Blockchain-Based Key Management and Green Routing Scheme for Vehicular Named Data Networking

Due to the distributed and dynamic characteristics of the Internet of Vehicles (IoV) and the continuous growth in the number of devices, content-centric decentralized vehicular named data networking (VNDN) has become more suitable for content-oriented applications in IoV. However, the existing centralized architecture is prone to the failure of single points, which results in trust problems in key verification between cross-domain nodes and consuming more power and reducing the lifetime. Focusing on secure key management and power-efficient routing, this article proposes a blockchain-based key management and green routing scheme for VNDN. A blockchain-based key management scheme is presented to achieve secure and efficient distribution and verification of keys. Specifically, all trusted agencies (TAs) form a consortium blockchain for storing public key hashes to ensure the authenticity of users’ public keys. A green global routing scheme based on node relaying pressure (GGNRP) is proposed to save power consumption and reduce the forwarding delay. A new node relay pressure metric is introduced to assist with routing decisions. Detailed experiments and analysis show that, compared with the existing scheme, the proposed scheme can achieve secure key management and GGNRP can decrease the power consumption and average delay by 15.8% and 63.2%, respectively.


Introduction
Internet of Vehicles (IoV) is the backbone network of future intelligent transportation systems, and it promises to improve overall traffic efficiency and road safety by enabling the interaction of recreational and safety information through vehicle-to-everything (V2X) communication [1]. To date, vehicles in IoV have relied on IP addresses to find terminals and establish end-to-end communication, regardless of the type of application [2]. Due to the distributed operation, limited bandwidth, and high-speed mobility of nodes and the dynamic network topology of IoV, it is difficult for IoV spread false information to cause traffic congestion or accidents [10]. erefore, consumers in IoV should care not only about the sender of the data request but also about the producer of the data packet. e packet must be published by an authenticated producer and be unable to be modified by other producers.
To verify the producer's identity information and data integrity, the producer should sign the content so that the name can be effectively and safely bound to the data. In this way, consumers and routers can verify the signature and determine the source of the data, which allows consumers to trust the received data packets. Most existing NDNs use a hierarchical key trust model [11], in which the root key is used as a well-known trust anchor to provide a digital signature on the domain secret key. e key of each domain digitally signs the public key of the user in the domain, and then the user key signs the public key of its device and application. To verify the authenticity of the public key, one can retrieve the secret key chain using the key name. In principle, this method avoids the generation of false messages, but in the application of IoV, there are still some challenges [12]: (1) as a centralized service centre, the root key may be subject to attacks and tampering, which can lead to a single point of failure. Especially in the case of crossdomain key verification, since each domain is relatively independent, it is difficult for each domain to verify the authenticity of the keys issued by the other domains without a trust anchor; (2) since verification needs to traverse the secret key chain, the process of retrieval and verification requires considerable additional overhead, which cannot meet the low-delay requirements of IoV.
On the other hand, the successful implementation of IoV requires a large number of wireless sensors to form a wireless sensor network (WSN) for efficient and fast information transfer. However, the sensors have limited energy and cannot be recharged once they are deployed [13,14]. e higher the energy efficiency is, the longer the running time of WSN is. e research results show that communication consumes the most energy among many factors that consume energy in WSN [15]. While routing determines the forwarding path between the sender and receiver, effective routing minimizes the communication cost and maximizes the survival time of the wireless sensor network.
In recent years, blockchain technology has been widely used in different fields, such as public key infrastructure (PKI), domain name server (DNS), and IoV [16]. Blockchain ensures that data can be tracked and cannot be easily tampered with through distributed data storage and consensus mechanisms, which guarantees the integrity and authenticity of the participating nodes. To improve the information transmission of blockchain nodes, the combination scheme of blockchain and VNDN was proposed [17]. erefore, this article proposes a blockchain-based key management and green routing scheme for VNDN, which aims to achieve safe and reliable VNDN key authentication and management while maximizing the use time of wireless sensors. First, a blockchain-based key management scheme is designed to set the management node of each domain as a blockchain node and use blockchain to manage the public keys of different domains to avoid network paralysis due to the failure of a single point. Second, to prevent the premature death of nodes close to the base station (BS) and prolong the survival time of sensors, the concept of node relay pressure is proposed, and a green global routing scheme based on node relaying pressure (GGNRP) is designed. In GGNRP, the source node obtains a green global route for data transmission based on the node-to-BS path information and node energy information stored in the BS, which avoids the routing hole problem that is widely found in planar routing. e contributions of this article are summarized as follows: (1) In this article, a blockchain-based key management scheme is proposed to solve the mutual trust problem between different domain nodes. e scheme reduces the number of signature verifications and shortens the time delay of key acquisition and verification, making the NDN more suitable for IoV.
(2) To reduce the transmission delay of VNDN, a green global routing scheme based on node relaying pressure is designed. is scheme uses the path transmission delay and the node relaying pressure value as metrics for routing decisions, which ensures low delay while protecting the nodes with high communication load and low residual energy in VNDN. e rest of this article is organized as follows. Related work is presented in Section 2. Section 3 details the proposed blockchain-based key management scheme. GGNRP is presented in Section 4. e experimental results are presented in Section 5, followed by the conclusions in Section 6.

