skip to main content
research-article

Efficient Distributed Decryption Scheme for IoT Gateway-based Applications

Authors Info & Claims
Published:05 January 2021Publication History
Skip Abstract Section

Abstract

With the evolvement of the Internet of things (IoT), privacy and security have become the primary indicators for users to deploy IoT applications. In the gateway-based IoT architecture, gateways aggregate data collected by perception-layer devices and upload message packets to platforms, while platforms automatically push different categories of data to different applications. However, security in processes of data transmission via gateways, storage in platforms, access by applications is the major challenge for user privacy protection. To tackle this challenge, this article presents a secure IoT scheme based on a fine-grained multi-receive signcryption scheme to realize end-to-end secure transmission and data access control. To enhance the security of online application decryption keys, we design a distributed threshold decryption scheme based on secret-sharing. Moreover, from the provable security perspective, we demonstrate that the scheme can achieve the expected IND-CCA security and EUF-CMA security. After the performance analysis, evaluation results show that the computational performance is efficient and linearly subject to the number of messages and the number of receivers.

References

  1. Ruhul Amin, Sk Hafizul Islam, G. P. Biswas, Muhammad Khurram Khan, and Neeraj Kumar. 2015. An efficient and practical smart card based anonymity preserving user authentication scheme for TMIS using elliptic curve cryptography. J. Med. Syst. 39, 11 (2015), 180.Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Mahmoud Ammar, Giovanni Russello, and Bruno Crispo. 2018. Internet of Things: A survey on the security of IoT frameworks. J. Inf. Sec. Applic. 38 (2018), 8--27.Google ScholarGoogle ScholarCross RefCross Ref
  3. Sravani Challa, Ashok Kumar Das, Vanga Odelu, Neeraj Kumar, Saru Kumari, Muhammad Khurram Khan, and Athanasios V. Vasilakos. 2018. An efficient ECC-based provably secure three-factor user authentication and key agreement protocol for wireless healthcare sensor networks. Comput. Electric. Eng. 69 (2018), 534--554.Google ScholarGoogle ScholarCross RefCross Ref
  4. Biwen Chen, Libing Wu, Neeraj Kumar, Kim-Kwang Raymond Choo, and Debiao He. 2019. Lightweight searchable public-key encryption with forward privacy over IIoT outsourced data. IEEE Trans. Emerg. Top. Comput. DOI:10.1109/TETC.2019.2921113Google ScholarGoogle Scholar
  5. Hasan Derhamy, Jens Eliasson, Jerker Delsing, and Peter Priller. 2015. A survey of commercial frameworks for the internet of things. In Proceedings of the IEEE 20th Conference on Emerging Technologies 8 Factory Automation (ETFA’15). IEEE, 1--8.Google ScholarGoogle ScholarCross RefCross Ref
  6. Taher Elgamal. 1985. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inf. Theor. 31, 4 (1985), 469--472.Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Tore Kasper Frederiksen, Yehuda Lindell, Valery Osheter, and Benny Pinkas. 2018. Fast distributed RSA key generation for semi-honest and malicious adversaries. In Proceedings of the International Cryptology Conference. Springer, 331--361.Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Darrel Hankerson, Alfred J. Menezes, and Scott Vanstone. 2006. Guide to Elliptic Curve Cryptography. Springer Science 8 Business Media.Google ScholarGoogle Scholar
  9. Jigna J. Hathaliya, Sudeep Tanwar, Sudhanshu Tyagi, and Neeraj Kumar. 2019. Securing electronics healthcare records in healthcare 4.0: A biometric-based approach. Comput. Electric. Eng. 76 (2019), 398--410.Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Carmit Hazay, Gert Læssøe Mikkelsen, Tal Rabin, Tomas Toft, and Angelo Agatino Nicolosi. 2019. Efficient RSA key generation and threshold Paillier in the two-party setting. J. Cryptol. 32, 2 (2019), 265--323.Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Debiao He, Neeraj Kumar, and Jong-Hyouk Lee. 2016. Privacy-preserving data aggregation scheme against internal attackers in smart grids. Wirel. Netw. 22, 2 (2016), 491--502.Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Cheng Huang, Rongxing Lu, Hui Zhu, Jun Shao, and Xiaodong Lin. 2016. FSSR: Fine-grained EHRs sharing via similarity-based recommendation in cloud-assisted ehealthcare system. In Proceedings of the 11th ACM Asia Conference on Computer and Communications Security. 95--106.Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Shen Jian, Dengzhi Liu, Xiaofeng Chen, Jin Li, Neeraj Kumar, and Pandi Vijayakumar. 2019. Secure real-time traffic data aggregation with batch verification for vehicular cloud in VANETs. IEEE Trans. Vehic. Technol. 69, 1 (2019), 807--817.Google ScholarGoogle Scholar
