Searchable,Revocable And Lightweight Attirbute Based Encryption In Multi--Authority

Internet of things(IoT)is a kind of promising network paradigm combining devices,e.g.smart phones,industrial electronic devices and home appliances,and allows these things to connect,interact and exchange data.However,nodes have insufficient identity authentication and dynamic network topology,thereby resulting in vulnerabilities to data confidentiality.Recently,the attribute based encryption(ABE)schemes have been re-garded as a solution to ensure data transmission security and the fine-grained sharing of en-crypted IoT data.However,most of existing ABE schemes that bring tremendous compu-tational cost are not suitable for resources-constraint IoT devices.Therefore,lightweight and efficient data sharing and searching schemes suitable for IoT applications are of great importance.To this end,we propose a light searchable attribute based encryption scheme(namely ABKS-LD-UR).Our scheme can significantly reduce the computing cost of IoT devices with the provision of multiple-keyword searching for data users.Meanwhile,we extend the LSABE scheme to multi-authority scenarios(namely ABKS-LD-MA)so as to effec-tively generate and manage the public/secret keys in the distributed IoT environment.In contrast to existing encryption schemes in IoT-cloud systems,both LSABE and LSABE-MA have the following advantages:1.To achieve flexible access control,we introduce attribute encryption in the IoT-cloud environment.In our paper,any entity can be abstracted into one or more attributes(e.g.region,institution,professional title,function).Through these different attributes,we can define a variety of access control policies in IoT-cloud system,such as sending information to a specific type of sensor in a specific area,or providing sensitive data access to data analysts in a specific department.2.Lightweight decryption algorithm for IoT devices.Our scheme relieves the tremen-dous computational burden at resourceconstrained IoT nodes.Specifically,we outsource the main computing tasks in the decryption process to the cloud without losing any data confidentiality.IoT devices only need to compute one exponentiation to recover the mes-sage without conducting bilinear pairs operations.3.The unreadable ciphertext in IoT limit the flexibility and accuracy of data retrieval.The unreadability of ciphertext and huge databases in industrial IoT restrains the flexibility and precision of data retrieval.In order to solve this issue,our work leverage a trapdoor-match mechanism,under which both plaintext data and a series of keywords represented features of plaintext are encrypted and transmitted to cloud servers,and then IoT terminals can match these encrypted files using the trapdoor generated by user-defined keywords.Our scheme also supports multiple keyword search on the cloud,making search results more precise and accurate.4.Decentralized and scalable key management.Our work designs a multi-authority ABE scheme,which can separately generate and manage the public/secret keys for enor-mous IoT devices,and avoid delegating absolute trust to a central authority(CA)that may be corrupted in the unprotected IoT environment.In addition,it is breaking the con-ventional predefined attribute threshold in CA.Once a new attribute authority(AA)dis-tributed secret/public to IoT devices,it does not invalidate the keys in the past due to there is no cooperation between each AA.This deliberate design could realize secure and dynamic key management in IoT-cloud system.5.Revocation of authorized user.Once users privately trade their private keys to other users,we can identify them as malicious users by tracking algorithms,and our scheme will revoke the malicious users of this authorization group.Compared to other undo algorithms,our algorithm does not need to update the keys of all legitimate users and re-encrypt all stored encrypted files,which can reduce the huge computing and trans-mission costs for the cloud server.6.Real-world testing.Since our algorithm intends to be used in large-scale sys-tems with mobile microcontrollers,we conduct experiments on IoT devices,which help us get a better understanding of the real-world performance of our algorithm in IoT-cloud system.Moreover,compared with other existing ABE algorithms in performance analy-sis and storage costs,our schemes present practicability and efficiency in industrial IoT environment.