Efficient and Flexible Multiauthority Attribute-Based Authentication for IoT Devices

Abstract

The correctness and reliability of data sources are the keys to the practicality of data collected by IoT devices. Attribute-based signature(ABS) is a cryptographic primitive for users to sign with their own attributes, which can be applied to the authentication process in IoT scenarios. The attribute authority is responsible for issuing the attribute key to the user in ABS. Multiple authorities can complete attribute management tasks to avoid the threat of a single authority. However, attribute authorities need to execute multiple interactions to collaborate to generate attribute keys for users, which brings a large transmission burden. In addition, a lot of resource-constrained terminals in the IoT mostly play the role of signer or verifier in authentication protocols. The signature generation and verification algorithms often have heavy pairing and exponentiation operations. Currently, no ABS scheme takes into account the efficiency of all participating entities simultaneously. In this paper, we present an aggregated anonymous key issue (AAKI) protocol to reduce the transmission burden between multiple authorities. Meanwhile, the non-interactive zero-knowledge proof aggregate exponentiation (NI-ZKPoKAE) protocol is designed to aggregate the transmitted secret values in AAKI. To reduce the computational burden of signers and verifiers, Blakley secret sharing, where the Hadamard matrix is used more efficiently to handle the (n,n)-threshold, is used to construct an efficient and fine-grained multi-authority ABS (EFMA-ABS) scheme. This brings high efficiency to all three types of parties involved in IoT authentication. Our above-mentioned protocols have been proven to be feasible and effective.