Privacy-Preserving AGV Collision-Resistance at the Edge Using Location-Based Encryption
基于位置加密的隐私保护AGV边缘防撞

1 Introduction  1引言

• Liang Zhang is with the School of Cyberspace Security(School of Cryptology), Hainan University, Haikou, Hainan 570228, China, and also with the School of Computer Science, Fudan University, Shanghai 200433, China. E-mail: zhangliang@hainanu.edu.cn.
  张亮就职于海南大学网络安全学院（密码学学院），海南海口570228，中国，复旦大学计算机科学学院，上海200433，中国。电子邮件地址：zhangliang@hainanu.edu.cn。
• Haibin Kan is with the Shanghai Key Laboratory of Intelligent Information Processing, School of Computer Science, Fudan University, Shanghai 200433, China, and with the Shanghai Engineering Research Center of Blockchain, Shanghai 200433, China, and also with Zhuhai Fudan Innovation Research Institute, Zhuhai, Guangdong 518057, China. E-mail: hbkan@fudan.edu.cn.
  Kan Haibin是复旦大学计算机学院上海市智能信息处理重点实验室，上海200433，中国，上海区块链工程研究中心，上海200433，中国，珠海复旦创新研究院，广东珠海518057，中国。电子邮件：hbkan@fudan.edu.cn。
• Yihao Wang is with the Shanghai Key Laboratory of Intelligent Information Processing, School of Computer Science, Fudan University, Shanghai 200433, China, and also with the Shanghai Engineering Research Center of Blockchain, Shanghai 200433, China. E-mail: $20210240262@fudan.edu.cn$$20210240262@fudan.edu.cn$20210240262@fudan.edu.cn20210240262 @ f u d a n . e d u . c n.
  Yihao Wang是复旦大学计算机科学学院上海市智能信息处理重点实验室，上海200433，中国，也是上海区块链工程研究中心，上海200433，中国。电子邮件： $20210240262@fudan.edu.cn$$20210240262@fudan.edu.cn$20210240262@fudan.edu.cn20210240262 @ f u d a n . e d u . c n 。

• We list all occasions that two AGVs may collide in the proposed road model. Then, we resolve the collision problem by introducing a virtual traffic light mechanism.
  我们列出了所有的情况下，两个AGV可能发生碰撞，在建议的道路模型。然后，我们通过引入虚拟交通灯机制来解决碰撞问题。
• We incorporate a cloud-edge computing architecture for the proposed AGV-centered collision-resistance paradigm. In this paradigm, only edge servers are involved in controlling the AGVs.
  我们将一个云边缘计算架构的建议AGV为中心的碰撞阻力范例。在这种模式中，只有边缘服务器参与控制AGV。
• To protect the AGVs’ information, we leverage an LBE algorithm based on the CP-ABE access policy. To the best of our knowledge, we are the first to implement LBE by taking advantage of the CP-ABE access policy.
  为了保护AGV的信息，我们利用基于CP-ABE访问策略的LBE算法。据我们所知，我们是第一个利用CP-ABE访问策略实现LBE的公司。
• Consequently, we achieve favorable properties in privacy-preserving communication, such as noninteractivity and anonymity, fitting well with edge computing architecture. Moreover, we conduct concrete experiments to evaluate the performance of the proposed paradigm.
  因此，我们在隐私保护通信中实现了良好的特性，如非交互性和匿名性，非常适合边缘计算架构。此外，我们进行具体的实验，以评估所提出的范例的性能。

