Security and Privacy Schemes in Vehicular Ad-Hoc Network With Identity-Based Cryptography Approach: A Survey

Vehicular Ad hoc Networks (VANET) broadcast messages regarding road and environmental conditions. Due to its design, VANET inadvertently introduced security and privacy issues. Many researchers have suggested various approaches to address these shortcomings as the deployment of VANET becomes more widespread. Nevertheless, these solutions could not address all the security and privacy shortcomings in VANET. Furthermore, the proposed approaches incur high costs in terms of computation due to the complexity involved in doing so sequentially. One of the significant approaches used in VANET security and privacy mitigation is identity-based schemes. This paper provides a comprehensive survey on VANETs and the entities involved, attack models, and an analysis of the security and privacy requirements for identity-based security and privacy schemes for VANETs.


I. INTRODUCTION
Vehicular Ad-hoc Networks (VANETs) is a subclass of Mobile Ad-hoc Networks (MANETs), where a vehicle is considered a mobility node. VANET technology generally supports various functions such as intersection crash warning, cooperative forward collision, sensing cautioning, and [1]- [3]. In addition, a VANET technology offers the drivers and passengers services such as Internet access, locationbased services, and entertainment content [4]- [7]. Nevertheless, the main goal of VANET is to improve transportation by preventing and mitigating road traffic and accident [8]- [15].
Typically, the architecture of VANET includes three components: trusted authority (TA), roadside units (RSUs), and onboard units (OBUs), as shown in Figure 1. TA is a fully trusted entity with large computation and communication resources than other components in the system. RSU is an infrastructure device located adjacent to an intersection that serves vehicles within its coverage area with services such as management and communication via The associate editor coordinating the review of this manuscript and approving it for publication was Abderrezak Rachedi. the dedicated short-range communications (DSRC) standard [16]- [19]. Each vehicle has an OBU that shares the information of the driving circumstances with others or neighboring RSU via vehicle-to-vehicle (V2V) mode and vehicle-to-infrastructure (V2I) mode. Each vehicle sends to neighboring vehicles via DSRC with information about the road condition using these communication modes. While RSUs ensure better control of traffic by sending messages to a vehicle within their coverage area.
As connectivity transcends computing devices to everyday objects and even vehicles, VANET's role has become more prominent with more research and development in this domain. As with any new technology, VANET also suffers from issues related to security and privacy. More accurately, the challenges of security and privacy issues on V2V and V2I communications should be carefully considered in VANET [20]- [23].
Vehicles in a VANET environment are prone to security and privacy issues due to the openness of VANET. Therefore, they need to be addressed to ensure VANET users do not suffer from the problems aforementioned. Much research has been carried out in VANET relating to providing authentication. Nevertheless, there are several limitations to the existing schemes.
Furthermore, most of these schemes have a massive overhead in terms of computation complexity involved in doing so sequentially. The main goal of this paper is to critically review identity-based security and privacy schemes based highlighting their strengths and weaknesses guided by security requirements, privacy requirements, resistance to cyberattack, and the evaluation metrics.
The rest of this paper is structured as follows: Section II presents the overview of VANET. Section III deals with the background of VANET and the security and privacy requirements. Section IV reviews a relevant survey on the existing work. The identity-based security and privacy are classified differently in Section V. Section VI discusses the existing schemes and presents a critical review of related work. Conclusions of this paper are provided in Section VII.

II. VEHICULAR AD HOC NETWORK
This section provides the overview of the VANET system, a description of the architecture VANET follows in terms of entities and communications. Lastly, the comfort and safety applications of VANET are provided.

