CR2-ABE：一种基于区块链的IoMT抗强制和可撤销属性加密

IF 8.9 1区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Internet of Things Journal Pub Date : 2024-12-30 DOI:10.1109/JIOT.2024.3523959

Yuan Zhai;Haochen Yang;Jingyu Yao;Tao Wang;Yanwei Zhou;Feng Zhu;Bo Yang

{"title":"CR2-ABE：一种基于区块链的IoMT抗强制和可撤销属性加密","authors":"Yuan Zhai;Haochen Yang;Jingyu Yao;Tao Wang;Yanwei Zhou;Feng Zhu;Bo Yang","doi":"10.1109/JIOT.2024.3523959","DOIUrl":null,"url":null,"abstract":"The Internet of Medical Things (IoMT) has rapidly developed due to its ability to enhance the efficiency of medical data collection and utilization. Encryption technology is vital for ensuring IoMT data security and privacy. However, existing solutions often fail when secret keys or random numbers are exposed under coercion, undermining their effectiveness and security. Additionally, medical data stored on cloud platforms is vulnerable to risks, such as tampering or loss. To address these challenges, we propose CR2-ABE, a novel encryption scheme specifically designed for the IoMT environment. CR2-ABE combines chameleon hash functions and deniable encryption techniques, enabling medical data owners and recipients to present deceptive messages under coercion, thereby enhancing the coercion resistance of sensitive medical data. Moreover, CR2-ABE employs ciphertext-policy attribute-based encryption (CP-ABE) to facilitate fine-grained access control for medical data, while also leveraging blockchain technology to ensure data integrity and tamper resistance within cloud services. In terms of user management, CR2-ABE implements a policy revocation mechanism that operates directly on ciphertexts using software Guard extensions (SGX). We rigorously prove the correctness and semantic security of CR2-ABE, demonstrating its resilience against coercion attacks. Comprehensive evaluation results show that CR2-ABE exhibits significant performance improvements in key generation, encryption, decryption, and policy revocation compared to other solutions. Therefore, CR2-ABE possesses strong security and scalability.","PeriodicalId":54347,"journal":{"name":"IEEE Internet of Things Journal","volume":"12 9","pages":"13075-13096"},"PeriodicalIF":8.9000,"publicationDate":"2024-12-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"CR²-ABE: A Blockchain-Assisted Coercion-Resistant and Revocable Attribute-Based Encryption for IoMT\",\"authors\":\"Yuan Zhai;Haochen Yang;Jingyu Yao;Tao Wang;Yanwei Zhou;Feng Zhu;Bo Yang\",\"doi\":\"10.1109/JIOT.2024.3523959\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The Internet of Medical Things (IoMT) has rapidly developed due to its ability to enhance the efficiency of medical data collection and utilization. Encryption technology is vital for ensuring IoMT data security and privacy. However, existing solutions often fail when secret keys or random numbers are exposed under coercion, undermining their effectiveness and security. Additionally, medical data stored on cloud platforms is vulnerable to risks, such as tampering or loss. To address these challenges, we propose CR2-ABE, a novel encryption scheme specifically designed for the IoMT environment. CR2-ABE combines chameleon hash functions and deniable encryption techniques, enabling medical data owners and recipients to present deceptive messages under coercion, thereby enhancing the coercion resistance of sensitive medical data. Moreover, CR2-ABE employs ciphertext-policy attribute-based encryption (CP-ABE) to facilitate fine-grained access control for medical data, while also leveraging blockchain technology to ensure data integrity and tamper resistance within cloud services. In terms of user management, CR2-ABE implements a policy revocation mechanism that operates directly on ciphertexts using software Guard extensions (SGX). We rigorously prove the correctness and semantic security of CR2-ABE, demonstrating its resilience against coercion attacks. Comprehensive evaluation results show that CR2-ABE exhibits significant performance improvements in key generation, encryption, decryption, and policy revocation compared to other solutions. Therefore, CR2-ABE possesses strong security and scalability.\",\"PeriodicalId\":54347,\"journal\":{\"name\":\"IEEE Internet of Things Journal\",\"volume\":\"12 9\",\"pages\":\"13075-13096\"},\"PeriodicalIF\":8.9000,\"publicationDate\":\"2024-12-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Internet of Things Journal\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://ieeexplore.ieee.org/document/10818480/\",\"RegionNum\":1,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Internet of Things Journal","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10818480/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

