Yeh Kuo-Hui, Su Chunhua, Choo Kim-Kwang Raymond, Chiu Wayne
Department of Information Management, National Dong Hwa University, Hualien 97401, Taiwan.
Division of Computer Science, University of Aizu, Aizu-Wakamatsu, Fukushima Pref. 965-8580, Japan.
Sensors (Basel). 2017 May 1;17(5):1001. doi: 10.3390/s17051001.
Rapid advances in wireless communications and pervasive computing technologies have resulted in increasing interest and popularity of Internet-of-Things (IoT) architecture, ubiquitously providing intelligence and convenience to our daily life. In IoT-based network environments, smart objects are embedded everywhere as ubiquitous things connected in a pervasive manner. Ensuring security for interactions between these smart things is significantly more important, and a topic of ongoing interest. In this paper, we present a certificateless signature scheme for smart objects in IoT-based pervasive computing environments. We evaluate the utility of the proposed scheme in IoT-oriented testbeds, i.e., Arduino Uno and Raspberry PI 2. Experiment results present the practicability of the proposed scheme. Moreover, we revisit the scheme of Wang et al. (2015) and revealed that a malicious super type I adversary can easily forge a legitimate signature to cheat any receiver as he/she wishes in the scheme. The superiority of the proposed certificateless signature scheme over relevant studies is demonstrated in terms of the summarized security and performance comparisons.
无线通信和普适计算技术的飞速发展,使得物联网(IoT)架构越来越受到关注并广受欢迎,它为我们的日常生活无处不在地提供智能和便利。在基于物联网的网络环境中,智能对象作为以普适方式连接的无处不在的事物被嵌入到各个地方。确保这些智能事物之间交互的安全性要重要得多,并且是一个持续受到关注的主题。在本文中,我们提出了一种用于基于物联网的普适计算环境中智能对象的无证书签名方案。我们在面向物联网的测试平台(即Arduino Uno和Raspberry PI 2)中评估了该方案的实用性。实验结果表明了该方案的实用性。此外,我们重新审视了Wang等人(2015年)的方案,并发现恶意的超级I型对手可以在该方案中轻松伪造合法签名,以随心所欲地欺骗任何接收者。通过总结的安全性和性能比较,证明了所提出的无证书签名方案相对于相关研究的优越性。
