New Lattice-Based Broadcast Authentication Protocol for Wireless Sensor Networks

Yu, Wangke; Yang, Limeihui; Wang, Shuhua

doi:https://doi.org/10.1155/2022/6809875

Security and Communication Networks

On this page

Abstract Introduction Related Work Conclusion Data Availability Conflicts of Interest Acknowledgments References Copyright Related Articles

Research Article | Open Access

Volume 2022 | Article ID 6809875 | https://doi.org/10.1155/2022/6809875

New Lattice-Based Broadcast Authentication Protocol for Wireless Sensor Networks

Wangke Yu,¹Limeihui Yang,¹and Shuhua Wang¹

Academic Editor: Helena Rifà-Pous

Received22 Dec 2021

Revised06 Sept 2022

Accepted08 Sept 2022

Published30 Sept 2022

Abstract

At present, wireless sensor networks have become one of the indispensable infrastructures in people’s lives. Considering the frequent mobility of wireless sensor network nodes, an efficient lattice-based random broadcast authentication protocol is proposed. The security of the proposed protocol is based on the SIS problem which helps to resist against quantum attacks. In this paper, we propose two forms of broadcast authentication, that is, one-to-many broadcast authentication and one-to-one broadcast authentication. The proposed protocol satisfies the broadcast authentication property. Moreover, the resistance against man in the middle attack, antireplay attack, unforgeability, and scalability properties are achieved. Moreover, its efficiency has certain advantages with other lattice-based studies.

1. Introduction

With the development of the industry and technological advances, distributed renewable energy sources are increasingly connected to the electricity Internet, bringing large challenges to the operation and management of wireless sensor networks [1–13]. Quantum computing will potentially enable ordinary computers to compute much more than they do today [14–19]. In 1997, Shor proposed quantum algorithms for solving decompositions of large integers and discrete logarithms and demonstrated that the time complexity of their algorithmic operations was polynomial in the level [20]. With the development of quantum computing and quantum computers, it has gradually become apparent that the hard problems currently used in traditional asymmetric cryptographic regimes will likely no longer be secure [21–29]. 2009 saw the development of the first programmable general-purpose quantum computer, and then asymmetric ciphers based on the hard problem of solving the decomposition of large integers and discrete logarithms will likely no longer be secure in the quantum computer environment. Therefore, it is essential to study secure asymmetric cryptosystems in the quantum computer environment, and it has become a key research direction and hotspot in the cryptography and information security community. As one of the typical representatives of asymmetric cryptosystems in the post-quantum computer era, the lattice public key cryptosystem occupies an essential position in the field of quantum cryptography [30–35].

The rest of the paper is organized as follows: in Section 2, we introduce the related work. In Section 3, we introduce some basic concepts and algorithms of lattice schemes. In Section 4, we give the network model. In Section 5, we give our lattice-based broadcast authentication protocol. In Section 6, we analyze the correctness, security, and comparison. In Section 7, finally, we summarize this lattice-based authentication protocol.

In recent years, increasingly scholars have studied security control in wireless sensor networks. In 2012, Sankar et al. proposed a signature-based security access scheme using attribute-based public key encryption [36], in which there is only one key distribution centrum, but the key centrum must have strong computing power, and with the increase in the number of wireless sensor networks and node devices, the key centrum may become bottleneck. In 2014, Wu et al. proposed an access control scheme with fault tolerance [37], which can also achieve secure access control when the access control bits are corrupted and is applicable to the environment of wireless sensor networks deployment. Zhou and Cai proposed a decentralized access control algorithm [38] for the access control problem of wireless sensor networks. Liu et al. proposed an attribute-based secure access control protocol [39] in which the introduction of trusted third parties is utilis to address the efficient management of user rights revocation. It is a control scheme [40] that enables dynamic access and provides secure control of the user. In 2016, Xie et al. proposed to apply cloud computing to the wireless sensor network environment by reducing the demand for computing power of wireless sensor network devices through cloud computing and using a node hierarchy of attribute-based encryption schemes to secure information in wireless sensor networks [41]. In 2017, Guan et al. proposed a secure access scheme with delay tolerance using a secret sharing scheme for the unpredictability of sensitive information generated by electricity consumption transactions between wireless sensor network nodes and node enterprises [42], many authentication and signature schemes that can avoid various complications between users trying to tamper or read data, and some legitimate power users who are honest but may have expired authentication message to access wireless sensor networks have been proposed [43–57].

In this paper, we propose an effective lattice-based wireless sensor network authentication scheme that exploits the solid security foundation and higher computational efficiency of the lattice to output authentication information through probability and make the distribution of the output authentication information independent of the private key of the authentication subject. Nodes are able to broadcast authentication with a high probability in only a few steps.

