logo

SCIENCE CHINA Information Sciences, Volume 64 , Issue 6 : 162301(2021) https://doi.org/10.1007/s11432-020-2957-5

Achieving adaptively secure data access control with privacy protection for lightweight IoT devices

More info
  • ReceivedFeb 13, 2020
  • AcceptedJun 5, 2020
  • PublishedApr 8, 2021

Abstract


Acknowledgment

This work was jointly supported by Beijing Natural Science Foundation (Grant No. 4182060), National Natural Science Foundation of China (Grant No. 61972148), and Fundamental Research Funds for the Central Universities (Grant No. 2019MS020).


References

[1] Wan S, Zhao Y, Wang T. Multi-dimensional data indexing and range query processing via Voronoi diagram for internet of things. Future Generation Comput Syst, 2019, 91: 382-391 CrossRef Google Scholar

[2] Ammar M, Russello G, Crispo B. Internet of Things: A survey on the security of IoT frameworks. J Inf Security Appl, 2018, 38: 8-27 CrossRef Google Scholar

[3] Wu Y K, Huang H, Wu Q. A risk defense method based on microscopic state prediction with partial information observations in social networks. J Parallel Distributed Computing, 2019, 131: 189-199 CrossRef Google Scholar

[4] Guan Z, Liu X, Wu L. Cross-lingual multi-keyword rank search with semantic extension over encrypted data. Inf Sci, 2020, 514: 523-540 CrossRef Google Scholar

[5] Xu S, Li Y, Deng R. Lightweight and Expressive Fine-grained Access Control for Healthcare Internet-of-Things. IEEE Trans Cloud Comput, 2019, : 1-1 CrossRef Google Scholar

[6] Xu S, Yang G, Mu Y. A secure IoT cloud storage system with fine-grained access control and decryption key exposure resistance. Future Generation Comput Syst, 2019, 97: 284-294 CrossRef Google Scholar

[7] Jiang Y, Susilo W, Mu Y. Flexible ciphertext-policy attribute-based encryption supporting AND-gate and threshold with short ciphertexts. Int J Inf Secur, 2018, 17: 463-475 CrossRef Google Scholar

[8] Odelu V, Das A K. Design of a new CP-ABE with constant-size secret keys for lightweight devices using elliptic curve cryptography. Security Comm Networks, 2016, 9: 4048-4059 CrossRef Google Scholar

[9] Susilo W, Yang G, Guo F. Constant-size ciphertexts in threshold attribute-based encryption without dummy attributes. Inf Sci, 2018, 429: 349-360 CrossRef Google Scholar

[10] Lewko A, Okamoto T, Sahai A, et al. Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption. In: Proceedings of Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2010. 62--91. Google Scholar

[11] Doshi N, Jinwala D C. Fully secure ciphertext policy attribute-based encryption with constant length ciphertext and faster decryption. Security Comm Networks, 2014, 7: 1988-2002 CrossRef Google Scholar

[12] Odelu V, Das A K, Khurram Khan M. Expressive CP-ABE Scheme for Mobile Devices in IoT Satisfying Constant-Size Keys and Ciphertexts. IEEE Access, 2017, 5: 3273-3283 CrossRef Google Scholar

[13] Banerjee S, Roy S, Odelu V. Multi-Authority CP-ABE-Based user access control scheme with constant-size key and ciphertext for IoT deployment. J Inf Security Appl, 2020, 53: 102503 CrossRef Google Scholar

[14] Cui H, Deng R H, Liu J K. Server-Aided Attribute-Based Signature With Revocation for Resource-Constrained Industrial-Internet-of-Things Devices. IEEE Trans Ind Inf, 2018, 14: 3724-3732 CrossRef Google Scholar

[15] Guan Z, Li J, Wu L. Achieving Efficient and Secure Data Acquisition for Cloud-Supported Internet of Things in Smart Grid. IEEE Internet Things J, 2017, 4: 1934-1944 CrossRef Google Scholar

[16] Bethencourt J, Sahai A, Waters B. Ciphertext-policy attribute-based encryption. In: Proceedings of IEEE Symposium on Security and Privacy, 2007. 321--334. Google Scholar

