Abstract
With the rapid advancements of Internet of Things (IoT) technologies, wearable devices assisted cloud-based smart health (s-health) has become the promising solution to improve the quality and convenience of healthcare. However, the privacy preserving and data security has not been perfectly addressed. In past few years, ciphertext-policy attribute-based encryption (CP-ABE) proposed as a flexible and powerful cryptographic primitive to realize one-to-many encryption and fine-grained access control has been regarded as a promising solution to the security problem in cloud. But in traditional CP-ABE, the attribute values in access policy are presented in cleartext. This will easily divulge the privacy of the data owners (patients). So in this paper, we propose a efficient partially policy-hidden CP-ABE scheme (PPH-CP-ABE), which can effectively hide the attribute values in ciphertext to protect the sensitive information in access policy. Our access policy in our PPH-CP-ABE scheme can supports both AND and OR gates which is based on the Linear Secret Sharing Scheme (LSSS). And our PPH-CP-ABE scheme is more efficient and lightweight than the other CP-ABE schemes with hidden policies. Furthermore, we give a rigorous security proof and analysis to state that our scheme is selectively indistinguishable secure under chosen plaintext attacks (selectively IND-CPA secure) and resistant to the off-line dictionary attacks. Through comparison with the state-of-art schemes from the perspective of functionality and efficiency, it is easily to observe that our scheme is more practical, secure and efficient in the real s-health scenarios.
This work was supported in part by NSFC with No. 61520106007, the Natural Science Foundation of China under Grant U1936101 and the 13th Five-Year Plan of National Cryptography Development Fund for Cryptographic Theory of China under Grant MMJJ20170204.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
A Vouk, M.: Cloud computing-issues, research and implementations. J. Comput. Inf. Technol. 16(4), 235–246 (2008)
Armbrust, M., et al.: A view of cloud computing. Commun. ACM 53(4), 50–58 (2010)
Beimel, A.: Secure schemes for secret sharing and key distribution. Technion-Israel Institute of technology, Faculty of computer science (1996)
Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: 2007 IEEE Symposium on Security and Privacy (SP 2007), pp. 321–334. IEEE (2007)
Chen, C.M., Huang, Y., Wang, K.H., Kumari, S., Wu, M.E.: A secure authenticated and key exchange scheme for fog computing. Enterprise Inf. Syst. 1–16 (2020)
Cui, H., Deng, R.H., Wu, G., Lai, J.: An efficient and expressive ciphertext-policy attribute-based encryption scheme with partially hidden access structures. In: Chen, L., Han, J. (eds.) ProvSec 2016. LNCS, vol. 10005, pp. 19–38. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-47422-9_2
Hao, J., Huang, C., Ni, J., Rong, H., Xian, M., Shen, X.S.: Fine-grained data access control with attribute-hiding policy for cloud-based IoT. Comput. Netw. 153, 1–10 (2019)
Katz, J., Sahai, A., Waters, B.: Predicate encryption supporting disjunctions, polynomial equations, and inner products. In: Smart, N. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 146–162. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78967-3_9
Kumari, S., Chaudhary, P., Chen, C.M., Khan, M.K.: Questioning key compromise attack on Ostad-Sharif et al’.s authentication and session key generation scheme for healthcare applications. IEEE Access 7, 39717–39720 (2019)
Lai, J., Deng, R.H., Li, Y.: Expressive CP-ABE with partially hidden access structures. In: 7th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2012, pp. 18–19 (2012)
Lewko, A., Okamoto, T., Sahai, A., Takashima, K., Waters, B.: Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 62–91. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13190-5_4
Lewko, A., Waters, B.: Decentralizing attribute-based encryption. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 568–588. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-20465-4_31
Li, J., Ren, K., Zhu, B., Wan, Z.: Privacy-aware attribute-based encryption with user accountability. In: Samarati, P., Yung, M., Martinelli, F., Ardagna, C.A. (eds.) ISC 2009. LNCS, vol. 5735, pp. 347–362. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04474-8_28
Lynn, B., et al.: The pairing-based cryptography library. Internet: crypto. stanford. edu/pbc/[Mar. 27, 2013] (2006)
Mei, Q., Xiong, H., Chen, J., Yang, M., Kumari, S., Khan, M.K.: Efficient certificateless aggregate signature with conditional privacy preservation in IoV. IEEE Syst. J. (2020)
