A Decentralised Multi-Authority Attribute-Based Encryption for Secure and Scalable IoT Access Control
Abstract
:1. Introduction
- The proposed scheme eliminates reliance on a central certificate authority (CA), enabling fully decentralised key management. This enhances flexibility, reduces failure points, lowers costs, and suits multi-scenario IoT applications like smart cities and industrial automation.
- To improve security and efficiency in resource-constrained IoT environments, the scheme introduces a proxy key mechanism that allows partial decryption outsourcing without exposing the original attribute keys. This approach mitigates the risk of key leakage and misuse, ensuring that IoT devices can securely delegate computations while maintaining strict access control policies.
- The scheme is formally proven to be secure against chosen-plaintext attacks (CPAs) under the decisional bilinear Diffie—Hellman (DBDH) assumption. This ensures that an adversary lacking the required attributes cannot distinguish an encrypted ciphertext from a random element, thereby preserving strong data confidentiality and preventing unauthorised access.
2. Related Works
3. Preliminaries
3.1. Bilinear Map
- Bilinear: For all and , then .
- Non-degeneracy: .
- Computability: For all , is computable efficiently.
3.2. Joint-Shamir Random Secret Sharing
- Each entity chooses a random sub-secret value . Then, chooses a polynomial over the of degree . Let denote sub-secret value . distributes to every entity a sub-share value , where , .
- Each entity received sub-share value , where , . Then, computes the master-share value . Let .
- Each entity computes the final random master-secret value . With Shamir [34] knowledge, any master-share value can compute a random master-shared value . Using the Lagrange interpolating formula,
3.3. CP-ABE
- : The setup phase takes the security parameter as input to generate public keys and a master secret key pair .
- : The key generation phase takes the master secret key and the universe of user’s attributes as input to obtain the secret attribute key as output.
- : The encryption phase takes the public keys , a plaintext , and an access policy as input. It outputs the ciphertext , where the access policy is implicitly embedded within .
- or : The decryption phase takes the ciphertext and the secret attribute key as input. If satisfies the access policy embedded in , the algorithm successfully recovers the plaintext . Otherwise, it outputs an error, denoted as .
3.4. Data Outsourcing
4. Proposed Scheme
4.1. System Model
- AA: This device enables communication between groups, denoted as (where represents the group number). In the proposed method, through trust-based principles such as alliance strategies or smart contracts, the AA established system parameters among devices and combined attributes from each group to create a unified multi-attribute set. Finally, it generated an attribute key for the devices within its own group.
- CN: Given the resource constraints of IoT devices, the CR cannot perform complex encryption and decryption operations. To address this challenge, high-performance CNs were utilised to assist the CR in these operations. By offloading computationally intensive tasks to the CN, the CR was relieved of heavy processing demands, enabling it to efficiently manage access policies and generate proxy keys.
- CR: The CR serves as a central management unit for devices and data in the IoT ecosystem, enabling it to execute operations in the physical world—such as switching, adjusting, and moving—based on commands received from external systems. Within the IoT environment, the CR connects to end devices (e.g., sensors, actuators, drones) via various communication protocols, including Ethernet, TCP/IP-based protocols (such as HTTP, MQTT, and MODBUS TCP), Bluetooth, and wireless networks. In our scheme, the CR partially encrypted the collected information to generate , which was then transmitted to the CN for secondary encryption, producing . For decryption of messages received from other groups, the CR converted its attribute key into a proxy key , ensuring that remained secure and was not exposed to the CN. The CN uses to perform decryption, generating an intermediate decryption message (IDM).
- Network routing (Router, Switch, Firewall, or Gateway): These devices transmit and receive network packets according to routing rules, serving as connection and data-flow management points within the IoT environment. Acting as bridges between different networks, they handle routing, filtering, forwarding, and firewall protection of data packets to ensure secure and efficient data transmission. This paper does not delve into the underlying principles of these devices but assumes they are configured and optimised for IoT application requirements.
