With the integration of Narrowband Internet of Things (NB-IoT) technology coming into our lives, more and more NB-IoT terminals are connected to the network to meet various requirements of users. However, the traditional authentication process between the NB-IoT devices and the 5G core network brings heavy communication and storage overheads. Besides, large-scale connected NB-IoT devices are vulnerable to attacks from adversaries, especially for devices that are used to collect and transmit sensitive data and information. Therefore, it is extremely important to simplify the authentication process and ensure the security and privacy of the data transmission process. In this paper, we propose a certificateless multiparty authenticated encryption scheme for NB-IoT terminals in 5G networks. The proposed scheme not only achieves multi-party authentication in the access authentication process but also provides identity anonymity and non-repudiation. The processes of access authentication and data transmission are combined into one process in our scheme. When multiple NB-IoT terminals simultaneously perform access authentication, the information of terminals and encrypted private data are sent to the Access and Mobility Management (AMF), and the AMF verifies the validity and security of the data by verifying the generated certificateless aggregated authenticated ciphertexts. Security analysis and experimental results show that our scheme is secure and efficient.
Attribute-based encryption can be used to realize fine-grained data sharing in open networks. However, in practical applications, we have to address further challenging issues, such as attribute revocation and data search. How do data users search for the data they need in massive amounts of data? When users leave the system, they lose the right to decrypt the shared data. In this case, how do we ensure that revoked users cannot decrypt shared data? In this paper, we successfully address these issues by proposing a hidden policy attribute-based data sharing scheme with direct revocation and keyword search. In the proposed scheme, the direct revocation of attributes does not need to update the private key of non-revoked users during revocation. In addition, a keyword search is realized in our scheme, and the search time is constant with the increase in attributes. In particular, the policy is hidden in our scheme, and hence, users’ privacy is protected. Our security and performance analyses show that the proposed scheme can tackle the security and efficiency concerns in cloud computing.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.