skip to main content
research-article

Efficient Distributed Decryption Scheme for IoT Gateway-based Applications

Published: 05 January 2021 Publication History

Abstract

With the evolvement of the Internet of things (IoT), privacy and security have become the primary indicators for users to deploy IoT applications. In the gateway-based IoT architecture, gateways aggregate data collected by perception-layer devices and upload message packets to platforms, while platforms automatically push different categories of data to different applications. However, security in processes of data transmission via gateways, storage in platforms, access by applications is the major challenge for user privacy protection. To tackle this challenge, this article presents a secure IoT scheme based on a fine-grained multi-receive signcryption scheme to realize end-to-end secure transmission and data access control. To enhance the security of online application decryption keys, we design a distributed threshold decryption scheme based on secret-sharing. Moreover, from the provable security perspective, we demonstrate that the scheme can achieve the expected IND-CCA security and EUF-CMA security. After the performance analysis, evaluation results show that the computational performance is efficient and linearly subject to the number of messages and the number of receivers.

References

[1]
Ruhul Amin, Sk Hafizul Islam, G. P. Biswas, Muhammad Khurram Khan, and Neeraj Kumar. 2015. An efficient and practical smart card based anonymity preserving user authentication scheme for TMIS using elliptic curve cryptography. J. Med. Syst. 39, 11 (2015), 180.
[2]
Mahmoud Ammar, Giovanni Russello, and Bruno Crispo. 2018. Internet of Things: A survey on the security of IoT frameworks. J. Inf. Sec. Applic. 38 (2018), 8--27.
[3]
Sravani Challa, Ashok Kumar Das, Vanga Odelu, Neeraj Kumar, Saru Kumari, Muhammad Khurram Khan, and Athanasios V. Vasilakos. 2018. An efficient ECC-based provably secure three-factor user authentication and key agreement protocol for wireless healthcare sensor networks. Comput. Electric. Eng. 69 (2018), 534--554.
[4]
Biwen Chen, Libing Wu, Neeraj Kumar, Kim-Kwang Raymond Choo, and Debiao He. 2019. Lightweight searchable public-key encryption with forward privacy over IIoT outsourced data. IEEE Trans. Emerg. Top. Comput.
[5]
Hasan Derhamy, Jens Eliasson, Jerker Delsing, and Peter Priller. 2015. A survey of commercial frameworks for the internet of things. In Proceedings of the IEEE 20th Conference on Emerging Technologies 8 Factory Automation (ETFA’15). IEEE, 1--8.
[6]
Taher Elgamal. 1985. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inf. Theor. 31, 4 (1985), 469--472.
[7]
Tore Kasper Frederiksen, Yehuda Lindell, Valery Osheter, and Benny Pinkas. 2018. Fast distributed RSA key generation for semi-honest and malicious adversaries. In Proceedings of the International Cryptology Conference. Springer, 331--361.
[8]
Darrel Hankerson, Alfred J. Menezes, and Scott Vanstone. 2006. Guide to Elliptic Curve Cryptography. Springer Science 8 Business Media.
[9]
Jigna J. Hathaliya, Sudeep Tanwar, Sudhanshu Tyagi, and Neeraj Kumar. 2019. Securing electronics healthcare records in healthcare 4.0: A biometric-based approach. Comput. Electric. Eng. 76 (2019), 398--410.
[10]
Carmit Hazay, Gert Læssøe Mikkelsen, Tal Rabin, Tomas Toft, and Angelo Agatino Nicolosi. 2019. Efficient RSA key generation and threshold Paillier in the two-party setting. J. Cryptol. 32, 2 (2019), 265--323.
[11]
Debiao He, Neeraj Kumar, and Jong-Hyouk Lee. 2016. Privacy-preserving data aggregation scheme against internal attackers in smart grids. Wirel. Netw. 22, 2 (2016), 491--502.
[12]
Cheng Huang, Rongxing Lu, Hui Zhu, Jun Shao, and Xiaodong Lin. 2016. FSSR: Fine-grained EHRs sharing via similarity-based recommendation in cloud-assisted ehealthcare system. In Proceedings of the 11th ACM Asia Conference on Computer and Communications Security. 95--106.
[13]
Shen Jian, Dengzhi Liu, Xiaofeng Chen, Jin Li, Neeraj Kumar, and Pandi Vijayakumar. 2019. Secure real-time traffic data aggregation with batch verification for vehicular cloud in VANETs. IEEE Trans. Vehic. Technol. 69, 1 (2019), 807--817.
[14]
Harmanjeet Kaur, Neeraj Kumar, and Shalini Batra. 2019. ClaMPP: A cloud-based multi-party privacy preserving classification scheme for distributed applications. J. Supercomput. 75, 6 (2019), 3046--3075.
[15]
Shweta Khullar, Vivek Richhariya, and Vineet Richhariya. 2013. An efficient identity based multi-receiver signcryption scheme using ECC. Int. J. Advanc. Res. Technol. 2, 4 (2013), 189--193.
[16]
Michael Kraitsberg, Yehuda Lindell, Valery Osheter, Nigel P. Smart, and Younes Talibi Alaoui. 2019. Adding distributed decryption and key generation to a ring-LWE based CCA encryption scheme. In Proceedings of the Australasian Conference on Information Security and Privacy. Springer, 192--210.