[17] Waters B. Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization. In: Proceedings of International Workshop on Public Key Cryptography, 2011. 53--70. Google Scholar

[18] Herranz J, Laguillaumie F, Rafols C. Constant size ciphertexts in threshold attribute-based encryption. In: Proceedings of International Workshop on Public Key Cryptography, 2010. 19--34. Google Scholar

[19] Fuchun Guo , Yi Mu , Susilo W. CP-ABE With Constant-Size Keys for Lightweight Devices. IEEE TransInformForensic Secur, 2014, 9: 763-771 CrossRef Google Scholar

[20] Agrawal S, Chase M. FAME: fast attribute-based message encryption. In: Proceedings of ACM SIGSAC Conference on Computer and Communications Security, 2017. 665--682. Google Scholar

[21] Teng W, Yang G, Xiang Y. Attribute-Based Access Control with Constant-Size Ciphertext in Cloud Computing. IEEE Trans Cloud Comput, 2017, 5: 617-627 CrossRef Google Scholar

[22] Odelu V, Das A K, Rao Y S. Pairing-based CP-ABE with constant-size ciphertexts and secret keys for cloud environment. Comput Standards Interfaces, 2017, 54: 3-9 CrossRef Google Scholar

[23] Xu S, Yang G, Mu Y. Secure Fine-Grained Access Control and Data Sharing for Dynamic Groups in the Cloud. IEEE TransInformForensic Secur, 2018, 13: 2101-2113 CrossRef Google Scholar

[24] Chen C, Chen J, Lim H W, et al. Fully secure attribute-based systems with short ciphertexts/signatures and threshold access structures. In: Proceedings of Cryptographers' Track at the RSA Conference, 2013. 50--67. Google Scholar

[25] Xu S, Yang G, Mu Y. Revocable attribute-based encryption with decryption key exposure resistance and ciphertext delegation. Inf Sci, 2019, 479: 116-134 CrossRef Google Scholar

[26] Liu Z, Duan S, Zhou P. Traceable-then-revocable ciphertext-policy attribute-based encryption scheme. Future Generation Comput Syst, 2019, 93: 903-913 CrossRef Google Scholar

[27] Zhang Y, Zheng D, Deng R H. Security and Privacy in Smart Health: Efficient Policy-Hiding Attribute-Based Access Control. IEEE Internet Things J, 2018, 5: 2130-2145 CrossRef Google Scholar

[28] Han Q, Zhang Y, Li H. Efficient and robust attribute-based encryption supporting access policy hiding in Internet of Things. Future Generation Comput Syst, 2018, 83: 269-277 CrossRef Google Scholar

[29] Menezes A J, Okamoto T, Vanstone S A. Reducing elliptic curve logarithms to logarithms in a finite field. IEEE Trans Inform Theor, 1993, 39: 1639-1646 CrossRef Google Scholar

[30] Galbraith S D, Paterson K G, Smart N P. Pairings for cryptographers. Discrete Appl Math, 2008, 156: 3113-3121 CrossRef Google Scholar

[31] Malluhi Q M, Shikfa A, Trinh V C. A ciphertext-policy attribute-based encryption scheme with optimized ciphertext size and fast decryption. In: Proceedings of ACM on Asia Conference on Computer and Communications Security, 2017. 230--240. Google Scholar

[32] Zhou Z B, Huang D J. On efficient ciphertext-policy attribute based encryption and broadcast encryption. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, 2010. 753--755. Google Scholar

[33] Akinyele J A, Garman C, Miers I. Charm: a framework for rapidly prototyping cryptosystems. J Cryptogr Eng, 2013, 3: 111-128 CrossRef Google Scholar

  • Figure 1

    Bloom filter.

  • Figure 2

    (Color online) System model.

  • Figure 3

    (Color online) An enhanced scheme to prevent information leakage.

  • Figure 4

    (Color online) (a) Encryption time; (b) decryption time; (c) key generation time.

