Manoj Kumar,Harsh Kumar Verma,Geeta Sikka

DOI: https://doi.org/10.1002/ett.3883

IF: 3.6

2020-03-22

Transactions on Emerging Telecommunications Technologies

Abstract:<p>Cloud‐edge (CE) is revolutionizing our modern world with a greater user experience through the Internet of Things (IoT). However, the edge devices, communication bridge between the cloud and users, are repeatedly exhibiting many security flaws which will inevitably lead to massive cyber attacks. Thus, providing a proper security, specifically, the confidentiality and authenticity of sensitive data become a prime focus for many of the researchers. In cryptography, certificateless signcryption (CLSC) is one of the recent public key techniques that meets the requirements of confidentiality and authenticity of sensitive data between parties with minimal overhead. This paper aims to present a new data sharing protocol where the safety of data is achieved through a new CLSC scheme. The proposed CLSC is designed using the bilinear pairing and modular exponentiation operations. Besides, the CLSC is secure based on the intractability of Diffie‐Hellman inversion (DHI) and bilinear‐DHI assumptions without considering the random oracle model (ROM). Performance assessment of proposed CLSC gives satisfactory results after comparing with other related CLSC schemes. Therefore, proposed CLSC can be installed in the cloud‐based edge‐IoT environment where both the authenticity and confidentiality with minimal computational overhead are the essential factors.</p>

telecommunications

Kui Ma,Yanwei Zhou,Ying Wang,Chunsheng Dong,Zhe Xia,Bo Yang,Mingwu Zhang

DOI: https://doi.org/10.1109/jsyst.2023.3269597

IF: 4.802

2023-01-01

IEEE Systems Journal

Abstract:The Internet of Things (IoT) is helpful in making people&#x27;s life more convenient and efficient. To ensure that the nodes within IoT can interact securely, a certificateless signature (CLS) can be used to protect message authentication in the IoT. Recently, some concrete constructions of CLS schemes have been proposed in the literature, but through our analyses, we demonstrate that some existing CLS schemes cannot keep their claimed security because of various security flaws. For example, a valid signature can be forged by any Type I adversary by replacing the corresponding user&#x27;s public key. In this article, we describe the security flaws that need to be addressed and introduce a novel CLS scheme without using bilinear mapping. The existential unforgeability in our proposed scheme can be proved based on the hardness of the elliptic curve discrete logarithm problem in the random oracle model. The comparison with existing CLS schemes shows that our scheme not only enjoys more security features but also is more efficient in computation. Moreover, we introduce an identity authentication protocol as the application of our proposed CLS scheme, which achieves mutual authentication and anonymity in communications.

computer science, information systems,telecommunications,engineering, electrical & electronic,operations research & management science

Vijay Kumar Yadav,Nitish Andola,Shekhar Verma,S. Venkatesan

DOI: https://doi.org/10.1007/s11227-022-04795-8

2022-10-07

Abstract:Internet of things (IoT) devices are being used to provide services to different spheres of society. These devices gather data from industries and forward their data to the cloud server to minimize data storage and processing. In IoT, the cloud plays an important role because IoT is a resource constraint device with limited battery and memory. In order to handle this, IoT devices gather the data and send it to the cloud server so that space will be available for IoT data at the IoT device. Apart from this, IoT devices are computationally inefficient. For example, sometimes users want huge computation of IoT data, but due to the limited computation power of IoT devices, users cannot get the results. To overcome this issue, IoT device collaborates with the cloud server and outsource the data to it. The cloud server has huge computational power; it uses the received data, performs the computation, and sends it back to the IoT device. Authentication of the outsourced IoT data is a serious concern in the industrial IoT network. Several certificateless signature (CLS) schemes have been proposed to provide for data authentication in the IoT network. Current CLS schemes either suffer from the huge computation overhead or adversarial attacks. To solve these problems, we propose a provably secure certificateless signature (PSCLS) scheme. The PSCLS scheme's security depends on the computational Diffie-Hellman problem in the random oracle model with a tight reduction. The scheme requires only one pairing operation, and it is secure from adversarial attacks. We analyzed the PSCLS scheme's performance with the other existing CLS schemes in terms of computation and communication costs. The results prove that the PSCLS scheme performs better than the other existing CLS schemes.

