A certificateless signcryption with proxy re-encryption for practical access control in cloud-based reliable smart grid

Cloud computing has proven to be applicable in smart grid systems with the help of the cloud-based Internet of things (IoT) technology. In this concept, IoT is deployed as a front-end enabling the acquisition of smart grid-related data and its outsourcing to the cloud for data storage purposes. It is obvious that data storage is a pertinent service in cloud computing. However, its wide adoption is hindered by the concern of having a secure access to data without a breach on confidentiality and authentication. To address this problem, we propose a novel data access control scheme that simultaneously accomplishes confidentiality and authentication for cloud-based smart grid systems. Our scheme can enable the storing of encrypted smart grid-related data in the cloud. When a user prefers to access the data, the data owner issues a delegation command to the cloud for data re-encryption. The cloud is unable to acquire any plaintext information on the data. Only authorized users are capable of decrypting the data. Moreover, the integrity and authentication of data can only be verified by the authorized user. We obtain the data access control scheme by proposing a pairing free certificateless signcryption with proxy re-encryption (CLS-PRE) scheme. We prove that our CLS-PRE scheme has indistinguishability against adaptive chosen ciphertext attack under the gap Diffie–Hellman problem and existential unforgeability against adaptive chosen message attack under elliptic curve discrete logarithm problem in the random oracle model.

[1]  Rosario Morello,et al.  A Smart Power Meter to Monitor Energy Flow in Smart Grids: The Role of Advanced Sensing and IoT in the Electric Grid of the Future , 2017, IEEE Sensors Journal.

[2]  Xavier Boyen,et al.  Multipurpose Identity-Based Signcryption (A Swiss Army Knife for Identity-Based Cryptography) , 2003, CRYPTO.

[3]  Cong Wang,et al.  Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[4]  Xiaohua Jia,et al.  Expressive, Efficient, and Revocable Data Access Control for Multi-Authority Cloud Storage , 2014, IEEE Transactions on Parallel and Distributed Systems.

[5]  Aoying Zhou,et al.  DSP RE-Encryption: A Flexible Mechanism for Access Control Enforcement Management in DaaS , 2009, 2009 IEEE International Conference on Cloud Computing.

[6]  Zhenfu Cao,et al.  Multi-use unidirectional identity-based proxy re-encryption from hierarchical identity-based encryption , 2012, Inf. Sci..

[7]  Shahaboddin Shamshirband,et al.  Incremental proxy re-encryption scheme for mobile cloud computing environment , 2013, The Journal of Supercomputing.

[8]  David M. Eyers,et al.  Twenty Security Considerations for Cloud-Supported Internet of Things , 2016, IEEE Internet of Things Journal.

[9]  Xiang Cheng,et al.  Smart Choice for the Smart Grid: Narrowband Internet of Things (NB-IoT) , 2018, IEEE Internet of Things Journal.

[10]  Zhixiong Chen,et al.  A New Efficient Certificateless Signcryption Scheme , 2008, 2008 International Symposium on Information Science and Engineering.

[11]  Manuel Barbosa,et al.  Certificateless signcryption , 2008, ASIACCS '08.

[12]  C. Pandu Rangan,et al.  RSA-TBOS signcryption with proxy re-encryption , 2008, DRM '08.

[13]  M. Mambo,et al.  Proxy Cryptosystems: Delegation of the Power to Decrypt Ciphertexts (Special Section on Cryptography and Information Security) , 1997 .

[14]  Zhang Zhang,et al.  Efficient and provably secure certificateless signcryption from bilinear maps , 2010, 2010 IEEE International Conference on Wireless Communications, Networking and Information Security.

[15]  Rose Qingyang Hu,et al.  On Reliability of Smart Grid Neighborhood Area Networks , 2015, IEEE Access.

[16]  Robert H. Deng,et al.  Attribute-Based Encryption With Verifiable Outsourced Decryption , 2013, IEEE Transactions on Information Forensics and Security.

