Abstract
Certificateless aggregate signature (CLAS) protocols mitigate the reliance upon the key-generating center of identity-rooted signatures. Consequently, they partly resolve the intrinsic key escrow issue found in identity-based encryption systems while upholding their implementation efficiency advantage. Over recent years, a range of new CLAS protocols has emerged aiming to transcend the communication and computation constraints of sensors. This is to ensure the integrity, validity, and accessibility of patients' health data within cloud-based healthcare monitoring systems (c-HMS). However, a number of these protocols fail to offer sufficient security guarantees—they are not secured for the post-quantum era, cannot repel collusion attacks, and require signing order, rendering them pseudo-aggregate schemes. Thus, this paper introduces a lattice-based unordered certificateless aggregate signature scheme (L-UCASS) specifically designed for cloud medical health monitoring systems. Additionally, our scheme leverages lattice architecture to guarantee security in the post-quantum era; adopts a certificateless structure to withstand attacks from untrustworthy key generation centers (KGC) and avoid key escrow; implements a bimodal Gaussian distribution to enhance efficiency; and utilizes an intersection technique to accomplish a true aggregate scheme and avert collusion attacks commonly occurring when more than two signers compute another signer’s private key. Finally, a comparative study reveals that our scheme successfully enhances protocol security without imposing significant spatial or temporal overhead. We also demonstrate that our scheme is existentially unforgeable in the context of adaptive chosen message attacks (EUF-CMA) against type I and type II adversaries in the random oracle model (ROM).
Similar content being viewed by others
Data availability
Not applicable.
References
Boneh D, Gentry C, Lynn B et al (2003) Aggregate and verifiably encrypted signatures from bilinear maps. In: Biham Eli (ed) International conference on the theory and applications of cryptographic techniques 2003, LNCS, vol 2656. Springer, Berlin, pp 416–432
Al-Riyami SS, Paterson KG (2003) Certificateless public key cryptography. In: Chi-Sung L (ed) Asiacrypt: international conference on the theory and application of cryptology and information security 2003, LNCS, vol 2894. Springer, Berlin, pp 452–473
Castro R, Dahab R (2007) Efficient certificateless signatures suitable for aggregation. Cryptology ePrint Archive. https://eprint.iacr.org/2007/454
Gong Z, Long Y, Hong X et al (2007) Two certificateless aggregate signatures from bilinear maps. In: Eighth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing (SNPD 2007), vol 3. IEEE, Qingdao, China, pp 188−193. https://doi.org/10.1109/SNPD.2007.132
Deng J, Xu C, Wu H et al (2016) A new certificateless signature with enhanced security and aggregation version. Concurr Comput: Pract Experience 28(4):1124–1133
Deng L, Yang Y, Chen Y et al (2018) Aggregate signature without pairing from certificateless cryptography. J Internet Technol 19(5):1479–1486
Deng L, Yang Y, Chen Y (2019) Certificateless short aggregate signature scheme for mobile devices. IEEE Access 7:87162–87168
Hashimoto K, Ogata W (2019) Unrestricted and compact certificateless aggregate signature scheme. Inf Sci 487:97–114
Shim KA (2020) Forgery attacks on two provably secure certificateless signature schemes. Inf Sci 521:81–87
Shen L, Ma J, Miao Y et al (2019) Provably secure certificateless aggregate signature scheme with designated verifier in an improved security model. IET Inf Secur 13(3):167–173
Deng L, Ning B, Jiang Y (2020) A lightweight certificateless aggregation signature scheme with provably security in the standard model. IEEE Syst J 14(3):4242–4251
Liu X, Zhu H, Ma J et al (2014) Efficient attribute based sequential aggregate signature for wireless sensor networks. Int J Sensor Netw 16(3):172–184
Shen L, Ma J, Liu X et al (2016) A secure and efficient ID-based aggregate signature scheme for wireless sensor networks. IEEE Internet Things J 4(2):546–554
Shen L, Ma J, Liu X et al (2016) A provably secure aggregate signature scheme for healthcare wireless sensor networks. J Med Syst 40(11):1–10
Kumar P, Kumari S, Sharma V et al (2018) A certificateless aggregate signature scheme for healthcare wireless sensor network. Sustain Comput: Inform Syst 18:80–89
Xie Y, Li X, Zhang S et al (2019) An improved certificateless aggregate signature scheme for healthcare wireless sensor networks. IEEE Access 7:15170–15182
Zhan Y, Wang B (2019) Cryptanalysis of a certificateless aggregate signature scheme for healthcare wireless sensor network. Secur Commun Netw 2019:1–5
Du H, Wen Q, Zhang S (2019) An efficient certificateless aggregate signature scheme without pairings for healthcare wireless sensor network. IEEE Access 7:42683–42693
Gayathri NB, Thumbur G, Kumar PR et al (2019) Efficient and secure pairing-free certificateless aggregate signature scheme for healthcare wireless medical sensor networks. IEEE Internet Things J 6(5):9064–9075
