Named data networking (NDN) is an emerging information-centric networking paradigm, in which the Internet of Things (IoT) achieves excellent scalability. Recent literature proposes the concept of NDN-IoT, which maximizes the expansion of IoT applications by deploying NDN in the IoT. In the NDN, the security is built into the network by embedding a public signature in each data package to verify the authenticity and integrity of the content. However, signature schemes in the NDN-IoT environment are facing several challenges, such as signing security challenge for resource-constrained IoT end devices (EDs) and verification efficiency challenge for NDN routers. This article mainly studies the data package authentication scheme in the package-level security mechanism. Based on mobile edge computing (MEC), an efficient certificateless group signature scheme featured with anonymity, unforgeability, traceability, and key escrow resilience is proposed. The regional and edge architecture is utilized to solve the device management problem of IoT, reducing the risks of content pollution attacks from the data source. By offloading signature pressure to MEC servers, the contradiction between heavy overhead and shortage of ED resources is avoided. Moreover, the verification efficiency in NDN router is much improved via batch verification in the proposed scheme. Both security analysis and experimental simulations show that the proposed MEC-based certificateless group signature scheme is provably secure and practical.
