Abstract
Recently, Yeh et al. proposed a portable privacy-preserving authentication and access control protocol, named PAACP, for non-safety applications in vehicular ad hoc networks. PAACP not only accomplishes authentication, key establishment and privacy preservation, but also considers the scalability and differentiated service access control issues in the protocol design. However, this causes some security flaws. Our results show that PAACP is insecure against privilege elevation attack. In this attack, any two or more vehicles can conspire to elevate access privileges for desired Internet services.
Similar content being viewed by others
References
IEEE Std 1609.2 (2006). IEEE Trial-use standard for wireless access in vehicular environments—security services for applications and management messages.
Dedicated Short Range Communications (DSRC) Home. [Online]. Available: http://www.leearmstrong.com/Dsrc/DSRCHomeset.htm.
Raya, M., & Hubaux, J. P. (2007). Securing vehicular ad hoc networks. Journal of computer Security: Special Issue on Security of Ad-hoc and Sensor Network, 15(1), 39–68.
Lin, X., Sun, X., Ho, P. H., & Shen, X. (2007). GSIS: A secure and privacy-preserving protocol for vehicular communication. IEEE Transactions on Vehicular Technology, 56(6), 3442–3456.
Li, C. T., Hwang, M. S., & Chu, Y. P. (2008). A secure and efficient communication scheme with authenticated key establishment and privacy preserving for vehicular ad hoc networks. Computer Communications, 31(12), 2803–2814.
Lin, X., Lu, R., Zhang, C., Zhu, H., Ho, P.-H., & Shen, X. (2008). Security in vehicular ad hoc networks. IEEE Communications Magazine, 46(4), 88–95.
Huang, J. L., Yeh, L. Y., & Chien, H. Y. (2011). ABAKA: An anonymous batch authenticated and key agreement scheme for value-add services in vehicular ad hoc networks. IEEE Transactions on Vehicular Technology, 60(1), 248–262.
Yeh, L. Y., Chen, Y. C., & Huang, J. L. (2011). PAACP: A portable privacy-preserving authentication and access control protocol in vehicular ad hoc networks. Computer Communications, 34(3), 447–456.
Chen, Y. C., & Yeh, L. Y. (2005). An efficient authentication and access control scheme using smart cards. In Proceedings of the 11th international conference on parallel and distributed systems (ICPADS), pp. 78–82.
Author information
Authors and Affiliations
Corresponding author
Additional information
This work was supported in part by the National Science Council under contract number NSC-99-2916-I-011-002-A1, and it was also partially supported by the 111 Project under the grant No. 111-2-1 and One Hundred Person Project 2012, Sichuan Province.
Rights and permissions
About this article
Cite this article
Horng, SJ., Tzeng, SF., Wang, X. et al. Cryptanalysis on a Portable Privacy-Preserving Authentication and Access Control Protocol in VANETs. Wireless Pers Commun 79, 1445–1454 (2014). https://doi.org/10.1007/s11277-014-1939-0
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-014-1939-0