Multi-Authority Revocable Access Control Method Based on CP-ABE in NDN

: For the future of the Internet, because information-centric network (ICN) have natural advantages in terms of content distribution, mobility, and security, it is regarded as a potential solution, or even the key, to solve many current problems. Named Data Network (NDN) is one of the research projects initiated by the United States for network architecture. NDN is a more popular project than ICN. The information cache in the NDN separates content from content publishers, but content security is threatened because of the lack of security controls. Therefore, a multi-authority revocable access control method based on CP-ABE needs to be proposed. This method constructs a proxy-assisted access control scheme, which can implement e ﬀ ective data access control in NDN networks, and the scheme has high security. Because of the partial decryption on the NDN node, the decryption burden of the consumer client in the solution is reduced, and e ﬀ ective user and attribute revocation is achieved, and forward security and backward security are ensured, and collusion attacks are prevented. Finally, through the other security and performance analysis of the scheme of this paper, it proves that the scheme is safe and e ﬃ cient.


Introduction
With the continuous emergence of big data, artificial intelligence, Internet of Things Plus, cloud computing, and other technologies, there are a variety of content-oriented networking applications on the Internet [1,2]. As long as the content is secure and reliable, users are increasingly interested in using and accessing web content, and users do not care who sends the content. The increasing use of peer-to-peer (P2P) in content delivery networks (CDN) proves this situation [3]. As content distribution increases, the host-centric model-based Internet architecture is difficult to integrate new consumption methods and mobility needs. This situation has inspired experts to create other methods to disseminate content [4,5]. Therefore, the researchers created an Information Center Network (ICN). ICN connects content consumers directly with content by content name. In this way, the content consumer does not need to identify the address of the content owner, but only the reliable copy of the content. Content owners publish content and store it on the network [6]. This design enables content to be delivered to consumers effectively. There is an advantage in retrieving content and content sharing and distribution, but because content and content publishers are decoupled, data owners cannot protect the privacy and security of data as much as managing local data. Traditional public key cryptosystems only support "one-to-one" encryption and lack flexible access control strategies. This poses a huge challenge to security issues during content caching and retrieval. Therefore, a mechanism to ensure data confidentiality should be adopted [7]. To ensure data security, Named Data Network (NDN) networks need to introduce access control methods. However, in the NDN cache security analysis and certification are given in the text. Multi-authorization: Tao et al. proposed a novel NDN access control scheme to solve this problem [19]. The system is based on CP-ABE multi-authorization, revocable access control scheme. The solution implements an indirect revocation of consumer users. In addition, the program did not use experiments to prove the time of content release and content request.
However, as far as the NDN system is concerned, attribute revocation and users have been its challenging problems. There are many reasons why attribute revocation and users will cause challenges in the NDN system, such as the following reasons. The first reason is that because of the content caching mechanism of the NDN, even after the content is successfully forwarded, it cannot be reused by other users, and the cached content in the content store in the NDN can be reused. The second reason is that since multiple users may share each attribute, the revocation of any one attribute may have an essential impact on other users in the attribute group. The third reason is that many solutions do not support attribute revocation and flexible user in a multi-authority NDN cache system. Therefore, this paper proposes a multi-authority revocable access control method based on CP-ABE in NDN. This method realizes data access control and user revocation and attribute revocation of rights in NDN cache system through proxy decryption, and can resist collusion attack. Forward security and backward security are also achieved. Compared with single-privileged CP-ABE scheme and multiauthority CP-ABE scheme, the attributes of the multi-authority CP-ABE scheme come from different attribute domains and are authorized by different authorization centers. Therefore, the multi-authority CP-ABE scheme is more appropriate for content access control of the NDN cache system.

Design and Implementation of Access Control Method
Based on the Kai Fan scheme [17], we propose a CP-ABE-based multi-authority revocable access control method that is different from the traditional single-authorization center scheme to enable fine-grained access control of cached data. In the multi-authorization center attribute-based encryption mechanism, the user's attributes come from multiple attribute domains that are jointly managed by different authorization centers. This approach can greatly reduce the administrative burden of a single authorization center and can improve the system's ability to resist collusion attacks.

