REEDS: An Efficient Revocable End-to-End Encrypted Message Distribution System for IoT
Pages 4526 - 4542
Abstract
To address the confidentiality concerns of malicious adversaries that fully compromise the message broker in pub/sub based IoT systems, several researchers use proxy re-encryption (PRE) to realize end-to-end encrypted message distribution (from publisher to subscriber). However, the all-or-nothing share feature of PRE poses a problem that the share cannot be efficiently revoked. The only way for publishers to revoke the access rights of subscribers is to pick a new public-private key pair and re-generate the re-encryption keys for all the remaining subscribers, which hampers the scalability in practice. To realize efficient user revocation, we present REEDS, an efficient revocable end-to-end encrypted message distribution system for IoT. The core of REEDS is a novel proxy-aided identity-based conditional proxy re-encryption (PIB-CPRE) scheme. Essentially, we use a binary-tree structure to organize re-encryption keys, so that the update of re-encryption keys is reduced from linear to logarithmic in the number of subscribers. We show that REEDS satisfies confidentiality, efficient immediate revocation, decentralized authorization, and maintains low overhead for publishers and subscribers. The prototype system is implemented and its performance is evaluated. The results show that REEDS is not only easy to deploy over existing message brokers but also highly efficient.
References
[1]
W. Zhou et al., “Discovering and understanding the security hazards in the interactions between IoT devices, mobile apps, and clouds on smart home platforms,” in Proc. 28th USENIX Secur. Symp., Santa Clara, CA, USA, 2019, pp. 1133–1150.
[2]
J. Wilson, R. S. Wahby, H. Corrigan-Gibbs, D. Boneh, P. Levis, and K. Winstein, “Trust but verify: Auditing the secure internet of things,” in Proc. 15th Annu. Int. Conf. Mobile Syst. Appl. Serv., Niagara Falls, NY, USA, 2017, pp. 464–474.
[3]
E. Rescorla, “The transport layer security (TLS) protocol version 1.3,” Internet Engineering Task Force (IETF) Std., Aug. 2018. [Online]. Available: https://www.rfc-editor.org/rfc/rfc8446.txt
[4]
M. Henze et al., “Complying with data handling requirements in cloud storage systems,” 2018,.
[5]
M. S. Ali, M. Vecchio, M. Pincheira, K. Dolui, F. Antonelli, and M. H. Rehmani, “Applications of blockchains in the internet of things: A comprehensive survey,” IEEE Commun. Surv. Tut., vol. 21, no. 2, pp. 1676–1717, Second Quarter 2019.
[6]
F. Maggi, R. Vosseler, and D. Quarta, “The fragility of industrial IoT's data backbone: Security and privacy issues in mqtt and coap protocols,” Trend Micro Research, Jul. 2018. [Online]. Available: https://documents.trendmicro.com/assets/white_papers/wp-the-fragility-of-industrial-IoTs-data-backbone.pdf?v1
[7]
N. Huq, R. Vosseler, and M. Swimmer, “Cyberattacks against intelligent transportation systems,” Trend Micro Forward-Looking Threat Research (FTR) Team, Jul. 2017. [Online]. Available: https://documents.trendmicro.com/assets/white_papers/wp-cyberattacks-against-intelligent-transportation-systems.pdf
[8]
M. A. Jan, W. Zhang, M. Usman, Z. Tan, F. Khan, and E. Luo, “SmartEdge: An end-to-end encryption framework for an edge-enabled smart city application,” J. Netw. Comput. Appl., vol. 137, pp. 1–10, 2019.
[9]
M. Amoretti, R. Pecori, Y. Protskaya, L. Veltri, and F. Zanichelli, “A scalable and secure publish/subscribe-based framework for industrial IoT,” IEEE Trans. Ind. Inform., vol. 17, no. 6, pp. 3815–3825, Jun. 2021.
[10]
Y. Jia et al., “Burglars’ IoT paradise: Understanding and mitigating security risks of general messaging protocols on IoT clouds,” in Proc. IEEE Symp. Secur. Privacy, San Francisco, CA, USA, 2020, pp. 465–481.