computer science, theory & methods,engineering, electrical & electronic, hardware & architecture

Yang Ming,Xiaopeng Yu,Xiaoqin Shen

DOI: https://doi.org/10.1109/access.2020.3018488

IF: 3.9

2020-01-01

IEEE Access

Abstract:Healthcare Internet of Things (IoT) is an emerging paradigm, which can provide comprehensive and different types of health services and enable various types of medical sensors to monitor patient's health conditions. In the healthcare IoT, patient is deployed with a variety of medical sensors, which continuously monitors and collects patient's sensitive health data that needs specially protection for preventing privacy leakage. To safely send multiple different health data monitored by multiple different medical sensors to multiple corresponding healthcare professionals in one data report, several multi-message and multi-receiver signcryption schemes have been introduced by employing the traditional public key cryptography, identity-based cryptography or certificateless cryptography. However, these schemes suffer from the certificate management, key escrow and key distribution problem. Besides, due to the resource-constraint property of medical sensors, they are unsuitable for healthcare IoT in terms of both performance and privacy requirements. To solve these issues, this paper introduces an efficient anonymous certificate-based multi-message and multi-receiver signcryption scheme for healthcare IoT, where the certificate-based cryptography and elliptic curve cryptography are combined to simplify the certificate management problem, eliminate the key escrow problem, solve the key distribution problem and ensure the privacy-preserving. Furthermore, the security analysis suggests that the proposed scheme is able to achieve the confidentiality, unforgeability, receiver anonymity, sender anonymity and decryption fairness; the performance evaluation indicates that the proposed scheme brings to the lower computation cost and communication cost in comparison to the existing schemes.

Huifang Yu,Runtao Ren

DOI: https://doi.org/10.1109/jsyst.2021.3096531

IF: 4.802

2021-01-01

IEEE Systems Journal

Abstract:Driven by new situation of "Internet +," Internet has achieved the integrated development with all walks of life. Among them, the fifth generation is a key technology to promote the deep integration of Internet-of-Things equipment, cloud computing, blockchain and other trades. Hence, it is necessary for IoTs to consider the cost and efficiency of authentication and confidentiality of the communication. For effectively solving the above problems, we devise certificateless elliptic curve aggregate signcryption (CL-ECASC) scheme for IoTs that can improve the authentication efficiency, realize data confidentiality, and avoid the problems of complex certificate management and key escrow. Under the hardness of discrete logarithm and computational DiffieHellman problems on elliptic curve, CL-ECASC is proved to has the IND-CCA2 security (indistinguishability under the adaptive chosen-ciphertext attacks) and UF-CMA security (existentially unforgeable under the adaptive chosen-message attacks). CL-ECASC has relatively faster computation efficiency and lower communication cost, and so it is suitable for secure transmission of the information in the previously mentioned environments.

computer science, information systems,telecommunications,engineering, electrical & electronic,operations research & management science

Yingzhe Hou,Xin Huang,Yanan Chen,Sachin Kumar,Hu Xiong

DOI: https://doi.org/10.1002/ett.4190

IF: 3.6

2020-12-10

Transactions on Emerging Telecommunications Technologies

Abstract:<p>The prosperity of Internet of Things (IoT) has brought numerous advantages to individuals and organizations. Since the transmission channel is usually considered as untrusted, the notion of signcryption seems to be the desired method to ease the defect. Nevertheless, this primitive inevitably faces the new obstacle that how to search the required data without decrypting it. Therefore, inheriting the excellence of signcryption and equality test, we present a heterogeneous signcryption protocol supporting the equality test from public key infrastructure (PKI) to certificateless cryptosystem (CLC) toward IoT environment (PK‐CLET). In this way, the introduced construction not only preserves the integrity, confidentiality and unforgeability of data, but also allows the cloud server to perform the equality test on different ciphertexts. Moreover, the security of PK‐CLET as well as the performance evaluation are both shown that it is more suitable for IoT.</p>