3. Basic Knowledge

3.1. Lattice

Definition 1. Take n () linearly independent vectors in the m-dimensional vector space and define the lattice generated by these n vectors aswhere the vector is called the basis of the lattice. If the dimensional matrices , whose column vectors are , are defined, then the lattice generated by the matrix can be defined aswhere n is the rank of the lattice; m is the dimension of the lattice; and the lattice of is a full-rank lattice.

3.2. Lattice Difficulty Problems

The most difficult problems on lattices are the shortest vector problem (SVP), the closest vector problem (CVP), and the shortest independent vector problem (SM). In addition, the security of the general encryption scheme is based on the learning with errors (LWE) problem, and the security of the signature scheme is based on the small integer solution (SIS) problem. The following gives the specific definition of related issues.

Definition 2. Shortest vector problem: Given a basis B of a lattice of rank n, find a non-zero vector that satisfies the following conditions:Some shortest vectors on a lattice are not unique, e.g., if u is a shortest vector, then -u is also a shortest vector. In 1981, Boas proved that the shortest vector problems are all NP-hard under the paradigm [23]. In 1998, Ajtai et al. proved that the shortest vector problems are all NP-hard under the paradigm [24].

Definition 3. Closest vector problem: Given a base B of a lattice of rank n and a target vector , find a non-zero vector that satisfies the following conditions:In 1997, Henk et al. showed that the nearest vector problem is more difficult than the shortest vector problem by means of reduction and absurdum [25], and a predictive machine for solving the nearest vector problem was used in literature to solve the shortest vector problem in the same dimensions.

Definition 4. Small integer solution (SIS) problem: Given a positive integer q, a random matrix and a real number , define the small integer solution problem as: find a non-zero vector such that , and satisfy .
Difficulty of the SIS problem: For any , there exists a such that solving the mean case problem with non-negligible probability for any function , is at least as difficult as solving the worst case [20].

3.3. Relevant Algorithms Lattice over Lattice

The sampling technique, first proposed by Gentry et al.as a perfect combination of the SIS problem and Gaussian measurement functions, is an essential technique that emerged during the development of lattice public key cryptography [27]. The technique was first used to design the first provably secure lattice signature scheme and the first lattice identity-based encryption scheme. Subsequently, many lattice public key cryptographic protocols require the use of this technique.

Theorem 1. (Trapdoor generation algorithm) Let be an odd number, . There exists a probabilistic polynomial-time algorithm _. The output matrix pair , where _A the distribution is statistically close to the uniform distribution on , is a set of short bases on the lattice , while and holds with overwhelming probability.
In 2012, Micciancio et al.proposed a new trapdoor on the lattice (G-trapdoor) [26].

Theorem 2. (G-trapdoor generation algorithm) Given matrices , and , where are positive integers. IfAnd small enough, then T do it A for the label M of the trapdoor G.
In view of the computational complexity of the sampling technique proposed by Gentry et al. Reference [27], Lyubashevsky et al.proposed a signature algorithm that does not require a sampling operation on the lattice, hence the name sampling-free technique [22]. The core idea is to force the distribution of the output signature to be independent of the signer’s signature private key by probabilistically outputting candidate signatures. To achieve this, the no-sampling technique works as follows: the signer’s signature key and message m are input, the signer first selects a random one y from some distribution and then computes the candidate signatures .

4. Network Model

In the wireless sensor network broadcast authentication protocol proposed in this paper, a heterogeneous wireless sensor network deployment model will be used for key management. This wireless sensor network model consists of two types of wireless sensor network nodes, a minority of cluster head nodes (C) and a majority of common nodes (T), with the following assumptions.(1)All wireless sensor network nodes are not equipped with hardware devices specifically to resist attacks because of their limited energy. When they are attacked, the adversary is able to access all key-related information on that wireless sensor network node, including data and identity information.(2)Each wireless sensor networks node has its own unique identity .(3)The base station in the agreement is honest and reliable.

The topology of the wireless sensor network broadcast authentication protocol is shown in Figure 1.

In Figure 1, the base station (B) is characteristic with unlimited energy, high computing power, and sufficient storage space and is honest and reliable. The function of cluster head wireless sensor network node C is to collect information and send it to B; ordinary wireless sensor network node T is responsible for sensing the surrounding environment and sending the collected data to C. Both C and T have relatively limited energy, computing power, and storage space.

5. Broadcast Authentication Protocol

The lattice-based wireless sensor network broadcast authentication protocol proposed in this paper uses a basic key predistribution model, where the base station (B) first generates system parameters and public-private key pairs for all wireless sensor network nodes and assigns the key pairs to the corresponding wireless sensor network nodes.

