Table of Contents Author Guidelines Submit a Manuscript
Mobile Information Systems
Volume 2017, Article ID 4078521, 11 pages
Research Article

An Anonymous Access Authentication Scheme Based on Proxy Ring Signature for CPS-WMNs

1Software College, Northeastern University, Shenyang 110819, China
2School of Software, Dalian University of Technology, Dalian 116024, China
3School of Computer Science and Engineering, Northeastern University, Shenyang 110819, China

Correspondence should be addressed to Xiaojie Wang; nc.ude.tuld.liam@8891jxgnaw and Xiaoxue Gong; nc.ude.uen.liamuts@euxoaixgnog

Received 27 January 2017; Accepted 12 April 2017; Published 4 June 2017

Academic Editor: Jun Cheng

Copyright © 2017 Tianhan Gao et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.


Access security and privacy have become a bottleneck for the popularization of future Cyber-Physical System (CPS) networks. Furthermore, users’ need for privacy-preserved access during movement procedure is more urgent. To address the anonymous access authentication issue for CPS Wireless Mesh Network (CPS-WMN), a novel anonymous access authentication scheme based on proxy ring signature is proposed. A hierarchical authentication architecture is presented first. The scheme is then achieved from the aspect of intergroup and intragroup anonymous mutual authentication through proxy ring signature mechanism and certificateless signature mechanism, respectively. We present a formal security proof of the proposed protocol with SVO logic. The simulation and performance analysis demonstrate that the proposed scheme owns higher efficiency and adaptability than the typical one.

1. Introduction

With the prosperous development of mobile communication and versatile mobile devices [1, 2] and the diversification of the network environment [35], the requirement of accessing ubiquitous network becomes more and more imperative for Cyber-Physical Systems (CPS) [6]. Owing to the advantages of low cost, expansible, self-healing, fine mobility support, and high efficiency, Wireless Mesh Network (WMN) is regarded as a critical accessing technology of the next generation CPS network [7, 8]. As for the open nature of transmission medium free users’ movement, as well as the multihop transmission method, WMN suffers from security issues in both wired and wireless environment. Efficient and secure access authentication technology forms the baseline of CPS-WMN’s security. Moreover, user’s privacy should also be preserved during the access authentication process. Thus, the security and privacy in CPS-WMNs become the research focus recently [9].

In the past few years, a lot of researches have been carried out for WMN’s access authentication. The authors in [10] present an efficient identity-based authentication scheme for WMN using tickets, which avoids multihop wireless communications in order to minimize the authentication delay, while in a complex network environment, with the increasing number of MRs, handover authentication efficiency decreases. The authors of [11] propose an authentication scheme for WMN based on EAP-TLS, although the scheme offers mutual authentication and robustness against malicious attacks. But the asymmetric cryptography mechanisms result in high computation cost. The author [12] improves the access control function of IEEE 802.1X by the port operation so that user may acquire message through the dynamic channel under current or previous access point. However, the requirement of keeping the channel alive during the authentication procedure limits the adaptability of the scheme. Some distributed authentication schemes to reduce the authentication delay have been discussed in [13], while the scheme performs poorly when handling multiple mobile users. A symmetric key generation scheme based on hierarchical multivariable function for WMN is presented in [14], which achieves efficient mutual authentication and key generation for entities, whereas the scheme is not suitable for the scenario when the network users grow rapidly. The identity information of mobile users is divided into critical information and noncritical information that the critical information is only visible to the mobile user and his/her group manager in [15]. With the help of improved short ring signature mechanism and special binding policy, the scheme is able to provide anonymity during authentication. However, the key escrow problem is inevitable since the private key is generated by the group manager. In general, the literature WMN access authentication schemes suffer from security, privacy, efficiency, and adaptability issues. The needs of an efficient and anonymous authentication scheme for CPS-WMNs are impending.

