Secure Automated Valet Parking: A Privacy-Preserving Reservation Scheme for Autonomous Vehicles

It is believed that automated valet parking (AVP) system has great potential to mitigate the parking headache for the future smart city, as it can provide on-demand parking services, bringing immense benefits from energy saving for vehicles to time saving for drivers. For an AVP system, parking reservation is an indispensable part so that vehicles can accomplish automated parking in accordance with the reserved parking information. However, the reservation requests may not only reveal the driver identity, but also disclose higher sensitive locations, e.g., the most visited places, which are of great concerns to users. To deal with this challenge, the anonymous techniques can be naturally applied during parking reservation, but directly applying the anonymous techniques in AVP will introduce a new security issue, i.e., the anonymous user may maliciously crash the AVP system by repetitively sending the reservation requests, which is called "double-reservation attack." In this paper, we propose a new privacy-preserving reservation scheme for securing AVP system. Specifically, each anonymous user must have only one valid reservation token at any moment, and the token can only be used for hooking one vacant parking space once. The proposed scheme does not only preserve the user's identity privacy and location privacy but also prevents the "double-reservation attack" based on several elegant building blocks, i.e., zero-knowledge proofs of knowledge and proxy resignature. Detailed security analysis confirms the security properties of our proposed scheme. In addition, extensive simulations are conducted to compare our proposed scheme with three previous schemes, and the experiment results demonstrate that our scheme is also much efficient in a WiFi-based testbed.