5.1. System Parameters and Keys

The system parameters and keys are generated as follows:(1)Let the system security parameters be .(2)First, choose the prime numbers q, the positive integers , which m must satisfy ; choose the real numbers , which satisfy the equation: .(3)Choose a random matrix .(4)Select two secure hash functions:(5)Generate the key of the wireless sensor network node, randomly select the matrix as the private key of the number i wireless sensor networks node, then is the public key of the number i wireless sensor networks node, where is

Finally, the output system public parameters are

The key pairs of wireless sensor network nodes are

5.2. One-to-Many Broadcast Authentication

5.2.1. Generate Authentication Messages

If a wireless sensor network node wants to broadcast a message to other wireless sensor network nodes, the wireless sensor network node first generates the corresponding broadcast authentication message and then forwards the generated broadcast authentication message. After receiving the forwarded message, other relevant wireless sensor network nodes first verify the message, if it passes the authentication, they receive the corresponding message, otherwise they reject the message or discard the broadcast authentication message, the detailed process of broadcast authentication is as follows:

Enter the system common parameter , assume that the number of the wireless sensor network node needs to forward the authentication message. The specific process of broadcast authentication packet generation is shown below:(1)Select a random timestamp , where indicates that the authentication message was generated by the number i wireless sensor network node at the time t moments.(2)Calculate and 。(3)Calculate and 。(4)Output the number wireless sensor networks node broadcast authentication message with probability .

Finally, the number i wireless sensor network node forwards the packet , where the time stamp is used to determine the time validity of the packet and whether it has been received repeatedly; for verification; and for extracting the correct message after verification.

5.2.2. Verify the Authentication Message

When the corresponding wireless sensor network node (xth node, x represents any sensor node) receives the broadcast authentication message from the ith wireless sensor network node, it first verifies the validity of the broadcast authentication message, and if the verification passes, it extracts and receives the message forwarded from the ith wireless sensor networks node, and if the verification fails, it discards the broadcast authentication packet. The specific verification process is as follows:(1)Calculate and verify and both of these equations hold. If both above equations hold, the authentication is passed and will continue to the next step; otherwise, the authentication fails and the broadcast authentication packet is discarded.(2)Calculate .(3)Extract messages : .

Finally, the wireless sensor network node that receives this broadcast authentication message is authenticated and extracts the corresponding message.

Thus, any wireless sensor network node in the network that can receive the broadcast authentication message can authenticate and get the corresponding message.

5.3. One-to-One Broadcast Authentication

5.3.1. Generate Authentication Messages

If a wireless sensor network node wants to broadcast a message to another wireless sensor network node, the detailed process of one-to-one broadcast authentication is as follows.

Assume that the ith wireless sensor network node needs to forward the authentication message to the jth wireless sensor network node. The specific process of broadcast authentication packet generation is shown below:(1)Select a random timestamp , where indicates that the authentication message was generated by the ith wireless sensor network node at the time t moments.(2)Calculate and .(3)Calculate and .(4)Output the number wireless sensor networks node broadcast authentication message with probability .

Finally, the ith wireless sensor network node forward the packet , where the time stamp is used to determine the time validity of the packet and whether it has been received repeatedly; for verification; and for extracting the correct message after verification.

5.3.2. Verify the Authentication Message

When the jth wireless sensor network node receives the broadcast authentication message from ith wireless sensor network node, it first verifies the validity of the broadcast authentication message, and the specific verification process is as follows:(1)Calculate and verify and both of these equations hold. If both above equations hold, the authentication is passed and will continue to the next step; otherwise, the authentication fails and the broadcast authentication packet is discarded.(2)Calculate the following formula as(3)Calculate: ,(4)Extract messages: .

Finally, the jth node that receives this broadcast authentication message is authenticated and extracts the corresponding message.

6. Protocol Analysis

In this paper, we evaluate the new scheme in terms of 3 aspects: consistency, security, and efficiency.

6.1. Consistency Analysis

Following the specific process of the certification protocol described above, it can be concluded that

Thus,

Before proving that the inequality holds with an overwhelming probability of satisfaction look at the following two lemmas.

Lemma 1. For any real number and positive integer m, the following inequality holds [21]

Lemma 2. For any vector , if , then the following equation holdsAccording to the principle of the no-sampling technique described by Lyubashevsky et al. and Lemma 1, it follows that the distribution of z is very close ; from Lemma 2 it follows that the inequality will be satisfied with probability greater than or equal to , i.e., with overwhelming probability [21].
Proof of message correctness is written as

6.2. Safety Analysis

6.2.1. Anti-Replay Attack

In the authentication protocol, the random number and , where indicates that the authentication message was generated by the wireless sensor network node at the time t moments, indicates the random Gaussian parameter. The random number and are used to resist replay attacks, which are used to ensure the freshness and independence of the exchanged messages. In addition, there is a random number freshness detection mechanism in the wireless sensor networks, and even if the attacker replays the user’s first message, it cannot pass authentication. Therefore, the authentication message can resist replay attacks.

