An Aggregate Signature Scheme Based on a Trapdoor Hash Function for the Internet of Things

With the rapid development of the Internet of Things (IoT), it becomes challenging to ensure its security. Identity authentication and integrity verification can be achieved by secure hash functions and digital signature algorithms for IoT applications. In order to solve the issues of bandwidth limitation and computational efficiency of secure communication in IoT applications, an aggregate signature scheme based on multi- trapdoor hash function is proposed in this paper. Firstly, to prevent key exposition, based on the elliptic curve discrete logarithm problem (ECDLP), we constructed a double trapdoor hash function (DTH) and proved its reliability. Secondly, the multi-trapdoor hash function (MTH) based on DTH is presented. Finally, an MTH-based aggregate signature scheme (MTH-AS) with constant signature length is proposed. Based on the assumption of ECDLP, the proposed scheme is proven unforgeable against adaptive chosen message attacks with the Forking Lemma. Different from the most signature schemes with bilinear mapping, the proposed scheme has higher computational efficiency and shorter aggregate signature length. Moreover, it is independent of the number of signers. Security analysis and performance evaluation has revealed that the proposed scheme is an ideal solution for secure IoT applications with limited computing power, storage capacity, or limited bandwidth, such as wireless sensor networks, vehicular ad hoc networks, or healthcare sensor networks.

[1]  Gyu Sang Choi,et al.  Towards Trust and Friendliness Approaches in the Social Internet of Things , 2019, Applied Sciences.

[2]  Manoj Kumar,et al.  A secure lightweight signature based authentication for Cloud‐IoT crowdsensing environments , 2019, Trans. Emerg. Telecommun. Technol..

[3]  Baoyuan Kang,et al.  A secure Certificateless Aggregate Signature Scheme , 2016 .

[4]  Giuseppe Ateniese,et al.  On the Key Exposure Problem in Chameleon Hashes , 2004, SCN.

[5]  Hovav Shacham,et al.  Sequential Aggregate Signatures from Trapdoor Permutations , 2004, EUROCRYPT.

[6]  Yi Mu,et al.  Efficient Generic On-Line/Off-Line Signatures Without Key Exposure , 2007, ACNS.

[7]  Hugo Krawczyk,et al.  Chameleon Signatures , 2000, NDSS.

[8]  Jianfeng Ma,et al.  A Secure and Efficient ID-Based Aggregate Signature Scheme for Wireless Sensor Networks , 2017, IEEE Internet of Things Journal.

[9]  Hovav Shacham,et al.  Aggregate and Verifiably Encrypted Signatures from Bilinear Maps , 2003, EUROCRYPT.

[10]  Mukesh Singhal,et al.  A Trapdoor Hash-Based Mechanism for Stream Authentication , 2012, IEEE Transactions on Dependable and Secure Computing.

[11]  Lei Zhang,et al.  Efficient many-to-one authentication with certificateless aggregate signatures , 2010, Comput. Networks.

[12]  Mukesh Singhal,et al.  A novel access control protocol using proxy signatures for cloud-based health information exchange , 2017, Comput. Secur..

[13]  Jie Cui,et al.  An efficient certificateless aggregate signature without pairings for vehicular ad hoc networks , 2018, Inf. Sci..

[14]  Sharon Goldberg,et al.  Sequential aggregate signatures with lazy verification from trapdoor permutations , 2014, Inf. Comput..

[15]  Kefei Chen,et al.  Two Certificateless Aggregate Signatures From Bilinear Maps , 2007, Eighth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing (SNPD 2007).

[16]  Gyu Sang Choi,et al.  Community Detection and Mining Using Complex Networks Tools in Social Internet of Things , 2018, TENCON 2018 - 2018 IEEE Region 10 Conference.

[17]  Arun Kumar Sangaiah,et al.  A certificateless aggregate signature scheme for healthcare wireless sensor network , 2017, Sustain. Comput. Informatics Syst..

[18]  Sugata Sanyal,et al.  Survey of Security and Privacy Issues of Internet of Things , 2015, ArXiv.

[19]  Liqun Chen,et al.  Identity-based key agreement protocols from pairings , 2017, International Journal of Information Security.

[20]  Li Yan A Novel and Provably Secure Certificateless Aggregate Signature Scheme , 2015 .

[21]  Jacques Stern,et al.  Security Proofs for Signature Schemes , 1996, EUROCRYPT.

[22]  M. Singhal,et al.  Efficient and scalable aggregate signcryption scheme based on multi-trapdoor hash functions , 2015, 2015 IEEE Conference on Communications and Network Security (CNS).

[23]  Kwangjo Kim,et al.  Chameleon Hashing Without Key Exposure , 2004, ISC.

[24]  Matthew Green,et al.  Synchronized aggregate signatures: new definitions, constructions and applications , 2010, CCS '10.

[25]  Yael Tauman Kalai,et al.  Improved Online/Offline Signature Schemes , 2001, CRYPTO.

[26]  Xiaodong Yang,et al.  A Strongly Unforgeable Certificateless Signature Scheme and Its Application in IoT Environments , 2019, Sensors.

[27]  Gyu Sang Choi,et al.  An Advanced Algorithm for Higher Network Navigation in Social Internet of Things Using Small-World Networks , 2019, Sensors.

[28]  Longfei Wu,et al.  A Survey on Security and Privacy Issues in Internet-of-Things , 2017, IEEE Internet of Things Journal.

[29]  Geng Yang,et al.  Wearable Internet of Things: Concept, architectural components and promises for person-centered healthcare , 2014, 2014 4th International Conference on Wireless Mobile Communication and Healthcare - Transforming Healthcare Through Innovations in Mobile and Wireless Technologies (MOBIHEALTH).

[30]  Baowen Xu,et al.  An Efficient Identity-Based Conditional Privacy-Preserving Authentication Scheme for Vehicular Ad Hoc Networks , 2015, IEEE Transactions on Information Forensics and Security.

[31]  Xian Wang,et al.  An efficient certificateless aggregate signature with conditional privacy-preserving for vehicular sensor networks , 2015, Inf. Sci..

[32]  Mukesh Singhal,et al.  Multi-trapdoor hash functions and their applications in network security , 2014, 2014 IEEE Conference on Communications and Network Security.

[33]  Jacques Stern,et al.  Security Arguments for Digital Signatures and Blind Signatures , 2015, Journal of Cryptology.

[34]  Chunhua Su,et al.  A Novel Certificateless Signature Scheme for Smart Objects in the Internet-of-Things , 2017, Sensors.

[35]  Lida Xu,et al.  The internet of things: a survey , 2014, Information Systems Frontiers.

[36]  Craig Gentry,et al.  Identity-Based Aggregate Signatures , 2006, Public Key Cryptography.

[37]  Alfred Menezes,et al.  The Elliptic Curve Digital Signature Algorithm (ECDSA) , 2001, International Journal of Information Security.

[38]  Liming Zhou,et al.  Cryptanalysis and improvement of a certificateless aggregate signature scheme , 2015, Inf. Sci..