Attribute-Based Encryption with dynamic attribute feature applied in Vehicular Ad Hoc Networks / Attributbaserad kryptering med dynamisk attributfunktion tillämpad i fordonsbaserade ad hoc-nätverk

Huang, Zijian

January 2022

The Vehicular Ad Hoc Network (VANET) is a promising approach for future Intelligent Transportation Systems (ITS) implementation. The data transmission is wireless primarily in the VANET system. The secure data transmission in VANET attracts research attention without any doubt. The Ciphertext-Policy Attribute-Based Encryption (CP-ABE) provides an encrypted access control mechanism for broadcasting messages in VANET. The user’s attributes stand for its current property. However, if we apply vehicle location as the attribute, this attribute has to keep up-to-date with the vehicle’s movement. It is not easy for current CP-ABE algorithms because whenever one attribute changes, the entire private key, which is based on all the attributes, must be changed. In this thesis, we apply fading function to realize the “dynamic attribute” feature in CP-ABE. The dynamic attribute allows the user to update each attribute separately, and fading function gives each attribute a valid period. We introduce the dynamic attribute feature to three different CP-ABE algorithms. Then we design a VANET system that applies the CP-ABE with dynamic attribute feature. We evaluate the processing time of three different CP-ABE algorithms. We apply two different pairing curves for different security requirements. Our results show that the introduction of fading function does not cause significant extra time cost to current CP-ABE algorithms. The fading function causes extra 0.2ms on average for each attribute that participates in encryption and decryption. The sum-up time for encryption and decryption is between 100ms to 200ms when there are ten attributes participating in encryption and decryption. / VANET är ett lovande tillvägagångssätt för framtida genomförande av ITS. Dataöverföringen är i första hand trådlös i VANET-systemet. Den säkra dataöverföringen i VANET är utan tvekan föremål för forskningens uppmärksamhet. CP-ABE ger en krypterad åtkomstkontrollmekanism för sändning av meddelanden i VANET. Användarens attribut står för dennes aktuella egenskaper. Men om vi använder fordonets position som attribut måste detta attribut hålla sig uppdaterat med fordonets rörelse. Det är inte lätt för de nuvarande CP-ABE-algoritmerna eftersom hela den privata nyckeln, som är baserad på alla attribut, måste ändras när ett attribut ändras. I den här avhandlingen tillämpar vi fading-funktionen för att realisera funktionen ”dynamiskt attribut” i CP-ABE. Det dynamiska attributet gör det möjligt för användaren att uppdatera varje attribut separat, och fading-funktionen ger varje attribut en giltighetstid. Vi inför den dynamiska attributfunktionen i tre olika CP-ABE-algoritmer. Därefter utformar vi ett VANET-system som tillämpar CP-ABE med dynamisk attributfunktion. Vi utvärderar tidsåtgången för tre olika CP-ABE-algoritmer. Vi tillämpar två olika parningskurvor för olika säkerhetskrav. Våra resultat visar att införandet av fading-funktionen inte orsakar någon betydande tidsåtgång för de nuvarande CP-ABE-algoritmerna. Fading-funktionen orsakar i genomsnitt 0,2 ms extra för varje attribut som deltar i kryptering och dekryptering. Den sammanlagda tiden för kryptering och dekryptering är mellan 100 och 200 ms när tio attribut deltar i kryptering och dekryptering.

Dynamic Attributes

Network Security

Vehicular Ad Hoc Networks

dynamiska attribut

nätverkssäkerhet

fordonsbaserade ad hoc-nätverk

Computer and Information Sciences

Data- och informationsvetenskap

Attribute-based encryption : robust and efficient constructions

Rouselakis, Ioannis

26 September 2013

Attribute-based encryption is a promising cryptographic primitive that allows users to encrypt data according to specific policies on the credentials of the recipients. For example, a user might want to store data in a public server such that only subscribers with credentials of specific forms are allowed to access them. Encrypting the data once for each party is not only impractical but also raises important privacy issues. Therefore, it would be beneficial to be able to encrypt only once for all desired parties. This is achievable by attribute-based encryption schemes, which come into several types and are applicable to a wide range of settings. Several attribute-based encryption schemes have been proposed and studied with a wide range of characteristics. For example, initial constructions proved to be significantly more challenging than constructing traditional public-key encryption systems and they imposed restrictions on the expressiveness of the Boolean formulas used during encryption. For several proposed schemes the total number of attributes was fixed during setup, while others allowed any string to be used as attribute ("large universe" constructions), but with considerable weaker security guarantees. Furthermore, these first constructions, although polynomial time, were impractical for wide deployment. This thesis is motivated by two main goals for ABE schemes: robustness and efficiency. For robustness, we propose a novel construction that achieves strong security guarantees and at the same time augments the capabilities of previous schemes. More specifically, we adapt existing techniques to achieve leakage-resilient ABE schemes with augmented robustness features making no compromises on security. For the second direction, our goal is to create practical schemes with as many features as possible, such as "large universe" and multi-authority settings. We showcase these claims with working implementations, benchmarks, and comparisons to previous constructions. Finally, these constructions lead us to new directions that we propose and intend to investigate further. / text

Cryptography

Public-key encryption

Attribute-based encryption

Large universe

Leakage-resilience

Multi-authority

Ciphertext-policy

Key-policy