[11]
C. Borcea, A. D. Gupta, Y. Polyakov, K. Rohloff, and G. W. Ryan, “PICADOR: End-to-end encrypted publish-subscribe information distribution with proxy re-encryption,” Future Gener. Comput. Syst., vol. 71, pp. 177–191, 2017.
[12]
Y. Polyakov, K. Rohloff, G. Sahu, and V. Vaikuntanathan, “Fast proxy re-encryption for publish/subscribe systems,” ACM Trans. Priv. Secur., vol. 20, no. 4, pp. 14:1–14:31, 2017.
[13]
H. Shafagh, A. Hithnawi, L. Burkhalter, P. Fischli, and S. Duquennoy, “Secure sharing of partially homomorphic encrypted IoT data,” in Proc. 15th ACM Conf. Embedded Netw. Sensor Syst., Delft, Netherlands, 2017, pp. 29:1–29:14.
[14]
J. Weng, R. H. Deng, X. Ding, C. Chu, and J. Lai, “Conditional proxy re-encryption secure against chosen-ciphertext attack,” in Proc. ACM Symp. Inf. Comput. Commun. Secur., Sydney, Australia, 2009, pp. 322–332.
[15]
K. Liang, W. Susilo, J. K. Liu, and D. S. Wong, “Efficient and fully CCA secure conditional proxy re-encryption from hierarchical identity-based encryption,” Comput. J., vol. 58, no. 10, pp. 2778–2792, 2015.
[16]
H. Xiong, Y. Wang, W. Li, and C. Chen, “Flexible, efficient, and secure access delegation in cloud computing,” ACM Trans. Manag. Inf. Syst., vol. 10, no. 1, pp. 2:1–2:20, 2019.
[17]
C. Chu, J. Weng, S. S. M. Chow, J. Zhou, and R. H. Deng, “Conditional proxy broadcast re-encryption,” in Proc. 14th Australas. Conf. Inf. Secur. Privacy, Brisbane, Australia, 2009, pp. 327–342.
[18]
P. Xu, T. Jiao, Q. Wu, W. Wang, and H. Jin, “Conditional identity-based broadcast proxy re-encryption and its application to cloud email,” IEEE Trans. Comput., vol. 65, no. 1, pp. 66–79, Jan. 2016.
[19]
M. Sun, C. Ge, L. Fang, and J. Wang, “A proxy broadcast re-encryption for cloud data sharing,” Multim. Tools Appl., vol. 77, no. 9, pp. 10 455–10 469, 2018.
[20]
C. Ge, Z. Liu, J. Xia, and L. Fang, “Revocable identity-based broadcast proxy re-encryption for data sharing in clouds,” IEEE Trans. Dependable Secur. Comput., vol. 18, no. 3, pp. 1214–1226, May/Jun. 2021.
[21]
C. Delerablée, “Identity-based broadcast encryption with constant size ciphertexts and private keys,” in Proc. 13th Int. Conf. Theory Application Cryptol. Inf. Secur. Adv. Cryptol., Kuching, Malaysia, 2007, pp. 200–215.
[22]
D. Boneh, C. Gentry, and B. Waters, “Collusion resistant broadcast encryption with short ciphertexts and private keys,” in Proc. 25th Annu. Int. Cryptol. Conf., Santa Barbara, CA, USA, 2005, pp. 258–275.
[23]
A. Boldyreva, V. Goyal, and V. Kumar, “Identity-based encryption with efficient revocation,” in Proc. ACM Conf. Comput. Commun. Secur., Alexandria, Virginia, USA, 2008, pp. 417–426.
[24]
B. Qin, R. H. Deng, Y. Li, and S. Liu, “Server-aided revocable identity-based encryption,” in Proc. 20th Eur. Symp. Res. Comput. Secur., Vienna, Austria, 2015, pp. 286–304.
[25]
A. Shamir, “Identity-based cryptosystems and signature schemes,” in Proc. Workshop Theory Appl. Cryptographic Techn., Santa Barbara, CA, USA, 1984, pp. 47–53.