Security in NDN.
NDN is expected to change the architecture of the Internet. For this reason, researchers hope to introduce NDN into IoV to enhance the scalability, reliability, and security of IoV [18]. However, the security requirements of IoV are still difficult to meet due to the high dynamic topology, high mobility, delay, and propagation content [19]. On the other hand, NDN still has various security and privacy issues [20], such as naming, signature, and cache privacy, which makes the establishment of VNDN challenging. Several works have designed solutions to address security issues from the perspective of NDNs [21][22][23]. Song et al. [21] proposed a smart contract-based trusted content retrieval mechanism for NDNs.
is mechanism uses smart contract-based content and a repository of information trusted by producers and provides content retrieval and name resolution services for content consumers. A blockchain-based effective identifier management scheme in the NDN environment was proposed in [22]. is scheme uses the content name of an identifier to create transactions to protect the identifier of a specific user and realizes secure storage and management through this identifier segmentation management technology. A blockchain-based hierarchical identity-based security mechanism was proposed for NDN to maintain data-oriented authentication [23]. However, most of the existing solutions do not take into account the characteristics of IoV, making them inapplicable in high mobility and low-delay IoV.
For IoV, most existing schemes focus on routing and relaying [24,25]. To maximize the possibility for users to retrieve the desired content, Mauri et al. [24] formulated this problem as an integer linear programming (ILP) problem and showed how to optimally distribute content in IoV while considering the available storage capacity and available link capacity. In [25], an active data distribution scheme was proposed to push key content to one-hop neighbors in VNDN.
Focusing on information security and privacy preservation in vehicular ad hoc networks, a full session key agreement scheme was proposed based on chaos mapping [26]. To achieve fast authentication during the message verification process, a novel Chinese remainder theorem (CRT)-based conditional privacy-preserving authentication scheme was presented [27]. To manage keys efficiently, a scalable solution was proposed for key and trust management of devices [28], with the combination of blockchain and software-defined networking (SDN) that is able to store the public keys of devices on the blockchain and route the network traffic efficiently. To address the low security and communication efficiency in the blockchain, a key secretsharing scheme was proposed based on generative adversarial networks (GANs), which view the secret as an image during the secret-sharing process [29]. However, since the security aspects of VNDNs have not been extensively studied, communication in IoV can be subject to many security threats, such as denial of service (DoS) attacks, worm attacks, disinformation attacks, replay attacks, timing attacks, single points of failure, and content poisoning attacks.

