Authenticated Digital Currency Redaction with Stronger Privacy and Usability

With the promotion of digital currency,how to effectively solve the authenticity,privacy and usability of digital currency issuance has been a key problem.Redactable signature scheme(RSS)can provide the verification of the integrity and source of the generated sub-documents and solve the privacy problem in digital currency by removing blocks from the signed documents.Unfortunately,it has not realized the consolidation of signed documents,which can not solve the problem of merging two digital currencies.Now,we introduce the concept of weight based on the threshold secret sharing scheme(TSSS)and present a redactable signature scheme with merge algorithm(RSS-MA)using the quasi-commutative accumulator.Our scheme can reduce the communication overhead by utilizing the merge algorithm when transmitting multiple digital currency signatures.Furthermore,this can effectively hide the scale of users’private monetary assets and the number of transactions between users.While meeting the three properties of digital currency issuance,in order to ensure the availability of digital currency after redacting,editors shall not remove the relevant identification information block form digital currency.Finally,our security proof and the analysis of efficiency show that RSS-MA greatly improves the communication and computation efficiency when transmitting multiple signatures.

Blockchain-Based Certificateless Bidirectional Authenticated Searchable Encryption Scheme in Cloud Email System

Traditional email systems can only achieve one-way communication,which means only the receiver is allowed to search for emails on the email server.In this paper,we propose a blockchain-based certificateless bidirectional authenticated searchable encryption model for a cloud email system named certificateless authenticated bidirectional searchable encryption(CL-BSE)by combining the storage function of cloud server with the communication function of email server.In the new model,not only can the data receiver search for the relevant content by generating its own trapdoor,but the data owner also can retrieve the content in the same way.Meanwhile,there are dual authentication functions in our model.First,during encryption,the data owner uses the private key to authenticate their identity,ensuring that only legal owner can generate the keyword ciphertext.Second,the blockchain verifies the data owner’s identity by the received ciphertext,allowing only authorized members to store their data in the server and avoiding unnecessary storage space consumption.We obtain a formal definition of CL-BSE and formulate a specific scheme from the new system model.Then the security of the scheme is analyzed based on the formalized security model.The results demonstrate that the scheme achieves multikeyword ciphertext indistinguishability andmulti-keyword trapdoor privacy against any adversary simultaneously.In addition,performance evaluation shows that the new scheme has higher computational and communication efficiency by comparing it with some existing ones.

Efficient Certificateless Authenticated Key Agreement for Blockchain-Enabled Internet of Medical Things

Internet of Medical Things(IoMT)plays an essential role in collecting and managing personal medical data.In recent years,blockchain technology has put power in traditional IoMT systems for data sharing between different medical institutions and improved the utilization of medical data.However,some problems in the information transfer process between wireless medical devices and mobile medical apps,such as information leakage and privacy disclosure.This paper first designs a cross-device key agreement model for blockchain-enabled IoMT.This model can establish a key agreement mechanism for secure medical data sharing.Meanwhile,a certificateless authenticated key agreement(KA)protocol has been proposed to strengthen the information transfer security in the cross-device key agreement model.The proposed KA protocol only requires one exchange of messages between the two parties,which can improve the protocol execution efficiency.Then,any unauthorized tampering of the transmitted signed message sent by the sender can be detected by the receiver,so this can guarantee the success of the establishment of a session key between the strange entities.The blockchain ledger can ensure that the medical data cannot be tampered with,and the certificateless mechanism can weaken the key escrow problem.Moreover,the security proof and performance analysis are given,which show that the proposed model and KA protocol are more secure and efficient than other schemes in similar literature.

