In the above paper “A Conditional Privacy-Preserving Certificateless Aggregate Signature Scheme in the Standard Model for VANETs. ” a pairing-based certificateless aggregate signature (CLAS) scheme was proposed. However. a malicious-but-passive KGC attack on this scheme was subsequently presented by Shim. https://www.roneverhart.com/Bailout-537BK-2302/