Blockchain-Based Physically Secure and Privacy-Aware Anonymous Authentication Scheme for Fog-Based Vanets

Vehicular Ad-hoc Networks (VANETs) have a lot of potential for improving traffic management and driver safety. However, employing a wireless channel for vehicle communication has security and privacy concerns such as authentication, confidentiality, integrity, access control, and availability. Hence, it is indispensable to address the security and privacy aspects of the vehicles utilized in these contexts. In this study, a blockchain-based physically secure, and privacy-aware anonymous authentication technique leveraging the fog computing architecture. The proposed method can efficiently solve security and privacy problems using its attributes of support to movement, reduced latency, and location monitoring. In addition, the decentralized nature of blockchain technology is used to ensure the data security of vehicles. The vehicle is not required to store the secret keys to do anonymous authentication and provides physical security for the vehicle. The implied scheme provides essential security features with less storage, computational and communication costs than related competitive schemes.


I. INTRODUCTION
VANETs are crucial elements of intelligent transportation because they enhance traffic management as well as ensures driver safety. On-Board Unit (OBU) vehicle (V i ) is employed in a VANET can connect with other V i s or infrastructure. Vehicle-to-vehicle and vehicle-to-infrastructure are the two basic communication types in VANETs [1]. According to the dedicated short-range communications standard, the OBU broadcasts safety-related information every 100-300 milliseconds [2], which can be utilized to increase traffic management efficiency and prevent traffic accidents [3]. VANETs can also provide extended services to drivers over the Internet [4].
The associate editor coordinating the review of this manuscript and approving it for publication was Wei Quan.
Although VANETs have several uses and bring numerous benefits, they also present numerous problems that must be solved. Secure and confidential communications are critical for personal and property security [5]. Messages sent over the open and insecure channels in VANETs can be altered with, replayed, captured, or deleted by an intruder if there is no security mechanism in place [6]. As a result, the message validation method must be built to protect the integrity of the message [7]. VANETs also aid current intelligent transportation systems by supporting smart processing and realtime response. However, there are possible safety risks that should not be overlooked, particularly when using wireless connectivity, which is more sensitive than a wired connection. For instance, attackers could try to cause societal discontent by intercepting, changing, replaying, or deleting communications sent through such a transportation system. To avoid impersonation or malicious modification, the authenticity, validity, and integrity of the sent messages must be verified. Successful attacks can lead to real-life deaths. While message authentication can aid to minimize some of these assaults, we must also examine how to secure the privacy of vehicles.
When a vehicle communicates its traffic information with another RSU or vehicle, its identity is revealed. An attacker could use this information to track down the vehicle's location. Furthermore, vehicles generally broadcast signals concerning road traffic circumstances and driving status at intervals of 100-300 milliseconds. The traceability of cars is made easier by the frequency of the broadcasted message. Many message authentication techniques based on the identification and without certificates have been presented. Moreover, the communication delays related to these techniques can be lengthy, and they may not maintain the right balance between effectiveness and security, making them challenging to implement in the actual context.
Further, a blockchain is a distributed, unchangeable ledger that can be used to record transactions, track assets, and foster trust. It was created to offer a decentralized third-party transactional system and it is now being used in a variety of fields of computer science for its unique characteristics like distribution, decentralization, tamper resistance, immutability, availability, transparency, and more [15]. Several blockchainbased protocols for VANET have been developed for various sorts of applications, and blockchain can also be used for authentication and efficient message transmission [15], [16], [17], [18], [19], [20].
In the current literature, many authentication schemes have been developed for secure communications in VANETs. However, the framework requires additional devices to maintain secret credentials for communications. If the adversaries capture the V i physically, they may quickly obtain the secret credentials stored on the V i . This paper introduces a blockchain-based physically secure and privacy-aware anonymous authentication scheme for Fog-Based VANETs to address the above-mentioned security threats. In the suggested framework, V i s are not required to store secret keys without sacrificing security requirements. Also, the physically unclonable functions provide lightweight mutual authentication and maintain the V s physical security. Further, the Blockchain is utilized to keep track of V i parameters, user authentication information, preserve the trustworthiness of the distributed untrusted VANET, and improve the scalability of the VANET during authentication [8], [9], [10], [11], [12], [13]. In the proposed system, authentication information is one of the indispensable parameters. Even without the service provider's intervention, the legitimacy of the V i s may be evaluated and validated using blockchains and a decentralized consensus process. Authentication data of a V i needs to be verified frequently.
The following are the important contributions of this research work.
• A blockchain-based physically secure and privacyaware authentication scheme to authenticate the validity of the V i user, the fog nodes are considered miners to authenticate the legitimacy of a V i user through the consensus process. Additionally, the Merkle Hash Tree MHT) is applied to realize the authentication data in real-time. Authentication data can be expanded to a newly added V i to improve the operability of the VANET.
• Develop a PUF-based privacy-preserving authentication scheme by the TA to authenticate the legitimacy of a V i before receiving services.
• In comparison to competitive schemes, our findings put forth the suggested scheme is more secure and computationally efficient. The remainder of this research work is organized as follows. Section II reviews important work and Section III discusses the preliminary work and system model. Section IV describes the proposed framework. Section V includes the proposed framework's formal security analysis. Section VI discusses the proposed scheme's performance efficiency. Section VII describes the concluding activities.

