Vous êtes sur la page 1sur 7

Proceedings of International Conference on Advancements in Engineering and Technology

www.iaetsd.in

A FRAMEWORK FOR SECURE DATA


TRANSMISSION IN DEFENSE NETWORK
Dhivya.G1, Rajeswari.G2
1

Student: Sree Sowdambika College Of Engineering, Anna University


Guide: Sree Sowdambika College Of Engineering, Anna University
1
divya.jillu3@gmail.com
2
prajasri10@gmail.com
until the connection would be eventually established.DTN
ABSTRACT In many defense network,
introduced supply nodes where data are stored or
connections of wireless devices carried by soldiers may
replicated such that only authorized mobile nodes can
be
temporarily
disconnected
by
jamming,
access the necessary information quickly and efficiently.
environmental factors, and mobility, especially when
Many military applications require increased protection of
they operate in hostile environments. Disruptionconfidential data including access control methods that
tolerant network (DTN) technologies are becoming
are cryptographically enforced. In many cases, it is
successful solutions that allow nodes to communicate
desirable to provide differentiated access services such
with each other in these extreme networking
that data access policies are defined over exploiter
environments.DTN networks introduced supply nodes
attributes or roles, which are managed by the key sway.
where data are stored or replicated such that only
For example, in a disruption-tolerant military network, a
authorized mobile nodes can access the necessary
commander may store confidential information at a
information quickly and efficiently. In this proposed
supply node, which should be entered by the subscriber of
system, cipher-text policy attribute based encryption
Corps 1 who is participating in Region 2. In this case,
(CP-ABE) provides a scalable method of cipher data,
it is a reasonable assumption that multiple key sway are
such that the encryptor defines the attributes set that
likely to manage their own dynamic attributes for soldiers
the decryptor needs to possess in order to decrypt the
in their deployed regions or echelons, which could be
encoded text. This paper provides how the data are
frequently changed (e.g., the attribute representing the
transmitted in a very safety manner.
current location of moving soldiers). We refer to this
Keywords
wireless
devices,
communication,
DTN architecture where multiple sway issue and manage
authorized mobile nodes, attribute set
their own attribute keys independently as a decentralized
DTN.[10]
I. INTRODUCTION
Attribute based encryption [11]-[14] is a vision
A disruption-tolerant network (DTN) is a
of public key encryption that allows exploiters to encrypt
network designed so that temporary or intermittent
and decrypt messages based on exploiter attributes (e.g.,
transmission troubles, flaws and abnormalities have the
the attribute representing the current location of moving
least possible opposite crash. There are various features to
soldiers)[4],[8],[9]. In a typical execution, the length of
the strong scheme of a DTN, incorporating: 1. The use of
the encrypted text is proportional to the number of
fault-tolerant methods and technologies. 2. The quality of
attributes associated with it and the decryption time is
graceful degradation under adverse conditions or extreme
proportional to the number of attributes used during
traffic loads. 3. The ability to prevent or quickly recover
decryption.
from electronic attacks. 4. Ability to function with
However, the problem of applying the ABE to
minimal latency even when routes are ill-defined or
DTNs introduces several security and secrecy challenges.
unreliable.
Since some exploiters may change their associated
Mobile nodes in defense environs, such as a
attributes at some point (for example, motion in their
combat zone or a vicious area are likely to suffer from
area), or some unique keys might be compromised, key
intermittent network connectivity and frequent partitions.
revocation (or update) for each attribute is necessary in
Disruption-tolerant network (DTN) technologies are
order to make systems secure. However, this issue is even
becoming successful solutions that allow wireless devices
additional inconvenient, especially in ABE systems, since
carried by soldiers to communicate with each other and
each trait is conceivably shared by multiple exploiters
access the confidential information or command reliably
(henceforth, we refer to such a collection of exploiters as
by exploiting external supply nodes. Typically, when
a trait group). This points that revocation of any attributes
there is no end-to-end connection between a source and a
or any single exploiter in a trait group would affect the
target pair, the data from the origin node may need to wait
other exploiters in the group. For example, if an exploiter
in the intermediate nodes for a substantial amount of time
2

