Skip to main content
SpringerLink
Log in

Flexible symmetric predicate encryption for data privacy in IoT environments

  • Published:
Peer-to-Peer Networking and Applications Aims and scope Submit manuscript

Abstract

Internet of Things (IoT) applications are revolutionizing lifestyles and social management. In IoT environments, there is a need to deploy a large number of sensing devices, which are typically resource-constrained, with limited computational power and communication resources. Due to its open nature, IoT applications confront potential security and privacy risks in exchange for convenience, with data privacy being a significant concern. Predicate encryption (PE) offers a promising approach to address this concern. However, most PE schemes are public-key cryptosystems, which are more expensive compared to symmetric cryptography. These costs are burdensome for resource-constrained devices, especially when dealing with massive amounts of data. A recent study by Viet et al. (ESORICS’2022) introduced a symmetric PE scheme. However, this scheme’s representation of attributes and predicates is limited. To overcome this limitation, we propose a flexible symmetric PE scheme. In the proposed scheme, predicates and attributes are represented using vectors. Tokens are related to predicates, while ciphertexts are associated with attributes. The encrypted message can be decrypted when the values of the predicate vector and attribute vector are pairwise unequal. This scheme enables fine-grained access control over encrypted data, ensuring that users with any attribute value in the vector embedded in the ciphertext cannot decrypt it. The security analysis demonstrates that the proposed scheme effectively protects data privacy. Additionally, performance evaluations indicate that the scheme is efficient, providing a lightweight solution for data privacy in IoT environments.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3

Similar content being viewed by others

Data availability

Not applicable.

References

  1. Kumar S, Tiwari P, Zymbler M (2019) Internet of things is a revolutionary approach for future technology enhancement: a review. Journal of Big data 6(1):1–21

    Article  Google Scholar 

  2. Qadri YA, Nauman A, Zikria YB, Vasilakos AV, Kim SW (2020) The future of healthcare internet of things: a survey of emerging technologies. IEEE Commun Surv Tutorials 22(2):1121–1167

    Article  Google Scholar 

  3. Nižetić S, Šolić P, González-de DLDI, Patrono L et al (2020) Internet of things (IoT): Opportunities, issues and challenges towards a smart and sustainable future. J Clean Prod 274:122877

    Article  Google Scholar 

  4. Mahdavinejad MS, Rezvan M, Barekatain M, Adibi P, Barnaghi P, Sheth AP (2018) Machine learning for internet of things data analysis: A survey. Digital Communications and Networks 4(3):161–175

    Article  Google Scholar 

  5. Sunhare P, Chowdhary RR, Chattopadhyay MK (2022) Internet of things and data mining: An application oriented survey. Journal of King Saud University-Computer and Information Sciences 34(6):3569–3590

    Article  Google Scholar 

  6. Sun W, Cai Z, Li Y, Liu F, Fang S, Wang G (2018) Security and privacy in the medical internet of things: a review. Security and Communication Networks 2018:1–9

    Google Scholar 

  7. Deep S, Zheng X, Jolfaei A, Yu D, Ostovari P, Kashif Bashir A (2022) A survey of security and privacy issues in the internet of things from the layered context. Trans Emerg Telecommun Technol 33(6):3935

    Article  Google Scholar 

  8. HaddadPajouh H, Dehghantanha A, Parizi RM, Aledhari M, Karimipour H (2021) A survey on internet of things security: Requirements, challenges, and solutions. Internet of Things 14:100129

    Article  Google Scholar 

  9. Zhang Y, He J, Guo R, Zheng D (2020) Server-aided and verifiable attribute-based signature for industrial internet of things. J Comput Res Dev 57(10):2177

    Google Scholar 

  10. Zhang Y, Deng RH, Xu S, Sun J, Li Q, Zheng D (2020) Attribute-based encryption for cloud computing access control: A survey. ACM Comput Surv 53(4):1–41

    Google Scholar 

  11. Wu A, Zhang Y, Zheng X, Guo R, Zhao Q, Zheng D (2019) Efficient and privacy-preserving traceable attribute-based encryption in blockchain. Ann Telecommun 74(7):401–411

    Article  Google Scholar 

  12. Sarma R, Kumar C, Barbhuiya FA (2021) PAC-FIT: An efficient privacy preserving access control scheme for fog-enabled IoT. Sustainable Computing: Informatics and Systems 30:100527

    Google Scholar 

  13. Koppula V, Waters B (2019) Realizing chosen ciphertext security generically in attribute-based encryption and predicate encryption. In: Annual International Cryptology Conference, pp. 671–700. Springer

  14. Agrawal S, Yadav A, Yamada S (2022) Multi-input attribute based encryption and predicate encryption. In: Annual International Cryptology Conference, pp. 590–621. Springer

  15. Zheng D, Wu A, Zhang Y, Zhao Q (2018) Efficient and privacy-preserving medical data sharing in internet of things with limited computing power. IEEE Access 6:28019–28027

    Article  Google Scholar 

  16. Zhang Y, Zheng D, Guo R, Zhao Q (2018) Fine-grained access control systems suitable for resource-constrained users in cloud computing. Computing and Informatics 37(2):327–348

    Article  Google Scholar 

  17. Kim I, Hwang SO, Park JH, Park C (2016) An efficient predicate encryption with constant pairing computations and minimum costs. IEEE Trans Comput 65(10):2947–2958

