ECDSA-based certificateless conditional privacy-preserving authentication scheme in Vehicular Ad Hoc Network

A Certificateless Public Key Cryptography (CL-PKC) aims to avoid the drawback of both traditional public key cryptography which requires a Public Key Infrastructure (PKI), and Identity-Based Public Key Cryptography (ID-PKC) which suffers from the inherent key escrow problem. In Vehicular Ad Hoc Network (VANET), a Certificateless Conditional Privacy Preserving Authentication (CCPPA) fulfills all known VANET security requirements in order to resolve challenges related to security and privacy. However, the existing certificateless schemes only achieve a trust level 2 according to the hierarchy defined by Girault. In case the partial private key is leaked, a malicious node can replace the public key since the public key is not bound to an identity. As a result, the trusted authority can only identify malicious nodes by using their pseudo identities. Al-Riyami and Paterson introduced a binding technique that allows to lift the trust level of a normal certificateless scheme to a trust level 3 by using a binding technique. This paper proposes new CCPPA schemes that use Al-Riyami and Paterson's technique, can achieve a stronger security and achieve a trust level 3. In case the partial private key is leaked, only the legitimate node can use the corresponding public key which has been certified by the trusted authority. As a result, the proposed CCPPA schemes address the vulnerability related to the public key replacement attack which is present in several CCPPA schemes. Our schemes also offer a tracing technique which consists of allowing the trusted authority to identify a malicious node using both its pseudo identity and public key. The proposed schemes use ECC cryptography and avoid Map-to-Hash function and bilinear pairing. Also, we called our schemes ECDSA-CCPPA and ECDSA*-CCPPA since they allow to respectively implement Elliptic Curve Digital Signature Algorithm (ECDSA) and the modified ECDSA* during authentication process in VANET. A security analysis is performed and proves that the ECDSA-CCPPA and ECDSA*-CCPPA schemes are secure in the random oracle. Actually, the ECDSA*-CCPPA scheme has an advantage over ECDSA-CCPPA in that it allows to perform a batch verification of signatures, where RSUs can support vehicles by collecting vehicle's signatures and verifying their messages in congested areas in order to reduce verification time. Additionally, a performance analysis is carried out to compare ECDSA*-CCPPA with several existing schemes. The simulation results show that ECDSA*-CCPPA outperforms the studied schemes with regard to the signature and verification process of one message. Moreover, it has the less overhead when compared to the studied certificateless schemes. (C) 2022 Elsevier Inc. All rights reserved.