II. RELATED WORKS
To preserve the privacy of V i s while providing secure communications in VANETs, researchers have developed Public Key Infrastructure (PKI) based cryptography [14], [15], [16], authors suggested a PKI-based approach for conditional privacy preservation that leverages anonymous certificates. The TA generates keys and the appropriate anonymity certificate for V i s in their system. For each communication, the V i selects a key to sign the message. The verifier then executes message authentication using an anonymous certificate. The flaws in the approach are the V i s and TA must have the sufficient memory capacity to store all the key pairs and anonymous certificates. Further, the TA needs to spend the communication cost of 1.02543 megabytes to revoke a malicious V i [17].
Blockchain is being used in several sectors of VANET because of its unique characteristics like distribution, decentralization, tamper resistance, immutability, availability, transparency, and so on. One of the applications of blockchain is the storage and distribution of message and event information. In [12] authors use a consortium blockchain to store crucial information including vehicle position, direction, and location, as well as authentication information. In [13] authors use blockchain to store vehicle identification information as well as their current status. In [15] authors' new system with three components such as V i , routers, and control units to communicate the handover authentication information. The authors of [16] also implement blockchain to store authentication information and preserve vehicle privacy. Ali et al. proposed a system to assure vehicle integrity and trust, in which a blockchain is utilized to keep the identities of approved V i s and another to store the identities of unauthorized or revoked V i s [17]. Researchers in [18], and [19] suggested a privacy-preserving architecture with security mechanisms such as transparency, conditional secrecy, efficiency, and resilience. They stored the identities of certified and revoked V i s on two blockchains. A different blockchain is utilized to store the communications that are sent among V i s. Important event information, such as traffic violations and accidents, is kept in a blockchain by Zhang et al. for future inquiry [20]. They used fog nodes to handle a large amount of computing. In comparison to pairing-based bilinear methods, the communication and computation overhead is quite minimal. [21] is reliant on an ideal OBU installed in V i s. Because the attacker may launch a side-channel attack to obtain the system secret key recorded in the V i s OBU, the technique is difficult to ensure the security of the entire structure [22].
Al-Riyami et al. [23] developed a certificateless-based PKC technique to address the key escrow issue. The V i s private key is made up of PKG and the V i user. Even if an attacker collaborates with PKG, the entire V i s private key cannot be accessed; hence the key escrow problem is resolved. Gong et al. presented a certificateless pairing-based approach [24]. Zhang et al. [25] later revealed the shortcomings of Gong et al. A CL-based PKC technique without pairing-based bilinear was proposed by Gayathri et al. [26]. They stated that their technique increases authentication efficiency while lowering computational costs. But Liu et al. [27] demonstrated that the technique [26] has a major security flaw and that it is vulnerable to two types of assaults. They also stated that they presented a new scheme to avoid the program's security vulnerabilities [26]. Unfortunately, Zhan et al. [28] stated that the system developed in [27] is vulnerable to attacker-initiated forgery assaults. The CL-based PKC methods, however, are subject to public key replacement attacks due to the lack of authentication of public keys [29]. Because of their high computational, communication, and storage costs, anonymous authentication techniques are ineffective and unsuitable for real VANET systems [30], [31], [32], [33]. Furthermore, most existing anonymous authentication solutions did not focus on data integrity or V physical security. As a result, this study proposes a new blockchain-based physically safe, and privacy-sensitive anonymous authentication to suit these needs.