Overall Design of Access Control Method
The CP-ABE-based access control system in the NDN proposed in this paper mainly includes the following five parts: NDN cache node, global certificate authority (CA), attribute authorization center (AAs), content publisher, and content consumer. Figure 1 demonstrates flow of the NDN access control system.

Content Publisher
The content publisher defines an access control policy for attributes from i AA , and then encrypts the content that needs to be shared. These encrypted content ciphertexts are cached at the NDN routing node.

NDN cache nodes
They can provide storage services for NDN network content through their own storage policies, and provide response packets for them according to the consumer's interest package. When a user issues a file query request, the cloud service provider first checks if his set of attributes conforms to the access structure. If his attribute meets the access structure, then the partially decrypted ciphertext is computed. Only legitimate consumer users can decrypt the content of the ciphertext by using the proxy key through the NDN routing node. The legitimate consumer users then send the decrypted data to the appropriate consumer.

Content Consumer
Content consumers can obtain encrypted data from their neighbor routers or publishers while requesting their keys from the relevant CA. The NDN routing node partially decrypts it using its

1.
Central Authorization Center (CA) The CA is fully trusted. It is primarily responsible for the authentication of the Authorization Center and consumer users in the system, and publishes a globally unique identifier uid for each NDN consumer user, giving each AA a globally unique identity aid i , which does not participate in any work related to property management and key generation.

2.
Attribute Authorization Centers (Hereinafter abbreviated as AA or AA i , i = 1, . . . , k) Each AA i is independent of others and each AA i manages different attributes and generates related keys. In this scenario, each AA i can control any number of attributes, and one AA i can only manage each attribute. Each AA i is responsible for generating an attribute public key PKx for the attributes of the management attribute domain, and dividing the consumer key into a proxy key PxK uid,aidi . PxK uid,aidi will be sent to the NDN routing node for storage, and the routing node will add the consumer user's PxK uid,aidi to the proxy key list LPxK. The user secret key SK uid is sent to the corresponding consumer users that are kept by the consumer users themselves.

Content Publisher
The content publisher defines an access control policy for attributes from AA i , and then encrypts the content that needs to be shared. These encrypted content ciphertexts are cached at the NDN routing node.

NDN cache nodes
They can provide storage services for NDN network content through their own storage policies, and provide response packets for them according to the consumer's interest package. When a user issues a file query request, the cloud service provider first checks if his set of attributes conforms to the access structure. If his attribute meets the access structure, then the partially decrypted ciphertext is computed. Only legitimate consumer users can decrypt the content of the ciphertext by using the proxy key through the NDN routing node. The legitimate consumer users then send the decrypted data to the appropriate consumer.

of 13
Content consumers can obtain encrypted data from their neighbor routers or publishers while requesting their keys from the relevant CA. The NDN routing node partially decrypts it using its proxy key. After the consumer user obtains the partially decrypted content, the user can use the key to decrypt the remaining portion to obtain the plaintext data.
The main steps of the mechanism are divided as follows. The first step is for the CA to initialize the system to issue a globally unique identity to the AA and to issue a globally unique identity to the content consumer. The second step AA is responsible for managing the attributes of the attribute domain and generating the attribute public key. In addition, the AA will generate a proxy key and add it to the NDN routing node, and the AA will send the private key to the corresponding consumer user. In the third step, the publisher needs to use the public key to encrypt the information to be published. The fourth step is that the consumer user requests a key from the CA or uses the proxy key of the NDN node for partial decryption.

