Signcryption Method Suitable for Low-Power IoT Devices in a Wireless Sensor Network

Abstract

Internet of Things (IoT) consists of scenarios in which real-world appliances, objects, animals or people with unique identifiers transfer data over an insecure wireless network to accomplish specific tasks without any physical interaction. To achieve the specified goal, wireless sensor networks (WSNs) are usually connected to the Internet and integrated as part of the IoT. In such environments, how to send a message securely from a sensor to an Internet host becomes an important issue for the successful functioning of the IoT. In this paper, a new, efficient, heterogeneous online/offline signcryption scheme is proposed. This scheme achieves the security goals of confidentiality, integrity, authentication, and nonrepudiation in a logical single step. In particular, its structure allows a sensor node in an identity-based cryptography (IBC) setup to send a message to an Internet host in a public key infrastructure (PKI) such that the heavy verification loads on low-power devices are mitigated. The proposed signcryption scheme is divided into the offline and the online signcrypt stages for further load mitigation. The first stage handles most part of computations in generating a ciphertext before knowing the message. Only a few operations are left for the second stage when the messages show up. This scheme is indistinguishable against adaptive chosen-ciphertext attacks under the computational Diffie–Hellman assumption, and is unforgeable against adaptive chosen-message attacks under the elliptic curve discrete logarithm assumption. As compared with other related works, the proposed scheme has lower computation costs on both the sensor and the host sides and is more power efficient and scalable for various IoT scenarios.