skip to main content
research-article

Obfuscating Ciphertext-Policy Attribute-Based Re-Encryption for Sensor Networks with Cloud Storage

Published: 20 September 2024 Publication History

Abstract

With the rapid growth of wireless sensor networks, secure data transmission, storage, and distribution in such networks has become an urgent demand. To defend against security risks such as data leakage, key compromise, and unauthorized misuse of data simultaneously, we propose a novel obfuscatable ciphertext-policy attribute-based re-encryption scheme with a specially designed obfuscator. The proposed scheme leverages program obfuscation to transform the re-encryption program codes into an unintelligible form and embed the private keys into the obfuscated implementation. Consequently, the proposed scheme protects data confidentiality and keeps the secrecy of the private key while providing fine-grained access control. Formal proofs for the security of the proposed re-encryption scheme and the obfuscator are provided. Extensive experiments have been conducted on representative platforms, including cloud servers, workstations, and embedded devices, to evaluate the computational efficiency and energy consumption of the scheme. Experimental results indicate that the scheme achieves high efficiency on various platforms and economical energy consumption on typical embedded devices with constrained resources.

References

[1]
Alaa Awad Abdellatif, Amr Mohamed, Carla Fabiana Chiasserini, Mounira Tlili, and Aiman Erbad. 2019. Edge computing for smart health: Context-aware approaches, opportunities, and challenges. IEEE Network 33, 3 (2019), 196–203.
[2]
Giuseppe Ateniese, Kevin Fu, Matthew Green, and Susan Hohenberger. 2006. Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Transactions on Information and System Security (TISSEC) 9, 1 (2006), 1–30.
[3]
Boaz Barak, Oded Goldreich, Rusell Impagliazzo, Steven Rudich, Amit Sahai, Salil Vadhan, and Ke Yang. 2001. On the (im) possibility of obfuscating programs. In Advances in Cryptology–CRYPTO 2001: 21st Annual International Cryptology Conference, Santa Barbara, CA, August 19–23, 2001 Proceedings. Springer, 1–18.
[4]
Amos Beimel. 1996. Secure schemes for secret sharing and key distribution [Ph.D. Thesis]. Haifa: Israel Institute of Technology (1996).
[5]
John Bethencourt, Amit Sahai, and Brent Waters. 2007. Ciphertext-policy attribute-based encryption. In 2007 IEEE Symposium on Security and Privacy (SP’07). IEEE, 321–334.
[6]
Matt Blaze, Gerrit Bleumer, and Martin Strauss. 1998. Divertible protocols and atomic proxy cryptography. In Advances in Cryptology–EUROCRYPT’98: International Conference on the Theory and Application of Cryptographic Techniques Espoo, Finland, May 31–June 4, 1998 Proceedings 17. Springer, 127–144.
[7]
Dan Boneh. 2006. The decision Diffie-Hellman problem. In Algorithmic Number Theory: 3rd International Symposiun, ANTS-III Portland, OR, June 21–25, 1998 Proceedings. Springer, 48–63.
[8]
Dan Boneh and Xavier Boyen. 2004. Efficient selective-ID secure identity-based encryption without random oracles. In Advances in Cryptology-EUROCRYPT 2004: International Conference on the Theory and Applications of Cryptographic Techniques, Interlaken, Switzerland, May 2–6, 2004. Proceedings 23. Springer, 223–238.
[9]
Dan Boneh, Xavier Boyen, and Hovav Shacham. 2004. Short group signatures. In Crypto, Vol. 3152. Springer, 41–55.
[10]
Dan Boneh and Matt Franklin. 2001. Identity-based encryption from the Weil pairing. In Advances in Cryptology–CRYPTO 2001: 21st Annual International Cryptology Conference, Santa Barbara, CA, August 19–23, 2001 Proceedings. Springer, 213–229.
[11]
Ran Canetti and Susan Hohenberger. 2007. Chosen-ciphertext secure proxy re-encryption. In Proceedings of the 14th ACM Conference on Computer and Communications Security. 185–194.
[12]
Nishanth Chandran, Melissa Chase, Feng-Hao Liu, Ryo Nishimaki, and Keita Xagawa. 2014. Re-encryption, functional re-encryption, and multi-hop re-encryption: A framework for achieving obfuscation-based security and instantiations from lattices. In Public-Key Cryptography–PKC 2014: 17th International Conference on Practice and Theory in Public-Key Cryptography, Buenos Aires, Argentina, March 26–28, 2014. Proceedings 17. Springer, 95–112.
[13]
Melissa Chase. 2007. Multi-authority attribute based encryption. In Theory of Cryptography: 4th Theory of Cryptography Conference, TCC 2007, Amsterdam, The Netherlands, February 21–24, 2007. Proceedings 4. Springer, 515–534.
[14]
