SEA-BREW: A Scalable Attribute-Based Encryption Scheme for Low-Bitrate IoT Wireless Networks

TL;DR

SEA-BREW is a new attribute-based encryption scheme designed for low-bitrate IoT networks, enabling efficient key revocation with minimal broadcast messages, thus improving scalability and security in resource-constrained environments.

Contribution

It introduces a scalable ABE scheme with a single broadcast revocation message, reducing overhead compared to existing solutions, and proves its security even with an untrusted cloud.

Findings

Supports secure key revocation with one broadcast message

Requires constant computational overhead on cloud servers

Proven secure under the bilinear group model

Abstract

Attribute-Based Encryption (ABE) is an emerging cryptographic technique that allows one to embed a fine-grained access control mechanism into encrypted data. In this paper we propose a novel ABE scheme called SEA-BREW (Scalable and Efficient Abe with Broadcast REvocation for Wireless networks), which is suited for Internet of Things (IoT) and Industrial IoT (IIoT) applications. In contrast to state-of-the-art ABE schemes, ours is capable of securely performing key revocations with a single short broadcast message, instead of a number of unicast messages that is linear with the number of nodes. This is desirable for low-bitrate Wireless Sensor and Actuator Networks (WSANs) which often are the heart of (I)IoT systems. In SEA-BREW, sensors, actuators, and users can exchange encrypted data via a cloud server, or directly via wireless if they belong to the same WSAN. We formally prove that our scheme is secure also in case of an untrusted cloud server that colludes with a set of users, under the generic bilinear group model. We show by simulations that our scheme requires a constant computational overhead on the cloud server with respect to the complexity of the access control policies. This is in contrast to state-of-the-art solutions, which require instead a linear computational overhead.