RMA-CPABE : A multi-authority CPABE scheme with reduced ciphertext size for IoT devices

Abstract

Internet of Things (IoT) generates a massive amount of data, which can be prone to huge data and privacy leaks unless given a proper access control. Ciphertext-policy attribute-based encryption (CP-ABE) is a well-known cryptographic mechanism that provides confidentiality and fine-grained access to stored data. In CP-ABE, a single trusted authority primarily handles attribute management and its revocation. However, in an environment like IoT, due to its heterogeneous nature, the attributes from multiple domains are evidently inherited by IoT devices and hence develop a need for a multi-authority scheme. Therefore, this paper proposes a novel multi-authority CP-ABE scheme with reduced-size ciphertext (RMA-CPABE) to provide secure access in fog-enabled IoT applications with attributes from multiple domains. This scheme considers the resource-constrained nature of IoT devices and reduces the ciphertext size in the sense that the ciphertext size does not increase linearly with the number of attributes; instead, it increases linearly with the number of multi-domain attribute authorities involved in the policy building. RMA-CPABE supports highly required functionalities like attribute update and outsourced decryption to reduce the computation load on the end devices. Further, the proposed scheme is the first to eliminate the most expensive ciphertext update operation during attribute revocation and addition, which is the biggest drawback of most of the existing schemes. The end-user in RMA-CPABE requires holding only a constant size key to access the ciphertexts securely. The security analysis proves that the proposed scheme is secure against Chosen-Ciphertext Attack (CCA) under multiple augmented Multi-Sequence of Exponents Decisional Diffie Hellman (maMSE-DDH) assumptions. The performance analysis shows that RMA-CPABE is suitable for IoT applications.