Introduction

Relevant introduction

To meet the demands of intelligent transportation applications [1], data querying in vehicular ad hoc networks (VANET) aims to efficiently, reliably, and promptly retrieve data with strong spatio-temporal correlation from a dynamic distributed network of high-speed moving, resource-constrained vehicles and roadside facilities [2,3]. Abdelatif S et al. [4] proposed a traffic information system architecture based on VANET, and it included fundamental features such as information dissemination, inquiry, and collection. At this point, the majority of research focuses on how to use simple query data in a setting where fast-moving automobiles are present. A VANET-based highway traffic safety information query system is described by Xu et al. [5]. It implements an early and more comprehensive query method by broadcasting query requests and reverse forwarding results between cars. However, in complicated settings where sensitive data, such as vehicle IDs and driving trajectories, are transferred in clear text during the querying process [6] and are traceable, these approaches offer minimal security and privacy protection. Thus, VANETs must develop data query algorithms that meet stringent privacy protection criteria. However, there are still specific difficulties: 1) how to address the issue of data querying security and privacy preservation; 2) how to address the issue of lightweight data querying.

In recent years, researchers have proposed various privacy-preserving enhancements for VANETs. Blockchain technology [7,8] has been introduced to enhance data transparency and tamper-proofness, but its inherent openness and dependence on consensus nodes may bring new risks of privacy leakage. Subsequent studies have enhanced location privacy protection by combining location k-anonymity with steganographic granularity, employing homomorphic encryption [9], and developing secure geographic region authentication schemes that do not require pre-shared keys. Schemes for location-based data aggregation [10,11] have been presented, but multi-domain scenarios are not taken into account. Both using Chinese Remainder Theorem to achieve query privacy protection [12] and adding edge nodes to optimize data indexing have been offered as solutions to the query issues brought on by vast data storage; however, the latter has a considerable communication overhead. Although the combined use of cloud computing and fog computing ensured the sufficiency of computer resources, there is still a significant communication overhead. Early identity-based aggregated signature encryption schemes resolved the issues of secure communication and key escrow. More effective schemes have since been proposed, but they typically rely on expensive bilinear pairing operations, which cause overhead to rise significantly as the number of vehicles increases [13]. The issue of high communication overhead persists despite a recent approach that aims to reduce the amount of bilinear operations [14]. Overall, the ability to balance multidimensional data processing, stringent privacy protection, low overhead, and harmful behavior control is still severely limited by current approaches.

We suggest a novel data querying system intended for use in an in-car network environment, where vehicle users can efficiently query issues like traffic conditions, to overcome the problems above. The primary contributions of this work are as follows:

1. Multidimensional CRT conversion for recognizable quantities: an enhanced CRT technique is put forth for in-vehicle network settings, which captures and identifies the precise number of valid data gathered during the conversion, in addition to effectively converting multidimensional data vectors to large integers for processing.

2. Lightweight mask query scheme (EFDA): this scheme achieves effective fine-grained query matching in the ciphertext domain while rigorously ensuring data confidentiality, integrity, source reliability, and user anonymity. It does this by utilizing mask compression and CRT integration to reduce data redundancy drastically.

3. Effective malicious node control: a binary recursion-based detrimental node tracking technique is put forth, which drastically lowers the localization overhead if verification fails. In the meantime, a reputation incentive system based on user input is intended to recognize, sanction, and remove people who consistently submit dangerous content, while rewarding users who offer accurate information.

The layout of this article is organized as follows. First, “Preparation" introduced the pertinent cryptographic foundations. “System description" described the system model, threat model, and design objectives. Then, “Recognizable number of CRT conversions" proposed a multidimensional CRT transformation method for identifiable quantities. Next, “Efficient fine-grained data query based on lightweight masks (EFDA scheme)" explained the EFDA scheme. “Security analysis" carried out security analysis. “Performance evaluation" focuses on an analysis of computational and communication costs, assessing the efficiency of our proposed scheme. Finally, “Conclusion" presents the conclusion and future work.

Related work

The security challenge for in-vehicle networks [15,16] has once again become a research hotspot in recent years due to the frequent occurrence of security incidents in these networks. Then, this study discusses the method for the privacy protection problem in in-vehicle networks.

Blockchain is a widely used technology in applications for vehicle networks that ensure anonymity. Li et al. [17] proposed a blockchain-based VANET strategy to address the issues of centralization and mutual mistrust among organizations in the existing VANET. The framework demonstrates superiority in maintaining location and identity privacy. Luo et al. [18] proposed a blockchain-based location privacy protection scheme in VANET, which can protect the location privacy of vehicles during the construction of anonymous and hidden areas. Furthermore, Ilyas et al. [19] suggested a blockchain-based privacy preservation system that improves VANET security while resolving authentication’s unobservability, unlinkability, and efficiency.

VANETs have benefited from the growth of cloud computing. Simultaneously, fog computing has received attention. To guarantee the adequacy of computational resources, numerous researchers have integrated fog computing with cloud computing [20–22]. However, issues with latency and real-time monitoring remain. Gu et al. [23] proposed an effective traceable pavement condition monitoring system based on fog and cloud that preserves privacy and significantly reduces bandwidth and computing resources. Then, to address mutual authentication and anonymity and enable accountable privacy, Rana et al. [24] presented an authentication message exchange strategy using fog-assisted vehicle cloud computing (AME-VCC). Later researchers have proposed schemes like [25–27], but they require bilinear pairing operation, which makes this operation more expensive as the number of cars increases.

Zhou et al. [13] proposed an efficient privacy-preserving data querying scheme (EPDQD). This scheme uses Chinese Remainder Theorem technique to achieve privacy-preserving data querying, but it has a significant communication overhead. The integration of lightweight encryption with edge and fog computing techniques [28,29] addresses the conflict between communication overhead and computational efficiency. Wang et al. [30] introduced a cloud-fog tracking and monitoring scheme (CFTM) that leverages a cloud-fog architecture to facilitate road monitoring, data protection, and malicious node tracking via bilinear pairing. However, the high-cost bilinear operation results in a linear increase in computational overhead proportional to the number of vehicles, posing challenges in meeting real-time requirements. Zhao et al. [31] introduced a privacy-preserving aggregated authentication scheme (PPAAS) that employs aggregated signature technology within a cloud-fog environment to enhance the efficiency of bilinear operations and facilitate conditional privacy protection. The decryption phase continues to depend on the collaborative computation of fog nodes and does not address the issue of fine-grained querying of multidimensional data. Elhabob et al. [32] introduced the Efficient Transmission-Identity-Based Encryption with Chinese Remainder Theorem scheme (ET-IBE-CRF), which employs Chinese Remainder Theorem (CRT) to compress the ciphertext for privacy protection in the cloud. However, it is limited to unidimensional aggregation and lacks a lightweight masking mechanism, resulting in communication overhead that is considerably greater than that of EFDA. Hadabi et al. [33] introduced the Proxy Re-encryption-Identity-Based Signed Privacy Computing Engine scheme (PRE-IBSC-PCE), which integrates proxy re-encryption and identity-based signed secrecy for fine-grained access control. However, it depends on the assumption that fog nodes are entirely trustworthy, leading to complex key management and challenges in tracking malicious users. The EFDA scheme introduces a novel approach to privacy-preserving queries, enhancing overall performance in Telematics through the co-design of multidimensional CRT transformations and lightweight masks. This method minimizes overhead while facilitating efficient cross-dimensional data processing and fine-grained querying. Table 1 provides a detailed comparison of various schemes.

