Privacy and Security of Information Processing in Industrial Big Data and Internet of ThingsView this Special Issue
Research Article | Open Access
Yujiao Song, Hao Wang, Xiaochao Wei, Lei Wu, "Efficient Attribute-Based Encryption with Privacy-Preserving Key Generation and Its Application in Industrial Cloud", Security and Communication Networks, vol. 2019, Article ID 3249726, 9 pages, 2019. https://doi.org/10.1155/2019/3249726
Efficient Attribute-Based Encryption with Privacy-Preserving Key Generation and Its Application in Industrial Cloud
Due to the rapid development of new technologies such as cloud computing, Internet of Things (IoT), and mobile Internet, the data volumes are exploding. Particularly, in the industrial field, a large amount of data is generated every day. How to manage and use industrial Big Data primely is a thorny challenge for every industrial enterprise manager. As an emerging form of service, cloud computing technology provides a good solution. It receives more and more attention and support due to its flexible configuration, on-demand purchase, and easy maintenance. Using cloud technology, enterprises get rid of the heavy data management work and concentrate on their main business. Although cloud technology has many advantages, there are still many problems in terms of security and privacy. To protect the confidentiality of the data, the mainstream solution is encrypting data before uploading. In order to achieve flexible access control to encrypted data, attribute-based encryption (ABE) is an outstanding candidate. At present, more and more applications are using ABE to ensure data security. However, the privacy protection issues during the key generation phase are not considered in the current ABE systems. That is to say, the key generation center (KGC) knows both of attributes and corresponding keys of each user. This problem is especially serious in the industrial big data scenario, because it will cause great damage to the business secrets of industrial enterprises. In this paper, we design a new ABE scheme that protects user’s privacy during key issuing. In our new scheme, we separate the functionality of attribute auditing and key generating to ensure that the KGC cannot know user’s attributes and that the attribute auditing center (AAC) cannot obtain the user’s secret key. This is ideal for many privacy-sensitive scenarios, such as industrial big data scenario.
Due to the rapid development of new technologies such as cloud computing, Internet of Things (IoT), and mobile Internet, the data volumes are exploding, and we have truly entered the era of “Big Data.” Big Data technology has been focused and applied to almost every industry, retail, healthcare, financial services, government, and so on. Particularly, in the field of industrial production, a large amount of data is generated every day, and it includes business data from information systems, machine data from industrial IoT systems, and some other data from related websites, etc. For a manufacturing enterprise, Big Data can not only be used to improve the efficiency of the business, but more importantly change the manufacturing process and business model. Industrial Big Data is the core of intelligent manufacturing and industrial IoT and provides the most favorable support for the development of Industry 4.0. How to manage and use industrial Big Data efficiently is a great challenge for every enterprise manager.
Cloud computing technology can provide better solutions to the above challenge. Using cloud technology, enterprises get rid of the heavy data management work and concentrate on their main business. Nowadays, large cloud service providers, such as Amazon, Microsoft, IBM, etc., have launched industrial cloud platforms, and more and more industrial enterprises migrate their data to these platforms. However, hosting data to third-party platforms will create new problems, because the security and privacy of the data have to depend on the credibility of the third-party. For businesses, the biggest concern is the confidentiality of industrial data. The main solution to this problem is to use encrypting methods to protect data before uploading it. However, traditional symmetric and asymmetric encryption schemes are not appropriate for providing fine-grained access control. Therefore, the above problems have brought new challenges to data encryption, and numerous studies have focused on these issues [1–3].
Among various solutions, attribute-based encryption (ABE) [4, 5] has become an excellent candidate because of its ability to provide data confidentiality and fine-grained access control for cloud storage. Currently, more and more industrial enterprises are using ABE. In an industrial alliance, enterprises can share encrypted data based on the attributes. Only those enterprises whose attributes meet the access policy can decrypt the encrypted data. Although much research has been done on ABE [6–8], there are still some problems that have not been solved well. The current ABE systems do not consider privacy protection during the key generation phase. That is to say, the key generation center (KGC) knows the attributes and corresponding keys of each user in this system. This causes great damage to the user’s privacy and data confidentiality. Particularly, in the application scenarios of industrial big data, the attributes of enterprise users may be related to the business secrets of enterprises.
