Visible to the public Biblio

Filters: Keyword is attribute-based encryption  [Clear All Filters]
2021-07-27
Ye, Yunxiu, Cao, Zhenfu, Shen, Jiachen.  2020.  Unbounded Key-Policy Attribute-Based Encryption with Black-Box Traceability. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :1655—1663.
Attribute-based encryption received widespread attention as soon as it was proposed. However, due to its specific characteristics, some restrictions on attribute set are not flexible enough in actual operation. In addition, since access authorities are determined according to users' attributes, users sharing the same attributes are difficult to be distinguished. Once a malicious user makes illicit gains by their decryption authorities, it is difficult to track down specific user. This paper follows practical demands to propose a more flexible key-policy attribute-based encryption scheme with black-box traceability. The scheme has a constant size of public parameters which can be utilized to construct attribute-related parameters flexibly, and the method of traitor tracing in broadcast encryption is introduced to achieve effective malicious user tracing. In addition, the security and feasibility can be proved by the security proofs and performance evaluation in this paper.
Zhang, Wei, Zhang, ZhiShuo, Wu, Yi.  2020.  Multi-Authority Attribute Based Encryption With Policy-hidden and Accountability. 2020 International Conference on Space-Air-Ground Computing (SAGC). :95—96.
In this paper, an attribute-based encryption scheme with policy hidden and key tracing under multi-authority is proposed. In our scheme, the access structure is embedded into the ciphertext implicitly and the attacker cannot gain user's private information by access structure. The key traceability is realized under multi-authority and collusion is prevented. Finally, based on the DBDH security model, it is proved that this scheme can resist the plaintext attack under the standard model.
Yin, Changchun, Wang, Hao, Zhou, Lu, Fang, Liming.  2020.  Ciphertext-Policy Attribute-Based Encryption with Multi-keyword Search over Medical Cloud Data. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :277—284.
Over the years, public health has faced a large number of challenges like COVID-19. Medical cloud computing is a promising method since it can make healthcare costs lower. The computation of health data is outsourced to the cloud server. If the encrypted medical data is not decrypted, it is difficult to search for those data. Many researchers have worked on searchable encryption schemes that allow executing searches on encrypted data. However, many existing works support single-keyword search. In this article, we propose a patient-centered fine-grained attribute-based encryption scheme with multi-keyword search (CP-ABEMKS) for medical cloud computing. First, we leverage the ciphertext-policy attribute-based technique to construct trapdoors. Then, we give a security analysis. Besides, we provide a performance evaluation, and the experiments demonstrate the efficiency and practicality of the proposed CP-ABEMKS.
2021-06-28
Alshehri, Mohammed, Panda, Brajendra.  2020.  Minimizing Data Breach by a Malicious Fog Node within a Fog Federation. 2020 7th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud)/2020 6th IEEE International Conference on Edge Computing and Scalable Cloud (EdgeCom). :36–43.
Fog computing was emerged as mini-clouds deployed close to the ground to reduce communication overhead and time latency between the cloud and end-users' devices. Because fog computing is an extension of cloud computing, it inherits the security and privacy issues cloud computing has faced. If a Fog Node (FN) serving end-devices goes rogue or becomes maliciously compromised, this would hinder individuals' and organizations' data security (e.g., Confidentiality, Integrity, and Availability). This paper presents a novel scheme based on the Ciphertext-Policy-Attribute-Based-Encryption (CP-ABE) and hashing cryptographic primitives to minimize the amount of data in danger of breach by rogue fog nodes with maintaining the fog computing services provided to end-users' devices. This scheme manages to oust rogue Fog Nodes (FNs) and to prevent them from violating end-users' data security while guarantying the features provided by the fog computing paradigm. We demonstrate our scheme's applicability and efficiency by carrying out performance analysis and analyzing its security, and communication overhead.
2021-05-25
Pradhan, Ankit, R., Punith., Sethi, Kamalakanta, Bera, Padmalochan.  2020.  Smart Grid Data Security using Practical CP-ABE with Obfuscated Policy and Outsourcing Decryption. 2020 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA). :1–8.
