Attribute-based Encryption (ABE)
Description
Enables readers to understand applications of attribute-based encryption schemes in cloud computing with the support of blockchain technology
With a focus on blockchain technology, Attribute-based Encryption (ABE) provides insight into the application of attribute-based encryption (ABE) schemes, discussing types of blockchains, fundamentals of blockchain, and how blockchains are constructed.
Comprised of 16 chapters, the text provides an overview of the components that go into creating a dual ABE system of encryption proofs within the following: composite bilinear groups, dual pairing vector space framework, matrix pairing framework, framework for matrix pairing, and the application of cryptographic scheme on blockchain. The team of authors discuss the basic construction components of ABE and share the security models, including the selective and semi- adaptive security models, applying these to either prime order or composite order groups.
The book also discusses the tools used for converting a composite order ABE scheme to prime order and an adaptive secure ABE scheme based on prime order.
In Attribute-based Encryption (ABE), readers can expect to find information on:
* Mathematical background of ABE, covering group and cyclic group, elliptic curves, curve selection, supersingular curves, ordinary curves, and weil and tate pairing
* Basic construction components of ABE, covering access structure, monotone Boolean formula, linear secret-sharing scheme, and ordered binary decision diagram
* Tools for converting composite order ABE schemes to prime order, covering security assumptions and conversion based on vectors for preliminaries, scheme construction, and security proof technique
* Foundations of blockchain technology, covering blocks, miners, hash functions, and public key cryptography
Attribute-based Encryption (ABE) is an essential resource for professionals working in the field of design and cybersecurity who wish to understand how to use blockchain and the ABE scheme to provide fine-grained access control in outsourced data on third-party cloud servers.
More details
Other editions
Additional editions
Persons
Qi Xia received her PhD in Computer Science from the University of Electronic Science and Technology of China in 2010.
Jianbin Gao received his PhD in Computer Science from the University of Electronic Science and Technology of China in 2012.
Isaac Amankona Obiri received his Master's and PhD in Computer Science and Technology from the University of Electronic Science and Technology of China.
Kwame Omono Asamoah received his Master's and PhD in Computer Science and Technology from the University of Electronic Science and Technology of China.
Daniel Adu Worae is currently pursuing his Master's degree in Computer Science and Technology at the University of Electronic Science and Technology of China.
Content
About the Authors xiii
Preface xv
Acknowledgments xvii
Part I Attribute-Based Encryption (ABE) 1
1 Foundation of Attribute-Based Encryption 3
1.1 Introduction 3
1.1.1 Symmetric Encryption 4
1.1.2 Asymmetric Key Encryption 4
1.1.3 Identity-Based Encryption 5
1.2 Functional Encryption 7
1.2.1 Applications of Attribute-Based Encryption 8
1.2.2 Problems with Attribute-Based Encryption 9
1.2.3 A Brief History of Security Proof of Functional Encryption 9
1.2.4 Dual System of Encryption 10
1.2.5 Summary 11
References 12
2 Mathematical Background 15
2.1 Group Theory 15
2.1.1 Law of Composition 15
2.1.2 Groups 15
2.1.3 Subgroups 16
2.1.4 Homomorphisms 17
2.1.5 Cyclic Group 17
2.2 Ring Theory 20
2.2.1 Ideals and Quotient Rings 21
2.2.2 Euler's Totient Function 22
2.2.3 Polynomial Rings 22
2.2.4 Irreducible and Monic Polynomials 22
2.2.5 Field Theory 23
2.2.5.1 Quotient Field 24
2.2.6 Field Characteristic 24
2.2.7 Algebraic Extension Fields 24
2.3 Elliptic Curves 24
2.3.1 Plane Curve 24
2.3.2 Group Operations on Elliptic Curves 26
2.3.2.1 Point Addition 26
2.3.2.2 Point Doubling 27
2.4 Divisors and Bilinear Map 28
2.4.1 Divisors 28
2.4.2 The degree and Support of d 29
2.4.3 The Divisor of a Function f on E 29
2.4.4 Equivalence of Divisors 30
2.4.5 Bilinear Map 31
2.4.6 Weil Pairing 31
