An Efficient CP-ABE with Constant Size Secret Keys using ECC for Lightweight Devices

The energy cost of asymmetric cryptography is a vital component of modern secure communications, which inhibits its wide spread adoption within the ultra-low energy regimes such as Implantable Medical Devices (IMDs) and Radio Frequency Identification (RFID) tags. The ciphertext-policy attribute-based encryption (CP-ABE) is a promising cryptographic tool, where an encryptor can decide the access policy that who can decrypt the data. Thus, the data will be protected from the unauthorized users. However, most of the existing CP-ABE schemes require huge storage and computational overheads. Moreover, CP-ABE schemes based on bilinear map loose the high efficiency over the elliptic curve cryptography because of the requirement of the security parameters of larger size. These drawbacks prevent the use of ultra-low energy devices in practice. In this paper, we aim to propose a novel expressive AND-gate access structured CP-ABE scheme with constant-size secret keys (CSSK) with the cost efficient solutions for the encryption and decryption using ECC, called the CP-ABE-CSSK scheme. In the proposed CP-ABE-CSSK, the size of secret key is as small as 320 bits. In addition, ECC is efficient and more suitable for the lightweight devices as compared to the bilinear pairing based cryptosystem. Thus, the proposed CP-ABE-CSSK scheme provides the low computation and storage overheads with an expressive AND-gate access structure as compared to the related existing schemes in the literature. As a result, our scheme is very suitable for CP-ABE key storage and computation cost in the ultra-low energy devices

A HYBRIDIZED ENCRYPTION SCHEME BASED ON ELLIPTIC CURVE CRYPTOGRAPHY FOR SECURING DATA IN SMART HEALTHCARE

Recent developments in smart healthcare have brought us a great deal of convenience. Connecting common objects to the Internet is made possible by the Internet of Things (IoT). These connected gadgets have sensors and actuators for data collection and transfer. However, if users' private health information is compromised or exposed, it will seriously harm their privacy and may endanger their lives. In order to encrypt data and establish perfectly alright access control for such sensitive information, attribute-based encryption (ABE) has typically been used. Traditional ABE, however, has a high processing overhead. As a result, an effective security system algorithm based on ABE and Fully Homomorphic Encryption (FHE) is developed to protect health-related data. ABE is a workable option for one-to-many communication and perfectly alright access management of encrypting data in a cloud environment. Without needing to decode the encrypted data, cloud servers can use the FHE algorithm to take valid actions on it. Because of its potential to provide excellent security with a tiny key size, elliptic curve cryptography (ECC) algorithm is also used. As a result, when compared to related existing methods in the literature, the suggested hybridized algorithm (ABE-FHE-ECC) has reduced computation and storage overheads. A comprehensive safety evidence clearly shows that the suggested method is protected by the Decisional Bilinear Diffie-Hellman postulate. The experimental results demonstrate that this system is more effective for devices with limited resources than the conventional ABE when the system’s performance is assessed by utilizing standard model

A Lightweight Attribute-based Security Scheme for Fog-Enabled Cyber Physical Systems

In this paper, a lightweight attribute-based security scheme based on elliptic curve cryptography (ECC) is proposed for fog-enabled cyber physical systems (Fog-CPS). A novel aspect of the proposed scheme is that the communication between Fog-CPS entities is secure even when the certification authority (CA) is compromised. This is achieved by dividing the attributes into two sets, namely, secret and shared, and subsequently generating two key pairs, referred to as the partial and final key pairs, for each entity of the Fog-CPS system. Unlike existing attribute-based encryption (ABE) and identity-based encryption schemes, in the proposed scheme, each entity calculates the final public key of the communicating CPS devices without the need of generating and transmitting digital certificates. Moreover, the proposed security scheme considers an efficient and secure key pair update approach in which the calculation overhead is limited to one group element. To show the effectiveness of the proposed scheme, we have calculated and compared the memory and processing complexity with other bilinear and elliptic curve schemes. We have also implemented our scheme in a Raspberry Pi (3B+ model) for CPS simulations. The proposed scheme guarantees the confidentiality, integrity, privacy, and authenticity in Fog-CPS systems

An Innovative Approach for Enhancing Cloud Data Security using Attribute based Encryption and ECC

Cloud computing is future for upcoming generations. Nowadays various companies are looking to use Cloud computing services, as it may benefit them in terms of price, reliability and unlimited storage capacity. Providing security and privacy protection for the cloud data is one of the most difficult task in recent days. One of the measures which customers can take care of is to encrypt their data before it is stored on the cloud. Recently, the attribute-based encryption (ABE) is a popular solution to achieve secure data transmission and storage in the cloud computing. In this paper, an efficient hybrid approach using attribute-based encryption scheme and ECC is proposed to enhance the security and privacy issues in cloud. Here, the proposed scheme is based on Cipher text-Policy Attribute Based Encryption (CP-ABE) without bilinear pairing operations. In this approach, the computation-intensive bilinear pairing operation is replaced by the scalar multiplication on elliptic curves. Experimental results show that the proposed scheme has good cryptographic properties, and high security level which depends in the difficulty to solve the discrete logarithm problem on elliptic curves (ECDLP)