ISBN NO : 978 - 1502893314

International Association of Engineering and Technology for Skill Development


34

Proceedings of International Conference on Advancements in Engineering and Technology

joins or leaves a trait group, the associated attribute key


should be changed and redistributed to all the other
members in the same group for backward or forward
secrecy. It may result in neck of a bottle during rekeying
procedure or safety ignominy due to the windows of
vulnerability if the previous attribute key is not updated
immediately.
Another challenge is the key escrow problem. In
CP-ABE, the key authorization generates private keys of
exploiters by applying the sways master secret keys to
exploiters associated set of traits. The last challenge is
the coordination of attributes issued by different sway.
For example, suppose that traits role 1 and region 1
are managed by the sway A, and role 2 and region 2
are managed by the sway B. Then, it is impossible to
generate an access policy ((role 1 OR role 2) AND
(region 1 or region 2)) in the previous schemes
because the OR logic between attributes issued by
different sway cannot be implemented. This is due to the
fact that the different sway generate their own attribute
keys using their own independent and individual master
secret keys.

II. DISRUPTION TOLERENT NETWORK


Military applications in the DTN arena are
substantial, allowing the retrieval of critical information
in mobile battlefield scenarios using only intermittently
connected network communications. For these types of
applications, the delay tolerant protocol should transmit
data segments across multiple-hop networks that consist
of differing regional networks based on environmental
network parameters (latency, loss, BER). This essentially
implies that data from low-latency networks for which
TCP may be suitable must also be forward across the
long-haul interplanetary link. DTN achieves message
reliability via employing custody transfer. The concept of
custody transfer, where responsibility of some data
segment (bundle or bundle fragment), migrates with the
data segment as it progresses across a series of network
hops is a fundamental strategy such that reliable delivery
is accomplished on a hop-by-hop basis instead of an endto-end basis
DTN is a set of protocols that act together to
enable a standardized method of performing store and
forward communications.DTN operates in two basic
environments: low-propagation delay and highpropagation delay. In a low-propagation environment
such as may occur in near-planetary or planetary surface
environments, DTN bundle agents can utilize underlying
Internet protocols that negotiate connectivity in real-time.
In high-propagation delay environments such as deep
space, DTN bundle agents must use other methods, such
as some form of scheduling, to enable connectivity
between the two agents. The convergence layer protocols
provide the standard methods for transferring the bundles

ISBN NO : 978 - 1502893314

www.iaetsd.in

over various communications paths. The bundle agent


discovery protocols are the equivalent to dynamic routing
protocols in IP networks. To date, the location of bundle
agents, DTN agents, has been managed, analogous to
static routing in internet protocol (IP) networks.
The security protocols for DTN are important for
the bundle protocol. The stressed environment of the
underlying networks over which the bundle protocol will
operate makes it important that the DTN be protected
from unauthorized use, and this stressed environment
poses unique challenges on the mechanisms needed to
secure the bundle protocol. DTNs are likely to be
deployed in organizationally heterogeneous environments
where one does not control the entire network
infrastructure. Furthermore, DTNs may very likely be
deployed in environments where a portion of the network
might become compromised, posing the usual security
challenges related to confidentiality, integrity and
availability.
Fault-tolerant systems are designed so that if a
component fails or a network route becomes unusable, a
backup component, procedure or route can immediately
take its place without loss of service. At the software
level, an interface allows the administrator to
continuously monitor network traffic at multiple points
and locate problems immediately. In hardware, fault
tolerance is achieved by component and subsystem
redundancy.

III. RELATED WORK


There are two types of ABE are depending on
which of private keys or cipher texts that access policies
are associated with. In a key-policy attribute-based
encryption (KP-ABE) system, cipher texts are labelled by
the transmitter with a set of descriptive attributes, while
exploiter's private key is issued by the trusted attribute
sway captures a policy (also called the access structure)
that specifies which type of cipher texts the key can
decrypt. KP-ABE schemes are suitable for structured
organizations with rules about who may read particular
documents. Typical applications of KP-ABE include
secure forensic analysis and target broadcast. For
example, in a secure forensic analysis system, audit log
entries could be annotated with attributes such as the
name of the exploiter, the date and time of the exploiter
action, and the type of data modified or accessed by the
exploiter action. While a forensic analyst charged with
some investigation would be issued a private key that
associated with a particular access structure. The private
key would only open audit log records whose attributes
satisfied the access policy associated with the private
key[4], [7],[15].
In a cipher text-policy attribute-based encryption
(CP-ABE) system, when a transmitter encrypts a
message, they specify a specific access policy in terms of
the access structure over attributes in the cipher text,

