Anonymous Key-Agreement Protocol for V2G Environment Within Social Internet of Vehicles

The blend of Internet of Things (IoT) and social networking has introduced the emerging notion of social Internet of Things, which is bringing advancements in the operation of concerned industries. There are various prevailing applications of social internet of things; smart grid is one of them. The smart grid is considered as economical robust and intuitive replacement of the conventional grid. However, smart grid experiences two significant challenges, i.e. privacy and security. This article is dedicated to resolve the privacy and security concerns for the vehicle to grid networks to facilitate their large-scale integration with smart grids. As anticipation, a vigorous key agreement protocol is introduced to achieve mutual authentication with an aided feature of user anonymity. Moreover, efficiency in terms of computation, communication and storage needs to be taken care for resource-constrained infrastructure like vehicle to grid network. We have introduced a lightweight key agreement protocol using lightweight cryptographic operations such as exclusive-OR and hash etc. This protocol is validated through a formal security model. An informal security analysis is also elaborated to present the security strength of our protocol against well-known attacks. Furthermore, we have implemented all the cryptographic operations used at trusted agent’s side on a desktop system, while the operations used at battery vehicle unit’s side are implemented on an Arduino to get the experimental results. In the end, we have presented a performance analysis to compare the performance of our protocol with related ones. This comparison highlights that our protocol is not only lightweight but also efficient in terms of communication and storage cost of related protocols.


I. INTRODUCTION
Today is the era of social networking, which has become dominant globally over the internet. As a result, social networking is playing a vital role in different fields of the technological industries. An amalgamation of social networking and the Internet of Things (IoT) [1], [2], has emerged as an idea of Social Internet of Things (SIoT) [3], [4], which highlights the socialisation of IoT objects. SIoT objects have freedom of communication with each other independently and autonomously to exchange information with users and connected devices. To establish SIoT for diverse industries, varying from smart city to smart industries, a well-planned system can be proposed precisely for SIoT.
The associate editor coordinating the review of this manuscript and approving it for publication was Shadi Aljawarneh .
SIoT has many applications such as healthcare, transport, smart grid, smart cities, smart homes and smart industries. Indeed, it is the evolution of SIoT that has integrated the transport system with smart grid and introduced a new infrastructure known as Vehicle-to-Grid (V2G). Since intelligence is the key in designing advanced transport systems. Future generation transport system intends an intuitive and intelligent use of vehicles, roads and gird to bring more hassle-free quality service for society. SIoT enables V2G through vehicles, RoadSide Units (RSUs) and smart grid infrastructure to maintain and manipulate the electric charge of the vehicles.
In the Internet of Vehicles environment, each vehicle is considered as smart object that is equipped with computation units, internet connectivity to connect other vehicles either directly or indirectly and powerful multiple sensors. In addition, a vehicle in IoV is visualized with a multi-communication model, facilitating the interactions VOLUME 8, 2020 This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/ among inter-vehicles, intra-vehicle parts, vehicles-to-human and vehicle-to-infrastructure. IoV allows the acquisition and process of huge amount of raw-data from different geographical locations via smart vehicles computing platforms, to supply numerous features of services for road safety and different type of assistance to drivers and passengers.
In conventional social network the information is usually shared through the nodes. Similarly, the social features are exhibited, as the vehicles communicate with different entities in IoV. In other words, the social internet of vehicles (SIoV) is a class of ephemeral socially-awared networks in which different entities exchange the information with vehicular nodes, that is why it can be compared with conventional social network. With the addition of constant connectivity and socialising aspect, the SIoV has evolved vehicular ad-hoc networks (VANETs) and intelligent transport system (ITS) to the next stage of intelligence. Furthermore, the emergence of 5G technology helps to access the internet services at anywhere and anytime. Additionally, profiles history, hobbies and driver's social interaction can be used to estimate mobility patterns. So, a possible event can be triggered by the SIoV system which would be helpful for the authentication of the situation and in case of stolen vehicle, it sends the alert to owner of vehicle in the form of text. It is quite possible to inject false alarms. However, this issue requires more insights. The architecture view of SIoV is shown in Figure 1. The Figure 1 clearly shows that a vehicle will interact with the road side units and that information will be shared among the social networks.
The smart grid is considered as economical, intuitive and capable application of SIoT. An electricity grid that is capable of observing and controlling every subscribed user and grid node so that the stream of information and electricity can be guaranteed in both directions between all connected nodes is termed as a smart grid. A V2G [5], [6] network depends upon electrical energy that can be stored in the battery of electric vehicles (EVs) or plug-in hybrid electric vehicles that offers backup for the uninterrupted operation of the smart grid. More precisely, the smart grid works on three assumptions for electric vehicles. The V2G network model is shown in Figure 2. The fundamental role of V2G is to govern exchanges between the power grids and EVs to exploit storage ability of EVs. The energy stored in various EVs can offer a reservoir for power grids and sustainable power resources. It is observed that the rate of consumption of energy in a day is only about 10 percent of the total potential of EVs, and they remain inactive roughly about 90 percent of the time. During the idle period, we can maximize the EV battery usage while accessing the grid to overcome the load on the owner. In other words, EVs cannot only contribute energy towards the grid in case of high demand but can also be utilised to store surplus energy produced by the grid to avoid energy wastage.
If we talk about economic and nature-friendly solutions (e.g. preserving wind or solar energy and managing the electric power) for smart grids, V2G networks have feasible utility with a flourishing destiny. However, security and privacy are the two main concerns that are considered before establishing V2G systems. Hence, the following issues should be taken into account: (i) Mutual authentication between EVs and Aggregator(AGT): It implies that both of the nodes during communication has to verify the identity of each other [7], [8]. It is the fundamental need of a key agreement protocol. In a V2G network, the AGT acts as a mediator between EVs and the power grid on which the transmission is based. Thus, mutual validation between EVs and the AGT is utmost in V2G systems.(ii) Confidentiality of the Interchanged Data: Confidentiality infers that the shared information must be understandable just by the receiver. In other words, attackers and illegal users should not get insight into the data. The process of gathering information like monitoring of data and storage capacity of EVs is the key responsibility of AGT. So, few vital steps are needed to be taken to ensure the confidentiality of the communication to keep sensitive information private. (iii) Privacy of the respective EV Owner: Identification of the EV owner (EVO) and the location of EVs are two significant factors of privacy in V2G networks. EVs will be used by every single person in the future. However, if there is no guarantee of confidentiality, numerous future owners will hesitate to engage in V2G networks [9]- [12].
Hence, In order to control the issues acknowledged above, V2G systems need a robust and feasible solution.

