Formal Security Analysis Research Articles

Securing End-Node to Gateway Communication in LoRaWAN With a Lightweight Security Protocol

The arrival of IoT has brought constant innovation. This innovation has allowed many “things” (sensors, wearable devices, smart appliances, among others) to be connected to the Internet to deliver the information they collect. This need for connection has set the tone for the development of new protocols that adapt to the IoT environment, taking into consideration low energy consumption and low computational cost. These protocols are known as Low Power Wide Area Network (LPWAN). In this context, one of the most used is LoRaWAN. As many other IoT protocols, it is exposed to security threats. These threats aim to compromise security principles like confidentiality, integrity and availability (CIA Triad) of the information. This paper aims to analyze weaknesses between end-nodes and gateway communication of LoRaWAN to then propose a lightweight security protocol to address the detected vulnerabilities. This protocol uses lightweight cryptographic functions to achieve this goal as it is intended to be deployed over IoT devices which are very limited in terms of hardware and power resources. Likewise, this protocol has gone through a formal security analysis with the use of a tool called Scyther, in order to validate the security of the proposed protocol.

SALS-TMIS: Secure, Anonymous, and Lightweight Privacy-Preserving Scheme for IoMT-Enabled TMIS Environments

With the Telecare Medical Information System (TMIS), patients and doctors can access various healthcare services through wireless communication technology without visiting the hospital in person. However, TMIS must have the necessary security requirements, including authentication and anonymity because information of legitimate patient is transmitted via an open channel. Therefore, secure privacy-preserving schemes are essential to ensure reliable healthcare services for legitimate patient in TMIS. Recently, the existing schemes proposed a secure healthcare authentication protocol with attack-resilience and anonymous key agreement in TMIS environments. However, we demonstrate that their scheme cannot prevent impersonation, session key disclosure, and man-in-the-middle attacks and cannot ensure secure mutual authentication. To improve the security flaws of the existing schemes, we design a secure, anonymous, and lightweight privacy-preserving scheme in internet of medical things (IoMT)-enabled TMIS environments, called SALS-TMIS. Our scheme withstands potential security threats and ensures the essential security functionalities. We evaluate the security of the SALS-TMIS using informal and formal security analyses, including ROR oracle model and AVISPA implementation. We then compare the computation and communication costs of SALS-TMIS with existing schemes. SALS-TMIS provides superior security and efficiency than related schemes for IoMT-enabled TMIS.

Anonymous and Efficient Authentication Scheme for Privacy-Preserving Distributed Learning

Distributed learning is proposed as a promising technique to reduce heavy data transmissions in centralized machine learning. By allowing the participants training the model locally, raw data is unnecessarily uploaded to the centralized cloud server, reducing the risks of privacy leakage as well. However, the existing studies have shown that an adversary is able to derive the raw data by analyzing the obtained machine learning models. To tackle this challenge, the state-of-the-art solutions mainly depend on differential privacy and encryption techniques (e.g., homomorphic encryption). Whereas, differential privacy degrades data utility and leads to inaccurate learning, while encryption based approaches are not effective to all machine learning algorithms due to the limited operations and excessive computation cost. In this work, we propose a novel scheme to resolve the privacy issues from the anonymous authentication approach. Different from the two types of existing solutions, this approach is generalized to all machine learning algorithms without reducing data utility, while guaranteeing privacy preservation. In addition, it can be integrated with detection schemes against data poisoning attacks and free-rider attacks, being more practical for distributed learning. To this end, we first design a pairing-based certificateless signature scheme. Based on the signature scheme, we further propose an anonymous and efficient authentication protocol which supports dynamic batch verification. The proposed protocol guarantees the desired security properties while being computationally efficient. Formal security proof and analysis have been provided to demonstrate the achieved security properties, including confidentiality, anonymity, mutual authentication, unlinkability, unforgeability, forward security, backward security, and non-repudiation. In addition, the performance analysis reveals that our proposed protocol significantly reduces the time consumption in batch verification, achieving high computational efficiency.

