Constant Size CP-ABE with Scalable Revocation for Resource-Constrained IoT Devices

Users can directly access and share information from portable devices such as a smartphone or an Internet of Things (IoT) device. However, to prevent them from becoming victims to launch cyber attacks, they must allow selective sharing based on roles of the users such as with the Ciphertext-Policy Attribute Encryption (CP-ABE) scheme. However, to match the resource constraints, the scheme must be efficient for storage. It must also protect the device from malicious users as well as allow uninterrupted access to valid users. This paper presents the CCA secure PROxy-based Scalable Revocation for Constant Cipher-text (C-PROSRCC) scheme, which provides scalable revocation for a constant ciphertext length CP-ABE scheme. The scheme has a constant number of pairings and computations. It can also revoke any number of users and does not require re-encryption or redistribution of keys. We have successfully implemented the C-PROSRCC scheme. The qualitative and quantitative comparison with related schemes indicates that C-PROSRCC performs better with acceptable overheads. C-PROSRCC is Chosen Ciphertext Attack (CCA) secure. We also present a case study to demonstrate the use of C-PROSRCC for mobile-based selective sharing of a family car.