A. OVERVIEW
Each year, approximately 1.3 million fatalities and 30 million are reported due to road accidents, respectively. Since it is considered the ninth leading cause of death globally, gross domestic product (GDP) loss is around 3% or USD 1 trillion. Furthermore, It is expected, by 2030, road accidents will climb to the fifth position for the cause of death [24]. An intelligent transportation system (ITS) plays a particularly critical role in the road and transportation system. Smart vehicles are fast becoming a norm leveraging the rapid growth of wireless communications [25]. Modern vehicle manufacturers have started integrating wireless devices in every vehicle, enabling them to share road status information with others or infrastructures [26]. These vehicles form an ad hoc network, where the vehicles are nodes of a network known as VANET. Thus, VANET has become one of the most promising research areas with applications [4], [27]. Vehicles have an important position for persons. Several researchers have been archived to assist drivers and passengers. Recently, industry, academia, and governments have attracted extensive research and attention to VANET due to its massive development and deployment [28].

B. ARCHITECTURE
In this subsection, we describe the typical architecture of VANET in terms of entities and communications, as follows.

1) ENTITIES
As shown in Figure 1, three entities are involved in the VANETs, namely the TA, RSU, and OBU. Table 1 presents the model descriptions of the major entities in detail.

2) COMMUNICATIONS
As shown in Figure 1, two types of communication are comprised in the VANETs, Vehicle-To-Vehicle (V2V), and Vehicle-To-Infrastructure (V2I) communications. These communication modes use the DSRC protocol during wireless communication. The two modes are described as follows: • Vehicle-To-Vehicle (V2V) utilizes multi-hop wireless to broadcast messages to other entities in VANET via multiple hop nodes. In the communication of V2V, the OBU of vehicle issues message shares only with other OBUs. The vehicle utilizes this message to avert traffic accidents and disruption in the driving environment. For instance, when a traffic jam occurred, the vehicle transmits the status so that other vehicles closing the site could make changes to their journey to avert the congestion. The vehicle sends information to others every 100 to 300 ms using the protocol of DSRC [29], [30]. For example, VANET with 200 vehicles within the RSU range utilizing such a protocol means VOLUME 9, 2021 that 200 to 600 information is broadcasted every second. This must be checked by the verifying recipient [31].
• Vehicle-To-Infrastructure (V2I) communication utilizes single-hop wireless, sending a message from a fixed infrastructure located along the roadside. In the communication of V2I, the vehicle issues message share with other vehicles or nearby RSU by using DSRC protocol during the journey. The RSU provides the driver and passengers with internet access and downloading music or forwards the message to TA for further use.

C. APPLICATIONS
In VANET, the communication modes support a wide range of application development and provide the drivers and passengers with many convenience and entertainment information. VANET applications are categorized into (i) comfort and (ii) safety applications, as shown in Table 2.

A. OVERVIEW
VANET communication offers drivers and passengers many transportation applications and provides unprecedented nonsafety information and safety services. For example, when the vehicle collects and processes the exchange information involving V2V and V2I communications, it can increase the driver's awareness of the driving environment, which enhances driving experiences and improve passenger comfort [20], [22], [34].

B. SECURITY AND PRIVACY REQUIREMENTS
In this section, the security and privacy requirements of VANET are discussed in detail.

1) SECURITY REQUIREMENTS
Due to the inherent characteristics of VANETs, it is vulnerable to different security attacks. Thus, the attacker is easy to launches several processes on sent messages even to control the communication channels [35], [36]. The security requirements should be satisfying per each scheme.
• Authentication: The receiver can check whether the receiving message is valid by verifying the signer's authenticity.
• Integrity: With periodically exchange the message in VANETs, the content of the legitimate message should be checked to guarantee that it has been broadcasted without being corrupted.
• Non-repudiation: The singer of messages should do not has the ability to deny that they have broadcasted messages.
• Traceability: TA-only entities of the VANET can disclose the original identity of any malicious vehicle.
• Revocability: Besides the traceability requirement, TA can also revoke the malicious vehicle from participating in the system.