International Association of Engineering and Technology for Skill Development


35

Proceedings of International Conference on Advancements in Engineering and Technology

www.iaetsd.in

stating what kind of receivers will be able to decrypt the


cipher text. Exploiters possess sets of attributes and obtain
corresponding secret attribute keys from the attribute
sway. Such an exploiter can decrypt a cipher text if
his/her attributes satisfy the access policy associated with
the cipher text. Thus, CP-ABE mechanism is conceptually
closer to traditional role-based access control method.
1) Attribute Revocation: Bethencourt et al. [10] and
Boldyreva et al. [10] first suggested key revocation
mechanisms in CP-ABE and KP-ABE, respectively. Their
solutions are to append to each attribute an expiration date
(or time) and distribute a new set of keys to valid
exploiters after the expiration. The periodic attribute
revocable ABE schemes [8][13],[16],[17] have two main
problems.
The first problem is the security degradation in
terms of the backward and forward secrecy. It is a
considerable scenario that exploiters such as soldiers may
change their attributes frequently, e.g., position or
location move when considering these as attributes [4],
[9]. Then, a exploiter who newly holds the attribute might
be able to access the previous data encrypted before he
obtains the attribute until the data is re-encrypted with the
newly updated attribute keys by periodic rekeying
(backward secrecy). The other is the scalability problem.
The key sway periodically announces a key update
material by unicast at each time-slot so that all of the nonrevoked exploiters can update their keys.
2) Key Escrow: Most of the existing ABE schemes are
constructed on the architecture where a single trusted
sway has the power to generate the whole private keys of
exploiters with its master secret information [11]. Thus,
the key escrow problem is inherently such that the key
sway can decrypt every cipher-text addressed to
exploiters in the system by generating their secret keys at
any time.
3) Decentralized ABE: Huang et al. [9] and Roy et al. [4]
proposed decentralized CP-ABE schemes on the multisway network environment. They achieved a combined
access policy over the attributes issued by different sway
by simply encrypting data multiple times. The main
disadvantages of this approach are efficiency and
expressiveness of access policy.

IV. DESIGN PRINCIPLES


In this section, we describe the DTN architecture
and define the security model.

ISBN NO : 978 - 1502893314

Fig. 1. Architecture
transmission in defense network

of

secure

data

A. System Description and Assumptions


Fig. 1 shows the layout of the DTN. As shown in
Fig. 1, the design consists of the following system
entities.
1) Key Sway: They are key generation centers that
generate public/secret guidelines for CP-ABE. The key
sway consists of a central domination and multiple local
domination. We assume that there are secure and reliable
transmission ducts between a central domination and each
local domination during the preliminary key conformation
and generation phase. Each local sway manages different
attributes and issues corresponding attribute keys to
exploiters. They grant different access entitlement to
individual exploiters based on the exploiters attributes.
The key sway is undertaking to be righteous-but-peculiar.
That is, they will honestly perform the assigned tasks in
the given order; however they would like to learn
information of encrypted contents as much as possible.
2) Supply node: This is an entity that supplies data from
transmitters and provide corresponding access to
exploiters. It may be dynamic or static [4], [5]. Similar to
the previous schemes, we also assume the supply node to
be semi-devoted, which is righteous-but-peculiar.
3) Transmitter: This is an entity that has the trusted
messages or data (e.g., a commander) and wishes to store
them into the exterior data supply node for ease of
apportioning or for trustworthy delivery to exploiters in
the extreme networking environs. A transmitter is credible
for describing (attribute based) access policy and
enforcing it on its own data by encrypting the information
under the policy before storing it to the supplied node.
4) Exploiter: This is a moving node that needs to gain
access the data stored at the supplied node (e.g., a
soldier). If an exploiter possesses a set of attributes
satisfying the access policy of the encrypted data defined
by the transmitter, and is not revoked in any of the
attributes, then he will be able to decrypt the cipher text
and obtain the data.
Since the key sway is semi-trusted, they should be
deterred from accessing plaintext of the data in the supply
node; meanwhile, they should be still able to issue secret
keys to exploiters. In order to realize this somewhat