Liu J, Wang L, Yu Y (2020) Improved security of a pairing-free certificateless aggregate signature in healthcare wireless medical sensor networks. IEEE Internet Things J 7(6):5256–5266
Deng L, Yang Y, Gao R (2021) Certificateless designated verifier anonymous aggregate signature scheme for healthcare wireless sensor networks. IEEE Internet Things J 8(11):8897–8909
Yang W, Wang S, Mu Y (2020) An enhanced certificateless aggregate signature without pairings for E-Healthcare system. IEEE Internet Things J 8(6):5000–5008
Nielsen M, Chuang I (2000) Quantum computation and quantum information. Cambridge Univ Press 70:558–559
Shor P (1999) Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM Rev 41:303–332
Grover LK (1996) A fast quantum mechanical algorithm for database search. In: Proceedings of the twenty-eighth annual ACM symposium on Theory of computing. pp 212−219. https://dl.acm.org/doi/pdf/10.1145/237814.237866
Lu X, Yin W, Wen Q et al (2018) A lattice-based unordered aggregate signature scheme based on the intersection method. IEEE Access 6:33986–33994
Xie J, Hu Y, Gao J et al (2019) Certificateless sequential aggregate signature scheme on NTRU lattice. Chin J Electron 28(2):294–300
Wang Z, Wu Q (2019) A practical lattice-based sequential aggregate signature. In: Provable Security: 13th International Conference, ProvSec 2019, Cairns, QLD, Australia, October 1–4, 2019, Proceedings 13. Springer International Publishing, pp 94−109. https://link.springer.com/chapter/10.1007/978-3-030-31919-9_6
Quan Y (2022) Improving bitcoin’s post-quantum transaction efficiency with a novel lattice-based aggregate signature scheme based on crystals-dilithium and a STARK protocol. IEEE Access 10:132472–132482
Darzi S, Akhbari B, Khodaiemehr H (2022) LPM2DA: a lattice-based privacy-preserving multi-functional and multi-dimensional data aggregation scheme for smart grid. Clust Comput 25(1):263–278
Qian J, Cao Z, Lu M et al (2021) The secure lattice-based data aggregation scheme in residential networks for smart grid. IEEE Internet Things J 9(3):2153–2164
Ajtai M (1996) Generating hard instances of lattice problems. In: Proceedings of the twenty-eighth annual ACM symposium on Theory of computing. pp 99−108. https://dl.acm.org/doi/pdf/10.1145/237814.237838
Gentry C, Peikert C, Vaikuntanathan V (2008) Trapdoors for hard lattices and new cryptographic constructions. In: Proceedings of the fortieth annual ACM symposium on Theory of computing. pp 197−206. https://dl.acm.org/doi/abs/10.1145/1374376.1374407
Boneh D, Freeman DM (2011) Homomorphic signatures for polynomial functions. In: Advances in Cryptology–EUROCRYPT 2011: 30th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tallinn, Estonia, May 15-19, 2011. Proceedings 30. Springer Berlin Heidelberg, pp 149–168. https://link.springer.com/chapter/10.1007/978-3-642-20465-4_10
Micciancio D, Regev O (2004) Worst-case to average-case reductions based on Gaussian measure. SIAM J Comput 37(1):372–381
Lyubashevsky V (2012) Lattice signatures without trapdoors. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques. Berlin, Heidelberg: Springer Berlin Heidelberg, pp 738–755. https://link.springer.com/chapter/10.1007/978-3-642-29011-4_43
Ducas L, Durmus A, Lepoint T et al (2013) Lattice signatures and bimodal Gaussians. In: Annual Cryptology Conference. Berlin, Heidelberg: Springer Berlin Heidelberg, pp 40–56. https://link.springer.com/chapter/10.1007/978-3-642-40041-4_3
Jiang ZL, Liang Y, Liu Z et al (2017) Lattice-based proxy signature scheme with reject sampling method. In: 2017 International Conference on Security, Pattern Analysis, and Cybernetics (SPAC). IEEE, Shenzhen, China, pp 558–563. https://ieeexplore.ieee.org/abstract/document/8304340
Funding
This work is supported by the National Key Research and Development Program of China (No. 2021YFB3100400), the National Natural Science Foundation of China (grant no. 62072023), the Open Project Fund of the State Key Laboratory of Cryptology (grant no.MMKFKT202120), Beijing Municipal Natural Science Foundation, the Exploratory Optional Project Fund of the State Key Laboratory of Software Development Environment, and the Fundamental Research Funds of Beihang University (grant nos. YWF-21-BJ-J-1041, YWF-22-L-1040, YWF-23-L-1033,etc.).
Author information
Authors and Affiliations
Contributions
Songshou Dong was the main author of the paper, Yanqing Yao contributed some ideas, and Yihua zhou and Yuguang Yang polished the paper.
Corresponding author
Ethics declarations
Competing interests
The authors declare no competing interests.
Ethics approval
Our paper does not address moral issues.
Consent to publish
All authors agree to publish the paper in the journal.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
This article is part of Topical Collection Special Issue on 2—Track on Security and Privacy.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Dong, S., Yao, Y., Zhou, Y. et al. A lattice-based unordered certificateless aggregate signature scheme for cloud medical health monitoring system. Peer-to-Peer Netw. Appl. 17, 284–296 (2024). https://doi.org/10.1007/s12083-023-01588-5
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12083-023-01588-5