Received September 26, 2021, accepted October 27, 2021, date of publication November 4, 2021,

date of current version November 22, 2021.

Digital Object Identifier 10.1109/ACCESS.2021.3125521

A Survey on Privacy-Preserving Authentication

Schemes in VANETs: Attacks, Challenges and
Open Issues
SAGHEER AHMED JAN 1 , NOOR UL AMIN 1 ,
MOHAMED OTHMAN 2,3 , (Senior Member, IEEE), MAZHAR ALI 4,

ARIF IQBAL UMAR1 , AND ABDUL BASIR1

1 Department of Information Technology, Hazara University Mansehra, Dhodial 21300, Pakistan
2 Department of Communication Technology and Network, Universiti Putra Malaysia (UPM), Serdang, Seri Kembangan, Selangor 43400, Malaysia
3 Laboratoryof Computational Science and Mathematical Physics, Institute of Mathematical Research (INSPEM), Universiti Putra Malaysia(UPM), Serdang, Seri
Kembangan, Selangor 43400, Malaysia
4 Department of Computer Science, COMSATS University Islamabad, Abbottabad Campus, Abbottabad 22060, Pakistan

Corresponding authors: Noor Ul Amin (namin@hu.edu.pk), Mohamed Othman (mothman@upm.edu.my), and Mazhar Ali
(mazhar@cuiatd.edu.pk)
This work was supported by Malaysian Ministry of Education through the Research Management Center, Universiti Putra Malaysia
under UPM Journal Publication Fund.

ABSTRACT Vehicular ad hoc Networks (VANETs) are an emerging technology with robust applications in
Intelligent Transport System. It consists of smart vehicles and roadside infrastructure which communicate
through open access wireless networks. The rapid growth in vehicles results in VANETs becoming large-
scale, dynamic, heterogeneous and it is possible for the attacker to harm vehicular communication which
leads to life-endangering situations. VANETs must ensure secured vehicular communication using strong
privacy-preserving and authentication mechanisms. In addition, efficiency is also a major concern in
VANETs. Numerous studies have been discussed in literature for VANETs privacy and security. Never-
theless, no one covered the privacy and security issues as a holistic view. In this paper, we have given a
detailed background overview of VANETs. Details of different possible attacks in VANET are also given
in this paper. We have classified privacy and authentication schemes into four major groups with their
security mechanisms, security requirements, strength, limitations, attacks countermeasures and performance
measures. Finally, we have discussed some open issues in the field of VANETs security.

INDEX TERMS Authentication, privacy, vehicles, safety, security, vehicular and wireless technologies.

I. INTRODUCTION numerous autonomous intelligent systems which are based

In the modern era each and every thing is going toward on IoTs, for example e-Health care, e-commerce, defense,
automation to facilitate and save the human being from agriculture etc. Vehicular Ad Hoc Networks (VANETs) are
unexpected incidents. The population is increasing day by one of the prominent factors of smart and autonomous Intel-
day and requires an automatic autonomous system which ligent Transport System [1] in which vehicles can commu-
controls each and every aspect related to human life. The nicate with each other and roadside infrastructure [4]. The
Internet of Things (IoTs) makes the basis of a smart and rapid growth in vehicles makes the vehicular ad hoc net-
autonomous society in which billions of intelligent sensors work dynamic, heterogeneous and large-scale, making it hard
and devices constantly interact with each other, networks, ser- to fulfill basic requirements such as enormous connection
vices, and humans to achieve goals [2], [3]. Such intelligent of 5G network, high mobility, extremely latency and top
and connected devices show a wonderful novation for chang- security [5], [6]. All of the involved entities in VANETs
ing physical environments to digital environments. There are need efficient and safe transportation communication mech-
anisms. Basically, the Intelligent Transport System requires
The associate editor coordinating the review of this manuscript and two types of wireless communication: Short range wireless
approving it for publication was Chunsheng Zhu . communication and long range Communication [7]. Short

This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
VOLUME 9, 2021 153701
 S. A. Jan et al.: Survey on Privacy-Preserving Authentication Schemes in VANETs: Attacks, Challenges and Open Issues

range communication includes emerging technologies such TABLE 1. Road related information [8].
as Dedicated Short Range (DSR) communication and IEEE
802.11b for establishing an Ad hoc network. In contrast, for
establishing long range communication it depends on existing
infrastructure such as cellular networks [7]. Using these wire-
less technologies vehicles communicate with each other and
Road Side Units. Figure. 1 shows the basic VANETs scenario.
There are three entities involved: Onboard Unit (OBU), Road
Side Unit (RSU) and Trusted authority (TA), according to the
given scenario. OBU is mounted within the vehicle through
which the vehicle sends or receives the transmitted message.
In case of exception, the vehicle’s drivers take an early deci-
sion on the basis of transmitted information he/she received.
For example, Table 1 shows the exchanged messages between
vehicles and RSUs about road safety [8]. Beside roadside,
RSUs are fixed over the recommended distance and work information. An intruder is an active node which performs
like a base station (i.e WiMAX, WiFi etc) [9]. OBU and malicious activities like information modification, informa-
Trusted authority communicate with each other using RSU tion leakage and packet dropping etc. So there should be cer-
as an intermediate node. The main task of the TA is to tain security mechanisms that detect and prevent the normal
register OBUs and RSUs. The other responsibilities of the TA network behavior from intruder attacks automatically [23].
are revocation management, certificate distribution, identity
authentication and storage of information for future use. A. MOTIVATIONS
Security is the biggest challenge for VANETs due to open In recent era road accidents or injuries are the ninth biggest
wireless communication [10]–[13]. Vehicles communicate cause of death. According to a World Health Organization
with each other through open wireless channels and attackers WHO report published in 2018 [24], about 1.35 million peo-
can easily alter, intercept and delete transmitted messages ple died each year. A survey conducted by WHO predicted
in VANETs [14]. An attacker can capture the traffic related that the road accident will be the fifth biggest cause of death
message and it could be dangerous for the driver’s life. If an by 2030 [25]. In 2007, CARE: European Road Accident
attacker alters the message and broadcasts a false message Database issued a report that 1.8 million people injured and
then it can cause serious traffic problems like road acci- 43000 people die each year in European Union member states
dents, turn drivers to dense traffic routes, an attacker’s choice which cost 160 billion Euros [26]. The total cost related to
route etc. Therefore, the security of VANETs has become a road accidents accounts for about three percent of world’s
hot research topic and drawn increasing attention [15]. The GDP [27]. About 78% of road accidents are caused due to
solution to security issues in VANETs required end-to-end driver’s irresponsibility. If the driver of the vehicle is warned
authentication to avoid intrusion in the VANETs [16]. It also at least one-half second prior to vehicle collision then about
required robust and lightweight authentication solutions for 60% of the road accident can be avoided [28]. Another main
resource constraint nodes [17]. Another promising compo- issue is the traffic jams which cause fuel wastage. Hence in
nent is privacy of the individual rights to act independent of this work we focus on different lightweight security tech-
any record conducted without their consent [18], [19]. The niques that help the driver from future harm.
service provider cannot mishandle the personal data without
the consent of the owner and necessary measures should
B. OUR CONTRIBUTIONS
be taken to hide the real identity of the user. Beside this
The major contributions of this study are as follows.
latency impact of work flow will be considered to ensure the
service quality. There should be efficient security solutions • We have conducted a comprehensive survey to investi-
for protecting the availability of resources and services [20]. gate existing security techniques and categorize various
The delay of vehicle emergencies has led to many serious security attacks in VANETs.
consequences [21]. The efficiency depends upon computa- • The classification of aforementioned security schemes
tional cost and communication overhead. Less computational are made on the basis of various characteristics
overhead guaranteed fast vehicular communication [22]. Due (Pseudonym based, identity based Signature, hashed
to aforesaid uncertainties the drivers feel reluctant to adopt function based, Group Signature Based).
the VANETs. • The security requirements covered by each classifica-
All of the involved entities in VANETs communicate with tion, attacks controlled by each classification and per-
each other over the insecure network. Therefore security is formance analysis of each classification are discussed in
another main issue regarding VANETs. Since different nodes detail.
(i.e OBUs, RSUs) are exchanging sensitive information with • On the basis of common properties, these schemes are
each other and there is a chance of leakage of such sensitive compared with themselves and with other schemes.

153702 VOLUME 9, 2021

S. A. Jan et al.: Survey on Privacy-Preserving Authentication Schemes in VANETs: Attacks, Challenges and Open Issues

FIGURE 2. Ad hoc networks classification [32].

VANET consists of mobile nodes and roadside units (RSU).

Each vehicle is embedded with sensing device call onboard
units (OBU) for incoming and outgoing data processing.
RSUs are installed at roadside to work like a gateway between
mobile nodes and the trusted authority. The main service
of VANET is to provide a safe and conformable driving
environment by data sharing through the internet. Figure 2 has
shown the historical background of VANET.
FIGURE 1. A typical VANET scenario.
B. VANET ARCHITECTURE
• We also present some open issues that are encountered The main purpose of VANET is to provide the environment
while implementing security in VANETs. where vehicles can communicate with their neighboring vehi-
cles. According to ISO/IEC 42010 [33] and IEEE 1471-
We organized the remaining part of the paper as fol-
2000 [34], the entities involved in VANET can be divided into
lows. The detailed background study is given in Section 2.
three sub domains.
Section 3 provided an overview of different authentication
and privacy schemes in VANET. Section 4 presented a brief
1) GENERAL DOMAIN
overview of existing surveys. The classification of authentica-
tion and privacy schemes are presented in section 5. In section It consists of two infrastructures: private and internet. The
6, discussion and open issues are discussed. Section 7 con- computing resources like nodes and servers which are
cluded this paper. involved in any kind of activity for VANET come under this
domain.
II. BACKGROUND AND OVERVIEW
In this section, we introduced the historical background of 2) INFRASTRUCTURE DOMAIN
the Vehicular Ad hoc Networks (VANETs). Here, we need There are two parts of this domain: roadside infrastructure
to elaborate VANET architecture. VANET characteristics are and central infrastructure. The roadside infrastructure con-
presented here. We also discussed basic Security require- sists of fixed roadside units such as poles, traffic lights etc.
ments for VANETs and security challenges of VANET. whereas, central infrastructure comprises central controlling
In addition, we identify different security threats and attacks authority such as traffic management center, trusted author-
in the field of VANET. ity etc.

A. VANET 3) MOBILE DOAMIN

The concepts of all the ad hoc networks come from Wireless This domain also consists of two domains: vehicle domain
ad hoc network (WANET) [29]. Vehicular ad hoc network and mobile devices domain. First domain comprises con-
is the variant of Mobile Ad hoc Network (MANET) [30]. stantly moving vehicles such as cars, trucks, buses etc. second
In MANET mobile nodes communicate with each other domain comprises portable devices such as laptop, PDAs etc.
without a central network and where each node is equipped There is another form of architecture called communi-
with self-healing network. The topology in MANET changes cation architecture. In vehicle communication architecture,
frequently with passage of time as nodes are allowed to basically there are three types of communication which are
move randomly. Each node works as a router and shows its described as follow:
autonomous behavior. On other hand, VANET has emerged
as a more reliable and challenging variation of MANET. 4) INTER-VEHICULAR COMMUNICATION
In VANET, the nodes are free to enter or leave the net- In this, the inner performance of the system of vehicle is
work and calls for routing protocols than MANET [31]. detected and different factors are determined such as driver

VOLUME 9, 2021 153703

 S. A. Jan et al.: Survey on Privacy-Preserving Authentication Schemes in VANETs: Attacks, Challenges and Open Issues

drowsiness or exhaustion etc. For public and driver safety the 1) AUTHENTICATION
determinations of these factors are very important [35]. Authentication is the most important component of secure
communication. Authentication is necessary in VANETs
5) VEHICLE-TO-VEHCLE COMMUNICATION for secure vehicular communication. If there is no proper
The vehicle exchanges data with each to assist the drivers authentication mechanism between VANETs components
from any uncertain situation like road accident, road block- then transmitted information can be received by unauthorized
age, weather condition etc. It does not depend on fixed infras- persons, which can be harmful [43].
tructure for exchanging data [36].
2) INTEGRITY
6) VEHICLE-TO- ROADSIDE INFRASTRUCTURE
The second most important factor of secure communication
In this type of communication, the vehicles and roadside
in VANETs is integrity. The integrity shows that the trans-
infrastructure communicate with each other in order to collect
mitted information has not altered during the communication
data. RSU works as an intermediate node between vehicles
between vehicles and roadside infrastructure. In other words
and TA [37]. It updates the vehicle about environmental
the received message is the same as sent by the sender. If there
situations like weather conditions, road congestion etc.
is no proper integrity ensuring mechanism then it can cause
serious consequences. Therefore ensuring integrity is the top
C. VANET CHARACTERISTICS
priority [44].
Following are the characteristics which are required to under-
stand and important for designing the privacy and authentica-
tion in VANET [38]. 3) CONFIDENTIALITY
The third most important factor of security is confidentiality.
1) REAL-TIME CONSTRAINTS In some situations it is necessary to encrypt sensitive infor-
The vehicles communicate in a limited timely manner, there- mation for protection from intruders. In VANETs sometimes
fore vehicles have to respond or take decisions within a vehicles transmit sensitive information with each other like
limited time. in army convoys. So this sensitive information needs to be
transmitted in encrypted form so that no one can understand
2) DYNAMIC NETWORK TOPOLOGY the contents of the messages. And there is no need for data
Due to dynamic network topology, it is very difficult to detect encryption for non-sensitive messages because of resource
malicious vehicles which are moving with high speed. wastage [45].

3) HIGH MOBILITY 4) NON-REPUDIATION

In VANET, vehicles move at high speed and cannot tolerate Non repudiation is an important component of secure com-
delay during V2V communication [39], [40]. munication which provides the evidence of communication
between two parties. Two vehicles communicate with each
4) VOLATILITY other and later cannot deny the message exchanged between
At any time, vehicles can participate in VANETs. So, the them [46], [47].
vehicle which has early joined the VANET may not be joining
later. Therefore, it is a big security challenge in VANETs.
5) PRIVACY
In VANETs, vehicles can join or leave the networks at will.
So, a vehicle which has joined the VANET may not join later. Privacy is an important factor for deploying VANETs.
Hence, it possesses security challenges in VANET. The driver’s personal information should be kept secret
from the outside world except law enforcement authori-
5) COMPUTATION AND STORAGE ties. The location of the vehicle must be prevented from
The vehicles have small storage capacity and some time it other participants [48]. The location privacy of the vehi-
requires to process large amounts of data. Therefore, small cles can be protected by applying the anonymity property.
storage capacity and large volume data processing is the The misleading vehicle should be traced by the trusted
challenging issue in VANET. authority.

D. NECESSARY SECURITY REQUIREMENTS 6) ALIABILITY

Vehicles communicate with each other and roadside infras- For receiving critical messages of vehicles, the availability
tructure through public networks. The transmitted informa- of the wireless channel is the most concern of VANETs.
tion among VANETs components is insecure. Therefore, If the intruder applies the Denial of Service Attack (DoS)
protection of transmitted information should be necessary. for jamming the traffic then necessary information cannot
According to literature [41], [42] the principle security be broadcast among the vehicle and the vehicle becomes
requirements for vehicular communication are shown in Fig- useless. Hence the high availability of the wireless channel
ure 3 and discussed below. is needed [49].

