{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,25]],"date-time":"2026-03-25T07:13:09Z","timestamp":1774422789811,"version":"3.50.1"},"reference-count":43,"publisher":"MDPI AG","issue":"1","license":[{"start":{"date-parts":[[2024,1,24]],"date-time":"2024-01-24T00:00:00Z","timestamp":1706054400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Cryptography"],"abstract":"<jats:p>Conditional Privacy Preserving Authentication (CPPA) schemes are an effective way of securing communications in vehicular ad hoc networks (VANETs), as well as ensuring user privacy and accountability. Cryptanalysis plays a crucial role in pointing out the vulnerabilities in existing schemes to enable the development of more resilient ones. In 2019, Zhang proposed a CPPA scheme for VANET security (PA-CRT), based on identity batch verification (IBV) and Chinese Remainder Theorem (CRT). In this paper, we cryptanalyze Zhang\u2019s scheme and point out its vulnerability to impersonation and repudiation attacks. In 2023, Zhang\u2019s scheme was cryptanalyzed by Tao; however, we point out flaws in Tao\u2019s cryptanalysis due to invalid assumptions; hence, we propose countermeasures to Tao\u2019s attacks. Furthermore, in 2021, Xiong proposed a Certificateless Aggregate Signature (CLAS) scheme which is also cryptanalyzed in this paper. Finally, we analyze the causes and countermeasures by pointing out the vulnerabilities in each scheme that enabled us to launch successful attacks and proposing changes that would fortify these schemes against similar attacks in the future.<\/jats:p>","DOI":"10.3390\/cryptography8010004","type":"journal-article","created":{"date-parts":[[2024,1,24]],"date-time":"2024-01-24T07:42:16Z","timestamp":1706082136000},"page":"4","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Cryptanalysis of Two Conditional Privacy Preserving Authentication Schemes for Vehicular Ad Hoc Networks"],"prefix":"10.3390","volume":"8","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-3603-8185","authenticated-orcid":false,"given":"Ahmad Mohamad","family":"Kabil","sequence":"first","affiliation":[{"name":"School of Information Technology & Computer Science, Nile University, Cairo 3247010, Egypt"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Heba","family":"Aslan","sequence":"additional","affiliation":[{"name":"School of Information Technology & Computer Science, Nile University, Cairo 3247010, Egypt"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8068-5120","authenticated-orcid":false,"given":"Marianne","family":"Azer","sequence":"additional","affiliation":[{"name":"National Telecommunications Institute, Cairo 3650108, Egypt"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"1968","published-online":{"date-parts":[[2024,1,24]]},"reference":[{"key":"ref_1","first-page":"100531","article-title":"PKIs in C-ITS: Security functions, architectures and projects: A survey","volume":"38","author":"Hammi","year":"2022","journal-title":"Veh. Commun."},{"key":"ref_2","first-page":"100548","article-title":"Towards secure intra-vehicle communications in 5G advanced and beyond: Vulnerabilities, attacks and countermeasures","volume":"39","author":"Chen","year":"2022","journal-title":"Veh. Commun."},{"key":"ref_3","doi-asserted-by":"crossref","unstructured":"Mannoni, V., Berg, V., Sesia, S., and Perraud, E. (May, January 28). A comparison of the V2X communication systems: ITS-G5 and C-V2X. Proceedings of the 2019 IEEE 89th Vehicular Technology Conference (VTC2019-Spring), Kuala Lumpur, Malaysia.","DOI":"10.1109\/VTCSpring.2019.8746562"},{"key":"ref_4","first-page":"100662","article-title":"Faster verification of V2X basic safety messages via Message Chaining","volume":"44","author":"Cominetti","year":"2023","journal-title":"Veh. Commun."},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"722","DOI":"10.1109\/TDSC.2019.2904274","article-title":"PA-CRT: Chinese remainder theorem based conditional privacy-preserving authentication scheme in vehicular ad-hoc networks","volume":"18","author":"Zhang","year":"2019","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"1385","DOI":"10.1109\/JIOT.2023.3289057","article-title":"B-DSPA: A Blockchain-based Dynamically Scalable Privacy-Preserving Authentication Scheme in Vehicular Ad-hoc Networks","volume":"11","author":"Tao","year":"2023","journal-title":"IEEE Internet Things J."},{"key":"ref_7","doi-asserted-by":"crossref","first-page":"3456","DOI":"10.1109\/TVT.2021.3064337","article-title":"CPPA-D: Efficient conditional privacy-preserving authentication scheme with double-insurance in VANETs","volume":"70","author":"Xiong","year":"2021","journal-title":"IEEE Trans. Veh. Technol."