LAUSR

In the above paper, Wei et al. proposed a lightweight conditional privacy-preserving authentication protocol in VANET to achieve both ultra-low transmission delay and SSK updating. To decrease communication overhead, their scheme adopts a signature scheme with message recovery to achieve message authentication. And they claimed that the adopted signature was secure against adaptively chosen message attacks, and gave the detailed security proof. Unfortunately, in this work, by analyzing the security of Wei et al. scheme, we show that their scheme is insecure, and it is universally forgeable, i.e., anyone can forge a valid signature on any message; it also makes their scheme does not satisfy conditional privacy. Finally, after analyzing the reasons to produce the attack, we give the corresponding suggestion to overcome the attacks.