based on this verifiable commitment scheme, we implement secure authentication and session key agreement, allowing vehicles to freely negotiate secure session keys and achieving conditional anonymous protection. Additionally, the proposed VC-MAKA also achieves rapid session key updates, enhancing the security of the session keys. We have conducted formal and informal security analysis, and the results show that VC-MAKA meets security requirements, such as mutual authentication, anonymity, traceability, and untraceability. Moreover, we have used the ProVerif tool for security experiment and performance comparison analysis, and the results indicate that compared to other schemes, the VC-MAKA protocol offers higher security and better efficiency.