Yong Wu,Bei Gong,Yu Zhang

DOI: https://doi.org/10.1155/2022/6945004

2022-01-01

Wireless Communications and Mobile Computing

Abstract:The Internet of Things (IoT) is a vast perceptual network formed by a variety of IoT devices connected to each other. In IoT, various devices cooperate with each other to collect and transmit private data of IoT and sustain the efficient and orderly operation of IoT. However, in the complex security situation of IoT, due to the resources of IoT devices being limited, it is difficult for IoT devices to afford the heavy resource consumption of sophisticated data encryption and decryption mechanism, which brings certain security risk to data transmission of IoT. To ensure safe and efficient data transmission, we propose an improved efficient certificateless hybrid signcryption scheme for IoT, which satisfies confidentiality, unforgeability, forward security, public verification, and known session-specific temporary information security; meanwhile, we prove them in random oracle model (ROM). In addition, through simulation experiment, we find that our scheme has higher communication efficiency and computational efficiency compared with existing schemes.

Wenzhan Zhang,Yanhui Zhang,Chong Guo,Qi An,Yuming Guo,Ximing Liu,Shijun Zhang,Junjia Huang

DOI: https://doi.org/10.1155/2022/3687332

IF: 3.12

2022-02-26

Computational Intelligence and Neuroscience

Abstract:The rapid development of the Internet of Things (IoT) has accelerated the integration of science and technology with life, enabling the public to start enjoying the convenience brought by intelligent living. However, there are multiple resource-constrained sensing devices in IoT, which are always facing various external or internal attacks, making it difficult to ensure the secure transmission of sensitive data in IoT. Therefore, to address the problem of data transmission in resource-constrained devices in IoT, we propose a new certificateless hybrid signcryption scheme for IoT. It is a novel scheme that satisfies confidentiality and unforgeability, showing higher computational efficiency and lower overhead of transmission. To prove that it satisfies the efficent transmission of IoT, we conduct simulation experiments, and the experimental results show that our proposed scheme has higher efficiency than the existing schemes.

mathematical & computational biology,neurosciences

Yang Ming,Xiaopeng Yu,Xiaoqin Shen

DOI: https://doi.org/10.1109/access.2020.3018488

IF: 3.9

2020-01-01

IEEE Access

Abstract:Healthcare Internet of Things (IoT) is an emerging paradigm, which can provide comprehensive and different types of health services and enable various types of medical sensors to monitor patient's health conditions. In the healthcare IoT, patient is deployed with a variety of medical sensors, which continuously monitors and collects patient's sensitive health data that needs specially protection for preventing privacy leakage. To safely send multiple different health data monitored by multiple different medical sensors to multiple corresponding healthcare professionals in one data report, several multi-message and multi-receiver signcryption schemes have been introduced by employing the traditional public key cryptography, identity-based cryptography or certificateless cryptography. However, these schemes suffer from the certificate management, key escrow and key distribution problem. Besides, due to the resource-constraint property of medical sensors, they are unsuitable for healthcare IoT in terms of both performance and privacy requirements. To solve these issues, this paper introduces an efficient anonymous certificate-based multi-message and multi-receiver signcryption scheme for healthcare IoT, where the certificate-based cryptography and elliptic curve cryptography are combined to simplify the certificate management problem, eliminate the key escrow problem, solve the key distribution problem and ensure the privacy-preserving. Furthermore, the security analysis suggests that the proposed scheme is able to achieve the confidentiality, unforgeability, receiver anonymity, sender anonymity and decryption fairness; the performance evaluation indicates that the proposed scheme brings to the lower computation cost and communication cost in comparison to the existing schemes.

