Design of CSKAS-VANET model for stable clustering and authentication scheme using RBMA and signcryption

A public key infrastructure-enabled system authentication model is developed to provide essential security functions for Vehicular ad hoc networks (VANETs). An intelligent transportation system is provided by VANET, an emerging technology. Dedicated short-range communication is used to disseminate messages wirelessly. Communications may be hacked, and messages can be stolen or fabricated. Hence, authenticated communication is crucial in the VANET environment. Some parameters such as trust, authentication, privacy, and security are at high risk. This article suggests a VANET with secure authentication and trust-based clustering mechanisms to provide stable and secure communication. Initially, the Restricted Boltzmann Machine learning algorithm (RBMA) is used to select the cluster head, which depends upon trust, vehicle lifetime, and buffer level. Then, cluster members are formed, followed by grouping. Diffie–Hellman Hyperelliptic Curve Cryptography and cryptographic hash functions are used by signcryption for secure communication in VANET. Therefore, the essential component of the key agreement strategy that will give superior authentication is this signcryption mechanism. Over the medium access protocol layer, all of these security characteristics are updated. The proposed method of clustering signcryption key agreement scheme (CSKAS) approach reduces time complexity and increases packet delivery ratio which is vital in providing stable, secure communication.

1 Introduction

Vehicular Ad hoc Network extensively uses vehicle nodes to ensure an intelligent transportation system (ITS). Most currently available suggestions only consider a single component, making the connection easy to break, even though VANETs are the subject of multiple excellent geographic routing protocols. This study focuses on an RMFD-based multi-featured routing algorithm (Mukhtaruzzaman and Atiquzzaman, 2020). Vehicles serve as the primary communication participants in VANETs, a subset of mobile ad hoc networks. Two ways interact the VANET system: vehicle-to-infrastructure (V2I) and vehicle-to-vehicle (V2V) communication; in contrast to MANETs, VANETs stand out for their remarkable adaptability (Kosuru et al., 2022).

Consequently, VANETs' network topology is constantly changing (Mirsadeghi et al., 2021). Connection link conditions between cars frequently shift due to vehicle movement, occasionally resulting in network disconnection. However, GPS data on the vehicle's location, speed, and the presence of obstacles on either side of the main road can be used to predict vehicle movement. Due to the requirements of a relatively high ratio to the final destination in a relatively short time, designing an appropriate routing protocol for VANETs remains challenging. Data packets are transported along road segments in VANETs, and at junctions, decisions are made regarding where to transmit them (Tan and Chung, 2020). Consequently, in the event of a link failure, the payload will be transcoded to the final intersection node to choose a new path. Accordingly, Source nodes at intersections verify connectivity by examining the link of nearby nodes. As a result, cars choose areas of the road where data packets can be transferred. The decision of a vehicle among the potential vehicles to work as the next jump interfacing two nodes is a basic test that should be tended to.

The primary contribution of the study is as follows:

• Innovative clustering with RBM: implements clustering methods using the Restricted Boltzmann Machine algorithm to select cluster heads based on trust, lifetime, and buffer level, enhancing communication efficiency and reliability in VANETs.

• Trust-based security enhancement: incorporates a trust parameter in cluster management, significantly reducing security risks and ensuring stable communication links.

• HEC-based signcryption scheme: adopts a hyperelliptic curve-based signcryption key agreement scheme for robust, scalable, and resilient communication, protecting against a wide range of cryptographic attacks.

• Optimal security-stable performance: achieves stable communication through clustering of vehicles and secure mechanism eliminates the malicious node entering into communication link, which is essential for the high-speed environment of VANETs.

When choosing the cluster head and cluster members in a VANET, an AI-based model restricted Boltzmann machine algorithm can aid in effective communication, maximize packet delivery ratio, increase throughput, and boost overall network performance. The proposed RBMA with HECC method provides an effective framework for clustering and secure communication in VANET because it can provide dynamic selection, self-organization, real-time updates, and secure communication.

In Section 2 of the article, a thorough literature review is mentioned. Section 3 covers the technique for employing the constrained Boltzmann machine algorithm to choose the optimal cluster head in the proposed approach. Authentication methods and a discussion of secure routing are illustrated in Section 4. Section 5 discusses the security analysis of the proposed system, followed by results, discussion, and conclusion.

2 Related works

The dynamic environment of vehicles is a challenge to provide stable communication. To provide stable communication, clustering of vehicles is done based on their similar behavior of the vehicle. Clustering schemes can be divided into intelligent-based, mobility-based, and multihop-based. Apart from these clustering techniques, trust-based clustering should be done to provide a trusted and stable communication (Mukhtaruzzaman and Atiquzzaman, 2020). Energy efficient clustering techniques have been proposed by authors but in VANET since vehicles move around and their energy gets stored automatically in vehicles, since VANET communicates wirelessly, hackers may hack the communication hence trusted communication plays a significant role (Kosuru et al., 2022). Trusted cluster communication is proposed by the authors but strong encryption and decryption of the message will provide high end to end secure communication between vehicles (Mirsadeghi et al., 2021). The author created a novel VANET system model, which includes a safe key management and identification method. It provides the necessary storage and computing capacity and focuses on edge cloud computing (Tan and Chung, 2020).

The article discusses privacy and trust in the network that connects vehicles that presents a system with a mechanism in the blockchain-based anonymous authentication scheme (BARS) that safeguards the confidentiality of vehicle identification and prevents the transmission of fraudulent communications between automobiles, but system complexity could occur (Cheng et al., 2022). Using mobility prediction, the author created a centralized routing strategy for the connecting network of vehicles. Authors used machine learning techniques to predict the mobility of nodes; likewise, machine learning algorithms could be used to provide a trusted clustering in VANET (Tang et al., 2019). The article discussed various challenges in the dynamic resource allocation system in VANETs. The proposed framework is based on 5G network-based VANET models. The presented system formulates privacy-preserving VANET using the BAN model with the SUMO tool (Li et al., 2020). A privacy-preserving cloud-controlled vehicular ad-hoc network considers various roadside units. It frames the cloud-assisted feedback model for privacy-preserving VANETs. A strong authentication protocol could increase the efficiency of vehicle communication (Wei et al., 2019).

Trust aware clustering routing protocol was proposed by the author (Kadam et al., 2023). Ant Colony Optimization technique is used for the formation of the cluster, to avoid routing attacks; strong encryption algorithms are needed (Kadam et al., 2023). An improved RSU authentication was discussed by authors (Cheng and Liu, 2020), but if RSU gets compromised, there would be chaos in the whole system. A secure and privacy-preserving authentication technique was proposed by the authors (Alfadhli et al., 2020). This approach utilizes a blend of physically unclonable functions (PUF) and dynamically generated one-time pseudo-identities for authentication purposes. ECC-based novel authentication is been discussed by the authors to provide secure communication but the highly dynamic nature and stability of the vehicle have not been discussed (Godse and Mahalle, 2018). HPBS scheme was proposed to reduce malicious node communication, and public key infrastructure is used to authenticate vehicles, but a trust metric is not introduced to classify genuine and malicious nodes which would reduce the complexity of the system (Liu et al., 2020).

This study introduces a lightweight and efficient authentication technique named LESPP, which is designed to ensure good privacy preservation for secure VANET communication. The proposed scheme uses a self-generated pseudo-identity to ensure privacy and traceability, but the stability of vehicles is not concentrated (Nandy et al., 2021). Using mobility prediction, the author might devise a centralized routing strategy for the vehicle-connecting network. Various understandings of VANET architecture in the existing articles are beneficial to derive a novel system for archiving better throughput and reduced data loss (Fonseca and Festag, 2006; Wang et al., 2006; Sun et al., 2010; Wasef et al., 2010; Mershad and Artail, 2013; Bhoi and Khilar, 2014; Chim et al., 2014; Dhurandher et al., 2014; Woo et al., 2014; Bitam et al., 2015; Janani and Manikandan, 2018). To provide a good authentication scheme, use of one-way hash functions and lightweight bitwise XOR operations in a two-tiered method that includes a trusted authority and vehicles for establishing authentication is established (Rawat et al., 2022). There are various methods discussed to provide trust-based authentication schemes in VANET. The proposed method deals with providing a stable and secure communication scheme.

