Compatible Certificateless and Identity-Based Cryptosystems for Heterogeneous IoT

Certificates ensure the authenticity of users' public keys, however their overhead (e.g., certificate chains) might be too costly for some IoT systems like aerial drones. Certificate-free cryptosystems, like identity-based and certificateless systems, lift the burden of certificates and could be a suitable alternative for such IoTs. However, despite their merits, there is a research gap in achieving compatible identity-based and certificateless systems to allow users from different domains (identity-based or certificateless) to communicate seamlessly. Moreover, more efficient constructions can enable their adoption in resource-limited IoTs. In this work, we propose new identity-based and certificateless cryptosystems that provide such compatibility and efficiency. This feature is beneficial for heterogeneous IoT settings (e.g., commercial aerial drones), where different levels of trust/control is assumed on the trusted third party. Our schemes are more communication efficient than their public key based counterparts, as they do not need certificate processing. Our experimental analysis on both commodity and embedded IoT devices show that, only with the cost of having a larger system public key, our cryptosystems are more computation and communication efficient than their certificate-free counterparts. We prove the security of our schemes (in the random oracle model) and open-source our cryptographic framework for public testing/adoption.