Go to DBLP homepageSSIDB: Secure Sharing of IoT Data on Blockchain with CP-ABE and Trusted Environment Assistance
Abstract: With the popularization and broad application of the Internet of Things (IoT), the emergence of massive heterogeneous data brings serious privacy and security challenges to the traditionally centralized data storage and sharing architecture. Current research tends to leverage distributed blockchain technology and cryptographic algorithms to address these challenges. In particular, ciphertext-policy attribute-based encryption (CP-ABE) has shown great potential in protecting data privacy and realizing fine-grained access control. However, these approaches still cannot effectively support the integrated implementation of policy update and attribute revocation, and the key security during data sharing is difficult to guarantee. To address the above issues, we propose a secure IoT data sharing scheme on blockchain, called SSIDB, which is assisted by CP-ABE and Trusted Execution Environment (TEE). The scheme utilizes symmetric proxy re-encryption technology to achieve an efficient update of ciphertext access policy. Besides, based on the privacy of TEE, we realize the revocation of user attributes without having to update ciphertext. At the same time, we introduce TEE to manage keys and provide a secure execution environment for sensitive computations. We analyze the security of SSIDB scheme and evaluate its performance by conducting experiments on blockchain and TEE. The results show that the time consumption of our SSIDB scheme in encryption, decryption, policy update and attribute revocation phase is lower than other schemes by 144%, 126%, 176%, and 950%, respectively.
Loading