scholarly journals Ciphertext-policy attribute-based encryption with hidden sensitive policy from keyword search techniques in smart city

2021 ◽  
Vol 2021 (1) ◽  
Author(s):  
Fei Meng ◽  
Leixiao Cheng ◽  
Mingqiang Wang
Keyword(s):  
Smart City ◽  
Keyword Search ◽  
Sensitive Information ◽  
Security Model ◽  
Computational Overhead ◽  
Diffie Hellman ◽  
Attribute Based Encryption ◽  
Iot Devices ◽  
Ciphertext Policy ◽  
Access Policies

AbstractCountless data generated in Smart city may contain private and sensitive information and should be protected from unauthorized users. The data can be encrypted by Attribute-based encryption (CP-ABE), which allows encrypter to specify access policies in the ciphertext. But, traditional CP-ABE schemes are limited because of two shortages: the access policy is public i.e., privacy exposed; the decryption time is linear with the complexity of policy, i.e., huge computational overheads. In this work, we introduce a novel method to protect the privacy of CP-ABE scheme by keyword search (KS) techniques. In detail, we define a new security model called chosen sensitive policy security: two access policies embedded in the ciphertext, one is public and the other is sensitive and hidden. If user's attributes don't satisfy the public policy, he/she cannot get any information (attribute name and its values) of the hidden one. Previous CP-ABE schemes with hidden policy only work on the “AND-gate” access structure or their ciphertext size or decryption time maybe super-polynomial. Our scheme is more expressive and compact. Since, IoT devices spread all over the smart city, so the computational overhead of encryption and decryption can be shifted to third parties. Therefore, our scheme is more applicable to resource-constrained users. We prove our scheme to be selective secure under the decisional bilinear Diffie-Hellman (DBDH) assumption.

scholarly journals Ciphertext-Policy Attribute-based Encryption with Hidden Sensitive Policy for Recruitment in Smart City

2020 ◽  
Author(s):  
Fei Meng ◽  
Leixiao Cheng ◽  
Mingqiang Wang
Keyword(s):  
Smart City ◽  
End Users ◽  
The Other ◽  
Sensitive Information ◽  
Security Model ◽  
Access Policy ◽  
Computational Overhead ◽  
Attribute Based Encryption ◽  
Ciphertext Policy ◽  
Access Policies

Abstract Smart city, as a promising technical tendency, greatly facilitates citizens and generates innumerable data, some of which is very private and sensitive. To protect data from unauthorized users, ciphertext-policy attribute-based encryption (CP-ABE) enables data owner to specify an access policy on encrypted data. However, There are two drawbacks in traditional CP-ABE schemes. On the one hand, the access policy is revealed in the ciphertext so that sensitive information contained in the policy is exposed to anyone who obtains the ciphertext. For example, both the plaintext and access policy of an encrypted recruitment may reveal the company's future development plan. On the other hand, the decryption time scales linearly with the complexity of the access, which makes it unsuitable for resource-limited end users. In this paper, we propose a CP-ABE scheme with hidden sensitive policy for recruitment in smart city. Specifically, we introduce a new security model chosen sensitive policy security: two access policies embedded in the ciphertext, one is public and the other is sensitive and fully hidden, only if user's attributes satisfy the public policy, it's possible for him/her to learn about the hidden policy, otherwise he/she cannot get any information (attribute name and its values) of it. When the user satisfies both access policies, he/she can obtain and decrypt the ciphertext. Compared with other CP-ABE schemes, our scheme supports a more expressive access policy, since the access policy of their schemes only work on the ``AND-gate'' structure. In addition, intelligent devices spread all over the smart city, so partial computational overhead of encryption of our scheme can be outsourced to these devices as fog nodes, while most part overhead in the decryption process is outsourced to the cloud. Therefore, our scheme is more applicable to end users with resource-constrained mobile devices. We prove our scheme to be selective secure under the decisional bilinear Diffie-Hellman (DBDH) assumption.

scholarly journals Ciphertext-Policy Attribute-based Encryption with Hidden Sensitive Policy from Keyword Search Techniques in Smarty City

2020 ◽  
Author(s):  
Fei Meng ◽  
Leixiao Cheng ◽  
Mingqiang Wang
Keyword(s):  
Smart City ◽  
Keyword Search ◽  
End Users ◽  
The Other ◽  
Sensitive Information ◽  
Security Model ◽  
Access Policy ◽  
Attribute Based Encryption ◽  
Ciphertext Policy ◽  
Access Policies

