Attribute-based Encryption (ABE) Foundations and Applications within Blockchain and Cloud Environments

Enables readers to understand applications of attribute-based encryption schemes in cloud computing with the support of blockchain technology

With a focus on blockchain technology, Attribute-based Encryption (ABE) provides insight into the application of attribute-based encryption (ABE) schemes with blockchain, discussing types of blockchains, fundamentals of blockchain, and how blockchains are constructed.

Comprised of 16 chapters, the text provides readers with an overview of the components that go into creating a dual ABE system of encryption proofs within the following: composite bilinear groups, dual pairing vector space framework, matrix pairing framework, framework for matrix pairing, and the application of cryptographic scheme on blockchain. The team of authors discuss the basic construction components of ABE and share the security models, including the selective and semi-adaptive security models, applying these to either prime order or composite order groups.

This book also discusses the tools used for converting a composite order ABE scheme to prime order and an adaptive secure ABE scheme based on prime order.

In Attribute-based Encryption (ABE), readers can expect to find information on:

• Mathematical background of ABE, covering group and cyclic group, elliptic curves, curve selection, supersingular curves, ordinary curves, and weil and tate pairing
• Basic construction components of ABE, covering access structure, monotone boolean formula, linear secret-sharing scheme, and ordered binary decision diagram
• Tools for converting composite order ABE schemes to prime order, covering security assumptions and conversion based on vectors for preliminaries, scheme construction, and security proof technique
• Foundations of blockchain technology, covering blocks, miners, hash functions, and public key cryptography

Attribute-based Encryption (ABE) is an essential resource for professionals working in the field of design and cybersecurity who wish to understand how to use blockchain and the ABE scheme to provide fine-grained access control in outsourced data on third-party cloud servers.

Qi Xia received her PhD in Computer Science from the University of Electronic Science and Technology of China in 2010.

Jianbin Gao received his PhD in Computer Science from the University of Electronic Science and Technology of China (UESTC) in 2012.

Isaac Amankona Obiri received his Master’s and PhD in Computer Science and Technology from the University of Electronic Science and Technology of China.

Kwame Omono Asamoah received his Master’s and PhD in Computer Science and Technology from the University of Electronic Science and Technology of China.

Worae Daniel Adu currently pursuing his Master’s degree in Computer Science and Technology at the University of Electronic Science and Technology of China.

About the Authors xiii

Preface xv

Acknowledgments xvii

Part I Attribute-Based Encryption (ABE) 1

1 Foundation of Attribute-Based Encryption 3

1.1 Introduction 3

1.1.1 Symmetric Encryption 4

1.1.2 Asymmetric Key Encryption 4

1.1.3 Identity-Based Encryption 5

1.2 Functional Encryption 7

1.2.1 Applications of Attribute-Based Encryption 8

1.2.2 Problems with Attribute-Based Encryption 9

1.2.3 A Brief History of Security Proof of Functional Encryption 9

1.2.4 Dual System of Encryption 10

1.2.5 Summary 11

References 12

2 Mathematical Background 15

2.1 Group Theory 15

2.1.1 Law of Composition 15

2.1.2 Groups 15

2.1.3 Subgroups 16

2.1.4 Homomorphisms 17

2.1.5 Cyclic Group 17

2.2 Ring Theory 20

2.2.1 Ideals and Quotient Rings 21

2.2.2 Euler’s Totient Function 22

2.2.3 Polynomial Rings 22

2.2.4 Irreducible and Monic Polynomials 22

2.2.5 Field Theory 23

2.2.5.1 Quotient Field 24

2.2.6 Field Characteristic 24

Trim Size: 7in x 10in Single Column Xia989356 ftoc.tex V1 - 06/28/2023 7:58pm Page vi

[1]

[1] [1]