153704 VOLUME 9, 2021

S. A. Jan et al.: Survey on Privacy-Preserving Authentication Schemes in VANETs: Attacks, Challenges and Open Issues

7) ACCESS CONTROL highly dynamic ad hoc network and can suffer from various
Within the wireless channel the most important task is to security challenges which need high attention in the area.
specify the access level of different entities [50]. There should In literature [51] highlight various security challenges as
be such a mechanism that the law enforcement authorities can shown in Figure 4.
revoke malicious vehicles from communication networks.
1) SCALABILITY
8) PHYSICAL SECURITY VANETs is a dynamic wireless ad hoc network in which it
The protection of cryptographic credentials from unautho- is difficult to predict the actual size of the network at initial
rized access is the most important task. It can be achieved by deployment stage [52]. So, it is a big challenge to define
adopting tamper proof hardware within the Vehicle’s OBU. security schemes from the whole network at the initial stage
because of the high scalability nature of the network. As long
9) FARWARD SECRECY as the number of the vehicle increases the security require-
The vehicles joining the new group cannot use their key to ment also increases and more resources are also needed.
read messages sent by new group member
2) HIGH MOBILITY
10) BACKWARD SECRECY The traditional security scheme cannot directly apply to
The vehicles leaving the group cannot use their key to read VANETs because of high mobility of vehicles [53]. There
messages sent by new group member. should be such cryptographic techniques that require mini-
mum computational cost and communication overhead but
11) PERFECT FORWARD SECRECY provide the same security services as provided by tradi-
If the system has perfect forward secrecy, then no one can tional schemes. An efficient realistic VANETs communica-
compromise the session key which is derived from a set of tion modeling is shown in [54].
long-term keys, even if one of the long-term key compromise
in future. 3) RSU COMMUNICATION RANGE
The RSUs communication range has a high impact on
12) KEY INDEPENDANCE VANETs. The RSUs communication range is about 500m in
The key independence is achieved through backward and radius. The distances between RSUs should be 1km which
forward secrecy. is infeasible for congested traffic for developed countries.
In [55] different VANETs communication patterns have
13) UNFORGEABILITY shown.
The signature on the transmitted message from a valid mem-
ber cannot forged by the attacker. An attacker can reuse the 4) HURDLES IN TRUST MANAGEMENT
original message and forge the signature. The VANET is a highly scalable network so there are fewer
chances in which two vehicles have trust with each. As
14) UNLINKABILITY vehicles communicate with thousands of vehicles daily, data
The attacker cannot link the signature on the message to in OBU is difficult to manage. So it is uneasy to manage a
know the real identity of the respective vehicle. Through huge amount of information. In [56] trust modeling and trust
unlinkability property, the secret information of vehicles in references have shown.
VANET is hidden from others.
5) DEPEND ON INFRASTRUCTURE
15) TRACEABILITY AND REVOCATION Before becoming the part of vehicular communication it is
If any of the vehicles is found involved in malicious activity, necessary for each vehicle to authenticate itself to trusted
trusted authority can trace the real identity of the malicious authority. Authentication is necessary for non-repudiation
vehicle and can revoke malicious vehicle from VANET. and revocation. The signal became weak during the vehicular
communication and needed to be amplified by infrastruc-
16) TRANSPARENCY ture [57]. So for secure vehicular communication, vehicles
According to this, all the operations performed by trusted depend on road infrastructure.
authority should be reliable and trustworthy. Transparency
property ensures the trust of members upon trusted authority 6) HUGE DATA
and corresponding members in VANET. The increasing numbers of vehicles in the country pro-
duced a huge amount of data daily. Therefore, variation
E. SECURITY CHALLENGES FOR VANETs in data size creates difficulties for central authority in
In VANETs, messages transmitted between Vehicle-to- management. Decentralization approach is the best sub-
Vehicle (V2V) and Vehicle-to-Roadside Unit (V2R) may face stitute but this approach may hinder non-repudiation and
many security challenges. The VANET is considered as a revocation.

VOLUME 9, 2021 153705

 S. A. Jan et al.: Survey on Privacy-Preserving Authentication Schemes in VANETs: Attacks, Challenges and Open Issues

7) HIGH COST An attacker using a jammer can block the useful signals
Due to limited communication range, numbers of the RSUs during an effective communication.
are fixed at recommended range for flexible vehicular com- 3) Malware Attack: This attack is used to control the
munication. All of the vehicles are equipped with wireless OBUs and RSUs through software components [66].
communication facilities, computational power and storage Due to this attack components of VANETs start mal-
capacity which cause high manufacturer cost [58]. These functioning.
extra facilities increase the cost of the vehicle. 4) Broadcast Tampering Attack: In such a type of attack
an attacker in inter-vehicle communication behaves as
a transmitted node and copies the same message by
8) BLOCK CHAIN
inserting a new message in VANETs [44]. So the cor-
The blockchain technology is a new paradigm in which
rect safety alert message becomes hidden due to which
peers communicate with each other without involvement
it causes dangerous road accidents.
of trusted central authority [59]. Due to this technology,
5) Black Hole Attack: In VANETs each node is considered
it is heavily performing vehicle to vehicle communication.
as a router. In VANETs this attack targets availability
However, blockchain communication ensures anonymous
in ad hoc networks. The black hole is the area in the
communication without compromising the ability to trace
VANETs, which redirects the vehicles and malicious
a vehicle. So, if we totally trust in V2V communication,
nodes to drop or refuse the packets or forward to the
we may lose the authenticity as well as non-repudiation prop-
wrong destination or nodes refuse to participate in the
erties of VANETs.
communication network [67].
6) Gray Hole Attack: Another attack which works like
III. SECURITY THREATS AND ATTACKS IN VANETs black hole attack is a gray hole attack. In a gray hole
In VANETs, vehicles move with high speeds and frequently attack an untrusted vehicle forward some of the packet
disconnect due to high speed, therefore more sensitive to and other packets are dropped without tracking [44].
attacks. Due to high speed mobility of vehicles, network 7) Greedy Behavior Attack: In such attacks malicious
topology changes suddenly every moment. Therefore, the vehicles misuse MAC for increasing bandwidth which
link disconnection occurred between vehicles frequently. affects other users. This causes traffic overloads and
Moreover, the vehicles moving in opposite directions have causes collisions on communication channels and
limited connection with each other, and communicate for causes delay [68].
a limited period of time. And perhaps did not meet again. 8) Spamming Attack: In this attack an attacker injects
Therefore, the VANETs are vulnerable to attacks and mali- large amounts of spam messages in VANETs which
cious vehicles are difficult to recognize. cause collision and utilize more bandwidth [10].
Secure vehicular communication is possible due to
significant knowledge of attacks and threats. Various
attacks in VANETs have been identified by researchers B. ATTACKS ON CONFIDENTIALITY
in [1], [12], [45], [60]–[63]. Below we have discussed The certificate and public key is used to make the exchanged
different attacks and security threats on each security service message confidential and only designated vehicles can get
in VANETs. access to these messages. Therefore, malicious vehicles can-
not get confidential and private information that is exchanged
A. ATTACKS ON AVALIABILIT
among vehicles. Confidentiality can be possible through dif-
ferent cryptographic techniques. Following are some com-
Availability of the information plays an important role in
mon attacks to confidentiality.
VANETs. The absence of availability of information at the
right time has a bad effect on VANETs efficiency [47]. Avail-
1) Eavesdropping Attack: An eavesdropping attack is one
ability in VANETs faces the following attacks.
which gets confidential data. Non-registered users get
1) Denial of Service (DoS) Attacks: In DoS an attacker the secret information like data location and user iden-
makes the network not accessible to the user. This tity, then using these data attackers track the vehi-
attack can be internal or external in nature. An attacker cle [69]. The possible solution to prevent these attacks
blocks the communication in three ways in DoS attack: is encryption of sensitive and confidential data.
loading the network, blocking the communication 2) Traffic Analysis Attack: Traffic analysis attack is
channel and closing the packets [64]. the most dangerous attack that affects the VANET
2) Jamming Attack: VANET is dynamic in nature and confidentiality. By this attack an attacker listens to
vehicles share communication channels due to which the message transmission then analyzes the trans-
traffic jams occur [65]. By using heavy signals with mitted messages frequency and tries to extract and
equivalent frequency an attacker can disturb the com- gather useful data [70]. These attacks are prevented
munication channel. This attack is most dangerous for by vehicle-to infrastructure communication privacy
vehicles safety because of not following the safety alert. enforcement protocol [166]. It is robust against traffic

153706 VOLUME 9, 2021

S. A. Jan et al.: Survey on Privacy-Preserving Authentication Schemes in VANETs: Attacks, Challenges and Open Issues

analysis attacks. The vehicle directly sends their mes- unauthorized access. The attacker did not show his real
sages to RSU. identity in this attack [78].
3) Man-in-the-Middle Attack: The attacker gets con- 8) Known Session-Specific Temporary Information Attack:
trol over inter-vehicles communication and alters the In this attack, on the disclosure of a temporary secret
exchanged message by this attack. The communicating value e.g. random number, an attacker attempts to
entities think that their communication is secure [71]. obtain the current secret key.
These attacks can be prevented using robust authen- 9) Key Compromise Impersonation Attacks: In this attack,
tication mechanisms such as digital certificates and if an attacker compromises the private key then he/she
key based or strong cryptography based confidential can eavesdrop and decrypt past or future conversation,
communication [45]. by pretending to be a trusted entity to the victim.
4) Timing Attacks: In these attacks, the time slot of the
message is altered by adding some delay. These attacks D. ATTACKS ON DATA INTEGRITY
are avoided by using timestamp mechanisms with The integrity of the exchanged data ensures the originality
robust cryptographic operations for packets of delay- of the data. The threats possible to integrity of data are as
sensitive applications in reliable platforms [45]. follows.
5) Social Attack: This attack is used to disturb the atten-
1) Masquerading Attack: In this attack the attacker,
tion of the driver. The attackers send unethical mes-
by using registered user password and ID, broadcasts
sages to the driver to get the reaction of the driver.
false messages and shows that the message comes from
This attack affects the performance of the vehicles in
the registered node [79].
VANETs [72]. These attacks can be prevented using
2) Message Tampering Attack: In this attack the attacker
alters the transmitted message for instance when the
road is congested then the attacker shows that the road
C. ATTACKS ON AUTHENTICATION
is clear and diverts the vehicle direction.
The most important part of vehicular communication is
3) Illusion Attack: In this attack by using the existing road
authentication, in which nodes authenticate each other and
condition an attacker generates the traffic warning mes-
protect themself from unauthorized access. Authentication
sage which creates the illusion for the vehicle. The illu-
protects nodes from internal as well as external attacks [73].
sion attack is caused by the traffic congestion and road
Below are some possible attacks on authentication VANETs.
accident and degrades the VANETs performance [80].
1) Sybil Attack: In this attack an attacker, by using multi-
E. ATTACKS ON NON-REPUDIATION
ple fake IDs, broadcasts multiple fake messages to dis-
turbed the normal operations of the VANETs system. The non-repudiation property ensures that the receiver and
These attacks showed the behavior of the vehicles by sender cannot deny later from an exchanged message in case
showing the road is congested and compelled the driver of any dispute.
to change the route [74]. 1) Repudiation Attack: In this attack an attacker denies
2) Tunneling Attack: In this attack an attacker initiates the message which he/she has sent in case of any dis-
private communication using the same network. By uti- pute [81].
lizing an extra communication channel called tunnel,
an attacker joins two far away parts by utilizing extra IV. AUTHENTICATION AND PRIVACY SCHEMES: AN
communication. The faraway node communicates as a OVERVIEW
neighbor. In VANETs, authentication and privacy are the basic security
3) GPS Spoofing: By this attack, the attacker shows false requirements. Different entities in VANETs authenticate each
GPS location information for dodging vehicles about other to accept the valid traffic related messages. There are
his correct location [75]. two phases in the authentication process namely: signing
4) Node Impersonation Attack: The attacker pretends to phase and verification phase. In the first phase, the sender
be the original user by guessing the valid identity of vehicle signs the messages and sends them to the other vehi-
the registered user [76]. cle. Upon the receiving of the signed message, the receiver
5) Replay Attack: In this attack the valid data is fraud fully vehicle verifies the signed message [82]. The whole com-
transmitted to unauthorized nodes. The VANET system munication between vehicles is very sensitive in VANETs;
requires much time source with large cache memory to therefore threats can exist in vehicular communication. For
handle this attack for comparing the received messages. instance, an attacker can generate a fake message, alter a
6) Message Tampering: In this attack, an attacker alters traffic related message, deny the service, forge the message
the messages which are exchanged between V2V or and disseminate wrong vehicle position etc. The first and the
V2I [77]. most important step that guards the traffic related information
7) Masquerading Attack: In this attack, an attacker uses from an attacker is the authentication process [83]. The basic
false IDs to show him as a legal user and obtains purpose of authentication in VANETs is to ensure that the

