A Lightweight Certificateless Mutual Authentication Scheme Based on Signatures for IIoT

The Industrial Internet of Things (IIoT), through the extensive deployment of devices for sensing, transmitting, and analyzing production states, can provide users with more comprehensive services and enhance production and manufacturing efficiency. However, most IIoT devices are limited by software and hardware resources, and existing mature security mechanisms are no longer suitable due to high computing and communication costs. This weakness makes these devices highly susceptible to illegal attacks, such as counterfeiting, leading to a decline in service quality of IIoT. Therefore, to ensure the secure and efficient verification of the legitimacy of numerous IIoT devices, scholars have employed numerous viable solutions. However, many existing solutions have difficulty achieving a balance between the limited resources and security requirements of IIoT, resulting in certain shortcomings. To address this, we first propose a lightweight certificateless signature scheme without pairing, which can achieve unforgeability and reduce computation pressure by batch verification for multiple signatures. Furthermore, we propose a lightweight certificateless mutual authentication scheme (LCLMA-BS) for the IIoT. LCLMA-BS is capable of conducting key agreement for both authentication parties and batch authentication for multiple participants. Moreover, through analysis and proof, LCLMA-BS is shown to have various security properties, such as perfect forward and backward security and known session-specific temporary information security. Finally, the simulation results indicate that our signature and LCLMA-BS exhibit higher computational efficiency and communication efficiency, demonstrating better suitability for the IIoT.