Vehicular Ad hoc Networks (VANETs): Comparison
Please note this is a comparison between Version 1 by Muhammad Zubair and Version 2 by Catherine Yang.

Vehicular ad hoc networks (VANETs) have become an essential part of the intelligent transportation system because they provide secure communication among vehicles, enhance vehicle safety, and improve the driving experience.

  • vehicular ad hoc network
  • security
  • certificateless aggregate signature

1. Introduction

Vehicular ad hoc network (VANET) is an advanced version of the mobile ad hoc network (MANET), which was developed to enhance the safety, efficiency, and convenience of transportation [1]. VANET is a set of applications designed to offer new services connected to the traffic management system, designed to help various users to be better informed and use the transportation network to be safer, more connected, and significantly more intelligent. VANET can be established for monitoring and controlling traffic using the concept of vehicle-to-everything (V2X) communication, which includes vehicle to infrastructure (V2I), vehicle to sensor (V2S), vehicle to pedestrian (V2P), and Vehicle to Vehicle (V2V) communication [2][3][2,3]. The general architecture of a VANET is shown in Figure 1, which includes vehicles with built-in 5G-enabled onboard units (OBUs), 5G-enabled roadside units (RSUs), and trusted authorities (TAs). TA is a service provider, ensuring the safety of the VANET network and generating public and private keys for OBUs and RSUs [4]. In VANETs, each vehicle communicates through an OBU and broadcasts traffic-related information such as positions, speed, current time, traffic and road conditions to a nearby vehicle and an RSU [5].
Figure 1.
The general architecture of a VANET.
Despite all the attractive features offered by a VANET, there are significant challenges regarding its security and privacy when information is shared among vehicles through an open wireless channel. In a VANET system, an attacker can send bogus messages to the RSUs or other OBUs, which might cause disturbance on the roads, so it is necessary to verify the authenticity and integrity of the message [6]. Digital signature-based authentication techniques for VANETs have been built in various cryptographic frameworks, including public-key infrastructure (PKI), identity-based (ID), and certificateless cryptography.
In the standard implementation of public-key cryptography (PKC), each public key is required to produce a corresponding digital certificate [7]. Nevertheless, it not only involves certificate management but also contributes to an increase in the verification cost. To address the issues of certificate management, Shamir [8] came up with a novel technique in 1984 called ID-based public-key cryptography (ID-PKC). The public key consists of the user’s identity, such as phone number, e-mail address, etc., eliminating the need for a certificate. However, the private key is generated by the Key Generation Center (KGC), which might lead to a key escrow problem. To overcome the shortcomings of key management in traditional PKC and the key escrow problem in ID-PKC, Al-Riyami and Paterson [9] proposed Certificateless Public Key Cryptography (CL-PKC), which also requires the KGC to generate part of the user’s private key.

2. VANET Technology 

A VANET is a communication technology that enables V2V and V2I communications via the Internet, which can be affected by several cyber-attacks. So, to avoid such circumstances, the best solution is authentication, in which the participating nodes in the VANET environment can authenticate each other before transferring data or information. To achieve authentication, the best approach is to use a digital signature, which allows a sender to sign data with his private key and deliver it to the recipient, who can then use the sender’s public key to verify the signature. In a typical PKC-based signature, each user needs to produce a valid digital certificate that contains information about the identity of the certificate owner and the public key [7]. However, it not only requires certificate management but also contributes to an increase in the verification cost. To address certificate management issues, Shamir [8] proposed ID-PKC, in which the user’s identity is his public key, bypassing the need for certificates. However, the private keys are generated via the KGC, which might lead to a key escrow problem. Al-Riyami and Paterson [9] proposed the idea of CL-PKC, in which the user’s private key is made up of a secret value and a partial private key. The user chooses his secret key, while the KGC generates the partial private key. Since the KGC cannot access the user’s complete private key without the user’s secret key, the user’s public key can be calculated from the secret value. Thus, the potential security issues associated with key escrow are eliminated. Secondly, the user’s public key can be calculated from the secret value, so a certificate is no longer needed. In other words, the CLS technique has the potential to address issues in both the classic signature method and the ID-based method. CLAS has the benefits of CLS and AS. In 2003, Boneh et al. [10] proposed the concept of CLAS, which can combine the signatures of n (n > 1) different messages signed by n other users into a single signature. The receiver only needs to check the aggregated signature instead of all the signatures, thereby reducing the computational cost of signature verification and the communication overhead of signature transmission to some extent. The benefits of CLAS mentioned above have led to a lot of new research. Yum and Lee [11][12] proposed a CLAS scheme within the framework of the Random Oracle Model (ROM), but Hu et al. [12][13] discovered that Yum and Lee’s [11][12] scheme is vulnerable to public key replacement attacks. Deng et al. [13][14] designed and proved a secure practical CLAS scheme, although Kumar and Sharma [14][15] found that Deng et al. [13][14]’s scheme could guarantee unforgeability. A new certificateless signature system was presented by Horng et al. [15][16] for the use of V2I in a VANET’s communication. However, Ming and Shen [16][17] demonstrated that the scheme proposed by Horng et al. [15][16] was vulnerable to various attacks like replay attacks, modification attacks, impersonation attacks, and man-in-the-middle attacks and hence could not provide authentication and message integrity. Li et al. [17][18] addressed the limitation of Horng et al. [15][16]’s scheme and designed an improved CLAS scheme. However, the scheme has high computational and communicational costs since it uses bilinear pairing and point-to-point hash functions. Keitaro Hashimoto and Wakaha Ogata [18][19] came up with an open and small CLAS scheme in which the size of signatures stays the same, and any combination of signatures can be added together. However, the scheme is based on bilinear pairing, which necessitates higher computational and communicational costs. A highly effective AS scheme was developed by Malhi et al. [19][20] for privacy and authentication in VANETs. Cui et al. [20][21] developed an efficient CLAS scheme using ECC in vehicular sensor networks. On the other hand, Kamil et al. [21][22] claimed that Cui et al.’s [20][21] scheme is unsafe against signature forgery attack. Du et al. [22][23] proposed an effective CLAS scheme without pairings for healthcare wireless sensor networks. However, the scheme is based on ECC, which results in a significant increase in both computational and communicational costs. To avoid the unpleasant certificate management problem of PKI and the key escrow problem of an ID-based framework, Gowri et al. [23][24] developed a CLAS-based authentication scheme for VANETS. However, Yang et al. [24][25] proved that Gowri et al.’s [23][24] scheme failed to achieve the desired security goals. Ye et al. [25][26] designed an improved certificateless authentication and AS scheme that may effectively counter coalition attacks. In the same year, Vallent et al. [26][27] developed a safe and efficient certificateless aggregation technique (ECLAS) for VANETs that might be used in a smart grid scenario. However, the [25][26][26,27] schemes are based on ECC to provide conditional privacy preservation, which leads to heavy computational costs and communication overhead. A fully aggregated conditional privacy-preserving certificateless aggregate signature system (CPP-CLAS) was designed for VANETs by Yulei and Chen [27][28] in 2022. The proposed CPP-CLAS scheme uses ECC and general hash functions, which result in high computational costs and communication overhead. Another efficient pairing-free CLAS for secure VANET communication was introduced in the same year by Yibo et al. [28][29]. However, the [27][28][28,29] scheme was based on ECC, which has more computational costs and communication overhead. In 2022, Cahyadi et al. [29][30] proposed a pairing-based CLAS authentication scheme to improve security, privacy, and efficiency in VANETs. However, it is found that the overall computation cost of the scheme is high due to massive pairing.
ScholarVision Creations