Comments on “A Secure, Privacy-Preserving, and Lightweight Authentication Scheme for VANETs”
Abstract
Very recently in 2021, Nandy et al. proposed
an authentication scheme (IEEE Sensors Journal, 21(18),
pp. 20998-21011, DOI: 10.1109/JSEN.2021.3097172, 2021)
using elliptic curve cryptography and symmetric key-based
hash functions and claimed it to provide privacy-preserving
security for the VANETs. Nandy et al. further claimed that their
designed method outperforms some of the existing schemes.
Despite, the claim that their scheme can be deployed in
real-world VANETs scenarios, this study mentions a critical
design flaw in the computation of the key pair of each of the
vehicles participating in the vehicular networks. Specifically,
it is shown that a vehicle in Nandy et al.’s scheme cannot
generate its private key. As a result, the public key of the
vehicle is also void. Furthermore, it is also argued in this paper
that Nandy et al.’s scheme does not provide vehicle privacy
and during communication, two vehicles exchange useless
pseudo numbers without any open or hidden identification
information. Moreover, owing to the non-verification of the
credentials of the process initiating vehicle, the scheme of
Nandy et al. can become a prey to clogging attack.
Volume
22Issue
13Collections
The following license files are associated with this item: