Fractional chaotic maps based short signature scheme under human-centered IoT environments

Graphical abstract


Introduction
In this era of the Internet of Things (IoTs), in which various device types are connected to the Internet. Such devices can be household appliances, agricultural equipments, manufacturing, energy meter, industrial machinery, healthcare monitoring machinery, mining sensors, surveillance system, environmental equipment, smart grids and smart city, etc. which includes Machine-to-Machine model. With the advent of IoT enable devices, monitoring or control of various types of systems on the tips of the fingers has become very easy. IoT devices are smart enough to share and exchange data for cloud storage over a public internet. IoT is an effective method for applying to domain varieties and proves the vital function by providing substantial advantages.
Some acknowledged literature are [1][2][3][4][5][6][7][8], the application of IoT witness in various domains ranging from manufacturing automation to healthcare. Moreover, every attempt is made to improve hardware interfaces, software, improved communication, and less focus is on user interaction and experience, and protection and privacy policies. This means, less significance is given to human related Internet of Things. Subsequently, we investigate humancentered IoT enabled device to offer more preference to human viewpoint in technology. Human-centered IoT is an upcoming filed of research connects to various aspects of life includes smart cards, e-commerce, business, healthcare, and sensitive private data. That means, the human-related Internet of Things is given less significance. Subsequently, we have investigated devices enabled by human-centered IoT to offer more preference in technology to the human viewpoint. Human-centered IoT is an upcoming field of research connected to various aspects of life that includes smart cards, e-commerce, business, healthcare, and sensitive private data. Nonetheless, the design of human-centered IoT [9] offers many opportunities and challenges. Thus, it not only is focuses on IoT system performance, integration, communication and interoperability, but more emphasis is placed on user application features, user need, and human-centered IoT motivation (see Fig. 1).
Smart factories have emerged as a result of the Industry 4.0 revolution and are capable of intelligently managing data produced from the overall production system [10]. Tracking or labeling of items or objects in this scenario is often achieved by RFID tags, QR codes, and barcodes named as labels or tags. The challenges are the incorporated of too many practices in an IoT-centric human world. So we have to address all these challenges to build productive 4.0 industry with human centric applications using smart labels. We are witnessing that human participation in humancentered IoT-based applications in which the design approach adopted focuses less on devices and more on the humancentered [11,12]. In human-centered IoT, information is exchanged over the public communication channel through various devices. Thus, fraudulent practices occur to steal or change the information. Because of this, the major challenge is preserving confidentiality and privacy during transmission time. Hence, for information exchange, we need more effective and reliable security mechanism. IoT systems are resource-constrained and heavy computing resources lose out. Radwan et al. [13] presented the concept of the synchronization with active control technique of different fractional order chaotic systems. Based on the switching parameters, four different cases of synchronization are also introduced. Ibrahim et al. [14] discussed some symmetric conformable fractional derivatives of complex variables for fractional chaotic maps generalizations. The standard DSA such as RSA [15], ElGamal [16], ECDSA [17], and bilinear pairing [18] are therefore not necessary to apply. We need a quick and lightweight short-size signature security scheme for IoT. It does, however, take time to check the bilinear maps used by the short-signature schemes based on pairing. Moreover, such short signature schemes are not as computationally efficient as the signature schemes of the DSA-type. Hence the storage capacity of pairing-based signatures comes at the expense of losing computational performance. Vaidyanathan et al. [19] introduced a novel 3D jerk chaotic system with one-quadratic nonlinearity and two-cubic nonlinearities designed to produce complex chaotic signals, and addressed voice encryption applications. Vaidyanathan et al. [20] proposed a new model of hyperchaotic temperature fluctuations and described its modeling, and also discussed the characteristics of the new model of hyperchaotic temperature fluctuations, such as its phase portraits, rest points, symmetry, invariance, characteristic exponents of Lyapunov, bifurcation analysis etc. Explain it for image encryption application just briefly. Mobayen et al. [21] introduced 3-D chaotic system with a closed equilibrium point curve, which has the form of a boomerang and modeled the theoretical system's electronic circuit implementation to test its feasibility. Also addressed the sound encryption applications.
A short signature scheme using a chaotic map is more efficient and costs less in terms of computation. Consequently, we have adopted chaotic maps for human-centered IoT's proposal for a short signature security scheme. Chaotic maps are used in [22] to introduce the authentication scheme for ID-based digital signature. Schemes security promise based on the assumptions of chaotic maps hardness (Diffie-Hellman) and difficulties (DL). In 2016, Gao et al. [23] presented an authentication scheme based on chaotic maps for wireless body area network in which health data was recorded and monitored. The cost of multiplication and exponential computation was achieved with reduced communication cost. User confidentiality was the key element in sharing of information during authentication. An anonymity which preserves authentication scheme is shown in [24]. AVISPA was used for analyzing and verifying security. Compared to other approaches the enhanced performance was recorded. Meshram et al. [25][26][27] proposed more efficient authentication schemes using extended chaotic maps. The results obtained in these schemes are testimony to the suitability of chaotic maps as the good choice for proposing a new security scheme.

Motivation
While some researchers have proposed security mechanisms, they are not lightweight enough to meet the IoT based system's needs. In this paper, we have proposed an efficient secure and lightweight short signature scheme using fractional chaotic maps which provides security under adaptive chosen-message attack (CMA) in random oracle model.
Recently, Mughal et al. [43] presented a digital signature scheme using complex numbers for providing secure communication among smart devices in human-centered IoT based systems but, have not discussed its security in any standard security model as discussed in the previous literature. A variety of signature-based schemes are discussed in literature to provide secure communication, but smart devices need more lightweight operations by ensuring the required security strengths. Due to the large real numbers required for signature and verification processes, the main problem during signature-based approaches is the computational overhead. This paper presents a lightweight short signature scheme using fractional chaotic maps for providing secure communication between smart devices in human centered IoT. We have used less extensive operations to achieve processes of signing and verification, as human beings do signatures on legal documents and then verify as per witness. The presented scheme is secure under adaptive chosen-message attack (CMA) in random oracle model.

Contribution
This paper presents an efficient provably secure short signature scheme using fractional chaotic map for smart devices in human centric IoT. During verification and signing operations, it uses the less detailed operations based on fractional chaotic maps to generate security credentials. The main advantage of this strategy over the DSA signature scheme is a one-fourth reduction in the verification process as well as signature frequency. The methodology is illustrated with simple step-by-step, outstanding principles to prove proof of notion. In DSA-based systems, this eliminates overhead computation and communication, and coordination along with improved flexibility compared to existing detailed operations based on real number. However, we show the reliability of the proposed SSS is closely linked, if not strongly, to the difficulty of solving fractional chaotic maps. Under adaptive chosen attacks in ROM, an efficient security proof exists for unforgeability, i.e. the presented scheme provides superior security guarantees than the existing other signature schemes. The scheme presented does not use pairings resulting in effortless implementation and higher performance, nor is it relying on the relatively untested and recent assumptions of hardness associated with pairing-based cryptography. Results show that our methodology presented is less time consuming than equivalents for the verification and signature process. It requires less time to check the variations in the length of the message, less communication costs needed for signature messages, fewer bytes exposed by undermining devices and less ability to compromise midway devices. Road map of article: Section 'Related materials' describes the definition and terminology associated with the presented scheme. The proposed new scheme based on fractal calculus to generalize the Chebyshev polynomial are listed in Section 'PROPOSED SHORT SIGNATURE SCHME (SSS)'. Section 'Security analysis and discussion' explains the security target of signature schemes, security models and provably security in ROM, and we are also presenting a reductionist proof of security against forgery that occurs under the adaptive chosen message attacks (EUF-CMA) in ROM. Section 'Performance comparison' describes the study by which other similar recent schemes are contrasted with the scheme proposed. Finally, Section 'Conclusion' stretches the conclusions.

Related materials
In this segment, we have highlighted Chebyshev polynomial and fractional chaotic maps subsequently we would use in the proposed technique. We will then define some necessary notations used in the article (see Table 1).

