Mostafa Chegenizadeh; Mohammad Ali; Javad Mohajeri; Mohammad Reza Aref
Abstract
Attribute-based encryption (ABE) is a promising cryptographic mechanism for providing confidentiality and fine-grained access control in the cloud-based area.However, due to high computational overhead, common ABE schemes are not suitable for resource-constrained devices.Additionally, access policies ...
Read More
Attribute-based encryption (ABE) is a promising cryptographic mechanism for providing confidentiality and fine-grained access control in the cloud-based area.However, due to high computational overhead, common ABE schemes are not suitable for resource-constrained devices.Additionally, access policies should be able to be updated efficiently by data owners, and in some circumstances, hidden access policies are necessary to preserve the privacy of clients and data.In this paper, we propose a ciphertext-policy attribute-based access control scheme that, for the first time, simultaneously provides online/offline encryption, hidden access policy, and access policy update.In our scheme, resource-constrained devices are equipped with online/offline encryption reducing the encryption overhead significantly.Furthermore, attributes of access policies are hidden such that the attribute sets satisfying an access policy cannot be guessed by other parties.Moreover, data owners can update their defined access policies while outsourcing a major part of the updating process to the cloud service provider.In particular, we introduce blind access policies that enable the cloud service provider to update the data owners' access policies without receiving a new re-encryption key.Besides, our scheme supports fast decryption such that the decryption algorithm consists of a constant number of bilinear pairing operations.The proposed scheme is proven to be secure in the random oracle model and under the hardness of Decisional Bilinear Diffie–Hellman (DBDH) and Decision Linear (D-Linear) assumptions.Also, performance analysis results demonstrate that the proposed scheme is efficient and practical.
Mohamadreza Amani; Javad Mohajeri; Mahmoud Salmasizadeh
Abstract
Vehicular Ad-hoc Networks (VANETs) have emerged as part of Intelligent Transportation Systems (ITS), offering the potential to enhance passenger and driver safety, as well as driving conditions. However, VANETs face significant security challenges and various attacks due to their wireless nature and ...
Read More
Vehicular Ad-hoc Networks (VANETs) have emerged as part of Intelligent Transportation Systems (ITS), offering the potential to enhance passenger and driver safety, as well as driving conditions. However, VANETs face significant security challenges and various attacks due to their wireless nature and operation in free space. Mutual authentication between vehicles and RSUs is one of the most, if not the most, critical security requirements in VANETs. In this process, maintaining resource authenticity, data authenticity and preserving users' privacy, are key concerns.This paper proposes a pseudonym-based authentication scheme for VANETs, built upon existing approaches. The proposed scheme not only ensures the aforementioned security requirements but also meets critical security requirements for the mentioned process in VANETs, such as non-reputation, unlinkability, and unforgeability. Furthermore, the suggested scheme effectively detects and mitigates the Sybil attack in mutual authentication between vehicles and RSU, a well-known and common threat. By comparing the efficiency and security characteristics of the proposed scheme with other existing approaches, it becomes evident that the suggested scheme surpasses previously proposed methods.