6.2.2. Unforgeability

A successful interaction between a signer and a user generates only one valid authentication message. Here, we prove that if there has an adversary ability to resist unforgeable against the enemy, there is a polynomial crack SIS difficult time algorithm. Assume there exists an adversary who can forge a valid proxy authentication message with non-negligible probability δ, then there will exist a polynomial-time algorithm C which can solve SIS difficult problem.

Proof. The proposed proxy authentication protocol follows the fact that the output is independent of the authentication key. While the main outputs are the hash value and authentication of the message, the forger only needs to make the hash queries and authentication queries. Hash queries: Challenger C builds an initial empty to store the hash value of message . When the Forger sends queries for message to C, firstly he will check whether the pair, exists in the or not. If it is, C take as the answer of the Forger’s hash queries; if not, C will compute the new hash value of message and send the new pair to Forger and restore it to . Authentication queries: C holds an initial empty which contains the blind authentication pairs . When the Forger sends the queries for the authentication about message , firstly C will check whether this pair exists in the . If it is, C will take pair as the answer of the Forger’s authentication queries; if not, C will run the authentication process to generate an authentication of the message , send the new authentication pair to the Forger and restore it to .

6.2.3. Forge

Assume that C is the answer to a hash query made by the adversary, then from Definition 4 in Section 3, the small integer solution of the problem with parameter .

Given a random matrix and a real number , find a non-zero vector , such that , and satisfy .

First, construct a polynomial-time algorithm and assume that the algorithm obtains a new forged authentication signature and for the message with non-negligible probability, such that we get

Since , , then

Based on the consistency of the authentication message, it follows that

, and , holds with overwhelming probability that then

So as long as the probability of proving the authentication protocol is non-negligible, the protocol can be shown to be secure.

According to Lemma 2 of Section 6, it follows that a new private key is generated with probability greater than or equal to that of [22]. Then

Then

Since , then

6.2.4. Anti-Man in the Middle Attack

According to the analysis in the above sections, the authentication protocol can successfully achieve mutual authentication. In addition, the transmitted messages are protected by secret values and private key and no one can forge legitimate information without knowing these secret values. Therefore, the authentication protocol can resist to man in the middle attacks. Therefore, the broadcast authentication protocol proposed in this paper is secure.

6.3. Efficiency Analysis

The proposed scheme is first compared with other related schemes in terms of computational effort, security, and quantum attacks. The proposed broadcast authentication protocol does not require the relevant wireless sensor network node to send a separate p packet, as the information containing the authentication is already embedded in the broadcast authentication packet, and the number j wireless sensor network node receiving the broadcast authentication packet can verify the broadcast authentication packet. As the proposed broadcast authentication protocol does not require additional messages to be sent, the communication overhead of the wireless sensor networks can be reduced, resulting in lower energy consumption. In terms of computational complexity, the main operations of the proposed broadcast authentication protocol are simple hash operations and logical operations, which generally consume more energy to transmit data than to compute bits.

The wireless sensor network broadcast authentication protocol proposed in this paper is a lattice-based quantum attack resistant protocol with a high level of security. One of them, the elliptic curve-based security scheme proposed by Javeed et al. Reference [43], achieves authentication security under the difficulty assumption of the elliptic curve discrete logarithm problem, which is vulnerable to quantum attacks, although the discrete logarithm problem is highly secure under the security model. The authentication key scheme proposed by Zhang et al. is based on the ideal loop learning by error problem (R-LWE) [[44], the lattice-based error learning problem (LWE) [45] proposed by Fujioka et al. and the use of private key encapsulation techniques leads to the protocol, requiring a larger amount of computation and storage space, which is also the direction in which the broadcast authentication protocol proposed in this paper needs further improvement. The wireless sensor network broadcast authentication protocol proposed in this paper does not use the corresponding cryptographic method to encapsulate private keys and so on for authentication, so it has less storage space and computation than the scheme proposed by Fujioka et al. In addition, the authentication protocol proposed in this paper is based on the lattice-based small integer solution problem (SIS), so it only involves the product operation of vectors and matrices and does not involve exponential operations, which makes the computation. This is simple, efficient, and resistant to quantum attacks due to the lattice-based small integer solution problem. The performance comparison is shown in Table 1.

As can be seen from Table 1, the proposed cryptographic scheme has certain advantages in terms of security, computational volume, and storage space.

The key size of the proposed scheme is compared with other related schemes through theory and simulation in specific quantitative simulations.

n is the security parameter, q is the modulus, , , and l is the bit length of the message. In literature [25], the public and private key sizes in the scheme proposed by Micciancio et al. are: and , respectively, and the public and private key sizes in the scheme proposed by Ducas and Micciancio in literature [46] are and . The public and private key sizes for this paper are and . The public and private key sizes of the scheme proposed in this paper have certain advantages.