III. PRELIMINARIES AND SYSTEM MODEL
The theoretical foundations of crucial preliminary functions such as Blockchain, physically unclonable function, and reverse fuzzy extractor are discussed in this section. This section also outlines the proposed scheme's general system model.

A. BLOCKCHAIN
The Blockchain is a decentralized, immutable, and distributed network structure. The Blockchain can handle anonymous authentication issues easily with low computational costs [15], [16], [17], [18], [19], [20]. The interaction of service providers is avoided in the centralized structure. Instead, the decentralized framework is developed through peer-to-peer communication among end-users. Blockchain employs cryptographic principles such as timestamp, previous hash, root hash, nonce, and consensus algorithm to authenticate the trustworthiness of transactions in each node. As a result, the transaction data is verifiable, transparent, irrevocable, incontrovertible, tamper-proof, unchangeable, and traceable.
Blockchain technology uses one-way hash functions to maintain data integrity, link the previous block with the current block, calculate consensus, and so on. SHA-256 and RIPEMD160 are the most used cryptographic hash functions on the Blockchain.

B. PHYSICALLY UNCLONABLE FUNCTION (PUF)
The PUF is a microelectronic device that receives a sequence of inputs as a challenge (C) and responds with a series of outputs (R). The output of a PUF is obtained as R = PUF(C). The PUF delivers a unique output based on the device's physical structure and input. As a result, tampering with the device results in changes to the physical structure and output of the device. This functionality is used to provide physical security for PUF devices that are installed in remote locations. However, noise is the most significant issue with the PUF's response. To reduce noise in PUF responses while requiring less calculation time, a reverse fuzzy extractor technique has been developed. For example, if the PUF 1 is secure, then it must deliver dissimilar replies (R 1 , Similarly, for two different PUFs, say PUF 1 and PUF 2 , the imposed challenge C 1 yields two distinct responses as (R 1 , R 2 ∈ {0, 1} k ) with the least v 2 variation.

C. REVERSE FUZZY EXTRACTOR
It was created to deal with the noise in the PUF output and reduce computational costs. The resource-constrained edge devices use the FEGen technique to generate helper data efficiently. On the resource-rich verifier side, a computationally efficient FERep reproduction algorithm is used. However, anytime the PUF is queried, it should produce new helper data, and the verifier should update helper data in the database according to the PUF output. An edge device applies the received challenge and computes the response R = PUF(C). Subsequently, the helper data h = FEGen(R) is generated by a reverse fuzzy extractor. On the verifier side, the helper data and the received response are used to calculate the actual response R = FERep(R, h).  Table 1.

1) TRUSTED AUTHORITY (TA)
The main functions of this entity are system initialization, V i users' registration, public parameter generation, and secret credentials generation for the VANET users. The VANET users need to register with TA by submitting their unique credentials to access the services provided by VANET securely. After the successful user registration, VANET users will receive the secret credentials from the TA securely for further communication.

2) BLOCKCHAIN NETWORK (BN)
It allows for the storage of immutable, irrefutable, and verifiable data in the form of transactions, which make up a blockchain. To be more specific, we embed public keys within the transaction so that the cars can receive secret credentials from the blockchain rather than preloading all credentials in the OBUs. For our approach, we propose adopting a mature public blockchain (e.g., Ethereum) that anyone can join to maintain the blockchain. As previously stated, FNs joins this network as a full node, providing services (such as transaction retrieval and smart contract activation) to neighbouring V i s.

3) FOG NODE (FN)
It comprises data storage servers and wireless communication capabilities (e.g., roadside units), and it interacts with V i s within their range by a wireless channel, which is the DSRC. FNs are controlled by the TA, and the TA will verify all FNs periodically.

4) VEHICLE (V )
It has an OBU, which is incorporated with PUF. OBU's PUFs are impenetrable to an attacker. Furthermore, any such attempt will render the PUFs unusable [13], which the TA will be able to identify using our suggested authentication system.