VOLUME 9, 2021 153707

 S. A. Jan et al.: Survey on Privacy-Preserving Authentication Schemes in VANETs: Attacks, Challenges and Open Issues

received message is generated by an authentic source and The RSU authenticates each vehicle anonymously and they
then the verification process guarantees that the message has use session keys for future secure communication. The
not been altered during the source to destination delivery. blockchain is used to preserve the integrity of the transmitted
Therefore, it ensures the integrity of the message, authen- message. The confidentiality of the transmitted message is
tication is considered as vigorous security requirements in also provided in VANET by this scheme. Zhang et al. [153]
VANETs [84]. Another most prominent issue that affects proposed a bilinear pairings based authentication protocol for
VANETs is privacy [85], [86]. Westin and Review [87] has VANET. The vehicle’s identity authentication and message
defined privacy as a right of an individual through which verification is realized by this protocol. This protocol also
he/she can manage, edit, delete and control information about prevents legitimate vehicles from being tracked by mali-
himself and decide how, what and when an information is cious vehicles. The batch authentication method is used to
disseminated to others. An individual can keep a vehicle improve the efficiency of message verification. An improved
for a long period of time, therefore an attacker can eas- password-authenticated key exchange protocol for VANET
ily link vehicle’s generated messages to the most sensitive has been proposed in [154]. This protocol generates a phys-
information like traveling routes, location and vehicle iden- ical randomness based high-entropy secret shared informa-
tity [88]–[90]. Wei et al. [91] proposed an authenticated key tion and the pre-shared short password, and then establishes
agreement mechanism for secure vehicle to infrastructure session keys based on high-entropy secret shared informa-
and vehicle to vehicle communication in VANETs. They tion. To improve the protocol efficiency, this scheme uses
divide the whole process into three phases. In the first phase, XOR operation instead of exponential operations. In [155],
vehicles, RSU and TA authenticate each other. The second an unlinkable authenticated key agreement with collusion
phase is about the key agreement process and the last phase resistant for VANETs has been proposed. The TA generates
is about a tree-based key agreement algorithm. To prevent multiple tickets to hide the real identity of the vehicle to meet
the side-channel attack and to improve the efficiency, an effi- unlinkability of V2I. Using homomorphic encryption, the
cient conditional privacy-preserving authentication scheme vehicle generates pseudonyms and the RSU uses a ticket for
is proposed in [92]. For secure communication in VANETs, the authentication process. A lightweight privacy preserving
Alshudukhi et al. [93] proposed a lightweight authentication authentication protocol has been proposed in [156]. Initially,
scheme which satisfied conditional privacy-preserving prop- Moore curve technique is used to convert all the RSUs to vec-
erty. According to authors, their scheme is most suitable for tors, then each vehicle uses BGN homomorphic encryption
privacy and security issues in the field of vehicular commu- to get the information of RSU from its planning route before
nication because it combined TPD based scheme and RSU beginning its trip. The authentication process between vehicle
based scheme. Beside this, their scheme is also robust against and RSU is fast due to deduced information of RSU.
common security attacks. A lightweight authentication and The protection of an individual’s privacy can be gained
privacy preserving scheme based on elliptic curves is pro- through anonymity methods. In vehicular communication,
posed in [94]. The privacy preservation has been achieved the privacy of vehicles can be ensured through pseudonyms.
using Pseudo-id-based authentication. For secure and con- Therefore, it is necessary to keep the real identity of the
fidential vehicular communication, symmetric key cryptog- vehicles secret from the receiver except for Trusted Authority.
raphy is used. The issues which hinder VANET security are When any dispute occurs the real identity of the vehicle
integrity, confidentiality, identity privacy, and authentication. can be traced by TA and can detect the malicious vehicles.
To overcome these issues, a protocol for VANET called Therefore privacy and authentication are the most prominent
privacy-preserving anonymous authentication is proposed in components for secure and safe vehicular communication.
[95]. For anonymous authentication, they design identity
based signature algorithms. Their designed algorithm enables V. EXISTING SURVEYS
the vehicle to communicate anonymously and disseminate A large number of authentication and privacy techniques
messages confidentially. Alshudukhi et al. [22] showed that have been discussed in literature. However, there are no
the scheme called lightweight conditional privacy-preserving comprehensive surveys that cover security requirements, per-
authentication protocol by Wei et al. [96] is insured and formance efficiency, counter measures, open issues, attacks
forgeable. According to the authors, in that scheme any one and security challenges as a holistic view. Many surveys exist
can forge the valid signature on a message and it did not in literature that have discussed different aspects of vehicular
satisfy the conditional privacy. Beside cryptanalysis, they communication.
suggested a solution for handling attacks. An efficient and Various privacy and security aspects have been discussed
secure self-checking Authentication Scheme for VANET has in [41], [51], [97]–[103]. This survey focuses on different
been proposed in [151]. In this scheme, pseudonyms are cryptographic techniques namely: Pseudonym based Iden-
used as a substitute of traditional authentication and involve tity Based, hash function based, and group signature based
TA in the process of authentication to reduce computational Cryptography. The reviews of latest cryptographic security
cost. Besides, the appropriate used group signature to reduce and trust oriented models are given in this survey. In addi-
authentication frequency. In [152], an anonymous authen- tion, a comprehensive analysis of the different techniques is
tication scheme based on blockchain has been proposed. presented in detail. Arif et al. [104] presented a survey on

153708 VOLUME 9, 2021

S. A. Jan et al.: Survey on Privacy-Preserving Authentication Schemes in VANETs: Attacks, Challenges and Open Issues

TABLE 2. Comparison of existing surveys in VANETs.

different possible security attacks in the field of VANETs. they analyzed the performance of different authentication
They also discussed necessary communication protocols for schemes in VANETs. Kuutti et al. [107] presented contempo-
each network layer with possible attacks that occurred at rary localization techniques for vehicles and investigated that
each layer. Moreover, they also highlight application send how these techniques are applicable for autonomous vehicles.
challenges along with open research issues in VANET. They focus on those techniques which only use the infor-
Ali et al. [105] proposed authentication and privacy schemes mation obtained from the vehicle’s onboard unit. Secondly,
for vehicular ad hoc networks. In this survey authors cat- in addition to sensory information obtained from the vehicle’s
egorized privacy and authentication schemes on the basis onboard unit, they analyzed those techniques which take the
of security requirements, performance parameters, possible advantages from off-board information obtained from the
attacks and mechanism. In [42], Chen described various vehicle to everything communication channels. A brief study
authentication schemes and applications used in VANETs. on different security challenging issues in VANET along with
The security requirements of various authentication schemes their existing possibilities are presented in [108]. The authors
were analyzed. They ensure authentication identity which have given the current solution and defined future goals.
is necessary for any application. Sakiz and Sen [106] dis- Mahmood et al. [109] discussed various security challenges
cussed different attacks and their corresponding detection and countermeasures in VANET. They focused on security
mechanism. The authors classified different attacks accord- issues such as attacks and threats which affect different pro-
ing to their goals and methods and present their solution tocol layers of VANETs architecture.
with advantages and disadvantages. An extensive overview of The aforesaid surveys are comprehensive and cover most
various security challenges, their causes and solutions have of the security requirements in the field of VANETs but
been presented in [51]. The detailed security architecture still need some improvement. First we differentiate our
and well known security protocols are given. They classified work from aforementioned surveys in terms of different
the various attacks in literature and their solutions. Further- authentication and privacy schemes and with other strengths
more, they discussed certain research challenges and open and weaknesses. For example, Malhi et al. [41] categorized
research issues. In [79], sheikh et al. have given a detailed the cryptographic techniques into four groups: Symmet-
survey of security services, attacks, and applications for ric Key Cryptography, Public Key Cryptography, Certifi-
VANETs. First, they discussed the functions and basic model cateless Cryptography and Identity Based Cryptography.
of the VANRTs. Second, they present different authentication Ali et al. [105] classified privacy and authentication tech-
schemes that protect VANETs from various attacks. Third, niques into HAPS, GAPS, PAPS, and IAPS. They have

VOLUME 9, 2021 153709

 S. A. Jan et al.: Survey on Privacy-Preserving Authentication Schemes in VANETs: Attacks, Challenges and Open Issues

reviewed and compared those techniques along with their cryptosystems (ECC) for generating signature and verifica-
security attacks, limitations and strength, security require- tion of the signature. However, these schemes still suffer from
ments, and performance parameters. Sheikh et al. [79] classi- either different security issues or performance efficiency.
fied authentication schemes on the basis of cryptography and These schemes highlight various authentication and privacy
signature. They further divide the cryptograph-based authen- schemes to some extent but did not fully cover the efficiency.
tication schemes into two categories: identity-based cryptog- To address these issues we classify authentication and privacy
raphy, symmetric cryptography (Hash Function and timed schemes into five groups: Pseudonym Based Privacy Pre-
efficient stream loss-tolerant authentication (TESLA)) and serving Authentication Schemes (PNBPAS), Identity Based
asymmetric cryptography (PKI certificate and ECDSA), and Privacy Preserving Authentication Schemes (IDBPAS), Hash
Kuutti et al. [107] classified sensor based localization tech- Functions Based Privacy Preserving Authentication Schemes
niques into five categories: Global Positioning System (GPS) (HFBPAS), Group Signature Based Privacy Preserving,
based techniques; cameras based techniques, radar based Authentication Schemes (GSBPAS) and Blockchain-Based
techniques, Light Detection and Ranging (LiDAR) based Privacy Preserving Authentication Schemes (BBPAS). Most
techniques, and ultrasonic sensors based techniques. Second, of these schemes used batch verification of the signature in
we present the VANETs security in terms of security require- the verification process. The hardness of one way hash func-
ments, security challenges, counter measures and classified tion, elliptic curve cryptography, Bloom Filter and bilinear
different attacks while the above surveys did not cover all pairing is discussed as follows.
these security factors as whole, especially Arif et al. [104] 1) One way hash function: On the basis of follow-
addressed VANET’s privacy and security attacks along with ing properties, one way hash function is said to be
their applications and challenges. They also presented the secure [110]:
effectiveness of cloud computing and VANETs with security • Hash function can take a variable size message as
and privacy issues and architecture. Sakiz and Sen [106] input and produce a fixed size message digest r as
classified different attacks and the corresponding detection output. For given r, it is easy to compute y = h(r).
mechanisms along with their effects and solutions. They also However for given y, it is infeasible to compute r =
described their advantages and disadvantages. A comprehen- h−1 (s)
sive overview of security challenges and their causes along • For given r, it is infeasible compute r 0 6 = r and
with existing solutions are addressed extensively in [51]. h(r 0 ) 6= h(r)
They have given the details of the recent security architec-
tures and the well-known security standards and protocols. 2) Elliptic Curve Cryptography (ECC): An elliptic
Their study concentrated on the classification of the different curve is a plane curve over a finite field Fp which is
attacks known in the literature and their solutions. Third, made up of the points satisfying the equation: y2 =
we measure the efficiency of each scheme in terms of compu- x 3 + ax + b where 4a3 + 27b2 6= 0 and a,b ∈
tational cost and communication overhead while performance Fp [111], [112]. Let R be the point at infinity then R and
measures have not been presented in literature in detail. other points on curve make an additive elliptic curve
In short, we present classification of authentication and group G- having order q and generator P1 . The elliptic
privacy schemes, security requirements, security challenges, curve group G- has the following properties:
countermeasures, performance measures and discuss open • Point addition: Let P1 and P2 are two random
issues in VANETs as a holistic view while all of the above points lying on elliptic curve such that (P1 , P2 ) ∈
surveys did not cover these factors holistically. We have com- G-, where G- is a group generated by P1 . If P1 6 = P2
pared aforementioned schemes in tabulated form. In Table 2, then R = P1 + P2 can be computed, here R is the
our contributions with respect to the aforesaid surveys are intersection point of curve and the line which con-
presented. The X’’ and 7’’ denote whether the domain spec- nects P1 and P2 . If P1 = P2 then R = P1 + P2 , and
ified in the column has been discussed in the survey or not. if P1 = −P2 then P1 +P2 = R. Figure 6 represents
point addition in the elliptic curve.
VI. CLASSIFICATION OF AUTHENTICATION AND PRIVACY • Scalar multiplication: The scalar multiplication on
SCHEMES IN VANET the elliptic curve EC is defined as nP1 = P1 +
The authentication and privacy play an important role in P2 + P3 . . . Pn for n times, where n ∈ Zq∗ and n > 0
vehicular communication to provide trust between entities. • Elliptic Curve Discrete Logarithm (ECDL) prob-
In this domain, several authentication and privacy schemes lem: It is a hard problem and infeasible to compute.
have been discussed in literature to protect the message from Given points P1 and P2 are two random points
unauthorized entities and resist against different possible lying on elliptic curve such that (P1 , P2 ) ∈ G-,
attacks. To implement these schemes, modern cryptographic where G- is a group generated by P1 . ECDLP is
mechanisms such as symmetric key cryptography, asymmet- used to compute an integer x such that P2 = xP1 ∈
ric key cryptography and certificateless public key cryptog- G-, where x ∈ Zq∗ is an unknown integer.
raphy are used. In addition, these schemes are constructed on 3) Bloom filter: Bloom filter [113] is a data structure that
the basis of bilinear pairings, pseudonyms or elliptic curve is designed to represent a set S = X1 +X2 +X3 . . . X n of

153710 VOLUME 9, 2021

S. A. Jan et al.: Survey on Privacy-Preserving Authentication Schemes in VANETs: Attacks, Challenges and Open Issues

TABLE 3. Execution time needed to perform various cryptographic

operations.

TABLE 4. Execution time needed to perform various cryptographic

operations.

FIGURE 3. Necessary security requirements for VANETs.

n elements to support membership queries. The vector

Vi with m bits and k hash, initially all bits set to 0, for
adding an element to Bloom filter, take the hash of that
element for a short time and set the bits in the bit vector
at the index of those hashes to 1. To check whether the
given value c is in S, we can check the position of bit at
h(c). If the position is set to be 1, then element c may
be in set S.
1) Bilinear pairing: Let G-1 be a cyclic additive group and
G-2 be a cyclic multiplicative group with the same prime
order q respectively. The point P1 ∈ G-1 generates the
group G-1 . Let e: G-1 × G-2 → G-2 be a bilinear pairing
which satisfies the following properties [114], [115]:
• Bilinearity: For all P1 , P2 , R ∈ G1 , e(P1 + P2 ,
R) = e(P1 , P2 )e(P2 , R) and e(P1 , P2 + R) = e(P1 ,
P2 )e(P1 , R). Similarly, for all a,b ∈ Z∗q , e (aP1 ,
bP1 ) = e(P1 , P1 ) ab = e(P1 , abP1 ) = e (abP1 ,
P1 ). operations. The efficiency of each classification is measured
• Non-degeneracy: There exists two points P1 , P2 ∈ on the basis of performance parameters. The implementation
G-1 , such that e(P1 , P2 ) 6 =1 or e(P2 , R) 6 = e(P1 , of different cryptographic operations have been done using
P1 ), where 1 is the identity element in G-2 . PBC, MIRACL, JPBC, and CHARM crypto libraries [105].
• Computability: There must be an efficient algo- The computational cost of these schemes can be measured on
rithm to compute e (P1 , P2 ) for all P1 , P2 ∈ G-1 . the basis of different cryptographic operations like bilinear
pairing, hash function, bloom filter or elliptic curve cryptog-
A. PERFORMANCE PARAMETERS raphy. The symbols used to represent bilinear pairing, hash
In proposed classification of privacy-preserving authentica- function and ECC cryptographic operations are shown in
tion schemes every scheme has been surveyed along with Table 4.
strength and limitations. Each classification is presented with The aforementioned cryptographic operations have
security requirements, attacks and performance parameters computational cost and communication overhead. We con-
in distinct tables. The attacks and security requirements sider message signature generation and verification of
are shown on the basis of aforementioned cryptographic concerned schemes as computational cost. Moreover,

