On the security of a certificateless online/offline signcryption for Internet of Things

详细信息    查看全文

• 作者：Wenbo Shi ; Neeraj Kumar ; Peng Gong…
• 关键词：Internet of Things ; Certificateless cryptography ; Online/offline signcryption ; Bilinear pairing
• 刊名：Peer-to-Peer Networking and Applications
• 出版年：2015
• 出版时间：September 2015
• 年：2015
• 卷：8
• 期：5
• 页码：881-885
• 全文大小：291 KB
• 参考文献：1.Heer T, Garcia-Morchon O, Hummen R et al (2011) Security challenges in the IP-based Internet of Things. Wirel Pers Commun 61(3):527-42View Article
  2.Yan T, Wen QY (2012) A Trust-third-party based key management protocol for secure mobile RFID service based on the Internet of Things. Advances in intelligent and soft computing, LNCS, vol 135. Springer-Verlag, Berlin, pp 201-08
  3.Liu J, Hu X, Wei ZQ, et al (2012) Location privacy protect model based on positioning middleware among the Internet of Things. In Proceedings of the Computer Science and Electronics Engineering, Hang zhou, China 288-91
  4.Zhou X, Jin Z, Fu Y et al (2011) Short signcryption scheme for the Internet of Things. Informatica 35:521-30MathSciNet
  5.Zheng Y (1997) Digital signcryption or how to achieve cost (signature and encryption) 6 cost (signature) + cost(encryption). In: Goos G, Hartmanis J, van Leeuwen J (eds) Advances in Cryptology-Crypto 1997, LNCS, vol 1294. Springer-Verlag, Berlin, pp 291-12
  6.An JH, Dodis Y, Rabin T (2002) On the security of joint signature and encryption. In: Knudsen LR (ed) Advances in Cryptology-Eurocrypt 2002, LNCS, vol 2332. Springer-Verlag, Berlin, pp 83-07View Article
  7.Malone-Lee J (2002) Identity based signcryption, Cryptologry ePrint Archive, Report 2002/098, <http://?eprint.?iacr.?org/-002/-98 >
  8.Libert B, Quisquater JJ (2003) A new identity based signcryption schemes from pairings. In: 2003 I.E. information theory workshop, Paris, France 155-58
  9.Even S, Goldreich O, Micali S (1996) On-line/off-line digital signatures. J Cryptol 9(1):35-7MathSciNet View Article
  10.Zhang F, Mu Y, Susilo W (2005) Reducing security overhead for mobile networks. In Proceedings of the Advanced information networking and applications, Taipei, Taiwan 398-03
  11.Sun D, Huang X, Mu Y, Susilo W (2008) Identity-based online/off-line signcryption. In Proceedings of the Network and parallel computing, Shanghai, China 34-1
  12.Liu JK, Baek J, Zhou JY (2011) Online/offline identity-based signcryption re-visited. In: Proceedings of the Information Security and Cryptology, LNCS, vol 6584. Berlin, Springer-Verlag, pp 36-1View Article
  13.Selvi SSD, Vivek SS, Rangan CP (2010) Identity based online/offline signcryption scheme. Cryptology ePrint Archive. Available at: http://?eprint.?iacr.?org/-010/-76.?pdf
  14.Li FG, Khan MK, Alghathbar K, Takagi T (2012) Identity-based online/offline signcryption for low power devices. J Netw Comput Appl 35:340-47View Article
  15.He D, Chen Y, Chen J et al (2011) A new two-round certificateless authenticated key agreement protocol without bilinear pairings. Math Comput Model 54(11):3143-152View Article
  16.He D, Chen J, Hu J (2012) A pairing‐free certificateless authenticated key agreement protocol. Int J Commun Syst 25(2):221-30View Article
  17.He D, Padhye S, Chen J (2012) An efficient certificateless two-party authenticated key agreement protocol. Comput Math Appl 64(6):1914-926MathSciNet View Article
  18.He D, Chen J (2013) An efficient certificateless designated verifier signature scheme. Int Arab J Inf Technol 10(4):317-24
  19.He D, Chen Y, Chen J (2013) An efficient certificateless proxy signature scheme without pairing. Math Comput Model 57(9-0):2510-518View Article
  20.He D, Huang B, Chen J (2013) New certificateless short signature scheme. IET Inf Secur 7(2):113-17View Article
  21.He D, Chen J, Zhang R (2012) An efficient and provably-secure certificateless signature scheme without bilinear pairings. Int J Commun Syst 25(11):1432-442View Article
  22.Sun Y, Zhang F (2010) Secure certificateless encryption with short ciphertext. Chin J Electron 19(2):313-18
  23.Sun Y, Li H (2010) Short-ciphertext and BDH-based CCA2 secure certificateless encryption. SCIENCE CHINA Inf Sci 53(10):2005-015View Article
  24.Luo M, Tu M, Xu J (2013) A security communication model based on certificateless online/offline signcryption for Internet of Things, Security and Communication Networks doi:10.-002/?Sec.-36
  25.Turner SM (1994) Square roots mod p. Am Math Mon 101(5):443-49View Article
  
• 作者单位：Wenbo Shi (1)
  Neeraj Kumar (2)
  Peng Gong (3)
  Naveen Chilamkurti (4)
  Hangbae Chang (5)
  
  1. Department of Electronic Engineering, Northeastern University at Qinhuangdao, Qinhuangdao, China
  2. Computer Science & Engineering, Thapar University, Patiala, India
  3. National Key Laboratory of Mechatronic Engineering and Control, School of Mechatronical Engineering, Beijing Institute of Technology, Beijing, China
  4. Department of Computer Science and Computer Engineering, La Trobe University, Melbourne, Australia
  5. Department of Business Administration, Sangmyung University, Seoul, South Korea
  
• 刊物类别：Engineering
• 刊物主题：Communications Engineering and Networks
  Information Systems and Communication Service
  Computer Communication Networks
  
• 出版者：Springer New York
• ISSN：1936-6450

文摘

With the development of the Internet of Things (IOT) application, information security and user privacy protection in the IOT have attracted wide attention across the globe. To solve this problem, Luo et al. proposed an efficient certificateless online/offline signcryption (COOSC) scheme for IOT. They have also demonstrated that their scheme is provably in the random oracle model. However, in this paper, we will show their scheme is vulnerable to the private key compromised problem, i.e., an adversary could get a user’s private key through an intercepted message. The analysis show that Luo et al.’s scheme is not suitable for the IOT.