},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"33956","DOI":"10.1109\/ACCESS.2023.3263738","article-title":"Security Analysis of Conditional Privacy-Preserving Authentication Schemes for VANETs","volume":"11","author":"Shim","year":"2023","journal-title":"IEEE Access"},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"1098","DOI":"10.1109\/JSYST.2022.3213245","article-title":"Improved certificateless aggregate signature scheme against collusion attacks for vanets","volume":"17","author":"Xiong","year":"2022","journal-title":"IEEE Syst. J."},{"key":"ref_10","doi-asserted-by":"crossref","first-page":"39","DOI":"10.3233\/JCS-2007-15103","article-title":"Securing vehicular ad hoc networks","volume":"15","author":"Raya","year":"2007","journal-title":"J. Comput. Secur."},{"key":"ref_11","first-page":"100286","article-title":"An improved password-authenticated key exchange protocol for VANET","volume":"27","author":"Chen","year":"2021","journal-title":"Veh. Commun."},{"key":"ref_12","first-page":"138","article-title":"A survey on Intrusion Detection Systems and Honeypot based proactive security mechanisms in VANETs and VANET Cloud","volume":"12","author":"Sharma","year":"2018","journal-title":"Veh. Commun."},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Gon\u00e7alves, F., Ribeiro, B., Gama, O., Santos, A., Costa, A., Dias, B., Macedo, J., and Nicolau, M.J. (2019, January 28\u201330). A systematic review on intelligent intrusion detection systems for VANETs. Proceedings of the 2019 11th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT), Dublin, Ireland.","DOI":"10.1109\/ICUMT48472.2019.8970942"},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"877","DOI":"10.1016\/j.procs.2021.04.014","article-title":"Recent advances in machine-learning driven intrusion detection in transportation: Survey","volume":"184","author":"Bangui","year":"2021","journal-title":"Procedia Comput. Sci."},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Paar, C., and Pelzl, J. (2009). Understanding Cryptography: A Textbook for Students and Practitioners, Springer Science & Business Media.","DOI":"10.1007\/978-3-642-04101-3"},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"Raya, M., and Hubaux, J.-P. (2005). SASN \u201805: Proceedings of the 3rd ACM Workshop on Security of Ad Hoc and Sensor Networks, Association for Computing Machinery.","DOI":"10.1145\/1102219.1102223"},{"key":"ref_17","first-page":"100416","article-title":"LoRCA: Lightweight round block and stream cipher algorithms for IoV systems","volume":"34","author":"Noura","year":"2022","journal-title":"Veh. Commun."},{"key":"ref_18","unstructured":"Shamir, A. (1985). Advances in Cryptology: Proceedings of CRYPTO 84 4, Springer."},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Boneh, D., and Franklin, M. (2001, January 19\u201323). Identity-based encryption from the Weil pairing. In Proceedings of Advances in Cryptology\u2014CRYPTO 2001: 21st Annual International Cryptology Conference, Santa Barbara, CA, USA.","DOI":"10.1007\/3-540-44647-8_13"},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Zhang, C., Lu, R., Lin, X., Ho, P.-H., and Shen, X. (2008, January 13\u201318). An efficient identity-based batch verification scheme for vehicular sensor networks. Proceedings of the IEEE INFOCOM 2008\u2014The 27th Conference on Computer Communications, Phoenix, AZ, USA.","DOI":"10.1109\/INFOCOM.2008.58"},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"1851","DOI":"10.1007\/s11276-011-0383-2","article-title":"On batch verification with group testing for vehicular communications","volume":"17","author":"Zhang","year":"2011","journal-title":"Wirel. Netw."},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"189","DOI":"10.1016\/j.adhoc.2010.05.005","article-title":"SPECS: Secure and privacy enhancing communications schemes for VANETs","volume":"9","author":"Chim","year":"2011","journal-title":"Ad Hoc Netw."},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"1874","DOI":"10.1109\/TVT.2012.2186992","article-title":"CPAS: An efficient conditional privacy-preserving authentication scheme for vehicular sensor networks","volume":"61","author":"Shim","year":"2012","journal-title":"IEEE Trans. Veh. Technol."},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"1441","DOI":"10.1007\/s11276-013-0543-7","article-title":"Toward a secure batch verification with group testing for VANET","volume":"19","author":"Lee","year":"2013","journal-title":"Wirel. Netw."},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"1733","DOI":"10.1007\/s11276-014-0881-0","article-title":"A secure authentication scheme for VANETs with batch verification","volume":"21","author":"Bayat","year":"2015","journal-title":"Wirel. Netw."},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"3235","DOI":"10.1109\/TVT.2015.2406877","article-title":"Enhancing security and privacy for identity-based batch verification scheme in VANETs","volume":"66","author":"Tzeng","year":"2015","journal-title":"IEEE Trans. Veh. Technol."