Privacy Protection Strategy of Vehicle-to-Grid Network Based on Consortium Blockchain and Attribute-based Signature

V2G(vehicle-to-grid) is an integral part of the smart grid. To deploy a V2G network on a large scale, it is necessary to solve network security and trustworthiness and privacy protection of electric vehicle users (EV). Therefore, this paper proposes a privacy protection strategy for V2G networks based on consortium blockchain and attribute-based signature and designs an overall implementation scheme including system initialization, EV registration, anonymous authentication, optimized scheduling, local services, block construction and consensus mechanism. The strategy also uses the K-anonymity to protect the privacy of the EV’s geographic location, making it well compatible with charging and discharging services. Finally, security and performance analysis proved the feasibility of design scheme.


Introduction
As a new type of controllable load, electric vehicles can deliver energy to grid through battery discharge, realizing the bidirectional flow of energy between the electric vehicle and the grid [1]. This technology is called V2G (vehicle-to-grid). To deploy V2G networks on a large scale, it is also necessary to solve the problem about network security and EV's privacy protection. The emerging technology blockchain provides a new method for solving these problems. Blockchain is an open, transparent, and decentralized database technology that deeply integrates distributed data storage, P2P transmission, consensus mechanism, encryption algorithm, etc [2]. At present, the research of blockchain technology in power energy is still in its infancy [3]. However, it is difficult to guarantee the privacy information of V2G users due to the disclosure of transaction data by conventional blockchain technology for maximum transparency, so most of the current research still has great defects in this aspect. To this end, this paper proposes a privacy protection strategy for V2G networks. First, the strategy adopts the consortium blockchain to form a semi-centralized energy trading system, which satisfy the security, credibility, and scalability requirements of large-scale deployment for V2G networks [4][5][6]. Secondly, the strategy also uses the attribute signature [7][8][9] and the K-anonymity algorithm [10] to satisfy EV's identity and location privacy protection requirements. Finally, this paper verifies the feasibility of the proposed scheme through security analysis and simulation experiments.

V2G Network Privacy Protection Scheme
The architecture of a V2G network is shown in Figure 1, including four entities: central aggregator (CAG), local aggregator (LAG), a single EV and trusted third agency (TA). CAG and LAG belong to network operators, a single EV belongs to private users, and TA belongs to some independent organizations, such as regional transmission organizations or independent system operators. The flow ICEPECA 2020 IOP Conf. Series: Earth and Environmental Science 661 (2021) 012027 IOP Publishing doi:10.1088/1755-1315/661/1/012027 2 of information and energy in the network represented by thick dashed and thick solid lines, respectively. Besides, CAG is responsible for the overall monitoring and scheduling of the network, and is the only entity that can directly communicate with electricity market. In addition, in order to reduce the burden of CAG and meet the needs of EVs in different locations, LAG is deployed for each area to provide direct interaction for the local EV. TA, as a neutral third party, can be shared by multiple V2G networks, is responsible for generating system public parameters, assigning public and private keys to each entity.  Based on the above architecture, the implementation details of each step of the design scheme are shown in Figure 2.

System Initialization
By entering the security parameters λ , TA performs the following operations to generate system public parameters params : G is a group with order p , and p is a large prime number. and g is a generator of G and 1 G . 2) TA defines Λ as the user's attribute space, and a random number d is defined as the upper limit of the threshold predicate Γ allowed by the system. Λ contains all possible attributes of EV, and each attribute is coded as different elements.
3) In order to generate and verify the attribute signature, TA chooses a random number p Z α ∈ as the master private key, and selects two vectors  3 EV pk as registration information to TA.
After receiving EV's registration information, TA generates an attribute private key for it. First, TA select the attribute set Ω ( =d Ω ) belonging to the EV from Λ . Then, TA randomly selects parameters 1 1 ,..., d p a a Z − ∈ and defines: For each attribute w ∈ Ω , TA randomly selects the index w p r Z ∈ and calculates: The attribute private key of EV is: In addition, to protect the privacy of users in the payment phase and prevent collision attacks, TA also prepares multiple random pseudonyms for EV as follows: Finally, TA sends attribute private key and the pseudonyms back to the EV that submitted the registration information. An EV receiving all above information indicates that the registration is completed.

