Recent years have witnessed growing scientific research interest in the Internet of Things (IoT) technologies, which supports the development of a variety of applications such as health care, Industry 4.0, agriculture, ecological data management, and other various domains. IoT utilizes the Internet as a prime medium of communication for both single documents as well as multi-digital messages. However, due to the wide-open nature of the Internet, it is important to ensure the anonymity, untraceably, confidentiality, and unforgeability of communication with efficient computational complexity and low bandwidth. We designed a light weight and secure proxy blind signcryption for multi-digital messages based on a hyperelliptic curve (HEC). Our results outperform the available schemes in terms of computational cost and communication bandwidth. The designed scheme also has the desired authentication, unforgeability of warrants and/or plaintext, confidentiality, integrity, and blindness, respectively. Further, our scheme is more suitable for devices with low computation power such as mobiles and tablets.

In recent years, there has been extensive research on IoT technologies, which covers various applications such as healthcare (HC), Industry 4.0, agriculture, and ecological data management, to name a few. The IoT comprises certain devices that have the capability of sending, receiving, and storing data, in addition to being about to communicate through the Internet. Once these devices are connected to the Internet, communication can take place for single documents as well as multi-digital messages. Thus, blindness and untraceable security services are required. Chaum was the first author to coin the term blind signature for the protection of digital information privacy. The blind signature mechanism enables resistance to forgery, indisputability and anonymity [

Gamage et al. [

Partial delegation rights were also provided in their technique by using bilinear pairings on elliptic curves. Their techniques suffered from a misuse of authority in the case of partial delegation. A new provable and secure proxy-signcryption scheme was designed by Lin et al. [

In our previous work [

Sadat et al. [

In this paper, we propose a new provable secure proxy blind signcryption scheme for multi-digital messages based on hyperelliptic curves which provides a similar level of security with less communication and computational costs. The rest of the paper is organized as follows: Section 2 discusses the pre-requisites to understanding the formalization of our scheme, which is followed by discussions of our methodology in Section 3. Sections 4 and 5 cover the results and discussions. Finally, the conclusion is presented in Section 6.

In 1988, Koblitz introduced the generality of the elliptic curve to the advanced genus of the curve called the hyperelliptic curve cryptosystem, which performs a significant operation in comparison to the elliptic curve cryptosystem. Let _{2} ^{80} are 80 bits long, for genus three 54-bits long operands [

Let F_{0} = final field of hyper ellipticcurve cryptosystem and F_{0} represents sol-set (x, y)

where _{0}[x] is monic-polynomial of degree

In contrast, the group arrangement of the hyperelliptic curve has the Jacobian (J) of a curve C. A piece element of the J is a correspondent class of divisors. A divisor is the formal sum of finite points for the curve

where

The reduced divisor is:

and opposed point for

Polynomial expressions can be used to characterize the divisor [

The group operations of addition and doubling of divisors is called a scalar multiplication divisor (SMD). The operations changed elliptic curve point multiplication into divisors of the Jacobian of a hyper ellipticcurve [

Our scheme consists of five participants:

Original user: The original signer delegates the signing capabilities to a proxy signcrypter.

Proxy signcrypter: The proxy signcrypter verifies the delegation and blinds a message for signing and then delivers it to the anonymous signer.

Anonymous signer: The signer generates a blind signature on a blind message and then sends it back to the proxy signcrypter. The proxy signcrypter combines the blind signature with an encrypted message and hands it over to the receiver.

Receiver/Un-signcrypter: At the end, the receivers verify the blind signcrypted message and then decrypt it.

The authentication server: This acts as a certificate authority which publishes all the public parameters and generates the certificates for each user.

All participants (Alice, Proxy, signer, Bob) first generate their keys (private, public) from the given

Alice: randomly takes a number

Proxy: randomly chooses integer

Signer: randomly chooses integer

Bob: randomly chooses integer

I.

Randomly pick

Compute

Compute

Send

II.

Compute

III.

i

Signer selects a random number

Compute

Send

ii

Suppose the proxy assumes that he wants to send a vector of message

Select three blind factors randomly

Select randomly a nonce

Compute

Compute the hash value like

Compute

Send

iii

iv

Compute

Send

IV

After receiving

Compute

Compute

Compute

Compute

Accept

In this section, we divide the security of our scheme into two parts, the first part showing the correctness of the scheme and the second part showing the security services e.g., warrant authentication, unforgeability of warrants, confidentiality, integrity, and blindness, respectively. We consider a popular Dolev-Yao (DY) threat model and suppose the adversary is able to dismiss the warrant authentication, forge the warrant signature, read the exchanged messages, destroy the blindness, modify the message contents, and generate a forged signature.