Yu Han,Yanwei Zhou,Bo Yang,Zhe Xia,Mingwu Zhang

DOI: https://doi.org/10.1109/jiot.2023.3332492

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:With the limited resources of the Internet of Things (IoT), security and efficiency have become a challenge. The hybrid signcryption scheme is a proper method to ensure data security and integrity. Recently, through continuous and in-depth research, the signcryption scheme has made many achievements, but there are still some problems. Most proposals use bilinear mapping, which reduces computational efficiency. It brings a heavy burden to the resource-constrained IoT. And many constructions cannot meet the claimed security, causing the leakage of private messages. Therefore, we propose a lightweight certificateless hybrid signcryption (CLHS) scheme with better performance and higher security to solve the above problems. First, we have reduced storage pressure and improved computational efficiency by using certificateless public-key cryptography and elliptic curves instead of bilinear maps to construct a signcryption scheme, and the construction is lightweight. At the same time, to securely transmit messages of different lengths, we employ a hybrid signcryption scheme. Through formal security proof, efficiency, and performance analysis, our proposal has the security requirements of confidentiality and unforgeability and has better computational efficiency and security performance. Finally, we propose a secure data transmission protocol based on our CLHS scheme in Smart Grid, which inherits the advantages of high computational efficiency and better security of the underlying CLHS scheme.

Jianhong Zhang,Wenle Bai,Yuehai Wang

DOI: https://doi.org/10.1109/access.2019.2899828

IF: 3.9

2019-01-01

IEEE Access

Abstract:The Internet of Things (IoT) is the internetworking of terminal physical devices depends on application programming interfaces and sensors to be connected to the Internet for collecting and exchanging data. According to the characteristics of IoT, it can provide rich services for the terminal user. However, the centralized cloud computing-based storage architecture in IoT faces many challenges, such as data security, identity privacy, and high latency. To overcome these challenges, this paper introduces an IoT network storage architecture based on mobile edge computing, which not only achieves low-latency message response and computation offloading of the terminal user but also preserves identity-privacy of the terminal user. Afterward, we presented a novel non-interactive pairing-free ID-based proxy re-signature scheme (ID-PRS), which is a kernel technique to construct the aforementioned storage architecture. Compared with most of proxy re-signature schemes constructed based on traditional public-key-infrastructure, the proposed scheme avoids expensive pairing operation and intricate certificate-maintenance. And it is demonstrated to be provably secure under the classic security assumptions: integer factoring problem and the RSA assumption. Finally, in contrast to the other two ID-PRS schemes, the proposed ID-PRS scheme has more advantages in terms of security, functionability, and computation costs. Thus, it is very suitable to be applied to the resource-constrained mobile users.

Rui Guo,Qiaoyan Wen,Huixian Shi,Zhengping Jin,Hua Zhang

DOI: https://doi.org/10.1155/2014/980274

IF: 1.43

2014-01-01

Mathematical Problems in Engineering

Abstract:Certificateless cryptography aims at combining the advantages of public key cryptography and identity based cryptography to avoid the certificate management and the key escrow problem. In this paper, we present a novel certificateless public key encryption scheme on the elliptic curve over the ring, whose security is based on the hardness assumption of Bilinear Diffie-Hellman problem and factoring the large number as in an RSA protocol. Moreover, since our scheme requires only one pairing operation in decryption, it is significantly more efficient than other related schemes. In addition, based on our encryption system, we also propose a protocol to protect the confidentiality and integrity of information in the scenario of Internet of Things with constrained resource nodes.

engineering, multidisciplinary,mathematics, interdisciplinary applications

Dengmei Xiang,Xuelian Li,Juntao Gao,Xiachuan Zhang

DOI: https://doi.org/10.1016/j.adhoc.2021.102702

IF: 4.816

2022-01-01

Ad Hoc Networks

Abstract:The Internet of Things (IoT) is a new technological innovation, which makes things intelligent and our life more convenient. To ensure secure communication between smart objects in the IoT, certificateless signature is a feasible cryptographic tool to provide data integrity and identity authentication, which eliminates the cumbersome certificate management in the certificate-based signature system, as well as the key escrow problem in the identity-based cryptosystem. However, most of the existing certificateless signature schemes are not all secure to resist various attacks, such as public key replacement attacks or malicious-but-passive key-generation-center attacks. Besides, due to the limited storage and processing capabilities of these smart things, they are unable to meet the real-time demands of the IoT completely. This paper first analyzes Jia’s scheme. We prove that the claimed solution is not resistant to the Type II strong adversaries. Then, we propose a novel certificateless signature scheme and prove its existentially unforgeable under the elliptic curve discrete logarithm problem assumption. Finally, the comprehensive performance evaluations indicate that, at the same security level, our scheme is more efficient than other certificateless signature schemes and is well suitable for the resource-constrained IoT environment.

