A Secure and Efficient Message Authentication Protocol for Vehicular Ad HocNetworks with Privacy Preservation(MAPWPP)

Subhashree Behera∗, Bharati Mishra†, Priyadarshini Nayak‡and Debasish Jena§Department of Computer Science and EngineeringInternational Institute of Information Technology

Bhubaneswar, India∗ Email: mikibehera@gmail.com† Email: bmbharati@gmail.com

‡ Email: priya0306nayak@gmail.com§ Email: debasish@gmail.com

Abstract—Reliability, efficient bandwidth utilisation, consis-tency and authenticity are some of the required applicationsthat are required for proper implementation of vehicular ad-hoc networks(VANETs). As vehicular Ad hoc Networks areexpected to greatly influence and improve road safety as wellas driving conditions, they are attracting much attention thesedays. But along with all the benefits that it offers, there ismore chance of giving way to frequent and severe maliciousattacks. Due to this reason much attention is being given to thesecurity and privacy issues in VANETs. A lot of research workis being performed to improve the standards of this network.In this paper we present a security protocol for VANETfor message authentication which also promises privacy forits users. Privacy is a big issue in today’s information age.Information is abundant but getting the authentic informationat appropriate time and place is very crucial.

Keywords-Vehicular network; security; privacy preservation;vehicular communication; ECDSA.

I. INTRODUCTION

Vehicular ad hoc networks (VANETs) are special kind of

mobile ad hoc networks (MANET) where the vehicles and

the road side units (RSUs) are the network nodes and they

communicate using wireless technologies such as Dedicated

Short Range Communications (DSRC)[1].They are different

from MANET in that the nodes are moving with very high

speed obeying some traffic rules and constrained by the

road topology. The RSUs provide the fixed infrastructure

which help in packet forwarding. VANETs are deployed to

improve road safety, traffic management and driver comfort.

But to achieve this, there are many security challenges like

message authentication, privacy preservation, message non-

repudiation, entity authentication, access control, message

confidentiality, availability, liability identification etc[2]-[6].

Researchers have published a number of papers address-

ing one or more such challenges. There are a numbers

security attacks like denial of service attack, grey hole

attack. Some of the publications have addressed a couple

of such attacks. Before deploying VANET in real life

scenario extensive analysis and performance evaluation of

the proposed protocols should be carried out. The proposed

Figure 1. 802.11p based vehicular communications in cities.[15]

protocols should conform to the security standards and

should incorporate all possible scenarios.

The remainder of the paper is organized as follows. In

the next section we describe some of the related works. In

section III we introduce the preliminaries required for our

proposed protocol. In section IV, the proposed protocol is

defined. Section V is about security analysis of our proposed

model. In section VI, performabce analysis of our work

is described. Then finally, in section VII we provide the

conclusion and future work.

