Secure Message Handling in Vehicular Energy Networks Using Blockchain and Artificially Intelligent IPFS

In the underlying work, the problems faced during message dissemination in the conventional Vehicular Energy Networks (VENs) like lack of security, breach of personal identities, absence of trust between vehicle owners, etc., are tackled. In this study, a Blockchain (BC) based announcement system is proposed for VENs to ensure secure and reliable announcement dissemination in the proposed network. The proposed system is a three-layered system comprising message dissemination layer, storage layer and BC layer. In the first layer, all the vehicles are registered through a Certificate Authority (CA), which ensures only the legitimate vehicles become part of the proposed network and interact with each other. Later, in the second layer, the data sent by the vehicles is stored at the artificial intelligence based Interplanetary File System (IPFS), which is incorporated with the Road Side Units (RSUs). This ensures reduction in storage cost and data availability. Besides, vehicle owners’ privacy is ensured by concealing the real identities of the vehicles. Moreover, the hashes of the data stored in the IPFS are stored in BC in the third layer. Also, lightweight trustworthiness verification of the vehicles, reputation based incentivization and concealing predictable trends in vehicles’ reputation scores are performed in the same layer. Overall, the novelty of the proposed work lies in the fact that the proposed system efficiently tackles different problems encountered in the existing systems simultaneously. Through extensive simulations, it is inferred that the computational time is reduced by 15–18% and the storage overhead is reduced by 80–85%, respectively when storing hash of data on the BC network as compared to storing actual data on the network.


I. INTRODUCTION
Over the past few decades, migration of people from rural to urban areas is observed on a large scale in order to have access of the basic necessities of life. On one hand, the migration has provided the masses with multiple benefits.
The associate editor coordinating the review of this manuscript and approving it for publication was Adnan M. Abu-Mahfouz .
While on the other hand, it has caused some serious issues as well like scarcity of health facilities, decrease in employment opportunities, reduction in natural resources, etc. As a result of which, a huge shift from traditional means to latest and updated means is observed [1]. Moreover, the major reliance of the masses on electricity has led the world towards the development of smart grids and get rid of traditional grids, though gradually. The huge demand of electricity has also caused various issues like the imbalance between supply and demand, massive load shedding and blackouts, drastic increase in electricity prices, etc., [2]. To tackle the mentioned issues, the green and sustainable smart city proved to be a potential option. The smart city comprises smart homes, smart grids, smart hospitals, smart transportation, etc.
Vehicles in Vehicular Energy Networks (VENs), a major part of smart transportation, consist of On-Board Units (OBUs), which assist the vehicles in communicating with the nearby vehicles and other infrastructure via a Dedicated Short-Range Communication (DSRC) protocol. Moreover, in VENs, energy is transferred from one place to another through electric vehicles (EVs). Although, there are other communication protocols as well, which come under the umbrella of C-V2X. Despite, DSRC is used because of its less transmission time than C-V2X, a more mature and a fully designed communication protocol as compared to C-V2X, etc., [3]. Moving ahead, in VENs, vehicles share important information about road and traffic conditions to inform other network participants about the potential hazards like roadside accidents, drastic weather conditions, etc., through messages, termed as announcement messages [1]. Announcement messages are the messages delivered by the vehicles that contain important information like information about road accidents, road blockage, natural calamities, etc. These messages are important because they guide the incoming vehicles to make proper decisions in time and change their route accordingly, which will save both their time and energy.
VENs provide numerous advantages to vehicle users [4], [5]. However, they are also subjected to many threats like disseminating fraudulent information, Single Point of Failure (SPoF), absence of privacy preservation, etc. Various solutions are proposed on the basis of Blockchain (BC) to address these concerns in VENs [6], [7]. The major issues faced in the centralized VENs like lack of trust and security are tackled using BC [1]. Both academia and industry have embraced BC as a Distributed Ledger Technology (DLT) to a remarkable extent over the past few years owing its various fascinating features like transparency, tamperproof and data immutability. In BC, the blocks are linked together cryptographically to store the transactional data. Satoshi Nakamoto was the first one who came up with the idea of BC in 2008 [8]. The authors in [9] proposed a BC based model for supply chain management comprising Internet of Things (IoT), which ensures trust between the entities. The proposed model ensures simple data sharing, and reduction in requirements of computational power, storage and latency. However, many potential drawbacks are also found in BC based VENs that limit their efficiency and question their feasibility despite of their numerous benefits [10]. Moreover, an OBU is a resource-constrained device that cannot perform a computationally intensive consensus process like Proof-of-Work (PoW). Additionally, due to the limited storage, the vehicles cannot store a complete copy of the ever-growing distributed ledger.
Besides, the internal attackers can purposefully share false information to mislead the network participants. Hence, it is necessary to efficiently identify and remove the internal attackers from the network. To overcome this issue, some of the researchers propose reputation mechanisms to identify the malicious users based on the users' ratings [11]. In the underlying work, the major issues related to data dissemination like breach of security, authentication of vehicles, expensive and non-tamper proof data storage, lack of trust between network entities, etc., are tackled.