A. MOTIVATION AND CONTRIBUTION
Due to the dynamic nature of SIoV, the challenge of securing the data is provoked. The urgent need for addressing these critical aspects enforces us to design an anonymous key agreement authentication protocol. This protocol helps to secure the data generated by the SIoV regarding passengers, vehicles, drivers and the surrounding environment. The designed protocol makes the communication secure among different entities. In V2G environment within social internet of vehicles, a battery vehicle user BVU whenever wants to communicate with trusted agent T A, it should register itself with T A. Afterwards, both BVU and T A can communicate with each other by transmitting messages. The problem in this scenario is that an adversary A can intercept, modify and delete the messages transmitted over the insecure channel. So, in this article, we have designed an anonymous key-agreement protocol to make the communication secure between BVU and T A. Our proposed protocol ensures the integrity of transmitted messages and provides mutual authentication between BVU and T A to ensure the legitimacy of BVU and T A.

B. ADVERSARY MODEL
The familiar security model described in this paper. The subsequent concerns are followed as per the experience of the adversary A: 1) A has full control over the public communication channel. 2) A is expert to eliminate, rerun, interrupt, amend or can send a new modified or same message.

3)
A can excerpt all the information stored in smart-card by power analysis. 4) A can be the service provider, intruder or deceitful user of the system. 5) Insiders are well aware from the identities of all communicants. 6) The T A is assumed secure so A can not launch attack on it directly.

C. PAPER ORGANIZATION
The remainder of this article is sorted out as follows: In section II, a literature review of various authentication protocols is presented. The proposed scheme is discussed in section III. Later in section IV, the informal and formal security analysis of the proposed protocol is presented. The performance analysis of the proposed protocol with respect to the related protocols is highlighted in section V. At last, we conclude our discussion and summarise it in section VI.