An Efficient Three-Party Authenticated Key Exchange Procedure Using Chebyshev Chaotic Maps with Client Anonymity

Internet of Things(IoT)applications can be found in various industry areas,including critical infrastructure and healthcare,and IoT is one of several technological developments.As a result,tens of billions or possibly hundreds of billions of devices will be linked together.These smart devices will be able to gather data,process it,and even come to decisions on their own.Security is the most essential thing in these situations.In IoT infrastructure,authenticated key exchange systems are crucial for preserving client and data privacy and guaranteeing the security of data-in-transit(e.g.,via client identification and provision of secure communication).It is still challenging to create secure,authenticated key exchange techniques.The majority of the early authenticated key agreement procedure depended on computationally expensive and resource-intensive pairing,hashing,or modular exponentiation processes.The focus of this paper is to propose an efficient three-party authenticated key exchange procedure(AKEP)using Chebyshev chaotic maps with client anonymity that solves all the problems mentioned above.The proposed three-party AKEP is protected from several attacks.The proposed three-party AKEP can be used in practice for mobile communications and pervasive computing applications,according to statistical experiments and low processing costs.To protect client identification when transferring data over an insecure public network,our three-party AKEP may also offer client anonymity.Finally,the presented procedure offers better security features than the procedures currently available in the literature.

EBAKE-SE: A novel ECC-based authenticated key exchange between industrial IoT devices using secure element

Industrial IoT(IIoT)aims to enhance services provided by various industries,such as manufacturing and product processing.IIoT suffers from various challenges,and security is one of the key challenge among those challenges.Authentication and access control are two notable challenges for any IIoT based industrial deployment.Any IoT based Industry 4.0 enterprise designs networks between hundreds of tiny devices such as sensors,actuators,fog devices and gateways.Thus,articulating a secure authentication protocol between sensing devices or a sensing device and user devices is an essential step in IoT security.In this paper,first,we present cryptanalysis for the certificate-based scheme proposed for a similar environment by Das et al.and prove that their scheme is vulnerable to various traditional attacks such as device anonymity,MITM,and DoS.We then put forward an interdevice authentication scheme using an ECC(Elliptic Curve Cryptography)that is highly secure and lightweight compared to other existing schemes for a similar environment.Furthermore,we set forth a formal security analysis using the random oracle-based ROR model and informal security analysis over the Doleve-Yao channel.In this paper,we present comparison of the proposed scheme with existing schemes based on communication cost,computation cost and security index to prove that the proposed EBAKE-SE is highly efficient,reliable,and trustworthy compared to other existing schemes for an inter-device authentication.At long last,we present an implementation for the proposed EBAKE-SE using MQTT protocol.

Blockchain-Based Certificateless Cross-Domain Authentication Scheme in the Industrial Internet of Things

The Industrial Internet of Things(IIoT)consists of massive devices in different management domains,and the lack of trust among cross-domain entities leads to risks of data security and privacy leakage during information exchange.To address the above challenges,a viable solution that combines Certificateless Public Key Cryptography(CL-PKC)with blockchain technology can be utilized.However,as many existing schemes rely on a single Key Generation Center(KGC),they are prone to problems such as single points of failure and high computational overhead.In this case,this paper proposes a novel blockchain-based certificateless cross-domain authentication scheme,that integrates the threshold secret sharing mechanism without a trusted center,meanwhile,adopts blockchain technology to enable cross-domain entities to authenticate with each other and to negotiate session keys securely.This scheme also supports the dynamic joining and removing of multiple KGCs,ensuring secure and efficient cross-domain authentication and key negotiation.Comparative analysiswith other protocols demonstrates that the proposed cross-domain authentication protocol can achieve high security with relatively lowcomputational overhead.Moreover,this paper evaluates the scheme based on Hyperledger Fabric blockchain environment and simulates the performance of the certificateless scheme under different threshold parameters,and the simulation results show that the scheme has high performance.

A Hybrid and Lightweight Device-to-Server Authentication Technique for the Internet of Things