  • Table 1  

    Table 1The description of symbols

    Symbol Definition
    $m$ Number of attributes that generate the SK
    $j$ Number of attributes included in the access structure
    $n$ Number of attributes in the universe
    $|\mathbb{G}|$ Length of $\mathbb{G}$ in type-I bilinear pairing
    $|\mathbb{G}_{1}|$ Length of $\mathbb{G}_{1}$ in type-III bilinear pairing
    $|\mathbb{G}_{2}|$ Length of $\mathbb{G}_{2}$ in type-III bilinear pairing
    $|\mathbb{G}_{C}|$ Length of $\mathbb{G}_{C}$ in composite-order bilinear pairing
    $|\mathbb{G}_{T}|$ Length of $\mathbb{G}_{T}$
  • Table 2  

    Table 2Comparison results of the ABE based schemes

    Scheme Access structure Secret key sizeCiphertext sizeSecurity modelCategory of bilinear pairing
    [16] Tree $(2m+1)|\mathbb{G}|$ $(2j+1)|\mathbb{G}|+|\mathbb{G}_{T}|$ Selective security Type-I
    [17] LSSS $(m+2)|\mathbb{G}|$ $(4j+1)|\mathbb{G}|+|\mathbb{G}_{T}|$ Selective security Type-I
    [20] LSSS $(3m+3)|\mathbb{G}_{1}|+3|\mathbb{G}_{2}|$ $3j|\mathbb{G}_{1}|+3|\mathbb{G}_{2}|+|\mathbb{G}_{T}|$ Full security Type-III
    [10] LSSS $(m+2)|\mathbb{G}_{C}|$ $(2j+1)|\mathbb{G}_{C}|+|\mathbb{G}_{T}|$ Full security Composite-order bilinear pairing
    [32] LSSS $(m+2)|\mathbb{G}|$ $(j+1)|\mathbb{G}|+|\mathbb{G}_{T}|$ Selective security Type-I
    [18] Threshold $m|\mathbb{G}_{1}|+(n-1)|\mathbb{G}_{2}|$ $|\mathbb{G}_{1}|+|\mathbb{G}_{2}|+|\mathbb{G}_{T}|$ Selective security Type-III
    [9] Threshold $(m+n)|\mathbb{G}|$ $~2|\mathbb{G}|+|\mathbb{G}_{T}|$ Selective security Type-I
    [11] AND $(m+2)|\mathbb{G}|$ $2|\mathbb{G}_{C}|+|\mathbb{G}_{T}|$ Full security Composite-order bilinear pairing
    [19] AND $|\mathbb{G}_{1}|+|\mathbb{G}_{2}|$ $(n-j+1)|\mathbb{G}_{1}|+|\mathbb{G}_{2}|+|\mathbb{G}_{T}|$ Selective security Type-III
    [31] AND $(3m+1)|\mathbb{G}|$ $~2|\mathbb{G}|+|\mathbb{G}_{T}|$ Selective security Type-I
    Our scheme AND $(m+1)|\mathbb{G}_{1}|+|\mathbb{G}_{2}|$ $|\mathbb{G}_{1}|+|\mathbb{G}_{2}|+|\mathbb{G}_{T}|$ Full security Type-III
  • Table 3  

    Table 3The average time spent on various operations (ms)

    Scheme Multiplication Exponentiation Hash Paring
    $\mathbb{G}_{1}$ 0.017 1.89 0.259.16
    $\mathbb{G}_{2}$ 0.040 10.56
    $\mathbb{G}_{T}$ 0.043 2.50
  • Table 4  

    Table 4The number of various operations

    SchemeKey generationEncryptionDecryption
    $\mathbb{G}_{1}$$\mathbb{G}_{2}$$\mathbb{G}_{1}$$\mathbb{G}_{2}$$\mathbb{G}_{1}$$\mathbb{G}_{2}$$\mathbb{G}_{T}$ Paring
    Mul. Exp.HashExp.Mul. Exp.HashMul.Exp.Mul. Exp.Mul.Exp. Mul.
    [16] $m$ $1+2m$ $m$ $m$ $j$ $j$ $j+1$ $2j+2$ $2j+1$
    [17] $1$ $1+m$ 1 $j$ $2j$ $j+1$ $j+2$ $2j+1$
    [19] 1 1 1 $j$ $j$ $n-j+1$ $n-j+1$ $n-j$ $n-j$ 2 3
    Ours 1 $1+m$ 1 $j$ 1 j 4 3
qqqq

Contact and support