2) PRIVACY REQUIREMENTS
Issues of privacy have become equally significant [37], [38]. During the communication, the attacker can perform actions that include (i) acquire the vehicle's true identity or even determine its traveling paths by examining the captured messages and (ii) cross-match multiple broadcasted messages that by the same source. Such an attack exposes the driver's personal and other vehicular details, and it can be leveraged to carry out other forms of attacks. The privacy requirements should be satisfying per each scheme.
• Identity privacy-preservation: This is a crucial privacy requirement. It offers privacy preservation in a VANET, which means that personal information about the driver and vehicles, such as the identity, should be securely transmitted.
• Unlinkability: The attacker cannot link whether the same source has signed multiple messages.
• Unobservability: Registered nodes in VANET can sign and verify messages without being observed in service utilization by the attacker.

C. ATTACK MODEL
The internal attackers and external attackers are commonly classified in VANETs. Compared to internal attackers, the external attackers cannot be part of the system, therefore, they are approved to be extremely robust attackers. The compromised entities of VANETs are called internal attackers. It can use sensitive information by internal attackers due to they are part of the system [5]. In some potential attack scenarios, various attacks on VANETs are carried out.
• Replay attacks: It is an extremely general security attack in VANETs. It is also known as a playback attack. If a legitimate message is maliciously replayed, which causes a delay in its effect, there is a higher possibility that a replay attacker occurred in the network.
• Modification attacks: It is a common attack to alter or modify the intercepted message in these two communication modes. The attacker could deliberately send a fake message to the system creating confusion among vehicles, leading to severe safety consequences. The recipient should verify all the messages from other nodes to avert falling victim to a modification attack.
• Impersonation attacks: In VANET, every node has a unique identity ID, and each node is identified in the VANET network and used to identify vehicles needing assistance, especially in case of an emergency or accident. Nevertheless, an attacker could alter his identity during an impersonation attack and act as an original identity of the message. An attacker receives the message from the sender, performs modification of the message for malicious intent, and then broadcasts this message to other nodes.
• Man-In-The-Middle attacks (MITM): In VANET, this attack risks communication and change messages sent among registered nodes. The MITM attack is a leading and highly damaging cyber-attack on VANET communication especially when the message contains important roads and other status. The attacker launches the MITM attack by following two scenarios, (i) the message containing critical information should be received by the adversary in VANET, and (ii) the adversary can interpret the information content [39].

D. EVALUATION METRICS
Due to high computation cost, the impact on scalability will not be withstanding as the number of vehicle joining VANET grows. The vehicle has equipped one strong capability of ample device, its main goals focus on movement instead of computation process. AS the number of vehicles increases, exchanging a large number of messages in VANET, the costs spent on computation should be reduced. Besides, the vehicle share information about the driving environment every 100-300 ms [19]. Within the area covered by the vehicle or RSU, if there are 150 vehicles, the recipient must authenticate 450-150 messages per second [31]. Also, the process of verification must be very fast to handle the velocity of the incoming messages. Thus, communications security should, therefore, be sufficiently effective. The computation overhead of each scheme is dependent on the evaluation metrics used. Using the MIRACLE library [40], we can calculate the cost needed for cryptography security operations for bilinear pairing and ECC algorithm. The hardware platform utilized is powered by an Intel(R) Core 2 Quad 2.66 GHz processor in the Microsoft Windows 7 operating system with 4 GB memory. The average execution time of operations based on cryptography is presented in Table 3. Operations based cryptography of bilinear pairing and ECC are presented as bellow: • T sm−ecc indicates the execution operation of scalar multiplication regarding the ECC in an additive group G.
• T pa−ecc indicates the execution operation of point addition regarding the ECC in an additive group G.
• T h indicates the execution function of secure hash cryptography.
• T bp indicates the execution of a bilinear pairing operation.
• T sm−bp indicates the execution operation of scalar multiplication about the bilinear pairing in G 1 . • T pa−bp indicates the execution operation of point addition about the bilinear pairing in G 1 .
• T mtp indicates the execution function of map-to-point regarding the bilinear pairing in G 1 .
To evaluate communication overhead, to require the same security level in both bilinear pair and ECC algorithm, we use the parameters listed in Table 4. The suppositions in this paper are the same for both ECC and bilinear pair schemes that the result sizes of the secure hash function and timestamp are 20 bytes and 4 bytes, respectively.

