计算机科学 ›› 2022, Vol. 49 ›› Issue (3): 329-337.doi: 10.11896/jsjkx.201200256

• 信息安全 • 上一篇    下一篇

适用于物联网环境的无证书广义签密方案

张振超1, 刘亚丽1,2, 殷新春1,3   

  1. 1 扬州大学信息工程学院 江苏 扬州225127
    2 江苏师范大学计算机与科学技术学院 江苏 徐州221116
    3 扬州大学广陵学院 江苏 扬州225128
  • 收稿日期:2020-12-29 修回日期:2021-05-08 出版日期:2022-03-15 发布日期:2022-03-15
  • 通讯作者: 刘亚丽(liuyali@jsnu.edu.cn)
  • 作者简介:(AZhenChao@outlook.com)
  • 基金资助:
    国家自然科学青年基金(61702237);国家自然科学基金(61472343);徐州市推动科技创新专项资金(KC18005);江苏省自然科学青年基金(BK20150241);江苏省高校自然科学基金(14KJB520010);江苏师范大学博士科研启动(14XLR035);江苏政府留学奖学金

New Certificateless Generalized Signcryption Scheme for Internet of Things Environment

ZHANG Zhen-chao1, LIU Ya-li1,2, YIN Xin-chun1,3   

  1. 1 College of Information Engineering,Yangzhou University,Yangzhou,Jiangsu 225127,China
    2 College of Computer Science and Technology,Jiangsu Normal University,Xuzhou,Jiangsu 221116,China
    3 Guangling College,Yangzhou University,Yangzhou,Jiangsu 225128,China
  • Received:2020-12-29 Revised:2021-05-08 Online:2022-03-15 Published:2022-03-15
  • About author:ZHANG Zhen-chao,born in 1993,postgraduate.His main research interests include public key cryptography,information security and IoT security.
    LIU Ya-li,born in 1981,Ph.D,associate professor,M.S supervisor.Her main research interests include RFID authentication and privacy protection technology,vehicular ad hoc networks,cryptographic algorithms and protocols as well as their applications to computer and network security and mobile communications.
  • Supported by:
    Young Scientists Fund of the National Natural Science Foundation of China(61702237),National Natural Science Foundation of China(61472343),Special Foundation of Promoting Science and Technology Innovation of Xuzhou City(KC18005),Natural Science Foundation of Jiangsu Province(BK20150241),Natural Science Foundation of the Higher Education Institutions of Jiangsu Province(14KJB520010),Scientific Research Support Project for Teachers with Doctor’s Degree of Jiangsu Normal University(14XLR035) and Jiangsu Provincial Government Scholarship for Overseas Studies.

摘要: 证书广义签密方案不仅可以解决证书管理和密钥托管问题,而且可以根据实际需求分别作为加密方案、签名方案或签密方案,在资源受限的物联网环境中具有广泛的应用场景。但是,通过具体的攻击方法证明Karati等的方案不能抵抗伪造攻击,文中总结了攻击者成功伪造的原因。针对上述问题,提出了一种无双线性配对的无证书广义签密方案,并在随机预言模型下基于计算性Diffie-Hellman问题和离散对数问题对该方案进行了安全性证明。性能评估结果表明,与现有方案相比,该方案在计算代价及通信开销方面具有优势,适用于资源受限的物联网设备之间数据的安全传输。

关键词: 可证明安全性, 伪造攻击, 无双线性对, 无证书广义签密, 物联网

Abstract: Certificateless generalized signcryption (CLGSC) scheme has been widely applied in resource-limited IoT environments for they could not only solve the problems of the certificate management and key escrow,but also serve as encryption,signature,or signcryption scheme according to the security requirements of the network.Firstly,concrete attacks are given to prove that Karati’s scheme could not resist forgery attacks.This paper analyzes the essential reason why the adversaries can forge a valid signature or signcryption in CLGSC schemes.Then,an efficient certificateless generalized signcryption scheme without bilinear pairing is proposed.The proposed scheme is secure under the random oracle model based on the computational Diffie-Hellman problem and discrete logarithm problem.Finally,performance evaluation and comparison prove that the proposed scheme outperforms other CLGSC schemes in terms of computation cost,communication overhead and security functionalities.Therefore,the proposed scheme can provide the service of secure data transmission among resource-limited IoT devices.

