Explore the vast range of titles available.

In the secure vehicular ad-hoc networks (VANETs), certificateless aggregate signature schemes(CLAS) have attracted more and more attention because they can efficiently implement message aggregation and authentication without complex certificate management. Recently, Zheng et al. proposed an efficient and privacy-protecting certificateless aggregate signature scheme, which is applicable to VANETs. However, through in-depth analysis, we found that it is vulnerable to temporary rogue key attacks. That is, an adversary can exploit the random numbers in signatures to generate an ephemeral rogue key, enabling him/her to forge an aggregate signature using both this rogue key and his/her private key. Furthermore, the forged signature can pass the verification without being detected. This paper fixes this vulnerability and proposes a security-enhanced CLAS scheme for VANETs. Specifically, our improved solution incorporates an additional aggregator’s signature into the original framework and implements simultaneous verification of both the aggregator’s signature and the aggregate signature to effectively resist rogue key attacks. In terms of security, we conducted a rigorous analysis of the security-enhanced CLAS scheme. In addition, through performance evaluation experiments, we compare the computational complexity and communication overhead of the security-enhanced CLAS scheme and some other schemes. The experimental results show that the security-enhanced CLAS scheme demonstrates significant advantages in both computational efficiency and communication cost while maintaining security. Our method can provide valuable references for the design of security solutions in related fields.

A verifiably encrypted signature provides a way to encrypt a signature under a third party’s public key and proves that the resulting ciphertext contains such a signature. In this paper, we analyze the security of three verifiably encrypted signature schemes in a multi-user setting in which an adversary is allowed to access adjudication oracles for different users, but the same adjudicator.