telecommunications

Dongmei Chen,Yining Liu,Fei Zhou,Lihui Li,Yangfan Liang

DOI: https://doi.org/10.1016/j.sysarc.2024.103268

IF: 5.836

2024-08-30

Journal of Systems Architecture

Abstract:The widespread application of wireless sensor technology in the Internet of Things (IoT) industry significantly enhances productivity. However, the large scale deployment of IoT and the inherent vulnerabilities of wireless communication methods to attacks present significant new challenges. Consequently, there is a need to address the efficiency and security of information transfer in IoT. To effectively solve these issues, this paper presents a secure and efficient pairing-free certificateless aggregated signcryption (CL-ASC) scheme for IoT based on the elliptic curve cryptosystem. Our scheme avoids the complex certificate management issues associated with Public Key Cryptography (PKC) and the key escrow problem found in identity-based cryptography, while maintaining the storage and communication efficiency benefits of aggregated signcryption. The use of secure signcryption and aggregation techniques effectively resists a variety of potential attacks. Both formal and informal security analyses demonstrate that our scheme meets the expected security requirements. Specifically, our scheme shows significant improvements in computational and communication overheads. Compared to other state-of-the-art protocols, our scheme achieves signcryption computation cost of 0.691 ms, unsigncryption computation cost of 3.917 ms for 5 messages, and a total cost of 4.608 ms for 5 messages. Additionally, it provides a signcryption communication overhead of 128 bytes and aggregated communication overhead of 580 bytes for 5 messages.

computer science, software engineering, hardware & architecture

Wenzhan Zhang,Yanhui Zhang,Chong Guo,Qi An,Yuming Guo,Ximing Liu,Shijun Zhang,Junjia Huang

DOI: https://doi.org/10.1155/2022/3687332

IF: 3.12

2022-02-26

Computational Intelligence and Neuroscience

Abstract:The rapid development of the Internet of Things (IoT) has accelerated the integration of science and technology with life, enabling the public to start enjoying the convenience brought by intelligent living. However, there are multiple resource-constrained sensing devices in IoT, which are always facing various external or internal attacks, making it difficult to ensure the secure transmission of sensitive data in IoT. Therefore, to address the problem of data transmission in resource-constrained devices in IoT, we propose a new certificateless hybrid signcryption scheme for IoT. It is a novel scheme that satisfies confidentiality and unforgeability, showing higher computational efficiency and lower overhead of transmission. To prove that it satisfies the efficent transmission of IoT, we conduct simulation experiments, and the experimental results show that our proposed scheme has higher efficiency than the existing schemes.

mathematical & computational biology,neurosciences

Hu Xiong,Yan Wu,Chunhua Su,Kuo-hui Yeh

DOI: https://doi.org/10.1016/j.jisa.2020.102507

IF: 4.96

2020-08-01

Journal of Information Security and Applications

Abstract:<p>With the continuously developing wireless communication technique, the Internet of Things (IoT) has been deployed in various domains. In the IoT, numerous smart devices exchange information transparently and seamlessly via the open channel to provide intelligent and convenient services for the citizens. Due to the vulnerable nature of the communication channel, ensuring data authenticity of the transmitted information is a challenging issue. Certificateless signature (CLS) is regarded as an appropriate cryptographical primitive to protect data authenticity in the IoT. However, the existing CLS schemes are infeasible for the practical IoT systems, since individual verification causes network congestion and service delay in the face of massive service requests. To improve the verification efficiency, plenty of CLS schemes with batch verification have been investigated to verify multiple signatures quickly at once. Despite the improvement of verification efficiency, these schemes have poor efficiency or security issue. Furthermore, the batch verification failure cannot be settled in these schemes, which reduces the advantage of batch verification significantly. Motivated by the above problems, this paper presents a secure and efficient CLS scheme with batch verification and invalid signature identification. The proposed scheme is provably secure under the random oracle model. The comprehensive comparison analysis demonstrates that the presented scheme is superior to the related works in security and performance.</p>