The Internet of Things(IoT)is a smart networking infrastructure of physical devices,i.e.,things,that are embedded with sensors,actuators,software,and other technologies,to connect and share data with the respective server module.Although IoTs are cornerstones in different application domains,the device’s authenticity,i.e.,of server(s)and ordinary devices,is the most crucial issue and must be resolved on a priority basis.Therefore,various field-proven methodologies were presented to streamline the verification process of the communicating devices;however,location-aware authentication has not been reported as per our knowledge,which is a crucial metric,especially in scenarios where devices are mobile.This paper presents a lightweight and location-aware device-to-server authentication technique where the device’s membership with the nearest server is subjected to its location information along with other measures.Initially,Media Access Control(MAC)address and Advance Encryption Scheme(AES)along with a secret shared key,i.e.,λ_(i) of 128 bits,have been utilized by Trusted Authority(TA)to generate MaskIDs,which are used instead of the original ID,for every device,i.e.,server and member,and are shared in the offline phase.Secondly,TA shares a list of authentic devices,i.e.,server S_(j) and members C_(i),with every device in the IoT for the onward verification process,which is required to be executed before the initialization of the actual communication process.Additionally,every device should be located such that it lies within the coverage area of a server,and this location information is used in the authentication process.A thorough analytical analysis was carried out to check the susceptibility of the proposed and existing authentication approaches against well-known intruder attacks,i.e.,man-in-the-middle,masquerading,device,and server impersonations,etc.,especially in the IoT domain.Moreover,proposed authentication and existing state-of-the-art approaches have been simulated in the real environment of IoT to verify their performance,particularly in terms of various evaluation metrics,i.e.,processing,communication,and storage overheads.These results have verified the superiority of the proposed scheme against existing state-of-the-art approaches,preferably in terms of communication,storage,and processing costs.

Joint Authentication Public Network Cryptographic Key Distribution Protocol Based on Single Exposure Compressive Ghost Imaging

In the existing ghost-imaging-based cryptographic key distribution(GCKD)protocols,the cryptographic keys need to be encoded by using many modulated patterns,which undoubtedly incurs long measurement time and huge memory consumption.Given this,based on snapshot compressive ghost imaging,a public network cryptographic key distribution protocol is proposed,where the cryptographic keys and joint authentication information are encrypted into several color block diagrams to guarantee security.It transforms the previous single-pixel sequential multiple measurements into multi-pixel single exposure measurements,significantly reducing sampling time and memory storage.Both simulation and experimental results demonstrate the feasibility of this protocol and its ability to detect illegal attacks.Therefore,it takes GCKD a big step closer to practical applications.

Internet of Things Authentication Protocols: Comparative Study

Nowadays, devices are connected across all areas, from intelligent buildings and smart cities to Industry 4.0 andsmart healthcare. With the exponential growth of Internet of Things usage in our world, IoT security is still thebiggest challenge for its deployment. The main goal of IoT security is to ensure the accessibility of services providedby an IoT environment, protect privacy, and confidentiality, and guarantee the safety of IoT users, infrastructures,data, and devices. Authentication, as the first line of defense against security threats, becomes the priority ofeveryone. It can either grant or deny users access to resources according to their legitimacy. As a result, studyingand researching authentication issues within IoT is extremely important. As a result, studying and researchingauthentication issues within IoT is extremely important. This article presents a comparative study of recent researchin IoT security;it provides an analysis of recent authentication protocols from2019 to 2023 that cover several areaswithin IoT (such as smart cities, healthcare, and industry). This survey sought to provide an IoT security researchsummary, the biggest susceptibilities, and attacks, the appropriate technologies, and the most used simulators. Itillustrates that the resistance of protocols against attacks, and their computational and communication cost arelinked directly to the cryptography technique used to build it. Furthermore, it discusses the gaps in recent schemesand provides some future research directions.

A Blockchain-Based Efficient Cross-Domain Authentication Scheme for Internet of Vehicles

The Internet of Vehicles(IoV)is extensively deployed in outdoor and open environments to effectively address traffic efficiency and safety issues by connecting vehicles to the network.However,due to the open and variable nature of its network topology,vehicles frequently engage in cross-domain interactions.During such processes,directly uploading sensitive information to roadside units for interaction may expose it to malicious tampering or interception by attackers,thus compromising the security of the cross-domain authentication process.Additionally,IoV imposes high real-time requirements,and existing cross-domain authentication schemes for IoV often encounter efficiency issues.To mitigate these challenges,we propose CAIoV,a blockchain-based efficient cross-domain authentication scheme for IoV.This scheme comprehensively integrates technologies such as zero-knowledge proofs,smart contracts,and Merkle hash tree structures.It divides the cross-domain process into anonymous cross-domain authentication and safe cross-domain authentication phases to ensure efficiency while maintaining a balance between efficiency and security.Finally,we evaluate the performance of CAIoV.Experimental results demonstrate that our proposed scheme reduces computational overhead by approximately 20%,communication overhead by around 10%,and storage overhead by nearly 30%.

