A Novel Message Authentication Scheme With Absolute Privacy for the Internet of Things Networks

With the rapid development and massive deployment of the Internet of things (IoT) networks, security related issues in the IoT networks have been paid more and more attention to. Among all the security concerns, message authentication is critical in preventing the unauthorized messages from being transmitted in the IoT networks. Many message authentication schemes have been proposed based on the public-key cryptosystem, where the key management is simple and scalable. Identity based cryptosystem is a special type of public-key cryptosystem and can further ease the process of the key management since the public keys can be obtained easily. In this paper, we devise an efficient message authentication with enhanced privacy (IMAEP) scheme using the identity based signature. Our proposed scheme can provide both unconditional privacy as well as the enhanced privacy under full key exposure attack. Our proposed scheme can also provide existential unforgeability under the adaptive chosen-message-and-identity attack. Compared with the scheme that has the same level of anonymity and security, our proposed scheme has much lower computational overhead, and can provide extra unconditional privacy. Next we propose an extended IMAEP (EIMAEP) scheme for the general access structures where the message is signed by a group of users instead of one user. We also conduct comprehensive analysis and demonstrate that the EIMAEP scheme can achieve the same level of privacy and unforgeability as the IMAEP scheme.

[1]  Shi-Jinn Horng,et al.  Enhancing Security and Privacy for Identity-Based Batch Verification Scheme in VANETs , 2017, IEEE Transactions on Vehicular Technology.

[2]  Venkatasamy Sureshkumar,et al.  Light Weight Authentication and Key Establishment Protocol for Smart Vehicles Communication in Smart City , 2019, iSCI.

[3]  G. Raghavendra Rao,et al.  Privacy protection in cloud using identity based group signature , 2014, The Fifth International Conference on the Applications of Digital Information and Web Technologies (ICADIWT 2014).

[4]  Germán Sáez,et al.  New Identity-Based Ring Signature Schemes , 2004, ICICS.

[5]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[6]  Jiankun Hu,et al.  Enabling Identity-Based Integrity Auditing and Data Sharing With Sensitive Information Hiding for Secure Cloud Storage , 2019, IEEE Transactions on Information Forensics and Security.

[7]  Jonathan Katz,et al.  Ring Signatures: Stronger Definitions, and Constructions without Random Oracles , 2005, IACR Cryptol. ePrint Arch..

[8]  Siu-Ming Yiu,et al.  Efficient Identity Based Ring Signature , 2005, ACNS.

[9]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[10]  Ruhul Amin,et al.  A privacy-preserving RFID authentication protocol based on El-Gamal cryptosystem for secure TMIS , 2020, Inf. Sci..

[11]  Yining Liu,et al.  A Secure Authentication Protocol for Internet of Vehicles , 2019, IEEE Access.

[12]  Jia-Lun Tsai,et al.  An Efficient Conditional Privacy-Preserving Authentication Scheme for Vehicular Sensor Networks Without Pairings , 2016, IEEE Transactions on Intelligent Transportation Systems.

[13]  Baowen Xu,et al.  An Efficient Identity-Based Conditional Privacy-Preserving Authentication Scheme for Vehicular Ad Hoc Networks , 2015, IEEE Transactions on Information Forensics and Security.

[14]  Jie Wu,et al.  Hop-by-Hop Message Authenticationand Source Privacy in WirelessSensor Networks , 2014, IEEE Transactions on Parallel and Distributed Systems.

[15]  Haiyun Luo,et al.  Statistical en-route filtering of injected false data in sensor networks , 2004, IEEE INFOCOM 2004.

[16]  Guy Pujolle,et al.  An Autonomic-oriented Architecture for the Internet of Things , 2006, IEEE John Vincent Atanasoff 2006 International Symposium on Modern Computing (JVA'06).

[17]  Pin-Han Ho,et al.  TSVC: timed efficient and secure vehicular communications with privacy preserving , 2008, IEEE Transactions on Wireless Communications.

[18]  Kim-Kwang Raymond Choo,et al.  Provably Secure and Lightweight Identity-Based Authenticated Data Sharing Protocol for Cyber-Physical Cloud Environment , 2018, IEEE Transactions on Cloud Computing.

[19]  Jinhua Guo,et al.  A Group Signature Based Secure and Privacy-Preserving Vehicular Communication Framework , 2007, 2007 Mobile Networking for Vehicular Environments.

[20]  Heekuck Oh,et al.  A Hybrid Approach for Efficient Privacy-Preserving Authentication in VANET , 2017, IEEE Access.

[21]  Xinghuo Yu,et al.  Smart Grids: A Cyber–Physical Systems Perspective , 2016, Proceedings of the IEEE.

[22]  Andrew S. Tanenbaum,et al.  An Identity-based Ring Signature Scheme with Enhanced Privacy , 2006, 2006 Securecomm and Workshops.

[23]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[24]  Kwok-Yan Lam,et al.  Wireless Communication and Security Issues for Cyber–Physical Systems and the Internet-of-Things , 2018, Proceedings of the IEEE.