Cryptanalysis of an Authentication Scheme Using an Identity Based Generalized Signcryption

Waheed, Abdul; Umar, Arif Iqbal; Din, Nizamud; Amin, Noor Ul; Abdullah, Saleem

doi:10.3390/math7090782

Cited by 7 publications

(9 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Shen et al in 2017 [23] improve the security of existing IBGS schemes which is suitable for low storage devices. Waheed et al in 2019 [24] proved that the security of the Wei et al [21] scheme is susceptible to attack and insecure. In the proposed cryptanalysis, the authors launched a security attack on the Wei et al [21] scheme and found that the master secret key of the proposed scheme can be easily compromised.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

A Lightweight Nature Heterogeneous Generalized Signcryption (HGSC) Scheme for Named Data Networking-Enabled Internet of Things

Rehman

Khattak

Alzahrani

et al. 2020

Wireless Communications and Mobile Computing

Self Cite

View full text Add to dashboard Cite

Internet of Things (IoT) is the collection of different types of smart objects like mobile phones, sensors, cars, smart cities, smart buildings, and healthcare, which can provide a quality life to humans around the globe. These smart objects sense and produce a huge amount of data for distribution. The current hostcentric networking paradigm is not that scalable to provide a suitable solution to the idea of IoT. For scalable connectivity and efficient distribution, Named Data Networking (NDN) has been envisioned as a promising solution for future internet architecture. On the other hand, the significant issues regarding the adaptation of NDN with IoT possess security concerns such as authentication, confidentiality, integrity, and forward secrecy. As IoT is a heterogeneous environment, it demands a different type of security, according to the environmental situation such as public key infrastructure (PKI), identity-based cryptosystem (IBC), and certificateless cryptosystem (CLC). This paper presents a new concept of CLC to IBC heterogeneous generalized signcryption for the first time to fulfil the prime security requirements of NDN-based IoT. The proposed scheme provides the security properties according to situational needs without disturbing the structural policy of NDN. Considering the resource-constrained nature of IoT, we used a lightweight type of elliptic curve called the hyperelliptic curve cryptosystem which offers the same level of security as that of bilinear pairing and an elliptic curve cryptosystem using a minimum key size. Further, we compare the proposed scheme with recently proposed identity-based as well as certificateless generalized signcryption schemes, and the results give satisfactory outputs in terms of computational and communication resources. Furthermore, we simulate the proposed scheme with Automated Validation of Internet Security Protocols and Applications (AVISPA), and the results show that our scheme is valid and safe. Additionally, we provide a practical scenario of the proposed on NDN with an IoT-based smart city.

show abstract

Section: Related Workmentioning

confidence: 99%

“…However, the schemes [18][19][20][21][22][23] suffer from a heavy pairing operation due to the use of bilinear pairing. In [24], the authors did not provide any sort of solution to the proposed claims.…”

Section: Related Workmentioning

confidence: 99%

A Lightweight Nature Heterogeneous Generalized Signcryption (HGSC) Scheme for Named Data Networking-Enabled Internet of Things

Rehman

Khattak

Alzahrani

et al. 2020

Wireless Communications and Mobile Computing

Self Cite

View full text Add to dashboard Cite

show abstract

“…In the scheme [29], the authors proposed an ID-based generalized signcryption technique to achieve the security properties of data confidentiality and authentication in the big data environment and claimed that the security of their scheme is formally proved in the standard model. In scheme [30] proposed the updated version of [29], and he claimed that the scheme [29] is not secure in the standard model and does not satisfy (IND-CCA) and (EUF-CMA) properties. Moreover, the third-party PKG is still compromised, and the attacker can easily modify the data in the big data environment.…”

