Authentication in dynamic groups using identity-based signatures

Group communication in constrained networks lately sparked broader interest as it allows dealing more efficiently with the few available resources. Both sender authentication and membership verification are serious issues to be tackled despite the lack of resources. Identity-based signatures (IBS) offer an alternative to certificate-based authentication by mathematically binding a user's public key to its identity. To utilize the consequently smaller network load, this paper proposes an IBS-based lightweight solution to achieve authentication and membership verification for group communication in constrained environments. An infrastructure for managing IBS based authentication is introduced together with a taxonomy for the selection of suitable IBS schemes. An implementation and practical evaluation on basis of an IoT-lab completes this, demonstrating that IBS is a viable option for very constrained devices. To the best of our knowledge, this is the first fully operational implementation and proof of applicability of IBS in such a scenario.