Skip to main content

Advertisement

Springer Nature Link
Log in

Security analysis and improvement of a privacy-preserving authentication scheme in VANET

  • Regular contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

    We’re sorry, something doesn't seem to be working properly.

    Please try refreshing the page. If that doesn't work, please contact support so we can address the problem.

Abstract

The vehicular ad-hoc network (VANET) is a critical component of intelligent transportation, which can improve transportation efficiency and promote road safety. To address security and privacy concerns in VANET, Zhong et al. presented a privacy-preserving authentication scheme. Furthermore, they stated that their scheme was secure and resistant to forgery attacks. However, in this article, we provide three different attack methods to demonstrate that their scheme is vulnerable to Type II attacks, coalition attacks, and universal forgery attacks. Hence, the security of their scheme cannot be guaranteed, and it cannot be deployed in a real-world VANET setting. To fix the security flaws, we give an improved scheme for revising their scheme. Our scheme retains the security properties of the original scheme, but the aggregate signature length is a fixed constant. Compared with related schemes, our enhanced scheme has a higher level of security and communication performance.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

Data availability

All data generated or analyzed during this study are available from this article and another published article [J. Liu, L. Wang, Y. Yu. Improved security of a pairing-free certificateless aggregate signature in healthcare wireless medical sensor networks. IEEE Internet of Things Journal, 7(6): 5256–5266, 2020].

References

  1. Thumbur, G., Rao, G.S., Reddy, P.V., Gayathri, N.B., Reddy, D.K., Padmavathamma, M.: Efficient and secure certificateless aggregate signature-based authentication scheme for vehicular ad hoc networks. IEEE Internet Things J. 8(3), 1908–1920 (2021)

    Article  Google Scholar 

  2. Kamil, I.A., Ogundoyin, S.O.: An improved certificateless aggregate signature scheme without bilinear pairings for vehicular ad hoc networks. J. Inf. Secur. Appl. 44, 184–200 (2019)

    Google Scholar 

  3. Zhao, Y., Hou, Y., Wang, L., Kumari, S., Khan, M.K., Xiong, H.: An efficient certificateless aggregate signature scheme for the Internet of Vehicles. Trans. Emerg. Telecommun. Technol. 31(5), 1–20 (2020)

    Google Scholar 

  4. Lu, R., Lin, X., Zhu, H., Ho, P.H., Shen, X.: Ecpp: efficient conditional privacy preservation protocol for secure vehicular communications. The Conference on Computer Communications. IEEE, pp. 1229-1237 (2008)

  5. Tzeng, S.F., Horng, S.J., Li, T., Wang, X., Huang, P.H., Khan, M.K.: Enhancing security and privacy for identity-based batch verification scheme in VANETs. IEEE Trans. Veh. Technol. 66(4), 3235–3248 (2017)

    Article  Google Scholar 

  6. Kamil, I.A., Ogundoyin, S.O.: On the security of privacy-preserving authentication scheme with full aggregation in vehicular ad hoc network. Secur. Privacy 3, 1–20 (2020)

    Google Scholar 

  7. Zhang, L., Zhang, F.: A new certificateless aggregate signature scheme. Comput. Commun. 32(6), 1079–1085 (2009)

    Article  MathSciNet  Google Scholar 

  8. Wang, D., Teng, J.: Probably secure cetificateless aggregate signature algorithm for vehicular ad hoc network. J. Electron. Inf. 40(1), 11–17 (2018)

    Google Scholar 

  9. Kumar, P., Kumari, S., Sharma, V., Li, X., Sangaiah, A.K., Islam, S.K.: Secure CLS and CL-AS schemes designed for VANETs. J. Supercomput. 75(6), 3076–3098 (2019)

  10. Shim, K.A.: On the security of a certificateless aggregate signature scheme. IEEE Commun. Lett. 15(10), 1136–1138 (2011)

    Article  Google Scholar 

  11. Horng, S.J., Tzeng, S.F., Huang, P.H., Wang, X., Li, T., Khan, M.K.: An efficient certificateless aggregate signature with conditional privacy-preserving for vehicular sensor networks. Inf. Sci. 317, 48–66 (2015)

    Article  MathSciNet  Google Scholar 

  12. Li, J., Yuan, H., Zhang, Y.: Cryptanalysis and improvement of certificateless aggregate signature with conditional privacy-preserving for vehicular sensor networks. Networks 317, 48–66 (2015)

    Google Scholar 

  13. Cui, J., Zhang, J., Zhong, H., Xu, Y.: SPACF: A secure privacy-preserving authentication scheme for VANET with cuckoo filter. IEEE Trans. Veh. Technol. 66(11), 10283–10295 (2017)

    Article  Google Scholar 

  14. Zhong, H., Han, S., Cui, J., Zhang, J., Xu, Y.: Privacy-preserving authentication scheme with full aggregation in VANET. Inf. Sci. 476, 211–221 (2019)

    Article  Google Scholar 

  15. Shen, H., Chen, J., Shen, J., He, D.: Cryptanalysis of a certificateless aggregate signature scheme with efficient verification. Secur. Commun. Netw. 9(13), 2217–2221 (2016)

    Google Scholar 

  16. Pointcheval, D., Stern, J.: Security arguments for digital signatures and blind signatures. J. Cryptol. 13(3), 361–396 (2000)

    Article  Google Scholar 

  17. Liu, J., Wang, L., Yu, Y.: Improved security of a pairing-free certificateless aggregate signature in healthcare wireless medical sensor networks. IEEE Internet Things J. 7(6), 5256–5266 (2020)

    Article  Google Scholar 

  18. He, X., Niu, X., Wang, Y., Xiong, L., Jiang, Z., Gong, C.: A hierarchical blockchain-assisted conditional privacy-preserving authentication scheme for vehicular ad hoc networks. Sensors 22(6), 1–18 (2022). https://doi.org/10.3390/s22062299

    Article  Google Scholar 

  19. Yang, Y., Zhang, L., Zhao, Y., Choo, K.K.R., Zhang, Y.: Privacy-preserving aggregation-authentication scheme for safety warning system in Fog-Cloud based VANET. IEEE Trans. Inf. Forensics Secur. 17, 317–331 (2022)

    Article  Google Scholar 

Download references

Funding

This work was supported by the National Natural Science Foundation of China (No. 61662069) and the Postdoctoral Research Foundation of China (No. 2017M610817).

Author information

Authors and Affiliations

  1. College of Computer Science and Engineering, Northwest Normal University, Lanzhou, 730070, China

    Xiaodong Yang, Wenjia Wang & Caifen Wang

  2. College of Big Data and Internet, Shenzhen Technology University, Shenzhen, 518118, China

    Caifen Wang

Authors
  1. Xiaodong Yang
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. Wenjia Wang
    View author publications

    You can also search for this author inPubMed Google Scholar

  3. Caifen Wang
    View author publications

    You can also search for this author inPubMed Google Scholar

Corresponding author

Correspondence to Xiaodong Yang.

Ethics declarations

Conflict of interest

The authors declare that they have no conflict of interest.

Ethical approval

This article does not contain any studies with human participants or animals performed by any of the authors.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Yang, X., Wang, W. & Wang, C. Security analysis and improvement of a privacy-preserving authentication scheme in VANET. Int. J. Inf. Secur. 21, 1361–1371 (2022). https://doi.org/10.1007/s10207-022-00617-3

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-022-00617-3

Keywords