In terms of the security issues shown above, an anonymous authentication scheme based on proxy ring signature is proposed in this paper. The scheme utilizes a high-efficient proxy ring signature mechanism to achieve proxy-authorization and anonymous authentication which are able to preserve mobile users’ privacy. In addition, certificateless signature mechanism is incorporated into our intragroup authentication to obtain high handover efficiency. The formal security proof based on SVO logic and other security analyses show that the proposed scheme possesses such advantages as reliability, anonymity, unforgeability, and reliability. Through the simulation and performance analysis, we demonstrate the efficiency and adaptability of our scheme.

The rest of this paper is organized as follows. Section 2 briefly describes the related preliminaries. Section 3 elaborates the proposed anonymous mutual authentication scheme. Sections 4 and 5 present the security and performance analysis of the scheme, respectively. Finally, we make a conclusion of the scheme and discuss the future research work in Section 6.

2. Preliminaries

2.1. Bilinear Pairing

Let be an additive group and let be a multiplicative group of the same prime order and is the generator of . Assume that the discrete logarithm problem is hard on both and [16]. A mapping : which satisfies the following properties is called bilinear pairing:(1)Bilinearity: for all and , .(2)Nondegeneracy: there exists , so that .(3)Computability: for all , there is an efficient algorithm to compute .

2.2. BB1 Encryption

BB1 [17], nonadaptive selective-ID encryption, was presented by Boneh and Franklin in 2003. The BB1 works as follows.

(1) BB1-Setup. Given a security parameter , the algorithm works as the following steps.

Step 1. Run on input to generate a prime , two cycle groups (), () of order , and an admissible bilinear pairing . Choose a random generator .

Step 2. Pick a random and set .

Step 3. Choose a cryptographic hash function . Choose a cryptographic hash function for some . The message space is . The ciphertext space is . The system parameters are . The master key is .
(2) BB1-Extract. For a given string , compute and set the private key to be .
(3) BB1-Encrypt. To encrypt under the public key , compute , choose a random , and set the ciphertext to be , where .

(4) BB1-Decrypt. Let be a ciphertext encrypted using the public key . To decrypt using the private key , compute .

2.3. Certificateless Signature

Certificateless signature (CLS) [18] allows that users’ private key is comprised by the key issued by system and the secret generated by user. In addition, users’ public key is conducted by their own secret which avoids key escrow problem. The CLS scheme is mainly used in the Intra-WMN authentication in this paper. The algorithms of CLS [18] are shown as follows.

(1) CLS-Setup. Given security parameter l, prime , , and are cycle groups of order . Three hash functions are as follows: , , and . Private key generator (PKG) chooses as private key and generates system public key = , where is the generator of . Let ; system public parameters Param = .

(2) CLS-Extract-sk. User A sends identity to PKG. After authenticating , PKG generates partial private key of .

(3) CLS-Gen-sk. A chooses as secret. A’s private key is .

(4) CLS-Gen-pk. A computes as A’s public key.

(5) CLS-Sign. A signs message , and outputs through following steps:(a)Choose and calculate .(b).(c).(d).

(6) CLS-Verify. Verifier B uses to verify the signature .(a)Compute and .(b)Check if the equation is hold. If yes, is valid; otherwise, is invalid.

2.4. Proxy Ring Signature

Proxy ring signature (PRS) [19] allows an original signer delegate authorization to a group of signers in which every member in the group can represent the original signer to sign the message and is able to keep anonymous. In this paper, we incorporate proxy ring signature into the access authentication process of WMN, which not only achieves mutual authentication between mobile user and accessed network but also solves the problem of privacy preserving for mobile user. The algorithms of PRS are as follows.

(1) PRS-Setup. Given secure parameter as system input and the output is (. is a cyclic additive group generated by the generator , whose order is prime , and is a cyclic multiplicative group of the same prime order of . is a bilinear pairing map. In addition, there are two hash functions: and .

(2) PRS-Generation. Original signer chooses as the private key and calculates the public key . belonging to proxy signer group randomly chooses private key and calculates the public key .

(3) PRS-Delegation. generates a warrant which includes the descriptions of the relationship between and proxy signer. chooses a random number , calculates , mod , and then sends () to the group of proxy signers.