System Initialization
The consumer needs to obtain the access permission of the content to obtain the content when the user first visits, and the consumer user issues the signed interest package. The format of the interest package name can be "ndn/user/number/i/registration," and the registration is completed and the permission is obtained. In the process, the content publisher obtains the consumer user attribute and also authenticates the user's identity through the attribute. The definition and retrieval of attributes is transparent to NDN. After receiving the interest package requesting the content, the content publisher verifies the integrity and authenticity of the registered interest package. If the interest package is authenticated, the content publisher will send a registration confirmation packet to the consumer, and the publisher will verify the user and complete the user registration process (see Figure 2). The initialization process needs to execute the following functions: proxy key. After the consumer user obtains the partially decrypted content, the user can use the key to decrypt the remaining portion to obtain the plaintext data. The main steps of the mechanism are divided as follows. The first step is for the CA to initialize the system to issue a globally unique identity to the AA and to issue a globally unique identity to the content consumer. The second step AA is responsible for managing the attributes of the attribute domain and generating the attribute public key. In addition, the AA will generate a proxy key and add it to the NDN routing node, and the AA will send the private key to the corresponding consumer user. In the third step, the publisher needs to use the public key to encrypt the information to be published. The fourth step is that the consumer user requests a key from the CA or uses the proxy key of the NDN node for partial decryption.

System Initialization
The consumer needs to obtain the access permission of the content to obtain the content when the user first visits, and the consumer user issues the signed interest package. The format of the interest package name can be "ndn/user/number/i/registration," and the registration is completed and the permission is obtained. In the process, the content publisher obtains the consumer user attribute and also authenticates the user's identity through the attribute. The definition and retrieval of attributes is transparent to NDN. After receiving the interest package requesting the content, the content publisher verifies the integrity and authenticity of the registered interest package. If the interest package is authenticated, the content publisher will send a registration confirmation packet to the consumer, and the publisher will verify the user and complete the user registration process (see Figure 2). The initialization process needs to execute the following functions:   Global initialization function, CA first selects a system security parameter λ and an attribute domain U, and finally generates a global public parameter GP, AA i identity aid and user identity uid.

2.
Authority Setup (aid)→ PK aid , SK aid , {PK xk } aid∈IA Future Internet 2020, 12, 15 6 of 13 AA i initialization function that is executed by each AA i . Enter aid, output a pair of AA i public and private keys PK aid and SK aid , and generate an attribute public key {PK xk } aid∈IA for each attribute managed by the AA i .

Content Publishing Process
Content publishing is the basis of NDN data sharing. Before publishing content, the content is first encrypted by CP-ABE algorithm to obtain ciphertext CT. The content publishing process is shown in Figure 3. The content publishing process needs to execute the following functions: The encryption function is executed by the data owner. Input GP, PK aid and {PK xk } aid∈IA , plaintext M and access structure A, and output ciphertext CT.
Future Internet 2020, 12, x FOR PEER REVIEW 6 of 13

Content Publishing Process
Content publishing is the basis of NDN data sharing. Before publishing content, the content is first encrypted by CP-ABE algorithm to obtain ciphertext CT. The content publishing process is shown in Figure 3. The content publishing process needs to execute the following functions:  The encrypted content ciphertext is published to the NDN network as part of the packet data. This packet can be cached by any router and accessed through the NDN infrastructure. This part is usually massive data, so consumers can get the content of interest from the neighbor router that increases distribution efficiency and efficiency of data transmission.

Content Request Process
After the content is published to the NDN network, in order to enable the consumer to access the content of interest, two steps are required, first the proxy decryption of the NDN cache node and the user decryption of the consumer client. The content request process needs to execute the following functions:

Revocation of Consumer Privilege
As long as the consumer user is restricted from accessing the data file again, a user revocation is performed. In this method, the consumer user does not need to update the keys of other users who have not been revoked, they only need to re-encrypt the ciphertext. The content publisher only needs to issue an undo message containing the revoked user's identity uid to NDN routing node, and the routing node deletes the revoked user's proxy key

4.
KeyGen (GP, uid, S uid,aid , SK aid , {PK xk } aidIA ) → PxK uid,aid , SK uid ) AA executes the key generation function. Enter GP, uid, a set of consumer user attribute sets S uid,aid , SK aid and {PK xk } aidIA , output proxy key PxK uid,aid and user private key SK uid .
The encrypted content ciphertext is published to the NDN network as part of the packet data. This packet can be cached by any router and accessed through the NDN infrastructure. This part is usually massive data, so consumers can get the content of interest from the neighbor router that increases distribution efficiency and efficiency of data transmission.

