scholarly journals A Certificateless Aggregate Arbitrated Signature Scheme for IoT Environments

Sensors ◽  
2020 ◽  
Vol 20 (14) ◽  
pp. 3983 ◽  
Author(s):  
Dae-Hwi Lee ◽  
Kangbin Yim ◽  
Im-Yeong Lee
Keyword(s):  
Public Key Cryptography ◽  
Public Key ◽  
The Internet ◽  
Security Threats ◽  
Signature Scheme ◽  
Certificateless Public Key Cryptography ◽  
Cryptographic Algorithm ◽  
Data Authentication ◽  
Iot Devices ◽  
Certificateless Signature

The Internet of Things (IoT) environment consists of numerous devices. In general, IoT devices communicate with each other to exchange data, or connect to the Internet through a gateway to provide IoT services. Most IoT devices participating in the IoT service are lightweight devices, in which the existing cryptographic algorithm cannot be applied to provide security, so a more lightweight security algorithm must be applied. Cryptographic technologies to lighten and provide efficiency for IoT environments are currently being studied a lot. In particular, it is necessary to provide efficiency for computation at a gateway, a point where many devices are connected. Additionally, as many devices are connected, data authentication and integrity should be fully considered at the same time, and thus digital signature schemes have been proposed. Among the recently studied signature algorithms, the certificateless signature (CLS) based on certificateless public key cryptography (CL-PKC) provides efficiency compared to existing public key-based signatures. However, in CLS, security threats, such as public key replacement attacks and signature forgery by the malicious key generation center (KGC), may occur. In this paper, we propose a new signature scheme using CL-PKC in generating and verifying the signature of a message in an IoT environment. The proposed scheme is a certificateless aggregate arbitrated signature, and the gateway aggregates the signatures of messages generated by the device group to reduce the size of the entire signature. In addition, it is designed to be safe from security threats by solving the problems caused by public key replacement attacks and malicious KGC, and adding arbitrated signatures of the gateway to strengthen non-repudiation.

On the Security of a Certificateless Signature Scheme

2014 ◽  
Vol 519-520 ◽  
pp. 965-968
Author(s):  
Lin Cheng ◽  
Qiao Yan Wen
Keyword(s):  
System Parameter ◽  
Public Key Cryptography ◽  
Public Key Infrastructure ◽  
Public Key ◽  
Signature Scheme ◽  
System Parameters ◽  
Certificateless Public Key Cryptography ◽  
The Standard Model ◽  
Identity Based ◽  
Certificateless Signature

Certificateless public key cryptography eliminates inherent key escrow problem in identity-based cryptography, and does not yet requires certificates as in the traditional public key infrastructure. Recently, Yu et al. propose a new certificateless signature scheme and their scheme offers shorter system parameters and higher computational efficiency than the previous schemes in the standard model. However, in this paper, we show Yu et al.'s certificateless signature scheme is vulnerable to malicious-but-passive KGC attack where a malicious KGC can forge valid signatures by embedding extra trapdoors in the system parameter.

Secure and Efficient Certificateless Signature and Blind Signature Scheme from Pairings

2013 ◽  
Vol 457-458 ◽  
pp. 1262-1265
Author(s):  
Min Qin Chen ◽  
Qiao Yan Wen ◽  
Zheng Ping Jin ◽  
Hua Zhang
Keyword(s):  
Random Oracle Model ◽  
Public Key Cryptography ◽  
Random Oracle ◽  
Blind Signature ◽  
Public Key ◽  
Signature Scheme ◽  
Signature Schemes ◽  
Diffie Hellman ◽  
Identity Based ◽  
Certificateless Signature

Based an identity-based signature scheme, we givea certificateless signature scheme. And then we propose a certificateless blind signature (CLBS) scheme in this paper. This schemeis more efficient than those of previous schemes by pre-computing the pairing e (P, P)=g. Based on CL-PKC, it eliminates theusing of certificates in the signature scheme with respect to thetraditional public key cryptography (PKC) and solves key escrowproblems in ID-based signature schemes. Meanwhile it retains themerits of BS schemes. The proposed CLBS scheme is existentialunforgeable in the random oracle model under the intractabilityof the q-Strong Diffie-Hellman problem.