Key words: Certificateless generalized signcryption, Forgery attack, Internet of things, No bilinear pairings, Provable security

中图分类号: 

  • TP309
[1]YANG Y,WU L,YIN G,et al.A survey on security and privacy issues in Internet-of-Things[J].IEEE Internet of Things Journal,2017,4(5):1250-1258.
[2]KHAN M A,SALAH K.IoT security:Review,blockchain solutions,and open challenges[J].Future Generation Computer Systems,2018,82:395-411.
[3]LIN J,YU W,ZHANG N,et al.A survey on internet of things:architecture,enabling technologies,security and privacy,and applications[J].IEEE Internet of Things Journal,2017,4(5):1125-1142.
[4]BELGUITH S,KAANICHE N,HAMMOUDEH M,et al.Proud:Verifiable privacy-preserving outsourced attribute based signcryption supporting access policy update for cloud assisted iot applications[J].Future Generation Computer Systems,2020,111:899-918.
[5]SHAMIR A.Identity-based cryptosystems and signature sche-mes[C]//Workshop on the Theory and Application of Cryptographic Techniques.Berlin:Springer,1985:47-53.
[6]AL-RIYAMI S S,Paterson K G.Certificateless public key cryptography[C]//Advancesin Cryptology-ASIACRYPT’03.Berlin:Springer,2003:452-473.
[7]BARBOSA M,FARSHIM P.Certificateless signcryption[C]//Proceedings of the 2008 ACM Symposium on Information,Computer and Communications Security.New York:ACM,2008:369-372.
[8]LI F,HAN Y,JIN C.Certificateless online/offline signcryption for the Internet of Things[J].Wireless Networks,2017,23(1):145-158.
[9]ULLAH I,AMIN N U,ZAREEI M,et al.A lightweight andprovable secured certificateless signcryption approach for crowdsourced IIoT applications[J].Symmetry,2019,11(11):1386.
[10]LIU X,WANG Z,YE Y,et al.An efficient and practical certificateless signcryption scheme for wireless body area networks[J].Computer Communications,2020,162:169-178.
[11]NIU S,NIU L,WANG C,et al.Certificateless generalized signcryption scheme in the standard model[J].Journal on Communications,2017,38(4):35-45.
[12]ZHOU C.An improved lightweight certificateless generalizedsigncryption scheme for mobile-health system[J].International Journal of Distributed Sensor Networks,2019,15(1):1-16.
[13]WAHEED A,IQBAL J,DIN N,et al.Improved cryptanalysis of provable certificateless generalized signcryption[J].Internatio-nal Journal of Advanced Computer Science and Applications,2019,10(4):1-7.
[14]ZHANG B,JIA Z,ZHAO C.An efficient certificateless genera-lized signcryption scheme[J].Security and Communication Networks,2018,2018(1):1-11.
[15]MANDAL S,BERA B,SUTRALA A K,et al.Certificateless-signcryption-based three-factor user access control scheme for IoT environment[J].IEEE Internet of Things Journal,2020,7(4):3184-3197.
[16]RASTEGARI P.On the security of some recently proposed certificateless signcryption schemes[C]//2020 17th International ISC Conference on Information Security and Cryptology (ISCISC).IEEE,2020:95-100.
[17]KARATI A,FAN C,HSU R,et al.Provably secure and gene-ralized signcryption with public verifiability for secure data transmission between resource-constrained IoT devices[J].IEEE Internet of Things Journal,2019,6(6):10431-10440.
[18]LIU Z,HU Y,ZHANG X,et al.Certificateless signcryptionscheme in the standard model[J].Information Sciences,2010,180(3):452-464.
[19]ZHOU C,ZHOU W,DONG X,et al.Provable certificatelessgeneralized signcryption scheme[J].Designs,Codes and Cryptography,2014,71(2):331-346.
