Verifiable fully outsourced attribute-based signcryption system for IoT
 eHealth big data in cloud computing

Kittur Philemon Kibiwott; Yanan Zhao; Julius Kogo; Fengli Zhang; Kittur Philemon Kibiwott; Yanan Zhao; Julius Kogo; Fengli Zhang

doi:10.3934/mbe.2019178

Mathematical Biosciences and Engineering

2019, Volume 16, Issue 5: 3561-3594. doi: 10.3934/mbe.2019178

Previous Article Next Article

Research article Special Issues

Verifiable fully outsourced attribute-based signcryption system for IoT eHealth big data in cloud computing

1.
School of Information and Software Engineering, University of Electronic Science and Technology of China, Chengdu, 610054, China
2.
Department of Mathematics and Computer Science, University of Eldoret P. O. Box 1125-30100 Eldoret, Kenya

Received: 16 January 2019 Accepted: 27 March 2019 Published: 22 April 2019

The entrance of Internet of Things (IoT) technologies to healthcare industry has impacted the explosion of eHealth big data. Cloud computing is widely considered to be the promising solution to store this data because of the presence of abundant resources at a lower cost. However, the privacy and security of the IoT generated data cannot be ensured as the data is kept far from the owneros physical domain. In order to resolve the underlined issues, a reassuring solution is to adopt attribute-based signcryption (ABSC) due to the desirable cryptographic properties it holds including fine-grained access control, authentication, confidentiality and data owner privacy. Nonetheless, executing expensive computation such as pairing and modular exponential operations in resource-constrained IoT device platform can be too taxing and demanding. To address the challenges stated above, we proposed in this paper, a more efficient scheme where computation power is borrowed from the cloud server to process expensive computations while leaving simple operations to local users. In order to realize this, trusted attribute authority, signcryptor and designcryptor outsources to the cloud expensive tasks for key generation, signcryption and designcryption respectively. Moreover, validity and correctness of outsourced computations can be verified by employing outsourcing verification server. Security analysis, comparisons evaluation and simulation of the proposed scheme is presented. The output demonstrates that it is efficient, secure and therefore suitable for application in resource-constrained IoT devices.
- Internet of Things (IoT),
- outsourcing computation,
- attribute-based signcryption,
- cloud computing,
- eHealth big data
Citation: Kittur Philemon Kibiwott , Yanan Zhao , Julius Kogo, Fengli Zhang. Verifiable fully outsourced attribute-based signcryption system for IoT eHealth big data in cloud computing[J]. Mathematical Biosciences and Engineering, 2019, 16(5): 3561-3594. doi: 10.3934/mbe.2019178

Related Papers:

Abstract

The entrance of Internet of Things (IoT) technologies to healthcare industry has impacted the explosion of eHealth big data. Cloud computing is widely considered to be the promising solution to store this data because of the presence of abundant resources at a lower cost. However, the privacy and security of the IoT generated data cannot be ensured as the data is kept far from the owneros physical domain. In order to resolve the underlined issues, a reassuring solution is to adopt attribute-based signcryption (ABSC) due to the desirable cryptographic properties it holds including fine-grained access control, authentication, confidentiality and data owner privacy. Nonetheless, executing expensive computation such as pairing and modular exponential operations in resource-constrained IoT device platform can be too taxing and demanding. To address the challenges stated above, we proposed in this paper, a more efficient scheme where computation power is borrowed from the cloud server to process expensive computations while leaving simple operations to local users. In order to realize this, trusted attribute authority, signcryptor and designcryptor outsources to the cloud expensive tasks for key generation, signcryption and designcryption respectively. Moreover, validity and correctness of outsourced computations can be verified by employing outsourcing verification server. Security analysis, comparisons evaluation and simulation of the proposed scheme is presented. The output demonstrates that it is efficient, secure and therefore suitable for application in resource-constrained IoT devices.