4.2. Scheme Definition
- : The AA devices participating in the communication of groups communicate with each other based on the principle of mutual trust. They generate public parameters and master keys then combine to generate the attribute set .
- : This algorithm is executed by the AA device in each group, with inputs including the public parameters , the master key for group , and the attribute set . The output is the attribute key for .
- : This algorithm is executed by the CR, with inputs including the public parameters , the plaintext , and the access tree . The output is the first stage of ciphertext .
- : This algorithm is executed by the CN device in the group, with inputs including the public parameters and the first stage of ciphertext . The output is the second stage of ciphertext .
- or : This step ensures that the message originates from an authorised source, reducing the risks of tampering or forgery. CN selects a random number b, embeds it in the group public key , and sends it to the recipient for verification. Conversely, if verification fails, the message is rejected.
- : After verifying the message source, the CR executes this algorithm with inputs consisting of its attribute key and a random number . The output is a one-time proxy key .
- : The CN executes this algorithm using the second stage of ciphertext and the one-time proxy key generated by the CR as inputs. The output is a partial decryption message .
- : The CR executes this algorithm with inputs consisting of the second stage of ciphertext , the partial decryption message , and the random number used to generate the one-time proxy key . The output is the plaintext .
5. Construction
- System Setup:
- 2.
- Key Generation:
- 3.
- First Stage of Encryption:
- Access Policy Setup: An access policy is established, and a polynomial is assigned to each node (including leaf nodes) in the tree. Starting from the root node , these polynomials are set in a top-down manner. The degree of each polynomial is defined as , where is the threshold value for node .
- Polynomial Definition: The value of the root node is initialised to a random number , so that . Additional points are then selected at random to fully define each polynomial within the tree. For non-root nodes , the value is set to . In the access policy , let represent the set of leaf nodes, denoted by .
- Ciphertext Generation: selects an encryption key and encrypts the plaintext , resulting in . Subsequently, it computes , hashes the and as , and calculates . The initial ciphertext is thus constructed as follows:
- Transmission to Compute Node: Finally, is transmitted to the in the group for the second stage of encryption.
- 4.
- Second Stage of Encryption:
- 5.
- Verification of Message Source
- 6.
- Proxy Key Generation:
- 7.
- First Stage of Decryption:
- If a node is a leaf node, its attribute is assigned as . If , meaning that the attribute satisfies access policy for that leaf node, the decryption is computed as follows:
- For a non-leaf node , the decryption of each child is computed recursively. For each child node , the function is called, and the result is stored as . Define as a subset of child nodes of size for which . If no such subset exists, set . If a valid subset is found, compute using the Lagrange interpolation method as follows:
- 8.
- Second Stage of Decryption:
6. Analysis of Schemes
6.1. Proof of Correctness
6.1.1. Verification of Message Source
6.1.2. Ciphertext for the Second Stage of Decryption
6.2. Security Analysis
- Data Confidentiality: Ensuring sensitive data remain secure, even if CNs attempt to extract information.
- Operational Integrity: Verifying the authenticity and correctness of CN operations without revealing critical private keys.
- Decentralisation: Reducing dependency on centralised authorities, such as a CA, thereby minimising single points of failure and enhancing system flexibility.
- If , then the tuple is set to , representing a valid DBDH instance.
- If , then the tuple is set to , where is a random element in .
- Setup
- 2.
- Phase 1
- 3.
- Challenge
- 4.
- Phase 2
- 5.
- Guess
7. Performance Analysis
7.1. Property Comparison
7.2. Efficiency Analysis
7.2.1. Theoretical Analysis
7.2.2. Simulation Experiments
8. Conclusions and Future Work
8.1. Quantum Threat Scenarios
- Short-Term (5 Years)
- 2.
- Mid-Term (5–10 Years)
- 3.
