Lianhai Liu,Yujue Wang,Jingwei Zhang,Qing Yang

DOI: https://doi.org/10.1049/joe.2018.5311

2019-01-01

Journal of Engineering

Abstract:The messages in vehicular ad hoc networks (VANET) are vulnerable to attack in the open wireless environment. Group communication in VANET is receiving more attention, which confronts many security issues. First, only users who have passed legal authentication can communicate in the group. The ring signature is an effective solution. In addition, the group membership in the vehicular self-organising network changes rapidly, which leads to dynamic adjustment of group members. It is necessary to consider the computing power and communication capability of each node in the group members. To speed up the authentication process, a roadside unit with more computing power and communication capability than vehicles is selected as the signature agent, which effectively reduces the computational load of vehicles and accelerates the communication throughput. Meanwhile, the computational task and communication overhead have not been well-solved. To address these issues, this paper proposed an efficient proxy ring signature scheme for VANET to achieve higher signature efficiency and lower transmission overhead. The scheme allows both privacy protection and original signer tracing. Security analysis shows that the proposed scheme meets the security requirements of VANET.

Jianhong Zhang,Yuehai Wang

2019-01-01

Abstract:.As a significant cryptographical primitive, proxy re-signature(PRS) technique is broadly applied to distributed computation, copyright transfer and hidden path transfer because it permits that a proxy translates an entity’s signature into the other entity’s signature on the identical data. Recently, to discard time-consuming pairing operator and intricate certificate-maintenance, Wang et al. proposed two efficient pairing-free ID-based PRS schemes, and declared that their schemes were provably secure in the ROM. Very unluckily, in this investigation, we point out that Wang et al.’s schemes suffer from attacks of universal forgery by analysing their security, i.e., anyone can fabricate a signature on arbitrary file. After the relevant attacks are shown, the reasons which result in such attacks is analyzed. Finally, we discuss the corresponding improved method. Key–Words: ID-based PRS, integer factorization problem, universal forgeability, security attack

Yaqing Song,Chunxiang Xu,Yuan Zhang,Fagen Li

DOI: https://doi.org/10.1016/j.sysarc.2020.101851

IF: 5.836

2021-01-01

Journal of Systems Architecture

Abstract:<p>In this letter, we analyze the identity-based signature with conditional privacy-preserving authentication scheme (short for IBS-CPPA, published in Journal of Systems Architecture, doi: 10.1016/j.sysarc.2019.101692) and demonstrate that it cannot provide secure authentication between vehicles. Specifically, in IBS-CPPA, two types of adversaries can launch different attacks to forge a valid signature on any traffic-related message to impersonate a target vehicle, so as to invalidate the authentication between vehicles.</p>

computer science, software engineering, hardware & architecture

Zhiyu Xu,Liangliang Wang,Yiyuan Luo,Yu Long,Kai Zhang,Hailun Yan,Kefei Chen

DOI: https://doi.org/10.1109/jiot.2023.3337136

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:Vehicular ad-hoc networks (VANETs) can help facilitate traffic flow, reduce accidents, and enhance the driving experience. However, VANETs have some problems in terms of the authenticity and integrity of transmitted information and the preservation of vehicles’ privacy. Many certificateless aggregate signature (CLAS) schemes have been proposed to address these concerns. Nevertheless, most of these schemes suffer from security and efficiency challenges, such as the inability to resist forgery attacks and high computation costs. Recently, an efficient CLAS scheme with conditional privacy protection has been put forward by Chen et al. However, there is a security flaw in this scheme. In this paper, we give a specific attack algorithm to indicate that Chen et al.’s proposal cannot resist a public key replacement attack initiated by external adversaries and then put forward a security-enhanced scheme. Furthermore, an efficient invalid signature identification algorithm is designed to identify invalid signatures after an aggregate verification has failed. Through rigorous security analysis, it has been verified that the scheme put forward can satisfy the fundamental security requirements of VANETs. Compared with other related schemes, our proposal improves efficiency while providing privacy and security guarantees for VANETs.