[Figure omitted. See PDF.]

Preparation

Principle of the ECDSA algorithm

The additive cyclic group E(G_p), the one-way hash function H₁, and the generator G with a large prime order τ are the public parameters of the Elliptic Curve Digital Signature Algorithm (ECDSA). ECDSA consists of three parts:

1) : Randomly choose a number as the private key , then calculate pE = z ⋅ as the public key, and finally output the key pair (z,pE).

2) : Take the private key and the message m as input and choose a random number , then use the hash function to compute ⋅ G, and finally  +  , where . Output signature .

3) : Take signature σ, message m and public key pE as input. Then calculate e = H₁(m), and . Moreover, calculate . If , reject the signature σ and output false, otherwise accept the signature σ and output true.

Chinese remainder theorem

Suppose there are l pairs of large prime numbers and l integers . There exists a unique integer solution x satisfying , where , can be computed by the following formula x:

(1)

Among them are , and .

CRT also has the following computational properties and can protect data security, assuming that there are two sets of data and :

1) Additivity:

(2)

2) Multiplicability:

(3)

Discrete Logarithm Problem (DLP)

Suppose G is a cyclic group of order prime p with generator g and f is an element in G.

(4)

If the above equation holds, and given a randomized f,, it is difficult for an adversary to compute the value of x in probabilistic polynomial time.

System description

This section describes the various entities within the system, outlining the threat model and design objectives.

System model

Fig 1 shows that the system model of this paper is shown. This paper consists of the User’s Car (UC_kj), Query Vehicle (UC_q), Roadside Unit (RSU), Cloud servers (CS) and Credible institutions (CI) respectively.

[Figure omitted. See PDF.]

UC_kj: This entity is the most numerous entity on the road. It is used for the collection of the surrounding situation, providing richer data content for the cloud and facilitating the query of others. It is also important for privacy protection.

UC_q: Similar to UC_kj, it acts as a consumer who, in order to be informed in advance of issues such as traffic ahead on the road, will initiate a query request to a cloud server as a way of obtaining the data uploaded by UC_kj and scoring the authenticity of the content.

RSU: He is a node in the middle between the vehicle and the CS, which can help the CS to reduce the computational burden. It appears in large numbers in the vehicle network environment. It also has functions such as tracking malicious users in this paper.

CS: Cloud servers have enormous arithmetic power and are an important part of the system, not only for storing large amounts of data, but also for monitoring the system for threatening situations. The cloud server decrypts the received ciphertext and will match the relevant data for UC_q.

CI: This is a similar official, fully trusted entity. It generates the various parameters in the algorithm for the system and sends them to the entities through a secure channel.

Programmatic flow

This solution can be subdivided into two parts: data upload and data query, and the flowcharts of the two parts are shown in Fig 2 and Fig 3. The vehicle initiates a query to the cloud server, which first needs to collect data. The vehicle that collects the data first encrypts the data and generates a signature, and then sends it to the RSU in its region; the RSU, after successfully verifying the signature, aggregates all the ciphertexts it receives into a single message and generates a signature for the message, and then sends it to RSU_a to do the final aggregation operation; RSU_a receives the ciphertexts and verifies the signatures in bulk, and then aggregates all the messages into a total ciphertext and generates a signature for uploading to the cloud server after the signature verification is completed; the cloud server decrypts the ciphertexts after the signature verification is completed. Currently, the cloud server matches the corresponding results concerning the received query and returns them to the querying vehicle.

[Figure omitted. See PDF.]

[Figure omitted. See PDF.]

Threat modeling

Polynomial time refers to the computational complexity of an algorithm where the time required to complete the task is expressed as a polynomial function of the size of the input. Specifically, if an algorithm runs in polynomial time, its running time can be represented as O(n^k), where n is the size of the input and k is a constant. This attacker : Manages a partially semi-honest entity (RSU/CS) that complies with the protocol while attempting to deduce private information. Possesses access to internal protocol messages but lacks access to the private keys of other entities; engages in active attacks on the communication channel and can access arbitrary messages transmitted within the channel, modify or inject forged messages, and replay historically valid messages.

This section presents six security models derived from the scenario of probabilistic interaction between attacker and challenger C within polynomial time: Reliable Source Security Model, Data integrity security model, Privacy preserving security model,Query phase security model,Resisting replay attacks security model and Resistance to Man-in-the-Middle attacks security model. The security boundaries are established through adversarial rules and the challenge game. If attacker exhibits a negligible probability of success in polynomial time across each model, the scenario possesses the corresponding security properties.

Game 1: Reliable Source Security Model

Participants: challenger C, attacker .

Initialization: C runs the system initialization, generates the pseudonym PID_kj for user UC_kj, and the corresponding timestamp t_kj and feature mask Mask_kj.

Query Phase: can adaptively query to obtain the message tag MT_kj and feature mask Mask_kj of user UC_kj.

Challenge Phase: submits the message label of the target collection object; C generates the legitimate feature identifier .

Attack phase: outputs the forged feature identifier , and if , then wins.

The probability of attacker successfully challenging is defined as:

If the probability of attacker winning the challenge within this polynomial time is negligible, then the scheme satisfies the attribute set commitment verification security property.

Game 2: Data integrity security modeling

Participants: challenger C, attacker .

Initialization: C runs system initialization, generates a homomorphic encryption key ( ) and ECDSA key pair, user pseudonym and RSU key ( ), discloses the system parameters and public key ( ), keeps the private key ( ) and the identity of the user UC.

Query phase: can adaptively query to obtain the legal ciphertext of the message , the user’s signature of the message , the complete packet .

Challenge phase: submits the target message m^* ; C generates the legitimate ciphertext , signature , and outputs .

Attack phase: outputs the tampered result . If ECDSA. Verify , then wins.

The probability that attacker succeeds in the challenge is defined as:

If the likelihood of attacker succeeding in the challenge in polynomial time is small, then the scheme satisfies the attribute set commitment verification security.

Game 3: Privacy preserving security model

Participants: challenger C, attacker .

Initialization: C generates the system parameters; C creates two sets of users,UC₀ and UC₁ with their pseudonyms P₀ and P₁ and feature identifiers T₀ and T₁.

Query phase: can query to obtain the encrypted data of user UC, and get the feature identifier and the dissimilarity value of the mask .