[1]

vi Contents

2.2.7 Algebraic Extension Felds 24

2.3 Elliptic Curves 24

2.3.1 Plane Curve 24

2.3.2 Group Operations on Elliptic Curves 26

2.3.2.1 Point Addition 26

2.3.2.2 Point Doubling 27

2.4 Divisors and Bilinear Map 28

2.4.1 Divisors 28

2.4.2 The Degree and Support ofD 29

2.4.3 The Divisor of a Function f onE 29

2.4.4 Equivalence of Divisors 30

2.4.5 Bilinear Map 31

2.4.6 Weil Pairing 31

2.4.7 Miller’s Algorithm 32

2.4.8 The Tate Pairing 34

2.5 Summary 36

References 36

3 Attribute-Based Encryption 37

3.1 Introduction 37

3.2 Basic Components of ABE Construction 39

3.2.1 Secret-Sharing Schemes 39

3.2.2 Polynomial Interpolation 41

3.2.2.1 Polynomials Over the Reals 41

3.2.2.2 Polynomials ModulusP 44

3.2.3 Shamir Secret Sharing 45

3.2.4 Verifiable Secret Sharing (VSS) 47

3.2.4.1 Algorithm for Converting Access Structure Into LSSS Matrix 47

3.2.4.2 Access Structure Example 48

3.2.4.3 Algorithms in Attribute-Based Encryption 49

3.2.5 Properties of Attribute-Based Encryption 51

3.2.6 Prime Order Group 51

3.3 Cryptographic Hard Assumptions 51

3.3.1 Composite Order Bilinear Groups 54

3.3.2 Complexity Assumptions 55

3.4 Provable Security 56

3.5 Security Notions 57

3.5.1 Summary 57

References 58

4 Data Access Control 61

4.1 Introduction 61

4.1.1 Coarse-Grained 62

4.1.2 Fine-Grained Access Control 63

4.1.3 Importance of Fine-Grained Access Control 64

4.2 Concerns About Cloud-Based Access Control that Are Trustworthy 65

4.2.1 Encryption Access Control 65

Trim Size: 7in x 10in Single Column Xia989356 ftoc.tex V1 - 06/28/2023 7:58pm Page vii

[1]

[1] [1]

[1]

Contents vii

4.2.2 Requirements for Encryption-Based Access Control 67

4.3 Summary 67

References 67

5 Selective Secure ABE Schemes Based on Prime Order Group 69

5.1 Introduction 69

5.1.1 Selective Security Model for KP-ABE 70

5.1.2 Selective Security Model for CP-ABE 70

5.1.3 ABE Schemes 71

5.2 The KP-ABE Scheme 71

5.2.1 Concrete Scheme Construction 71

5.2.2 Security Proof 73

5.3 The CP-ABE Scheme 74

5.3.1 Concrete Scheme Construction 74

5.3.2 Security Proof 76

5.4 Summary 77

References 77

6 Fully Secure ABE Schemes Based on Composite and Prime Order Groups 79

6.1 Introduction 79

6.2 A Fully Secure CP-ABE from Composite Order Group 81

6.2.1 CP-ABE Construction 82

6.2.2 Adaptive Security Proof 83

6.2.2.1 Description of Hybrids 83

6.2.3 Security Proof 84

6.3 A Fully Secure KP-ABE Scheme Based on Dual Vector Space 84

6.3.1 KP-ABE Construction 85

6.3.2 Adaptive Security 87

6.3.3 Security Proof 88

6.4 KP-ABE Scheme Based on Matrix 89

6.4.1 The Scheme 89

6.4.2 Adaptive Security 90

6.4.3 Security Proof 91

6.5 Summary 91

References 92

Part II Concepts of Blockchain Technology 95

7 Blockchain Technology 97

7.1 Introduction 97

7.1.1 History 97

7.1.2 Preliminary Concepts of Blockchain Technology 98

7.1.3 Characteristics of Blockchain 100

7.1.4 Evolution and Types of Blockchain 104

7.1.4.1 The Blockchain 1.0 104

7.1.4.2 Blockchain 2.0 104

Trim Size: 7in x 10in Single Column Xia989356 ftoc.tex V1 - 06/28/2023 7:58pm Page viii

[1]

[1] [1]