A. CONTRIBUTIONS
The major contributions of the proposed work are as follows. The novelty of the work lies solely in the proposed system model, which is both unique and efficient.
• A vehicular announcement scheme based on BC technology is proposed where lightweight announcement sharing is ensured.
• Data is distributively stored in Artificial Intelligence (AI) powered Interplanetary File System (IPFS), which ensures storage cost reduction and data availability.
• The vehicles' reputation information and the hashes provided by the IPFS upon data storage are uploaded on Ethereum BC.
• The pseudonyms are generated using Elliptic Curve Crytography (ECC), which ensures anonymity.
• A reputation based incentive scheme is used for encouraging honest behavior of users and provisioning of true announcement ratings.
• A Cuckoo Filter (CF) is employed for validating vehicles' trustworthiness while hiding vehicles' actual reputation scores.

B. MOTIVATION AND PROBLEM STATEMENT
The traditional and centralized systems are getting obsolete with every new day because of a large number of issues related to them like lack of trust, single point of failure, etc. People are shifting towards the use of latest and decentralized systems. The huge shift of people from traditional means to latest and state-of-the-art means not only provides numerous benefits but also poses serious threats. Moreover, the shortcomings of the traditional energy trading schemes like lack of trust, loss of privacy and security, unauthorized and harmful requests, etc., need to be addressed. In lieu of this, the authors of [5] provide BC based solutions to tackle issues of latency, network overhead, security, and privacy. These systems ensure efficient energy trading in VENs. However, the proposed systems also come with issues like generation of a large number of requests by EVs, which further increases the networks' computational overhead. Apart from that, the sudden increase in the number of vehicles leads to traffic jams and roadside accidents [6]. Additionally, the simultaneous creation and transmission of messages by vehicles causes the gradual loss of crucial information, which also becomes the reason of road congestion and mishaps.
Keeping the issues in view and being motivated from [1], [12], [26], in the proposed work, a BC based model is proposed, which ensures efficient message dissemination along with efficient data storage, users' privacy preservation and reputation based incentivization.

II. RELATED WORK
The authors in [14] make use of microtransactions for minimizing the communication and storage overhead in VENs. The authors also ensure the integrity of data collected from different vehicles along with the integrity of traffic records and traceability. The authors in [15] propose a BC based framework for smart parking of vehicles in a sustainable city environment. The vehicles are first authenticated and verified, and then are allowed to become a part of the vehicular network. Moving ahead, a frequently occurring issue in BC based VENs is privacy leakage, which occurs due to the transparency feature of the BC. Another issue that commonly occurs in VENs is data repudiation. In the existing schemes, researchers use pseudonyms to hide the Real Identities RIDs of the users [16]. However, in these schemes, a static pseudonym is provided to the vehicles. As a result, the adversaries can perform background knowledge attack using static pseudonyms to find the RIDs of the users. Some authors propose pseudonym update mechanisms to overcome this issue [17]. On the other hand, internal attackers can distribute misleading information in the networks without being detected because the networks lack tracking methods. One of the major issues that occur in centralized public key infrastructure is the privacy leakage issue. The authors in [18] propose that the users should go for pseudonyms' generation using a distributed pseudonym management system to safeguard against privacy leakage issue. However, the system falls short of tracing the malicious vehicles present in the network. In [19], the authors exploit Certificate Authority (CA) based distributed authentication. However, the users' authentication information is stored in a centralized fashion, which makes it vulnerable to SPoF. The authors use BC and edge computing collectively to ensure that vehicles' registration and trust information are stored efficiently [10]. However, the proposed method lacks in protecting the users against the privacy leakage issue. In [20], [21], the authors address the issue of inefficient key management in VENs. The authors in [20] develop a lightweight key agreement protocol based on bivariate polynomial. Moreover, an asymmetric group key agreement protocol based on BC technology is proposed in [21]. However, due to the lack of an efficient storage mechanism, both of these schemes suffer from scalability issue. In order to handle the Certificate Revocation List (CRL) efficiently, the authors in [22], [23] recommend the usage of certificate revocation methods in VENs. Using the CRL, it is checked if a specific user's certificates have been revoked or not. The authors in [24] proposed a BC based network that increases network security by revoking malicious vehicles from the network. In the proposed model, revocation is done on the basis of clustering. Moreover, in [25], multiple semi-trusted authorities are being utilized along with BC technology in the proposed network. The vehicles in the network are authenticated via certificateless signature through a key distribution method. Moving ahead, the authors in [26] put forward federated learning based BC assisted message dissemination technique. The proof of federated learning mechanism is used in the paper. Moreover, theoretical and practical analyses of the proposed technique are presented. In the proposed work, the focus is on the broadcast of the important messages in the vehicular network. Besides, Table 1 presents the comparison of the proposed work with the existing literature. The comparison is made on the basis of five parameters, denoted as P1-P5 where P1, P2, P3, P4 and P5 represent authentication, encryption, trustworthiness, data storage and message dissemination, respectively.

