An Obfuscatable Aggregatable Signcryption Scheme for Unattended Devices in IoT Systems

Signcryption is a cryptographic technique for simultaneously performing both digital signature and data encryption. It is effective for protecting the confidentiality and unforgeability of communications in Internet of Things (IoT) systems, especially when a number of generated ciphertexts can be aggregated into a compact form. However, device capture attacks are commonly threatening the implementations of signcryption on unattended devices by enabling an attacker to extract the cryptographic key from a captured device. Motivated by this issue, we propose a novel and specialized obfuscatable aggregatable signcryption scheme (OASC) together with an obfuscator for the signcryption algorithm, which has been designed by taking into account that the computational and communication costs should be sufficiently small (light-weighted) to fit applications in resource-constrained embedded devices. The proposed obfuscator can protect signcryption programs from key-extraction attacks by transforming the programs into unintelligible obfuscated programs. To the best of our knowledge, this is the first OASC in the community. The scheme’s security features with respect to obfuscation, confidentiality, and unforgeability have been theoretically proved. Moreover, in comparison with other (nonobfuscatable) aggregatable signcryption schemes, the scheme’s computational efficiency is positioned at a medium level while the communication cost is also relatively small, with extra unique security features benefiting from obfuscation. Experiments on different devices indicated that the proposed scheme performs reasonably well as expected. The scheme is widely applicable for various scenarios of IoT, where information is sent from unattended leaf nodes to a sink point.

[1]  Yiliang Han,et al.  SCHAP: The Aggregate SignCryption Based Hybrid Authentication Protocol for VANET , 2014, IOV.

[2]  Pil Joong Lee,et al.  Exact Formulae for Resilience in Random Key Predistribution Schemes , 2012, IEEE Transactions on Wireless Communications.

[3]  Lin Yao,et al.  Maximizing destructiveness of node capture attack in wireless sensor networks , 2015, The Journal of Supercomputing.

[4]  Radha Poovendran,et al.  Mitigation of Control Channel Jamming under Node Capture Attacks , 2009, IEEE Transactions on Mobile Computing.

[5]  Hao Wang,et al.  Identity-based aggregate signcryption in the standard model from multilinear maps , 2015, Frontiers of Computer Science.

[6]  Aihan Yin,et al.  Certificateless Hybrid Signcryption Scheme for Secure Communication of Wireless Sensor Networks , 2015, Wirel. Pers. Commun..

[7]  Xiao Feng,et al.  Secure Obfuscation for Tightly Structure-Preserving Encrypted Proxy Signatures , 2013, 2013 Ninth International Conference on Computational Intelligence and Security.

[8]  Vladimir Vujovic,et al.  Raspberry Pi as a Sensor Web node for home automation , 2015, Comput. Electr. Eng..

[9]  Antonio Alfredo Ferreira Loureiro,et al.  Building Wearables for Geology: An Operating System Approach , 2016, OPSR.

[10]  Ítalo S. Cunha,et al.  End-to-end authentication in Under-Water Sensor Networks , 2013, 2013 IEEE Symposium on Computers and Communications (ISCC).

[11]  Michal Kochlán,et al.  WSN for traffic monitoring using Raspberry Pi board , 2014, 2014 Federated Conference on Computer Science and Information Systems.

[12]  Fangguo Zhang,et al.  Obfuscation for multi‐use re‐encryption and its application in cloud computing , 2015, Concurr. Comput. Pract. Exp..

[13]  Alexander W. Dent,et al.  Aggregate Signcryption , 2012, IACR Cryptol. ePrint Arch..

[14]  Yang Shi,et al.  Secure Obfuscation for Encrypted Group Signatures , 2015, PloS one.

[15]  Xiao Feng,et al.  A Secure Obfuscator for Encrypted Blind Signature Functionality , 2015, NSS.

[16]  Christian S. Collberg,et al.  Watermarking, Tamper-Proofing, and Obfuscation-Tools for Software Protection , 2002, IEEE Trans. Software Eng..

[17]  Tal Rabin,et al.  On the Security of Joint Signature and Encryption , 2002, EUROCRYPT.

[18]  Bo Zhang,et al.  Secure Obfuscation of Encrypted Verifiable Encrypted Signatures , 2011, ProvSec.

[19]  Jianfeng Ma,et al.  A Secure and Efficient ID-Based Aggregate Signature Scheme for Wireless Sensor Networks , 2017, IEEE Internet of Things Journal.

[20]  Amit Sahai,et al.  On the (im)possibility of obfuscating programs , 2001, JACM.

[21]  C. Pandu Rangan,et al.  Identity Based Aggregate Signcryption Schemes , 2009, INDOCRYPT.

[22]  Abhi Shelat,et al.  Securely Obfuscating Re-Encryption , 2007, Journal of Cryptology.

[23]  Jianfeng Ma,et al.  Efficient attribute based sequential aggregate signature for wireless sensor networks , 2014, Int. J. Sens. Networks.

[24]  Qin Liu,et al.  Protecting Encrypted Signature Functions Against Intrusions on Computing Devices by Obfuscation , 2016, IEEE Access.