[26]
D. Boneh and M. K. Franklin, “Identity-based encryption from the weil pairing,” in Proc. 21st Annu. Int. Cryptol. Conf., Santa Barbara, CA, USA, 2001, pp. 213–229.
[27]
B. Waters, “Efficient identity-based encryption without random oracles,” in Proc. 24th Annu. Int. Conf. Theory Appl. Cryptographic Techn., Aarhus, Denmark, 2005, pp. 114–127.
[28]
B. Blanchet, “Automatic verification of correspondences for security protocols,” J. Comput. Secur., vol. 17, no. 4, pp. 363–434, 2009.
[29]
P. Tedeschi, S. Bakiras, and R. D. Pietro, “SpreadMeNot: A provably secure and privacy-preserving contact tracing protocol,” IEEE Trans. Dependable Secur. Comput., vol. 20, no. 3, pp. 2500–2515, 2023.
[30]
C. Li, R. Chen, Y. Wang, Q. Xing, and B. Wang, “Formal verification code of reeds,” Aug. 2023. [Online]. Available: https://github.com/Licuimiss/ReedsProverif
[31]
HiveMQ, “HiveMQ documentation v4.7,” Aug. 2021. [Online]. Available: https://www.hivemq.com/docs/hivemq/4.7/
[32]
EMQ, “EMQX broker docs v4.3,” Sep. 2021. [Online]. Available: https://docs.emqx.io/en/broker/v4.3/
[33]
E. Foundation, “Eclipse paho java client,” Aug. 2021. [Online]. Available: https://www.eclipse.org/paho/index.php?page=clients/java/index.php
[34]
A. D. Caro and V. Iovino, “JPBC: Java pairing based cryptography,” in Proc. 16th IEEE Symp. Comput. Commun., 2011, pp. 850–855.
[35]
HiveMQ, “Hivemq-community-edition,” Aug. 2021. [Online]. Available: https://github.com/hivemq/hivemq-community-edition/
[36]
HiveMQSDK, “HiveMQ extension SDK 4.7.1 API,” Sep. 2021. [Online]. Available: https://www.hivemq.com/docs/hivemq/4.7/extensions-javadoc/index.html
[37]
S. Kumar, Y. Hu, M. P. Andersen, R. A. Popa, and D. E. Culler, “JEDI: Many-to-many end-to-end encryption and key delegation for IoT,” in Proc. 28th USENIX Secur. Symp., Santa Clara, CA, USA, 2019, pp. 1519–1536.
[38]
M. Abdalla, E. Kiltz, and G. Neven, “Generalized key delegation for hierarchical identity-based encryption,” in Proc. 12th Eur. Symp. Res. Comput. Secur., Dresden, Germany, 2007, pp. 139–154.
[39]
D. Naor, M. Naor, and J. Lotspiech, “Revocation and tracing schemes for stateless receivers,” in Proc. 21st Annu. Int. Cryptol. Conf., Santa Barbara, CA, USA, 2001, pp. 41–62.
[40]
W. Aiello, S. Lodha, and R. Ostrovsky, “Fast digital identity revocation (extended abstract),” in Proc. 18th Annu. Int. Cryptol. Conf., Santa Barbara, CA, USA, 1998, pp. 137–152.
[41]
M. Dahlmanns, J. Pennekamp, I. B. Fink, B. Schoolmann, K. Wehrle, and M. Henze, “Transparent end-to-end security for publish/subscribe communication in cyber-physical systems,” in Proc. ACM Workshop Secure Trustworthy Cyber-Phys. Syst., 2021, pp. 78–87.
[42]
S. Belguith, S. Cui, M. R. Asghar, and G. Russello, “Secure publish and subscribe systems with efficient revocation,” in Proc. 33rd Annu. ACM Symp. Appl. Comput., Pau, France, 2018, pp. 388–394.
[43]
C. Segarra, R. Delgado-Gonzalo, and V. Schiavoni, “MQT-TZ: Secure MQTT broker for biomedical signal processing on the edge,” in Proc. Med. Inform. Europe Conf., Geneva, Switzerland, 2020, pp. 332–336.
