Yang Ming,Xiaopeng Yu,Xiaoqin Shen

DOI: https://doi.org/10.1109/access.2020.3018488

IF: 3.9

2020-01-01

IEEE Access

Abstract:Healthcare Internet of Things (IoT) is an emerging paradigm, which can provide comprehensive and different types of health services and enable various types of medical sensors to monitor patient's health conditions. In the healthcare IoT, patient is deployed with a variety of medical sensors, which continuously monitors and collects patient's sensitive health data that needs specially protection for preventing privacy leakage. To safely send multiple different health data monitored by multiple different medical sensors to multiple corresponding healthcare professionals in one data report, several multi-message and multi-receiver signcryption schemes have been introduced by employing the traditional public key cryptography, identity-based cryptography or certificateless cryptography. However, these schemes suffer from the certificate management, key escrow and key distribution problem. Besides, due to the resource-constraint property of medical sensors, they are unsuitable for healthcare IoT in terms of both performance and privacy requirements. To solve these issues, this paper introduces an efficient anonymous certificate-based multi-message and multi-receiver signcryption scheme for healthcare IoT, where the certificate-based cryptography and elliptic curve cryptography are combined to simplify the certificate management problem, eliminate the key escrow problem, solve the key distribution problem and ensure the privacy-preserving. Furthermore, the security analysis suggests that the proposed scheme is able to achieve the confidentiality, unforgeability, receiver anonymity, sender anonymity and decryption fairness; the performance evaluation indicates that the proposed scheme brings to the lower computation cost and communication cost in comparison to the existing schemes.

Arijit Karati,Chun-I Fan,Ruei-Hau Hsu

DOI: https://doi.org/10.1109/jiot.2019.2939204

IF: 10.6

2019-12-01

IEEE Internet of Things Journal

Abstract:The Internet of Things (IoT) is revolutionizing our modern lives by introducing active connection between smart devices. However, IoT devices are repeatedly exhibiting many security flaws, which will inevitably lead to eavesdropping and impersonation attacks. Thus, providing a proper security in IoT becomes a prime focus for the researchers. In cryptography, certificateless signcryption (CLSC) is one of the recent public key techniques for the security requirements of the authenticity and confidentiality of any message between the parties. In this article, a new generalized CLSC (gCLSC) is introduced to provide the functions of digital signature and encryption to fulfill the authenticity and confidentiality for the resource-constrained IoT devices. Besides, the gCLSC supports the property of public verifiability and security of an ideal signcryption under the strong Diffie–Hellman and bilinear Diffie–Hellman inversion problems without random oracle model. Performance assessment of the gCLSC gives satisfactory results after comparing with other competitive CLSC schemes in terms of its functionality. Therefore, the gCLSC can be adopted in the IoT networks where authenticity, confidentiality, and lightweight are the essential factors.

Huifang Yu,Runtao Ren

DOI: https://doi.org/10.1109/jsyst.2021.3096531

IF: 4.802

2021-01-01

IEEE Systems Journal

Abstract:Driven by new situation of "Internet +," Internet has achieved the integrated development with all walks of life. Among them, the fifth generation is a key technology to promote the deep integration of Internet-of-Things equipment, cloud computing, blockchain and other trades. Hence, it is necessary for IoTs to consider the cost and efficiency of authentication and confidentiality of the communication. For effectively solving the above problems, we devise certificateless elliptic curve aggregate signcryption (CL-ECASC) scheme for IoTs that can improve the authentication efficiency, realize data confidentiality, and avoid the problems of complex certificate management and key escrow. Under the hardness of discrete logarithm and computational DiffieHellman problems on elliptic curve, CL-ECASC is proved to has the IND-CCA2 security (indistinguishability under the adaptive chosen-ciphertext attacks) and UF-CMA security (existentially unforgeable under the adaptive chosen-message attacks). CL-ECASC has relatively faster computation efficiency and lower communication cost, and so it is suitable for secure transmission of the information in the previously mentioned environments.

computer science, information systems,telecommunications,engineering, electrical & electronic,operations research & management science