  14. Harmanjeet Kaur, Neeraj Kumar, and Shalini Batra. 2019. ClaMPP: A cloud-based multi-party privacy preserving classification scheme for distributed applications. J. Supercomput. 75, 6 (2019), 3046--3075.Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Shweta Khullar, Vivek Richhariya, and Vineet Richhariya. 2013. An efficient identity based multi-receiver signcryption scheme using ECC. Int. J. Advanc. Res. Technol. 2, 4 (2013), 189--193.Google ScholarGoogle Scholar
  16. Michael Kraitsberg, Yehuda Lindell, Valery Osheter, Nigel P. Smart, and Younes Talibi Alaoui. 2019. Adding distributed decryption and key generation to a ring-LWE based CCA encryption scheme. In Proceedings of the Australasian Conference on Information Security and Privacy. Springer, 192--210.Google ScholarGoogle ScholarCross RefCross Ref
  17. Ming Li, Shucheng Yu, Yao Zheng, Kui Ren, and Wenjing Lou. 2012. Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans. Parallel Distrib. Syst. 24, 1 (2012), 131--143.Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Yahong Li, Caifen Wang, Yulei Zhang, and Shufen Niu. 2016. Privacy-preserving multi-receiver signcryption scheme for heterogeneous systems. Secur. Commun. Netw. 9, 17 (2016), 4574--4584.Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Kaitai Liang, Liming Fang, Willy Susilo, and Duncan S. Wong. 2013. A ciphertext-policy attribute-based proxy re-encryption with chosen-ciphertext security. In Proceedings of the 5th International Conference on Intelligent Networking and Collaborative Systems. IEEE, 552--559.Google ScholarGoogle Scholar
  20. Kaitai Liang, Liming Fang, Duncan S. Wong, and Willy Susilo. 2015. A ciphertext-policy attribute-based proxy re-encryption scheme for data sharing in public clouds. Concurr. Comput.: Pract. Exper. 27, 8 (2015), 2004--2027.Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Chao Lin, Debiao He, Neeraj Kumar, Kim-Kwang Raymond Choo, Alexey Vinel, and Xinyi Huang. 2018. Security and privacy for the internet of drones: Challenges and solutions. IEEE Commun. Mag. 56, 1 (2018), 64--69.Google ScholarGoogle ScholarCross RefCross Ref
  22. Yehuda Lindell and Ariel Nof. 2018. Fast secure multiparty ECDSA with practical distributed key generation and applications to cryptocurrency custody. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. 1837--1854.Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Yining Liu, Wei Guo, Chun-I Fan, Liang Chang, and Chi Cheng. 2018. A practical privacy-preserving data aggregation (3PDA) scheme for smart grid. IEEE Trans. Industr. Inf. 15, 3 (2018), 1767--1774.Google ScholarGoogle ScholarCross RefCross Ref
  24. MIRACL Ltd. 2019. MIRACL Cryptographic SDK: Multiprecision Integer and Rational Arithmetic Cryptographic Library. Retrieved from https://github.com/miracl/MIRACL.Google ScholarGoogle Scholar
  25. Shivaramakrishnan Narayan, Martin Gagné, and Reihaneh Safavi-Naini. 2010. Privacy preserving EHR system using attribute-based infrastructure. In Proceedings of the ACM Workshop on Cloud Computing Security. 47--52.Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Roberta B. Ness, Joint Policy Committee, et al. 2007. Influence of the HIPAA privacy rule on health research. Jama 298, 18 (2007), 2164--2170.Google ScholarGoogle ScholarCross RefCross Ref
  27. Cong Peng, Jianhua Chen, Mohammad S. Obaidat, Pandi Vijayakumar, and Debiao He. 2019. Efficient and provably secure multi-receiver signcryption scheme for multicast communication in edge computing. IEEE Internet Things J. 7, 7 (2019), 6056--6068.Google ScholarGoogle ScholarCross RefCross Ref
  28. Jianying Qiu, Kai Fan, Kuan Zhang, Qiang Pan, Hui Li, and Yintang Yang. 2019. An efficient multi-message and multi-receiver signcryption scheme for heterogeneous smart mobile IoT. IEEE Access 7 (2019), 180205--180217.Google ScholarGoogle ScholarCross RefCross Ref
