Trustworthy Users: Using IOTA and IPFS for Attribute Validation in CP-ABE and dCP-ABE Schemes

IF 7 Q1 ENGINEERING, ELECTRICAL & ELECTRONIC

Smart Cities Pub Date : 2023-03-10 DOI:10.3390/smartcities6020044

Aintzane Mosteiro-Sanchez, Marc Barcelo, Jasone Astorga, A. Urbieta

{"title":"Trustworthy Users: Using IOTA and IPFS for Attribute Validation in CP-ABE and dCP-ABE Schemes","authors":"Aintzane Mosteiro-Sanchez, Marc Barcelo, Jasone Astorga, A. Urbieta","doi":"10.3390/smartcities6020044","DOIUrl":null,"url":null,"abstract":"Attribute spoofing is a major security threat in information exchange solutions based on Ciphertext-Policy Attribute-Based-Encryption (CP-ABE) and distributed CP-ABE (dCP-ABE), which can compromise privacy and security. This threat occurs when an attacker forces the Attribute Authorities to generate keys for attributes they do not possess. This paper analyzes the threat of attribute spoofing and identifies the primary attack vectors, including direct interference with the Attribute Authority and compromise of the shared attribute storage database. The authors propose a solution based on IOTA, a DAG-type DLT, and Interplanetary File System (IPFS) to prevent attribute spoofing. The solution requires distributed attribute storage, validation, and user authentication to counteract the two attack vectors effectively. The proposed solution mitigates the consequences of attribute spoofing, including privilege escalation and reduction, acquisition of private keys, and cutoff of data access. The authors also evaluate their proposal through a value-chain use case and conclude that it effectively mitigates the consequences of attribute spoofing.","PeriodicalId":34482,"journal":{"name":"Smart Cities","volume":" ","pages":""},"PeriodicalIF":7.0000,"publicationDate":"2023-03-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Smart Cities","FirstCategoryId":"1089","ListUrlMain":"https://doi.org/10.3390/smartcities6020044","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENGINEERING, ELECTRICAL & ELECTRONIC","Score":null,"Total":0}

引用次数: 0

Abstract

Attribute spoofing is a major security threat in information exchange solutions based on Ciphertext-Policy Attribute-Based-Encryption (CP-ABE) and distributed CP-ABE (dCP-ABE), which can compromise privacy and security. This threat occurs when an attacker forces the Attribute Authorities to generate keys for attributes they do not possess. This paper analyzes the threat of attribute spoofing and identifies the primary attack vectors, including direct interference with the Attribute Authority and compromise of the shared attribute storage database. The authors propose a solution based on IOTA, a DAG-type DLT, and Interplanetary File System (IPFS) to prevent attribute spoofing. The solution requires distributed attribute storage, validation, and user authentication to counteract the two attack vectors effectively. The proposed solution mitigates the consequences of attribute spoofing, including privilege escalation and reduction, acquisition of private keys, and cutoff of data access. The authors also evaluate their proposal through a value-chain use case and conclude that it effectively mitigates the consequences of attribute spoofing.

查看原文本刊更多论文

可信用户:在CP-ABE和dCP-ABE方案中使用IOTA和IPFS进行属性验证

在基于密文策略属性加密（CP-ABE）和分布式CP-ABE（dCP-ABE）的信息交换解决方案中，属性欺骗是一个主要的安全威胁，它可能会危及隐私和安全。当攻击者强制属性授权机构为其不拥有的属性生成密钥时，就会发生这种威胁。本文分析了属性欺骗的威胁，并确定了主要的攻击向量，包括对属性权威的直接干扰和对共享属性存储数据库的破坏。作者提出了一种基于IOTA、DAG类型的DLT和星际文件系统（IPFS）的解决方案，以防止属性欺骗。该解决方案需要分布式属性存储、验证和用户身份验证，以有效对抗这两种攻击向量。所提出的解决方案减轻了属性欺骗的后果，包括权限提升和减少、私钥获取和数据访问中断。作者还通过价值链用例评估了他们的提案，并得出结论，它有效地减轻了属性欺骗的后果。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Smart Cities Multiple-

CiteScore

11.20

自引率

6.20%

发文量

审稿时长

11 weeks

期刊介绍： Smart Cities (ISSN 2624-6511) provides an advanced forum for the dissemination of information on the science and technology of smart cities, publishing reviews, regular research papers (articles) and communications in all areas of research concerning smart cities. Our aim is to encourage scientists to publish their experimental and theoretical results in as much detail as possible, with no restriction on the maximum length of the papers published so that all experimental results can be reproduced.