Blockchain-inspired lightweight trust-based system in vehicular networks

A decentralized application runs on the blockchain network without the intervention of a central authority. Transparency in transactions and security in vehicular networks are the issues for central systems. The proposed system uses blockchain-based smart contracts, which eliminate the requirement for any third-party verification. Additionally, with signature verification and reduced overhead, smart contracts also help in a fast and secure transaction. This study suggests a trust-based system paradigm where certificate authority (CA) is employed for vehicle registration. We also propose a blockchain-based system that provides efficient two-way authentication and key agreement through encryption and digital signatures. The analysis of the proposed model reveals that it is an efficient way of establishing distributed trust management, which helps in preserving vehicle privacy. The proposed scheme is tested in Automated Validation of Internet Security-sensitive Protocols (AVISPA), and security parameters verification in Network Simulator 2(NS2) also shows that the proposed scheme is more effective in comparison with existing schemes in terms of authentication cost, storage cost, and overhead.


| INTRODUCTION
The number of vehicles on the highways is rising daily as a result of the change in lifestyle, and it is anticipated that it will double in the next 10 years. 1 With the increase in the number of vehicles, it is very difficult for the vehicular ad hoc networks (VANETs) to handle this many vehicles and to realize the intelligent transport systems (ITSs). VANETs can be divided into two types, namely, vehicle to vehicle (V2V) and vehicle to infrastructure (V2I). In both systems, the messages are exchanged through radio communication. In V2V, message exchanges between the vehicles, and in V2I, vehicles can exchange messages with road side units (RSUs). 2 VANET employs ad hoc networks such as cloud, WAVE, and cellular 3 to enable secure message exchange between vehicles via centralized architectures. The communication due to centralize systems is not transparent and could not be secure. 4 As security is concerned, the amount of data exchange and the requirement of memory and power is also increased. There must be some ways to prevent malicious behavior by accessing reliable sources with the help of consensus mechanisms. 5 Blockchain can easily solve this problem by using decentralized architecture. 6 The blockchain transactions are recorded in a distributed ledger by using consensuses such as proof of work (PoW) and proof of stake (PoS). Merkle root is used to record all the transactions, which is concatenated with a hash for each block. Blockchain synchronizes all the transactions in a decentralized manner. When the failure of the nodes occurs, it will not affect the entire system.

| Architecture of blockchain
In the blockchain, the sequence of blocks is connected in a sequence that maintains its hash value and also the previous hash. The block describes all the transactions that happened in the network. A block is made up of its header and body. Header is used to identify the particular block in the entire blockchain. Miners often hash a block header by altering the nonce value as part of typical mining operations. The previous block hash is utilized to link the ith block to the i þ 1th block. It is, in essence, a reference to the hash of the chain's previous (parent) block. Timestamp verifies the information in the block and gives digital documents a time or date of production. The document or event's timestamp is a string of characters that both uniquely identifies it and shows when it was created, a nonce that is only used once. It is a crucial component of the block's proof of work. If it is less than or equal to the current target, it is compared to the live target. Individuals who mine, test, and remove a large number of once every second until they discover a legitimate instance of a valuable once. Merkle Root is a frame-like data structure made up of various data blocks. A Merkle tree creates a digital fingerprint of each transaction and saves them all together in a block. Metadata like signature and hash values of the previous and current block is stored in the header of the block. The body serves as the payload and has the ability to store all of the messages and transactions, as seen in Figure 1.
A blockchain network contains nodes that are responsible for maintaining the track of the blockchain and its validation to the new blocks. The blockchain can be further categorized into two types based on the difference of its functionality, that is, miners and validators. Miners are responsible for storing a few blocks only and are also used for the creation of new blocks. Validators can be used to validate the blocks that store the full copy of the blockchain and also validate the new blocks generated by the miners. 5

| Blockchain consensus
The blockchain network is decentralized, and nodes must conduct themselves accordingly. When all the members agree on the blockchain, then new blocks are appended to the network. In real-time scenarios, nodes might act maliciously in byzantine environments. Therefore, to resolve any potential conflict, a fault-tolerant consensus technique is needed. Consensus can be selected according to the attributes of the nodes. Proof-of-work (PoW) based on computing power can append a new block after solving a mathematical problem and it is the base of the Bitcoin network. In proofof-stake (PoS), the node has to stake some crypto value, and if any node tries to manipulate any value, the locked-up stakes get slashed and rewards get reduced. Delegated proof-of-stake (DPoS) is used where the voting power is used to select the validators.
PoW system cannot deter the participants from performing selfish mining attacks. To solve this issue, users have shifted to using another consensus like PoS based on Ethereum and some other blockchains. In these systems, participants are rewarded for performing nonmalicious activities, and for malicious activities, participants' rewards are deducted. 6