Abstract Smart city greatly facilitates citizens and generates innumerable data, some of which is very private and sensitive. To protect data from unauthorized users, ciphertext-policy attribute-based encryption (CP-ABE) enables data owner to specify an access policy on encrypted data. However, There are two drawbacks in traditional CP-ABE schemes. On the one hand, the access policy is revealed in the ciphertext so that sensitive information contained in the policy is exposed to anyone who obtains the ciphertext. For example, both the plaintext and access policy of an encrypted recruitment may reveal the company’s future development plan. On the other hand, the decryption time scales linearly with the complexity of the access, which makes it unsuitable for resource-limited end users. In this paper, we propose a CP-ABE scheme with hidden sensitive policy from keyword search (KS) techniques in smart city. Specifically, we introduce a new security model chosen sensitive policy security : two access policies embedded in the ciphertext, one is public and the other is sensitive and fully hidden, only if user’s attributes satisfy the public policy, it’s possible for him/her to learn about the hidden policy, otherwise he/she cannot get any information (attribute name and its values) of it. When the user satisfies both access policies, he/she can obtain and decrypt the ciphertext. Compared with other CP-ABE schemes, our scheme exploits KS techniques to achieve more expressive and efficient, while the access policy of their schemes only work on the “AND-gate” structure or their ciphertext size or decryption time maybe super-polynomial. In addition, intelligent devices spread all over the smart city, so partial computational overhead of encryption of our scheme can be outsourced to these devices as fog nodes, while most part overhead in the decryption process is outsourced to the cloud.Therefore, our scheme is more applicable to end users with resource-constrained mobile devices. We prove our scheme to be selective secure under the decisional bilinear Diffie-Hellman (DBDH) assumption.

Fine-Grained Access Control with Efficient Revocation in Cloud Storage

2014 ◽  
Vol 571-572 ◽  
pp. 79-89
Author(s):  
Ting Zhong ◽  
You Peng Sun ◽  
Qiao Liu
Keyword(s):  
Access Control ◽  
Cloud Storage ◽  
Storage System ◽  
Fine Grained ◽  
Computational Overhead ◽  
Attribute Based Encryption ◽  
Encrypt Data ◽  
User Revocation ◽  
Ciphertext Policy ◽  
Access Policies

In the cloud storage system, the server is no longer trusted, which is different from the traditional storage system. Therefore, it is necessary for data owners to encrypt data before outsourcing it for sharing. Simultaneously, the enforcement of access policies and support of policies updates becomes one of the most challenging issues. Ciphertext-policy attribute-based encryption (CP-ABE) is an appropriate solution to this issue. However, it comes with a new obstacle which is the attribute and user revocation. In this paper, we propose a fine-grained access control scheme with efficient revocation based on CP-ABE approach. In the proposed scheme, we not only realize an efficient and immediate revocation, but also eliminate some burden of computational overhead. The analysis results indicate that the proposed scheme is efficient and secure for access control in cloud storage systems.

scholarly journals CAKE: Compatible Authentication and Key Exchange Protocol for a Smart City in 5G Networks

Symmetry ◽  
2021 ◽  
Vol 13 (4) ◽  
pp. 698
Author(s):  
Yun-Hsin Chuang ◽  
Yuh-Min Tseng
Keyword(s):  
Smart City ◽  
Service Providers ◽  
Smart Cities ◽  
Key Exchange ◽  
Third Party ◽  
Security Model ◽  
Session Key ◽  
Diffie Hellman ◽  
Iot Devices ◽  
And Storage

