An Efficient and Secure User Revocation Scheme in Mobile Social Networks

Mobile social network (MSN) is a promising networking and communication platform for users having similar interests (or attributes) to connect and interact with one another. For many recently introduced secure MSN data communication schemes, attribute-based encryption is often adopted to preserve user privacy and prevent outside attackers from eavesdropping. In this paper, we propose an efficient and secure user revocation scheme to address inside attacks based on an attribute-based encryption technique. The proposed scheme enables a trusted authority (TA) to flexibly control the data decryption capability of mobile social users. It disables malicious users from decrypting any data packet. As a result, proper user behavior is encouraged, inside attacks are reduced, and network security is enhanced. Through the analysis, we demonstrate that the proposed user revocation scheme is able to resist attribute collusion attacks and revoke collusion attacks. Extensive simulation results further confirm that the proposed scheme has much smaller communication overhead and much shorter delay than the existing solution [1].

[1]  Pieter H. Hartel,et al.  Mediated Ciphertext-Policy Attribute-Based Encryption and Its Application , 2009, WISA.

[2]  Hideki Imai,et al.  Conjunctive Broadcast and Attribute-Based Encryption , 2009, Pairing.

[3]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[4]  Xiaohui Liang,et al.  Message Authentication with Non-Transferability for Location Privacy in Mobile Ad hoc Networks , 2010, 2010 IEEE Global Telecommunications Conference GLOBECOM 2010.

[5]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[6]  Xiaohui Liang,et al.  Pseudonym Changing at Social Spots: An Effective Strategy for Location Privacy in VANETs , 2012, IEEE Transactions on Vehicular Technology.

[7]  Ling Cheung,et al.  Provably secure ciphertext policy ABE , 2007, CCS '07.

[8]  Vipul Goyal,et al.  Identity-based encryption with efficient revocation , 2008, IACR Cryptol. ePrint Arch..

[9]  Cong Wang,et al.  Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[10]  Hideki Imai,et al.  Attribute-Based Encryption Supporting Direct/Indirect Revocation Modes , 2009, IMACC.

[11]  Wenjing Lou,et al.  FDAC: Toward Fine-Grained Distributed Data Access Control in Wireless Sensor Networks , 2011 .

[12]  Xiaohui Liang,et al.  PEC: A privacy-preserving emergency call scheme for mobile healthcare social networks , 2011, Journal of Communications and Networks.

[13]  Xiaohui Liang,et al.  A Secure Handshake Scheme with Symptoms-Matching for mHealthcare Social Network , 2011, Mob. Networks Appl..