An Offline-Online Signature Scheme for Industrial Internet of Things Environment

doi:10.3969/j.issn.1671-1122.2025.03.003

Abstract

Abstract:

In recent years, industrial Internet of things (IIoT) technology and related industries have developed rapidly, and the data security issues of industrial equipment have received widespread attention. In the past to ensure the legitimacy of industrial equipment identity and data authenticity often use traditional digital signature technology, while the traditional digital signature program has a certificate management or key escrow problems, can not meet the current requirements. In this paper, an offline-online signature scheme for industrial Internet of things environment was proposed, constructing system parameters through bilinear pairing technology, and generating signatures that were divided into two-phase signatures based on offline-online technology. In the offline signature stage there was no need for message participation, responsible for completing computationally intensive cryptographic operations to generate offline signature values. In the online signature stage, only needed to use the prepared offline signature value, the system parameters, and the message that needed to be signed to carry out a small portion of the cryptographic operations to obtain the complete signature value. The scheme was proved to be secure against malicious attacks in the stochastic predicate machine model. This scheme reduces the number of time-consuming calculations in online signatures, significantly reduces the computational cost, while also overcoming the security issues of two types of adversaries.

Key words: offline-online signature, identity authentication, certificateless signature, Internet of things

CLC Number:

TP309

LI Qiang, SHEN Yuanhai, WANG Jinze, HUANG Yanyu, SUN Jianguo. An Offline-Online Signature Scheme for Industrial Internet of Things Environment[J]. Netinfo Security, 2025, 25(3): 392-402.

Figures/Tables 4

符号	含义
${{1}^{k}}$	安全参数
$q$	素数
${{G}_{1}}$	素数阶为 $q$ 的循环加法群
${{G}_{2}}$	素数阶为 $q$ 的循环乘法群
$\hat{e}$	双线性配对 $\hat{e}:{{G}_{1}}\times {{G}_{1}}\to {{G}_{2}}$
$P$	群 ${{G}_{1}}$ 的生成元
${{H}_{i}}\left( i=1,2,3 \right)$	哈希函数
$prm$	$\text{CC}$ 的公共参数
$ID$	$\text{TE}$ 的身份标识
$D$	$\text{TE}$ 的部分私钥
$x$	$\text{TE}$ 的秘密值
$SK$	$\text{TE}$ 的完整私钥
$PK$	$\text{TE}$ 的完整公钥
$\sigma$	离线签名值
m	消息
$\delta$	在线签名值

符号标识	符号含义	耗时/ms
${{T}_{m}}$	$Z_{q}^{*}$ 模的乘法	$0.001$
${{T}_{i}}$	$Z_{q}^{*}$ 模的求逆	$0.071$
${{T}_{add}}$	群 $\left\langle {{G}_{1}},+ \right\rangle$ 标量点加	$0.002$
${{T}_{mul}}$	群 $\left\langle {{G}_{1}},+ \right\rangle$ 标量点乘	$0.143$
${{T}_{e}}$	群 $\left\langle {{G}_{2}},\times \right\rangle$ 取幂	$0.913$
${{T}_{h}}$	哈希运算	$0.003$
${{T}_{p}}$	双线性配对	$1.482$

签名方案	通信开销		总体通信开销
签名方案	离线签名阶段	在线签名阶段	总体通信开销
文献[10]方案	$2\left\| Z_{q}^{*} \right\|+3\left\| {{G}_{1}} \right\|+\left\| {{G}_{2}} \right\|$	$2\left\| Z_{q}^{*} \right\|+\left\| {{G}_{1}} \right\|$	$4\left\| Z_{q}^{*} \right\|+4\left\| {{G}_{1}} \right\|+\left\| {{G}_{2}} \right\|$
文献[11]方案	$2\left\| Z_{q}^{*} \right\|+3\left\| {{G}_{1}} \right\|+\left\| {{G}_{2}} \right\|$	$2\left\| Z_{q}^{*} \right\|+3\left\| {{G}_{1}} \right\|$	$4\left\| Z_{q}^{*} \right\|+6\left\| {{G}_{1}} \right\|+\left\| {{G}_{2}} \right\|$
文献[12]方案	$3\left\| Z_{q}^{*} \right\|+\left\| {{G}_{1}} \right\|$	$\left\| Z_{q}^{*} \right\|+2\left\| {{G}_{1}} \right\|$	$4\left\| Z_{q}^{*} \right\|+3\left\| {{G}_{1}} \right\|$
本文方案	$2\left\| Z_{q}^{*} \right\|+3\left\| {{G}_{1}} \right\|+\left\| {{G}_{2}} \right\|$	$2\left\| Z_{q}^{*} \right\|+2\left\| {{G}_{1}} \right\|+\left\| {{G}_{2}} \right\|$	$4\left\| Z_{q}^{*} \right\|+5\left\| {{G}_{1}} \right\|+2\left\| {{G}_{2}} \right\|$