    Article  MathSciNet  Google Scholar 

  18. Park JH (2011) Inner-product encryption under standard assumptions. Des Codes Crypt 58:235–257

    Article  MathSciNet  Google Scholar 

  19. Viet Xuan Phuong T, Susilo W, Yang G, Kim J, Chow YW, Liu D (2021) Sylpeniot: Symmetric lightweight predicate encryption for data privacy applications in iot environments. In: European Symposium on Research in Computer Security, pp. 106–126. Springer

  20. Chen Z, Zuo X, Dong N, Hou B (2022) Application of network security penetration technology in power internet of things security vulnerability detection. Trans Emerg Telecommun Technol 33(2):3859

    Article  Google Scholar 

  21. Wu H, Wang W (2018) A game theory based collaborative security detection method for internet of things systems. IEEE Trans Inf Forensics Secur 13(6):1432–1445

    Article  Google Scholar 

  22. Sarma R, Barbhuiya FA (2022) A secure and efficient access control scheme with attribute revocation and merging capabilities for fog-enabled iot. Comput Electr Eng 104:108449

    Article  Google Scholar 

  23. Yang A, Weng J, Yang K, Huang C, Shen X (2020) Delegating authentication to edge: A decentralized authentication architecture for vehicular networks. IEEE Trans Intell Transp Syst 23(2):1284–1298

    Article  Google Scholar 

  24. Sarma R, Kumar C, Barbhuiya FA (2020) ACS-FIT: A secure and efficient access control scheme for fog-enabled iot. In: 2020 IEEE International Conference on Systems, Man, and Cybernetics, pp. 2782–2789. IEEE

  25. Katz J, Sahai A, Waters B (2008) Predicate encryption supporting disjunctions, polynomial equations, and inner products. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 146–162. Springer

  26. Boneh D, Franklin M (2001) Identity-based encryption from the weil pairing. In: Annual International Cryptology Conference, pp. 213–229. Springer

  27. Gentry C (2006) Practical identity-based encryption without random oracles. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 445–464. Springer

  28. Sahai A, Waters B (2005) Fuzzy identity-based encryption. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 457–473. Springer

  29. Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: 2007 IEEE Symposium on Security and Privacy, pp. 321–334. IEEE

  30. Boneh D, Waters B (2007) Conjunctive, subset, and range queries on encrypted data. In: Theory of Cryptography Conference, pp. 535–554. Springer

  31. Shahzad K, Zia T, Qazi EUH (2022) A review of functional encryption in IoT applications. Sensors 22(19):7567

    Article  Google Scholar 

  32. Okamoto T, Takashima K (2009) Hierarchical predicate encryption for inner-products. In: International Conference on the Theory and Application of Cryptology and Information Security, pp. 214–231. Springer

  33. Lewko A, Okamoto T, Sahai A, Takashima K, Waters B (2010) Fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 62–91. Springer

  34. Katsumata S, Nishimaki R, Yamada S, Yamakawa T (2020) Adaptively secure inner product encryption from lwe. In: International Conference on the Theory and Application of Cryptology and Information Security, pp. 375–404. Springer

  35. Agrawal S, Libert B, Maitra M, Titiu R (2020) Adaptive simulation security for inner product functional encryption. In: IACR International Conference on Public-Key Cryptography, pp. 34–64. Springer

  36. Shen E, Shi E, Waters B (2009) Predicate privacy in encryption systems. In: Theory of Cryptography Conference, pp. 457–473. Springer

  37. Yoshino M, Kunihiro N, Naganuma K, Sato H (2012) Symmetric inner-product predicate encryption based on three groups. In: International Conference on Provable Security, pp. 215–234. Springer

  38. Sarma R, Barbhuiya FA (2021) MOFIT: An efficient access control scheme with attribute merging and outsourcing capability for fog-enhanced iot. In: International Conference on Parallel and Distributed Computing: Applications and Technologies, pp. 523–535. Springer

Download references

Funding

This work is supported by Science and Technology Key Project of Henan Province (No.222102210128) and Key Scientific Research Project of Universities in Henan Province (No.22A520026).

Author information

Authors and Affiliations

  1. School of Electronic Information Engineering, Henan Polytechnic Institute, Nanyang, 473000, China

    Qingquan Bian

  2. Centre for Modern Educational Technology, Henan College of Police, Zhengzhou, 450000, China

    Yue Zhang

  3. China Unicom Smart City Research Institute, Baoding, 071700, China

    Chang Song

  4. College of Cyber Security, Jinan University, Guangzhou, 510632, China

    Axin Wu

Authors
  1. Qingquan Bian
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yue Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Chang Song
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Axin Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

Axin Wu conceived of the presented idea, developed the theory and composed the main of the paper. Qingquan Bian helped to develop the theory, carried out the experiments. Yue Zhang and Chang Song verified the scheme, analyzed the evaluation results.

Corresponding author

Correspondence to Axin Wu.

Ethics declarations

Ethical approval and consent to participate

Not applicable.

Human and animal ethics

Not applicable.

Consent for publication

Not applicable.

Conflict of interest

The authors declare that they have no competing interests.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

This article is part of the Topical Collection: Special Issue on 2 - Track on Security and Privacy

Guest Editor: Rongxing Lu

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Bian, Q., Zhang, Y., Song, C. et al. Flexible symmetric predicate encryption for data privacy in IoT environments. Peer-to-Peer Netw. Appl. 17, 656–664 (2024). https://doi.org/10.1007/s12083-023-01619-1

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12083-023-01619-1

Keywords

Search

Navigation