International Association of Engineering and Technology for Skill Development


36

Proceedings of International Conference on Advancements in Engineering and Technology

contradictory requirement, the central sway and the local


sway engage in the arithmetic 2PC protocol with master
keys of their own and issue independent key components
to exploiters during the key issuing phase. The 2PC
protocol prevents them from knowing each others master
secrets so that none of them can generate the whole set of
secret keys of exploiters individually. Thus, we take an
assumption that the central sway does not collude with the
local sway (otherwise, they can guess the secret keys of
every exploiter by sharing their master secrets).
B. Security Requirements
1) Data confidentiality: Unauthorized exploiters who do
not have enough credentials satisfying the access policy
should be deterred from accessing the plain data in the
supply node. In addition, unauthorized access from the
supply node or key sway should also be prevented.
2) Collusion-resistance: If multiple exploiters collude,
they may be able to decrypt a cipher text by combining
their attributes even if each of the exploiters cannot
decrypt the cipher text alone. For example, suppose there
exist a exploiter with attributes {Battalion 1, Region
1} and another exploiter with attributes {Battalion 2,
Region 2}. They may succeed in decrypting a cipher
text encrypted under the access policy of (Battalion 1
AND Region 2), even if each of them cannot decrypt it
individually. We do not want these colluders to be able to
decrypt the secret information by combining their
attributes. We also consider a collusion attack among
curious local sway to derive exploiters keys.
3) Backward and forward Secrecy: In the context of
ABE, backward secrecy means that any exploiter who
comes to hold an attribute (that satisfies the access policy)
should be prevented from accessing the plaintext of the
previous data exchanged before he holds the attribute. On
the other hand, forward secrecy means that any exploiter
who drops an attribute should be prevented from
accessing the plaintext of the subsequent data exchanged
after he drops the attribute, unless the other valid
attributes that he is holding satisfy the access policy.

III. PRELIMINARIES
Cryptographic Background
We first provide a formal definition for access
structure recapitulating the definitions in [12] and [13].
Then, we will briefly review the necessary facts about the
bilinear map and its security assumption.
1) Access Structure: Let {P1,P2,,Pn} be a set of
parties. A collection is a subset of 2{P1, P2,.., Pn} is
monotone. An access structure (respectively, monotone
access structure) is a collection (respectively, monotone
collection)

of
nonempty
subsets
of
{P1,P2,,Pn}.The sets in are called the authorized
sets, and the sets not in are called the unauthorized sets.
2) Bilinear Pairings: Let G0 and G1 be a multiplicative

ISBN NO : 978 - 1502893314

www.iaetsd.in

cyclic group of prime order p. Let g be a generator of G0.


A map e: G0 * G1G1 is said to be bilinear.
3)Bilinear DiffieHellman Assumption: Using the
above notations, the Bilinear DiffieHellman (BDH)
problem is to compute e (g,g)abc G1 given a generator g
of G0 and elements ga, gb ,gc for a,b,c. An equivalent
formulation of the BDH problem is to compute e(A,B)c
given a generator g of G0, and elements A,B and gc in G0.

IV. CIPHER-TEXT POLICY


In this section, we provide a multisway CP-ABE
scheme for secure data transmission DTNs. Each local
sway issue partial personalized and attribute key
components to an exploiter by performing secure 2PC
protocol with the central sway. Each attribute key of an
exploiter can be updated individually and immediately.
Thus, the scalability and security can be enhanced in the
proposed scheme.
A. Access Tree
1) Description: Let be a tree representing an access
structure. Each non leaf node of the tree represents a
threshold gate. If
is the number of children of a
node x and k is its threshold value, then 0 kx numx.
Each leaf node x of the tree is described by an attribute
and a threshold value kx=1.
2) Satisfying an Access Tree: Let x be the sub tree of
rooted at the node x. If a set of attributes satisfies the
access Tree x, we denote it as x()=1.
B. Scheme Construction
Let G0 be a bilinear group of prime order , and let be a
generator of G0. Let e : G0 * G0G1 denote the bilinear
map. A security parameter k, will determine the size of
the groups.
1) System Setup: At the initial system setup phase, the
trusted initializer2 chooses a bilinear group G0 of prime
order with generator according to the security parameter.
It also chooses hash functions H:{0,1}* ->G0 from a
family of universal one-way hash functions. The public
parameter param is given by (G0,g,H).
Central Key Sway: CA chooses a random exponent
R *. The master public/private key pair is given by
(PK c = h K c= )
Local Key Sway: Each Ai chooses a random exponent
R *P. The master public/private key pair is given by
(PK i = e(gg) K i= )
2) Key Generation: In CP-ABE, exploiter secret key
components consist of a single personalized key and
multiple attribute keys. The personalized key is uniquely
determined for each exploiter to prevent collusion attack
among exploiters with different attributes. The proposed
key generation protocol is composed of the personal key
generation followed by the attribute key generation
protocols. It exploits arithmetic secure 2PC protocol to
eliminate the key escrow problem such that none of the

