Due to the open underwater channels and untransparent network deployment environments, underwater acoustic networks (UANs) are more vulnerable to hostile environments. Security research is also being conducted in cryptography, including authentication based on asymmetric algorithms and key distribution based on symmetric algorithms. In recent years, the advancement of quantum computing has made anti-quantum attacks an important issue in the field of security. Algorithms such as lattice and SPHINCS+ have become a research topic of interest in the field of security. However, within the past five years, few papers have discussed security algorithms for UANs to resist quantum attacks, especially through classical algorithms. Some existing classical asymmetric and symmetric algorithms are considered to have no prospects. From the perspective of easy deployment in engineering and anti-quantum attacks, our research focuses on a comprehensive lightweight security framework for data protection, authentication, and malicious node detection through the Elliptic Curve and Hash algorithms. Our mechanism is suitable for ad hoc scenarios with limited underwater resources. Meanwhile, we have designed a multi-party bit commitment to build a security framework for the system. A management scheme is designed by combining self-certifying with the threshold sharing algorithm. All schemes are designed based on certificate-less and ad hoc features. The proposed scheme ensures that the confidentiality, integrity, and authentication of the system are well considered. Moreover, the scheme is proven to be of unconditional security and immune to channel eavesdropping. The resource and delay issues are also taken into consideration. The simulations considered multiple variables like number of nodes, attackers, and message length to calculate proper values that can increase the efficiency of this scheme. The results in terms of delay, delivery ratio, and consumption demonstrate the suitability of the proposal in terms of security, especially for malicious node detection. Meanwhile, the computational cost has also been controlled at the millisecond level.