E. IDENTITY BASED SECURITY AND PRIVACY (ID-SP)
To reduce the burden preload a large number of certificate management and the corresponding key pairs raised from the conventional Public Key Infrastructure (PKI), Shamir proposed the Identify technology in 1984 [41]. The main idea of this approach is the public key is directly derived from identity information such as Id card, model, and contact number. Thus, this approach removes the need for certificate management and corresponding the key pairs with PKI as it does not utilize any certificate for the traffic information authentication, minimizing the overhead. So, this approach can somewhat improve the efficiency of VANETs. Four algorithms are involved in the identity-based scheme. They are Setup, Extract, Sign, and Verify [42], as follows.
• Setup algorithm: The main idea of this algorithm is to generate the public parameter of the system by TA which chooses s as the private key of the system and then computes the corresponding public key as P Pub = sP, where P ∈ G 1 indicate to the generator of the group G 1 . Finally, The TA store the private key s of the system.
• Extract algorithm: The main idea of this algorithm is to implement upon the request of the registered sender for a private key related to its identity ∈ {0, 1} * . The TA calculates the private key for the identity as PID = sH (ID). Then, the TA preloads PID to the registered sender.
• Sign algorithm: The main idea of this algorithm is to sign the traffic-related message m ∈ {0, 1} * by the sender during the broadcasting process. The sender selects Z ∈ G 1 , chooses a random integer w ∈ Z * q and calculates as η = e (Q, P), σ = h(m, η) and δ = σ PID + wZ . Therefore, the signature (σ , δ) ∈ Z * q on message m. • Verify algorithm: The main idea of this algorithm is to verify the signature (σ , δ) ∈ Z * q on message m by VOLUME 9, 2021 the verifying recipient after the paymasters is received. Therefore, the verifier calculates as η = e (δ, P). e(H(ID)), − P pub ) σ . If the equation σ = h(m, η)holds, the recipient accepts the signature; otherwise, it does not accept it. In the previous work [43], VANET taxonomy schemes comprise public-key, infrastructure-based security and privacy schemes, group-signature-based security and privacy schemes, and ID-SP schemes. This survey paper mainly focuses on ID-SP schemes since several researchers proposed schemes to address conditional privacy-preserving authentication issues.

IV. RELEVANT SURVEYS
There are relevant surveys in the existing surveys in the literature, such as [19], [44]- [48].
Rahim et al. [44] surveyed the aware social services of VANET, dissemination of data, and modeling of mobility. Boualouche et al. [45] surveyed and compared pseudonymchanging schemes based on relevant metrics for the VANETs system. Sharma and Ajay [46] designed intrusion detection systems (IDSs) reviewed existing VANET schemes thoroughly Wang et al. [47] introduced a survey on vehicleto-everything (V2X) system requirements. This boundary survey requires checking issues along with the summarized investigation on the testing process in terms of the view architectural stage for V2X communication. Sewalker and Seitz [48] reviewed the planning parameters of the vehicle-topedestrian (V2P) application. They surveyed the arising V2P schemes for safety services and their purpose investigation. Moreover, this survey discussed the combination of vulnerable road users (VRUs) challenges and the V2X system. Lu et al [19] surveyed the developments in the VANET system to discuss the basic architecture and features in VANETs.
These surveys comprehensively covered the features and security issues of VANET. Nevertheless, the main aim of this survey is to focus on the identity-based security and privacy schemes of VANETs in detail. This paper differed from the previous surveys by discussing (i) the identity-based security and privacy requirements of a VANET for each scheme, (ii) the security attacks resistance that affects security and privacy schemes, and (iii) the evaluation metrics in terms of computation and communication costs.

