On the Security of a Lightweight Privacy-Preserving Authentication Protocol for VANETs

The extensive use of vehicles evolved the concept of smart city, due to which the Vehicular Ad-hoc Network (VANET) is broadly acknowledged for the communication of vehicles. This communication of vehicles helps to obtain information like the location of a vehicle, road condition and traffic congestion description, among others. Certainly, secure data transmission in VANET has become a great challenge for researchers. The numerous authentication protocols have been devised for the VANETs to preserve the anonymity and privacy of vehicles. However, most of the existing protocols suffer from heavy computations and vulnerable to different security weaknesses. Recently, Li et al. presented a lightweight privacy-preserving authentication protocol for VANETs. In this paper, we discuss the security flaws of Li et al.’s protocol (IEEE Systems Journal, pp 1937-9234, 10.1109/JSYST.2020.2991168). After analyzing Li et al.’s protocol, we notice that it does not provide resistance against the road-side unit impersonation attack and fails to preserve the anonymity and untraceability of vehicle. The secret key of the road-side unit in Li et al.’s protocol can be revealed easily. Moreover, Li et al.’s protocol lacks the provision of backward and perfect forward secrecy. In the end, we have presented some countermeasures to cope up with the existing flaws of Li et al.’s protocol.