Lightweight Revocable Hierarchical Attribute-Based Encryption for Internet of Things

The Internet of Things (IoT) is an emerging technology that can benefit from cloud infrastructure. In a cloud-based IoT network, a variety of data is collected by smart devices and transmitted to a cloud server. However, since the data may contain sensitive information about individuals, providing confidentiality and access control is essential to protect the users' privacy. Attribute-based encryption (ABE) is a promising tool to provide these requirements. However, most of ABE schemes neither provide efficient encryption and decryption mechanisms nor offer flexible and efficient key delegation and user revocation approaches. In this paper, to address these issues, we propose a lightweight revocable hierarchical ABE (LW-RHABE) scheme. In our scheme, computation overhead on the user side is very efficient, and most of the computational operations are performed by the cloud server. Also, using the hierarchical model, our scheme offers flexible and scalable key delegation and user revocation mechanisms. Indeed, in our scheme, key delegation and user revocation associated with each attribute can be handled by several key authorities. We provide the security definition for LW-RHABE, and we prove its security in the standard model and under the hardness assumption of the decisional bilinear Diffie-Hellman (DBDH) problem.