A secure and efficient certificateless batch verification scheme with invalid signature identification for the internet of things
Introduction
The concept of the Internet of Things (IoT) was formally introduced by the International Telecommunication Union (ITU) in 2005. It is described as a self-establishing network of highly coupled smart devices [1]. In the IoT-based system, smart devices are allowed to interact with each other transparently and seamlessly for reaching common goals. Under the interconnection of smart devices, various innovative applications based on the IoT have emerged. Fig. 1 illustrates some typical IoT applications in distinct domains including smart factory [2], smart home [3] and e-healthcare [4]. These applications not only redefine the interaction between the physical devices and humans but also provide higher intelligence as well as convenience to daily life. Considering the huge potential of the IoT in applications, it has become increasingly attractive to both industry and academia [5], [6], [7], [8], [9].
Despite the continuous development of IoT technology, security threats still hinder its widespread application [10], [11], [12], [13], [14]. In a typical IoT application, the collected data is transmitted over the open channel. Due to the vulnerable nature of the communication channel, a malicious adversary can perform a series of attacks easily including intercepting, modifying, injecting and replaying the information. This causes grievous damage to the property and reputation of data owners and data consumers [15], [16], [17], [18], [19]. To avoid the aforementioned fatal consequences, a substantial number of research achievements have been put forward to ensure the data authenticity for the IoT environments [20], [21], [22], [23]. The digital signature is widely regarded as an appropriate cryptographic primitive for achieving data authenticity in the IoT environment [10], [16], [24]. Using the digital signature, the sensing data can be authenticated in a non-repudiation and non-modification manner during the transmission phase [25].
In an IoT system with a traditional public key infrastructure (PKI)-based signature scheme deployed, a certificate authority (CA) issues each smart device with its corresponding certificate. Though these certificates, a smart device’s identity can be bound to its public key. Since the CA is supposed to distribute and maintain digital certificates of all smart devices, it inevitably incurs the cumbersome overhead in the certificate distribution and management as the number of connected devices increases. Thus, the PKI-based signature schemes are infeasible for IoT environments. As an alternative approach to PKI-based signature, the identity(ID)-based signature has been commonly applied to the IoT [26], [27]. In these schemes, smart devices’ public keys can be easily derived from their own identities (e.g., MAC address), and thus the necessity of a certificate is elegantly eliminated. However, since a smart device’s private key is created by the private key generator (PKG), the PKG has all knowledge of an entity’s private key. Once the PKG is compromised, any signature of the entities can be forged without being detected. Due to the key escrow problem, the ID-based signature is more likely to be deployed in a private network [28], [29], [30].
Certificateless signature (CLS) has emerged as a favorable candidate that mitigates the heavy overhead of certificate management and solves the key escrow problem of ID-based signature. In a CLS-based system, the private key is formed with the secret value chosen by the entity itself and the partial private key generated by a semi-trusted party called the key generation center (KGC). This mechanism not only avoids the necessity of certificates but also prevents the private key from being completely leaked. Benefited from these advantages, plenty of CLS schemes have been proposed to protect data authenticity in the IoT environment [31], [32], [33], [34], [35]. Nevertheless, these schemes have poor performance in settling the issue of massive signatures verification. Considering the fact that a huge number of signatures need to be verified in the practical IoT system, individual verification leads to network congestion and service delay. Thus, the aforementioned schemes cannot be used for IoT scenarios in their current forms.
The batch verification technique is a useful tool to improve verification efficiency, which allows a verifier to check the correctness of multiple digital signatures simultaneously [36], [37], [38]. For the purpose of enjoying the combined benefits of CLS and batch verification, a large number of CLS schemes with batch verification have been put forward in the IoT scenario [39], [40], [41], [42]. Observing the existing schemes, they cannot settle the batch verification failure. In reality, it is impossible for all signatures in a batch to be valid. Even if there only exists one invalid signature in thousands of signatures, batch verification fails to accept all the valid signatures. The malicious adversary attempts to reduce the advantage of batch verification via inserting the invalid signatures into the batch. Therefore, the invalid signature identification is crucial for a batch verification scheme. Furthermore, the existing schemes have poor security or efficiency, which cannot reach the claimed goals.
