Revocable certificate-based broadcast signcryption scheme for edge-enabled IIoT

In edge computing-enabled Industrial Internet of Things (edge-enabled IIoT), edge computing facilitates data processing with reduced latency, enhanced reliability, and optimized realtime resource use. With the rapid increase in connected devices, ensuring secure data sharing among them is crucial. Broadcast signcryption technology is an excellent choice for achieving data confidentiality and authentication while enhancing operational efficiency. With devices potentially expiring, aging, or suffering damage, the prompt revocation of their decryption privileges is essential. Currently, there is a lack of research that simultaneously integrates broadcast signcryption with a revocation mechanism. In this paper, we propose a revocable certificate-based broadcast signcryption (RCB-BSC) scheme tailored for edge-enabled IIoT. In our work, base station generates a signcrypted ciphertext for multiple edge computing nodes (ECNs), and sends it to edge service (ES). The ES revokes the access of illegitimate ECNs and generates a new ciphertext for those ECNs with non-revoked decryption privileges, allowing them to decrypt the message using their private keys. Under the random oracle model (ROM), our scheme achieves plaintext confidentiality, ensures anonymity of receivers, and authenticates the legitimacy of the broadcaster. Moreover, the performance analysis shows our scheme excels in computation and communication efficiency, making it ideal for edge-enabled IIoT.