Ciphertext Policy Attribute-Based Encryption (CP-ABE) is an extremely powerful asymmetric encryption mechanism, but its complexity and its overhead cannot be neglected in an Internet of Things environment. Indeed, Internet of Things, by its heterogeneous nature, may contains highly resourceconstrained devices that are not able to support the heavy overhead due to CP-ABE. Further, constrained devices, like sensors, often need to encrypt data as they are usually led to send sensitive data they collect to more powerful devices like storage servers. This paper proposes a novel approach for employing CP-ABE on highly resource-constrained sensor nodes in the IoT environments. The proposed approach exploits collaboration between heterogeneous nodes, to make feasible the implementation of CP-ABE in an IoT environment, by delegating costly operations to a set of assisting nodes. An analysis is conducted to verify that the proposed solution accomplishes safely and efficiently its objective.
Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is an extremely powerful asymmetric encryption mechanism, it allows to achieve fine-grained access control. However, there is no solution to manage efficiently key/attribute revocation problem in CP-ABE scheme. Key revocation problem is very important in dynamic environment like Internet of Things (IoT), where billions of things are connected together and are cooperating without human intervention. Existing solutions are not efficient due to their overhead (traffic) and complexity (big access trees). Other solutions require the use of powerful semitrusted proxies to re-encrypt data.The proposed solution in this paper called Batch-Based CP-ABE reduces the complexity and the overhead, and does not require extra nodes in the system. We propose to split time axis into intervals (time slots) and to send only the necessary key parts to allow refreshing the secrets keys. An analysis is conducted on the way to choose the best time slot duration in order to maximize system performances and minimize average waiting time.
KP-ABE mechanism emerges as one of the most suitable security scheme for asymmetric encryption. It has been widely used to implement access control solutions. However, due to its expensive overhead, it is difficult to consider this cryptographic scheme in resource-limited networks, such as the IoT. As the cloud has become a key infrastructural support for IoT applications, it is interesting to exploit cloud resources to perform heavy operations. In this paper, a collaborative variant of KP-ABE named C-KP-ABE for cloud-based IoT applications is proposed. Our proposal is based on the use of computing power and storage capacities of cloud servers and trusted assistant nodes to run heavy operations. A performance analysis is conducted to show the effectiveness of the proposed solution.
Abstract-Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is a promising cryptographic mechanism for fine-grained access control to shared data. Attribute/Key management is a keystone issue in CP-APE because of low efficiency of existing attribute revocation techniques. Indeed, existing solutions induce great side effect after each attribute revocation. The side effect induces rekeying and/or re-assignment of attributes to all users.In this paper, we propose a solution which does not require extra entities like proxies to re-encrypt data after every access policy change. Moreover, our solution does not imply latencies following access grants and revocations. We compare our solution with the batch-based CP-ABE attribute management technique and we show that our solution outperforms existing rekeying/revocation techniques in terms of overhead.
International audienceAttribute Based Encryption (ABE) scheme has been proposed to implement cryptographic fine grained access controlto shared information. It allows to share information of type one-to-many users, without considering the number of users andtheir identities. However, original ABE systems suffer from the non-efficiency of their attribute revocation mechanisms.Based on Ciphertext-Policy ABE (CP-ABE) scheme, we propose an efficient proxy-based immediate private key update whichdoes require neither re-encrypting ciphertexts, nor affect other users’ secret keys. The semi-trusted proxy assists nodes during the decryption process without having ability to decrypt users’ data. Finally, we analyze the security of our scheme and demonstrate that the proposed solution outperforms existing ones in terms ofgenerated overheard
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.