References 27

[1]	AGRAWAL S, VIEIRA D. A Survey on Internet of Things[J]. Abak Ó S, 2013, 1(2): 78-95.
[2]	KIEL D, ARNOLD C, VOIGT K I. The Influence of the Industrial Internet of Things on Business Models of Established Manufacturing Companies-A Business Level Perspective[J]. Technovation, 2017, 68: 4-19.
[3]	DIFFIE W, HELLMAN M E. New Directions in Cryptography[C]// ACM. Democratizing Cryptography. New York: ACM, 2022: 365-390.
[4]	SHAMIR A. Identity-Based Cryptosystems and Signature Schemes[C]// Springer. Proceedings of CRYPTO 1984. Heidelberg:Springer, 2007: 47-53.
[5]	XU Yan. Research on Certificateless Digital Signature Scheme for Multi-Users[D]. Hefei: University of Science and Technology of China, 2015.
	许艳. 面向多用户的无证书数字签名方案研究[D]. 合肥: 中国科学技术大学, 2015.
[6]	JIN Lin. Research on Privacy Protection Methods Supporting Graded Diagnosis and Treatment[D]. Guiyang: Guizhou University, 2022.
	金琳. 支持分级诊疗的隐私保护方法研究[D]. 贵阳: 贵州大学, 2022.
[7]	LI Mingyu. Design and Implementation of Electronic Official Document Security Exchange System Based on Certificateless Signature[D]. Wuhan: Huazhong University of Science and Technology, 2021.
	李铭宇. 基于无证书签名的电子公文安全交换系统设计与实现[D]. 武汉: 华中科技大学, 2021.
[8]	ALRIYAMI S S, PATERSON K G. Certificateless Public Key Cryptography[C]// Springer. Proceedings of ASIACRYPT 2003. Heidelberg: Springer, 2003: 452-473.
[9]	EVEN S, GOLDREICH O, MICALI S. Online/Offline Digital Signatures[C]// Springer. Proceedings of CRYPTO’89. Heidelberg:Springer, 2007: 263-275.
[10]	LIAO Yongjian, LIU Yulu, LIANG Yukuan, et al. Revisit of Certificateless Signature Scheme Used to Remote Authentication Schemes for Wireless Body Area Networks[J]. IEEE Internet of Things Journal, 2020, 7(3): 2160-2168. doi: 10.1109/JIOT.2019.2959602
[11]	SAEED M E S, LIU Qinying, TIAN Guiyun, et al. Remote Authentication Schemes for Wireless Body Area Networks Based on the Internet of Things[J]. IEEE Internet of Things Journal, 2018, 5(6): 4926-4944.
[12]	ADDOBEA A A, HOU Jun, LI Qianmu. MHCOOS: An Offline-Online Certificateless Signature Scheme for M-Health Devices[EB/OL]. (2020-01-01)[2024-04-07]. https://doi.org/10.1155/2020/7085623.
[13]	BELLARE M, BOLDYREVA A, PALACIO A. An Uninstantiable Random-Oracle-Model Scheme for a Hybrid-Encryption Problem[C]// Springer. Proceedings of EUROCRYPT 2004. Heidelberg: Springer, 2004: 171-188.
[14]	YANG Qing, WANG Haoxuan, LIANG Lei, et al. Improved Elliptic Curve Digital Signature Scheme and Case Analysis[J]. Computer Applications and Software, 2023, 40(1): 327-330, 343.
	杨青, 王昊轩, 梁磊, 等. 改进的椭圆曲线数字签名方案及实例分析[J]. 计算机应用与软件, 2023, 40(1): 327-330, 343.
[15]	ULLAH R, MEHMOOD A, KHAN M A, et al. An Optimal Secure and Reliable Certificateless Proxy Signature for Industrial Internet of Things[J]. Peer-to-Peer Networking & Applications, 2024, 17(4): 2205-2220.
[16]	KAR J. Provably Secure Online/Offline Identity-Based Signature Scheme for Wireless Sensor Network[J]. International Journal of Network Security, 2014, 16(1): 29-39.
[17]	GAO Ya, ZENG Peng, CHOO K K R, et al. An Improved Online/Offline Identity-Based Signature Scheme for WSNs[J]. International Journal of Network Security, 2016, 18(6): 1143-1151.
[18]	LUO Ming, TU Min, XU Jianfeng. A Security Communication Model Based on Certificateless Online/Offline Signcryption for Internet of Things[J]. Security and Communication Networks, 2014, 7(10): 1560-1569.
[19]	SHI Wenbo, KUMAR N, GONG Peng, et al. On the Security of a Certificateless Online/Offline Signcryption for Internet of Things[J]. Peer-to-Peer Networking and Applications, 2015, 8(5): 881-885.
[20]	LIU Dan, ZHANG Shun, ZHONG Hong, et al. An Efficient Identity-Based Online/Offline Signature Scheme without Key Escrow[J]. International Journal of Network Security, 2017(19): 127-137.
[21]	PENG Cong, LUO Min, LI Li, et al. Efficient Certificateless Online/Offline Signature Scheme for Wireless Body Area Networks[J]. IEEE Internet of Things Journal, 2021, 8(18): 14287-14298. doi: 10.1109/JIOT.2021.3068364
[22]	HONG Hanshu, HU Bing, SUN Zhixin. An Efficient and Secure Attribute-Based Online/Offline Signature Scheme for Mobile Crowdsensing[J]. Human-Centric Computing and Information Sciences, 2021(11): 1-12.
[23]	CHEN Jiasheng, WANG Liangliang, WEN Mi, et al. Efficient Certificateless Online/Offline Signcryption Scheme for Edge IoT Devices[J]. IEEE Internet of Things Journal, 2022, 9(11): 8967-8979.
[24]	HOU Yingzhe, CAO Yue, XIONG Hu, et al. An Efficient Online/Offline Heterogeneous Signcryption Scheme with Equality Test for IoVs[J]. IEEE Transactions on Vehicular Technology, 2023, 72(9): 12047-12062.
[25]	LIU Tongwei, PENG Wei, ZHU Kai, et al. A Secure Certificateless Signature Scheme for Space-Based Internet of Things[J]. Security and Communication Networks, 2022(22): 13-26.
[26]	POINTCHEVAL D, STERN J. Security Arguments for Digital Signatures and Blind Signatures[J]. Journal of Cryptology, 2000, 13(3): 361-396.
[27]	ARANHA D F. RELIC is an Efficient LIbrary for Cryptography[EB/OL]. (2020-11-29)[2024-04-07]. https://dfaranha.github.io/project/relic/.

