Privacy-preserving and traceable certificateless anonymous mutual authentication scheme for IoT
Author Identifier (ORCID)
Muhammad Waqas: https://orcid.org/0000-0003-0814-7544
Abstract
By utilizing the sensing and perception capabilities of various devices, the Internet of Things (IoT) enables more precise awareness of the real world, thereby enhancing management and resource utilization efficiency. However, due to their open deployment environments and frequent message exchanges, IoT endpoints are highly vulnerable to a wide range of security threats and privacy breaches, including forgery, data theft, and information leakage. Therefore, to address these challenges and ensure device legitimacy verification and secure data exchange among IoT devices, we propose a privacy-preserving and traceable certificateless anonymous mutual authentication scheme (PPT-CLAMA). PPT-CLAMA not only eliminates the need for a secure channel during key generation but also prevents attackers from tracing the real identity of devices through their own identity or public keys while providing pseudonym and anonymous authentication to devices, demonstrating greater practicality. Furthermore, through security proofs and analysis, PPT-CLAMA satisfies various high-level security properties, including mutual authentication, key agreement, nonrepudiation, unlinkability, perfect forward secrecy, known session-specific temporary information security, traceability, anonymity, and privacy preservation. The simulation results indicate that, compared to authentication and key agreement schemes, PPT-CLAMA reduces the average computational overhead and average communication overhead during the authentication process by 6.73% and 3.31%, respectively, demonstrating higher computational and communication efficiency.
Document Type
Journal Article
Date of Publication
1-1-2025
Publication Title
IEEE Transactions on Dependable and Secure Computing
Publisher
IEEE
School
School of Engineering
RAS ID
83716
Copyright
subscription content
Comments
Gong, B., Wu, Y., Badshah, A., & Waqas, M. (2025). Privacy-preserving and traceable certificateless anonymous mutual authentication scheme for IoT. IEEE Transactions on Dependable and Secure Computing. Advance online publication. https://doi.org/10.1109/TDSC.2025.3597949