Temporal ECDSA: A timestamp and signature mask enabled ECDSA algorithm for IoT client node authentication

Abstract

Internet of Things (IoT) networks are vulnerable to various security threats, especially in client authentication. The current authentication methods require significant resources and are vulnerable to specific attacks. The Non-Interactive Zero Knowledge Proof (NIZKP) concept suits IoT device authentication. Elliptic Curve Digital Signature (ECDSA) is a popular algorithm for IoT device authentication based on elliptic curve cryptography (ECC) and NIZKP. However, an intelligent attacker who captures the ECDSA signatures generated by the same random number can recover the private key. This paper proposes a timestamp based approach to prevent signature reuse and fake signature generation in the ECDSA algorithm. The signature proof is generated differently at each occurrence to prevent the generation of valid signatures from leaked private keys. The proposed approach eliminates the expensive modular inversion operations in signature generation and verification phases, enhancing execution efficiency. The analysis results indicate that the proposed Temporal ECDSA algorithm effectively prevents most attacks on client authentication in IoT networks. Various metrics, including computational complexity and security measures, were used to evaluate the effectiveness of the proposed approach, demonstrating that it outperforms most ECDSA variants.