Smart grid consists of multiple different entities related to various energy management systems which share fine-grained energy measurements among themselves in an optimal and reliable manner. Such delivery is achieved through intelligent transmission and distribution networks composed of various stakeholders like Phasor Measurement Units (PMUs), Master and Remote Terminal Units (MTU and RTU), Storage Centers and users in power utility departments subject to volatile changes in requirements. Hence, secure accessibility of data becomes vital in the context of efficient functioning of the smart grid. In this paper, we propose a practical attribute-based encryption scheme for securing data sharing and data access in Smart Grid architectures with the added advantage of obfuscating the access policy. This is aimed at preserving data privacy in the context of competing smart grid operators. We build our scheme on Linear Secret Sharing (LSS) Schemes for supporting any monotone access structures and thus enhancing the expressiveness of access policies. Lastly, we analyze the security, access policy privacy and collusion resistance properties of our cryptosystem and provide an efficiency comparison as well as experimental analysis using the Charm-Crypto framework to validate the proficiency of our proposed solution.
2021-04-27
Niu, S., Chen, L., Liu, W..  2020.  Attribute-Based Keyword Search Encryption Scheme with Verifiable Ciphertext via Blockchains. 2020 IEEE 9th Joint International Information Technology and Artificial Intelligence Conference (ITAIC). 9:849–853.
In order to realize the sharing of data by multiple users on the blockchain, this paper proposes an attribute-based searchable encryption with verifiable ciphertext scheme via blockchain. The scheme uses the public key algorithm to encrypt the keyword, the attribute-based encryption algorithm to encrypt the symmetric key, and the symmetric key to encrypt the file. The keyword index is stored on the blockchain, and the ciphertext of the symmetric key and file are stored on the cloud server. The scheme uses searchable encryption technology to achieve secure search on the blockchain, uses the immutability of the blockchain to ensure the security of the keyword ciphertext, uses verify algorithm guarantees the integrity of the data on the cloud. When the user's attributes need to be changed or the ciphertext access structure is changed, the scheme uses proxy re-encryption technology to implement the user's attribute revocation, and the authority center is responsible for the whole attribute revocation process. The security proof shows that the scheme can achieve ciphertext security, keyword security and anti-collusion. In addition, the numerical results show that the proposed scheme is effective.
Alniamy, A. M., Liu, H..  2020.  Blockchain-Based Secure Collaboration Platform for Sharing and Accessing Scientific Research Data. 2020 3rd International Conference on Hot Information-Centric Networking (HotICN). :34—40.
Research teams or institutions in different countries need an effective and secure online platform for collaboration and data sharing. It is essential to build such a collaboration platform with strong data security and privacy. In this paper, we propose a platform for researchers to collaborate and share their data by leveraging attribute-based access control (ABAC) and blockchain technologies. ABAC provides an access control paradigm whereby access rights are granted to users through attribute-based policies, instead of user identities and roles. Hyperledger fabric permission blockchain is used to enable a decentralized secure data sharing environment and preserves user’s privacy. The proposed platform allows researchers to fully control their data, manage access to the data at a fine-grained level, keep file updates with proof of authorship, and ensure data integrity and privacy.
Mante, R. V., Bajad, N. R..  2020.  A Study of Searchable and Auditable Attribute Based Encryption in Cloud. 2020 5th International Conference on Communication and Electronics Systems (ICCES). :1411—1415.
In cloud computing, the data is stored and retrieved through the internet. There are some common systems for cloud storage which includes the system for e-health records, the file stored on to the cloud server includes information which is private and sensitive, and the main focus should be that at the time when data gets shared, the content of the file should not be revealed. One of the ways to secure the file data is to simply encrypt the file, but on the other side, the authenticate user to which the data is shared will not be able to use it. User's time and memory are saved by Storing data in the cloud. The main issue is that the user loses total control over the once it is upload. This issue needs to be addressed while designing the system. In this paper the study of various mechanisms and techniques for data security stored over the cloud and hiding of the sensitive and private data. The paper also discusses the various issues faced while using or applying the techniques. Here, a system is proposed to use the encryption techniques, algorithms as well as secure cloud storage.