1.1. Our Contribution
In order to solve the privacy protection problem in key generation phase, we propose a new ABE system, in which we separate the functionality of attribute auditing and key extracting to ensure that the KGC does not know the specific attributes of the user and that the attribute auditing center (AAC) does not obtain the user’s key. In this system, when user applies its private key, it authenticates its attributes to AAC first and gets a blind token, which only certificates its attributes blindly and reveals nothing about specific attributes. The user presents the blind token to the KGC to obtain the corresponding blind key, from which user can extract the final private key. During this process, no information about the user’s attributes is leaked to the KGC, and no information about the private key is leaked to the AAC. We implicitly use the oblivious transfer (OT) protocol to solve this problem. This protects the user’s privacy during key generation phase.
Our ABE is suitable for privacy sensitive scenarios. Particularly, in the encryption system of industrial cloud, the attributes often involve business secrets of industrial enterprises. KGC, as a technology department, should not know these types of secret information. Therefore, we expressly introduce an application of our new scheme in the industrial cloud.
1.2. Related Work
1.2.1. Attribute-Based Encryption
Attribute-based encryption is a one-to-many public key encryption. Only the user, whose attributes satisfy the access policy set by the encryptor, can decrypt the ciphertext. This concept originates from identity-based encryption . In 2005, Sahai and Waters  proposed the concept of fuzzy identity encryption, which became a precedent for attribute-based encryption. In 2006, Goyal et al.  first proposed the formal definition of attribute-based encryption (ABE), which classifies as key-policy ABE (KP-ABE) and ciphertext-policy ABE (CP-ABE). They also constructed the first KP-ABE scheme. In the next year, Bethencourt et al.  gave the CP-ABE construction for the first time. In a CP-ABE scheme, the encryptor sets an access policy in the ciphertext to determine which kind of users can decrypt the data. This is very consistent with the security requirements of cloud storage. In recent years, more and more researches focus on CP-ABE [11–13]. However, none of the aforementioned works deals with privacy protection problem in the key generation phase.
1.2.2. Oblivious Transfer
The concept of oblivious transfer (OT) is originally proposed by Rabin  in 1981, and then it became an important basic primitive in the field of cryptography. In an OT protocol, the sender delivers part of messages to the receiver and is still unaware of which parts (if any) are delivered. In other words, a secure OT protocol must satisfy two security features: the sender cannot obtain the selection information of the receiver; the receiver cannot obtain any information about other messages except for its choice.
In 1985, Even et al.  presented a specific 1-out-of-2 OT protocol , in which the sender has 2 values, and receiver only gets one of them. Then, Brassard et al.  extended to . In 1998, Stern  gave a generalized construction of OT protocol based on public key encryption. In 2001, Naor and Pinkas  gave a 2-round protocol based on Diffie-Hellman assumption without random oracle. In the same year, Aiello et al.  constructed a 2-round protocol based on homomorphic public-key encryption. In 2002, Tzeng  gave an protocol with better round complexity and better communication complexity. In 2003, Ishai et al.  proposed OT extension, from which a large number of OTs can be performed using only cheap symmetric-key operations. In the past decades, OT protocol has been fully studied and widely used [22–25].
In Section 2, we introduce the preliminaries of this paper. In Section 3, we introduce the concept of attribute-based encryption with privacy preserving key generation (PPKG-ABE) and its security definition. In Section 4, we propose a specific PPKG-ABE scheme and analyze its security in Section 5. In Section 6, we introduce the application of PPKG-ABE in industrial cloud environment for protecting the security of industrial Big Data.
In CP-ABE system, there are three types of entities, i.e., key generation center (KGC), encryptor, and decryptor. The KGC issues secret key according to users’ attributes. The encryptor encrypts the messages according to a designated access policy. The decryptor can decrypt the ciphertext successfully only if its attributes satisfy the corresponding access policy.
There are four algorithms in a CP-ABE scheme:
Setup: it takes security parameters as input and outputs public parameters and master secret key .
KeyGen: it takes public parameters , master secret key , and a set of attributes as input and outputs secret key corresponding to .
Encryption: it takes public parameters , access policy , and message as input and outputs the ciphertext .
Decryption: it takes public parameters , ciphertext , and secret key as input and outputs the message , if and only if the attributes satisfy the access policy ; i.e., .
