Attack Analysis and Enhanced Authentication Protocol Design for Vehicle Networks
Weizheng Wang, Qipeng Xie, Yongzhi Huang, Yong Ding, Lejun Zhang, Demin Gao, Chunhua Su, Joel J. P. C. Rodrigues
Abstract
Vehicular Ad-hoc Networks (VANETs) face significant security and privacy challenges in modern intelligent transportation systems. This paper analyzes vulnerabilities in Al-Shareeda et al.'s vehicle authentication protocol (doi: 10.1109/TDSC.2025.3553868) and proposes an enhanced ECC-based scheme using short-lived pseudonymous certificates. We identify two critical weaknesses in Al-Shareeda et al.'s protocol—a desynchronization attack causing potential denial-of-service and an identity linking attack compromising vehicle privacy. Our protocol establishes mutual authentication between vehicles and roadside units, ensuring message integrity, anonymity, and perfect forward secrecy. Unlike existing approaches, it eliminates the need for online third-party authenticators. Formal security proofs demonstrate that the scheme's security is reducible to the hardness of the ECDLP and CDH problems. Performance analysis shows our approach achieves an optimal security-efficiency balance with competitive communication overhead (4608 bits) and computation costs (5.02 ms) compared to state-of-the-art alternatives, while uniquely satisfying all twelve evaluated security properties.