Green Routing Protocol.
According to the network structure, the existing green routing protocols can be divided into two types. One type is hierarchical routing, such as the low-energy adaptive clustering hierarchy (LEACH) [30], power-efficient gathering in sensor information systems (PEGASIS) [31], and the energy-efficient concentric clustering routing scheme (EECCRS) [32]. In these routing protocols, the network is clustered into groups according to the distribution of the system, there are several nodes in each cluster, and each node belongs to only one cluster. ere is a cluster head (CH) in each cluster, and the CH needs to collect and process the data from the cluster members that are in the same cluster. e processed data are transmitted to the base node directly or indirectly. Hierarchical routing protocols have excellent expansibility and are easy to manage. However, forwarding data will cost tremendous energy. e other type of green routing protocol is flat routing, such as node spatial distribution (NSD) [33], geographic routing oriented sleep scheduling (GSS) [34], energy-balanced routing protocol (EBRP) [35], energy savings via opportunistic routing (ENS_OR) [36], and the energybalanced routing method based on forward-aware factor (FAF-EBRM) [37]. Unlike hierarchical routing protocols, all nodes in flat routing protocols are the same, and each node communicates with the base node in a multihop manner. However, there are issues of poor extensibility and hole problems in flat routing. e schemes mentioned above provide effective solutions for VNDN, but their applicability in VNDN with high mobility and high data volume is limited. erefore, this article tries to fill this gap and proposes a blockchain-based key management and green routing scheme for VNDN, in which keys can achieve safe and efficient management and authentication by using blockchain. Additionally, it aims to decrease power consumption and delay.

System Model.
In this section, a blockchain-based key management scheme is introduced to solve the problem of lack of trust in interdomain nodes and to improve the authentication efficiency of key management. e system model of blockchain-based key management is shown in Figure 1, which contains the main parts described as follows.

Trusted Agency (TA).
A trusted third-party authority that provides services for the domain is mainly used to generate public/private key pairs (PB Uk , PV Uk ) for user i in the domain and public/private key pairs (PB Dk , PV Dk ) for the domain. Meanwhile, the TA joins the consortium blockchain as a node of the blockchain to manage the generated keys securely and efficiently. Each TA is responsible for managing one domain.

Routing
Node. VNDN routing nodes have relaying, caching, and broadcasting functions. e main function is to relay interest packets to nodes that have data and trace data packets back to consumers.

Domain.
In an institution or organization, each domain contains multiple VNDN users and uses its private key to sign the users in the domain for authentication and to ensure the trustworthiness of the users. Each domain has a domain name that serves as a unique identifier in VNDN. e name of the domain can be expressed as follows: where Public key denotes the public key name of the domain, Hierarchy denotes the domain hierarchy to which the name belongs, PublicKeyHash is the hash of the domain public key, and Version denotes the version number.

User.
A data requester or data producer consists of intelligent vehicles and terminal equipment in VNDN. e name of the user can be expressed as follows: where Global route indicates the global and routable name for guiding the routing policy, Hierarchy denotes the user hierarchy to which the name belongs, PublicKeyHash indicates the hash of the user's public key, which will also be stored in the blockchain to verify the authenticity of the corresponding public key, BlockLocation indicates the location of the public key hash in the blockchain for fast retrieval, TransactionHash indicates the hash of the user's registered transaction, and Version indicates the version number. Different from the existing schemes, the blockchain includes the block head and register transactions, the unique license, and the transaction record. As shown in Figure 1, each block contains a block header and a block body. e block header contains the hash value of the previous block, the timestamp, the hash value of the current block, and the root hash. e block body contains details of the transaction. e proposed blockchain-based key management scheme has the following features.
(1) Integrity: all data are required to be signed by the data producer, and the data requester can easily verify the signature to be sure that the data have not been modified during the relaying process. (2) Confidentiality: the content of any transaction message should be protected by asymmetric cryptography and digital signatures and should not be affected by any other entities. (3) Reliability: after confirming that the data have not been modified, consumers can determine the source of the data so that they can trust the acquired data. (4) Authentication: authentication services are the basis for achieving trustworthiness. After verifying that the received data have not been modified, the blockchain network and TA are used to verify the legitimacy of the data producer. (5) Efficiency: the key retrieval and verification process is reduced to provide efficient key management and certification while providing basic services.

