Utilizing Certificateless Cryptography for IoT Device Identity Authentication Protocols in Web3

doi:10.12142/ZTECOM.202402005

ZTE Communications ›› 2024, Vol. 22 ›› Issue (2): 30-38.DOI: 10.12142/ZTECOM.202402005

• Special Topic • Previous Articles Next Articles

Utilizing Certificateless Cryptography for IoT Device Identity Authentication Protocols in Web3

WU Zhihui¹^,², HONG Yuxuan¹, ZHOU Enyuan³, LIU Lei¹, PEI Qingqi¹()

^1.Guangzhou Institute of Technology, Xidian University, Guangzhou 510700, China
^2.Guangzhou Lianrong Information Technology Co. Ltd. , Guangzhou 510700, China
^3.The Hong Kong Polytechnic University, Hong Kong 999077, China

Received:2024-03-25 Online:2024-06-28 Published:2024-06-25
About author:WU Zhihui received his master's degree from Xidian University, China. He is the Deputy General Manager of Guangzhou Lianrong Information Technology Co. He has been responsible for project management and technical development in the fields of data security, privacy computing and blockchain technology for many years. He has led or participated in more than ten research projects, and published two papers and 11 invention patents. He received 2023 Blockchain Innovator of the Year Award.
HONG Yuxuan received his BE degree in information security from Xidian University, China in 2021. He is currently pursuing his ME degree with College of Guangzhou Institute of Technology, Xidian University. His research interests include identity authentication and blockchain.
ZHOU Enyuan is currently pursuing his PhD degree in Department of Computing in The Hong Kong Polytechnic University, China. He received his BE degree in information security from Northeastern University, China and MSc degree in cyberspace security (supervised by Prof. PEI Qingqi) from Xidian University, China. His current research interests include Blockchain, Database, and knowledge graph. He has published several papers in prestigious journals and conferences in data management field such as VLDB and IEEE TKDE.
LIU Lei received his BEng degree in electronic information engineering from Zhengzhou University, China in 2010, and his MSc and PhD degrees in communication and information systems from Xidian University, China in 2013 and 2019, respectively. He is currently an associate professor with the Guangzhou Institute of Technology, Xidian University. His research interests include vehicular ad hoc networks, edge intelligence and distributed computing.
PEI Qingqi (qqpei@mail.xidian.edu.cn) is a full professor and PhD supervisor of Xidian University, China. He serves as the director of the Blockchain Application and Evaluation Research Center of Xidian University and the executive director of the Shaanxi Key Laboratory of Blockchain and Secure Computing. His research interests focus on cognitive networks, data security, and blockchain. He has led or participated in more than 30 national, provincial and ministerial projects. He has published more than 100 journal or conference papers and obtained more than 60 patents (including five international PCT patents) and 40 registered software copyrights. He was awarded one second prize of national technology invention awards and three first prizes of provincial or ministerial scientific and technological awards.
Supported by:
the National Key Research and Development Program of China(2021YFB2700600);the National Natural Science Foundation of China(62132013);the Key Research and Development Programs of Shaanxi(S2024-YF-YBGY-1540);the Basic Strengthening Plan Program(2023-JCJQ-JJ-0772);the Key-Area Research and Development Program of Guangdong Province(2021B0101400003);Hong Kong RGC Research Impact Fund(R5060-19);Areas of Excellence Scheme(AoE/E-601/22-R);General Research Fund(152203/20E)

Abstract

Abstract:

Traditional methods of identity authentication often rely on centralized architectures, which poses risks of computational overload and single points of failure. We propose a protocol that offers a decentralized approach by distributing authentication services to edge authentication gateways and servers, facilitated by blockchain technology, thus aligning with the decentralized ethos of Web3 infrastructure. Additionally, we enhance device security against physical and cloning attacks by integrating physical unclonable functions with certificateless cryptography, bolstering the integrity of Internet of Thins (IoT) devices within the evolving landscape of the metaverse. To achieve dynamic anonymity and ensure privacy within Web3 environments, we employ fuzzy extractor technology, allowing for updates to pseudonymous identity identifiers while maintaining key consistency. The proposed protocol ensures continuous and secure identity authentication for IoT devices in practical applications, effectively addressing the pressing security concerns inherent in IoT network environments and contributing to the development of robust security infrastructure essential for the proliferation of IoT devices across diverse settings.

