Efficient Searchable Attribute-Based Encryption Scheme for Cloud-Assisted Industrial IoT

doi:10.3969/j.issn.1671-1122.2024.09.004

Abstract

Abstract:

Cloud storage can effectively store and manage the massive data generated by the industrial Internet of things, but it lacks a flexible and secure access control mechanism, and the uploaded encrypted data is difficult to retrieve efficiently. To solve these problems, this paper proposed an efficient and secure searchable attribute-based encryption scheme for the Industrial Internet of Things, which had the functions of privacy protection, multi-keyword search and data verification. The scheme used symmetric encryption and attribute-based encryption to encrypt plaintext in an online/offline encryption manner, and used XOR filters and random secret values to hide some access policies, further improving the security of industrial data. On the other hand, based on polynomial equations, multi-keyword efficient search supporting subset queries was implemented. In addition, the integrity of data in cloud storage was verified by signature encryption. The security proof proves that the proposed scheme can resist chosen plaintext attacks under the assumption of DBDH difficulty problem. Theoretical analysis and simulation experimental results show that the scheme has higher efficiency and more comprehensive functions than the comparative scheme in encryption, trapdoor generation and search stages.

Key words: industrial IoT, attribute-based encryption, searchable encryption, policy hidden, data verification

CLC Number:

TP309

ZHANG Xuewang, CHEN Siyu, LUO Xinyue, LEI Zhitao, XIE Haofei. Efficient Searchable Attribute-Based Encryption Scheme for Cloud-Assisted Industrial IoT[J]. Netinfo Security, 2024, 24(9): 1352-1363.