IV. PROPOSED SCHEME
The suggested scheme consists of two phases such V i user's enrolment phase and authentication phase.

A. ENROLMENT PHASE
In this section, the V i users need to follow the following steps to enroll with TA by submitting their unique credentials. The sequence of the enrolment phase is illustrated in Fig 3. Step E1: The V i sends the enrolment request along with their unique identity Step E2: After receiving {UID V i , ER V i }, the TA generates the random challenge (X V i ) to authenticate the V i , and also, the TA generates the set of challenges as X syn V i = x 1 , x 2 , . . . , x n to avoid denial of service attacks and desynchronization problems. Next, the TA communicate Step E3: The V i applies its PUF to the received challenges and extracts the PUF output On the other hand, V i store AID V i value in its memory for generating a Short-Life session Key (SLK ) during the anonymous authentication phase.
Also, the FN i is required to register with the TA through offline mode by submitting its unique credentials. Further, the TA broadcasts the V i transaction details to all TAs by generating SLK among the TAs. After obtaining the information from local TA, all the TAs are engaged in solving puzzles. After solving puzzles, a certified AID V i is attached as a new block at the end of the blockchain network. Step A1: to identify the AID V i in its database, read the challenge-response pair (X V i , h V i ) from its memory, and verify the value of a . If verification is successful, then the FN i continue the authentication process. Next, the FN i generates the random nonce Step A3: Upon receiving Step A4: and check the value of c . If the verification is unsuccessful, the FN i terminate the authentication process. Otherwise, the FN i generates

and store the values
in its memory for future communication.

C. BLOCK CREATION AND VALIDATION PHASE
Block creation: Block creation initiated by FN i using the following procedure.
Step B1: The FN i receives the traffic-related data D i from V i and the FN i selects its AID FN i , generates the random nonce Block Validation: Newly added block is validated by using a smart contract. A smart contract is a piece of software or code that works autonomously on the blockchain. The smart contracts in Ethereum cannot be changed after they have been deployed because they are immutable. Additionally, Ethereum's smart contracts are decentralized since every node in the Ethereum network stores the same contract in the same state, and no one entity has control over the smart contract's state or execution.
The suggested work implements a smart contract with ''IF. . . THEN'' semantics that enables the cloud server to add the generated B i . The processing of the smart contracts as part of the block validation is described in Algorithm 1. Finally, the sequence diagram of the suggested scheme is shown in Fig 5.

V. SECURITY ANALYSIS
The proposed scheme's security strength is assessed in this section using formal and informal security analysis.

A. FORMAL SECURITY ANALYSIS
The suggested scheme's security is explicitly assessed using Burrows, Abadi, and Needham (BAN) logic. Its purpose is to detect security issues in the proposed framework. The postulates and assumptions are crucial to the rules of BAN logic.
The following are the BAN logic's postulates.
Message-meaning rule (R 1 ) : The proposed protocol's initial security assumptions are listed below.
The following specific goals must be met to prove the security strength of the proposed scheme, The following measures are used to ensure the anonymous authentication between V i and FN i with the help of the rules mentioned above and assumptions.
Based on assumption A 3 , the message-meaning rule R 1 along with measure M 1 can be used to derive the following measure M 2 .
The M 3 is obtained by using the assumption A 1 and freshness rule R 5 .
Based on the measures M 2 and M 3 , the Nonce-Verification rule R 3 can be used to derive the following measure M 4 .
According to the measure, M 4 and the assumptions A 1 , A 2 , , the freshness rule R 5 and the measure M 3 applies and obtains the following measure M 5 .
Jurisdiction rule R 4 applies and derives the following measures M 6 and M 7 according to M 5 and assumption A 7 .
The message-meaning rule R 2 uses the assumption A 6 and measure M 7 to derive the M 8 .
Furthermore, assumption A 2 and Freshness rule R 5 are used to obtain the following measure M 9 .
According to measures M 8 and M 9 , the nonce-verification rule R 3 applies and yields the following measure.
The following measure M 11 is obtained by using the Belief rule R 6 and the measure M 10 .
Jurisdiction rule R 4 applies the measure M 11 and assumption A 8 to obtain the following measure M 12 .
The above-discussed goals G 1 to G 4 ensure that the suggested scheme achieves anonymous authentication between V i and FN i .