V. CLASSIFICATION OF THE IDENTITY BASED SECURITY AND PRIVACY (ID-SP)
We classify these schemes according to the modern cryptography algorithms utilized, such as bilinear pair-based-ID-SP and Elliptic Curve Cryptography (ECC) based-ID-SP since widely used in the identity approach. The main aims of this survey focus on security and privacy attacks, resistance to cyber-attack, and evaluation metrics for each scheme of bilinear pair based-ID-SP, Elliptic Curve Cryptography (ECC) based-ID-SP, and others.

A. BILINEAR PAIR BASED
Consider G 1 and G 2 indicate to a cyclic additive group and a cyclic multiplicative group respectively. In these groups use the same prime order q. The point P ∈ G 1 computes the G 1 . Consider e: G 1 * G 1 → G 2 be a bilinear pairing which fulfills the critical characteristic as follows [56], [57]: • Bilinearity: For all P, S,R ∈ G 1 , e(P + S, R) = e(P, R)e(S, R) and e(P, S + R) = e(P, S)e(P, R). Likewise, with all a, b ∈ Z * q , e(aP, bP) = e(P, P)ab = e(P, abP) = e(abP, P).
• Non-degeneracy: Given two points P, S ∈ G 1 such that e(P, S) = 1 or e(S, R) = e(P, P), where 1 refer to the item of identity in group G 2 .
• Computability: There should be a robustness method to calculate e(P, S) with all P, S ∈ G 1 .
Jianhong et al. [49] highlighted that the scheme of Lee and Lai [58] does not address the non-repudiation and tractability issues in VANET. Therefore, they proposed an enhanced authentication scheme with batch verification to solve the shortcomings of Lee and Lai scheme [58]. The vehicle submits its real identity RID i and password PWD i to start the process of pseudo-identity creation. After verifying the validity of RID i and PWD i , the TPD of the vehicle computes the pseudo-identity and the respective private key. Thus vehicle uses to sign messages during the broadcasting process.
Zhang et al. [50] proposed Distributed Aggregate Privacy Preserving Authentication (DAPPA) protocol without requiring an ideal TPD. This scheme is based on a new multiple TA one-time identity-based aggregate signature technique for secure VANET communication.
Wang and Yao designed a local Identity-based anonymous message in Authentication Protocol (LIAP) to increase authentication efficiency in VANET [51]. In this protocol, the nodes obtain the long-term certificate from a certificate authority (CA) in the registration phase. With an expired long-term certificate, the vehicle will not be able to join the network again.
Pournaghi et al. [52] proposed A Novel and Efficient Conditional Privacy-Preserving Authentication (NECPPA) scheme based on RSU for V2V and V2I communication. This scheme stores the system's private key into the TPD  of RSU rather than the TPD of the vehicle during the registration phase. Moreover, after the TA assigns the private key of an RSU, it also stores in the TPD of RSU. The vehicle receives the private key of RSU to sign a message within the coverage range of RSU for a short time. The verifying recipient uses the public key of the RSU to authentic the message in VANET.
Baya et al. [53] introduced a New and Efficient RSU based Authentication (NERA) scheme to secure V2V and V2I communications. This scheme embeds the master key of the system in a TPD provided at the RSUs during the registration phase. Before the vehicle exchanges information, it has to authenticate itself when a vehicle joins the communication when it is in the range of an RSU. The RSU transmits the n pseudo-IDs and the respective private keys, where n is an anonymous security level that a vehicle can unrepeatable use in the communication range of RSU [59]. The RSU uses the HMAC as an asymmetric encryption algorithm to encrypt the set of pseudo-ID and the respective private key. After the vehicle receives the encrypted parameters from the RSU, it signs the message during the broadcasting phase.
The same author, Baya et al. [54], introduced an efficient authentication scheme that does not require any online-RSU or equipped vehicle equipped with TPD to store the private key of TA. Therefore, the entire system is not compromised when only one vehicle OBU is affected. Besides, to avoid the storage management burden put on the vehicle, the TA does not preload the pool of anonymous identities and the respective private keys on each OBU. After the TA receives the vehicle's identity, it computes the secret key SID i and a pseudo-identity x i and preloads them into the vehicle via a secure channel.
Ali and Li [55] designed an Identity-based Conditional Privacy-Preserving Authentication (ID-CPPA) signature  scheme using a bilinear map to speed up the authentication process of the message at the RSU for V2I communication. This scheme requires less processing power because it utilizes general one-way hash functions instead of map-to-point hash functions. Tables 5 and 6 summarize the security and privacy requirements achieved by the bilinear pair algorithm. Table 7 presents the level of resistance to security attack is achieved by bilinear pair based. Table 8 shows a bilinear pair-based evaluation metric in terms of computation and communication costs.