(4) PRS-Verify-Auth. After receiving , each proxy signer checks mod . If the verification fails, the authorization will be rejected. Otherwise, calculates his own proxy signing key mod .

(5) PRS-Sign. The proxy signer signs message as follows:(a)For all and , choose a random number and calculate .(b)Calculate .(c)Send to the verifier.

(6) PRS-Verify-Sign. After receiving from the proxy signer, the verifier checks if the following equation holds with the public key :If yes, is valid. Otherwise, is invalid.

3. Anonymous Mutual Authentication Scheme

3.1. Hierarchical Mobile Network Architecture

As shown in Figure 1, a hierarchical mobile network architecture is designed for CPS-WMNs. In the first level, Trusted Root (TR), as original signer who can delegate signing right to proxy signers, is creditable to all of the network entities. In the second level, there are many WMNs that each one can be regarded as a group of proxy signers including Gateway (GW), Mesh Routers (MRs), and mobile Mesh Clients (MCs). MC is able to handover across different WMNs or between different MRs in the same WMN. To achieve mutual authentication between MC and visiting network based on PRS, we build the group of proxy rings for network entities in terms of the hierarchical mobile network architecture shown above. Assuming that a group of the proxy ring (abbreviated as a ring) is composed of GW, MRs (connected with the GW), and MCs (connected with the MRs). We denote ring ID as in Figure 1 ( means ring 1 and means ring 2). GW takes the role of a manager of the ring and is responsible for managing and maintaining the members in the ring.

Figure 1: Hierarchical mobile network architecture for CPS-WMNs.

The symbols used sections are shown in Table 1.

Table 1: Symbols and descriptions.
3.2. Trust Model

As shown in Figure 2, the trust model is presented according to the mobile network architecture. TR is trusted by all the entities. GW in different CPS-WMNs does not trust each other. Moreover, different MR belonging to the same GW does not own trust relationship, the same as the MRs in different CPS-WMNs. In addition, we assume that GW is trusted by the MR which is connected to itself. MC only trusts the MR in its home CPS-WMN. The main objective of our proposed scheme is to set up the trust relationship between MC and the accessed MR during MC’s roaming.

Figure 2: Trust model.
3.3. System Initialization

As the trusted root, TR generates Param and broadcasts it to all entities. Param = , , , , , , , where is the order of and and is the master key of TR. All entities’ public key in the ring should be delivered to TR. In addition, GW generates the ring’s public and private keys through random choosing of as the private key; the corresponding public key is is shared by all the members in the ring, while is only allocated to the legitimate members who are authenticated by TR in system initialization phrase.

3.4. Inter-WMN Authentication Protocol

When MC wants to leave the WMN it belonged to and accesses another WMN, the MC needs to achieve mutual Inter-WMN authentication with the visiting WMN. As shown in Figure 1, when the MC in WMN1 wants to access WMN2 and connect to MR2, MC triggers mutual authentication with MR2. The mutual authentication details are shown in Figure 3.

Figure 3: The workflow of Inter-WMN authentication protocol.

(1) . broadcasts and to MC. MC executes PRS-Verify-auth to verify .

(2) . MC calculates , , and , where is the parameter for session key negotiation and is the current timestamp. MC sends , , , and to MR2.

(3) . After receiving (2) from MC, MR2 checks the freshness of . If fresh, MR2 decrypts to obtain . MR2 then sends , , and to GW2. Meanwhile, utilizes PRS-Verify-sign to verify through requesting the ring members public key from TR in terms of . If is valid, MC is regarded as a legal user.

(4) . After receiving (3) from , decrypts to obtain , choose and generate the warrant , where is GW2’s private key. GW2 computes , session key , and . then sends , and to MR2. Finally, GW2 stores .

(5) . relays , , and to MC when getting (4) from GW2.

After receiving (5) from MR2, MC calculates session key to decrypt for obtaining . MC checks , if equal, MC makes sure to access a legal WMN. MC then calculates and , where . MC stores , , and .

