Go to DBLP homepageA Key Escrow-Free KP-ABE Scheme and Its Application in Standalone Authentication in IoT
Abstract: When users access the Internet of Things (IoT) devices, authenticating their identities and permissions is an important measure to ensure system security and achieve access control. Standalone authentication (SAA) is an efficient authentication method because it allows IoT devices to independently finish user authentication, avoiding the reliance on a single authentication center in traditional authentication methods. Attribute-based encryption (ABE) supports fine-grained access control and can be used to realize SAA. In certain SAA scenarios, the underlying ABE scheme should also meet some special requirements of security and function. For example, when a central authority seeks help from multiple proxy authorities (PAs) to share the burden of managing users’ access rights, dishonest PAs may grant access rights to illegal users to gain benefits. This situation where the authority abuses its capability of access rights management is referred to as the key escrow problem in ABE (because for ABE, users’ decryption keys represent their access rights). Therefore, we propose a key-policy ABE (KP-ABE) scheme without key escrow to prevent dishonest authorities from abusing their power. Compared with related schemes, the new scheme can relatively fully solve the key escrow problem, has high access policy expressiveness, and is efficient. These advantages ensure that the proposed scheme can be used to achieve secure and efficient SAA in IoT.
Loading