A heterogeneous signcryption scheme with Cryptographic Reverse Firewalls for IoT and its application

Abstract

The Snowden leaks exposed the truth that skilled attackers can access users’ devices and steal their private information. Although public key encryption is widely used and theoretically secure, it has hidden vulnerabilities when implemented in practice. This is especially problematic when employing communication channels among heterogeneous protocols within the Internet of Things (IoT), it becomes apparent that these channels lack adequate protection to address the diverse nature of IoT systems. This work proposes a novel Heterogeneous Online/Offline Signcryption with Cryptographic Reverse Firewalls (HOOS-CRF). The scheme enables a secure communication channel between the sender in an Identity-based cryptosystem (IBC) and the receiver in the Public Key Infrastructure (PKI) cryptosystem with CRF deployed. To reduce computational costs, we split the signcryption algorithm into two stages: online and offline. Most resource-intensive operations are performed during the offline stage, which operates without any knowledge of the message being processed. The HOOS-CRF scheme provides confidentiality, authentication, and defense against insider security attacks. Meanwhile, we prove the security of the HOOS-CRF using the random oracle model and demonstrate its high efficiency and practicality through experiments. Lastly, the scheme’s relevance to IoT-driven healthcare applications is demonstrated.