Saad Ali Alfadhli,Songfeng Lu,Kai Chen,Meriem Sebai

DOI: https://doi.org/10.1109/access.2020.3014038

IF: 3.9

2020-01-01

IEEE Access

Abstract:Vehicles authentication, the integrity of messages exchanged, and privacy-preserving are essential features in vehicular ad hoc network (VANETs) security. Most of the previously proposed VANETs security solutions do not sufficiently satisfy the security and efficiency requirements. Besides, most of those solutions are heavily dependent on the system key and long-term sensitive data stored in an ideal tamper-proof device, which may not be practical or ideal for resource-constrained onboard units ( $OBUs$ ), especially in the case of an unexpected cloning or physical attack. Therefore, a robust authentication solution should consider those security issues and the nature of resource-constrained nodes. To satisfy all these requirements, we propose a lightweight multi-factor authentication and privacy-preserving security solution for VANETs. It employs a combination of physically unclonable functions ( $PUF$ ) and one-time dynamic pseudo-identities as authentication factors. Furthermore, it eliminates the heavy dependency on the system key by decentralising the wide precinct of the certificate authority ( $CA$ ) into regional domains and achieves robust control of domains keys. A detailed analysis demonstrates that our scheme efficiently meets the VANETs security requirements, and offers more suitable communication and computation costs and features than existing schemes.

Xiong Li,Tian Liu,Mohammad S. Obaidat,Fan Wu,Pandi Vijayakumar,Neeraj Kumar

DOI: https://doi.org/10.1109/jsyst.2020.2991168

IF: 4.802

2020-01-01

IEEE Systems Journal

Abstract:With the emergence of the concept of smart city and the increase of vehicles, the vehicular ad-hoc network (VANET) is widely accepted for the communication of vehicles to get information including road condition, traffic congestion description, speed, and location of vehicles. Naturally, the security of the data transmission in VANET has become one of the urgent tasks of researchers. Many privacy-preserving authentication protocols for VANETs have been presented. However, heavy computations and security flaws exist in them. Thus, we put forward a lightweight authentication protocol in a suitable communication model for VANET that meets the privacy protection needs, with only hash functions and exclusive-OR operations. Formal security analysis using BAN logic shows that our protocol achieves the security goals. Proverif is used to verify the security of the protocol and the results show that the privacy can be guaranteed under the simulated attacker. Moreover, through security properties analysis, our protocol is robust enough to get rid of common attacks and keep the communication data secretly. The performance comparison results show that our protocol is lightweight and efficient. Furthermore, we simulate the network with SUMO and NS-3, and all show that our protocol is efficient and practical for VANETs.

Yuanshuai Li,Li Cao,Guoli Zheng,Honglei Men,Liang Chen

DOI: https://doi.org/10.1016/j.compeleceng.2024.109261

IF: 4.152

2024-05-02

Computers & Electrical Engineering

Abstract:The Internet of Vehicles (IoV) provides various services to vehicles through information sharing to ensure road safety and improve traffic efficiency. However, malicious attackers can challenge the privacy and security systems of the IoV by conducting security attacks. Currently, many schemes use bilinear pairing or elliptic curves to construct authentication systems, ensuring anonymity of vehicle identities and message security. However, these schemes suffer drawbacks such as low computational efficiency and high communication overhead in highly dynamic IoV. Therefore, we propose a new efficient certificateless message authentication scheme. The proposed scheme constructs a lightweight security authentication protocol by improving the RSA dynamic accumulator and combining it with non-interactive discrete logarithm zero-knowledge proofs. In addition, our scheme eliminates the need for bilinear pairing operations, thereby reducing computational overhead. Simultaneously, it enables real-time tracking and revocation of malicious vehicle identities. Security analysis shows that our scheme can be reduced to a secure S-RSA assumption under the random oracle model, meeting various security requirements of the IoV. Performance analysis shows that our scheme diminishes not only the computational overhead but also the communication overhead.

engineering, electrical & electronic,computer science, interdisciplinary applications, hardware & architecture

Kang Li,Man Ho Au,Wang Hei Ho,Yi Lei Wang

DOI: https://doi.org/10.1007/978-3-030-31919-9_4

2019-01-01

Abstract:Vehicular ad hoc networks (VANETs) are fundamental components of building a safe and intelligent transportation system. However, due to its wireless nature, VANETs have serious security and privacy issues that need to be addressed. The conditional privacy-preserving authentication protocol is one important tool to satisfy the security and privacy requirements. Many such schemes employ the certificateless signature, which not only avoids the key management issue of the PKI-based scheme but also solves the key escrow problem of the ID-based signature scheme. However, many schemes have the drawback that the computational expensive bilinear pairing operation or map-to-point hash function are used. In order to enhance the efficiency, certificateless signature schemes for VANETs are usually constructed to support signature aggregation or online/offline computation. In this paper, we propose an efficient conditional privacy-preserving authentication scheme using an online/offline certificateless aggregate signature, which does not require bilinear pairing or map-to-point hash function, to address the security and privacy issues of VANETs. Our proposed scheme is proven to be secure with a rigorous security proof, and it satisfies all the security and privacy requirements with a better performance compared with other related schemes.

