Abstract
In the Internet of Things (IoT) systems, it is often required to deliver a secure message to a group of devices. The public key broadcast encryption is an efficient primitive to handle IoT broadcasts, by allowing a user (or a device) to broadcast encrypted messages to a group of legitimate devices. This paper proposes an IoT-friendly subset representation called Combinatorial Subset Difference (CSD), which generalizes the existing subset difference (SD) method by allowing wildcards (*) in any position of the bitstring. Based on the CSD representation, we first propose an algorithm to construct the CSD subset, and a CSD-based public key broadcast encryption scheme. By providing the most general subset representation, the proposed CSD-based construction achieves a minimal header size among the existing broadcast encryption. The experimental result shows that our CSD saves the header size by 17% on average and more than 1000 times when assuming a specific IoT example of IP address with 20 wildcards and total users, compared to the SD-based broadcast encryption. We prove the semantic security of CSD-based broadcast encryption under the standard l-BDHE assumption, and extend the construction to a chosen-ciphertext-attack (CCA)-secure version.
Highlights
In the recent applications, the Internet of Things (IoT) systems are more likely to involve multicast of privacy-sensitive information; for example, an IoT sensor network in the smart city involves personal whereabouts transmitted to multiple devices, and an IoT medical system requires sensitive health information to be delivered to the authorized devices
We propose the combinatorial subset difference (CSD), which is a new subset representation for the broadcast encryption
Due to the general coverage, the CSD representation generates minimal subsets which lead to the minimal header size when applied to the broadcast encryption
Summary
The Internet of Things (IoT) systems are more likely to involve multicast of privacy-sensitive information; for example, an IoT sensor network in the smart city involves personal whereabouts transmitted to multiple devices, and an IoT medical system requires sensitive health information to be delivered to the authorized devices In these IoT secure communications, cryptographic primitives can provide useful functionalities and efficiencies. An arbitrary network group can be effectively represented by IP address including wildcard (*), and if a part of IP is connected to attributes, a device group specified by a set of attributes can be effectively expressed This flexible representation denoted by IP characteristics or attributes covers any specific group even without knowing every individual ID predefined. The subset representation is considered separately: the construction assumes there already exists pre-defined subsets covering the given privileged users. The interval representation requires 4 subsets to cover the privileged users, which is comparable to the SD representation
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