- Long-Term (10 Years+)
8.2. Transitioning Towards Post-Quantum Cryptography
8.3. Further Research Directions
8.4. Final Remarks
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Conflicts of Interest
References
- Ahsan, M.S.; Pathan, A.-S.K. A Comprehensive Survey on the Requirements, Applications, and Future Challenges for Access Control Models in IoT: The State of the Art. IoT 2025, 6, 9. [Google Scholar] [CrossRef]
- Zeng, F.; Pang, C.; Tang, H. Sensors on Internet of Things Systems for the Sustainable Development of Smart Cities: A Systematic Literature Review. Sensors 2024, 24, 2074. [Google Scholar] [CrossRef]
- Rao, P.M.; Pedada, S.; Jangirala, S.; Das, A.K.; Rodrigues, J.J.P.C. Role of IoT in the Ages of Digital to Smart Cities: Security Challenges and Countermeasures. IEEE Internet Things Mag. 2024, 7, 56–64. [Google Scholar] [CrossRef]
- Sasi, T.; Lashkari, A.H.; Lu, R.; Xiong, P.; Iqbal, S. A comprehensive survey on IoT attacks: Taxonomy, detection mechanisms and challenges. J. Inf. Intell. 2024, 2, 455–513. [Google Scholar] [CrossRef]
- Sun, P.; Shen, S.; Wan, Y.; Wu, Z.; Fang, Z.; Gao, X.Z. A Survey of IoT Privacy Security: Architecture, Technology, Challenges, and Trends. IEEE Internet Things J. 2024, 11, 34567–34591. [Google Scholar] [CrossRef]
- Popoola, O.; Rodrigues, M.; Marchang, J.; Shenfield, A.; Ikpehai, A.; Popoola, J. A critical literature review of security and privacy in smart home healthcare schemes adopting IoT & blockchain: Problems, challenges and solutions. Blockchain Res. Appl. 2024, 5, 100178. [Google Scholar] [CrossRef]
- Lee, T.D.; Lee, B.M.; Noh, W. Hierarchical Cloud Computing Architecture for Context-Aware IoT Services. IEEE Trans. Consum. Electron. 2018, 64, 222–230. [Google Scholar] [CrossRef]
- Saah, A.E.; Yee, J.-J.; Choi, J.-H. Securing Construction Workers’ Data Security and Privacy with Blockchain Technology. Appl. Sci. 2023, 13, 13339. [Google Scholar] [CrossRef]
- Okdem, S.; Okdem, S. Artificial Intelligence in Cybersecurity: A Review and a Case Study. Appl. Sci. 2024, 14, 10487. [Google Scholar] [CrossRef]
- Chaira, M.; Aouag, S.; Cherroun, H.; Brik, B.; Rezgui, A. A decentralized blockchain-based authentication scheme for cross-communication in IoT networks. Clust. Comput. 2024, 27, 2505–2523. [Google Scholar] [CrossRef]
- Lanke, R.; Rahman, A.M.J.M.Z.; Bhardwaj, R.; Reddy, D.S.; Jain, P.; Mahesh, T.R. Cloud Cryptography: Mechanism of Different Encryption Standards. In Proceedings of the 2024 11th International Conference on Computing for Sustainable Global Development (INDIACom), New Delhi, India, 28 February–1 March 2024; pp. 356–360. [Google Scholar] [CrossRef]
- Henriques, M.S.; Vernekar, N.K. Using Symmetric and Asymmetric Cryptography to Secure Communication Between Devices in IoT. In Proceedings of the 2017 International Conference on IoT and Application (ICIOT), Nagapattinam, India, 19–20 May 2017; pp. 1–4. [Google Scholar] [CrossRef]
- Goyal, V.; Pandey, O.; Sahai, A.; Waters, B. Attribute-Based Encryption for Fine-Grained Access Control of Encrypted data. In Proceedings of the 13th ACM Conference on Computer and Communications Security, Alexandria, VI, USA, 30 October–3 November 2006; pp. 89–98. [Google Scholar] [CrossRef]
