Efficient and Robust Certificateless Signature for Data Crowdsensing in Cloud-assisted Industrial IoT

With the digitalization of various industries, the combination of cloud computing and the Industrial Internet of Things (IIoT) has become an attractive data processing paradigm. However, cloud-assisted IIoT still has challenging issues including authenticity of data, untrustworthiness of third parties, and system robustness and efficiency. Recently Karati et al. [1] proposed a lightweight certificateless signature (CLS) scheme for cloud-assisted IIoT, that was claimed to address both authenticity of data and untrustworthiness of third parties. In this paper, we demonstrate that the CLS scheme fails to achieve the claimed security properties by presenting four types of signature forgery attacks. We also propose a robust certificateless signature (RCLS) scheme to address the aforementioned challenges. Our RCLS only needs public channels and is proven secure against both public key replacement attacks and malicious-but-passive third parties in the standard model. Performance evaluation indicates that RCLS outperforms other CLS schemes and is suitable for IIoT.