2 Key Techniques  2关键技术

2.1 Edge Computing  2.1边缘计算

2.2 Ciphertext-Policy Attribute-Based Encryption
2.2基于密文策略的属性加密

• $(MSK,MPK)\leftarrow$$(MSK,MPK)\leftarrow$(MSK,MPK)larr(M S K, M P K) \leftarrow Setup ${}_{\text{ABE}}(\lambda ):$${}_{\text{ABE }}(\lambda ):$_("ABE ")(lambda):_{\text {ABE }}(\lambda): The setup algorithm takes in the security parameter $\lambda$$\lambda$lambda\lambda. It outputs the master key pair (MPK, MSK). The authority holds MSK privately and publishes MPK.
  $(MSK,MPK)\leftarrow$$(MSK,MPK)\leftarrow$(MSK,MPK)larr(M S K, M P K) \leftarrow 设置 ${}_{\text{ABE}}(\lambda ):$${}_{\text{ABE }}(\lambda ):$_("ABE ")(lambda):_{\text {ABE }}(\lambda): 设置算法接受安全参数 $\lambda$$\lambda$lambda\lambda 。它输出主密钥对（MPK，MSK）。管理局私下持有MSK并出版MPK。
• $SK\leftarrow {\mathrm{KeyGen}}_{\mathrm{ABE}}(\mathrm{MSK},S):$$SK\leftarrow {\mathrm{KeyGen}}_{\mathrm{ABE}}(\mathrm{MSK},S):$quad SK larrKeyGen_(ABE)(MSK,S):\quad S K \leftarrow \operatorname{KeyGen}_{\mathrm{ABE}}(\mathrm{MSK}, S): The key generation algorithm takes as input the master private key MSK and an attributes set $S$$S$SS that describes the key. It outputs a decryption key $SK$$SK$SKS K.
  $SK\leftarrow {\mathrm{KeyGen}}_{\mathrm{ABE}}(\mathrm{MSK},S):$$SK\leftarrow {\mathrm{KeyGen}}_{\mathrm{ABE}}(\mathrm{MSK},S):$quad SK larrKeyGen_(ABE)(MSK,S):\quad S K \leftarrow \operatorname{KeyGen}_{\mathrm{ABE}}(\mathrm{MSK}, S): 密钥生成算法将主私钥MSK和描述密钥的属性集 $S$$S$SS 作为输入。它输出解密密钥 $SK$$SK$SKS K 。
• $CT\leftarrow {\mathrm{Encrypt}}^{\prime }{}_{ABE}(M,ap,\mathrm{MPK}):$$CT\leftarrow {\mathrm{Encrypt}}^{\prime }{}_{ABE}(M,ap,\mathrm{MPK}):$CT larrEncrypt^(')_(ABE)(M,ap,MPK):C T \leftarrow \operatorname{Encrypt}^{\prime}{ }_{A B E}(M, a p, \mathrm{MPK}): The encryption algorithm takes in the master public key MPK, a message $M\in {\mathcal{G}}_T$$M\in {\mathcal{G}}_T$M inG_(T)M \in \mathcal{G}_{T}, and an access policy ap. The algorithm encrypts $M$$M$MM and produces a ciphertext $CT$$CT$CTC T such that only a user with a set of attributes satisfying the access policy will be able to decrypt the message.
