Efficient certificateless access control for industrial Internet of Things

Abstract Industrial wireless sensor networks (IWSNs) play an important role in monitoring the industrial equipment and creating a highly reliable industrial system. To query of the network to gain useful information from anywhere and anytime, we need to integrate the IWSNs into the Internet as part of the industrial Internet of Things (IoT). In this case, it is crucial to design an access control scheme that can authorize, authenticate and revoke a user to access the IWSNs. In this paper, we first give a certificateless signcryption scheme and then design an access control scheme for the IWSNs in the context of the industrial IoT using the certificateless signcryption. Compared with existing two access control schemes using traditional signcryption, our scheme achieves public verifiability, ciphertext authenticity and insider security. In addition, the computational cost of the sensor node in our scheme is reduced by about 62% and 77%, respectively and the energy consumption of the sensor node in our scheme is reduced by about 64% and 75%, respectively.

[1]  Paulo S. L. M. Barreto,et al.  Efficient and Provably-Secure Identity-Based Signatures and Signcryption from Bilinear Maps , 2005, ASIACRYPT.

[2]  Junbeom Hur,et al.  Fine-grained data access control for distributed sensor networks , 2011, Wirel. Networks.

[3]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[4]  Naveen K. Chilamkurti,et al.  A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks , 2015, Inf. Sci..

[5]  Luca Veltri,et al.  IoT-OAS: An OAuth-Based Authorization Service Architecture for Secure Services in IoT Scenarios , 2015, IEEE Sensors Journal.

[6]  Fagen Li,et al.  Practical Secure Communication for Integrating Wireless Sensor Networks Into the Internet of Things , 2013, IEEE Sensors Journal.

[7]  Bin Zhao,et al.  IMBAS: Identity-based multi-user broadcast authentication in wireless sensor networks , 2008, Comput. Commun..

[8]  Hui Zhang,et al.  Efficient Signcryption for Heterogeneous Systems , 2013, IEEE Systems Journal.

[9]  Kyung-Ah Shim,et al.  S2DRP: Secure implementations of distributed reprogramming protocol for wireless sensor networks , 2014, Ad Hoc Networks.

[10]  Hans Eberle,et al.  Comparing Elliptic Curve Cryptography and RSA on 8-bit CPUs , 2004, CHES.

[11]  Yuliang Zheng,et al.  Encrypted Message Authentication by Firewalls , 1999, Public Key Cryptography.

[12]  Joseph K. Liu,et al.  Linkable Ring Signature with Unconditional Anonymity , 2014, IEEE Transactions on Knowledge and Data Engineering.

[13]  Chun Chen,et al.  SDRP: A Secure and Distributed Reprogramming Protocol for Wireless Sensor Networks , 2012, IEEE Transactions on Industrial Electronics.

[14]  Rodrigo Roman,et al.  Integrating wireless sensor networks and the internet: a security analysis , 2009, Internet Res..

[15]  Siu-Ming Yiu,et al.  Efficient Forward and Provably Secure ID-Based Signcryption Scheme with Public Verifiability and Public Ciphertext Authenticity , 2003, ICISC.

[16]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[17]  Peilin Hong,et al.  Distributed access control with adaptive privacy preserving property for wireless sensor networks , 2014, Secur. Commun. Networks.

[18]  Tal Rabin,et al.  On the Security of Joint Signature and Encryption , 2002, EUROCRYPT.

[19]  Sungyoung Lee,et al.  An Energy-Ef fi cient Access Control Scheme for Wireless Sensor Networks based on Elliptic Curve Cryptography , 2009 .

[20]  Yael Tauman Kalai,et al.  How to Leak a Secret: Theory and Applications of Ring Signatures , 2001, Essays in Memory of Shimon Even.

[21]  Wenjing Lou,et al.  On Broadcast Authentication in Wireless Sensor Networks , 2007 .

[22]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .

[23]  Kui Ren,et al.  Distributed Privacy-Preserving Access Control in Sensor Networks , 2012, IEEE Transactions on Parallel and Distributed Systems.

[24]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[25]  Jingsha He,et al.  Enabling end-to-end secure communication between wireless sensor networks and the Internet , 2012, World Wide Web.

[26]  Ramesh Kumar Mohapatra,et al.  Signcryption Schemes With Forward Secrecy Based on Elliptic Curve Cryptography , 2010 .

[27]  Javier López,et al.  Probabilistic receiver-location privacy protection in wireless sensor networks , 2015, Inf. Sci..

[28]  Yuliang Zheng,et al.  Digital Signcryption or How to Achieve Cost(Signature & Encryption) << Cost(Signature) + Cost(Encryption) , 1997, CRYPTO.

[29]  Sanghamitra Panda,et al.  Secure and Efficient Data Transmission for Cluster-Based Wireless Sensor Networks , 2015 .

[30]  Vincent Rijmen,et al.  The Design of Rijndael: AES - The Advanced Encryption Standard , 2002 .

[31]  Wenjing Lou,et al.  FDAC: Toward Fine-Grained Distributed Data Access Control in Wireless Sensor Networks , 2011 .

[32]  Fagen Li,et al.  Practical Identity-Based Signature for Wireless Sensor Networks , 2012, IEEE Wireless Communications Letters.

[33]  Claus-Peter Schnorr,et al.  Efficient signature generation by smart cards , 2004, Journal of Cryptology.

[34]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[35]  Alfred Menezes,et al.  The Elliptic Curve Digital Signature Algorithm (ECDSA) , 2001, International Journal of Information Security.

[36]  Luca Veltri,et al.  Enforcing Security Mechanisms in the IP-Based Internet of Things: An Algorithmic Overview , 2013, Algorithms.

[37]  Gerhard P. Hancke,et al.  Industrial Wireless Sensor Networks: Challenges, Design Principles, and Technical Approaches , 2009, IEEE Transactions on Industrial Electronics.

[38]  Paulo S. L. M. Barreto,et al.  Toward Efficient Certificateless Signcryption from (and without) Bilinear Pairings , 2008, Anais do VIII Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais (SBSeg 2008).

[39]  Chun Chen,et al.  Distributed Access Control with Privacy Support in Wireless Sensor Networks , 2011, IEEE Transactions on Wireless Communications.

[40]  Kyung-Ah Shim,et al.  EIBAS: An efficient identity-based broadcast authentication scheme in wireless sensor networks , 2013, Ad Hoc Networks.

[41]  Sajal K. Das,et al.  R3E: Reliable Reactive Routing Enhancement for Wireless Sensor Networks , 2014, IEEE Transactions on Industrial Informatics.