III. SYSTEM MODEL
In order to facilitate safe and efficient information sharing in VENs while protecting users' privacy, a hybrid BC based announcement dissemination architecture is presented in the underlying work. The proposed system model shown in Figure 1 comprises three layers: announcement message dissemination layer, storage layer and BC layer. In the first layer, the vehicles are registered by CA. Afterwards, the vehicles interact with each other and share messages. Moving ahead, in the second layer, Road Side Units (RSUs) are connected to one another and oversee the entire network's activities. The data generated by the vehicles is provided to the RSUs. Moreover, IPFS is incorporated with RSUs to ensure efficient data storage. The data delivered to the RSUs is sent to IPFS for storage purpose. This saves storage cost and assures data availability. IPFS splits the data into chunks and generates a hash for the data, which is stored on the Ethereum BC, implemented in the third layer. In the third layer, CF is also employed to store vehicles' reputation scores. Moving ahead, in Figure 1, the Public TX Data refers to the reputation scores of the vehicles, which are publicly available. This data is stored in the CF. While the Private TX Data refers to the hash of the data provided by the IPFS that is stored in Ethereum BC. The figure also includes the lists of the limitations that have been identified from the existing literature and their recommended solutions. The proposed solutions are designated from S1 to S7 while the limitations are labeled from L1 to L6. Figure 2 shows the flowchart of the proposed system model.
A brief description of the entities involved in the proposed model is provided below, in the order of their occurrence in the model. It is to be noted that the proposed work is an extended form of the existing work [13].

A. VEHICLES
DSRC protocol provides Vehicle to Vehicle (V2V) and Vehicle to Infrastructure (V2I) communication in VENs. Vehicle keys are stored in OBUs, which are considered to be tamperproof devices. V2V communication comprises exchanging of traffic conditions, road incidents, advertisements and other information between vehicles. The vehicles provide ratings on the basis of received announcements to minimize the spread of misleading information. The vehicles are rewarded for providing honest ratings and are penalized for providing dishonest ratings.

B. CERTIFICATE AUTHORITY
When it comes to VENs, CA is the central organization that ensures only the approved users become part of the network. It is assumed that CA is fully trustworthy and shows high robustness against all assaults and threats. When registering a vehicle in the proposed approach, the vehicle's RID information is sent to CA. The vehicles are provided with Pseudonym Certificates (PCs) by CA. Moreover, RIDs and the vehicle's Pseudo Identities PIDs are encrypted, allowing for conditional anonymity. Besides, malevolent vehicles' digital certificates are revoked and their RIDs are exposed in case of a malicious activity, preventing them from rejoining the network.

C. ROAD SIDE UNITS
RSUs control the entire network in VENs and deliver different services to the vehicles. In addition to being networked, RSUs possess significant computing capabilities. RSUs are part of the data storage layer where IPFS is integrated on them. Vehicles' announcement records are stored in RSUs, which ensures data accessibility. Moreover, RSUs are the approved nodes in the BC layer, which are responsible for accomplishing the following tasks: (i) calculate a vehicle's reputation score using the feedback provided by other vehicles, (ii) add PIDs of malicious users to a CF and (iii) store the vehicular announcement data on IPFS, discussed in the next subsection.

D. INTERPLANETARY FILE SYSTEM
For distributive data storage, IPFS is used. Each file saved on IPFS has a unique hash value, which is subsequently used to retrieve the file [27]. The system is made scalable and efficient by uploading the historical records on the IPFS. The storage of hash values provided by IPFS in BC minimizes the cost incurred while storing data on BC, discussed in the next subsection.