Structure and Analysis of Certificateless Proxy Blind Signature Scheme without Bilinear Pairing

2013 ◽  
Vol 734-737 ◽  
pp. 3194-3198
Author(s):  
Yi Wang
Keyword(s):  
Finite Field ◽  
Discrete Logarithm ◽  
Public Key Cryptography ◽  
Bilinear Pairing ◽  
Blind Signature ◽  
Discrete Logarithm Problem ◽  
Public Key ◽  
Signature Scheme ◽  
Proxy Blind Signature ◽  
Certificateless Public Key Cryptography

Combined with certificateless public key cryptography and proxy blind signature, an efficient certificateless proxy blind signature scheme is proposed. Its security is based on the discrete logarithm problem. Compared with the existed certificateless proxy blind signature scheme, because without bilinear pairing, it have higher efficiency. According to the different attacker and all kinds of attacks, the scheme is proved to be correct and security under the hardness of discrete logarithm problem in the finite field.

scholarly journals McCLS: Certificateless Signature Scheme for Emergency Mobile Wireless Cyber-Physical Systems

2008 ◽  
Vol 3 (4) ◽  
pp. 395 ◽  
Author(s):  
Zhong Xu ◽  
Xue Liu ◽  
Guoqing Zhang ◽  
Wenbo He
Keyword(s):  
Key Management ◽  
Mobile Ad Hoc Network ◽  
Real Life ◽  
Public Key Cryptography ◽  
Cyber Physical Systems ◽  
Public Key ◽  
Management Problem ◽  
Signature Scheme ◽  
Physical Systems ◽  
Certificateless Signature

<p>Mobile Ad Hoc Network is a self-configurable and self-organizing wireless network of mobile devices without fixed infrastructure support, which makes it a good candidate as underlying communication network for the Cyber-Physical Systems in emergency conditions such as earthquake, flood, and battlefields. In these scenarios, efficient communication schemes with security support are especially desired. Two cryptography approaches, the public key cryptography and the identitybased cryptography, face the costly and complex key management problem and the “key escrow" problem in the real-life deployment. Recently, the certificateless public key cryptography (CL-PKC) was introduced to address these problems in previous approaches. However, the efficiency of the schemes based on CL-PKC is not high and can be improved further.<br /> In this paper, we present an improved certificateless signature scheme (McCLS) based on bilinear pairings. First, we theoretically compare the efficiency of McCLS with that of existing certificateless signature schemes (CLS). Second, an empirical study is conducted to compare the traditional AODV with the McCLS scheme based on AODV (McDV) in their efficiency and effectiveness against two most common attacks (i.e. redirection attack and rushing attack). Results from theoretical analysis show that the new McCLS scheme is more efficient than existing CLS solutions, and results from empirical studies show that the McDV is able to resist the two common attacks without causing substantial degradation of the network performance.</p>

scholarly journals Secure Certificateless Signature with Revocation in the Standard Model

2014 ◽  
Vol 2014 ◽  
pp. 1-16 ◽  
Author(s):  
Tung-Tso Tsai ◽  
Sen-Shan Huang ◽  
Yuh-Min Tseng
Keyword(s):  
Standard Model ◽  
Public Key Cryptography ◽  
Public Key ◽  
Key Generation ◽  
Security Model ◽  
Certificateless Public Key Cryptography ◽  
Random Oracles ◽  
Diffie Hellman ◽  
The Standard Model ◽  
Certificateless Signature

Certificateless public key cryptography is very attractive in solving the key escrow problem which is inherent in identity- (ID-) based public key cryptography. In the past, a large number of certificateless cryptographic schemes and protocols were presented, but a secure certificateless signature in the standard model (without random oracles) is still not accessible until now. To the best of our knowledge, all the previously proposed certificateless signature schemes were insecure under a considerably strong security model in the sense that they suffered from outsiders’ key replacement attacks or the attacks from the key generation center (KGC). In this paper, we propose a certificateless signature scheme without random oracles. Moreover, our scheme is secure under the strong security model and provides a public revocation mechanism, called revocable certificateless signature (RCLS). Under the standard computational Diffie-Hellman assumption, we formally demonstrate that our scheme possesses existential unforgeability against adaptive chosen-message attacks.

Developing a Public Key Infrastructure for a Secure Regional e-Health Environment

2002 ◽  
Vol 41 (05) ◽  
pp. 414-418 ◽  
Author(s):  
I. Mavridis ◽  
C. Ilioudis ◽  
C. Georgiadis ◽  
G. Pangalos
Keyword(s):  
Health Information ◽  
Low Cost ◽  
Public Key Cryptography ◽  
Public Key Infrastructure ◽  
University Hospital ◽  
Public Key ◽  
The Internet ◽  
Regional Health ◽  
Internet Applications ◽  
Regional Health Care

Summary Objectives: Internet technologies provide an attractive infrastructure for efficient and low cost communications in regional health information networks. The advantages provided by the Internet come however with a significantly greater element of risk to the confidentiality and integrity of information. This is because the Internet has been designed primarily to optimize information sharing and interoperability, not security. The main objective of this paper is to propose the exploitation of public-key cryptography techniques to provide adequate security to enable secure healthcare Internet applications. Methods: Public-key cryptography techniques can provide the needed security infrastructure in regional health networks. In the regional health-care security framework presented in this paper, we propose the use of state-of-art Public Key Infrastructure (PKI) technology. Such an e-Health PKI consists of regional certification authorities that are implemented within the central hospitals of each region and provide their services to the rest of the healthcare establishments of the same region. Results: Significant experience in this area has been gained from the implementation of the PKI@AUTH project. Conclusions: The developed PKI infrastructure already successfully provides its security services to the AHEPA university hospital. The same infrastructure is designed to easily support a number of hospitals participating in a regional health information network.