II. RELATED WORKJonathan Petit and Toulouse introduced the overhead of

ECDSA and focus the analysis on the time complexity

of this algorithm[10]. They analyze the impact of the

authentication processing on the braking distance. Giorgio

Calandriello et al. proposed a scheme to achieve efficient

and robust pseudonym-based authentication[11]. Their pro-

posal enables vehicle on-board units to generate their own

pseudonyms without affecting the system security. Chun-

Ta Li et al. scheme uses blind signature techniques to

enable vehicles to anonymously interact with the services

of roadside infrastructure (RSU)[12]. In Brijesh Kumar

Chaurasia et al’s. [13] scheme, multiple temporary identities

(pseudonyms) are assigned to each vehicle in the network. A

vehicle changes its pseudonym after each transmission. For

privacy preservation, distinct pseudonyms hide their relation

from each other and to the user’s identity. The pseudonym

change scheme can lead to a major problem called the

Sybil Attack. Qianhong Wu et al. [14] paper presented a

new primitive called the Message Linkable Group Signature

(MLGS), in which a vehicle stays anonymous if it produces

one signature on each message. However, if it produces

two signatures on one message, then the attacker will be

found by a trusted authority, which effectively prevents the

Sybil attack in a privacy-preserving system. When a vehicle

receives multiple signatures on the same message, it can

distinguish by itself (with the help of the TA) whether the

message was signed by the same cheating vehicle multiple

times or by multiple honest vehicles. In this paper we

propose a protocol which uses ECDSA signature generation

and verification methods to achieve message authentication

and conditional privacy preservation. Our paper is similar to

one proposed by S. S. Manvi et al [8].But their protocol does

not take care of privacy preservation. Our protocol achieves

privacy preservation through the use of pseudonyms. But in

contrast Giorgio Calandriello et al. [11] proposed scheme,

we proposed that the vehicles shall take the help of RSUs

to generate the pseudonyms. As RSU’s have more powerful

processing power, they can help in pseudonym generation

and message transmission.

III. PRELIMINARIES

As a priliminary, we used some cryptographic techniques

and basic tools in our scheme. The security of our scheme is

based on Elliptic curve digital signature algorithm. A brief

review of this is provided as follows.

A. Elliptic Curve CryptographyECC is a public key cryptography[17]. Public key cryp-

tography, unlike private key cryptography, does not require

any shared secret between the communicating parties but

it is much slower than the private key cryptography. The

mathematical operations of ECC is defined over the elliptic

curve y2 = x3 + ax + b,where 4a3 + 27b2 = 0. Each

value of the a and b gives a different elliptic curve. All

points (x,y) which satisfies the above equation plus a point

at infinity lies on the elliptic curve. The public key is a

point in the curve and the private key is a random number.

The public key is obtained by multiplying the private key

with the generator point G in the curve. The generator point

G, the curve parameters a and b, together with few more

constants constitutes the domain parameter of ECC. One

main advantage of ECC is its small key size. A 160-bit key

in ECC is considered to be as secured as 1024-bit key in

RSA algorithm.

B. ECDSA - Elliptic Curve Digital Signature AlgorithmECDSA is a variant of the Digital Signature Algorithm

(DSA) that operates on elliptic curve groups [18]. For

sending a signed message from source to destination, both

have to agree up on Elliptic Curve domain parameters.

Sender have a key pair consisting of a private key di(a

randomly selected integer less than n, where n is the order of

the curve, an elliptic curve domain parameter) and a public

key Qi = diG (G is the generator point, an elliptic curve

domain parameter).

C. ECDSA based message authentication in VANETs1) Signature generation: For signing a message m

by sender i, using i’s private key di. a) Calculate e =HASH(m). b) Select a random integer k from [1,n−1].c) Calculate r = x1modn, where (x1, y1) = kG. If r = 0,

go to step 2. d) Calculate s = k−1(e+dir) mod n. If s = 0,

go to step 2. e) The signature is the pair (r, s).2) Signature verification: For j to authenticate i’s sig-

nature, j must have i’s public key Qi. a)Verify that rand s are integers in [1, n − 1]. If not, the signature is

invalid. b) Calculate e = HASH(m), where HASH is the

same function used in the signature generation. c) Calculate

w = s−1 mod n. d) Calculate u1 = ew mod n and u2 = rwmod n. e) Calculate (x1, y1) = u1G+u2Qi. f) The signature

is valid if x1 = r mod n, invalid otherwise.

IV. DESIGN GOALS

The design goal of this paper is to develop a secure

and efficient protocol for VANET that will provide mutual

authentication with privacy preservation. In particular, it

shall achieve following goals.

• Providing message authentication:

• Provide privacy preservation:

• Eliminate Gray hole attack:

• Eliminate Sybil attack:

V. THE PROPOSED PROTOCOLIn this section we propose an RSU aided message au-

thentication scheme which also provides conditional privacy

preservation. When a vehicle come in the range of RSU, it

requests the RSU for a temporary ID known as pseudoID

which remain valid till the vehicle moves to another RSU’s

range. This pseudoID can be used by the sender vehicle for

its identity instead of its actual identity. When the vehicle

wants to send a message, the vehicle signs the message

with its private key using ECDSA signature and append its

temporary ID in place of sender address. The vehicle which

receives the message, query the RSU for the public key of

the sender vehicle and provides the sender’s pseudo ID in the

request. The RSU find out the actual ID from the pseudoID

and broadcast the corresponding public key of the sender

vehicle. The interested vehicles verify the sender vehicle’s

signature and thus authenticate the message but the sender’s

Table INOTATIONS USED THROUGH THE PROPOSED SCHEME

Symbol DescriptionQi, di Public and Private key of vehicle iTIDi Temporary ID of vehicle i

