Efficient Distributed Decryption Scheme for IoT Gateway-based Applications

With the evolvement of the Internet of things (IoT), privacy and security have become the primary indicators for users to deploy IoT applications. In the gateway-based IoT architecture, gateways aggregate data collected by perception-layer devices and upload message packets to platforms, while platforms automatically push different categories of data to different applications. However, security in processes of data transmission via gateways, storage in platforms, access by applications is the major challenge for user privacy protection. To tackle this challenge, this article presents a secure IoT scheme based on a fine-grained multi-receive signcryption scheme to realize end-to-end secure transmission and data access control. To enhance the security of online application decryption keys, we design a distributed threshold decryption scheme based on secret-sharing. Moreover, from the provable security perspective, we demonstrate that the scheme can achieve the expected IND-CCA security and EUF-CMA security. After the performance analysis, evaluation results show that the computational performance is efficient and linearly subject to the number of messages and the number of receivers.

[1]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[2]  Neeraj Kumar,et al.  CB-CAS: Certificate-Based Efficient Signature Scheme With Compact Aggregation for Industrial Internet of Things Environment , 2020, IEEE Internet of Things Journal.

[3]  Dengzhi Liu,et al.  Secure Real-Time Traffic Data Aggregation With Batch Verification for Vehicular Cloud in VANETs , 2020, IEEE Transactions on Vehicular Technology.

[4]  Reihaneh Safavi-Naini,et al.  Privacy preserving EHR system using attribute-based infrastructure , 2010, CCSW '10.

[5]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[6]  Kim-Kwang Raymond Choo,et al.  Lightweight Searchable Public-Key Encryption with Forward Privacy over IIoT Outsourced Data , 2019, IEEE Transactions on Emerging Topics in Computing.

[7]  Neeraj Kumar,et al.  Securing electronics healthcare records in Healthcare 4.0 : A biometric-based approach , 2019, Comput. Electr. Eng..

[8]  Vineet Richhariya,et al.  An Efficient identity based Multi-receiver Signcryption Scheme using ECC , 2013 .

[9]  Young-Gab Kim,et al.  Analysis of IoT Platform Security: A Survey , 2019, 2019 International Conference on Platform Technology and Service (PlatCon).

[10]  Xiaodong Lin,et al.  FSSR: Fine-Grained EHRs Sharing via Similarity-Based Recommendation in Cloud-Assisted eHealthcare System , 2016, AsiaCCS.

[11]  Debiao He,et al.  Privacy-preserving data aggregation scheme against internal attackers in smart grids , 2016, Wirel. Networks.

[12]  Kazumaro Aoki,et al.  SEC X.2: Recommended Elliptic Curve Domain Parameters , 2008 .

[13]  Muhammad Khurram Khan,et al.  An Efficient and Practical Smart Card Based Anonymity Preserving User Authentication Scheme for TMIS using Elliptic Curve Cryptography , 2015, Journal of Medical Systems.

[14]  Athanasios V. Vasilakos,et al.  An efficient ECC-based provably secure three-factor user authentication and key agreement protocol for wireless healthcare sensor networks , 2017, Comput. Electr. Eng..

[15]  Willy Susilo,et al.  A Ciphertext-Policy Attribute-Based Proxy Re-encryption with Chosen-Ciphertext Security , 2013, 2013 5th International Conference on Intelligent Networking and Collaborative Systems.

[16]  Yehuda Lindell,et al.  Fast Secure Multiparty ECDSA with Practical Distributed Key Generation and Applications to Cryptocurrency Custody , 2018, CCS.

[17]  Xinwen Zhang,et al.  CL-PRE: a certificateless proxy re-encryption scheme for secure data sharing with public cloud , 2012, ASIACCS '12.

[18]  Yehuda Lindell,et al.  Fast Distributed RSA Key Generation for Semi-Honest and Malicious Adversaries , 2018, IACR Cryptol. ePrint Arch..

[19]  C. Pandu Rangan,et al.  Efficient and Provably Secure Certificateless Multi-receiver Signcryption , 2008, ProvSec.

[20]  Duncan S. Wong,et al.  A ciphertext‐policy attribute‐based proxy re‐encryption scheme for data sharing in public clouds , 2015, Concurr. Comput. Pract. Exp..

[21]  Mohammad S. Obaidat,et al.  Efficient and Provably Secure Multireceiver Signcryption Scheme for Multicast Communication in Edge Computing , 2020, IEEE Internet of Things Journal.

[22]  R. Ness Influence of the HIPAA Privacy Rule on health research. , 2007, JAMA.

[23]  Mahmoud Ammar,et al.  Journal of Information Security and Applications , 2022 .

[24]  Wei Guo,et al.  A Practical Privacy-Preserving Data Aggregation (3PDA) Scheme for Smart Grid , 2019, IEEE Transactions on Industrial Informatics.

[25]  Xuan Liu,et al.  Implementing a Personal Health Record Cloud Platform Using Ciphertext-Policy Attribute-Based Encryption , 2012, 2012 Fourth International Conference on Intelligent Networking and Collaborative Systems.

[26]  Chao Liu,et al.  Multi-message and multi-receiver heterogeneous signcryption scheme for ad-hoc networks , 2017, Inf. Secur. J. A Glob. Perspect..

[27]  Claus-Peter Schnorr,et al.  Efficient signature generation by smart cards , 2004, Journal of Cryptology.

[28]  Kim-Kwang Raymond Choo,et al.  Security and Privacy for the Internet of Drones: Challenges and Solutions , 2018, IEEE Communications Magazine.

[29]  Yehuda Lindell,et al.  Adding Distributed Decryption and Key Generation to a Ring-LWE Based CCA Encryption Scheme , 2018, IACR Cryptol. ePrint Arch..

[30]  Paul Voigt,et al.  The Eu General Data Protection Regulation (Gdpr): A Practical Guide , 2017 .

[31]  Jan Willemson,et al.  Privacy Protection for Wireless Medical Sensor Data , 2016, IEEE Transactions on Dependable and Secure Computing.

[32]  Yahong Li,et al.  Privacy-preserving multi-receiver signcryption scheme for heterogeneous systems , 2016, Secur. Commun. Networks.

[33]  C. Pandu Rangan,et al.  Certificateless Proxy Re-Encryption Without Pairing: Revisited , 2015, SCC@ASIACCS.

[34]  Alfred Menezes,et al.  Guide to Elliptic Curve Cryptography , 2004, Springer Professional Computing.

[35]  Yao Zheng,et al.  Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption , 2019, IEEE Transactions on Parallel and Distributed Systems.

[36]  Kuan Zhang,et al.  An Efficient Multi-Message and Multi-Receiver Signcryption Scheme for Heterogeneous Smart Mobile IoT , 2019, IEEE Access.

[37]  Shalini Batra,et al.  ClaMPP: a cloud-based multi-party privacy preserving classification scheme for distributed applications , 2018, The Journal of Supercomputing.

[38]  Jerker Delsing,et al.  A survey of commercial frameworks for the Internet of Things , 2015, 2015 IEEE 20th Conference on Emerging Technologies & Factory Automation (ETFA).