Lianhai Liu,Yujue Wang,Jingwei Zhang,Qing Yang

DOI: https://doi.org/10.3390/s19030482

IF: 3.9

2019-01-01

Sensors

Abstract:A vehicular ad hoc network (VANET) is a special mobile ad hoc network that provides vehicle collaborative security applications using intervehicle communication technology. The method enables vehicles to exchange information (e.g., emergency brake). In VANET, there are many vehicle platoon driving scenes, where vehicles with identical attributes (location, organization, etc.) are organized as a group. However, this organization causes the issue of security threats (message confidentiality, identity privacy, etc.) because of an unsafe wireless communication channel. To protect the security and privacy of group communication, it is necessary to design an effective group key agreement scheme. By negotiating a dynamic session secret key using a fixed roadside unit (RSU), which has stronger computational ability than the on-board unit (OBU) equipped on the vehicle, the designed scheme can help to provide more stable communication performance and speed up the encryption and decryption processes. To effectively implement the anonymous authentication mechanism and authentication efficiency, we use a batch authentication scheme and a shared secret key mechanism among the vehicles, RSUs and trusted authority (TA). We design an efficient group secret key agreement scheme, which satisfies the above communication and security requirements, protects the privacy of vehicles, and traces the real identity of the vehicle at a time when it is necessary. Computational analysis shows that the proposed scheme is secure and more efficient than existing schemes.

Zhiyu Xu,Liangliang Wang,Yiyuan Luo,Yu Long,Kai Zhang,Hailun Yan,Kefei Chen

DOI: https://doi.org/10.1109/jiot.2023.3337136

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:Vehicular ad-hoc networks (VANETs) can help facilitate traffic flow, reduce accidents, and enhance the driving experience. However, VANETs have some problems in terms of the authenticity and integrity of transmitted information and the preservation of vehicles’ privacy. Many certificateless aggregate signature (CLAS) schemes have been proposed to address these concerns. Nevertheless, most of these schemes suffer from security and efficiency challenges, such as the inability to resist forgery attacks and high computation costs. Recently, an efficient CLAS scheme with conditional privacy protection has been put forward by Chen et al. However, there is a security flaw in this scheme. In this paper, we give a specific attack algorithm to indicate that Chen et al.’s proposal cannot resist a public key replacement attack initiated by external adversaries and then put forward a security-enhanced scheme. Furthermore, an efficient invalid signature identification algorithm is designed to identify invalid signatures after an aggregate verification has failed. Through rigorous security analysis, it has been verified that the scheme put forward can satisfy the fundamental security requirements of VANETs. Compared with other related schemes, our proposal improves efficiency while providing privacy and security guarantees for VANETs.

Yulei Chen,Jianhua Chen

DOI: https://doi.org/10.1109/jiot.2021.3121552

IF: 10.6

2021-01-01

IEEE Internet of Things Journal

Abstract:With the popularity of vehicular ad-hoc networks (VANETs), the secure communications between the vehicle and vehicle as well as between the vehicle and infrastructure have attracted people’s great attention. Vehicle privacy protection (including vehicle identity privacy and location privacy), high mobility, density, and limited bandwidth are also a problem that cannot be negligible. In VANETs, it is necessary to design a message authentication protocol to ensure data transmission security, vehicle anonymity, and unlinkability. Considering the resource-constrained environments, the certificateless aggregate signature (CLAS) scheme can compress $n$ signatures of $n$ messages from $n$ vehicles into a single signature, which reduces the signature verification time and storage overhead at the roadside unit. Based on the aforementioned analysis, we design a fully aggregated conditional privacy-preserving CLAS scheme (CPP-CLAS) for VANETs. Instead of using the expensive bilinear pairings and map-to-point hash function operations, the proposed CPP-CLAS scheme uses the elliptic curve cryptosystem (ECC) and general hash functions. Also, with the use of CLAS technology, the computation and communication cost of the scheme are significantly reduced. In addition, based on the elliptic-curve discrete logarithm problem (ECDLP), we prove that the CPP-CLAS scheme is existential unforgeability under adaptively chosen message attacks (EUF-CMAs). Performance and security analyses show that the CPP-CLAS scheme is more efficient and secure than other existing related schemes.

