Certificateless Multi-Party Authenticated Encryption for NB-IoT Terminals in 5G Networks

Abstract

With the integration of Narrowband Internet of Things (NB-IoT) technology coming into our lives, more and more NB-IoT terminals are connected to the network to meet various requirements of users. However, the traditional authentication process between the NB-IoT devices and the 5G core network brings heavy communication and storage overheads. Besides, large-scale connected NB-IoT devices are vulnerable to attacks from adversaries, especially for devices that are used to collect and transmit sensitive data and information. Therefore, it is extremely important to simplify the authentication process and ensure the security and privacy of the data transmission process. In this paper, we propose a certificateless multi-party authenticated encryption scheme for NB-IoT terminals in 5G networks. The proposed scheme not only achieves multi-party authentication in the access authentication process but also provides identity anonymity and non-repudiation. The processes of access authentication and data transmission are combined into one process in our scheme. When multiple NB-IoT terminals simultaneously perform access authentication, the information of terminals and encrypted private data are sent to the Access and Mobility Management (AMF), and the AMF verifies the validity and security of the data by verifying the generated certificateless aggregated authenticated ciphertexts. Security analysis and experimental results show that our scheme is secure and efficient.