IdenMultiSig: Identity-Based Decentralized Multi-Signature in Internet of Things

Abstract

Most devices in the Internet of Things (IoT) work on unsafe networks and are constrained by limited computing, power, and storage resources. Since the existing centralized signature schemes cannot address the challenges to security and efficiency in IoT identification, this article proposes IdenMultiSig, a decentralized multi-signature protocol that combines identity-based signature (IBS) with Schnorr scheme under discrete logarithms on elliptic curves. First, to solve the problem of offline or faulty devices under unstable networks, we introduce a novel improvement of the existing Schnorr scheme by introducing a threshold Merkle tree for the verification with only <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"> <tex-math notation="LaTeX">$m$</tex-math> </inline-formula> valid signatures among <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"> <tex-math notation="LaTeX">$n$</tex-math> </inline-formula> participants ( <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"> <tex-math notation="LaTeX">$m$</tex-math> </inline-formula> – <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"> <tex-math notation="LaTeX">$n$</tex-math> </inline-formula> tree), while hiding the real identity to protect the data security and privacy of IoT nodes. Furthermore, to prevent dishonest or malicious behavior of the private key generator (PKG), a consortium blockchain is innovatively applied to replace the traditional PKG as a decentralized and trusted private key issuer. Finally, the proposed scheme is proven to be unforgeable against forgery signature attacks in the random oracle model (ROM) under the elliptic curve discrete logarithm (ECDL) assumption. Theoretical analysis and experimental results show that our scheme matches or outperforms existing research studies in privacy protection, offline device support, decentralized PKG, and provable security.