computer science, information systems,telecommunications,engineering, electrical & electronic

Xiaodong Yang,Songyu Li,Lan Yang,Xiaoni Du,Caifen Wang

DOI: https://doi.org/10.1109/tits.2024.3367925

IF: 8.5

2024-01-01

IEEE Transactions on Intelligent Transportation Systems

Abstract:Vehicular ad-hoc networks (VANETs) are integral to the evolution of intelligent transportation systems, offering substantial benefits in managing traffic flow, issuing warnings for potential accidents, and delivering information services to drivers. To ensure the authenticity and integrity of data exchanged within VANETs, numerous authentication schemes based on certificateless aggregate signature (CLAS) have been developed. However, state-of-the-art solutions often fail to be applicable in real-world VANETs due to security weaknesses and operational inefficiencies. Recently, Zhu et al. proposed an efficient CLAS-based authentication scheme with conditional privacy preservation (CPP) for VANETs (IEEE Transactions on Intelligent Transportation Systems, DOI: 10.1109/TITS.2023.3275077). Unfortunately, our analysis reveals that Zhu et al.’s scheme is incapable of withstanding coalition attacks from malicious RSUs and vehicles as well as public-key replacement attacks from dishonest vehicles. To facilitate secure communication in VANETs, we present a security-enhanced, pairing-free and energy-efficient CLAS-based authentication scheme with CPP for VANETs. This scheme has been rigorously proven to be secure against Type I, Type II and Type III attackers. Distinguished from other comparable schemes, our construction significantly reduces communication overhead and energy consumption while simultaneously fortifying security.

engineering, electrical & electronic,transportation science & technology, civil

Xincheng Li,Xinchun Yin,Jianting Ning

DOI: https://doi.org/10.1109/jiot.2023.3285402

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:Vehicular ad hoc network (VANET) enables a more efficient and secure traffic environment by integrating several emerging technologies. The technology of certificateless aggregate signature (CLAS) is widely utilized to guarantee secure communications in VANET. However, the legitimation of vehicles’ public keys cannot be verified effectively in existing CLAS protocols for VANET. Thus, a malicious key generation center (KGC) can masquerade as any vehicle and generate legitimate signatures. In this article, a reliable malicious KGC-resistant CLAS protocol, called RelCLAS, is proposed to eradicate this problem. RelCLAS solves the key escrow problem owning to the combination of registration-based encryption (RBE) and CLAS. Partial public keys selected by vehicles are stored in a key accumulator to prevent malicious KGC from forging valid signatures. Formal security proof demonstrates that RelCLAS satisfies the fundamental security requirements of VANET. Extensive simulations illustrate that RelCLAS is efficient, reliable, and feasible.

Asad Iqbal,Muhammad Zubair,Muhammad Asghar Khan,Insaf Ullah,Ghani Ur-Rehman,Alexey V. Shvetsov,Fazal Noor

DOI: https://doi.org/10.3390/fi15080266

2023-08-11

Future Internet

Abstract:Vehicular ad hoc networks (VANETs) have become an essential part of the intelligent transportation system because they provide secure communication among vehicles, enhance vehicle safety, and improve the driving experience. However, due to the openness and vulnerability of wireless networks, the participating vehicles in a VANET system are prone to a variety of cyberattacks. To secure the privacy of vehicles and assure the authenticity, integrity, and nonrepudiation of messages, numerous signature schemes have been employed in the literature on VANETs. The majority of these solutions, however, are either not fully secured or entail high computational costs. To address the above issues and to enable secure communication between the vehicle and the roadside unit (RSU), we propose a certificateless aggregate signature (CLAS) scheme based on hyperelliptic curve cryptography (HECC). This scheme enables participating vehicles to share their identities with trusted authorities via an open wireless channel without revealing their identities to unauthorized participants. Another advantage of this approach is its capacity to release the partial private key to participating devices via an open wireless channel while keeping its identity secret from any other third parties. A provable security analysis through the random oracle model (ROM), which relies on the hyperelliptic curve discrete logarithm problem, is performed, and we have proven that the proposed scheme is unforgeable against Type 1 () and Type 2 () forgers. The proposed scheme is compared with relevant schemes in terms of computational cost and communication overhead, and the results demonstrate that the proposed scheme is more efficient than the existing schemes in maintaining high-security levels.