Secure ECC-Based Three-Factor Mutual Authentication Protocol for Telecare Medical Information System

In the recent COVID-19 situation, Telecare Medical Information System (TMIS) is attracting attention. TMIS is one of the technologies used in Wireless Body Area Network (WBAN) and can provide patients with a variety of remote healthcare services. In TMIS environments, sensitive data of patients are communicated via an open channel. An adversary may attempt various security attacks including impersonation, replay, and forgery attacks. Therefore, numberous authentication schemes have been suggested to provide secure communication for TMIS. Sahoo <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">et al.</i> proposed a mutual authentication scheme based on biometrics and Elliptic Curve Cryptography (ECC) in 2020. However, we find out that Sahoo <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">et al.</i> ’s scheme cannot resist insider and privileged insider attacks and cannot guarantee patient anonymity. In this paper, we propose a secure ECC-based three-factor mutual authentication protocol that guarantees the privacy of patients for TMIS. We conduct informal security analysis to prove that our protocol is secure from various security attacks. In addition, we perform formal security analyses using the Automated Validation of Internet Security Protocols and Applications (AVISPA), Burrows-Abadi-Needham (BAN) logic, and the Real-Or-Random (ROR) model. Furthermore, we assess our protocol’s performance and compare it to other protocols. As a result, our protocol has lower communication costs, and better security features compared to related existing protocols. Therefore, our protocol is more appropriate for TMIS environments than other related protocols.

Verifiable Fuzzy Multi-keyword Search over Encrypted Data with Adaptive Security

To ensure the security of outsourced data without affecting data availability, one can use Symmetric Searchable Encryption (SSE) to achieve search over encrypted data. Considering that query users may search with misspelled words, the fuzzy search should be supported. However, conventional privacy-preserving fuzzy multi-keyword search schemes are incapable of achieving the result verification and adaptive security. To solve the above challenging issues, in this paper we propose a Verifiable Fuzzy multi-keyword Search scheme with Adaptive security (VFSA). VFSA first employs the locality sensitive hashing to hash the misspelled and correct keywords to the same positions, then designs a twin Bloom filter for each document to store and mask all keywords contained in the document, next constructs an index tree based on the graph-based keyword partition algorithm to achieve adaptive sublinear retrieval, finally combines the Merkle hash tree structure with the adapted multiset accumulator to check the correctness and completeness of search results. Our formal security analysis shows that VFSA is secure under the IND-CKA2 model and achieves query authentication. Our empirical experiments using the real-world dataset demonstrate the practicality of VFSA.

Authorized Keyword Search over Outsourced Encrypted Data in Cloud Environment

For better data availability and accessibility while ensuring data secrecy, end-users often tend to outsource their data to the cloud servers in an encrypted form. However, this brings a major challenge to perform the search for some keywords over encrypted content without disclosing any information to unintended entities. This paper proposes a novel expressive authorized keyword search scheme relying on the concept of ciphertext-policy attribute-based encryption. The originality of the proposed scheme is multifold. First, it supports the generic and convenient multi-owner and multi-user scenario, where the encrypted data are outsourced by several data owners and searchable by multiple users. Second, the formal security analysis proves that the proposed scheme is semantically secure against chosen keyword and outsiders keyword guessing attacks. Third, an interactive protocol is introduced which avoids the need of any secure-channels between users and service provider. Fourth, due to the concept of bilinear-map accumulator, the system can efficiently revoke users and/or their attributes, and authenticate them prior to launching any expensive search operations. Fifth, conjunctive keyword search is provided thus enabling to search for multiple keywords simultaneously, with minimal cost. Sixth, the performance analysis shows that the proposed scheme outperforms closely-related works.

Toward Privacy-Preserving Aggregate Reverse Skyline Query With Strong Security

It has been witnessed that Aggregate Reverse Skyline (ARS) query has recently received a wide range of practical applications due to its marvelous property of identifying the influence of query requests. Nevertheless, the query users may hesitate to participate in such query services as the query requests and query results may leak sensitive personal data or valuable business data assets to the service providers. To tackle the concerns, a promising solution is to encrypt the query requests, conduct the ARS queries over encrypted query requests without decrypting, and return the encrypted query results. Unfortunately, many existing solutions are either deployed over a two-server model or unable to fully preserve query privacy. In this paper, we propose a novel privacy-preserving aggregate reverse skyline query (PPARS) scheme on a single server model while ensuring full query privacy. Specifically, we first transform the problem of ARS query into a combination of set membership test and logical expressions. Then, by employing the prefix encoding technique, bloom filter technique, and fully homomorphic encryption, we run the transformed logical expressions to obtain the encrypted aggregate values without leaking query requests, query results, and access patterns. Furthermore, we propose an interpolation-based packing technique to improve the communication efficiency of PPARS. Detailed and formal security analysis demonstrates that our proposed schemes can guarantee strong security. In addition, extensive experiments are conducted, and the results validate the efficiency of our proposed schemes.

