Revocable Large Universe Decentralized Multi-Authority Attribute-Based Encryption Without Key Abuse for Cloud-Aided IoT
Data confidentiality and access control are the key technologies of secure Internet of things (IoT) since the circulated application data on multiple different domains in IoT are generally confidential and privacy-sensitive. Large universe multi-authority attribute-based encryption (MA-ABE) is consi...
Guardado en:
Autor principal: | |
---|---|
Formato: | article |
Lenguaje: | EN |
Publicado: |
IEEE
2021
|
Materias: | |
Acceso en línea: | https://doaj.org/article/6bc184e00c1a4b10abb0291485740fc9 |
Etiquetas: |
Agregar Etiqueta
Sin Etiquetas, Sea el primero en etiquetar este registro!
|
id |
oai:doaj.org-article:6bc184e00c1a4b10abb0291485740fc9 |
---|---|
record_format |
dspace |
spelling |
oai:doaj.org-article:6bc184e00c1a4b10abb0291485740fc92021-11-17T00:01:22ZRevocable Large Universe Decentralized Multi-Authority Attribute-Based Encryption Without Key Abuse for Cloud-Aided IoT2169-353610.1109/ACCESS.2021.3126780https://doaj.org/article/6bc184e00c1a4b10abb0291485740fc92021-01-01T00:00:00Zhttps://ieeexplore.ieee.org/document/9606930/https://doaj.org/toc/2169-3536Data confidentiality and access control are the key technologies of secure Internet of things (IoT) since the circulated application data on multiple different domains in IoT are generally confidential and privacy-sensitive. Large universe multi-authority attribute-based encryption (MA-ABE) is considered a promising technique to protect data confidentiality and achieve fine-grained access control for large-scale cross-domain applications. However, MA-ABE is facing the severe key abuse problem. Much research is devoted to using audit technologies and trace technologies to determine who should be responsible for the misused key which has a certain deterrent effect and prevents the key abuse to a certain extent. But they can’t solve the key abuse problem, since users still can leak the key and the leaked keys can still decrypt the ciphertext correctly. Moreover, they also cannot solve the key escrow problem. In this article, the author proposes the first revocable large universe decentralized MA-ABE without key abuse based on prime order bilinear groups. The proposed scheme allows for the dynamic capacity expansion of attributes, users, and authorities. It is not only static security in the random oracle model under the q-DPBDHE2 assumption but also secure against key abuse attacks launched by any party. Only the secret key owner can successfully decrypt the ciphertext with the secret key. The data user is unable to generate the available key different from her/his legal key by using her/his legal key. Neither CSP nor authority can generate the available decryption key or decrypt the ciphertext (even if the access policy is satisfied by the attributes it controls) using the keys it controls. An efficient user-attribute revocation mechanism is given and only a few operations are needed when decryption in the proposed scheme. The performance analysis results indicate that the proposed scheme is more efficient and suitable for the IoT.Kaiqing HuangIEEEarticleDecentralizedmulti-authority attribute-based encryptionkey abuseuser-attribute revocationoutsourcing decryptionElectrical engineering. Electronics. Nuclear engineeringTK1-9971ENIEEE Access, Vol 9, Pp 151713-151728 (2021) |
institution |
DOAJ |
collection |
DOAJ |
language |
EN |
topic |
Decentralized multi-authority attribute-based encryption key abuse user-attribute revocation outsourcing decryption Electrical engineering. Electronics. Nuclear engineering TK1-9971 |
spellingShingle |
Decentralized multi-authority attribute-based encryption key abuse user-attribute revocation outsourcing decryption Electrical engineering. Electronics. Nuclear engineering TK1-9971 Kaiqing Huang Revocable Large Universe Decentralized Multi-Authority Attribute-Based Encryption Without Key Abuse for Cloud-Aided IoT |
description |
Data confidentiality and access control are the key technologies of secure Internet of things (IoT) since the circulated application data on multiple different domains in IoT are generally confidential and privacy-sensitive. Large universe multi-authority attribute-based encryption (MA-ABE) is considered a promising technique to protect data confidentiality and achieve fine-grained access control for large-scale cross-domain applications. However, MA-ABE is facing the severe key abuse problem. Much research is devoted to using audit technologies and trace technologies to determine who should be responsible for the misused key which has a certain deterrent effect and prevents the key abuse to a certain extent. But they can’t solve the key abuse problem, since users still can leak the key and the leaked keys can still decrypt the ciphertext correctly. Moreover, they also cannot solve the key escrow problem. In this article, the author proposes the first revocable large universe decentralized MA-ABE without key abuse based on prime order bilinear groups. The proposed scheme allows for the dynamic capacity expansion of attributes, users, and authorities. It is not only static security in the random oracle model under the q-DPBDHE2 assumption but also secure against key abuse attacks launched by any party. Only the secret key owner can successfully decrypt the ciphertext with the secret key. The data user is unable to generate the available key different from her/his legal key by using her/his legal key. Neither CSP nor authority can generate the available decryption key or decrypt the ciphertext (even if the access policy is satisfied by the attributes it controls) using the keys it controls. An efficient user-attribute revocation mechanism is given and only a few operations are needed when decryption in the proposed scheme. The performance analysis results indicate that the proposed scheme is more efficient and suitable for the IoT. |
format |
article |
author |
Kaiqing Huang |
author_facet |
Kaiqing Huang |
author_sort |
Kaiqing Huang |
title |
Revocable Large Universe Decentralized Multi-Authority Attribute-Based Encryption Without Key Abuse for Cloud-Aided IoT |
title_short |
Revocable Large Universe Decentralized Multi-Authority Attribute-Based Encryption Without Key Abuse for Cloud-Aided IoT |
title_full |
Revocable Large Universe Decentralized Multi-Authority Attribute-Based Encryption Without Key Abuse for Cloud-Aided IoT |
title_fullStr |
Revocable Large Universe Decentralized Multi-Authority Attribute-Based Encryption Without Key Abuse for Cloud-Aided IoT |
title_full_unstemmed |
Revocable Large Universe Decentralized Multi-Authority Attribute-Based Encryption Without Key Abuse for Cloud-Aided IoT |
title_sort |
revocable large universe decentralized multi-authority attribute-based encryption without key abuse for cloud-aided iot |
publisher |
IEEE |
publishDate |
2021 |
url |
https://doaj.org/article/6bc184e00c1a4b10abb0291485740fc9 |
work_keys_str_mv |
AT kaiqinghuang revocablelargeuniversedecentralizedmultiauthorityattributebasedencryptionwithoutkeyabuseforcloudaidediot |
_version_ |
1718426053619220480 |