Kang Li,Man Ho Au,Wang Hei Ho,Yi Lei Wang

DOI: https://doi.org/10.1007/978-3-030-31919-9_4

2019-01-01

Abstract:Vehicular ad hoc networks (VANETs) are fundamental components of building a safe and intelligent transportation system. However, due to its wireless nature, VANETs have serious security and privacy issues that need to be addressed. The conditional privacy-preserving authentication protocol is one important tool to satisfy the security and privacy requirements. Many such schemes employ the certificateless signature, which not only avoids the key management issue of the PKI-based scheme but also solves the key escrow problem of the ID-based signature scheme. However, many schemes have the drawback that the computational expensive bilinear pairing operation or map-to-point hash function are used. In order to enhance the efficiency, certificateless signature schemes for VANETs are usually constructed to support signature aggregation or online/offline computation. In this paper, we propose an efficient conditional privacy-preserving authentication scheme using an online/offline certificateless aggregate signature, which does not require bilinear pairing or map-to-point hash function, to address the security and privacy issues of VANETs. Our proposed scheme is proven to be secure with a rigorous security proof, and it satisfies all the security and privacy requirements with a better performance compared with other related schemes.

Pankaj Kumar,Saru Kumari,Vishnu Sharma,Xiong Li,Arun Kumar Sangaiah,SK Hafizul Islam

DOI: https://doi.org/10.1007/s11227-018-2312-y

IF: 3.3

2018-01-01

The Journal of Supercomputing

Abstract:Vehicular Ad hoc Network (VANET) is a part of intelligent transport system facing the problem of limited bandwidth. Certificateless aggregate signature (CL-AS) scheme gives an efficient solution of solving the limitation of bandwidth and also reduces the computation overhead. Aggregate signature (AS) allows integrating n number of individual signatures on n distinct messages from n distinct users into one single short signature where any signer out of n signers can generate the signature. We propose efficient CLS and CL-AS schemes for VANET. We demonstrate that our CL-AS scheme preserves the conditional privacy, in which message generated by a vehicle is mapped to a distinct pseudo-identity. The security of the proposed scheme is proved in the random oracle model against adaptive chosen-message attacks with the hardness of computational Diffie–Hellman Problem.

Xin Ye,Gencheng Xu,Xueli Cheng,Yuedi Li,Zhiguang Qin

DOI: https://doi.org/10.1155/2021/6677137

2021-01-01

Abstract:Development of Internet of Vehicles (IoV) has aroused extensive attention in recent years. The IoV requires an efficient communication mode when the application scenarios are complicated. To reduce the verifying time and cut the length of signature, certificateless aggregate signature (CL-AS) is used to achieve improved performance in resource-constrained environments like vehicular ad hoc networks (VANETs), which is able to make it effective in environments constrained by bandwidth and storage. However, in the real application scenarios, messages should be kept untamed, unleashed, and authentic. In addition, most of the proposed schemes tend to be easy to attack by signers or malicious entities which can be called coalition attack. In this paper, we present an improved certificateless-based authentication and aggregate signature scheme, which can properly solve the coalition attack. Moreover, the proposed scheme not only uses pseudonyms in communications to prevent vehicles from revealing their identity but also achieves considerable efficiency compared with state-of-the-art work, certificateless signature (CLS), and CL-AS schemes. Furthermore, it demonstrates that when focused on the existential forgery on adaptive chosen message attack and coalition attack, the proposed schemes can be proved secure. Also, we show that our scheme exceeds existing certification schemes in both computing and communication costs.