Key Management and Authentication.
e blockchainbased key management design focuses on two main aspects: one is to verify the integrity of the data and the other is to quickly verify the credibility of the data packet. e producer uses the private key to sign the data packet and send it to the consumer. After the consumer receives the data packet, it first uses the producer's public key to verify the signature to ensure the integrity of the data. en, it needs to authenticate the producer. If the data packet comes from a legitimate producer, the consumer trusts the data packet.  e designed blockchain-based key management scheme is divided into four main parts: system initialization, blockchain creation, packet transmission, and producer authentication.
Step 1: system initialization: system initialization is performed using an elliptic curve digital signature algorithm and asymmetric cryptography to ensure data confidentiality and integrity. TA i first issues the public/ private key pairs (PB Dk , PV Dk ), (PB Uk , PV Uk ) for the domain and user i within the domain.
Step 2: blockchain creation: user i creates a registration transaction and writes its public key hash to the transaction. e registered transaction is then sent to TA i to verify its legitimacy and is added to the blockchain. TA i verifies the legitimacy of the transaction, signs it, and broadcasts it to other blockchain nodes for consensus. e consensus nodes use the practical Byzantine fault tolerance (PBFT) consensus algorithm to conduct the consensus process on the transaction. After passing the consensus process, the registered transaction is uploaded to the consortium blockchain, and the public key hash of user i is stored in it. After that, TA i returns the BlockLocation i and TransactionHash i to user i, who writes them into the name.
Step 3: packet transmission: the consumer sends an interest packet to the router to request the content it needs. If the data are cached in the local storage of the intermediate router, the router returns a data packet to the consumer. Otherwise, the router forwards the Interest packet to the producer. Finally, the data packet is sent back to the consumer by the producer in the same way. In the asymmetric cryptographic scheme, the decryption Ver PB k (·) of the digitally signed data using the public key of sender k is as follows: where Sig PV k (·) is the digital signature using the private key of sender k and H(m) is the hash digest of message m.
Step 4: producer authentication: after the consumer receives the data packet, it uses the producer's public key to decrypt and verify the digital signature. However, only the public key from a legitimate producer can be trusted by the consumer. erefore, the authenticity of the public key must be verified first. e consumer first checks the BlockLocation i and TransactionHash i fields in the name to quickly find the location of the registered transaction containing the hash of the public key. en, the consumer obtains the public key hash stored in the blockchain from the "registration transaction" and calculates the obtained user's public key hash with the SHA-256 algorithm. After that, the two are compared and if the hash value is the same, the public key is proven to be true. Otherwise, the obtained public key is not the public key issued by a legitimate user.

Basic Definition.
e symbols used in this paper are shown in Table 1.
Definition 1. (the maximal minimum hop)Assume that V is the set of nodes in VNDN and each node v i 's minimum hop is known as hop i ; then, the maximal minimum hop m is Definition 3. (the set of candidate relaying node) e set of neighbor of v i is denoted as nbor i , and v i 's minimum hop is hop i ; then, the set of v i 's candidate nodes cand i is Considering that there are 18 nodes and one BS in VNDN shown in Figure 2, each node's minimum hop is known. In this network, hop 1  An example of communications between nodes and a BS is shown in Figure 3, where the red dotted circle is the communication range of the nodes. To facilitate the analysis, we assume that all nodes in this model have the same maximal transmission radius r. e network is composed of n nodes and one BS. When their distance is larger than r, they are unable to send packets to each other directly. e tasks of the nodes are to collect data in their deployed areas and transmit the collected data to the BS. When a node has packets to send, it communicates with the BS in a multihop way. As shown in Figure 3, when v 1 has data to forward, the packet can reach the BS with the help of v 5 and v 6 . In the initial phase, all nodes have the same energy, and the energy cost is related to the number of packets, the size of each packet, and the forwarding distance.
For the proposed GGNRP, the energy cost E R of receiving k bits is where k is the size of the data packet and E elec is the energy consumption that a node uses to send or receive one-bit data.
Security and Communication Networks e transmitting node also needs to consider the propagation loss, and the energy cost E T of sending k bits to the receiving node is where E elec represents the signal amplification cost, β is the wave loss factor, and d is the distance from the transmitting node to the receiving node.