[44]
F. Wang, J. Mickens, N. Zeldovich, and V. Vaikuntanathan, “Sieve: Cryptographically enforced access control for user data in untrusted clouds,” in Proc. 13th USENIX Symp. Networked Syst. Des. Implementation, Santa Clara, CA, USA, 2016, pp. 611–626. [Online]. Available: https://www.usenix.org/conference/nsdi16/technical-sessions/presentation/wang-frank
[45]
A. B. Lewko, A. Sahai, and B. Waters, “Revocation systems with very small private keys,” in Proc. 31st IEEE Symp. Secur. Privacy, Berleley/Oakland, CA, USA, 2010, pp. 273–285.
[46]
F. D. Santis, A. Schauer, and G. Sigl, “ChaCha20-poly1305 authenticated encryption for high-speed embedded IoT applications,” in Proc. Des., Automat. Test Europe Conf. Exhib., 2017, pp. 692–697.
[47]
A. Manzoor, A. Braeken, S. S. Kanhere, M. Ylianttila, and M. Liyanage, “Proxy re-encryption enabled secure and anonymous IoT data sharing platform based on blockchain,” J. Netw. Comput. Appl., vol. 176, 2021, Art. no.
[48]
K. O. O. Agyekum, Q. Xia, E. B. Sifah, C. N. A. Cobblah, H. Xia, and J. Gao, “A proxy re-encryption approach to secure data sharing in the Internet of Things based on blockchain,” IEEE Syst. J., vol. 16, no. 1, pp. 1685–1696, 2022.
[49]
J. Son, D. Kim, R. Hussain, and H. Oh, “Conditional proxy re-encryption for secure big data group sharing in cloud environment,” in Proc. IEEE INFOCOM Workshops, Toronto, ON, Canada, 2014, pp. 541–546.
[50]
Q. Huang, Y. Yang, and J. Fu, “PRECISE: Identity-based private data sharing with conditional proxy re-encryption in online social networks,” Future Gener. Comput. Syst., vol. 86, pp. 1523–1533, 2018.
[51]
S. Yu, C. Wang, K. Ren, and W. Lou, “Achieving secure, scalable, and fine-grained data access control in cloud computing,” in Proc. 29th IEEE Int. Conf. Comput. Commun., Joint Conf. IEEE Comput. Commun. Societies, San Diego, CA, USA, 2010, pp. 534–542.
[52]
M. T. Goodrich, J. Z. Sun, and R. Tamassia, “Efficient tree-based revocation in groups of low-state devices,” in Proc. 24th Annu. Int. Cryptol. Conf., Santa Barbara, CA, USA, 2004, pp. 511–527.
[53]
D. Halevy and A. Shamir, “The LSD broadcast encryption scheme,” in Proc. 22nd Annu. Int. Cryptol. Conf., Santa Barbara, CA, USA, 2002, pp. 47–60.
Index Terms
- REEDS: An Efficient Revocable End-to-End Encrypted Message Distribution System for IoT
Index terms have been assigned to the content through auto-classification.
Recommendations
Efficient Revocable ID-Based Encryption with a Public Channel
Over the last few years, identity (ID)-based encryption (IBE) without requiring certificate management offers a practical alternative to public key encryption. However, how to revoke misbehaving/compromised identities in ID-based public key setting ...
Efficient certificate-based verifiable encrypted signature scheme
Certificate-based public key cryptographic is a novel cryptographic primitive solving the heavy management problem in the conventional public key cryptographic. Verifiable encrypted signature is useful for many cryptographic protocols and often is used ...
Efficient revocable certificateless encryption against decryption key exposure
Certificateless public key cryptosystem (CLPKC) improves the identity based public key cryptosystem to be key‐escrow free. Many research works on CLPKC have been presented so far. However, the revocation problem in CLPKC still lacks effective solutions. ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
1545-5971 © 2024 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See https://www.ieee.org/publications/rights/index.html for more information.
Publisher
IEEE Computer Society Press
Washington, DC, United States
Publication History
Published: 01 September 2024
Qualifiers
- Research-article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 05 Mar 2025