Xiaoyan Zhu,Shunrong Jiang,Liangmin Wang,Hui Li,Weidong Zhang,Zan Li

DOI: https://doi.org/10.1109/glocomw.2013.6855678

2013-01-01

Abstract:In this paper, we present an efficient privacy-preserving authentication scheme based on group signature for Vehicular Ad Hoc Networks (VANETs). Although group signature is widely used in VANETs to realize anonymous authentication, the existing schemes based on group signature suffer from long computation delay in the Certificate Revocation List (CRL) checking and signature verification process, leading to high message loss. As a result, they cannot meet the requirement of verifying hundreds of messages per second in VANETs. In our scheme, we first divide the precinct into several domains, in which road side units (RSUs) are responsible for distributing group private keys and managing vehicles in a localized manner. Then we use Hash Message Authentication Code (HMAC) to avoid the time-consuming CRL checking, and to ensure the integrity of messages before batch group authentication. At last, we adopt cooperative message authentication among entities, in which each vehicle just needs to verify a small number of messages, thus greatly alleviating the authentication burden. The security and performance analysis show that our scheme is more efficient in terms of authentication speed, while keeping conditional privacy in VANETs.

Yangyang Liu,Qi Xia,Xiong Li,Jianbin Gao,Xiaosong Zhang

DOI: https://doi.org/10.1016/j.sysarc.2023.102935

IF: 5.836

2023-07-08

Journal of Systems Architecture

Abstract:Cybersecurity is a hot issue in our times. People try to keep digital attacks away from cyberspace, to finish the task of cybersecurity. A vehicular ad hoc network (VANET) with drone assistance is an important part of cyberspace, which can be used in disastrous or rural areas. The data produced on the vehicle side should go through different channels to the central server for processing. However, various attacks may occur in communication, and the tasks of data security in VANETs attract researchers to solve them. Although, researchers have come up with various solutions to overcome the flaws; however, the various security loopholes are still there to be addressed. In this paper, we present a new and secure signature-based scheme for UAV-assisted VANETs, which can ensure that the produced data on the vehicles are transmitted securely. Also, the identities of vehicles can be tracked, if they should be monitored by police. We present the formal and informal security analysis of the proposed scheme to prove its security against well-known security attacks. The formal security analysis is presented based on the widely used random oracle model. The informal analysis is presented using the assumptions of the threat model. Also, Proverif is used to illustrate the security of our scheme under Dolev-Yao model. Furthermore, we present a detailed performance analysis of the proposed protocol along with a simulation to show that the proposed scheme is practical.

computer science, software engineering, hardware & architecture

Wang Shibin,Mao Kele,Zhan Furui,Liu Dong

DOI: https://doi.org/10.1007/s12083-020-00916-3

IF: 3.488

2020-01-01

Peer-to-Peer Networking and Applications

Abstract:In existing authentication schemes for vehicular ad hoc networks (VANETs), the public key infrastructure (PKI)-based pseudonym certificate, identity-based encryption and group signature technology are usually used to preserve the security and privacy. However, these schemes face some challenges, e.g., the time-consuming certificate revocation list (CRL) checking, identity revocation issue and the computation overhead of group signature, respectively. To cope with these challenges, we propose a hybrid conditional privacy-preserving authentication protocol based on the PKI certificate and identity-based signature. In our scheme, the trust authority (TA) assigns the unique long-term certificate for every registered node. Only the vehicle with valid certificate can apply the anonymous short term identity from the current RSU to sign safety-related message. The identity-based signature avoids the CRL checking and the complex bilinear paring operation. When vehicle is compromised, TA can easily revoke its identity by the only long-term certificate. To further enhance efficiency, vehicle can verify the received messages by the single or batch authentication manner. In addition, we optimize the authentication process to avoid vehicle verifying the repeated and unnecessary signatures. Compared with the current schemes, the simulation result shows that our authentication protocol can effectively reduce verified messages in the case of meeting the requirement of security and privacy.

Liangliang Wang,Mi Wen,Kefei Chen,Zhongqin Bi,Yu Long

DOI: https://doi.org/10.1007/978-3-319-69471-9_19

2017-01-01

Abstract:Through the application of certificateless signature, certificate management in traditional signatures can be simplified. Furthermore, the key escrow problem in identity-based signatures can be solved as well. As history has shown, there has not been a general pairing-free certificateless signature scheme which is mainly designed with modular exponentiation and modular multiplication that can possess resistance to Type I and Type II adversaries so far. Therefore, a new hard mathematic problem is firstly defined in this paper, which is called variant of RSA problem. In the next step, a new general pairing-free certificateless signature scheme is proposed based on the newly defined variant of RSA problem and the well known discrete logarithm problem. Fortunately, the proposed scheme is also the first RSA-based certificateless signature scheme that can possess resistance to Type I and Type II adversaries. In addition, a formal security proof is provided to demonstrate that, under adaptively chosen message attacks, the proposed scheme is provably secure against Type I and Type II adversaries in the random oracle model. When compared with other known pairing-free certificateless signature schemes of the same type, the computation cost of our scheme is slightly higher, however, a higher security level can be achieved.