E. BLOCKCHAIN
Ethereum BC [28] is implemented on the RSUs in the proposed scheme. Transparency, integrity and immutability of data are ensured using BC. To prevent data loss due to data pruning, the message records are uploaded to IPFS while their hash values are saved on BC. Smart contracts are used to save and access the data in and from BC. In the proposed model, a block in BC contains a header and a body. The header is used for identifying a distinct block in the BC. It contains the current block hash and the metadata. The metadata includes the version of the current block, hash of the previous block, Merkle root hash, nonce and timestamp. Hash is defined as the output generated when an input data of arbitrary length is converted to a unique, fixed size output comprising string of characters [29]. Merkle root hash is defined as the combined hash value of all the transactions present in a particular block [30]. While nonce is defined as a 4-byte field that starts from 0 and increases for every hash calculation [30]. Besides, the data related to BC transactions is stored in the block body. In the proposed network, IPFS hashes of message records, encrypted vehicles' rating data and information related to CF (discussed in the next subsection) are saved in the block body.

F. CUCKOO FILTER
For checking the affiliation of an element with a specific set, a new data structure is used. The authors in [31] propose to replace the Bloom Filter (BF) with CF. BF is used to check whether an element is a part of a set or not. It is a space-efficient probabilistic data structure. It offers many advantages like space efficiency, fast query time as compared to conventional hash table, etc. However, it has some disadvantages as well. The major disadvantage is that the elements once stored in the BF cannot be deleted. This is where CF comes into play. CF provides dynamic adding and removing of elements, higher lookup performance than BF, more space efficiency than BF, etc., [31]. Moreover, cuckoo hashing is used in the CF. The reduction in the false positive rate and storage consumption is ensured using CFs.

IV. DESIGN GOALS
In this section, the goals of the proposed work are discussed.

A. PRIVACY
In BC based VENs, privacy is considered as one of the fundamental requirements. The use of static pseudonyms leads to vehicles' privacy leakage issue. The identification of a user by an adversary is also possible using static pseudonyms. Moreover, the publicly available vehicles' reputation scores are used as quasi-identifiers to perform background knowledge attack. Therefore, to prevent the adversaries from identifying the vehicles, dynamic pseudonyms are used.

B. NON-REPUDIATION
It is an important attribute of VENs, which prevents the vehicles from denying that they have sent an announcement message in the network. Previously, the authors used BC to enable non-repudiation on vehicle layer. However, the overwhelming computational cost and storage overhead incurred while doing so is not suitable for the resource-constrained vehicles.

C. DATA AVAILABILITY AND STORAGE
Data availability is necessary for the distributed systems. However, in order to reduce the storage cost, the historical transactions must be deleted, which causes data loss. To overcome the data loss issue, the historical transaction records are stored on a distributed storage system, i.e., IPFS. Only the hash values of the transaction records are saved on BC. It is done to minimize the data storage cost of BC.

D. TRACEABILITY
The CA possesses the information of mapping between RIDs and PIDs of the vehicles. The digital certificates of the malicious vehicles are revoked by CA using the mapping between RIDs and PIDs upon their involvement in the fraudulent activities.

E. VEHICLES' ENTHUSIASM
Our proposed scheme encourages the users to provide feedback about the announcements they receive using a reputation based incentive mechanism. The Feedback Messages FBs sent by the vehicles are used for calculating the reputation values of the announcement sharing vehicles. The reputation values of the vehicles are also linked with the system performance. More the reputation of a vehicle, better the performance would be. Moreover, the reputation values of vehicles also help in deciding what data to be stored on the IPFS. The data coming from the high-reputed vehicle is given more importance as compared to the data coming from low-reputed vehicle. This in turn further increases the system performance.

V. THREAT MODEL
In this section, the possible security threats to the proposed model are discussed.

A. PRIVACY LEAKAGE DUE TO STATIC PSEUDONYMS
In [32], the authors use static pseudonyms to hide the RIDs of the vehicles. However, it enables the adversaries to perform background knowledge attack, which leads to privacy leakage. Hence, it is necessary to periodically change and update the pseudonym of each vehicle.

B. PRIVACY LEAKAGE DUE TO QUASI-IDENTIFIERS
To ensure trust in BC based VEN schemes, many reputation mechanisms are developed [33]. In these schemes, the vehicles' rating values are stored publicly on BC so that vehicles can verify the trustworthiness of their peers. However, these values are used by adversaries to perform cyber attacks and cause privacy leakage. The leakage occurs due to the foreseeable patterns' identification of the rating values. In most of the reputation schemes, the rating values either increase or decrease by a certain number depending on the vehicles' reputation. This fluctuating pattern along with the location information help the adversary to launch a background knowledge attack against the vehicles.