2.4.7 Miller's Algorithm 32
2.4.8 The Tate Pairing 34
2.5 Summary 36
References 36
3 Attribute-Based Encryption 37
3.1 Introduction 37
3.2 Basic Components of ABE Construction 39
3.2.1 Secret-Sharing Schemes 39
3.2.2 Polynomial Interpolation 41
3.2.2.1 Polynomials Over the Reals 41
3.2.2.2 Polynomials Modulus P 44
3.2.3 Shamir Secret Sharing 45
3.2.4 Verifiable Secret Sharing (VSS) 47
3.2.4.1 Algorithm for Converting Access Structure Into LSSS Matrix 47
3.2.4.2 Access Structure Example 48
3.2.4.3 Algorithms in Attribute-Based Encryption 49
3.2.5 Properties of Attribute-Based Encryption 51
3.2.6 Prime Order Group 51
3.3 Cryptographic Hard Assumptions 51
3.3.1 Composite Order Bilinear Groups 54
3.3.2 Complexity Assumptions 55
3.4 Provable Security 56
3.5 Security Notions 57
3.5.1 Summary 57
References 58
4 Data Access Control 61
4.1 Introduction 61
4.1.1 Coarse-Grained 62
4.1.2 Fine-Grained Access Control 63
4.1.3 Importance of Fine-Grained Access Control 64
4.2 Concerns About Cloud-Based Access Control that Are Trustworthy 65
4.2.1 Encryption Access Control 65
4.2.2 Requirements for Encryption-Based Access Control 67
4.3 Summary 67
References 68
5 Selective Secure ABE Schemes Based on Prime Order Group 69
5.1 Introduction 69
5.1.1 Selective Security Model for KP-ABE 70
5.1.2 Selective Security Model for CP-ABE 70
5.1.3 ABE Schemes 71
5.2 The KP-ABE Scheme 71
5.2.1 Concrete Scheme Construction 71
5.2.2 Security Proof 73
5.3 The CP-ABE Scheme 74
5.3.1 Concrete Scheme Construction 74
5.3.2 Security Proof 76
5.4 Summary 77
References 77
6 Fully Secure ABE Schemes Based on Composite and Prime Order Groups 79
6.1 Introduction 79
6.2 A Fully Secure CP-ABE from Composite Order Group 81
6.2.1 CP-ABE Construction 82
6.2.2 Adaptive Security Proof 83
6.2.2.1 Description of Hybrids 83
6.2.3 Security Proof 84
6.3 A Fully Secure KP-ABE Scheme Based on Dual Vector Space 84
6.3.1 KP-ABE Construction 85
6.3.2 Adaptive Security 87
6.3.3 Security Proof 88
6.4 KP-ABE Scheme Based on Matrix 89
6.4.1 The Scheme 89
6.4.2 Adaptive Security 90
6.4.3 Security Proof 91
6.5 Summary 91
References 92
Part II Concepts of Blockchain Technology 95
7 Blockchain Technology 97
7.1 Introduction 97
7.1.1 History 97
7.1.2 Preliminary Concepts of Blockchain Technology 98
7.1.3 Characteristics of Blockchain 100
7.1.4 Evolution and Types of Blockchain 104
7.1.4.1 The Blockchain 1.0 104
7.1.4.2 Blockchain 2.0 104
7.1.4.3 Blockchain 3.0 105
7.1.5 Permissionless vs Permissioned Blockchains 105
7.1.6 Types of Blockchain 105
7.2 Architecture of Blockchain 106
7.2.1 Architecture of Blockchain 1.0 (Cryptocurrencies) 106
7.2.2 Block 106
7.2.3 Node 107
7.2.4 Types of Blockchain Nodes 107
7.2.5 Consensus 110
7.3 Architecture of Blockchain 2.0 (Smart Contracts) 110
7.3.1 Introduction to Smart Contracts 110
7.3.2 How Smart Contracts Work 111
7.3.3 Example of Smart Contract 111
7.3.4 Uses of Smart Contracts 111
7.3.5 Advantages of Smart Contracts 112
7.3.6 Limitations of Smart Contracts 112
7.4 Architecture of Blockchain 3.0 (Blockchain Applications) 113
7.4.1 Consensus Mechanism 113
7.5 Blockchain 4.0 118
7.5.1 Blockchain 4.0 Applications 119
7.5.2 Metaverse 119
7.5.3 Industrial Revolution 4.0 120
7.5.4 Blockchain 4.0 for Businesses 120
References 120
8 Scaling-Out Blockchains with Sharding 125
8.1 Introduction 125
8.1.1 Scalability Trilemma 126
8.1.2 Nakamoto-Based - Monoxide - Chu-ko-nu Mining 128
8.1.3 Elastico 128
8.1.4 OmniLedger 129
8.1.5 Rapid Chain 130
8.1.6 Learnings 131
8.1.7 General Improvements 132
8.1.7.1 Reducing Transaction Latency 133
8.1.7.2 Inter-Communication Protocol 133
8.1.7.3 Shards Ledger Pruning 134
8.1.7.4 Decentralized Bootstrapping 134
8.1.7.5 Securing the Epoch Reconfiguration 134
8.1.7.6 Sharded Smart Contract 135
8.1.7.7 Replay Attacks and Defenses Against Cross-Shard Protocols 135
8.2 Off-Chain Solution: Layer 2 Solutions 136
8.2.1 State Channels 136
8.2.2 Side Chains of the Plasma 138
8.2.3 Problems with Data Accessibility 139
8.3 Rollups 139
8.3.1 Rollups Based on Zero Knowledge 140
8.3.2 Proofs of Zero-Knowledge 140
8.3.3 Protocol Schnorr 142
8.3.4 Protocol Pedersen 143
8.3.5 zk-SNARKs 144
8.4 Summary 144
References 145
