A Survey on Attribute-Based Encryption Schemes Suitable for the Internet of Things

The access control (AC) system in an IoT (Internet of Things) context ensures that only authorized entities have access to specific devices and that the authorization procedure is based on pre-established rules. Recently, blockchain-based AC systems have gained attention within research as a potential solution to the single point of failure issue that centralized architectures may bring. Moreover, zero-knowledge proof (ZKP) technology is included in blockchain-based AC systems to address the issue of sensitive data leaking. However, current solutions have two problems: (1) systems built by these works are not adaptive to high-traffic IoT environments because of low transactions per second (TPS) and high latency; (2) these works cannot fully guarantee that all user behaviors are honest. In this work, we propose a blockchain-based AC system with zero-knowledge rollups to address the aforementioned issues. Our proposed system implements zero-knowledge rollups (ZK-rollups) of access control, where different AC authorization requests can be grouped into the same batch to generate a uniform ZKP, which is designed specifically to guarantee that participants can be trusted. In low-traffic environments, sufficient experiments show that the proposed system has the least AC authorization time cost compared to existing works. In high-traffic environments, we further prove that based on the ZK-rollups optimization, the proposed system can reduce the authorization time overhead by 86%. Furthermore, the security analysis is presented to show the system’s ability to prevent malicious behaviors.

Section: Discussionmentioning

confidence: 99%

An Access Control System Based on Blockchain with Zero-Knowledge Rollups in High-Traffic IoT Environments

Xin

Zhang

Huang

et al. 2023

“…Pu et al [ 4 ] introduced a public key authentication encryption scheme, and added the function of keyword search into this scheme to guarantee IoT data security in industrial IoT applications. Rasori et al [ 5 ] provided a survey of the attributed-based encryption protocols in recent years, and figured out the problems and challenges of IoT data fine-grained access control in most current IoT applications. Onyema et al [ 6 ] presented a security policy protocol for the detection and prevention of Internet control message protocol (ICMP) attacks in software-defined networks.…”

Section: Related Workmentioning

confidence: 99%

“…For secure IoT data transmission, the digital signature can help confirm data ownership [ 2 ], the key agreement can help establish a secure session key [ 3 ], and the public key encryption can guarantee IoT data security with ciphertext in the public Internet environment [ 4 ]. For IoT data with fine-grained access control, attribute-based encryption can help establish a secure access control strategy with the attributes of IoT users and data [ 5 ], and security policy protocol can solve Internet control message protocol (ICMP) attacks [ 6 ]. Many cryptographic algorithms guarantee secure and efficient communication among different IoT applications—there are too many to mention one by one.…”

Section: Introductionmentioning

confidence: 99%

Cryptanalysis and Improvement of Several Identity-Based Authenticated and Pairing-Free Key Agreement Protocols for IoT Applications

Sun,

Li,

Zhang

et al. 2023

Internet of Things (IoT) applications have been increasingly developed. Authenticated key agreement (AKA) plays an essential role in secure communication in IoT applications. Without the PKI certificate and high time-complexity bilinear pairing operations, identity-based AKA (ID-AKA) protocols without pairings are more suitable for protecting the keys in IoT applications. In recent years, many pairing-free ID-AKA protocols have been proposed. Moreover, these protocols have some security flaws or relatively extensive computation and communication efficiency. Focusing on these problems, the security analyses of some recently proposed protocols have been provided first. We then proposed a family of eCK secure ID-AKA protocols without pairings to solve these security problems, which can be applied in IoT applications to guarantee communication security. Meanwhile, the security proofs of these proposed ID-AKA protocols are provided, which show they can hold provable eCK security. Some more efficient instantiations have been provided, which show the efficient performance of these proposed ID-AKA protocols. Moreover, comparisons with similar schemes have shown that these protocols have the least computation and communication efficiency at the same time.

“…On the other hand, existing agricultural product traceability systems typically use attribute-based encryption algorithms [ 27 ] to control data access permissions to protect the privacy and trade secrets of various enterprises [ 28 , 29 , 30 ]. In traditional blockchain-based agricultural product data management systems, due to the immutability of blockchains, data access permissions cannot be changed once uploaded, which is not conducive to the flexible control of access permissions.…”

Section: Introductionmentioning

confidence: 99%

A Redactable Blockchain-Based Data Management Scheme for Agricultural Product Traceability

Yang,

Li,

Chen

et al. 2024

With the development of agricultural information technology, the Internet of Things and blockchain have become important in the traceability of agricultural products. Sensors collect real-time data in agricultural production and a blockchain provides a secure and transparent storage medium for these data, which improves the transparency and credibility of agricultural product traceability. However, existing agricultural product traceability solutions are limited by the immutability of the blockchain, making it difficult to delete erroneous data and modify the scope of data sharing. This damages the credibility of traceability data and is not conducive to the exchange and sharing of information among enterprises. In this article, we propose an agricultural product traceability data management scheme based on a redactable blockchain. This scheme allows agricultural enterprises to encrypt data to protect privacy. In order to facilitate the maintenance and sharing of data, we introduce a chameleon hash function to provide data modification capabilities. Enterprises can fix erroneous data and update the access permissions of the data. To improve the efficiency of block editing, our scheme adopts a distributed block editing method. This method supports threshold editing operations, avoiding single-point-of-failure issues. We save records of data modifications on the blockchain and establish accountability mechanisms to identify malicious entities. Finally, in this paper we provide a security analysis of our proposed solution and verify its effectiveness through experiments. Compared with the existing scheme, the block generating speed is improved by 42% and the block editing speed is improved by 29.3% at 125 nodes.