V IDi Actual ID of ith vehicleS SourceD DestinationRSUPr Private key of RSUHASH(m) A cryptographic hash function on message

m⊕ Ex-Or operationTD Timestamp,which Dest. attachesTS Timestamp,which source attachesa||b Concatenation of a and bTIDS , TIDI ,TIDD

Temporary ID of Source, Intermediate andDestination vehicle

D Elliptic curve domain parameter

Mi Message sent in ith iteration

ACKj Acknowledgement in jth iteration

identity remains anonymous to the receiving vehicles. The

details of the protocol shall be given in the following section.

Notations used throughout this article are summarized in

table 1 and the details of the proposed scheme are described

as follows.

A. Vehicle Registration with Trusted AuthorityBefore VANET setup, interested vehicles register them-

selves with transport authorities. This will be an offline

process. The vehicle owner provides its identity, address and

proof for the same. After verification, the transport authority

ask the owner to provide the key pool to be registered. The

vehicle owner generate a pool of ECDSA public-private

key pairs using following algorithm. A vehicle’s key pair

is associated with a particular set of elliptc curve domain

parameters D = (q, FR, a, b, G, n, h). This association is

assured cryptographically i.e. through certificates.

1. Select a random or pseudorandom integer d in the

interval [1, n-1]

2. Compute Qi = di * G

3. A’s public key is Qi and private key is di.

4. For different value of di, different Qi values get

generated which form the pool of public keys for vehicle

i.

Vehicle i register these public keys against its ID which

is V IDi. These public keys have a validity period. After

the validity period expires, A renew the public key pool

by generating and registering a fresh set of public keys. The

transport authority issue certificates authenticating the public

keys. For this it sign the certificates with its private key. Any

third party can validate these certificates using the public key

of the trusted authority(TA).

B. RSU InstallationAfter vehicle registration, the transport authority deploys

RSUs at each road section. It upload the details of the entire

vehicle registered till date to the RSU. In turn the RSU also

get registered with the TA and its public key is conveyed to

all the registered vehicles.

C. Temporary Identity AcquisitionWhen a vehicle’s range reaches an RSU, the vehicle sends

a request to the RSU to provide a temporary identity. It also

sends its identity and public key certificate which it uses

in further communication. The RSU validates the identity

and the certificate for the public key. Then it generate a

temporary identity for the vehicle and send it in the reply.

TIDi = V IDi ⊕ (RSUPr)

D. Message transferThe message transfer by the vehicle can be broadly

categorized into two types.

1) Broadcast of message: Here the vehicle broadcasts the

message to all the vehicles those come under its wireless

range. This communication is mainly concern about the

safety purpose of other vehicles. For example one vehicle

can broadcast the message concerning about the crash hap-

pened in a certain place to all other vehicle in its wireless

range so that all other vehicles can be aware of the incident.

This process consists of the following steps.

• Signing the Messages

When the vehicle wants to send a message,it signs the

message with its private key corresponding to the public

key it has conveyed to the RSU. It send its true identity.

Instead it uses its temporary identity.

• Public Key Look up

The vehicle which receives the message and signature

enquires the nearby RSU for the public key correspond-

ing to the TIDi. The RSU calculates V IDi from the

TIDi.

V IDi = TIDi ⊕ (RSUPr)

Then it retrieves the public key for the V IDi and

broadcast it. The interested vehicles use the public key

for verification of the message received.

• Message Signature Verification The vehicles after re-

ceiving the public key verify the signature on the

message using ECDSA signature verification method

described above.

2) Personalized message transfer: Unlike the broadcast

of message, here is the existence of only one destination

vehicle. This personalized message transfer has two cases.

