A Security-Enhanced Conditional Privacy-Preserving Certificateless Aggregate Signature Scheme for Vehicular Ad-Hoc Networks

Vehicular ad-hoc networks (VANETs) can help facilitate traffic flow, reduce accidents, and enhance the driving experience. However, VANETs have some problems in terms of the authenticity and integrity of transmitted information and the preservation of vehicles' privacy. Many certificateless aggregate signature (CLAS) schemes have been proposed to address these concerns. Nevertheless, most of these schemes suffer from security and efficiency challenges, such as the inability to resist forgery attacks and high computation costs. Recently, an efficient CLAS scheme with conditional privacy protection has been put forward by Chen et al. However, there is a security flaw in this scheme. In this paper, we give a specific attack algorithm to indicate that Chen et al.'s proposal cannot resist a public key replacement attack initiated by external adversaries and then put forward a security-enhanced scheme. Furthermore, an efficient invalid signature identification algorithm is designed to identify invalid signatures after an aggregate verification has failed. Through rigorous security analysis, it has been verified that the scheme put forward can satisfy the fundamental security requirements of VANETs. Compared with other related schemes, our proposal improves efficiency while providing privacy and security guarantees for VANETs.