Ikram Ali,Yong Chen,Niamat Ullah,Rajesh Kumar,Wen He

DOI: https://doi.org/10.1109/tvt.2021.3050399

IF: 6.8

2021-02-01

IEEE Transactions on Vehicular Technology

Abstract:In vehicular ad-hoc networks (VANETs), safety messages are exchanged among vehicles and between vehicles and infrastructure to ensure passengers' safety and efficiency in traffic. The source authentication as well as integrity checking of these messages are very necessary for a receiver. Based on certificateless cryptography (CLC), some state-of-the-art signature schemes have been proposed to address these. Although they fulfill the requirements of authentication and privacy, they are not efficient with respect to performance. Bilinear pairings and map-to-point hash functions are used in these schemes. These require a huge amount of time to process. The computational power and storing capacity of an on-board unit (OBU) in each vehicle are limited. Therefore, computational overhead is induced on vehicles that need to authenticate messages in areas of high traffic density. In this paper, a provably secure and efficient certificateless short signature-based conditional privacy-preserving authentication (CLSS-CPPA) scheme for V2V communication is designed. This scheme does not use bilinear parings and is based on the elliptic curve cryptosystem (ECC). In addition, instead of map-to-point hash functions, general hash functions are used. Furthermore, the CLSS-CPPA scheme supports the batch signature verification method which allows multiple signatures to be verified simultaneously and efficiently. The CLSS-CPPA scheme ensures security against type-I and type-II attackers with respect to existential unforgeability against adaptively chosen message attacks (EUF-CMA) under a hardness assumption of the elliptic curve discrete logarithm problem (ECDLP) in the random oracle model (ROM). The proposed scheme significantly improves performance in terms of computational and communication costs in comparison with state-of-the-art schemes.

telecommunications,engineering, electrical & electronic,transportation science & technology

Lang Pu,Chao Lin,Jingjing Gu,Xinyi Huang,Debiao He

DOI: https://doi.org/10.1109/tifs.2024.3402992

IF: 7.231

2024-05-25

IEEE Transactions on Information Forensics and Security

Abstract:Vehicular Ad-hoc Networks (VANETs) constitute crucial elements within intelligent transportation systems. However, the rapid development of VANETs has brought forth an increasing number of security concerns. Conditional Privacy-Preserving Certificateless Signature (CPP-CLS) has emerged as a promising solution to ensure data security, preserve vehicle anonymity, and establish unlinkability in VANETs. In contrast to traditional public key infrastructure systems that involve cumbersome certificate management, and identity-based frameworks fraught with key escrow issues, CPP-CLS presents a more apt approach for VANETs. Unfortunately, the researches on CPP-CLS present a strange phenomenon in that a scheme proposed is always pointed out to have various security problems, especially public key replacement attacks. Moreover, there is a scarcity of published researches on the generic construction of CPP-CLS. To tackle these challenges, this paper proposes the first generic construction for CPP-CLS based on Type-T (Three-move type) signature, in which the public key reconstruction technique enables any receiver who owns a part of the sender's public key and the KGC's public key to reconstruct the complete sender's public key, which can alleviate the public key replacement attacks. A formal security analysis proves that our scheme effectively guards against existential forgery under adaptively chosen message attacks in the random oracle model, contingent upon the security of the underlying Type-T signature. Furthermore, We provide two specific instantiations of the generic construction to verify feasibility. Among them, the instantiation based on module learning with errors is effective against quantum attacks. Based on extensive experimental results and theoretical analysis, our implementations surpass the majority of existing similar schemes in either performance or security. This substantiates the feasibility of our generic scheme, making it applicable for constructing CPP-CLS schemes.

computer science, theory & methods,engineering, electrical & electronic

Ikram Ali,Mwitende Gervais,Emmanuel Ahene,Fagen Li

DOI: https://doi.org/10.1016/j.sysarc.2019.101636

IF: 5.836

2019-01-01

Journal of Systems Architecture

Abstract:Vehicular Ad Hoc Networks (VANETs) have been developing based on the state-of-art in wireless network communication technologies to improve traffic on roads. However, there are some threats to security and privacy due to the open wireless environment in VANETs and the high speed of vehicles. The authentication of messages related to traffic which are exchanged with the vehicles and the Road-Side Unit (RSU) is considered one of the most VANETs necessary security requirements. In this context, several schemes have been designed to secure the traffic-related messages in VANETs. However, these schemes suffer from high computational costs in signatures’ verification. To minimize the computational cost of signature generation and verification, we propose an efficient Certificateless Public Key Signature (CL-PKS) scheme using bilinear pairing to provide conditional privacy-preserving authentication for Vehicle-To-Infrastructure (V2I) communication in VANETs. The CL-PKS scheme supports batch signature verification and aggregate signature verification functions to speed up verification process. In addition to this, we include blockchain to our CL-PKS scheme to implement revocation transparency of pseudo-identities efficiently before verifying the signatures. Furthermore, this scheme provides security proof and protection against different types of attacks. The proposed scheme incurs lower computational cost as compared to that incurred by existing schemes.