computer science, information systems

Sumithra Alagarsamy,Vijayalakshmi Nagarajan,M. M. Yamuna Devi

DOI: https://doi.org/10.1007/s11276-023-03624-x

IF: 2.701

2024-01-31

Wireless Networks

Abstract:The technological breakthroughs of Internet of thing (IoT) applications in various sectors are nowadays contributing to the development of smart mobile IoT (SM-IoT). Lack of authentication and encryption schemes make SM-IoT more susceptible to major security and privacy issues. Signcryption has evolved as a new paradigm in recent years that provides better authenticity and security to the messages and minimizes both computation cost and communication costs simultaneously. To secure the communicated message on the sender and receiver sides, this paper proposes an efficient and secure decentralized communication system to offer personalized service for the users. The proposed network framework comprises four key entities namely trusted service providers, gateways, resource senders, and receivers. The master private keys are generated at the initial setup phase. Then, the optimal partial private keys are extracted and broadcasted through the channel by the key extraction process utilizing the fuzzy whale sine cosine levy algorithm. The ciphertext is generated for the sender on signcryption using a modified Identity-based Cryptography approach. The signcryption ciphertext generated is broadcasted via gateways to the receiver by measuring verification parameters. Finally, the designcryption process is performed using the certificateless hybrid signcryption scheme to retrieve the plaintext message. The proposed secure communication network is evaluated using performance metrics such as bilinear pairing time, modular experimentation time, pairing-based experimentation time, elliptic curve (EC) scalar point multiplication time, map-to-point hash function time, and EC point addition time. The experimental results revealed the effectiveness of the proposed secure communication framework on both the sender and receiver sides.

computer science, information systems,telecommunications,engineering, electrical & electronic

Jingwei Liu,Lihuan Zhang,Rong Sun,Xiaojiang Du,Mohsen Guizani

DOI: https://doi.org/10.48550/arXiv.1811.03741

2018-11-09

Abstract:With the emerging of mobile communication technologies, we are entering the fifth generation mobile communication system (5G) era. Various application scenarios will arise in the 5G era to meet the different service requirements. Different 5G network slicings may deploy different public key cryptosystems. The security issues among the heterogeneous systems should be considered. In order to ensure the secure communications between 5G network slicings, in different public cryptosystems, we propose two heterogeneous signcryption schemes which can achieve mutual communications between the Public Key Infrastructure (PKI) and the CertificateLess public key Cryptography (CLC) environment. We prove that our schemes have the INDistinguishability against Adaptive Chosen Ciphertext Attack (IND-CCA2) under the Computational Diffie-Hellman Problem (CDHP) and the Existential UnForgeability against adaptive Chosen Message Attack (EUF-CMA) under the Discrete Logarithm Problem (DLP) in the random oracle model. We also set up two heterogeneous cryptosystems on Raspberry Pi to simulate the interprocess communication between different public key environments. Furthermore, we quantify and analyze the performance of each scheme. Compared with the existing schemes, our schemes have greater efficiency and security.

Cryptography and Security

Dae-Hwi Lee,Im-Yeong Lee

DOI: https://doi.org/10.3390/s20185350

2020-09-18

Abstract:In the Internet of Things (IoT) environment, more types of devices than ever before are connected to the internet to provide IoT services. Smart devices are becoming more intelligent and improving performance, but there are devices with little computing power and low storage capacity. Devices with limited resources will have difficulty applying existing public key cryptography systems to provide security. Therefore, communication protocols for various kinds of participating devices should be applicable in the IoT environment, and these protocols should be lightened for resources-restricted devices. Security is an essential element in the IoT environment, so for secure communication, it is necessary to perform authentication between the communication objects and to generate the session key. In this paper, we propose two kinds of lightweight authentication and key agreement schemes to enable fast and secure authentication among the objects participating in the IoT environment. The first scheme is an authentication and key agreement scheme with limited resource devices that can use the elliptic curve Qu-Vanstone (ECQV) implicit certificate to quickly agree on the session key. The second scheme is also an authentication and key agreement scheme that can be used more securely, but slower than first scheme using certificateless public key cryptography (CL-PKC). In addition, we compare and analyze existing schemes and propose new schemes to improve security requirements that were not satisfactory.