医疗物联网（Internet of Medical Things, IoMT）由于能够提高医疗数据的采集和利用效率而迅速发展。加密技术是确保IoMT数据安全和隐私的关键。然而，当密钥或随机数在强制下暴露时，现有的解决方案往往会失败，从而破坏其有效性和安全性。此外，存储在云平台上的医疗数据容易受到篡改或丢失等风险的影响。为了应对这些挑战，我们提出了CR2-ABE，这是一种专门为IoMT环境设计的新型加密方案。CR2-ABE结合变色龙哈希函数和可否认加密技术，使医疗数据的所有者和接收者能够在强制下呈现欺骗性信息，从而增强敏感医疗数据的抗强制性。此外，CR2-ABE采用基于密文策略属性的加密（CP-ABE）来促进对医疗数据的细粒度访问控制，同时还利用区块链技术来确保云服务中的数据完整性和防篡改性。在用户管理方面，CR2-ABE使用软件Guard扩展（SGX）实现了一种直接对密文进行操作的策略撤销机制。我们严格证明了CR2-ABE的正确性和语义安全性，证明了它对强制攻击的弹性。综合评估结果表明，与其他解决方案相比，CR2-ABE在密钥生成、加密、解密和策略撤销方面表现出显著的性能改进。因此，CR2-ABE具有较强的安全性和可扩展性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

CR²-ABE: A Blockchain-Assisted Coercion-Resistant and Revocable Attribute-Based Encryption for IoMT

The Internet of Medical Things (IoMT) has rapidly developed due to its ability to enhance the efficiency of medical data collection and utilization. Encryption technology is vital for ensuring IoMT data security and privacy. However, existing solutions often fail when secret keys or random numbers are exposed under coercion, undermining their effectiveness and security. Additionally, medical data stored on cloud platforms is vulnerable to risks, such as tampering or loss. To address these challenges, we propose CR2-ABE, a novel encryption scheme specifically designed for the IoMT environment. CR2-ABE combines chameleon hash functions and deniable encryption techniques, enabling medical data owners and recipients to present deceptive messages under coercion, thereby enhancing the coercion resistance of sensitive medical data. Moreover, CR2-ABE employs ciphertext-policy attribute-based encryption (CP-ABE) to facilitate fine-grained access control for medical data, while also leveraging blockchain technology to ensure data integrity and tamper resistance within cloud services. In terms of user management, CR2-ABE implements a policy revocation mechanism that operates directly on ciphertexts using software Guard extensions (SGX). We rigorously prove the correctness and semantic security of CR2-ABE, demonstrating its resilience against coercion attacks. Comprehensive evaluation results show that CR2-ABE exhibits significant performance improvements in key generation, encryption, decryption, and policy revocation compared to other solutions. Therefore, CR2-ABE possesses strong security and scalability.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

IEEE Internet of Things Journal Computer Science-Information Systems

CiteScore

17.60

自引率

13.20%

发文量

1982

期刊介绍： The EEE Internet of Things (IoT) Journal publishes articles and review articles covering various aspects of IoT, including IoT system architecture, IoT enabling technologies, IoT communication and networking protocols such as network coding, and IoT services and applications. Topics encompass IoT's impacts on sensor technologies, big data management, and future internet design for applications like smart cities and smart homes. Fields of interest include IoT architecture such as things-centric, data-centric, service-oriented IoT architecture; IoT enabling technologies and systematic integration such as sensor technologies, big sensor data management, and future Internet design for IoT; IoT services, applications, and test-beds such as IoT service middleware, IoT application programming interface (API), IoT application design, and IoT trials/experiments; IoT standardization activities and technology development in different standard development organizations (SDO) such as IEEE, IETF, ITU, 3GPP, ETSI, etc.