Abstract
In recent years, attribute-based encryption (ABE) has been widely applied in mobile computing, cloud computing, and the Internet of things, for supporting flexible and fine-grained access control of sensitive data. In this paper, we present a novel attribute-based encryption scheme that is based on bilinear pairing over Barreto and Naehrig curves (BN-curves). The identity-based encryption scheme SM9, which is a Chinese commercial cryptographic standard and a forthcoming part of ISO/IEC11770-3, has been used as the fundamental building block, and thus we first introduce SM9 and present our SM9 implementation in details. Subsequently, we propose the design and implementation of the ABE scheme. Moreover, we also develop a hybrid ABE for achieving lower ciphertext expansion rate when the size of access structure or plaintext is large. The performance and energy consumption of the implementation of the proposed ABE and its hybrid version are evaluated with a workstation, a PC, a smart phone, and an embedded device. The experimental results indicated that our schemes work well on various computing platforms. Moreover, the proposed schemes and their implementations would benefit developers in building applications that fulfill the regulatory compliance with the Chinese commercial cryptographic standard since there is no existing ABE scheme compatible with any Chinese cryptographic standard.
Highlights
There is an increasing requirement for data sharing and processing in the distributed computing environment with fine-grained access control with the development of cloud computing, mobile computing, and the Internet of things
We have implemented the R-Ate pairing over a BN-curve and the specified extension finite field, and integrated them with the interfaces that were provided by the Java Pairing-based Cryptography Library (JPBC) library to support SM9 identity-based encryption (IBE) and the proposed attribute-based encryption (ABE) schemes
Our contributions are briefly summarized, as follows: (i) we have proposed an ABE scheme based on the SM9 IBE scheme; (ii) we have implemented the ABE scheme as well as the SM9 IBE; and, (iii) we have presented a hybrid ABE scheme as an optimization
Summary
There is an increasing requirement for data sharing and processing in the distributed computing environment with fine-grained access control with the development of cloud computing, mobile computing, and the Internet of things. Attributes, without taking care of their identities and the number of qualified decryptors This feature significantly reduces the overhead of data encryption and enables resource providers to formulate flexible and scalable access control policies to manage the sharing range of data. SM9 is a cryptography standard that defines a set of identity-based cryptographic schemes, including signature, encryption, and key agreement It originates from a Chinese cryptographic standard [21], and its signature scheme has been adopted by the International Organization for Standardization as ISO/IEC. We have implemented the R-Ate pairing over a BN-curve and the specified extension finite field, and integrated them with the interfaces that were provided by the JPBC library to support SM9 IBE and the proposed ABE schemes.
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
