Improved Certificateless Aggregate Signature Scheme Against Collusion Attacks for VANETs

Vehicle ad-hoc networks (VANETs) can offer numerous benefits, but also face many privacy and security issues. There exist the certificate management burden and key escrow issue in traditional public key infrastructure (PKI)-based and identity (ID)-based privacy-preserving authentication schemes, respectively. In addition, the security of some existing cryptographic schemes depends on strong assumptions about the ideal tamper-proof devices. To address these issues, a certificateless aggregate signature (CLAS) scheme for VANETs has been proposed, which was claimed provably unforgeable. However, we found that this scheme cannot resist collusion attacks, which means the equivalent validity of the aggregate signature would be broken. Therefore, this article proposes an improved CLAS scheme against collusion attacks for VANETs (CA-CLAS). Security and performance analyses show that the proposed CA-CLAS scheme not only offers privacy and security guarantees for VANETs, but also improves efficiency compared to existing authentication schemes.