Ikram Ali,Tandoh Lawrence,Fagen Li

DOI: https://doi.org/10.1016/j.sysarc.2019.101692

IF: 5.836

2019-01-01

Journal of Systems Architecture

Abstract:Vehicles exchange traffic-related messages with neighboring vehicles to aid passengers and provide efficient traffic management. This is done via wireless communication channels in Vehicular Ad Hoc Networks (VANETs). Security and privacy issues are a major concern in VANETs. A typical attack consists of a malicious third party modifying and retransmitting intercepted messages. Current state of the art solutions enable a verifier to authenticate the source of received messages as well as to check their integrity before accepting them. However, these solutions do not adequately address the efficiency with which multiple messages are verified in VANETs deployed in high traffic density areas. Due to this, the computational load on a verifier is increased. In this paper, an efficient Identity-Based Signature with Conditional Privacy-Preserving Authentication (IBS-CPPA) scheme based on the Elliptic Curve Cryptography (ECC) and general one-way hash functions for V2V communication is proposed. This scheme supports the batch signature verification method, which enables each vehicle to authenticate a large number of messages at the same time. We provide a security proof of the proposed IBS-CPPA scheme in the random oracle model. The performance evaluation indicates that our scheme is more efficient in terms of computational cost with respect to similar schemes.

Huang Lu,Jie Li,Guizani, M.

DOI: https://doi.org/10.1109/comcomap.2012.6154869

2012-01-01

Abstract:In Vehicular Ad hoc Networks (VANETs), authentication is a crucial security requirement to avoid attacks to both inter-vehicle and vehicle-roadside communication. Vehicles have to be prevented from the misuse of their private data and the attacks on their privacy. In this paper, we investigate the authentication and privacy issues in VANETs. We propose a novel ID-based authentication framework with adaptive privacy preservation for VANETs. In this framework, adaptive self-generated pseudonyms are used as identifiers instead of real-world IDs. The update of the pseudonyms depends on vehicular demands. The ID-Based Signature (IBS) scheme and the ID-Based Online/Offline Signature (IBOOS) scheme are used, for authentication between the Road Side Units (RSUs) and vehicles, as well as authentication among vehicles, respectively. System evaluation has been executed using efficient IBS and IBOOS schemes. It shows that, the proposed authentication framework with privacy preservation is suitable to the VANET environment.

Xiaoyan Zhu,Shunrong Jiang,Liangmin Wang,Hui Li

DOI: https://doi.org/10.1109/tvt.2013.2294032

IF: 6.8

2014-01-01

IEEE Transactions on Vehicular Technology

Abstract:In this paper, we present an efficient privacy-preserving authentication scheme based on group signature for vehicular ad hoc networks (VANETs). Although group signature is widely used in VANETs to realize anonymous authentication, the existing schemes based on group signatures suffer from long computation delay in the certificate revocation list (CRL) checking and in the signature verification process, leading to high message loss. As a result, they cannot meet the requirement of verifying hundreds of messages per second in VANETs. In our scheme, we first divide the precinct into several domains, in which roadside units (RSUs) are responsible for distributing group private keys and managing vehicles in a localized manner. Then, we use a hash message authentication code (HMAC) to avoid time-consuming CRL checking and to ensure the integrity of messages before batch group authentication. Finally, we adopt cooperative message authentication among entities, in which each vehicle only needs to verify a small number of messages, thus greatly alleviating the authentication burden. The security and performance analysis show that our scheme is more efficient in terms of authentication speed, while keeping conditional privacy in VANETs.

Lingbo Wei,Jianwei Liu,Tingge Zhu

DOI: https://doi.org/10.1109/mines.2011.146

2011-01-01

Abstract:Vehicular ad hoc networks (VANETs) have recently attract extensive attentions as a promising technology for improving traffic safety and efficiency. To make VANETs practical, security, privacy and efficiency are important issues. Anonymity preserving of group signature and lower overhead in verification of batch signature make these two kinds of signatures right tools to design VANET communication protocols. In IEEE ICC 2010, a privacy-preserving scheme for VANETs has been proposed, which is proposed by adding batch verification into a short group signature proposed in CRYPTO 2004, in order to offer a privacy-preserving and fast verification message authentication protocol in VANETs. However, we first point out that this scheme is wrong due to the confused computations. Then we propose a new efficient privacy-preserving vehicular communication scheme from the same group signature supporting batch verification.