In the 1st case, the destination vehicle is present in the range

of both source and RSU. In the 2nd case, the destination

vehicle is not present in the range of source but present in the

range of RSU. Here prior to the communication the source

vehicle should know the temporary ID of the destination

vehicle. One assumption is taken i.e. the range of RSU is

more than the range of vehicle. The whole process is divided

into two steps.

I. Checking of the presence of destination vehicle inthe range of RSU: In this step the source vehicle checks

whether the destination vehicle is present in the range of

RSU or not. The detail process is described in the following

steps.

Step 1: The source vehicle sends the temporary id of

his own (TIDS) and temporary id of destination vehicle

(TIDD) to RSU.

Step 2: After getting the temporary ids, RSU checks his

own database that whether the destination vehicle is present

in the range or not.

Step 3: If the destination vehicle is present in the range

of RSU, then RSU sends a positive acknowledgement to the

source vehicle otherwise it sends a negative acknowledge-

ment.

Step 4: If negative acknowledgement comes from RSU,

then the communication process stops. If there is positive ac-

knowledgement from RSU, then the communication process

starts.

II. Communication process Prior communication pro-

cess starts, there are some computations done by source

vehicle. Source vehicle first selects a random number a.

It computes C = (QD2)HASH(TS)∗dS where QD is the

public key of destination and dS is the private key of the

source. Then it computes C ⊕ a. According to the position

of presence of destination vehicle there are two cases.

a) Destination is in the range of both source and RSUIn this case the destination vehicle is present in the range of

both source and RSU.

Step 5: The source vehicle sends the TIDS , TIDD, TS ,

C ⊕ a to destination vehicle. The C is calculated by the

source vehicle before.

Step 6: At first the destination vehicle checks whether

the received temporary destination id is his own or not.

If it doesnot match then the message is dropped. If it

matches then the destination vehicle computes C1 =(QS

2)HASH(TS)∗dD where QS and dD are public key of

source and private key of destination respectively. After

computing C ′, it recovers the random number a by com-

puting C ⊕ a ⊕ C1 . Then it will select a random no. b.

Then it computes K = HASH(a||b||0).Step 7: The destination vehicle sends TIDD, TIDS , TD,

C ′ ⊕ (b||k) to the source vehicle.

Step 8: The source vehicle has previously computed

C. Now the source vehicle recovers b and k by comput-

ing C ′ ⊕ (b||k) ⊕ C. Then the source vehicle compute

k1 = H(a||b||0). Then it compare k with k1. If both are

equal to each other then the destination vehicle is proved

as authenticated and mutual authentication get established

between source and destination.

Step 9: After authenticating each other message transfer

starts between source and destination.The source vehicle

sends TIDS , TIDD, TS , C⊕Mi to the destination vehicle

where Mi is the message transferred at ith iteration. The

destination vehicle recovers the message Mi by computing

C ⊕ Mi ⊕ C ′.Step 10: After recovering the message the destination

vehicle send an acknowledgement to the source vehicle.

So it sends TIDS , TIDD, TD, C ′ ⊕ ACKj to the source

vehicle. The source vehicle recovers ACKj by computing

C ′ ⊕ ACKj ⊕ C.

b) Destination is not in the range of source but in therange of RSU: In this case the destination vehicle is not

present in the range of source but it is present in the range

of RSU. The detail process is explained in various steps.

Step 5 : As the destination vehicle is not present in the

range of source vehicle, the source vehicle sends TIDS ,

TIDD, TS , C ⊕ a to all the vehicles that are present in the

range of source . The C is calculated by the source vehicle

before.

Step 6: In this step, all the intermediate vehicles who got

the message from the source vehicle checks that whether

the destination vehicle is present in their range. Any of

them who finds the destination in his range, forwards TIDS ,

TIDV , TIDD, TS , C ⊕ a to the destination vehicle.

Step 7: At first the destination vehicle checks whether

the received temporary destination id is his own or not.

If it doesn’t match then the message is dropped. If it

matches then the destination vehicle computes C ′ =(QS

2)HASH(TS)∗dD where QS and dD are public key of

source and private key of destination respectively. After

computing C ′, it recovers the random number a by com-

puting C⊕a⊕C ′ . Then it will select a random no. b. Then

it computes K = HASH(a||b||0).Step 8: The destination vehicle sends TIDD, TIDI ,

TIDS , TD, C ′ ⊕ (b||k) to the intermediate vehicle.