  $CT\leftarrow {\mathrm{Encrypt}}^{\prime }{}_{ABE}(M,ap,\mathrm{MPK}):$$CT\leftarrow {\mathrm{Encrypt}}^{\prime }{}_{ABE}(M,ap,\mathrm{MPK}):$CT larrEncrypt^(')_(ABE)(M,ap,MPK):C T \leftarrow \operatorname{Encrypt}^{\prime}{ }_{A B E}(M, a p, \mathrm{MPK}): 加密算法接受主公钥MPK、消息 $M\in {\mathcal{G}}_T$$M\in {\mathcal{G}}_T$M inG_(T)M \in \mathcal{G}_{T} 和访问策略ap。该算法加密 $M$$M$MM 并产生密文 $CT$$CT$CTC T ，使得只有具有满足访问策略的一组属性的用户将能够解密消息。
• $M\leftarrow$$M\leftarrow$M larrM \leftarrow Decrypt ${}^{\prime }{}_{ABE}(CT,SK)$${}^{\prime }{}_{ABE}(CT,SK)$^(')_(ABE)(CT,SK)^{\prime}{ }_{A B E}(C T, S K) : The decryption algorithm takes as input the master public key MPK, a ciphertext $CT$$CT$CTC T (containing an access policy $ap$$ap$apa p ) and a decryption key $SK$$SK$SKS K (generated from an attributes set $S$$S$SS ). If $S$$S$SS satisfies $ap$$ap$apa p, the algorithm will decrypt the ciphertext and return a message $M$$M$MM. Otherwise, it will output $\perp$$\perp$_|_\perp.
  $M\leftarrow$$M\leftarrow$M larrM \leftarrow 解密 ${}^{\prime }{}_{ABE}(CT,SK)$${}^{\prime }{}_{ABE}(CT,SK)$^(')_(ABE)(CT,SK)^{\prime}{ }_{A B E}(C T, S K) ：解密算法将主公钥MPK、密文 $CT$$CT$CTC T （包含访问策略 $ap$$ap$apa p ）和解密密钥 $SK$$SK$SKS K （从属性集 $S$$S$SS 生成）作为输入。如果 $S$$S$SS 满足 $ap$$ap$apa p ，则算法将解密密文并返回消息 $M$$M$MM 。否则，它将输出 $\perp$$\perp$_|_\perp 。
  To emphasize, the attributes in CP-ABE access policy supports integer comparison. For example, suppose an access policy $ap=$$ap=$ap=a p= "David AND age $\ge 11$$\ge 11$>= 11\geq 11 ". Then an attribute set $S_1=$$S_1=$S_(1)=S_{1}= [“David”, “age=12”] will satisfy ap, while attribute set $S_2=$$S_2=$S_(2)=S_{2}= [“David”, “age=10”] will not. The CP-ABE scheme used in our paradigm is inherited from Bethencourt, Sahai and Waters (BSW) implementation [14].
  需要强调的是，CP-ABE访问策略中的属性支持整数比较。例如，假设访问策略 $ap=$$ap=$ap=a p= “大卫和年龄 $\ge 11$$\ge 11$>= 11\geq 11 “。那么属性集合 $S_1=$$S_1=$S_(1)=S_{1}= [“大卫”，“年龄=12”]将满足ap，而属性集合 $S_2=$$S_2=$S_(2)=S_{2}= [“大卫”，“年龄=10”]将不满足ap。在我们的范例中使用的CP-ABE方案继承自Bethencourt、Sahai和沃茨（BSW）实现[14]。

