Decentralized Attribute-Based Server-Aid Signature in the Internet of Things

Devices of Internet of Things (IoT) play a significant role in people's daily life. A large scale of data is generated, collected, and analyzed in these devices, which inevitably faces secure authentication and access control problem. Attribute-based signature (ABS), where a signer signs a message over a set of attributes, plays an elegant tool for privacy-preserving access control and data authentication. In multiauthority ABS scheme, multiple authorities distribute users' private keys over their different attributes and these attribute authorities are managed by a central authority. Nevertheless, the whole ABS system can be broken if the central authority is compromised. Besides, the multiauthority ABS scheme needs a lot of pairing and exponentiation operations in the verification and signature algorithms. Therefore, it is very expensive for resource-limited devices (e.g., sensors in IoT) to utilize the ABS scheme. In order to solve above problems, we present a decentralized attribute-based server-aid signature (DABSAS) scheme. In the DABSAS scheme, a server can help users execute heavy computation in the signature and verification algorithms. The proposed scheme provides anonymity and unforgeability. In addition, our scheme mitigates the burden of the signature and verification phase. The proposed scheme is proved secure under the well-known computational co-Diffie-Hellman (co-CDH) assumption. Compared with the existing schemes, the presented DABSAS scheme is efficient.

Automated summary

Devices of Internet of Things (IoT) generate a large amount of data, which poses secure authentication and access control challenges. Attribute-based signature (ABS) provides privacy-preserving access control and data authentication by signing a message over a set of attributes. Existing multiauthority ABS schemes face risks when the central authority is compromised and require expensive operations for resource-limited devices. To address these issues, a decentralized attribute-based server-aid signature (DABSAS) scheme is proposed, which offers anonymity, unforgeability, and alleviates the burden of signature and verification. The scheme is proven secure under the co-CDH assumption and demonstrates efficiency compared to existing schemes.