References

[1]	L. Atzori, A. Iera and G. Morabito, The internet of things: A survey, Comp. Net., 54 (2010),
[2]	C. Chen, B. Xiang, Y. Liu, et al., A secure authentication protocol for internet of vehicles, IEEE Access, 7 (2019), 12047–12057.
[3]	K. H. Wang, C. M. Chen, W. Fang, et al., On the security of a new ultra-lightweight authentication protocol in iot environment for rfid tags, J. Supercomp., 74 (2018), 65–70.
[4]	K. Yeh, A secure transaction scheme with certificateless cryptographic primitives for iot-based mobile payments, IEEE Sys. J., 12 (2018), 2027–2038.
[5]	Z. Qin, Y. Wang, H. Cheng, et al., Demographic information prediction: A portrait of smartphone application users, IEEE T. Emer. Top. Comput., 6 (2018), 432–444.
[6]	D. Bandyopadhyay and J. Sen, Internet of things: Applications and challenges in technology and standardization, Wireless Pers. Commun., 58 (2011), 49–69.
[7]	H. K. Maji, M. Prabhakaran and M. Rosulek, Attribute-based signatures, in Topics in Cryptology– CT-RSA 2011 (ed. A. Kiayias), Springer Berlin Heidelberg, Berlin, Heidelberg, (2011), 376–392.
[8]	H. Xiong, H. Zhang and J. Sun, Attribute-based privacy-preserving data sharing for dynamic groups in cloud computing, IEEE Sys. J., 1–22.
[9]	A. Sahai and B. Waters, Fuzzy identity-based encryption, in Proc. of the 24th Annual Int. Conf. on Theory and App. of Crypto. Tech., EUROCRYPT'05, Springer-Verlag, Berlin, Heidelberg, (2005), 457–473.
[10]	A. Shamir, Identity-based cryptosystems and signature schemes, in Advances in Cryptology (eds. G. R. Blakley and D. Chaum), Springer Berlin Heidelberg, Berlin, Heidelberg, (1985), 47–53.
[11]	S. Lin, R. Zhang, H. Ma, et al., Revisiting attribute-based encryption with verifiable outsourced decryption, IEEE T. Inform. Fore. Sec., 10 (2015), 2119–2130.
[12]	J. Sun, Y. Bao, X. Nie, et al., Attribute-hiding predicate encryption with equality test in cloud computing, IEEE Access, 6 (2018), 31621–31629.
[13]	Q. Huang, Y. Yang and L. Wang, Secure data access control with ciphertext update and computa- tion outsourcing in fog computing for internet of things, IEEE Access, 5 (2017), 12941–12950.
[14]	X. Li, R. Lu, X. Liang, et al., Smart community: an internet of things application, IEEE Com. Mag., 49 (2011), 68–75.
[15]	S. S. Chow, A framework of multi-authority attribute-based encryption with outsourcing and revo- cation, in Proc. of the 21st ACM on Symp. on Acc. Cont. Models and Tech., SACMAT '16, ACM, New York, NY, USA, (2016), 215–226.
[16]	M. Li, W. Lou and K. Ren, Data security and privacy in wireless body area networks, IEEE Wir. Com., 17 (2010), 51–58.
[17]	V. Goyal, O. Pandey, A. Sahai, et al., Attribute-based encryption for fine-grained access control of encrypted data, in Proc. of the 13th ACM Conf. on Comp. and Com. Sec., CCS '06, ACM, New York, NY, USA, (2006), 89–98.
[18]	A. Lewko and B. Waters, Unbounded hibe and attribute-based encryption, in Proc. of the 30th An- nual Int. Conf. on Theory and Appl. of Crypt. Techn.: Advances in Cryptology, EUROCRYPT'11, Springer-Verlag, Berlin, Heidelberg, (2011), 547–567.
[19]	J. Bethencourt, A. Sahai and B. Waters, Ciphertext-policy attribute-based encryption, in Proc. of the 2007 IEEE Symp. on Sec. and Priv., SP '07, IEEE Computer Society, Washington, DC, USA, (2007), 321–334.
[20]	A. Lewko, T. Okamoto, A. Sahai, et al., Fully secure functional encryption: Attribute-based en- cryption and (hierarchical) inner product encryption, in Advances in Cryptology – EUROCRYPT 2010 (ed. H. Gilbert), Springer Berlin Heidelberg, Berlin, Heidelberg, (2010), 62–91.
[21]	C. Fan, V. S. Huang and H. Ruan, Arbitrary-state attribute-based encryption with dynamic mem- bership, IEEE T. Comp., 63 (2014), 1951–1961.
[22]	H. Maji, M. Prabhakaran and M. Rosulek, Attribute-based signatures: Achieving attribute-privacy and collusion-resistance, (2008).