Vijay Kumar Yadav,Nitish Andola,Shekhar Verma,S. Venkatesan

DOI: https://doi.org/10.1007/s11227-022-04795-8

2022-10-07

Abstract:Internet of things (IoT) devices are being used to provide services to different spheres of society. These devices gather data from industries and forward their data to the cloud server to minimize data storage and processing. In IoT, the cloud plays an important role because IoT is a resource constraint device with limited battery and memory. In order to handle this, IoT devices gather the data and send it to the cloud server so that space will be available for IoT data at the IoT device. Apart from this, IoT devices are computationally inefficient. For example, sometimes users want huge computation of IoT data, but due to the limited computation power of IoT devices, users cannot get the results. To overcome this issue, IoT device collaborates with the cloud server and outsource the data to it. The cloud server has huge computational power; it uses the received data, performs the computation, and sends it back to the IoT device. Authentication of the outsourced IoT data is a serious concern in the industrial IoT network. Several certificateless signature (CLS) schemes have been proposed to provide for data authentication in the IoT network. Current CLS schemes either suffer from the huge computation overhead or adversarial attacks. To solve these problems, we propose a provably secure certificateless signature (PSCLS) scheme. The PSCLS scheme's security depends on the computational Diffie-Hellman problem in the random oracle model with a tight reduction. The scheme requires only one pairing operation, and it is secure from adversarial attacks. We analyzed the PSCLS scheme's performance with the other existing CLS schemes in terms of computation and communication costs. The results prove that the PSCLS scheme performs better than the other existing CLS schemes.

computer science, theory & methods,engineering, electrical & electronic, hardware & architecture

Cong Peng,Jianhua Chen,Mohammad S. Obaidat,Pandi Vijayakumar,Debiao He

DOI: https://doi.org/10.1109/jiot.2019.2949708

IF: 10.6

2020-01-01

IEEE Internet of Things Journal

Abstract:With the popularity of edge computing, edge nodes are connected with the Internet of Things (IoT) devices to process and analyze IoT-created data, and feedback corresponding results to users, devices, or data centers. In the edge computing environment, multicast is a typical communication pattern to support data transmitting between edges and devices. It allows the sender to send messages to multiple receivers in one broadcast message. To construct a secure multicast channel, the primary issue is to ensure the privacy and credibility of the transmitted message in the open wireless communication. Then, another essential issue for multicast channels is receiver anonymity, i.e., only the sender knows the receivers’ identities. Also, efficiency and provable security are critical in scheme design. In this article, we design a certificateless multimessage and multireceiver signcryption (CLMMSC) scheme by using the elliptic curve cryptography. To facilitate lightweight deployment, we adapt the certificateless mechanism to reduce the system operation and maintenance costs. Then, through security proofs, we demonstrate that the proposed scheme can achieve the expected security properties. The performance analysis shows that the proposed scheme has lower communication costs than previous CLMMSC schemes.

Emmanuel Ahene,Junfeng Dai,Hao Feng,Fagen Li

DOI: https://doi.org/10.1007/s11235-018-0530-5

2018-01-01

Abstract:Cloud computing has proven to be applicable in smart grid systems with the help of the cloud-based Internet of things (IoT) technology. In this concept, IoT is deployed as a front-end enabling the acquisition of smart grid-related data and its outsourcing to the cloud for data storage purposes. It is obvious that data storage is a pertinent service in cloud computing. However, its wide adoption is hindered by the concern of having a secure access to data without a breach on confidentiality and authentication. To address this problem, we propose a novel data access control scheme that simultaneously accomplishes confidentiality and authentication for cloud-based smart grid systems. Our scheme can enable the storing of encrypted smart grid-related data in the cloud. When a user prefers to access the data, the data owner issues a delegation command to the cloud for data re-encryption. The cloud is unable to acquire any plaintext information on the data. Only authorized users are capable of decrypting the data. Moreover, the integrity and authentication of data can only be verified by the authorized user. We obtain the data access control scheme by proposing a pairing free certificateless signcryption with proxy re-encryption (CLS-PRE) scheme. We prove that our CLS-PRE scheme has indistinguishability against adaptive chosen ciphertext attack under the gap Diffie–Hellman problem and existential unforgeability against adaptive chosen message attack under elliptic curve discrete logarithm problem in the random oracle model.

Ms. K. Sudharani,Dr. N. K. Sakthivel

DOI: https://doi.org/10.14419/ijet.v10i1.21480

2021-02-19

International Journal of Engineering and Technology

Abstract:Certificateless Public Key Cryptography (CL-PKC) scheme is a new standard that combines Identity (ID)-based cryptography and tradi- tional PKC. It yields better security than the ID-based cryptography scheme without requiring digital certificates. In the CL-PKC scheme, as the Key Generation Center (KGC) generates a public key using a partial secret key, the need for authenticating the public key by a trusted third party is avoided. Due to the lack of authentication, the public key associated with the private key of a user may be replaced by anyone. Therefore, the ciphertext cannot be decrypted accurately. To mitigate this issue, an Enhanced Certificateless Proxy Signature (E-CLPS) is proposed to offer high security guarantee and requires minimum computational cost. In this work, the Hackman tool is used for detecting the dictionary attacks in the cloud. From the experimental analysis, it is observed that the proposed E-CLPS scheme yields better Attack Detection Rate, True Positive Rate, True Negative Rate and Minimum False Positives and False Negatives than the existing schemes.