Xuan-wu ZHOU,Yan FU,Zhi-gang JIN,Kai-hua LIU,Xin LI

DOI: https://doi.org/10.19304/j.cnki.issn1000-7180.2014.11.006

2014-01-01

Abstract:We proposed a signcryption based secure communication scheme and anonymous communication scheme for the Internet of things and analyzed the provable security of signcryption ,including confidentiality ,unforgeability and non-repudiation in Random Oracle model .As to efficiency analysis ,the scheme achieves remarkable reduction in computational and communication cost compared with other secure protocols based on typical signature and encryption/decryption algorithms .With its superiority in computing and communication cost ,it proves to be more suitable for resource-restricted environment in Internet of things and better satisfies the requirement of secure protocols in Internet of things ,such as key management ,secure routing ,etc .

Hongzhen Du,Qiaoyan Wen,Shanshan Zhang,Mingchu Gao

DOI: https://doi.org/10.1016/j.adhoc.2020.102074

IF: 4.816

2020-01-01

Ad Hoc Networks

Abstract:With the rapid popularization of Internet of Things (IoT) in various fields, the security of the IoT has been widely concerned. Security authentication technology is the foundation of the security of the IoT. Certificateless signature, which removes the intricate certificate management and key escrow, is one of the practical methods to provide data integrity and identity authentication for the IoT. At present, many certificateless signature schemes have been put forward, but few of them are secure and suitable for the IoT. Recently, Jia et al. designed a certificateless signature scheme for the IoT deployment. The authors demonstrated that their scheme can withstand attacks of two types of super adversaries. However, we prove that Jia et al.'s scheme cannot resist attacks from a normal Type I adversary, not to mention a super Type I adversary. Then, we put forward a certificateless signature scheme on the basis of elliptic curve cryptosystem, and prove the scheme cannot be forged by two types of super adversaries. Our certificateless signature scheme performs better than the existing certificateless signature schemes, and it is the best combination of high security and efficiency so far and is more appropriate for the resource-constrained IoT environment.

Xuanwu Zhou,Zhigang Jin,Yan Fu,Huaiwei Zhou,Lianmin Qin

2011-01-01

Informatica

Abstract:Signcryption is an effective cryptographic primitive, which simultaneously fulfils both the functions of encryption and signature with much lower cost than traditional schemes; it is an ideal method to provide confidentiality and unforgeability and ensure secure data storage and transmission in the IOT (Internet of things). In the paper, we propose a publicly verifiable short signcryption scheme S-ECSC for the Internet of things based on elliptic curves cryptosystem; and prove the provable security of S-ECSC under the Random Oracle model, including confidentiality in IND-CCA2 model, unforgeability in UF-CMA model and non-repudiation security. As per the efficiency analysis, S-ECSC achieves an average 80% reduction in computation cost compared with typical discrete logarithm, RSA based signcryption schemes, and has the lowest communication cost in Elgamal type signcryptions. With its superiority in efficiency and security, S-ECSC proves to be more suitable for resource-restricted environment in IOT and better satisfies the requirement of secure protocols in IOT, such as key management, secure routing, etc. At last, we take key generating and distributing protocol of distributed key management in IOT as an application example, and analyse the method and importance to apply SECSC into secure protocols in IOT.

