Rebuttal to “On the Unforgeability of ‘Privacy-Preserving Aggregation-Authentication Scheme for Safety Warning System in Fog-Cloud Based VANET”’ | IEEE Journals & Magazine | IEEE Xplore

Rebuttal to “On the Unforgeability of ‘Privacy-Preserving Aggregation-Authentication Scheme for Safety Warning System in Fog-Cloud Based VANET”’


Abstract:

Lin recently claimed that the privacy-preserving aggregation authentication scheme (PPAAS) based on a certificateless aggregation signcryption scheme (CASS) proposed in o...Show More

Abstract:

Lin recently claimed that the privacy-preserving aggregation authentication scheme (PPAAS) based on a certificateless aggregation signcryption scheme (CASS) proposed in our paper (IEEE Transactions on Information Forensics and Security, vol.17, pp.317-331, Jan.2022) suffers from a forgery attack from type II adversary. In this paper, we show that this attack is not valid since the adversary outputs a trivial forged ciphertext. Specifically, the adversary has the master secret key and randomly selects the secret values of all users.
Page(s): 10373 - 10374
Date of Publication: 30 October 2024

ISSN Information:

Funding Agency:


A. Review

We will now briefly discuss Lin’s [1] forgery attack against our privacy-preserving aggregation authentication scheme (PPAAS) described in [2]. Recall that PPAAS is based on the CASS that consists of five stages, namely: system initialization, registration, message delivery, fog-cloud based message processing, and trace. We will now describe these five stages below.

System initialization: The TA generates the public system parameters and the master secret key, where the master key is used to issue partial private keys for the entities (i.e., vehicles or RSUs) in the system.

Registration: Vehicles obtain a pool of pseudonyms and the corresponding partial private keys from the TA and then use them to generate their full private-public key pairs. As for the RSUs, they only obtain one partial private key from the TA and then use it to generate their long-term full private-public key pair. Specifically, the TA computes the partial private key of an entity by running the PPK algorithm of CASS proposed in [2], while the vehicle/RSU computes the full public-private key pairs by running the UKG algorithm of CASS proposed in [2].

Message delivery: Vehicles generate signcrypted traffic-related messages and send them to nearby RSUs. For example, when a vehicle enters the communication range of an RSU and needs to send a traffic-related message to the RSU, it runs the Signcrypt algorithm of the CASS proposed in [2] which takes the traffic-related message, the current aggregate keyword, its current pseudonym, and the corresponding private-public key pair generated in the registration stage, and the public key and identity of the RSU as inputs.

Fog-cloud based message processing: The RSUs unsigncypt the received signcrypted traffic-related messages under the same aggregate keyword and aggregate them into an aggregated ciphertext. Concretely, the RSU runs the AggUnSignCrypt algorithm of CASS proposed in [2] which takes the traffic-related message, the current aggregate keyword, its current pseudonym and the corresponding private-public key pair generated in the registration stage, and the public key and identity of the RSU as inputs. Then, the RSUs run Pre to generate a collision warning message and then forward the aggregated ciphertext to the CS.

Trace: The TA recovers the real identity of any malicious vehicle. Specifically, if an RSU finds a fake message, it will forward the corresponding pseudonym to the TA, which can then be used to recover the malicious vehicle’s real identity.

Contact IEEE to Subscribe

References

References is not available for this document.