II. RELATED WORK
The concept of V2G network was proposed by Kempton and Tomic [13] in 2004, but the research on V2G systems today is still in its early stages. Various researchers have committed themselves to the design of V2G networks; however, most of them [14]- [23] are limited to the conceptual issues related to the construction of V2G networks. Since V2G networks have emerged recently and got serious attention by the researchers on various related topics such as: its architecture, components integration and deployment etc. The deployment of V2G network poses many challenges where privacy and security preservation is one of them. The privacy and security provision techniques are initially investigated in 2011. Stegelmann and Kesdogan [24] gave an insight about secrecy, security and privacy of the location. Their study is considered as ground-breaking work to deal with the issues in V2G network. Afterwards, a solution is provided to improve the location privacy of EVs. This solution provided a mechanism to make EVs acceptable for people in order to preserve the EV location. After that, a strong authentication procedure for privacy-preserving is suggested by Nicanfar et al. [25]. This article attempted to recognise possible security issues and to achieve great security of consumer protection. Rottondi et al. [26] in 2014, proposed a V2G framework that has a concentration on protecting privacy. The studies in [15], [24]- [33] have the intention related to deal the confidentiality and security for V2G networks. However, more complicated technique and equipment is required that should be effective enough to handle a vast range of challenges in the deployment of V2G network on a largerscale. Authentication feature is the essential need of V2G networks. For a safe IoT system, an RFID authentication protocol [34] provides strong privacy and security. Although this protocol provides the solution for the problem of authentication, even then it does not provide either any technique or mechanism for secure communication. The second feature that plays a vital role in the widespread deployment of V2G networks is a secure connection. Thus, the required ability of the connection should be kept in mind and addressed while developing new technology.
A safe communication architecture that uses a blind signature technique to ensure security and confidentiality over communication channels is proposed by Yang et al. [35]. Yang et al.'s scheme does not provide the facility of inheriting key escrow used in identity-based public key cryptography. Furthermore, Turkanovic et al. [36] presented a new user verification system that empowers a client's negotiation over a session key securely using a general sensor node. Somehow, this article [36] encouraged us to explore a secure communication structure for V2G networks. V2G networks are exposed to possible attacks, so this protocol is unable to provide the required security. The article [36] also neglects to guard the privacy of the owner and EV because concealed identity is assigned after registration and is carried out throughout the protocol. Elliptical curve cryptography is applied in order to provide advanced security performance [37]. Afterwards, Wang et al. [38] proposed a practical privacy-preserving scheme. The proposed scheme can ensure a secure connection and preserve the privacy in V2G networks by forcing bilinear pairings and limiting partially blind signatures. However, forcing the bilinear pairing process requires high computational costs, which results in the increment of load on V2G networks. The articles [39]- [41] presented the lightweight key agreement authentication protocols. However, the protocols [39] and [40] provide the informal approach to security analysis, whereas the protocol [41] focuses on conceptual matters related to a physical and structural layer of V2G systems. Hence, V2G still needs a heuristic system that does not just provide robust proficiency and preserve privacy but can also withstand various kinds of attacks. In this article, we present a key agreement protocol for V2G networks that is validated formally and informally and proved secure against various well known attacks. The system model of our proposed protocol is shown in Figure 3.

III. PROPOSED SCHEME
The description of proposed scheme is presented in this section. The proposed protocol consists on four main phases named as system initialization phase, registration phase, login phase and authentication phase. The details of these four phases are described in below subsections.

A. SYSTEM INITIALIZATION PHASE
System initialization is first step in the V2G network in order to register the BV s in the network. Each BVU must register his BV with the trusted agent T A. For the sake of initialization the V2G authentication system, Trusted agent T A selects and initializes some parameters as follows: It chooses an arbitrary length value s ∈ F P as secret key of local aggregator LAG and allocates X = sP as its public key. Later, (s, X) key pair is maintained as LAG s database.

B. REGISTRATION PHASE
Step S1: The BVU i selects ID i along with PW i and provides his biometric feature B i . Then BVU i calculates Step S3: After receiving the Smart-Card having values

C. LOGIN AND AUTHENTICATION PHASE
Step S1: BVU i enters his registered ID i , PW i and his biometric feature or not. If this check fails then the session will be aborted, otherwise BVU i chooses a random number a i . Furthermore BVU i computes the values E = a i X = a i sP and Step S2: The trusted agent T A checks the freshness of time T R − T 1 ≤ T after receiving the request message containing {PID i , E, F, T 1 }. The session will be aborted if time stamp is not fresh, otherwise T A computes a i P = s −1 E. The trusted agent T A then computes F = h(h(PID i s) a i P T 1 ) and checks that Step S3: When challenge message is received from T A containing {G, H , T 2 } the BVU i checks the freshness of time T R − T 2 ≤ T . The session will be aborted in case if time stamp is not fresh, otherwise BVU i computes the values b l P = G⊕a i P, K = b l a i P and H = h(D i ⊕PW i ⊕ H (B i ) a i P b l P K T 2 )). After the computation of these values BVU i computes the session key SK = (K D i ⊕ PW i ⊕ H (B i )). This is how session key K = a i b l P is being shared between BVU i and T A.

