A security-enhanced certificateless conditional privacy-preserving authentication scheme with collusion-resistance for IoV

Abstract

Currently, Certificateless Conditional Privacy-Preserving Authentication (CLCPPA) schemes have been widely adopted to address security and privacy issues in the Internet of Vehicles (IoV). Recently, Genc et al. proposed an efficient CLCPPA scheme based on Elliptic Curve Cryptography (ECC), named ELCPAS, which features non-pairing, lightweight, and low-cost characteristics. It also supports batch verification to improve the efficiency of verifying multiple signatures. Unfortunately, the analysis reveals that this scheme is vulnerable to the forgery signature attack from Type-1 and Type-2 adversaries under the certificateless cryptography security model. Additionally, the batch verification algorithm in this scheme, as well as in most related CLCPPA schemes, is susceptible to the collusion attack from the emerging Type-3 adversary. To this end, we analyze Genc et al.’s scheme and provide the attack processes and countermeasures in detail. In particular, we present two potential attack ways from the Type-3 adversary, named injection and signature-swapping attacks. Then, a security-enhanced CLCPPA scheme with collusion-resistance for IoV is proposed, which can be formally proven to resist forgery attacks from Type-1 and Type-2 adversaries based on the Elliptic Curve Discrete Logarithm Problem (ECDLP). Meanwhile, for the Type-3 adversary, we propose the security model applicable to the batch verification scenario and introduce the Small Exponent Test (SET) technology to withstand such attacks, along with the rigorous formal security proof for this method. Performance analysis shows that compared with related CLCPPA schemes, the proposed scheme not only provides more comprehensive security but also maintains lower costs. Specifically, compared with Genc et al.’s scheme, the proposed scheme can maintain similar performance while ensuring enhanced security.