ePASS: An expressive attribute-based signature scheme with privacy and an unforgeability guarantee for the Internet of Things

The Internet of Things (IoT) provides anywhere, anything, anytime connections, for which user privacy is vulnerable and authentication methods that favor policy over attributes are essential. Thus, a signature scheme that considers user privacy and implements an attributes policy is required. Emerging attribute-based signature (ABS) schemes allow a requester of a resource to generate a signature with attributes satisfying the policy without leaking more information. However, few existing approaches simultaneously achieve an expressive policy and security under the standard Diffie-Hellman assumption. Here we describe ePASS, a novel ABS scheme that uses an attribute tree and expresses any policy consisting of AND, OR threshold gates under the computational Diffie-Hellman problem. Users cannot forge signatures with attributes they do not possess, and the signature provides assurance that only a user with appropriate attributes satisfying the policy can endorse the message, resulting in unforgeability. However, legitimate signers remain anonymous and are indistinguishable among all users whose attributes satisfy the policy, which provides attribute privacy for the signer. Compared to existing schemes, our approach delivers enhanced performance by reducing the computational cost and signature size. (C) 2013 Elsevier B.V. All rights reserved.