- Bethencourt, J.; Sahai, A.; Waters, B. Ciphertext-Policy Attribute-Based Encryption. In Proceedings of the 2007 IEEE Symposium on Security and Privacy (SP’07), Berkeley, CA, USA, 20–23 May 2007; pp. 321–334. [Google Scholar] [CrossRef]
- Yang, G.; Peixuan, L.; Xin, Y.; He, Y.; Wang, C.; Chen, X. An efficient hierarchical attribute-based encryption scheme with cross-domain data sharing. Comput. Netw. 2024, 255, 110863. [Google Scholar] [CrossRef]
- Taha, M.B.; Khasawneh, F.A.; Quttoum, A.N.; Alshammari, M.; Alomari, Z. Outsourcing Attribute-Based Encryption to Enhance IoT Security and Performance. IEEE Access 2024, 12, 166800–166813. [Google Scholar] [CrossRef]
- Meriem, G.; Kerdoudi, M.L.; Bachir, A. Load-balanced attribute-based outsourced encryption for constrained IoT devices. Comput. Electr. Eng. 2024, 118, 109424. [Google Scholar] [CrossRef]
- Wang, S.; Wang, H.; Li, J.; Wang, H.; Chaudhry, J.; Alazab, M.; Song, H. A Fast CP-ABE System for Cyber-Physical Security and Privacy in Mobile Healthcare Network. IEEE Trans. Ind. Appl. 2020, 56, 4467–4477. [Google Scholar] [CrossRef]
- Sun, J.; Xiong, H.; Liu, X.; Zhang, Y.; Nie, X.; Deng, R.H. Lightweight and Privacy-Aware Fine-Grained Access Control for IoT-Oriented Smart Health. IEEE Internet Things J. 2020, 7, 6566–6575. [Google Scholar] [CrossRef]
- Saleem, J.; Raza, U.; Holderbaum, W. Transforming Industry 4.0 Security: Analysis of ABE and ABA Technologies. IECE Trans. Intell. Syst. 2024, 1, 127–144. [Google Scholar] [CrossRef]
- Das, S.; Namasudra, S. Multiauthority CP-ABE-based Access Control Model for IoT-enabled Healthcare Infrastructure. IEEE Trans. Ind. Inform. 2023, 19, 821–829. [Google Scholar] [CrossRef]
- Chen, N.; Li, J.; Zhang, Y.; Guo, Y. Efficient CP-ABE Scheme With Shared Decryption in Cloud Storage. IEEE Trans. Comput. 2022, 71, 175–184. [Google Scholar] [CrossRef]
- Zhao, C.; Xu, L.; Li, J.; Fang, H.; Zhang, Y. Toward Secure and Privacy-Preserving Cloud Data Sharing: Online/Offline Multiauthority CP-ABE With Hidden Policy. IEEE Syst. J. 2022, 16, 4804–4815. [Google Scholar] [CrossRef]
- Mendoza-Cardenas, F.; Leon-Aguilar, R.S.; Quiroz-Arroyo, J.L. CP-ABE Encryption over MQTT for an IoT System with Raspberry Pi. In Proceedings of the 2022 56th Annual Conference on Information Sciences and Systems (CISS), Princeton, NJ, USA, 9–11 March 2022; pp. 236–239. [Google Scholar] [CrossRef]
- Buccafurri, F.; Angelis, V.; Nardone, R. How can the holder trust the verifier? A CP-ABPRE-based solution to control the access to claims in a Self-Sovereign-Identity scenario. Blockchain Res. Appl. 2024, 5, 100196. [Google Scholar] [CrossRef]
- Yan, X.; Tu, S.; Alasmary, H.; Huang, F. Multiauthority Ciphertext Policy-Attribute-Based Encryption (MA-CP-ABE) with Revocation and Computation Outsourcing for Resource-Constraint Devices. Appl. Sci. 2023, 13, 11269. [Google Scholar] [CrossRef]
- Zhang, L.; Ou, Z.; Hu, C.; Kan, H.; Zhang, J. Data Sharing in the Metaverse With Key Abuse Resistance Based on Decentralized CP-ABE. IEEE Trans. Comput. 2025, 74, 901–914. [Google Scholar] [CrossRef]