签名方案	抗第一类敌手	抗第二类敌手	不可抵赖性
文献[10]方案	√	√	√
文献[11]方案	×	×	×
文献[12]方案	×	×	×
本文方案	√	√	√

签名方案	通信开销		总体通信开销
签名方案	离线签名阶段	在线签名阶段	总体通信开销
文献[10]方案	$2\left\| Z_{q}^{*} \right\|+3\left\| {{G}_{1}} \right\|+\left\| {{G}_{2}} \right\|$	$2\left\| Z_{q}^{*} \right\|+\left\| {{G}_{1}} \right\|$	$4\left\| Z_{q}^{*} \right\|+4\left\| {{G}_{1}} \right\|+\left\| {{G}_{2}} \right\|$
文献[11]方案	$2\left\| Z_{q}^{*} \right\|+3\left\| {{G}_{1}} \right\|+\left\| {{G}_{2}} \right\|$	$2\left\| Z_{q}^{*} \right\|+3\left\| {{G}_{1}} \right\|$	$4\left\| Z_{q}^{*} \right\|+6\left\| {{G}_{1}} \right\|+\left\| {{G}_{2}} \right\|$
文献[12]方案	$3\left\| Z_{q}^{*} \right\|+\left\| {{G}_{1}} \right\|$	$\left\| Z_{q}^{*} \right\|+2\left\| {{G}_{1}} \right\|$	$4\left\| Z_{q}^{*} \right\|+3\left\| {{G}_{1}} \right\|$
本文方案	$2\left\| Z_{q}^{*} \right\|+3\left\| {{G}_{1}} \right\|+\left\| {{G}_{2}} \right\|$	$2\left\| Z_{q}^{*} \right\|+2\left\| {{G}_{1}} \right\|+\left\| {{G}_{2}} \right\|$	$4\left\| Z_{q}^{*} \right\|+5\left\| {{G}_{1}} \right\|+2\left\| {{G}_{2}} \right\|$