Hyper Elliptic Curve Based Certificateless Signcryption Scheme for Secure IIoT Communications

Industrial internet of things (IIoT) is the usage of internet of things (IoT) devices and applications for the purpose of sensing, processing and communicating real-time events in the industrial system to reduce the unnecessary operational cost and enhance manufacturing and other industrial-related processes to attain more profits. However, such IoT based smart industries need internet connectivity and interoperability which makes them susceptible to numerous cyber-attacks due to the scarcity of computational resources of IoT devices and communication over insecure wireless channels. Therefore, this necessitates the design of an efficient security mechanism for IIoT environment. In this paper, we propose a hyperelliptic curve cryptography (HECC) based IIoT Certificateless Signcryption (IIoT-CS) scheme, with the aim of improving security while lowering computational and communication overhead in IIoT environment. HECC with 80-bit smaller key and parameters sizes offers similar security as elliptic curve cryptography (ECC) with 160-bit long key and parameters sizes. We assessed the IIoT-CS scheme security by applying formal and informal security evaluation techniques. We used Real or Random (RoR) model and the widely used automated validation of internet security protocols and applications (AVISPA) simulation tool for formal security analysis and proved that the IIoT-CS scheme provides resistance to various attacks. Our proposed IIoT-CS scheme is relatively less expensive compared to the current state-of-the-art in terms of computational cost and communication overhead. Furthermore, the IIoT-CS scheme is 31.25% and 51.31% more efficient in computational cost and communication overhead, respectively, compared to the most recent protocol.

Privacy-Preserving Boolean Range Query with Temporal Access Control in Mobile Computing

With increasingly popular GPS-equipped mobile devices (e.g., smartphones, tablets, laptops), massive spatio-textual data has been outsourced to cloud servers for storage and analysis such as spatial keyword search. However, existing privacy-preserving spatial keyword query schemes only support coarse-grained non-temporal access control in single-user sharing scenarios, which does not scale well in time-related scenes such as message valid period. To solve the above issues, we propose Privacy-preserving Boolean Range Query with Temporal access control in mobile computing (PBRQ-T). Specifically, we first achieve PBRQ with linear search complexity using the adapted Gray code, Bloom filter, and Katz-Sahai-Waters encryption. Then, we provide fine-grained and temporal access control in PBRQ based on the forward/backward derivation function and attribute-based encryption, where PBRQ is executed only when the spatio-textual data is accessible. Finally, an enhanced PBRQ-T (i.e., PBRQ-T+) with faster-than-linear search complexity is proposed by constructing a Quadtree index structure. Our formal security analysis shows that data privacy and index privacy can be guaranteed during the query process. Our extensive experiments using a real-world dataset demonstrate the efficiency and feasibility of our schemes.

A Provably Secure and Efficient Remote Password Authentication Scheme Using Smart Cards

Communication technology has advanced dramatically amid the 21^st century, increasing the security risk in safeguarding sensitive information. The remote password authentication (RPA) scheme is the simplest cryptosystem that serves as the first line of defence against unauthorised entity attacks. Although the literature contains numerous RPA schemes, to the best of the authors’ knowledge, only few schemes based on the integer factorisation problem (IFP) and the discrete logarithm problem (DLP) that provided a provision for session key agreement to ensure proper mutual authentication. Furthermore, none of the previous schemes provided formal security proof using the random oracle model. Therefore, this study proposed an improved RPA scheme with session key establishment between user and server. The design of the proposed RPA scheme is based on the widely established Dolev-Yao adversary model. Moreover, as the main contribution, a novel formal security analysis based on formal definitions of IFP and DLP under the random oracle model was presented. The proposed scheme's performance was compared to that of other similar competitive schemes in terms of the transmission/computational cost and time complexity. The findings revealed that the proposed scheme required higher memory storage costs in smart cards. Nonetheless, the proposed scheme is more efficient regarding the transmission cost of login and response messages and the total time complexity compared to other scheme of similar security attributes. Overall, the proposed scheme outperformed the other RPA schemes based on IFP and DLP. Finally, the potential application of converting the RPA scheme to a user identification (UI) scheme is considered for future work. Since RPA and UI schemes are similar, the proposed approach can be expanded to develop a provably secure and efficient UI scheme based on IFP and DLP.