Pedro Chaves, Tiago Fonseca, Luis Lino Ferreira, Bernardo Cabral, Orlando Sousa, André Oliveira, and Jorge Landeck. 2022. An IoT cloud and big data architecture for the maintenance of home appliances. In IECON 2022–48th Annual Conference of the IEEE Industrial Electronics Society. IEEE, 1–6.
[15]
Ningyu Chen, Jiguo Li, Yichen Zhang, and Yuyan Guo. 2022. Efficient CP-ABE scheme with shared decryption in cloud storage. IEEE Trans. Comput. 71, 1 (2022), 175–184.
[16]
Shaobo Chen, Jiguo Li, Yicheng Zhang, and Jinguang Han. 2024. Efficient revocable attribute-based encryption with verifiable data integrity. IEEE Internet of Things Journal 11, 6 (2024), 10441–10451.
[17]
Rong Cheng and Fangguo Zhang. 2015. Lattice-based obfuscation for re-encryption functions. Security and Communication Networks 8, 9 (2015), 1648–1658.
[18]
Rong Cheng and Fangguo Zhang. 2015. Obfuscation for multi-use re-encryption and its application in cloud computing. Concurrency and Computation: Practice and Experience 27, 8 (2015), 2170–2190.
[19]
Rustem Dautov and Salvatore Distefano. 2017. Three-level hierarchical data fusion through the IoT, edge, and cloud computing. In Proceedings of the 1st International Conference on Internet of Things and Machine Learning. 1–5.
[20]
Chuntao Ding, Ao Zhou, Xiao Ma, Ning Zhang, Ching-Hsien Hsu, and Shangguang Wang. 2021. Towards diversified IoT services in mobile edge computing. IEEE Transactions on Cloud Computing (2021).
[21]
Muneeb Ejaz, Tanesh Kumar, Mika Ylianttila, and Erkki Harjula. 2020. Performance and efficiency optimization of multi-layer IoT edge architecture. In 2020 2nd 6G Wireless Summit (6G SUMMIT). IEEE, 1–5.
[22]
Taher ElGamal. 1985. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory 31, 4 (1985), 469–472.
[23]
Chunpeng Ge, Zhe Liu, Jinyue Xia, and Liming Fang. 2019. Revocable identity-based broadcast proxy re-encryption for data sharing in clouds. IEEE Transactions on Dependable and Secure Computing 18, 3 (2019), 1214–1226.
[24]
Chunpeng Ge, Willy Susilo, Joonsang Baek, Zhe Liu, Jinyue Xia, and Liming Fang. 2021. A verifiable and fair attribute-based proxy re-encryption scheme for data sharing in clouds. IEEE Transactions on Dependable and Secure Computing 19, 5 (2021), 2907–2919.
[25]
Craig Gentry, Chris Peikert, and Vinod Vaikuntanathan. 2008. Trapdoors for hard lattices and new cryptographic constructions. In Proceedings of the 40th Annual ACM Symposium on Theory of Computing. 197–206.
[26]
Vipul Goyal, Omkant Pandey, Amit Sahai, and Brent Waters. 2006. Attribute-based encryption for fine-grained access control of encrypted data. In Proceedings of the 13th ACM Conference on Computer and Communications Security. 89–98.
[27]
Hui Guo, Zhenfeng Zhang, Jing Xu, Ningyu An, and Xiao Lan. 2018. Accountable proxy re-encryption for secure data sharing. IEEE Transactions on Dependable and Secure Computing 18, 1 (2018), 145–159.
[28]
Yuyan Guo, Zhenhua Lu, Hui Ge, and Jiguo Li. 2023. Revocable blockchain-aided attribute-based encryption with escrow-free in cloud storage. IEEE Trans. Comput. 72, 7 (2023), 1901–1912.
[29]
Yanan Guo, Andrew Zigerelli, Youtao Zhang, and Jun Yang. 2022. Adversarial prefetch: New cross-core cache side channel attacks. In 2022 IEEE Symposium on Security and Privacy (SP’22). 1458–1473. DOI:
[30]
Susan Hohenberger, Guy N. Rothblum, Abhi Shelat, and Vinod Vaikuntanathan. 2007. Securely obfuscating re-encryption. In Theory of Cryptography: 4th Theory of Cryptography Conference, TCC 2007, Amsterdam, The Netherlands, February 21–24, 2007. Proceedings 4. Springer, 233–252.
[31]
Yaodong Huang, Jiarui Zhang, Jun Duan, Bin Xiao, Fan Ye, and Yuanyuan Yang. 2019. Resource allocation and consensus on edge blockchain in pervasive edge computing environments. In 2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS’19). IEEE, 1476–1486.
[32]
Juyan Li, Jialiang Peng, and Zhiqi Qiao. 2022. A ring learning with errors-based ciphertext-policy attribute-based proxy re-encryption scheme for secure big data sharing in cloud environment. Big Data (2022).
[33]
Jiguo Li, Yichen Zhang, Jianting Ning, Xinyi Huang, Geong Sen Poh, and Debang Wang. 2022. Attribute based encryption with privacy protection and accountability for CloudIoT. IEEE Transactions on Cloud Computing 10, 2 (2022), 762–773.
[34]
Ming Li, Shucheng Yu, Yao Zheng, Kui Ren, and Wenjing Lou. 2012. Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Transactions on Parallel and Distributed Systems 24, 1 (2012), 131–143.
[35]
Kaitai Liang, Liming Fang, Willy Susilo, and Duncan S. Wong. 2013. A ciphertext-policy attribute-based proxy re-encryption with chosen-ciphertext security. In 2013 5th International Conference on Intelligent Networking and Collaborative Systems. IEEE, 552–559.