Challenge phase: submits two equal-length messages m₀ and m₁; C randomly selects , obtains the encrypted data c_b and generates the feature identifier T_b.

Attack phase: outputs the guess , if , then wins.

The probability that attacker succeeds in the challenge is defined as:

If the probability that attacker wins the challenge in this polynomial time is negligible, then the scheme satisfies the attribute set commitment verification security.

Game 4: Query phase security model

Participants: Challenger C, Attacker

Initialization: C runs system initialization, generates user UC_q’s key sE_q, pseudonym PID_q, and message tag CID.

Query phase: can adaptively query query requests q_u and signatures , generating query messages .

Challenge phase: submits query request , C generates the result to be returned to UC_q, encrypts it to obtain , and simultaneously generates the signature , outputting the result .

Attack phase: outputs the tampered result . If ECDSA. Verify , then wins.

The probability that attacker succeeds in the challenge is defined as:

If the probability that attacker wins the challenge in this polynomial time is negligible, then the scheme satisfies the attribute set commitment verification security.

Game 5: Resisting replay attacks security model

Participants: Challenger , Adversary

Initialization: runs system initialization, generating keys, pseudonyms, and timestamps for all entities. provides public parameters to and allows to observe previous communication records.

Query Phase: can intercept and record any message transmitted in previous rounds. can query for the signature of any message under the current or past timestamp.

Challenge phase: selects a previously recorded message M (with timestamp t ) and attempts to replay it as a new message to .

Attack phase: sends M to . verifies the freshness of the signature and timestamp. If accepts M , then wins the game.

Adversary Advantage:

If is negligible at security parameter λ, then the scheme is resistant to replay attacks.

Game 6: Resistance to Man-in-the-Middle attacks security model

Participants: Challenger , adversary

Initialization: initializes the system and provides with the public key and parameters. controls the communication channel between and another honest entity (e.g., RSU or UC).

Query phase: can intercept, modify, or inject messages between and the honest entity. can query for the signature of any message.

Challenge phase: forges a message and attempts to pass it off as a message from the honest entity to .

Attack phase: sends to . verifies the signature using the claimed sender’s public key. If accepts , then wins the game.

Adversary advantage:

If is negligible, the scheme is resistant to man-in-the-middle attacks.

Design objectives

Data confidentiality: Throughtout the process, the data is secured by homomorphic encryption algorithms and no other entity can recover the plaintext from the ciphertext except the CS, which can decrypt the data.

Data integrity and reliability: The delivered ciphertext is coupled with a signature algorithm so that the receiver can verify the source of the data and ensure the reliability of the source. Due to the nature of the signature algorithm in this paper, the ciphertext will not be verified successfully if it is incomplete.

Identity privacy: Since the anonymity of the vehicle user in the system is generated for the CI, a fully trusted entity, only the CI should be able to know the user’s identity and the user acts anonymously in the system.

Resistance to threat attacks: In the system, the scheme guarantees immunity from both threats from internal entities and external adversaries.

Recognizable number of CRT conversions

Objectives and core ideas

In in-vehicle network data collection, the data collected by vehicles are usually multidimensional vectors, and it is inefficient to process multiple dimensions directly. This chapter proposes an improved CRT transformation method for efficient integration: the multidimensional data vector is converted into a single large integer M_kj. First of all, use CRT to count and record whether each dimension has collected valid data to get the "quantity" information, then use CRT to compress the multidimensional data vector into a large integer M_kj, which is convenient for the subsequent homomorphic encryption and aggregation, and then the cloud gets the large integer after aggregation, and then use CRT to invert the original multidimensional vector and the number of valid data.To comprehend the process, Table 2 lists the relevant annotations.

[Figure omitted. See PDF.]

CI computes A, A_i and , as follows:

(5)

Data collection state identification (Algorithm 1)

Algorithm 1 Results of data collection.

1: input: Multidimensional data vector

2: output: and Integer F_kj

3: for do

4:   for do

5:    if then

6:    

7:    else

8:    

9:    end if

10:   end for

11: end for

12:

13: return F_kj

Set the vector , where and are defined. Also, define F_kj to indicate whether the data collection is successful or not, and to indicate whether the data collection is successful or not for each dimension. As shown in Algorithm 1.

1) If , then , indicates that the data collection in the i dimension fails.

2) If , then , indicating that the data of dimension i is successfully collected.

From this, the exact amount of multidimensional data is .

Multidimensional vector to large integer conversion (Algorithm 2)

Input a multidimensional vector and modulo inverse coefficients , operate on each dimension of the multifaceted vector with the corresponding modulo inverse coefficients , and then aggregate the encrypted multidimensional vector data to get the large integer M_kj. For more information, see S1 Appendix.

Algorithm 2 Multidimensional data vectors are constructed as large integers.

1: input: Multidimensional data vector

  and

2: output: Large integer M_kj

3: for do

4:   for i = 1 to l do

5:   

6:   end for

7: end for

8:

9: return M_kj

Conversion of large integers to multidimensional vectors (Algorithm 3)

Input the obtained large integer M_kj and the large prime previously given by CI.The large integer pairs are modulo the prime numbers to get the original input vector . For more information, see S1 Appendix.

Algorithm 3 : Large integers are constructed as multidimensional data vectors.

1: input: Large integer M_kj and

2: output: Multidimensional data vector

  and

3: for i = 1 to l do

4:  

5: end for

6: return Multidimensional data vector

  and

Efficient fine-grained data query based on lightweight masks (EFDA scheme)

To comprehend the scheme’s procedure, notations throughout this section are presented in Table 3.

[Figure omitted. See PDF.]

This section outlines the particulars of an efficient fine-grained data query scheme utilizing lightweight masks. Initially,conduct data collection, encompassing system initialization, the data collection phase utilizing the Paillier encryption algorithm within the framework of homomorphic encryption, the data aggregation phase, and the data reading phase, as illustrated in Fig 4. Upon completion of data collection, users may query based on their requirements, as illustrated in Fig 5. This paper proposes a tracking method and measures for error messages that may arise during the entire phase due to malicious attacks, harmful users, and other hazardous factors.

[Figure omitted. See PDF.]

[Figure omitted. See PDF.]

System initialization

Given a security parameter γ and a dimension l. The CI generates parameters for homomorphic encryption and ECDSA signatures. The CI randomly selects two large prime numbers p and q, computes N = pq and − − , and defines a function − where . Then it chooses a generator and computes , where r is a random number and . At the same time, the CI generates the public parameters of the ECDSA signature and a single hash function ,.

1) For CS, the CI generates the public key and the private key for the homomorphic encryption algorithm; in addition, it generates the public key pE = z ⋅ G and the private key sE = z for the ECDSA signature, where , and sends (sk,sE) to the CS through a secure channel.

2) For the RSU, the CI generates the ECDSA public key and private key , where , and the identity tag RID_k for RSU_k,then sends to RSU_k through a secure channel.