VOLUME 9, 2021 153711

 S. A. Jan et al.: Survey on Privacy-Preserving Authentication Schemes in VANETs: Attacks, Challenges and Open Issues

each other anonymously using a false name. Each entity in

an organization is known through pseudonyms instead of real
names to preserve the identity-anonymity and privacy. These
pseudonyms are generated in such a way that it cannot link to
get the real information about the entity and later by using
his/her credential, prove a relation to concern and thereby
provide unlinkability. Beside this, a pseudonym mechanism
is used to achieve the conditional privacy preservation in
IoV [117].
Singh et al. [118], addressed a privacy preservation in
VANETs called Cooperative Pseudonym Exchange and
Scheme Permutation. This scheme allowed the vehicles to
exchange their pseudonyms cooperatively. The scheme per-
mutation is used to enhance location privacy preservation.
FIGURE 4. VANETs security challenges. The pseudonyms are exchanged between vehicles, there-
fore it eliminates the location tracking by service provider.
TABLE 5. Measurement for performance parameters.
This scheme has no extra communication overhead because
trusted authority is not involved in the process. Li et al. [119]
Proposed pseudonym swap mechanism and design appro-
priate utility metric. It selects a pseudonym for a vehicle
by adapting a differential privacy preserving mechanism to
satisfy pseudonym in-distinguishability. This scheme guar-
antees that if two vehicles have high similarity of driving
states, it is impossible for attackers to link the vehicles and
their pseudonyms after swap. The theoretical analyses proved
that this mechanism satisfies the proposed privacy definition,
thus ensuring the unlinkability between the new pseudonym
and the old pseudonym. To enhance the privacy of the user
of the vehicle, Jiayu et al. proposed ‘‘a secure and effi-
cient identity-based anonymous authentication scheme and
we measure communication overhead of each scheme in uses pseudonyms’’ [120]. They improved existing public
terms of size of message signature and the extra bits key infrastructure of vehicles and introduced a Bloom filter
transmitted with plaintext. The total size of traffic related to compress the Certificate Revocation List (CRL). They
message-signature includes pseudo-ID, time-stamp, type-id, ensured the user’s privacy through an efficient pseudonym
certificate, message-ID, payload/message, etc. are measured revocation scheme. A batch pseudonym revocation is done in
in the form of bits or bytes. this scheme and makes the pseudonym unlinkable. According
Table 3 presents execution time required to perform afore- to the authors, their scheme is secure and meets the pri-
mentioned cryptographic operations and Table 5 to decide vacy requirement in VANETs and CRL distribution. For the
which of the schemes has either low or medium or high solution of security conflicts and privacy preservation, the
overhead [105]. RSU-aided trust framework is proposed in [121]. According
We have classified privacy-preserving authentication to this framework, the reliability of the message is evaluated
schemes into five groups, i.e. Pseudonym Based Authenti- by assigning the reputation label certificate by roadside unit
cation and Privacy Preserving Schemes (PNBAPS), Identity for every vehicle in its communication range. To evaluate the
Based Authentication and Privacy Preserving Schemes behavior of vehicles, the authors used localized reputation
(IDBAPS), Hash Functions Based Authentication and Pri- label certificates and the central reputation value. To ensure
vacy Preserving Schemes (HFBAPS), Group Signature Based privacy, reputation label certificate shows two statuses to sub-
Authentication and Privacy Preserving Schemes (GSBAPS) stitute specific reputation value. Then these reputation values
and Blockchain-Based Authentication and Privacy Preserv- are stored in a central database. They designed a reputation
ing Schemes (BBAPS). These schemes are discussed as fol- update algorithm with different weights to encourage vehicles
lowed: to follow the rules. Moreover on the revocation of reputa-
tion label certificate, privacy and security is not protected.
B. PSEUDONYM BASED AUTHENTICATION AND PRIVACY A Strong Pseudonym-based Authentication (SPATA) frame-
SCHEMES work has been presented for preserving the real identity of
The name used as an alternative to real name is called vehicles [122]. Vehicles are allowed to generate pseudonyms
pseudonym. The concept of pseudonym is first given by in private and secure ways according to SPATA. Without
Chaum [116] which allows the entities to communicate with SPATA, the privacy of the vehicle cannot be preserved by

153712 VOLUME 9, 2021

S. A. Jan et al.: Survey on Privacy-Preserving Authentication Schemes in VANETs: Attacks, Challenges and Open Issues

FIGURE 5. VANET security services with possible attacks.

storing information regarding vehicles in a single location. work of ASPA guarantees the vehicles privacy preserva-
Therefore, through mapping the real identity to pseudonyms, tion in the real identities mapping and revocation phase.
it eliminates the concept of linkability of certificates based Arain et al. [126] proposed an efficient dynamic pseudony-
on single authority. The CRL kept only the most recently mous based multiple mix-zones authentication protocol for
revoked communication pseudonyms due to which the size privacy preservation to enhance security of vehicular net-
of CRL became small. Through a distributed mechanism, works. According to authors, most of the existing schemes
the privacy of the vehicle is preserved during the resolu- either used group signature based approaches or pseudonym
tion phase and revocation. An efficient pseudonym changing based approaches with certificate revocation lists that cause
and management framework (PRIVANET) is proposed in significant communicational and storage overhead, which
[123]. This framework showed vehicular geographic area as increase computational cost. To overcome these problems
a grid and has hierarchical structure. Each grid cell is divided the authors present a dynamic pseudonymous based mul-
into one or many logical zones, called vehicular location tiple mix-zones authentication protocol that only requires
privacy zones (VLPZs). It is easy to deploy these zones mobile vehicles to communicate with the reported server
over the extensive roadside infrastructures [124], such as gas for registration and dynamic pseudonym change. Further-
stations, to provide a secure management of pseudonyms. more, to achieve the user privacy they define a mechanism
The main building block of the said frameworks are: an to provide users with dynamic pseudonyms named. Finally,
adapted user-centric privacy model, a method to generate the they analyzed the robustness of their scheme. Liu et al. [127]
IP and MAC addresses from the pseudonym, a reputation- present intelligent traffic light control schemes which are
based mechanism to motivate selfish vehicles to enter VLPZs, based on fog computing. In this scheme traffic light is
effective VLPZ-based pseudonym changing strategy, a secure considered as a fog device that generates and verifies one
hybrid mechanism for the distribution of pseudonyms sets puzzle for each vehicle in a fixed time interval. Agustina
and CRLs, a stochastic model to estimate the number of and Hakim [128] have designed a secure protocol to ensure
VLPZs required at a given cell, and a mathematical model authentication and privacy using hierarchical pseudonyms
for an optimal placement of the VLPZs over RIs to reduce with blind signature. Using blind signature, the signer signs
the transportation cost of vehicles in terms of time. To han- the message without knowing the contents of the message.
dle the security and privacy of vehicles in the Intelligent This scheme works in three phases: design of the detailed
Transport System, Ali et al. [125] proposed Advanced Strong protocol, requirement analysis, and provable security. This
Pseudonym based Authentication (ASPA). Only vehicles scheme improves the security and privacy to some extent
with valid pseudonyms are allowed to communicate in ITS. but cannot reduce computation cost and verification delay.
All the vehicles are assigned pseudonyms in a secure way. It did not consider the verification of vehicle signature on the
To avoid the chance of likability of vehicle pseudonyms message by RSU.
certificates, the pseudonym mappings of vehicles are stored No mathematical proof is given to ensure security require-
at different locations. In addition, the size of CRL becomes ments. No graph is given to illustrate exactly the performance
small due storage of most recent communication pseudonyms of the proposed protocol. The security requirements, security
and malicious vehicles are revoked. Therefore, the size of attacks controlled by PNBAPS and PNBAPS performance
CRL does not increase exponentially. The distributed frame- analysis are shown in (Tables 6, 7, and 8)

VOLUME 9, 2021 153713

 S. A. Jan et al.: Survey on Privacy-Preserving Authentication Schemes in VANETs: Attacks, Challenges and Open Issues

TABLE 6. Security requirements fulfill by PNBAPS.

signing and verification of the message is increased at the

RSU side. In addition, their scheme used batch signature
verification and allowed them to authenticate multiple traffic
related messages due to which computational cost has sig-
nificantly decreased. According to authors, their scheme is
efficient with respect to computational cost as compared to
similar schemes. A local identity based anonymous message
authentication protocol for VANETs is presented to handle
inherent issues [131]. The certification authority issued a
unique long term certificate to each vehicle and roadside
unit. Each roadside unit is responsible for assigning the local
master keys to every vehicle that comes in its communication
range. When the vehicles go to the communication range of
another roadside unit, they authenticate each other by their
long term certificate. To generate the localized anonymous
FIGURE 6. Elliptic curve cryptography points addition.
identity, the valid vehicle can obtain the local master keys
from the current RSU. The privacy of vehicles can be pro-
tected by choosing randomly anonymous identity to sign the
C. IDENTITY BASED SIGNATURE AUTHENTICATION AND safety related message which can be verified using either a
PRIVACY SCHEMES single or both authentication method. Wei et al. [132] pro-
Shamir proposed identity based cryptographic systems to posed an identity-based signature scheme to achieve unforge-
reduce the load of digital certificate management which was ability against chosen-message attack without random oracle.
suffering from traditional public key infrastructure [129]. They design two secure and efficient outsourcing algorithms
In identity based cryptographic systems, the public key of for exponential operations in order to reduce the computa-
an entity is derived from his/her well-known public identity tional cost. The authors also presented a privacy-preserving
information, for instance contact number, email, and identity protocol for VANETs by using outsourcing computing and
number etc. Identity based public key cryptographic systems identity based signature. They also used a proxy re-signature
are replacing traditional public key cryptographic systems to scheme for authentication. To hide the real identity of the
eliminate a certificate management effort. There is no need vehicle, trusted authority authorized the roadside units to
for a certificate for authentication of messages in identity act as agents and roadside units convert the onboard unit’s
based public key cryptography. Therefore, it reduces the over- signature into trusted authority’s signature. Later the TA can
head produced due to certificates in the message. Hence it access the real identity of the vehicle using its secret key when
improves the efficiency of VANETs. the dispute occurs. According to the author their scheme
An identity based conditional privacy preserving and is efficient in terms of computational cost. For vehicle-to-
authentication scheme based on bilinear map has been pro- vehicle communication, Ali et al. [133] proposed an efficient
posed for vehicles to infrastructure communication [130]. identity based signature with conditional privacy-preserving
The authors used one way hash functions in this scheme authentication scheme based on the Elliptic Curve Cryp-
instead of map to point hash functions. The efficiency of tography (ECC) and general one-way hash functions. Their

153714 VOLUME 9, 2021

S. A. Jan et al.: Survey on Privacy-Preserving Authentication Schemes in VANETs: Attacks, Challenges and Open Issues

TABLE 7. Security attacks controlled by PNBAPS.

TABLE 8. PNBAPS performance analysis.

TABLE 9. Security requirements fulfill by IDBAPS.

scheme used the batch signature verification method to enable tributed aggregate privacy-preserving authentication protocol
each vehicle to authenticate a large number of messages based on bilinear pairing is presented by Zhang et al. [134].
simultaneously. The authors used a random oracle model Due to the powerful system architecture of their scheme it
for security proof of their proposed scheme. They proved depends only on the practical tamper proof device (TPD)
the security robustness of their scheme in the random oracle instead of ideal TPD. In their scheme, trusted authority and
model. To secure vehicular communication, an efficient dis- roadside units cannot learn the secret keys of vehicles and do

VOLUME 9, 2021 153715

 S. A. Jan et al.: Survey on Privacy-Preserving Authentication Schemes in VANETs: Attacks, Challenges and Open Issues

TABLE 10. Security attacks controlled by IDBAPS.

TABLE 11. IDBAPS performance analysis.

not allow any entity to pretend to be valid vehicles. According ciency of the system is improved. The one way hash func-
to the authors, if any vehicle is compromised then only a lim- tions have negligible computational cost, so computational
ited number of the vehicle can be affected by the attacker. The cost and communication overhead is significantly decreased
security requirements, security attacks controlled by IDBAPS and efficiently fulfills security needs. A secure and privacy
and IDBAPS performance analysis are shown in (Tables 9, preserving hashed based authentication and revelation pro-
10, and 11). tocol using internet of vehicle has been discussed in [137].
In this scheme the vehicles exchange the message about local
D. HASH FUNCTION BASED AUTHENTICATION AND and global warming. This scheme is secure against some
PRIVACY SCHEMES well-known attacks and provides a better security service in a
Hash function is responsible for providing the integrity of the cost effective manner. Cui et al. [138] propose a conditional
message without encryption of the message. When a hash privacy-preserving authentication scheme based on the hash
function is applied to a message, it generates a fixed value function, which does not use complex bilinear mapping and
referred to as message digest. To achieve message integrity, elliptic curve encryption for identity authentication to prevent
a hash value must be attached to the sending message. A novel illegal vehicle interference and ensure the legitimacy of the
lightweight authentication protocol is presented for secure source. They used a group key agreement mechanism based
communication in VANETs, which only uses one way hash on the Chinese remainder theorem (CRT) to distribute the
function and exclusive-OR operations [135]. This protocol group key for authenticated vehicles. The group key can be
consists of four phases: Initialization, vehicle registration, updated when the vehicle joins and leaves the group. In the
RSU registration, and message authentication. For achieving process of anonymous message generation and verification,
the security goals they analyzed the protocol using BAN analysis of the results shows that their proposed scheme
logic. According to the authors, their scheme is robust against satisfied the basic security requirements and has significant
some attacks and the data kept secret during the communica- advantages in terms of computation cost and communication
tion. The performance analysis showed that their scheme is overhead as compared to existing schemes. Zhu et al. [139],
efficient in terms of communication cost and computational presented a lightweight and scalable secure communication
cost. Alfadhli et al. [136], proposed a lightweight privacy framework for VANET. It consists of five protocols namely:
preserving authentication scheme for VANETs, which only (a) V2I, (b) group key agreement protocol without RSU
used general one way hash functions. The driving problem (c) RSU-aided two-party communication protocol, (d) two-
occurring in dangerous areas is overcome in this scheme. party communication protocol without RSU, and (e) RSU-
The VANETs system administrator authenticates the vehicle aided group key distribution protocol. Roadside units used
once during the movement of the vehicle, in this way the hashed MAC functions to authenticate the messages and AES
system reduces the authentication redundancy and the effi- to encrypt the messages. Due to hashed MAC function the