[17]
Ming Li, Shucheng Yu, Yao Zheng, Kui Ren, and Wenjing Lou. 2012. Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans. Parallel Distrib. Syst. 24, 1 (2012), 131--143.
[18]
Yahong Li, Caifen Wang, Yulei Zhang, and Shufen Niu. 2016. Privacy-preserving multi-receiver signcryption scheme for heterogeneous systems. Secur. Commun. Netw. 9, 17 (2016), 4574--4584.
[19]
Kaitai Liang, Liming Fang, Willy Susilo, and Duncan S. Wong. 2013. A ciphertext-policy attribute-based proxy re-encryption with chosen-ciphertext security. In Proceedings of the 5th International Conference on Intelligent Networking and Collaborative Systems. IEEE, 552--559.
[20]
Kaitai Liang, Liming Fang, Duncan S. Wong, and Willy Susilo. 2015. A ciphertext-policy attribute-based proxy re-encryption scheme for data sharing in public clouds. Concurr. Comput.: Pract. Exper. 27, 8 (2015), 2004--2027.
[21]
Chao Lin, Debiao He, Neeraj Kumar, Kim-Kwang Raymond Choo, Alexey Vinel, and Xinyi Huang. 2018. Security and privacy for the internet of drones: Challenges and solutions. IEEE Commun. Mag. 56, 1 (2018), 64--69.
[22]
Yehuda Lindell and Ariel Nof. 2018. Fast secure multiparty ECDSA with practical distributed key generation and applications to cryptocurrency custody. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. 1837--1854.
[23]
Yining Liu, Wei Guo, Chun-I Fan, Liang Chang, and Chi Cheng. 2018. A practical privacy-preserving data aggregation (3PDA) scheme for smart grid. IEEE Trans. Industr. Inf. 15, 3 (2018), 1767--1774.
[24]
MIRACL Ltd. 2019. MIRACL Cryptographic SDK: Multiprecision Integer and Rational Arithmetic Cryptographic Library. Retrieved from https://github.com/miracl/MIRACL.
[25]
Shivaramakrishnan Narayan, Martin Gagné, and Reihaneh Safavi-Naini. 2010. Privacy preserving EHR system using attribute-based infrastructure. In Proceedings of the ACM Workshop on Cloud Computing Security. 47--52.
[26]
Roberta B. Ness, Joint Policy Committee, et al. 2007. Influence of the HIPAA privacy rule on health research. Jama 298, 18 (2007), 2164--2170.
[27]
Cong Peng, Jianhua Chen, Mohammad S. Obaidat, Pandi Vijayakumar, and Debiao He. 2019. Efficient and provably secure multi-receiver signcryption scheme for multicast communication in edge computing. IEEE Internet Things J. 7, 7 (2019), 6056--6068.
[28]
Jianying Qiu, Kai Fan, Kuan Zhang, Qiang Pan, Hui Li, and Yintang Yang. 2019. An efficient multi-message and multi-receiver signcryption scheme for heterogeneous smart mobile IoT. IEEE Access 7 (2019), 180205--180217.
[29]
Minghua Qu. 1999. SEC 2: Recommended Elliptic Curve Domain Parameters. Technical Report. Certicom Res., Mississauga, ON, Canada, Tech. Rep. SEC2-Ver-0.6 (1999).
[30]
Claus-Peter Schnorr. 1991. Efficient signature generation by smart cards. J. Cryptol. 4, 3 (1991), 161--174.
[31]
S. Sharmila Deva Selvi, S. Sree Vivek, Deepanshu Shukla, and Pandu Rangan Chandrasekaran. 2008. Efficient and provably secure certificateless multi-receiver signcryption. In Proceedings of the International Conference on Provable Security. Springer, 52--67.
[32]
Adi Shamir. 1979. How to share a secret. Commun. ACM 22, 11 (1979), 612--613.
[33]
Akshayaram Srinivasan and C. Pandu Rangan. 2015. Certificateless proxy re-encryption without pairing: Revisited. In Proceedings of the 3rd International Workshop on Security in Cloud Computing. 41--52.
[34]
Girraj Kumar Verma, B. B. Singh, Neeraj Kumar, and Vinay Chamola. 2019. CB-CAS: Certificate-based efficient signature scheme with compact aggregation for industrial Internet of Things environment. IEEE Internet Things J. 7, 4 (2019), 2563--2572.
[35]
Paul Voigt and Axel Von dem Bussche. 2017. The EU General Data Protection Regulation (GDPR). A Practical Guide, 1st ed. Springer International Publishing, Cham.
[36]
Caifen Wang, Chao Liu, Yahong Li, Hui Qiao, and Li Chen. 2017. Multi-message and multi-receiver heterogeneous signcryption scheme for ad-hoc networks. Inf. Secur. J.: Global Persp. 26, 3 (2017), 136--152.
[37]
Changji Wang, Xuan Liu, and Wentao Li. 2012. Implementing a personal health record cloud platform using ciphertext-policy attribute-based encryption. In Proceedings of the 4th International Conference on Intelligent Networking and Collaborative Systems. IEEE, 8--14.
[38]
Lei Xu, Xiaoxin Wu, and Xinwen Zhang. 2012. CL-PRE: A certificateless proxy re-encryption scheme for secure data sharing with public cloud. In Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security. 87--88.
[39]
Xun Yi, Athman Bouguettaya, Dimitrios Georgakopoulos, Andy Song, and Jan Willemson. 2015. Privacy protection for wireless medical sensor data. IEEE Trans. Depend. Sec. Comput. 13, 3 (2015), 369--380.
[40]
Jin-Yong Yu and Young-Gab Kim. 2019. Analysis of IoT platform security: A survey. In Proceedings of the International Conference on Platform Technology and Service (PlatCon’19). IEEE, 1--5.