Part III Applying Blockchain with Real-Time Technologies 147
9 Blockchain Technology for Supply Management 149
9.1 Introduction 149
9.1.1 System Design 153
9.1.2 System Architecture 153
9.1.3 Entities of the System 154
9.1.3.1 Users 154
9.1.4 Smart Contract Control 157
9.1.5 Blockchain Network 157
9.1.5.1 Processing Nodes 157
9.1.5.2 System Application Layer 158
9.1.5.3 Storage Infrastructure 158
9.1.6 System Decryption 158
9.1.7 Blocks 159
9.1.7.1 Block Design 160
9.2 System Flow 163
9.2.1 System Advantages 163
9.2.2 Conclusion 164
References 165
10 Satellite Communication 167
10.1 Introduction 167
10.1.1 Low-Orbit Constellation Communication Networks 169
10.1.2 Interstellar Link Length 171
10.1.3 Model of Satellite Motion 171
10.1.4 Edge Computing Technologies 172
10.2 Analysis of Edge Computing Requirements of Low-Orbit Constellation Communication Networks 175
10.2.1 Design of Edge Computing Architecture for Low-Orbit Constellation Communication Networks 175
10.2.2 Satellite 176
10.2.3 System Entities 180
10.2.4 System Process Flow 180
10.2.5 Security Properties 183
10.3 Summary 183
References 183
11 Foundation of Information-Centric Communication 185
11.1 Introduction 185
11.2 Information-Centric Communication 185
11.3 Name-Based Routing of Content 187
11.4 Benefits of Using ICN 187
11.5 Cost-Efficient and Scalable Distribution of Content Design Principles 189
11.6 ICN Design Challenges 190
11.6.1 Content Naming 190
11.6.2 Caching of Content 191
11.6.3 Data Integrity 192
11.6.4 Resolution System's Scalability and Name-Based Routing 192
References 193
12 Security Overall in Information-Centric Networks 195
12.1 Introduction 195
12.2 Content-Centric Network (CCN) Architecture 195
12.3 Naming System Design 197
12.4 Secure Naming Scheme for Information-Centric Networks 198
12.5 Data Transmission - Content Delivery 198
12.6 Traffic Load in Network Caching 199
12.6.1 Store Unique Naming of Content in Caches 200
12.6.2 Storage Limitation in Caching Space Devices 201
12.7 Content's Freshness Detection 201
12.8 ICN Security 201
12.9 Attacks in ICN Architectures 202
12.10 ICN Attributes to Ensure Security Threats 204
12.11 Traffic Analysis and Prediction 204
12.12 Some Key Problem Statements 205
12.13 Blockchain-Based ICN Scheme Improvement 206
12.13.1 Protection Against DDos 206
12.14 A Secured Information-Centric Network Based on Blockchain 206
12.14.1 Blockchain-Based ICN Structure 207
12.14.1.1 Data Integrity 207
12.15 Attribute-Based Encryption Scheme for the Information-Centric Network 208
12.15.1 Applying Ciphertext-Policy ABE (CP-ABE) Scheme in ICN 209
12.15.2 System Design of CP-ABE Scheme in ICN 210
References 212
13 Subscriber Data Management System Based on Blockchain 215
13.1 Introduction 215
13.1.1 Motivation 216
13.1.2 Problem Statement 216
13.1.3 Contributions 216
13.2 Literature Review 217
13.3 System Design Description 217
13.3.1 Assumptions 217
13.3.2 Ciphertext-Policy Attribute-Based Encryption (CP-ABE) 218
13.3.3 CP-ABE Construction 218
13.3.4 System Components 219
13.3.4.1 Data Subscribers (DSs) 219
13.3.4.2 Data Providers (DPs) 220
13.3.4.3 Key Generation and Distribution Center (KGDC) 220
13.3.4.4 IPFS Distributed Storage 220
13.3.4.5 Blockchain Platform 220
13.3.5 Process Description 222
13.3.5.1 Subscriber Registration 224
13.3.5.2 Subscriber Data Storage 224
13.3.5.3 Subscriber Data Request 224
13.3.6 Benefits of Proposed Design 225
13.3.7 Security Requirements 226
13.4 Summary 227
References 227
14 A Secure Data-Sharing Blockchain-Based Crowdfunding System 229
14.1 Introduction 229
14.2 Literature Review 231
14.2.1 Present-Day Centralized Crowdfunding 231
14.2.2 Crowdfunding Models 233
14.2.3 Problems of Traditional Crowdfunding 234
14.2.4 Blockchain-Based Crowdfunding 234
14.2.5 Advantages of Blockchain-Based Crowdfunding 235
14.3 Proposed System 236
14.3.1 System Model 236
14.3.1.1 Key Components 237
14.3.2 System Framework Overview 238
14.3.2.1 Application Layer 239
14.3.2.2 Blockchain Layer 239
14.3.2.3 Data Storage Layer 239
14.3.3 System Assumptions and Threat Model 240
14.3.4 Process Description 240
14.3.5 Smart Contract Interactions 241
14.3.5.1 User Registration Contract (URC) 241