Key words: blockchain, certificateless cryptography, identity authentication, IoT

WU Zhihui, HONG Yuxuan, ZHOU Enyuan, LIU Lei, PEI Qingqi. Utilizing Certificateless Cryptography for IoT Device Identity Authentication Protocols in Web3[J]. ZTE Communications, 2024, 22(2): 30-38.

Figures/Tables 4

Table 1 Running time of cryptographic operations

Notations	Operation	Execution Time/ms
$T b p$	Bilinear paring operation	3.642 5
$T b m$	Scalar multiplication in bilinear pairing	0.233 9
$T b a$	Addition in bilinear pairing	0.165 8
$T e m$	Scalar multiplication in ECC	0.137 3
$T e a$	Addition in ECC	0.096 0
$T p t h$	Map to point hash operation	3.813 3

Table 1 Running time of cryptographic operations

Notations	Operation	Execution Time/ms
$T b p$	Bilinear paring operation	3.642 5
$T b m$	Scalar multiplication in bilinear pairing	0.233 9
$T b a$	Addition in bilinear pairing	0.165 8
$T e m$	Scalar multiplication in ECC	0.137 3
$T e a$	Addition in ECC	0.096 0
$T p t h$	Map to point hash operation	3.813 3

Table 2 Comparison of computation cost of schemes

Scheme	Single Signature	Single Verification	Aggregate Verification
SHEN et al.^[18]	$(3 T b m + 1 T p t h + 1 T b p) o n$	$3 T b p + 2 T p t h$	$n T b p + 1 T b m + (n - 1) T b a$
KUMAR et al.^[19]	$(3 T b m + 1 T p t h + 1 T b p) o n$	$3 T b p + 2 T p t h + 2 T b m + 1 T b a$	$3 T b p + (n + 1) T p t h + n T b m + (3 n - 2) T b a$
KAMIL et al.^[20]	$(3 T e m + 1 T b a) o n$	$3 T b p + 3 T e m + 1 T b a$	$3 T b p + (2 n + 1) T e m + (2 n - 1) T b a$
ZHU et al.^[21]	$(3 T e m + 1 T b a) o n$	$4 T e m + 3 T e a$	$(5 n + 2) T e m + (7 n + 4) T e a$
Ours	$(T e m) o f f$	$4 T e m + 3 T e a$	$(3 n + 1) T e m + (4 n - 1) T e a$

Table 2 Comparison of computation cost of schemes

Scheme	Single Signature	Single Verification	Aggregate Verification
SHEN et al.^[18]	$(3 T b m + 1 T p t h + 1 T b p) o n$	$3 T b p + 2 T p t h$	$n T b p + 1 T b m + (n - 1) T b a$
KUMAR et al.^[19]	$(3 T b m + 1 T p t h + 1 T b p) o n$	$3 T b p + 2 T p t h + 2 T b m + 1 T b a$	$3 T b p + (n + 1) T p t h + n T b m + (3 n - 2) T b a$
KAMIL et al.^[20]	$(3 T e m + 1 T b a) o n$	$3 T b p + 3 T e m + 1 T b a$	$3 T b p + (2 n + 1) T e m + (2 n - 1) T b a$
ZHU et al.^[21]	$(3 T e m + 1 T b a) o n$	$4 T e m + 3 T e a$	$(5 n + 2) T e m + (7 n + 4) T e a$
Ours	$(T e m) o f f$	$4 T e m + 3 T e a$	$(3 n + 1) T e m + (4 n - 1) T e a$

Table 3 Comparison of communication cost of schemes

Scheme	Single Signature Length/bits	Aggregate Signature Length/bits
SHEN et al.^[18]	$2 \| G 1 \| = 2 048$	$(n + 1) \| G 1 \| = (n + 1) 2 048$
KUMAR et al.^[19]	$2 \| G 1 \| = 2 048$	$(n + 1) \| G 1 \| = (n + 1) 2 048$
KAMIL et al.^[20]	$2 \| G 1 \| = 2 048$	$2 \| G 1 \| = 2 048$
ZHU et al.^[21]	$2 \| G \| + 2 \| Z q \| = 960$	$2 n \| G \| + 2 \| Z q \| = 640 n + 320$
Ours	$1 \| G \| + 1 \| Z q \| = 480$	$n \| G \| + 1 \| Z q \| = 320 n + 160$