3) For UC, the CI generates the key pair for the homomorphic encryption algorithm, the key pair for ECDSA, and the pseudonym PID_kj for UC_kj, where , , ⋅ G and . Finally, the CI sends to UC_kj and PID_kj through a secure channel to the RSU for storage (which is equivalent to the UC registering the information with the RSU).

In addition, RSU randomly generates a feature mask that indicates the location of the area and encrypts it to send to, noting that this mask is lightweight.

Data collection phase

1) Vehicle UC_kj collects multidimensional data on its surroundings and itself, and converts these vectors to large integers, i.e., , according to Theorem 1,to facilitate the computation.

2) UC_kj selects a random number , where gcd(r_kj,N) = 1. Then, use the public key of CS to encrypt the data M_kj as , and specifically calculate . To reduce the computation overhead and communication overhead, set g = N  +  1 according to the Paillier cryptographic algorithm, and rewrite the ciphertext C_kj based on the rules of (1 + N)^m = (1  +  mN)modN²:

(6)

3) UC_kj computes the feature identifier and obtains by mask permutation.

4) UC_kj performs the ECDSA signature algorithm ESIG():

(7)

Where t_kj is the timestamp and is the message, finally, UC_kj sends the data to the RSU.

Data aggregation phase

After RSU_k receives the data from UC_kj, it first checks the validity of its timestamp and verifies the signature by executing the verification algorithm . After successful verification,RSU_k will aggregate the received data into a new ciphertext Data_k. After completes the aggregation of ciphertexts in all regions, it is uniformly sent to the aggregation node RSU_a at the RSU side, where , and RSU_a will aggregate all ciphertexts into the final ciphertext Data and pass it to the CS for the next operation.

1) In order to obtain the message and the corresponding feature identifier of the collection object , RSU_k decodes MT_kj:

(8)

Then, RSU_k can match the message with a specific identity with each other, which can give accurate results when the user queries and indicate the authenticity of the source.

2) After obtaining , the received ciphertext can be calculated to get C_kj and then verified. Firstly, RSU_k verifies the signature using the verification algorithm (in order to save the overhead, batch verification is used).

(9)

After successful verification,then accept the ciphertext.

3) Next, RSU_k aggregates the data Data_kj into Data_k:

(10)

Then RSU_k executes the ESIG() algorithm to generate a signature for Data_k.

(11)

Finally, RSU_k sends to RSU_a.

4) Based on the assumption that RSU_a is a trusted and secure entity, to minimize the burden on the CS, RSU_a aggregates the messages from RSU_k. First, check the timestamp of t_k in real time, and then execute the algorithm for verification.

(12)

On success, generate the final aggregated ciphertext Data

(13)

And execute ESIG() to generate signature σ

(14)

Finally, send to CS.

Data reading phase

When CS receives , it first checks whether t_a is valid or not, and then executes algorithm to verify whether is valid or not. If it is valid,it accepts the polymerized ciphertext and proceeds to the next step; otherwise, it rejects it.

CS executes the PDec(Data,sk) algorithm to get the plaintext M as follows:

(15)

Finally, through Theorem 2, the large integers are reduced to the multidimensional data vector , which can be obtained as .

Data query

Vehicles in the in-vehicle network can initiate queries to the CS to avoid problems such as upcoming accidents or traffic jams etc. The CS quickly matches the results of the questions within the server to the vehicles in response to the queries from the vehicles and returns them to the vehicles.

1) The user initiates a query request to the CS, and firstly UC_q computes the signature :

(16)

Then the query message is sent to the CS.

2) CS receives the query message from UC_q and performs to verify of it

(17)

After passing verification, CS matches the result with the content of q_u. At the same time, CS obtains the corresponding flag MT_kj from RSU_k, and finally gets the result , which is to be returned to UC_q, and encrypts it to get , and generates the signature at the same time.

(18)

3) CS sends back to UC_q and decrypts the ciphertext to get the required plaintext , which is , after UC_q checks t and verifies that is valid.

Tracking and measures against error messages

In vehicle-mounted network systems, the phases of data collection and query are susceptible to threats from malicious nodes or users who may intentionally alter or provide misleading information. Moreover, unstable network environments, such as those characterized by packet loss and interference, can result in signature verification failures and the occurrence of false positives. This section proposes a comprehensive approach to address these challenges, incorporating accurate tracking and reputation incentives.

1) Malicious user tracking: UC_kj sends a message Data_kj to RSU_k at regular intervals, and RSU_k performs BatchVerify on the n messages it receives as a way to ensure the validity of the data and prevent it from being affected by tampered data. When the verification fails, RSU_k launches an efficient binary recursive tracking and localization algorithm to detect the source of the error and find the illegal user. As shown in Algorithm 4.

RSU_k categorizes j vehicle users into two groups, S1 and S2, with each group consisting of j/2 users. Threshold determination and secondary validation are essential mechanisms for differentiating between accidental errors and genuine malicious attacks. Upon narrowing the problem to a subset containing a single message, the algorithm does not directly conclude that the user is malicious; instead, it conducts rigorous individual verification of that message.This method can reduce the cost of finding error messages from 2[j/2] to [j/2]  +  1 times. Then the message is judged by the verification algorithm:

(19)

If the validation fails, then there is at least one error message in the group; otherwise, the error message is in the group:

(20)

Algorithm 4 Malicious user tracking with false positive mitigation.

Input: A set of messages ‘S’ (size ‘n’) from users, Verification algorithm ‘Verify’, Threshold ‘T’ (e.g., T=1 for strict, T=2 for tolerant), User Reputation Scores ‘Rep’ (optional for context).

Output: Identified erroneous message(s) or Suspicious user(s), or indication of potential transient error.

if execute BatchVerify(S) == true then

  return No error detected

else

  split S into two approximately equal subsets S1 and S2.

  if execute BatchVerify(S1) == false then

   if == 1 then

    if Verify(message in S1) == false then

     return Identified erroneous message and its sender

      UC_suspect.

     Invoke Reputation Penalty for UC_suspect (See Algorithm 5).

    else

     return Potential transient error or verification anomaly

      in subset. Flagged for monitoring

    end if

   else

    Recursively call Algorithm 4 with Input S1.

   end if

  else

   if == 1 then

    if Verify(message in S2) == false then

     return Identified erroneous message and its sender

      UC_suspect.

     Invoke Reputation Penalty for UC_suspect (See Algorithm 5).

    else

     return Potential transient error or verification anomaly

      in subset. Flagged for monitoring

    end if

   else

    Recursively call Algorithm 4 with Input S2.

   end if

  end if

end if

Individual validation passes suggest that the initial bulk validation failure could have resulted from a transient network issue or a flaw in the validation logic triggered by a specific combination of benign messages, indicating a false alarm. The system records this event and may opt to attempt a retry later, but does not impose any penalties on the user.

Failure of individual authentication: This indicates that the message is invalid. At this juncture, it is established that either malicious behavior or a node failure has occurred, resulting in the logging of the error and the activation of the reputation penalty mechanism for the user.