[17]  Yi Mu,et al.  On the security of a certificateless signcryption scheme , 2013, 2014 IEEE Workshop on Electronics, Computer and Applications.

[18]  Ran Canetti,et al.  The random oracle methodology, revisited , 2000, JACM.

[19]  Liqun Chen,et al.  Improved Identity-Based Signcryption , 2005, Public Key Cryptography.

[20]  Jun Xiao,et al.  Observation of Security Region Boundary for Smart Distribution Grid , 2017, IEEE Transactions on Smart Grid.

[21]  Joseph K. Liu,et al.  An Efficient Cloud-Based Revocable Identity-Based Proxy Re-encryption Scheme for Public Clouds Data Sharing , 2014, ESORICS.

[22]  Wang Huige,et al.  ID-based proxy re-signcryption scheme , 2011, 2011 IEEE International Conference on Computer Science and Automation Engineering.

[23]  Matthew Green,et al.  Identity-Based Proxy Re-encryption , 2007, ACNS.

[24]  Junbeom Hur,et al.  Improving Security and Efficiency in Attribute-Based Data Sharing , 2013, IEEE Transactions on Knowledge and Data Engineering.

[25]  Namje Park,et al.  Secure Data Access Control Scheme Using Type-Based Re-encryption in Cloud Environment , 2011 .

[26]  Hu Xiong,et al.  Toward Certificateless Signcryption Scheme Without Random Oracles , 2014, IACR Cryptol. ePrint Arch..

[27]  Yao Zheng,et al.  Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption , 2019, IEEE Transactions on Parallel and Distributed Systems.

[28]  Yupu Hu,et al.  Certificateless signcryption scheme in the standard model , 2010, Inf. Sci..

[29]  C. Pandu Rangan,et al.  Signcryption with Proxy Re-encryption , 2008, IACR Cryptol. ePrint Arch..

[30]  Hongming Cai,et al.  An IoT-Oriented Data Storage Framework in Cloud Computing Platform , 2014, IEEE Transactions on Industrial Informatics.

[31]  Jie Wu,et al.  Reliable Re-Encryption in Unreliable Clouds , 2011, 2011 IEEE Global Telecommunications Conference - GLOBECOM 2011.

[32]  Xiaojun Cao,et al.  An Improved Signcryption with Proxy Re-encryption and its Application , 2011, 2011 Seventh International Conference on Computational Intelligence and Security.

[33]  Robert H. Deng,et al.  Cryptanalysis of a certificateless signcryption scheme in the standard model , 2011, Inf. Sci..

[34]  Elisa Bertino,et al.  Privacy Preserving Policy-Based Content Sharing in Public Clouds , 2013, IEEE Transactions on Knowledge and Data Engineering.

[35]  Heejo Lee,et al.  An energy-efficient access control scheme for wireless sensor networks based on elliptic curve cryptography , 2009, Journal of Communications and Networks.

[36]  Jin Li,et al.  Securely Outsourcing Attribute-Based Encryption with Checkability , 2014, IEEE Transactions on Parallel and Distributed Systems.

[37]  Fagen Li,et al.  An efficient signcryption for data access control in cloud computing , 2017, Computing.

[38]  Jacques Stern,et al.  Security Arguments for Digital Signatures and Blind Signatures , 2015, Journal of Cryptology.

[39]  Wenbo Mao,et al.  Two Birds One Stone: Signcryption Using RSA , 2003, CT-RSA.

[40]  Fagen Li,et al.  A Provably-Secure Transmission Scheme for Wireless Body Area Networks , 2016, Journal of Medical Systems.

[41]  Kyung-Ah Shim,et al.  ${\cal CPAS}$: An Efficient Conditional Privacy-Preserving Authentication Scheme for Vehicular Sensor Networks , 2012, IEEE Transactions on Vehicular Technology.

[42]  An Braeken,et al.  Elliptic Curve Qu-Vanstone Based Signcryption Schemes with Proxy Re-encryption for Secure Cloud Data Storage , 2017, Cloud Computing and Big Data: Technologies, Applications and Security.