Jianying Qiu,Kai Fan,Kuan Zhang,Qiang Pan,Hui Li,Yintang Yang

DOI: https://doi.org/10.1109/access.2019.2958089

IF: 3.9

2019-01-01

IEEE Access

Abstract:The Internet of Things (IoT) is developing towards smart and mobile Internet of Things (SM-IoT), which has made great progress. Due to the inherent heterogeneity, distribution, intensive communication, and resource constraints of SM-IoT, efficient security and privacy communication protocols become a particularly critical challenge. Signcryption has received considerable attention. Various signcryption schemes have been proposed to solve secure communication. However, most of them are low in efficiency, without the consideration of characteristics of the SM-IoT. In this paper, we propose a signcryption scheme to achieve efficient secure multi-message and multi-receiver communication for the heterogeneous and distributed SM-IoT. We develop Identity-based Cryptography (IBC) and Certificateless Cryptography (CLC) to solve the certificate management problem. Our scheme no longer needs wireless secure channel during key generation phase of traditional CLC system, which improves the applicability of our scheme in wireless SM-IoT environment. There is no expensive operations, such as bilinear pairing, in our scheme. In addition, our scheme out sources part of the verification overhead from the SM-IoT users to the gateway without revealing user privacy. The performance evaluation shows that the computation efficiency in both sender and receiver side is improved in our scheme.

Kui Ma,Yanwei Zhou,Ying Wang,Chunsheng Dong,Zhe Xia,Bo Yang,Mingwu Zhang

DOI: https://doi.org/10.1109/jsyst.2023.3269597

IF: 4.802

2023-01-01

IEEE Systems Journal

Abstract:The Internet of Things (IoT) is helpful in making people's life more convenient and efficient. To ensure that the nodes within IoT can interact securely, a certificateless signature (CLS) can be used to protect message authentication in the IoT. Recently, some concrete constructions of CLS schemes have been proposed in the literature, but through our analyses, we demonstrate that some existing CLS schemes cannot keep their claimed security because of various security flaws. For example, a valid signature can be forged by any Type I adversary by replacing the corresponding user's public key. In this article, we describe the security flaws that need to be addressed and introduce a novel CLS scheme without using bilinear mapping. The existential unforgeability in our proposed scheme can be proved based on the hardness of the elliptic curve discrete logarithm problem in the random oracle model. The comparison with existing CLS schemes shows that our scheme not only enjoys more security features but also is more efficient in computation. Moreover, we introduce an identity authentication protocol as the application of our proposed CLS scheme, which achieves mutual authentication and anonymity in communications.

computer science, information systems,telecommunications,engineering, electrical & electronic,operations research & management science

Xiaoying Jia,Debiao He,Qin Liu,Kim-Kwang Raymond Choo

DOI: https://doi.org/10.1016/j.adhoc.2018.01.001

IF: 4.816

2018-01-01

Ad Hoc Networks

Abstract:With the growing popularity of Internet of Things (IoT) in a wide range of applications, ensuring the communication security of IoT devices is important. Certificateless signature schemes are one of several viable approaches to providing data integrity and user identification security in resource-limited IoT devices. However, designing provably-secure and efficient certificateless signature schemes remains a challenging task. In this paper, we point out two shortcomings in Yeh et al.’s certificateless signature scheme, by explaining how an adversary can easily impersonate the key generation center to issue the partial private key for any user without being detected. Moreover, the scheme cannot resist public key replacement attacks. Then, we present an improved scheme and prove its unforgeability against super adversaries in the random oracle model. Furthermore, we demonstrate the efficiency of our scheme is comparable to that of Yeh’s scheme in terms of computational and communication costs.

Wenbo Shi,Neeraj Kumar,Peng Gong,Naveen Chilamkurti,Hangbae Chang

DOI: https://doi.org/10.1007/s12083-014-0249-3

IF: 3.488

2014-01-01

Peer-to-Peer Networking and Applications

Abstract:With the development of the Internet of Things (IOT) application, information security and user privacy protection in the IOT have attracted wide attention across the globe. To solve this problem, Luo et al. proposed an efficient certificateless online/offline signcryption (COOSC) scheme for IOT. They have also demonstrated that their scheme is provably in the random oracle model. However, in this paper, we will show their scheme is vulnerable to the private key compromised problem, i.e., an adversary could get a user’s private key through an intercepted message. The analysis show that Luo et al.’s scheme is not suitable for the IOT.