Content Request Process
After the content is published to the NDN network, in order to enable the consumer to access the content of interest, two steps are required, first the proxy decryption of the NDN cache node and the user decryption of the consumer client. The content request process needs to execute the following functions:
Consumer user decryption function is executed by the consumer. Input CT, CT , and SK uid , and output plaintext M.

Revocation of Consumer Privilege
As long as the consumer user is restricted from accessing the data file again, a user revocation is performed. In this method, the consumer user does not need to update the keys of other users who have not been revoked, they only need to re-encrypt the ciphertext. The content publisher only needs to issue an undo message containing the revoked user's identity uid to NDN routing node, and the routing node deletes the revoked user's proxy key PxK uid,aid . Once PxK uid,aid is removed, NDN Future Internet 2020, 12, 15 7 of 13 router can no longer execute the ProxyDec proxy decryption algorithm for the revoked user. Therefore, revoked user cannot perform decryption process. The undo process requires the execution of URev (uid, L PxK ) → L PxK ) . The user revocation function is executed by the NDN routing node, inputting the uid of the consumer user and the proxy key list L PxK , and outputting the updated proxy key list L PxK .

Consumer Attribute Revocation
For attribute revocation, this method introduces the idea of the attribute version number. When the authorization center is initialized, first select a version number for each attribute in system. When attribute revocation happens, simply update the affected part of the ciphertext and key. The affected authorization center will select a new attribute version number for the revoked attribute and generate a relevant new key to update the affected ciphertext. Consumer property revocation involves two processes: key update and ciphertext re-encryption.

7.
The key update Key update needs to execute the ReKeyUpdate function. The relevant authorization center first produces a novel attribute version number, then changes attribute public key for revoked attribute, and broadcasts a message to the data owner in the system, making them to receive updated attribute public keys. At the same time, the NDN routing node updates the proxy key using the proxy key update function PxKUp date. The consumer key update needs to perform the following functions: • ReKeyUpdate uid, PxK uid,aid , v xk → {VUK Xk , PxUK Xk } AA i executes this key material update function. Enter the uid, PxK uid,aid of the consumer user that has not been revoked, and the current attribute version number v xk , and output the version update key VUK Xk and the agent update key PxUK Xk .

uid,aid
The NDN routing node performs the proxy key update function. The function inputs the uid, PxK uid,aid of the consumer user that has not been revoked, and the current attribute version number v xk . output version update key VUK Xk and agent update key PxUK Xk .

8.
The ciphertext re-encrypted Data owner uses the version update key to calculate the ciphertext update key through the ciphertext material update function CTUpdate and sends it to the NDN cache node, and the NDN cache node performs the ciphertext re-encryption function ReEnc to perform the ciphertext re-encryption. Consumer ciphertext re-encryption needs to perform the following functions: The ciphertext material update function is executed by the content publisher and input VUK xk , CT and output the ciphertext update key CUK xk .
• ReEnc (CT, CUK xk ) → CT * The NDN routing node performs the ciphertext re-encryption function. Enter the current ciphertext CT and CUK xk .

NDN Router
The NDN router can change the NDN cache node to aggregate proxy re-encryption. The forwarding operation of the data packet and the interest packet by the NDN route cache node is based on the name routing and forwarding. The content name is an opaque binary code sequence for the router. When forwarding the data packet or the interest packet, the name and the information in the FIB need to be processed to match. For example, /university/computer/access control, when it matches the interest packet that needs to perform proxy re-encryption service, it will complete the corresponding operation through the agent module to achieve the purpose of the consumer requesting data, complete efficient data distribution, and optimize the network system performance. Figure 4 illustrates the relationship of the NDN cache node and its main components in the access control method.

Security Analysis
In this section, the security analysis of the CP-ABE-based multi-authorization revocable access control method will be introduced, including data confidentiality, forward security and post-security, and collusion attacks by multiple consumers.