B. ELLIPTIC CURVE CRYPTOGRAPHY BASED
To present the foundations of Elliptic Curve Cryptography (ECC) briefly and the corresponding computation hardness which guarantees requirements of security and withstands various types of threats [60], [61] as.
Let F p be a finite field with prime order p. The definition of the non-singular with the following equation elliptic curve E y 2 = x 3 + ax + b mod p, where 4a 3 +27b 2 = 0 and a, b ∈ F p . Consider O be the point at infinity. All the points make an additive group G with order q and generator P. The critical characteristic of the group G in ECC, as bellow: • Point Addition: Consider P and S be two random points such that (P, S) ∈ G based ECC, where the point P computes the group G with enormous prime order q. When P = S then R = P + S can be calculated, where R indicate to the point of intersection in ECC and the line which joins P and S. When P = S then R = P + S, and when P = −S then P + S = O.
• Scalar multiplication: The explanation of the ECC as LP = P + P + P. . . . + P For L times, where L ∈ Z * q and L > 0.
• Elliptic Curve Discrete Logarithm problem (ECDLP): There exists two random points P and S such that (P, S) ∈ G, on ECC, where P ∈ G computes the G with large prime order q. The main idea of the ECDL problem is to calculate an integer x from S = xP ∈ G, where x ∈ Z * q is an unknown integer. He et al. [62] designed a Conditional Privacy-Preserving Authentication (CPPA) scheme without utilizing bilinear pairing to support mutual authentication and privacy preservation at the same time for V2V and V2I communications. For each vehicle, the TA chooses a real identity RID and a password PWD. The TA then preloads them with private key x of the system into the vehicle's Tamper-Proof Device (TPD). Before the vehicle broadcasts the message to nearby RSUs and vehicles, it computes an anonymous identity and a digital signature by using the vehicle's TPD.
To develop faster user authentication with a user privacy preservation scheme for vehicular sensor network (VSN) environments, Lo and Tasi [63] proposed a conditional privacy-preserving authentication scheme. It uses ECC instead of bilinear pair for drivers and passengers willing to utilize these services and applications in VSN. After the TA receives the original identity RID of the vehicle, it computes the pseudo-IDs and their respective private keys back to the vehicle through a secure channel.
Wu et al. [64] adapted the random short-term pseudonyms to propose a location-based-conditional privacy-preserving authentication scheme by and without utilizing any special device, such as ideal TPD. Within the RSU communication area, this scheme allows a vehicle to obtain short-term pseudonyms from a new RSU. The vehicle communicates with others by helping new pseudonyms within the coverage area of the RSU.
Alazzawi et al. [65] proposed a robust pseudo-identitybased scheme for V2V and V2I communications in VANET. The TA preloads the pseudonym instead of the vehicle's real identity during the registration process in this scheme. After the vehicle computes the pseudo-IDs PID v 1 and PID v 2, it sends them to RSU to authenticate itself with TA. When the vehicle is considered authentic, the RSU encrypts and sends the signature key Sk of pseudo-IDs of the vehicle by using XOR-operations during the mutual authentication process. In this scheme, the signer computes w to migrate the verification time for the verifying recipient.
Ali et al. [66] designed Identity-Based Signature with Conditional Privacy-Preserving Authentication (IBS-CPPA) scheme to secure V2V communication in VANET. After the TA takes an original identity OID i of a vehicle, it checks the weather match stored in the registration list of vehicles. If it's right, the TA computes the pool of anonymous-identities AID i and private keys for the vehicle to join the system. The vehicle uses the anonymous-identities AID i and private keys to sign the message during a short time. When the timestamp closes to expired, the vehicle sends an updated request to TA in obtaining a new pool of the anonymous-identities AID i and private keys. To verify multiple messages simultaneously, this scheme supports the batch verification process on the verifying recipient side.
Cui et al. [67] designed an authentication scheme with privacy preservation to address the security issues and reduce the system's overhead for VANET communication. The vehicle implements the mutual authentication process with the TA to authentic itself. Therefore any adversary could not imitate the registered vehicle to broadcast fake messages. After the vehicle obtains the authentication code AC from RSU, it considers to be an authentic vehicle and allows to sign the message during the broadcasting process in VANET. Tables 9 and 10 show a summary of the security and privacy requirements that are achieved by ECC algorithm based, respectively. Table 11 presents the level of resistance to security attack is achieved by ECC based. Table 12 presents an ECC-based evaluation metric in terms of computation and communication costs.