Zhan Xie,Yong Chen,Ikram Ali,Chengwei Pan,Fagen Li,Wen He

DOI: https://doi.org/10.1109/tvt.2022.3230442

IF: 6.8

2022-01-01

IEEE Transactions on Vehicular Technology

Abstract:The emergence of the vehicular ad-hoc network (VANETs) could meet the need for an efficient and safe transportation. Vehicles wirelessly interact with nearby road-side units (RSUs) and send the data to the cloud servers (CS), but this approach has limitations (i.e., network congestion and privacy leakage). Edge computing can effectively solve problems of network congestion, feedback delay and privacy leakage during transmission caused by CS. Thus, this paper proposes a certificateless aggregate signcryption with onlineoffline encryption (CLOASC) based on edge computing (EDC). Correspondingly, certificateless signcryption (CLSC), onlineoffline encryption (OOE) and aggregate signcryption technology solve the key escrow problem, shorten the encryption time and realize the quick verification of multiple users, respectively. Furthermore, it is worth mentioning that the scheme we propose does not have any bilinear pairings or scalar multiplications in the online encryption stage, which greatly reduces the computational cost in the online stage. In the random oracle model, our scheme was proved to be existential unforgeability under adaptive chosen message attacks (EUF-ACM) and adaptive indistinguishability under chosen-ciphertext attack (IND-CCA2) security. Simulation results show that our scheme is computationally and communication based lightweight as compared to the related.

telecommunications,engineering, electrical & electronic,transportation science & technology

Rashad Elhabob,Yanan Zhao,Iva Sella,Hu Xiong

DOI: https://doi.org/10.1007/s12652-019-01365-4

2019-01-01

Abstract:Current time organizations have moved from the conventional industries to smart industries by embracing the approach of Industrial Internet of Things (IIoT), which has provided an avenue for the integration of smart devices and communication technologies. IIoT offers reduction of costs on services and technologies since it counts on the flexibility, availability and real-time data processing capabilities of the cloud server. And even with the untrusted nature of the cloud, the privacy and confidentiality of the data outsourced to the cloud has been able to be guaranteed. This has been achieved through encryption techniques apply to the data before outsourcing. This has made it feasible to have the data in the cloud secured. However, the limitation of data recovery due to it having the innate “all-or-nothing” decryption characteristic, results in a challenge in the search functionality for the encrypted data. In order to deal with this challenge, this paper nominates a Certificateless Public Key Cryptography with Authorized Equivalent Test (CL-PKC-AET). Whereby, a cloud server is given authority to actuate if two encryptions consist of the equivalent messages. Furthermore, the extra providence of a fine-grained testing capability to the cloud server makes the CL-PKC-AET scheme adaptable. We define our scheme basing on bilinear pairing and further advocate within the random oracle model its security, based on the Bilinear Diffie-Hellman assumption. Basing on comparison with existing work, our scheme proves to be more effective.

Guangxia Xu,Jingnan Dong,Chuang Ma,Jun Liu,Uchani Gutierrez Omar Cliff

DOI: https://doi.org/10.1109/jiot.2022.3151359

IF: 10.6

2022-01-01

IEEE Internet of Things Journal

Abstract:The emergence of edge computing makes it possible to realize new technologies such as virtual reality and augmented reality. However, a large number of devices and more messages at the edge bring more security problems. Therefore, it is an important research topic to provide users with faster network services while ensuring confidentiality and authentication of data transmission. Because signcryption can encrypt and sign messages at the same time, it has become a new cryptographic primitive. In the meantime, certificateless signcryption guarantees data confidentiality and authentication and addresses traditional single point failure problems based on the trust center and the problem of relying on a trusted third party. Therefore, certificateless signcryption has attracted great attention from academia and industry. But certificateless signcryption also faces two types of attacks. In order to more effectively resist these two types of attacks, we propose a certificateless signcryption mechanism based on blockchain. This mechanism can make good use of the nontamperable feature of blockchain, prevent illegal users from substituting public key of the user, and guarantee signature non-repudiation. And our scheme is investigated in a comparative study with eight schemes. Comparative analysis outcomes demonstrate our scheme has achieved better results in efficiency and security. The process of signcryption and unsigncryption consumes the least amount of computation, which is very suitable for the edge computing environment.