Ikram Ali,Yong Chen,Niamat Ullah,Muhammad Afzal,HE Wen,Wen HE

DOI: https://doi.org/10.1109/tvt.2021.3078806

IF: 6.8

2021-06-01

IEEE Transactions on Vehicular Technology

Abstract:Vehicular ad-hoc networks (VANETs) enable vehicles to exchange safety information with the surrounding vehicles and infrastructure in order to ensure safety and efficiency in traffic management. Recently however, vehicles come from different manufacturers and therefore use different protocols for the transmission of messages. As a result, communication among vehicles become heterogeneous. Because of this, VANETs face problems related to security and performance. To address this, some heterogeneous vehicular communication-based schemes have been proposed. However, they do not perform well because of an increase in computational overhead. In order to resolve this, we propose a certificateless cryptosystem (CLC) and public key infrastructure (PKI)-based conditional privacy-preserving hybrid signcryption (CP-CPPHSC) scheme. This scheme utilizes bilinear pairings and provides security requirements in a single logical step. Through the CP-CPPHSC scheme, a message is transmitted by a vehicle using the CLC to a vehicle using the PKI. Additionally, the CP-CPPHSC scheme supports the batch unsigncryption method which helps a vehicle to unsigncrypt more than one messages simultaneously. In the random oracle model (ROM), our scheme ensures existential unforgeability against adaptive chosen message attack (EUF-CMA) with respect to a hardness assumption of q-strong Diffie-Hellman (q-SDH) and modified inverse computational Diffie-Hellman (mICDH) problems and indistinguishability against adaptive chosen ciphertext attack (IND-CCA2) with respect to a hardness assumption of q-bilinear Diffie-Hellman inversion (q-BDHI) problem. Our scheme effectively reduces computational cost when compared to state-of-the-art schemes without an increase in the communication cost.

telecommunications,engineering, electrical & electronic,transportation science & technology

Rafiq Ullah,Amjad Mehmood,Muhammad Altaf Khan,Carsten Maple,Jaime Lloret

DOI: https://doi.org/10.1007/s12083-024-01654-6

IF: 3.488

2024-04-28

Peer-to-Peer Networking and Applications

Abstract:Certificateless Proxy Signature (CLPS) offers a comprehensive authentication mechanism to ensure the optimal solutions from modern forgery attacks in Industrial Internet of Things (IIoTs) environment. CLPS is part of certificateless public key cryptography (CL-PKC) and has the benefits of eradicating many issues like key distribution problem. Although costly computational processing capabilities are consumed by smart devices during authentication process. This article proposed an authentication scheme for CLPS by using the mathematical cryptographic curve concepts of Hyper Elliptic Curve (HEC) to provide a secure and optimized communication approach in IIoTs environment. The arises key distribution problem in CLPS is also fixed. The scrutinized security analysis of proxy signature and delegation signature were performed to tackle different attacks like Machine-in-the-middle Attack (MiTM), Replay Attack, Key Replacement Attack, Impersonation Attack, and Chosen Message Attack. Due to HEC-DLP the forgery attack cannot succeeded. Finally, the proposed work is formally verified through the AVISPA tool. The comprehensive performance evaluation shows that the total computational cost is reduced to 49.48% and the communication overhead size is reduced to 49.57% with a comparative analysis of existing schemes. Thus, the proposed approach eradicates key distribution problems with an equal security level of RSA and ECC.

