A Novel Efficient Pairing-Free CP-ABE Based on Elliptic Curve Cryptography for IoT

Ciphertext-policy attribute-based encryption (CP-ABE) is a promising cryptographic technique that integrates data encryption with access control for ensuring data security in IoT systems. However, the efficiency problem of CP-ABE is still a bottleneck limiting its development and application. A widespread consensus is that the computation overhead of bilinear pairing is excessive in the practical application of ABE, especially for the devices or the processors with limited computational resources and power supply. In this paper, we proposed a novel pairing-free data access control scheme based on CP-ABE using elliptic curve cryptography, abbreviated PF-CP-ABE. We replace complicated bilinear pairing with simple scalar multiplication on elliptic curves, thereby reducing the overall computation overhead. And we designed a new way of key distribution that it can directly revoke a user or an attribute without updating other users’ keys during the attribute revocation phase. Besides, our scheme use linear secret sharing scheme access structure to enhance the expressiveness of the access policy. The security and performance analysis show that our scheme significantly improved the overall efficiency as well as ensured the security.

[1]  Matthew Green,et al.  Outsourcing the Decryption of ABE Ciphertexts , 2011, USENIX Security Symposium.

[2]  Joseph K. Liu,et al.  Privacy-Preserving Ciphertext Multi-Sharing Control for Big Data Storage , 2015, IEEE Transactions on Information Forensics and Security.

[3]  Sébastien Canard,et al.  On the Implementation of a Pairing-Based Cryptographic Protocol in a Constrained Device , 2012, Pairing.

[4]  Vanga Odelu,et al.  Design of a new CP-ABE with constant-size secret keys for lightweight devices using elliptic curve cryptography , 2016, Secur. Commun. Networks.

[5]  Allison Bishop,et al.  Decentralizing Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[6]  Jianfeng Ma,et al.  Efficient algorithms for secure outsourcing of bilinear pairings , 2015, Theor. Comput. Sci..

[7]  Willy Susilo,et al.  Searchable Attribute-Based Mechanism With Efficient Data Sharing for Secure Cloud Storage , 2015, IEEE Transactions on Information Forensics and Security.

[8]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[9]  Francisco Rodríguez-Henríquez,et al.  High-Speed Software Implementation of the Optimal Ate Pairing over Barreto-Naehrig Curves , 2010, Pairing.

[10]  Ling Cheung,et al.  Provably secure ciphertext policy ABE , 2007, CCS '07.

[11]  Michael Scott,et al.  A Taxonomy of Pairing-Friendly Elliptic Curves , 2010, Journal of Cryptology.

[12]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[13]  Antoine Joux,et al.  A One Round Protocol for Tripartite Diffie–Hellman , 2000, Journal of Cryptology.

[14]  Weixin Xie,et al.  Attribute-Based Data Sharing Scheme Revisited in Cloud Computing , 2016, IEEE Transactions on Information Forensics and Security.

[15]  Kim-Kwang Raymond Choo,et al.  Expressive CP-ABE Scheme for Mobile Devices in IoT Satisfying Constant-Size Keys and Ciphertexts , 2017, IEEE Access.

[16]  Jianfeng Ma,et al.  Fine-Grained Access Control System Based on Outsourced Attribute-Based Encryption , 2013, ESORICS.

[17]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[18]  Michael Scott,et al.  On the Efficient Implementation of Pairing-Based Protocols , 2011, IMACC.

[19]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[20]  Junbeom Hur,et al.  Improving Security and Efficiency in Attribute-Based Data Sharing , 2013, IEEE Transactions on Knowledge and Data Engineering.

[21]  Matthieu Rivain,et al.  Fast and Regular Algorithms for Scalar Multiplication over Elliptic Curves , 2011, IACR Cryptol. ePrint Arch..

[22]  Aurore Guillevic,et al.  Algorithms for Outsourcing Pairing Computation , 2014, CARDIS.

[23]  Fuchun Guo,et al.  CP-ABE With Constant-Size Keys for Lightweight Devices , 2014, IEEE Transactions on Information Forensics and Security.

[24]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[25]  Sébastien Canard,et al.  Delegating a Pairing Can Be Both Secure and Efficient , 2014, ACNS.

[26]  Paulo S. L. M. Barreto,et al.  Efficient pairing computation on supersingular Abelian varieties , 2007, IACR Cryptol. ePrint Arch..

[27]  David Naccache,et al.  Secure Delegation of Elliptic-Curve Pairing , 2010, IACR Cryptol. ePrint Arch..

[28]  Máté Horváth,et al.  Attribute-Based Encryption Optimized for Cloud Computing , 2015, IACR Cryptol. ePrint Arch..

[29]  Kim-Kwang Raymond Choo,et al.  Cloud based data sharing with fine-grained proxy re-encryption , 2016, Pervasive Mob. Comput..

[30]  Joseph K. Liu,et al.  An Efficient Cloud-Based Revocable Identity-Based Proxy Re-encryption Scheme for Public Clouds Data Sharing , 2014, ESORICS.