computer science, information systems,telecommunications,engineering, electrical & electronic

Kui Ma,Yanwei Zhou,Ying Wang,Chunsheng Dong,Zhe Xia,Bo Yang,Mingwu Zhang

DOI: https://doi.org/10.1109/jsyst.2023.3269597

IF: 4.802

2023-01-01

IEEE Systems Journal

Abstract:The Internet of Things (IoT) is helpful in making people's life more convenient and efficient. To ensure that the nodes within IoT can interact securely, a certificateless signature (CLS) can be used to protect message authentication in the IoT. Recently, some concrete constructions of CLS schemes have been proposed in the literature, but through our analyses, we demonstrate that some existing CLS schemes cannot keep their claimed security because of various security flaws. For example, a valid signature can be forged by any Type I adversary by replacing the corresponding user's public key. In this article, we describe the security flaws that need to be addressed and introduce a novel CLS scheme without using bilinear mapping. The existential unforgeability in our proposed scheme can be proved based on the hardness of the elliptic curve discrete logarithm problem in the random oracle model. The comparison with existing CLS schemes shows that our scheme not only enjoys more security features but also is more efficient in computation. Moreover, we introduce an identity authentication protocol as the application of our proposed CLS scheme, which achieves mutual authentication and anonymity in communications.

computer science, information systems,telecommunications,engineering, electrical & electronic,operations research & management science

Xiong Li,Tian Liu,Chaoyang Chen,Qingfeng Cheng,Xiaosong Zhang,Neeraj Kumar

DOI: https://doi.org/10.1109/jiot.2022.3165576

IF: 10.6

2022-01-01

IEEE Internet of Things Journal

Abstract:As an extension of cloud computing, edge computing has attracted the attention of academia and industry because of its characteristics of low latency, high bandwidth, and low energy consumption. However, due to limited terminal resources and insufficient security design, the edge computing environment still faces many challenges in terms of data security and privacy protection. Among them, how to effectively control access to outsourced data is one of the main issues. In this article, we propose a lightweight and verifiable ciphertext-policy attribute-based encryption (CP-ABE)-based multiauthority access control scheme for edge computing-assisted Internet of Things (IoT), which adopts the method of outsourcing decryption to mitigate the computational cost of data users with limited resources. In addition, our scheme realizes the feature of attribute revocation, and the design of the multiauthority mechanism enables our scheme to avoid the problem of key escrow. Therefore, our proposed scheme not only ensures data confidentiality but also can resist the collusion attack. Besides, our scheme is secure against the chosen plaintext attack in the random oracle model under the decision $q$ -BDHE assumption. Finally, we compared our scheme with some related work in performance, and the results demonstrate that our scheme is efficient in computation and communication. Because our scheme greatly mitigates the overhead of data users, it is very suitable for edge computing supported IoT applications with restricted computation resources.

Fagen Li,Bo Liu,Jiaojiao Hong

DOI: https://doi.org/10.1007/s00607-017-0548-7

2017-01-01

Computing

Abstract:Data storage is one of main services in cloud computing. How to ensure the confidentiality and authorized access of data is the central issue of data storage. In this paper, we propose a novel data access control scheme that can simultaneously achieve confidentiality and authentication for cloud computing. In this scheme, users store encrypted data in the cloud. When a user wants to access the data, the data owner delegates the cloud to re-encrypt the data and only the authorized user can decrypt the data. The cloud can not get any plaintext information about the data. In addition, the authorized user can verify the integrity and authentication of the data. We realize the data access control scheme by proposing an identity-based signcryption (IBSC) scheme with proxy re-encryption. We prove that the IBSC scheme has the indistinguishability against adaptive chosen ciphertext attack under the decisional bilinear Diffie-Hellman problem and existential unforgeability against adaptive chosen message attack under the computational Diffie-Hellman problem in the random oracle model.