Miorandi, D., Sicari, S., De Pellegrini, F., Chlamtac, I.: Internet of things: vision, applications and research challenges. Ad Hoc Netw. 10(7), 1497–1516 (2012)
Mishra, D., Gunasekaran, A., Childe, S.J., Papadopoulos, T., Dubey, R., Wamba, S.: Vision, applications and future challenges of internet of things. Ind. Manag. Data Syst. 116(7), 1331–1355 (2016)
Nishide, T., Yoneyama, K., Ohta, K.: Attribute-based encryption with partially hidden encryptor-specified access structures. In: Bellovin, S.M., Gennaro, R., Keromytis, A., Yung, M. (eds.) ACNS 2008. LNCS, vol. 5037, pp. 111–129. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-68914-0_7
Phuong, T.V.X., Yang, G., Susilo, W.: Hidden ciphertext policy attribute-based encryption under standard assumptions. IEEE Trans. Inf. Forensics Secur. 11(1), 35–45 (2015)
Ramu, G.: A secure cloud framework to share EHRs using modified CP-ABE and the attribute bloom filter. Educ. Inf. Technol. 23(5), 2213–2233 (2018)
Rittinghouse, J.W., Ransome, J.F.: Cloud Computing: Implementation, Management, and Security. CRC Press (2016)
Rouselakis, Y., Waters, B.: New constructions and proof methods for large universe attribute-based encryption. IACR Cryptology EPrint Archive 2012, 583 (2012)
Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques. pp. 457–473. Springer (2005)
Solanas, A., et al.: Smart health: a context-aware health paradigm within smart cities. IEEE Commun. Mag. 52(8), 74–81 (2014)
Wang, E.K., Liang, Z., Chen, C.M., Kumari, S., Khan, M.K.: PoRX: A reputation incentive scheme for blockchain consensus of IIoT. Futur. Gener. Comput. Syst. 102, 140–151 (2020)
Wang, K.H., Chen, C.M., Fang, W., Wu, T.Y.: On the security of a new ultra-lightweight authentication protocol in IoT environment for RFID tags. J. Supercomput. 74(1), 65–70 (2018)
Waters, B.: Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 53–70. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19379-8_4
Wu, A., Zhang, Y., Zheng, X., Guo, R., Zhao, Q., Zheng, D.: Efficient and privacy-preserving traceable attribute-based encryption in blockchain. Ann. Telecommun. 74(7–8), 401–411 (2019)
Wu, T.Y., Chen, C.M., Wang, K.H., Meng, C., Wang, E.K.: A provably secure certificateless public key encryption with keyword search. J. Chin. Inst. Eng. 42(1), 20–28 (2019)
Wu, T.Y., Lee, Z., Obaidat, M.S., Kumari, S., Kumar, S., Chen, C.M.: An authenticated key exchange protocol for multi-server architecture in 5G networks. IEEE Access 8, 28096–28108 (2020)
Xiong, H., Bao, Y., Nie, X., Asoor, Y.I.: Server-aided attribute-based signature supporting expressive access structures for industrial internet of things. IEEE Trans. Industr. Inf. 16(2), 1013–1023 (2019)
Xiong, H., Kang, Z., Chen, J., Tao, J., Yuan, C., Kumari, S.: A novel multiserver authentication scheme using proxy resignature with scalability and strong user anonymity. IEEE Systems Journal (2020)
Xiong, H., Wu, Y., Jin, C., Kumari, S.: Efficient and privacy-preserving authentication protocol for heterogeneous systems in IIoT. IEEE Internet Things J. (2020)
Xiong, H., et al.: Heterogeneous signcryption with equality test for IIoT environment. IEEE Internet Things J. (2020)
Xiong, H., Zhao, Y., Peng, L., Zhang, H., Yeh, K.H.: Partially policy-hidden attribute-based broadcast encryption with secure delegation in edge computing. Futur. Gener. Comput. Syst. 97, 453–461 (2019)
Yang, K., Han, Q., Li, H., Zheng, K., Su, Z., Shen, X.: An efficient and fine-grained big data access control scheme with privacy-preserving policy. IEEE Internet Things J. 4(2), 563–571 (2016)
Zhang, Y., Chen, X., Li, J., Wong, D.S., Li, H.: Anonymous attribute-based encryption supporting efficient decryption test. In: Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, pp. 511–516 (2013)
Zhang, Y., Zheng, D., Deng, R.H.: Security and privacy in smart health: efficient policy-hiding attribute-based access control. IEEE Internet Things J. 5(3), 2130–2145 (2018)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Zhang, Z., Zhang, W., Zhuang, H., Sun, Y., Qin, Z. (2021). Efficient Partially Policy-Hidden CP-ABE for IoT Assisted Smart Health. In: Sun, X., Zhang, X., Xia, Z., Bertino, E. (eds) Advances in Artificial Intelligence and Security. ICAIS 2021. Communications in Computer and Information Science, vol 1424. Springer, Cham. https://doi.org/10.1007/978-3-030-78621-2_52
Download citation
DOI: https://doi.org/10.1007/978-3-030-78621-2_52
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-78620-5
Online ISBN: 978-3-030-78621-2
eBook Packages: Computer ScienceComputer Science (R0)