The algorithm addresses subset validation failures with multiple messages by recursively splitting and validating, thereby reducing the problem size by half to identify the smallest suspicious group containing the erroneous message. The reduction of reputation value occurs solely upon the confirmation of a malicious message. This mitigates potential harm to a user’s reputation resulting from false positives attributed to network problems. Identifying and tracking instances where individual validations succeed but result in batch failures facilitates subsequent analysis of the system for possible boundary issues or targeted enhancements of the validation algorithm.

2) Measures against malicious messages: the user UC_q acknowledges the queried message , and if the message reaches the user’s satisfaction, it affirms the message and returns to the CS an affirmation value PR_kj against the source of the message. The user sends to the CS. Similarly, if the message does not match, a negative value DE_kj is returned, and the user sends to the CS. As shown in Algorithm 5.

Algorithm 5 Measures against malicious messages.

Input: Positive values PR_kj, negative values DE_kj and feature identifiers .

Output: Incentives and removals.

for each feedback message (containing , Score

  ) do

  Identify the corresponding UC_j using

  Update the reputation of UC_j: REP_j = REP_j + Score

end for

for each UC_j do

  if then

   Grant incentive

  else if then

   Remove UC_j from system and notify network

  else if UC_j was flagged by Algorithm 4 (but individual verify

   passed) then

   Increase monitoring level for UC_j for period T_monitor

   Optionally: Apply a small, temporary reputation penalty

  end if

end for

return (Incentives granted, Users removed, Users under monitoring)

After the CS receives an evaluation from a user, it accumulates a score based on MT_kj against the corresponding UC_kj. After PR_kj reaching a particular threshold value δ, the system grants a specific incentive to the vehicle user; DE_kj also sets a threshold value, if DE_kj reaches the threshold value, the corresponding vehicle user is removed from the system, and the message is announced in the system.

For users UC_kj designated as “suspicious” by Algorithm 4, the system implements enhanced precautions: it intensifies monitoring and applies stricter oversight (e.g., by increasing the sampling rate) of the user’s subsequent messages for a specified duration to determine if the anomaly recurs. A secondary measure involves an optional temporary minor penalty, which allows for a minor and temporary reduction in reputation, considering that the tracking process requires resources and entails risk. This indicates the cost of the incident, albeit to a significantly lesser degree than the penalty associated with confirming malicious behavior. The penalty may be rescinded upon conclusion of the monitoring period, provided there are no issues identified. This approach balances the response to potential risks with fairness towards infrequent errant users.

Security analysis

This section presents six security models derived from the scenario of probabilistic interaction between attacker and challenger C within polynomial time: Reliable Source Security Model, Data integrity security model, Privacy preserving security model,Query phase security model,Resisting replay attacks security model and Resistance to Man-in-the-Middle attacks security model. The security boundaries are established through adversarial rules and the challenge game. If attacker exhibits a negligible probability of success in polynomial time across each model, the scenario possesses the corresponding security properties.

Source reliability

Game 1: Reliable Source Security Model

Participants: challenger C, attacker .

Initialization: C runs the system initialization, generates the pseudonym PID_kj for user UC_kj, and the corresponding timestamp t_kj and feature mask Mask_kj.

Query Phase: can adaptively query to obtain the message tag MT_kj and feature mask Mask_kj of user UC_kj.

Challenge Phase: submits the message label of the target collection object; C generates the legitimate feature identifier .

Attack phase: outputs the forged feature identifier , and if , then wins.

The probability of attacker successfully challenging is defined as:

Analysis: If attacker successfully forges with non-negligible probability in polynomial time, then the system has a vulnerability in terms of reliable source verification. However, since Mask_kj is randomly generated and confidential, and depends on the one-way property of the hash function, the attacker cannot obtain Mask_kj or break the hash function.

Data integrity

In this system, because of the homomorphic encryption used, in general, the ciphertext reduction does not change the plaintext. A signature accompanies the delivery of the ciphertext, and the source’s signature needs to be verified during the interaction process to ensure the reliability of the source. In this paper, we use ECDSA signatures that have been proven to be secure in [34]. In the data collection phase, signatures are generated by the user, RSU_k, and RSU_a during the user to RSU_k, RSU_k to RSU_a, and RSU_a to CS processes, respectively. In the data query phase, the signature is generated by the user and CS in the user to CS and CS to user processes, respectively. An example is given next using the user to the RSU_k process:

UC_kj send to RSU_k containing the timestamp t_kj and the signature . RSU_k checks the received timestamp and then verifies the signature.

(21)

The signature contains the ciphertext and other related information; if the ciphertext is incomplete, it will lead to verification failure.

(22)

If the ciphertext is incomplete, the system will trace the operation. If the verification is successful, it means that the information received is complete and unchanged and the source is also reliable.

Privacy protection

1) Insider entity threat: In the system, RSU_k, RSU_a and CS are semi-honest entities who will be interested in the privacy of the source.In this scheme the user operates anonymously throughout. Even though RSU preserved the pseudonym PID_kj, the semi-honest entities can not obtain the user’s real identity due to the nature of one-way hashing and the reliability of CI. For the feature identifier , RSUs also cannot get the user identity through it. On the rewards and punishments against the collected data, both the querying user and the CS operate on the identity of PID_kj without knowing the true identity of the source. If there is a malicious message or if the system needs to be cleared out, the CS will collaborate with the CI because the illegal user does not need to be protected.

2) External adversary threat: During the three processes from user to RSU_k, RSU_k to RSU_a and RSU_a to CS, an external adversary will try to intercept, eavesdrop, or tamper with the information in transit. The homomorphic encryption algorithm used in this paper shows that it’s semantically secure against chosen plaintext attacks in [35].

In the process of user to RSU_k, the adversary wants to restore the plaintext via. Firstly, needs to find the specific ciphertext C_kj, but due to the existence of a mask, the ciphertext becomes C_kj  +  , so needs to obtain .

(23)

If wants to get , needs to know Mask_kj, but Mask_kj is hard to get.

In the process of RSU_k to RSU_a and RSU_a to CS, the adversary wants to recover and via Data_k and Data, then adversary needs to decrypt PDec(Data_k) and PDec(Data) in a probabilistic polynomial time. Because of the homomorphic encryption Paillier’s rule, it is necessary to obtain the private key of the algorithm . Because CI is entirely trustworthy, the adversary cannot get the key from CI. So the adversary cannot recover and from Data_k and Data.

Security in the query phase

Since the querying vehicle is operating in an anonymized form just like the vehicle collecting the data, neither the internal entity nor the external adversary can know the specific private information. After the querying vehicle receives the encrypted data returned from the CS, it verifies the signature according to the rules to prevent risks such as data tampering. Even if gets the ciphertext M_q, it cannot recover the data from it because it needs to know the user’s private key in advance, which is difficult within a PPT. That is, given

(24)

It is difficult for an adversary to solve for the value of x in probabilistic polynomial time. After the vehicle returns the feedback information to the CS, the CS also calculates according to the feature MT_kj. Even if gets MT_kj, it can not recover because Mask_kj is only known to the vehicle and the RSU that collects the data, and it is difficult for to obtain it, which also ensures the privacy of the collecting vehicle.