[20]WAHEED A,IQBAL J,DIN N,et al.Improved cryptanalysis of provable certificateless generalized signcryption[J].InternationalJournal of Advanced Computer Science and Applications,2019,10(4):610-616.
[21]MIAO S,ZHANG F,LI S,et al.On security of a certificateless signcryption scheme[J].Information Sciences,2013,232:475-481.
[22]WAHEED A,IQBAL J,DIN N,et al.Improved cryptanalysis of provable certificateless generalized signcryption[J].Internatio-nal Journal of Advanced Computer Science and Applications,2019,10(4):610-616.
[1] 张翀宇, 陈彦明, 李炜.
边缘计算中面向数据流的实时任务调度算法
Task Offloading Online Algorithm for Data Stream Edge Computing
计算机科学, 2022, 49(7): 263-270. https://doi.org/10.11896/jsjkx.210300195
[2] 张翕然, 刘万平, 龙华.
物联网僵尸网络病毒的传播动力学模型与分析
Dynamic Model and Analysis of Spreading of Botnet Viruses over Internet of Things
计算机科学, 2022, 49(6A): 738-743. https://doi.org/10.11896/jsjkx.210300212
[3] 周天清, 岳亚莉.
超密集物联网络中多任务多步计算卸载算法研究
Multi-Task and Multi-Step Computation Offloading in Ultra-dense IoT Networks
计算机科学, 2022, 49(6): 12-18. https://doi.org/10.11896/jsjkx.211200147
[4] 董丹丹, 宋康.
RIS辅助双向物联网通信系统性能分析
Performance Analysis on Reconfigurable Intelligent Surface Aided Two-way Internet of Things Communication System
计算机科学, 2022, 49(6): 19-24. https://doi.org/10.11896/jsjkx.220100064
[5] 沈家芳, 钱丽萍, 杨超.
面向集能型中继窄带物联网的非正交多址接入和多维网络资源优化
Non-orthogonal Multiple Access and Multi-dimension Resource Optimization in EH Relay NB-IoT Networks
计算机科学, 2022, 49(5): 279-286. https://doi.org/10.11896/jsjkx.210400239
[6] 张叶, 李志华, 王长杰.
基于核密度估计的轻量级物联网异常流量检测方法
Kernel Density Estimation-based Lightweight IoT Anomaly Traffic Detection Method
计算机科学, 2021, 48(9): 337-344. https://doi.org/10.11896/jsjkx.200600108
[7] 李贝贝, 宋佳芮, 杜卿芸, 何俊江.
DRL-IDS:基于深度强化学习的工业物联网入侵检测系统
DRL-IDS:Deep Reinforcement Learning Based Intrusion Detection System for Industrial Internet of Things
计算机科学, 2021, 48(7): 47-54. https://doi.org/10.11896/jsjkx.210400021
[8] 李嘉明, 赵阔, 屈挺, 刘晓翔.
基于知识图谱的区块链物联网领域研究分析
Research and Analysis of Blockchain Internet of Things Based on Knowledge Graph
计算机科学, 2021, 48(6A): 563-567. https://doi.org/10.11896/jsjkx.200600071
[9] 王锡龙, 李鑫, 秦小麟.
电力物联网下分布式状态感知的源网荷储协同调度
Collaborative Scheduling of Source-Grid-Load-Storage with Distributed State Awareness UnderPower Internet of Things
计算机科学, 2021, 48(2): 23-32. https://doi.org/10.11896/jsjkx.200900209
[10] 王卫红, 陈震宇.
基于改进区块链的智能制造安全模型
Intelligent Manufacturing Security Model Based on Improved Blockchain
计算机科学, 2021, 48(2): 295-302. https://doi.org/10.11896/jsjkx.191200159
[11] 刘新, 黄缘缘, 刘子昂, 周睿.
IoTGuardEye:一种面向物联网服务的Web攻击检测方法
IoTGuardEye:A Web Attack Detection Method for IoT Services
计算机科学, 2021, 48(2): 324-329. https://doi.org/10.11896/jsjkx.200800030
[12] 张育龙, 王强, 陈明康, 孙静涛.
图像去雨算法在云物联网应用中的研究综述
Survey of Intelligent Rain Removal Algorithms for Cloud-IoT Systems
计算机科学, 2021, 48(12): 231-242. https://doi.org/10.11896/jsjkx.201000055
[13] 宗思洁, 覃天, 贺龙兵.
面向IOT芯片的安全启动算法分析与应用
Analysis and Application of Secure Boot Algorithm Based on IOT Chip
计算机科学, 2021, 48(11A): 552-556. https://doi.org/10.11896/jsjkx.210300237
[14] 刘炜, 阮敏捷, 佘维, 张志鸿, 田钊.
面向物联网的PBFT优化共识算法
PBFT Optimized Consensus Algorithm for Internet of Things
计算机科学, 2021, 48(11): 151-158. https://doi.org/10.11896/jsjkx.210500038
[15] 梁俊斌, 田凤森, 蒋婵, 王天舒.
物联网中多设备多服务器的移动边缘计算任务卸载技术综述
Survey on Task Offloading Techniques for Mobile Edge Computing with Multi-devices and Multi-servers in Internet of Things
计算机科学, 2021, 48(1): 16-25. https://doi.org/10.11896/jsjkx.200500095
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!