2.2. Oblivious Transfer
The oblivious transfer (OT) protocol is a two-party computation protocol in which one party is the sender () and the other is the recipient (). The protocol ensures the following: sends a group of messages to . can get a subset of these messages, but does not know which messages that received.
In this paper, we draw on a classic protocol :
Party has two elements , of group and party has a bit . The descriptions of group are known to both parties, where and is a generator.
randomly chooses and sets as follows:
(a) If , then .
(b) If , then .
sends to .
receives . Then, checks . If not, it outputs , and aborts.
In addition, chooses randomly and computes the following 4 values:
Then, calculates and sends and to .
Finally, calculates and obtains .
2.3. Bilinear Maps
Let , , and be three order cyclic groups. The bilinear pairing operation is a bilinear map, , and satisfies the following properties:
, , , there is
, , can be computed in polynomial time
In this paper, we use asymmetric bilinear groups; that is, .
2.4. Security Assumption
Definition 1. Let , , and form bilinear groups, let be a generator of , and let be a generator of . For some unknown , define , and set . We say an algorithm solves -BDHE problem with advantage , if on input , where is a random element of .
The decision -BDHE assumption holds if is negligible for any polynomial algorithm.
3. Attribute-Based Encryption with Privacy Preserving Key Generation
In the key generation phase of traditional ABE, KGC always knows the attribute information of each user. This has greatly damaged the privacy of users. In order to solve this problem, we separate the two functions of attribute auditing and key extracting. We introduce an attribute audit center (AAC) in ABE system to authenticate the attributes of users and to make blind token for them. KGC, as a simple technical support institution, is only responsible for generating keys, but it does not know the corresponding attributes of these keys.
3.1. System Model
In the key generation phase (as shown in Figure 1), there are three types of entities: attribute audit center (AAC), key generation center (KGC), and data user. In this system, user submits its attributes and relevant evidence to AAC. The AAC audits the user’s attributes and returns a blind token with the signature of AAC to user. In practical applications, AAC is often carried out by the institutions that provide certification for user’s attributes, such as government offices, because they know the attributes of users themselves and do not cause extra leaks. In other words, the blind token is the evidence for users owning some attributes. This token does not reveal any information of user’s attributes and only ensures the authenticity. When user needs to obtain its attributes key, it will submit the blind token to KGC, which is a technical institution. The KGC first checks the legitimacy of the token; if the token is invalid, it aborts; otherwise, it runs the key generation algorithm on the token and returns a blind key. After user obtains the blind key, it extracts the secret key locally.
The specific process is as follows:
The user shows its attributes and relevant evidence to the attribute audit center (AAC).
The AAC audits the user’s attributes and returns a blind token to the user with its signature.
When a user needs to obtain its attributes key, it will submit its blind token to the key generation center (KGC). The KGC cannot get any information about the user’s attributes. It only can confirm that the user truly has related attributes.
The key generation center (KGC) first checks the legitimacy of the token, and if the signature is illegal, it aborts; otherwise, it runs the key generation algorithm and outputs a blind key.
The user receives the blind key from KGC and extracts the private key.
In detail, an attribute-based encryption with privacy preserving key generation scheme (PPKG-ABE) includes seven fundamental algorithms: Setup, UserTemKeyGen, BlindTokenGen, BlindKenGen, KeyExtra, Encrypt, and Decrypt. The specific algorithms are described as follows:
Setup() : the setup algorithm is run by KGC, it inputs security parameter , and it outputs public parameters and master secret key .
UserTemKeyGen(, ) , : the user’s temporary-key generation algorithm is run by user. It takes and security parameters as input and outputs user’s temporary public key and user’s temporary secret key .
BlindTokenGen(, , ) : the blind token generation algorithm is run by AAC. It takes , user’s attributes set , and user’s temporary public key as input and outputs a blind token for attributes set .
BlindKenGen(, , ): the blind key generation algorithm is run by KGC. It takes , master secret key , and user’s blind token as input and outputs blind secret key for attributes set .
KeyExtra(, ): the key extract algorithm is run by user locally. It takes blind secret key and user’s temporary secret key as input and outputs the final secret key for attributes set .
Encrypt(, , ): the encryption algorithm is run by encryptor. It takes , message , and access structure as input and outputs ciphertext .
Decrypt(, ): the decryption algorithm is run by decryptor. It takes ciphertext and secret key as input and outputs message , if .
