Attackers can illegally open a vehicle by forgeing the Radio Frequency IDentification （RFID） signal sent by the vehicle remote key. Besides， when the vehicle remote key is lost or stolen， the attacker can obtain the secret data inside the vehicle remote key and clone a usable vehicle remote key， which will threaten the property and privacy security of the vehicle owner. Aiming at the above problems， a Vehicle RKE Two-Factor Authentication （VRTFA） protocol for vehicle Remote Keyless Entry （RKE） that resists physical cloning attack was proposed. The protocol is based on Physical Uncloneable Function （PUF） and biological fingerprint feature extraction and recovery functions， so that the specific hardware physical structure of the legal vehicle remote key cannot be forged. At the same time， the biological fingerprint factor was introduced to build a two-factor authentication protocol， thereby solving the security risk of vehicle remote key theft， and further guaranteeing the secure mutual authentication of vehicle RKE system. Security analysis results of the protocol using BAN logic show that VRTFA protocol can resist malicious attacks such as forgery attack， desynchronization attack， replay attack， man-in-the-middle attack， physical cloning attack， and full key leakage attack， and satisfy the security attributes such as forward security， mutual authentication， data integrity， and untraceability. Performance analysis results show that VRTFA protocol has stronger security and privacy and better practicality than the existing RFID authentication protocols.

Ring signature is widely used to solve the problems of user identity and data privacy disclosure because of its spontaneity and anonymity； and certificateless public key cryptosystem can not only solve the problem of key escrow， but also do not need the management of public key certificates； certificateless ring signature combines the advantages of both of the above mentioned， and has extensive research significance， but most of the existing certificateless ring signature schemes are based on the calculation of bilinear pairings and modular exponentiation， which are computationally expensive and inefficient. In order to improve the efficiency of signature and verification stages， a new Efficient CertificateLess Ring Signature （ECL-RS） scheme was proposed， which used elliptic curve with low computational cost， high security and good flexibility. The security statute of ECL-RS scheme stems from a discrete logarithm problem and a Diffie-Hellman problem， and the scheme is proved to be resistant to public key substitution attacks and malicious key generation center attacks under Random Oracle Model （ROM） with unforgeability and anonymity. Performance analysis shows that ECL-RS scheme only needs （n+2） （n is the number of ring members） elliptic curve scalar multiplication and scalar addition operations as well as （n+3） one-way hash operations， which has lower computational cost and higher efficiency while ensuring security.