The query request Query = Enc(pk_cs,Q) satisfies IND-CPA, and the response ciphertext C_resp is kept confidential under Paillier. User feedback (PID,Score), in which PID is a pseudonym, satisfies untraceability.

Prevention of potential attacks

1) Resistance to replay attacks: When a vehicle performs continuous data operations in the same domain, the content of the request verification signature is different each time it sends a request, so it will resist replay attacks. And each time the vehicle performs signature generation, it needs to update the timestamp t_kj, which ensures the unpredictability of the update process. The subsequent verification process ensures the freshness of the authentication process because the update of t_kj will cause the previous signature value not to be verified correctly.Therefore, the EFDA protocol is resistant to the replay attacks described above.

2) Resistance to man-in-the-middle attacks: In an open channel, it is possible for an attacker to establish independent associations with the vehicle and the RSU, inducing each other to exchange messages. However, since the attacker cannot get the private key of the vehicle, he cannot forge the correct signature and thus cannot pass the verification. So, the EFDA protocol is able to resist the above mentioned man-in-the-middle attack.

Proof: assumption that the intermediary forged the signature :

(25)

After the forged signature is generated, the middleman sends to the RSU, which performs the verification algorithm EVER(). However, the signature is forged at this point, and the verification algorithm is as follows:

(26)

Then calculate e = H₁(m), and .

Next, we can compute and .

At this time, according to the signature verification algorithm judgement , so reject the signature, in other words, the man-in-the-middle attack failed.

Performance evaluation

This section compares and evaluates the performance of the data collection phase and the data query phase of the proposed scheme. The CFTM scheme [30] and the PPAAS scheme [31] have been selected for comparison. We demonstrate that the proposed EFDA scheme is lightweight and appropriate for the vehicle-mounted network environment. This paper presents experiments conducted on a laptop equipped with an Intel Core i7-5500U CPU at 2.40GHz and 12GB of RAM. The experiments utilize a virtual machine running Ubuntu 18.04, employing bilinearly paired cryptographic libraries (PBCs) and GNU multi-precision algorithms (GMPs), with the programming implemented in C language. Subsequently, we will examine the aspects of communication overhead and computation overhead. Table 4 shows the communication operations cost.

[Figure omitted. See PDF.]

Communication overhead

This subsection evaluates the communication overhead of the three schemes: CFTM, PPAAS, and EFDA, focusing on the encryption and decryption stages, respectively. To ensure an equitable comparison, we standardized each communication cost. We applied it equitably, with the units detailed below. denotes a message, denotes an identity or pseudonym, denotes an identifier, denotes a timestamp,|G₁| = 320bits denotes an element in G₁, denotes an element in and denotes an element in . Table 5 shows the communication overhead of each scheme.

[Figure omitted. See PDF.]

For the sake of comparison, we assume that there is one vehicle user, one RSU, and one cloud server in the system, i.e., n = 1. In the CFTM scheme, their communication overhead in the encryption phase is |ID| + |C| + 6|G₁| = 2036bits, their communication overhead in the decryption phase is , and their total computation overhead is .

In the PPAAS scheme, their communication overhead in the encryption phase is |ID| + |C| + 3|G₁| = 1076bits, the communication overhead in the decryption phase is 3|G₁| + |ID| + |C| = 1076bits, and the total computation overhead is 6|G₁| + 2(|ID| + |C|) = 2152bits.

In our EFDA scheme, the vehicle user in the encryption phase sends the message to RSU_k, which has a communication overhead of ; then RSU_k sends the message in the region to RSU_a, which has a communication overhead of ; and finally the final message is sent to the CS by RSU_a which has a communication overhead of ; and the total computational overhead of this scheme is . Fig 6 shows that the comparison of our scheme with CFTM scheme and PPAAS scheme in terms of encryption phase, decryption phase, and total overhead. Fig 7 represents the communication overhead, which changes with the increase of vehicles and RSUs.

[Figure omitted. See PDF.]

[Figure omitted. See PDF.]

It is clear that our scheme has less communication overhead than the CFTM scheme and the PPAAS scheme, both in the encryption and decryption phases, and the burden on the system is within acceptable limits.

Computational overhead

This subsection contrasts the computational overhead of the three schemes CFTM, PPAAS, and EFDA, examining them in terms of the encryption and decryption phases, respectively. Table 6 illustrates the overheads of the cryptographic operations in question. Serial and different-or operations are also present in the three schemes CFTM, PPAAS, and EFDA. However, their time is negligible, and we therefore uniformly disregard it.

[Figure omitted. See PDF.]

The encryption phase, decryption phase, and overall overhead of the three methods CFTM, PPAAS, and EFDA, are presented in Table 7. We analyze the computational overhead of this scheme in detail.

[Figure omitted. See PDF.]

1) Computational overhead of vehicle users: in the data collection phase, each vehicle user will encrypt the collected data , because the Paillier encryption we use is modified, and the overhead is optimized, so that it will save much computational overhead. Moreover the vehicle also has to generate a signature and a feature identifier, so the vehicle performs two multiplication operations, one multiplication operation in G and one hash computation, i.e., 2T_m  +  T_gm  +  T_h = 1.64ms. It is more efficient than other schemes in the encryption phase.

2) Computational overhead of RSU: This layer consists of RSU_k and RSU_a. After the vehicle delivers the message to RSU_k, it needs to verify its signature. It aggregates the ciphertext into a new message and generates the signature at the same time, and finally sends the latest message to RSU_a. Therefore, the computational overhead of RSU_k is n ddition operations and n multiplication operations in G, i.e., . After receiving a message from RSU_k, RSU_a also verifies its signature, the message is aggregated into an aggregated ciphertext, and generate a signature. Note that at the same time, n and RSU_a are doing the same operation. Therefore, the computational overhead of RSU_a is n addition operations and one multiplication operation in G, i.e., .

3) Computational overhead of the cloud server: After the CS receives the aggregated ciphertext from RSU_a, it verifies the signature and decrypts the ciphertext using the decryption algorithm PDec(Data,sk), which requires one power operation and one multiplication operation in G, i.e.,T_e  +  T_gm = 2.94ms. Thus, our decryption phase and total computational overhead are , respectively.

4) CFTM and PPAAS schemes: the computational overheads in the encryption phase of the CFTM scheme and PPAAS scheme are and 6T_gm, respectively; the computational overheads in the decryption phase of the CFTM scheme and PPAAS scheme are  +  T_m  +  2nT_h and 5T_p  +  3nT_gm  +  3T_m  +  2nT_h, respectively; and the total computational overheads of the CFTM scheme and PPAAS scheme are and  +  , respectively. Fig 8 shows that the comparison of our scheme with the CFTM scheme and PPAAS scheme in the encryption phase, decryption phase, and total overhead, and Fig 9 represents the computational overhead that changes with the increase of vehicles and RSUs.