A comprehensive review of the literature reveals that one of the primary challenges in vehicular networks is the dynamic mobility of vehicles. Given that messages are transmitted wirelessly, there is a risk of hackers intercepting and manipulating the communication, leading to potential diversions for users. Therefore, establishing a stable and secure communication system is crucial in vehicular ad-hoc networks, a key focus of the proposed solution in this article.

In the proposed approach, the combination of the Restricted Boltzmann Machine Algorithm (RBMA) and Hyper Elliptic Curve Cryptography (HECC) with signcryption in vehicular ad-hoc networks constitutes a noteworthy breakthrough, especially due to the collaborative impact of these technologies in improving security and operational efficiency. RBMA, renowned for its strength in unsupervised learning, is particularly skilled at detecting patterns and anomalies in node, facilitating superior and dynamic clustering. This is vital for the effective management of VANETs, enhancing the organization and processing of network data. In contrast, HECC offers a potent security solution with smaller key sizes than the traditional Elliptic Curve Cryptography, ensuring a balance between high security and efficiency in signcryption tasks. This synergy offers a dual benefit: RBMA's effective clustering significantly reduces network processing load and delays, while HECC brings forth a robust, yet compact cryptographic framework, augmenting the overall performance and security of the network. The combined effectiveness of RBMA and HECC signcryption aptly meets the unique demands of VANETs, such as constant high-speed movement, varying network densities, and rigorous security needs, thus outstripping prior solutions that might not effectively address both efficiency and security simultaneously.

The model presented sets itself apart from existing methods by incorporating a Hyper Elliptic Curve Cryptography (HECC)-based signcryption scheme and ensuring secure authentication and key management between Road-Side Units (RSUs) and vehicles. This approach introduces a groundbreaking signcryption system within the realm of certificate-based cryptography, aimed at improving security and privacy in VANET networks. Beyond just facilitating secure communication, the model also guarantees communication stability through the application of clustering technique. Focusing on both the stability and security of communication, this innovative method greatly enhances the effectiveness of VANET communication, forging a path toward an Intelligent Transportation System, an aspect not previously explored in existing research.

3 Proposed methodology

Three significant entities are present in our system model: certifying authority, vehicles, and roadside units. The novel architecture with hierarchical architecture is shown in Figure 1.

Figure 1

Figure 1. Proposed system—system architecture.

Certifying authority (CA): in vehicular networks, one crucial role is to trust. Centralized managing authority and power with adequate storage capability are considered CA. A certifying authority (CA) is used to register each RSU, followed by the attack of vehicular networks. It fails to negotiate by the attackers.

Roadside unit (RSU): CAs are connected wirelessly with the vehicles through this unit. It acts as a primary tool to build the VANET infrastructure. Its advantages include reliability, secured internal data storage, and easy installation. It is used on roads such as traffic signals, gas stations, and parking units. These units are directly interconnected with one another.

Vehicles: the three vehicle components are an onboard unit (OBU), sensors, and a global positioning system (GPS). Each node is triggered to communicate through the wireless medium by OBU. The vehicle communication range is 250 m.

3.1 Parameters required for cluster head selection based on restricted Boltzmann machine algorithm in proposed approach

Restricted Boltzmann Machines (RBMs) exhibit distinct characteristics and benefits when compared with other Artificial Neural Network (ANN) models. RBMs excel in efficiently managing the dynamic and frequently non-linear characteristics of VANET data, a task that is difficult for conventional ANNs. RBMs excel in feature identification and unsupervised learning, enabling them to effectively identify and react to the evolving patterns of vehicle movement and communication. Conversely, conventional artificial neural network models, which perform well in supervised learning, may need a large amount of labeled data to produce comparable outcomes, a challenging requirement in the dynamic VANET setting. RBMs are well suited for VANETs due to their scalability and resistance to overfitting, which is important in handling the enormous and varied data volume in such networks. Certain artificial neural networks that may encounter challenges related to overfitting or scalability in similar situations. RBMs' generative nature offers a detailed insight into data distributions in VANETs, which is crucial for forming clusters effectively, as opposed to the discriminative approach of traditional ANNs. RBMs provide characteristics that make them a more versatile and effective option for cluster formation in the complicated and ever-changing environment of VANETs, hence restricted Boltzmann machine algorithm is used in the proposed approach for effectively grouping vehicles into clusters.

Initially, the Restricted Boltzmann machine learning algorithm (RBMA) is used to select cluster head which depends upon parameters such as trust, the lifetime of a vehicle, and buffer level. Secure authentication-based routing is processed, followed by choosing the best CH.

3.1.1 Buffer monitoring

Broadcast messages are those that are sent over the VANET. Basic safety messages, emergency communications, messages geared toward pleasure or entertainment, and messages encouraging information exchange are sent over the network. Since this communication scenario in VANET, there is a potential for congestion where messages must wait in line to be delivered, and packet overflows may also occur. Consequently, traffic load has to be observed. Let B be a neighboring node, let q_j be the jth sample value indicating the queue length at the current instant, and Q be the total number of samples collected throughout the interest. The average traffic load at node B can be formulated as shown in Equation (1).

$\begin{array}{ll}LT(B)={(\frac{1}{Q})}^{*}{\displaystyle \sum _{j=1}^n}{q}_j& (1)\end{array}$

Traffic load intensity is expressed as mentioned in Equation (2).

$\begin{array}{ll}LTI(B)=(LT(B)/qmax)& (2)\end{array}$

where, qmax = maximum length, the traffic load intensity function at node B is followed by the interface queue of node B's maximum length, qmax, at the MAC layer.

Then, using the following Equation (3), the packet neighboring success probability concerning potential queue overflows denoted by PQ at node B can be modeled.

$\begin{array}{ll}PQ=1-LTI(B).& (3)\end{array}$

3.1.2 Lifetime of vehicle

Vehicles are highly dynamic since they move from one source to the other. The vehicle node's velocity determines the vehicle's lifetime. It is defined as the time it takes for a car to become available in that bandwidth as shown in Equation (4).

$\begin{array}{ll}LT(i)=\frac{d_{ith}}{V(i)}& (4)\end{array}$

LT(i)–lifetime of vehicle i;

d_ith–distance from the sending/forwarding vehicle;

V(i)–velocity of vehicle i.

3.1.3 Node trustworthiness evolution

The local trust score is computed by analyzing vehicle behavior. A vehicle's proper behavior is shown when transmitting messages at consistent intervals, and vehicle trustworthiness is calculated by examining the control messages. Beacon messages transmitted during the transaction are saved and used for determining trust. The messages include information about the number of packets sent, delivered, and dropped. While exchanging messages, trusted nodes show an increased rate of effective message delivery compared with opponent nodes. On commencement of message exchange between node “i” and “j,” acknowledgment is produced from them. From beacon messages, packet forwarding ratio (P_Forw) and delivery ratio (P_Del) are determined as shown in Equations (5, 6), respectively.

$\begin{array}{ll}{P}_{Forw}=\frac{M_S^{Forw}-M_F^{Forw}}{M_S^{Forw}+M_F^{Forw}}& (5)\end{array}$

$\begin{array}{ll}{P}_{Del}=\frac{M_S^{Del}-M_F^{Del}}{M_S^{Del}+M_F^{Del}}& (6)\end{array}$

$M_S^{Forw}$–effective forwarding rate; $M_S^{Del}$–effective delivery rate;

$M_F^{Forw}$–unsuccessful forwarding rate; $M_F^{Del}$–unsuccessful delivery rate.

From the ratio determined, node “i” finds the trust of “j” using the bayes theorem (Janani and Manikandan, 2018). A continuous random variable (φ) is computed at steady intervals in 0 ≤ φ ≤ 1. The Probability Distribution Function (PDF) of “φ” at time “t” is given by Equation (7),

$\begin{array}{ll}\begin{array}{l}{f}_t(\phi )=\frac{f_t(P_{Forw}^t|\phi ,P_{Del}^t )f_{t-1}(\phi )}{{{{\displaystyle \int }}^{\text{}}}_0^1{f}_t(P_{Forw}^t|\phi ,P_{Del}^t )f_{t-1}(\phi ).d\phi }\hfill \end{array}& (7)\end{array}$

where f_t current time and f_t−1 previous time.