Figures/Tables 9

References 29

[1]	SISINNI E, SAIFULLAH A, HAN Song, et al. Industrial Internet of Things: Challenges, Opportunities, and Directions[J]. IEEE Transactions on Industrial Informatics, 2018, 14(11): 4724-4734.
[2]	ZHANG Xiaojun, XU Chunxiang, WANG Huaxiong, et al. FS-PEKS: Lattice-Based Forward Secure Public-Key Encryption with Keyword Search for Cloud-Assisted Industrial Internet of Things[J]. IEEE Transactions on Dependable and Secure Computing, 2021, 18(3): 1019-1032.
[3]	SINGH A, CHATTERJEE K. Cloud Security Issues and Challenges: A Survey[J]. Journal of Network and Computer Applications, 2017, 79: 88-115.
[4]	USMAN M, JAN M A, HE Xiangjian, et al. P2DCA: A Privacy-Preserving-Based Data Collection and Analysis Framework for IoMT Applications[J]. IEEE Journal on Selected Areas in Communications, 2019, 37(6): 1222-1230.
[5]	YIN Hui, ZHANG Wei, DENG Hua, et al. An Attribute-Based Searchable Encryption Scheme for Cloud-Assisted IIoT[J]. IEEE Internet of Things Journal, 2023, 10(12): 11014-11023.
[6]	ZHANG Ke, LONG Jiahuan, WANG Xiaofen, et al. Lightweight Searchable Encryption Protocol for Industrial Internet of Things[J]. IEEE Transactions on Industrial Informatics, 2021, 17(6): 4248-4259.
[7]	SAHAI A, WATERS B. Fuzzy Identity-Based Encryption[C]// Springer. 24th Annual International Conference on Theory and Applications of Cryptographic Techniques. Heidelberg: Springer, 2005: 457-473.
[8]	BETHENCOURT J, SAHAI A, WATERS B. Ciphertext-Policy Attribute-Based Encryption[C]// IEEE. 2007 IEEE Symposium on Security and Privacy. NewYork: IEEE, 2007: 321-334.
[9]	XIONG Hu, HUANG Xin, YANG Minghao, et al. Unbounded and Efficient Revocable Attribute-Based Encryption with Adaptive Security for Cloud-Assisted Internet of Things[J]. IEEE Internet of Things Journal, 2022, 9(4): 3097-3111.
[10]	SUN Jianfei, YUAN Yu, TANG Mingjian, et al. Privacy-Preserving Bilateral Fine-Grained Access Control for Cloud-Enabled Industrial IoT Healthcare[J]. IEEE Transactions on Industrial Informatics, 2022, 18(9): 6483-6493.
[11]	SUN Jianfei, XIONG Hu, LIU Ximeng, et al. Lightweight and Privacy-Aware Fine-Grained Access Control for IoT-Oriented Smart Health[J]. IEEE Internet of Things Journal, 2020, 7(7): 6566-6575. doi: 10.1109/JIOT.2020.2974257
[12]	WANG Huiyong, LIANG Jialing, DING Yong, et al. Ciphertext-Policy Attribute-Based Encryption Supporting Policy-Hiding and Cloud Auditing in Smart Health[EB/OL]. [2024-04-23]. https://www.sciencedirect.com/science/article/abs/pii/S0920548922000630?via%3Dihub.
[13]	ZHANG Zhaoqian, ZHANG Jianbiao, YUAN Yilin, et al. An Expressive Fully Policy-Hidden Ciphertext Policy Attribute-Based Encryption Scheme with Credible Verification Based on Blockchain[J]. IEEE Internet of Things Journal, 2022, 9(11): 8681-8692.
[14]	SONG D X, WAGNER D, PERRIG A. Practical Techniques for Searches on Encrypted Data[C]// IEEE. The 2000 IEEE Symposium on Security and Privacy. New York: IEEE, 2000: 44-55.
[15]	KAUSHIK K, VARADHARAJAN V, NALLUSAMY R. Multi-User Attribute Based Searchable Encryption[C]// IEEE. 2013 IEEE 14th International Conference on Mobile Data Management. New York: IEEE, 2013: 200-205.
[16]	YIN Xinchun, WANG Mengyu, NING Jianting. Lightweight Searchable Medical Data Sharing Scheme[J]. Journal on Communications, 2022, 43(5): 110-122. doi: 10.11959/j.issn.1000-436x.2022090
	殷新春, 王梦宇, 宁建廷. 轻量级可搜索医疗数据共享方案[J]. 通信学报, 2022, 43(5):110-122. doi: 10.11959/j.issn.1000-436x.2022090