Dongmei Chen,Yining Liu,Fei Zhou,Lihui Li,Yangfan Liang

DOI: https://doi.org/10.1016/j.sysarc.2024.103268

IF: 5.836

2024-08-30

Journal of Systems Architecture

Abstract:The widespread application of wireless sensor technology in the Internet of Things (IoT) industry significantly enhances productivity. However, the large scale deployment of IoT and the inherent vulnerabilities of wireless communication methods to attacks present significant new challenges. Consequently, there is a need to address the efficiency and security of information transfer in IoT. To effectively solve these issues, this paper presents a secure and efficient pairing-free certificateless aggregated signcryption (CL-ASC) scheme for IoT based on the elliptic curve cryptosystem. Our scheme avoids the complex certificate management issues associated with Public Key Cryptography (PKC) and the key escrow problem found in identity-based cryptography, while maintaining the storage and communication efficiency benefits of aggregated signcryption. The use of secure signcryption and aggregation techniques effectively resists a variety of potential attacks. Both formal and informal security analyses demonstrate that our scheme meets the expected security requirements. Specifically, our scheme shows significant improvements in computational and communication overheads. Compared to other state-of-the-art protocols, our scheme achieves signcryption computation cost of 0.691 ms, unsigncryption computation cost of 3.917 ms for 5 messages, and a total cost of 4.608 ms for 5 messages. Additionally, it provides a signcryption communication overhead of 128 bytes and aggregated communication overhead of 580 bytes for 5 messages.

computer science, software engineering, hardware & architecture

Muhammad Arif Mughal,Xiong Luo,Ata Ullah,Subhan Ullah,Zahid Mahmood

DOI: https://doi.org/10.1109/access.2018.2844406

IF: 3.9

2018-01-01

IEEE Access

Abstract:Internet of Things (IoT) comprises of large number of smart devices that can exchange sensed data by availing online services. Smart devices can directly interact with the human beings for sensing the healthcare parameters and transmitting to a central repository. During the data exchange, it is mandatory to secure the messages between sender and receiver to handle the malicious human based attacks. For providing secure communication, a number of signature-based schemes are explored in literature but smart devices need more lightweight operations by ensuring desired security strengths. The main problem during signature based approaches is the computational overhead due to large real numbers required for signature and verification processes. This paper presents a light weight shortened complex digital signature algorithm for providing secure communication between smart devices in human centered IoT. We have used less extensive operations to achieve signature and verification processes like human beings do signatures on legal documents and verify later as per witness. We have also presented a multi-option parameter selection to use a signature-verification pair of expressions at particular index by adopting the common practice of human beings for using different signatures as per document criticality level. It enhances the security strength to guard against traffic analysis attacks. We have developed an experimental setup where a number of cell phones and smart devices are considered for secure communication using existing and proposed digital signature schemes. Results demonstrate the supremacy of our scheme as compared to preliminaries.

Fatemeh Rezaeibagha,Yi Mu,Xinyi Huang,Wenjie Yang,Ke Huang

DOI: https://doi.org/10.1109/access.2019.2944631

IF: 3.9

2019-01-01

IEEE Access

Abstract:In recent years, Industrial Internet of Things (IIoT) has become increasingly important for applications in the industry. Inevitably, security for IIoT has become a priority in order to deploy secure applications. Amongst available cryptographic tools, certificateless signature schemes offer sound authentication solutions and avoid public-key certification from Trusted Third Parties (TTP). Certificateless signatures solve the key escrow problem against the dishonest Private Key Generator (PKG) and has considered to be a useful tool for IIoT applications. Recently, Karati et al. (IEEE Trans. Industrial Informatics, vol.14, no. 8, 2018) presented a lightweight certificateless signature scheme for IIoT Environments. This scheme was then broken by Zhang et al. (IEEE Access, vol. 8, 2018) by simply allowing to change the public key of the signer and using the homomorphic property of the original scheme. In this paper, we introduce a new attack to the scheme against the existential unforgeability, which is universal since we do not have to assume homomorphic property. We then introduce an entirely new lightweight certificateless signature scheme, which has been proven to be fully secure against all attacks found earlier. Our scheme is the first lightweight certificateless signature scheme with full security and is the most efficient in comparison with other existing schemes. It is desirable for IIoT applications. We also provide experimental results to justify our claims.