ES-HAS: ECC-Based Secure Handover Authentication Scheme for Roaming Mobile User in Global Mobility Networks

The design and implementation of two-factor schemes designed for roaming mobile users for global mobility networks in smart cities requires attention to protect the scheme from various security attacks, such as the replay attack, impersonation attack, man-in-the-middle attack, password-guessing attack and stolen-smart-card attack. In addition to these attacks, the scheme should achieve user anonymity, unlinkability and perfect forward secrecy. In the roaming scenario, as mobile users are connected to the foreign network, mobile users must provide authentication details to the foreign network to which they are connected. The foreign network forwards the authentication messages received from the mobile users to their home network. The home network validates the authenticity of the mobile user. In the roaming scenario, all communication between the three entities is carried over an insecure channel. It is assumed that the adversary has the capabilities to intercept the messages transmitted over an insecure channel. Hence, the authentication scheme designed must be able to resist the above-mentioned security attacks and achieve the security goals. Our proposed scheme ES-HAS (elliptic curve-based secure handover authentication scheme) is a two-factor authentication scheme in which the mobile user possesses the password, and the smart card resists the above-mentioned security attacks. It also achieves the above-mentioned security goals. We also extended our two-factor authentication to a multi-factor authentication scheme using the fingerprint biometric technique. The formal security analysis using BAN logic and the formal security verification of the proposed scheme using the widely accepted AVISPA (automated validation of internet security protocols and applications) tool is presented in this article. In comparison with the related schemes, the proposed scheme is more efficient and robust. This makes the proposed scheme suitable for practical implementation.

FASE: Fine-Grained Accountable and Space-Efficient Access Control for Multimedia Content With In-Network Caching

To reduce the duplicated traffic and improve the performance of distributing massive volumes of multimedia contents, in-network caching has been proposed recently. However, as in-network content caching can be directly utilized to respond users’ requests, multimedia content retrieval is beyond content providers’ control and makes it hard for them to implement access control and service accounting. In this paper, we propose a Fine-grained Accountable and Space-Efficient access control scheme, called FASE, for multimedia content distribution. FASE allows content providers to be fully offline while making the best of in-network caching. In FASE, the attribute-based encryption at multimedia content provider side and access policy based authentication at the edge router side jointly ensure secure fine-grained access control. Our scheme is efficient in both space and time. By designing one time chameleon signature (OTCS), users can keep anonymous during the authentication, and their privileges can be conveniently revoked when needed. Besides, secure service accounting is implemented by letting edge routers collect service credentials generated during users’ request process. Through formal security analysis, we prove the security of our scheme. Simulation results demonstrate that our scheme is efficient with acceptable overhead.

A lightweight D2D security protocol with request-forecasting for next-generation mobile networks

5G-assisted device-to-device (D2D) communication plays an instrumental role in minimizing latency, maximizing resource utilization, improving speed, and boosting system capacity. However, the technology confronts several challenges to realize its enormous potential fully. Security and privacy concerns are at the top of the list that can jeopardize the regular operation of D2D communication by executing various assaults such as free-riding and impersonation. Although several researchers suggested different solutions to these concerns, most are too heavy for resource-constrained devices or are vulnerable to security risks. Consequently, we proposed a lightweight and provably secure D2D communication protocol comprising initialization, device discovery, and link setup phases. The protocol is light in terms of computational overhead and communication latency while verifiably secure through formal security analysis. The protocol relies on a new network function, called D2D Security Management Function (DSMF), located near the devices to facilitate secure communication and improve performance. Moreover, we used deep learning-based UE trust score forecasting to better handle and prioritize communication requests when the network is overloaded. The comparative analysis against state-of-the-art security schemes concerning computational and communication overheads shows that our protocol is a superior alternative for resource-constrained IoT devices wishing to perform D2D communication in a 5G network.