According to the above analysis, the message authentication size of the proposed authentication protocol is , which is only related to the message m and the parameter . The authentication sizes corresponding to different security levels (such as 128 bits, 256 bits, and 512 bits) can be calculated when the selected system parameter is . The results are shown in Table 2. The authentication sizes of RSA and ECC authentication algorithms corresponding to different security levels are given. As shown in Table 2, the authentication size of the RSA algorithm increases rapidly with the improvement of the security level, but the signature size of the authentication protocol proposed in this paper changes little. No matter how the security level increases, the size of the authentication remains at a stable level. Although the growth rate of ECC algorithm is slow, it is always twice the size of the security level. In addition, RSA and ECC algorithms cannot resist quantum attacks, so the lattice-based authentication protocol in this paper has good anti-quantum security. With the development of quantum computer and quantum computing, lattice cipher will be a very practical cryptographic algorithm in the quantum era.

Therefore, the authentication protocol proposed in this paper has high security and efficiency.

7. Conclusion

The proposed wireless sensor network broadcast authentication protocol does not require the wireless sensor network node to send a separate message, as the information is already embedded in the broadcast authentication message and the wireless sensor network node receives the broadcast authentication message to verify as the embedded information. As the proposed wireless sensor network broadcast authentication protocol does not require multiple messages to be sent, it can reduce the communication overhead of the wireless sensor network. In terms of computational complexity, the broadcast authentication protocol proposed in this paper is more efficient as the main operations are vector and matrix operations rather than exponential operations. In addition, the broadcast authentication protocol proposed in this paper is based on lattice, which can resist quantum attacks and is more secure. Since this paper adopts a lattice public key cryptosystem that is resistant to quantum, although it improves a lot in terms of security, it is still less efficient than the traditional public key cryptosystem. Further research on lattice public key cryptosystems will be conducted in the future, in terms of how they can improve the authentication and communication efficiency of wireless sensor networks pending research.

In future work, we will continue to study the lattice-based authentication protocol for wireless sensor networks, and some new methods, such as that support flexible partially hid predicate encryption policy or fully homomorphic encryption et al. Additionally, the efficiency of the protocol can be further improved.

Data Availability

The data used to support the findings of this study are available within the article.

Conflicts of Interest

The authors declare that they have no conflicts of interest.

Acknowledgments

This work was supported by the Special Project for the Scientific and Technological Cooperation of Jiangxi Province [no. 20212BDH80021].