Confidentiality of Data
When the user's attributes meet the requirements of the access structure, it can use the key to implement the decryption process of the data. If the user's attributes cannot meet the requirements of the ciphertext access structure, then they cannot accept the ciphertext information during the decryption proxy process. Since the proxy decryption process can be decrypted by the cloud private key, the lack of the user agent key will not help the data decryption process. When a user is revoked, the cloud server must delete the proxy key it holds. When the proxy key is deleted and does not exist, user will not be able to accept the partially decrypted ciphertext.

Forward Security and Post Security
This paper proposes an access control scheme based on CP-ABE, which can guarantee the forward and backward security of the NDN cached data for newly added and revoked consumers. Forward security denotes the revoked user unable decrypt novel ciphertext that needs to be revoked for decryption. Backward security denotes newly added users can also decrypt previously ciphertexts. Forward security denotes the revoked user cannot decrypt the new content of the ciphertext that demands to be revoked for decryption. Backward security denotes newly added users can also decrypt previously public the content of the ciphertext, and if it has enough attributes, it uses the previous public key encryption. When the consumer is revoked, the NDN cache node will delete its proxy key. Therefore, user who is revoked is unable to decrypt the ciphertext by utilizing its proxy key to ensure the forward security of the system's cached data. When a whole new consumer adds system, relevant ciphertext information is re-encrypted so that it can also decrypt the ciphertext, ensuring backward security of the cached data.

Collusion Attack
In traditional attribute encryption schemes, a single AA combines parts of a user's private key (corresponding to different attributes) through key randomization. This randomization makes the

Security Analysis
In this section, the security analysis of the CP-ABE-based multi-authorization revocable access control method will be introduced, including data confidentiality, forward security and post-security, and collusion attacks by multiple consumers.

Confidentiality of Data
When the user's attributes meet the requirements of the access structure, it can use the key to implement the decryption process of the data. If the user's attributes cannot meet the requirements of the ciphertext access structure, then they cannot accept the ciphertext information during the decryption proxy process. Since the proxy decryption process can be decrypted by the cloud private key, the lack of the user agent key will not help the data decryption process. When a user is revoked, the cloud server must delete the proxy key it holds. When the proxy key is deleted and does not exist, user will not be able to accept the partially decrypted ciphertext.

Forward Security and Post Security
This paper proposes an access control scheme based on CP-ABE, which can guarantee the forward and backward security of the NDN cached data for newly added and revoked consumers. Forward security denotes the revoked user unable decrypt novel ciphertext that needs to be revoked for decryption. Backward security denotes newly added users can also decrypt previously ciphertexts. Forward security denotes the revoked user cannot decrypt the new content of the ciphertext that demands to be revoked for decryption. Backward security denotes newly added users can also decrypt previously public the content of the ciphertext, and if it has enough attributes, it uses the previous public key encryption. When the consumer is revoked, the NDN cache node will delete its proxy key. Therefore, user who is revoked is unable to decrypt the ciphertext by utilizing its proxy key to ensure the forward security of the system's cached data. When a whole new consumer adds system, relevant Future Internet 2020, 12, 15 9 of 13 ciphertext information is re-encrypted so that it can also decrypt the ciphertext, ensuring backward security of the cached data.

Collusion Attack
In traditional attribute encryption schemes, a single AA combines parts of a user's private key (corresponding to different attributes) through key randomization. This randomization makes the elements of different keys of one user compatible with each other, but cannot be combined with the key elements of other users. This key randomization technique is not suitable for decentralized attribute encryption, because no CA can combine these elements, and each key comes from a different AA. In order to overcome this difficulty, this article uses different global identities to combine different user key parts to meet the needs of anti-collusion. Consumer users base this solution on the CP-ABE access control method to defend against conspiracy attacks. Suppose the number of permissions involved in ciphertext is n, and the number of collusion permissions is m. If m = n, intuitively, these permissions can get all the keys that can be used to decrypt the content of ciphertext. If m ≤ n − 1, there is at least one privilege that the key cannot be obtained. Therefore, ciphertext cannot be decrypted. This scheme implements a collusion attack of up to (n−1) privilege.