[1]

viii Contents

7.1.4.3 Blockchain 3.0 105

7.1.5 Permissionless vs Permissioned Blockchains 105

7.1.6 Types of Blockchain 105

7.2 Architecture of Blockchain 106

7.2.1 Architecture of Blockchain 1.0 (Cryptocurrencies) 106

7.2.2 Block 106

7.2.3 Node 107

7.2.4 Types of Blockchain Nodes 107

7.2.5 Consensus 110

7.3 Architecture of Blockchain 2.0 (Smart Contracts) 110

7.3.1 Introduction to Smart Contracts 110

7.3.2 How Smart ContractsWork 111

7.3.3 Example of Smart Contract 111

7.3.4 Uses of Smart Contracts 111

7.3.5 Advantages of Smart Contracts 112

7.3.6 Limitations of Smart Contracts 112

7.4 Architecture of Blockchain 3.0 (Blockchain Applications) 113

7.4.1 Consensus Mechanism 113

7.5 Blockchain 4.0 118

7.5.1 Blockchain 4.0 Applications 119

7.5.2 Metaverse 119

7.5.3 Industrial Revolution 4.0 120

7.5.4 Blockchain 4.0 for Businesses 120

References 120

8 Scaling-Out Blockchains with Sharding 125

8.1 Introduction 125

8.1.1 Scalability Trilemma 126

8.1.2 Nakamoto-Based – Monoxide – Chu-ko-nu Mining 128

8.1.3 Elastico 128

8.1.4 OmniLedger 129

8.1.5 Rapid Chain 130

8.1.6 Learnings 131

8.1.7 General Improvements 132

8.1.7.1 Reducing Transaction Latency 133

8.1.7.2 Inter-Communication Protocol 133

8.1.7.3 Shards Ledger Pruning 134

8.1.7.4 Decentralized Bootstrapping 134

8.1.7.5 Securing the Epoch Reconfiguration 134

8.1.7.6 Sharded Smart Contract 135

8.1.7.7 Replay Attacks and Defenses Against Cross-Shard Protocols 135

8.2 Off-Chain Solution: Layer 2 Solutions 136

8.2.1 State Channels 136

8.2.2 Side Chains of the Plasma 138

8.2.3 Problems with Data Accessibility 139

8.3 Rollups 139

Trim Size: 7in x 10in Single Column Xia989356 ftoc.tex V1 - 06/28/2023 7:58pm Page ix

[1]

[1] [1]

[1]

Contents ix

8.3.1 Rollups Based on Zero Knowledge 140

8.3.2 Proofs of Zero-Knowledge 140

8.3.3 Protocol Schnorr 142

8.3.4 Protocol Pedersen 143

8.3.5 zk-SNARKs 144

8.4 Summary 144

References 145

Part III Applying Blockchain with Real-Time Technologies 147

9 Blockchain Technology for Supply Management 149

9.1 Introduction 149

9.1.1 System Design 153

9.1.2 System Architecture 153

9.1.3 Entities of the System 154

9.1.3.1 Users 154

9.1.4 Smart Contract Control 157

9.1.5 Blockchain Network 157

9.1.5.1 Processing Nodes 157

9.1.5.2 System Application Layer 158

9.1.5.3 Storage Infrastructure 158

9.1.6 System Decryption 158

9.1.7 Blocks 159

9.1.7.1 Block Design 160

9.2 System Flow 163

9.2.1 System Advantages 163

9.2.2 Conclusion 164

References 165

10 Satellite Communication 167

10.1 Introduction 167

10.1.1 Low-Orbit Constellation Communication Networks 169

10.1.2 Interstellar Link Length 171

10.1.3 Model of Satellite Motion 171

10.1.4 Edge Computing Technologies 172

10.2 Analysis of Edge Computing Requirements of Low-Orbit Constellation

Communication Networks 175

10.2.1 Design of Edge Computing Architecture for Low-Orbit Constellation Communication

Networks 175

10.2.2 Satellite 176

10.2.3 System Entities 180

10.2.4 System Process Flow 180

10.2.5 Security Properties 183

10.3 Summary 183

References 183

Trim Size: 7in x 10in Single Column Xia989356 ftoc.tex V1 - 06/28/2023 7:58pm Page x

[1]

[1] [1]