Privacy Enhanced Mobile User Authentication Method Using Motion Sensors

With the development of hardware devices and the upgrading of smartphones,a large number of users save privacy-related information in mobile devices,mainly smartphones,which puts forward higher demands on the protection of mobile users’privacy information.At present,mobile user authenticationmethods based on humancomputer interaction have been extensively studied due to their advantages of high precision and non-perception,but there are still shortcomings such as low data collection efficiency,untrustworthy participating nodes,and lack of practicability.To this end,this paper proposes a privacy-enhanced mobile user authentication method with motion sensors,which mainly includes:(1)Construct a smart contract-based private chain and federated learning to improve the data collection efficiency of mobile user authentication,reduce the probability of the model being bypassed by attackers,and reduce the overhead of data centralized processing and the risk of privacy leakage;(2)Use certificateless encryption to realize the authentication of the device to ensure the credibility of the client nodes participating in the calculation;(3)Combine Variational Mode Decomposition(VMD)and Long Short-TermMemory(LSTM)to analyze and model the motion sensor data of mobile devices to improve the accuracy of model certification.The experimental results on the real environment dataset of 1513 people show that themethod proposed in this paper can effectively resist poisoning attacks while ensuring the accuracy and efficiency of mobile user authentication.

A Post-Quantum Cross-Domain Authentication Scheme Based on Multi-Chain Architecture

Due to the rapid advancements in network technology,blockchain is being employed for distributed data storage.In the Internet of Things(IoT)scenario,different participants manage multiple blockchains located in different trust domains,which has resulted in the extensive development of cross-domain authentication techniques.However,the emergence of many attackers equipped with quantum computers has the potential to launch quantum computing attacks against cross-domain authentication schemes based on traditional cryptography,posing a significant security threat.In response to the aforementioned challenges,our paper demonstrates a post-quantum cross-domain identity authentication scheme to negotiate the session key used in the cross-chain asset exchange process.Firstly,our paper designs the hiding and recovery process of user identity index based on lattice cryptography and introduces the identity-based signature from lattice to construct a post-quantum cross-domain authentication scheme.Secondly,our paper utilizes the hashed time-locked contract to achieves the cross-chain asset exchange of blockchain nodes in different trust domains.Furthermore,the security analysis reduces the security of the identity index and signature to Learning With Errors(LWE)and Short Integer Solution(SIS)assumption,respectively,indicating that our scheme has post-quantum security.Last but not least,through comparison analysis,we display that our scheme is efficient compared with the cross-domain authentication scheme based on traditional cryptography.

Artificial intelligence in physiological characteristics recognition for internet of things authentication

Effective user authentication is key to ensuring equipment security,data privacy,and personalized services in Internet of Things(IoT)systems.However,conventional mode-based authentication methods(e.g.,passwords and smart cards)may be vulnerable to a broad range of attacks(e.g.,eavesdropping and side-channel attacks).Hence,there have been attempts to design biometric-based authentication solutions,which rely on physiological and behavioral characteristics.Behavioral characteristics need continuous monitoring and specific environmental settings,which can be challenging to implement in practice.However,we can also leverage Artificial Intelligence(AI)in the extraction and classification of physiological characteristics from IoT devices processing to facilitate authentication.Thus,we review the literature on the use of AI in physiological characteristics recognition pub-lished after 2015.We use the three-layer architecture of the IoT(i.e.,sensing layer,feature layer,and algorithm layer)to guide the discussion of existing approaches and their limitations.We also identify a number of future research opportunities,which will hopefully guide the design of next generation solutions.

