Reusable attribute-based signature with attribute revocation and authenticated key agreement
In the pursuit of establishing a unified model for fine-grained access control and secure data communication within a distributed microservices architecture, a verifier-policy attributed-based signature (VP-ABS) scheme, augmented with attribute revocation and an authenticated key agreement protocol,...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
POSTS&TELECOM PRESS Co., LTD
2024-04-01
|
| Series: | 网络与信息安全学报 |
| Subjects: | |
| Online Access: | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2024023 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841529534587863040 |
|---|---|
| author | ZHANG Zhishuo YANG Huixi HUANG Wen LIAO Yongjian ZHOU Shijie |
| author_facet | ZHANG Zhishuo YANG Huixi HUANG Wen LIAO Yongjian ZHOU Shijie |
| author_sort | ZHANG Zhishuo |
| collection | DOAJ |
| description | In the pursuit of establishing a unified model for fine-grained access control and secure data communication within a distributed microservices architecture, a verifier-policy attributed-based signature (VP-ABS) scheme, augmented with attribute revocation and an authenticated key agreement protocol, was proposed. This scheme was underpinned by Type-3 pairing. In this scheme, signatures generated by signers were linked solely to a subset of the signer's attributes and were disassociated from the access policy. This decoupling allowed for the reusability of the signer's signature across multiple access policies. Additionally, an attribute-Hash filter algorithm was introduced to facilitate a direct attribute revocation mechanism within the proposed VP-ABS scheme. This mechanism was designed to prevent users from authenticating with expired attributes. To further secure data communication, a mutually authenticated key agreement protocol was also proposed. This protocol was secure within the framework of the extended Canetti-Krawczyk (eCK) model and was built upon the foundation of the VP-ABS scheme. A rigorous unforgeability proof for the VP-ABS scheme was provided. Ultimately, theoretical comparisons and simulation experiments conducted at a 128-bit advanced encryption standard (AES) security level demonstrated that the proposed attribute-based authentication and secure communication scheme outperforms other contemporary schemes in terms of efficiency. |
| format | Article |
| id | doaj-art-7a83a6b60cbb4a0c9253dff5fcc179ce |
| institution | Kabale University |
| issn | 2096-109X |
| language | English |
| publishDate | 2024-04-01 |
| publisher | POSTS&TELECOM PRESS Co., LTD |
| record_format | Article |
| series | 网络与信息安全学报 |
| spelling | doaj-art-7a83a6b60cbb4a0c9253dff5fcc179ce2025-01-15T03:17:08ZengPOSTS&TELECOM PRESS Co., LTD网络与信息安全学报2096-109X2024-04-0110819463897397Reusable attribute-based signature with attribute revocation and authenticated key agreementZHANG ZhishuoYANG HuixiHUANG WenLIAO YongjianZHOU ShijieIn the pursuit of establishing a unified model for fine-grained access control and secure data communication within a distributed microservices architecture, a verifier-policy attributed-based signature (VP-ABS) scheme, augmented with attribute revocation and an authenticated key agreement protocol, was proposed. This scheme was underpinned by Type-3 pairing. In this scheme, signatures generated by signers were linked solely to a subset of the signer's attributes and were disassociated from the access policy. This decoupling allowed for the reusability of the signer's signature across multiple access policies. Additionally, an attribute-Hash filter algorithm was introduced to facilitate a direct attribute revocation mechanism within the proposed VP-ABS scheme. This mechanism was designed to prevent users from authenticating with expired attributes. To further secure data communication, a mutually authenticated key agreement protocol was also proposed. This protocol was secure within the framework of the extended Canetti-Krawczyk (eCK) model and was built upon the foundation of the VP-ABS scheme. A rigorous unforgeability proof for the VP-ABS scheme was provided. Ultimately, theoretical comparisons and simulation experiments conducted at a 128-bit advanced encryption standard (AES) security level demonstrated that the proposed attribute-based authentication and secure communication scheme outperforms other contemporary schemes in terms of efficiency.http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2024023fine-grained access controlattributed Hash filterattributed direct revocationpolicy-decoupled attribute-based signaturemutually authenticated key agreement protocolexistentially unforgeable |
| spellingShingle | ZHANG Zhishuo YANG Huixi HUANG Wen LIAO Yongjian ZHOU Shijie Reusable attribute-based signature with attribute revocation and authenticated key agreement 网络与信息安全学报 fine-grained access control attributed Hash filter attributed direct revocation policy-decoupled attribute-based signature mutually authenticated key agreement protocol existentially unforgeable |
| title | Reusable attribute-based signature with attribute revocation and authenticated key agreement |
| title_full | Reusable attribute-based signature with attribute revocation and authenticated key agreement |
| title_fullStr | Reusable attribute-based signature with attribute revocation and authenticated key agreement |
| title_full_unstemmed | Reusable attribute-based signature with attribute revocation and authenticated key agreement |
| title_short | Reusable attribute-based signature with attribute revocation and authenticated key agreement |
| title_sort | reusable attribute based signature with attribute revocation and authenticated key agreement |
| topic | fine-grained access control attributed Hash filter attributed direct revocation policy-decoupled attribute-based signature mutually authenticated key agreement protocol existentially unforgeable |
| url | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2024023 |
| work_keys_str_mv | AT zhangzhishuo reusableattributebasedsignaturewithattributerevocationandauthenticatedkeyagreement AT yanghuixi reusableattributebasedsignaturewithattributerevocationandauthenticatedkeyagreement AT huangwen reusableattributebasedsignaturewithattributerevocationandauthenticatedkeyagreement AT liaoyongjian reusableattributebasedsignaturewithattributerevocationandauthenticatedkeyagreement AT zhoushijie reusableattributebasedsignaturewithattributerevocationandauthenticatedkeyagreement |