14.3.5.2 User Verification Contract (UVC) 241
14.3.5.3 Project Data Access Contract (PDAC) 241
14.3.6 Concrete Implementation 241
14.3.6.1 User Register 242
14.3.6.2 Data Encrypt 242
14.3.6.3 Data Search 242
14.3.6.4 Fine-Grained Access Authorization 242
14.3.6.5 Data Decrypt 243
14.3.6.6 Transaction Confirmation 243
14.3.7 Security Requirements 243
14.3.7.1 Fine-Grained Access Control 243
14.3.7.2 Key Counterfeiting 243
14.3.7.3 Data Integrity 244
14.4 Summary 244
References 244
Index 247
1
Foundation of Attribute-Based Encryption
1.1 Introduction
What is encryption? Encryption is a key concept in cryptography. To explain the meaning of encryption, let us consider the following scenario without being blown away by the whims of mathematics.
Imagine your friend Bob is organizing a back-alley chess game. Bob does not want anyone to come into his shady gambling den without authorization, so he issues you a pass with the phrase "Knock and wait." When you knock on the right sleazy door, the bouncer asks for the pass in a genre-savvy baritone. You can get in if you say the right phrase. Otherwise, your entry will be denied, and you will stay outside in the metaphorical rain.
To stretch the analogy, Bob can alter the pass each time he hosts a chess game. Knowing the passphrase for the day, you can share it with one of your acquaintances or some of your friends in the criminal investigation bureau. In cryptography, the pass is referred to as a secret key. When plaintext is combined with a secret key, cryptography offers a black box that converts plaintext to ciphertext. The ciphertext is unreadable junk to those without the right secret key. On the other hand, those with a valid secret key can recover the plaintext from a given ciphertext back. The process involved in transforming plaintext into ciphertext is referred to as encryption. Succinctly put, encryption is the cryptographic mechanism of converting information into a secret code that conceals the true meaning of the transformed information (ciphertext). When an unauthorized party intercepts ciphertext, the intruder must determine which algorithm and keys were used to encrypt the message. The computation complexity required in decoding a ciphertext without a valid secret key is what makes encryption a crucial security tool.
Encryption has been a longstanding technique to secure sensitive data. Historically, it was used by governments and militaries. Encryption is used in modern times to secure data stored on computers and storage devices and data in transit across networks. Prior to the advent of public key cryptography, it was widely assumed that for two users to transmit data securely, they would need to establish a mutually held secret key. While this may be acceptable for certain small or close-knit groups, it is infeasible for larger networks, such as the Internet of today, which has billions of users. Diffie and Hellman [1] proposed a novel concept in public key cryptography over thirty years ago, where two parties can securely communicate without sharing a prior mutual secret, dramatically upsetting common knowledge held at the time. Public key encryption is a crucial tool today. It is widely used in developing tools ranging from secure web communication (e.g. secure shell [SSH], secure sockets layer [SSL]) to disk encryption and a secure software patch distribution. Before the introduction of functional encryption, there were widely held views that:
- Encryption is a method of sending a message or data to a single entity with a secret key.
- Access to encrypted data is all or nothing - one can either decrypt and read the entire plaintext or learn nothing about the plaintext other than its length.
These views determined the method used for computation of ciphertext and secret key before they were modified by functional encryption. Functional encryption enables a data encryptor to encrypt data with a boolean function, such that only a decryptor with the correct private key can recover the plaintext if the boolean function returns true. Before delving into the details of functional encryption and how it is a superior encryption technique, we will explore the earlier encryption techniques.