[Figure omitted. See PDF.]

[Figure omitted. See PDF.]

In conclusion, our scheme is a lightweight scheme with high efficiency and low computational overhead.

Query and feedback overhead

Computational overhead: this phase requires two multiplication operations in G and two multiplication operations in in the encryption phase, and one power operation and two multiplication operations in G in the decryption phase, i.e., . The total overhead can be seen in Fig 10. Although the overhead increases with the number of vehicles, it is within acceptable limits.

[Figure omitted. See PDF.]

Communication overhead: the querying vehicle sends the message to the CS, which has the overhead of , the CS returns the ciphertext to the querying vehicle which has the overhead of , and finally the querying vehicle sends the report or to the CS which has the overhead of or , of which and DE are 1bit, so this scheme is lightweight.The overhead of data query in 1s per unit time is shown in Fig 11.

[Figure omitted. See PDF.]

As can be seen from the figure, the query overhead increases linearly as the number of messages per unit time increases. The overhead is about 13.5KB for processing 200 messages in 1 second, which is within acceptable limits and proves the lightweight nature of this scheme.

Transmission delay

Transmission delay is a key parameter in evaluating the performance of a network and is analysed in this paper as End-to-End Delay (EED). It is calculated on the basis of the average time taken for data to be received from transmission. For example, in this paper, it is analysed from vehicle user to RSU side and RSU to CS side. The specific expression is given below:

(27)

Where T_r,kj is the number of times the data was received, T_s,kj is the number of times the data was sent, and m_total denotes the total number of data. This experiment is conducted on Ubuntu 18.04 to simulate a large vehicle-mounted self-organising network environment with a network coverage area of 3000×2000 square metres. The experimental settings are as follows: The communication distance between the user and the RSU is set to find the nearest device within 100 metres, and the simulated data upload time is set to 15 seconds. The experiment consists of two users, A and B, moving at 30km/h and 60km/h respectively.

As shown in Fig 12, the proposed scheme has lower end-to-end delay than the other schemes, regardless of whether the user speed is 30km/h or 60km/h.

[Figure omitted. See PDF.]

Considering the scalability, we increased the number of vehicle users in the environment with a moving speed of 30km/h and conducted data transmission delay experiments. The results are shown in Fig 13, which proves that the proposed scheme can be deployed in real environments and has a low latency within acceptable limits as the number of vehicle users increases.

[Figure omitted. See PDF.]

Conclusion

This research offers the efficient fine-grained data query method (EFDA) to address the combined difficulties of security and privacy breaches, as well as the inefficiencies associated with resource-constrained multidimensional data queries in vehicular ad hoc networks (VANET). The primary innovations include: firstly, a multidimensional CRT transformation method developed to ascertain the quantity of valid data, integrated with a lightweight regional feature mask and Paillier homomorphic encryption to facilitate efficient ciphertext aggregation and ensure privacy protection; secondly, the implementation of ECDSA to uphold data integrity and source reliability; lastly, the introduction of an efficient malicious node tracking algorithm employing dichotomous recursion alongside a reputation incentive mechanism to mitigate risk. The security study indicates that EFDA satisfies the criteria for secrecy and integrity while properly balancing privacy protection with query efficiency. Nevertheless, the method is constrained by the robust assumptions of a centralized trust architecture, the latency of Paillier decryption, and the comprehensive coverage of RSUs. Future research will concentrate on blockchain-based key management, utilizing blockchain to supplant certain aspects of CI to improve system decentralization and mitigate single points of failure.

Supporting information

S1 File. Data. The document contains all the data used in this paper.

https://doi.org/10.1371/journal.pone.0335953.s001

(XLSX)

S1 Appendix. Theorem. The standard definitions of MCI and ICM.

https://doi.org/10.1371/journal.pone.0335953.s002

References

1. 1. Yeh L-Y, Shen N-X, Hwang R-H. Blockchain-based privacy-preserving and sustainable data query service over 5G-VANETs. IEEE Trans Intell Transport Syst. 2022;23(9):15909–21.

* View Article

* Google Scholar

2. 2. Abdelatif S, Derdour M, Ghoualmi-Zine N, Marzak B. VANET: a novel service for predicting and disseminating vehicle traffic information. Int J Communication. 2020;33(6).

* View Article

* Google Scholar

3. 3. Meng Q, Weng J, Miao Y, Chen K, Shen Z, Wang F, et al. Verifiable spatial range query over encrypted cloud data in VANET. IEEE Trans Veh Technol. 2021;70(12):12342–57.

* View Article

* Google Scholar

4. 4. A new traffic congestion detection and quantification method based on comprehensive fuzzy assessment in VANET. KSII TIIS. 2018;12(1).

* View Article

* Google Scholar

5. 5. Xu Y, Liu X, Cui J, Zhong H, Zhang J. L-TCM: a lightweight privacy-preserving traffic condition monitoring scheme with source authentication in cloud-assisted VANETs. IEEE Systems Journal. 2023;17(4):6138–47.

* View Article

* Google Scholar

6. 6. Jiang Y, Ge S, Shen X. AAAS: an anonymous authentication scheme based on group signature in VANETs. IEEE Access. 2020;8:98986–98.

* View Article

* Google Scholar

7. 7. Jiang W, Lv X. A distributed internet of vehicles data privacy protection method based on zero-knowledge proof and blockchain. IEEE Trans Veh Technol. 2024;73(5):6332–45.

* View Article

* Google Scholar

8. 8. Zeng Z, Zhou Q, Wei K, Yang N, Tang C. BCS-CPP: a blockchain and collaborative service-based conditional privacy-preserving scheme for internet of vehicles. IEEE Trans Intell Veh. 2024;9(2):4130–44.

* View Article

* Google Scholar

9. 9. Li X, Liu J, Obaidat MS, Vijayakumar P, Jiang Q, Amin R. An unlinkable authenticated key agreement with collusion resistant for VANETs. IEEE Trans Veh Technol. 2021;70(8):7992–8006.

* View Article

* Google Scholar

10. 10. Zhou X, Yang Q, Liu Q, Liang W, Wang K, Liu Z, et al. Spatial–temporal federated transfer learning with multi-sensor data fusion for cooperative positioning. Information Fusion. 2024;105:102182.

* View Article

* Google Scholar

11. 11. Cai L, Wang H, Jiang F, Zhang Y, Peng Y. A new clustering mining algorithm for multi-source imbalanced location data. Information Sciences. 2022;584:50–64.

* View Article

* Google Scholar

12. 12. Fan K, Ren Y, Bai Y, Wei G, Zhang K, Li H, et al. Fault-tolerant and collusion-resistant lattice-based multidimensional privacy-preserving data aggregation in edge-based smart grid. IEEE Internet Things J. 2024;11(6):9487–504.

