Towards Secure Blockchain-enabled Internet of Vehicles: Optimizing Consensus Management Using Reputation and Contract Theory

09/22/2018 ∙ by Jiawen Kang, et al. ∙ SUNGKYUNKWAN UNIVERSITY Nanyang Technological University NetEase, Inc 0

In Internet of Vehicles (IoV), data sharing among vehicles is essential to improve driving safety and enhance vehicular services. To ensure data sharing security and traceability, highefficiency Delegated Proof-of-Stake consensus scheme as a hard security solution is utilized to establish blockchain-enabled IoV (BIoV). However, as miners are selected from miner candidates by stake-based voting, it is difficult to defend against voting collusion between the candidates and compromised high-stake vehicles, which introduces serious security challenges to the BIoV. To address such challenges, we propose a soft security enhancement solution including two stages: (i) miner selection and (ii) block verification. In the first stage, a reputation-based voting scheme for the blockchain is proposed to ensure secure miner selection. This scheme evaluates candidates' reputation by using both historical interactions and recommended opinions from other vehicles. The candidates with high reputation are selected to be active miners and standby miners. In the second stage, to prevent internal collusion among the active miners, a newly generated block is further verified and audited by the standby miners. To incentivize the standby miners to participate in block verification, we formulate interactions between the active miners and the standby miners by using contract theory, which takes block verification security and delay into consideration. Numerical results based on a real-world dataset indicate that our schemes are secure and efficient for data sharing in BIoV.



There are no comments yet.


page 1

page 2

page 3

page 10

page 11

This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.

I Introduction

I-a Background and Motivations

With the rapid development of automobile industry and the Internet of Things, vehicles generate a huge amount and diverse types of data through advanced on-board devices. Vehicles collect and share data to improve driving safety and achieve better service quality [1]. However, there exist significant security and privacy challenges for data sharing in IoV. On the one hand, vehicles may not be willing to upload data to infrastructures, e.g., through road-side units, with a centralized management architecture because of the concern on a single point of failure and personal data manipulation. On the other hand, although Peer-to-Peer (P2P) data sharing among the vehicles can solve the issues of the centralized management architecture, it is facing with the problems of data access without authorization and security protection in a decentralized architecture. These challenges adversely affect the circulation of vehicle data, even forming data ‘island’, and thus hinder the future development of IoV [2].

Recently, integrating blockchain technology with IoV has attracted increasing attention of researchers and developers because of decentralization, anonymity, and trust characteristics of blockchain. A secure, trusted, and decentralized intelligent transport ecosystem is established by blockchain to solve vehicle data sharing problems [2, 3]. The authors in [1] proposed a decentralized trust management system for vehicle data credibility assessment using blockchain with joint Proof-of-Work (PoW) and Proof-of-Stake (PoS) consensus schemes. Vehicle manufacturers Volkswagen [4] and Ford [5] have applied for patents that enable secure inter-vehicle communication through blockchain technologies. An intelligent vehicle-trust point mechanism using proof-of-driving-based blockchain is presented to support secure communications and data sharing among vehicles [6, 7]. Li et al. [8] proposed a privacy-preserving incentive announcement network based on public blockchain. The Byzantine fault tolerance algorithm is adopted to incentivize vehicles to share traffic information. Nevertheless, there exists exorbitant cost to establish a blockchain in resource-limited vehicles using computation-intensive PoW or unfair stake-based PoS [9]. Existing research attempts cannot neatly address the P2P data sharing problem among vehicles in IoV.

In this paper, we utilize high-efficiency Delegated Proof-of-Stake (DPoS) consensus scheme as a hard security solution to develop a secure P2P data sharing system for IoV. Previous study has demonstrated that a DPoS scheme is particularly suitable and practical for IoV [10], which performs the consensus process on pre-selected miners with moderate cost [11]. RoadSide Units (RSUs) as edge computing infrastructures, which are widely deployed over the whole road networks and easily reachable by vehicles, can be the miners because of having sufficient computation and storage resources [1, 12, 13]. These miners play significant roles to publicly audit and store vehicle data and data sharing records in blockchain-enabled IoV (BIoV). Traditionally, miners in DPoS schemes are selected by stake-based voting. Note that the vehicles with stakes act as stakeholders in BIoV [14]. The stakeholders with more stake have higher voting power. However, this approach suffers from the following collusion attacks in BIoV:

  • Miner Voting Collusion: Malicious RSUs collude with compromised high-stake stakeholders to be voted as miners. These malicious miners may falsely modify or discard transaction data during its mining process. Although the malicious miners can be voted out of the BIoV by the majority of well-behaved stakeholders in the next voting round, the stakeholders may not participate in all the voting rounds. Thus, some malicious miners cannot be removed in a timely fashion, which enables the malicious miners to launch attacks to damage the system continuously [15, 16].