Equation (7) describes how the trustworthiness of node j can be calculated using the bayes theorem. The equation takes into account the probability distribution of φ at time t and the data from time t−1 f_t−1(φ) to calculate the probability distribution of φ at time t (f_t(φ)). The equation is then integrated over φ to obtain the absolute trustworthiness of node j. As a result, it is determined using bayes theorem, and it may be a percentage where “φ” is distributed over a period [0, 1], and the best PDF to define this is beta distribution (BD). Binomial distribution at “t” is obtained from the likelihood function as shown below in Equation (8):

$\begin{array}{ll}\begin{array}{l}{f}_t(P_{Forw}^t|\phi ,P_{Del}^t )=\left(\begin{array}{l}{P}_{Forw}\\ P_{Del}\end{array}\right){\phi }^F{(1-\phi )}^{F-D}\hfill \end{array}& (8)\end{array}$

Equation (8) describes the probability of a forward progress ($P_{Forw}^t$) and a delivery ($P_{Del}^t$) occurring at time t, given a certain possibility ϕ. The equation is derived from the beta distribution and the binomial distribution. The beta distribution is used to describe the likelihood of ϕ being distributed over the period [0,1]. “φ” is found to be beta-distributed, “i” determines sequential random variable (φ₁, φ₂, .... φ_n) for “j” at fixed intervals. It is assumed that PDF “f_t(φ)” and “f_t−1(φ)” follow BD represented by “φ” in Equation (9):

$\begin{array}{l}Beta\phi (\gamma ,\delta )=\frac{{\phi }^{\gamma -1}{(1-\phi )}^{\delta -1}}{{\displaystyle {\int }_0^1}{\phi }^{\gamma -1}{(1-\phi )}^{\delta -1}.d\phi }where,\gamma ,\delta -variables\\ \hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}ofBD,\gamma ,\delta >0& (9)\end{array}$

At t = 0, nodes are not known to one another, and variables of BD should be neutral. It is assumed that γ, δ ∈1. Furthermore, the node finds PDF iteratively, as shown below:

Finally, trust (T_i) for “i” is determined from BD mean as mentioned in Equation (10):

$\begin{array}{l}{T}_i=\omega (\gamma ,\delta )=Beta\phi (\gamma ,\delta )=\\ \frac{{\gamma }_{t-1}+P_{Forw}^t}{{\gamma }_{t-1}+P_{Forw}^t+{\delta }_{t-1}+P_{Del}^t-P_{Forw}^t}& (10)\end{array}$

where, T_i∈[0, 1 ].

If T_i>0.5, node behavior can be trusted; when T_i < 0.5, The node is said to be malicious; when the network is initialized, initial trust will be substituted by the new trust over a period depending on the behavior of the conforming vehicle during message interchange. Trust is computed depending on direct experience providing consistent trust in the target node.

3.2 Restricted Boltzmann machine algorithm-based cluster head selection

The RBM neural network is a component of the energy-based model. This deep machine-learning technique is probabilistic, unsupervised, and generative. It is the goal of RBM to identify the joint probability distribution that maximizes the log-likelihood function. RBM contains two layers: the input layer, a visible layer, and the hidden layer, as shown in Figure 2. All nodes were connected in the original Boltzmann machine. The restricted Boltzmann machine is so named because it restricts intralayer connections. Since they are undirected, RBMs do not use gradient descent and backpropagation to modify their weights. Through a procedure known as contrastive divergence, they adjust their weights (MohanaPriya and Mercy Shalinie, 2017).

Figure 2

Figure 2. Structure of Restricted Boltzmann machine learning algorithm.

Equation (11) is a trust configuration of a restricted Boltzmann machine where V = v1, …, vn are visible nodes, while h = h1, ..., h_n is “n” hidden units. The weight matrix (w_nm) and bias units a_im and b_jn of each node in the visible-hidden layer are connected to the edges of these layers. RBM's configuration may be represented by Equation (11).

$\begin{array}{ll}C(V,H)={\displaystyle \sum _{i=1}^m}{\displaystyle \sum _{j=1}^n}{S}_{m,n}{h}_n{v}_m-{\displaystyle \sum _{i=1}^m}{a}_{im}{v}_m-{\displaystyle \sum _{j=1}^n}{b}_{jn}{h}_n& (11)\end{array}$

where a C(V, H) = total weight of the RBM configuration;

S_{m, n}, strength of the connection between two nodes, m and n, in the network;

a_i, b_j bias units of visible and hidden layers;

v_m visible unit;

h_n hidden unit of the network.

The proposed protocol uses the RBM algorithm that self-learns the buffer, the lifetime of a vehicle, and trust metrics to provide an optimal cluster head (CH). The visible layer of RBM is trained with an input feature vector (fv) = (senderip, destinationip, srcmac, destmac) and traffic parameter vector (cv) = (Node_buffer, Node_lifetime, Node_trust). The hidden layer learns and processes the feature and trust vectors to identify the malicious routes during the routing process in the RBM protocol. RBM's hidden layer is called a processing layer that maps the input with the incoming network traffic.

The joint probability distribution of visible and hidden layers at the training phase is represented as Equation (12).

$\begin{array}{ll}J(V,H)=(\frac{1}{\varphi })*exp\left\{-C(V,H)\right\}& (12)\end{array}$

where ϕ is the normalizing constant factor for visible and hidden layers, and it is given by Equation (13).

$\begin{array}{ll}\varphi ={\displaystyle \sum _v}{\displaystyle \sum _h}exp-C\left[fv,cv\right],H\left[fv,cv,NI{T}_{nt-tf}\right]& (13)\end{array}$

where NIT_nt−tf is the new incoming network traffic pattern.

At first, the model parameter fails at φ = 0. In that instance, iterative optimization based on an alternate iteration technique can be used to update the value of the model parameter. As a result, the value of φ_i may be estimated from sample Vi. It is possible to utilize the starting value of φ_i+1, which is produced from training the previous sample, as φ_i. The model parameter, φ_i+1, will be estimated using the following sample. The optimization procedures are carried out again until the termination requirements are met. The hidden layer self-learns the input vectors to calculate the nearby success probability concerning potential queue overflows for all the participating nodes engaged in the RBM process. In contrast to previous unsupervised neural network learning techniques, the visible–visible and hidden–hidden layer constrained connections allow for a quick learning strategy. In any of the following two scenarios, the conditional probability distribution may be calculated using the joint probability distribution:

1. The hidden layer values are computed by feeding the input values to the visible layer as P (h_n/v_m).

2. The values of the visible layer are computed by feeding the input values to the hidden layer as P (v_m/h_n).

The same can be computed using the Gibbs sampling method, and the given input features in the visible layer are represented as Equation (14).

$\begin{array}{ll}GS(\frac{h_n}{v_m})={\displaystyle \sum _v}sigmoid(b_{jn}+v^{T}w:j)& (14)\end{array}$

PQ(i) is the packet neighboring success probability for possible queue overflows, v(i) indicates vehicle's velocity, and T is the final trust factor. Here, the E_VANET efficient VANET node will be selected as the cluster head represented in Equation (15), and their range vehicles become cluster members by receiving CH messages.

$\begin{array}{ll}{E}_{VANET}=-\left[w_1.PQ(i)+w_2.T(i)+w_3\frac{d_{ith}}{V(i)}\right]& (15)\end{array}$

High mobility and rapid moving network topologies are characteristics of vehicular ad hoc networks. In VANETs, efficient clustering is crucial for improving overall network performance and communication. The aim is to integrate important parameters that represent the network's real-time state and use the Restricted Boltzmann Machine Algorithm (RBMA) for dynamic and effective cluster selection. The fitness function as in Equation (15) plays a pivotal role in determining the suitability of a node as cluster head and cluster member. The main components given as inputs are buffer monitoring that is used to analyze packet success probability rate (PQ) of node, indicating the efficiency of a node in handling network traffic, trust of a vehicle (T), assessing the reliability based on historical communication behavior of node, and velocity of the vehicle, relevant to the node's stability in the network due to mobility.