Chebyshev chaotic transforms
We reviewed Chebyshev sequential polynomials (CSP) (see [28]) and assessed their operatory. CSP T r s ð Þ is a polynomial of n-degree in the variants. Let s 2 ½À1; 1 be the version, and let n be an integer. In general, CSP stated as follows: In this case, the functional cos À1 ðsÞ and cosðsÞ represented as There are two main properties of CSP [25][26][29][30][31][32]: chaotic properties and semi-group properties.
(1) The chaotic possessions: The CSP transform demarcated as Þ : (2) The possessions of what is calling semi-group satisfies the following equalities: T w ðT l ðsÞÞ ¼ cosðwcos À1 ðcosðlcos À1 ðsÞÞÞÞ ¼ cosðwlcos À1 ðsÞÞ ¼ T lw ðsÞ ¼ T l ðT w ðsÞÞ, where w and l are positive integers and s 2 ½À1; 1: Chebyshev polynomials have two tests that in polynomial time considered handling: (1) The discrete log's (DL) assignment is to find the integer w with the end goal T w s ð Þ ¼ y given two components sand y.
(2) Because of three componentss, T w s ð Þ, and T l s ð Þ, the Diffie-Hellman problem (DHP) assignment is to measure the

Fractional Chebyshev polynomials (FCP)
Fractional discrete systems have a most important benefit over their conservative complements due to the infinite memorial feature, which agrees for more flexibility in demonstrating and indicates a higher degree of chaotic performance. We have confidence in the fractional calculus approaches and fractional discrete formulation that will give us a recovering explanation of discrete fractional maps. From our research, we discovered that the fictionalized standard map could also be employed in the information security field. In this section, we aim to formulate the Fractional Chebyshev Polynomials.
Assume the fractional (arbitrary) number a½0; 1. An operator d a is fractal derivative if and only if [30] The fractal integral corresponds to d a is defined by By employing the concept of Fractal Calculus to simplify the polynomialT n ðsÞ, we can attain the subsequent structure: Eq. (2) is named the Fractal Chebyshev polynomials (FCP). Formula that is more frequent can be seen in the following result: Proof. Connection (2) with the frequent formula implies that Note that when a ! 0, we have the main ordinary result, which can be seen in [33].
The above preparation proposes an adjustment equation (disconnected equation) which has a typical principle The closed form expression for Chebyshev polynomials of any order is where ½i=2 is the integer part of ði=2Þ: Then the FCP becomes Proposed short signature schme (SSS) In this section, we presented a secure FCM based SSS under the environment of IoT. The presented scheme as follows (see Fig. 2

):
Setup: Let q and p be huge prime numbers with pjðq À 1Þ: Similarly let G E¡;q ¼ f E¡ 0 ; E¡ 1 ; ::: E¡ pÀ1 g be a subgroup with prime order q of the multiplicative group Z Ã q , where E¡ is a generator with prime order p. Let and be one way hash functions where We will omit the ''ðmodqÞ" and ''ðmodpÞ" markers for notational convenience. We denote 's bit length by and . The notation b R S implies that an is selected randomly from a set S at random. We are now explaining the SSS in full detail.   Consistency of the proposed scheme: Because and imply and so . Hence, the signature produced by the signing algorithm is always valid.

Security analysis and discussion
At the very outset, the prototype of the security inspection for presented short signature schemes is observed. Secondly, the concept of the random oracle and the ''provable security" are investigated. Finally a near-reductionist method is brought forth to prove that SSS is safe to prevent existential forgery in the setup of chosen attacks in ROM assuming FCM are difficult under human-centered Internet of Things environments.

Security frameworks and provably security analysis
The primary safety principles of the short signature schemes, the first of its kind technique to use, were described by Goldwasser et al. [35]. Universal forgery, existential forgery (EUF), and absolute break are the three types of attacks chosen by the enemy. However, to destabilize the signature's security the strategies used by enemy may be different. Attacker has the basic knowledge of the signer's public key in the First instance. Secondly attacker has access to a set of accurate pairs such as message and signature. On the basis of earlier obtained feedback of the questions, the adaptive chosen-message attack (CMA) authorizes the attacker to use the signer's sign for some of his/her chosen message. In order to avoid many other formerly signatures to correspond to single given message the algorithm for signature generation has to be definite in nature. The attacker is allowed to ask for each message at most one signature due to compromised defensive system in Singleoccurrence adaptive chosen-message attack (SO-CMA). The implications of [36] and [37] are essential to be pursued for a ''ROM" to confer authenticated verified security for the cryptosystems. Hash functions specifically arbitrary items, the hash function is exploited as an oracle to generate a random number for the fresh inquiry. An attacker utilizes a reductionist method of a logical assumption-contradicting method. Probabilities are judged on both guesses and random oracles. A well-constructed hash function generally doesn't bring out random responses practically. As a result, the value of the proofs performed in ROM is contentious. Reformed ''artificial" equivalent which are ''probably secure" in ROM are described in [38]. However, if the short signature scheme (SSS) needs to be protected a random-model security proof is required to be followed. When is hard to be ruined by any counterfeiter, the short signature scheme is ( )-secure. Here it can be said that group G E¡;q is a ( )-FCM group unless algorithm in group G E¡;q can split FCM.