We note, in PPKG-ABE scheme, that AAC is responsible for auditing user’s attributes and issuing blind token to user. The blind token includes a description of the authenticity of user’s attributes, along with the signature of AAC, and reveals on information about specific attributes.
3.3. Security Model
We define the security in two aspects: confidentiality and privacy. Specifically, in this security model, we do not allow AAC and KGC to collude.
We introduce the selective security model of choosing plaintext attacks for the PPKG-ABE scheme. The specific process is working between adversary and challenger :
Init. specifies an access structure for challenge.
Setup. calls the Setup algorithm and returns to .
Phase 2. queries secret key on any attributes set . returns the secret key for .
Challenge. submits two messages and , where . chooses randomly and encrypts under . Then, it returns to .
Phase 3. Repeats as Phase 2.
Guess. guesses for . The advantage for is defined as - .
Definition 4. The PPKG-ABE scheme is selectively IND-CPA secure if is negligible for any polynomial time adversaries.
We introduce a new security game for defining privacy. In this game, we define the following two oracles.
Blind Token Oracle : it takes attributes set as input and outputs corresponding blind token .
Blind Key Oracle : it takes blind token as input and outputs corresponding blind key .
The specific process is working between adversary and challenger :
Setup. calls the Setup algorithm and returns to .
Phase 5. queries blind token oracle and blind key oracle freely.
Challenge. submits two attributes sets and , where . chooses randomly and queries blind token oracle on input . It returns blind token to .
Phase 6. Repeats as Phase 5.
Guess. guesses for . The advantage for is defined as - .
Definition 7. The PPKG-ABE scheme is privacy-protected in key generation phase, if is negligible for any polynomial time adversaries.
4. A Specific PPKG-ABE Scheme
In this construction, the PPKG-ABE scheme is constructed on the basis of , which only supports AND gates. Suppose that the attribute universe is =, where each has values: “+” and “−”. The “+” denotes that user owns this attribute, while the “−” denotes that user does not own this attribute. The specific scheme is as follows:
Setup(, ): the setup algorithm is run by KGC. It takes security parameters and attribute universe as input, where . The algorithm first chooses order bilinear groups , , and , where is a generator of and is a generator of . Let be a cryptographic hash function; . For , it chooses , randomly and sets and . It outputs In general speaking, correspond to the positive attributes and correspond to the negative attributes.
UserTemKeyGen(, ): the user’s temporary-key generation algorithm is run by user. It takes public parameters and security parameters as input and chooses randomly for , as its temporary secret key . Then, it calculates the temporary public key .
BlindTokenGen(, , ): the blind token generation algorithm is run by AAC. It takes public parameters , user’s attributes set , and user’s temporary public key as input. expresses an attributes set, which includes signs, e.g., , where “+” indicates that the user owns this attribute and “−” indicates that the user does not own this attribute. It selects randomly and calculates , , and , for .
If the attribute “+”, then it sets , , , . Otherwise, the attribute “−” ∈, and it sets , , , .
Then, it runs standard signature algorithm on to get a signature and returns to user.
BlindKenGen(, , ): the user submits the token corresponding to attributes set to the KGC for applying secret key. KGC first checks that all , and that is legal. If not, it aborts outputting ; otherwise it randomly chooses for and calculates the following values:
Then, it randomly chooses for each user and calculates , for . It calculates , , for .
The blind secret key It returns to user.
KeyExtra(, ): the key extract algorithm is run by user.
For , if “+”, it sets , ; else if , it sets , and calculates
We note, in the above key issuing procedure, that KGC cannot obtain the specific attributes of user, and AAC cannot obtain the secret key.
Encrypt(, , ): it takes public key , AND gate structure , and message as input, where , for is the related attributes set, and ,. It chooses randomly and sets , where for each ,
Then, it computes .
The ciphertext is defined as .
Decrypt(, , ): if , the decryption algorithm computes , for related attributes set . Then, it computes the message
The correctness is guaranteed by
5. Proof of Security
Theorem 8. If the decisional BDHE assumption holds for bilinear groups , , and , our PPGK-ABE scheme is selectively IND-CPA secure.
Proof. If the adversary can win above security game with nonnegligible advantage, we can construct an algorithm to break the decision BDHE assumption. plays the security game with as follows:
Init. receives challenge gate from . We suppose , and .
