Batch Verification of Digital Signatures in IoT

Abstract

Internet of Things (IoT) is the interconnectivity of various devices, such as sensor nodes, actuator nodes, gateway nodes, and other devices that have the software, and electronics embedded within them which enables them to exchange data. These devices lack the computation power, memory and battery capacity. The gateway node in IoT handles various responsibilities such authentication, verification, data processing, data encryption, decryption etc. Hence it is important to reduce the bottleneck at the gateway node, so that the network is stable and secure. Therefore security in IoT becomes an important field of research. Digital signatures are one of the ways of authenticating the sender and also to protect the integrity of the data during the communication. Verifying multiple digital signatures together in a batch reduces the computation load and computation time during verification. There are many batch verification schemes designed for popular digital signature algorithms such as RSA, DSS, ECDSA etc. Majority of the batch verification schemes are not lightweight and are prone to attacks. Even though the contemporary batch verification schemes have evolved with time, but they are not scalable with the increase in batch size. Therefore this research focuses on designing a new batch verification scheme which overcomes the drawbacks and is suitable for IoT. ECDSA digital signature algorithm is a lightweight digital signature algorithm because of its small signature size compared to other schemes for the same level of security. Hence designing a batch verification algorithm for ECDSA∗ signatures is beneficial in IoT. ECDSA∗ signature is a modified version of ECDSA signature whose verification time is faster than ECDSA signatures. The proposed batch verification scheme in the research is efficient for verification of multiple ECDSA∗ signatures and is more secure than the other existing batch verification schemes. Most of the other existing batch verification schemes do not specify the index of the bad signature. There are many schemes in literature, to identify the bad signature in a given batch, but either they are compute intensive or can not identify all the bad signatures. Hence the research also proposes three bad signature identification schemesbased on hash function and Error Control Codes. After the batch verification test fails, the signatures are verified using proposed schemes to identify the faulty ones. The proposed verification schemes are lightweight compared to sequential verification and other existing verification schemes. As the aim of research is to implement batch verification in IoT to reduce the bottleneck at the gateway node, the next topic of research is to design a trust model that can decrease the load at gateway node by sharing it. The proposed trust model chooses a set of Trusted nodes from the total available sensor nodes and distributes a set of signatures to each of them. These Trusted sensor nodes verify the signatures using the proposed batch verification scheme. This will significantly reduce the bottleneck at the gateway node without the compromise in security.