The Internet of Things (IoT), driven by wireless communication and other technologies, is gradually entering our lives and promoting the transformation of society from "informatization" to "intelligence". Certificateless signature (CLS) eliminates the characteristic of certificate management, making it an effective method for verifying large-scale data in the IoT environment. Nevertheless, hash functions are regarded as ideal random oracles in the security proofs of most CLS schemes, which cannot guarantee the security of CLS schemes in reality. In response to this problem, Shim devised a CLS scheme without random oracles in the standard model and declared it to be provably secure. Unfortunately, in this paper, we cryptanalyze Shim's CLS scheme and demonstrate that it is not resistant to public key replacement attacks from a Type Ⅰ attacker. Furthermore, to further improve the security of the Shim CLS scheme and avoid the single-point failure of the KGC and the signature forgery initiated, we propose a blockchain-based CLS scheme without a random oracle. Finally, we evaluate the comprehensive performance, and while maintaining the computational and communication performance of the Shim scheme, we resist both Type Ⅰ and Type Ⅱ attackers, as well as signature forgery initiated against public parameters.
Citation: Xiaodong Yang, Haoqi Wen, Lei Liu, Ningning Ren, Caifen Wang. Blockchain-enhanced certificateless signature scheme in the standard model[J]. Mathematical Biosciences and Engineering, 2023, 20(7): 12718-12730. doi: 10.3934/mbe.2023567
The Internet of Things (IoT), driven by wireless communication and other technologies, is gradually entering our lives and promoting the transformation of society from "informatization" to "intelligence". Certificateless signature (CLS) eliminates the characteristic of certificate management, making it an effective method for verifying large-scale data in the IoT environment. Nevertheless, hash functions are regarded as ideal random oracles in the security proofs of most CLS schemes, which cannot guarantee the security of CLS schemes in reality. In response to this problem, Shim devised a CLS scheme without random oracles in the standard model and declared it to be provably secure. Unfortunately, in this paper, we cryptanalyze Shim's CLS scheme and demonstrate that it is not resistant to public key replacement attacks from a Type Ⅰ attacker. Furthermore, to further improve the security of the Shim CLS scheme and avoid the single-point failure of the KGC and the signature forgery initiated, we propose a blockchain-based CLS scheme without a random oracle. Finally, we evaluate the comprehensive performance, and while maintaining the computational and communication performance of the Shim scheme, we resist both Type Ⅰ and Type Ⅱ attackers, as well as signature forgery initiated against public parameters.
[1] | P. Pradeep, K. Kant, Conflict detection and resolution in IoT systems: a survey, IoT, 3 (2022), 191–218. https://doi.org/10.3390/iot3010012 doi: 10.3390/iot3010012 |
[2] | Y. Wu, H. N. Dai, H. Wang, Z. Xiong, S. Guo, A survey of intelligent network slicing management for industrial IoT: integrated approaches for smart transportation, smart energy, and smart factory, IEEE Commun. Surv. Tutorials, 24 (2022), 1175–1211. https://doi.org/10.1109/COMST.2022.3158270 doi: 10.1109/COMST.2022.3158270 |
[3] | I. Yoosefdoost, M. Basirifard, J. Álvarez-García, Reservoir operation management with new multi-objective (MOEPO) and metaheuristic (EPO) algorithms, Water, 14 (2022), 2329. https://doi.org/10.3390/w14152329 doi: 10.3390/w14152329 |
[4] | M. Ataei Nezhad, H. Barati, A. Barati, An authentication-based secure data aggregation method in Internet of Things, J. Grid Comput., 20 (2022), 29. https://doi.org/10.1007/s10723-022-09619-w doi: 10.1007/s10723-022-09619-w |
[5] | V. Muthukumaran, Efficient digital signature scheme for Internet of Things, Turk. J. Comput. Math. Educ., 12 (2021), 751–755. https://doi.org/10.17762/turcomat.v12i5.1480 doi: 10.17762/turcomat.v12i5.1480 |
[6] | H. Kashgarani, L. Kotthoff, Is algorithm selection worth it? Comparing selecting single algorithms and parallel execution, in AAAI Workshop on Meta-Learning and MetaDL Challenge, PMLR, (2021), 58–64. |