153716 VOLUME 9, 2021

S. A. Jan et al.: Survey on Privacy-Preserving Authentication Schemes in VANETs: Attacks, Challenges and Open Issues

efficiency of the protocols is increased. The security analysis form calculations and used synchronization factor to improve
shows that this scheme is secure against various attacks. The the computational efficiency of group members while join-
hash function and group secret key based efficient privacy ing, revoking and signing. This scheme ensures anonymity,
preserving authentication scheme for VANETs is discussed forward security, traceability and unforgeability. A group
in [140]. Vighnesh et al. [141] proposed a vehicular authen- signature framework based on an efficient and anonymous
tication scheme using authentication code and hash chaining. authentication protocol is proposed [147]. To ensure for-
In this way vehicles and roadside units can communicate in ward security, this protocol uses a complete sub-tree method
a secure way. The encryption takes place using the master which achieves membership revocation. This protocol used
key. RSU attach its identity with the message before send- decentralized group model to reduce the heavy workload on
ing it to the authentication center. Various authentication TA by generating group certificates for OBUs. The OBUs
schemes have been discussed in literature but they suffer retrieved revocation list from TA. For the management of
from high computational cost, especially in the certificate routing messages in VANETs, a Trustworthy VANET rout-
revocation list verification process. On the other hand various ing with group authentication keys is proposed [148]. The
pseudonym-ID schemes use system key signature but suffer TROPHY messages are received recursively by authorized
from communication overhead. This scheme used a tempo- nodes. It allowed those nodes to refresh their cryptographic
rary group secret key and permanent vehicle pseudonym-ID credentials and update the authentication keys across the
due to which the process of verification and authentication network. Then distribute those messages epidemically across
significantly improved. This scheme is also robust against the network and construct in such a manner that any node
various security attacks. The security requirements, security found as lost or physically compromised will not be able
attacks controlled by HFBAPS and HFBAPS performance to perform the refreshment using them. A central authority
analysis are shown in (Tables 12, 13, and 14). where all the credentials are stored, they use a mechanism to
recover from any unauthorized physical access and disclose
E. GROUP SIGNATURE BASED AUTHENTICATION AND such material at one time without human intervention on reset
PRIVACY SCHEMES of devices due to the use of a Key Distribution Centre (KDC).
In group signature, all the group members are allowed to sign An ID based group signature scheme for VANETs has been
the message on the behalf of the group leader. A single group discussed in [149]. This scheme used an ID based group sig-
public key is used to verify the signature but the identity of nature scheme to avoid complex certificate management for
the signer is kept secret. Moreover, it is impossible to judge protection of user privacy. They also used pseudonym meth-
whether a group member has been issued two signatures. ods to protect the real identity of vehicles and malicious nodes
However, in case of any dispute a designated group manager can be traced easily. Zhu et al. [150] proposed a privacy pre-
can disclose the real identity of signer [142]. serving authentication scheme based on group signature in
A group signature based anonymous authentication VANETs. Their scheme is divided into different domains.
scheme is proposed [143]. To provide the anonymous authen- In their scheme group private keys are distributed by RSUs.
tication of vehicles a regional trusted authority is added The RSUs are also responsible for managing vehicles in a
as group manager. Conditional privacy and anonymity are local manner. Before group authentication, the authors used
achieved by adopting group signature methods. According hash message authentication code to ensure integrity. At last,
to the authors this scheme is efficient and robust in terms the entities authenticate each other in cooperative message
of performance and security. An efficient and secure group authentication fashion. In this way each vehicle will have to
signature based authentication and key distribution scheme authenticate a small number of messages, hence reducing the
is proposed [144]. In this scheme the computational load authentication burden. The security requirements, security
is distributed from trusted authority to roadside units. The attacks controlled by GSBAPS and GSBAPS performance
RSUs in a specific domain form a group. Each group of RSUs analysis are shown in (Tables 15, 16, and 17).
has group leader and member RSUs. The member RSU and
vehicle established a shared symmetric key with each other. F. BLOCKCHAIN BASED AUTHENTICATION AND PRIVACY
Then a group key is provided to the vehicle from leader RSU SCHEMES
on behalf of TA. Vehicle uses this group key to communicate In this section, a blockchain based authentication and privacy
with RSUs within the desired group. Moreover, this scheme preserving schemes are presented. All the vehicles stored in
ensures security in an efficient manner. Zhang et al. [145] the blockchain are assigned a certificate or pseudo identity
proposed authentication protocol for VANETs which is based by Certification Authority (CA). Each receiver is provided
on combination of group session key and group signa- information regarding the entry pointer for verification. The
ture. The aforesaid signature verification method achieves most prominent benefit of blockchain is transparency and
robust security against impersonation attack and reduces decentralization [157]. The blockchain technology has irre-
computational cost by reducing bilinear pairing operations. versible property, i.e, the information once which is saved in
Zheng et al. [146] proposed an anonymous authentication blockchain cannot be modified later. Ali et al. [158] proposed
scheme based on group signature for VANETs. On the basis a public key signature scheme based on blockchain for V2I
of certificateless group signature, it used elliptic curves to per- Communication in VANET. Their scheme is certificateless

VOLUME 9, 2021 153717

 S. A. Jan et al.: Survey on Privacy-Preserving Authentication Schemes in VANETs: Attacks, Challenges and Open Issues

TABLE 12. Security requirements fulfill by HFBAPS.

TABLE 13. Attacks controlled by HFBAPS.

TABLE 14. HFBAPS performance analysis.

and conditional privacy is achieved using bilinear pairing. increases its complexity. A secure data sharing and stor-
To make the verification process fast, they used batch signa- age based on blockchain in VANET has been proposed
ture and aggregate signature verification. The pseudo-identity in [159]. The data coins are allocated using smart contracts
revocation transparency is achieved by using blockchain. for the vehicles which are participating in the communication
Their scheme satisfied efficient revocation and traceabil- network. The signature on the message is generated using
ity property along with authentication and identity. How- ECC to fulfill non-repudiation and authentication properties.
ever, the batch signature and aggregate verification process The pre-selected node can establish a distributed agreement

153718 VOLUME 9, 2021

S. A. Jan et al.: Survey on Privacy-Preserving Authentication Schemes in VANETs: Attacks, Challenges and Open Issues

TABLE 15. Security requirements fulfill by GSBAPS.

TABLE 16. Attacks controlled by GSBAPS.

TABLE 17. GSBAPS performance analysis.

before adding a block to the ledger. Using signal verifica- and chronological Merkle tree (CMT) to extend the conven-
tion method or batch verification method, the receiver can tional blockchain. A node containing public key, certificate
verify the exchanged message. However, time complexity is and encrypted link is added to MPT by Law Enforcement
significantly increased due to the combination of blockchain Authority (LEA). The information about the entry pointer
and bilinear pairing. Lu et al. [160] proposed a privacy- to the leaf node is provided to the corresponding vehicle.
preserving authentication scheme for VANET based on The identity of the sender is authenticated by the receiver
blockchain technology. They used Merkle Patricia tree (MPT) using a distributed authentication process. The certificate

VOLUME 9, 2021 153719

 S. A. Jan et al.: Survey on Privacy-Preserving Authentication Schemes in VANETs: Attacks, Challenges and Open Issues

TABLE 18. Security requirements fulfill by BBAPS.

TABLE 19. Attacks controlled by BBAPS.

TABLE 20. BBAPS performance analysis.

of a particular vehicle is revoked by LEA on expiry of its cost and communication overhead is significantly increased
certificate or on its malicious activity. The LEA broadcasts due to integration of CA and LEA. A traffic event vali-
CRL to corresponding vehicles to indicate that a particular dation and trust verification scheme based on blockchain
certificate has been revoked and no further communication is proposed in [161]. This framework includes three main
should be made to that particular vehicle. The malicious features: 1) Proof-of-event (PoE), 2) RSUs’s Trust verifi-
vehicle’s real identity is disclosed on decryption of the link cation, 3) two-phase transaction for fast event notification.
from the corresponding leaf node. However, computation The PoE is used for two pass validation when unproven

153720 VOLUME 9, 2021

S. A. Jan et al.: Survey on Privacy-Preserving Authentication Schemes in VANETs: Attacks, Challenges and Open Issues

incidents occur. The traffic related information is gathered sideration of researchers and become an open research area
by RSU and the vehicle adjacent to it can verify that infor- in future. Below, we highlight some of the open issues which
mation. The PoE mechanism did not allow RSU to transmit may become a hot research topic in future.
false notification. All the verified events are added into the
blockchain to ensure the trust verification. However, com- 1) FIGURE AXIS LABELS REVOCATION, CRL MANAGEMENT
putation cost is increased due to verification of transactions AND DISTRIBUTION PROCESS
for PoE. Wang et al. [162] proposed a blockchain based trust- In the revocation process, the misbehaving vehicles are
worthiness scalable computation for V2I authentication. The detected and revoked and the list of revoked vehicles is dis-
main focus of this scheme is to compute trustworthiness tributed. On the detection of misbehavior of vehicles, how
of vehicles and handing over of vehicles from one RSU to should the process of revocation be carried out? What will
another in a secure way. This scheme is vulnerable against be the mechanism of CRLs distribution? These issues are
replay attacks. However, it did not provide a comprehensive still not fully covered and need researcher consideration.
review of existing schemes. In [163], a blockchain based CRLs still has no infrastructure that manages CRLs with short
decentralized key management mechanism for VANET is lifetime certificates. The modern cryptographic solution did
presented]. In this scheme, each vehicle and their correspond- not present authorization and certificate revocation so what
ing RSU share a session key between them. The vehicle are the alternates of these?
service provider (VSP) updates the expired private and public
keys of vehicles using smart contracts. The main responsi- 2) CRYPTOGRAPHIC METHODS FOR PRIVACY, SECURITY
bility of VSP is to detect malicious key pairs and revoke AND TRACEABILITY
them from the smart contract. It is secure against public key Key management is a basic concept of cryptographic tech-
tampering attacks, internal attacks, DoS attacks and collusion niques. Are key management and distribution exclusive to the
attacks. Zhang et al. [164] proposed a secure data sharing vehicle manufacturer or government? For lightweight secure
system for IoV based on blockchain. The authors divided communication, what should be the key size? How to handle
the entire system into multiple regions and each region used time delay for management and distribution of keys? How to
two types of blockchain for storage of messages: primary deal with keys within a short duration of time? What will be
blockchain and secondary blockchain. The announcement the method of dealing with a key without a certificate? How to
message is signed anonymously using blind signature and achieve privacy and traceability? How to secure pseudonyms
threshold secret sharing. In [164], a secure authentication and for non-traceability?
key management scheme based on blockchain in VANET is
proposed. They used the Chinese Remainder Theorem (CRT) 3) EVALUATION OF TRUSTWORTHINESS AND VEHICLES
in the V2V group formation phase. All the vehicles come MISBEHAVIOR DETECTION MECHANISM
in the communication range of specific RSU form a group. An evaluation of a vehicle’s trust and detecting misbehavior
The consortium blockchain is used to update the group key of them in VANETs is the hard problem. How to check the
during the dynamic key updating phase. Furthermore, this trustworthiness of nodes? Is the calculated trust ids reliable
scheme is robust against various attacks like reply attack, or not for disseminating critical messages? On the successful
impersonation attack etc. A new technique called Proof of calculation of trust, what actions should be taken? Are the
Driving (PoD) has been proposed in [165]. The PoD is used punishment factors clearly defined or not? In case of a wrong
to select random honest miners for generation of blocks for trust calculation, how to revoke a malicious vehicle?
blockchain-based VANET applications. Besides, a Service
Standard Score (SSS) based filtering technique is used to 4) DATA CONTEXT TRUST AND VERIFICATION
detect and remove the malicious nodes of the vehicular miner The basic goal of VANETs is to ensure cooperative and safe
nodes. This scheme also addresses fairness and efficiency driving. This can be possible by providing the right informa-
issues caused by PoD and PoW. The security requirements, tion at the right time. Therefore, it is necessary to verify the
security attacks controlled by BBAPS and GSBPAS perfor- exchanged message in VANETs.
mance analysis are shown in (Tables 18, 19, and 20). This should have a strong intrusion detection system. How
do VANETs handle the uncertain situation of detection of a
VII. DISCUSSIONS AND OPEN ISSUES malicious vehicle suddenly? How to check the robustness of
In VANETs the most crucial part is to manage the vehicular tamper proof hardware?
communication in terms of low communication overhead and
inexpensive delay of messages transmitted between vehicles 5) SELF-ORGANIZING CAPABILITIES OF NETWORKS VIA A
and infrastructure. The vehicular communication must ensure HIGH MOBILE NETWORK ENVIRONMENT
that it fulfills the entire basic security requirement and pro- It is feasible that vehicles can form a cluster communica-
vide reliable vehicular communication. Security is the major tion. How to deliver across cluster partitions in VANET still
concern for successful deployment of VANETs. There exist not well-defined? How do groups communicate across the
some open issues which may be considered while dealing jammed signals? How to select the cluster head? is there
with these security concerns. These issues need special con- infrastructure to handle cluster communication?