In a smart city, there are different types of entities, such as nature persons, IoT devices, and service providers, which have different computational limitations and storage limitations. Unfortunately, all of the existing authentication and key exchange (AKE) protocols are designed for either client–server or client–client authentication, including the ones designed for smart cities. In this paper, we present the idea of a compatible authentication and key exchange (CAKE) protocol which provides cross-species authentication. We propose the first CAKE protocol for a smart city that any two valid entities can authenticate with each other and create a secure session key without the help of any third party, while there is also no password table and no public key issuing problem. The entity can be a natural person having biometrics, an IoT device embedded with a physical unclonable function (PUF), or a service provider. Moreover, we extend the CAKE protocol to an anonymous CAKE (ACAKE) protocol, which provides natural persons an anonymous option to protect their privacy. In addition, both the proposed CAKE and ACAKE protocols can deal with the entity revocation problem. We define the framework and the security model of CAKE and ACAKE protocols. Under the security model, we formally prove that the proposed protocols are secure under the elliptic curve computational Diffie–Hellman (ECCDH) problem, the decisional bilinear Diffie–Hellman (DBDH) problem, and hash function assumptions. Comparisons with the related protocols are conducted to demonstrate the benefits of our protocols. Performance analysis is conducted and the experience results show that the proposed protocols are practical in a smart city.

scholarly journals Outsourced ciphertext-policy attribute-based encryption with partial policy hidden

2020 ◽  
Vol 16 (5) ◽  
pp. 155014772092636
Author(s):  
Jinxia Yu ◽  
Guanghui He ◽  
Xixi Yan ◽  
Yongli Tang ◽  
Rongxia Qin
Keyword(s):  
Bilinear Pairing ◽  
Sensitive Information ◽  
Privacy Concerns ◽  
Access Policy ◽  
Fine Grained ◽  
Attribute Based Encryption ◽  
Cloud Server ◽  
And Performance ◽  
Ciphertext Policy ◽  
Access Policies

Attribute-based encryption is an efficient and flexible fine-grained access control scheme. However, how to realize the attribute privacy concerns in the access policy and optimize the heavy computing overhead have been not adequately addressed. First, in view of the open-access policies formulated by data owners in the cloud environment and the linear growth of bilinear pairing operations with the number of attributes in the decryption process, a verifiable outsourced attribute-based encryption with partial policy hidden scheme is proposed, in which the attribute name of access policy can be sent while attribute value involving sensitive information can be hidden, so nobody can infer information from the access policy. Second, the bilinear pairing operation and modular power operation are outsourced to the cloud server, then users only need to perform constant exponential operation to decrypt. In addition, the proposed scheme is based on the composite order bilinear group and satisfies full secure under the standard model. Finally, compared with other schemes in term of function and performance, it shows that this scheme is more efficient and suitable for resource-constrained mobile devices in outsourcing environment.

scholarly journals Unified Ciphertext-Policy Weighted Attribute-Based Encryption for Sharing Data in Cloud Computing

2018 ◽  
Vol 8 (12) ◽  
pp. 2519
Author(s):  
Wei Li ◽  
Wei Ni ◽  
Dongxi Liu ◽  
Ren Liu ◽  
Shoushan Luo
Keyword(s):  
Cloud Computing ◽  
Mutual Information ◽  
Data Sharing ◽  
Rapid Development ◽  
Sharing Scheme ◽  
Attribute Based Encryption ◽  
Share Data ◽  
Efficient Data ◽  
Ciphertext Policy ◽  
Access Policies

With the rapid development of cloud computing, it is playing an increasingly important role in data sharing. Meanwhile, attribute-based encryption (ABE) has been an effective way to share data securely in cloud computing. In real circumstances, there is often a mutual access sub-policy in different providers’ access policies, and the significance of each attribute is usual diverse. In this paper, a secure and efficient data-sharing scheme in cloud computing, which is called unified ciphertext-policy weighted attribute-based encryption (UCP-WABE), is proposed. The weighted attribute authority assigns weights to attributes depending on their importance. The mutual information extractor extracts the mutual access sub-policy and generates the mutual information. Thus, UCP-WABE lowers the total encryption time cost of multiple providers. We prove that UCP-WABE is selectively secure on the basis of the security of ciphertext-policy weighted attribute-based encryption (CP-WABE). Additionally, the results of the implementation shows that UCP-WABE is efficient in terms of time.

scholarly journals Blockchain-Based Security Model for LoRaWAN Firmware Updates

2022 ◽  
Vol 11 (1) ◽  
pp. 5
Author(s):  
Njabulo Sakhile Mtetwa ◽  
Paul Tarwireyi ◽  
Cecilia Nombuso Sibeko ◽  
Adnan Abu-Mahfouz ◽  
Matthew Adigun
Keyword(s):  
Use Cases ◽  
Smart Devices ◽  
Area Network ◽  
Sensitive Information ◽  
Security Model ◽  
Functional Requirements ◽  
Wide Area Network ◽  
Proposed Model ◽  
Attack Surface ◽  
Iot Devices