3.5. Intra-WMN Authentication Protocol

After finishing Inter-WMN authentication, MC will obtain issued by GW. When MC moves from one MR to another in the same WMN, we use CLS [14] to achieve efficient Intra-WMN authentication. As shown in Figure 1, assuming that MC and MR2 finished Inter-WMN authentication, when MC wants to move from MR2 to MR3, the Intra-WMN authentication protocol is triggered as shown in Figure 4.

Figure 4: The workflow of Intra-WMN authentication protocol.

(1) . MR3 broadcasts and to MC.

(2) . MC calculates and , where and are generated and stored in the process of Inter-WMN authentication. is the current timestamp. MC sends , , , and to MR3.

(3) . After receiving (2) from MC, MR3 checks the freshness of . If fresh, adopts CLS-Verify to verify . If is valid, MC is regarded as a legal user. MR3 then sends to GW2.

(4) . After receiving , uses the previously saved key to encrypt to produce the ciphertext . Then, sends to .

(5) . relays to MC after getting (4) from .

MC uses the previously saved key to decrypt . If the decryption is successful, MC makes sure to access a legal MR.

4. Security Analysis of the Proposed Scheme

In order to prove the security of our scheme, we first take a fundamental security analysis. Then we choose SVO logic [20] to analyze the proposed protocols. SVO logic was presented by Syverson and van Oorshot in 1994 based on BAN logic, GNY logic, AT logic, and VO logic [21]. SVO holds the features of complete semantics, expansibility, and practicality.

4.1. Fundamental Security Analysis

According to the mobile network architecture shown in Figure 1, we will first present fundamental security analysis of the proposed scheme in the following aspects: anonymity, unforgeability, and reliability.

Anonymity. During Inter-WMN authentication, the accessed network checks the legality of MC through verifying the signature offered by MC. The accessed network is able to know the ring where MC comes from but cannot tell the real identity of MC since it is hidden in the ring. So the anonymity of MC is guaranteed. In addition, when handover occurred, accessed network verifies the certificateless signature to authenticate MC. In this paper, the proposed scheme adopts enhanced certificateless signature mechanism: , , and ). Thus, with the help of the ring, the identity of MC is also kept private to achieve anonymity.

Unforgeability. Firstly, only TR can calculate the authority for the proxy group. If the adversary does not know TR’s private key, he fails to compute the legal authority. Secondly, the only legal proxy signer can generate legal proxy ring signature. If the adversary cannot obtain the authority, he cannot generate the legal signature. Thus, the proxy ring signature is unforgeable. Finally, only trusted GW can issue to foreign MC, if the adversary does not know GW’s private key for certificateless signature, the legal cannot be computed. Moreover, if the adversary cannot obtain the other part of the private key , the legal certificateless signature also cannot be computed. Consequently, certificateless signature is unforgeable based on the security of related entity’s private key.

Reliability. In Inter-WMN authentication, if adversary does not know the BB1 secret key of GW2, then cannot be decrypted. The adversary thus cannot negotiate the correct key with MC. So is legal. Likewise, if adversary does not know , he fails to decrypt to obtain , thus is legal. Furthermore, the legal proxy ring signature cannot be generated since adversary does not know , so the Inter-WMN authentication protocol is reliable. In addition, during Intra-WMN authentication, adversary fails to generate legal signature , if he cannot obtain , then MC is thus legal.

4.2. Security Proof of the Proposed Protocols under SVO

SVO logic is not only semantic sound, but also convenient. In terms of our scheme, SVO owns advantages over other logic analysis methods in the following aspects: (1) The axioms in SVO can be adjusted or expanded easily to meet the security proof needs rather than BAN or other logical approaches. (2) SVO is detailed and legible which helps to accurately express the actual meaning of the protocol and thus avoid the misunderstandings. (3) SVO is rigorous and reliable, and the semantics is clear. We first give the grammatical components of SVO logic as follows. believes : indicating that believes that proposition is right. received : indicating that received the message including . says : indicating that sends a message including . controls : indicating that is a trusted authority on . sees : indicating that possesses message .fresh(): indicating that is random number generated in running scheme.: indicating that is a key shared exclusively by and .: indicating that the ciphertext is output by encrypting through key.: indicating that the message is generated by signing through key.: indicating that is the public signature verification key associated with principal .: indicating that is the key agreement key associated with principal .: indicating that is the public encryption key associated with principal .SV: indicating that given signed message , applying to it as a signature verification key verifies as the message signed with the corresponding private key.