  • Block Verification Collusion: Malicious miners may internally collude with other miners to generate false results in the block verification stage, even to launch double-spending attack, which is also challenging [9, 17].

Therefore, it is necessary to design an enhanced DPoS consensus scheme with secure miner selection and block verification to defend against the collusion attacks in BIoV [9].

I-B Solutions and Contributions

Reputation is defined as the rating of an entity’s trustworthiness by others based on its past behaviors [1, 18, 15]. Similar to existing studies, we utilize reputation as a fair metric to propose a soft security solution for enhancing DPoS schemes through two stages: (i) secure miner selection, and (ii) reliable block verification. A reputation management scheme established on blockchain technologies is proposed for the miner selection. Miner candidates with high reputation are selected to form a miner group including active miners and standby miners, e.g., 21 active miners and 150 standby miners in Enterprise Operation System (EOS) [19]. Each vehicle has its reputation opinion on an interacting miner candidate through a subjective logic model that combines recommended opinions from other vehicles and its own opinions based on historical interactions into an accurate reputation opinion [20]. All the reputation opinions of vehicles on the candidates are recorded as reliable and tamper-proof reputation records in transparent blockchain for reputation calculation.

Moreover, for secure block verification, blocks generated by active miners can be further verified and audited by standby miners to prevent internal collusion among active miners [21]. Here, the active miners take turn to act as the block manager to generate and distribute unverified blocks. To incentivize the standby miners to participate in the block verification, we utilize contract theory to model interactions among the block manager and miners to prevent collusion attacks. The block manager works as a contract designer. Meanwhile, the miners including active miners and standby miners are followers to finish block verification for obtaining a part of transaction fee according to verification contribution [21].

The main contributions of this paper are summarized as follows.

  • We propose an enhanced DPoS consensus scheme with two-stage soft security solution for secure vehicle data sharing in BIoV.

  • In the miner selection stage, we introduce a secure and efficient reputation management scheme by using a multi-weight subjective logic model. Miner are selected by reputation-based voting for decreasing collusion between stakeholders with a lot of stake and miner candidates.

  • In the block verification stage, high-reputation standby miners are incentivized to participate in block verification using contract theory for preventing internal collusion among active miners.

The rest of this paper is organized as follows. We present the system model and the enhanced DPoS consensus scheme with detailed steps for secure P2P vehicle data sharing in Section II. We illustrate the secure reputation management scheme by using the multi-weight subjective logic model in Section III. The incentive mechanism for secure block verification using contract theory is proposed in Section IV, followed by optimal contract designing in Section V. We illustrate numerical results in Section VI. Section VII concludes the paper.

Fig. 1: The system model for blockchain-based IoV.
Fig. 2: The enhanced DPoS consensus scheme for blockchain-based IoV.

Ii System Model and the Enhanced DPoS Algorithm

Ii-a System Model

As shown in Fig. 1, vehicles equipped with on-board units and advanced communication devices can access vehicular services by communicating with nearby RSUs in BIoV. The on-board units can perform simple computation, collect local data from sensing devices, and upload the data to the RSUs. Vehicles act as data collectors and share their own data with data requesters through wireless communication. Next, the vehicles upload their data sharing records as “transactions” to nearby RSUs. RSUs are deployed along roads to ensure that the vehicles are able to communicate with other vehicles and miners in a timely fashion [1, 12, 13]. Unlike traditional DPoS schemes that miners are selected by stake-based voting, RSUs with high reputation are selected as miners, whose reputation values are calculated by a multi-weight subjective logic model. More details about the model are given in Section III. The data collectors share data with each other and obtain a reward from data requesters. Next, the data collectors upload data sharing records to active miners, and the miners execute the consensus process of our enhanced DPoS consensus scheme. Finally, the vehicle’s data sharing records are stored as block data and added into a blockchain, named vehicular blockchain, for achieving efficient proof of presence of the data sharing.

The vehicular blockchain is also a public ledger that records vehicles’ reputation opinions for RSUs and miners into the block data. These reputation opinions are persistent and transparent evidence when disputes and destruction occur [22]. Vehicles assess both RSUs during vehicular services and active miners in the consensus process. The vehicles also download the existing reputation opinions about these entities in vehicular blockchain as recommended opinions. Then, vehicles generate their reputation opinions through combining their own assessments with the recommended opinions, and upload these new opinions with digital signatures to new active miners through nearby RSUs [1]. The miners perform the consensus process similar to that in data sharing. All the vehicles can obtain the latest RSUs’ reputation after the reputation opinions being added into the vehicular blockchain. The system can calculate the average reputation of RSUs according to the reputation opinions in the vehicular blockchain, which is an important metric for the miner selection in the next round of the consensus process [22].

