Un-traceability. We employ random integers a1 and a2 along with fresh timestamps in different sessions which enable the constructed messages (R1, R2, R3, R4) in a session to be unique each time these are generated [26,27]. The attacker may not be able to distinguish the exchanged messages among for MUi and CMDi across various sessions. Furthermore, the legal identifies such as IDu or PIDu are used in collision-resistant one hash function which enables the protocol in affording the untraceability feature.
Un-traceability. Un-traceability means that the passive adversary cannot monitor the communication channel to trace a vehicle by analyzing message sender. In the three- party authentication phase, the timestamp contained in the pseudo identity PIDi = RIDi ⊕ h2(riPpub, Ti) keeps changing, so that different messages sent from the same vehicle are identified by different pseudo identities. As for the public keys Ki that are used for participating the key agreement process, they are generated by a random way and only sent to TA once, which means that it is hard for the adversary to trace a vehicle by analyzing Ki. In the key agreement phase, the broadcast message sent from TA do not contain any identity information of the vehicle. So un-traceability is achieved in our proposed protocol.