Efficient handover protocol for 5G and beyond networks

The fifth generation (5G) and beyond 5G (B5G) networks offer ultra-low latencies, higher reliability, scalability, data rates and capacities to support applications such as vehicular communications, internet of everything (IoE) and device to device (D2D) communication. In spite of these excellent features, user privacy, resource management and handover authentications present some challenges. To facilitate seamless connectivity in 5G and B5G networks, numerous machine learning schemes have been developed to facilitate target cell selection based on parameters such as signal strength and signal to noise ratio (SNR). However, most of these approaches concentrate on performance enhancements, ignoring security and privacy issues. On their part, majority of the conventional handover authentication schemes exhibit long latencies which contravenes 5G and B5G requirements. Moreover, the base stations in these networks have very small footprints and hence require the deployment of numerous base stations within the coverage area. This serves to compound performance, security and privacy issues due to the resulting frequent handovers. In this paper, a multilayer neural network (MLNN) privacy and security preservation protocol is presented. To facilitate target cell selection, parameters that took user satisfaction, network, user equipment (UE) and service requirements into consideration were deployed so as to enhance both quality of service (QoS) and quality of experience (QoE) during and after handover. For handover security, timestamps, ephemerals and random nonces were deployed during handover authentication to offer both security and privacy. Formal security analysis using Burrows-Abadi-Needham (BAN) showed that the proposed protocol offered strong mutual authentication among the communicating entities. On the other hand, informal security analysis showed that the proposed protocol offers perfect forward key secrecy and is robust against attacks such as impersonation and packet replays. In addition, performance evaluation showed that it has the lowest communication costs and average computation overheads. Moreover, it exhibited a 27.1% increase in handover success rate, and a 24.1% reduction in ping pong rate.

Provably Secure Authentication Protocol for Mobile Clients in IoT Environment Using Puncturable Pseudorandom Function

The Internet of Things (IoT) is a framework of various services and smart technologies that mutually communicate information between mobile devices and users or just between devices with the help of Internet connectivity. The dramatic progression of IoT helps numerous network applications and communication technologies to introduce state-of-the-art communication models for enabling interaction among mobile server, clients, and various other smart entities. Now-a-days, online mobile services have gained huge attention by providing ample convenience to the distant users. However, it is necessary to secure the information, being exchanged among mobile clients and server. Therefore, a large number of authentication protocols have been presented but majority of them are unsuitable to fulfill novel security requirements and standards. Moreover, they are incompatible for the IoT environment due to higher computation and communication complexity. Consequently, there is a dire need of developing an adequate, reliable, and cost-effective authentication protocol. In this article, we introduce a novel identity-based key agreement protocol using the puncturable pseudorandom functions for mobile clients in the IoT environment. The proposed PSK-MC protocol enables two mobile clients to accomplish mutual authentication via server. The proposed protocol is evaluated formally and informally to determine its security strength. The formal security analysis is presented using the widely used random oracle model. Moreover, all the cryptographic operations used at mobile client side are executed on a mobile device, while the operations used at the server side are implemented on a desktop machine to get the experimental results to determine computation cost. The performance analysis reveals the fact that our protocol is comparatively better than related protocols by exhibiting least communication and computation overhead.

A secure remote user authentication scheme for 6LoWPAN-based Internet of Things.

One of the significant challenges in the Internet of Things (IoT) is the provisioning of guaranteed security and privacy, considering the fact that IoT devices are resource-limited. Oftentimes, in IoT applications, remote users need to obtain real-time data, with guaranteed security and privacy, from resource-limited network nodes through the public Internet. For this purpose, the users need to establish a secure link with the network nodes. Though the IPv6 over low-power wireless personal area networks (6LoWPAN) adaptation layer standard offers IPv6 compatibility for resource-limited wireless networks, the fundamental 6LoWPAN structure ignores security and privacy characteristics. Thus, there is a pressing need to design a resource-efficient authenticated key exchange (AKE) scheme for ensuring secure communication in 6LoWPAN-based resource-limited networks. This paper proposes a resource-efficient secure remote user authentication scheme for 6LoWPAN-based IoT networks, called SRUA-IoT. SRUA-IoT achieves the authentication of remote users and enables the users and network entities to establish private session keys between themselves for indecipherable communication. To this end, SRUA-IoT uses a secure hash algorithm, exclusive-OR operation, and symmetric encryption primitive. We prove through informal security analysis that SRUA-IoT is secured against a variety of malicious attacks. We also prove the security strength of SRUA-IoT through formal security analysis conducted by employing the random oracle model. Additionally, we prove through Scyther-based validation that SRUA-IoT is resilient against various attacks. Likewise, we demonstrate that SRUA-IoT reduces the computational cost of the nodes and communication overheads of the network.