Ii-B Adversary Model for DPoS Consensus Process

In traditional DPoS consensus schemes, miners are selected from miner candidates according to stake-based voting among stakeholders, i.e., vehicles with stake. In BIoV, as RSUs acting as miner candidates may be distributed along the road without sufficient security protection, they are semi-trusted and may be vulnerable to be directly compromised by attackers [1, 23]. Both stakeholders and miner candidates are vulnerable to arbitrary manipulation by plutocrats [16], and become compromised stakeholders and malicious miner candidates. The plutocrats, i.e., attackers, can launch voting collusion that compromises some high-stake stakeholders with greater voting power, and ask the compromised stakeholders to vote some certain miner candidates. Moreover, compromised vehicles in BIoV can generate and upload fake reputation opinions to an RSU in order to increase or decrease the reputation of the target RSU [1]. Due to the overwhelming cost, we consider that the attackers cannot compromise the majority of vehicles [22]. Only a small subset of vehicles can be compromised during a short period of time in BIoV [1], i.e., due to high mobility of vehicles.

Ii-C The Enhanced DPoS Scheme for Blockchain-based IoV

As depicted in Fig. 2, there are mainly three parts in the enhanced DPoS consensus scheme for secure P2P vehicle data sharing: (i) updating block data (data sharing records and reputation opinions from vehicles) and miner candidates joining, (ii) reputation-based voting for miner selection and (iii) secure block verification using contract theory. More details about steps of the proposed parts are given in the subsequent discussions.

Step 1: System Initialization: In vehicular blockchain, elliptic curve digital signature algorithm and asymmetric cryptography are adopted for system initialization. Every entity becomes legitimate after passing identity authentication by a global Trust Authority (TA), e.g., a government department of transportation111Note that the TA is responsible for identity authorization, certificate issuance and access control of entities before running vehicular blockchain. That is, the TA does not affect the decentralization of the vehicular blockchain [22].. Each legitimate entity obtains its public & private keys and the corresponding certificates for information encryption and decryption [11]. An RSU that wants to be a miner candidate first submits its identity-related information to the TA. As shown in Fig. 2, the TA verifies the validity of the RSU by calculating its average reputation according to stored reputation opinions from vehicles in the vehicular blockchain. Only if the average reputation of this RSU is higher than a threshold of trust, the RSU can become a miner candidate. The threshold can be set according to different security-level requirements [18], which is explained in Section VI-B.

Step 2: Miner candidate joining: Each miner candidate submits a deposit of stake to an account under public supervision after being a miner candidate. This deposit will be confiscated by the vehicular blockchain system if the candidate behaves maliciously and causes damage during the consensus process, e.g., failing to produce a block in its time slot [19, 24].

Step 3: Reputation calculation: As shown in Fig. 2, stakeholders can calculate all miner candidates’ reputation by using a subjective logic model, which is based on historical interactions with the miner candidates and recommended opinions from other vehicles. The subjective logic model takes three weights about the historical interactions into consideration to form the local opinion on each miner candidate. The latest recommended opinions can be downloaded from the vehicular blockchain. Thus each stakeholder combines its local opinion with the recommended opinions to obtain a final reputation opinion on every miner candidate. More details about the reputation calculation are presented in Section III.

Step 4: Miner selection: According to the final reputation opinions calculated by Step 3, as shown in Fig. 2, each stakeholder votes for candidates as the miners according to its ranking of the final reputation opinions for the candidates. Unlike traditional DPoS schemes, all the stakeholders have the same weight in miner voting (same voting power) even though some stakeholders owning larger stake. The top miner candidates with the highest reputation are selected to be active miners and () miner candidates can be standby miners. The active miners and standby miners form a miner group in vehicular blockchain. Here , and

is an odd integer, such as 21 in EoS and 101 in Bitshares


Step 5: Block manager generation: In line with traditional DPoS schemes, each of the active miners takes turn to act as the block manager during time slots of the consensus process. Similar to that in traditional DPoS consensus schemes, every active miner plays the role of the block manager to perform block generation, broadcasting, verification and management in its time slot.

Step 6: Consensus process: As shown in Fig. 2, in a time slot, the block manager first generates an unverified block, and broadcasts this block to other active miners for block verification. However, due to the limited number of active miners, malicious active miners may launch the block verification collusion attack to generate false block verification results. In the block verification stage, the more verifiers result in a more secure blockchain network [21]. Therefore, to defend this attack and further enhance security performance of the proposed DPoS consensus scheme, more verifiers are motivated and incentivized to participate in the block verification instead of only active miners finishing the verification. In other words, the miners including active miners and standby miners can act as verifiers and join the block verification process, especially the high-reputation miners, which can prevent the block verification collusion among the active miners. As such, we then design an incentive mechanism by using contract theory to encourage high-reputation miners to participate in the block verification. In the incentive mechanism, the active miner acts as the block manager and the contract designer to broadcast contract items to miners. Meanwhile, the miners choose and sign their best contract items. More details about the block verification using contract theory are described in Section IV.

