Journal
IEEE INTERNET OF THINGS JOURNAL
Volume 10, Issue 12, Pages 10881-10892Publisher
IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
DOI: 10.1109/JIOT.2023.3240426
Keywords
Security; Aggregates; Public key; Medical services; Internet of Things; Forgery; Wireless sensor networks; Certificateless aggregate signature (CLAS); coalition attack; healthcare wireless medical sensor networks (HWMSNs); public key replacement attack; security analysis
Ask authors/readers for more resources
This article analyzes the security of the ZH-CLAS scheme and discovers that it is vulnerable to public key replacement attacks and coalition attacks from malicious sensor nodes. To address these security challenges, an enhanced scheme with fixed-length aggregate signature is proposed, which outperforms related pairing-free certificateless aggregate signature schemes in terms of both security and communication performance.
Recently, Zhan et al. presented a pairing-free certificateless aggregation signature scheme (ZH-CLAS) to address security issues in healthcare wireless medical sensor networks (HWMSNs) and proved that their scheme is secure against adaptive chosen message attacks. In this article, we analyze the security of the ZH-CLAS scheme by utilizing two types of concrete attacks. Unfortunately, we demonstrate that their scheme cannot withstand public key replacement attacks and is not secure against coalition attacks from malicious sensor nodes. To solve these security challenges, we further improve the security of the ZH-CLAS scheme. Our enhanced scheme has a fixed-length aggregate signature, which efficiently minimizes the transmission bandwidth. Additionally, our scheme outperforms related pairing-free certificateless aggregate signature schemes in terms of security and communication performance.
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available
Share Paper