2021-01-28
Inshi, S., Chowdhury, R., Elarbi, M., Ould-Slimane, H., Talhi, C..  2020.  LCA-ABE: Lightweight Context-Aware Encryption for Android Applications. 2020 International Symposium on Networks, Computers and Communications (ISNCC). :1—6.

The evolving of context-aware applications are becoming more readily available as a major driver of the growth of future connected smart, autonomous environments. However, with the increasing of security risks in critical shared massive data capabilities and the increasing regulation requirements on privacy, there is a significant need for new paradigms to manage security and privacy compliances. These challenges call for context-aware and fine-grained security policies to be enforced in such dynamic environments in order to achieve efficient real-time authorization between applications and connected devices. We propose in this work a novel solution that aims to provide context-aware security model for Android applications. Specifically, our proposition provides automated context-aware access control model and leverages Attribute-Based Encryption (ABE) to secure data communications. Thorough experiments have been performed and the evaluation results demonstrate that the proposed solution provides an effective lightweight adaptable context-aware encryption model.

2020-10-19
Sun, Pan Jun.  2019.  Privacy Protection and Data Security in Cloud Computing: A Survey, Challenges, and Solutions. IEEE Access. 7:147420–147452.
Privacy and security are the most important issues to the popularity of cloud computing service. In recent years, there are many research schemes of cloud computing privacy protection based on access control, attribute-based encryption (ABE), trust and reputation, but they are scattered and lack unified logic. In this paper, we systematically review and analyze relevant research achievements. First, we discuss the architecture, concepts and several shortcomings of cloud computing, and propose a framework of privacy protection; second, we discuss and analyze basic ABE, KP-ABE (key policy attribute-based encryption), CP-ABE (ciphertext policy attribute-based encryption), access structure, revocation mechanism, multi-authority, fine-grained, trace mechanism, proxy re-encryption (PRE), hierarchical encryption, searchable encryption (SE), trust, reputation, extension of tradition access control and hierarchical key; third, we propose the research challenge and future direction of the privacy protection in the cloud computing; finally, we point out corresponding privacy protection laws to make up for the technical deficiencies.
Hong, Bo, Chen, Jie, Zhang, Kai, Qian, Haifeng.  2019.  Multi-Authority Non-Monotonic KP-ABE With Cryptographic Reverse Firewall. IEEE Access. 7:159002–159012.
The revelations of Snowden show that hardware and software of devices may corrupt users' machine to compromise the security in various ways. To address this concern, Mironov and Stephen-Davidowitz introduce the Cryptographic Reverse Firewall (CRF) concept that is able to resist the ex-filtration of secret information for some compromised machine (Eurocrypt 2015). There are some applications of CRF deployed in many cryptosystems, but less studied and deployed in Attribute-Based Encryption (ABE) field, which attracts a wide range of attention and is employed in real-world scenarios (i.e., data sharing in cloud). In this work, we focus how to give a CRF security protection for a multi-authority ABE scheme and hence propose a multi-authority key-policy ABE scheme with CRF (acronym, MA-KP-ABE-CRF), which supports attribute distribution and non-monotonic access structure. To achieve this, beginning with revisiting a MA-KP-ABE with non-trivial combining non-monotonic formula, we then give the randomness of ciphertexts and secret keys with reverse firewall and give formal security analysis. Finally, we give a simulation on our MA-KP-ABE-CRF system based on Charm library whose the experimental results demonstrate practical efficiency.
2020-09-04
Qin, Baodong, Zheng, Dong.  2019.  Generic Approach to Outsource the Decryption of Attribute-Based Encryption in Cloud Computing. IEEE Access. 7:42331—42342.

