Cryptanalysis and enhancement of a distributed fine-grained access control in wireless sensor networks

Fine-grained access control is used to assign unique access privilege to a particular user for accessing the relevant information. Recently, Yu et al. and Ruj et al. proposed a couple of fine grained access control schemes using public key cryptography. These schemes exploit and maneuver the concept of KP-ABE and a cryptographic technique based on bilinear pairing on elliptive curve groups. In this paper, we first show that though these schemes are efficient, but both schemes suffer from some fatal weakness such as vulnerability against an insider attack, specifically key abuse attacks by the genuine users. Therefore, a user with lower access privilege can access the secret data sent for a user of higher access privilege. This contradicts the basic objective of fine grained access control. Also, information sent for a particular user can be revealed to an adversary. In order to remedy that weakness, we propose some simple countermeasures to prevent key-abuse insider attack while the merits of existing fine grained access control scheme are left unchanged. Further, our scheme is unconditionally secure against various attacks such as man-in-the-middle attack, replay attack and denial of service attack. While providing these extra security features, our scheme incurs no such extra communication, computation or storage overhead as compared to the existing schemes.

[1]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[2]  Marianne Winslett,et al.  A unified scheme for resource protection in automated trust negotiation , 2003, 2003 Symposium on Security and Privacy, 2003..

[3]  Clifford C. Cocks An Identity Based Encryption Scheme Based on Quadratic Residues , 2001, IMACC.

[4]  G. R. BLAKLEY Safeguarding cryptographic keys , 1979, 1979 International Workshop on Managing Requirements Knowledge (MARK).

[5]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[6]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[7]  Sherman S. M. Chow,et al.  Improving privacy and security in multi-authority attribute-based encryption , 2009, CCS.

[8]  Xiaohui Liang,et al.  Secure Threshold Multi Authority Attribute Based Encryption without a Central Authority , 2008, INDOCRYPT.

[9]  Wenjing Lou,et al.  FDAC: Toward Fine-Grained Distributed Data Access Control in Wireless Sensor Networks , 2011 .

[10]  Melissa Chase,et al.  Multi-authority Attribute Based Encryption , 2007, TCC.

[11]  Christian Callegari,et al.  Advances in Computing, Communications and Informatics (ICACCI) , 2015 .

[12]  Ivan Stojmenovic,et al.  Distributed Fine-Grained Access Control in Wireless Sensor Networks , 2011, 2011 IEEE International Parallel & Distributed Processing Symposium.

[13]  Marianne Winslett,et al.  No Registration Needed: How to Use Declarative Policies and Negotiation to Access Sensitive Resources on the Semantic Web , 2004, ESWS.

[14]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[15]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[16]  Wensheng Zhang,et al.  Securing Distributed Data Storage and Retrieval in Sensor Networks , 2007, Fifth Annual IEEE International Conference on Pervasive Computing and Communications (PerCom'07).

[17]  Yevgeniy Dodis,et al.  ID-based encryption for complex hierarchies with applications to forward security and broadcast encryption , 2004, CCS '04.

[18]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[19]  Josh Benaloh,et al.  Generalized Secret Sharing and Monotone Functions , 1990, CRYPTO.

[20]  Kefei Chen,et al.  An Efficient Key-Management Scheme for Hierarchical Access Control in E-Medicine System , 2012, Journal of Medical Systems.