1.1.1 Symmetric Encryption
Howbeit, data can be encrypted with symmetric key encryption mechanisms. The symmetric key encryption algorithm uses only one secret key, referred to as a session key, to encipher and decipher information [2]. As seen in Figure 1.1, one secret key is required to cipher and decipher information in symmetric encryption. A key can be a number, a word, or a random sequence of letters. The key is used to scramble the plaintext of a message into unreadable content (ciphertext) and recover the content. Therefore, the session key must be shared in advance between the sender and recipient prior to its usage in the encryption method. Symmetric encryption includes advanced encryption standard (AES), RC4, data encryption standard (DES), RC5, and RC6. Encryption schemes like AES-128, 192, and 256 are the most extensively used symmetric algorithms.
The inherent problem with the symmetric encryption is that a session key must be exchanged between the data owner and data users in advance before a symmetric key encryption algorithm can be used [3]. However, it is impossible to know every potential data user in advance to share data with them in multi-user data sharing systems. Even if the data owner does, it has to encrypt the data repeatedly with each session key shared with the multiple data users in the system. There are as many as key pairs to be managed in an extensive network. Consequently, key management will undoubtedly involve high storage overhead.
1.1.2 Asymmetric Key Encryption
Symmetric encryption has existed for a very long time, whereas asymmetric encryption is very recent. For data encryption and decryption, asymmetric encryption requires two keys, namely public and private keys. The public keys are used for data encryption, whereas the private keys are required for data decryption. Asymmetric encryption enables parties to preserve sensitive information in an encrypted format on a public network, such as the Internet, without exchanging a session key in advance. Asymmetric encryption ensures that only the authorized recipient with the proper private key can decipher the encrypted messages. The use of two related keys in asymmetric encryption increases security, as anyone with the secret key can decipher the message. Anyone can send a message to any user using their public key, which is accessible to the public.
Figure 1.1 Symmetric encryption.
Figure 1.2 Asymmetric encryption.
As illustrated in Figure 1.2, the public key and private key are utilized to encrypt and decrypt a message, respectively. There is no need to protect the public keys because they are accessible to the whole public. However, the private key must be kept secret such that only the end user knows it; otherwise, any entity with knowledge of the private key can decrypt any communication encrypted with the corresponding public key. Using an asymmetric key for communication is substantially more secure than a symmetric key. Well-known asymmetric key encryption methods include EIGamal and Rivest-Shamir-Adleman (RSA).
To prevent man-in-the-middle attacks, asymmetric encryption relies on the public key infrastructure to associate a user's public key with a certificate. This certificate is "signed" by the Certificate Authority (CA), the digital equivalent of a notary. It is evident that the CA plays a significant role in the public key infrastructure (PKI) model since this approach is founded on the premise that the CA is true, trustworthy, and legitimate. Therefore, a hacker who takes control of a CA can use it to generate fake certificates and impersonate any public key.
Over the years, there have been repeated breaches of CA firms, including DigiNotar, GlobalSign, Comodo, and Digicert Malaysia. These attacks were a direct result of the commoditization of certificates, in which smaller, less qualified businesses have gained a larger proportion of the market for certificate authorities.
Asymmetric key encryption schemes also have some drawbacks similar to symmetric key encryption schemes. For example, the data owner must obtain each data user's public key, encrypt the data multiple times, and store multiple copies of the data in the cloud.
1.1.3 Identity-Based Encryption
Imagine a corporate email system in which the employees send encrypted communications. Alice discovers Bob's public key, writes a message, encrypts it in an email, and sends the email to Bob. However, Bob wrote his private key in his notebook, which he left at an airport. Or maybe Bob's private key was stored on his phone, and one of his children dropped it in the drain. Now that Bob has a new phone, he tries to read all of Alice's emails and discovers that he cannot. Without a private key, there are no emails that can be read. However, as is synonymous with key and door systems, when the lone key to a lock is lost, the entire lock must be replaced. Digital cryptosystems are no different; public and private keys are generated as a pair, and it is impossible to generate one from the other, just as it is impossible to construct a key from a lock. Bob must therefore generate a new pair of public and private keys, upload the new public key to the corporate directory, and inform everyone that the previous public key is no longer valid. As shown in Figure 1.3, if Alice does not detect this change, she will continue to send Bob encrypted emails using his previous public key, and Bob will continue to be unable to read them. It turns out that this is a widespread issue in cryptography systems - individuals are lousy at managing keys. In 1984, a cryptographer named Adi Shamir [4] came up with a brilliant concept: what if the firm itself managed the keys? He believed that the entire concept...