The notion of attribute-based encryption with outsourced decryption (OD-ABE) was proposed by Green, Hohenberger, and Waters. In OD-ABE, the ABE ciphertext is converted to a partially-decrypted ciphertext that has a shorter bit length and a faster decryption time than that of the ABE ciphertext. In particular, the transformation can be performed by a powerful third party with a public transformation key. In this paper, we propose a generic approach for constructing ABE with outsourced decryption from standard ABE, as long as the later satisfies some additional properties. Its security can be reduced to the underlying standard ABE in the selective security model by a black-box way. To avoid the drawback of selective security in practice, we further propose a modified decryption outsourcing mode so that our generic construction can be adapted to satisfying adaptive security. This partially solves the open problem of constructing an OD-ABE scheme, and its adaptive security can be reduced to the underlying ABE scheme in a black-box way. Then, we present some concrete constructions that not only encompass existing ABE outsourcing schemes of Green et al., but also result in new selectively/adaptively-secure OD-ABE schemes with more efficient transformation key generation algorithm. Finally, we use the PBC library to test the efficiency of our schemes and compare the results with some previous ones, which shows that our schemes are more efficient in terms of decryption outsourcing and transformation key generation.

Zhao, Zhen, Lai, Jianchang, Susilo, Willy, Wang, Baocang, Hu, Yupu, Guo, Fuchun.  2019.  Efficient Construction for Full Black-Box Accountable Authority Identity-Based Encryption. IEEE Access. 7:25936—25947.

Accountable authority identity-based encryption (A-IBE), as an attractive way to guarantee the user privacy security, enables a malicious private key generator (PKG) to be traced if it generates and re-distributes a user private key. Particularly, an A-IBE scheme achieves full black-box security if it can further trace a decoder box and is secure against a malicious PKG who can access the user decryption results. In PKC'11, Sahai and Seyalioglu presented a generic construction for full black-box A-IBE from a primitive called dummy identity-based encryption, which is a hybrid between IBE and attribute-based encryption (ABE). However, as the complexity of ABE, their construction is inefficient and the size of private keys and ciphertexts in their instantiation is linear in the length of user identity. In this paper, we present a new efficient generic construction for full black-box A-IBE from a new primitive called token-based identity-based encryption (TB-IBE), without using ABE. We first formalize the definition and security model for TB-IBE. Subsequently, we show that a TB-IBE scheme satisfying some properties can be converted to a full black-box A-IBE scheme, which is as efficient as the underlying TB-IBE scheme in terms of computational complexity and parameter sizes. Finally, we give an instantiation with the computational complexity as O(1) and the constant size master key pair, private keys, and ciphertexts.

2020-08-17
He, Peixuan, Xue, Kaiping, Xu, Jie, Xia, Qiudong, Liu, Jianqing, Yue, Hao.  2019.  Attribute-Based Accountable Access Control for Multimedia Content with In-Network Caching. 2019 IEEE International Conference on Multimedia and Expo (ICME). :778–783.
Nowadays, multimedia content retrieval has become the major service requirement of the Internet and the traffic of these contents has dominated the IP traffic. To reduce the duplicated traffic and improve the performance of distributing massive volumes of multimedia contents, in-network caching has been proposed recently. However, because in-network content caching can be directly utilized to respond users' requests, multimedia content retrieval is beyond content providers' control and makes it hard for them to implement access control and service accounting. In this paper, we propose an attribute-based accountable access control scheme for multimedia content distribution while making the best of in-network caching, in which content providers can be fully offline. In our scheme, the attribute-based encryption at multimedia content provider side and access policy based authentication at the edge router side jointly ensure the secure access control, which is also efficient in both space and time. Besides, secure service accounting is implemented by letting edge routers collect service credentials generated during users' request process. Through the informal security analysis, we prove the security of our scheme. Simulation results demonstrate that our scheme is efficient with acceptable overhead.
Garg, Hittu, Dave, Mayank.  2019.  Securing User Access at IoT Middleware Using Attribute Based Access Control. 2019 10th International Conference on Computing, Communication and Networking Technologies (ICCCNT). :1–6.