[23]	J. Li, M. H. Au, W. Susilo, et al., Attribute-based signature and its applications, in Proc. of the 5th ACM Symp. on Inf., Comp. and Com. Sec., ASIACCS '10, ACM, New York, NY, USA, (2010), 60–69.
[24]	M. Gagné, S. Narayan and R. Safavi-Naini, Short pairing-efficient threshold-attribute-based sig- nature, in Proc. of the 5th Int. Conf. on Pairing-Based Cryptography, Pairing'12, Springer-Verlag, Berlin, Heidelberg, (2013), 295–313.
[25]	Y. S. Rao, Int. J. Communication Systems, 30, Available from: https://doi.org/10.1002/ dac.3322.
[26]	C. T. Li, C. L. Chen, C. C. Lee, et al., A novel three-party password-based authenticated key exchange protocol with user anonymity based on chaotic maps, Soft Comput., 22 (2018), 2495– 2506.
[27]	J.C.W.Lin, Q.Liu, P.Fournier-Viger, etal., Anonymizationofmultipleandpersonalizedsensitive attributes, in 20th Int. Conf., DaWaK 2018 on Big Data Anal. and Know. Disc. (eds. C. Ordonez and L. Bellatreche), Springer International Publishing, Cham, (2018), 204–215.
[28]	J. C. W. Lin, Y. Zhang, P. Fournier-Viger, et al., A metaheuristic algorithm for hiding sensitive itemsets, in Database and Expert Systems Applications (eds. S. Hartmann, H. Ma, A. Hameurlain, G. Pernul and R. R. Wagner), Springer International Publishing, Cham, (2018), 492–498.
[29]	Q. Xu, C. Tan, Z. Fan, et al., Secure data access control for fog computing based on multi-authority attribute-based signcryption with computation outsourcing and attribute revocation, Sensors, 18 (2018), 1609.
[30]	C. M. Chen, K. H. Wang, W. Fang, et al., Reconsidering a lightweight anonymous authentication protocol, J. Chin. Insti. Eng., 42 (2019), 9–14.
[31]	F. Deng, Y. Wang, L. Peng, et al., Ciphertext-policy attribute-based signcryption with verifiable outsourced designcryption for sharing personal health records, IEEE Access, 6 (2018), 39473– 39486.
[32]	S. M. Sedaghat, M. H. Ameri, M. Delavar, et al., An efficient and secure attribute-based signcryp- tion scheme for smart grid applications, Cryptology ePrint Archive, Report 2018/263, (2018).
[33]	Q. Xu, C. Tan, Z. Fan, et al., Secure multi-authority data access control scheme in cloud storage system based on attribute-based signcryption, IEEE Access, 6 (2018), 34051–34074.
[34]	H. Wang, D. He, J. Shen, et al., Verifiable outsourced ciphertext-policy attribute-based encryption in cloud computing, Soft Comp., 21 (2017), 7325–7335.
[35]	M. Green, S. Hohenberger and B. Waters, Outsourcing the decryption of abe ciphertexts, in Proc. of the 20th USENIX Conf. on Security, SEC'11, USENIX Association, Berkeley, CA, USA, (2011), 34–34.
[36]	J. Li, W. Yao, Y. Zhang, et al., Flexible and fine-grained attribute-based data storage in cloud computing, IEEE T. Serv. Comp., 10 (2017), 785–796.
[37]	H. Xiong, K. R. Choo and A. V. Vasilakos, Revocable identity-based access control for big data with verifiable outsourced computing, IEEE T. B. Data, 1–1.
[38]	H. Xiong and J. Sun, Comments on "verifiable and exculpable outsourced attribute-based encryp- tion for access control in cloud computing", IEEE T. Dep. Sec. Comp., 14 (2017), 461–462.
[39]	L. Jiguo, S. Fengjie, Z. Yichen, et al., Verifiable outsourced decryption of attribute-based encryp- tion with constant ciphertext length, Sec. Com. Net., (2017).
[40]	J. Lai, R. H. Deng, C. Guan, et al., Attribute-based encryption with verifiable outsourced decryp- tion, IEEE T. Info. Fore. Sec., 8 (2013), 1343–1354.
[41]	X. Mao, J. Lai, Q. Mei, et al., Generic and efficient constructions of attribute-based encryption with verifiable outsourced decryption, IEEE T. Dep. Sec. Comp., 13 (2016), 533–546.
[42]	R.Zhang, H.MaandY.Lu, Fine-grainedaccesscontrolsystembasedonfullyoutsourcedattribute- based encryption, J. Sys. Soft., 125 (2017), 344–353.
[43]	P. Yang, Z. Cao and X. Dong, Fuzzy identity based signature, Cryptology ePrint Archive, Report 2008/002, (2008).
[44]	G. Shanqing and Z. Yingpei, Attribute-based signature scheme, in 2008 International Conference on Information Security and Assurance (isa 2008), (2008), 509–511.
