Traceable Multiauthority Attribute-Based Encryption with Outsourced Decryption and Hidden Policy for CIoT

Cloud-assisted Internet of Things (IoT) significantly facilitate IoT devices to outsource their data for high efficient management. Unfortunately, some unsettled security issues dramatically impact the popularity of IoT, such as illegal access and key escrow problem. Traditional public-key encryption can be used to guarantees data confidentiality, while it cannot achieve efficient data sharing. The attribute-based encryption (ABE) is the most promising way to ensure data security and to realize one-to-many fine-grained data sharing simultaneously. However, it cannot be well applied in the cloud-assisted IoT due to the complexity of its decryption and the decryption key leakage problem. To prevent the abuse of decryption rights, we propose a multiauthority ABE scheme with white-box traceability in this paper. Moreover, our scheme greatly lightens the overhead on devices by outsourcing the most decryption work to the cloud server. Besides, fully hidden policy is implemented to protect the privacy of the access policy. Our scheme is proved to be selectively secure against replayable chosen ciphertext attack (RCCA) under the random oracle model. Some theory analysis and simulation are described in the end.

[1]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[2]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[3]  Matthew Green,et al.  Outsourcing the Decryption of ABE Ciphertexts , 2011, USENIX Security Symposium.

[4]  Dan Boneh,et al.  Short Signatures Without Random Oracles , 2004, EUROCRYPT.

[5]  Zhipeng Cai,et al.  Trading Private Range Counting over Big IoT Data , 2019, 2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS).

[6]  Yun Zhang,et al.  Multi-authority proxy re-encryption based on CPABE for cloud storage systems , 2016 .

[7]  Sherman S. M. Chow,et al.  Improving privacy and security in multi-authority attribute-based encryption , 2009, CCS.

[8]  Yingshu Li,et al.  Collective Data-Sanitization for Preventing Sensitive Information Inference Attacks in Social Networks , 2018, IEEE Transactions on Dependable and Secure Computing.

[9]  Robert H. Deng,et al.  Attribute-Based Encryption With Verifiable Outsourced Decryption , 2013, IEEE Transactions on Information Forensics and Security.

[10]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[11]  Yingshu Li,et al.  Data Linkage in Smart Internet of Things Systems: A Consideration from a Privacy Perspective , 2018, IEEE Communications Magazine.

[12]  Jian Shen,et al.  Verifiable Outsourced Decryption of Attribute-Based Encryption with Constant Ciphertext Length , 2017, Secur. Commun. Networks.

[13]  Xiaofeng Liao,et al.  Body Area Network Security: A Fuzzy Attribute-Based Signcryption Scheme , 2013, IEEE Journal on Selected Areas in Communications.

[14]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[15]  K. R. Venugopal,et al.  Searching for the IoT Resources: Fundamentals, Requirements, Comprehensive Review, and Future Directions , 2018, IEEE Communications Surveys & Tutorials.

[16]  Reihaneh Safavi-Naini,et al.  Attribute-based encryption without key cloning , 2012, Int. J. Appl. Cryptogr..

[17]  Baocang Wang,et al.  Traceable-then-revocable ciphertext-policy attribute-based encryption scheme , 2017, Future Gener. Comput. Syst..

[18]  Jiguo Yu,et al.  Follow But No Track: Privacy Preserved Profile Publishing in Cyber-Physical Social Systems , 2017, IEEE Internet of Things Journal.

[19]  Zhiying Wang,et al.  Compulsory traceable ciphertext-policy attribute-based encryption against privilege abuse in fog computing , 2018, Future Gener. Comput. Syst..

[20]  Zhipeng Cai,et al.  A Private and Efficient Mechanism for Data Uploading in Smart Cyber-Physical Systems , 2020, IEEE Transactions on Network Science and Engineering.

[21]  Hongbo Zhu,et al.  Traceable Ciphertext-Policy Attribute-Based Encryption with Verifiable Outsourced Decryption in eHealth Cloud , 2018, Wirel. Commun. Mob. Comput..

[22]  Abderrazak Jemai,et al.  PAbAC: A Privacy Preserving Attribute based Framework for Fine Grained Access Control in Clouds , 2016, SECRYPT.

[23]  Zhen Liu,et al.  White-Box Traceable Ciphertext-Policy Attribute-Based Encryption Supporting Any Monotone Access Structures , 2013, IEEE Transactions on Information Forensics and Security.

[24]  Kai Zhang,et al.  Efficient large-universe multi-authority ciphertext-policy attribute-based encryption with white-box traceability , 2017, Science China Information Sciences.

[25]  Zhenfu Cao,et al.  Traceable and undeniable ciphertext-policy attribute-based encryption for cloud storage service , 2019, Int. J. Distributed Sens. Networks.

[26]  Ian Miers,et al.  Charm: a framework for rapidly prototyping cryptosystems , 2013, Journal of Cryptographic Engineering.

[27]  Allison Bishop,et al.  Decentralizing Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[28]  Arwa Alrawais,et al.  R²PEDS: A Recoverable and Revocable Privacy-Preserving Edge Data Sharing Scheme , 2020, IEEE Internet of Things Journal.

[29]  Hugo Krawczyk,et al.  Relaxing Chosen-Ciphertext Security , 2003, CRYPTO.

[30]  M. Laurent-Maknavicius,et al.  PHOABE: Securely outsourcing multi-authority attribute based encryption with policy hidden for cloud assisted IoT , 2018, Comput. Networks.

[31]  Kim-Kwang Raymond Choo,et al.  Cloud based data sharing with fine-grained proxy re-encryption , 2016, Pervasive Mob. Comput..

[32]  Kazuki Yoneyama,et al.  Attribute-Based Encryption with Partially Hidden Encryptor-Specified Access Structures , 2008, ACNS.

[33]  Jie Cui,et al.  Multi-authority attribute-based encryption access control scheme with policy hidden for cloud storage , 2016, Soft Computing.

[34]  Melissa Chase,et al.  Multi-authority Attribute Based Encryption , 2007, TCC.

[35]  Chunqiang Hu,et al.  An Efficient Revocable Attribute-Based Signcryption Scheme with Outsourced Designcryption in Cloud Computing , 2019, WASA.

[36]  Zhen Liu,et al.  Traceable CP-ABE: How to Trace Decryption Devices Found in the Wild , 2015, IEEE Transactions on Information Forensics and Security.

[37]  Rainer Steinwandt,et al.  Multi-authority attribute-based encryption with honest-but-curious central authority , 2012, Int. J. Comput. Math..