IoT middleware is an additional layer between IoT devices and the cloud applications that reduces computation and data handling on the cloud. In a typical IoT system model, middleware primarily connects to different IoT devices via IoT gateway. Device data stored on middleware is sensitive and private to a user. Middleware must have built-in mechanisms to address these issues, as well as the implementation of user authentication and access control. This paper presents the current methods used for access control on middleware and introduces Attribute-based encryption (ABE) on middleware for access control. ABE combines access control with data encryption for ensuring the integrity of data. In this paper, we propose Ciphertext-policy attribute-based encryption, abbreviated CP-ABE scheme on the middleware layer in the IoT system architecture for user access control. The proposed scheme is aimed to provide security and efficiency while reducing complexity on middleware. We have used the AVISPA tool to strengthen the proposed scheme.
Fischer, Marten, Scheerhorn, Alfred, Tönjes, Ralf.  2019.  Using Attribute-Based Encryption on IoT Devices with instant Key Revocation. 2019 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops). :126–131.
The Internet of Things (IoT) relies on sensor devices to measure real-world phenomena in order to provide IoT services. The sensor readings are shared with multiple entities, such as IoT services, other IoT devices or other third parties. The collected data may be sensitive and include personal information. To protect the privacy of the users, the data needs to be protected through an encryption algorithm. For sharing cryptographic cipher-texts with a group of users Attribute-Based Encryption (ABE) is well suited, as it does not require to create group keys. However, the creation of ABE cipher-texts is slow when executed on resource constraint devices, such as IoT sensors. In this paper, we present a modification of an ABE scheme, which not only allows to encrypt data efficiently using ABE but also reduces the size of the cipher-text, that must be transmitted by the sensor. We also show how our modification can be used to realise an instantaneous key revocation mechanism.
Eswaraiah, Guruprasad, Subramanian, Lalitha Muthu, Vishwanathan, Roopa.  2019.  Exploring Automation in Proofs of Attribute-based Encryption in the Standard Model. 2019 17th International Conference on Privacy, Security and Trust (PST). :1–5.
Motivated by the complexity of cryptographic proofs, we propose methods to automate the construction and verification of cryptographic proofs in the standard model. Proofs in the standard model (as opposed to the random oracle model) are the gold standard of cryptographic proofs, and most cryptographic protocols strive to achieve them. The burgeoning complexity of cryptographic proofs implies that such proofs are prone to errors, and are hard to write, much less verify. In this paper, we propose techniques to generate automated proofs for attribute-based encryption schemes in the standard model, building upon a prototype tool, AutoG&P due to Barthe et al. In doing so, we significantly expand the scope of AutoG&P to support a rich set of data types such as multi-dimensional arrays, and constructs commonly used in cryptographic protocols such as monotone-access structures, and linear secret-sharing schemes. We also provide support for a extended class of pairing-based assumptions. We demonstrate the usefulness of our extensions by giving automated proofs of the Lewko et al. attribute-based encryption scheme, and the Waters' ciphertext-policy attribute-based encryption scheme.
Myint, Phyo Wah Wah, Hlaing, Swe Zin, Htoon, Ei Chaw.  2019.  Policy-based Revolutionary Ciphertext-policy Attributes-based Encryption. 2019 International Conference on Advanced Information Technologies (ICAIT). :227–232.
Ciphertext-policy Attributes-based Encryption (CP-ABE) is an encouraging cryptographic mechanism. It behaves an access control mechanism for data security. A ciphertext and secret key of user are dependent upon attributes. As a nature of CP-ABE, the data owner defines access policy before encrypting plaintext by his right. Therefore, CP-ABE is suitable in a real environment. In CP-ABE, the revocation issue is demanding since each attribute is shared by many users. A policy-based revolutionary CP-ABE scheme is proposed in this paper. In the proposed scheme, revocation takes place in policy level because a policy consists of threshold attributes and each policy is identified as a unique identity number. Policy revocation means that the data owner updates his policy identity number for ciphertext whenever any attribute is changed in his policy. To be a flexible updating policy control, four types of updating policy levels are identified for the data owner. Authorized user gets a secret key from a trusted authority (TA). TA updates the secret key according to the policy updating level done by the data owner. This paper tests personal health records (PHRs) and analyzes execution times among conventional CP-ABE, other enhanced CP-ABE and the proposed scheme.
