Article Preview
TopIntroduction
Internet of things (IoT) is a group of “things” embedded with sensors, electronics, software, and actuators joined by the internet to sense, gather and transfer data. That enables them to deploy in many real-time environments (Kiran et al. (2019), Tewari et al. (2020)). The data obtained by IoT devices is distributed or utilized in our everyday life. IoT devices collect data through sensors. Due to limited storage, power, and computational capabilities, these devices outsource the collected data to third-party servers called cloud servers (Premkamal et al. (2019), Al Issa et al. (2022)). These cloud servers act as a computational model for data processing and enable these stored data to be shared with registered users worldwide through connected devices. IoT brings an extreme change in data management. Billions of IoT devices have joined to share the data, such as smartphones, sensors, wearable devices, connected cars, drones, etc. These devices are widely used for smart homes, smart cities, smart grids, etc. (Gupta et al. (2020), Khanam et al. (2022), Gaurav et al. (2022)). An estimated report from Forbes states that IoT spending will reach USD 1.2 trillion worldwide in 2022.
Cloud computing gives significant support to IoT devices. Roopaei et al. (2017) deployed a Cloud of Things (CoT) network, including IoT and cyber-physical systems. The authors designed a CoT-based irrigation system with efficient use of energy at a low cost by outsourcing the collected data to the cloud. Although the extensive use of cloud computing in information technology, many users are still opposed to adopting the cloud because of its semi-trusted nature (Jambhekar (2016), Olowu et al. (2019)). It is essential to provide security and privacy to the outsourcing data in the cloud servers (the cloud server may compromise or exist a malicious insider) (Choo (2010), Odun et al. (2017)). Since the cloud server is semi-trusted, confidentiality and authenticity are the two major concerns to be addressed before outsourcing the data to a cloud server. Encryption and digital signatures resolve these issues (Clayton D. Smith, (2005)).
In Cloud-Assisted IoT, confidentiality and authenticity are ensured parallel. In 1997, Zheng proposed the first Signcryption technique, which provides a signature followed by encryption in one primitive to reduce the computational overhead of the traditional technique. Performing verification and then decryption takes more computation than the Designcryption technique, which verifies followed by decryption in one primitive. The outsourcing data must be protected from internal or external attackers by signcryption. When users want the stored data, they need to download signcryptext from the cloud server and designcrypt it by themselves.