{"title":"Blockchain-enhanced efficient and anonymous certificateless signature scheme and its application","authors":"Tao Feng, Jie Wang, Lu Zheng","doi":"10.1016/j.pmcj.2024.101990","DOIUrl":null,"url":null,"abstract":"<div><div>Although the Internet of Things (IoT) brings efficiency and convenience to various aspects of people’s lives, security and privacy concerns persist as significant challenges. Certificateless Signatures eliminate digital certificate management and key escrow issues and can be well embedded in resource-constrained IoT devices for secure access control. Recently, Ma et al. designed an efficient and pair-free certificateless signature (CLS) scheme for IoT deployment. Unfortunately, We demonstrate that the scheme proposed by Ma et al. is susceptible to signature forgery attacks by Type-II adversaries. That is, a malicious-and-passive key generation center (KGC) can forge a legitimate signature for any message by modifying the system parameters without the user’s secret value. Therefore, their identity authentication scheme designed based on vehicular ad-hoc networks also cannot guarantee the claimed security. To address the security vulnerabilities, we designed a blockchain-enhanced and anonymous CLS scheme and proved its security under the Elliptic curve discrete logarithm (ECDL) hardness assumption. Compared to similar schemes, our enhanced scheme offers notable advantages in computational efficiency and communication overhead, as well as stronger security. In addition, a mutual authentication scheme that satisfies the cross-domain scenario is proposed to facilitate efficient mutual authentication and negotiated session key generation between smart devices and edge servers in different edge networks. Performance evaluation shows that our protocol achieves an effective trade-off between security and compute performance, with better applicability in IoT scenarios.</div></div>","PeriodicalId":49005,"journal":{"name":"Pervasive and Mobile Computing","volume":"105 ","pages":"Article 101990"},"PeriodicalIF":3.0000,"publicationDate":"2024-09-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Pervasive and Mobile Computing","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1574119224001159","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
Although the Internet of Things (IoT) brings efficiency and convenience to various aspects of people’s lives, security and privacy concerns persist as significant challenges. Certificateless Signatures eliminate digital certificate management and key escrow issues and can be well embedded in resource-constrained IoT devices for secure access control. Recently, Ma et al. designed an efficient and pair-free certificateless signature (CLS) scheme for IoT deployment. Unfortunately, We demonstrate that the scheme proposed by Ma et al. is susceptible to signature forgery attacks by Type-II adversaries. That is, a malicious-and-passive key generation center (KGC) can forge a legitimate signature for any message by modifying the system parameters without the user’s secret value. Therefore, their identity authentication scheme designed based on vehicular ad-hoc networks also cannot guarantee the claimed security. To address the security vulnerabilities, we designed a blockchain-enhanced and anonymous CLS scheme and proved its security under the Elliptic curve discrete logarithm (ECDL) hardness assumption. Compared to similar schemes, our enhanced scheme offers notable advantages in computational efficiency and communication overhead, as well as stronger security. In addition, a mutual authentication scheme that satisfies the cross-domain scenario is proposed to facilitate efficient mutual authentication and negotiated session key generation between smart devices and edge servers in different edge networks. Performance evaluation shows that our protocol achieves an effective trade-off between security and compute performance, with better applicability in IoT scenarios.
期刊介绍:
As envisioned by Mark Weiser as early as 1991, pervasive computing systems and services have truly become integral parts of our daily lives. Tremendous developments in a multitude of technologies ranging from personalized and embedded smart devices (e.g., smartphones, sensors, wearables, IoTs, etc.) to ubiquitous connectivity, via a variety of wireless mobile communications and cognitive networking infrastructures, to advanced computing techniques (including edge, fog and cloud) and user-friendly middleware services and platforms have significantly contributed to the unprecedented advances in pervasive and mobile computing. Cutting-edge applications and paradigms have evolved, such as cyber-physical systems and smart environments (e.g., smart city, smart energy, smart transportation, smart healthcare, etc.) that also involve human in the loop through social interactions and participatory and/or mobile crowd sensing, for example. The goal of pervasive computing systems is to improve human experience and quality of life, without explicit awareness of the underlying communications and computing technologies.
The Pervasive and Mobile Computing Journal (PMC) is a high-impact, peer-reviewed technical journal that publishes high-quality scientific articles spanning theory and practice, and covering all aspects of pervasive and mobile computing and systems.