Girgenti, Benedetto, Perazzo, Pericle, Vallati, Carlo, Righetti, Francesca, Dini, Gianluca, Anastasi, Giuseppe.  2019.  On the Feasibility of Attribute-Based Encryption on Constrained IoT Devices for Smart Systems. 2019 IEEE International Conference on Smart Computing (SMARTCOMP). :225–232.
The Internet of Things (IoT) is enabling a new generation of innovative services based on the seamless integration of smart objects into information systems. Such IoT devices generate an uninterrupted flow of information that can be transmitted through an untrusted network and stored on an untrusted infrastructure. The latter raises new security and privacy challenges that require novel cryptographic methods. Attribute-Based Encryption (ABE) is a new type of public-key encryption that enforces a fine-grained access control on encrypted data based on flexible access policies. The feasibility of ABE adoption in fully-fledged computing systems, i.e. smartphones or embedded systems, has been demonstrated in recent works. In this paper we assess the feasibility of the adoption of ABE in typical IoT constrained devices, characterized by limited capabilities in terms of computing, storage and power. Specifically, an implementation of three ABE schemes for ESP32, a low-cost popular platform to deploy IoT devices, is developed and evaluated in terms of encryption/decryption time and energy consumption. The performance evaluation shows that the adoption of ABE on constrained devices is feasible, although it has a cost that increases with the number of attributes. The analysis in particular highlights how ABE has a significant impact in the lifetime of battery-powered devices, which is impaired significantly when a high number of attributes is adopted.
La Manna, Michele, Perazzo, Pericle, Rasori, Marco, Dini, Gianluca.  2019.  fABElous: An Attribute-Based Scheme for Industrial Internet of Things. 2019 IEEE International Conference on Smart Computing (SMARTCOMP). :33–38.
The Internet of Things (IoT) is a technological vision in which constrained or embedded devices connect together through the Internet. This enables common objects to be empowered with communication and cooperation capabilities. Industry can take an enormous advantage of IoT, leading to the so-called Industrial IoT. In these systems, integrity, confidentiality, and access control over data are key requirements. An emerging approach to reach confidentiality and access control is Attribute-Based Encryption (ABE), which is a technique able to enforce cryptographically an access control over data. In this paper, we propose fABElous, an ABE scheme suitable for Industrial IoT applications which aims at minimizing the overhead of encryption on communication. fABElous ensures data integrity, confidentiality, and access control, while reducing the communication overhead of 35% with respect to using ABE techniques naively.
Ponomarev, Kirill Yu..  2019.  Attribute-Based Access Control in Service Mesh. 2019 Dynamics of Systems, Mechanisms and Machines (Dynamics). :1–4.
Modern cloud applications can consist of hundreds of services with thousands of instances. In order to solve the problems of interservice interaction in this highly dynamic environment, an additional software infrastructure layer called service mesh is introduced. This layer provides a single point of interaction with the network for each service. Service mesh mechanisms are responsible for: load balancing, processing of network requests, service discovery, authentication, authorization, etc. However, the following questions arise: complex key management, fine-grained access control at the application level, confidentiality of data and many-to-many communications. It is possible to solve these problems with Attribute-based encryption (ABE) methods. This paper presents an abstract model of a service mesh and a protocol for interservice communications, which uses ABE for authorization and confidentiality of the messages.
Huang, Kaiqing.  2019.  Multi-Authority Attribute-Based Encryption for Resource-Constrained Users in Edge Computing. 2019 International Conference on Information Technology and Computer Application (ITCA). :323–326.
Multi-authority attribute-based encryption (MA-ABE) is a promising technique to protect data privacy and achieve fine-grained access control in edge computing for Internet of Things (IoT). However, most of the existing MA-ABE schemes suffer from expensive computational cost in the encryption and decryption phases, which are not practical for resource constrained users in IoT. We propose a large-universe MA-CP-ABE scheme with online/offline encryption and outsourced decryption. In our scheme, most expensive encryption operations have been executed in the user's initialization phase by adding reusable ciphertext pool besides splitting the encryption algorithm to online encryption and offline encryption. Moreover, massive decryption operation are outsourced to the near edge server for reducing the computation overhead of decryption. The proposed scheme is proven statically secure under the q-DPBDHE2 assumption. The performance analysis results indicate that the proposed scheme is efficient and suitable for resource-constrained users in edge computing for IoT.