Input layer: PQ success probability rate mentioned in Equation (3), lifetime of a vehicle is calculated as in Equation (4), and trust as mentioned in Equations (5, 6). These characteristics are used to represent each VANET node.

Hidden layer: encodes complex interdependencies between these features.

Training process: RBMA is trained on historical data from the VANET, learning the probabilistic distribution of the node features as mentioned in Equation (12).

The training helps RBMA understand typical patterns and anomalies in node behavior.

Fitness evaluation: Nodes are evaluated based on the fitness function as in Equation (15).

Weights are optimized w₁, w₂, w₃ to reflect the significance of each feature in the VANET scenario.

Within VANETs, the Restricted Boltzmann Machine Algorithm (RBMA), real-time clustering mechanism is notable for its flexible and dynamic methodology. The RBMA rates each network node's fitness by continuously evaluating it in accordance with its updated Packet Success Probability Rate (PQ), Trustworthiness (T), and Life time (LT) of vehicle based on node's velocity range. These scores are then used to pick cluster head and members to reliably sustain communication and manage the network. The real strength of the system is its adaptability; the RBMA smoothly modifies its clustering decisions as VANET conditions change, whether because of differences in traffic load or changes in node mobility. This adaptability makes a more responsive and durable network architecture possible and is essential for maintaining network performance and efficiency in the constantly evolving VANET environment.

Figure 3 shows the flow diagram of the proposed approach. At the initial stage, nodes of VANET will be distributed. A cluster is formed to create stability. In the proposed approach, clusters are formed by a restricted Boltzmann machine algorithm using inputs such as buffer monitoring, lifetime of a vehicle, and trust metric. Buffer monitoring should be low, the success probability of the neighborhood for delivering packets should be high and trust factor should be high, and velocity of the vehicle should be low to maintain the lifetime of the vehicle. If all these conditions satisfy, grouping of vehicles is done, and then, secure communication is provided through hyperelliptic curve cryptography with signcryption. The packets are signcrypted at source and unsigncrypted at receiver side to provide stable and secure communication.

Figure 3

Figure 3. Flow diagram of the proposed approach.

4 Secure routing and authentication scheme in proposed approach

Public-key cryptography, or hyperelliptic curve cryptography (HCC), is the Elliptic curve cryptography (ECC) successor. Every user has a set of private and public keys. While public keys are used for encryption and signature generation, private keys are utilized for decryption and unsigncryption. The main objective of the proposed approach is to bring an efficient key authentication scheme based on a signcryption system. It utilizes hyperelliptic curve cryptography and two one-way cryptographic hash functions. The significant advantage of using a hyperelliptic curve is its key size.

The proposed work procedure consists of six steps:

1. Setup phase.

2. RSU registration phase.

3. Registration phase of vehicles.

4. Key agreement phase between RSU, vehicles, and CA.

5. New Joining vehicles updating phase.

6. Cancellation of affected or failed vehicles.

During the setup phase, the certificate authority (CA) creates the essential infrastructure and protocols, such as security measures and the deployment of roadside units (RSUs). During the RSU registration phase, each RSU undergoes authentication and registration with the CA to establish a secure network environment. During the registration phase for vehicles, vehicles undergo authentication and registration to enable secure and authorized network participation. The key agreement phase is essential for establishing safe communication protocols between roadside units, automobiles, and the certificate authority. It involves cryptographic key generation and exchange to ensure secure communication. The new joining vehicles updating phase ensures the expansion of the network and incorporation of new trusted vehicles seamlessly while maintaining a stable and trusted communication. Finally, the removal of affected or failed vehicles is crucial for network integrity. Non-operational or compromised vehicles are eliminated from the network to maintain security and efficiency. This thorough process guarantees a trusted, secure, and effective communication network in an intelligent transportation system.

The subsection below will explain all the work phases in providing a secure routing and authentication scheme. Table 1 describes the notation used in this article.

Table 1

Table 1. Notation used in the article.

4.1 Setup phase

Certificate authority CA_st will do this setup phase. This setup phase consists of creating public and private keys of node users, and the procedures are as follows.

a. To choose the private key D_pk . CA_st uses a hyperelliptic curve (HEC) in order of c with finite field F_c and selects the number from the set φ_st, φ_st ∈ [1, 2, 3, …(c−1)] uniformly.

b. CA_st generates the public key Υ_st asΥ_st = φ_st.J. Here, J indicates the divisor of the hyperelliptic curve.

c. It chooses the two hash functions H_a andH_b.

d. Finally, it publishes the parameters.

$\begin{array}{l}K=\left[F_c,D_{pk},HEC,J,{{\rm Y}}_{st},H_a,H_b\right]\end{array}$

4.2 Registration phase of RSU

CAst will handle this registration of RSU, and its process will be as follows:

a. CA_st will select the RSU id E_i;

b. Computes the private key for the RSU E_i as X_i = φ.H_a(E_i)mod c;

c. Computes the public key as Y_i = X_i.J;

d. Then, certificate for E_i is calculated as shown in Equation (16).

$\begin{array}{ll}cer{t}_i={{\rm Y}}_{st}+(X_i)H_a(E_i||Y_i)& (16)\end{array}$

e. Finally, CA_st will update the memory of E_i as

$\begin{array}{l}(E_i,{cer{t}_i,X}_i,Y_i)\end{array}$

4.3 Registration phase of vehicles

Registering the vehicles is needed, which is deployed in that network. CAstand will handle this registration process. The process is as follows:

a. CA_st will select the vehicle id ID_i;

b. Computes the private key for the vehicle ID_i as XV_i = φ.H_a(ID_i)mod c;

c. Computes public key as YV_i = XV_i.J;

d. Then, certificate for ID_ds is calculated as in Equation (17).

$\begin{array}{ll}cert{v}_i=Y{V}_i+(X{V}_i)H_a(I{D}_i||Y{V}_i)& (17)\end{array}$

e. Finally, CA_st will update the memory of the vehicle node id ID_i as (ID_i, cert_{vi, XVi}, YV_i ).

4.4 Communication and key agreement phase between RSU, cluster head and member, and certificate authority

Let us consider cluster head CH vehicles CID_i and its member vehicles MID_i want to connect inside the network. It should have a key agreement and mutual authentication phase to be carried out.

4.4.1 Stage 1

If the RSU E_i is in the range of CH vehicle CID_i,the below process will be performed.

a. It selects σ_i, σ_i ∈ [1, 2, 3, …(c−1) ];

b. It computes ε_i = σ_i.J;

c. It computes α_i = ε_i.E_i.YV_i;

d. Then, it encrypts _i = E_αi(E_i||Nonce_i);

e. Then, it computes certificate as ∂_i = certv_i+H_b(message||E_i||Nonce_i );

f. The signature is computed as ${\beta }_i=(\frac{{\sigma }_i}{{\partial }_i+X_i}{E}_i)modq$;

g. Finally, using the open network, it sends the key with necessary information as shown in Equation (18).

$\begin{array}{ll}{\Omega }_1=({\beta }_i,{\partial }_i{,}_i,{\epsilon }_i,{\alpha }_i)& (18)\end{array}$

to vehicle CID_i.

4.4.2 Stage 2

Suppose CH vehicle CID_i receives the key Ω₁ from the RSU E_i. In that case, it will check the validity of the key and add its cluster member information and sends it to the certificate authority via RSU to CA_st, and the following process will be performed:

a. It needs to decrypt (E_i||Nonce_i = D_α(_i) and verify the freshness of Nonce_i;

b. To check the certificate, E_i will check the condition as follows:

$\begin{array}{l}{{\rm Y}}_{st}+Y_i.H_a(CI{D}_i||Y{V}_i)=cert{v}_i.J\end{array}$

c. Then, it checks the signature for validation as follows:

$\begin{array}{l}{\beta }_i(Y{V}_i+{\partial }_i.J)=CI{D}_i.{\epsilon }_i.X{V}_i\end{array}$

d. If the signature is valid, it computes the ε_i = σ_i.J Where σ_i ∈ [1, 2, 3, …(c−1) ]

e. Then, it computes certificate ∂_i

$\begin{array}{l}{\partial }_i=cert{v}_i+H_b(messag{e}_i||CI{D}_i||MI{D}_i||Nonc{e}_i)({\sigma }_i).\end{array}$

f. The following calculation will be performed for updating session key:

$\begin{array}{l}{\vartheta }_i={\sigma }_i{\epsilon }_i={\sigma }_i.J\end{array}$

g. By using the above relation, it finds out the session key, and it needs to be shared with the cluster head and cluster member as follows:

$\begin{array}{l}{\nu }_i=H_b(message||CI{D}_i||MI{D}_i||Nonc{e}_i||{\vartheta }_i)\end{array}$

h. The above session key can be verified as follows:

$\begin{array}{l}H{\nu }_i=H_b(Nonc{e}_i||{\nu }_i)\end{array}$

i Finally, using the open network, it sends the key of the cluster head and its members via RSU as mentioned in Equation (19).