Chaotic Map-Based Authentication and Key Agreement Protocol with Low-Latency for Metasystem

With the rapid advancement in exploring perceptual interactions and digital twins,metaverse technology has emerged to transcend the constraints of space-time and reality,facilitating remote AI-based collaboration.In this dynamic metasystem environment,frequent information exchanges necessitate robust security measures,with Authentication and Key Agreement(AKA)serving as the primary line of defense to ensure communication security.However,traditional AKA protocols fall short in meeting the low-latency requirements essential for synchronous interactions within the metaverse.To address this challenge and enable nearly latency-free interactions,a novel low-latency AKA protocol based on chaotic maps is proposed.This protocol not only ensures mutual authentication of entities within the metasystem but also generates secure session keys.The security of these session keys is rigorously validated through formal proofs,formal verification,and informal proofs.When confronted with the Dolev-Yao(DY)threat model,the session keys are formally demonstrated to be secure under the Real-or-Random(ROR)model.The proposed protocol is further validated through simulations conducted using VMware workstation compiled in HLPSL language and C language.The simulation results affirm the protocol’s effectiveness in resisting well-known attacks while achieving the desired low latency for optimal metaverse interactions.

Recent Developments in Authentication Schemes Used in Machine-Type Communication Devices in Machine-to-Machine Communication: Issues and Challenges

Machine-to-machine (M2M) communication plays a fundamental role in autonomous IoT (Internet of Things)-based infrastructure, a vital part of the fourth industrial revolution. Machine-type communication devices(MTCDs) regularly share extensive data without human intervention while making all types of decisions. Thesedecisions may involve controlling sensitive ventilation systems maintaining uniform temperature, live heartbeatmonitoring, and several different alert systems. Many of these devices simultaneously share data to form anautomated system. The data shared between machine-type communication devices (MTCDs) is prone to risk dueto limited computational power, internal memory, and energy capacity. Therefore, securing the data and devicesbecomes challenging due to factors such as dynamic operational environments, remoteness, harsh conditions,and areas where human physical access is difficult. One of the crucial parts of securing MTCDs and data isauthentication, where each devicemust be verified before data transmission. SeveralM2Mauthentication schemeshave been proposed in the literature, however, the literature lacks a comprehensive overview of current M2Mauthentication techniques and the challenges associated with them. To utilize a suitable authentication schemefor specific scenarios, it is important to understand the challenges associated with it. Therefore, this article fillsthis gap by reviewing the state-of-the-art research on authentication schemes in MTCDs specifically concerningapplication categories, security provisions, and performance efficiency.

A blockchain-empowered authentication scheme for worm detection in wireless sensor network

Wireless Sensor Network(WSN)is a distributed sensor network composed a large number of nodes with low cost,low performance and self-management.The special structure of WSN brings both convenience and vulnerability.For example,a malicious participant can launch attacks by capturing a physical device.Therefore,node authentication that can resist malicious attacks is very important to network security.Recently,blockchain technology has shown the potential to enhance the security of the Internet of Things(IoT).In this paper,we propose a Blockchain-empowered Authentication Scheme(BAS)for WSN.In our scheme,all nodes are managed by utilizing the identity information stored on the blockchain.Besides,the simulation experiment about worm detection is executed on BAS,and the security is evaluated from detection and infection rate.The experiment results indicate that the proposed scheme can effectively inhibit the spread and infection of worms in the network.

Securing the Internet of Health Things with Certificateless Anonymous Authentication Scheme

Internet of Health Things(IoHT)is a subset of Internet of Things(IoT)technology that includes interconnected medical devices and sensors used in medical and healthcare information systems.However,IoHT is susceptible to cybersecurity threats due to its reliance on low-power biomedical devices and the use of open wireless channels for communication.In this article,we intend to address this shortcoming,and as a result,we propose a new scheme called,the certificateless anonymous authentication(CAA)scheme.The proposed scheme is based on hyperelliptic curve cryptography(HECC),an enhanced variant of elliptic curve cryptography(ECC)that employs a smaller key size of 80 bits as compared to 160 bits.The proposed scheme is secure against various attacks in both formal and informal security analyses.The formal study makes use of the Real-or-Random(ROR)model.A thorough comparative study of the proposed scheme is conducted for the security and efficiency of the proposed scheme with the relevant existing schemes.The results demonstrate that the proposed scheme not only ensures high security for health-related data but also increases efficiency.The proposed scheme’s computation cost is 2.88 ms,and the communication cost is 1440 bits,which shows its better efficiency compared to its counterpart schemes.

