Distributed Trust Authentication via TPM-Bound Credentials and Byzantine Consensus for Secure Vehicular Digital Twin Ecosystems

Autonomous vehicles (AVs) are transforming transportation systems, necessitating secure digital infrastructures for reliable operation. Vehicular Digital Twin (VDT) networks address AV limitations by enabling synchronized virtual replicas. However, intra-twin communications over public channels expose systems to severe security threats, including impersonation and data tampering. This paper proposes EDTAP-VDT: an Enhanced Distributed Trust Authentication Protocol for VDT networks, which ensures secure identity verification through a threshold cryptographic model anchored in hardware. The protocol employs a hierarchical edge-fog-cloud architecture to balance authentication loads and leverages Trusted Platform Modules (TPMs) to cryptographically bind credentials. Post-quantum secure primitives and a permissioned blockchain with Byzantine consensus ensure long-term security, pseudonymity, and immutable authentication traceability. Attribute-based access control is integrated into the authentication process for fine-grained data sharing. EDTAP-VDT guarantees confidentiality, forward secrecy, and desynchronization resilience while maintaining decentralized control. The protocol is formally validated using the Random Oracle Model, and additional resistance is demonstrated against active and passive attack vectors. Performance evaluation across realistic vehicular settings shows that EDTAP-VDT achieves up to 24% improvement in computational efficiency and up to 22% reduction in communication overhead compared to state-of-the-art alternatives while fulfilling all standard security attributes. The results establish EDTAP-VDT as a future-ready authentication framework for real-time, secure VDT applications in intelligent transportation environments.