IV. SECURITY ANALYSIS
In this section, security analysis of presented protocol have been described. Formal and informal security analysis ensures the security, shows the invincibility and robustness of presented protocol against various known attacks. It has also been cleared that the presented protocol's security remains intent in different circumstances. Below subsections contains the details security analysis:

A. INFORMAL SECURITY ANALYSIS
The correctness and security of proposed protocol against various attacks is analyzed in this section. These security analysis claims the inviolability of proposed protocol against various possible attacks that are defined in following subsections.

1) MUTUAL AUTHENTICATION
The trusted agent T A authenticates the BVU i by checking , Adversary needs to calculate (PID i s) to pass this test but it requires secret key s of LAG. This is how proposed protocol ensures the mutual authentication between BVU i and T A.

2) ANONYMITY AND PRIVACY
While making an authentication protocol, anonymity and privacy are considered as key parameters. User's secret parameters and information like moving history, location, social circle and priorities etc can be accessed by an adversary if anonymity is revealed to any adversary. In registration phase of proposed protocol BVU i computes PID i = h(r i ID i ) by performing hash function on the concatenated values of a random number r i and ID i . In request message {PID i , E, F, T 1 } the pseudo identity PID i of BVU i is transmitted to trusted agent instead of ID i . While, a new pseudo identity PID i is generated during each successful authentication session. Moreover, a session specific random number a i is generated by BVU i that disable an adversary to determine that either two specific sessions have been initiated by same or different battery vehicle user. So, our protocol provides privacy and anonymity of each battery vehicle user BVU i .

3) IMPERSONATION ATTACK
If A wants to impersonate as a legtimate battery vehicle user BVU i of system then he must have to make an authentic and legal login message. In order to produce valid login message adversary needs to calculate valid E = a i X = a i sP and

5) DESYNCHRONIZATION ATTACK
Desynchronization attack means that a message that has been sent to update the trusted agent T A can be blocked by an adversary. However, in proposed protocol all the messages that are being exchanged between BVU i and T A are mutually authenticated in each round. That's why an adversary cannot impersonates the mutual authentication easily. It is might possible that the both BVU i and T A out of synchronization but still BVU i can authenticate T A and vice versa.

message received from T A by performing check T R − T 2 ≤
T . That's why adversary will not be able to replay the intercepted message. It is ensured that the proposed protocol makes the replay attack null and void.

7) PRIVILEGED INSIDER ATTACK
No verifier table has been established in proposed scheme as well as trusted agent T A does not maintain any parameters related with the password PW i of battery vehicle user BVU i . Furthermore, BVU i does not leaks or exposes his password PW i by forwarding it in plain text. So, no one who is part of system will be able to guess or misuse the password PW i of any BVU i . Similarly, password PW i of any battery vehicle user BVU i is not transmitted directly in plain text. So, in proposed scheme password guessing attack is not possible in polynomial time.

9) SMART-CARD STOLEN ATTACK
Suppose A gets the smart-card of an innocent battery vehicle user in some way and retrieves the values C i = h(PID PB i ), D i = PB i ⊕ h(PID i s) and X = sP stored in smartcard. Still then in order to know the secret information and parameters adversary A requires PW i . So, adversary A is still unable to take any advantage from stealing the smart-card of BVU i . Perfect forward secrecy ensures that even if long term private key, password of any participant or session key is exposed even then the secrecy of previous session keys remains secure. In our presented protocol, every shared key K = b l a i P holds the session specific random numbers b l and a i respectively generated by trusted agent T A and battery vehicle user BVU i . Similarly, random PID i is generated for each specific session. So, if password, shared key or long term private key is leaked even then previous session keys can not be computed and compromised.

B. FORMAL SECURITY
In this section the detailed formal security analysis of proposed protocol are presented. By using the Random oracle model, the security of proposed protocol is proved in this section. It is started using assumptions that have been used in proofs and formal security model.