Table 3 Comparison of communication cost of schemes

Scheme	Single Signature Length/bits	Aggregate Signature Length/bits
SHEN et al.^[18]	$2 \| G 1 \| = 2 048$	$(n + 1) \| G 1 \| = (n + 1) 2 048$
KUMAR et al.^[19]	$2 \| G 1 \| = 2 048$	$(n + 1) \| G 1 \| = (n + 1) 2 048$
KAMIL et al.^[20]	$2 \| G 1 \| = 2 048$	$2 \| G 1 \| = 2 048$
ZHU et al.^[21]	$2 \| G \| + 2 \| Z q \| = 960$	$2 n \| G \| + 2 \| Z q \| = 640 n + 320$
Ours	$1 \| G \| + 1 \| Z q \| = 480$	$n \| G \| + 1 \| Z q \| = 320 n + 160$

References 21

1	LIU Z T, XIANG Y X, SHI J, et al. Make Web3.0 connected [J]. IEEE transactions on dependable and secure computing, 2022, 19(5): 2965–2981. DOI: 10.1109/TDSC.2021.3079315
2	RAY P P. Web3: A comprehensive review on background, technologies, applications, zero-trust architectures, challenges and future directions [J]. Internet of Things and cyber-physical systems, 2023, 3: 213–248. DOI: 10.1016/j.iotcps.2023.05.003
3	CHEN C, ZHANG L, LI Y H, et al. When digital economy meets Web3.0: applications and challenges [J]. IEEE open journal of the computer society, 2022, 3: 233–245. DOI: 10.1109/OJCS.2022.3217565
4	GUPTA M. Integration of IoT and Blockchain for user Authentication [J]. Scientific journal of metaverse and blockchain technologies, 2023, 1(1): 72–84. DOI: 10.36676/sjmbt.v1i1.10
5	GAO H M, DUAN P F, PAN X F, et al. Blockchain-enabled supervised secure data sharing and delegation scheme in Web3.0 [J]. Journal of cloud computing, 2024, 13(1): 21. DOI: 10.1186/s13677-023-00575-8
6	SAMIR E, WU H Y, AZAB M, et al. DT-SSIM: A decentralized trustworthy self-sovereign identity management framework [J]. IEEE Internet of Things journal, 2022, 9(11): 7972–7988. DOI: 10.1109/JIOT.2021.3112537
7	YIN J, XIAO Y, PEI Q Q, et al. SmartDID: A novel privacy-preserving identity based on blockchain for IoT [J]. IEEE Internet of Things journal, 2023, 10(8): 6718–6732. DOI: 10.1109/JIOT.2022.3145089
8	BAO Z J, HE D B, KHAN M K, et al. PBidm: privacy-preserving blockchain-based identity management system for industrial Internet of Things [J]. IEEE transactions on industrial informatics, 2023, 19(2): 1524–1534. DOI: 10.1109/TII.2022.3206798
9	VERMA G K, KUMAR N, GOPE P, et al. SCBS: a short certificate-based signature scheme with efficient aggregation for industrial-internet-of-things environment [J]. IEEE Internet of Things journal, 2021, 8(11): 9305–9316. DOI: 10.1109/JIOT.2021.3055843
10	AL-RIYAMI S S, PATERSON K G. Certificateless public key cryptography [C]//Advances in Cryptology: ASIACRYPT 2003. Berlin, Heidelberg: Springer, 2003, 2894: 452–473. DOI: 10.1007/978-3-540-40061-5_29
11	DING X Y, WANG X X, XIE Y, et al. A lightweight anonymous authentication protocol for resource-constrained devices in Internet of Things [J]. IEEE Internet of Things journal, 2022, 9(3): 1818–1829. DOI: 10.1109/JIOT.2021.3088641
12	WANG W Z, XU H, ALAZAB M, et al. Blockchain-based reliable and efficient certificateless signature for IIoT devices [J]. IEEE transactions on industrial informatics, 2022, 18(10): 7059–7067. DOI: 10.1109/TII.2021.3084753
13	LI X, JIANG C, DU D J, et al. A novel revocable lightweight authentication scheme for resource-constrained devices in cyber–physical power systems [J]. IEEE Internet of Things journal, 2023, 10(6): 5280–5292. DOI: 10.1109/JIOT.2022.3221943
14	WANG Z L, ZHOU Y W, QIAO Z R, et al. An anonymous and revocable authentication protocol for vehicle-to-vehicle communications [J]. IEEE Internet of Things journal, 2023, 10(6): 5114–5127. DOI: 10.1109/JIOT.2022.3222469
15	ZHOU Y W, CAO L, QIAO Z R, et al. An efficient identity authentication scheme with dynamic anonymity for VANETs [J]. IEEE Internet of Things journal, 2023, 10(11): 10052–10065. DOI: 10.1109/JIOT.2023.3236699
16	ALI U, IDRIS M Y I BIN, FRNDA J, et al. Enhanced lightweight and secure certificateless authentication scheme (ELWSCAS) for Internet of Things environment [J]. Internet of Things, 2023, 24: 100923. DOI: 10.1016/j.iot.2023.100923
17	IQBAL A, ZUBAIR M, KHAN M A, et al. An efficient and secure certificateless aggregate signature scheme for vehicular ad hoc networks [J]. Future Internet, 2023, 15(8): 266. DOI: 10.3390/fi15080266
18	SHEN L M, MA J F, LIU X M, et al. A secure and efficient ID-based aggregate signature scheme for wireless sensor networks [J]. IEEE Internet of Things journal, 2017, 4(2): 546–554. DOI: 10.1109/JIOT.2016.2557487
19	KUMAR P, KUMARI S, SHARMA V, et al. A certificateless aggregate signature scheme for healthcare wireless sensor network [J]. Sustainable computing: Informatics and systems, 2018, 18: 80–89. DOI: 10.1016/j.suscom.2017.09.002
20	KAMIL I A, OGUNDOYIN S O. On the security of privacy-preserving authentication scheme with full aggregation in vehicular ad hoc network [J]. Security and privacy, 2020, 3(1): e104. DOI: 10.1002/spy2.104
21	ZHU F, YI X, ABUADBBA A, et al. Certificate-based anonymous authentication with efficient aggregation for wireless medical sensor networks [J]. IEEE Internet of Things journal, 2022, 9(14): 12209–12218. DOI: 10.1109/JIOT.2021.3134693

