A Conditional Privacy-Preserving Protocol for Cross-Domain Communications in VANET

Vehicular Ad Hoc Networks (VANETs) empower vehicles equipped with onboard units to exchange traffic-related messages, enhancing vehicle navigation safety and efficiency. Providing secure privacy-preserving authentication schemes for VANETs is indispensable. It ensures that only legitimate vehicles can communicate, preventing external adversaries from injecting falsifiable information that could mislead vehicles, cause accidents, or disrupt traffic flow. Simultaneously, the privacy-preserving features prevent curious adversaries from compromising vehicle privacy and tracking users. Secure centralized vehicular communication protocols, where a single entity issues certificates for all vehicles, face challenges in enabling cross-domain communications. Adoption of such centralized protocols necessitates that vehicles within each domain possess their certificate authority, restricting cross-domain communication due to inherent distrust in the certificate authorities of other domains. In this paper, we propose a Conditional Privacy-preserving Message Authentication protocol for VANET Emergency message exchange (CP-MAVE), designed to ensure message authentication, integrity, and anonymity of vehicles across different domains. In the event of misbehavior, distributed key generation centers collaborate to trace back the identity of the vehicle. To evaluate the security of our protocol, we formally prove the existential unforgeability of CP-MAVE against chosen message attacks based on the intractability of the elliptic curve discrete logarithm problem. Additionally, we demonstrate that CP-MAVE achieves message authentication, conditional privacy preservation, and resilience against replay and modification attacks. Moreover, we model and analayze CP-MAVE using the Tamarin prover and show that CP-MAVE maintains the secrecy and the message authentication of the vehicle traffic messages. Furthermore, we evaluate CP-MAVE's performance regarding communication overhead and computation complexity. On a Raspberry Pi 4 Model B/8GB, equipped with a 1.5 GHz 64-bit Quad-core ARM Cortex-A72 processor, CP-MAVE requires a 304-byte communication overhead and 9.4897 msec as cryptographic operation overhead. Finally, to simulate the flow of messages between entities in our protocol, we implement CP-MAVE using socket programming, resulting in an end-to-end delay of 111.05 msec.