In Fig. 2, for mutual supervision and verification, high-reputation miners locally audit the data block and broadcast their audit results with their signatures to each other. After receiving the audit results, each miner compares its result with those of other miners and sends a reply as a feedback to the block manager. This reply consists of the miner’s audit result, comparison result, signatures, and records of received audit results. The block manager analyzes the received replies from miners. If more than two third of the miners agree on the data block, the block manager will send the records including the current audited data block and the corresponding signature to all of the miners for storage. Next, this block is stored in the vehicular blockchain. The block manager is rewarded with cryptocurrency, and the other miners participating in block verification will receive a part of the transaction fee. After time slots, the group of miners and their categories, i.e., active or standby miners, will be updated and shuffled through new miner selection.

Step 7: Reputation updating: After each round of the consensus process, vehicles download and check new data block related to their data sharing records or reputation opinions in the vehicular blockchain. If the data is correct, the vehicles will update their reputation opinions for these miners and upload their opinions to new miners of the next round of consensus process. The miners perform consensus process in Step 6 to add valid reputation values into the vehicular blockchain.

Note that traditional DPoS consensus schemes mainly include the following steps: miner selection, block mining and generation, and block verification. The proposed DPoS consensus scheme only enhances the miner selection step and block verification step for secure BIoV, while the block mining and generation steps are the same as those in traditional DPoS schemes. Therefore the enhanced steps are compatible with traditional DPoS schemes.

Iii Efficient Reputation Calcualtion Using Subjective Logic Model

If a positive interaction between vehicles and RSUs/miners occurs, the vehicles will generate a positive rating for the RSUs/miners. Consequently, the vehicle’s local reputation opinion on the RSUs/miners is increased. The positive interaction means that the vehicles believe that the services provided by RSUs is relevant and useful or the new data block generated by a miner is true. Note that the miner candidates with high reputation acting as miners can ensure a secure and reliable consensus process. On the contrary, some compromised vehicles may generate fake rating because of collusion with malicious RSUs or selfish purpose. More false ratings cause more negative effects on miner selection in the proposed DPoS scheme, thus resulting in unreliable and insecure BIoV. Therefore, it is necessary to design a secure and efficient reputation management scheme of RSUs, and also to defend against the collusion between RSUs and vehicles. Vehicles choose their own best miner candidates as the miners according to reputation calculation [25]. A multi-weight subjective logic model for reputation calculation is proposed in this section.

Subjective logic is utilized to formulate individual evaluation of reputation based on historical interactions and recommended opinions. It is a framework for probabilistic information fusion operated on subjective beliefs about the world. The subjective logic utilizes the term “opinion” to denote the representation of a subjective belief, and models positive, negative statements and uncertainty. It also offers a wide range of logical operators to combine and relate different opinions [18]. In this paper, each vehicle (stakeholder) calculates reputation opinion taking all the recommended opinions into consideration. Due to the limited number of compromised vehicles, the false recommended opinions from the compromised vehicles have less effect on reputation calculation using subjective logic model since most vehicles are well-behaved and reliable.

Iii-a Local Opinions for Subjective Logic

Considering a vehicle and an RSU , the vehicle may interact with the RSU during driving, e.g., crowdsensing or vehicle data sharing. The trustworthiness (i.e., local opinion) of to

in the subjective logic can be formally described as a local opinion vector

, where and represent the belief, distrust, and uncertainty, respectively. We consider that all of the vehicles have the same evaluation criteria to generate local opinions. Here, and . According to the subjective logic model [20, 18], we have


is the number of positive interactions and is the number of negative interactions. The communication quality of a link between vehicles and

, i.e., the successful transmission probability of data packets, determines the uncertainty of local opinion vector

[18]. According to , the reputation value represents the expected belief of vehicle that RSU is trusted and behaves normally during consensus process, which is denoted by


Here, is the given constant indicating an effect level of the uncertainty for reputation [20].

Iii-B Multi-weight Local Opinions for Subjective Logic

Local opinions using the subjective logic model are affected by different factors. Traditional subjective logic is evolved toward multi-weight subjective logic when considering weighting operations. Similar to [18], we consider the following weights to formulate local opinions.

  • Interaction Frequency: It is known that the higher interaction frequency means that vehicle has more prior knowledge about RSU . The interaction frequency between and is the ratio of the number of times that interacts with to the average number of times that interacts with other RSUs during a time window , i.e.,


    where and . is the set of all of the RSUs (denoted as ) interacting with during the time window. The higher interaction frequency leads to higher reputation.

