Internet of Things (IoT) lays the foundation for the various applications in smart cities, yet resource-constrained IoT devices are prone to suffer from devastating cyberattacks and privacy leak threats, thus are inevitability supposed as the weakest link of the systems in smart cities. Mitigating the security risks of data and the computing limitation of edge devices, especially identity authentication and key validity management of group devices are essential for IoT system security. In order to tackle the issues of anonymity, traceability, unforgeability of expiry time as well as efficient membership revocation for life-cycle management of devices in IoT setting, we presented a dynamic time-bound group signature with unforgeability of expiry time. Unforgeability of expiry time disables a revoked signer to create a valid signature by means of associating the signing key with an expiry time. The anonymity and traceability of the proposed scheme contribute to the identity privacy of the entities and supervision for authority agency. Moreover, our proposal is feasible in the resource-constrained setting for efficient computational cost of signing and verification algorithms.

物联网（IoT）为智慧城市中的各种应用奠定了基础，但是资源受限的IoT设备易于遭受破坏性的网络攻击和隐私泄漏威胁，因此不可避免性被认为是智慧城市中系统的最薄弱环节。减轻数据的安全风险和边缘设备的计算限制，尤其是身份验证和组设备的密钥有效性管理对于物联网系统安全至关重要。为了解决IoT环境中设备的生命周期管理的匿名性，可追溯性，失效时间不可伪造以及有效的成员资格撤销问题，我们提出了具有失效时间不可伪造的动态时限组签名。失效时间的不可伪造性使被撤消的签名者无法通过将签名密钥与失效时间相关联来创建有效的签名。拟议方案的匿名性和可追溯性有助于实体的身份隐私和对权威机构的监督。此外，我们的建议在资源受限的环境中是可行的，以实现签名和验证算法的高效计算成本。