Step 9: The intermediate vehicle forwards TIDD, TIDI ,

TIDS , TD, C ′ ⊕ (b||k) to the source vehicle.

Step 10: The source vehicle has previously computed C.

Now the source vehicle recovers b and k by computing

C ′ ⊕ (b||k) ⊕ C. Then the source vehicle compute k1 =HASH(a||b||0). Then it compare k with k1. If both are

equal to each other then the destination vehicle is proved

as authenticated and mutual authentication get established

between source and destination.

Step 11: After authenticating each other message transfer

starts between source and destination. The source vehicle

sends TIDS , TIDD, TS , C⊕Mi to the destination vehicle

where Mi is the message transferred at ith iteration.

Step 12: The intermediate vehicle forwards TIDS ,

TIDI , TIDD, TS , C ⊕ Mi to the source vehicle. The

destination vehicle recovers the message Mi by computing

C ⊕ Mi ⊕ C ′.Step 13: After recovering the message the destination ve-

hicle send an acknowledgement to the intermediate vehicle.

So it sends TIDD, TIDI , TIDS , TD, C ′ ⊕ ACKj to the

destination vehicle.

Step 14: The intermediate vehicle forwards TIDD,

TIDI , TIDS , TD, C ′ ⊕ ACKj to the source vehicle. The

source vehicle recovers ACKj by computing C ′⊕ACKj ⊕C.

VI. SECURITY ANALYSIS

In this section, we discuss security issues of the proposed

MAPWPP scheme

A. Theorem 6.1:

MAPWPP ensures authentication, message integrity andnon repudiation.

Proof: In MAPWPP the vehicles register with the TA

before participating in the VANET. This ensures the vehicles

communicating through VANET are authentic. The vehicles

generate the private and public keys using elliptic curve

cryptography which is based on ECDLP problem. Hence

deriving the private keys from the public keys is infeasible.

As a result impersonation attack is not possible. Before com-

munication starts, a vehicle first requests for temporaryID to

the RSU in range.The RSU verifies that the requesting vehi-

cle is an authentic VANET user by comparing the registered

Vehicles list. This ensures the entity authentication.

B. Theorem 6.2:

MAPWPP is able to satisfy conditional privacy preser-vation property. Proof: In the temporary ID acquisition

phase the vehicle obtain a TID from the RSU. TIDi =V IDiXORRSUPr. The vehicle does not expose its true

identity. The source vehicle broadcast its TID with the

message and the signature. As a result, the recipient vehicles

are unaware of the true identity of the sender vehicle. In the

public key look up phase the vehicle which receives the

message and the signature enquire the nearby RSU for the

public key corresponding to the TIDi. The RSU calculate

V IDi from the TIDi. V IDI = TIDiXORRSUPr.Then

it retrieve the public key for the VIDA and broadcast it. The

interested vehicles use the public key for verification of the

message received. The receiving vehicle is unaware about

the exact ID of the source vehicle. Again as the temporary

identity as well as the public key changes when the vehicle

moves from the range of an RSU to other, no one can

track the public key with the temporaryID. So the protocol

maintains the privacy preservation property of the vehicle.

C. Theorem 6.3:

MAPWPP is safe against Sybil attacks.Proof: In VANET most messages are broadcast messages

about the traffic conditions of the neighbourhood. A vehicle

gets confidence about a message when same message arrives

from a large number of sources. Let us assume, there are

50 vehicles in the range of an RSU. Each vehicle have their

temporary identities TIDi acquired from the RSU and their

corresponding public certificates Certi registered. Suppose

vehicle TID1 broadcasts a message M . Let the vehicles in

the range of TID1 are TID2 to TID6. Thus the vehicles

TID2 to TID6 shall receive a single instance of M through

one hop communication because though the vehicle TID1

has a set of public-private key pairs, it is assigned a single

temporary identity at a time, also this identity changes once

the vehicle enters the range of another RSU. Therefore at

any point of time TID1 can have a single ID (pseudonym)

and so can put only one signature on M using the private key

corresponding to public key certificate Cert1. Sybil attack is

possible if the vehicle can put different signatures on the

different instances of the same message. But in our case the

signature will be same because both the message and the

public key is same.

