A Scalable Group Authentication Scheme Based on Combinatorial Designs with Fault Tolerance for the Internet of Things

Abstract

With the development of the Internet of Things, the scale of IoT system is becoming large. Due to the network congestion problems and the server capability, using unicast authentication will bring burden to the network link and server. In this paper, we propose a scalable group authentication scheme with fault tolerance based on combinatorial designs. Performance analysis of the proposed scheme is based on several metrics such as fault tolerance, scalability, energy consumption and storage overhead. Simulation results have shown that oval designs realize the best trade-off for all metrics.

Change history

• 28 September 2023

  A Correction to this paper has been published: https://doi.org/10.1007/s42979-023-02168-3

Appendices

Appendix A: Oval Design Construction

• Let us construct the finite projective plane \(PG\left( 2,2^{2}\right)\), which is based on \(GF\left( 4\right)\). Let \(\alpha\) be the primitive element in the field, thus \(GF\left( 4\right) =\left\{ 0,1,\alpha ,\alpha ^{2}\right\}\). There are 63 triples different from \(\left( 0,0,0\right)\), of the form \(P=\left( p_{1},p_{2},p_{3}\right) \in GF\left( 4\right) ^{3}\). Every point P has 3 equivalent points, thus there are 21 equivalent classes. For simplification, we denote \(\left( p_{1},p_{2},p_{3}\right)\) as \(p_{1}p_{2}p_{3}\), then, there will be 21 equivalent classes of the points in \(PG\left( 2,2^{2}\right)\) :

100, 010, 001, \(1\alpha \alpha\), \(1\alpha ^{2}0\), \(01\alpha ^{2}\), \(1\alpha 1\), 101, \(10\alpha\), \(1\alpha ^{2}\alpha\), \(1\alpha ^{2}1\), \(10\alpha ^{2}\), \(11\alpha\), \(1\alpha ^{2}\alpha ^{2}\), 110, 011, \(1\alpha 0\), \(01\alpha\), \(1\alpha \alpha ^{2}\), \(11\alpha ^{2}\), 111.

The lines are obtained as described earlier.

They are consecutively 21 lines, and 5 points in each line:

\(\left[ 100\right]\): 010 001 \(01\alpha ^{2}\) 011 \(01\alpha\)

\(\left[ 010\right]\): 100 001 101 \(10\alpha\) \(10\alpha ^{2}\)

\(\left[ 001\right]\): 100 010 \(1\alpha ^{2}0\) 110 \(1\alpha 0\)

\(\left[ 110\right]\): 001 \(11\alpha\) 110 \(11\alpha ^{2}\) 111

\(\vdots\)

Let \(x \cdot z=y^{2}\) be the equation of the conic, there are 5 points that satisfy this equation, namely 100, \(001,\,1\alpha \alpha ^{2},\,1\alpha ^{2}\alpha ,\,111\). By adding the nucleus point \(P_{0}=010\), we obtain the oval.

By removing the secant and the tangent lines, we obtain the exterior lines that pass through the retained points, which are summarized in Table 3.

Table 3 The exterior lines and their points

The oval design obtained from this construction is the \(\left( 6,\,15,\,5\right)\), which has the 6 exterior lines as its points, and the 15 retained points as its blocks.

Appendix B: The Scheme Evaluation

• In the Table 4, we evaluate some balanced incomplete block deigns performances. We evaluate the performance of some metrics based on these designs as special Steiner System Designs (SSD), specifically are t-designs with \(\lambda =1\) and \(t=2\).

• The metrics computed and evaluated are the scalability of the group (the group size), the storage overhead noted by C, the probability of sharing a common key-share \(s_{i}\) noted by \(P_{c}\) and the energy consumption requisite for unicast and group authentication denoted, respectively, by \(E_{UC}\) and \(E_{GA}\).

Table 4 Oval and Unital designs numerical performance evaluation