| Motivation and research contribution
In this paper, we have presented the research problem that motivates research on desired VANET model. The information is secured on the chain because of its tamper-proof nature. The system is using blockchain and smart contracts running on the local vehicles, which leads to a reduction in the overhead and provides better two-way authentication. Vehicles can communicate anonymously through blockchain, which avoids third parties from stealing information and privacy. The research contribution is further divided into two parts as discussed below: (i) To solve the security problem, we have proposed the blockchain-based VANET architecture with smart contracts.
Moreover, the problem of central failure is solved by the distributed system. (ii) This paper also proposes the decentralized architecture using blockchain and smart contracts while preserving privacy.
The rest of the paper is organized as follows: Section 2 describes the literature review, whereas Section 3 presents the proposed approach. Section 4 explains the results and analysis part. Sections 5 and 6 represent the security and comparative analysis, and Section 7 presents the conclusion and future scope.

| LITERATURE REVIEW
Several schemes have been proposed to provide security to vehicular networks.
In a previous work, 7 the authors have proposed public key infrastructure (PKI), which generates large overhead and cost. This also uses a centralized approach toward vehicular networks, which can be proxied and compromised. Moreover, centralized systems have all the processes dependent on the central server. Dynamic key distribution protocol based on PKI is implemented in which vehicles can communicate with each other and keys are obtained from the CA through RSU, which is reducing the load on vehicles. A load has been reduced on vehicles, but still the problem of centralization persists, which needs to be addressed. 8 Guo 9 proposed a secure and authenticated key management (SA-KMP) algorithm based on key agreement protocol, which ensures the communication between the vehicles and RSU. The repository has distributed between the entity's identity and each vehicle using its corresponding public key. The certificate revocation has been eliminated by distributing the repository, which was not done earlier in PKI systems.
Key agreement and digital signatures can be used for security and privacy. Anonymous certificate method is also proposed to remove the certificate management problem, which increases the efficiency of the authentication process. But the problem is still the central dependency. The vehicles can obtain the certificate from their passing RSU, and therefore, there is no need to check for the certificate frequently, which improves the efficiency of authentication. But there is no experimental plan discussed for the complex architectures and systems. 10 Ring signature scheme is also proposed to authenticate the communication between vehicles. Fog-based privacy protection scheme is proposed that improves the security of the crowded vehicular network. Fog user identity is anonymous during identity authentication. Central dependency is reduced by proposing the blockchain-based architecture with the Internet of Vehicle (IoV). 11 Distributed key generation (DKG) scheme is implemented as a smart contract and using secret sharing to realize DKG. The core building block of blockchain technology is the consensus protocol. In these, we have to rely on a single centralized entity for the necessary protocol setup. But DKG provides us the flexible means for the VANET network for the registration and faulty behavior of the vehicle. Ethereum smart contracts rely on trusted third parties and which is used for the automated registration and participation of the vehicles in communication. 12,13 In the Internet of Things (IoT) area, Owoh and Singh 14 proposed a scheme using Diffie-Hellman key exchange (DHKE) to secure the exchange of data in sensor networks.
Blockchain-based trust management systems (BARS) used a reputation score-based mechanism, which is based on historical interactions. 15,16 For preserving privacy, an authentication and revocation framework for VANETs is also proposed, but it fails to address the security. 17 Crypto trust point (cTp) for securing the data among the vehicles has also been proposed. 18 These are not addressing privacy concerns and are focused on securing the data only.
Computational overhead can be reduced 19 by using mobile edge computing (MEC) to offset resource consumption. But edge computing does not make it truly decentralized, and it is dependent still on the central server. Reward-based blockchain is also proposed, which is using a unique crypto ID provided by a vehicle for secure communication. It is a trust-bit system, using proof of stake consensus, which is used to give the rewards if the vehicle is genuine. 20 Consortium-based blockchain generates the data sharing and storage platform but generates more overhead. 21 Dynamic key management is also discussed for heterogeneous ITS systems. These all are schemes focused only on security, not on the privacy of vehicles.
Ethereum is a secure generalized decentralized system built on smart contracts, which is better than the Bitcoin network in terms of power and resource consumption. 22 Intercommunication between the vehicles can be secured by encryption algorithms. Zhou et al. proposed the method for encryption and authentication, which consumes 83% less time as compared to the traditional public-key encryption method. 23 AVISPA, which stands for Automated Validation of Internet Security Protocols and Applications, is utilized to verify the security of different proposed protocols. 24 Some authentication and privacy solutions also exist for the industrial IoT, which is biometrics-based which reduces the overhead and some large computations; it is based on cloud computing. Formal security verification is also performed to prove that the session is secured from attacks. 25 We know that real-time data are very important these days and which can be fulfilled by unmanned vehicles, that is, drones. So, to provide security to the drone, a lightweight authentication scheme is proposed, which needs to access the data from the drone directly. 26,27 Big data projects can also be integrated and presented for better analysis, which is integrated with blockchain. 28 Blockchain-based layered architecture for a smart parking system to establish trust between users has also presented. 29 Security is also considered in the healthcare sector where we also need privacy in reliable data transmission of IoT networks. Novel blockchain and artificial intelligence-enabled secure medical data transmission (BAISMDT) for IoT networks is presented. 30 Ontology-based privacy-preserving (OBPP) is presented, which addresses the problem of heterogeneity in the devices and also maintained the quality of services. 31 Prediction error can be reduced by using the artificial neural networks to train the data. 32,33 Shifted Legendre spectral collocation algorithm is used to provide accuracy and efficiency to the data, which we are using for the modeling of different traffic scenarios. 34,35 In summary, most of the schemes discussed have the problem of a centralization system that can be compromised at any time. Other schemes based on decentralization concentrate on security, but privacy has been compromised because the data are being exchanged by the vehicle over the network. In previous works, 25,26 privacy has been discussed but the system is still based on a central system.