Zhen Qin,Chen Yuan,Yilei Wang,Hu Xiong

DOI: https://doi.org/10.1016/j.ipl.2016.02.003

IF: 0.851

2016-01-01

Information Processing Letters

Abstract:ID-based signature enables users to verify signatures using only public identifier. Very recently, Rossi and Schmid (2015) [9] proposed two identity-based signature schemes along with the application to group communications. Unfortunately, by proposing concrete attack, we demonstrate that the former scheme is insecure against forgery attack, while the latter scheme has been totally broken in the sense that the signing key can be recovered from the valid signature easily.

Yibo Cao,Shiyuan Xu,Xue Chen,Yunhua He,Shuo Jiang

DOI: https://doi.org/10.1016/j.comnet.2022.109149

IF: 5.493

2022-09-04

Computer Networks

Abstract:Message authentication has been a research hotspot in current vehicular ad hoc networks (VANETs). Many researchers adopt group signatures based on number-theoretic assumptions to authenticate the vehicular users’ identities. Nevertheless, the classical group signature is vulnerable to quantum computing attacks and without considering the negative consequences of secret key disclosure. In this paper, to address these problems, we propose a novel group signature protocol for authentication in VANETs, which is based on lattice cryptography to achieve quantum-resistance and Bonsai-tree signature architecture to achieve forward security. Our scheme is proven secure in terms of traceability, anonymity, and forward-security under the Short Integer Solution (SIS) and Learning With Errors (LWE) hardness. Through comprehensive performance evaluation, we demonstrate that the storage overhead of our scheme is relatively diminutive and the computation cost of the sign and verify algorithms are efficient and practical compared with other existing schemes.

computer science, information systems,telecommunications,engineering, electrical & electronic, hardware & architecture

Ikram Ali,Fagen Li

DOI: https://doi.org/10.1016/j.vehcom.2019.100228

IF: 6.7

2020-01-01

Vehicular Communications

Abstract:Generally, Vehicular Ad Hoc Networks (VANETs) make use of the Public Key Infrastructure (PKI) to authenticate and determine the integrity of traffic-related messages. One major issue faced by most current state of the art schemes that concentrate on secure communication in VANETs is that of efficiency. These schemes do possess the aforementioned properties of being able to authenticate messages as well as ensure their integrity. They however, in one way or the other fail to do so efficiently. Current schemes do not allow a Road-Side Unit (RSU) to efficiently authenticate a large number of messages generated from multiple vehicles in its communication range. This is due to the large computational overhead involved in doing so sequentially. In this paper, we propose an efficient Identity-based Conditional Privacy-Preserving Authentication (ID-CPPA) signature scheme based on bilinear map for Vehicle-To-Infrastructure (V2I) communication. This scheme uses general one-way hash functions rather than map-to-point hash functions. This increases the efficiency with which the signing as well as the verification of a message at the RSU is performed. In addition to this, our ID-CPPA signature scheme supports the batch signature verification method, which reduces the computational overhead on the RSU thereby allowing it to authenticate a large number of traffic-related messages from multiple vehicles in areas with high traffic density. The proposed scheme ensures security, i.e., unforgeability against the adaptive chosen-message attack and adaptive chosen-identity attack under the Inverse Computational Diffie-Hellman (Inv-CDH) problem in the Random Oracle Model (ROM). We show that this scheme is more efficient with respect to the computational cost it incurs as compared to similar schemes.

Hu Xiong,Jianbin Hu,Tao Yang,Wei Xin,Zhong Chen

DOI: https://doi.org/10.48550/arXiv.1008.5015

2010-08-30

Abstract:In this paper, we introduce an efficient and trustworthy conditional privacy-preserving communication protocol for VANETs based on proxy re-signature. The proposed protocol is characterized by the Trusted Authority (TA) designating the Roadside Units (RSUs) to translate signatures computed by the On-Board Units (OBUs) into one that are valid with respect to TA's public key. In addition, the proposed protocol offers both a priori and a posteriori countermeasures: it can not only provide fast anonymous authentication and privacy tracking, but guarantees message trustworthiness for vehicle-to-vehicle (V2V) communications. Furthermore, it reduces the communication overhead and offers fast message authentication and, low storage requirements. We use extensive analysis to demonstrate the merits of the proposed protocol and to contrast it with previously proposed solutions.

Cryptography and Security