Analysis of Performance
We performed the analysis of the multi-authority CP-ABE access control method in this section. The content of the analysis is expanded from three aspects: flexibility analysis, calculation overhead, and efficiency analysis. Table 1 compares the CP-ABE schemes previously studied by relevant experts from the four aspects of access structure, type of authorization center, ability to resist collusion attacks, and authority revocation. As can be seen from Table 1, this scheme is more flexible than other solutions. Because it adopts the LSSS access structure, the scheme supports fine-grained access control, supports multiple authority, can resist collusion attacks, and supports user and attribute revocation. These features make the solution proposed in this chapter more suitable for practical application requirements.

Calculation Overhead
In order to analyze the computational cost of the scheme, the proposed scheme is compared with the existing scheme. T e and T m are one bilinear calculation time and one exponentiation time. l is the number of attributes, N A and M are the number of authorities and the size of the encrypted file. |G T | and |G| are the size of G T and G. Let IA denote the universe set of all AA and each AA manages xk (xk(k ∈ IA)) attributes. For a user with uid, let xk, uid denote the number of attributes obtained from the authority with aid k (k ∈ IA). The calculation overhead results of each scheme are shown in Table 2. The analysis includes ciphertext size, user encryption time, and user decryption time.

Program
Secret Key Ciphertext Size Consumer Encryption Time

Consumer Decryption Time
Yang [15] |G| + k∈IA xk, uid|G| Qian [21] |G| + xk, uid|G| N A |G T | + (l + 1)|G| + C (N A + 1)T e + (l + 1)T m (l + 1)T m Wu [22] |G| + 2(xk, uid)|G| It can be seen from the results in Table 2 that the ciphertext length of the scheme in this chapter is slightly shorter than the other scheme. the encryption time of the consumer user is also slightly shorter than the other scheme. The user decrypts time because part of calculation is transferred to the NDN cache node in decryption phase. It is significantly shorter than the other. In summary, the computational overhead of this chapter's scheme is significantly better than the other scheme.

Efficiency Analysis
In order to implement the simulation experiment using the tool Charm, a framework for quickly implementing cryptography schemes and protocols is required. The LSSS scheme required in the attribute-based encryption system is also provided, and the PBC library is used to implement the main group operation. The simulation experiment environment is on Intel Xeon 3.60 GHz processor W-2133, 16 GB memory, install VMware Workstation 10.0 virtual machine, and install Ubuntu 16.04 system in virtual machine.
As can be seen from the Figure 5, with the increase of the number of attributes, our scheme has less encryption time than Lewko's scheme [20] and Fan's scheme [17]. In addition, the encryption time increases with the number of authorized centers, and increases almost linearly. The length of C in ciphertext is related to the number of attributes. The more attributes, the longer C, so the longer the encryption takes.  , It can be seen from the results in Table 2 that the ciphertext length of the scheme in this chapter is slightly shorter than the other scheme. the encryption time of the consumer user is also slightly shorter than the other scheme. The user decrypts time because part of calculation is transferred to the NDN cache node in decryption phase. It is significantly shorter than the other. In summary, the computational overhead of this chapter's scheme is significantly better than the other scheme.