An efficient three‐factor user authentication scheme for industrial wireless sensor network with fog computing

SummaryUser authentication in industrial wireless sensor network (IWSN) is a security issue due to the hostile deployment of sensors in the field. The generated data from these sensors are generally processed in a cloud environment to provide on‐demand services. However, cloud computing suffers from several issues such as transmission latency and response time, and fog computing is hence introduced to resolve these issues. In the fog environment, the fog devices are placed near the user and responsible for intermediate computation and storage. This paper proposes a three‐factor‐based user authentication scheme for IWSN using fog computing (UASFI). The proposed scheme supports dynamic sensor node addition and smart card revocation phase. We employed the real‐or‐random (ROR) model for formal security analysis, which demonstrates the secrecy of the session key during communication. Furthermore, the simulation using NS2 and the comparison with existing schemes in terms of communicational and storage cost show that the proposed scheme is efficient for practical use.

Secure Lightweight Key Exchange Using ECC for User-Gateway Paradigm

Internet of Things (IoT)- based services connect the user with sensing devices through intermediary devices like a gateway. The authentication with secure key exchange assures security trio of confidentiality, integrity, and availability for the complete IoT-based system. It also ensures trusted privacy of communicated information. Recently, numerous authors proposed a Remote User Authentication scheme (RUA) on User-Gateway based secure key exchange for the tiny and lightweight sensor based paradigms such as an IoT and a wireless sensor network (WSN) using lightweight mathematical approaches. In this article, we propose a reliable and efficient lightweight key exchange scheme with the secure RUA for the user-gateway model. For designing a lightweight RUA scheme, we use elliptic curve cryptography (ECC). We use BAN-Logic for the validation of mutual authentication. We use widely accepted random oracle-based ROR model for formal security analysis and Dolev-Yao channel for informal security analysis. For the implementation and result collection of the proposed scheme, we used publisher-subscriber-based lightweight Message Queuing Telemetry Transport (MQTT) protocol. Overall, in this article, we propose a highly secure and efficient RUA scheme for the sensor-based environment with the formal security analysis and real-time implementation.

Secure user authentication mechanism for IoT-enabled Wireless Sensor Networks based on multiple Bloom filters

In this article, we propose an efficient Bloom filter and fuzzy extractor based user authentication technique, which is significant for an Internet of Things (IoT)-enabled multi-hop Wireless Sensor Networks (IoT-WSNs). The novelty of the proposed authentication technique is that it prevents fraudulent querying data delivery at the starting phase (i.e., at the querying sensor node itself) to stop false or counterfeit data flooding (which can exhaust the resources of IoT-WSNs) from the resource-constrained IoT-enabled sensor nodes to the nearby gateway node. The proposed authentication technique has the ability to significantly reduce the Bloom filter based false positive for user authentication in IoT-WSNs, while also preserving the constraint resources of WSNs. To estimate the security robustness of the proposed protocol based on the security goals of IoT-WSNs, we perform the formal security analysis using the random oracle and Real-Or-Random (ROR) models, informal security analysis and also the formal security verification using a widely-recognized automated software validation tool, known as Automated Validation of Internet Security Protocols and Applications (AVISPA). Next, communication and computational overheads analysis reveal that the proposed protocol is appropriate for resource-constrained sensor nodes. Furthermore, a correlative security feature and complexity analysis outcomes validate that the proposed protocol is reliable, secure, and efficient in comparison with other existing state of art related user authentication protocols.

Security analysis of uppercaseSM9 digital signature and key encapsulation

Security analysis provides strong guarantees and evidence for security cryptosystems. SM9 is an identity-based cryptosystem designed by China and has become a Chinese standard. The SM9 digital signature and encryption algorithm also became ISO/IEC International standards. However, there are few published research results on the security of SM9 cryptosystems. Based on Gap-$q$-BCAA1 assumption, Cheng gave the security analysis of SM9 key exchange protocol, key encapsulation and encryption algorithm in Inscrypt 2018. In this paper, we first give the formal security analysis for SM9 digital signature. Based on the $q$-SDH assumption, we prove that SM9 signature algorithm is EUF-CMIA secure. To eliminate the Gap assumption, we then use the technique of Twin-Hash-ElGamal to modify SM9 key encapsulation slightly without compromising its security and propose a new identity-based key encapsulation mechanism called Twin-SM9. Compared to SM9 key encapsulation, both the system public key and user private key contain one additional group element only and the ciphertext size remains the same. We prove that Twin-SM9 achieves IND-CCA security in the random oracle model based on the $q$-BDHI assumption. Our results clarify the security of SM9 and are useful for the design of SM9-based cryptosystems.