Correlation Composition Awareness Model with Pair Collaborative Localization for IoT Authentication and Localization

Secure authentication and accurate localization among Internet of Things(IoT)sensors are pivotal for the functionality and integrity of IoT networks.IoT authentication and localization are intricate and symbiotic,impacting both the security and operational functionality of IoT systems.Hence,accurate localization and lightweight authentication on resource-constrained IoT devices pose several challenges.To overcome these challenges,recent approaches have used encryption techniques with well-known key infrastructures.However,these methods are inefficient due to the increasing number of data breaches in their localization approaches.This proposed research efficiently integrates authentication and localization processes in such a way that they complement each other without compromising on security or accuracy.The proposed framework aims to detect active attacks within IoT networks,precisely localize malicious IoT devices participating in these attacks,and establish dynamic implicit authentication mechanisms.This integrated framework proposes a Correlation Composition Awareness(CCA)model,which explores innovative approaches to device correlations,enhancing the accuracy of attack detection and localization.Additionally,this framework introduces the Pair Collaborative Localization(PCL)technique,facilitating precise identification of the exact locations of malicious IoT devices.To address device authentication,a Behavior and Performance Measurement(BPM)scheme is developed,ensuring that only trusted devices gain access to the network.This work has been evaluated across various environments and compared against existing models.The results prove that the proposed methodology attains 96%attack detection accuracy,84%localization accuracy,and 98%device authentication accuracy.

Blockchain-Based Message Authentication Scheme for Internet of Vehicles in an Edge Computing Environment

As an important application of intelligent transportation system,Internet of Vehicles(IoV)provides great convenience for users.Users can obtain real-time traffic conditions through the IoV’s services,plan users’travel routes,and improve travel efficiency.However,in the IoV system,there are always malicious vehicle nodes publishing false information.Therefore,it is essential to ensure the legitimacy of the source.In addition,during the peak period of vehicle travel,the vehicle releases a large number of messages,and IoV authentication efficiency is prone to performance bottlenecks.Most existing authentication schemes have the problem of low authentication efficiency in the scenario.To address the above problems,this paper designs a novel reliable anonymous authentication scheme in IoV for Rush-hour Traffic.Here,our scheme uses blockchain and elliptic curve cryptography(ECC)to design authentication algorithms for message authentication between vehicles and roadside units(RSU).Additionally,we introduce the idea of edge computing into the scheme,RSU will select themost suitable vehicle as the edge computing node for message authentication.In addition,we used the ProVerif tool for Internet security protocols and applications to test its security,ensuring that it is secure under different network attacks.In the simulation experiment,we compare our scheme with other existing works.Our scheme has a significant improvement in computational overhead,authentication efficiency and packet loss rate,and is suitable for traffic scenarios with large message volume.

Utilizing Certificateless Cryptography for IoT Device Identity Authentication Protocols in Web3

Traditional methods of identity authentication often rely on centralized architectures,which poses risks of computational overload and single points of failure.We propose a protocol that offers a decentralized approach by distributing authentication services to edge authentication gateways and servers,facilitated by blockchain technology,thus aligning with the decentralized ethos of Web3 infrastructure.Additionally,we enhance device security against physical and cloning attacks by integrating physical unclonable functions with certificateless cryptography,bolstering the integrity of Internet of Thins(IoT)devices within the evolving landscape of the metaverse.To achieve dynamic anonymity and ensure privacy within Web3 environments,we employ fuzzy extractor technology,allowing for updates to pseudonymous identity identifiers while maintaining key consistency.The proposed protocol ensures continuous and secure identity authentication for IoT devices in practical applications,effectively addressing the pressing security concerns inherent in IoT network environments and contributing to the development of robust security infrastructure essential for the proliferation of IoT devices across diverse settings.