| PROPOSED APPROACH
We are using the Ethereum blockchain, which securely executes the smart contracts to provide a more reliable and secure environment for vehicular communication. Figure 2 shows the proposed architecture of VANET using the smart contract in the blockchain. Implementation steps are further explained in the following sections. The section is further divided into four parts.

| System initialization
System initialization provides privacy to the users by submitting its identification to the trust blockchain. System authentication is used to provide the authentication and create a session between the vehicles. To make the vehicles more trustable, every vehicle's data are integrated into physical unclonable function (PUF) and has assigned a unique vehicle identification. 36 To understand this phase, consider any event that occurs on the road, and vehicle V A wants to send the message for which the event has occurred. Any vehicle entering the vehicular network gets its ID revoked by the certificate authority (CA) as shown in Figure 2. All the information is embedded integrated to the network using blockchain, and identity has to submit to the trust blockchain, which provides privacy to the users. Road side units are synced with the vehicles and used to provide the unique ID to the vehicles. Every incident occurred on the road has its unique identity, which is further stored in the blockchain. Smart contract is also executed by the vehicle itself to make the blockchain trustable.It also provides the necessary information required without revealing the actual data as shown in Figure 3.

| System authentication
In this phase, the vehicles have to undergo the authentication process so that the proper session can be initialized between different vehicles and the blockchain. Communication and other data exchange must be secured using the proper authentication and key exchange mechanism. We will discuss the two-party and multiparty smart contracts.

| Two-party smart contract algorithm
The ElGamal signature method serves as the foundation for the signature creation algorithm. It generates the signature as an output after receiving the sender's private key as well as the message to be transmitted. The algorithm functions as follows: We determine the hash h of the message m using hashing algorithms. We choose a random number k ranging from 1 to n À 1, where n is the prime number that represents the order of subgroup of elliptic curve points generated by point G on the curve. After that, random point is calculated as R ¼ rG. This proof typically consists of two parts: A private key and a public key, which are essentially just two integer values r and s. The participants have to agree upon a prime number p, and generator point G by exchange of secret key, 27 where n is the order of prime number and x, y are the coordinates associated with generator point G. Some properties of the numbers create an impact on the cryptographic solution that we will not discuss here to maintain simplicity. After receiving the message and the signature, the recipient will follow the below algorithm for verification purposes. The main thing here to concentrate on is using the Tron smart contract, 37 and we can use the Tron ecrecover function for signature verification, which is a much faster process for signature verification. We are not writing the complete slice function for eliminating the complexity. It is available in the repository.
To verify the signature in solidity, a lot of overheads is required and developers have to write their own slicing functions. Since ecrecover can only return the address, it can be easy to match whether the signer address is a restored address. By using this smart contract, the vehicles on the roads can be easily authenticated without large overheads and with better accuracy. The authentication we have shown above is for two vehicles only. But in the case of a real-time scenario, we have multiple vehicles running on the road. So, in that case, we need multiparty authentication and the same can be achieved by using the same key exchange algorithm.

