Provably secure lightweight certificateless lattice-based authenticated key exchange scheme for IIoT

Through the Industrial Internet of Things (IIoT), the manufacturing enterprises have significantly enhanced the production efficiency. The transmission of data in IIoT over public channels has brought about information leakage issues. Therefore, it is crucial to agree on a session key among the participants. In recent years, numerous authenticated key exchange (AKE) schemes have been designed. However, those AKE schemes which adopt the certificateless approach to tackle certificate management and key escrow may remain vulnerable to quantum attacks, and other AKE schemes which are based on lattice hard problem so as to achieve the post quantum security may incur key management issues. To simultaneously address the aforementioned challenges, we propose a lightweight certificateless lattice-based authenticated key exchange (C2LAKE) scheme. Upon the hardness assumptions of the inhomogeneous small integer solution (ISIS) and computational bilateral inhomogeneous small integer solution (CBi-ISIS) problems, the C2LAKE scheme has been demonstrated to be secure in the eCK model and the random oracle model (ROM). Better trade-off among security and functionality features, and communication and computation costs make the C2LAKE scheme suitable and applicable in the IIoT environment.