[45]	S. Y. Tan, S. H. Heng and B. M. Goi, On the security of an attribute-based signature scheme, in U- and E-Service, Science and Technology (eds. D.Ślęzak, T. H. Kim, J. Ma, W. C. Fang, F. E. Sandnes, B. H. Kang and B. Gu), Springer Berlin Heidelberg, Berlin, Heidelberg, (2009), 161–168.
[46]	J. Herranz, F. Laguillaumie, B. Libert, et al., Short attribute-based signatures for threshold pred- icates, in Topics in Cryptology – CT-RSA 2012 (ed. O. Dunkelman), Springer Berlin Heidelberg, Berlin, Heidelberg, (2012), 51–67.
[47]	T. Okamoto and K. Takashima, Efficient attribute-based signatures for non-monotone predicates in the standard model, in Public Key Cryptography–PKC 2011 (eds. D. Catalano, N. Fazio, R. Gen- naro and A. Nicolosi), Springer Berlin Heidelberg, Berlin, Heidelberg, (2011), 35–52.
[48]	T. Okamoto and K. Takashima, Decentralized attribute-based signatures, in Public-Key Cryptography–PKC2013(eds.K.KurosawaandG.Hanaoka), SpringerBerlinHeidelberg, Berlin, Heidelberg, (2013), 125–142.
[49]	H. Xiong, Q. Mei and Y. Zhao, Efficient and provably secure certificateless parallel key-insulated signature without pairing for iiot environments, IEEE Sys. J., 1–11.
[50]	S. F. Shahandashti and R. Safavi-Naini, Threshold attribute-based signatures and their application to anonymous credential systems, in Progress in Cryptology–AFRICACRYPT 2009 (ed. B. Pre- neel), Springer Berlin Heidelberg, Berlin, Heidelberg, (2009), 198–216.
[51]	M. Gagné, S. Narayan and R. Safavi-Naini, Threshold attribute-based signcryption, in Sec. and Crypt. for Net. (eds. J. A. Garay and R. De Prisco), Springer Berlin Heidelberg, Berlin, Heidelberg, (2010), 154–171.
[52]	K. Emura, A. Miyaji and M. S. Rahman, Dynamic attribute-based signcryption without random oracles, Int. J. Appl. Cryptol., 2 (2012), 199–211.
[53]	C. Hu, N. Zhang, H. Li, et al., Body area network security: A fuzzy attribute-based signcryption scheme, IEEE J. Sel. Areas. Com., 31 (2013), 37–46.
[54]	Y. Han, W. Lu and X. Yang, Attribute-based signcryption scheme with non-monotonic access structure, in Proc. of the 2013 5th Int. Conf. on Intel. Net. and Collaborative Systems, INCOS '13, IEEE Computer Society, Washington, DC, USA, (2013), 796–802.
[55]	H. Hong and Z. Sun, An efficient and secure attribute based signcryption scheme with lsss access structure, SpringerPlus, 5 (2016), 644.
[56]	J. Liu, X. Huang and J. K. Liu, Secure sharing of personal health records in cloud computing: Ciphertext-policy attribute-based signcryption, Fut. Gen. Comp. Sys., 52 (2015), 67–76.
[57]	Y. S. Rao, A secure and efficient ciphertext-policy attribute-based signcryption for personal health records sharing in cloud computing, Fut. Gen. Comp. Sys., 67 (2017), 133–151.
[58]	Y. S. Rao and R. Dutta, Expressive bandwidth-efficient attribute based signature and signcryption in standard model, in Info. Sec. Priv. (eds. W. Susilo and Y. Mu), Springer International Publishing, Cham, (2014), 209–225.
[59]	H. Yiliang and L. Wanyi, Attribute based generalized signcryption for online social network, in 2015 34th Chin. Control Conf., (2015), 6434–6439.
[60]	A. Beimel, Secure schemes for secret sharing and key distribution Ph.D thesis, Technion-Israel Institute of technology, Faculty of computer science, 1996.
[61]	A. Lewko and B. Waters, Decentralizing attribute-based encryption, in Proc. of the 30th An- nual Int. Conf. on Theory and App. of Crypt. Tech.: Advances in Cryptology, EUROCRYPT'11, Springer-Verlag, Berlin, Heidelberg, (2011), 568–588.
[62]	S. Wang, K. Liang, J. K. Liu, et al., Attribute-based data sharing scheme revisited in cloud com- puting, IEEE T. Info. For. Sec., 11 (2016), 1661–1673.
[63]	B. Lynn., The stanford pairing based crypto library. Available from: https://crypto. stanford.edu/pbc/.

Reader Comments

Your name:*

Email:*
© 2019 the Author(s), licensee AIMS Press. This is an open access article distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/4.0)