LH-ABSC: A Lightweight Hybrid Attribute-Based Signcryption Scheme for Cloud-Fog-Assisted IoT

One of the best ways to deal with the massive data generated by the Internet of Things (IoT) is storing them in the cloud. However, outsourced storage raises some security and privacy issues, such as data leaking and illegal access. The attribute-based signcryption (ABSC) is one of the most promising approaches which can ensure the confidentiality and authenticity of data simultaneously. Nonetheless, it not only inherits the fine-grained access control but also the heavy computational cost which is intolerable for most resource-limited IoT devices. In this article, we propose lightweight hybrid-policy ABSC (LH-ABSC), a lightweight ABSC scheme which adopts ciphertext-policy encryption (CPABE) and key-policy attribute-based signature (KPABS). Ciphertext-policy attribute-based signature leads the decision making that who can decrypt to the data owners directly. Meanwhile, the signature is related with data owners’ attribute set which can be used to testify the authenticity of data. In particular, LH-ABSC has constant signature size and satisfies public verification which is deeply important for IoT devices. Moreover, LH-ABSC outsources most computing overhead to fog nodes, including signature, verify, and decryption. Comprehensive theoretical analyses, such as confidentiality, unforgeability, and verifiability, are provided. Also, the selective chosen ciphertext security, the selective chosen message security, and signers anonymity are achieved.

[1]  Hugo Krawczyk,et al.  Cryptographic Extraction and Key Derivation: The HKDF Scheme , 2010, IACR Cryptol. ePrint Arch..

[2]  Reihaneh Safavi-Naini,et al.  Threshold Attribute-Based Signcryption , 2010, SCN.

[3]  Ya Xiao,et al.  Secure Data Access Control for Fog Computing Based on Multi-Authority Attribute-Based Signcryption with Computation Outsourcing and Attribute Revocation , 2018, Sensors.

[4]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[5]  Changji Wang,et al.  Attribute-based Signcryption with Ciphertext-policy and Claim-predicate Mechanism , 2011, 2011 Seventh International Conference on Computational Intelligence and Security.

[6]  Tatsuaki Okamoto,et al.  Efficient Attribute-Based Signatures for Non-Monotone Predicates in the Standard Model , 2014, IEEE Transactions on Cloud Computing.

[7]  Nuttapong Attrapadung,et al.  Expressive Key-Policy Attribute-Based Encryption with Constant-Size Ciphertexts , 2011, Public Key Cryptography.

[8]  Zhenfu Cao,et al.  Attribute-based signcryption with hybrid access policy , 2017, Peer Peer Netw. Appl..

[9]  Cheng Chen,et al.  Combined Public-Key Schemes: The Case of ABE and ABS , 2012, ProvSec.

[10]  Xiaoyuan Yang,et al.  Attribute-Based Signcryption Scheme with Non-monotonic Access Structure , 2013, 2013 5th International Conference on Intelligent Networking and Collaborative Systems.

[11]  Keke Gai,et al.  Proactive user-centric secure data scheme using attribute-based semantic access controls for mobile clouds in financial industry , 2018, Future Gener. Comput. Syst..

[12]  Y. Sreenivasa Rao,et al.  A secure and efficient Ciphertext-Policy Attribute-Based Signcryption for Personal Health Records sharing in cloud computing , 2017, Future Gener. Comput. Syst..

[13]  Atsuko Miyaji,et al.  Dynamic attribute-based signcryption without random oracles , 2012, Int. J. Appl. Cryptogr..

[14]  Yuliang Zheng,et al.  Digital Signcryption or How to Achieve Cost(Signature & Encryption) << Cost(Signature) + Cost(Encryption) , 1997, CRYPTO.

[15]  Mohamed Mohamed,et al.  C-ABSC: Cooperative Attribute Based SignCryption Scheme for Internet of Things Applications , 2018, 2018 IEEE International Conference on Services Computing (SCC).

[16]  Reihaneh Safavi-Naini,et al.  Threshold Attribute-Based Signatures and Their Application to Anonymous Credential Systems , 2009, AFRICACRYPT.

[17]  Duncan S. Wong,et al.  Secure Outsourced Attribute-Based Signatures , 2014, IEEE Transactions on Parallel and Distributed Systems.

[18]  Tapas Pandit,et al.  Attribute-Based Signcryption : Signer Privacy, Strong Unforgeability and IND-CCA2 Security in Adaptive-Predicates Attack , 2014, ProvSec.

[19]  Manoj Prabhakaran,et al.  Attribute-Based Signatures: Achieving Attribute-Privacy and Collusion-Resistance , 2008, IACR Cryptol. ePrint Arch..

[20]  Matthew Green,et al.  Outsourcing the Decryption of ABE Ciphertexts , 2011, USENIX Security Symposium.

[21]  Raja Lavanya,et al.  Fog Computing and Its Role in the Internet of Things , 2019, Advances in Computer and Electrical Engineering.

[22]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[23]  Ratna Dutta,et al.  Expressive Bandwidth-Efficient Attribute Based Signature and Signcryption in Standard Model , 2014, ACISP.

[24]  Hai Liu,et al.  EOABS: expressive outsourced attribute-based signature , 2017, Peer-to-Peer Networking and Applications.

[25]  Mahmoud Nabil,et al.  A Multi-Authority Attribute-Based Signcryption Scheme with Efficient Revocation for Smart Grid Downlink Communication , 2019, 2019 International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData).

[26]  Dongqing Xie,et al.  Multi-authority ciphertext-policy attribute-based encryption with accountability , 2011, ASIACCS '11.

[27]  P. MuraliKrishna,et al.  SECURE SCHEMES FOR SECRET SHARING AND KEY DISTRIBUTION USING PELL'S EQUATION , 2013 .

[28]  Willy Susilo,et al.  A Ciphertext-Policy Attribute-Based Proxy Re-encryption with Chosen-Ciphertext Security , 2013, 2013 5th International Conference on Intelligent Networking and Collaborative Systems.

[29]  Joseph K. Liu,et al.  Secure sharing of Personal Health Records in cloud computing: Ciphertext-Policy Attribute-Based Signcryption , 2015, Future Gener. Comput. Syst..