computer science, information systems,telecommunications

Weifeng Long,Lunzhi Deng,Jiwen Zeng,Yan Gao,Tianxiu Lu

DOI: https://doi.org/10.3390/s24154899

2024-07-28

Abstract:A Wireless Body Area Network (WBAN), introduced into the healthcare sector to improve patient care and enhance the efficiency of medical services, also brings the risk of the leakage of patients' privacy. Therefore, maintaining the communication security of patients' data has never been more important. However, WBAN faces issues such as open medium channels, resource constraints, and lack of infrastructure, which makes the task of designing a secure and economical communication scheme suitable for WBAN particularly challenging. Signcryption has garnered attention as a solution suitable for resource-constrained devices, offering a combination of authentication and confidentiality with low computational demands. Although the advantages offered by existing certificateless signcryption schemes are notable, most of them only have proven security within the random oracle model (ROM), lack public ciphertext authenticity, and have high computational overheads. To overcome these issues, we propose a certificateless anonymous signcryption (CL-ASC) scheme suitable for WBAN, featuring anonymity of the signcrypter, public verifiability, and public ciphertext authenticity. We prove its security in the standard model, including indistinguishability, unforgeability, anonymity of the signcrypter, and identity identifiability, and demonstrate its superiority over relevant schemes in terms of security, computational overheads, and storage costs.

Xiaopeng Yu,Wei Zhao,Dianhua Tang

DOI: https://doi.org/10.1016/j.sysarc.2022.102457

IF: 5.836

2022-05-01

Journal of Systems Architecture

Abstract:Edge computing is an emerging computing paradigm, which extends the functions of cloud centre to the edge of the networks, and brings great convenience to solving problems of delay and bandwidth in the traditional cloud computing paradigm. In edge computing architecture, one-to-many communication is a important communication mode that supports the edge nodes to send one message to multiple terminal devices in one broadcast report. To build a secure one-to-many communication, several multi-receiver signcryption (MRSC) schemes have been brought forward to ensure the security of broadcast messages. However, the existing MRSC schemes need the heavy computation and communication cost, and is not suitable for IoT terminal devices with limited resources. Besides, most of the existing MRSC schemes are vulnerable to the security and privacy leakage, and fail in achieving the decryption fairness. To solve these problems, based on the implicit certificate (IC) cryptosystem and polynomial interpolation evaluation, this paper proposes an provably secure multi-receiver IC-based signcryption (MRICSC) scheme for one-to-many communication in edge computing. The security analysis evidences the proposed MRICSC scheme can ensure the security. With the experimental results indicating that the proposed MRICSC scheme achieves the better performance than existing schemes.

computer science, software engineering, hardware & architecture

Zhan Xie,Yong Chen,Ikram Ali,Chengwei Pan,Fagen Li,Wen He

DOI: https://doi.org/10.1109/tvt.2022.3230442

IF: 6.8

2022-01-01

IEEE Transactions on Vehicular Technology

Abstract:The emergence of the vehicular ad-hoc network (VANETs) could meet the need for an efficient and safe transportation. Vehicles wirelessly interact with nearby road-side units (RSUs) and send the data to the cloud servers (CS), but this approach has limitations (i.e., network congestion and privacy leakage). Edge computing can effectively solve problems of network congestion, feedback delay and privacy leakage during transmission caused by CS. Thus, this paper proposes a certificateless aggregate signcryption with onlineoffline encryption (CLOASC) based on edge computing (EDC). Correspondingly, certificateless signcryption (CLSC), onlineoffline encryption (OOE) and aggregate signcryption technology solve the key escrow problem, shorten the encryption time and realize the quick verification of multiple users, respectively. Furthermore, it is worth mentioning that the scheme we propose does not have any bilinear pairings or scalar multiplications in the online encryption stage, which greatly reduces the computational cost in the online stage. In the random oracle model, our scheme was proved to be existential unforgeability under adaptive chosen message attacks (EUF-ACM) and adaptive indistinguishability under chosen-ciphertext attack (IND-CCA2) security. Simulation results show that our scheme is computationally and communication based lightweight as compared to the related.

telecommunications,engineering, electrical & electronic,transportation science & technology

