Trustworthy Users: Using IOTA and IPFS for Attribute Validation in CP-ABE and dCP-ABE Schemes

Attribute spoofing is a major security threat in information exchange solutions based on Ciphertext-Policy Attribute-Based-Encryption (CP-ABE) and distributed CP-ABE (dCP-ABE), which can compromise privacy and security. This threat occurs when an attacker forces the Attribute Authorities to generate...

Descripción completa

Detalles Bibliográficos
Autores: Mosteiro Sánchez, Aintzane, Barceló, Marc, Astorga Burgo, Jasone, Urbieta Aizpurua, Aitor
Tipo de recurso: artículo
Fecha de publicación:2023
País:España
Institución:Universidad del País Vasco
Repositorio:Addi. Archivo Digital para la Docencia y la Investigación
OAI Identifier:oai:addi.ehu.eus:10810/60966
Acceso en línea:http://hdl.handle.net/10810/60966
Access Level:acceso abierto
Palabra clave:CP-ABE
dCP-ABE
IOTA
IPFS
FIM
value chain
industry 4.0
id ES_2a5b2e4b2fc9d8fa01a6d4e1ac0ec3a3
oai_identifier_str oai:addi.ehu.eus:10810/60966
network_acronym_str ES
network_name_str España
repository_id_str
spelling Trustworthy Users: Using IOTA and IPFS for Attribute Validation in CP-ABE and dCP-ABE SchemesMosteiro Sánchez, AintzaneBarceló, MarcAstorga Burgo, JasoneUrbieta Aizpurua, AitorCP-ABEdCP-ABEIOTAIPFSFIMvalue chainindustry 4.0Attribute spoofing is a major security threat in information exchange solutions based on Ciphertext-Policy Attribute-Based-Encryption (CP-ABE) and distributed CP-ABE (dCP-ABE), which can compromise privacy and security. This threat occurs when an attacker forces the Attribute Authorities to generate keys for attributes they do not possess. This paper analyzes the threat of attribute spoofing and identifies the primary attack vectors, including direct interference with the Attribute Authority and compromise of the shared attribute storage database. The authors propose a solution based on IOTA, a DAG-type DLT, and Interplanetary File System (IPFS) to prevent attribute spoofing. The solution requires distributed attribute storage, validation, and user authentication to counteract the two attack vectors effectively. The proposed solution mitigates the consequences of attribute spoofing, including privilege escalation and reduction, acquisition of private keys, and cutoff of data access. The authors also evaluate their proposal through a value-chain use case and conclude that it effectively mitigates the consequences of attribute spoofing.This work has been financed by The European commission through the Horizon Europe program under the ZDZW project (grant agreement number 101057404).MDPI2023202320232023info:eu-repo/semantics/articleapplication/pdfhttp://hdl.handle.net/10810/60966reponame:Addi. Archivo Digital para la Docencia y la Investigacióninstname:Universidad del País VascoInglésinfo:eu-repo/grantAgreement/EC/H/101046364https://www.mdpi.com/2624-6511/6/2/44info:eu-repo/semantics/openAccesshttp://creativecommons.org/licenses/by/4.0/© 2023 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/ 4.0/).oai:addi.ehu.eus:10810/609662026-06-18T09:23:17Z
dc.title.none.fl_str_mv Trustworthy Users: Using IOTA and IPFS for Attribute Validation in CP-ABE and dCP-ABE Schemes
title Trustworthy Users: Using IOTA and IPFS for Attribute Validation in CP-ABE and dCP-ABE Schemes
spellingShingle Trustworthy Users: Using IOTA and IPFS for Attribute Validation in CP-ABE and dCP-ABE Schemes
Mosteiro Sánchez, Aintzane
CP-ABE
dCP-ABE
IOTA
IPFS
FIM
value chain
industry 4.0
title_short Trustworthy Users: Using IOTA and IPFS for Attribute Validation in CP-ABE and dCP-ABE Schemes
title_full Trustworthy Users: Using IOTA and IPFS for Attribute Validation in CP-ABE and dCP-ABE Schemes
title_fullStr Trustworthy Users: Using IOTA and IPFS for Attribute Validation in CP-ABE and dCP-ABE Schemes
title_full_unstemmed Trustworthy Users: Using IOTA and IPFS for Attribute Validation in CP-ABE and dCP-ABE Schemes
title_sort Trustworthy Users: Using IOTA and IPFS for Attribute Validation in CP-ABE and dCP-ABE Schemes
dc.creator.none.fl_str_mv Mosteiro Sánchez, Aintzane
Barceló, Marc
Astorga Burgo, Jasone
Urbieta Aizpurua, Aitor
author Mosteiro Sánchez, Aintzane
author_facet Mosteiro Sánchez, Aintzane
Barceló, Marc
Astorga Burgo, Jasone
Urbieta Aizpurua, Aitor
author_role author
author2 Barceló, Marc
Astorga Burgo, Jasone
Urbieta Aizpurua, Aitor
author2_role author
author
author
dc.subject.none.fl_str_mv CP-ABE
dCP-ABE
IOTA
IPFS
FIM
value chain
industry 4.0
topic CP-ABE
dCP-ABE
IOTA
IPFS
FIM
value chain
industry 4.0
description Attribute spoofing is a major security threat in information exchange solutions based on Ciphertext-Policy Attribute-Based-Encryption (CP-ABE) and distributed CP-ABE (dCP-ABE), which can compromise privacy and security. This threat occurs when an attacker forces the Attribute Authorities to generate keys for attributes they do not possess. This paper analyzes the threat of attribute spoofing and identifies the primary attack vectors, including direct interference with the Attribute Authority and compromise of the shared attribute storage database. The authors propose a solution based on IOTA, a DAG-type DLT, and Interplanetary File System (IPFS) to prevent attribute spoofing. The solution requires distributed attribute storage, validation, and user authentication to counteract the two attack vectors effectively. The proposed solution mitigates the consequences of attribute spoofing, including privilege escalation and reduction, acquisition of private keys, and cutoff of data access. The authors also evaluate their proposal through a value-chain use case and conclude that it effectively mitigates the consequences of attribute spoofing.
publishDate 2023
dc.date.none.fl_str_mv 2023
2023
2023
2023
dc.type.none.fl_str_mv info:eu-repo/semantics/article
format article
dc.identifier.none.fl_str_mv http://hdl.handle.net/10810/60966
url http://hdl.handle.net/10810/60966
dc.language.none.fl_str_mv Inglés
language_invalid_str_mv Inglés
dc.relation.none.fl_str_mv info:eu-repo/grantAgreement/EC/H/101046364
https://www.mdpi.com/2624-6511/6/2/44
dc.rights.none.fl_str_mv info:eu-repo/semantics/openAccess
http://creativecommons.org/licenses/by/4.0/
eu_rights_str_mv openAccess
rights_invalid_str_mv http://creativecommons.org/licenses/by/4.0/
dc.format.none.fl_str_mv application/pdf
dc.publisher.none.fl_str_mv MDPI
publisher.none.fl_str_mv MDPI
dc.source.none.fl_str_mv reponame:Addi. Archivo Digital para la Docencia y la Investigación
instname:Universidad del País Vasco
instname_str Universidad del País Vasco
reponame_str Addi. Archivo Digital para la Docencia y la Investigación
collection Addi. Archivo Digital para la Docencia y la Investigación
repository.name.fl_str_mv
repository.mail.fl_str_mv
_version_ 1869405063754022912
score 15,300719