SVO logic includes two initial rules and twenty axioms, part of which are regular axioms and others are axiom templates that include formula variables. We only present part of the axioms used in the following security proof. All the axioms can be found in [20].

Two inference rules are as follows:(1)Modus ponens MP: and infer (2)Necessitation Nec: infer believes

and are metalinguistic symbols used to refer to arbitrary formula. is a metalinguistic symbol. means that is a theorem.

There are twenty SVO axioms. We list only several axioms associated with this article. For any principal , and formula , :(A1) believes and believes believes (A2) and received says (A3) received received (A4) received and sees received

In SVO, some generic goals should be satisfied. This does not mean a definitive list of the goals that our protocol should meet. In our paper, we should achieve the mutual authentication between MC and MR. For this purpose, we just need that MR and MC could make sure of the legality for each other. So on the basis of the generic goals, we make the appropriate modifications. The goals of Inter-WMN authentication protocol could be described as follows.(G1′)MR believes (G2′)MC believes

SVO Logic Initial Assumptions(P1)MC believes (P2)MC believes SV(P3)MC believes fresh()(P4)MR believes (MC says )(P5)MR believes MC says says (P6)MR believes MR received ,(P7)MR believes MR received received , , , (P8)GW believes (P9)GW believes )(P10)MC believes (GW says (P11)MC believes GW says says (P12)MC believes MC received (P13)MC believes MC received received

Where is the public key for proxy signer and is the current timestamp, means the part that subject cannot understand. The proof is as follows.

From (P6), (A1), (A3), and Nec, we have

From (2), (P7), (A1), (A3), and Nec, we have

From (P5), (P1), (P2), (3), (A1), (A2), and Nec, we have

From (4), (P4), and (A1), we have the following.

MR believes ; (G1) is then proved. In the same way as above, we can get

From (P12), (A1), (A3), and Nec, we have

From (6), (P13), (A1), (A3), and Nec, we have

From (P11), (P8), (P9), (7), (A1), (A2), and Nec we have

From (8), (P10), and (A1), we have the following.

MC believes ; (G2) is thus proved.

Similar to Inter-WMN authentication protocol, the goal of Intra-WMN authentication is also mutual authentication between MR and MC. The difference is that the MR is in MC’s accessed WMN. The security proof of Intra-WMN authentication protocol is described as follows:(G3′)MR believes (G4′)MC believes

SVO Logic Initial Assumptions(P14)MC believes (P15)MC believes SV(P16)MC believes fresh(P17)MR believes (MC says )(P18)MR believes MC says says (P19)MR believes MR received (P20)MR believes MR received MR received received (P21)GW believes (P22)GW believes SV()(P23)MC believes (GW says )(P24)MC believes GW says says (P25)MC believes MC received (P26)MC believes MC received received

Where is the current timestamp, means the part that subject cannot understand. The proving process is shown as follows.

From (P19), (A1), (A3), and Nec, we have

From (9), (P20), (A1), (A3), and Nec, we have

From (P18), (P14), (P15), (10), (A1), (A2), and Nec, we have

From (11), (P17), and (A1), we have the following.

GR believes ; (G3) is proved.

From (P25), (A1), (A3), and Nec, we have

From (12), (P26), (A1), (A3), and Nec, we have

From (P24), (P21), (P22), (13), (A1), (A2), and Nec, we have

From (14), (P23), and (A1), we have the following.

MC believes ; (G4) is thus proved.

5. Simulation and Performance Analysis

CPS-WMN has limited resource in the computation ability of nodes and operating bandwidth, so the performance of authentication scheme plays an important role in the practicability of CPS-WMNs. The simulation and performance analysis focus on the efficiency of system initialization and the handover process. In addition, in order to demonstrate the high efficiency of our scheme, we give a comparison analysis between our scheme and PEACE [15].