Setup. chooses , , , randomly, for , .
For , computes public parameters as follows:
If , If , For , computes as follows:
If , If , For , computes
Phase 9. queries secret key on any attributes set ; therefore, , s.t. either for , or for . Suppose that . chooses randomly and computes .
For , computes .
For , is computed as follows:
If , calculate
If , calculate
If , calculate
(a) , if ;
(b) , if .
answers secret key query for :
Challenge. For , is calculated as follows:
submits and with . randomly chooses , and computes
If , is a valid ciphertext; else if is random, is independent of .
Guess. If outputs , guesses that . Otherwise, guesses that is random.
Therefore, can break the decisional BDHE assumption with nonnegligible advantage.
Theorem 10. If the DDH assumption holds in , our PPGK-ABE scheme is privacy preserving in key generation phase.
Proof. If DDH assumption holds in , no probabilistic polynomial-time adversary can distinguish following tuple: and , where is a generator of group , and are selected from randomly. Therefore, no probabilistic polynomial-time adversary can win the security game for privacy.
6. Application in Industrial Cloud
Nowadays, new technological revolution represented by Big Data, cloud computing, and Internet of Things is changing the traditional industrial manufacturing system [28, 29]. Industrial cloud provides more convenient and secure cooperation model for the industrial enterprises [30–32]. The ABE scheme has been gradually used in the industrial cloud environment. In these applications, the qualifications, patents, and procurement plans owned by an enterprise often represent its attributes. Using traditional ABE system, the enterprise has to disclose these attributes' information that may relate to business secret to the KGC for applying the corresponding private key. Our PPGK-ABE scheme can solve this problem correctly. In this section, we introduce how to deploy our scheme in the industrial cloud environment. Figure 2 shows the specific structure of the application using our PPGK-ABE scheme. It consists of the following entities:(i)Industry Enterprise: in this system, the role of industry enterprise is data user. They want to get useful information according to their business, but they do not want to reveal their attributes information that may relate to their business secret to KGC.(ii)Industry Alliance Manager: in this system, the role of the industry alliance manager is AAC, which issues blind token for the attributes of industry enterprises after reviewing the relevant evidence.(iii)KGC: its responsibility is to issue the corresponding key to the attributes of industry enterprises. In this system, KGC cannot get these attributes.(iv)Industrial Information Provider: in this system, industrial information providers are the members of the industrial alliance and include manufacturing enterprises, sales enterprises, logistics enterprises, scientific research institutions, consultant firms, and so on. They will use ABE scheme to share their encrypted data.(v)Industrial Cloud: industrial cloud serves as data storage center and data sharing center in this system. In order to protect security and privacy of industrial Big Data, the industrial information providers upload their data in encrypted form.
The specific workflow is as follows:(1)After checking the relevant evidence, the industry enterprise and the industry alliance manager run UserTemKeyGen and BlindTokenGen algorithms, respectively. The industry enterprise gets the blind token corresponding to its attributes.(2)When the industry enterprises need to ask for their attributes keys, they will submit their blind tokens to KGC. The KGC runs BlindKenGen algorithm and returns blind secret keys to the industry enterprises. In this process, the KGC cannot get any information about the enterprises’ attributes.(3)After receiving the blind secret keys, the industry enterprises run KeyExtra algorithm to obtain their own secret key. Even if the industry alliance manager knows the attributes of industry enterprises, it does not know the secret keys corresponding to these attributes.(4)The industrial information providers run Encrypt algorithm to encrypt the industrial data based on some access policies. Then, they share encrypted data on the cloud. Only the enterprises that meet the policies can access corresponding data.(5)The industry enterprises acquire encrypted data from the cloud and run Decrypt algorithm to get plaintext.
In the above application, industrial information providers can share industrial data according to enterprises’ attributes. Only the enterprises that meet the access policy are able to access data. Unlike traditional ABE solutions, in this application, the attributes information of enterprises will not be known by KGC. The business secret of enterprises is protected.
The data used to support the findings of this study are available from the corresponding author upon request.
Conflicts of Interest
The authors declare that they have no conflicts of interest.
This work is supported by the National Natural Science Foundation of China (No. 61602287, No. 61802235, No. 61672330, and No. 61702168), the Primary Research & Development Plan of Shandong Province (No. 2018GGX101037), and the Major Scientific and Technological Innovation Project of Shandong Province (No. 2018CXGC0702).
