Mobile Information Systems

Volume 2017, Article ID 4078521, 11 pages

https://doi.org/10.1155/2017/4078521

## An Anonymous Access Authentication Scheme Based on Proxy Ring Signature for CPS-WMNs

^{1}Software College, Northeastern University, Shenyang 110819, China^{2}School of Software, Dalian University of Technology, Dalian 116024, China^{3}School of Computer Science and Engineering, Northeastern University, Shenyang 110819, China

Correspondence should be addressed to Xiaojie Wang; nc.ude.tuld.liam@8891jxgnaw and Xiaoxue Gong; nc.ude.uen.liamuts@euxoaixgnog

Received 27 January 2017; Accepted 12 April 2017; Published 4 June 2017

Academic Editor: Jun Cheng

Copyright © 2017 Tianhan Gao et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

#### Abstract

Access security and privacy have become a bottleneck for the popularization of future Cyber-Physical System (CPS) networks. Furthermore, users’ need for privacy-preserved access during movement procedure is more urgent. To address the anonymous access authentication issue for CPS Wireless Mesh Network (CPS-WMN), a novel anonymous access authentication scheme based on proxy ring signature is proposed. A hierarchical authentication architecture is presented first. The scheme is then achieved from the aspect of intergroup and intragroup anonymous mutual authentication through proxy ring signature mechanism and certificateless signature mechanism, respectively. We present a formal security proof of the proposed protocol with SVO logic. The simulation and performance analysis demonstrate that the proposed scheme owns higher efficiency and adaptability than the typical one.

#### 1. Introduction

With the prosperous development of mobile communication and versatile mobile devices [1, 2] and the diversification of the network environment [3–5], the requirement of accessing ubiquitous network becomes more and more imperative for Cyber-Physical Systems (CPS) [6]. Owing to the advantages of low cost, expansible, self-healing, fine mobility support, and high efficiency, Wireless Mesh Network (WMN) is regarded as a critical accessing technology of the next generation CPS network [7, 8]. As for the open nature of transmission medium free users’ movement, as well as the multihop transmission method, WMN suffers from security issues in both wired and wireless environment. Efficient and secure access authentication technology forms the baseline of CPS-WMN’s security. Moreover, user’s privacy should also be preserved during the access authentication process. Thus, the security and privacy in CPS-WMNs become the research focus recently [9].

In the past few years, a lot of researches have been carried out for WMN’s access authentication. The authors in [10] present an efficient identity-based authentication scheme for WMN using tickets, which avoids multihop wireless communications in order to minimize the authentication delay, while in a complex network environment, with the increasing number of MRs, handover authentication efficiency decreases. The authors of [11] propose an authentication scheme for WMN based on EAP-TLS, although the scheme offers mutual authentication and robustness against malicious attacks. But the asymmetric cryptography mechanisms result in high computation cost. The author [12] improves the access control function of IEEE 802.1X by the port operation so that user may acquire message through the dynamic channel under current or previous access point. However, the requirement of keeping the channel alive during the authentication procedure limits the adaptability of the scheme. Some distributed authentication schemes to reduce the authentication delay have been discussed in [13], while the scheme performs poorly when handling multiple mobile users. A symmetric key generation scheme based on hierarchical multivariable function for WMN is presented in [14], which achieves efficient mutual authentication and key generation for entities, whereas the scheme is not suitable for the scenario when the network users grow rapidly. The identity information of mobile users is divided into critical information and noncritical information that the critical information is only visible to the mobile user and his/her group manager in [15]. With the help of improved short ring signature mechanism and special binding policy, the scheme is able to provide anonymity during authentication. However, the key escrow problem is inevitable since the private key is generated by the group manager. In general, the literature WMN access authentication schemes suffer from security, privacy, efficiency, and adaptability issues. The needs of an efficient and anonymous authentication scheme for CPS-WMNs are impending.

In terms of the security issues shown above, an anonymous authentication scheme based on proxy ring signature is proposed in this paper. The scheme utilizes a high-efficient proxy ring signature mechanism to achieve proxy-authorization and anonymous authentication which are able to preserve mobile users’ privacy. In addition, certificateless signature mechanism is incorporated into our intragroup authentication to obtain high handover efficiency. The formal security proof based on SVO logic and other security analyses show that the proposed scheme possesses such advantages as reliability, anonymity, unforgeability, and reliability. Through the simulation and performance analysis, we demonstrate the efficiency and adaptability of our scheme.

The rest of this paper is organized as follows. Section 2 briefly describes the related preliminaries. Section 3 elaborates the proposed anonymous mutual authentication scheme. Sections 4 and 5 present the security and performance analysis of the scheme, respectively. Finally, we make a conclusion of the scheme and discuss the future research work in Section 6.