The security attribute of the warrant authentication is another contribution of our approach. If the sender delegates their signing rights by sending a warrant message _{w}_{w}

Our scheme also meets the property of warrant unforgeability. When an attacker generates a forged signature _{w}

In our scheme, the encrypted multi-documents are sent to the legitimate recipient (Bob) using the secret shared key

Step 1: An intruder can easily get the secret shared key if they can solve

Step 2: Similar to step 1, an intruder can get the secret key from

We use a collision resistant hash function in our proposed scheme to ensure the integrity of multi-digital documents as

In our designed scheme, before sending the multi-document cipher text to the recipients/Bob, the signer computes a blind digital signature on the multi-documents cipher text as

Our scheme enables the proxy signer to select three blind numbers

This section elaborates on the computational cost of the proposed multi-document proxy blind signcryption scheme and the existing proxy blind signature [

Schemes | Proxy Delegations | Proxy blind Signcryption | Proxy blind Unsigncryption | Total |
---|---|---|---|---|

[ |
||||

[ |
||||

[ |
||||

[ |
||||

Our scheme |

The computations of addition, subtraction, division and hash are ignored due to their fewer needs of computations and lower execution periods. For a more detailed illustration of the difference between the proposed and existing schemes, observations can be obtained from Ullah et al. [

According to Ullah et al. [

Schemes | Proxy delegations | Proxy blind signcryption | Proxy blind unsigncryption | Total |
---|---|---|---|---|

[ |
1.94 | 2.91 | 1.94 | 6.79 |

[ |
2.91 | 3.88 | 1.94 | 8.73 |

[ |
2.91 | 3.88 | 2.91 | 9.7 |

[ |
2.91 | 5.82 | 3.88 | 12.61 |

Our Scheme | 1.44 | 1.92 | 0.96 | 4.32 |

If the number of digital messages increases, then the computational cost will increase.

No of Messages | [ |
[ |
[ |
[ |
Our Scheme |
---|---|---|---|---|---|

6.79 | 8.73 | 9.7 | 12.61 | 4.32 | |

33.95 | 43.65 | 48.5 | 63.05 | 21.6 | |

67.9 | 87.3 | 97 | 126.1 | 43.2 | |

101.85 | 130.95 | 145.5 | 189.15 | 64.8 | |

135.8 | 174.6 | 194 | 252.2 | 86.4 |

Further, we use the general formula

Proposed against existing approach | Formula | Reduction % age |
---|---|---|

[ |
||

[ |
||

[ |
||

[ |

In this paper, we have developed a lightweight and secure proxy blind signcryption scheme for multi-digital messages based on a hyperelliptic curve. Our scheme consists of five participants, e.g., the authenticated server, original user, proxy signcrypter, the anonymous signer and receiver/un-signcrypter. The authenticated server performs the role of a certificate authority which publishes all public parameters and issues certificates to each user. The original signer simply delegates the signing capabilities to the proxy signcrypter. The proxy signcrypter verifies the delegation and blinds a message for signing, then delivers it to the anonymous signer. The signer only generates a blind signature on a blind message and then back sends it back to the proxy signcrypter. Finally, the proxy signcrypter combines the blind signature with the encrypted message and then hands it over to the receiver. In the final step, the receiver verifies the blind signcrypted message and then decrypts it. Further, the developed scheme provides all the security services of proxy and blind signcryption e.g., warrant authentication, unforgeability of warrants and/or plaintext, confidentiality, integrity, and blindness. Compared to the existing schemes, our scheme reduces the computational costs by about 33.28% to 64.07% in terms of milliseconds. Additionally, due to the lower parameters and the standard size of the hyperelliptic curve, our scheme is attractive to limited-resource devices such as those used in IoT environments.

Future studies are required to shed light on the development of such a scheme with different functionalities. These functionalities will be combined into a single scheme, such as encryption only, signature only, and signcryption, so that they can be utilized whenever they are required. It is also important to consider developing more efficient techniques that focus on lowering computational and communication costs.