LEPA: Low-overhead and Efficient Privacy-preserving Authentication Scheme in VANETs

Abstract The dynamic nature of Vehicular Ad-hoc Networks (VANETs) necessitate suitable authentication schemes to prevent intruders from compromising the privacy of vehicles. In order to maintain the privacy of vehicles, several schemes using pseudonyms instead of real IDs of vehicles have been proposed in the literature. When vehicles use pseudonyms instead of their real IDs in their communication, authenticating the vehicles becomes an issue. Assigning a single pseudonym to a vehicle does not solve the problem because, based on a vehicle's trajectory, an intruder can track the vehicle. So, a vehicle needs to change its pseudonym frequently. So, to ensure the privacy of the vehicle, each vehicle should be assigned a pool of pseudonyms, and the vehicle should be able to pick a pseudonym from the pool and use it and also change its pseudonym periodically. In many of the existing works, for authentication purposes, a central entity is used to issue certificates corresponding to each pseudonym assigned to a vehicle and distribute them to the vehicle so it can present the certificate to authenticate itself. However, this approach involves significant computation, storage, and distribution overhead of the revoked certificates of pseudonyms of malicious vehicles because each vehicle is assigned a large number of pseudonyms. We address this issue and propose a Low-overhead and Efficient Privacy-preserving Authentication (LEPA) scheme for VANETs by leveraging Merkle Hash Tree (MHT) and Cuckoo Filter (CF). We analyze and verify the robustness of the LEPA scheme against various attacks. The performance evaluation demonstrates the efficiency of the LEPA scheme with respect to authentication overhead.