D. Theorem 6.4:

MAPWPP detects black and grey hole attacks.Proof: The vehicles are monitored by their one hop neigh-

bors to detect their behavior. If they are found misbehaving,

the same is reported to the RSU. The RSU moves the

vehicles to blacklist according to the majority opinion rule

and eliminates them from VANET. Thus if a vehicle drops

all the packets sent to it the black hole attack is detected. If

it selectively forwards some packets then a grey hole attack

is detected.

VII. PERFORMANCE ANALYSIS

In this subsection, we compared our proposed scheme

with other similar works that are intended to ensure anony-

mous interactions. In [21], He et al. proposed an authorized

anonymous ID-based scheme. The security of their scheme

is based on blind signature and RSA cryptosystem. Later,

in [22], Yang et al. proposed a secure scheme for providing

anonymous communications in wireless systems without us-

ing asymmetric cryptosystems. In [12], Chun-Ta Li proposed

a non interactive ID-based scheme for vehicle to vehicle

communications. The results of a comparison of efficiency

between our scheme, Chun-Ta Li’s scheme, Yang et al.’s

scheme and He et al.’s scheme are shown in Table. For

evaluation of performance, we defined some computational

parameters as follows.

• Texp denotes the time for the modular exponentiation

• Thash denotes the time for the hashing operation.

• Tsym denotes the time for the symmetric encryp-

tion/decryption operation.

• Tasym denotes the time for the asymmetric encryp-

tion/decryption operation.

• Txor denotes the time for the XOR operation.

For instance, a symmetric encryption/decryption is at least

100 times faster than an asymmetric encryption/decryption

in software and an exponential operation is approximately

equal to 60 symmetric encryptions/decryptions [24].

Our

Scheme

Chun-

Ta’s[12]

Yang

et al.’s

He et

al.’s

Tasym 2 5 0 6

Tsym 0 0 8 2

Texp 0 0 17 0

Thash 4 9 0 5

Txor 9 9 4 0

Total

costs

200

Tsym

500

Tsym

1028

Tsym

602

Tsym

VIII. CONCLUSION

In this article, a secure and efficient communication

scheme for vehicular ad hoc networks is proposed. By

comparison with other related schemes, the proposed scheme

not only maintains good and sought after properties (e.g.

low computational costs, mutual authentication) but also

provides the advantage of user privacy preservation. Hence,

a vehicular node can anonymously interact with other ve-

hicular node and nobody can know information about the

user (e.g. location/user identification/transaction privacy).

Moreover, in comparison with chun Ta’s scheme, Yang et

al.s and He et al.s schemes, the computational costs of

involved nodes in our scheme are lower. As a result, our

proposed scheme is suitable for various ad hoc networks.

REFERENCES

[1] Y. Peng, Z. Abichar and J. M. Chang, Roadside-aided rout-ing(RAR) in vehicular networks,in Proc. IEEE ICC 2006,Vol.8, pp. 3602-3607. Istanbul, Turkey, June 2006.

[2] B. Parno and A. Perrig, Challenges in securing vehicularnetworks,in Prof. of the Workshop on Hot Topics in Networks(HotNets-IV) 2005. College Park, Maryland, November 2005.

[3] M. Raya and J. P.Hubaux, Securing vehicular ad hoc net-works,Journal of Computer Security, Vol. 15, No. 1, pp. 39-68.2007.

[4] X. Lin, X. Sun, P. H. Ho and X. Shen, GSIS: a secureand privacy preserving protocol for vehicular communications,IEEE Transactionon Vehicular Technology, Vol. 56, No. 6, pp.3442-3456. 2007.