Yang Zhao,Guohang Dan,Ankang Ruan,Jicheng Huang,Hu Xiong

DOI: https://doi.org/10.1109/dsc49826.2021.9346268

2021-01-01

Abstract:The vehicular sensor network has been developed to improve traffic, enhance the driving experience and so on, and is an inevitable technology trend. In vehicular sensor network, large amounts of data generated by vehicles need to be transmitted in the open channel, so it is important to ensure the integrity of information and vehicular privacy. For such a harsh condition, the aggregate signature technology is a very suitable solution, because it not only provides message integrity and authentication, but is also well suited to resource-constrained environments. Thus, in this paper, for vehicular sensor networks, we construct a certificateless and fault-tolerant aggregate signature (CLFTAS) scheme based on the elliptic curve cryptosystem. The certificateless nature makes our scheme free from the certificate management issue in traditional public key cryptography and the key escrow issue in identity-based cryptography. Fault tolerance greatly makes up for the aggregate signature's defect that adding an invalid individual signature to a valid aggregate invalidates the entire aggregation. Moreover, our scheme can protect the privacy of the vehicle’ identity. In the end, we give the security proof and performance evaluation. In the random oracle model, our scheme is secure under the assumption that solving the elliptic curve discrete logarithm problem is hard, and has great performance optimization and functionality compared with the state-of-the-art.

Rui Guo,Ruihan Dong,Xiong Li,Yinghui Zhang,Dong Zheng

DOI: https://doi.org/10.1016/j.vehcom.2024.100763

IF: 6.7

2024-03-16

Vehicular Communications

Abstract:The emergence of the Vehicular Ad-hoc Networks (VANETs) has greatly enhanced the efficiency and safety of transportation systems. However, due to the dynamicness and openness of vehicular networks, it is vulnerable for VANETs to confront various security threats. The dissemination of disinformation and the occurrence of attacks within these networks can result in severe damage and compromise the overall security of transportation systems. To mitigate such challenges, this paper presents an efficient certificateless aggregate signature scheme with dynamic revocation in VANETs. Taking use of the early-stopping factorial bitwise divisions (EFBD) algorithm, it achieves the invalid signatures tracking, and revokes the malicious vehicles dynamically. In addition, by combining the fingerprint counting bloom filter (FP-CBF), the trust assessment mechanism and the cloud server, it enables the vehicle to remedy its incorrect signatures. At last, through the comprehensive security and performance analysis, it demonstrates that this protocol enjoys improved communication security and computational efficiency.

telecommunications,transportation science & technology

Chenhuang Wu,Hui Huang,Kun Zhou,Chunxiang Xu

DOI: https://doi.org/10.23919/jcc.2021.01.013

2021-01-01

China Communications

Abstract:Digital signature, as an important cryptographic primitive, has been widely used in many application scenarios, such as e-commerce, authentication, cloud computing, and so on. Certificateless Public Key Cryptography (PKC) can get rid of the certificate management problem in the traditional Public Key Infrastructure (PKI) and eliminate the key-escrow problem in the identity-based PKC. Lately, a new Certificateless Signature (CLS) scheme has been proposed by Kyung-Ah Shim (IEEE SYSTEMS JOURNAL, 2018, 13(2)), which claimed to achieve provable security in the standard model. Unfortunately, we present a concrete attack to demonstrate that the scheme cannot defend against the Type I adversary. In this type of attack, the adversary can replace the public key of the signer, and then he plays the role of the signer to forge a legal certificateless signature on any message. Furthermore, we give an improved CLS scheme to resist such an attack. In terms of the efficiency and the signature length, the improved CLS is preferable to the original scheme and some recently proposed CLS schemes in the case of precomputation.