1) SECURITY MODEL
We have started with the usage of security model for the sake of verifying our presented protocol against various known attacks. The selected model is illustrated below.
Communicants: A network with huge number of communicants is being executed in a verification scheme . Each communicant in network can be a trusted server TA∈TA or a battery vehicle user BVU∈BVU . It is quite possible that different entries of every participant can behave as oracle and every oracle is concerned in distinct execution of . Associating to BVU s i th occurance (resp.TA) in particular session as i BVU (resp. T A BVU ). i BVU (resp. T A BVU ) is linked with ID and PID i (resp. PID TA BVU ) with session ID PID i BVU (resp. PID TA BVU ) and shared key K = b l a i P (resp. PID TA BVU ) where PID i BVU (resp. PID T A BVU ) displays the set of communicated identities in proposed instances while PID T A BVU (resp. PID i T A ) indicates the flow that have forwarded and received by i BVU (resp. i T A ). i BVU (resp. i T A ) is supposed to be approved. If it holds session key SK (resp. SK ). The all variables PID i

Long-lived key:
Every BVU∈BVU contains a specific password PW i and every TA∈TA holds a unique vectorPW i with each related entry to every user.
Adversary model: It has been supposed that A can easily holds and controls the channel. A can make a plan and initiates the sessions between battery vehicle user and trusted agent. Adversary A can execute following queries in ascending or descending order.
• Execute( i BVU , i T A ) Adversary A can make the passive attacks easily with the usage of this query. In order to deceive the battery vehicle user and trusted agent, A can execute this query on the legal execution between i BVU and i T A . This query shows the shared messages among the participants.
• SendClient( i BVU ,message) Adversary A can make the active attacks easily by possessing the channel by using this query, which actually means that A can intercept the transmitted message, update it and generates a new message or send the same message to i BVU . This query can also be used to show the message to i BVU on receiving message message.
• SendServer( i T A ,message) An adversary A can easily execute an active attack with the help of this query against an TA∈TA. A can use this query to intercept the message produced by i T A on the receiving of message message.
• Reveal ( i BVU ) An adversary A can intercept the SK of i BVU by using Reveal query. • Corrupt (BVU) Long lived key of participant BVU can be showed by using this query.
• Test ( i BVU ) In order to fresh oracle one query can be executed by A. This query always response in a randomly choosen bit b∈ {0, 1}, if b=0 then random value is returned back otherwise the session key of i BVU is returned. Fresh oracle: Here are to conditions to claim that an oracle i BVU is fresh (1) i BVU has approved to be accepted (2) Reveal query is not revealed by i BVU or any of the companions when it has been approved.
Protocol security: By using a game GM ( , A) the security of can be illustrated. In the simulation period of game GM , An adversary A can run some of of predefined queries to i BVU and i T A . If an adversary A claims that a Test query ( i BVU ) and ( i T A ) is accepted as well as its new. Then A shows a bit b'. A tries to guess b successfully. The advantage of A is as follow: is supposed to be secure if Advtg ,UD (A) can be ignored.

2) SECURITY PROOF
Theorem 1: UD has been described as Uniform dictionary or Uniformly distributed dictionary of entire set of passwords which have capacity of |UD| and demonstrates the enhanced protocol. If it is supposed that one way hash is defined as oracle. Then, where q send indicates all Send queries, q execute indicates all Execute queries and q h shows all hash queries. Proof 1: This proof contains a game fusion that has started with S0 and terminated on S3, While A has not any advantage. For every S x (0 ≤ x ≤ 3). Succeed x is described as a different task that A guess b successfully for different test sessions. VOLUME 8, 2020 GM S0: Every TA∈TA and BVU∈BVU is executed within random oracle in this game. By using the purpose of said task Succeed x that shows that an adversary guesses b successfully with the usage of Test Query, we acquired: GM S1: In this game ROM h makes a list h List where all the tuples in h List are in the format of (OP,IP). S1 shows OP. If and only if a row (OP,IP) displays in h List . Else, randomly choosen IP∈ {1, 0} is transmots to adversary and contains fresh record (OP,IP) in hash list. All the server and the client entities are executed for Send, Execute, SendServer, SendClient, Corrupt, Reveal, Test queries. Its justifiable that this game is safe and secure against various known attacks.
GM S2: All executions of oracle are included in this game as we have already discussed in S1. Moreover, this game is being rejected on the ocurence of collision between small transcripts T A, values of hash h and LAG. The maximum probability of collision in output of transcripts by showing the paradox is (q send + q execute ) 2 /2 length+1 , where h is the chance of highest possible number of hashed query. Likely, in output of all hashed oracles the highest chances of collision are q 2 h /2 length+1 , where q send is the highest posible number of queries that can be transmit to ROM. The possible maximum number of queries to be Send to ROM is q execute and length shows the length of bits of random numbers and the output of hash functions, at the end we achieved: GM S3: This game holds thr execution of entire queries to SendClient ROM have been modified for chosen sessions in S2. The calculation of SK is changed to make it independent from all relevant keys and password. When we Send SK = (K h(PID i s)) as well as where B i is the biometric impairment and K is shared. The two possible cases where S2 and S3 are quite different are given below:   Table 2 presents the security features comparison of proposed protocol and related protocols [1], [36], [37], [42]. It is quite clear that proposed protocol offers additional security features like it ensures smart card stolen attack, desynchronization attack, replay attack and password guessing attack resilience. Our presented protocol provides privacy and anonymity of battery vehicle user BVU. As per literature any protocol can provide privacy and anonymity, if two conditions are being satisfied, namely: (i) if identity of the client is not revealed and (ii) if it is not known that two unique sessions have been initiated either by different or same client at same time. The presented protocol satisfies both of the conditions as it does not reveals the identity of the client during message transmission between participants. Moreover, it is not easily possible for any adversary A to discriminate two specific initiated sessions from same user. It is possible due to the fact that we have utilized the session specific parameters to compute the pseudo identity to assure the anonymity of battery vehicle users. Therefore, it can be clearly seen in Table 2 that related protocols have flaws in security as compared to proposed protocol.