[36]
Jun Lin and Lan Liu. 2019. Research on security detection and data analysis for industrial Internet. In 2019 IEEE 19th International Conference on Software Quality, Reliability and Security Companion (QRS-C’19). IEEE, 466–470.
[37]
Suhui Liu, Jiguo Yu, Yinhao Xiao, Zhiguo Wan, Shengling Wang, and Biwei Yan. 2020. BC-SABE: Blockchain-aided searchable attribute-based encryption for cloud-IoT. IEEE Internet of Things Journal 7, 9 (2020), 7851–7867.
[38]
Pratibha Mahajan and Pankaj Deep Kaur. 2021. Three-tier IoT-edge-cloud (3T-IEC) architectural paradigm for real-time event recommendation in event-based social networks. Journal of Ambient Intelligence and Humanized Computing 12 (2021), 1363–1386.
[39]
P. McDaniel. 2006. Secure atrribute-based systems. In Proceedings of the 13th ACM Conference on Computer and Communications Security 2006. 99–112.
[40]
Antoon Purnal, Furkan Turan, and Ingrid Verbauwhede. 2022. Double trouble: Combined heterogeneous attacks on \(\lbrace\)Non-Inclusive\(\rbrace\) cache hierarchies. In 31st USENIX Security Symposium (USENIX Security’22). 3647–3664.
[41]
Oded Regev. 2009. On lattices, learning with errors, random linear codes, and cryptography. Journal of the ACM (JACM) 56, 6 (2009), 1–40.
[42]
Ju Ren, Deyu Zhang, Shiwen He, Yaoxue Zhang, and Tao Li. 2019. A survey on end-edge-cloud orchestrated network computing paradigms: Transparent computing, mobile edge computing, fog computing, and cloudlet. ACM Computing Surveys (CSUR) 52, 6 (2019), 1–36.
[43]
Yongjun Ren, Yan Leng, Yaping Cheng, and Jin Wang. 2019. Secure data storage based on blockchain and coding in edge computing. Math. Biosci. Eng 16, 4 (2019), 1874–1892.
[44]
Rodrigo Roman, Javier Lopez, and Masahiro Mambo. 2018. Mobile edge computing, Fog et al.: A survey and analysis of security threats and challenges. Future Generation Computer Systems 78 (2018), 680–698.
[45]
Amit Sahai and Brent Waters. 2005. Fuzzy identity-based encryption. In Advances in Cryptology–EUROCRYPT 2005: 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22–26, 2005. Proceedings 24. Springer, 457–473.
[46]
Jun Shao, Zhenfu Cao, Xiaohui Liang, and Huang Lin. 2010. Proxy re-encryption with keyword search. Information Sciences 180, 13 (2010), 2576–2587.
[47]
Akshayaram Srinivasan and Chandrasekaran Pandu Rangan. 2017. Efficiently obfuscating re-encryption program under DDH assumption. In Applied Cryptography and Network Security: 15th International Conference, ACNS 2017, Kanazawa, Japan, July 10–12, 2017, Proceedings. Springer, 273–292.
[48]
Stephan van Schaik, Marina Minkin, Andrew Kwong, Daniel Genkin, and Yuval Yarom. 2021. CacheOut: Leaking data on Intel CPUs via cache evictions. In 2021 IEEE Symposium on Security and Privacy (SP’21). 339–354. DOI:
[49]
Lei Wang, Zi Ye, Rui Zhang, Jing Lin, Fei Chen, and Fangqing Tang. 2022. The growth model of industrial Internet platform in Industrial 4.0. Wireless Communications and Mobile Computing 2022 (2022).
[50]
Brent Waters. 2011. Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization. In Public Key Cryptography–PKC 2011: 14th International Conference on Practice and Theory in Public Key Cryptography, Taormina, Italy, March 6–9, 2011. Proceedings 14. Springer, 53–70.
[51]
Xiaoyu Xia, Feifei Chen, Qiang He, John C. Grundy, Mohamed Abdelrazek, and Hai Jin. 2020. Cost-effective app data distribution in edge computing. IEEE Transactions on Parallel and Distributed Systems 32, 1 (2020), 31–44.
[52]
Peng Xu, Tengfei Jiao, Qianhong Wu, Wei Wang, and Hai Jin. 2015. Conditional identity-based broadcast proxy re-encryption and its application to cloud email. IEEE Trans. Comput. 65, 1 (2015), 66–79.
[53]
Xiaodong Yang, Hang Zhou, Ningnig Ren, and Tian Tian. 2021. Homomorphic proxy re-signcryption scheme and its application in edge computing-enhanced IoT. In 2021 2nd International Conference on Electronics, Communications and Information Technology (CECIT’21). IEEE, 644–649.
[54]
Mingwu Zhang, Yi Mu, Jian Shen, and Xinyi Huang. 2016. Strongly average-case secure obfuscation: Achieving input privacy and circuit obscurity. Security and Communication Networks 9, 12 (2016), 1737–1747.
[55]
Peiying Zhang, Chunxiao Jiang, Xue Pang, and Yi Qian. 2020. STEC-IoT: A security tactic by virtualizing edge computing on IoT. IEEE Internet of Things Journal 8, 4 (2020), 2459–2467.
[56]
M. Pirretti, P. Traynor, P. McDaniel, and B. Waters. 2006. Secure attribute-based systems. In Proceedings of the 13th ACM Conference on Computer and Communications Security. 99–112.