$\begin{array}{ll}{\Omega }_2=(H{\nu }_i,Nonc{e}_i,{\epsilon }_i,CI{D}_i,MI{D}_i{X}_i,{\partial }_i)totheC{A}_{st}& (19)\end{array}$

4.4.3 Stage 3

Once CA_st receives the key Ω₂, the keying procedure done in the cluster head and cluster member. For that, it will do the computations as follows:

a. It needs to decrypt (message|| MID_i||CID_i ||Nonce_i) = D_α(_i) and verify the freshness of Nonce_i;

b. To check the certificate of the sender vehicle, it will check the condition as follows:

$\begin{array}{l}{{\rm Y}}_{st}+Y_i.H_a(CI{D}_i||{MI{D}_i||YV}_i)=cert{v}_i.J\end{array}$

c. Then, it checks the signature for validation as follows:

$\begin{array}{l}{\beta }_i(Y_i+{\partial }_{is}.J)=CI{D}_i.{MI{D}_i.\epsilon }_i.X{V}_i\end{array}$

d. If the signature is valid, it computes ε_CAst = σ_CAst.J Where σ_CAst ∈ [1, 2, 3, …(c−1) ]

After verifying the cluster head and cluster member, certificate authority generates a certificate.

e. Then, it computes its certificate ∂_CAst as follows:

$\begin{array}{l}{\partial }_{C{A}_{st}}=cer{t}_{C{A}_{st}}+\\ H_b(message||CI{D}_i||MI{D}_i||C{A}_{st}||Nonc{e}_{G{C}_{st}})({\sigma }_{C{A}_{st}}).\end{array}$

f. The following calculation will be performed to update the session key:

$\begin{array}{l}{\vartheta }_{iC{A}_{st}}={\sigma }_i{\epsilon }_{C{A}_{st}}={\sigma }_i.{\sigma }_{C{A}_{st}}.J\end{array}$

g. To find out the relation of the nonce key, it computes as _iCAst = E_αi(Nonce_i||Nonce_CAst);

h. By using the above relation, it finds out the session key, and it needs to be shared with CID_ds as follows:

$\begin{array}{l}{\nu }_{drC{A}_{st}}=H_b\\ (message||CI{D}_i||MI{D}_i||C{A}_{st}||Nonc{e}_{iC{A}_{st}}||{\vartheta }_{iC{A}_{st}})\end{array}$

i The above session key can be verified as in Equation (20).

$\begin{array}{ll}H{\nu }_{iC{A}_{st}}=H_b(Nonc{e}_{iC{A}_{st}}||{\nu }_{iC{A}_{st}}).& (20)\end{array}$

j Finally, using the open network, it sends the key as follows:

$\begin{array}{l}{\Omega }_3=(H{\nu }_{iC{A}_{st}},Nonc{e}_{iC{A}_{st}},{\epsilon }_i,CI{D}_i,MI{D}_i{\epsilon }_i,X_i,{\partial }_{C{A}_{st}})\end{array}$

to cluster head vehicle CID_i via RSU.

4.4.4 Stage 4

a. The cluster head vehicle receives the key Ω₃.

b. Messages are again decrypted, and then, the certificate and signature are verified.

c. After mutual authentication between the roadside unit, vehicles with cluster heads, cluster members, and certificate authority, communication starts with a vehicle-to-vehicle, vehicle-to-RSU, and vehicle-to-certificate authority via RSU. If the certificate and signature are invalid in these three stages, the communication between those nodes is blocked.

4.4.5 New joining vehicles updating phase

If any new cluster head CID_new or member vehicle MID_Newwants to join inside the cluster or the network, CA_st will add the network as follows:

a. CA_st will select the new cluster head CID_new or member vehicles MID_New;

b. Computes the private key for the vehicle CID_new or MID_New ;

c. XCH_new = φ.H_a(CID_i)mod c;

d. XMCH_new = φ.H_a(MID_i)mod c;

e. Compute public key as YCH_new = XCH_new.J and YCM_new = XCM_new.J;

f. Then, the certificate for CID_new is generated as mentioned in Equation (21).

$\begin{array}{ll}cer{t}_{cid}={{\rm Y}}_{st}+(XC{H}_{new})H_a(CI{D}_{new}||YC{H}_{new})& (21)\end{array}$

Same way for cluster members certificate is generated as in Equation (22).

$\begin{array}{ll}cer{t}_{mid}={{\rm Y}}_{st}+(XMC{H}_{new})H_a(MI{D}_{new}||YMC{H}_{new})& (22)\end{array}$

Finally, CA_stwill update the memory of the cluster vehicle node id CID_new as (CID_new, cer_{tcid, XCHnew}, YCH_new) and

g. MID_New as (MID_new, cer_{tmid, XMCHnew}, YMCH_new ).

4.4.6 Vehicles leaving the clusters and joining the clusters

When a vehicle within a cluster decides to exit, it submits a departure request to the cluster's leading vehicle. This head vehicle responds by acknowledging the request and proceeds to exclude the departing vehicle from the cluster. In cases where the head vehicle itself plans to leave, the responsibility of cluster head is transferred to another vehicle in the cluster, specifically one with a high trust rating. For a vehicle aiming to join a different cluster, it must first send a request to join the head vehicle of that new cluster. The head vehicle then evaluates the trustworthiness of the requesting vehicle. If deemed reliable, the head vehicle will approve the request, thereby incorporating the vehicle as a new member of the cluster.

In vehicular networks, clusters are dynamically formed based on the vehicles' speed and expected duration within a cluster, which is often influenced by their velocity. Vehicles continuously monitor their speed through their On-Board Units (OBUs) and compare it with the average speed of their current cluster. When a significant speed discrepancy arises, a vehicle may send a “leaving request” to its current cluster head and subsequently join a new cluster that better matches its velocity. This process, known as a handoff, is crucial for maintaining efficient and relevant network clustering. It ensures seamless communication and network integrity by aligning vehicles with similar movement patterns in the same clusters. The cluster head plays a vital role in this dynamic process, managing the entry and exit of vehicles to maintain stability and efficient communication within the cluster. Stability of vehicle is essential in vehicular ad-hoc networks (VANETs), where the rapid movement and changing positions of vehicles necessitate flexible and responsive network structuring.

4.4.7 Cancellation of affected or failed vehicles

The vehicle poses a threat if it is affected by intruders or hackers, or is controlled by an undesired entity when its information is stored in the CA_st. The danger stems from its unscrupulous use. As a result, if the system's connection is lost, the data must be safeguarded by wiping it away to maintain the central system running smoothly. The suggestion is provided for the aim of adding a private key X_k to a list set aside for storing the one-of-a-kind identification of a vehicle that has been crashed or compromised, subsequently deleting it from memory as ID_delete = H_a(ID_delete||Y_delete||GC_st) and removing from the memory D_delete = {ID_delete, Y_delete}. CA_st checks the deleted ID by matching with ID_N with ID_delete. If it is reached, deletion is not successful. If it does not fit, deletion of the process is successful.

5 Security analysis of the proposed approach

This section explores the different types of attacks encountered in VANETs and briefs how the proposed approach is used to mitigate these attacks.

Consider V = {V₁, V₂, V₃….V_n}–set of nodes in the networks, M—set of all possible messages,V_m–malicious vehicle in network, M_ij–message sent from V_i vehicle i to V_j vehicle j, SC(m, K_prii, K_pubj)–signcryption of message m using the private key of sender K_priiand the public key of receiver K_pubj, DSC(SC_m, K_prij, K_pubi)–decryption and verification of signcrypted message, SC_m, T(m)–timestamp or sequence number of message m, C—set of clusters in the network, each with its own cluster head CH.