Driven by the above motivations, this paper presents a certificateless batch verification scheme with invalid signature identification for the IoT. In our scheme, batch verification greatly enhances the efficiency of signature verification, and the identification of invalid signatures solves the failure case of the batch verification for maximizing its advantages. The proposed scheme is provably secure based on the elliptic curve discrete logarithm problem (ECDLP) under the random oracle model. The comprehensive comparison of security and performance shows that our scheme outperforms the relevant schemes in the context of IoT.
The organization of this paper is summarized as follows: We review the related work in Section 2. The relevant background knowledge is described in Section 3. Section 4 presents a CLS scheme with batch verification scheme and invalid signature identification. We give the formal security proof of the presented scheme in Section 5. The concrete comparison between our scheme and the related work from aspects of security and performance is discussed in Section 6. Section 7 summarizes this paper.
Section snippets
Related work
In recent years, researchers have focused on utilizing traditional security techniques to ensure data authenticity for IoT scenarios. Although many cryptographic primitives including PKI-based signature and ID-based signature can serve as security mechanisms, their inherent drawbacks on security or efficiency limit their widespread adoption in the IoT environment such as the key escrow problem and heavy overhead of certificate management. CLS was initially introduced by Al-Riyami et al. in [43]
Preliminaries
This section introduces some background knowledge including elliptic curve cryptography, elementary symmetric polynomial, framework and security model of the proposed scheme.
Our proposed scheme
This section gives a secure and efficient CLS scheme with batch verification scheme and invalid signature identification for IoT scenarios.
Security analysis
Theorem 1 In the random oracle model, the presented scheme is EUF-CMA secure if the ECDLP is intractable. Proof Theorem 1 can be derived directly from Lemma 1 and Lemma 2. □ Lemma 1 If there exists an adversary who forges a signature with negligible advantage in Game I described in Section 3.4, ECDLP can be resolved by the challenger with success probability where q1 and qPPKG are the number of queries to the oracles and respectively. Proof Define
Comparison
We compare the proposed scheme with the relevant works in terms of their respective features and performance. In addition, the execution efficiency of invalid signature identification in our scheme is also analyzed later in this section.
Conclusion
This paper proposes a novel secure and efficient certificateless batch verification scheme with invalid signature identification for the Internet of Things. The presented scheme can check the validity of multiple signatures simultaneously to improve verification efficiency. Moreover, aimed at solving the failure case of batch verification, invalid signature identification is provided in this scheme. By this means, all valid signatures in a bad batch can be accepted by a verifier, which
Declaration of Competing Interest
The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.
Acknowledgement
This work was supported in part by the Natural Science Foundation of China under Grant U1936101 and Grant 61602096, in part by MOST under contracts 109-2634-F-259-001-through Pervasive Artificial Intelligence Research (PAIR) Labs, Taiwan, in part by the 13th Five-Year Plan of National Cryptography Development Fund for Cryptographic Theory of China under Grant MMJJ20170204 and the Sichuan Science and Technology Project under Grant 2018KZ0007.
References (77)
- et al.
Towards fog-driven iot ehealth: promises and challenges of iot in medicine and healthcare
Future Generation Computer Systems
(2018) - et al.
Automatic contract negotiation, service discovery and mutual authentication solutions: a survey on the enabling technologies of the forthcoming iot ecosystems
Comput Networks
(2019) - et al.
Security for the internet of things: a survey of existing protocols and open research issues
IEEE Communications Surveys & Tutorials
(2015) - et al.
An efficient conditional privacy-preserving authentication scheme for vehicular ad hoc networks using online/offline certificateless aggregate signature
Proceedings of International Conference on Provable Security
(2019) - et al.
Provably secure and lightweight certificateless signature scheme for IIot environments
IEEE Trans Ind Inf
(2018) - et al.
Fast verification of digital signatures in IoI
International Symposium on Security in Computing and Communication
(2017) - et al.
Efficient pairing-free identity-based ADS-B authentication scheme with batch verification
IEEE Trans Aerosp Electron Syst
(2019) - et al.