5.1. Simulation Environment

We do simulations for PRS and PEACE using OMNET++ (4.4) simulation platform to get average results based on 20-time experiments. In the process of bilinear group instantiation, we use Tate pairing in the MNT curve [22].

As shown in Figure 5, the initial topological structure of simulation environment is composed of one TR, two GWs, three APs, and one host. These nodes are arranged in a 420 m 300 m simulation space according to the hierarchical network architecture. The TR generates initial parameters for the system. The wireless covering radius is 100 m. AP represents MR, whose covering radius is 45 m. TR, GW, and AP are fixed nodes. Host represents MC, which will take a movement from coordinate (10,250) to coordinate (400,250) by speed 1 m/s. During this process, host firstly accesses the coverage of AP1 and triggers the Inter-WMN authentication. Then, host leaves AP1 to AP2 and the Inter-WMN authentication takes place again. When host moves on from AP2 to AP3, the Intra-WMN authentication protocol should be executed. The details of the parameters and values are shown in Table 2.(1)The internal structure of the network node shown in Figure 6.(2)Wlan and eth module: implementation of ethernet and 802.11 capabilities.(3)NetworkLayer: to achieve network-level functions and as the interface of upper and lower layer.(4)TCPapp: template for TCP applications.(5)RoutingTable: the table of routing status.(6)InterfaceTable: the table of network interfaces.(7)NotificationBoard: notification about “events” such as wireless handovers.

Table 2: Parameters and values.
Figure 5: Simulation network topology.
Figure 6: Node internal structure.
5.2. Performance Analysis of System Initialization

The delay of system initialization is the period from the simulation start to the first movement of the host. The relationship between the number of nodes and system initialization delay is shown in Figure 7, where the number of nodes could be adjusted as needed. The system initialization includes authorization from original signer to proxy signers, the public key registration for ring members, and the generation of public and private keys for the ring members. Figure 6 shows that the delay of system initialization would increase with the increasing network scale.

Figure 7: Relationship between system initialization delay and the number of nodes.
5.3. Performance Analysis of Authentication Protocols

In this section, we focus on the delay of Inter-WMN authentication and Intra-WMN authentication. The delay of Inter-WMN authentication means the period from AP receiving an access requirement of a new host to the end of Inter-WMN authentication. The delay of Intra-WMN authentication is the period from AP receiving a handover requirement of a host to the end of Intra-WMN authentication.

Figure 8 shows the relationship between the number of ring members and the delay of access authentication scheme. From the result we can see that the efficiency of Intra-WMN authentication is higher than that of Inter-WMN authentication with the increasing number of ring members. During Inter-WMN authentication, the main cost is from verifying the proxy ring signature. For the use of high-efficient ring setup policy, the verifier could acquire all ring members’ public keys from TR at once, which help to reduce the delay of communication. In addition, in the process of Intra-WMN authentication, the utilization of certificateless signature makes the scheme independent of the number of ring members that would not lead to obvious delay.

Figure 8: Relationship between authentication delay and the number of ring members.
5.4. The Efficiency Analysis of Intra-WMN Authentication Protocol

As shown in Figure 9, we make the comparison analysis of Intra-WMN authentication delay between PRS and PEACE [15]. The delay of PRS is obviously lower than PEACE since PEACE adopts multiple bilinear pairing operations and exponential operations which lead to high computation cost. In the Intra-WMN authentication, we use more efficient certificateless signature which only includes two scalar multiplications in group and one hash operation. Moreover, we just need one bilinear pairing operation, two exponential operations, and one hash operation during the verification process. Thus, the computation cost is obviously reduced in PRS.

Figure 9: Comparison of the Intra-WMN authentication delay between PRS and PEACE.

In short, the main cost of PRS is from the process of system initialization, while the access authentication delay is obviously dropped down. In addition, the delay of access authentication will not elevate much with the increasing number of nodes in the ring. Although the delay of system initialization increases with the increasing number of ring members, the result of simulation shows that the delay would be controlled in a reasonable range. Comparing to the typical scheme (PEACE), our proposed scheme performs more efficiently, especially during the Intra-WMN authentication.