VI. CRITICAL DISCUSSION
Recently, researchers use the ID-SP, in which the sender signs the message by using its public key of which is derived from identity information. In contrast, the verifying recipient uses a private key to generate a TA to verify the number of messages. In this approach, the researchers use bilinear pair or ECC cryptography to sign and verify the message during the broadcasting. Besides, they also use the map-to-point and general way hash function in their scheme. Therefore, an attacker cannot enter the system as an authentic node or modify the message.
They considered the security requirements such as non-repudiation, integrity, authentication, traceability, and revocability in their schemes to achieve a high level of security in VANET. Therefore, many of the schemes in bilinear pair-based achieves the security requirements, as presented in Table 5. The scheme introduced in [51], [54] does not fulfill most privacy requirements, such as unobservability and unlinkability compared with other bilinear pair-based schemes, as presented in Table 6. The schemes introduced in [52], [53] are vulnerable from resistance to replay attacks, as presented in Table 7. The scheme introduced in [55] has low overhead in terms of communication overhead compared with others. In comparison, the scheme introduced in [53] has a low communication overhead compared with others, as presented in Table 8.
In the second class, the schemes such as [62], [63] save the system's private key on the TPD of the vehicle.   Thus, the signer uses it to sign a message during the broadcasting message. However, the TA cannot revoke the malicious vehicle, which leads to revocability is ignored in schemes [62], [63], as presented in Table 9. The scheme introduced in [64], [65] does not fulfil most of the privacy requirements, such as unlinkability and unobservability compared to other ECC-based schemes, as presented in Table 10. The scheme introduced in [67] is vulnerable to resistance to replay attacks, modification, and impersonation, as shown in Table 11. The scheme introduced in [67] has low communication and communication overhead compared with others, as presented in Table 12.
As a result, the schemes in the second class utilized ECC operations, are more efficient when compared with first-class, which used bilinear pair operation to sign and verify messages during the phase of broadcasting. However, the bilinear pair operations are complicated because they use cryptography and are time-consuming. Thus, these operations create massive computation and communication overheads for signing and verifying messages during the broadcast process.

VII. CONCLUSION
A vehicle plays a critical role as it not only gets the passengers from one location to another, but it also must ensure the safety is not compromised in any way. Therefore, many studies suggested VANET for enhancing and improving traffic and road management. However, the attacker can delete, alter, replay and modify the exchange message on the driving environment, disrupting the system for V2V and V2I communication. Therefore, several researchers proposed a security and privacy scheme to address the above issues. In this paper, several schemes regarding identity-based security and privacy requirements have been classified into bilinear pair-based and ECC-based schemes. The security requirements, privacy requirements, resistance to cyber-attack, and evaluation metrics are reviewed and compared for each class. This paper aims to assist researchers and developers in determining and understanding the major requirements for security, privacy, and evaluation metrics in V2V and V2I communication of VANET.