International Association of Engineering and Technology for Skill Development


37

Proceedings of International Conference on Advancements in Engineering and Technology

sway can determine the whole key components of


exploiters individually.
During the key generation phase using the 2PC
protocol, the proposed scheme (especially 2PC protocol)
requires (3m + 1)C0 messages additively to the key
issuing overhead in the previous multisway ABE schemes
in terms of the communication cost, where m is the
number of key sway the exploiter is associated with, and
C0 is the bit size of an element in G0. However, it is
important to note that the 2PC protocol is done only once
during the initial key generation phase for each exploiter.
Therefore, it is negligible compared to the communication
overhead for encryption or key update, which could be
much more frequently performed in the networks.
C. Revocation
We observed that it is impossible to revoke
specific attribute keys of a exploiter without rekeying the
whole set of key components of the exploiter in ABE key
structure since the whole key set of a exploiter is bound to
the same random value in order to prevent any collusion
attack. Therefore, revoking a single attribute in the system
requires all exploiters who share the attribute to update all
their key components even if the other attributes of them
are still valid. This seems very inefficient and may cause
severe overhead in terms of the computation and
communication cost, especially in large-scaled networks.
One promising way to immediately revoke an
attribute of specific exploiters is to re-encrypt the ciphertext with each attribute group key and selectively
distribute the attribute group key to authorized (nonrevoked) exploiters who are qualified with the attribute.
Before distributing the cipher-text, the supply node
receives a set of membership information for each
attribute group G that appears in the access tree of CT
from the corresponding sway and re-encrypts it as
follows.
Generates a header message where each contains
the encrypted attribute group keys , which could be only
decrypted by non revoked attribute group members. This
can be done by exploiting many previous stateful or
stateless group key handler schemes. We will adopt the
complete sub tree method, which requires each exploiter
to store additional key encryption keys (KEKs). The
header message would be at most sizes for each attribute
group, where and are the number of all exploiters in the
system and that of exploiters in the attribute group,
respectively.
D. Key Update
When a exploiter comes to hold or drop an
attribute, the corresponding key should be updated to
prevent the exploiter from accessing the previous or
subsequent encrypted data for backward or forward
secrecy, respectively. The key update procedure is
launched by sending a join or leave request for some

ISBN NO : 978 - 1502893314

www.iaetsd.in

attribute group from a exploiter who wants to hold or drop


the attribute to the corresponding sway. On receipt of the
membership change request for some attribute groups, it
notifies the supply node of the event. Without loss of
generality, suppose there is any membership change in Gi.