5.1 Man-in-the-middle attack

A Man-in-the-Middle (MitM) attack poses a significant security risk when an unauthorized party secretly intercepts, modifies, or transmits communication vehicles and roadside equipment. Critical information exchanged within the network may be compromised in terms of integrity and confidentiality by this kind of assault. An attacker may intercept and alter messages pertaining to route information, traffic conditions, or safety alerts, creating potentially hazardous driving circumstances.

If an attacker node A intercepts the message M_ij transmitted between V_i to V_j. Man in the middle attacker will try to intercept the message as ${M^{\prime }}_{ij}$- Intercept (M_ij, A). The proposed approach uses signcrypting M_ij using the sender's private key and receiver's public key as SC(m, K_prii, K_pubj). The decryption and authentication process DSC(SC_m, K_prij, K_pubi) ensures that any altered message ${M^{\prime }}_{ij}$ by attacker A is detectable as attacker lacks the necessary key of signcrypted message. The use of HECC signcryption in proposed approach significantly enhances security by relying on the complexity of the discrete logarithm problem on hyperelliptic curves, a problem which is widely recognized as hard to solve, thereby providing strong protection against unauthorized access and attacks.

5.2 Malicious deployment attack

To interfere with operations or compromise data, malicious deployment attacks include inserting malicious nodes or software in a network. These rogue elements pose serious security concerns since they seem legitimate yet carry out harmful operations such as disseminating false information or interfering with communications.

If an attacker A deploys the malicious node in the communication zone, the impact of malicious node V_m can be quantifies as (V_m, A). The cluster-based defense mechanism utilizes trust evaluation

Trust(V) to select cluster heads CH, minimizing the influence of V_m in the network. Signcryption ensures message integrity and authenticity within clusters, reducing the effectiveness of malicious nodes.

5.3 Denial of service attack

A denial of service (DoS) attack is a malevolent endeavor aimed at obstructing a targeted server, service, or network's regular operation by flooding it with an excessive amount of Internet traffic. The attacker of this assault sources traffic from a number of hacked networks. When an overflow of incoming messages, connection requests, or corrupted packets occurs, the targeted resource becomes unavailable to authorized users.

A DoS attack by A floods vehicle node V_i with many requests, which are modeled as R_A(V_i). To mitigate this, the clustering model monitors buffer or traffic rate R(V_i) and implements mitigation strategies as mitigate DoS(V_i) when traffic filtering or buffer exceeds the minimum threshold R_threshold.

5.4 Sybil attack

In Sybil attacks, a malevolent node assumes several fake identities in order to obtain excessive influence within the network. This may result in serious disruptions such as the dissemination of misleading information or the influencing of network choices. These types of attacks seriously jeopardize the dependability and integrity of VANET connections, affecting everything from safety procedures to traffic flow.

In a Sybil attack, A creates multiple fake identities as {V_s1,V_s2,V_s3,…V_sm,}. The model for this attack influences (V_si,A). The countermeasure involves identity verification for each node Verify ID(V_si,) before it is allowed to join a cluster. Trust score of all vehicle node is checked; if its trust score is low, it is not allowed to join in the cluster, effectively reducing sybil nodes.

5.5 GPS spoofing

GPS spoofing is a deception approach used in VANETs whereby fake GPS signals are transmitted to spoof the GPS receivers in vehicles. This may result in the reporting of inaccurate location data, which could confuse traffic management procedures and throw navigational systems into chaos. There may be serious repercussions, such as clogged roads and compromised driver and passenger safety. GPS spoofing poses a serious threat to VANETs, where vehicles rely heavily on precise location data for a variety of purposes such as routing, safety alerts, and traffic optimization.

GPS spoofing involves A to broadcast false GPS signals S_fake,impacting the location data L(V_i) of nodes. The model is Error (L_true(V_i), L_fake(V_i)). The location provided is true or false is noted. Cluster-based cross-verification of GPS data Verify GPS(L(V_i), C_k) can identify discrepancies in location information, mitigating the impact of spoofed signals.

5.6 Replay attack

A replay attack in VANETs is the capture and retransmission of legitimate signals or messages. This could manipulate the network into thinking that recently performed or ancient commands are entirely fresh. By disseminating inaccurate or out-of-date information, these assaults have the potential to hinder road safety and interfere with traffic control. As decision-making in VANETs depends on timely and accurate communication, thwarting these attacks is essential and usually entails steps such as time-stamping messages to guarantee their legitimacy and freshness.

In a replay attack, A capture and retransmits a message M_ij with old timestamp T_old. The mathematical model representation for attack is given by ${M^{\prime }}_{ij}-Replay(M_{ij},T_{old})$. Signcryption used in the proposed approach includes a timestamp or sequence number T(M_ij), enabling the receiving node to detect and reject replayed messages.

5.7 Non-repudiation attack

A non-repudiation attack occurs when a sender in a VANET denies sending a message or carrying out an action that they have already carried out. In safety-critical situations, in particular, this challenge to communication authenticity may breed distrust and uncertainty within the network. In VANETs, maintaining non-repudiation is essential to preserving trustworthy and responsible communication channels. This is typically accomplished by cryptographic approaches such as digital signatures.

In a non-repudiation attack, a sender V_i denies sending a message M_ij. This is represented as non-repudiation denial (V_i, M_ij ). The signcryption mechanism ensures non-repudiation as the signature embedded in SC(M_ij) can only be generated by V_i's private key, which is verifiable by verify signature (SC(M_ij), K_pubi), thus avoiding non-repudiation attack.

6 Results of the simulation and discussion

The system model is implemented using network simulator NS 3.26, where the vehicular ad hoc network model is created. The Simulation of Urban Mobility (SUMO) tool is used to get real-time traffic mobility, an open-source simulation platform for the mobility-based traffic verification system. It handles the toolset of large scenarios and employs the transportation map showing various location data. The mobility data contain traffic lights, junctions, and connecting nodes and bridges. The SUMO road network model is organized to form the northern location and can align the direction corresponding to the connections. Using the SUMO tool, the proposed approach considers the traffic data of Kathipara junction in Chennai, Tamil Nadu.

Vehicular ad hoc network efficiency increases with a good packet delivery ratio, throughput, low end-to-end delay, packet loss ratio, and stable communication. Table 2 shows the simulation parameter used in the proposed in the proposed study and Table 3 shows computation and communication overhead of the proposed approach. Figure 4 shows the SUMO view of the Kathipara junction in Chennai, Tamil Nadu. The proposed approach is compared with the existing approach ASCII-ECC and ECC. Using the Median-centered K-Means (MKM) approach, clusters are formed and cluster leaders are chosen. The shortest path is determined using an updated version of the Cockroach Swarm Optimization (MCSO) method. Additionally, the use of ASCII-ECC facilitates secure data exchange (Marry Anita, 2023). ECC, RSA, and ASCII-ECC are compared with the existing approach CSKAS. The proposed approach provides high efficiency when compared with the existing approach (Gayathri and Gomathy, 2022; Tulib and Malhotra, 2022; Husnain et al., 2023; Marry Anita, 2023).

Table 2

Table 2. Simulation parameter.

Table 3

Table 3. Computation cost and communication overhead of proposed approach.

Figure 4

Figure 4. Sumo view of Guindy, Chennai.

Packet delivery ratio (%):

The packet delivery ratio is the total packets created at the source node to the total packets generated at the destination node as mentioned in the Equation (23). Figures 5, 6 depict the performance analysis of the packet delivery and loss ratio.

$\begin{array}{ll}PDR(in\%)=\frac{PacketReceived}{Packetgenerated}*100& (23)\end{array}$

Figure 5

Figure 5. Performance analysis of packet delivery ratio.

Figure 6

Figure 6. Performance analysis of packet loss ratio.

Packet loss ratio (%):

The packet loss ratio is the ratio of lost packets to received packets as shown in the Equation (24).