Cited By

View all
  • (2024)Secure Artificial Intelligence of Things (AIoT)-enabled authenticated key agreement technique for smart living environmentComputers and Electrical Engineering10.1016/j.compeleceng.2024.109353118(109353)Online publication date: Aug-2024
  • (2023)A Systematic Review of IoT Security: Research Potential, Challenges, and Future DirectionsACM Computing Surveys10.1145/362509456:5(1-40)Online publication date: 25-Nov-2023
  • (2023)Exploring the Potential of Cyber Manufacturing System in the Digital AgeACM Transactions on Internet Technology10.1145/359660223:4(1-38)Online publication date: 17-Nov-2023
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Internet Technology
ACM Transactions on Internet Technology  Volume 21, Issue 1
Visions Paper, Regular Papers, SI: Blockchain in E-Commerce, and SI: Human-Centered Security, Privacy, and Trust in the Internet of Things
February 2021
534 pages
ISSN:1533-5399
EISSN:1557-6051
DOI:10.1145/3441681
  • Editor:
  • Ling Liu
Issue’s Table of Contents
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 05 January 2021
Accepted: 01 July 2020
Revised: 01 June 2020
Received: 01 April 2020
Published in TOIT Volume 21, Issue 1

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. IoT gateway
  2. data sharing
  3. distributed decryption
  4. multi-receiver signcryption

Qualifiers

  • Research-article
  • Research
  • Refereed

Funding Sources

  • Science and Technology planning project of ShenZhen
  • Researchers Supporting Project of King Saud University
  • National Natural Science Foundation of China

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)27
  • Downloads (Last 6 weeks)0
Reflects downloads up to 16 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2024)Secure Artificial Intelligence of Things (AIoT)-enabled authenticated key agreement technique for smart living environmentComputers and Electrical Engineering10.1016/j.compeleceng.2024.109353118(109353)Online publication date: Aug-2024
  • (2023)A Systematic Review of IoT Security: Research Potential, Challenges, and Future DirectionsACM Computing Surveys10.1145/362509456:5(1-40)Online publication date: 25-Nov-2023
  • (2023)Exploring the Potential of Cyber Manufacturing System in the Digital AgeACM Transactions on Internet Technology10.1145/359660223:4(1-38)Online publication date: 17-Nov-2023
  • (2023)Digital transformation value creating of manufacturing enterprises based on the Internet of Things and data encryption technologySoft Computing10.1007/s00500-023-08703-xOnline publication date: 14-Jun-2023
  • (2023)Anomaly Detection Method of Healthcare Internet of Things Gateway Supporting Edge ComputingIoT and Big Data Technologies for Health Care10.1007/978-3-031-33545-7_17(239-254)Online publication date: 24-May-2023
  • (2022)Secure Internet of Things Gateway Technology Based on Multicommunication MethodsSecurity and Communication Networks10.1155/2022/85118092022(1-8)Online publication date: 21-Sep-2022
  • (2021)Service-enabled systems and applications: current and future trendsService Oriented Computing and Applications10.1007/s11761-021-00323-315:3(171-173)Online publication date: 23-Jun-2021

View Options

Login options

Full Access

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

HTML Format

View this article in HTML Format.

HTML Format

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media