References

J. Wang, N. Zhou, Q. Wang, and P. Wang, “Electricity direct transaction mode and strategy in microgrid based on blockchain and continuous double auction mechanism,” Zhongguo Dianji Gongcheng Xuebao/Proceedings of the Chinese Society of Electrical Engineering, vol. 38, no. 17, pp. 5072–5084, 2018.
View at: Publisher Site | Google Scholar
S. Wang, C. Guo, B. Feng, H. Zhang, and D. Zhendon, “Application of blockchain technology in power systems:prospects and ideas,” Automation of Electric Power Systems, vol. 44, no. 11, pp. 10–24, 2020.
View at: Google Scholar
Y. Yuan, X. Ni, S. Zeng, and F. Wang, “Blockchain consensus algorithms:the state of the art and future trends,” Acta Automatica Sinica, vol. 44, no. 11, pp. 2011–2022, 2018.
View at: Google Scholar
J. Ping, S. Chen, and Z. Yan, “A novel energy blockchain technology for convex optimization scenarios in power system,” Proceedings of the CSEE, vol. 40, no. 1, pp. 108–116, 2020.
View at: Google Scholar
G. Gong, T. Zhang, P. Wei et al., “Research on intelligent trading and cooperative scheduling system of energy internet based on blockchain,” Resources Environment & Engineering, vol. 39, no. 5, pp. 1278–1289, 2019.
View at: Google Scholar
D. Xiaobo, C. Shuijing, L. Zhihan, C. Chao, H. Jun, and C. Xi, “Trading mechanism, model and technical realization of weakly centralized distribution network market,” Automation of Electric Power Systems, vol. 43, no. 12, pp. 104–120, 2019.
View at: Google Scholar
Z. Yuehao, P. Ke, X. Bingyin, and Y. Liu, “Status and prospect of pilot project of energy blockchain,” Automation of Electric Power Systems, vol. 43, no. 7, pp. 14–24, 2019.
View at: Google Scholar
Q. Chen, K. Wang, S. Chen, and Q. Xia, “Transactive energy system for distributed agents:architecture, mechanism design and key technologies,” Automation of Electric Power Systems, vol. 42, pp. 1–7, 2018.
View at: Google Scholar
L. Bin, W. Cao, J. Zhang et al., “Transaction system and key technologies of multienergy system based on heterogeneous blockchain,” Automation of Electric Power Systems, vol. 42, no. 4, pp. 183–193, 2018.
View at: Google Scholar
H. Goumidi, Z. Aliouat, and S. Harous, “Vehicular cloud computing security: a survey,” Arabian Journal for Science and Engineering, vol. 45, no. 4, pp. 2473–2499, 2020.
View at: Publisher Site | Google Scholar
M. Baranski, L. Meyer, J. Fütterer, and D. Muller, “Comparative study of neighbor communication approaches for distributed model predictive control in building energy systems,” Energy, vol. 182, pp. 840–851, 2019.
View at: Publisher Site | Google Scholar
J. Ping, Z. Yan, S. Chen et al., “Credit risk management in distributed energy resource transactions based on blockchain,” Proceedings of the CSEE, vol. 39, no. 24, pp. 7137–7145, 2019.
View at: Google Scholar
T. Ma, L. Peng, Y. Du, Q. Gou, and X. Guo, “Competition game model for local multi-microgrid market based on block chain technology and its solution algorithm,” Electric Power Automation Equipment, vol. 38, no. 5, pp. 191–203, 2018.
View at: Google Scholar
A. Reyna, C. Martín, J. Chen, E. Soler, and M. Diaz, “On blockchain and its integration with IoT. Challenges and opportunities,” Future Generation Computer Systems, vol. 88, pp. 173–190, 2018.
View at: Publisher Site | Google Scholar
B. Wang, L. I. Yachao, S. Zhao, H. Chen, Y. Jin, and Y. Ding, “Key technologies on blockchain based distributed energy transaction,” Automation of Electric Power Systems, vol. 43, no. 14, pp. 53–64, 2019.
View at: Google Scholar
D. Liu, P. Ning, and W. Du, “Group-based key predistribution for wireless sensor networks,” ACM Transactions on Sensor Networks, vol. 4, no. 2, pp. 1–30, 2008.
View at: Publisher Site | Google Scholar
Z. Yu and Y. Guan, “A key management scheme using deployment knowledge for wireless sensor networks,” IEEE Transactions on Parallel and Distributed Systems, vol. 19, no. 10, pp. 1413–1420, 2008.
View at: Google Scholar
J. zhang and V. Varadharajan, “Wireless sensor network key management survey and taxonomy,” Journal of Network and Computer Applications, vol. 33, no. 2, pp. 63–75, 2010.
View at: Publisher Site | Google Scholar
D. Han, C. Zhang, W. Sun, W. Zhang, W. Yang, and M. Xiao, “Framework design of smart distribution trading platform based on blockchain technology,” Automation of Electric Power Systems, vol. 43, no. 7, pp. 89–96, 2019.
View at: Google Scholar
P. W. Shor, “Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer,” SIAM Journal on Computing, vol. 26, no. 5, pp. 1484–1509, 1997.
View at: Publisher Site | Google Scholar
D. Micciancio and O. Regev, “Worst-case to average-case reductions based on Gaussian measures,” SIAM Journal on Computing, vol. 37, no. 1, pp. 267–302, 2007.
View at: Publisher Site | Google Scholar