Guangxia Xu,Jingnan Dong,Chuang Ma,Jun Liu,Uchani Gutierrez Omar Cliff

DOI: https://doi.org/10.1109/jiot.2022.3151359

IF: 10.6

2022-01-01

IEEE Internet of Things Journal

Abstract:The emergence of edge computing makes it possible to realize new technologies such as virtual reality and augmented reality. However, a large number of devices and more messages at the edge bring more security problems. Therefore, it is an important research topic to provide users with faster network services while ensuring confidentiality and authentication of data transmission. Because signcryption can encrypt and sign messages at the same time, it has become a new cryptographic primitive. In the meantime, certificateless signcryption guarantees data confidentiality and authentication and addresses traditional single point failure problems based on the trust center and the problem of relying on a trusted third party. Therefore, certificateless signcryption has attracted great attention from academia and industry. But certificateless signcryption also faces two types of attacks. In order to more effectively resist these two types of attacks, we propose a certificateless signcryption mechanism based on blockchain. This mechanism can make good use of the nontamperable feature of blockchain, prevent illegal users from substituting public key of the user, and guarantee signature non-repudiation. And our scheme is investigated in a comparative study with eight schemes. Comparative analysis outcomes demonstrate our scheme has achieved better results in efficiency and security. The process of signcryption and unsigncryption consumes the least amount of computation, which is very suitable for the edge computing environment.

computer science, information systems,telecommunications,engineering, electrical & electronic

Fagen Li,Zhaohui Zheng,Chunhua Jin

DOI: https://doi.org/10.1007/s11235-015-0065-y

2015-05-15

Telecommunication Systems

Abstract:Recently, the concept of the Internet of Things (IoT) has drawn considerable attention from both industry and academia. In the IoT, millions of objects with sensors collect data and send the data to servers that analyze, manage and use the data in order to construct some kinds of smart systems, such as smart grid, intelligent transportation systems, healthcare systems and even smart city. It is critical to establish a secure channel between the sensors and servers in order to ensure the correctness of collected data. If the collected data is tampered, the results of data analysis is unbelievable, and may even bring serious disaster. In this paper, we propose a heterogeneous ring signcryption scheme for secure communication from sensors to servers. We prove that this scheme has the indistinguishability against adaptive chosen ciphertext attacks (IND-CCA2) and existential unforgeability against adaptive chosen messages attacks under the computational Diffie–Hellman problem in the random oracle model. Our scheme has the following advantages (1) it simultaneously achieves confidentiality, integrity, authentication, non-repudiation and anonymity in a logical single step; (2) it is heterogeneous and allows a sensor node in an identity-based cryptography to send a message to a server in a public key infrastructure. These features make our scheme suitable for data transmission in the IoT.

telecommunications

Rashmi H C,Guruprakash C D

DOI: https://doi.org/10.1007/s11042-024-18517-0

IF: 2.577

2024-02-22

Multimedia Tools and Applications

Abstract:In light of the rapid advancement in communication technology facilitated by the Internet of Things (IoT), the demand for effective data analysis and utilization has surged. This is particularly crucial as it involves the collection of data from various objects and devices in diverse ways. A robust methodology designed to improve data fusion while simultaneously upholding data confidentiality and optimizing data weight. This research work introduces a privacy-preserving lightweight cryptographic model (PP-LWC) tailored for IoT environments. It employs a novel data fusion process, integrating weight optimization and iterative data fusion, to enhance data integrity and confidentiality. The model utilizes differential privacy techniques, adding controlled noise to queries, ensuring data privacy without compromising on computational efficiency. By incorporating unique encryption and signature verification mechanisms within IoT clusters, it effectively safeguards against both internal and external threats, maintaining robust security in resource-constrained settings. This approach strikes a balance between preserving privacy and ensuring lightweight cryptographic operations, crucial for the vast and diverse landscape of IoT devices. PPLWC is evaluated considering the various parameters such as computation overhead for single signature generation, and computation overhead for single signature verification. Cost comparison for signature verification mechanism, Communication cost for sending a broadcast message. Comparison of communication cost for sending and broadcast messages. Comparative analysis with the existing model proves the model&#x27;s efficiency by outperforming the existing technique.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering