Revocable Large Universe Decentralized Multi-Authority Attribute-Based Encryption Without Key Abuse for Cloud-Aided IoT

被引：3

作者：

Huang, Kaiqing ^{[1
,2
]}

机构：

[1] South China Normal Univ, Sch Math Sci, Guangzhou 510631, Peoples R China

[2] Dongguan Polytech, Modern Ind Innovat Practice Ctr, Dongguan 523808, Peoples R China

来源：

IEEE ACCESS | 2021年 / 9卷

关键词：

Encryption; Access control; Law; Internet of Things; Outsourcing; Cloud computing; Performance analysis; Decentralized; multi-authority attribute-based encryption; key abuse; user-attribute revocation; outsourcing decryption; DATA ACCESS-CONTROL; CP-ABE; EFFICIENT; INTERNET; THINGS;

D O I：

10.1109/ACCESS.2021.3126780

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Data confidentiality and access control are the key technologies of secure Internet of things (IoT) since the circulated application data on multiple different domains in IoT are generally confidential and privacy-sensitive. Large universe multi-authority attribute-based encryption (MA-ABE) is considered a promising technique to protect data confidentiality and achieve fine-grained access control for large-scale cross-domain applications. However, MA-ABE is facing the severe key abuse problem. Much research is devoted to using audit technologies and trace technologies to determine who should be responsible for the misused key which has a certain deterrent effect and prevents the key abuse to a certain extent. But they can't solve the key abuse problem, since users still can leak the key and the leaked keys can still decrypt the ciphertext correctly. Moreover, they also cannot solve the key escrow problem. In this article, the author proposes the first revocable large universe decentralized MA-ABE without key abuse based on prime order bilinear groups. The proposed scheme allows for the dynamic capacity expansion of attributes, users, and authorities. It is not only static security in the random oracle model under the q-DPBDHE2 assumption but also secure against key abuse attacks launched by any party. Only the secret key owner can successfully decrypt the ciphertext with the secret key. The data user is unable to generate the available key different from her/his legal key by using her/his legal key. Neither CSP nor authority can generate the available decryption key or decrypt the ciphertext (even if the access policy is satisfied by the attributes it controls) using the keys it controls. An efficient user-attribute revocation mechanism is given and only a few operations are needed when decryption in the proposed scheme. The performance analysis results indicate that the proposed scheme is more efficient and suitable for the IoT.

引用

页码：151713 / 151728

页数：16

共 54 条

[1] Charm: a framework for rapidly prototyping cryptosystems
Akinyele, Joseph A.
Garman, Christina
Miers, Ian
Pagano, Matthew W.
Rushanan, Michael
Green, Matthew
Rubin, Aviel D.
[J]. JOURNAL OF CRYPTOGRAPHIC ENGINEERING, 2013, 3 (02) : 111 - 128
[2] [Anonymous], 1996, SECURE SCHEMES SECRE
[3] Attrapadung N, 2009, LECT NOTES COMPUT SC, V5921, P278, DOI 10.1007/978-3-642-10868-6_17
[4] Attrapadung N, 2009, LECT NOTES COMPUT SC, V5671, P248, DOI 10.1007/978-3-642-03298-1_16
[5] Bellare M., 1993, LNCS, V740, P390, DOI [10.1007/3-540-48071-428, DOI 10.1007/3-540-48071-428]
[6] Boldyreva A, 2008, CCS'08: PROCEEDINGS OF THE 15TH ACM CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, P417
[7] Integration of Cloud computing and Internet of Things: A survey
Botta, Alessio
de Donato, Walter
Persico, Valerio
Pescape, Antonio
[J]. FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE, 2016, 56 : 684 - 700
[8] Chase M, 2007, LECT NOTES COMPUT SC, V4392, P515
[9] Chase M, 2009, CCS'09: PROCEEDINGS OF THE 16TH ACM CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, P121
[10] Chen N., 2020, IEEE T COMPUT, DOI [10.1109/TC.2020.3043950, DOI 10.1109/TC.2020.3043950]

← 1 2 3 4 5 6 →