2.3 Combining AES Encryption With BSW CP-ABE
2.3结合AES加密和BSW CP-ABE

• $ct\leftarrow \mathrm{AESEnc}(seed,msg):$$ct\leftarrow \mathrm{AESEnc}(seed,msg):$quad ct larr AESEnc(seed,msg):\quad c t \leftarrow \operatorname{AESEnc}(s e e d, m s g): The AES encryption algorithm takes in a seed for generating the symmetric key, and a plaintext $msg$$msg$msgm s g. It outputs the ciphertext $ct$$ct$ctc t.
  $ct\leftarrow \mathrm{AESEnc}(seed,msg):$$ct\leftarrow \mathrm{AESEnc}(seed,msg):$quad ct larr AESEnc(seed,msg):\quad c t \leftarrow \operatorname{AESEnc}(s e e d, m s g): AES加密算法接受用于生成对称密钥的种子和明文 $msg$$msg$msgm s g 。它输出密文 $ct$$ct$ctc t 。
• $msg\leftarrow \mathrm{AESDec}(seed,ct):$$msg\leftarrow \mathrm{AESDec}(seed,ct):$msg larr AESDec(seed,ct):m s g \leftarrow \operatorname{AESDec}(s e e d, c t): The AES decryption algorithm takes as input a seed and a ciphertext $ct$$ct$ctc t. It outputs a plaintext msg .
  $msg\leftarrow \mathrm{AESDec}(seed,ct):$$msg\leftarrow \mathrm{AESDec}(seed,ct):$msg larr AESDec(seed,ct):m s g \leftarrow \operatorname{AESDec}(s e e d, c t): AES解密算法将种子和密文 $ct$$ct$ctc t 作为输入。它输出一个明文msg。
  As defined in Section 2.2, CP-ABE is extended from public-key encryption scheme and it only allows one to encrypt a message on group ${\mathcal{G}}_T$${\mathcal{G}}_T$G_(T)\mathcal{G}_{T}. To enable encrypting an arbitrary string $msg$$msg$msgm s g, we combine AES encryption with CP-ABE scheme. To simplify the writing, we integrate AES encryption into the CP-ABE scheme. Thus, we redefine the CP-ABE encryption and decryption algorithms as Fig. 1 shows.
  如第2.2节所定义，CP-ABE是从公钥加密方案扩展而来的，它只允许加密组 ${\mathcal{G}}_T$${\mathcal{G}}_T$G_(T)\mathcal{G}_{T} 上的消息。为了能够加密任意字符串 $msg$$msg$msgm s g ，我们将联合收割机AES加密与CP-ABE方案相结合。为了简化编写，我们将AES加密集成到CP-ABE方案中。因此，我们重新定义了CP-ABE加密和解密算法，如图1所示。

3 Problem Statement  3问题陈述

\((c t, C T) \leftarrow \operatorname{Encrypt}_{\mathrm{ABE}}(m s g, a p, \mathrm{MPK}):\)
    \(M \stackrel{R}{\leftarrow} \mathcal{G}_{T}\)
    \(C T \leftarrow \operatorname{Encrypt}_{\mathrm{ABE}}^{\prime}(M, a p, \mathrm{MPK})\)
    \(c t \leftarrow\) AESEnc (M.toBytes(), msg)
    return (ct, \(C T\) )
\(\underline{m s g} \leftarrow \operatorname{Decrypt}_{\mathrm{ABE}}(C T, c t, S K):\)
    \(M \leftarrow \operatorname{Decrypt}_{\mathrm{ABE}}^{\prime}(C T, S K)\)
    \(m s g \leftarrow \operatorname{AESDec}(\) M.toBytes ()\(, c t)\)
    return \(m s g\)

1. If an AGV shows anomalies, rather than being corrupted, the replay problem can be resolved with a timestamp attached within broadcasted messages; the DoS problem can be detected with other monitoring modules.
   如果AGV显示异常，而不是被损坏，则可以通过在广播消息中附加时间戳来解决重放问题;可以通过其他监控模块检测DoS问题。
   

   