[25]  Yuliang Zheng,et al.  Digital Signcryption or How to Achieve Cost(Signature & Encryption) << Cost(Signature) + Cost(Encryption) , 1997, CRYPTO.

[26]  Ryo Nishimaki,et al.  Verifiably encrypted signatures with short keys based on the decisional linear problem and obfuscation for encrypted VES , 2013, Des. Codes Cryptogr..

[27]  Xiuzhen Cheng,et al.  From Time Domain to Space Domain: Detecting Replica Attacks in Mobile Ad Hoc Networks , 2010, 2010 Proceedings IEEE INFOCOM.

[28]  Ziba Eslami,et al.  Data Security in Unattended Wireless Sensor Networks through Aggregate Signcryption , 2012, KSII Trans. Internet Inf. Syst..

[29]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[30]  Jacques M. Bahi,et al.  Epidemiological approach for data survivability in unattended wireless sensor networks , 2014, J. Netw. Comput. Appl..

[31]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[32]  Feng-Hao Liu,et al.  Re-encryption, Functional Re-encryption, and Multi-hop Re-encryption: A Framework for Achieving Obfuscation-Based Security and Instantiations from Lattices , 2014, Public Key Cryptography.

[33]  Christian S. Collberg,et al.  A Taxonomy of Obfuscating Transformations , 1997 .

[34]  Stefan Katzenbeisser,et al.  Group homomorphic encryption: characterizations, impossibility results, and applications , 2013, Des. Codes Cryptogr..

[35]  Maximo Cobos,et al.  Low-Cost Alternatives for Urban Noise Nuisance Monitoring Using Wireless Sensor Networks , 2015, IEEE Sensors Journal.

[36]  Gerhard P. Hancke,et al.  Benchmarking Internet of things devices , 2014, 2014 12th IEEE International Conference on Industrial Informatics (INDIN).

[37]  Guy N. Rothblum,et al.  On Best-Possible Obfuscation , 2007, Journal of Cryptology.

[38]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[39]  Gianluigi Ferrari,et al.  Design and Deployment of an IoT Application-Oriented Testbed , 2015, Computer.

[40]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[41]  Li Jianping,et al.  Certificateless Aggregate Signcryption Scheme for Wireless Sensor Network , 2013 .

[42]  Brent Waters,et al.  Full-Domain Subgroup Hiding and Constant-Size Group Signatures , 2007, Public Key Cryptography.

[43]  Nir Bitansky,et al.  On the impossibility of approximate obfuscation and applications to resettable cryptography , 2013, STOC '13.

[44]  Hovav Shacham,et al.  Short Group Signatures , 2004, CRYPTO.

[45]  Tracey Ho,et al.  Node-Capture Resilient Key Establishment in Sensor Networks: Design Space and New Protocols , 2014, ACM Comput. Surv..

[46]  Vinod Vaikuntanathan,et al.  Functional Re-encryption and Collusion-Resistant Obfuscation , 2012, TCC.

[47]  Fangguo Zhang,et al.  Secure Obfuscation of Conditional Re-encryption with Keyword Search , 2013, 2013 5th International Conference on Intelligent Networking and Collaborative Systems.

[48]  Tibor Jager,et al.  Tightly secure signatures and public-key encryption , 2012, Designs, Codes and Cryptography.

[49]  Habib Youssef,et al.  Confidentiality and Integrity for Data Aggregation in WSN Using Homomorphic Encryption , 2014, Wireless Personal Communications.

[50]  Mohammad Reza Aref,et al.  Dynamic and secure key management model for hierarchical heterogeneous sensor networks , 2012, IET Inf. Secur..

[51]  Ali Norouzi,et al.  Achieving Key Privacy and Invisibility for Unattended Wireless Sensor Networks in Healthcare , 2014, Comput. J..

[52]  Fagen Li,et al.  Practical Secure Communication for Integrating Wireless Sensor Networks Into the Internet of Things , 2013, IEEE Sensors Journal.

[53]  Yang Geng,et al.  Provably Secure Aggregate Signcryption Scheme , 2012 .

[54]  Satoshi Hada,et al.  Secure Obfuscation for Encrypted Signatures , 2010, EUROCRYPT.

[55]  Chao Li,et al.  Secure Obfuscation of a Two-Step Oblivious Signature , 2012 .

[56]  Frank Y. Li,et al.  A Novel Approach to Trust Management in Unattended Wireless Sensor Networks , 2014, IEEE Transactions on Mobile Computing.

[57]  Xiaolei Dong,et al.  Fuzzy identity based signature with applications to biometric authentication , 2011, Comput. Electr. Eng..

[58]  Hongfei Fan,et al.  Obfuscatable multi-recipient re-encryption for secure privacy-preserving personal health record services. , 2015, Technology and health care : official journal of the European Society for Engineering and Medicine.

[59]  Chi-Sheng Shih,et al.  Multiple protocol transport network gateway for IoT systems , 2016, SIAP.

[60]  Hovav Shacham,et al.  Aggregate and Verifiably Encrypted Signatures from Bilinear Maps , 2003, EUROCRYPT.

[61]  Yael Tauman Kalai,et al.  On the impossibility of obfuscation with auxiliary input , 2005, 46th Annual IEEE Symposium on Foundations of Computer Science (FOCS'05).