  • Interaction Timeliness: In BIoV, a vehicle is not always trusted and reliable. Both the trustfulness and reputation of to are changing over time. The recent interactions have higher impact on the local opinion of to . The time scale of recent interactions and past interactions is defined by , e.g., three days. The recent interactions and past interactions have different weights on the local opinions of vehicles. The parameter represents the weight of recent interactions, and represents the weight of past interactions. .

  • Interaction Effects: Note that positive interactions increase RSUs’ reputation and negative interactions decrease the reputation of RSUs. Therefore, the negative interactions have a higher weight on the local opinions of vehicles than that of the positive interactions. Here, the weight of positive interactions is , and the weight of negative interactions is , where The weights of interaction timeliness and interaction effects are combined together to form a new interaction frequency as follows:


    The positive and negative recent interactions are and when the current time satisfies , respectively. When , the positive and negative past interactions are and , respectively. Therefore, the interaction frequency between two vehicles is updated as follows:


    Therefore, the overall weight of reputation for local opinions is where is pre-defined parameter.

Iii-C Recommended Opinions for Subjective Logic

After being weighted, the recommended opinions are combined into a common opinion in the form of . Here,


where is a set of recommenders that are other vehicles had interacted with . Thus, the subjective opinions from different recommenders are combined into one single opinion, which is called the recommended opinion according to each opinion’s weight [15].

Iii-D Combining Local Opinions with Recommended Opinions

After obtaining ratings of from other vehicles, a particular vehicle has a subjective opinion (i.e., local opinion) on each vehicle based on its interaction history. This local opinion should still be considered while forming the final reputation opinion to avoid cheating [15]. The final reputation opinion of to is formed as , where , and are respectively calculated as follows [18]:


Similar to Eqn. (2), the final reputation opinion of to is


The final reputation opinions can be used in different steps of the proposed DPoS scheme. For Step 2 and Step 7 in Section II-C, after obtaining the final reputation opinion on an RSU, vehicles will upload and store their final reputation opinions as recommended opinions for other vehicles (stakeholders) in the vehicular blockchain. For Step 3 and Step 4 in Section II-C, stakeholders vote high-reputation miner candidates according to the reputation opinions.

Iv Incentive Mechanism for Secure Block Verification Using Contract Theory

After selecting high-reputation miner candidates as active miners by using the multi-weight subjective logic model, there still exists a potential block verification collusion attack in the vehicular blockchain. In this section, for secure block verification, we aim to design an incentive mechanism to motivate more miners (both active miners and standby miners) to participate in the block verification. Every block manager will offer a part of the transaction fee as a reward to verifiers that participate in block verification and accomplish the tasks in time. Nevertheless, to do so, there are issues for the block manager in every consensus process. Firstly, the block manager does not have prior knowledge about which miners would like to participate in verification. Secondly, it does not have an accurate reputation value of a verifier. Thirdly, it does not know the amount of resource that each verifier would contribute. The information asymmetry between the block manager and verifiers may incur too much cost for the block manager to give an incentive to the verifiers. Thus, the best strategy for the block manager is to design an incentive mechanism that can reduce the impact of information asymmetry. Moreover, the verifiers that contribute more should be rewarded more. Thus, we adopt contract theory [26] in designing the incentive mechanism.

In the th block verification, consider a monopoly market consisting of a block manager acting as the task publisher and a set of verifiers including active miners and standby miners. Verifiers are willing to contribute different computation resources , i.e., CPU cycles per unit time to execute the block verification. and are the sizes of the transmitted block before verification and the verified results, respectively [26]. For simplicity, for all verifiers, the values of and respectively are the same in the th block verification. For a verifier , the occupied CPU resource of block verification task is . Here, we consider that . Therefore, the block verification task is denoted as a three tuple . To attract more high-reputation verifiers, we define reputation as the type of a verifier. There are types, and the verifiers are sorted in an ascending order of reputation: , . The larger implies a higher reputation verifier for secure block verification among miners [9, 21].

With information asymmetry, the block manager should design specific contracts to overcome its economic loss. For different types of verifiers with different reputations, the block manager offers the verifiers a contract , which includes a series of latency-reward bundles. Here, is the latency of block verification for type- verifiers and is the reciprocal of . is the corresponding incentive. Note that if verifiers finish block verification faster, i.e., with smaller latency, can be rewarded more incentive [26].