* View Article

* Google Scholar

13. 13. Zhou Y, Xu R, Qiao Z, Yang B, Xia Z, Zhang M. An anonymous and efficient multimessage and multireceiver certificateless signcryption scheme for VANET. IEEE Internet Things J. 2023;10(24):22823–35.

* View Article

* Google Scholar

14. 14. Chen X, Huang J, Xiao K, Li H, Huang Q. A non-interactive identity-based multi-signature scheme on lattices with public key aggregation. IEEE Trans Dependable and Secure Comput. 2025;22(4):4189–99.

* View Article

* Google Scholar

15. 15. Alshammari F, Alsaleh A. Smart intrusion detection model to identify unknown attacks for improved road safety and management. Sci Rep. 2025;15(1):18584. pmid:40425772

* View Article

* PubMed/NCBI

* Google Scholar

16. 16. Annabi M, Zeroual A, Messai N. Towards zero trust security in connected vehicles: a comprehensive survey. Computers & Security. 2024;145:104018.

* View Article

* Google Scholar

17. 17. Li H, Pei L, Liao D, Sun G, Xu D. Blockchain meets VANET: an architecture for identity and location privacy protection in VANET. Peer-to-Peer Netw Appl. 2019;12(5):1178–93.

* View Article

* Google Scholar

18. 18. Luo B, Li X, Weng J, Guo J, Ma J. Blockchain enabled trust-based location privacy protection scheme in VANET. IEEE Trans Veh Technol. 2020;69(2):2034–48.

* View Article

* Google Scholar

19. 19. Ilyas I, Ashraf MU, Albouq SS, Shinan K, Alhazmi HE, Alanazi F, et al. Blockchain enabled privacy provisioning scheme for location based services in VANETs. PLoS One. 2025;20(6):e0323438.

* View Article

* Google Scholar

20. 20. Nahar A, Mondal KK, Das D, Buyya R. Clouds on the road: a software-defined fog computing framework for intelligent resource management in vehicular ad-hoc networks. IEEE Trans on Mobile Comput. 2024;23(12):12778–92.

* View Article

* Google Scholar

21. 21. Hameed AR, Islam S ul, Ahmad I, Munir K. Energy- and performance-aware load-balancing in vehicular fog computing. Sustainable Computing: Informatics and Systems. 2021;30:100454.

* View Article

* Google Scholar

22. 22. Liu K, Xiao K, Dai P, Lee VCS, Guo S, Cao J. Fog computing empowered data dissemination in software defined heterogeneous VANETs. IEEE Trans on Mobile Comput. 2021;20(11):3181–93.

* View Article

* Google Scholar

23. 23. Gu K, Wang Y, Qiu J, Li X, Zhang J. Blockchain-based data deduplication and distributed audit for shared data in cloud-fog computing-based VANETs. IEEE Trans Netw Serv Manage. 2024;21(5):5548–65.

* View Article

* Google Scholar

24. 24. Rana S, Mishra D, Lal C, Conti M. Authenticated message-exchange protocol for fog-assisted vehicular cloud computing. Wireless Pers Commun. 2023;131(2):1295–312.

* View Article

* Google Scholar

25. 25. Nkenyereye L, Liu CH, Song J. Towards secure and privacy preserving collision avoidance system in 5G fog based Internet of Vehicles. Future Generation Computer Systems. 2019;95:488–99.

* View Article

* Google Scholar

26. 26. Eslami Z, Pakniat N. Certificateless aggregate signcryption: security model and a concrete construction secure in the random oracle model. Journal of King Saud University - Computer and Information Sciences. 2014;26(3):276–86.

* View Article

* Google Scholar

27. 27. Basudan S, Lin X, Sankaranarayanan K. A privacy-preserving vehicular crowdsensing-based road surface condition monitoring system using fog computing. IEEE Internet Things J. 2017;4(3):772–82.

* View Article

* Google Scholar

28. 28. Xu Y, Yao C, Cui J, Zhong H. LPPA-RCM: a lightweight privacy-preserving authentication scheme for road condition monitoring in fog-based VANETs. Journal of Systems Architecture. 2023;143:102967.

* View Article

* Google Scholar

29. 29. Xiong J, Bi R, Zhao M, Guo J, Yang Q. Edge-assisted privacy-preserving raw data sharing framework for connected autonomous vehicles. IEEE Wireless Commun. 2020;27(3):24–30.

* View Article

* Google Scholar

30. 30. Wang W, Wu L, Qu W, Liu Z, Wang H. Privacy-preserving cloud-fog–based traceable road condition monitoring in VANET. Int J Network Mgmt. 2020;31(2).

* View Article

* Google Scholar

31. 31. Yang Y, Zhang L, Zhao Y, Choo K-KR, Zhang Y. Privacy-preserving aggregation-authentication scheme for safety warning system in fog-cloud based VANET. IEEE TransInformForensic Secur. 2022;17:317–31.

* View Article

* Google Scholar

32. 32. Elhabob R, Eltayieb N, Xiong H, Kumari S. Equality test on identity-based encryption with cryptographic reverse firewalls for telemedicine systems. IEEE Internet Things J. 2025;12(2):2106–21.

* View Article

* Google Scholar

33. 33. Hadabi A, Qu Z, Elhabob R, Kumar S, Yeh K-H, Kumari S, et al. Proxy re-encryption with plaintext checkable encryption for integrating digital twins into IIoT. Computers and Electrical Engineering. 2024;116:109164.

* View Article

* Google Scholar

34. 34. Johnson D, Menezes A, Vanstone S. The Elliptic Curve Digital Signature Algorithm (ECDSA). IJIS. 2001;1(1):36–63.

* View Article

* Google Scholar

35. 35. Paillier P. Public-key cryptosystems based on composite degree residuosity classes. In: International conference on the theory and applications of cryptographic techniques. Lecture Notes in Computer Science. 1999. p. 223–38.

* View Article

* Google Scholar

Citation: Zhao X, Dong G (2025) A multidimensional, efficient, and secure data query based on privacy preservation in vehicular ad hoc networks. PLoS One 20(11): e0335953. https://doi.org/10.1371/journal.pone.0335953

About the Authors:

Xiangmei Zhao

Roles: Conceptualization, Data curation, Methodology, Project administration, Resources, Validation, Visualization, Writing – original draft

Affiliations: School of Electrical and Information Technology, Yunnan Minzu University, Kunming, China, Yunnan Key Laboratory of Unmanned Autonomous System, Yunnan Minzu University, Kunming, China

Guofang Dong

Roles: Funding acquisition, Software, Writing – review & editing

E-mail: [email protected]

Affiliations: School of Electrical and Information Technology, Yunnan Minzu University, Kunming, China, Yunnan Key Laboratory of Unmanned Autonomous System, Yunnan Minzu University, Kunming, China

ORICD: https://orcid.org/0009-0003-0692-0115