GGNRP Process.
e proposed GGNRP consists of two main phases: the routing establishment phase and the data forwarding phase. e flowchart of routing establishment is shown in Figure 4.
Each node obtains its neighbors by broadcasting, and then GGNRP calculates every node's minimum hop by broadcasting several times. Every node computes its candidate relaying nodes according to its neighbors' minimum hops and its minimum hops. After that, each node uploads its candidate relaying node set, the energy cost of the communication between itself and its candidate set, and its ID to the BS. en, the BS simulates the process of nodes Base station sending exploring packets to the BS. e exploring packet that records its forwarding trace is transmitted only to the candidate relaying nodes of the nodes where the packet is. When the BS has computed all the nodes' shortest paths to itself, it will feed all path IDs and relevant information back to the related nodes. GGNRP avoids routing holes by limiting the forwarding objects in exploring data packets. e routing establishment phase includes the following parts: Step 1: calculating the minimum hop: GGNRP computes every node's minimum hop by broadcasting several times. Before this step, the minimum hops of the nodes in the network are all an unreachable number x. First, the BS broadcast packet has its maximum communication range, and the packet contains a number that is used to help the nodes compute their minimum hop, which is 1. If the number in the packet is less than its minimum hop, the node will change its minimum hop to this number. en, the nodes whose minimum hops are equal to the number in the packet will broadcast new packets to their neighbors, and the number in the new packet is one larger than the old number.
is process is repeated until there are no nodes whose minimum values are x. As shown in Figure 5, v 6 , v 7 , v 10 , v 11 , v 17 , and v 19 13 , and v 18 will achieve the same minimum hop of 3. According to Definition 3, we can obtain the candidate relaying nodes of each node in Figure 5 as shown in Table 2.
Step 2: simulating packet exploration: after Step 1, the BS has already collected enough information to finish the rest of the work in the routing establishment phase. GGNRP finds all the shortest paths to avoid additional energy consumption. e format of the exploring packet is shown in Table 3, which contains the multicast objects and the forwarding trace. In the exploration process, the exploring packet always takes the candidate relaying nodes of the nodes that the packet is in as the multicast objects. When the exploring packet reaches a node, it will record its ID in its forwarding trace and update its multicast objects as the node. When the BS appears in the multicast objects of the packet, the packet will be transmitted to the BS directly. e process of v 4 's packet exploration is shown in Figure 6, where the subscript of the packet indicates the trace of the packet. Nodes v 3 , v 8 and v 16 Figure 5: Compute the minimum hop.  12 , v 16 and v 17 ; the information in each node is shown in Table 5.
In the data forwarding phase, when v 4 obtains p 40 as the feedback path, it will check its local memory and find that v 3 is the next hop of v 4 in p 40 , and v 4 sends the ready packets to v 3 . Likewise, v 3 will find v 7 is the next hop; the packet will be sent to v 7 . v 7 finds that BS exists in p 40 so that the packet will be sent to the BS.
When the source node has data to send, it sends a request to the BS in the data forwarding phase. After receiving the request, the BS determines the optimal path according to the global energy information, the distribution of all nodes, and each node's relaying pressure. en, the BS feeds the ID set of the path back to the source node. When there is more than one path ID in the set, the source node first checks whether the matched next hop exists with the last ID in the local memory; if it exists, the packet will be sent to the next hop. Otherwise, the node will check the previous ID in the set.
Specifically, the data forwarding phase includes two steps: Step 1: global energy information cookie: the global energy information is important to decide the routing for the source node in GGNRP. e BS maintains the global energy information in GGNRP. e real-time energy information can be used to make the routing decision precisely. However, it will cause a great deal of energy consumption. GGNRP adopts the energy information cookie mechanism to avoid additional power consumption. When the source node starts to transmit data, the BS will compute every node's energy cost and update each node's energy information according to the number of packets, the size of each packet, and the distribution of the network.
Step 2: routing decision: the routing decision of GGNRP is made by the BS. e proposed routing decision algorithm is shown as Algorithm 1.
e BS determines the optimal routing according to the global energy information, the distribution of all nodes, and each node's relaying pressure. e lower the maximum relaying pressure of the path is and the less energy the path costs, the more likely the path is to be optimal. Since the multiple paths stored by each source node at the BS are the minimum number of hops, its performance in terms of delay is particularly excellent. However, the low-energy and high-burden nodes in the network cannot be well protected due to the limited paths. e BS will simulate the process of the nodes communicating with the BS. In the simulation, every time the packet reaches a node, the node will compare itself with its neighbors who have higher residual energy. If there are no nodes that have a higher weight than the current node, the packet will be sent to the original next hop. Otherwise, the packet will be sent to the node that has the highest weight and the BS will record the new path ID. is process repeats until the packet reaches the BS. Finally, the BS feeds the set of path IDs back to the source node. e packet is sent according to the path IDs set. When there is more than one ID in the set, the source node will check whether the next hop exists in the local memory in reverse order; if it exists, the packet will be sent to the next hop. Otherwise, the node will check the previous ID in the set in the memory.
GGNRP protects the lower-residual-energy nodes and higher-burden nodes by using the node relaying pressure as one of the routing decision factors. It reduces energy consumption by setting the path cost as one of the routing factors. In addition, all routing paths in GGNRP are almost the shortest