Rashad Elhabob,Yanan Zhao,Iva Sella,Hu Xiong

DOI: https://doi.org/10.1109/access.2019.2917326

IF: 3.9

2019-01-01

IEEE Access

Abstract:The fast progression of the Internet of Vehicles (IoV) has resulted in a large number of vehicles connecting to networks. This leads to massive growth in the data collected from vehicles via IoV. Fortunately, cloud computing provides a vast range of services such as operating systems, hardware, software, and resources. Therefore, the massive amount of data cumulated through IoV can be outsourced to the cloud. However, considering the untrusted nature of the cloud, the cumulated data must be encrypted before it is outsourced to the cloud server. Unfortunately, this ensures to difficulty while searching the data. To address this challenge, an efficient certificateless public key cryptography with equality test (CL-PKC-ET) is presented in this paper. In this scheme, the authorized cloud server has the permission to execute the equality test on encrypted data and retrieve the result without knowing any relevant information about the ciphertext. Our CL-PKC-ET scheme is demonstrated under the Bilinear Diffie-Hellman assumption in the random oracle model. Ultimately, we compare the CL-PKE-ET with a state-of-art scheme and the performance evaluation indicates that our scheme accomplishes 96.40%, 32.08%, and 43.98% reduction in computation costs during the encryption, decryption, and test stages, respectively. Therefore, we assert that our scheme is ideal for deployment in both the cloud and IoV environments.

Ullah Shamsher,Li Xiang-Yang,Lan Zhang

DOI: https://doi.org/10.1007/s11042-020-09027-w

IF: 2.577

2020-01-01

Multimedia Tools and Applications

Abstract:To prevent man-in-the-middle attack, Diffie-Hellman first proposed the concept of the session key exchange protocol, in which the author remove the long term keying material at the end of the session. In our scheme, we apply the session key concept of Diffie-Hellman for cloud computing in the presence of the Trusted Third Party (TTP). Our proposed scheme provides SEVEN security properties by using the session key exchange protocols as symmetric. In our scheme, TTP becomes free from a burden of activities, like to encrypt the requests (Ri) of the Cloud Service Users (CSUs) and to decrypt the services (Si) of the Cloud Service Providers (CSPs) again and again. By using S Performance (EP) for Elliptic Curve Point Multiplication (ECPM), Hash (H), Inversion (Inv), Exclusive oR (XoR), Encryption (Enc), and Decryption (Dec) is (87.5%, 62.5%, 57.14%), (87.5% and 75%), (75%), (97.82% and ≤ 1%), (92.85%) and (50%) respectively. The security requirements of our scheme are; data integrity, data confidentiality, authenticity, non-repudiation, forward secrecy, unforgeability, and untraceability. Our proposed scheme also outperformed performance in terms of flexibility, reliability, and efficiency as compared to existing schemes.

Xiaopeng Yu,Wei Zhao,Dianhua Tang

DOI: https://doi.org/10.1016/j.sysarc.2022.102457

IF: 5.836

2022-05-01

Journal of Systems Architecture

Abstract:Edge computing is an emerging computing paradigm, which extends the functions of cloud centre to the edge of the networks, and brings great convenience to solving problems of delay and bandwidth in the traditional cloud computing paradigm. In edge computing architecture, one-to-many communication is a important communication mode that supports the edge nodes to send one message to multiple terminal devices in one broadcast report. To build a secure one-to-many communication, several multi-receiver signcryption (MRSC) schemes have been brought forward to ensure the security of broadcast messages. However, the existing MRSC schemes need the heavy computation and communication cost, and is not suitable for IoT terminal devices with limited resources. Besides, most of the existing MRSC schemes are vulnerable to the security and privacy leakage, and fail in achieving the decryption fairness. To solve these problems, based on the implicit certificate (IC) cryptosystem and polynomial interpolation evaluation, this paper proposes an provably secure multi-receiver IC-based signcryption (MRICSC) scheme for one-to-many communication in edge computing. The security analysis evidences the proposed MRICSC scheme can ensure the security. With the experimental results indicating that the proposed MRICSC scheme achieves the better performance than existing schemes.

