Vehicle handover from one road-side unit to another is a common phenomenon
in vehicular ad-hoc networks (VANETs). Authenticating vehicles effectively is the
key to success of VANETs. Recently, Li and Liu proposed a lightweight identity authentication
protocol for VANETs, which was claimed to integrate efficiency and security.
However, in this paper, we show that their protocol is vulnerable to three severe drawbacks,
including protocol bottleneck, location detection, and parallel session attack.