Simulation Setup.
To validate the effectiveness of the proposed GGNRP, the performance of GGNRP is evaluated and compared with FAF-EBRM [37] in terms of energy consumption and delay. e power consumption and average delay of different schemes with a varying number of nodes are considered in different scenarios. e setup of simulation parameters is shown in Table 6.

Power Consumption and Average Delay.
In this scenario, the monitoring area is set to 1000 × 1000 m 2 , and the number of nodes is set to 100. e lowest residual energy and average delay of GGNRP and FAF-EBRM are shown in Figures 7 and  8, respectively.
When the communication begins, the initial energy of all the nodes is 10 mJ. Before the 21st round, FAF-EBRM's lowest energy is slightly higher than that of GGNRP, which means that FAF-EBRM has a better performance than GGNRP in terms of energy consumption with low load. e reason is that FAF-EBRM chooses the high-energy-density forwarding area as the transmitting direction and GGNRP chooses the path cost and the node relaying pressure as the routing decision factors. In the 20th round, the energy of FAF-EBRM is 3 μJ higher than that of GGNRP. However, in the 21st round of transmission, the energy of GGNRP is 263 μJ higher than that of FAF-EBRM. Over time, the difference between GGNRP and FAF-EBRM increases. In the 57th round, the lowest residual energy of FAF-EBRM reaches 0 due to the first node, which consumes its energy, while GGNRP still has 1322 μJ of energy. ese results illustrate that choosing the path cost and the node relaying pressure as the routing decision metrics has an advantage over choosing the high-energy-density forwarding area as the transmitting direction. is is because FAF-EBRM does not consider the total communication cost in the routing decision. GGNRP can support 66 rounds of communications, which indicates that GGNRP has 15.8% greater efficiency than FAF-EBRM.
As shown in Figure 8, in the first round, the average delays of FAF-EBRM and GGNRP are 34.1 ms and 14.4 ms, respectively, which means that the average delay of GGNRP is 57.8% lower than that of FAF-EBRM. From an overall perspective, the average delay of FAF-EBRM varies around 38.0 ms. While GGNRP maintains an average delay of 14 ms and has little delay variation. In the 24th communication round, the difference between FAF-EBRM and GGNRP reaches its maximum value, and the average delays of FAF-EBRM and GGNRP are 61.6 ms and 13.6 ms, respectively. e former is 4.53 times greater than the latter. In the 30th round of communication, the difference between FAF-EBRM and GGNRP reaches the minimum value, and the average delays of FAF-EBRM and GGNRP are 30.3 ms and 13 ms, respectively. e delay of FAF-EBRM is still 2.33 times that of GGNRP. For FAF-EBRM, nodes have the opportunity to be the next hop as long as their locations relative to the base station are closer than that of the source node. When the source node or the energy distribution is different, the delay of the network is different, which results in large delay variation in the network. In addition, FAF-EBRM prefers to the nodes in the energy density area as its next hop, which leads to packets being forwarded frequently among nodes and results in a higher delay than GGNRP. For GGNRP, the routing paths are optimized, GGNRP maintains its delay at a low level, and its delay variation is small.