Scheme	Single Signature Length/bits	Aggregate Signature Length/bits
SHEN et al.^[18]	$2 \| G 1 \| = 2 048$	$(n + 1) \| G 1 \| = (n + 1) 2 048$
KUMAR et al.^[19]	$2 \| G 1 \| = 2 048$	$(n + 1) \| G 1 \| = (n + 1) 2 048$
KAMIL et al.^[20]	$2 \| G 1 \| = 2 048$	$2 \| G 1 \| = 2 048$
ZHU et al.^[21]	$2 \| G \| + 2 \| Z q \| = 960$	$2 n \| G \| + 2 \| Z q \| = 640 n + 320$
Ours	$1 \| G \| + 1 \| Z q \| = 480$	$n \| G \| + 1 \| Z q \| = 320 n + 160$

Scheme	Single Signature Length/bits	Aggregate Signature Length/bits
SHEN et al.^[18]	$2 \| G 1 \| = 2 048$	$(n + 1) \| G 1 \| = (n + 1) 2 048$
KUMAR et al.^[19]	$2 \| G 1 \| = 2 048$	$(n + 1) \| G 1 \| = (n + 1) 2 048$
KAMIL et al.^[20]	$2 \| G 1 \| = 2 048$	$2 \| G 1 \| = 2 048$
ZHU et al.^[21]	$2 \| G \| + 2 \| Z q \| = 960$	$2 n \| G \| + 2 \| Z q \| = 640 n + 320$
Ours	$1 \| G \| + 1 \| Z q \| = 480$	$n \| G \| + 1 \| Z q \| = 320 n + 160$

