Publication Type

Journal Article

Version

acceptedVersion

Publication Date

8-2018

Abstract

The industrial Internet-of-things (IIoT) can be seen as the usage of Internet-of-things technologies in industries, which provides a way to improve the operational efficiency. An attribute-based signature (ABS) has been a very useful technique for services requiring anonymous authentication in practice, where a signer can sign a message over a set of attributes without disclosing any information about his/her identity, and a signature only attests to the fact that it is created by a signer with several attributes satisfying some claim predicate. However, an ABS scheme requires exponentiation and/or pairing operations in the signature generation and verification algorithms, and hence, it is quite expensive for resource-constrained devices like a sensor in the IIoT network to run an ABS scheme. To reduce the computational overheads for both signers and verifiers, it has been suggested to introduce a server to help with signature generation and verification, but existing results on the ABS with "server-aided computation" either suffer from the security issues or are not sufficiently efficient. In this paper, we consider server-aided ABS one step further, and propose a notion called server-aided ABS with revocation (SA-ABSR), which not only securely mitigates the workloads of users in generating and verifying signatures, but also enables user revocation by having the server immediately stop signature generations for revoked signers. We formally define the security model for SA-ABSR, present a concrete construction of SA-ABSR based on a standard ABS scheme, and prove its security under the defined security model. Also, we implement the proposed SA-ABSR scheme and the underlying standard ABS scheme to evaluate the performance, from which it is easy to see that the proposed SA-ABSR scheme is more efficient than its underlying ABS scheme.

Keywords

Attribute-based signature (ABS), server-aided signing, server-aided verification, user revocation

Discipline

Information Security

Research Areas

Cybersecurity

Publication

IEEE Transactions on Industrial Informatics

Volume

14

Issue

8

First Page

3724

Last Page

3732

ISSN

1551-3203

Identifier

10.1109/TII.2018.2813304

Publisher

Institute of Electrical and Electronics Engineers (IEEE)

Copyright Owner and License

Authors

Additional URL

https://doi.org/10.1109/TII.2018.2813304

Share

COinS