- Zhang, J.; Gong, Q.; Wei, Z.; Wang, X.; Yan, X.; Zhang, X. Efficient Multi-Authority Attribute-Based Encryption with Policy Hiding and Updating. In Proceedings of the 2022 IEEE 10th International Conference on Computer Science and Network Technology (ICCSNT), Dalian, China, 22–23 October 2022; pp. 34–38. [Google Scholar] [CrossRef]
- Ali, M.; Sadeghi, M.R.; Liu, X. Lightweight Revocable Hierarchical Attribute-Based Encryption for Internet of Things. IEEE Access 2020, 8, 23951–23964. [Google Scholar] [CrossRef]
- Huang, Q.; Yang, Y.; Shi, Y. SmartVeh: Secure and Efficient Message Access Control and Authentication for Vehicular Cloud Computing. Sensors 2018, 18, 666. [Google Scholar] [CrossRef] [PubMed]
- Liu, Z.; Hu, C.; Ruan, C.; Zhang, L.; Hu, P.; Xiang, T. A Privacy-Preserving Matching Service Scheme for Power Data Trading. IEEE Internet Things J. 2024, 11, 32296–32309. [Google Scholar] [CrossRef]
- Guo, Z.; Wang, G.; Li, Y.; Ni, J.; Du, R.; Wang, M. Accountable Attribute-Based Data-Sharing Scheme Based on Blockchain for Vehicular Ad Hoc Network. IEEE Internet Things J. 2023, 10, 7011–7026. [Google Scholar] [CrossRef]
- Pedersen, T.P. A Threshold Cryptosystem without a Trusted Party. In Proceedings of the Advances in Cryptology—EUROCRYPT’91, Brighton, UK, 8–11 April 1991; pp. 522–526. [Google Scholar] [CrossRef]
- Shamir, A. How to share a secret. Commun. ACM 1979, 22, 612–613. [Google Scholar] [CrossRef]
- Khalid, M.; Awais, M.; Singh, N.; Khan, S.; Raza, M.; Malik, Q.B.; Imran, M. Autonomous Transportation in Emergency Healthcare Services: Framework, Challenges, and Future Work. IEEE Internet Things Mag. 2021, 4, 28–33. [Google Scholar] [CrossRef]
- Saleem, M.U.; Usman, M.R.; Usman, M.A.; Politis, C. Design, Deployment and Performance Evaluation of an IoT Based Smart Energy Management System for Demand Side Management in Smart Grid. IEEE Access 2022, 10, 15261–15278. [Google Scholar] [CrossRef]
- Gheorghiu, V.; Mosca, M. Quantum resource estimation for large scale quantum algorithms. Future Gener. Comput. Syst. 2025, 162, 16. [Google Scholar] [CrossRef]
- Alagic, G.; Cooper, D.; Dang, Q.; Dang, T.; Kelsey, J.M.; Lichtinger, J.; Liu, Y.-K.; Miller, C.A.; Moody, D.; Peralta, R.; et al. Status Report on the Third Round of the NIST Post-Quantum Cryptography Standardization Process; National Institute of Standards and Technology: Gaithersburg, MD, USA, 2022. [Google Scholar] [CrossRef]
- Mandal, S.; Anand, R.; Rahman, M.; Sarkar, S.; Isobe, T. Implementing Grover’s on AES-based AEAD schemes. Sci. Rep. 2024, 14, 21105. [Google Scholar] [CrossRef]
- Sahoo, A.; Indira Kumar, A.K.; Rajagopal, S.M. Comparative Study of Cryptographic Algorithms in Post Quantum Computing Landscape. In Proceedings of the 2024 5th International Conference on Data Intelligence and Cognitive Informatics (ICDICI), Tirunelveli, India, 18–20 November 2024; pp. 36–40. [Google Scholar] [CrossRef]
- Ricci, S.; Dobias, P.; Malina, L.; Hajny, J.; Jedlicka, P. Hybrid Keys in Practice: Combining Classical, Quantum and Post-Quantum Cryptography. IEEE Access 2024, 12, 23206–23219. [Google Scholar] [CrossRef]