computer science, software engineering, hardware & architecture

Ikram Ali,Yong Chen,Chengwei Pan,Songge Chen

DOI: https://doi.org/10.1109/tiv.2024.3455352

IF: 8.2

2024-01-01

IEEE Transactions on Intelligent Vehicles

Abstract:The Internet of Vehicles (IoV) relies on wireless technology for the transmission of messages, which exposes it to potential attacks. To address this, researchers have developed various methods to ensure secure message transmission between vehicles and infrastructure. However, these methods often require substantial computational power and communication resources, making them unsuitable for time-sensitive communications. To tackle this issue, we present an efficient certificateless cryptosystem (CLC) and a public key infrastructure (PKI)-based heterogeneous signcryption (HSC) scheme tailored for fog computing-enabled IoV, denoted as CPHSC-IoV. This scheme facilitates communication from a vehicle within the CLC setting to a roadside unit (RSU) equipped with fog computing devices within the PKI setting. It aims to secure the message by guaranteeing confidentiality, authentication, integrity, and non-repudiation all at once in a single logical process. When multiple messages are transmitted, the RSU initially aggregates these messages and then processes them together using the batch verification method, further improving performance. Our scheme is existentially unforgeable against adaptive chosen message attacks and indistinguishable against adaptive chosen ciphertext attacks in the random oracle model. Furthermore, it outperforms the recent relevant schemes in terms of computational overhead, communication/storage cost, and average transmission delay.

Yingzhe Hou,Xin Huang,Yanan Chen,Sachin Kumar,Hu Xiong

DOI: https://doi.org/10.1002/ett.4190

IF: 3.6

2020-12-10

Transactions on Emerging Telecommunications Technologies

Abstract:<p>The prosperity of Internet of Things (IoT) has brought numerous advantages to individuals and organizations. Since the transmission channel is usually considered as untrusted, the notion of signcryption seems to be the desired method to ease the defect. Nevertheless, this primitive inevitably faces the new obstacle that how to search the required data without decrypting it. Therefore, inheriting the excellence of signcryption and equality test, we present a heterogeneous signcryption protocol supporting the equality test from public key infrastructure (PKI) to certificateless cryptosystem (CLC) toward IoT environment (PK‐CLET). In this way, the introduced construction not only preserves the integrity, confidentiality and unforgeability of data, but also allows the cloud server to perform the equality test on different ciphertexts. Moreover, the security of PK‐CLET as well as the performance evaluation are both shown that it is more suitable for IoT.</p>

telecommunications

Bin Wu,Caifen Wang,Hailong Yao

DOI: https://doi.org/10.1371/journal.pone.0230722

IF: 3.7

2020-04-09

PLoS ONE

Abstract:With the rapid development of informatization, an increasing number of industries and organizations outsource their data to cloud servers, to avoid the cost of local data management and to share data. For example, industrial Internet of things systems and mobile healthcare systems rely on cloud computing's powerful data storage and processing capabilities to address the storage, provision, and maintenance of massive amounts of industrial and medical data. One of the major challenges facing cloud-based storage environments is how to ensure the confidentiality and security of outsourced sensitive data. To mitigate these issues, He et al. and Ma et al. have recently independently proposed two certificateless public key searchable encryption schemes. In this paper, we analyze the security of these two schemes and show that the reduction proof of He et al.'s CLPAEKS scheme is incorrect, and that Ma et al.'s CLPEKS scheme is not secure against keyword guessing attacks. We then propose a channel-free certificateless searchable public key authenticated encryption (dCLPAEKS) scheme and prove that it is secure against inside keyword guessing attacks under the enhanced security model. Compared with other certificateless public key searchable encryption schemes, this scheme has higher security and comparable efficiency.

Abdalla Hadabi,Zheng Qu,Rashad Elhabob,Sachin Kumar,Saru Kumari,Hu Xiong

DOI: https://doi.org/10.1002/ett.4990

IF: 3.6

2024-01-01

Transactions on Emerging Telecommunications Technologies

Abstract:Many different sectors are beginning to deploy cyber-physical systems (CPS) and industrial Internet of Things (IIoT) devices, including wearables, sensors, and critical infrastructure. In order to ensure that the device's data remains confidential, it must be encrypted prior to transmission. However, obtaining authenticity and integrity in IIoT data is also crucial, and signcryption has been proposed as a solution to this challenge. An additional obstacle is how to search for signcrypted cloud data using plaintext keywords. In this paper, we suggest a plaintext-checkable identity-based signcryption for CPS towards IIoT (IBSC-PCE), which enables plaintext searching of signcrypted cloud-based data. We provide both confidentiality and integrity and also demonstrate the security of our approach under the q-Diffie-Hellman inversion problem (q-DHIP). This problem has been shown to be secure in the random oracle model (ROM), which further reinforces the robustness of our approach. Compared to current state-of-the-art methods, our proposed approach outperforms them. The IBSC-PCE scheme is founded on an identity-based setup, enabling authorized users to query signcrypted data using plaintext keywords. Security is ensured by achieving EUF-CMA security and Unlinkability, and it is more efficient for CPS deployments within IIoT settings compared to existing literature. image