V. Lyubashevsky, “Lattice signatures without trapdoors,” in Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 738–755, Berlin Heidelberg, Germany, April 2012.
View at: Google Scholar
P. van Emde Boas, Another NP-complete partition problem and the complexity of computing short vectors in a lattice, Mathematics Department Report, pp. 81–04, 1981.
M. Ajtai, “The shortest vector problem in L2 is NP-hard for randomized reduction,” in Proceedings of the thirtieth annual ACM symposium on Theory of computing, pp. 10–19, New York NY USA, May 1998.
View at: Publisher Site | Google Scholar
M. Henk, “Note on shortest and nearest lattice vectors,” Information Processing Letters, vol. 61, no. 4, pp. 183–188, 1997.
View at: Publisher Site | Google Scholar
D. Micciancio and C. Peikert, “Trapdoors for lattices: simpler, tighter, faster, smaller,” Advances in Cryptology – EUROCRYPT, vol. 2012, pp. 700–718, 2012.
View at: Google Scholar
C. Gentry, C. Peikert, and V. Vaikuntanathan, “Trapdoors for Hard Lattices and New Cryptographic Constructions,” in Proceedings of the fortieth annual ACM symposium on Theory of computing, pp. 197–206, Victoria, Canada, May 2008.
View at: Google Scholar
L. Zhu, Y. Wu, K. Gai, and K. K. R. Choo, “Controllable and trustworthy blockchain-based cloud data management,” Future Generation Computer Systems, vol. 91, pp. 527–535, 2019.
View at: Publisher Site | Google Scholar
N. Gupta, M. Pranav, P. Satbir, and Jain, “Improve Performance of Wireless Sensor Network Clustering Using Mobile Relay,” Wireless Personal Communications, vol. 110, no. 2, pp. 938–998, 2020.
View at: Publisher Site | Google Scholar
J. Alwen and C. Peikert, “Generating shorter bases for hard random lattices,” Theory of Computing Systems, vol. 48, no. 3, pp. 535–553, 2011.
View at: Publisher Site | Google Scholar
G. Y. Zhang, “Fuzzy certificateless identity-based encryption protocol from lattice,” Applied Mechanics and Materials, vol. 380-384, pp. 2262–2266, 2013.
View at: Publisher Site | Google Scholar
J Ming, H. U. Yu-Pu, B. C. Wang, Q. Q. Lai, and Z. H. Liu, “Identity-based unidirectional proxy Re-signature over lattice,” Journal of Electronics and Information Technology, vol. 36, no. 3, pp. 645–649, 2014.
View at: Google Scholar
F. Xia, Bo Yang, S. Ma, W. W. Sun, and M. W. Zhang, “Lattice-based proxy signature scheme,” vol. 38, no. 6, pp. 84–88, 2011.
View at: Google Scholar
S. Agrawal, D. Boneh, and X. Boyen, “Lattice basis delegation in fixed dimension and shorter ciphertext hierarchical IBE,” in Proceedings of the Advances in Cryptology - CRYPTO 2010, 30th Annual Cryptology Conference, pp. 98–115, Springer, Berlin,Heidelberg, Germany, August 2010.
View at: Google Scholar
F. Laguillaumie, A. Langlois, B. Libert, and D. Stehlé, “Lattice-Based Group Signatures with Logarithmic Signature Size,” in Proceedings of the International Conference on the Theory and Application of Cryptology and Information Security, pp. 41–61, Springer, Berlin Heidelberg, Germany, December 2013.
View at: Google Scholar
L. Sankar, S. Kar, and H. V. Poor, “Competitive privacy in the wireless sensor networks,” in Proceedings of the 2012 Conference Record of the Forty Sixth Asilomar Conference on Signals, Systems, and Computers (ASILOMAR), pp. 1554–1558, IEEE, Piscataway, May 2012.
View at: Google Scholar
J. Wu, M. Dong, K. Ota, Z. Zhou, and B Duan, “Towards fault-tolerant fine-grained data access control for smart grid,” Wireless Personal Communications, vol. 75, no. 3, pp. 1787–1808, 2014.
View at: Publisher Site | Google Scholar
K. Zhou and L. Cai, “A decentralized access control algorithm for PHEV charging in smart grid,” Energy Systems, vol. 5, no. 4, pp. 607–626, 2014.
View at: Publisher Site | Google Scholar
D. Liu, H. Li, Yi Yang, and H. Yang, “Achieved multiauthority access control with efficient attribute revocation in wireless sensor networks[C,” in Proceedings of the IEEE International Conference on Communications, pp. 634–639, IEEE, Piscataway, June 2014.
View at: Google Scholar
S. S. Yeo, S. J. Kim, and D. E. Cho, “Dynamic access control model for security client services in smart grid,” International Journal of Distributed Sensor Networks, vol. 10, no. 6, pp. 181760–181767, 2014.
View at: Publisher Site | Google Scholar
X. Yuanpeng, W. Hong, W. Jinsong et al., “Three-Layer Secure Access Control for Cloud-Based Wireless Sensor Networkss,” in Proceedings of the Vehicular Technology Conference, pp. 1–5, IEEE, Piscataway, September 2016.
View at: Google Scholar
Z. Guan, Li Jing, L. Zhu, Z. Zhang, X. Du, and M. Guizani, “Towards delay-tolerant flexible data access control for wireless sensor networks with renewable energy resources,” IEEE Transactions on Industrial Informatics, vol. 13, no. 99, 1 page, 2017.
View at: Google Scholar
K. Javeed and X. Wang, “Low latency flexible FPGA implementation of point multiplication on elliptic curves over GF(p),” International Journal of Circuit Theory and Applications, vol. 45, no. 2, pp. 214–228, 2017.
