A dynamic anonymous authentication protocol with membership privacy in cloud-fog-assisted IIoT

The cloud-fog computing infrastructure flexibly deploys resources in the Industrial Internet of Things (IIoT), adjusting the computing and storage capabilities of cloud and fog nodes based on specific needs to optimize costs and performance. However, the frequent transmission and sharing of data between terminal entities and the cloud-fog infrastructure can easily lead to privacy leaks of terminals or fog nodes. Positioned at the edge of the data source, fog nodes manage and process the needs of various local industrial sensors in real time. When sensors dynamically join or leave the group, frequent authentication with fog nodes can compromise identity privacy. To protect node identity privacy and reduce computational costs, the group signature technology is introduced in this paper. It is usually employed to build anonymous authentication protocols because of its natural properties. Backes et al. proposed a novel practical property called membership privacy for dynamic group signatures, which provides stronger anonymity. In this paper, we employ the BBS+ signature, signature proof of knowledge (SPK), ElGamal scheme, etc., to design a novel verifier local revocation (VLR) dynamic group signature with membership privacy. The proposed group signature has a smaller signature size and less computational overhead. Afterward, the framework of the cloud-fog-assisted IIoT scheme based on the proposed group signature is constructed, capturing full anonymity to preserve the privacy of patients. Formal security proofs are presented to show that the proposed group signature satisfies both general and specific security requirements. Finally, the overhead of the group signature scheme is tested on type d159 curves in the Java pairing-based cryptography (JPBC) library. The results demonstrate that our scheme is more suitable for resource-restrained devices.