Efficiency Analysis
In order to implement the simulation experiment using the tool Charm, a framework for quickly implementing cryptography schemes and protocols is required. The LSSS scheme required in the attribute-based encryption system is also provided, and the PBC library is used to implement the main group operation. The simulation experiment environment is on Intel Xeon 3.60 GHz processor W-2133, 16 GB memory, install VMware Workstation 10.0 virtual machine, and install Ubuntu 16.04 system in virtual machine.
As can be seen from the Figure 5, with the increase of the number of attributes, our scheme has less encryption time than Lewko's scheme [20] and Fan's scheme [17]. In addition, the encryption time increases with the number of authorized centers, and increases almost linearly. The length of C in ciphertext is related to the number of attributes. The more attributes, the longer C, so the longer the encryption takes. As can be seen from the Figure 6, the consumer user decryption time of the solution in this paper is almost constant, because the NDN cache node completes part of the calculation in the decryption process, and the obtained partially decrypted ciphertext is sent to the consumer user. Decryption part shows that the user can restore the plaintext only by completing part of the calculation. As can be seen from the Figure 6, the consumer user decryption time of the solution in this paper is almost constant, because the NDN cache node completes part of the calculation in the decryption process, and the obtained partially decrypted ciphertext is sent to the consumer user. Decryption part shows that the user can restore the plaintext only by completing part of the calculation.  Figure 7 shows the result of proxy decryption for the NDN routing node. It can be seen from Figure 7 that our scheme has less proxy decryption time than the Fan scheme [17] as the number of attributes increases. It can be seen that the time of proxy decryption increases with the number of authorities, and it increases almost linearly. In formula (4-7) of [13], Kuid, x is related to the number of attributes, the greater the number of attributes, the longer its length, and therefore, the longer the agent decrypts.  Figure 8 shows the relation between the time consumed by ciphertext re-encryption and the number of revoked attributes in the attribute revocation phase. Obviously, the more the number of attributes that are revoked, the longer the ciphertext re-encryption consumes and the almost linear growth. In this scenario, there is no need to update all ciphertexts when attribute revocation occurs, just update those ciphertexts associated with the revoked attributes.  Figure 7 shows the result of proxy decryption for the NDN routing node. It can be seen from Figure 7 that our scheme has less proxy decryption time than the Fan scheme [17] as the number of attributes increases. It can be seen that the time of proxy decryption increases with the number of authorities, and it increases almost linearly. In formula (4-7) of [13], K uid, x is related to the number of attributes, the greater the number of attributes, the longer its length, and therefore, the longer the agent decrypts.  Figure 7 shows the result of proxy decryption for the NDN routing node. It can be seen from Figure 7 that our scheme has less proxy decryption time than the Fan scheme [17] as the number of attributes increases. It can be seen that the time of proxy decryption increases with the number of authorities, and it increases almost linearly. In formula (4-7) of [13], Kuid, x is related to the number of attributes, the greater the number of attributes, the longer its length, and therefore, the longer the agent decrypts.  Figure 8 shows the relation between the time consumed by ciphertext re-encryption and the number of revoked attributes in the attribute revocation phase. Obviously, the more the number of attributes that are revoked, the longer the ciphertext re-encryption consumes and the almost linear growth. In this scenario, there is no need to update all ciphertexts when attribute revocation occurs, just update those ciphertexts associated with the revoked attributes.  Figure 8 shows the relation between the time consumed by ciphertext re-encryption and the number of revoked attributes in the attribute revocation phase. Obviously, the more the number of attributes that are revoked, the longer the ciphertext re-encryption consumes and the almost linear growth. In this scenario, there is no need to update all ciphertexts when attribute revocation occurs, just update those ciphertexts associated with the revoked attributes. Future Internet 2020, 12, x FOR PEER REVIEW 12 of 13

Summary
Information caching technology in named data networks improves the efficiency of data distribution. However, information caching decouples data publishers from data, causing data in storage nodes to face threats issues because of the lack of security controls. The security issues of NDN content affect NDN applications and deployment. For the purpose of solving the access control problem of cached content in the named data network NDN, this paper constructs a proxy-assisted access control scheme. The multi-authorization revocable access control method based on CP-ABE implements secure and effective access control of data in the NDN network. Because of the partial decryption on the NDN node, the decryption burden of the consumer client in the solution is reduced, and the method implements effective user and attribute revocation, and ensures forward security and backward security against collusion attacks. Finally, the performance and security analysis of the scheme of this paper proves that the scheme is safe and efficient.

Summary
Information caching technology in named data networks improves the efficiency of data distribution. However, information caching decouples data publishers from data, causing data in storage nodes to face threats issues because of the lack of security controls. The security issues of NDN content affect NDN applications and deployment. For the purpose of solving the access control problem of cached content in the named data network NDN, this paper constructs a proxy-assisted access control scheme. The multi-authorization revocable access control method based on CP-ABE implements secure and effective access control of data in the NDN network. Because of the partial decryption on the NDN node, the decryption burden of the consumer client in the solution is reduced, and the method implements effective user and attribute revocation, and ensures forward security and backward security against collusion attacks. Finally, the performance and security analysis of the scheme of this paper proves that the scheme is safe and efficient.