Fagen Li,Yiliang Han,Chunhua Jin

DOI: https://doi.org/10.1007/s11276-015-1145-3

IF: 2.701

2015-01-01

Wireless Networks

Abstract:The Internet of Things (IoT) is an emerging network paradigm that aims to obtain the interactions among pervasive things through heterogeneous networks. Security is an important task in the IoT. Luo et al. (Secur Commun Netw 7(10): 1560–1569, 2014) proposed a certificateless online/offline signcryption (COOSC) scheme for the IoT (hereafter called LTX). Unfortunately, Shi et al. showed that LTX is not secure. An adversary can easily obtain the private key of a user by a ciphertext. Recently, Li et al. proposed a new COOSC scheme (hereafter called LZZ). However, both LTX and LZZ need a point multiplication operation in the online phase, which is not suitable for resource-constrained devices. To overcome this weakness, we propose a new COOSC scheme and prove its security in the random oracle model. In addition, we analyze the performance of our scheme and show its application in the IoT.

Nabeil Eltayieb,Rashad Elhabob,Yongjian Liao,Fagen Li,Shijie Zhou

DOI: https://doi.org/10.1016/j.jisa.2024.103763

IF: 4.96

2024-01-01

Journal of Information Security and Applications

Abstract:The Snowden leaks exposed the truth that skilled attackers can access users’ devices and steal their private information. Although public key encryption is widely used and theoretically secure, it has hidden vulnerabilities when implemented in practice. This is especially problematic when employing communication channels among heterogeneous protocols within the Internet of Things (IoT), it becomes apparent that these channels lack adequate protection to address the diverse nature of IoT systems. This work proposes a novel Heterogeneous Online/Offline Signcryption with Cryptographic Reverse Firewalls (HOOS-CRF). The scheme enables a secure communication channel between the sender in an Identity-based cryptosystem (IBC) and the receiver in the Public Key Infrastructure (PKI) cryptosystem with CRF deployed. To reduce computational costs, we split the signcryption algorithm into two stages: online and offline. Most resource-intensive operations are performed during the offline stage, which operates without any knowledge of the message being processed. The HOOS-CRF scheme provides confidentiality, authentication, and defense against insider security attacks. Meanwhile, we prove the security of the HOOS-CRF using the random oracle model and demonstrate its high efficiency and practicality through experiments. Lastly, the scheme’s relevance to IoT-driven healthcare applications is demonstrated.

Xin Chen,Debiao He,Muhammad Khurram Khan,Min Luo,Cong Peng

DOI: https://doi.org/10.1109/jiot.2022.3233180

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:The Internet of Medical Things (IoMT), which integrates medical sensors with the Internet of Things, is helpful for providing remote diagnosis and real-time decision making. Massive data collected by medical and healthcare monitoring sensors in the IoMT involves sensitive patient information. It brings some security challenges to validate the legitimacy of participating entities and protect patient data privacy. A certificateless signcryption (CLSC) scheme combines encryption and signature that can offer authenticity, confidentiality, and unforgeability, providing a viable solution to the data privacy issue of the IoMT. However, existing CLSC schemes fail to meet confidentiality or unforgeability, or require expensive computation overhead to perform pairing operations. This article first presents a new CLSC scheme for secure data transmission and better smart services in IoMT, which replaces the signature part with the Schnorr signature. We then give a thorough security proof under the random oracle model. Besides, we elaborately evaluate the performance and security of some existing solutions with our solution. Finally, the experiment results indicate that our solution can achieve a better balance between security and performance than some existing schemes. Therefore, in terms of feasibility, our scheme is more suitable for the IoMT scenario.