[7] | B. C. Hu, D. S. Wong, Z. Zhang, X. Deng, Certificateless signature: a new security model and an improved generic construction, Des. Codes Cryptogr., 42 (2007), 109–126. https://doi.org/10.1007/s10623-006-9022-9 doi: 10.1007/s10623-006-9022-9 |
[8] | D. Rajan, P. Eswaran, G. Srivastava, K. Ramana, C. Iwendi, Blockchain‐based multi‐layered federated extreme learning networks in connected vehicles, Expert Syst., 2022 (2022), e13222. https://doi.org/10.1111/exsy.13222 doi: 10.1111/exsy.13222 |
[9] | S. Tanwar, N. Gupta, C. Iwendi, K. Kumar, M. Alenezi, Next generation IoT and blockchain integration, J. Sens., 2022 (2022), 9077348. https://doi.org/10.1155/2022/9077348 doi: 10.1155/2022/9077348 |
[10] | R. Ch, D. J. Kumari, T. R. Gadekallu, C. Iwendi, Distributed-ledger-based blockchain technology for reliable electronic voting system with statistical analysis, Electronics, 11 (2022), 3308. https://doi.org/10.3390/electronics11203308 doi: 10.3390/electronics11203308 |
[11] | K. A. Shim, A new certificateless signature scheme provably secure in the standard model, IEEE Syst. J., 13 (2018), 1421–1430. https://doi.org/10.1109/JSYST.2018.2844809 doi: 10.1109/JSYST.2018.2844809 |
[12] | S. S. Al-Riyami, K. G. Paterson, Certificateless public key cryptography, Asiacrypt, 2894 (2003), 452–473. |
[13] | S. Hussain, S. S. Ullah, I. Ali, J. Xie, V. N. Inukollu, Certificateless signature schemes in Industrial Internet of Things: A comparative survey, Comput. Commun., 181 (2022), 116–131. https://doi.org/10.1016/j.comcom.2021.10.010 doi: 10.1016/j.comcom.2021.10.010 |
[14] | Y. Chen, D. Zheng, R. Guo, Y. Zhang, X. Tao, A blockchain-based revocable certificateless signature scheme for IoT device, Int. J. Network Secur., 23 (2021), 1012–1027. https://doi.org/10.1109/TII.2021.3084753 doi: 10.1109/TII.2021.3084753 |
[15] | S. Hussain, S. S. Ullah, A. Gumaei, M. Al-Rakhami, I. Ahmad, S. M. Arif, A novel efficient certificateless signature scheme for the prevention of content poisoning attack in named data networking-based internet of things, IEEE Access, 9 (2021), 40198–40215. https://doi.org/10.1109/ACCESS.2021.3063490 doi: 10.1109/ACCESS.2021.3063490 |
[16] | R. Canetti, O. Goldreich, S. Halevi, The random oracle methodology, revisited, J. ACM, 51 (2004), 557–594. https://doi.org/10.1145/1008731.1008734 doi: 10.1145/1008731.1008734 |
[17] | C. Wu, H. Huang, K. Zhou, C. Xu, Cryptanalysis and improvement of a new certificateless signature scheme in the standard model, China Commun., 18 (2021), 151–160. https://doi.org/10.23919/JCC.2021.01.013 doi: 10.23919/JCC.2021.01.013 |
[18] | J. K. Liu, M. H. Au, W. Susilo, Self-generated-certificate public key cryptography and certificateless signature/encryption scheme in the standard model, in Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security, ACM, (2007). https://doi.org/10.1145/1229285.1266994 |
[19] | H. Xiong, Z. Qin, F. Li, An improved certificateless signature scheme secure in the standard model, Fundam. Inform., 88 (2008), 193–206. |
[20] | Y. Yuan, D. Li, L. Tian, H. Zhu, Certificateless signature scheme without random oracles, in Advances in Information Security and Assurance: Third International Conference and Workshops, Springer, (2009), 31–40. https://doi.org/10.1007/978-3-642-02617-1_4 |
[21] | Q. Xia, C. X. Xu, Y. Yu, Key replacement attack on two certificateless signature schemes without random oracles, Key Eng. Mater., 439 (2010), 1606–1611. https://doi.org/10.4028/www.scientific.net/KEM.439-440.1606 doi: 10.4028/www.scientific.net/KEM.439-440.1606 |
[22] | Y. Yu, Y. Mu, G. Wang, Q. Xia, B. Yang, Improved certificateless signature scheme provably secure in the standard model, IET Inf. Secur., 6 (2012), 102–110. https://doi.org/10.1049/iet-ifs.2011.0004 doi: 10.1049/iet-ifs.2011.0004 |
[23] | Y. Yuan, C. Wang, Certificateless signature scheme with security enhanced in the standard model, Inf. Process. Lett., 114 (2014), 492–499. https://doi.org/10.1016/j.ipl.2014.04.004 doi: 10.1016/j.ipl.2014.04.004 |
[24] | B. Lynn, PBC library–The pairing-based cryptography library, 2007. Available from: http://crypto.stanford.edu/pbc/. |