Security proof of the introduced SSS utilizing FCM'
The recommended SSS is based on [39,40] which is a prevalent signature scheme. When an input message M is provided, it generates in which arbitrarily chose its value in a set consist of larger values, D is hash value and depends only on , M, and D.
We can derive subsequent standard outcome with the help of direct use of techniques in [40]. With the help of procedure implemented we acquire two equations in our given technical entry: We can get the definite private value with the help of this method SSS's security and FCM's hardness relation get compromised because of ineffectiveness of reductionist technique of Forking lemma. As expected, the secret value would be obtained when attacker acts in response to the inquiry byjT t E¡ , as a substitution for a random number t in Z Ã q (Note: simulator responds to the -query (M) by random number t in Z Ã q as per proof of Theorem 4.1). Hence, oracle replay attack is not required.
As a result, a more dominant reductionist method in depth is supposed to be instigated. A close association among the SSS security and the FCM problem's hardness can better be shown with the help of following theorem. Here C e refers to the expense of computing a long exponentiation in G E;q group.
Proof. For proving security of SSS, ROM is used. We assume that a EUF-CMA counterfeiter that ( ) separates the SSS is found. The random oracles , , S can be enquired with a polynomial number of queries by which is a probabilistic polynomial time program arranged with extended open sequence of arbitrary bits.
An algorithm , which receives ( ) as input is needed to be generated for us being a ''simulator". For calculating the FCM i.e. as a computer programme, tries to utilize . Algorithm simulates one or two SSS runs to counterfeiter A. i , the simulation will be aborted and restarted (this unfortunate occurrence is at most probability .
We can say that in order to bring entirely distinct outputs contrary to the real attacks oracle based simulations are helpful.
We can presume that a novel authorized message and signature tuple with probability are ensued by counterfeiter . When is . Therefore in the first replication the probability of solving the FCM is .
We assume acquires the signature and message pair ( ) in the first simulation, with and .
The second simulation with the probability will be initiated by Algorithm as long as the same ( ) is supplied. The counterfeiter is provided with the same random bits series, analogous random responses to hash function and signature queries as those in the first simulation before requests for by . Thus various series of random bits, signatures, and diverse values for random functions tend to be given by . The point to be noted here is that acts in response with the same value which is at the time of first simulation when the -query ðM j Þ is asked after this argument. Here, ''Forking lemma" in [40] is applied. We expect that yields signature ( ) this time around such that and or the signature with D 0 j -D j : Here, the ''Splitting lemma" [34] is employed to calculate the probability in order to work as anticipated. Let U be the set of probable random bits series and random function estimates that carry forger up to the argument where requests for ; let V be the set of probable random bits series and random function estimates after that. By inference, the probability at which , supplying the series of random bits and random estimates , produces a forgery is for any ubiquity . Using ''Splitting lemma", a ''agreeable" subset occurs . (ii) The probability that A, delivered the arbitrary bits and arbitrary values sequences ( ) in which , produces a copy is at least e=2.
Expect the sequences of random bit and random function values given up to the argument in first simulation are b. Consequently, the probability that A, deliveredðbjjvÞ, produces a forgery in second simulation in the condition of any is . Forged signature probability with and . Forged signature probability withD 0 j -D j is . The probability of resolving the FCM in the second simulation is thus The probabilities can be concluded such that Algorithm at least solves the FCM with probability (nearly) In one simulation the computation stage is . Then final stage in the calculation is The single -query and one -query are allowed for eachM request in the approximation of the probability : akin to the slightly feeble SO-CMA security structure, that is to say, the counterfeiter demands M; j ð Þ for both -query and one query. At the same time Algorithm reacts with , and . In this case, . Here a robust reductionist evidence of safety is obtained. Each -query ðM; jÞ is consequently the -query M ð Þacting against this affirmative approximation. It leads to find a movable reductionist security evidence as it is observed when similar to the Schnorr signature scheme. We are eclectically letting because the set of series of arbitrary bits and arbitrary function values that supplies to counterfeiter is arbitrary. Therefore Essentially, this reductionist technique effectively works on the utilization of -query command and -query for the duplicate message insisted by counterfeiter A. Hence, we are led to believe that lying among tight and loose, this reductionist evidence is complete (Goh and Tarecki [36]).
The security of the hash functions: For acquiring a short signature we allow p to be 160 bits. Recovering M and M 0 messages is unproblematic such that by birthday attacks consequently the hash value of is 80 bits. The signature returned by the signer is based on a random number j 0 instead of j whenever the attacker insists on a signature on M. Despite the uncertainty of viability in finding other M 0 message with , it is for certain that finding M 0 with is impracticable, as the hash value of is at least 1024 bits. In the meantime no process will recover from the multivariate congruence or find from . Since the ROM adopts that hash functions are perfect, the probability is

