在物聯網（IoT）應用中，如智慧城市、智慧家庭，以及基於UTXO的區塊鏈如比特幣中，公開金鑰和相應的設備或地址是用戶的身份標識。利用證書授權機構（CA）頒發的證書，證明地址的所有權或身份。通常，如果有n個不同的地址，則需要n個不同的證書來綁定相同的身份，可能會花費過多的存儲空間和計算時間。劉等人通過擴展ECQV隱式憑證解決了這個問題。他們的方案使得ECQV憑證持有者能夠生成多個代理憑證和相應的公私鑰對，所有代理憑證都可供他人使用。此外，劉等人還提出了另一個方案，確保藉由ECQV憑證所生成的新憑證僅由ECQV憑證持有者使用。在本研究中，我們進一步改進了他們的方案，使用秘密分享技術解決第一個方案中的密鑰託管問題，並使第二個方案中的所有新憑證可進行批量驗證。這一增強可以顯著提高隱私性和性能。並且，我們進行了嚴格的安全性證明，以證明修改後方案的安全性。通過秘密分享技術解決密鑰託管問題和批量驗證的優勢，所提出的方案適合部署在物聯網和區塊鏈環境。

In IoT such as smart cities, smart homes and UTXO-based blockchains such as Bitcoin, a public key and the corresponding device or address serve as the sole identifiers for a user. To prove ownership or an ID of the address, a certificate issued by a Certificate Authority (CA) is required. Generally, if there are n different addresses, then n different certificates binding the same identity are needed, which can be costly in terms of storage and expenses. Liu et al. solve this problem by extending an ECQV implicit certificate. Their scheme enables an ECQV certificate holder to generate proxy multiple credentials and corresponding key pairs, these proxy credentials are available for others to use. Furthermore, there is another scheme that make sure to ensure that the credentials are exclusively utilized by the ECQV certificate holder by Liu et al. In this paper, we further improve their schemes to fix the key escrow problem in the first scheme using secret sharing and make all the extended credentials batch verifiable in the second scheme. This enhancement can significantly improve privacy and performance. And also conduct a rigorous security proof to demonstrate the security of the modified scheme. With the secret sharing that fix the key escrow problem and the advantage of batch verification, the proposed scheme is highly suitable for deployment in IoT and blockchain environments.

[1] Abhay Kumar Agrahari and Shirshu Varma. A provably secure rfid authentication protocol based on ecqv for the medical internet of things. Peer-to-Peer Networking and Applications, 14(3):1277–1289, 2021.
[2] Abdullah M Almuhaideb and Sammar S Algothami. Ecqv-based lightweight revocable authentication protocol for electric vehicle charging. Big Data and Cognitive Computing, 6(4):102, 2022.
[3] Abdullah M Almuhaideb and Sammar S Algothami. Efficient privacy-preserving and secure authentication for electric-vehicle-to-electric-vehicle-charging system based on ecqv. Journal of Sensor and Actuator Networks, 11(2):28, 2022.
[4] An Braeken. Pairing free certificate based signcryption schemes using ecqv implicit certificates. KSII Transactions on Internet and Information Systems (TIIS), 13(3):1546–1565, 2019.
[5] An Braeken, Ji-Jian Chin, and Syh-Yuan Tan. Ecqv-ibi: Identity-based identification with implicit certification. Journal of Information Security and Applications, 63:103027, 2021.
[6] Daniel RL Brown, Robert Gallant, and Scott A Vanstone. Provably secure implicit certificate schemes. In Financial Cryptography: 5th International Conference, FC 2001 Grand Cayman, British West Indies, February 19–22, 2001 Proceedings 5, pages 156–165. Springer, 2002.
[7] Miguel Castro, Barbara Liskov, et al. Practical byzantine fault tolerance. In OsDI, volume 99, pages 173–186, 1999.
[8] Chun-I Fan, Pei-Hsiu Ho, and Yi-Feng Tseng. Strongly secure certificateless signature scheme supporting batch verification. Mathematical Problems in Engineering, 2014(1):854135, 2014.
[9] Duy An Ha, Kha Tho Nguyen, and John K Zao. Efficient authentication of resourceconstrained iot devices based on ecqv implicit certificates and datagram transport layer security protocol. In Proceedings of the 7th Symposium on Information and Communication Technology, pages 173–179, 2016.
[10] Wanling Huang, Jingqiang Lin, Qiongxiao Wang, Yajun Teng, Huiqing Wan, and Wei Wang. Certificate transparency for ecqv implicit certificates. In ICC 2021-IEEE International Conference on Communications, pages 1–6. IEEE, 2021.
[11] Apurva S Kittur and Alwyn Roshan Pais. Batch verification of digital signatures: approaches and challenges. Journal of information security and applications, 37:15– 27, 2017.
[12] Hee-Yong Kwon and Mun-Kyu Lee. Fast verification of signatures with shared ecqv implicit certificates. IEEE Transactions on Vehicular Technology, 68(5):4680–4694, 2019.
[13] Zi-Yuan Liu, Yi-Fan Tseng, Raylin Tso, Peter Shaojui Wang, and Qin-Wen Su. Extension of elliptic curve qu–vanstone certificates and their applications. Journal of Information Security and Applications, 67:103176, 2022.
[14] Manisha Malik, Maitreyee Dutta, Jorge Granjal, et al. L-ecqv: Lightweight ecqv implicit certificates for authentication in the internet of things. IEEE Access, 11:35517– 35540, 2023.
[15] Satoshi Nakamoto. Bitcoin: A peer-to-peer electronic cash system. 2008.
[16] Chang-Seop Park. A secure and efficient ecqv implicit certificate issuance protocol for the internet of things applications. IEEE Sensors Journal, 17(7):2215–2223, 2016.
[17] Douglas R Stinson. Cryptography: theory and practice. Chapman and Hall/CRC, 2005.
[18] Maarten Van Steen. Distributed systems principles and paradigms. Network, 4:20, 2004.