Iv-a Latency in Block Verification

As mentioned in Step 6 of Section II-C, there are four steps in the block verification process for a verifier: (i) unverified block transmission from the block manager to verifiers, (ii) local block verification, (iii) verification result broadcasting and comparison among verifiers, and (iv) verification feedback transmission from the verifiers to the manager. For a verifier , the latency consisting of the corresponding delays of the aforementioned steps is defined as follows [26],


is the uplink transmission rate from the verifiers to block manager and is the downlink transmission rate from the block manager to the verifiers. The transmission time of an unverified block from the block manager to the verifier is . The local verification time of this block is . Similar to that in [21, 27], the time of verification result broadcasting and comparison among verifiers is a function of the block size , network scale (i.e., the number of verifiers ) and average verification speed of each verifiers, which is denoted as . Here, is a pre-defined parameter of verification result broadcasting and comparison, which can be obtained from statistics of previous block verification processes. The time of verification feedback is .

and can be calculated based on wireless link speed, e.g., the Shannon capacity. Let locations of verifiers fix during block verification. We apply the Time-Division Medium Access (TDMA) technique, where the uplink and downlink use the same frequency channel [26]. Then, we have


where is the transmission bandwidth and is the transmission power of verifier . is the channel gain of peer-to-peer link between the verifier and the block manager or other verifiers. is the one-sided power spectral density level of white Gaussian noise, and is an element in excluding .

Iv-B Profit of the Block Manager

According to the signed contract between the block manager and type- verifier, the profit of the block manager obtained from type- verifier is denoted as


where is a pre-defined weight parameter about the type- verifier’s incentive . is the benefit of the block manager regarding a security-latency metric for type- verifier. Intuitively, the block manager obtains a higher profit when the is bigger. Moreover, both more high-reputation verifiers and less latency can lead to bigger , i.e., , and The more verifiers participating in block verification leads to more secure block verification stage. However, this causes larger latency since the verifiers may need to communicate with verifiers through multi-hop relays [21]. Similar to that in [21, 28], we define a more general security-latency metric to balance the network scale and the block verification time for type- verifier, which is expressed by


Here . and are pre-defined coefficients about the network scale and verification latency, respectively.

is the prior probability of type-

, and . We consider that the block manager can obtain the distribution of verifier types from observations and statistics of previous behaviours of the verifiers [26]. denotes the maximum tolerable block verification latency to blockchain users. and are given factors indicating the effects of network scale and verification latency on block verification, respectively. The goal of the block manager is to maximize its profit through block verification as follows:


Iv-C Utility of Block Verifiers

For type- verifier, the utility function of block verification based on a signed contract is defined as


where is a monotonically increasing valuation function of type- verifier in terms of the incentive . is the unit resource cost of block verification. Moreover, the valuation is zero when there is no incentive, i.e., . The higher type- verifier should have larger utility because of higher reputation in block verification. However, the verifier wants to maximize its utility through minimizing resource consumption in block verification. Specifically, the objective of type- verifier is to maximize utility obtained by joining block verification, expressed by


V Optimal Contract Designing

According to [29], to make contracts feasible, each contract item for verifiers must satisfy the following principles: (i) Individual Rationality (IR) and (ii) Incentive Compatibility (IC). IR means that each verifier will join the block verification when it receives a non-negative utility, i.e.,


IC refers to that type- verifier can only receive the maximum utility when choosing the contract designed for itself instead of all other contracts , i.e.,


In what follows, we consider for ease of presentation, where is unit profit gain for the block manager. Therefore, the optimization problems in (13) and (15) can be defined as follows:


where is a given transaction fee from blockchain users.

This problem is not a convex optimization problem. However, we can find its solution by performing the following transformation.

Lemma 1 (Monotonicity). For contract and , we have and , if and only if , and .

Proof: According to the IC constraints of type- verifier and type- verifier, we have


By adding together (19) and (20), we can obtain is a monotonically increasing valuation function of . When , we can deduce that , i.e., . When , we have . Thus, we can deduce that must be satisfied [30].

Proposition 1: , if and only if .

Proof: According to the IC constraint in (19), we can obtain


As , we have according to (21), and thus . In addition, when , we can obtain from (22). Proposition 1 indicates that an incentive compatibility contract requires a higher payment, if verifiers have less latency in block verification.                

Lemma 2. If the IR constraint of type- verifier is satisfied, the IR constraints of other types will hold.

Proof: According to the IC constraints, , we have


Given that , we also have


According to (23) and (24), we have


The (25) indicates that with the IC condition, when the IR constraint of type- verifier is satisfied, the other IR constraints will also hold. Therefore, the other IR constraints can be bound into the IR condition of type- verifier [30].                 

