symmetry S S Article A Pairing-Free Identity-Based Identification Scheme with Tight Security Using Modified-Schnorr Signatures Jason Chia 1, *, Ji-Jian Chin 2 and Sook-Chin Yip 1   Citation: Chia, J.; Chin, J.-J.; Yip, S.-C. A Pairing-Free Identity-Based Identification Scheme with Tight Security Using Modified-Schnorr Signatures. Symmetry 2021, 13, 1330. https://doi.org/10.3390/sym13081330 Academic Editors: José Carlos R. Alcantud and Kuo-Hui Yeh Received: 23 June 2021 Accepted: 19 July 2021 Published: 23 July 2021 Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affil- iations. Copyright: © 2021 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https:// creativecommons.org/licenses/by/ 4.0/). 1 Faculty of Engineering, Multimedia University, Cyberjaya 63100, Malaysia; scyip@mmu.edu.my 2 Faculty of Computing and Informatics, Multimedia University, Cyberjaya 63100, Malaysia; jjchin@mmu.edu.my * Correspondence: 1161300548@student.mmu.edu.my Abstract: The security of cryptographic schemes is proven secure by reducing an attacker which breaks the scheme to an algorithm that could be used to solve the underlying hard assumption (e.g., Discrete Logarithm, Decisional Diffie–Hellman). The reduction is considered tight if it results in approximately similar probability bounds to that of solving the underlying hard assumption. Tight security is desirable as it improves security guarantees and allows the use of shorter parameters without the risk of compromising security. In this work, we propose an identity-based identification (IBI) scheme with tight security based on a variant of the Schnorr signature scheme known as TNC signatures. The proposed IBI scheme enjoys shorter parameters and key sizes as compared to existing IBI schemes without increasing the number of operations required for its identification protocol. Our scheme is suitable to be used for lightweight authentication in resource-constrained Wireless Sensor Networks (WSNs) as it utilizes the lowest amount of bandwidth when compared to other state-of-the-art symmetric key lightweight authentication schemes. Although it is costlier than its symmetric key counterparts in terms of operational costs due to its asymmetric key nature, it enjoys other benefits such as decentralized authentication and scalable key management. As a proof of concept to substantiate our claims, we perform an implementation of our scheme to demonstrate its speed and memory usage when it runs on both high and low-end devices. Keywords: access control; identity-based identification; tight security; provable security 1. Introduction Identification or authentication is the act of ensuring the identity of an entity that one is interacting with, is in fact what the entity claims it to be. An identity-based identification (IBI) scheme is an identification scheme with the public key as a publicly identifiable string (i.e., johnsmith@example.com) instead of a random-looking one (i.e., An RSA key). The IBI scheme allows a user to prove the possession of a secret key corresponding to their public identity with a verifier by acquiring corroborative evidence through an interactive protocol [1]. When the public key is publicly identifiable, the scheme enjoys several advantages compared to to its random-looking counterparts. This is due to the fact that the keys are no longer needed to be verified or authenticated, as they represent the entity in plain- text. Besides, the storage and transmission bandwidth requirements are also significantly reduced because identity strings are small in comparison (e.g., well known www.google.com of size 14 bytes versus a 2048-bit RSA key of size 256 bytes). Figure 1 shows the system architecture of an access control system using IBI schemes. Essentially, the key generation center (KGC) acts as the trusted authority which issues user keys corresponding to their public identities. The system then employs authentication servers to verify valid users attempting to access critical resources. Much like the con- ventional public key infrastructure, the system assumes the existence of a secure trusted Symmetry 2021, 13, 1330. https://doi.org/10.3390/sym13081330 https://www.mdpi.com/journal/symmetry