#### 2. Preliminaries

##### 2.1. Bilinear Pairing

Let be an additive group and let be a multiplicative group of the same prime order and is the generator of . Assume that the discrete logarithm problem is hard on both and [16]. A mapping : which satisfies the following properties is called bilinear pairing:(1)Bilinearity: for all and , .(2)Nondegeneracy: there exists , so that .(3)Computability: for all , there is an efficient algorithm to compute .

##### 2.2. BB1 Encryption

BB1 [17], nonadaptive selective-ID encryption, was presented by Boneh and Franklin in 2003. The BB1 works as follows.

*(**1) BB1-Setup*. Given a security parameter , the algorithm works as the following steps.

*Step 1. *Run on input to generate a prime , two cycle groups (), () of order , and an admissible bilinear pairing . Choose a random generator .

*Step 2. *Pick a random and set .

*Step 3. *Choose a cryptographic hash function . Choose a cryptographic hash function for some . The message space is . The ciphertext space is . The system parameters are . The master key is .*(**2) BB1-Extract*. For a given string , compute and set the private key to be . *(**3) BB1-Encrypt*. To encrypt under the public key , compute , choose a random , and set the ciphertext to be , where .

*(**4) BB1-Decrypt*. Let be a ciphertext encrypted using the public key . To decrypt using the private key , compute .

##### 2.3. Certificateless Signature

Certificateless signature (CLS) [18] allows that users’ private key is comprised by the key issued by system and the secret generated by user. In addition, users’ public key is conducted by their own secret which avoids key escrow problem. The CLS scheme is mainly used in the Intra-WMN authentication in this paper. The algorithms of CLS [18] are shown as follows.

*(**1) CLS-Setup*. Given security parameter* l*, prime , , and are cycle groups of order . Three hash functions are as follows: , , and . Private key generator (PKG) chooses as private key and generates system public key = , where is the generator of . Let ; system public parameters Param = .

*(**2) CLS-Extract-sk*. User A sends identity to PKG. After authenticating , PKG generates partial private key of .

*(**3) CLS-Gen-sk*. A chooses as secret. A’s private key is .

*(**4) CLS-Gen-pk*. A computes as A’s public key.

*(**5) CLS-Sign*. A signs message , and outputs through following steps:(a)Choose and calculate .(b).(c).(d).

*(**6) CLS-Verify*. Verifier B uses to verify the signature .(a)Compute and .(b)Check if the equation is hold. If yes, is valid; otherwise, is invalid.

##### 2.4. Proxy Ring Signature

Proxy ring signature (PRS) [19] allows an original signer delegate authorization to a group of signers in which every member in the group can represent the original signer to sign the message and is able to keep anonymous. In this paper, we incorporate proxy ring signature into the access authentication process of WMN, which not only achieves mutual authentication between mobile user and accessed network but also solves the problem of privacy preserving for mobile user. The algorithms of PRS are as follows.

*(**1) PRS-Setup*. Given secure parameter as system input and the output is (. is a cyclic additive group generated by the generator , whose order is prime , and is a cyclic multiplicative group of the same prime order of . is a bilinear pairing map. In addition, there are two hash functions: and .

*(**2) PRS-Generation*. Original signer chooses as the private key and calculates the public key . belonging to proxy signer group randomly chooses private key and calculates the public key .

*(**3) PRS-Delegation*. generates a warrant which includes the descriptions of the relationship between and proxy signer. chooses a random number , calculates , mod , and then sends () to the group of proxy signers.

*(**4) PRS-Verify-Auth*. After receiving , each proxy signer checks mod . If the verification fails, the authorization will be rejected. Otherwise, calculates his own proxy signing key mod .

*(**5) PRS-Sign*. The proxy signer signs message as follows:(a)For all and , choose a random number and calculate .(b)Calculate .(c)Send to the verifier.

*(**6) PRS-Verify-Sign*. After receiving from the proxy signer, the verifier checks if the following equation holds with the public key :If yes, is valid. Otherwise, is invalid.

#### 3. Anonymous Mutual Authentication Scheme

##### 3.1. Hierarchical Mobile Network Architecture

As shown in Figure 1, a hierarchical mobile network architecture is designed for CPS-WMNs. In the first level, Trusted Root (TR), as original signer who can delegate signing right to proxy signers, is creditable to all of the network entities. In the second level, there are many WMNs that each one can be regarded as a group of proxy signers including Gateway (GW), Mesh Routers (MRs), and mobile Mesh Clients (MCs). MC is able to handover across different WMNs or between different MRs in the same WMN. To achieve mutual authentication between MC and visiting network based on PRS, we build the group of proxy rings for network entities in terms of the hierarchical mobile network architecture shown above. Assuming that a group of the proxy ring (abbreviated as a ring) is composed of GW, MRs (connected with the GW), and MCs (connected with the MRs). We denote ring ID as in Figure 1 ( means ring 1 and means ring 2). GW takes the role of a manager of the ring and is responsible for managing and maintaining the members in the ring.