TY - JOUR
T1 - Attribute-Based Private Data Sharing with Script-Driven Programmable Ciphertext and Decentralized Key Management in Blockchain Internet of Things
AU - Yin, Hongjian
AU - Chen, E.
AU - Zhu, Yan
AU - Zhao, Chengwei
AU - Feng, Rongquan
AU - Yau, Stephen S.
N1 - Funding Information:
This work was supported in part by the National Key Technologies Research and Development Programs of China under Grant 2018YFB1402702, and in part by the National Natural Science Foundation of China under Grant 61972032.
Publisher Copyright:
© 2014 IEEE.
PY - 2022/7/1
Y1 - 2022/7/1
N2 - In this article, we address the problem of secure sensitive data sharing for the specified recipients in Blockchain Internet of Things (BIoT). To do it, we present a cryptographic solution to meet the requirements of decentralization and convenience through key management and programmable ciphertext. First, we design a new ciphertext-policy decentralized-key attribute-based encryption (CP-DK-ABE) scheme. After the master secret key is shared into all full nodes in the form of threshold secret sharing, a decentralized multiparty computation protocol is used to generate the user's private key in an interactive way. Meanwhile, the attribute subkeys associated with the private key can be reconstructed by obtaining a fragment from each of full nodes, so as to achieve the cooperative management of attribute key through all of full nodes. Furthermore, following the blockchain's script system, we introduce five new opcodes to represent ciphertext in the programmable format. Such a mechanism provides flexible capability to represent the logical relationship of the access control policy among attribute subciphers in the CP-DK-ABE ciphertext by the scripting language. As a result, the processes of encryption and decryption are implemented entirely by the script interpreter on the blockchain node, thereby greatly improving the convenience of programming in BIoT devices. In addition, we prove that the proposed CP-DK-ABE scheme is key private and semantically secure for a limited number of corrupted full nodes under the decisional linear and bilinear Diffie-Hellman assumption, respectively.
AB - In this article, we address the problem of secure sensitive data sharing for the specified recipients in Blockchain Internet of Things (BIoT). To do it, we present a cryptographic solution to meet the requirements of decentralization and convenience through key management and programmable ciphertext. First, we design a new ciphertext-policy decentralized-key attribute-based encryption (CP-DK-ABE) scheme. After the master secret key is shared into all full nodes in the form of threshold secret sharing, a decentralized multiparty computation protocol is used to generate the user's private key in an interactive way. Meanwhile, the attribute subkeys associated with the private key can be reconstructed by obtaining a fragment from each of full nodes, so as to achieve the cooperative management of attribute key through all of full nodes. Furthermore, following the blockchain's script system, we introduce five new opcodes to represent ciphertext in the programmable format. Such a mechanism provides flexible capability to represent the logical relationship of the access control policy among attribute subciphers in the CP-DK-ABE ciphertext by the scripting language. As a result, the processes of encryption and decryption are implemented entirely by the script interpreter on the blockchain node, thereby greatly improving the convenience of programming in BIoT devices. In addition, we prove that the proposed CP-DK-ABE scheme is key private and semantically secure for a limited number of corrupted full nodes under the decisional linear and bilinear Diffie-Hellman assumption, respectively.
KW - Attribute-based encryption (ABE)
KW - Blockchain Internet of Things (BIoT)
KW - decentralized key
KW - programmable ciphertext
KW - script system
UR - http://www.scopus.com/inward/record.url?scp=85118540385&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85118540385&partnerID=8YFLogxK
U2 - 10.1109/JIOT.2021.3124016
DO - 10.1109/JIOT.2021.3124016
M3 - Article
AN - SCOPUS:85118540385
SN - 2327-4662
VL - 9
SP - 10625
EP - 10639
JO - IEEE Internet of Things Journal
JF - IEEE Internet of Things Journal
IS - 13
ER -