- F. Wang, J. Mickens, N. Zeldovich, and V. Vaikuntanathan, “Sieve: Cryptographically enforced access control for user data in untrusted clouds,” in Proceedings of the13th USENIX Symposium on Networked Systems Design and Implementation, (NSDI, '16), pp. 611–626, Santa Clara, Calif, USA, 2016.
- M. Zhang, Y. Zhang, Y. Jiang, and J. Shen, “Obfuscating eves algorithm and its application in fair electronic transactions in public clouds,” IEEE Systems Journal, pp. 1–9, 2019.
- X. Li, Y. Zhu, J. Wang, Z. Liu, Y. Liu, and M. Zhang, “On the soundness and security of privacy-preserving SVM for outsourcing data classification,” IEEE Transactions on Dependable and Secure Computing, vol. 15, no. 5, pp. 906–912, 2018.
- A. Sahai and B. Waters, “Fuzzy identity-based encryption,” in Proceedings of the 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Advances in Cryptology - EUROCRYPT '05, vol. 3494 of Lecture Notes in Computer Science, pp. 457–473, Springer, Aarhus, Denmark, 2005.
- V. Goyal, O. Pandey, A. Sahai, and B. Waters, “Attribute-based encryption for fine-grained access control of encrypted data,” in Proceedings of the 13th ACM Conference on Computer and Communications Security, (CCS '06), pp. 89–98, Alexandria, VA, USA, November 2006.
- A. Lewko, T. Okamoto, A. Sahai, K. Takashima, and B. Waters, “Fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption,” in Proceedings of the 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Advances in Cryptology - EUROCRYPT '10, vol. 6110 of Lecture Notes in Computer Science, pp. 62–91, Springer, Monaco, French Riviera, 2010.
- H. Wang, Z. Zheng, L. Wu, and D. He, “New large-universe multi-authority ciphertext-policy ABE scheme and its application in cloud storage systems,” Journal of High Speed Networks, vol. 22, no. 2, pp. 153–167, 2016.
- H. Wang, D. He, J. Shen, Z. Zheng, C. Zhao, and M. Zhao, “Verifiable outsourced ciphertext-policy attribute-based encryption in cloud computing,” Soft Computing, vol. 21, no. 24, pp. 7325–7335, 2017.
- A. Shamir, “Identity-based cryptosystems and signature schemes,” in Proceedings of the CRYPTO ’84 Advances in Cryptology, vol. 196 of Lecture Notes in Computer Science, pp. 47–53, Springer, Santa Barbara, Calif, USA, 1984.
- J. Bethencourt, A. Sahai, and B. Waters, “Ciphertext-policy attribute-based encryption,” in Proceedings of the IEEE Symposium on Security and Privacy (S&P '07), pp. 321–334, Oakland , Calif, USA, 2007.
- H. Wang, D. He, J. Shen, Z. Zheng, X. Yang, and M. H. Au, “Fuzzy matching and direct revocation: a new CP-ABE scheme from multilinear maps,” Soft Computing, vol. 22, no. 7, pp. 2267–2274, 2018.
- H. Wang and Y. Song, “Secure cloud-based EHR system using attribute-based cryptosystem and blockchain,” Journal of Medical Systems, vol. 42, no. 8, pp. 152:1–152:9, 2018.
- H. Wang, Z. Zheng, L. Wu, and P. Li, “New directly revocable attribute-based encryption scheme and its application in cloud storage environment,” Cluster Computing, vol. 20, no. 3, pp. 2385–2392, 2017.
- D. J. Lehmann and M. O. Rabin, “On the advantages of free choice: A symmetric and fully distributed solution to the dining philosophers problem,” in Proceedings of the Conference Record of the Eighth Annual ACM Symposium on Principles of Programming Languages, pp. 133–138, Williamsburg, Va, USA, January 1981.
- S. Even, O. Goldreich, and A. Lempel, “A randomized protocol for signing contracts,” Communications of the ACM, vol. 28, no. 6, pp. 637–647, 1985.
- G. Brassard, C. Crépeau, and J.-M. Robert, “All-or-nothing disclosure of secrets,” in Proceedings of the CRYPTO ’86 - Advances in Cryptology, vol. 263 of Lecture Notes in Comput. Sci., pp. 234–238, Springer, Santa Barbara, Calif, USA, 1986.
