A secure road condition scheme in cloud based VANET

Connected vehicular cloud computing (CVCC) is a promising technology that integrates cloud computing and vehicular ad-hoc network (VANET) for road condition monitoring tasks. However, maintaining security and privacy is crucial for wide deployment of such framework. Existing researches fail to address critical security flaws in CVCC scenario. This paper performs cryptanalysis on the CVCC based road condition monitoring scheme recently proposed by Wang et al. (2019). The scheme fails to achieve anonymity, unlinkability and nonrepudiation. Moreover, honest but curious RSUs may collude with each other to learn sensitive information, such as vehicle user's trajectory. Also, an attacker can induce forged emergency case into the system through replay attack. Furthermore, in the scheme, the cloud server cannot segregate a threshold number of current reports, from a threshold number of combination of old and current reports. Along with this cryptanalysis, this paper proposes a secure road condition monitoring scheme in cloud based VANET, addressing the critical issues identified in the existing works. The security of the proposed scheme has been thoroughly evaluated using an adversary model, BAN Logic and AVISPA tool. Moreover, the performance of the proposed scheme is analyzed and compared with the existing schemes in terms of security and computation overhead. Connected vehicular cloud computing (CVCC) is a promising technology that integrates cloud computing and vehicular ad-hoc network (VANET) for road condition monitoring tasks. However, maintaining security and privacy is crucial for wide deployment of such framework. Existing researches fail to address critical security flaws in CVCC scenario. This paper performs cryptanalysis on the CVCC based road condition monitoring scheme recently proposed by Wang et al. (2019). The scheme fails to achieve anonymity, unlinkability and nonrepudiation. Moreover, honest but curious RSUs may collude with each other to learn sensitive information, such as vehicle user's trajectory. Also, an attacker can induce forged emergency case into the system through replay attack. Furthermore, in the scheme, the cloud server cannot segregate a threshold number of current reports, from a threshold number of combination of old and current reports. Along with this cryptanalysis, this paper proposes a secure road condition monitoring scheme in cloud based VANET, addressing the critical issues identified in the existing works. The security of the proposed scheme has been thoroughly evaluated using an adversary model, BAN Logic and AVISPA tool. Moreover, the performance of the proposed scheme is analyzed and compared with the existing schemes in terms of security and computation overhead.