B. FORMAL SECURITY VERIFICATION
The widely used Automated Validation of Internet Security Protocols and Applications (AVISPA) tool is used to simulate the suggested scheme for formal security verification to show that the suggested scheme withstands security attacks.
The suggested security algorithm is implemented in High-Level Protocols Specification Language (HLPSL), which is then converted into Intermediate Format (IF) using the HLPSL2IF convertor. The converted algorithm is given to one of the four backends (On-the-Fly Model Checker, Constraint-Logic based Attack Searcher, SAT-based Model-Checker, and Tree Automata-based protocol analyser) and generates Output Format (OF) which indicates whether the suggested algorithm is safe or unsafe against an opponent [35]. The OF consists of the following sections. • SUMMARY: It indicates if the suggested algorithm is safe or unsafe, or whether the analysis is inconclusive.
• DETAILS: It provides a thorough justification for why the suggested approach is safe, or why it is risky, or why the analysis is inconclusive.
• PROTOCOL: It provides the suggested algorithm's detailed HLPSL specification in an IF.
• GOAL: It describes the AVISPA tool's objective, which is to perform security verification of the suggested algorithm.
• BACKEND: It provides information about the name of the backend used for the security analysis of the suggested algorithm.
• STATISTICS & COMMENTS: This section provides a thorough analysis of the potential weakness in the intended protocols along with suggestions.
In the suggested scheme implementation, we have four fundamental roles and two composition roles. The basic role represents the suggested system entities such as Trusted Authority (TA), Blockchain Network (BN ), Fog Node (FN ), and Vehicles (V i ). The composition roles (session and goal & environment) are mandatory roles that include multiple scenarios using basic roles. The formal security verification of the suggested algorithm is performed using the widely used ''SPAN (Security Protocol ANimator for AVISPA)'' tool and the simulation results are obtained using the OFMC backend which is illustrated in Fig 6.

C. INFORMAL SECURITY ANALYSIS
The proposed framework's security strength is evaluated against a variety of security risks in this section.
It is tough for an A to find the values of a random nonce R FN i , R V i , and the helper data h V i . As a result, the suggested framework guarantees mutual authentication.

2) KNOWN SESSION KEY ATTACK
In this proposed scheme, if V i and FN i want to authenticate mutually, they need to calculate the short-life session key If an A wants to compute the SLK , then he/she needs to know the values of R FN i , R V i , h V i , and c. The random nonce values will change from time to time, and the h V i values are calculated based on the generated unique secret PUF response is computed using a random nonce, helper data, and PUF response. Hence, there is no connection between the SLK generation process. Even if any SLK is compromised by an A; it is not possible to compute the future SLKs, Because the compromised SLK will give zero knowledge about the future SLKs. Hence, the suggested scheme is resistant to the known session key attack.

3) REPLAY ATTACK
In this proposed work, the system entities will use values such as AID V i , R V i , and R FN i freshly for each session. Hence, an A cannot use the same value of AID V i , R V i , and R FN i during the authentication process. Also, the V i derives and store the values AID V i , (X V i , h V i )} in its memory for future communication. Hence, an A cannot perform the replay attack.

4) PHYSICAL ATTACK
Assume that vehicles are assigned to collect sensitive data from a specific area and share the information with the service provider. To preserve the confidentiality of collected information, it is encrypted and shared with other entities. Suppose A wants to execute the physical attack to damage the vehicle components to capture the collected sensitive information and stop the vehicle's movement. In that case, it will affect the behavior of the vehicle and the PUF. Hence, an A cannot get the desired response Y V i and it will lead to the termination of the authentication process. Furthermore, PUFs are resistant to cloning, and an A cannot reproduce PUFs attached to the vehicle.