A digital signature scheme secure against adaptive chosen-message attacks
SIAM J Comput
(1988) - et al.
An efficient certificateless aggregate signature without pairings for vehicular ad hoc networks
Inf Sci (Ny)
(2018) - Peña López I., et al. Itu internet report 2005: the internet of things. http://www.itu.int/pub/S-POL-IR.IT-2005/e;...
Industrial iot data scheduling based on hierarchical fog computing: a key for enabling smart factory
IEEE Trans Ind Inf
Smart home: cognitive interactive people-centric internet of things
IEEE Commun Mag
Internet of mobile things: overview of loraWAN, DASH7, and NB-iot in LPWANs standards and supported mobility
IEEE Commun Surv Tutorials
5G waveforms for IoT applications
IEEE Commun Surv Tutorials
An authenticated key exchange protocol for multi-server architecture in 5G networks
IEEE Access
Privacy-preserving raw data collection without a trusted authority for IoT
Comput Networks
Ddos in the iot: mirai and other botnets
IEEE Computer
The mirai botnet and the iot zombie armies
Proceedings of IEEE Military Communications Conference
Cybertrust in the IoT age
IEEE Computer
Security, privacy, and trust on internet of things
Wirel Commun Mobile Comput
IEEE 802.15.4: Signature-based intrusion detection in wireless sensor networks (WSNS)
Encyclopedia of Wireless and Mobile Communications
Current research on internet of things (IoT) security: a survey
Comput Networks
Attacks and solutions on a three-party password-based authenticated key exchange protocol for wireless communications
J Ambient Intell Humaniz Comput
Shake to communicate: secure handshake acceleration-based pairing mechanism for wrist worn devices
IEEE Internet Things J
Mutual authentication in iot systems using physical unclonable functions
IEEE Internet Things J
Secure authentication scheme for medicine anti-counterfeiting system in iot environment
IEEE Internet Things J
Secure signature-based authenticated key establishment scheme for future iot applications
IEEE Access
Server-aided attribute-based signature supporting expressive access structures for industrial internet of things
IEEE Trans Ind Inf
Cyberentity security in the internet of things
IEEE Comput
Security of the internet of things: perspectives and challenges
Wirel Netw.
A lightweight and identity-based network architecture for the internet of things
Proceedings of International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing
A lightweight authentication scheme for e-health applications in the context of internet of things
Proceedings of International Conference on Next Generation Mobile Applications, Services and Technologies
Identity-based cryptosystems and signature schemes
Proceedings of CRYPTO
An efficient certificateless aggregate signature with constant pairing computations
Inf Sci
A novel certificateless signature scheme for smart objects in the internet-of-things
Sensors
An efficient provably-secure certificateless signature scheme for internet-of-things deployment
Ad Hoc Netw
Efficient certificateless aggregate signature with conditional privacy-preserving in IoV
IEEE Syst J
Cited by (6)
Achieving reliable and anti-collusive outsourcing computation and verification based on blockchain in 5G-enabled IoT
2022, Digital Communications and NetworksCitation Excerpt :Another application issue that extends the classical proof system is probabilistically checkable proof systems in Refs. [33,34]. Recently, a protocol under which the DO could outsource verification to a special verifier was proposed in Refs. [36–38]. In the protocol, the verifier is not as powerful as the CS in terms of re-computing values, and the payment was charged by the DO far less than the CS.
Efficient Batch Authentication Scheme Based on Edge Computing in IIoT
2023, IEEE Transactions on Network and Service ManagementHeterogeneous Fault-Tolerant Aggregate Signcryption with Equality Test for Vehicular Sensor Networks
2023, CMES - Computer Modeling in Engineering and SciencesTimeliness Improvement of Information Interaction for IoVs Using Mini-Batch Identification Strategy
2022, IEEE Conference on Intelligent Transportation Systems, Proceedings, ITSCEfficient Small-Batch Verification and Identification Scheme with Invalid Signatures in VANETs
2021, IEEE Transactions on Vehicular TechnologyPossibilities of improving the cyber security of mobile devices based on the integration of dynamic biometric methods
2021, CEUR Workshop Proceedings