CLASRM: A Lightweight and Secure Certificateless Aggregate Signature Scheme with Revocation Mechanism for 5G-Enabled Vehicular Networks

Abstract

The rapid deployment of 5G technology has further strengthened the large-scale interconnection between sensing devices and systems and promoted the rapid development of smart cities and intelligent transportation systems. 5G-enabled vehicular networks take advantage of cellular vehicle-to-everything (C-V2X) technology to achieve the connection between moving vehicles, between vehicles and infrastructure, and between vehicles and the cloud, which can reduce the possibility of traffic jams and accidents, improve transportation efficiency, and realize automatic driving. Besides, 5G-enabled vehicular networks also provide infotainment services and industry application services. High-strength data transmission, however, will bring a serious burden of resource overhead, and there are hidden dangers of security and privacy in the communication process of vehicular networks. Some current vehicular network authentication schemes adopt public key infrastructure-based (PKI-based) and identity-based authentication methods to achieve conditional privacy preservation. Still, these schemes are too expensive and cannot address the problems of costly certificate management or risky key escrow. Some schemes use computationally complex bilinear pairing operations that result in low efficiency and do not consider the revocation of malicious nodes so that they cannot effectively prevent further malicious attacks. This paper proposes a lightweight certificateless aggregate signature (CLAS) scheme with a revocation mechanism suitable for 5G-enabled vehicular networks in response to the above problems. Our proposed scheme uses aggregation signature technology to aggregate multiple signatures into a single short signature, thus reducing communication overhead and storage overhead of road side units (RSUs). Furthermore, our proposed scheme utilizes the elliptic curve cryptography (ECC) to reduce verification time and computational overhead. Moreover, in order to prevent malicious users from sending invalid signatures to attack, our proposed scheme uses binary search to identify invalid signatures and introduces a cuckoo filter to revoke malicious users to prevent reattack. Finally, formal proof and experimental analysis show that our proposed scheme has greater advantages with respect to security and efficiency compared with the previous schemes.