| Connecting solidity with smart contract
The smart contracts were coded in solidity, for smart contract designing using Remix IDE. 21,28 Figure 4 shows the network model for executing the smart contracts consists of: (i) Vehicles: Vehicles denoted by V A to V N have their own account in the blockchain, and it is using a pair of public and private keys for the communication to be encrypted. (b) Not more than 50% of the RSU is compromised, which is beyond the capability of adversaries.
Before initializing smart contracts, we need to set up the solidity environment with localhost as shown in Figure 4, which also shows that the solidity is running on the system and ready to perform some migrations. The test blockchain has been deployed on the Windows platform as shown in Figure 5, which shows the hash value generated for the test environment and also shows the smart contact address and how much gas will be taken to run the transaction.
For initializing the smart contract, we need to use the trust management and data sharing architecture, which has the vehicle's account on the blockchain (16-bit address). Moreover, the vehicles are integrated already inside the physical unclonable function (PUF), which is assumed to be system-on-chip (SoC) which provides them a unique crypto ID (vID). This provides safety against malicious attacks and makes it more reliable for communicating between them. To secure communication, smart contracts are used. Vehicles can only send the data after being registered, and all this is performed by certificates and vehicles registry as shown in Figure 6.
F I G U R E 4 Solidity environment.

| Steps involved in smart contract flow
(i) Compilation: Solidity IDE, Remix is used to compile the smart contracts. After compilation, smart contracts can be deployed on CA j nodes. (ii) Deployment: After successfully compiling, the contracts are deployed on the RSU nodes CA j . CA j broadcasts the address of the smart contracts so that the interaction between the vehicles and RSU can be performed.

F I G U R E 5 Testnet environment.
F I G U R E 6 Information flow of trust management system.

| RESULTS AND ANALYSIS
The results and analysis section is further divided into two sections.

| Experimental setup
The experimental setup was simulated on a computer equipped with Intel Core i5 @2.4 Ghz and 8 GB of RAM with a Windows 7 operating system. We have also used Network Simulator 2 for measuring the various quality of services parameters as shown in the performance evaluation section. A block header is roughly 508 bytes. 22 If blocks are generated every 10 s (360 per hour), the storage overhead for one blockchain is 1602 MB/year.
The SHA-256 hash algorithm serves as the foundation for the architecture. SHA-256 consumes less than t1 ¼ 0:01 ms of time per 1 kB of input. 23 The time required to authenticate one public key is T ¼ t 1 ðlog 2 nÞ, where n is the number of certificates issued.

| Performance evaluation
We have analyzed the following performance metrics: Communication cost, authentication delay, storage cost, and RSU's overhead.
Communication cost is calculated based on the total number of vehicles using different variables used for the transmission of messages in the vehicular network. Communication cost is further calculated with respect to message authentication communication cost. Overall memory required to store the various variables like hash functions, symmetric and asymmetric keys, signature, and timestamp is calculated by storage cost. RSU overhead is also an important parameter because the authentication is to be done by RSU, and it must access the certificates through the Internet. It is capable of doing so because vehicles have very less computation power, and it may affect the performance of the network if the authentication is to be done by the vehicles. However, the overhead can be reduced to reduce the load on the RSU's.

| Message authentication communication cost
Traditional public key infrastructure requires certificate and signature information for the message authentication. The total message size that is proposed by Zhang 23 is 257 bytes. Wang 17 has proposed the scheme, which is using the 190 bytes message size. When we use the system with the blockchain and smart contracts, the message size is reduced to 128 bytes as shown in Figure 7.

| Authentication delay
PKI needs to check the certificate revocation table for authentication. But in the proposed system, information is managed through the smart contracts and stored in the blockchain through which the query time for the certificate is reduced. Wang 17 used two-way authentication through participation, and Zhang 23 requires the proper participation of the CA. The proposed scheme has better efficiency and less latency due to the introduction of smart contracts, which will be locally performed on the nodes to reduce the delay as shown in Figure 8. Figure 9 represents the graph between the storage cost and the number of bytes stored. It is used to calculate the amount of space required for storing all parameters. As you can see, the storage cost is lower in the case of the proposed scheme because of less overhead and ecrecover function. This clearly justifies the need for message dissemination in the case of the dense vehicular network. It can reduce the cost because if the information is disseminated and not stored by the node locally that reduces the storage cost further. Message dissemination helps the nodes to be updated after frequent intervals of time with the updated route and is used for route optimization. RSU is used to perform the message authentication task in our proposed scheme. It is assumed that each vehicle sends the message in 200 ms. In Figure 10, the proposed scheme is having less RSU overhead in comparison to other schemes.  Figure 11 represents the verification loss comparison of all schemes with the proposed scheme, and it shows that in the case of the proposed scheme, the overhead is less and verification loss is also less in comparison to other schemes due to less overhead. It also describes that the overhead will increase with increasing vehicle density.