View at: Publisher Site | Google Scholar
J. Zhang, Z. Zhang, J. Ding, M. Snook, and Ö. Dagdelen, “Authenticated key exchange in ideal lattices,” in Proceedings of the Annual Internation Conference on the Theory and Applications of Cryptographic Techniques, pp. 719–751, Springer, Berlin Heidelberg, Germany, April 2015.
View at: Google Scholar
A. Fujioka, K. Suzuki, K. Xagawa, and K. Yoneyama, “Strongly secure authenticated key exchange from factoring, codes, and lattices,” Designs, Codes and Cryptography, vol. 76, no. 3, pp. 469–504, 2015.
View at: Publisher Site | Google Scholar
L. Ducas and D. Micciancio, “Improved short lattice signatures in the standard model,” in Proceedings of the Annual Cryptology Conference, pp. 335–352, Berlin Heidelberg, Germany, August 2014.
View at: Google Scholar
A. Erdem, S. L. M. Barreto Paulo, B. Nina, K. Juliane, and L. Patrick, “The lattice-based digital signature scheme qTESLA,” in Proceedings of the Applied Cryptography and Network Security - 18th International Conference ACNS, pp. 441–460, Berlin Heidelberg, Germany, October 2020.
View at: Google Scholar
Y. T. Hon, F. Esgin Muhammed, and K. Liu Joseph, “Au Man Ho and Ding Zhimin. DualRing: generic construction of ring signatures with efficient instantiations,” in Proceedings of the Advances in Cryptology – CRYPTO 2021 - 41st Annual International Cryptology Conference CRYPTO, pp. 251–281, Berlin Heidelberg, Germany, August 2021.
View at: Google Scholar
J. W. Jiang, D. Wang, G. Y. Zhang, and Z. Y. Chen, “Private key management scheme for mobile edge computing,” Chinese Journal of Computers, vol. 45, no. 6, pp. 1348–1372, 2022.
View at: Google Scholar
D. Wang and P. Wang, “Two birds with one stone: two-factor authentication with security beyond conventional bound,” IEEE Transactions on Dependable and Secure Computing, vol. 15, no. 4, pp. 708–722, 2016.
View at: Google Scholar
Z. Li, D. Wang, and E. Morais, “Quantum-safe round-optimal password authentication for mobile devices,” IEEE Transactions on Dependable and Secure Computing, vol. 19, no. 3, pp. 1885–1899, 2022.
View at: Publisher Site | Google Scholar
W. Bos Joppe, C. Craig, N. Michael, and S. Douglas, “Post-quantum key exchange for the TLS protocol from the ring learning with errors problem,” in Proceedings of the 2015 IEEE Symposium on Security and Privacy, pp. 553–570, San Jose, CA, USA, May 2015.
View at: Google Scholar
Y. Jiang, G. Tong, H. Yin, and N. Xiong, “A pedestrian detection method based on genetic algorithm for optimize XGBoost training parameters,” IEEE Access, vol. 7, pp. 118310–118321, 2019.
View at: Publisher Site | Google Scholar
R. Wan, N. Xiong, and N. T. Loc, “An energy-efficient sleep scheduling mechanism with similarity measure for wireless sensor networks,” Human-centric Computing and Information Sciences, vol. 8, no. 1, pp. 18–22, 2018.
View at: Publisher Site | Google Scholar
Y. Lu, S. Wu, Z. Fang, N. Xiong, S. Yoon, and D. S Park, “Exploring finger vein based personal authentication for secure IoT,” Future Generation Computer Systems, vol. 77, pp. 149–160, 2017.
View at: Publisher Site | Google Scholar
F. Xia, R. Hao, J. Li, N. Xiong, L. T. Yang, and Y. Zhang, “Adaptive GTS allocation in IEEE 802.15. 4 for real-time wireless sensor networks,” Journal of Systems Architecture, vol. 59, no. 10, pp. 1231–1242, 2013.
View at: Publisher Site | Google Scholar
P. Kumar, R. Kumar, G. Srivastava et al., “PPSF: a privacy-preserving and secure framework using blockchain-based machine-learning for IoT-driven smart cities,” IEEE Transactions on Network Science and Engineering, vol. 8, no. 3, pp. 2326–2341, 2021.
View at: Publisher Site | Google Scholar

Copyright

Copyright © 2022 Wangke Yu et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

PDF Download Citation

Download other formats

Order printed copies

Views

232

Downloads

291

Citations

Security and Communication Networks

New Lattice-Based Broadcast Authentication Protocol for Wireless Sensor Networks

Abstract

1. Introduction

2. Related Work

3. Basic Knowledge

3.1. Lattice

3.2. Lattice Difficulty Problems

3.3. Relevant Algorithms Lattice over Lattice

4. Network Model

5. Broadcast Authentication Protocol

5.1. System Parameters and Keys

5.2. One-to-Many Broadcast Authentication

5.2.1. Generate Authentication Messages

5.2.2. Verify the Authentication Message

5.3. One-to-One Broadcast Authentication

5.3.1. Generate Authentication Messages

5.3.2. Verify the Authentication Message

6. Protocol Analysis

6.1. Consistency Analysis

6.2. Safety Analysis

6.2.1. Anti-Replay Attack

6.2.2. Unforgeability

6.2.3. Forge

6.2.4. Anti-Man in the Middle Attack

6.3. Efficiency Analysis

7. Conclusion

Data Availability

Conflicts of Interest

Acknowledgments

References

Copyright