  29. Minghua Qu. 1999. SEC 2: Recommended Elliptic Curve Domain Parameters. Technical Report. Certicom Res., Mississauga, ON, Canada, Tech. Rep. SEC2-Ver-0.6 (1999).Google ScholarGoogle Scholar
  30. Claus-Peter Schnorr. 1991. Efficient signature generation by smart cards. J. Cryptol. 4, 3 (1991), 161--174.Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. S. Sharmila Deva Selvi, S. Sree Vivek, Deepanshu Shukla, and Pandu Rangan Chandrasekaran. 2008. Efficient and provably secure certificateless multi-receiver signcryption. In Proceedings of the International Conference on Provable Security. Springer, 52--67.Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. Adi Shamir. 1979. How to share a secret. Commun. ACM 22, 11 (1979), 612--613.Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. Akshayaram Srinivasan and C. Pandu Rangan. 2015. Certificateless proxy re-encryption without pairing: Revisited. In Proceedings of the 3rd International Workshop on Security in Cloud Computing. 41--52.Google ScholarGoogle Scholar
  34. Girraj Kumar Verma, B. B. Singh, Neeraj Kumar, and Vinay Chamola. 2019. CB-CAS: Certificate-based efficient signature scheme with compact aggregation for industrial Internet of Things environment. IEEE Internet Things J. 7, 4 (2019), 2563--2572.Google ScholarGoogle ScholarCross RefCross Ref
  35. Paul Voigt and Axel Von dem Bussche. 2017. The EU General Data Protection Regulation (GDPR). A Practical Guide, 1st ed. Springer International Publishing, Cham.Google ScholarGoogle Scholar
  36. Caifen Wang, Chao Liu, Yahong Li, Hui Qiao, and Li Chen. 2017. Multi-message and multi-receiver heterogeneous signcryption scheme for ad-hoc networks. Inf. Secur. J.: Global Persp. 26, 3 (2017), 136--152.Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. Changji Wang, Xuan Liu, and Wentao Li. 2012. Implementing a personal health record cloud platform using ciphertext-policy attribute-based encryption. In Proceedings of the 4th International Conference on Intelligent Networking and Collaborative Systems. IEEE, 8--14.Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. Lei Xu, Xiaoxin Wu, and Xinwen Zhang. 2012. CL-PRE: A certificateless proxy re-encryption scheme for secure data sharing with public cloud. In Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security. 87--88.Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. Xun Yi, Athman Bouguettaya, Dimitrios Georgakopoulos, Andy Song, and Jan Willemson. 2015. Privacy protection for wireless medical sensor data. IEEE Trans. Depend. Sec. Comput. 13, 3 (2015), 369--380.Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. Jin-Yong Yu and Young-Gab Kim. 2019. Analysis of IoT platform security: A survey. In Proceedings of the International Conference on Platform Technology and Service (PlatCon’19). IEEE, 1--5.Google ScholarGoogle ScholarCross RefCross Ref

Index Terms

  1. Efficient Distributed Decryption Scheme for IoT Gateway-based Applications

        Recommendations

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in

        Full Access

        • Published in

          cover image ACM Transactions on Internet Technology
          ACM Transactions on Internet Technology  Volume 21, Issue 1
          Visions Paper, Regular Papers, SI: Blockchain in E-Commerce, and SI: Human-Centered Security, Privacy, and Trust in the Internet of Things
          February 2021
          534 pages
          ISSN:1533-5399
          EISSN:1557-6051
          DOI:10.1145/3441681
          • Editor:
          • Ling Liu
          Issue’s Table of Contents

          Copyright © 2021 ACM

          Publisher

          Association for Computing Machinery

          New York, NY, United States

          Publication History

          • Published: 5 January 2021
          • Accepted: 1 July 2020
          • Revised: 1 June 2020
          • Received: 1 April 2020
          Published in toit Volume 21, Issue 1

          Permissions

          Request permissions about this article.

          Request Permissions

          Check for updates

          Qualifiers

          • research-article
          • Research
          • Refereed

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader

        HTML Format

        View this article in HTML Format .

        View HTML Format
        About Cookies On This Site

        We use cookies to ensure that we give you the best experience on our website.

        Learn more

        Got it!