V. ANALYSIS
In this section, we first analyze and compare the
efficiency of the proposed scheme to the previous multisway CP-ABE schemes in theoretical aspects. Then, the
efficiency of the proposed scheme is demonstrated in the
network simulation in terms of the communication cost.
We also discuss its efficiency when implemented with
specific parameters and compare these results to those
obtained by the other schemes.
A. Efficiency
The logic expressiveness of access structure that
can be defined under different disjoint sets of attributes
(managed by different sway), key escrow, and revocation
granularity of each CP-ABE scheme. Here the logic can
be very expressive as in the single sway system like
BSW[13] such that the access policy can be expressed
with any monotone access structure under attributes of
any chosen set of sway; while HV[9] and RC[4] schemes
only allow the AND gate among the sets of attributes
managed by different sway. The revocation can be done
in an immediate way as opposed to BSW. Therefore,
attributes of exploiters can be revoked at any time even
before the expiration time that might be set to the
attribute.
B. Simulation
In this simulation, we consider DTN applications
using the Internet protected by the attribute-based
encryption. Network Simulator NS2 is a primer providing
materials for NS2 beginners, whether students, professors,
or researchers for understanding the architecture of
Network Simulator 2 (NS2) and for incorporating
simulation modules into NS2. The authors discuss the
simulation architecture and the key components of NS2
including simulation-related objects, network objects,
packet-related objects, and helper objects.
The NS2 modules included within are nodes,
links, Simple link objects, packets, agents, and
applications. Further, the book covers three helper
modules: timers, random number generators, and error
models. Also included are chapters on summary of
debugging, variable and packet tracing, result
compilation, and examples for extending NS2. Two
appendices provide the details of scripting language Tcl,
OTcl and AWK, as well object oriented programming
used extensively in NS2.

International Association of Engineering and Technology for Skill Development


38

Proceedings of International Conference on Advancements in Engineering and Technology

www.iaetsd.in

VI. SECURITY
In this section, we prove the security of our
scheme with regard to the security requirements

Fig. 2. Number of exploiters in an attribute group.


Fig. 2 represents the number of current exploiters and
revoked exploiters in an attribute group during 100 h.

Fig. 3. Communication cost in the multisway CP-ABE


systems.
Fig. 3 shows the total communication cost that the
transmitter or the supply node needs to send on a
membership change in each multi sway CP-ABE scheme.
It includes the cipher text and rekeying messages for nonrevoked exploiters. It is measured in bits. In this
simulation, the total number of exploiters in the network
is 10 000, and the number of attributes in the system is 30.
The number of the key sway is 10, and the average
number of attributes associated with a exploiters key is
10.
C. Implementation
Next, we analyze and measure the computation
cost for encrypting (by a transmitter) and decrypting (by
an exploiter) a data. We used a Type-A curve (in the
pairing-based cryptography (PBC) library providing
groups in which a bilinear map e : G0 * G0G1 is
defined. Although such curves provide good
computational efficiency (especially for pairing
computation), the same does not hold from the point of
view of the space required to represent group elements.
Indeed, each element of G0 needs 512 bits at an 80-bit
security level and 1536 bits when 128-bit of security

ISBN NO : 978 - 1502893314

A. Collusion Resistance
In CP-ABE, the secret sharing must be
embedded into the Cipher text instead to the private keys
of exploiters. Like the previous ABE schemes, the private
keys (SK) of exploiters are randomized with personalized
random values selected by the CA such that they cannot
be combined in this scheme.
Another collusion attack scenario is the collusion
between revoked exploiters in order to obtain the valid
attribute group keys for some attributes that they are not
authorized to have (e.g., due to revocation). The attribute
group key distribution protocol, which is a complete sub
tree method in the proposed scheme, is secure in terms of
the key indistinguishability. Thus, the colluding revoked
exploiters can by no means obtain any valid attribute
group keys for attributes that they are not authorized to
hold.
B. Data Confidentiality
In our trust model, the multiple key sway are no
longer fully trusted as well as the supply node even if they
are honest. Therefore, the plain data to be stored should
be kept secret from them as well as from unauthorized
exploiters. Data confidentiality on the stored data against
unauthorized exploiters can be trivially guaranteed. If the
set of attributes of an exploiter cannot satisfy the access
tree in the cipher text, he cannot recover the desired value
e (g, g)rs during the decryption process, where r is a
random value uniquely assigned to him.
Another attack on the stored data can be launched by
the supply node and the key sway. Since they cannot be
totally trusted, confidentiality for the stored data against
them is another essential security criteria for secure data
retrieval in DTNs. The local sway issue a set of attributes
keys for their managing attributes to an authenticated
exploiter, which are blinded by secret information that is
distributed to the exploiter from CA. They also issue the
exploiter a personalized, secret key by performing the
secure 2PC protocol with CA. The key generation
protocol discourages each party to obtain each others
master secret key and determine the secret key issued
from each other. Therefore, they could not have enough
information to determine the whole set of secret key of
the exploiter individually. Even if the supply node
manages the attribute group keys, it cannot decrypt any of
the nodes in the access tree in the cipher text. This is
because it is only authorized to re-encrypt the cipher text
with each attribute group key, but is not allowed to
decrypt it (that is, any of the key components of exploiters
are not given to the node). Therefore, data confidentiality