VOLUME 9, 2021 153721

 S. A. Jan et al.: Survey on Privacy-Preserving Authentication Schemes in VANETs: Attacks, Challenges and Open Issues

VIII. CONCLUSION [13] J. Cui, L. Wei, J. Zhang, Y. Xu, and H. Zhong, ‘‘An efficient message-
VANETs play a key role in intelligent transport systems to authentication scheme based on edge computing for vehicular ad hoc net-
works,’’ IEEE Trans. Intell. Transp. Syst., vol. 20, no. 5, pp. 1621–1632,
prevent vehicles from unexpected situations. Traffic safety May 2018.
related messages are exchanged between the vehicles to meet [14] M. A. Al-Shareeda, M. Anbar, I. H. Hasbullah, and S. Manickam, ‘‘Sur-
safe and secure journeys. However, the communication in vey of authentication and privacy schemes in vehicular ad hoc networks,’’
IEEE Sensors J., vol. 21, no. 2, pp. 2422–2433, Jan. 2020.
VANETs takes place via open wireless channels and faces [15] L. Xie, Y. Ding, H. Yang, and X. Wang, ‘‘Blockchain-based secure and
some security challenges. The intruder can easily compro- trustworthy Internet of Things in SDN-enabled 5G-VANETs,’’ IEEE
Access, vol. 7, pp. 56656–56666, 2019.
mise the privacy and security of the message. This paper [16] G. Kumar, R. Saha, M. K. Rai, and T.-H. Kim, ‘‘Multidimensional
has presented a detailed study on various authentication and security provision for secure communication in vehicular ad hoc networks
privacy schemes used in the field of VANET. We have cat- using hierarchical structure and end-to-end authentication,’’ IEEE Access,
vol. 6, pp. 46558–46567, 2018.
egorized different authentication and privacy schemes into [17] S. A. Alfadhli, S. Lu, K. Chen, and M. Sebai, ‘‘MFSPV: A multi-factor
five groups: PNBAPS, IDBAPS, HFBAPS, GSBAPS and secured and lightweight privacy-preserving authentication scheme for
BBAPS. We have compared and reviewed these schemes with VANETs,’’ IEEE Access, vol. 8, pp. 142858–142874, 2020.
[18] Y. Wang, Y. Ding, Q. Wu, Y. Wei, B. Qin, and H. Wang, ‘‘Privacy-
their security requirements, security attacks and performance preserving cloud-based road condition monitoring with source authen-
parameters. Moreover, we have discussed security challenges tication in VANETs,’’ IEEE Trans. Inf. Forensics Security, vol. 14, no. 7,
which help the researcher to deploy the VANETs technology, pp. 1779–1790, Jul. 2018.
[19] D. Zheng, C. Jing, R. Guo, S. Gao, and L. Wang, ‘‘A traceable
infrastructure and service efficiently and securely. Finally, blockchain-based access authentication system with privacy preservation
we have discussed some open issues in the field of VANETs. in VANETs,’’ IEEE Access, vol. 7, pp. 117716–117726, 2019.
[20] P. Ranaweera, A. D. Jurcut, and M. Liyanage, ‘‘Survey on multi-access
edge computing security and privacy,’’ IEEE Commun. Surveys Tuts.,
ACKNOWLEDGMENT vol. 23, no. 2, pp. 1078–1124, 2nd Quart., 2021.
[21] C. Wang, R. Huang, J. Shen, J. Liu, P. Vijayakumar, and N. Kumar,
The authors would like to thank the financial support and ‘‘A novel lightweight authentication protocol for emergency vehicle
facilities provided by Universiti Putra Malaysia and the Min- avoidance in VANETs,’’ IEEE Internet Things J., vol. 8, no. 18,
istry of Education Malaysia for the execution, completion and pp. 14248–14257, Sep. 2021.
[22] J. Zhang and Q. Zhang, ‘‘On the security of a lightweight
publication of this paper. conditional privacy-preserving authentication in VANETs,’’ IEEE
Trans. Inf. Forensics Security, early access, Mar. 17, 2021, doi:
10.1109/TIFS.2021.3066277.
REFERENCES [23] N. Kumar and N. Chilamkurti, ‘‘Collaborative trust aware intelligent
[1] N. K. Chaubey, ‘‘Security analysis of vehicular ad hoc networks intrusion detection in VANETs,’’ Comput. Elect. Eng., vol. 40, no. 6,
(VANETs): A comprehensive study,’’ Int. J. Secur. Appl., vol. 10, no. 5, pp. 1981–1996, 2014.
pp. 261–274, May 2016. [24] WHO, ‘‘Road traffic injuries,’’ Key Facts, Feb. 2020. Accessed:
[2] J. King and A. I. Awad, ‘‘A distributed security mechanism for resource- Jun. 19, 2020. [Online]. Available: https://www.who.int/news-room/fact-
constrained IoT devices,’’ Informatica., vol. 40, no. 1, pp. 1–12, 2016. sheets/detail/road-traffic-injuries
[3] M. G. Samaila, M. Neto, D. A. Fernandes, M. M. Freire, and P. R. Inácio, [25] WHO. (2020). Global Status Report on Road Safety 2015.
‘‘Security challenges of the Internet of Things,’’ in Beyond Internet [Online]. Available: http://www.who.int/violence_injury_prevention/
Things. Cham, Switzerland: Springer, 2017, pp. 53–82. road_safety_status/2015/en
[26] CARE. (2020). European Road Accident Database. [Online]. Avail-
[4] S. Boussoufa-Lahlah, F. Semchedine, and L. Bouallouche-
able: https://ec.europa.eu/transport/road_safety/specialist/statistics/map-
Medjkoune, ‘‘Geographic routing protocols for vehicular ad hoc
viewer/
NETworks (VANETs): A survey,’’ Veh. Commun., vol. 11, pp. 20–31, [27] UNECE. United Nations Economic Commission for Europe. Accessed:
Jan. 2018. Jun. 19, 2020. [Online]. Available: https://unece.org/publications/oes/
[5] O. S. Al-Heety, Z. Zakaria, M. Ismail, M. M. Shakir, S. Alani, and welcome
H. Alsariera, ‘‘A comprehensive survey: Benefits, services, recent works, [28] C. D. Wang and J. P. Thompson, ‘‘Apparatus and method for motion
challenges, security, and use cases for SDN-VANET,’’ IEEE Access, detection and tracking of objects in a region for collision avoidance uti-
vol. 8, pp. 91028–91047, 2020. lizing a real-time adaptive probabilistic neural network,’’ Google Patents
[6] S. Gyawali, S. Xu, Y. Qian, and R. Q. Hu, ‘‘Challenges and solutions 5 613 039, Mar. 18, 1997.
for cellular based V2X communications,’’ IEEE Commun. Surveys Tuts., [29] R. Ramanathan and J. Redi, ‘‘A brief overview of ad hoc networks: Chal-
vol. 23, no. 1, pp. 222–255, 1st Quart., 2021. lenges and directions,’’ IEEE Commun. Mag., vol. 40, no. 5, pp. 20–22,
[7] A. Awang, K. Husain, N. Kamel, and S. Aissa, ‘‘Routing in vehicular ad- May 2002.
hoc networks: A survey on single- and cross-layer design techniques, and [30] R. Tomar, M. Prateek, and G. H. Sastry, ‘‘Vehicular adhoc network
perspectives,’’ IEEE Access, vol. 5, pp. 9497–9517, 2017. (VANET)—An introduction,’’ Int. J. Control Appl., vol. 9, no. 18,
[8] M. Azees, P. Vijayakumar, and L. J. Deboarh, ‘‘EAAP: Efficient anony- pp. 8883–8888, 2016.
mous authentication with conditional privacy-preserving scheme for [31] R. Prabhakar and K. Ahirwar, ‘‘Comparative study of VANET and
vehicular ad hoc networks,’’ IEEE Trans. Intell. Transp. Syst., vol. 18, MANET routing protocols,’’ in Proc. Int. Conf. Advance Comput. Com-
no. 9, pp. 2467–2476, Sep. 2017. mun. Technol. (ACCT), 2011, pp. 1–7.
[32] M. R. Ghori, K. Z. Zamli, N. Quosthoni, M. Hisyam, and M. Montaser,
[9] S. Al-Sultan, M. M. Al-Doori, A. H. Al-Bayatti, and H. Zedan, ‘‘A com-
‘‘Vehicular ad-hoc network (VANET),’’ in Proc. IEEE Int. Conf. Innov.
prehensive survey on vehicular ad hoc network,’’ J. Netw. Comput. Appl.,
Res. Develop. (ICIRD), May 2018, pp. 1–6.
vol. 37, pp. 380–392, Jan. 2014. [33] D. Emery and R. Hilliard, ‘‘Every architecture description needs a
[10] S. Zeadally, R. Hunt, Y.-S. Chen, A. Irwin, and A. Hassan, ‘‘Vehicular framework: Expressing architecture frameworks using ISO/IEC 42010,’’
ad hoc networks (VANETs): Status, results, and challenges,’’ Telecom- in Proc. Conf. Softw. Archit. Eur. Conf. Softw. Archit. (IEEE/IFIP),
mun. Syst., vol. 50, no. 4, pp. 217–241, 2012. Sep. 2009, pp. 31–40.
[11] S. S. Manvi and S. Tangade, ‘‘A survey on authentication schemes in [34] M. W. Maier, D. Emery, and R. Hilliard, ‘‘ANSI/IEEE 1471 and systems
VANETs for secured communication,’’ Veh. Commun., vol. 9, pp. 19–30, engineering,’’ Syst. Eng., vol. 7, no. 3, pp. 257–270, 2004.
Jul. 2017. [35] W. Liang, Z. Li, H. Zhang, S. Wang, and R. Bie, ‘‘Vehicular ad
[12] R. Mishra, A. Singh, and R. Kumar, ‘‘VANET security: Issues, chal- hoc networks: Architectures, research issues, methodologies, challenges,
lenges and solutions,’’ in Proc. Int. Conf. Electr., Electron., Optim. Techn. and trends,’’ Int. J. Distrib. Sensor Netw., vol. 11, no. 8, Aug. 2015,
(ICEEOT), Mar. 2016, pp. 1050–1055. Art. no. 745303.

153722 VOLUME 9, 2021

S. A. Jan et al.: Survey on Privacy-Preserving Authentication Schemes in VANETs: Attacks, Challenges and Open Issues

[36] W. Schinkel, T. van der Sande, and H. Nijmeijer, ‘‘State estimation for [60] M. Houmer, M. L. Hasnaoui, and A. Elfergougui, ‘‘Security analysis of
cooperative lateral vehicle following using vehicle-to-vehicle communi- vehicular ad-hoc networks based on attack tree,’’ in Proc. Int. Conf. Sel.
cation,’’ Electronics, vol. 10, no. 6, p. 651, Mar. 2021. Topics Mobile Wireless Netw. (MoWNeT), Jun. 2018, pp. 21–26.
[37] B. M. Masini, G. Ferrari, C. Silva, and I. Thibault, ‘‘Connected vehi- [61] K. Lim and D. Manivannan, ‘‘An efficient protocol for authenticated and
cles: Applications and communication challenges,’’ Mobile Inf. Syst., secure message delivery in vehicular ad hoc networks,’’ Veh. Commun.,
vol. 2017, Aug. 2017, Art. no. 1082183. vol. 4, pp. 30–37, Apr. 2016.
[38] F. Azam, S. K. Yadav, N. Priyadarshi, S. Padmanaban, and R. C. Bansal, [62] A. Y. Dak, S. Yahya, and M. Kassim, ‘‘A literature survey on security
‘‘A comprehensive review of authentication schemes in vehicular ad-hoc challenges in VANETs,’’ Int. J. Comput. Theory Eng., vol. 4, no. 6,
network,’’ IEEE Access, vol. 9, pp. 31309–31321, 2021. p. 1007, 2012.
[39] M. S. Sheikh, J. Liang, and W. Wang, ‘‘Security and privacy in vehic- [63] M. Raya, A. Aziz, and J.-P. Hubaux, ‘‘Efficient secure aggregation in
ular ad hoc network and vehicle cloud computing: A survey,’’ Wireless VANETs,’’ in Proc. 3rd Int. Workshop Veh. Ad Hoc Netw. (VANET), 2006,
Commun. Mobile Comput., vol. 2020, pp. 1–25, Jan. 2020. pp. 67–75.
[40] L. Feng, Y. Xiu-Ping, and W. Jie, ‘‘Security transmission routing protocol [64] H. Singh and V. Dhir, ‘‘Distributed agent based technique for detecting
for MIMO-VANET,’’ in Proc. Int. Conf. Cloud Comput. Internet Things, distributed denial-of-service (DDoS) attacks in WLAN,’’ Int. J. Adv. Res.
Dec. 2014, pp. 152–156. Comput. Sci., vol. 9, no. 1, pp. 248–262, 2018.
[41] A. K. Malhi, S. Batra, and H. S. Pannu, ‘‘Security of vehicular ad-hoc [65] A. T. Nguyen, L. Mokdad, and J. Ben Othman, ‘‘Solution of detecting
networks: A comprehensive survey,’’ Comput. Secur., vol. 89, Feb. 2020, jamming attacks in vehicle ad hoc networks,’’ in Proc. 16th ACM Int.
Art. no. 101664. Conf. Modeling, Anal. Simulation Wireless Mobile Syst., Nov. 2013,
[42] C.-L. Chen, ‘‘A survey of authentication protocols in VANET,’’ in pp. 405–410.
Proc. Int. Conf. Broadband Wireless Comput., Commun. Appl. Cham, [66] A. Dhamgaye and N. Chavhan, ‘‘Survey on security challenges in
Switzerland: Springer, 2018, pp. 572–577. VANET 1,’’ Int. J. Comput. Sci., vol. 2, no. 1, pp. 88–96, 2013.
[43] R. G. Engoulou, M. Bellaïche, S. Pierre, and A. Quintero, ‘‘VANET [67] W. Ahmed and M. Elhadef, ‘‘Securing intelligent vehicular ad hoc net-
security surveys,’’ Comput. Commun., vol. 44, pp. 1–13, May 2014. works: A survey,’’ in Advances in Computer Science and Ubiquitous
[44] C. A. Kerrache, C. T. Calafate, J. Cano, N. Lagraa, and P. Manzoni, ‘‘Trust Computing. Singapore: Springer, 2017, pp. 6–14.
management for vehicular networks: An adversary-oriented overview,’’ [68] I. A. Sumra, H. B. Hasbullah, and J.-L. B. AbManan, ‘‘Attacks on security
IEEE Access, vol. 4, pp. 9293–9307, 2016. goals (confidentiality, integrity, availability) in VANET: A survey,’’ in
[45] V. H. La and A. Cavalli, ‘‘Security attacks and solutions in vehicular ad Vehicular Ad-Hoc Networks for Smart Cities. Singapore: Springer, 2015,
hoc networks: A survey,’’ Int. J. Ad Hoc Netw. Syst., vol. 4, no. 2, pp. 1–20, pp. 51–61.
Apr. 2014. [69] A. K. Mishra, A. K. Tripathy, and M. Sinha, ‘‘Customized score-based
[46] F. Al-Hawi, C. Y. Yeun, and M. Al-Qutayti, ‘‘Security challenges for security threat analysis in VANET,’’ in Advances in Distributed Comput-
emerging VANETs,’’ in Proc. 4th Int. Conf. Inf. Technol., Jordan, Amman, ing and Machine Learning. Singapore: Springer, 2021, pp. 3–13.
2009, pp. 3–5. [70] P. Kohli, S. Painuly, P. Matta, and S. Sharma, ‘‘Future trends of security
[47] M. Kassim, R. A. Rahman, and R. Mustapha, ‘‘Mobile ad hoc network
and privacy in next generation VANET,’’ in Proc. 3rd Int. Conf. Intell.
(MANET) routing protocols comparison for wireless sensor network,’’ in
Sustain. Syst. (ICISS), Dec. 2020, pp. 1372–1375.
Proc. IEEE Int. Conf. Syst. Eng. Technol., Jun. 2011, pp. 148–152.
[71] M. L. Das, A. Saxena, V. P. Gulati, and D. B. Phatak, ‘‘A novel remote user
[48] S. Khan, I. Sharma, M. Aslam, M. Z. Khan, and S. Khan, ‘‘Security
authentication scheme using bilinear pairings,’’ Comput. Secur., vol. 25,
challenges of location privacy in VANETs and state-of-the-art solutions:
no. 3, pp. 184–189, 2006.
A survey,’’ Future Internet, vol. 13, no. 4, p. 96, Apr. 2021.
[72] M. Raya and J.-P. Hubaux, ‘‘Security aspects of inter-vehicle communi-
[49] Y. Qian and N. Moayeri, ‘‘Design of secure and application-oriented
cations,’’ in Proc. 5th Swiss Transp. Res. Conf. (STRC), 2005.
VANETs,’’ in Proc. IEEE Veh. Technol. Conf. (VTC Spring), May 2008,
[73] A. Daeinabi and A. G. Rahbar, ‘‘Detection of malicious vehicles (DMV)
pp. 2794–2799.
through monitoring in vehicular ad-hoc networks,’’ Multimedia Tools
[50] T. Wang, L. Kang, and J. Duan, ‘‘Dynamic fine-grained access con-
Appl., vol. 66, no. 2, pp. 325–338, Sep. 2013.
trol scheme for vehicular ad hoc networks,’’ Comput. Netw., vol. 188,
[74] P. Druschel, M. F. Kaashoek, and A. I. Rowstron, Revised Papers From the
Apr. 2021, Art. no. 107872.
[51] H. Hasrouny, A. E. Samhat, C. Bassil, and A. Laouiti, ‘‘VANet security First International Workshop on Peer-to-Peer Systems. Berlin, Germany:
challenges and solutions: A survey,’’ Veh. Commun., vol. 7, pp. 7–20, Springer-Verlag, 2002.
Jan. 2017. [75] H. Wen, P. Y.-R. Huang, J. Dyer, A. Archinal, and J. Fagan, ‘‘Countermea-
[52] S. S. Moni and D. Manivannan, ‘‘A scalable and distributed architecture sures for GPS signal spoofing,’’ in Proc. 18th Int. Tech. Meeting Satell.
for secure and privacy-preserving authentication and message dissemina- Division Inst. Navigat. (ION GNSS), 2005, pp. 1285–1290.
tion in VANETs,’’ Internet Things, vol. 13, Mar. 2021, Art. no. 100350. [76] M. S. Al-kahtani, ‘‘Survey on security attacks in vehicular ad hoc net-
[53] S. Harrabi, I. B. Jaafar, and K. Ghedira, ‘‘Performance analysis of vanets works (VANETs),’’ in Proc. 6th Int. Conf. Signal Process. Commun. Syst.,
routing protocols,’’ Res. Square, Univ. Mannouba, Manouba, Tunisia, Dec. 2012, pp. 1–9.
Tech. Rep., 2021, doi: 10.21203/rs.3.rs-487685/v1. [77] Z. Xu, D. He, N. Kumar, and K.-K.-R. Choo, ‘‘Efficient certificateless
[54] N. Akhtar, S. C. Ergen, and O. Ozkasap, ‘‘Vehicle mobility and com- aggregate signature scheme for performing secure routing in VANETs,’’
munication channel models for realistic and efficient highway VANET Secur. Commun. Netw., vol. 2020, pp. 1–12, Feb. 2020.
simulation,’’ IEEE Trans. Veh. Technol., vol. 64, no. 1, pp. 248–262, [78] A. Ilavendhan and K. Saruladha, ‘‘Comparative analysis of various
Jan. 2014. approaches for DoS attack detection in VANETs,’’ in Proc. Int. Conf.
[55] E. Schoch, F. Kargl, M. Weber, and T. Leinmuller, ‘‘Communication Electron. Sustain. Commun. Syst. (ICESC), Jul. 2020, pp. 821–825.
patterns in VANETs,’’ IEEE Commun. Mag., vol. 46, no. 11, pp. 119–125, [79] M. S. Sheikh, J. Liang, and W. Wang, ‘‘A survey of security services,
Nov. 2008. attacks, and applications for vehicular ad hoc networks (VANETs),’’
[56] Y. Ruan and A. Durresi, ‘‘A survey of trust management systems for Sensors, vol. 19, no. 16, p. 3589, 2019.
online social communities–trust modeling, trust inference and attacks,’’ [80] N.-W. Lo and H.-C. Tsai, ‘‘Illusion attack on VANET applications—
Knowl.-Based Syst., vol. 106, pp. 150–163, Aug. 2016. A message plausibility problem,’’ in Proc. IEEE Globecom Workshops,
[57] M. Jerbi, S.-M. Senouci, T. Rasheed, and Y. Ghamri-Doudane, Nov. 2007, pp. 1–8.
‘‘An infrastructure-free traffic information system for vehicular [81] B. T. Rao, R. L. Patibandla, and V. L. J. C. Narayana, ‘‘Comparative study
networks,’’ in Proc. IEEE 66th Veh. Technol. Conf., Sep. 2007, on security and privacy issues in VANETs,’’ Cloud IoT-Based Veh. Ad Hoc
pp. 2086–2090. Netw., vol. 12, pp. 145–162, Apr. 2021.
[58] S. A. Rashid, L. Audah, M. M. Hamdi, and S. Alani, ‘‘An overview [82] M. Raya, P. Papadimitratos, and J.-P. Hubaux, ‘‘Securing vehicular
on quality of service and data dissemination in VANETs,’’ in Proc. communications,’’ IEEE Wireless Commun., vol. 13, no. 5, pp. 8–15,
Int. Congr. Hum.-Comput. Interact., Optim. Robotic Appl. (HORA), Oct. 2006.
Jun. 2020, pp. 1–5. [83] D. Manivannan, S. S. Moni, and S. Zeadally, ‘‘Secure authentica-
[59] M. Abdelhafidh, N. Charef, A. B. Mnaouer, and L. Chaari, ‘‘A survey tion and privacy-preserving techniques in vehicular ad-hoc NETworks
of blockchain-based solutions for IoTs, VANETs, and FANETs,’’ in (VANETs),’’ Veh. Commun., vol. 25, Oct. 2020, Art. no. 100247.
Enabling Blockchain Technology for Secure Networking and Communi- [84] M. Bellare and P. J. U. C. Rogaway, ‘‘Introduction to modern cryptogra-
cations. Hershey, PA, USA: IGI Global, 2021, pp. 110–148. phy,’’ Ucsd Cse., vol. 207, p. 207, 2005.

