ECDSA-based certificateless conditional privacy-preserving authentication scheme in Vehicular Ad Hoc Network

A Certificateless Public Key Cryptography (CL-PKC) aims to avoid the drawback of both traditional public key cryptography which requires a Public Key Infrastructure (PKI), and Identity-Based Public Key Cryptography (ID-PKC) which suffers from the inherent key escrow problem. In Vehicular Ad Hoc Network (VANET), a Certificateless Conditional Privacy Preserving Authentication (CCPPA) fulfills all known VANET security requirements in order to resolve challenges related to security and privacy. However, the existing certificateless schemes only achieve a trust level 2 according to the hierarchy defined by Girault. In case the partial private key is leaked, a malicious node can replace the public key since the public key is not bound to an identity. As a result, the trusted authority can only identify malicious nodes by using their pseudo identities. Al-Riyami and Paterson introduced a binding technique that allows to lift the trust level of a normal certificateless scheme to a trust level 3 by using a binding technique. This paper proposes new CCPPA schemes that use Al-Riyami and Paterson's technique, can achieve a stronger security and achieve a trust level 3. In case the partial private key is leaked, only the legitimate node can use the corresponding public key which has been certified by the trusted authority. As a result, the proposed CCPPA schemes address the vulnerability related to the public key replacement attack which is present in several CCPPA schemes. The authors' schemes also offer a tracing technique which consists of allowing the trusted authority to identify a malicious node using both its pseudo identity and public key. The proposed schemes use ECC cryptography and avoid Map-to-Hash function and bilinear pairing. Also, we called their schemes ECDSA-CCPPA and ECDSA*-CCPPA since they allow to respectively implement Elliptic Curve Digital Signature Algorithm (ECDSA) and the modified ECDSA* during authentication process in VANET. A security analysis is performed and proves that the ECDSA-CCPPA and ECDSA*-CCPPA schemes are secure in the random oracle. Actually, the ECDSA*-CCPPA scheme has an advantage over ECDSA-CCPPA in that it allows to perform a batch verification of signatures, where RSUs can support vehicles by collecting vehicle's signatures and verifying their messages in congested areas in order to reduce verification time. Additionally, a performance analysis is carried out to compare ECDSA*-CCPPA with several existing schemes. The simulation results show that ECDSA*-CCPPA outperforms the studied schemes with regard to the signature and verification process of one message. Moreover, it has the less overhead when compared to the studied certificateless schemes.

• Record URL:
  https://doi.org/10.1016/j.vehcom.2022.100504
• Record URL:
  http://www.sciencedirect.com/science/article/pii/S2214209622000511
• Availability:
  • Find a library where document is available. Order URL: http://worldcat.org/issn/22142096
• Supplemental Notes:
  • © 2022 Elsevier Inc. All rights reserved. Abstract reprinted with permission of Elsevier.
• Authors:
  • Imghoure, Abdelkrim
  • 0000-0001-5023-2203
  • El-Yahyaoui, Ahmed
  • Omary, Fouzia
• Publication Date: 2022-10

Language

• English

Media Info

• Media Type: Web
• Features: Figures; References; Tables;
• Pagination: 100504
• Serial:
  • Vehicular Communications
  • Volume: 37
  • Issue Number: 0
  • Publisher: Elsevier
  • ISSN: 2214-2096
  • Serial URL: http://www.sciencedirect.com/science/journal/22142096/1/2

Subject/Index Terms

• TRT Terms: Computer security; Data privacy; Network nodes; Vehicular ad hoc networks
• Subject Areas: Data and Information Technology; Highways;

Filing Info

• Accession Number: 01859993
• Record Type: Publication
• Files: TRIS
• Created Date: Sep 30 2022 2:27PM