HomeTec Software for Security Aspects of Smart Home Devices Based on IoT

2021 ◽  
pp. 5-16
Author(s):  
Parth Rustagi ◽  
◽  
◽  
◽  
◽  
...  
Keyword(s):  
Smart Home ◽  
Denial Of Service ◽  
Security Protocols ◽  
The Internet ◽  
Security Threats ◽  
Deep Dive ◽  
Cost Cutting ◽  
Full Control ◽  
Iot Devices ◽  
Service Data

As useful as it gets to connect devices to the internet to make life easier and more comfortable, it also opens the gates to various cyber threats. The connection of Smart Home devices to the internet makes them vulnerable to malicious hackers that infiltrate the system. Hackers can penetrate these systems and have full control over devices. This can lead to denial of service, data leakage, invasion of privacy, etc. Thus security is a major aspect of Smart home devices. However, many companies manufacturing these Smart Home devices have little to no security protocols in their devices. In the process of making the IoT devices cheaper, various cost-cutting is done on the security protocols in IoT devices. In some way, many manufactures of the devices don’t even consider this as a factor to build upon. This leaves the devices vulnerable to attacks. Various authorities have worked upon to standardize the security aspects for the IoT and listed out guidelines for manufactures to follow, but many fail to abide by them. This paper introduces and talks about the various threats, various Security threats to Smart Home devices. It takes a deep dive into the solutions for the discussed threats. It also discusses their prevention. Lastly, it discusses various preventive measures and good practices to be incorporated to protect devices from any future attacks.

LIGHTWEIGHT CRYPTOGRAPHIC ALGORITHM IMPLEMENTATION IN A MICROCONTROLLER SYSTEM

2021 ◽  
Vol 17 (1) ◽  
pp. 260-264
Author(s):  
Alexandru VULPE ◽  
Raluca ANDREI ◽  
Alexandru BRUMARU ◽  
Octavian FRATU
Keyword(s):  
The Internet ◽  
Continuous Increase ◽  
Security Issues ◽  
Cryptographic Algorithm ◽  
Physical Limitations ◽  
Encryption Algorithms ◽  
Iot Devices ◽  
The Cost ◽  
Algorithm Implementation ◽  
Lightweight Encryption

Abstract: With the development of mobile devices and the advent of smartphones, the Internet has become part of everyday life. Any category of information about weather, flight schedule, etc. it is just a click away from the keyboard. This availability of data has led to a continuous increase in connectivity between devices, from any corner of the world. Combining device connectivity with systems automation allows the collection of information, its analysis and implicitly decision-making on the basis of information. Their introduction and continued expansion of devices that communicate in networks (including the Internet) have made security issues very important devices as well as for users. One of the main methodologies that ensures data confidentiality is encryption, which protects data from unauthorized access, but at the cost of using extensive mathematical models. Due to the nature of IoT devices, the resources allocated to a device can be constrained by certain factors, some of which are related to costs and others to the physical limitations of the device. Ensuring the confidentiality of data requires the use of encryption algorithms for these interconnected devices, which provide protection while maintaining the operation of that device. The need for these types of algorithms has created conditions for the growth and development of the concept of lightweight encryption, which aim to find encryption systems that can be implemented on these categories of devices, with limited hardware and software requirements. The paper proposes a lightweight cryptographic algorithm implemented on a microcontroller system, comparing its performances with those of the already existing system (based on x86).

Certificateless Short Signature Scheme from Bilinear Pairings

2013 ◽  
Vol 380-384 ◽  
pp. 2435-2438 ◽  
Author(s):  
Shu Rong Feng ◽  
Jiao Mo ◽  
Hua Zhang ◽  
Zheng Ping Jin
Keyword(s):  
Bilinear Pairings ◽  
Public Key ◽  
Security Level ◽  
Signature Scheme ◽  
Signature Schemes ◽  
Short Signature ◽  
Certificateless Signature ◽  
Provably Secure

Certificateless short signature schemes can not only have the advantage of certificateless signature, but also provide a short signature size in communication. However, all existing certificateless short signature schemes only proven secure against a normal adversary which can only obtain the valid signature for the original public key rather than a super adversary which can obtain the valid signature for the replaced public key. Recently, Fan et al. proposed a certificateless short signature scheme which is very efficient, but we found it is still cannot against super adversary. In this paper, we first analysis their scheme, and then present an improved scheme which can against super adversaries. Furthermore, our scheme can provide both the strongest security level and the shortest signature size compared the existed provably secure certificateless short signature scheme.

Sign in / Sign up

Export Citation Format

Share Document