Abstract
At ACSAC 2019, we introduced a new cryptographic primitive called proof of aliveness (PoA), allowing us to remotely and automatically track the running status (aliveness) of devices in the fields in cyber-physical systems. We proposed to use a one-way function (OWF) chain structure to build an efficient proof of aliveness, such that the prover sends every node on the OWF chain in a reverse order periodically. However, the finite nodes in OWF chains limited its practicality. We enhance our first PoA construction by linking multiple OWF chains together using a pseudo-random generator chain in our second PoA scheme. This enhancement allows us to integrate one-time signature (OTS) schemes into the structure of the second construction to realize the auto-replenishment of the aliveness proofs for continuous use without interruption for reinitialization. In this work, our primary motivation is to further improve our secondary PoA and auto-replenishment schemes. Instead of storing the tail nodes of multiple OWF chains on the verifier side, we use a Bloom Filter to compress them, reducing the storage cost by 4.74.7 times. Moreover, the OTS-based auto-replenishment solution cannot be applied to our first scheme, and it is not so efficient despite its standard model security. To overcome these limitations, we design a new auto-replenishment scheme from a hash-based commitment under the random oracle model in this work, which is much faster and can be used by both PoA schemes. Considering the implementation on a storage/memory-constrained device, we particularly study the strategies for efficiently generating proofs.
Original language | English |
---|---|
Pages (from-to) | 3610-3628 |
Number of pages | 19 |
Journal | IEEE Transactions on Dependable and Secure Computing |
Volume | 21 |
Issue number | 4 |
Early online date | 21 Nov 2023 |
DOIs | |
Publication status | Published - Aug 2024 |
Bibliographical note
Publisher Copyright:© 2004-2012 IEEE.
Funding
This work was supported in part by the Natural Science Foundation of China under Grant 62372386 and in part by the Natural Science Foundation of Chongqing under Grant CSTB2022NSCQ-MSX0437. The work of Jianying Zhou was supported by the National Research Foundation, Singapore, under its National Satellite of Excellence Programme Design Science and Technology for Secure Critical Infrastructure: Phase II . (Chenglu Jin and Zheng Yang contributed equally to this work.)
Funders | Funder number |
---|---|
National Research Foundation Singapore | |
National Natural Science Foundation of China | 62372386 |
Natural Science Foundation of Chongqing Municipality | CSTB2022NSCQ-MSX0437 |
Keywords
- Authentication
- auto replenishment
- CPS security
- cyber-physical systems
- one-time passwords
- one-way functions
- proof of aliveness