Performance Comparisons at Different Scales.
To evaluate the adaptability of GGNRP and FAF-EBRM at different scales, the power consumption and average delay results are shown in Figures 9 and 10, respectively, with varying numbers of nodes.
As shown in Figure 9, the remaining power is expressed as the number of forwarding packets. It is obvious that GGNRP can always afford more packets than FAF-EBRM, and the difference between them grows larger as the number of nodes increases. When the number of nodes is 150, the performance of GGNRP is almost the same as that of FAF-EBRM, and the numbers of forwarding packets of GGNRP and FAF-EBRM are 8044 and 7651, respectively. e performance of GGNRP is 5.13% higher than that of FAF-EBRM. When the number of nodes is 350, GGNRP can Input: Path i Output: S, w (1) For p ij ∈ Path i (2) For v k ∈ p ij (3) If max ij < Press v k (4) max ij � Press v k (5) End If (6) End For (7) If w < (1/(max ij * cost ij )) (8) w � (1/(max ij * cost ij )) (9) S � p ij (10) End If (11) End For (12) Return S, w ALGORITHM 1: Routing decision algorithm.    afford 25032 packets, which is 4.37 times that of FAF-EBRM.

Security and Communication Networks
ese results show that GGNRP is more scalable than FAF-EBRM as the number of nodes varies. e power consumption of FAF-EBRM may even increase as the scale of WSNs grows. is occurs because a packet in FAF-EBRM needs to be transmitted to more nodes in the energy density area.
As shown in Figure 10, the average delay of GGNRP remains almost constant at approximately 13.7 ms, while the average delay of FAF-EBRM clearly varies. e average delay of FAF-EBRM is much larger than that of GGNRP. When the number of nodes is 100, the average delay of GGNRP is 13.98 ms, which is only 36.8% of that of FAF-EBRM. e results indicate that the proposed GGNRP decreases the average delay by 63.2%. When the number of nodes is 250, the average delays of GGNRP and FAF-EBRM are 13.934 ms and 46.1762 ms, respectively, and the difference between FAF-EBRM and GGNRP reaches the maximum value. When the number of nodes is 300, the average delays of GGNRP and FAF-EBRM are 13.13 ms and 29.91 ms, respectively, and the difference between FAF-EBRM and GGNRP reaches the maximum value. e results show that GGNRP is effective with varying scales.

Security Analysis.
e security analysis of the proposed scheme is summarized as follows.

Distribution.
Instead of setting a root key, the proposed key management scheme utilizes the distributed blockchain as a trust anchor to guarantee the authenticity of the keys by storing a hash value. e failure of a single node does not affect the key acquisition and verification, which avoids the failure of single point.

Trustworthiness.
Blockchain solves the problem of cross-domain key authentication. In the absence of a root key, interdomain nodes cannot verify the legitimacy of the public key, which results in trust crisis. e proposed key management scheme stores the hash value of the public key in the blockchain and solves the trust problem of the public key by the tamper-evident nature of the blockchain.

Conclusion
In this article, a blockchain-based key management and green routing scheme is proposed for VNDN. A key management scheme is presented based on the blockchain by taking advantage of the distributed and antitampering characteristics of the blockchain. In this scheme, a flat hierarchical structure reduces the number of signatures and identity verifications needed to safely and efficiently verify the legitimacy of the producer. We elaborated on the mechanism of the scheme and the characteristics of its realization. To decrease the power consumption of nodes close to the BS and the transmission delay, the metric of node relay pressure is introduced, which makes the nodes with lower relay pressure more likely to be members of the selected forwarding path. e proposed GGNRP uses route exploration and feedback mechanisms in the routing establishment phase to avoid the coverage hole problem. In addition, GGNRP uses the node relay pressure and energy consumption as metrics in routing decisions, which reduces power consumption and transmission delays. e simulation results show that GGNRP can achieve better performance than FAF-EBRM in terms of power consumption and average delay.

Data Availability
e data used to support the findings of this study are available from the corresponding author upon reasonable request.

Conflicts of Interest
e authors declare that there are no conflicts of interest regarding the publication of this article.