| SECURITY ANALYSIS
Security analysis is performed with formal and informal security verification. Formal verification is a formalization of the description and used for the analysis of the protocol implemented. The strength of the proposed scheme is also validated by informal analysis.

| Formal security analysis
AVISPA is an automated validation tool for Internet Security Protocols and Applications. It includes a modular and expressive formal language for specifying protocols and their security properties, as well as various back-ends that implement a wide range of cutting-edge automatic analysis techniques. Experiment results on a large library of Internet security protocols show that the AVISPA tool is at the cutting edge of automatic security protocols. No other tool offers the same breadth and robustness, as well as the same performance and scalability. 38 In this section, formal security verification is performed against the man in the middle and replay attack. We have used the AVISPA tool 25 to perform this validation. The IF acts as input to one of the four backends to produce the "Output Format (OF)," which explains the protocol is lying under the "safe," "unsafe," or "inconclusive." AVISPA is the widely used tool for the verification and validation of security protocols. 26,27 In our proposed scheme under high-level protocol specification language (HLPSL), we have defined the three basic roles: (a) The role of vehicles, (b) the role of RSU's, and (c) the role of smart contracts between the vehicles and RSU's. We had also simulated the two significant roles (session and goal and environment), and the backend we have covered are OFMC and CL-AtSe 34 because they support the XOR operation. We have not considered other backends because they did not support the bitwise XOR operation. Figure 12 demonstrates that the results under OFMC and CL-AtSe are safe from replay and man-in-the-middle attacks The simulation has traversed 57 nodes at an 8-pile depth. In the case of the CL-AtSe backend, however, 13 states were analyzed, of which six states are reachable with a translation time of 0.17 s and a computation time of 0.02 s.

| Theoretical security analysis
Informal analysis is presented in this section to check the robustness of the proposed scheme. STRIDE threat model has been taken, which means to check for spoofing, tampering, repudiation, information disclosure, denial of services, and escalation of privilege.

| Tamper proof data
It is insignificant to tamper with any block because in blockchain the blocks are arranged in chronological order. An attacker must have at least 51% of the total computation power, which is very difficult because the hash rate is very high at this time. Therefore, tampering with the blocks is very difficult for an attacker. Hence, it is a secure network.

| Strong privacy
It is possible to exchange a message only after getting the vehicle's signature. A block will generate after the consensus and contains the signature of the vehicle's agreed-upon communication. Hence, privacy among the vehicles can be achieved.

| Prevent from a message spoofing attack
When a malicious vehicle enters into the system and tries to send fake messages that an event has occurred on a road but no event occurred, this is called message spoofing. The proposed architecture uses certificates to randomize the public keys so that attackers cannot correlate the public key of the vehicle and message spoofing can be eliminated.

| COMPARATIVE ANALYSIS
In this section, we have analyzed the proposed scheme with the existing schemes such as schemes designed by Wang et al., 17 Zhang et al, 23 and conventional PKI. 15

| Comparative study of communications costs
In our proposed scheme, the communication cost calculated is 1024 bits, which is much smaller as compared with the other methods because we have used smart contracts that reduce overhead to much extent. On the other hand, communication costs by PKI, 15 Zhang et al, 23 and Wang et al 17 were found to be 2240, 2056, and 1520 bits, respectively, as shown in Table 1. PKI 15 3 2240 Wang 17 3 1520 Zhang 23 3 2056

| Comparison of security attributes
The comparison attributes and security features for the proposed scheme and others have been shown in Table 2. Various features are not supported by or available in PKI. 15 Man in the middle and impersonation is prevented by Zhang 23 and the proposed scheme. It is very clear from the table that the proposed scheme has better security attributes in comparison to conventional methods.

| CONCLUSION AND FUTURE SCOPE
To preserve confidentiality and anonymity, a decentralized smart contracts system built on blockchain is deployed. Moreover, it lessens reliance on centralized systems. The suggested system is significantly more secure, as demonstrated by the thorough security verification performed using AVISPA. Moreover, decentralized online ledger data ensure data security and integrity. In comparison to existing systems, the suggested smart contract system consumed less memory and had lower communication costs. This strategy minimizes overhead by running the program locally on the client side. We can continue to use the verifiable DApps in the future. By obtaining the smart logic, we could create various credit-based DApps. It is necessary to develop a hybrid technique that supports communication security. We will work on new protocols in future to reduce the time needed for authentication and to protect vehicle networks against online threats.

DATA AVAILABILITY STATEMENT
The data that support the findings of this study are available on request from the corresponding author. The data are not publicly available due to privacy or ethical restrictions.