[5] X. Lin, R. Lu, C. Zhang, H. Zhu, P. H. Ho and X. Shen,Security in vehicular ad hoc networks, IEEE CommunicationsMagazine, Vol. 46,No. 4, pp. 88-95. 2008

[6] Amer Aijaz, Bernd Bochow, Florian Dotzer, Andreas Fes-tag,Matthias Gerlach, Rainer Kroh and Tim Leinmuller,Attackson Inter Vehicle Communication Systems - an Analysis

[7] Ahren Studer, Fan Bai, Bhargav Bellur , Adrian Perrig,Flexible,Extensible, and Efficient VANET Authentication

[8] S. S. Manvi, M. S. Kakkasageri, D. G. Adiga,Message Au-thentication in Vehicular Ad hoc Networks: ECDSA BasedApproach

[9] Chenxi Zhang, Xiaodong Lin, Rongxing Lu, An EfficientMessage Authentication Scheme for Vehicular Communications

[10] Jonathan Petit, Toulouse ,Analysis of ECDSA AuthenticationProcessing in VANETs

[11] Giorgio Calandriello, Panos Papadimitratos, Jean-PierreHubaux, Antonio Lioy, Efficient and Robust PseudonymousAuthentication in VANET

[12] Chun-Ta Li , Min-Shiang Hwang , Yen-Ping Chu, A secureand efficient communication scheme with authenticated keyestablishment and privacy preserving for vehicular ad hocnetworks, Computer Communications 31 (2008) 2803-2814.

[13] Brijesh Kumar Chauras ia, Shekhar Verma, G. S. Tomar, andAjith Araham, Optimizing Pseudonym Updation in VehicularAd-Hoc Networks, Comput. Sci. IV, LNCS 5430, pp. 136-148,2009. Springer-Verlag Berlin Heidelberg 2009.

[14] Qianhong Wu, Josep Domingo-Ferrer, Senior Member, IEEE,and rsula Gonzalez-Nicolas, Balanced Trustworthiness, Safety,and Privacy in Vehicle-to-Vehicle Communications, IEEETransactions on Vehicular Technology, Vol. 59, No. 2. Feb2010.

[15] Xiaodong Lin , Hsiao-Hwa Chen, A secure and efficient RSU-aided bundle forwarding protocol for vehicular delay tolerantnetworks, Wirel. Commun. Mob. Comput. (2010)Copyright2010 John Wiley and Sons, Ltd.

[16] P. Papadimitratos, L. Buttyan, J. P. Hubaux, F. Kargl,A. Kung, M. Raya, Architecture for Secure and Private Ve-hicular Communications, 2007 IEEE.

[17] Adam D. Woodbury, Daniel V. Bailey, Christof Paar, El-liptic curve cryptography on smart cards without coproces-sors,The Fourth Smart Card Research and Advanced Appli-cations (CARDIS 2000) Conference, September 20-22, 2000,Bristol,UK

[18] Istvan Zsolt BERTA, and Zoltan Adam Mann, Implementingelliptic curve cryptography on PC and smart card, Periodicapolytechnica ser. El. Eng., Vol. 46, No. 1-2, pp. 4773, 2002.

[19] Poonam, K. Garg, M. Misra, Eliminating Misbehaving nodesby opinion based Trust Evaluation Model in MANETS,ICCS’11, Februrary, 12-14. Rourkela, Odisha, India.

[20] M. Gerlach, A. Festag, T. Leinmuller, G. Goldacker,C. Harsch, Security Architecture for Vehicular Communica-tion, 5th International Workshop on Intelligent Transportation(WIT). Hamburg, Germany, March 2007.

[21] Q. He, D. Wu, P. Khosla, The quest for personal control overmobile location privacy, IEEE Communications Magazine 42(5) (2004) 130-136.

[22] C. C. Yang, Y. L. Tang, R. C. Wang, H. W. Yang, Asecure and efficient authentication protocol for anonymouschannel in wireless communications, Applied Mathematics andComputation 169 (2) (2005) 1431-1439.

[23] J. S. Lee, C. C. Chang, Secure communications for cluster-based ad hoc networks using node identities, Journal of Net-work and Computer Applications 30 (4) (2007) 1377-1396.

[24] B. Schneier, Applied Cryptography Protocols Algorithms andSource Code in C, second ed., John Wiley and Sons Inc., 1996