VOLUME 9, 2021 153723

 S. A. Jan et al.: Survey on Privacy-Preserving Authentication Schemes in VANETs: Attacks, Challenges and Open Issues

[85] L. Zhang, C. Hu, Q. Wu, J. Domingo-Ferrer, and B. Qin, ‘‘Privacy- [107] S. Kuutti, S. Fallah, K. Katsaros, M. Dianati, F. Mccullough, and
preserving vehicular communication authentication with hierarchical A. Mouzakitis, ‘‘A survey of the state-of-the-art localization techniques
aggregation and fast response,’’ IEEE Trans. Comput., vol. 65, no. 8, and their potentials for autonomous vehicle applications,’’ IEEE Internet
pp. 2562–2574, Aug. 2015. Things J., vol. 5, no. 2, pp. 829–846, Apr. 2018.
[86] J. Sun, C. Zhang, Y. Zhang, and Y. Fang, ‘‘An identity-based [108] R. Hemalatha, ‘‘A survey: Security challenges of VANET and their
security system for user privacy in vehicular ad hoc networks,’’ current solution,’’ Turkish J. Comput. Math. Educ., vol. 12, no. 2,
IEEE Trans. Parallel Distrib. Syst., vol. 21, no. 9, pp. 1227–1239, pp. 1239–1244, Apr. 2021.
Sep. 2010. [109] J. Mahmood, Z. Duan, Y. Yang, Q. Wang, J. Nebhen, and
[87] A. F. J. W. Westin and L. L. Review, ‘‘Privacy and freedom,’’ Washington M. N. M. Bhutta, ‘‘Security in vehicular ad hoc networks: Challenges
Lee Law Rev., vol. 25, no. 1, p. 166, 1968. and countermeasures,’’ Secur. Commun. Netw., vol. 2021, pp. 1–20,
[88] J. Cui, J. Wen, S. Han, and H. Zhong, ‘‘Efficient privacy-preserving Jun. 2021.
scheme for real-time location data in vehicular ad-hoc network,’’ IEEE [110] W. Mao, Modern Cryptography: Theory and Practice. Englewood Cliffs,
Internet Things J., vol. 5, no. 5, pp. 3491–3498, Oct. 2018. NJ, USA: Prentice-Hall, 2003.
[89] J. Cheng, J. Cheng, M. Zhou, F. Liu, S. Gao, and C. Liu, ‘‘Routing in [111] V. S. Miller, ‘‘Use of elliptic curves in cryptography,’’ in Proc. Conf. Appl.
internet of vehicles: A review,’’ IEEE Trans. Intell. Transp. Syst., vol. 16, Cryptograph. Techn. Berlin, Germany: Springer, 1985, pp. 417–426.
no. 5, pp. 2339–2352, Oct. 2015. [112] L. Huang, K. Matsuura, H. Yamane, and K. Sezaki, ‘‘Enhancing wireless
[90] A.-S. K. Pathan, Security of Self-Organizing Networks: MANET, WSN, location privacy using silent period,’’ in Proc. IEEE Wireless Commun.
WMN, VANET. Boca Raton, FL, USA: CRC Press, 2016. Netw. Conf., vol. 2, Mar. 2005, pp. 1187–1192.
[91] L. Wei, J. Cui, H. Zhong, Y. Xu, and L. Liu, ‘‘Proven secure tree-based [113] T. W. Chim, S. M. Yiu, L. C. K. Hui, and V. O. K. Li, ‘‘SPECS: Secure
authenticated key agreement for securing V2V and V2I communications and privacy enhancing communications schemes for VANETs,’’ Ad Hoc
in VANETs,’’ IEEE Trans. Mobile Comput., early access, Feb. 4, 2021, Netw., vol. 9, no. 2, pp. 189–203, 2011.
doi: 10.1109/TMC.2021.3056712. [114] D. Boneh and M. Franklin, ‘‘Identity-based encryption from the Weil
[92] J. S. Alshudukhi, B. A. Mohammed, and Z. G. Al-Mekhlafi, ‘‘An efficient pairing,’’ in Proc. Annu. Int. Cryptol. Conf. Berlin, Germany: Springer,
conditional privacy-preserving authentication scheme for the prevention 2001, pp. 213–229.
of side-channel attacks in vehicular ad hoc networks,’’ IEEE Access, [115] M. N. Mejri, J. Ben-Othman, and M. Hamdi, ‘‘Survey on VANET security
vol. 8, pp. 226624–226636, 2020. challenges and possible cryptographic solutions,’’ Veh. Commun., vol. 1,
[93] J. S. Alshudukhi, Z. G. Al-Mekhlafi, and B. A. Mohammed, no. 2, pp. 53–66, Apr. 2014.
‘‘A lightweight authentication with privacy-preserving scheme for vehic- [116] D. Chaum, ‘‘Security without identification: Transaction systems to make
ular ad hoc networks based on elliptic curve cryptography,’’ IEEE Access, big brother obsolete,’’ Commun. ACM, vol. 28, no. 10, pp. 1030–1044,
vol. 9, pp. 15633–15642, 2021. Oct. 1985.
[94] T. Nandy, M. Y. I. Idris, R. M. Noor, A. W. A. Wahab, S. Bhattacharyya, [117] Q. Mei, H. Xiong, J. Chen, M. Yang, S. Kumari, and M. K. Khan,
R. Kolandaisamy, and M. Yahuza, ‘‘A secure, privacy-preserving, and ‘‘Efficient certificateless aggregate signature with conditional privacy
lightweight authentication scheme for VANETs,’’ IEEE Sensors J., preservation in IoV,’’ IEEE Syst. J., vol. 15, no. 1, pp. 245–256, Mar. 2020.
vol. 21, no. 18, pp. 20998–21011, Sep. 2021. [118] P. K. Singh, S. N. Gowtham, S. Tamilselvan, and S. Nandi, ‘‘CPESP:
[95] X. Zhang, W. Wang, L. Mu, C. Huang, H. Fu, and C. J. W. P. C. Xu, Cooperative pseudonym exchange and scheme permutation to preserve
‘‘Efficient privacy-preserving anonymous authentication protocol for location privacy in VANETs,’’ Veh. Commun., vol. 20, Dec. 2019,
vehicular ad-hoc networks,’’ Wireless Pers. Commun., vol. 120, pp. 1–17, Art. no. 100183.
Jun. 2021. [119] X. Li, H. Zhang, Y. Ren, S. Ma, B. Luo, J. Weng, J. Ma, and X. Huang,
[96] L. Wei, J. Cui, Y. Xu, J. Cheng, and H. Zhong, ‘‘Secure and lightweight ‘‘PAPU: Pseudonym swap with provable unlinkability based on differ-
conditional privacy-preserving authentication for securing traffic emer- ential privacy in VANETs,’’ IEEE Internet Things J., vol. 7, no. 12,
gency messages in VANETs,’’ IEEE Trans. Inf. Forensics Security, pp. 11789–11802, Dec. 2020.
vol. 16, pp. 1681–1695, 2020. [120] J. Qi and T. Gao, ‘‘A privacy-preserving authentication and
[97] M. A. Elsadig and Y. A. Fadlalla, ‘‘VANETs security issues and chal- pseudonym revocation scheme for VANETs,’’ IEEE Access, vol. 8,
lenges: A survey,’’ Indian J. Sci. Technol., vol. 9, no. 28, pp. 1–8, pp. 177693–177707, 2020.
Jul. 2016. [121] S. Wang and N. Yao, ‘‘A RSU-aided distributed trust framework for
[98] M. A. Razzaque, A. Salehi, and S. M. Cheraghi, ‘‘Security and privacy pseudonym-enabled privacy preservation in VANETs,’’ Wireless Netw.,
in vehicular ad-hoc networks: Survey and the road ahead,’’ in Wireless vol. 25, no. 3, pp. 1099–1115, 2019.
Networks and Security. Berlin, Germany: Springer, 2013, pp. 107–132. [122] Q. E. Ali, N. Ahmad, A. H. Malik, G. Ali, M. Asif, M. Khalid, and
[99] F. Qu, Z. Wu, F.-Y. Wang, and W. Cho, ‘‘A security and privacy Y. Cao, ‘‘SPATA: Strong pseudonym-based AuthenTicAtion in intelligent
review of VANETs,’’ IEEE Trans. Intell. Transp. Syst., vol. 16, no. 6, transport system,’’ IEEE Access, vol. 6, pp. 79114–79128, 2018.
pp. 2985–2996, Dec. 2015. [123] A. Boualouache, S.-M. Senouci, and S. Moussaoui, ‘‘PRIVANET:
[100] A. Luckshetty, S. Dontal, S. Tangade, and S. S. Manvi, ‘‘A survey: Com- An efficient pseudonym changing and management framework for vehic-
parative study of applications, attacks, security and privacy in VANETs,’’ ular ad-hoc networks,’’ IEEE Trans. Intell. Transp. Syst., vol. 21, no. 8,
in Proc. Int. Conf. Commun. Signal Process. (ICCSP), Apr. 2016, pp. 3209–3218, Aug. 2020.
pp. 1594–1598. [124] T. Neudecker, N. An, O. K. Tonguz, T. Gaugel, and J. Mittag, ‘‘Feasibil-
[101] E. B. Ajulo, R. O. Akinyede, and O. S. Adewale, ‘‘Security threats ity of virtual traffic lights in non-line-of-sight environments,’’ in Proc.
and privacy issues in vehicular ad-hoc network (VANET): Survey and 9th ACM Int. Workshop Veh. Inter-Netw., Syst., Appl. (VANET), 2012,
perspective,’’ J. Inf., vol. 4, no. 1, pp. 1–9, 2018. pp. 103–106.
[102] Z. Lu, G. Qu, and Z. Liu, ‘‘A survey on recent advances in vehicular [125] Q. E. Ali, N. Ahmad, A. H. Malik, W. U. Rehman, A. U. Din, and
network security, trust, and privacy,’’ IEEE Trans. Intell. Transp. Syst., G. Ali, ‘‘ASPA: Advanced strong pseudonym based authentication in
vol. 20, no. 2, pp. 760–776, Feb. 2018. intelligent transport system,’’ PLoS ONE, vol. 14, no. 8, Aug. 2019,
[103] A. Masood, D. S. Lakew, and S. Cho, ‘‘Security and privacy challenges Art. no. e0221213.
in connected vehicular cloud computing,’’ IEEE Commun. Surveys Tuts., [126] Q. A. Arain, D. Zhongliang, I. Memon, S. Arain, F. K. Shaikh, A. Zubedi,
vol. 22, no. 4, pp. 2725–2764, Jul. 2020. M. A. Unar, A. Ashraf, and R. Shaikh, ‘‘Privacy preserving dynamic
[104] M. Arif, G. Wang, M. Z. A. Bhuiyan, T. Wang, and J. Chen, ‘‘A survey pseudonym-based multiple mix-zones authentication protocol over road
on security attacks in VANETs: Communication, applications and chal- networks,’’ Wireless Pers. Commun., Int. J., vol. 95, no. 2, pp. 505–521,
lenges,’’ Veh. Commun., vol. 19, Oct. 2019, Art. no. 100179. Jul. 2017.
[105] I. Ali, A. Hassan, and F. Li, ‘‘Authentication and privacy schemes for [127] J. Liu, J. Li, L. Zhang, F. Dai, Y. Zhang, X. Meng, and J. Shen, ‘‘Secure
vehicular ad hoc networks (VANETs): A survey,’’ Veh. Commun., vol. 16, intelligent traffic light control using fog computing,’’ Future Gener. Com-
pp. 45–61, Apr. 2019. put. Syst., vol. 78, pp. 817–824, Jan. 2018.
[106] F. Sakiz and S. Sen, ‘‘A survey of attacks and detection mechanisms [128] E. R. Agustina and A. R. Hakim, ‘‘Secure VANET protocol using
on intelligent transportation systems: VANETs and IoV,’’ Ad Hoc Netw., hierarchical pseudonyms with blind signature,’’ in Proc. 11st Int. Conf.
vol. 61, pp. 33–50, Jun. 2017. Telecommun. Syst. Services Appl. (TSSA), Oct. 2017, pp. 1–4.