2020-08-13
Huang, Qinlong, Li, Nan, Zhang, Zhicheng, Yang, Yixian.  2019.  Secure and Privacy-Preserving Warning Message Dissemination in Cloud-Assisted Internet of Vehicles. 2019 IEEE Conference on Communications and Network Security (CNS). :1—8.

Cloud-assisted Internet of Vehicles (IoV)which merges the advantages of both cloud computing and Internet of Things that can provide numerous online services, and bring lots of benefits and conveniences to the connected vehicles. However, the security and privacy issues such as confidentiality, access control and driver privacy may prevent it from being widely utilized for message dissemination. Existing attribute-based message encryption schemes still bring high computational cost to the lightweight vehicles. In this paper, we introduce a secure and privacy-preserving dissemination scheme for warning message in cloud-assisted IoV. Firstly, we adopt attribute-based encryption to protect the disseminated warning message, and present a verifiable encryption and decryption outsourcing construction to reduce the computational overhead on vehicles. Secondly, we present a conditional privacy preservation mechanism which utilizes anonymous identity-based signature technique to ensure anonymous vehicle authentication and message integrity checking, and also allows the trusted authority to trace the real identity of malicious vehicle. We further achieve batch verification to improve the authentication efficiency. The analysis indicate that our scheme gains more security properties and reduces the computational overhead on the vehicles.

2020-07-24
Wang, Jinmiao, Lang, Bo.  2016.  An efficient KP-ABE scheme for content protection in Information-Centric Networking. 2016 IEEE Symposium on Computers and Communication (ISCC). :830—837.

Media streaming has largely dominated the Internet traffic and the trend will keep increasing in the next years. To efficiently distribute the media content, Information-Centric Networking (ICN) has attracted many researchers. Since end users usually obtain content from indeterminate caches in ICN, the publisher cannot reinforce data security and access control depending on the caches. Hence, the ability of self-contained protection is important for the cached contents. Attribute-based encryption (ABE) is considered the preferred solution to achieve this goal. However, the existing ABE schemes usually have problems regarding efficiency. The exponentiation in key generation and pairing operation in decryption respectively increases linearly with the number of attributes involved, which make it costly. In this paper, we propose an efficient key-policy ABE with fast key generation and decryption (FKP-ABE). In the key generation, we get rid of exponentiation and only require multiplications/divisions for each attribute in the access policy. And in the decryption, we reduce the pairing operations to a constant number, no matter how many attributes are used. The efficiency analysis indicates that our scheme has better performance than the existing KP-ABE schemes. Finally, we present an implementation framework that incorporates the proposed FKP-ABE with the ICN architecture.

2020-07-20
Liu, Zechao, Wang, Xuan, Cui, Lei, Jiang, Zoe L., Zhang, Chunkai.  2017.  White-box traceable dynamic attribute based encryption. 2017 International Conference on Security, Pattern Analysis, and Cybernetics (SPAC). :526–530.
Ciphertext policy attribute-based encryption (CP-ABE) is a promising technology that offers fine-grained access control over encrypted data. In a CP-ABE scheme, any user can decrypt the ciphertext using his secret key if his attributes satisfy the access policy embedded in the ciphertext. Since the same ciphertext can be decrypted by multiple users with their own keys, the malicious users may intentionally leak their decryption keys for financial profits. So how to trace the malicious users becomes an important issue in a CP-ABE scheme. In addition, from the practical point of view, users may leave the system due to resignation or dismissal. So user revocation is another hot issue that should be solved. In this paper, we propose a practical CP-ABE scheme. On the one hand, our scheme has the properties of traceability and large universe. On the other hand, our scheme can solve the dynamic issue of user revocation. The proposed scheme is proved selectively secure in the standard model.