We further compared the computational overhead of PRS scheme and PEACE scheme during the signing and verifying phases. In Table 3, BP represents a bilinear mapping operation, SM represents scalar multiplication in , represents exponentiation in , and represents the time of searching revocation list. From the result we can see that PRS performs more efficiently than PEACE in terms of computational overhead.

Table 3: Comparison of the computational overhead between PRS and PEACE.

6. Conclusions

Anonymous access authentication is an essential approach to address the security issue of CPS-WMNs. In this paper, we propose a novel anonymous access authentication scheme based on proxy ring signature for CPS-WMNs. The scheme is elaborated with the hierarchical mobile network architecture and the corresponding mutual authentication protocols, which achieve high-efficient mutual authentication and satisfy the privacy requirements. The fundamental security and the security proof of the authentication protocols under SVO logic demonstrate the robustness of our scheme. Moreover, the simulation and performance analysis show that the proposed scheme owns higher efficiency and adaptability than the typical.

In our future research, some novel and robust encryption and signature mechanisms will be introduced to make our scheme more resilient. Moreover, how to secure the routing procedure of WMNs under the proposed hierarchical architecture forms another future task.

Conflicts of Interest

The authors declare that they have no conflicts of interest.


This work was supported by National Natural Science Foundation of China under Grant no. 61402095 and Grant no. 61300196 and China Fundamental Research Funds for the Central Universities under Grant no. N120404010 and Grant no. N130817002. This work was also supported in part by Soonchunhyang University Research Fund and the Scientific and Technological Research Program of Chongqing Municipal Education Commission (KJ1500440).