C. INTERNAL ATTACKERS' SCENARIO
The authenticated users may attempt to share false information about road incidents for malicious purposes. Hence, it is necessary to enable conditional privacy so that the internal attackers are easily identified and the responsible vehicles are revoked from the network.

VI. PROPOSED METHODOLOGY
The proposed methodology of the underlying work is discussed in this section.

A. SYSTEM INITIALIZATION
In the proposed system, Advanced Encryption Standard (AES) is used for symmetric encryption of the vehicles' reputation scores through AES key . In AES, two keys are used: public and private. The former is used for encryption while the latter is used for decryption [34]. CA sends the AES key to all RSUs through a secure channel for sharing the encrypted data. CA also generates a pair of public and private keys, given as SK CA and PK CA . These keys are used by the CA itself to encrypt the mapping between RID and PID. Moreover, the RIDs of the EVs are concealed using ECC asymmetric encryption technique having PK ECC and SK ECC keys after they are registered in the network. ECC is an elliptic curve based public key encryption technique. It is used to create small and efficient cryptographic keys [35].
The conditional anonymity is also ensured using ECC. Furthermore, ECDSA is employed for performing authentication using digital signatures, given as Sig PR . ECDSA is a complex public key encryption algorithm that uses ECC to generate keys that are smaller in size as compared to keys generated by other digital signing algorithms. It creates certificates that are used for user authentication [36]. Also, a CF is used for storing the PIDs of the malicious EVs, denoted as CF mal . In the proposed work, hashing is done using Secure Hashing Algorithm 256 (SHA256), given as H : {0, 1} * → Z * . SHA256 is a hashing algorithm that is used in digital certificate and data integrity. It takes an input of 2 64 bits and generates an output of 256-bits [37].

B. REGISTRATION
For registration, the vehicle V i generates its public and private keys (PK V i , SK V i ). Afterwards, the V i sends its RID V i information and PK V i to CA in order to receive the PC. CA checks RID V i of the vehicle in existing certificates' list. If it exists, CA rejects the request. Otherwise, CA generates an initial PC, denoted as PC 0 V i for V i (the 0 in PC 0 V i shows the index of the PC). The CA also creates an encrypted mapping Enc(RID V i ||PC n V i ) to identify the vehicle in case of malicious activities. Hence, in case of disputes, the RIDs of the vehicles are revealed.

C. PSEUDONYM UPDATE
The use of static pseudonyms can cause privacy leakage. Hence, the pseudonyms should be periodically updated to prevent tracing attacks. The vehicles get their PCs updated in case of privacy leakage, certificate expiration, etc. The periodic generation of static pseudonyms is performed by CA. This generation is performed in the following manner. The V i sends the pseudonym update request to CA, given as PseudonymUpdateRequest = (Sig PR V i , PUReq, PC n V i ), where PC n V i is the current PC. Upon receiving the request, CA verifies it. If the request is found to be valid, CA generates a new PC for the vehicle, given as PC n+1 V i . After the generation of the PC, it is matched with the existing PCs. If no existing Pc is found, the new PC is added to the list of PCs of the vehicles in an encrypted form as Enc( . It is to be noted that periodic generation of the PCs incurs high computation cost. However, our main focus is on the safety of the vehicle users so increase in computational cost is not considered important. Furthermore, as in the proposed system, only legitimate and registered vehicles take part. Therefore, there are less chances of users' privacy leakage. As a result, less chances of increase in computational cost.

D. ANNOUNCEMENT SHARING
In the proposed scheme, a lightweight BC based scheme is used for announcement message sharing. When an announcement initiator vehicle V i initiates an announcement Tx V i 1 = (Event, Loc, ts, Sig SK V i ), it needs to approve two randomly selected transactions. Here, Loc is the location of the event, ts is the timestamp and Sig SK V i is the digital signature. Each transaction is represented by a unique ID, denoted as TxID. The steps taken during announcement sharing in the proposed system are: (i) when V i1 observes an accident and wants to create an announcement, it generates a transaction Tx 1 = (Event, Loc, ts, PID V i1 , Sig SK V i ), (ii) V i1 randomly selects two transactions Tx 2 and Tx 3 initiated by V i2 and V i3 , respectively, (iii) V i1 checks the trustworthiness of V i2 and V i3 by requesting for the latest CF having malicious vehicles' data CF mal from the RSU via smart contract, (iv) V i1 checks the PIDs of V i2 and V i3 in CF mal . If the PIDs of these vehicles are found in CF mal , their transactions are rejected. Otherwise, V i2 and V i3 are approved and their records are added and (v) after approving Tx 2 and Tx 3 , Tx 1 becomes valid. It is approved by other vehicles in the similar manner. However, as the vehicles often share announcements in the network, a high transaction confirmation rate is expected to be achieved.