A Secure Integrated Framework for Fog-Assisted Internet of Things Systems

Fog-Assisted Internet of Things (Fog-IoT) systems are deployed in remote and unprotected environments, making them vulnerable to security, privacy, and trust challenges. Existing studies propose security schemes and trust models for these systems. However, mitigation of insider attacks, namely blackhole, sinkhole, sybil, collusion, self-promotion, and privilege escalation, has always been a challenge and mostly carried out by the legitimate nodes. Compared to other studies, this paper proposes a framework featuring attribute-based access control and trust-based behavioural monitoring to address the challenges mentioned above. The proposed framework consists of two components, the security component (SC) and the trust management component (TMC). SC ensures data confidentiality, integrity, authentication, and authorization. TMC evaluates Fog-IoT entities’ performance using a trust model based on a set of QoS and network communication features. Subsequently, trust is embedded as an attribute within SC’s access control policies, ensuring that only trusted entities are granted access to fog resources. Several attacking scenarios, namely DoS, DDoS, probing, and data theft are designed to elaborate on how the change in trust triggers the change in access rights and, therefore, validates the proposed integrated framework’s design principles. The framework is evaluated on a Raspberry Pi 3 Model B to benchmark its performance in terms of time and memory complexity. Our results show that both SC and TMC are lightweight and suitable for resource-constrained devices

Types of lightweight cryptographies in current developments for resource constrained machine type communication devices: challenges and opportunities

Machine-type communication devices have become a vital part of the autonomous industrial internet of things and industry 4.0. These autonomous resource-constrained devices share sensitive data, and are primarily acquired for automation and to operate consistently in remote environments under severe conditions. The requirements to secure the sensitive data shared between these devices consist of a resilient encryption technique with affordable operational costs. Consequently, devices, data, and networks are made secure by adopting a lightweight cryptosystem that should achieve robust security with sufficient computational and communication costs and counter modern security threats. This paper offers in-depth studies on different types and techniques of hardware and software-based lightweight cryptographies for machine-type communication devices in machine-to-machine communication networks

Survey on Encryption Techniques in Delay and Disruption Tolerant Network

Delay and disruption tolerant network (DTN) is used for long area communication in computer network, where there is no direct connection between the sender and receiver and there was no internet facility. Delay tolerant network generally perform store and forward techniques as a result intermediate node can view the message, the possible solution is using encryption techniques to protect the message. Starting stages of DTN RSA, DES, 3DES encryption algorithms are used but now a day\u27s attribute based encryption (ABE) techniques are used. Attribute based encryption technique can be classified in to two, key policy attribute based encryption (KPABE) and cipher policy attribute based encryption (CPABE). In this paper we perform a categorized survey on different encryption techniques presents in delay tolerant networks. This categorized survey is very helpful for researchers to propose modified encryption techniques. Finally the paper compares the performance and effectiveness of different encryption algorithms

Energy Saving Mechanisms in the Security of the Internet of Things

Energy consumption is one of the priorities of security on the Internet of Things. It is not easy to find the best solutions that will reduce energy consumption, while ensuring that the security requirements are met. Many of the issues that have been presented so far have covered the basics of security, such as the basic principles of encryption, extension environments, target applications, and so on.This paper examines one of the most effective energy-efficiency mechanisms for providing Internet-based security services. By studying techniques that enable the development of advanced energy-efficient security solutions, we take a closer look at the ideas that have already been introduced in this area. In this study, not only the security issues, but also the energy impacts on solutions have been considered. Initially, the amount of energy related to security services is introduced. Then a classification is proposed for energy efficient mechanisms on the Internet of Things. Finally, the main drivers of the impact of energy saving techniques are analyzed for security solutions

Improved ciphertext-policy time using short elliptic curve Diffie–Hellman

Ciphertext-policy attribute-based encryption (CP-ABE) is a suitable solution for the protection of data privacy and security in cloud storage services. In a CP-ABE scheme which provides an access structure with a set of attributes, users can decrypt messages only if they receive a key with the desired attributes. As the number of attributes increases, the security measures are strengthened proportionately, and they can be applied to longer messages as well. The decryption of these ciphertexts also requires a large decryption key which may increase the decryption time. In this paper, we proposed a new method for improving the access time to the CP using a new elliptic curve that enables a short key size to be distributed to the users that allows them to use the defined attributes for encryption and decryption. Each user has a specially created key which uses the defined attributes for encryption and decryption based on the Diffie-Hellman method. After the implement, the results show that this system saves nearly half of the execution time for encryption and decryption compared to previous methods. This proposed system provides guaranteed security by means of the elliptic curve discrete logarithmic problem