- J. P. Stern, “A new efficient all-or-nothing disclosure of secrets protocol,” in Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security, Advances in Cryptology - ASIACRYPT ’98, vol. 1514 of Lecture Notes in Computer Science, pp. 357–371, Springer, Beijing, China, 1998.
- M. Naor and B. Pinkas, “Efficient oblivious transfer protocols,” in Proceedings of the Twelfth Annual Symposium on Discrete Algorithms, pp. 448–457, SIAM, Washington, DC, USA, 2001.
- B. Aiello, Y. Ishai, and O. Reingold, “Priced oblivious transfer: How to sell digital goods,” in Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques, Advances in Cryptology - EUROCRYPT '01, vol. 2045 of Lecture Notes in Comput. Sci., pp. 119–135, Springer, Innsbruck, Austria, 2001.
- W.-G. Tzeng, “Efficient 1-out-of-n oblivious transfer schemes with universally usable parameters,” IEEE Transactions on Computers, vol. 53, no. 2, pp. 232–240, 2004.
- Y. Ishai, J. Kilian, K. Nissim, and E. Petrank, “Extending oblivious transfers efficiently,” in Proceedings of the 23rd Annual International Cryptology Conference-Advances in Cryptology - CRYPTO '03, vol. 2729, pp. 145–161, Springer, Santa Barbara, Calif, USA, 2003.
- H. Qin, H. Wang, X. Wei, L. Xue, and L. Wu, “Privacy-preserving wildcards pattern matching protocol for IoT applications,” IEEE Access, vol. 7, pp. 36094–36102, 2019.
- Q. Wang, L. Gao, H. Wang, and X. Wei, “Face detection for privacy protected images,” IEEE Access, vol. 7, pp. 3918–3927, 2019.
- H. Xia, J. Yu, C.-L. Tian, Z.-K. Pan, and E. Sha, “Light-weight trust-enhanced on-demand multi-path routing in mobile ad hoc networks,” Journal of Network and Computer Applications, vol. 62, pp. 112–127, 2016.
- H. Xia, J. Yu, Z.-K. Pan, X.-G. Cheng, and E. H.-M. Sha, “Applying trust enhancements to reactive routing protocols in mobile ad hoc networks,” Wireless Networks, vol. 22, no. 7, pp. 2239–2257, 2016.
- C. Hazay and Y. Lindell, Efficient Secure Two-Party Protocols, Information Security and Cryptography, Springer, Berlin, Germany, 2010.
- C. Chen, Z. Zhang, and D. Feng, “Efficient ciphertext policy attribute-based encryption with constant-size ciphertext and constant computation-cost,” in Proceedings of the 5th International Conferenceo on Provable Security, ProvSec '11, vol. 6980 of Lecture Notes in Computer Science, pp. 84–101, Springer, Xi’an, China, 2011.
- H. Xia, S. Zhang, B. Li, L. Li, and X. Cheng, “Towards a novel trust-based multicast routing for VANETs,” Security and Communication Networks, vol. 2018, Article ID 7608198, 12 pages, 2018.
- H. Xia, C. Hu, F. Xiao, X. Cheng, and Z. Pan, “An efficient social-like semantic-aware service discovery mechanism for large-scale Internet of Things,” Computer Networks, vol. 152, pp. 210–220, 2019.
- R. Chaudhary, G. S. Aujla, S. Garg, N. Kumar, and J. J. P. C. Rodrigues, “SDN-Enabled multi-attribute-based secure communication for smart grid in IIoT environment,” IEEE Transactions on Industrial Informatics, vol. 14, no. 6, pp. 2629–2640, 2018.
- M. Zhang, Y. Yao, Y. Jiang, B. Li, and C. Tang, “Accountable mobile E-commerce scheme in intelligent cloud system transactions,” Journal of Ambient Intelligence and Humanized Computing, vol. 9, no. 6, pp. 1889–1899, 2018.
- Z. Liu, X. Huang, Z. Hu, M. K. Khan, H. Seo, and L. Zhou, “On emerging family of elliptic curves to secure internet of things: ECC comes of age,” IEEE Transactions on Dependable and Secure Computing, vol. 14, no. 3, pp. 237–248, 2017.
Copyright © 2019 Yujiao Song et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.