E. INCENTIVE MECHANISM
To prevent internal attackers from sharing false information in the network, an incentive mechanism is proposed. It is proposed to encourage the vehicles to provide honest feedback about the transactions. The steps followed in the proposed incentive mechanism are: (i) when a false announcement transaction Tx i is identified in the network, multiple V f s send the FBs, denoted as FB V f (Tx 1 ) to the RSU. The FB is given as follows. FB Vf = (Tx 1 , FALSE, Loc V f , ts, Sign SK V f ). Here, Tx 1 is the announcement about which the FB is generated. FALSE or TRUE is the feedback about the Tx 1 , Loc V f is the location of the V f and Sign SK V f is the digital signature, (ii) the RSU verifies the signature of n number of FB n messages sent by multiple V f s using the batch verification mechanism, (iii) the respective RSU checks the correctness of all FB n received from the V f s present in its vicinity and (iv) the vehicles that provide correct FB are rewarded with the incentives. The vehicles gain incentive for sharing FB about Tx. The amount of incentive increases as the number of FB increases. However, verifying a large number of FBs individually impedes the performance of RSUs.

F. REPUTATION CALCULATION
For reputation calculation, an RSU uses a V2V communication record from time t 1 to t 2 , denoted as (TRecord t1−t2 ). It also assembles the FB list as FB List t1−t2 . The steps involved in reputation calculation are: (i) RSU gets TRecord t1−t2 and assembles the list of FB as FB List t1−t2 (ii) RSU stores the PIDs of a malicious vehicle as PID m in CF mal , (iii) RSU uses the FB List t1−t2 to find the negative FB against a specific transaction Tx V 1 , (iv) FB is only considered valid if the location of V f is near the location of Tx V 1 and there are at least 5 other FBs for the same Tx V 1 , (v) if at least 5 negative FBs are received against Tx V 1 , the reputation value of V 1 is decreased and the ReputationList is updated accordingly, (vi) the process is repeated for all FBs and eventually, the ReputationList t1−t2 is updated, (vii) the PIDs of vehicles whose reputation values are below the threshold are added to CF mal , (viii) the ReputationList t1−t2 is encrypted using the shared AES key as RL enc = Enc(ReputationList t1−t2 ) AES , (ix) the TRecord t1−t2 , FB List t1−t2 and RL enc are uploaded to IPFS to retrieve the hash IPFSHash t1−t2 and (x) finally, the IPFSHash t1−t2 and CF mal are made public once they are added to the BC.

G. DATA STORAGE
After calculating the reputation values by utilizing message records and FB List , the data is uploaded to IPFS, which minimizes storage space requirements and makes the system scalable. The IPFS returns a hash value for the data, given as IPFSHash(data) = IPFSHash(TRecord t1−t2 ||FB List t1−t2 ||RL enc ). BC is used to store the hash value and share it with all other RSUs. It is to be noted here that in the proposed model, only that data is stored in IPFS, which is selected from the data coming from different vehicles using Artificial Intelligence (AI). This thing reduces the load both on the BC and the IPFS. If AI is not employed, then all incoming data will be forwarded to the IPFS, which will in turn overburden the IPFS and increase both the data storage and the data retrieval time.

VII. DISCUSSION OF SIMULATION RESULTS
To test the efficiency of the proposed model, we performed simulations on an Intel(R) Core(TM) m3-7Y30 machine having 1.00 GHz processor and 8.00 GB RAM. For implementing the proposed system, Python 3 is used while Solidity language is used to develop the smart contracts. In the simulation section, the implementation of different processes involved in the proposed system model, i.e., authentication, encryption for EachFB(Tx V 1 ) do 8: if FB(Tx V 1 ).location! = Tx V 1 .location then 9: Reject the FB(Tx V 1 ) 10: elseif FB(Tx V 1 ).location == Tx V 1 .location then 11 20: for EachPID in ReputationList do 21: if Reputation < 5 then 22: Add the PID in CF mal 23: endif 24: endfor 25: endwhile 26: Encrypt ReputationList with AES key 27: RL enc = Enc(ReputationList) AES 28: Upload (TRecord t1−t2 , FB t1−t2 , RL enc ) to IPFS and get IPFSHash t1−t2 29: Add (CF mal , IPFSHash t1−t2 ) to BC 30: End and decryption, data storage and retrieval, Ethereum BC, and execution time and false positive rate of CF is provided.