Anonymous Authentication and Optimized Scheduling
After registration, EV can use its attribute private key to anonymously complete message authentication under different predicates Γ . We can assuming that the predicate specified by CAG in a period of time is , t S Γ , any signature that can't match To protect location privacy, EV also need to hide its real location information before sending the transaction request. This paper uses K-anonymity algorithm to realize the protection of geographic location. According to this algorithm, EV pre-selection strategy Ψ to determines the size of cloaking area, which means EV needs to make a compromise between privacy protection and accurate service. The specific operation of EV hiding the real location information is as follows: 1) The EV determines the cloaking area O A Ψ according to Ψ and its real location ( , ) x y .
2) EV selects the center of the cloaking area ( ', ') x y as its cloaking position. Since all the EVs located in the same cloaking area O A Ψ are selecting same ( ', ') x y , the attacker will not be able to identify EVs in the same area. After that, EV needs to send a transaction request to CAG. The transaction request includes two parts: transaction information m and attribute signature σ . The transaction information contains different parts: ① the cloaking location ( ', ') x y generated by EV; ② the amount of electricity B that EV wants to buy or sell; ③the estimated time of arrival and departure ( , ) a b t t ; ④the timestamp T used to prevent delay attacks. The process for EV to send a transaction request to CAG is as follows: 2) For each attribute t w S ∈ , EV uses skΩ to calculate: 3) EV calculate If it is established, the verification is successful, and then CAG extracts the necessary information from m and executes the optimal scheduling algorithm. The scheduling strategy finally returns the recommended LAG location { } t L as result.
In addition, CAG uses its own CAG sk to sign on m as the certification of EV transactions. CAG chooses 1 g G ∈ and a random integer * k Z ∈ , calculate:

Local Charging and Discharging Service
According to equation (8), LAG obtain the value of r , then it verifies whether 3 the service and returns a signal to EV. After obtaining LAG's signal, EV selects an address from pseudonyms as the wallet address and sends it to LAG. LAG extracts the latest data belonging to the wallet address from the memory pool and submits it to EV. EV need to check the integrity of the relevant data of this wallet address. In the end, EV and LAG begin to conduct energy flow and complete the transfer. LAG generates a new transaction record data and sends the data to EV as a transaction receipt.

Block construction and consensus process
LAG adds all transaction data to the local memory pool. Thereafter, in order to record all transactions and maintain a verifiable shared ledger, all LAGs need to perform the following two steps under the cooperation of CAG: 1) Block construction: LAG collects all local transaction records within a certain period of time and then signs it with its own private key. After that, LAG organizes transaction records into blocks and tries to find a valid proof of data work. 2) Consensus process: CAG broadcasts block data, timestamp and proof of work to other LAGs for verification and review. After LAG audits the block data, the result and signature information are broadcast on the network. Each LAG compares its audit results with the results of other LAGs, and then sends the comparison conclusion signature back to CAG. CAG compare the received conclusions. If more than a certain percentage (about one-third) of LAG agrees to the block data, CAG will send records including the currently reviewed block data and corresponding signatures to all authorized LAGs in the alliance blockchain.

Security Analysis Theorem 1 (Correctness):
1) The correctness of the attribute signature in the transaction request: In addition, since Thus, the verification equation can be derived as equation (6).
2) The correctness of the ID signature in the transaction certification: For verifier, the correctness of the value r in the equation (7) can be derived from the equation (8): In our scheme, the attribute private key generated by EV, and the transaction certification generated by CAG satisfy the unforgeability. In order to provide an effective registration algorithm, this paper uses the attribute signature scheme of [7]. Since the generation method is the same as the scheme [7], the proof that the attribute signature cannot be forged is similar to [7]. In addition, for the ID signatures, this paper uses the signature scheme of [11], and the proof process is similar to [11]. The specific process is omitted due to page restrictions. Theorem 3 (Anonymity): The EV in our scheme has perfect anonymous privacy: In authentication phase, the attribute subsets ∑ ∑ Table 1 shows the theoretical computation overhead of each entity at different stages. the power computation cost is expressed as E , the bilinear pairing computation cost is expressed as P , and the scalar multiplication computation cost is expressed as M . j represents the number of LAGs in the network, and * indicates that the entity is not involved in the step, small indicating that the calculation cost is small.    Figure 4 as an example, a LAG can process about 50 user transactions simultaneously in one second. Assuming that the number of LAGs in the network is about 200, the entire network can process about 10,000 transactions simultaneously in one second. In addition, for CAG, which is responsible for overall scheduling, this simulation experiment uses only a laptop computer with a common configuration. In practice, CAG can use a higher hardware configuration to further improve its computational efficiency. Considering that only one CAG needs to be deployed in each network, the increase in computational efficiency is reasonable and obvious. Based on the above analysis, it can be seen that the network under this scheme can better handle the simultaneous access of large-scale EVs.

Conclusion
In order to deploy V2G on a large scale, must solve the problems of network security and privacy protection of EVs. This article proposes a privacy protection strategy for V2G networks based on consortium blockchain and attribute signatures. Security and performance analysis verify the feasibility of the design scheme. To this end, this paper proposes a privacy protection strategy for V2G networks. The strategy adopts the consortium blockchain to form a semi-centralized energy trading system, which ICEPECA 2020 IOP Conf. Series: Earth and Environmental Science 661 (2021) 012027 IOP Publishing doi:10.1088/1755-1315/661/1/012027 8 satisfy the security, credibility, and scalability requirements of large-scale deployment for V2G networks and uses attribute signature and K-anonymity algorithm to satisfy EV's identity and location privacy protection requirements. The next step of our work will be: ①Hiding the real data of on-chain transactions to prevent data analysis attacks, and design the on-chain transaction data protection scheme; ②Deeply analyses the influence of different property settings on the application performance of the V2G network and proposes targeted optimization scheduling strategies and personalized charging/discharging services.