2PCLA: Provable Secure and Privacy Preserving Enhanced Certificateless Authentication Scheme for Distributed Learning

Distributed learning (DL) emerges as machine learning and the Internet of Things develop quickly and widely. As edge servers pre-process and pre-learn the statistics, global servers can reduce costs, improve efficiency and output more precise results. However, to acquire high-quality and adequate da...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on information forensics and security 2023, Vol.18, p.5876-5889
Main Authors: Ma, Yuqian, Cheng, Qingfeng, Luo, Xiangyang
Format: Article
Language:English
Subjects:
Authentication
certificateless-based cryptography
Cryptography
Cybersecurity
Distributed learning (DL)
Immune system
Internet of Things
Machine learning
Performance evaluation
Privacy
privacy preservation
Protocols
Security
Servers
Citations: Items that this one cites
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Distributed learning (DL) emerges as machine learning and the Internet of Things develop quickly and widely. As edge servers pre-process and pre-learn the statistics, global servers can reduce costs, improve efficiency and output more precise results. However, to acquire high-quality and adequate data, servers should collect information from a number of end devices, which naturally leads to confidentiality and privacy problems during information transmission. If the private information or the data are compromised by malicious attackers, the users' security and the network operation will all be in danger. To resolve this thorny challenge, numerous schemes have been put forward, adopting different cryptography technologies and aiming at aspects of security. However, many state-of-the-art schemes can hardly satisfy the security demands and are pointed out to be defective. Lately, Jiang et al. made an effort and proposed a certificateless signature scheme, as well as an authentication scheme for the purpose of solving the privacy issues. Unfortunately, in this paper, we point out that their schemes can hardly resist forgery attacks and ephemeral key leakage attacks. Further, we will propose an improved scheme noted as 2PCLA and change the method of generating the session key. Theoretical analysis and formal security analysis utilizing Tamarin analysis tool are provided to prove the security of 2PCLA scheme. Performance evaluation has been done from both theoretical and experimental perspectives. The assessment results illustrate that 2PCLA can balance security properties with execution efficiency relatively well.
ISSN:1556-6013
1556-6021
DOI:10.1109/TIFS.2023.3318952