Abstract
Nowadays, more and more data are stored on cloud for sharing in vehicular networks, but the increasing number of cloud data security incidents makes how to guarantee confidentiality of sharing data one of the main concerns. Attribute-based encryption is considered as a suitable method to solve this issue. However, the requirements of lightweight and privacy make it difficult to apply the existing attribute-based encryption schemes directly in vehicular networks. In this paper, we put forward an access control scheme with lightweight decryption and conditional authentication for secure data sharing in vehicular networks. In this scheme, we extend elliptic-curve cryptography-based key-policy attribute-based encryption scheme with token-based decryption for lightweight access control. Moreover, we integrate Elliptic Curve Qu-Vanstone implicit certificate with ELGamal encryption algorithm to achieve both mutual authentication and conditional privacy protection. The performance analysis shows that the proposed scheme requires less time for both encryption and decryption on the user side. The security analysis shows that the proposed scheme can provide conditional anonymity.
Similar content being viewed by others
References
16092 IS (2016) IEEE standard for wireless access in vehicular environments—security services for applications and management messages. In: IEEE Standard 1609.2, IEEE
Agrawal S, Chase M (2017) Fame: Fast attribute-based message encryption. In: Proceedings of the 2017 ACM SIGSAC conference on computer and communications security, CCS
Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: 2007 IEEE symposium on security and privacy (SP ’07), pp 321–334. https://doi.org/10.1109/SP.2007.11
Dolev S, Krzywiecki L, Nea Panwar (2016) Vehicle authentication via monolithically certified public key and attributes. Wireless Netw 22:879–896. https://doi.org/10.1007/s11276-015-1005-1
Farash M, Attari M (2016) A provably secure and efficient authentication scheme for access control in mobile pay-tv systems. Multimed Tools Appl 75:405–424. https://doi.org/10.1007/s11042-014-2296-4
Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the ACM conference on computer and communications security, pp. 89–98. https://doi.org/10.1145/1180405.1180418
Ha D, Nguyen KT, Zao JK (2016) Efficient authentication of resource-constrained IoT devices based on ECQV implicit certificates and datagram transport layer security protocol. In: Proceedings of the seventh symposium on information and communication technology, pp 173–179. https://doi.org/10.1145/3011077.3011108
He D, Zeadally S, Xu B, Huang X (2015) An efficient identity-based conditional privacy-preserving authentication scheme for vehicular ad hoc networks. IEEE Trans Inf Forensics Secur 10(12):2681–2691
He Q, Zhang N, Wei Y, Zhang Y (2018) Lightweight attribute based encryption scheme for mobile cloud assisted cyber-physical systems. Comput Netw 140:163–173. https://doi.org/10.1016/j.comnet.2018.01.038
He W, Yan G, Xu LD (2014) Developing vehicular data cloud services in the IoT environment. IEEE Trans Ind Informat 10(2):1587–1595
Horng S, Tzeng S, Pan Y, Fan P, Wang X, Li T, Khan MK (2013) b-specs+: batch verification for secure pseudonymous authentication in vanet. IEEE Trans Inf Forensics Secur 8(11):1860–1875
Kang Q, Liu X, Yao Y, Wang Z, Li Y (2016) Efficient authentication and access control of message dissemination over vehicular ad hoc network. Neurocomputing 181:132–138. https://doi.org/10.1016/j.neucom.2015.06.098
Lin C, He D, Huang X, Choo KKR, Vasilakos AV (2018) BSeIn: a blockchain-based secure mutual authentication with fine-grained access control system for industry 4.0. J Netw Comput Appl 116:42–52. https://doi.org/10.1016/j.jnca.2018.05.005
Nkenyereye L, Park Y, Rhee K (2016) A secure billing protocol over attribute-based encryption in vehicular cloud computing. J Wirel Commun Netw. https://doi.org/10.1186/s13638-016-0687-0
Ravi K, Kulkarni SA (2013) A secure message authentication scheme for VANET using ECDSA. In: 2013 fourth international conference on computing, communications and networking technologies (ICCCNT), pp 1–6
Safi QGK, Luo S, Wei C, Pan L, Yan G (2018) Cloud-based security and privacy-aware information dissemination over ubiquitous vanets. Comput Stand Interfaces 56:107–115. https://doi.org/10.1016/j.csi.2017.09.009
Sahai A, Waters B (2005) Fuzzy identity-based encryption. Advances in cryptology—EUROCRYPT 2005. Springer, Berlin, pp 457–473
SECG (2010) Standards for efficient cryptography.sec 2: recommended elliptic curve domain parameters. https://www.secg.org/. Accessed 26 Apr 2020
SECG (2013) Standards for efficient cryptography. sec 4: elliptic curve qu-vanstone implicit certificate scheme (ECQV). https://www.secg.org/. Accessed 26 Apr 2020
Sookhak M, Yu FR, Tang H (2017) Secure data sharing for vehicular ad-hoc networks using cloud computing. Ad hoc networks. Springer, Cham, pp 306–315
Team S (2020) 2018 ICV cybersecurity annual report. 360 security. https://skygo.360.cn/2019/03/20/2018-security-report/. Accessed 26 Apr 2020
Tsai J, Lo N (2015) A privacy-aware authentication scheme for distributed mobile cloud computing services. IEEE Syst J 9(3):805–815
Tsai J, Lo N, Wu T (2013) Novel anonymous authentication scheme using smart cards. IEEE Trans Ind Inform 9(4):2004–2013
Xue K, Hong J, Ma Y, Wei DSL, Hong P, Yu N (2018) Fog-aided verifiable privacy preserving access control for latency-sensitive data sharing in vehicular cloud computing. IEEE Netw 32(3):7–13
Yang K, Jia X, Ren K, Zhang B (2013) DAC-MACS: effective data access control for multi-authority cloud storage systems. In: 2013 proceedings IEEE INFOCOM, pp 2895–2903
Yao X, Chen Z, Tian Y (2015) A lightweight attribute-based encryption scheme for the internet of things. Future Gener Comput Syst 49:104–112. https://doi.org/10.1016/j.future.2014.10.010
Yeh LY, Chen YC, Huang JL (2011) ABACS: an attribute-based access control system for emergency services over vehicular ad hoc networks. IEEE J Sel Areas Commun 29(3):630–643
Zhang W, Lin D, Zhang H, Chen C, Zhou X (2017) A lightweight anonymous mutual authentication with key agreement protocol on ECC. In: 2017 IEEE Trustcom/BigDataSE/ICESS, pp 170–176
Acknowledgements
This study was funded by the National Key Research and Development Program of China (No. 2016YFB0800402); the National Natural Science Foundation of China (Nos. U1836204, U1705261). The authors wish to thank anonymous reviewers for their valuable comments and suggestions that improved this paper.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Funding
This study was funded by the National Key Research and Development Program of China (No. 2016YFB0800402); the National Natural Science Foundation of China (Nos. U1836204, U1705261)
Conflict of interest
The authors declare that they have no conflict of interest.
Availability of data and material
Not applicable.
Code availability
The code that support the findings of this study are available from the corresponding author, upon reasonable request.
Additional information
Communicated by V. Loia.
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Qin, X., Huang, Y. & Li, X. An ECC-based access control scheme with lightweight decryption and conditional authentication for data sharing in vehicular networks. Soft Comput 24, 18881–18891 (2020). https://doi.org/10.1007/s00500-020-05117-x
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00500-020-05117-x