V. PERFORMANCE ANALYSIS
The performance of presented authentication scheme has been observed in this section. All the cryptographic operations used in the protocol such as T ( enc/dec), T M , T h(.) , T , T ⊕ have been implemented on a system having specifications described in the Table 3. The cryptographic operations such as T ( enc/dec), T M , T h(.) , T , T ⊕ used in Battery Vehicle User have been implemented using Arduino. The specifications of Arduino have been given in Table 4. This authentication    Table 5 shows the communication, storage and computation cost of the presented protocol and related protocols [1], [36], [37], [42].   Figure 5 shows the detailed comparison between number of authenticators and verification time. The proposed and related protocols are labeled horizontally while, computation time (in ms) of protocols is drawn vertically on the graph. Furthermore Figure 5 shows if multiple users are authenticated then what will be the verification cost of proposed and related protocols. It is clear that the computation cost of proposed protocol is less than some of the other related protocols.
For determination of storage and communication costs, the following assumptions have been considered: 160 bits are reserved for random numbers, password, identity and time stamps respectively, 256 bits are reserved for hash function and 512 bits for decryption and encryption [43]. Using these assumptions all the calculations are given in Table 5 in terms  of computation, storage and computation cost for our and related protocols [1], [36], [37], [42].
The communication and storage cost comparison of proposed and related protocols is highlighted in Figure 6. Proposed and related protocols are labeled horizontally in graph, while number of bits needed for communication and storage are labeled vertically on the graph. It is obvious that the proposed protocol takes less number of bits for communication while slightly takes more bits for storage as compared to some of the related protocols. It indicates the trade off between performance and security as even our protocol takes few extra bits for storage as compared to related protocols but it provides better security features.
At last, after analyzing Table 2 and Table 5 it can be claimed that even the storage cost of our presented protocol is little bit higher than few of the related protocols but it takes far less communication and computation time as well as provides more security features than the related protocols.

VI. CONCLUSION
In this paper, we have observed and discussed that the SIoV is generating a considerable amount of data endowed with context and social relationship information regarding passengers, vehicles, drivers and the nearby environment. The entire data is gathered and kept at different layers of SIoV infrastructure. In SIoV, the frequent exchange of data and mobility of the interacting vehicles make it a more hostile environment for securing the transfer of data. So, we presented an anonymous key agreement authentication protocol which helps to secure the data generated by the SIoVs regarding passengers, vehicles, drivers and the surrounding environment. The designed protocol makes the communication secure among different entities. In the proposed protocol, we aim to confront the dark side of smart grids, mainly privacy and security-related issues. In particular, a session key is used to guarantee the safety over communication channels among both the parties. We have analyzed the proposed protocol formally and informally to determine its security strength. In order to ensure the validation related to efficiency and security, we present a detailed comparison between the proposed and related protocols. It is clear that the proposed protocol is more secure against various attacks and has some additional security features as compared to related protocols. Furthermore, the performance analysis reveals that our protocol is more efficient in terms of communication, computation and storage overhead. Therefore, we can claim that the proposed protocol is appropriate and feasible for resource constrained environment.