  1. Z. Ning, F. Xia, X. Kong, and Z. Chen, “Social-oriented resource management in cloud-based mobile networks,” IEEE Cloud Computing, vol. 3, no. 4, pp. 24–31, 2016. View at Publisher · View at Google Scholar
  2. Z. Ning, F. Xia, X. Hu, Z. Chen, and M. S. Obaidat, “Social-oriented adaptive transmission in opportunistic internet of smartphones,” IEEE Transactions on Industrial Informatics, vol. 13, no. 2, pp. 810–820, 2017. View at Publisher · View at Google Scholar
  3. X. Hu, X. Li, E. C.-H. Ngai, V. C. M. Leung, and P. Kruchten, “Multi-dimensional context-aware social network architecture for mobile crowdsensing,” IEEE Communications Magazine, vol. 52, no. 6, pp. 78–87, 2014. View at Publisher · View at Google Scholar · View at Scopus
  4. X. Hu, J. Zhao, B.-C. Seet, V. C. M. Leung, T. H. S. Chu, and H. Chan, “S-aframe: agent-based multilayer framework with context-aware semantic service for vehicular social networks,” IEEE Transactions on Emerging Topics in Computing, vol. 3, no. 1, pp. 44–63, 2015. View at Publisher · View at Google Scholar · View at Scopus
  5. Z. Ning, L. Liu, F. Xia, B. Jedari, I. Lee, and W. Zhang, “CAIS: a copy adjustable incentive scheme in community-based socially aware networking,” IEEE Transactions on Vehicular Technology, vol. 66, no. 4, pp. 3406–3419, 2017. View at Publisher · View at Google Scholar
  6. X. Hu, T. H. S. Chu, V. C. M. Leung, E. C.-H. Ngai, P. Kruchten, and H. C. B. Chan, “A survey on mobile social networks: applications, platforms, system architectures, and future research directions,” IEEE Communications Surveys & Tutorials, vol. 17, no. 3, pp. 1557–1581, 2015. View at Publisher · View at Google Scholar
  7. Q. Liu, X. Hu, E. C. Ngai et al., “A security patch addressing bandwidth request vulnerabilities in the IEEE 802.16 standard,” IEEE Network, vol. 30, no. 5, pp. 26–34, 2016. View at Publisher · View at Google Scholar
  8. Z. Ning, Q. Song, L. Guo, Z. Chen, and A. Jamalipour, “Integration of scheduling and network coding in multi-rate wireless mesh networks: optimization models and algorithms,” Ad Hoc Networks, vol. 36, pp. 386–397, 2016. View at Publisher · View at Google Scholar · View at Scopus
  9. X. Hu, T. H. S. Chu, H. C. B. Chan, and V. C. M. Leung, “Vita: a crowdsensing-oriented mobile cyber-physical system,” IEEE Transactions on Emerging Topics in Computing, vol. 1, no. 1, pp. 148–165, 2013. View at Publisher · View at Google Scholar
  10. C. Li, U. Nguyen, and H. Nguyen, “Efficient authentication for fast handover in wireless mesh networks,” Computers and Security, vol. 47, pp. 124–142, 2013. View at Google Scholar
  11. Y. Yu, Z. Ning, and L. Guo, “A secure routing scheme based on social network analysis in wireless mesh networks,” Science China Information Sciences, vol. 59, no. 12, article 122310, 2016. View at Publisher · View at Google Scholar
  12. D. S. Wong, “Security analysis of two anonymous authentication protocols for distributed wireless networks,” in Proceedings of the 3rd IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom '05), pp. 532–536, Kauai Island, Hawaii, USA, 2005. View at Publisher · View at Google Scholar
  13. M. Ayyash, H. Elgala, A. Khreishah et al., “Coexistence of WiFi and LiFi toward 5G: concepts, opportunities, and challenges,” IEEE Communications Magazine, vol. 54, no. 2, pp. 64–71, 2016. View at Publisher · View at Google Scholar · View at Scopus
  14. Y. Li, F. Yao, T. Lan, and G. Venkataramani, “SARRE: semantics-aware rule recommendation and enforcement for event paths on android,” IEEE Transactions on Information Forensics and Security, vol. 11, no. 12, pp. 2748–2762, 2016. View at Publisher · View at Google Scholar
  15. K. Ren, S. Yu, W. Lou, and Y. Zhang, “PEACE: a novel privacy-enhanced yet accountable security framework for metropolitan wireless mesh networks,” IEEE Transactions on Parallel and Distributed Systems, vol. 21, no. 2, pp. 203–215, 2010. View at Publisher · View at Google Scholar · View at Scopus
  16. V. S. Miller, “Use of elliptic curves in cryptography,” in Proceedings of the Advances in Cryptology (CRYPTO '85), Lecture Notes in Computer Science, pp. 417–426. View at Publisher · View at Google Scholar · View at MathSciNet
  17. D. Boneh and M. Franklin, “Identity-based encryption from the Weil pairing,” SIAM Journal on Computing, vol. 32, no. 3, pp. 586–615, 2003. View at Publisher · View at Google Scholar · View at MathSciNet · View at Scopus
  18. V. Kumar and R. Kumar, “Prevention of blackhole attack using certificateless signature (CLS) scheme in MANET,” in Security Solutions for Hyperconnectivity and the Internet of Things, vol. 130, IGI Global, 2016. View at Google Scholar
  19. Y. Yu, C. Xu, and X. Huang, “An efficient anonymous proxy signature scheme with provable security,” Computer Standards and Interfaces, vol. 31, no. 2, pp. 348–353, 2009. View at Publisher · View at Google Scholar
  20. P. F. Syverson and P. C. van Oorschot, “On unifying some cryptographic protocol logics,” in Proceedings of the 1994 IEEE Symposium on Research in Security and Privacy, pp. 14–28, May 1994. View at Scopus
  21. W. Zhao, A. Zhang, J. Li et al., “Analysis and design of an authentication protocol for space information network,” in Proceedings of the IEEE Military Communications Conference (MILCOM '16), pp. 43–48, Baltimore, MD, USA, 2016. View at Publisher · View at Google Scholar
  22. S. D. Galbraith, K. Harrison, and D. Soldera, “Implementing the tate pairing,” in Proceedings of the International Algorithmic Number Theory Symposium, pp. 324–337, Sydney, Australia, 2002.