},{"key":"ref_27","first-page":"100228","article-title":"An efficient conditional privacy-preserving authentication scheme for Vehicle-To-Infrastructure communication in VANETs","volume":"22","author":"Ali","year":"2020","journal-title":"Veh. Commun."},{"key":"ref_28","first-page":"100384","article-title":"An efficient authentication scheme with strong privacy preservation for fog-assisted vehicular ad hoc networks based on blockchain and neuro-fuzzy","volume":"31","author":"Ogundoyin","year":"2021","journal-title":"Veh. Commun."},{"key":"ref_29","unstructured":"Al-Riyami, S.S., and Paterson, K.G. (2003). Advances in Cryptology\u2014ASIACRYPT 2003, Springer."},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"211","DOI":"10.1016\/j.ins.2018.10.021","article-title":"Privacy-preserving authentication scheme with full aggregation in VANET","volume":"476","author":"Zhong","year":"2019","journal-title":"Inf. Sci."},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"245","DOI":"10.1109\/JSYST.2020.2966526","article-title":"Efficient certificateless aggregate signature with conditional privacy preservation in IoV","volume":"15","author":"Mei","year":"2020","journal-title":"IEEE Syst. J."},{"key":"ref_32","first-page":"100535","article-title":"A pseudonym-based certificateless privacy-preserving authentication scheme for VANETs","volume":"38","author":"Qi","year":"2022","journal-title":"Veh. Commun."},{"key":"ref_33","doi-asserted-by":"crossref","first-page":"48","DOI":"10.1016\/j.ins.2015.04.033","article-title":"An efficient certificateless aggregate signature with conditional privacy-preserving for vehicular sensor networks","volume":"317","author":"Horng","year":"2015","journal-title":"Inf. Sci."},{"key":"ref_34","unstructured":"Li, J., Yuan, H., and Zhang, Y. (2016). Cryptanalysis and improvement of certificateless aggregate signature with conditional privacy-preserving for vehicular sensor networks. Cryptol. Eprint Arch."},{"key":"ref_35","doi-asserted-by":"crossref","first-page":"e3708","DOI":"10.1002\/ett.3708","article-title":"An efficient certificateless aggregate signature scheme for the Internet of Vehicles","volume":"31","author":"Zhao","year":"2020","journal-title":"Trans. Emerg. Telecommun. Technol."},{"key":"ref_36","doi-asserted-by":"crossref","unstructured":"Ming, Y., and Shen, X. (2018). PCPA: A practical certificateless conditional privacy preserving authentication scheme for vehicular ad hoc networks. Sensors, 18.","DOI":"10.3390\/s18051573"},{"key":"ref_37","first-page":"1","article-title":"An efficient certificateless aggregate signature without pairings for vehicular ad hoc networks","volume":"451\u2013452","author":"Cui","year":"2018","journal-title":"Inf. Sci."},{"key":"ref_38","first-page":"184","article-title":"An improved certificateless aggregate signature scheme without bilinear pairings for vehicular ad hoc networks","volume":"44","author":"Kamil","year":"2019","journal-title":"J. Inf. Secur. Appl."},{"key":"ref_39","first-page":"725","article-title":"An efficient certificateless aggregate signature scheme designed for VANET","volume":"63","author":"Li","year":"2020","journal-title":"Comput. Mater. Contin."},{"key":"ref_40","first-page":"317","article-title":"An efficient certificateless aggregate signature scheme for vehicular ad-hoc networks","volume":"17","author":"Malhi","year":"2015","journal-title":"Discret. Math. Theor. Comput. Sci."},{"key":"ref_41","doi-asserted-by":"crossref","first-page":"3076","DOI":"10.1007\/s11227-018-2312-y","article-title":"Secure CLS and CL-AS schemes designed for VANETs","volume":"75","author":"Kumar","year":"2019","journal-title":"J. Supercomput."},{"key":"ref_42","doi-asserted-by":"crossref","first-page":"89","DOI":"10.1016\/j.jnca.2018.09.005","article-title":"Secure smart health with privacy-aware aggregate authentication and access control in Internet of Things","volume":"123","author":"Zhang","year":"2018","journal-title":"J. Netw. Comput. Appl."},{"key":"ref_43","first-page":"5276813","article-title":"Efficient certificateless aggregate signature scheme for performing secure routing in VANETs","volume":"2020","author":"Xu","year":"2020","journal-title":"J. Secur. Commun. Netw."}],"container-title":["Cryptography"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2410-387X\/8\/1\/4\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T13:48:15Z","timestamp":1760104095000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2410-387X\/8\/1\/4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,1,24]]},"references-count":43,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2024,3]]}},"alternative-id":["cryptography8010004"],"URL":"https:\/\/doi.org\/10.3390\/cryptography8010004","relation":{},"ISSN":["2410-387X"],"issn-type":[{"value":"2410-387X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,1,24]]}}}