5) ANONYMITY
In this proposed work, if the V i needs to send the collected information to FN i , then the V i needs to send its anonymous identity After receiving these values, the FN i identifies the AID V i in its database and read the stored random challenge, the corresponding helper data, and share {X V i , R * FN i , b} to the V i . By using the shared values, both V i and FN i compute the SLK . Even an A or FN i identifies the AID V i , he/she cannot identify the real identity of V i because the service provider assigns the AID V i after receiving the critical credentials from the V i . Also, the assigned AID V i is shared through a secure channel. Moreover, the AID V i value is updated as AID V i = H (AID V i Y V i ) and stored in both V i and FN i databases for further communication. Hence, it is tough for an A or FN i to identify the real identity of V i .

6) MESSAGE MODIFICATION ATTACK
In this research work, to preserve the data integrity, the hash value of the n − 1 block is linked to the hash value of n block, and the hash value of n block is linked to the hash value of n + 1 block. If an A tries to modify the message content, it leads to changes in the hash values of the connected block. Also, it will affect the entire blockchain network. Because the miners used proof of work to solve the challenge and add a new block to the blockchain network, any changes in any block will be reflected in the TA. Hence, the suggested scheme is resistant to message modification attacks.

VI. PERFORMANCE ANALYSIS
In this section, the performance efficiency of the proposed framework is assessed in terms of computational cost, communication cost, storage cost, and security capabilities.

A. COMPUTATIONAL COST
To calculate the computational cost, this work evaluates the total time required to complete the major cryptographic operations. The time necessary to execute major cryptographic operations such as modular multiplication, modular exponentiation, modular addition, hash operation, PUF operation, and reverse fuzzy extraction functions proposed in this study are denoted as T m , T e , T a , T h , T p , and T fe .
They are implemented on the laptop with an Intel Core i7 processor with 16-GB RAM and Java Cryptography Extension library to calculate the time required to execute the cryptographic operations. The time required to execute the cryptographic functions such as T m , T e , T a , T h , T p and T fe are calculated as 5.93ms, 4.26ms, 5.93ms, 1.6ms, 0.12ms, and 2.13ms, respectively. To perform the authentication process, the V i consumes 14.1ms to execute the cryptographic functions 6T h + 2T p + 2T fe ≈ 14.1ms. On the other hand, the FN i needs 36.05ms to execute the cryptographic operations 5T h +T fe ≈ 10.13ms. Totally, the proposed scheme consumes 24.23ms to execute the cryptographic functions during the authentication process. The computational cost of the suggested work is compared with the existing works such as [30], [31], [32], and [33] to ensure performance efficiency. The detailed computational cost analysis is recorded in Table 2.   [30], [31], [32], and [33] consume the computational cost of 106.48ms, 88.2ms, 26.85ms, and 51.73ms, respectively.

B. COMMUNICATION COST
This work considers the bit length of messages communicated between V i and FN i during the mutual authentication process to analyze the communication cost. The bit length of system entity identity, hash function, random nonce/number, and PUF challenge-response pair are considered as 160 bits, 160 bits, 128 bits, and 128 bits, respectively [34]. During the mutual authentication, the proposed work communicates the three

messages as {AID
, c} between V i and FN i and it consumes the communication cost of (160 + 128 + 160) + (128 + 128 + 160) + (128 + 128 + 160) = 1280 bits.  The proposed work communication cost is compared with the relevant competing schemes such as [30], [31], [32], and [33] to ensure performance efficiency, and it is presented in Table 3. From Table 3, it is evident that the suggested scheme consumes 1280 bits as a communication cost. In contrast, other related competitive schemes such as [30], [31], [32], and [33] consume 2528 bits, 4256 bits, 7328 bits, and 1696 bits, correspondingly. Fig 8 compares the communication cost of the suggested framework with relevant competing methods.

C. STORAGE COST
This work considers the V i s memory requirement to analyze the storage cost. The proposed work is compared with the relevant existing works such as [30], [31], [32], and [33] to analyze the storage cost. In the proposed work, the V i needs to store only AID V i for the mutual authentication process, and it requires 128 + (128n) bits as a storage cost. In contrast, other relevant competitive schemes such as [30], [31], [32], and [33] need storage of 1600 bits, 576n bits, 2368 bits, and 480 + (m + 1)log 2 (p) bits, respectively. Table 4 indicates the storage cost of the suggested scheme and other relevant work under consideration. The proposed work requires less storage cost to perform the mutual authentication. Whereas other relevant schemes under consideration require more storage costs. Table 5 lists the security aspects offered by the proposed work and various competing frameworks. In Table 5, the symbol ' ' denotes that the proposed work and other related schemes under consideration support the listed security features. The symbol '×' represents the suggested framework and the other related competing methods do not support the listed security features. Table 5 verifies that all the security features specified are supported by the suggested work. The scheme [30] does not provide physical security and session key agreement. The scheme introduced in [31] does not provide user anonymity and physical security. The scheme proposed in [32] supports mutual authentication, anonymity, modification attacks, and replay attacks. The scheme [33] does not provide session key agreement and physical security.

