Internet of Things (IOT) is a network that the laser scanners, radio frequency identification (RFID), global positioning systems, and information sensing devices, as agreed in communication protocols and any objects connected to Internet, communicate with each other to realize the location, intelligent identification, monitoring, tracking, and management of the objects. The IOT is the new network that virtual network interacts with the real world, adopting Internet and sensor networks as the core technique, as well as its wireless information transmission and ubiquitous data-aware features, making the IOT to meet security requirements of the Internet and sensor network, while satisfying the security requirements for its own characteristics to ensure its safe and reliable operation .
The security shortcoming of IOT has largely affected its promotion and application. On the basis of the studies on the IOT architecture and analysis on the secure threats in IOT, many researches have presented the security architecture [2, 3] or corresponding defensive suggestions [4, 5] of the IOT. Towards security threats of some IOT communication applications, there are several solutions have been researched such as interoperability of security , key management protocol , and location privacy protection . Compared with those schemes in the previous text, the using of online/offline signcryption for IOT application has the following advantages: (1) the security attributes of confidentiality, authentication, integrity and non-repudiation are achieved simultaneously; and (2) the most of computational overheads is shifted to the offline phase without the knowledge of the particular message to be signcrypted and the receiver's public key/identity.
However, almost all online/offline signcryption (OOSC) schemes that have been presented until now use the traditional public key infrastructure (PKI) or the identity-based public key cryptography, which the former has the problem of the certificate management and the latter faces the inherent key escrow problem. Also, most of OOSC schemes cannot achieve known session-specific temporary information security and public verifiability with confidentiality.
1.1 Related work
Certificateless public key cryptography (CL-PKC) was introduced by Al-Riyami and Paterson . In CL-PKC, a trusted third party called key generation center (KGC) supplies each user with a partial private key and the other part of private key is generated by the user himself, thus some cryptographic operations can be performed only when the both keys are known. Therefore, CL-PKC not only eliminates the use of certificates but also solves the key escrow problem. Recently, some efficient cryptographic schemes based on CL-PKC were proposed [10-12].
The purpose of signcryption is to perform signature and encryption in a single logical step to obtain confidentiality, authentication, integrity, and non-repudiation more efficiently than the sign-then-encrypt approach. The notion of OOSC was introduced by An et al. . The main idea of OOSC is to perform signcryption generation in two phases: offline phase and online phase. The most of computational overheads is shifted to the offline phase without the knowledge of the particular message to be signcrypted and the receiver's public key/identity, thus the OOSC scheme is efficient to provide a security solution for IOT devices with limited computing capability. Based on the traditional PKI, Zhang et al.  proposed the first concrete OOSC scheme, but their scheme needs an additional symmetric key to achieve confidentiality. On the basis of the identity-based cryptography, Sun et al.  proposed the first identity-based OOSC (IBOOSC) scheme. However, Liu et al.  pointed out all of the schemes in the previous text cannot be used because they need the receiver's public key/identity in the offline phase, and they proposed an improved scheme. Subsequently, Selvi et al.  showed an attack against sender anonymity of the scheme proposed by Liu et al. Recently, Li et al.  proposed a new IBOOSC scheme that is more efficient than the three schemes [15-17] mentioned in the previous text.
1.2 Our contribution
In this paper, we define the generic and security model of the certificateless OOSC (COOSC), then propose a concrete COOSC scheme, and formally prove its security under the strongest existing security notions (IND-CCA2) indistinguishability against adaptive chosen ciphertext attacks and (EUF-CMA) existential unforgeability against adaptive chosen messages attacks, respectively) for OOSC. On the basis of the COOSC, we construct a security communication model for IOT application, which achieves confidentiality, authentication, integrity, and non-repudiation between the IOT nodes. Our scheme has the following merits: (1) the scheme has the great advantage of the offline computation cost, offline storage, ciphertext length and receiver computation cost; (2) the scheme satisfies the known session-specific temporary information security attribute; (3) to improve the processing efficiency of forged signcryption message, our scheme first verifies the signature and then recovers the plaintext; and (4) the scheme eliminates the use of certificates and conquers the key escrow problem that is inherent in IBOOSC.
1.3 Outline of the paper
The remainder of this paper is organized as follows. Some background information on current IOT communication model and its security analysis are given in Section 2. In Section 3, the formal model of COOSC is described. In Section 4, a concrete COOSC scheme is presented with the security proof in random oracle model, and the performance are analyzed. A security communication model based on COOSC for IOT is presented in Section 5. Finally, we conclude the paper in Section 6.