Lemma 3. By utilizing the monotonicity in Lemma  1, the IC condition can be transformed into the Local Downward Incentive Compatibility (LDIC), which is given as follows:


Proof: The IC constraints between type- and type-, are defined as Downward Incentive Compatibility (DIC), given by

The IC constraints between type- and type-, are defined as Upward Incentive Compatibility (UIC), given by

We first prove that DIC can be reduced as two adjacent types in DIC, called LDIC. Consider three continuous types of verifiers, i.e., , , we have


According to the monotonicity, i.e., if , then , and , we have


Combine (28) and (30), we have . Thus, we have


Combine (27) and (31), we have


We can extend (32) to prove that the DIC can be held until type-:


Hence, note that with the LDIC and the monotonicity, the DIC holds. Similarly, with the monotonicity and the Local Upward Incentive Compatibility (LUIC), the UIC can be proved to hold [29, 30].

According to Lemmas 1, 2, and 3, the optimization problem can be reformulated as follows:


Furthermore, to simplify the analysis without loss of generality, we define the concave function . The optimization problem in (34) is solved sequentially. Firstly, we solve the relaxed problem in (34) without monotonicity to obtain a solution. Secondly, we verify that whether the solution satisfies the condition of the monotonicity. We use the method of iterating the and constraints to obtain which can be expressed as follows:


where and . By substituting into , we have




We substitute the expression in (36) into the problem in (34) and remove all , from the problem in (34). The problem in (34) is rewritten as follows:


By differentiating with respect to , we have , and Thus, the function is concave. The problem defined in (38) is a convex optimization problem because the summation of concave functions () is still a concave function, and the constrains are affine. We can obtain the optimal latency requirement and the corresponding incentive

by using convex optimization tools. Moreover, if the types of verifiers follow uniformly distributed, the monotonicity can be automatically met

[29, 30]. If not, we can use infeasible sub-sequence replacing algorithm to satisfy the final optimal latency requirement [31].

Note that the proposed incentive mechanism based on contract theory can encourage efficiently high-reputation miners to join the block verification for further improving the security of the vehicular blockchain.

Vi Numerical Results

In this section, we first evaluate the performance of the proposed Multi-Weight Subjective Logic (MWSL) scheme based on a real-world dataset of San Francisco Yellow Cab [32]. Next, we evaluate and compare the performance of the proposed incentive mechanism based on contract theory. The mobility traces of 536 taxis driving during a month are recorded in this dataset. We observe 200 taxis running in an urban area, whose latitude and longitude are from 37.7 to 37.81 and from -122.52 to -122.38, respectively. Fig. 3

shows trace points of the 200 taxis during a month. The average time gap between two trace records is 43.34 seconds. There are 400 RSUs (miner candidates) deployed uniformly in the observation area. The update period of RSUs’ reputation is 1 minute. These miner candidates are initially classified into 10 types according to their reputation values, wherein the probability for an candidate belonging to a certain type is 0.1. Major parameters used in the simulation are given in Table I, most of which are adopted from

[18, 26, 30].

Parameter Setting
Interaction frequency between vehicles and RSUs [50, 200] times/week
Coverage range of RSUs [300, 500] m
Speed of vehicles [50, 150] km/h
Weight parameters , , , ,
Time scale of recent and past events three days
Rate of compromised vehicles [10%, 90%]
Successful transmission probability of data packets [0.6, 1]
Vehicle to RSU bandwidth 20 MHz
Noise spectrum density -174 dBm/Hz
Transmission power [10, 23] dBm
Receiver power 14 dBm
Computation resource [, ] CPU cycles/unit time
Input/output block data size [50, 500] KB
Pre-defined parameters , s,
TABLE I: Parameter Setting in the Simulation
Fig. 3: Spatial distribution of vehicle trace points.

Vi-a Performance of the proposed reputation scheme

In the proposed MWSL scheme, vehicles calculate reputation value of miner candidates according to local opinions and recommended opinions from other vehicles. We compare our MWSL scheme with a Traditional Subjective Logic (TSL) scheme which is a typical model using a linear function to calculate reputation [18]. More specifically, , where and . Here is the weight and is set to be 0.5. and are average values of other vehicles’ and , respectively. and are the latest and in the local opinion of vehicle for RSU . We consider a malicious miner candidate will firstly pretend to behave well to obtain positive reputation values from vehicles in the former 5 minutes. Then, this candidate colludes with 10 compromised vehicles and begins to misbehave to 50 well-behaved vehicles randomly. These misbehaving vehicles will generate negative reputation opinions for the candidate, while the colluded vehicles still generate positive reputation opinions for the candidate and vote it as a miner in the voting stage.

Fig. 4: The reputation values of a malicious miner.
Fig. 5: Detection rate of malicious miners under different threshold values of trusted miners
Fig. 6: Probability of corrected data blocks under different threshold values of trusted miners
Fig. 7: Utilities of verifiers under different contract items.
Fig. 8: The utility of a block manager under different total number of verifier types.