Liangliang Wang,Kefei Chen,Yu Long,Huige Wang

DOI: https://doi.org/10.1002/sec.1421

IF: 1.968

2016-01-01

Security and Communication Networks

Abstract:An aggregate signature refers to a signature, by which n signatures sigma(1),...,sigma(n) corresponding to n messages m(1),...,m(n) and n users u(1),...,u(n) can be transformed into a single short signature (sigma) over bar. Besides, anyone can be convinced by the single short signature that the n messages m(1),...,m(n) were definitely signed by the n users u(1),...,u(n) correspondingly. The concept of certificateless cryptography is proposed, so as to settle the key escrow problem in ID-based cryptography and eliminate the demand for certificates in certified cryptography. A certificateless signature scheme was proposed by Chen et al. in 2014, which was extended into a certificateless aggregate signature scheme. In this paper, two attacks are firstly provided, so as to indicate that the certificateless signature scheme is insecure against a Type I adversary and a Type II adversary. And then, it is demonstrated that the certificateless aggregate signature scheme is not able to achieve the security levels they claimed due to the weaknesses of the certificateless signature scheme. Copyright (c) 2016 John Wiley & Sons, Ltd.

Yaqing Song,Chunxiang Xu,Yuan Zhang,Fagen Li

DOI: https://doi.org/10.1016/j.sysarc.2020.101851

IF: 5.836

2021-01-01

Journal of Systems Architecture

Abstract:<p>In this letter, we analyze the identity-based signature with conditional privacy-preserving authentication scheme (short for IBS-CPPA, published in Journal of Systems Architecture, doi: 10.1016/j.sysarc.2019.101692) and demonstrate that it cannot provide secure authentication between vehicles. Specifically, in IBS-CPPA, two types of adversaries can launch different attacks to forge a valid signature on any traffic-related message to impersonate a target vehicle, so as to invalidate the authentication between vehicles.</p>

computer science, software engineering, hardware & architecture

Zhen Yan,Haipeng Qu,Xi-Jun Lin

DOI: https://doi.org/10.1093/comjnl/bxae048

2024-06-09

The Computer Journal

Abstract:Abstract Recently, Qiao et al. proposed a novel construction of certificateless aggregate signature (CLAS) scheme to ensure the integrity and authenticity of medical data in healthcare wireless medical sensor networks (HWMSNs). They first created an underlying certificateless signature (CLS) scheme, and then proposed a CLAS scheme from the underlying CLS scheme by adding an aggregation algorithm and a verification algorithm. In this paper, we point out that their CLS scheme is insecure because the Type I adversary can forge valid signatures. That is, the unforgeability is not actually captured by their CLS scheme. Finally, we map our cryptanalysis to the practical application. That is, in the practical application of HWMSNs, the attacker can launch real attack to their CLS scheme using our cryptanalysis to forge signatures. Therefore, Qiao et al.’s CLS scheme can be totally broken.

computer science, information systems, theory & methods, software engineering, hardware & architecture

Han Shen,Jianhua Chen,Hao Hu,Jian Shen

DOI: https://doi.org/10.1587/transfun.E99.A.660

2016-01-01

IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences

Abstract:Recently, H. Liu et al. [H. Liu, M. Liang, and H. Sun, A secure and efficient certificateless aggregate signature scheme, IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences, vol.E97-A, no.4, pp.991-915, 2014] proposed a new certificateless aggregate signature (CLAS) scheme and demonstrated that it was provably secure in the random oracle model. However, in this letter, we show that their scheme cannot provide unforgeability, i.e., an adversary having neither the user's secret value nor his/her partial private key can forge a legal signature of any message.

Yan XU,Liu-sheng HUANG,Miao-miao TIAN,Hong ZHONG,Jie CUI

DOI: https://doi.org/10.3969/j.issn.0372-2112.2016.08.011

2016-01-01

Abstract:Aggregate signature schemes are particularly useful for authentication in resource-constrained wireless net-works for realizing batch verification.Certificateless cryptosystems can resolve the certificate management problem or key es-crow problem in aggregate signature schemes.This paper firstly analyzed a certificatelss aggregate signature(CLAS)scheme. Then,a more efficient CLAS scheme that requires less bilinear paring operations was provided.The security analysis showed that this scheme can resist the forgery attack under the random oracle model,the security was equal to resolve CDH problem.