E. PERFORMANCE EVALUATION OF BLOCKCHAIN-BASED SYSTEM
To authenticate the proposed system security performance, an extensive simulation was conducted using Python, including 30 consensus nodes and 18 difficulty bits. For statistical validation, each simulation was conducted for 50 rounds, and the results are given in Fig 9. Fig 9a shows that a new block's average confirmation time is considerably affected by its confirmation number. The greater the block confirmation number, the higher the system security performance, and the longer the average block confirmation time, implying a balance between time efficiency and system security in a blockchain-based system. The result shows that a higher number of confirmations to a new block reduces the security risk of tampering assaults in blockchain, as seen in Fig 9b, where the probability of blockchain tampering decreases almost exponentially as the average confirmation time grows. When the confirmation ratio is 8130, the probability of tampering is approximately 79 percent; when the confirmation ratio is 20/30, the tampering risk is reduced to only about 15 percent; and when the confirmation ratio is greater than 28/30, the tampering probability gradually decreases to zero, allowing the system to have absolute antitampering power.

VII. CONCLUSION
In summary, we developed a blockchain-based physically secure and privacy-aware authentication scheme to provide secure communication in fog-based VANETs. FN i can anonymously authenticate V i using lightweight cryptographic functions such as PUFs, hash functions, reverse fuzzy extractor, and EX-OR operations. Further, the blockchain network supports message integrity during communication and avoids message modification attacks. The security analysis section ensures the strength of the suggested framework against various security threats. The performance efficiency of the suggested work is compared with relevant competitive schemes, and it exhibits that the proposed work is efficient than the conventional schemes in terms of computational cost, communication cost, storage cost, and it provides essential security features. As a result, it is best suited for real-time applications.
ARUN SEKAR RAJASEKARAN received the bachelor's degree in electronics and communication engineering from the Sri Ramakrishna Engineering College, in 2008, and the master's degree in VLSI design, in 2013, and the Doctor of Philosophy degree in low power VLSI design from Anna University, Chennai, in 2019. He is currently working as an Associate Professor with the Department of Electronics and Communication Engineering, KPR Institute of Engineering and Technology, Coimbatore, Tamil Nadu. He has nearly 13 years of teaching experience. He has published more than 27 papers in international conferences and 25 reputed indexed journals, such as IEEE TRANSACTIONS ON  He is also the Head of the Department of Artificial Intelligence Engineering, and a leading authority in the areas of smart/intelligent IoT systems, wireless, and mobile networks architectures, protocols and performance evaluation in Artificial Intelligence of Things (AIoT). His publication history spans over 350 SCI/E publications, in addition to numerous keynotes and plenary talks at flagship venues. He has authored and edited more than 40 books about cognition, security, and wireless sensor networks deployments in smart IoT environments, which have been published by wellreputed publishers, such as Taylor & Francis, Elsevier, IET, and Springer. He has received several recognitions and best papers awards at top international conferences. He also received the prestigious Best Research Paper Award from Computer Communications journal (Elsevier) for the period 2015-2018, in addition to the Top Researcher Award for 2018 at Antalya Bilim University, Turkey. He has led a number of international symposia and workshops in flagship communication society conferences. He also serves as a Book Series Editor and the Lead Guest/Associate Editor for several top tier journals, including the IEEE COMMUNICATIONS SURVEYS AND TUTORIALS (IF 23.9) and the Sustainable Cities and Society (Elsevier) (IF 5.7), in addition to organizing international conferences and symposiums on the most up to date research topics in AI and the IoT.
MAHESH GOPAL received the bachelor's degree from the Department of Mechanical Engineering,