Fig. 4 shows reputation variation of a malicious miner candidate from the perspective of a well-behaved vehicles under three cases: (i) traditional DPoS scheme without reputation, (ii) TSL scheme, and (iii) MWSL scheme. In the traditional DPoS scheme without reputation, the reputation value of the compromised candidate evaluated by the vehicle is linear increasing because the well-behaved vehicle cannot detect the candidate’s misbehaviors for other well-behaved vehicles. However, in the cases of TSL and our MWSL schemes, the reputation values of the candidate sharply decrease because of recommended opinions from other vehicles. The reputation value decreasing below reputation threshold of trusted miner in the MWSL scheme is faster than that of TSL because of the weights of interaction frequency, timeliness, and interaction effects on both recommended opinions and local opinions. This can avoid being misleading by compromised vehicles’ recommended reputation opinions. As a result, our MWSL scheme achieves more accurate reputation calculation, and this therefore leads to more secure miner voting.

We observe the detection rate of 10 malicious miner candidates using the TSL and MWSL schemes during 60 minutes. Figure 5 shows that the MWSL scheme has much higher successful detection rate of malicious miners than that in the TSL scheme. We define a metric as the reputation threshold of successful detection, in which only the reputation of malicious miners below the threshold can be detected successfully. When the reputation threshold of successful detection is 0.5, the detection rate of the MWSL scheme is 100%, which is 100% higher than that of the TSL scheme. Due to higher detection rate in the MWSL scheme, potential security threats can be removed more effectively, which leads to a securer BIoV.

From Fig. 5, we can observe that successful detection probability is not good enough when the reputation threshold of successful detection is very low, e.g., 0.2. In the cases with a very low threshold, the active miners generated by reputation voting may launch the verification collusion attack, that more than 1/3 active miners collude to generate false verification result for a data block [33, 17]. To defend this intractable attack, standby miners should participate in block verification to improve the correct probability of verified block. The correct probability of verified block means that the data block is correctly verified without the effects of the verification collusion attack. Figure 6 shows the correct probability of data block after verification with respect to different reputation thresholds of successful detection. When the reputation threshold of successful detection is 0.2, the correct probability in our MWSL scheme with standby miners is 13% higher than that of MWSL scheme without standby miners, while the TSL scheme without standby miners cannot defend against this collusion attack. This indicates that the proposed MWSL can ensure a secure block verification, even when attackers launch internal active miner collusion.

Vi-B Performance of the incentive mechanism based on contract theory scheme

A block manager acting as the contract publisher announces the designed contract items to other active miners and standby miners. These miners choose a contract item () to sign, and work as verifiers to finish the block verification task according to latency requirements in the signed contract. Finally, the verifiers obtain the corresponding incentives from the contract publisher. Figure 7 shows the utilities of verifiers with type 2, type 4, type 6 and type 8. We can see that each type of verifiers obtains the maximum utility while selecting the contract item exactly designed for its type, which explains the IC constraint. All types of verifiers choose the contract items corresponding to their types with non-negative utilities, which validates the IR constraint [26].

We compare the profit of a block manager obtained from the proposed contract model, and Stackelberg game model from [30]. Figure 8 shows that the profit of a block manager increases with the total number of verifier types. The more verifier types bring both more verifiers and contract item choices for high-type (high-reputation) verifiers, leading to the more secure block verification. The utility of the proposed contract model has better performance than that of the Stackelberg game model. The reason is that in the monopoly market, the proposed contract model provides limited contract items to extract more benefits from the verifiers. However, in the Stackelberg game model, rational verifiers can optimize their individual utilities thus leading to less profit of the block manager. Moreover, the Stackelberg game model with symmetric information has better performance than that of Stackelberg game model with asymmetric information. The reason is that the game leader (the block manager) in the Stackelberg game with symmetric information can optimize its profit because of knowing the actions of followers (verifiers), i.e., the symmetric information, and set the utilities of the follows as zero [30].

Vii Conclusion

In this paper, we have introduced blockchain-based Internet of vehicles for secure P2P vehicle data sharing by using a hard security solution, i.e., the enhanced Delegated Proof-of-Stake consensus scheme. This DPoS consensus scheme has been improved by a two-stage soft security enhancement solution. The first stage is to select miners by reputation-based voting. A multi-weight subjective logic scheme has been utilized to calculate securely and accurately the reputation of miner candidates. The second stage is to incentivize standby miners to participate in block verification using contract theory, which can further prevent internal collusion of active miners. Numerical results have indicated that our multi-weight subjective logic scheme has great advantages over traditional reputation schemes in improving detection rate of malicious miner candidates. Likewise, the proposed contract-based block verification scheme can further decrease active miners collusion and optimize the utilities of both the block manager and verifiers to further improve the security of vehicle data sharing. In the future work, we can further improve the accuracy of the miner candidates’ reputation calculation through taking more weights into consideration.