Performance comparison
In this section, we discussed the performance comparison between the proposed technique and the recent presented technique such as Cui et al. [41], Shen et al. [18], Espositoet al. [42], Mughal et al. [43], Meshram and Obaidat [44] and Zhang et al. [45]. The performance of the proposed work has been discussed based on the storage cost, communication cost, and the computational cost. The performance has been compared based on the cost for signing stage, and the verification stage. Table 2 give information about the notations used for comparative estimations.
It has been noted that the signing stage and the verification stage require more computational costs compared to the stage of installation and extraction. Therefore, the comparative study has been done based on the computational cost for signing stage and the verification stage. The state-of-the-art studies discussed in Cui et al. [41], Shen et al. [18], Espositoet al. [42], and Mughal et al. [43], Meshram and Obaidat [44] and Zhang et al. [45] have been compared with the proposed work on performance metrics. The relations between , , , , , and with respect to has been established in [25][26][27]46,47]. The proposed work has used the above mentioned notations and their relations are shown in Table 3.
Using Table 2, the computational complexity order among the metrics is shown as; Fig. 3 shows the comparative analysis between the existing schemes and the proposed scheme based on the computational cost for signing stage. The proposed scheme is seen effective as compared to the existing schemes. The proposed scheme requires 2.56 ms for signing stage, shows the effectiveness over the existing schemes. Fig. 4 shows the comparison on the computational cost for verification stage. It shows that the proposed technique is also efficient in verification stage. Table 4 present the quantitative analysis of the proposed technique and show the comparison based on the total cost including signing stage and the verification stage. It from Table 4 that the total cost has been reduced to 4. 97 ms. Thus, the proposed technique is found to be efficient as compared to the other techniques in the literature. Execution time for a modular multiplication 4 Execution time for one way hash function 5 Execution time for one bilinear pairing operation 6 Execution time for one modular inverse operation

Conclusion
In human-centered IoT, the protection of sensitive data is essential to provide a protection from forgery attacks. Digital signature is the safest option in asymmetric cryptography for ensuring the ownership and validity of the contact parties. This paper uses fractional chaotic maps for secure communication in human-centered IoT to present an effective provably secure short signature technique. This is existentially unforgeable under EUF-CMA at ROM.
Results demonstrate the superiority of our strategy, in comparison with competitors, to take fewer overhead based on computing and communication costs alongside resilience studies. The proposed SSS achieves less processing time and less overhead communication in verification and signature operations, in addition to improved resistance to capture attacks. It is therefore very difficult to crack FCM-based SSS compared to DSA which is based on discrete logarithm. In future work, we will develop a new efficient fuzzy signature scheme using fractional chaotic maps for Block-

Compliance with Ethics Requirements
This article does not contain any studies with human or animal data subjects.

Declaration of Competing Interest
The authors have declared no conflict of interest.