A. RESULTS FOR CUCKOO FILTER
A comparison of false positive rate between CF and BF is presented in Figure 3. It is observed that for less number of elements, the BF yields a lower false positive rate. However, when the number of elements is increased, the false positive rate of BF increases. From the figure, it is obvious that the false positive rate of CF remains close to 0.02 or 2%. While the false positive rate of BF is close to 0.10 or 10%. Therefore, we deduce that CF performs more efficiently when dealing with a large number of elements. Since the proposed scheme deals with a large number of elements, so CF is used as it is found more suitable than BF. Moreover, Figure 4 shows the time comparison between CF and BF when storing different number of events. From the figure, it is obvious that the time remains almost the same for 30000 events. As the number of events increases, a vivid difference in time is observed.  The execution time of BF increases exponentially beyond 30000 events while the execution time of CF increases gradually.

B. AUTHENTICATION SCHEME RESULTS
In the proposed system, ECDSA is used for authentication to reduce the overall computational overhead of the cryptographic operations including certificate generation, encryption and decryption. The time incurred by ECDSA for key generation, signature and verification is depicted in Figure 5. The simulations are performed for 10 times and the average execution time is calculated. It is evident from the figure that ECDSA scheme takes significantly large time for key verification, i.e., almost 0.008 secs. While time taken for key generation and key signing is less, i.e., almost 0.004 secs.

C. ENCRYPTION AND DECRYPTION RESULTS
In this subsection, the time consumed for encryption and decryption of data using AES is discussed. From Figure 6, it is obvious that time taken for encryption is larger than time taken for decryption. For encryption, almost 10 ms time is taken while for decryption, almost 1 ms time is taken.

D. ETHEREUM BC RESULTS
The gas consumption for smart contract's functions is shown in Figure 7. Gas consumption means the digital currency charged when performing transactions. It is also charged whenever deploying the BC smart contract. It is calculated   whenever a transaction is performed or a smart contact is deployed. In our case, the gas consumption is given in Wei when deploying the smart contract on Remix-IDE. Moreover, another unit of gas consumption is Ethers [38], where 1 Gwei = 0.000000001 Ethers. The vehicles' rating data is encrypted in the proposed system using an AES encryption algorithm before uploading it to the ledger. The ''Storage'' function uploads the encrypted vehicles' rating data in the ledger while ''Response'' function retrieves the encrypted data from the BC. The rating data is used for classifying the vehicles as malicious or benign. Furthermore, ''Authentication'' function authenticates the vehicles, ''Reputation'' function provides reputation to the vehicles and ''Incentive'' function provides incentives to the benign users.

E. IPFS RESULTS
In the proposed system, the rating data received from vehicles is sent to RSUs. After verification, this data is encrypted and stored on IPFS to save storage space. The IPFS generates the hash value for that data, which is then stored on the BC for data integrity. Figure 8 shows the size comparison of the rating data and its corresponding hash values, given in terms of storage cost, measured in bytes. It should be noted that the size of hash is independent of the increase in data size and it remains almost the same. The increase in size shown in the figure is due to the accumulation of the hash values. On the other hand, the size of actual data increases with the increase in the number of records. Figure 9 shows the comparison between data upload and data retrieve time for data of different size. It is obvious that for small data, increase is not much and vice versa. It is noted that as the data size increases, the increase in data upload time is more than increase in data retrieve time. It is because when data is uploaded, it is to be divided into chunks before storage, which becomes more time consuming as the data size increases.

VIII. SECURITY FEATURES
In this section, we discuss how our proposed scheme tackles the existing security issues. Since our proposed scheme involves BC, it inherits various security features including data integrity, decentralization, prevention of SPoF, nonrepudiation, data availability and trust. Some of the security features of the proposed scheme are discussed below.

A. DATA INTEGRITY AND AVAILABILITY
In BC based systems, the data is stored in DLT. The copies of the ledger are shared with all the nodes of the network. Any change in the ledger is reflected across all the nodes. Hence, the attackers cannot modify the data without notifying others. Since the data is stored in a peer-to-peer manner, data availability is ensured.

B. CONFIDENTIALITY
BC does not inherent confidentiality because the data is verified by all network participants for achieving consensus. However, in the proposed scheme, data is encrypted before storing it on the BC to ensure confidentiality.