- Hou, J.; Peng, C.; Tan, W. A lattice-based data sharing functional encryption scheme with HRA security for IoT. Expert. Syst. Appl. 2024, 254, 124355. [Google Scholar] [CrossRef]
- Cherkaoui Dekkaki, K.; Tasic, I.; Cano, M.-D. Exploring Post-Quantum Cryptography: Review and Directions for the Transition Process. Technologies 2024, 12, 241. [Google Scholar] [CrossRef]
- Moral, J.O.d.; iOlius, A.d.; Vidal, G.; Crespo, P.M.; Martinez, J.E. Cybersecurity in Critical Infrastructures: A Post-Quantum Cryptography Perspective. IEEE Internet Things J. 2024, 11, 30217–30244. [Google Scholar] [CrossRef]
- Alagic, G.; Bros, M.; Ciadoux, P.; Cooper, D.; Dang, Q.; Dang, T.; Kelsey, J.; Lichtinger, J.; Liu, Y.-K.; Miller, C.; et al. Status Report on the Fourth Round of the NIST Post-Quantum Cryptography Standardization Process; National Institute of Standards and Technology: Gaithersburg, MD, USA, 2025. [Google Scholar] [CrossRef]
- Hoque, S.; Aydeger, A.; Zeydan, E. Exploring Post Quantum Cryptography with Quantum Key Distribution for Sustainable Mobile Network Architecture Design. In Proceedings of the 4th Workshop on Performance and Energy Efficiency in Concurrent and Distributed Systems, Pisa, Italy, 3–4 June 2024; pp. 9–16. [Google Scholar] [CrossRef]
Notation | Description |
---|---|
Attribute authority | |
Compute node | |
Controller | |
A ciphertext generated by CR in the encryption phase | |
A ciphertext generated by CN in the encryption phase | |
Intermediate decryption message | |
Encrypting and decrypting data with an asymmetric key | |
Plaintext | |
An access tree | |
Public parameter | |
One-way hash function | |
Hash-based message authentication code | |
Transmitter and receiver, respectively |
Scheme | [18] | [29] | [30] | [31] | Ours |
---|---|---|---|---|---|
Outsourcing | ✔ | ✔ | ✔ | ✔ | ✔ |
Secure Key Distribution | ✘ | ✔ | ✔ | ✘ | ✔ |
Decentralisation | ✘ | ✘ | ✘ | ✘ | ✔ |
Multi-Authority | ✘ | ✔ | ✔ | ✘ | ✔ |
Scheme | [18] | [29] | [30] | [31] | Ours |
---|---|---|---|---|---|
Key Generation | |||||
Encryption | |||||
Outsourced Encryption | |||||
Proxy Key | - | - | |||
Outsourced Decryption | |||||
Decryption |
Operator | Hash | |||
---|---|---|---|---|
Execution Time | 21.752 ms | 13.006 ms | 1.088 ms | 7.82 ms |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2025 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Wu, C.-Y.; Huang, K.-H.; Hsu, C.-Y. A Decentralised Multi-Authority Attribute-Based Encryption for Secure and Scalable IoT Access Control. Appl. Sci. 2025, 15, 3890. https://doi.org/10.3390/app15073890
Wu C-Y, Huang K-H, Hsu C-Y. A Decentralised Multi-Authority Attribute-Based Encryption for Secure and Scalable IoT Access Control. Applied Sciences. 2025; 15(7):3890. https://doi.org/10.3390/app15073890
Chicago/Turabian StyleWu, Chung-Yen, Kuo-Hsuan Huang, and Chih-Yao Hsu. 2025. "A Decentralised Multi-Authority Attribute-Based Encryption for Secure and Scalable IoT Access Control" Applied Sciences 15, no. 7: 3890. https://doi.org/10.3390/app15073890
APA StyleWu, C.-Y., Huang, K.-H., & Hsu, C.-Y. (2025). A Decentralised Multi-Authority Attribute-Based Encryption for Secure and Scalable IoT Access Control. Applied Sciences, 15(7), 3890. https://doi.org/10.3390/app15073890