[1]

x Contents

11 Foundation of Information-Centric Communication 185

11.1 Introduction 185

11.2 Information-Centric Communication 185

11.3 Name-Based Routing of Content 187

11.4 Benefits of Using ICN 187

11.5 Cost-Efficient and Scalable Distribution of Content Design Principles 189

11.6 ICN Design Challenges 190

11.6.1 Content Naming 190

11.6.2 Caching of Content 191

11.6.3 Data Integrity 192

11.6.4 Resolution System’s Scalability and Name-Based Routing 192

References 193

12 Security Overall in Information-Centric Networks 195

12.1 Introduction 195

12.2 Content-Centric Network (CCN) Architecture 195

12.3 Naming System Design 197

12.4 Secure Naming Scheme for Information-Centric Networks 198

12.5 Data Transmission – Content Delivery 198

12.6 Traffic Load in Network Caching 199

12.6.1 Store Unique Naming of Content in Caches 200

12.6.2 Storage Limitation in Caching Space Devices 201

12.7 Content’s Freshness Detection 201

12.8 ICN Security 201

12.9 Attacks in ICN Architectures 202

12.10 ICN Attributes to Ensure Security Threats 204

12.11 Traffic Analysis and Prediction 204

12.12 Some Key Problem Statements 205

12.13 Blockchain-Based ICN Scheme Improvement 206

12.13.1 Protection Against DDos 206

12.14 A Secured Information-Centric Network Based on Blockchain 206

12.14.1 Blockchain-Based ICN Structure 207

12.14.1.1 Data Integrity 207

12.15 Attribute-Based Encryption Scheme for the Information-Centric Network 208

12.15.1 Applying Ciphertext-Policy ABE (CP-ABE) Scheme in ICN 209

12.15.2 System Design of CP-ABE Scheme in ICN 210

References 212

13 Subscriber Data Management System Based on Blockchain 215

13.1 Introduction 215

13.1.1 Motivation 216

13.1.2 Problem Statement 216

13.1.3 Contributions 216

13.2 Literature Review 217

13.3 System Design Description 217

13.3.1 Assumptions 217

Trim Size: 7in x 10in Single Column Xia989356 ftoc.tex V1 - 06/28/2023 7:58pm Page xi

[1]

[1] [1]

[1]

Contents xi

13.3.2 Ciphertext-Policy Attribute-Based Encryption (CP-ABE) 218

13.3.3 CP-ABE Construction 218

13.3.4 System Components 219

13.3.4.1 Data Subscribers (DSs) 219

13.3.4.2 Data Providers (DPs) 220

13.3.4.3 Key Generation and Distribution Center (KGDC) 220

13.3.4.4 IPFS Distributed Storage 220

13.3.4.5 Blockchain Platform 220

13.3.5 Process Description 222

13.3.5.1 Subscriber Registration 224

13.3.5.2 Subscriber Data Storage 224

13.3.5.3 Subscriber Data Request 224

13.3.6 Benefits of Proposed Design 225

13.3.7 Security Requirements 226

13.4 Summary 227

References 227

14 A Secure Data-Sharing Blockchain-Based Crowdfunding System 229

14.1 Introduction 229

14.2 Literature Review 231

14.2.1 Present-Day Centralized Crowdfunding 231

14.2.2 Crowdfunding Models 233

14.2.3 Problems of Traditional Crowdfunding 234

14.2.4 Blockchain-Based Crowdfunding 234

14.2.5 Advantages of Blockchain-Based Crowdfunding 235

14.3 Proposed System 236

14.3.1 System Model 236

14.3.1.1 Key Components 237

14.3.2 System Framework Overview 238

14.3.2.1 Application Layer 239

14.3.2.2 Blockchain Layer 239

14.3.2.3 Data Storage Layer 239

14.3.3 System Assumptions and Threat Model 240

14.3.4 Process Description 240

14.3.5 Smart Contract Interactions 241

14.3.5.1 User Registration Contract (URC) 241

14.3.5.2 User Verification Contract (UVC) 241

14.3.5.3 Project Data Access Contract (PDAC) 241

14.3.6 Concrete Implementation 241

14.3.6.1 User Register 242

14.3.6.2 Data Encrypt 242

14.3.6.3 Data Search 242

14.3.6.4 Fine-Grained Access Authorization 242

14.3.6.5 Data Decrypt 243

14.3.6.6 Transaction Confirmation 243

14.3.7 Security Requirements 243

14.3.7.1 Fine-Grained Access Control 243

14.3.7.2 Key Counterfeiting 243

14.3.7.3 Data Integrity 244

14.4 Summary 244

References 244

Index 247

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.