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Sensor Networks
ACM Transactions on Sensor Networks  Volume 20, Issue 5
September 2024
349 pages
EISSN:1550-4867
DOI:10.1145/3618084
  • Editor:
  • Wen Hu
Issue’s Table of Contents

Publisher

Association for Computing Machinery

New York, NY, United States

Journal Family

Publication History

Published: 20 September 2024
Online AM: 07 August 2024
Accepted: 25 July 2024
Revised: 14 April 2024
Received: 19 July 2023
Published in TOSN Volume 20, Issue 5

Check for updates

Author Tags

  1. Sensor network
  2. cloud computing
  3. ciphertext-policy attribute-based encryption
  4. program obfuscation

Qualifiers

  • Research-article

Funding Sources

  • National Natural Science Foundation of China
  • National Key Research and Development Program of China
  • Fundamental Research Funds for the Central Universities
  • Shanghai Municipal Science and Technology Major Project
  • Fundamental Research Funds for the Central Universities, the Science and Technology Program of Shanghai, China

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • 0
    Total Citations
  • 198
    Total Downloads
  • Downloads (Last 12 months)198
  • Downloads (Last 6 weeks)13
Reflects downloads up to 17 Feb 2025

Other Metrics

Citations

View Options

Login options

Full Access

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Full Text

View this article in Full Text.

Full Text

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media