$\begin{array}{ll}PLR(in\%)=\frac{NumberoflostPacket}{NumberofreceivedPacket}*100& (24)\end{array}$

End-to-End delay (ms):

End-to-End delay, the total of all delays in the connection caused by intermediary nodes, is the overall amount of time required for a packet to go from its source to its destination. It is calculated by adding together all communication delays. Figure 7 displays the network's end-to-end delay performance analysis.

Figure 7

Figure 7. Performance analysis of end-to-end delay.

Computation cost (ms) (Tulib and Malhotra, 2022):

The proposed approach calculates the computation cost by calculating the total time required for signcryption and unsigncryption as shown in the Equation (25). Figure 8 shows the performance analysis of computation cost in milliseconds.

$\begin{array}{ll}C{C}_{total}=t_{signcrypt}+t_{unsigncrypt}& (25)\end{array}$

Figure 8

Figure 8. Performance analysis of computation cost.

where CC_total is the total computation cost, t_signcrypt and t_unsigncrypt are the total time required to signcrypt and unsigncrypt a message in millisecond.

Average cluster lifetime (s):

The cluster lifetime specifies the length of time that a particular cluster is kept up and running. The sum of all cluster lifetimes is known as the average cluster lifespan.

Throughput (Mbps):

The total number of packets received at the destination divided by the processing time is known as throughput. Throughput is calculated by using the following Equation (26).

$\begin{array}{l}Throughput(Mbps)=\\ \frac{Totalnumberofpacketsreceivedatthedestinationinbytes*8}{Endtime-Starttime}& (26)\end{array}$

Figures 9, 10 show the results obtained for average cluster lifetime and throughput for the proposed approach CSKAS by varying the vehicle density. For 20 nodes, average cluster lifetime of a node is 102 s, and the throughput is 6.671 Mbps and is compared with the existing approaches. When the number of nodes increases, average cluster lifetime and throughput gradually decrease because of node density. For 100 nodes, the proposed approach still gives 75 s as the average cluster lifetime and a good throughput of 5.6 Mbps.

Figure 9

Figure 9. Performance analysis of average cluster lifetime.

Figure 10

Figure 10. Performance analysis of throughput.

6.1 Communication overhead (ms)

The total of the computation cost and the additional factor delay is the communication overhead. The time needed for the signcryption and unsigncryption procedures is referred to as the computation cost. The extra time added by different network-related processes, such as data preparation, queuing, signal propagation, and processing at network nodes, is included in the additional factor delay or known as average end-to-end delay occurred for a packet to reach its destination. The total time used in computation cost and average end-to-end delay gives communication overhead. The proposed approach CSKAS achieves a low communication overhead across various node densities in the network. Specifically, for a network with 20 nodes, the overhead is just 0.04351 s. As the number of nodes increases, the overhead remains modest, with 0.04601 s for 40 nodes, 0.04797 s for 60 nodes, 0.04972 s for 80 nodes, and only 0.05168 s for a network comprising 100 nodes. This demonstrates the efficiency of the proposed method in maintaining minimal overhead even as the network scales.

The proposed approach provides high-end security performance by combining signcryption and Hyperelliptic Curve Cryptography (HECC) with a Restricted Boltzmann Machine (RBM) algorithm for clustering . This effectively balances computation cost and communication overhead. Strong security and reduced key lengths are two well-known advantages of HECC. Efficiency is especially important in high-speed vehicle networks. HECC's signcryption feature reduces computational complexity and overhead by combining encryption and signing in a single procedure. This integration reduces communication cost by reducing the size of cryptographic messages and cutting down on computation time. Concurrently, network organization is optimized by the RBM algorithm's skill at clustering. This improves data handling and routing effectiveness, which is vital in VANETs' dynamic environment.

A VANET system can analyze the correlation (Hanis and Amutha, 2019) between the data packet delivery rate (X) and packet loss rate (Y) for different network scenarios since the proposed study depends on packet-based clustering signcryption key agreement scheme, simulated PDR and PLR ratio are analyzed, and then, the correlation coefficient using a statistical method Pearson's correlation coefficient is calculated using Equation (27).

$\begin{array}{ll}r=\frac{N{\displaystyle \sum X}Y-({\displaystyle \sum X}{\displaystyle \sum Y})}{\sqrt{[N{{\displaystyle \sum x}}^2-{({\displaystyle \sum x})}^2][N{{\displaystyle \sum y}}^2-{({\displaystyle \sum y})}^2]}}& (27)\end{array}$

where N is the number of data points; X and Y are the two variables.

The Pearson correlation coefficient between PDR and PLR is ~-0.964, indicating a strong negative correlation between the two variables. In the proposed approach increase in PDR results in a decrease in PLR; there is a strong negative correlation hence resistance to correlation attacks. This proves that encrypted packets are sent to the destination in a secure way.

The proposed approach uses key length of 128 bit. The Entropy E can be calculated as as shown in the Equation (28).

$\begin{array}{ll}E=log2(2^{128})& (28)\end{array}$

A 128-bit key offers incredibly high security and is challenging to crack with current technology. A 128-bit key has an entropy of 128 bits, meaning there are 2,128 potential keys, an astronomically enormous number that is challenging for an attacker to guess or brute-force.

The main limitation of signcryption system-based hyperelliptic curve cryptography in VANET is the increase in complexity of the system, which may increase latency. In the nb future, research will be carried out to reduce the complexity of the system.

7 Conclusion

Developing a system authentication model for critical public infrastructure is becoming increasingly crucial with the framework for providing vehicle ad hoc networks (VANETs) with essential security components. Trust, authentication, privacy, and security are among the high-risk factors. Safe authentication method and trust-based clustering are described in this article for VANET. At first, the confined Boltzmann AI approach is utilized to pick the trusted cluster head determination because of trust, the lifetime of the vehicle, and buffer monitoring level using RBMA. After that, CH is made and clumping happens. Signcryption employs Diffie–Hellman hyperelliptic curve cryptography and cryptographic hash algorithms for secure VANET routing. The primary factor that contributes to the improved authenticity of the key establishment method is the system's signcryption. The medium access protocol layer has been updated to enhance these security measures. In addition, the CSKAS-clustering signcryption key agreement scheme, a signcryption-based approach to key establishment, reduces time and complexity that provides secure and trusted communication and secure routing protocol, which gives the solutions to issues with the secure routing.

Data availability statement

The original contributions presented in the study are included in the article/supplementary material, further inquiries can be directed to the corresponding author.

Author contributions

MG: Writing – original draft, Conceptualization, Methodology, Software. CG: Supervision, Methodology, Formal analysis, Writing – review & editing.

Funding

The author(s) declare that no financial support was received for the research, authorship, and/or publication of this article.

Acknowledgments

The authors would also like to thank the SRM Institute of science and Technology, Vadapalani to support them in providing good laboratory infrastructure to carry out the research.

Conflict of interest

The authors declare that the research was conducted in the absence of any commercial or financial relationships that could be construed as a potential conflict of interest.

Publisher's note

All claims expressed in this article are solely those of the authors and do not necessarily represent those of their affiliated organizations, or those of the publisher, the editors and the reviewers. Any product that may be evaluated in this article, or claim that may be made by its manufacturer, is not guaranteed or endorsed by the publisher.