4 LBE FROM BSW CP-ABE
4 LBE从BSW CP-ABE

4.1 Construction  4.1建设

• $\mathrm{Setup}(\lambda )$$\mathrm{Setup}(\lambda )$Setup(lambda)\operatorname{Setup}(\lambda) : The setup algorithm takes in the security parameter $\lambda$$\lambda$lambda\lambda. It outputs the master key pair (MPK, MSK).
  $\mathrm{Setup}(\lambda )$$\mathrm{Setup}(\lambda )$Setup(lambda)\operatorname{Setup}(\lambda) ：设置算法接受安全参数 $\lambda$$\lambda$lambda\lambda 。它输出主密钥对（MPK，MSK）。
• KeyGen(MSK, $[x,y])$$[x,y])$[x,y])[x, y]) : The key generation algorithm takes as input the master private key MSK and a location $(x,y)$$(x,y)$(x,y)(x, y), where $x,y\in \mathcal{Z}$$x,y\in \mathcal{Z}$x,y inZx, y \in \mathcal{Z}. It outputs a decryption key $SK$$SK$SKS K.
  KeyGen（MSK， $[x,y])$$[x,y])$[x,y])[x, y]) ）：密钥生成算法将主私钥MSK和位置 $(x,y)$$(x,y)$(x,y)(x, y) 作为输入，其中 $x,y\in \mathcal{Z}$$x,y\in \mathcal{Z}$x,y inZx, y \in \mathcal{Z} 。它输出解密密钥 $SK$$SK$SKS K 。
• Encrypt( $msg,[x_1,y_1,x_2,y_2]$$msg,\left[x_1,y_1,x_2,y_2\right]$msg,[x_(1),y_(1),x_(2),y_(2)]m s g,\left[x_{1}, y_{1}, x_{2}, y_{2}\right], MPK) : The encryption algorithm takes in the master public key MPK, a message $msg$$msg$msgm s g, and two geographical point $(x_1,y_1)$$\left(x_1,y_1\right)$(x_(1),y_(1))\left(x_{1}, y_{1}\right) and $(x_2,y_2)$$\left(x_2,y_2\right)$(x_(2),y_(2))\left(x_{2}, y_{2}\right), where $x_1,y_1,x_2,y_2\in \mathcal{Z}$$x_1,y_1,x_2,y_2\in \mathcal{Z}$x_(1),y_(1),x_(2),y_(2)inZx_{1}, y_{1}, x_{2}, y_{2} \in \mathcal{Z}. The algorithm produces the ciphertext ( $CT,ct$$CT,ct$CT,ctC T, c t ).
  加密（ $msg,[x_1,y_1,x_2,y_2]$$msg,\left[x_1,y_1,x_2,y_2\right]$msg,[x_(1),y_(1),x_(2),y_(2)]m s g,\left[x_{1}, y_{1}, x_{2}, y_{2}\right] ，MPK）：加密算法接受主公钥MPK、消息 $msg$$msg$msgm s g 和两个地理点 $(x_1,y_1)$$\left(x_1,y_1\right)$(x_(1),y_(1))\left(x_{1}, y_{1}\right) 和 $(x_2,y_2)$$\left(x_2,y_2\right)$(x_(2),y_(2))\left(x_{2}, y_{2}\right) ，其中 $x_1,y_1,x_2,y_2\in \mathcal{Z}$$x_1,y_1,x_2,y_2\in \mathcal{Z}$x_(1),y_(1),x_(2),y_(2)inZx_{1}, y_{1}, x_{2}, y_{2} \in \mathcal{Z} 。算法产生密文（ $CT,ct$$CT,ct$CT,ctC T, c t ）。
• $\mathrm{Decrypt}(CT,ct,SK)$$\mathrm{Decrypt}(CT,ct,SK)$Decrypt(CT,ct,SK)\operatorname{Decrypt}(C T, c t, S K) : The decryption algorithm takes as input the master public key MPK, a ciphertext $(CT,ct)$$(CT,ct)$(CT,ct)(C T, c t), and a decryption key $SK$$SK$SKS K. Only if $x_1<x<$$x_1<x<$x_(1) < x <x_{1}<x< $x_2$$x_2$x_(2)x_{2} and $x_2<y<y_2$$x_2<y<y_2$x_(2) < y < y_(2)x_{2}<y<y_{2}, the algorithm will decrypt the
  $\mathrm{Decrypt}(CT,ct,SK)$$\mathrm{Decrypt}(CT,ct,SK)$Decrypt(CT,ct,SK)\operatorname{Decrypt}(C T, c t, S K) ：解密算法将主公钥MPK、密文 $(CT,ct)$$(CT,ct)$(CT,ct)(C T, c t) 和解密密钥 $SK$$SK$SKS K 作为输入。只有当 $x_1<x<$$x_1<x<$x_(1) < x <x_{1}<x< $x_2$$x_2$x_(2)x_{2} 和 $x_2<y<y_2$$x_2<y<y_2$x_(2) < y < y_(2)x_{2}<y<y_{2} 时，算法才会解密