Section: Related Workmentioning

confidence: 99%

A Lightweight and Secure Attribute-Based Multi Receiver Generalized Signcryption Scheme for Body Sensor Networks

et al. 2020

Self Cite

View full text Add to dashboard Cite

With the rising number of patients along with the same time, the comparative evolution in wireless technology has made Body Sensor Networks (BSNs) flourishing in the market. In BSNs, tiny biosensor nodes are deployed inside/outside of a human body to continuously monitor patient vital signs such as heartbeat rate, blood pressure, respiratory rate, and temperature. BSNs face various challenges due to their constrained natured environment. These are prioritized, delay less and secure transmission of patient data using a public network, simultaneous reception of patient data by end-users, patient identity privacy, high overhead, and energy constraints. However, various researchers have worked in this domain, unable to cope with all these issues in one go. In this paper, we have proposed a novel cryptosystem covering the mentioned issues in a desirable way. For this purpose, we design a novel concept of a lightweight and secure attribute-based multi-receiver generalized signcryption scheme that can adaptively work as an encryption mode, a signature mode, or a signcryption mode with a single algorithm and consume fewer resources by using shorter keys size of Hyper-elliptic Curve Cryptography (HECC). Similarly, we design a modified priority-based scheduling algorithm to delay less emergency patient data. Multiple end-users access the encoded data simultaneously by defining an access policy using AND & OR logic gates. Furthermore, we simulate our scheme using the AVISPA tool and demonstrate that our proposed scheme can meet the security requirements such as data confidentiality (IND-CCA), integrity, unforgeability (EUF-CMA), patient data authenticity, forward secrecy, and non-repudiation distinctly in the Random Oracle Model (ROM). Due to lower processing costs and transmission overhead, this scheme is more efficient and suitable for the resource-constrained environment of BSNs.

show abstract

“…In References 12 and 13 proposed a cross-domain authentication scheme to solve the security problem that communication signaling will be blocked when most of vehicle devices access the LTE-A network at the same time and perform complete identity verification and key agreement processing for each device. ID-based generalized signcryption is a cost-effective security primitive that provides identity verification or confidentiality, or joint confidentiality and identity verification, 27,28 this scheme is indistinguishable from adaptive selection ciphertext attacks, and has no unforgeability against adaptive selection message attacks. The concept of a smart city based on the IoT is constantly evolving to improve the quality of life of citizens through the practice of information and communication technologies.…”

Section: Related Workmentioning

confidence: 99%

Multidomain security authentication for the Internet of things

Zhang

Zhao

Kuang

et al. 2020

Concurrency and Computation

View full text Add to dashboard Cite

Summary With the rapid development of Internet of Things (IoT) information technology, the IoT has become a key infrastructure for telemedicine, smart home, and intelligent transportation. One of the key technologies for these applications is information sharing and interoperation among multiple domains. However, the security and privacy issues of multidomain interaction face severe security challenges. Aiming at these problems, an certificateless multidomain authentication technology is proposed for IoT. Bilinear mapping and short signature technology are used to realize mutual authentication among entities in different domains, which protects secure data sharing and secure interoperability among domains. Certificateless multidomain authentication can avoid inherent security risks of key escrow in existing identity‐based authentication. And it also solves complex certificate management and network bottlenecks problems in traditional certificate‐based authentication. The proof and analysis show that the proposed scheme has good security and performance, it supports anonymous authentication among entities, and it is also suitable for large‐scale distributed network security alliance authentication mechanism.

show abstract

Cryptanalysis of an Authentication Scheme Using an Identity Based Generalized Signcryption

Cited by 7 publications

References 20 publications

A Lightweight Nature Heterogeneous Generalized Signcryption (HGSC) Scheme for Named Data Networking-Enabled Internet of Things

A Lightweight Nature Heterogeneous Generalized Signcryption (HGSC) Scheme for Named Data Networking-Enabled Internet of Things

A Lightweight and Secure Attribute-Based Multi Receiver Generalized Signcryption Scheme for Body Sensor Networks

Multidomain security authentication for the Internet of things

Contact Info

Product

Resources

About