On the security of a certificateless online/offline signcryption for Internet of Things

Wenbo Shi; Neeraj Kumar; Peng Gong; Naveen Chilamkurti; Hangbae Chang

doi:10.1007/s12083-014-0249-3

On the security of a certificateless online/offline signcryption for Internet of Things

Wenbo Shi
, Neeraj Kumar^*
, Peng Gong
, Naveen Chilamkurti
, Hangbae Chang

^*Corresponding author for this work

School of Mechatronical Engineering

Research output: Contribution to journal › Article › peer-review

33 Citations (Scopus)

Abstract

With the development of the Internet of Things (IOT) application, information security and user privacy protection in the IOT have attracted wide attention across the globe. To solve this problem, Luo et al. proposed an efficient certificateless online/offline signcryption (COOSC) scheme for IOT. They have also demonstrated that their scheme is provably in the random oracle model. However, in this paper, we will show their scheme is vulnerable to the private key compromised problem, i.e., an adversary could get a user’s private key through an intercepted message. The analysis show that Luo et al.’s scheme is not suitable for the IOT.

Original language	English
Pages (from-to)	881-885
Number of pages	5
Journal	Peer-to-Peer Networking and Applications
Volume	8
Issue number	5
DOIs	https://doi.org/10.1007/s12083-014-0249-3
Publication status	Published - 7 Sept 2015

Keywords

Bilinear pairing
Certificateless cryptography
Internet of Things
Online/offline signcryption

Access to Document

10.1007/s12083-014-0249-3

Cite this

@article{75f21c8944ea4693899a46fac38053bd,

title = "On the security of a certificateless online/offline signcryption for Internet of Things",

abstract = "With the development of the Internet of Things (IOT) application, information security and user privacy protection in the IOT have attracted wide attention across the globe. To solve this problem, Luo et al. proposed an efficient certificateless online/offline signcryption (COOSC) scheme for IOT. They have also demonstrated that their scheme is provably in the random oracle model. However, in this paper, we will show their scheme is vulnerable to the private key compromised problem, i.e., an adversary could get a user{\textquoteright}s private key through an intercepted message. The analysis show that Luo et al.{\textquoteright}s scheme is not suitable for the IOT.",

keywords = "Bilinear pairing, Certificateless cryptography, Internet of Things, Online/offline signcryption",

author = "Wenbo Shi and Neeraj Kumar and Peng Gong and Naveen Chilamkurti and Hangbae Chang",

note = "Publisher Copyright: {\textcopyright} 2014, Springer Science+Business Media New York.",

year = "2015",

month = sep,

day = "7",

doi = "10.1007/s12083-014-0249-3",

language = "English",

volume = "8",

pages = "881--885",

journal = "Peer-to-Peer Networking and Applications",

issn = "1936-6442",

publisher = "Springer New York",

number = "5",

}

TY - JOUR

T1 - On the security of a certificateless online/offline signcryption for Internet of Things

AU - Shi, Wenbo

AU - Kumar, Neeraj

AU - Gong, Peng

AU - Chilamkurti, Naveen

AU - Chang, Hangbae

PY - 2015/9/7

Y1 - 2015/9/7

N2 - With the development of the Internet of Things (IOT) application, information security and user privacy protection in the IOT have attracted wide attention across the globe. To solve this problem, Luo et al. proposed an efficient certificateless online/offline signcryption (COOSC) scheme for IOT. They have also demonstrated that their scheme is provably in the random oracle model. However, in this paper, we will show their scheme is vulnerable to the private key compromised problem, i.e., an adversary could get a user’s private key through an intercepted message. The analysis show that Luo et al.’s scheme is not suitable for the IOT.

AB - With the development of the Internet of Things (IOT) application, information security and user privacy protection in the IOT have attracted wide attention across the globe. To solve this problem, Luo et al. proposed an efficient certificateless online/offline signcryption (COOSC) scheme for IOT. They have also demonstrated that their scheme is provably in the random oracle model. However, in this paper, we will show their scheme is vulnerable to the private key compromised problem, i.e., an adversary could get a user’s private key through an intercepted message. The analysis show that Luo et al.’s scheme is not suitable for the IOT.

KW - Bilinear pairing

KW - Certificateless cryptography

KW - Internet of Things

KW - Online/offline signcryption

UR - https://www.scopus.com/pages/publications/84938746527

U2 - 10.1007/s12083-014-0249-3

DO - 10.1007/s12083-014-0249-3

M3 - Article

AN - SCOPUS:84938746527

SN - 1936-6442

VL - 8

SP - 881

EP - 885

JO - Peer-to-Peer Networking and Applications

JF - Peer-to-Peer Networking and Applications

IS - 5

ER -

On the security of a certificateless online/offline signcryption for Internet of Things

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

Cite this