New Cetificateless Aggregate Signature Algorithm for Vehicular Ad hoc Networks

Certificateless public cryptography can solve the problem of certificates management of the public key infrastructure and overcome the key escrow problem of the identity-based public cryptography. Aggregate signature, which can compress many signatures of messages generated by different users into single signature on different messages, was applied to reduce the cost of computation and communication in the resource constrained-environments. Recently, Wang et al. presented a probably secure cetificateless aggregate signature algorithm for vehicular ad hoc networks, they claimed that their schemes are secure against the adversaries. Nevertheless, in this paper, we show that their schemes are insecure against normal Type II adversary. The malicious key generation center (KGC) can get the user’s partial private key to realize the passive attack. We describe the processes of forging attacks in detail and analyze the main reasons aiming at two different attacks. Moreover, we proposed a novel scheme to improve the security of Wang et al.’s schemes.