C. NON-REPUDIATION
In BC, once the data is stored, it cannot be changed. It can only be updated in the new block, which is visible to all the network participants. Hence, once a transaction is performed, it cannot be repudiated by the users.

D. SINGLE POINT OF FAILURE
The BC prevents the SPoF issue as it is a decentralized technology and involves consensus between all nodes. BC is maintained by a group of network participants. Every new block that is added to the BC is accepted by most of the network participants unlike the traditional centralized systems, where a single entity makes all decisions.

IX. SECURITY ANALYSIS
The proposed model is analyzed from security perspective and the analysis results are discussed in this section. The analysis is performed on the bases of double spending attack, quasi-identifiers and smart contract vulnerabilities.

A. DOUBLE SPENDING ATTACK
In double spending attack, the attacker spends the same cryptocurrency token twice or sends it to multiple users, simultaneously. This attack occurs when the attacker possesses more computational power than the honest miners. The attackers can mine fraudulent blocks and add them to the BC before the honest miners. In BC, the longest chain is considered authentic. When the attacker with high computa- tional power mines more blocks than the honest miners, the blocks mined by the honest miners are discarded. This causes resource wastage for the honest miners. Figure 10 shows the probability of the double spending attack with respect to the computational power of the attackers. To simulate this attack, q, K and τ are used. q is the probability that attacker will mine the block before the honest miner, K is the number of confirmations required to validate the blocks and τ is the average time required by the honest and attacker nodes for mining [40]. The mathematical formulation of double spending attack is taken from [41]. A double spending attack's probability is expressed as the possibility of the attacker proceeding from block 1 to block n and ending up at the difference of blocks K − n. It is given in Equation 1.
where P N is the attacker's potential progress function P for the model of S. Nakamoto in terms of Poison distribution. The probability that an attacker node mines the block faster than a honest node is given in Equation 2.
where T q and T p represent the time needed by the attacker nodes and the honest nodes to mine a block, respectively. P is defined in terms of the time advantage t for fake block generation and p = 1 − q.

B. ANALYSIS OF SMART CONTRACTS
Vulnerabilities in the smart contracts cause a potential financial loss. Hence, it is necessary to analyze the smart contracts before deploying them on the main Ethereum network.
Oyente is an open-source auto-auditing tool for smart contracts, which analyzes smart contracts against different vulnerabilities. It uses a symbolic execution technique to analyze the smart contracts by validating the input values of the functions for identifying possible security flaws. Some of the well-known vulnerabilities identified by Oyente include Integer Overflow/Underflow, Parity Multisig Bug 2, Re-Entrancy Vulnerability, Timestamp Dependency, Transaction-Ordering Dependence and Callstack Depth Attack Vulnerability [43]. Figure 11 illustrates that the designed smart contract is resistant against the mentioned vulnerabilities.

C. PRIVACY LEAKAGE DUE TO QUASI-IDENTIFIERS
The reputation data is generally kept public, which ensures that data sharing and trading are performed in a secure manner. However, the publicly available reputation information of users can act as a quasi-identifier and the malicious users can use it along with some background knowledge to expose the user IDs. The authors in [42] use the following formula for identifying the relationship between the probability of privacy leakage P leakage and the number of quasi-identifiers x.
where b 3 , b 2 , b 1 , b 0 are parameters in the third-order Taylor formula and their values are 0.0049, -0.0454, 0.1248, and -0.0921, respectively. The effect of quasi-identifiers on P leakage is depicted in Figure 12. It is observed that by increasing the number of quasi-identifiers, the value of P leakage substantially increases. For that reason, we hide the exact reputation scores of vehicles in the proposed scheme.

X. CONCLUSION
In the proposed work, a BC based message announcement system is put forward for efficient information dissemination in VENs. The proposed system is a three-layered system comprising message dissemination layer, storage layer and BC layer. The registration of vehicles is performed in the first layer. In the second layer, the data is uploaded and saved in AI based IPFS incorporated with the RSUs. Upon data storage, IPFS generates the hash values for the data, which are forwarded and saved in the Ethereum BC, deployed in the third layer. In addition, CFs are used to store the foreseeable trends in vehicles' reputations values. Furthermore, incentives are provided to users in the proposed model to ensure sharing of honest reviews. Moreover, through extensive simulations, it is inferred that the computational time of the proposed system is reduced by 15-18% and the storage overhead is reduced by 80-85%, respectively when storing hash of data on the BC network as compared to storing actual data on the network. The security analyses results prove that the system is robust both against the smart contract vulnerabilities and the cyber attacks like double spending attack.