The Internet of Things (IoT) is changing the way consumers, businesses, and governments interact with the physical and cyber worlds. More often than not, IoT devices are designed for specific functional requirements or use cases without paying too much attention to security. Consequently, attackers usually compromise IoT devices with lax security to retrieve sensitive information such as encryption keys, user passwords, and sensitive URLs. Moreover, expanding IoT use cases and the exponential growth in connected smart devices significantly widen the attack surface. Despite efforts to deal with security problems, the security of IoT devices and the privacy of the data they collect and process are still areas of concern in research. Whenever vulnerabilities are discovered, device manufacturers are expected to release patches or new firmware to fix the vulnerabilities. There is a need to prioritize firmware attacks, because they enable the most high-impact threats that go beyond what is possible with traditional attacks. In IoT, delivering and deploying new firmware securely to affected devices remains a challenge. This study aims to develop a security model that employs Blockchain and the InterPlanentary File System (IPFS) to secure firmware transmission over a low data rate, constrained Long-Range Wide Area Network (LoRaWAN). The proposed security model ensures integrity, confidentiality, availability, and authentication and focuses on resource-constrained low-powered devices. To demonstrate the utility and applicability of the proposed model, a proof of concept was implemented and evaluated using low-powered devices. The experimental results show that the proposed model is feasible for constrained and low-powered LoRaWAN devices.

An Attribute-Based Searchable Encryption Scheme for Non-Monotonic Access Structure

2020 ◽  
pp. 263-283 ◽  
Author(s):  
Mamta ­ ◽  
Brij B. Gupta
Keyword(s):  
Access Control ◽  
Searchable Encryption ◽  
Access Structure ◽  
Encryption Scheme ◽  
Security Model ◽  
Secret Key ◽  
Fine Grained ◽  
Diffie Hellman ◽  
Attribute Based Encryption ◽  
Encryption Schemes

Attribute based encryption (ABE) is a widely used technique with tremendous application in cloud computing because it provides fine-grained access control capability. Owing to this property, it is emerging as a popular technique in the area of searchable encryption where the fine-grained access control is used to determine the search capabilities of a user. But, in the searchable encryption schemes developed using ABE it is assumed that the access structure is monotonic which contains AND, OR and threshold gates. Many ABE schemes have been developed for non-monotonic access structure which supports NOT gate, but this is the first attempt to develop a searchable encryption scheme for the same. The proposed scheme results in fast search and generates secret key and search token of constant size and also the ciphertext components are quite fewer than the number of attributes involved. The proposed scheme is proven secure against chosen keyword attack (CKA) in selective security model under Decisional Bilinear Diffie-Hellman (DBDH) assumption.

scholarly journals A Lightweight Fine-Grained Search Scheme over Encrypted Data in Cloud-Assisted Wireless Body Area Networks

2019 ◽  
Vol 2019 ◽  
pp. 1-12 ◽  
Author(s):  
Mingsheng Cao ◽  
Luhan Wang ◽  
Zhiguang Qin ◽  
Chunwei Lou
Keyword(s):  
Keyword Search ◽  
Body Area Networks ◽  
Wireless Body Area Networks ◽  
Security And Privacy ◽  
Body Area ◽  
Encrypted Data ◽  
Fine Grained ◽  
Resource Limited ◽  
Attribute Based Encryption ◽  
Ciphertext Policy

The wireless body area networks (WBANs) have emerged as a highly promising technology that allows patients’ demographics to be collected by tiny wearable and implantable sensors. These data can be used to analyze and diagnose to improve the healthcare quality of patients. However, security and privacy preserving of the collected data is a major challenge on resource-limited WBANs devices and the urgent need for fine-grained search and lightweight access. To resolve these issues, in this paper, we propose a lightweight fine-grained search over encrypted data in WBANs by employing ciphertext policy attribute based encryption and searchable encryption technologies, of which the proposed scheme can provide resource-constraint end users with fine-grained keyword search and lightweight access simultaneously. We also formally define its security and prove that it is secure against both chosen plaintext attack and chosen keyword attack. Finally, we make a performance evaluation to demonstrate that our scheme is much more efficient and practical than the other related schemes, which makes the scheme more suitable for the real-world applications.

Sign in / Sign up

Export Citation Format

Share Document