[1]	FENG Jianxin, PAN Yi, WU Xiao. Building a Stronger Foundation for Web3: Advantages of 5G Infrastructure [J]. ZTE Communications, 2024, 22(2): 3-10.
[2]	CHEN Rui, LI Hui, LI Wuyang, BAI He, WANG Han, WU Naixing, FAN Ping, KANG Jian, DENG Selwyn, ZHU Xiang. MetaOracle: A High-Throughput Decentralized Oracle for Web 3.0-Empowered Metaverse [J]. ZTE Communications, 2024, 22(2): 11-18.
[3]	MA Qianli, ZHANG Shengli, WANG Taotao, YANG Qing, WANG Jigang. Optimization of High-Concurrency Conflict Issues in Execute-Order-Validate Blockchain [J]. ZTE Communications, 2024, 22(2): 19-29.
[4]	YANG Yibing, LIU Ming, XU Rongtao, WANG Gongpu, GONG Wei. Link Budget and Enhanced Communication Distance for Ambient Internet of Things [J]. ZTE Communications, 2024, 22(1): 16-23.
[5]	AWADA Uchechukwu, ZHANG Jiankang, CHEN Sheng, LI Shuangzhi, YANG Shouyi. Machine Learning Driven Latency Optimization for Internet of Things Applications in Edge Computing [J]. ZTE Communications, 2023, 21(2): 40-52.
[6]	HUANG Rui, LI Huilin, ZHANG Yongmin. Efficient Bandwidth Allocation and Computation Configuration in Industrial IoT [J]. ZTE Communications, 2023, 21(1): 55-63.
[7]	CAO Yinfeng, CAO Jiannong, WANG Yuqin, WANG Kaile, LIU Xun. Security in Edge Blockchains: Attacks and Countermeasures [J]. ZTE Communications, 2022, 20(4): 3-14.
[8]	CUI Ziqi, WANG Gongpu, WANG Zhigang, AI Bo, XIAO Huahua. Symbiotic Radio Systems: Detection and Performance Analysis [J]. ZTE Communications, 2022, 20(3): 93-98.
[9]	HAN Suning, LI Xiuhua, SUN Chuan, WANG Xiaofei, LEUNG Victor C. M.. RecCac: Recommendation-Empowered Cooperative Edge Caching for Internet of Things [J]. ZTE Communications, 2021, 19(2): 2-10.
[10]	TAN Jie, SHA Xiubin, DAI Bo, LU Ting. Analysis of Industrial Internet of Things and Digital Twins [J]. ZTE Communications, 2021, 19(2): 53-60.
[11]	ZHAO Tian, LI Hui, YANG Xin, WANG Han, ZENG Ming, GUO Haisheng, WANG Dezheng. Differentially Authorized Deduplication System Based on Blockchain [J]. ZTE Communications, 2021, 19(2): 67-76.
[12]	LIN Xinhua, ZHANG Jing, LI Qiang. Cluster Head Selection Algorithm for UAV Assisted Clustered IoT Network Utilizing Blockchain [J]. ZTE Communications, 2021, 19(1): 30-38.
[13]	XING Kaixuan, LI Hui, YIN Feng, MA Huajun, HOU Hanxu, XU Huanle, HAN Yunghsiang S., LIU Ji, SUN Tao. Prototype of Multi-Identifier SystemBased on Voting Consensus [J]. ZTE Communications, 2020, 18(1): 7-17.
[14]	ZHANG Shuang, ZHANG Ningbo, KANG Guixia. Energy Efficiency for NPUSCH in NB-IoT with Guard Band [J]. ZTE Communications, 2018, 16(4): 46-51.
[15]	FU Shousai, ZHANG Hesheng, CHEN Jinghe. Time Sensitive Networking Technology Overview and Performance Analysis [J]. ZTE Communications, 2018, 16(4): 57-64.

Utilizing Certificateless Cryptography for IoT Device Identity Authentication Protocols in Web3

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 4

References 21

Related Articles 15

Recommended Articles

Metrics