153724 VOLUME 9, 2021

S. A. Jan et al.: Survey on Privacy-Preserving Authentication Schemes in VANETs: Attacks, Challenges and Open Issues

[129] A. Shamir, ‘‘Identity-based cryptosystems and signature schemes,’’ in [152] A. Maria, V. Pandi, J. D. Lazarus, M. Karuppiah, and M. S. Christo,
Proc. Workshop Appl. Cryptograph. Techn., vol. 1984. Springer, 1985, ‘‘BBAAS: Blockchain-based anonymous authentication scheme for pro-
pp. 47–53. viding secure communication in VANETs,’’ Secur. Commun. Netw.,
[130] I. Ali and F. Li, ‘‘An efficient conditional privacy-preserving authentica- vol. 2021, pp. 1–11, Feb. 2021.
tion scheme for vehicle-to-infrastructure communication in VANETs,’’ [153] J. Zhang, Q. Zhang, X. Lu, and Y. Gan, ‘‘A novel privacy-preserving
Veh. Commun., vol. 22, Apr. 2020, Art. no. 100228. authentication protocol using bilinear pairings for the VANET envi-
[131] S. Wang and N. Yao, ‘‘LIAP: A local identity-based anonymous mes- ronment,’’ Wireless Commun. Mobile Comput., vol. 2021, pp. 1–13,
sage authentication protocol in VANETs,’’ Comput. Commun., vol. 112, Jun. 2021.
pp. 154–164, Nov. 2017. [154] Y. Chen, J. Yuan, and Y. Zhang, ‘‘An improved password-authenticated
[132] Z. Wei, J. Li, X. Wang, and C.-Z. Gao, ‘‘A lightweight privacy-preserving key exchange protocol for VANET,’’ Veh. Commun., vol. 27, Jan. 2021,
protocol for vanets based on secure outsourcing computing,’’ IEEE Art. no. 100286.
Access, vol. 7, pp. 62785–62793, 2019. [155] X. Li, J. Liu, M. S. Obaidat, P. Vijayakumar, Q. Jiang, and R. Amin,
[133] I. Ali, T. Lawrence, and F. Li, ‘‘An efficient identity-based signature ‘‘An unlinkable authenticated key agreement with collusion resistant for
scheme without bilinear pairing for vehicle-to-vehicle communication in VANETs,’’ IEEE Trans. Veh. Technol., vol. 70, no. 8, pp. 7992–8006,
VANETs,’’ J. Syst. Archit., vol. 103, Feb. 2020, Art. no. 101692. Aug. 2021.
[134] L. Zhang, Q. Wu, J. Domingo-Ferrer, B. Qin, and C. Hu, ‘‘Distributed [156] S. Lv and Y. Liu, ‘‘PLVA: Privacy-preserving and lightweight V2I
aggregate privacy-preserving authentication in VANETs,’’ IEEE Trans. authentication protocol,’’ IEEE Trans. Intell. Transp. Syst., early access,
Intell. Transp. Syst., vol. 18, no. 3, pp. 516–526, Mar. 2016. Feb. 24, 2021, doi: 10.1109/TITS.2021.3059638.
[135] X. Li, T. Liu, M. S. Obaidat, F. Wu, and P. Vijayakumar, ‘‘A lightweight [157] S. Nakamoto, ‘‘Bitcoin: A peer-to-peer electronic cash system,’’ Decen-
privacy-preserving authentication protocol for VANETs,’’ IEEE Syst. J., tralized Bus. Rev., p. 21260, Oct. 2008. [Online]. Available: https://
vol. 14, no. 3, pp. 3547–3557, May 2020. bitcoin.org/bitcoin.pdf
[136] S. A. Alfadhli, S. Lu, A. Fatani, H. Al-Fedhly, and M. Ince, ‘‘SD2PA: [158] I. Ali, M. Gervais, E. Ahene, and F. Li, ‘‘A blockchain-based certificate-
A fully safe driving and privacy-preserving authentication scheme for less public key signature scheme for vehicle-to-infrastructure communi-
VANETs,’’ Hum.-Centric Comput. Inf. Sci., vol. 10, no. 1, pp. 1–25, cation in VANETs,’’ J. Syst. Archit., vol. 99, Oct. 2019, Art. no. 101636.
Dec. 2020. [159] X. Zhang and X. Chen, ‘‘Data security sharing and storage based on
[137] H. Vasudev and D. Das, ‘‘P2 -SHARP: Privacy preserving secure hash a consortium blockchain in a vehicular ad-hoc network,’’ IEEE Access,
based authentication and revelation protocol in IoVs,’’ Comput. Netw., vol. 7, pp. 58241–58254, 2019.
vol. 191, May 2021, Art. no. 107989. [160] Z. Lu, Q. Wang, G. Qu, H. Zhang, and Z. Liu, ‘‘A blockchain-based
[138] J. Cui, X. Tao, J. Zhang, Y. Xu, and H. Zhong, ‘‘HCPA-GKA: A hash privacy-preserving authentication scheme for VANETs,’’ IEEE Trans.
function-based conditional privacy-preserving authentication and group- Very Large Scale Integr. (VLSI) Syst., vol. 27, no. 12, pp. 2792–2801,
key agreement scheme for VANETs,’’ Veh. Commun., vol. 14, pp. 15–25, Dec. 2019.
Oct. 2018. [161] Y.-T. Yang, L.-D. Chou, C.-W. Tseng, F.-H. Tseng, and C.-C. Liu,
[139] X. Zhu, Y. Lu, X. Zhu, and S. Qiu, ‘‘Lightweight and scalable secure com- ‘‘Blockchain-based traffic event validation and trust verification for
munication in VANET,’’ Int. J. Electron., vol. 102, no. 5, pp. 765–780, VANETs,’’ IEEE Access, vol. 7, pp. 30868–30877, 2019.
May 2015. [162] C. Wang, J. Shen, J. F. Lai, and J. Liu, ‘‘B-TSCA: Blockchain
[140] S. A. Alfadhli, S. Alresheedi, S. Lu, A. Fatani, and M. Ince, ‘‘ELCPH: assisted trustworthiness scalable computation for V2I authentication
An efficient lightweight conditional privacy-preserving authentication in VANETs,’’ IEEE Trans. Emerg. Topics Comput., vol. 9, no. 3,
scheme based on hash function and local group secrete key for VANET,’’ pp. 1386–1396, Sep. 2020.
in Proc. World Symp. Softw. Eng. (WSSE), 2019, pp. 32–36. [163] Z. Ma, J. Zhang, Y. Guo, Y. Liu, X. Liu, and W. He, ‘‘An efficient
[141] N. V. Vighnesh, N. Kavita, S. R. Urs, and S. Sampalli, ‘‘A novel sender decentralized key management mechanism for VANET with blockchain,’’
authentication scheme based on hash chain for vehicular ad-hoc net- IEEE Trans. Veh. Technol., vol. 69, no. 6, pp. 5836–5849, Jun. 2020.
works,’’ in Proc. IEEE Symp. Wireless Technol. Appl. (ISWTA), Sep. 2011, [164] L. Zhang, M. Luo, J. Li, M. H. Au, K.-K.-R. Choo, T. Chen, and S. Tian,
pp. 96–101. ‘‘Blockchain based secure data sharing system for internet of vehicles:
[142] J. Camenisch and M. Stadler, ‘‘Efficient group signature schemes for large A position paper,’’ Veh. Commun., vol. 16, pp. 85–93, Apr. 2019.
groups,’’ in Proc. Annu. Int. Cryptol. Conf. Springer, 1997, pp. 410–424. [165] S. Kudva, S. Badsha, S. Sengupta, I. Khalil, and A. Zomaya, ‘‘Towards
[143] Y. Jiang, S. Ge, and X. Shen, ‘‘AAAS: An anonymous authentication secure and practical consensus for blockchain based VANET,’’ Inf. Sci.,
scheme based on group signature in VANETs,’’ IEEE Access, vol. 8, vol. 545, pp. 170–187, Feb. 2021.
pp. 98986–98998, 2020. [166] P. Cencioni and R. Di Pietro, ‘‘A mechanism to enforce privacy in vehicle-
[144] K. Lim, K. M. Tuladhar, X. Wang, and W. Liu, ‘‘A scalable and secure key to-infrastructure communication,’’ Comput. Commun., vol. 31, no. 12,
distribution scheme for group signature based authentication in VANET,’’ pp. 2790–2802, Jul. 2008.
in Proc. IEEE 8th Annu. Ubiquitous Comput., Electron. Mobile Commun.
Conf. (UEMCON), Oct. 2017, pp. 478–483.
[145] C. Zhang, X. Xue, L. Feng, X. Zeng, and J. Ma, ‘‘Group-signature and
group session key combined safety message authentication protocol for
VANETs,’’ IEEE Access, vol. 7, pp. 178310–178320, 2019.
[146] Y. Zheng, G. Chen, and L. Guo, ‘‘An anonymous authentication scheme
in VANETs of smart city based on certificateless group signature,’’ Com-
plexity, vol. 2020, pp. 1–7, Jun. 2020.
[147] X. Yue, B. Chen, X. Wang, Y. Duan, M. Gao, and Y. He, ‘‘An efficient
and secure anonymous authentication scheme for VANETs based on the
framework of group signatures,’’ IEEE Access, vol. 6, pp. 62584–62600,
2018. SAGHEER AHMED JAN received the bachelor’s
[148] P. Cirne, A. Zúquete, and S. Sargento, ‘‘TROPHY: Trustworthy VANET degree (Hons.) in computer science from Hazara
routing with group authentication keys,’’ Ad Hoc Netw., vol. 71, University Mansehra, Pakistan, in 2012, and the
pp. 45–67, Mar. 2018. master’s degree in computer science from Haz-
[149] T. Gao and J. Qi, ‘‘An anonymous access authentication scheme for
ara University Mansehra, in 2015, with a spe-
VANETs based on ID-based group signature,’’ in Proc. Int. Conf. Broad-
cialization in information security, where he is
band Wireless Comput., Commun. Appl. Springer, 2018, pp. 490–497.
[150] X. Zhu, S. Jiang, L. Wang, H. Li, W. Zhang, and Z. Li, ‘‘Privacy- currently pursuing the Ph.D. degree in computer
preserving authentication based on group signature for VANETs,’’ science. He has served as a SST IT at the Ele-
in Proc. IEEE Global Commun. Conf. (GLOBECOM), Dec. 2013, mentary and Secondary Education KPK, Pakistan.
pp. 4609–4614. Later, he joined as a Lecturer at Hazara University
[151] H. Jiang, L. Hua, and L. Wahab, ‘‘SAES: A self-checking authentication Mansehra. Currently, he is serving as a Lecturer for the Higher Education
scheme with higher efficiency and security for VANET,’’ Peer Peer Netw. Department KPK. His research interests include wireless networks, the IoT,
Appl., vol. 14, no. 2, pp. 528–540, Mar. 2021. applied cryptography, and information security.

VOLUME 9, 2021 153725

 S. A. Jan et al.: Survey on Privacy-Preserving Authentication Schemes in VANETs: Attacks, Challenges and Open Issues

NOOR UL AMIN received the master’s degree in MAZHAR ALI received the M.S. degree from
computer science from the University of Peshawar, the Royal Institute of Technology (KTH),
Pakistan, in 1996, and the Ph.D. degree in com- Stockholm, Sweden, in 2009, and the Ph.D. degree
puter science from the Department of Information from the Department of Electrical and Com-
Technology, Hazara University Mansehra, Pak- puter Engineering, North Dakota State University
istan. He was the Head of the Department of (NDSU), Fargo, ND, USA, in 2015. He is currently
Information Technology and the Director of IT, an Assistant Professor with the COMSATS Uni-
Hazara University Mansehra, for 11 years, where versity Islamabad, Abbottabad, Pakistan. His cur-
he is currently the Chair of the Department of rent research interests include cloud computing,
Telecommunication. He has recently completed a information security, smart health, and data and
Research and Development Project sponsored by the Ministry of Science social network analysis.
and Technology, Pakistan. He has established seven hi-tech research and
development labs.

ARIF IQBAL UMAR received the M.Sc. degree in

computer science from the University of Peshawar,
Pakistan, and the Ph.D. degree in computer sci-
ence from Beihang University (BUAA), Beijing,
China. He has been working as an Associate Pro-
fessor of computer science with the Department
MOHAMED OTHMAN (Senior Member, IEEE) of Information Technology, Hazara University
received the Ph.D. degree (Hons.) from the Mansehra. He has been leading the Department as
National University of Malaysia. He was the the Chairperson. He has supervised seven Ph.D.
Deputy Director of the Information Development candidates and 34 M.S. candidates. He is the
and Communication Center, where he was in author of more than 70 research publications in the leading research journals
charge of the UMPNet Network Campus, uSport and conferences. He has at his credit 27 years’ experience of teaching,
Wireless Communication Project, and the UPM research, planning, and academic management. His research interests include
Datacenter. He is also an Associate Researcher data mining, machine learning, information retrieval, digital image process-
and a Coordinator of the high-speed machine ing, computer networks security, and sensor networks.
with the Laboratory of Computational Science and
Mathematical Physics, Institute of Mathematical Research, Universiti Putra
Malaysia (UPM). He is currently a Professor in computer science with the
Department of Communication Technology and Network, UPM. He has
published over 300 international journals and 330 proceeding papers. He has ABDUL BASIR received the bachelor’s degree
also filed six Malaysian, one Japanese, one South Korean, and three U.S. (Hons.) in computer science from Hazara Univer-
patents. His main research interests include computer networks, parallel sity Mansehra, Pakistan, in 2008, and the master’s
and distributed computing, high-speed interconnection networks, network degree in computer science from Hazara Univer-
design and management (network security, wireless, and traffic monitoring), sity Mansehra, in 2015, with a specialization in
consensus in IoT, and mathematical model in scientific computing. He is information security, where he is currently pursu-
a Life Member of the Malaysian National Computer Confederation and ing the Ph.D. degree in computer science. He has
the Malaysian Mathematical Society. In 2017, he received an Honorable served as a Visiting Lecturer for Hazara University
Professor from South Kazakhstan Pedagogical University, Shymkent, Kaza- Mansehra. Currently, he is serving as a SST for
khstan, and also a Visiting Professor with South Kazakhstan State University, the Elementary and Secondary Education KPK,
Shymkent, and L. N. Gumilyov Eurasian National University, Astana, Kaza- Pakistan. His research interests include wireless networks, the IoT, applied
khstan. He was a recipient of the Best Ph.D. Thesis by Sime Darby Malaysia cryptography, and information security.
and the Malaysian Mathematical Science Society.

153726 VOLUME 9, 2021