[17]	HU Yuanyuan, CHEN Yanli, ZHU Minhui. Privacy Protection Attribute-Based Ciphertext Search Scheme[J]. Application Research of Computers, 2019, 36(4): 1158-1164.
	胡媛媛, 陈燕俐, 朱敏惠. 可实现隐私保护的基于属性密文可搜索方案[J]. 计算机应用研究, 2019, 36(4):1158-1164.
[18]	ZHANG Kai, LI Yanping, LU Laifeng. Privacy-Preserving Attribute-Based Keyword Search with Traceability and Revocation for Cloud-Assisted IoT[EB/OL]. (2021-05-30)[2024-04-23]. https://onlinelibrary.wiley.com/doi/10.1155/2021/9929663.
[19]	YANG Xiaodong, LI Ting, MA Tingchun, et al. Searchable Encryption Scheme Supporting Policy Hiding and Constant Ciphertext Length[J]. Journal of Electronics & Information Technology, 2021, 43(4): 900-907.
	杨小东, 李婷, 麻婷春, 等. 支持策略隐藏且密文长度恒定的可搜索加密方案[J]. 电子与信息学报, 2021, 43(4):900-907.
[20]	HUANG Baohua, HUANG Pirong, ZHAO Weihong, et al. Multi-Keyword Searchable Encryption Scheme Supporting Attribute Revocation in Cloud Storage[J]. Computer Engineering, 2021, 47(11): 29-36. doi: 10.19678/j.issn.1000-3428.0061050
	黄保华, 黄丕荣, 赵伟宏, 等. 云存储中支持属性撤销的多关键词可搜索加密方案[J]. 计算机工程, 2021, 47(11):29-36. doi: 10.19678/j.issn.1000-3428.0061050
[21]	MIAO Yinbin, TONG Qiuyun, CHOO K K R, et al. Secure Online/Offline Data Sharing Framework for Cloud-Assisted Industrial Internet of Things[J]. IEEE Internet of Things Journal, 2019, 6(5): 8681-8691. doi: 10.1109/JIOT.2019.2923068
[22]	HE Heng, ZHANG Ji, LI Peng, et al. A Lightweight Secure Conjunctive Keyword Search Scheme in Hybrid Cloud[J]. Future Generation Computer Systems, 2019, 93: 727-736. doi: 10.1016/j.future.2018.09.026
[23]	SUN Jin, REN Lili, WANG Shangping, et al. Multi-Keyword Searchable and Data Verifiable Attribute-Based Encryption Scheme for Cloud Storage[J]. IEEE Access, 2019, 7: 66655-66667. doi: 10.1109/ACCESS.2019.2917772
[24]	MIAO Yinbin, MA Jianfeng, LIU Ximeng, et al. Attribute-Based Keyword Search over Hierarchical Data in Cloud Computing[J]. IEEE Transactions on Services Computing, 2020, 13(6): 985-998.
[25]	NIU Shufen, HAN Song, XIE Yaya, et al. Attribute-Based Searchable Encryption Scheme Supporting Multiple Keywords Based on Blockchain[J]. Journal of Cyber Security, 2023, 8(1): 131-143.
[26]	FAN Yundong, WU Xiaoping. Cloud Storage Access Control Scheme Based on Policy Hiding Attribute Encryption[J]. Computer Engineering, 2018, 44(7): 139-144, 149. doi: 10.19678/j.issn.1000-3428.0047699
	范运东, 吴晓平. 基于策略隐藏属性加密的云存储访问控制方案[J]. 计算机工程, 2018, 44(7):139-144,149. doi: 10.19678/j.issn.1000-3428.0047699
[27]	GRAF T M, LEMIRE D. Xor Filters: Faster and Smaller than Bloom and Cuckoo Filters[J]. ACM Journal of Experimental Algorithmics, 2020, 25(1): 1-16.
[28]	YIN Hongjian, ZHAO Yiming, ZHANG Lei, et al. Attribute-Based Searchable Encryption with Decentralized Key Management for Healthcare Data Sharing[EB/OL]. (2020-01-27)[2024-04-23]. http://arxiv.org/abs/1912.08258v3.
[29]	LIU Jingwei, FAN Yue, SUN Rong, et al. Blockchain-Aided Privacy-Preserving Medical Data Sharing Scheme for E-Healthcare System[J]. IEEE Internet of Things Journal, 2023, 10(24): 21377-21388.

方案	访问结构	策略隐藏	多关键词搜索	数据验证	在线/ 离线加密
文献[17]	LSSS	√	×	×	×
文献[18]	多值属性“与”“或”	√	×	×	×
文献[24]	访问树	×	√	×	×
文献[19]	多值属性“与”	√	×	√	×
文献[28]	访问树	×	×	×	×
文献[29]	内积加密（“与”）	√	√	×	×
本文方案	多值属性“与”“或”	√	√	√	√

方案	加密阶段	搜索阶段	陷门生成阶段	解密阶段
文献[17]	P+(4N+5)E+E_T	(2S+3)P+SE_T	(S+5)E	(2S+1)P+SE_T
文献[18]	(4N+2)E+E_T	(2S+1)P+(2S+2)E	(2S+1)E	—
文献[24]	(4N+Q+1)E+E_T	(2S+3)P+2E	(2S+4)E	SP+2SE_T
文献[19]	2E+E_T	3P+E_T	(2S+1)E	2P
文献[28]	(2N+1)E+E_T	(2S+1)P	(2S+1)E	—
文献[29]	(2N+4)E+(Q+1)P	(S+3)P	(S+4)E	P
本文方案	(2N+5)E+2E_T	P+E+E_T	E	(2S+1)P