Batch-based CP-ABE with attribute revocation mechanism for the Internet of Things

Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is an extremely powerful asymmetric encryption mechanism, it allows to achieve fine-grained access control. However, there is no solution to manage efficiently key/attribute revocation problem in CP-ABE scheme. Key revocation problem is very important in dynamic environment like Internet of Things (IoT), where billions of things are connected together and are cooperating without human intervention. Existing solutions are not efficient due to their overhead (traffic) and complexity (big access trees). Other solutions require the use of powerful semi-trusted proxies to re-encrypt data. The proposed solution in this paper called Batch-Based CP-ABE reduces the complexity and the overhead, and does not require extra nodes in the system. We propose to split time axis into intervals (time slots) and to send only the necessary key parts to allow refreshing the secrets keys. An analysis is conducted on the way to choose the best time slot duration in order to maximize system performances and minimize average waiting time.