**7. Conclusions**

To maintain the integrity of messages transmitted in an increasingly large IoT service environment, digital signatures for messages are required. Digital signature protocols have been studied for a long time, and many studies are underway to make them suitable for such environments. They are being studied to satisfy various security requirements while respecting the "lightweight" nature of the IoT environment. Although research has been conducted to apply lightweight signature techniques, such as CL-AS, to IoT environments, solutions are needed for the problems of CL-PKC-based schemes, specifically, public key replacement attacks and malicious KGCs. In particular, it is necessary to study solutions that satisfy the requirements for both security and computational efficiency. Therefore, this paper proposes an efficient secure CL-AAS scheme.

The proposed scheme provides the integrity of messages transmitted in an IoT environment using the concepts of an arbitrated signature and an AS (aggregated signature). The role of the AS is to provide efficiency, and that of the arbitrated signature is to enhance non-repudiation by aggregating the arbitrated signatures of a gateway and its devices together. Through this, in this paper, we designed a secure scenario against existing security threats, and considered the security of the gateway, which is an intermediate to transmit data. The proposed scheme is designed to satisfy various security requirements (Section 3), such as such as public key replacement attack, malicious KGC attack, and key leakage. In the existing schemes, as shown in Table 1, there were problems with key leakage and forgery of the message and signature via attacks either by public key replacement or a malicious KGC. To solve this, non-repudiation was strengthened by applying the arbitrated signature of the gateway, and it is possible to provide efficiency by applying an AS to reduce the memory overhead and the verification overhead of the verifier.

In the future, not only as a simple signer and verifier but also in a more complex, grouped, and device-involved environments, the provision of a suitable security scheme is needed. The IoT service may transmit sensitive data, such as personal privacy, depending on the environment. In the future, research on practical security technologies to provide confidentiality and integrity for sensitive data should be conducted.

**Author Contributions:** Conceptualization, D.-H.L., K.Y. and I.-Y.L.; data investigation, D.-H.L.; analysis and validation, D.-H.L., K.Y. and I.-Y.L.; writing—original draft, D.-H.L.; writing—review and editing, D.-H.L. All authors have read and agreed to the published version of the manuscript.

**Funding:** This research was supported by the MSIT (Ministry of Science, ICT), Korea, under the ITRC (Information Technology Research Center) support program (IITP-2020-0-00403) supervised by the IITP (Institute for Information & Communications Technology Promotion). This research was also supported by the National Research Foundation of Korea (NRF) grant funded by the MSIT (NRF-2018R1A4A1025632).

**Conflicts of Interest:** The authors declare no conflict of interest.