References

Alfadhli, S. A., Lu, S., Chen, K., and Sebai, M. (2020). MFSPV: a multi-factor secured and lightweight privacy-preserving authentication scheme for VANETs. IEEE Access 8, 142858–142874. doi: 10.1109/ACCESS.2020.3014038

Crossref Full Text | Google Scholar

Bhoi, S. K., and Khilar, P. M. (2014). Vehicular communication - a survey. IET Netw. 3, 204–217. doi: 10.1049/iet-net.2013.0065

Crossref Full Text | Google Scholar

Bitam, S., Mellouk, A., and Zeadally, S. (2015). VANET-cloud: a generic cloud computing model for vehicular ad hoc networks. IEEE Wirel. Commun. 22, 96–102. doi: 10.1109/MWC.2015.7054724

PubMed Abstract | Crossref Full Text | Google Scholar

Cheng, H., and Liu, Y. (2020). An improved RSU-based authentication scheme for VANET. J. Internet Technol. 21, 1137–1150. doi: 10.3966/160792642020072104022

Crossref Full Text | Google Scholar

Cheng, H., Shojafar, M., Alazab, M., Tafazolli, R., and Liu, Y. (2022). PPVF: privacy-preserving protocol for vehicle feedback in cloud-assisted VANET. IEEE Trans. Intell. Transp. Syst. 23, 9391–9403. doi: 10.1109/TITS.2021.3117950

Crossref Full Text | Google Scholar

Chim, T. W., Yiu, S. M., Hui, L. C. K., and Li, V. O. K. (2014). VSPN VANET based secure and privacy-preserving navigation. IEEE Trans. Comput. 63, 510–524. doi: 10.1109/TC.2012.188

Crossref Full Text | Google Scholar

Dhurandher, S. K., Obaidat, M. S., Jaiswal, A., Tiwari, A., and Tyagi, A. (2014). Vehicular security through reputation and plausibility checks. IEEE Syst. J. 8, 384–394. doi: 10.1109/JSYST.2013.2245971

Crossref Full Text | Google Scholar

Fonseca, E., and Festag, A. (2006). A survey of existing approaches for secure ad hoc routing and their applicability to VANETs, Vol. 1. Heidelberg: NEC Network Laboratories, 1–28.

Google Scholar

Gayathri, M., and Gomathy, C. (2022). AI-TASFIS: an approach to secure vehicle-to-vehicle communication. Appl. Artif. Intell. 36:2145636. doi: 10.1080/08839514.2022.2145636

Crossref Full Text | Google Scholar

Godse, S. P., and Mahalle, P. N. (2018). A computational analysis of ECC based novel authentication scheme in VANET. Int. J. Electr. Comput. Eng. 8:5268. doi: 10.11591/ijece.v8i6.pp5268-5277

Crossref Full Text | Google Scholar

Hanis, S., and Amutha, R. (2019). A fast double-keyed authenticated image encryption scheme using an improved chaotic map and a butterfly-like structure. Nonlinear Dyn. 95, 421–432. doi: 10.1007/s11071-018-4573-7

Crossref Full Text | Google Scholar

Husnain, G., Anwar, S., Sikander, C., Ali, A., and Lim, S. (2023). A bio-inspired cluster optimization schema for efficient routing in vehicular Ad hoc networks (VANETs). Energies 16:1456. doi: 10.3390/en16031456

Crossref Full Text | Google Scholar

Janani, V. S., and Manikandan, M. S. K. (2018). Efficient trust management with bayesian-evidence theorem to secure public key infrastructure-based mobile ad hoc networks. EURASIP J Wireless Commun. Netw. 25, 1–27. doi: 10.1186/s13638-017-1001-5

Crossref Full Text | Google Scholar

Kadam, M. V., Vaze, V. M., and Todmal, S. R. (2023). TACR: trust aware clustering-based routing for secure and reliable VANET communications. Wireless Pers. Commun. 132, 305–328. doi: 10.1007/s11277-023-10612-z

Crossref Full Text | Google Scholar

Kosuru, S., Suma, P., Alam, M. A., and Hussain, M. A. (2022). An intelligent cluster-based energy efficient optimization algorithm to improve the network performance in VANET. Math Stat. Eng. Appl. 71, 201–208.

PubMed Abstract | Google Scholar

Li, X., Liu, T., Obaidat, M. S., Wu, F., Vijayakumar, P., Kumar, N., et al. (2020). A lightweight privacy-preserving authentication protocol for VANETs. IEEE Syst. J. 14, 3547–3557. doi: 10.1109/JSYST.2020.2991168

Crossref Full Text | Google Scholar

Liu, H., Wang, H., and Gu, H. (2020). HPBS: a hybrid proxy based authentication scheme in VANETs. IEEE Access 8, 161655–161667. doi: 10.1109/ACCESS.2020.3021408

Crossref Full Text | Google Scholar

Marry Anita, S. E. A. J. (2023). Improved security of the data communication in VANET environment using ASCII-ECC algorithm. Wireless Pers. Commun. 128, 759–776. doi: 10.1007/s11277-022-09974-7

Crossref Full Text | Google Scholar

Mershad, K., and Artail, H. (2013). A framework for secure and efficient data acquisition in vehicular ad hoc networks. IEEE Trans. Veh. Technol. 62, 536–551. doi: 10.1109/TVT.2012.2226613

Crossref Full Text | Google Scholar

Mirsadeghi, F., Rafsanjani, M. K., and Gupta, B. (2021). A trust infrastructure-based authentication method for clustered vehicular ad hoc networks. Peer-to-Peer Netw. Appl. 14, 2537–2553. doi: 10.1007/s12083-020-01010-4

Crossref Full Text | Google Scholar

MohanaPriya, P., and Mercy Shalinie, S. (2017). Restricted Boltzmann machine-based cognitive protocol for secure routing in software defined wireless networks. IET Netw. 6, 162–168. doi: 10.1049/iet-net.2017.0054

Crossref Full Text | Google Scholar

Mukhtaruzzaman, M., and Atiquzzaman, M. (2020). Clustering in vehicular ad hoc network: algorithms and challenges. Comput. Electr. Eng. 88:106851. doi: 10.1016/j.compeleceng.2020.106851

Crossref Full Text | Google Scholar

Nandy, T., Idris, M. Y. I., Noor, R. M., Wahab, A. W. A., Bhattacharyya, S., Kolandaisamy, R., et al. (2021). A secure, privacy-preserving, and lightweight authentication scheme for VANETs. IEEE Sens. J. 21, 20998–21011. doi: 10.1109/JSEN.2021.3097172

Crossref Full Text | Google Scholar

Rawat, G. S., Singh, K., Arshad, N. I., Hadidi, K., and Ahmadian, A. (2022). A lightweight authentication scheme with privacy preservation for vehicular networks. Comput. Electr. Eng. 100, 1–10. doi: 10.1016/j.compeleceng.2022.108016

Crossref Full Text | Google Scholar

Sun, J., Zhang, C., Zhang, Y., and Fang, Y. (2010). An identity-based security system for user privacy in vehicular ad hoc networks. IEEE Trans. Parallel Distrib. Syst. 21, 1227–1239. doi: 10.1109/TPDS.2010.14

Crossref Full Text | Google Scholar

Tan, H., and Chung, I. (2020). Secure authentication and key management with blockchain in VANETs. IEEE Access 8, 2482–2498. doi: 10.1109/ACCESS.2019.2962387

PubMed Abstract | Crossref Full Text | Google Scholar

Tang, Y., Cheng, N., Wu, W., Wang, M., Dai, Y., Shen, X., et al. (2019). Delay-minimization routing for heterogeneous VANETs with machine learning based mobility prediction. IEEE Trans. Veh. Technol. 68, 3967–3979. doi: 10.1109/TVT.2019.2899627

Crossref Full Text | Google Scholar

Tulib, K., and Malhotra, M. (2022). A hybrid approach for task scheduling in the cloud environment. Int. J. Cloud Appl. Comput. 12, 1–14. doi: 10.4018/IJCAC.305215

Crossref Full Text | Google Scholar

Wang, F., Zeng, D., and Yang, L. (2006). Smart cars on smart roads: an IEEE intelligent transportation systems society update. IEEE Pervasive Comput. 5, 68–69. doi: 10.1109/MPRV.2006.84

Crossref Full Text | Google Scholar

Wasef, A., Lu, R., Lin, X., and Shen, X. (2010). Complementing public key infrastructure to secure vehicular ad hoc networks. IEEE Wireless Commun. 17, 22–28. doi: 10.1109/MWC.2010.5601954

Crossref Full Text | Google Scholar

Wei, Z., Li, J., Wang, X., and Gao, C. Z. (2019). A lightweight privacy-preserving protocol for VANETs based on secure outsourcing computing. IEEE Access 7, 62785–62793. doi: 10.1109/ACCESS.2019.2915794

Crossref Full Text | Google Scholar

Woo, S., Jo, H. J., and Lee, D. H. (2014). A practical wireless attack on the connected car and security protocol for in-vehicle CAN. IEEE Trans. Intell. Transp. Syst. 16, 993–1006. doi: 10.1109/TITS.2014.2351612

Crossref Full Text | Google Scholar