International Association of Engineering and Technology for Skill Development


39

Proceedings of International Conference on Advancements in Engineering and Technology

against the curious key sway and supply node is also


ensured.
C. Backward and Forward Secrecy
When an exploiter comes to hold a set of attributes
that satisfy the access policy in the cipher text at some
time instance, the corresponding attribute group keys are
updated and delivered to the valid attribute group
members securely (including the exploiter). In addition,
all of the components encrypted with a secret key in the
cipher text are re-encrypted by the supply node with a
random, and the cipher text components corresponding to
the attributes are also re-encrypted with the updated
attribute group keys. Even if the exploiter has stored in
the previous cipher text exchanged before he obtains the
attribute keys and the holding attributes satisfy the access
policy, he cannot decrypt the pervious cipher text.
On the other hand, when an exploiter comes to
drop a set of attributes that satisfy the access policy at
some time instance, the corresponding attribute group
keys are also updated and delivered to the valid attribute
group members securely (excluding the exploiter). Then,
all of the components encrypted with a secret key in the
cipher text are re encrypted by the supply node with a
random , and the cipher text components corresponding to
the attributes are also re-encrypted with the updated
attribute group keys. Then, the exploiter cannot decrypt
any nodes corresponding to the attributes after revocation
due to the blindness resulted from newly updated attribute
group keys. In addition, even if the exploiter has
recovered
e(g ,g)(1+.......+m)s before he was
revoked from the attribute groups and stored it, it will not
help to decrypt the subsequent cipher text e(g
,g)(1+.......+m)(s+s) re-encrypted with a new random .
Therefore, the forward secrecy of the stored data is
guaranteed in this scheme.

VII. CONCLUSION
DTN technologies are becoming successful
solutions in military applications that allow wireless
devices to communicate with each other and access the
confidential information reliably by exploiting external
supply nodes. CP-ABE is a scalable cryptographic
solution to the access control and secures data retrieval
issues. In this paper, we proposed an efficient and secure
data retrieval method using CP-ABE for decentralized
DTNs where multiple key sway manages their attributes
independently. The inherent key escrow problem is
resolved such that the confidentiality of the stored data is
guaranteed even under the hostile environment where key
sway might be compromised or not fully trusted. In
addition, the fine-grained key revocation can be done for
each attribute group. We demonstrate how to apply the
proposed mechanism to securely and efficiently manage
the confidential data distributed in the disruption-tolerant
defese network.

ISBN NO : 978 - 1502893314

www.iaetsd.in

REFERENCES
[1] J. Burgess, B. Gallagher, D. Jensen, and B. N. Levine,
Maxprop: Routing for vehicle-based disruption tolerant
networks, 2006,
[2] M. Chuah and P. Yang, Node density-based adaptive
routing scheme for disruption tolerant networks, 2006,.
[3] M. M. B. Tariq, M. Ammar, and E. Zequra, Mesage
ferry route design for sparse ad hoc networks with mobile
nodes, in Proc. ACM MobiHoc, 2006,.
[4] S. Roy andM. Chuah, Secure data retrieval based on
ciphertext policy attribute-based encryption (CP-ABE)
system for the DTNs, Lehigh CSE Tech. Rep., 2009.
[5] M. Chuah and P. Yang, Performance evaluation of
content-based information retrieval schemes for DTNs,
2007
[6] M. Kallahalla, E. Riedel, R. Swaminathan, Q. Wang,
and K. Fu, Plutus: Scalable secure file sharing on
untrusted storage, 2003
[7] L. Ibraimi, M. Petkovic, S. Nikova, P. Hartel, and W.
Jonker, Mediated ciphertext-policy attribute-based
encryption and its application, 2009.
[8] N. Chen, M. Gerla, D. Huang, and X. Hong, Secure,
selective group broadcast in vehicular networks using
dynamic attribute based encryption, 2010
[9] D. Huang and M. Verma, ASPE: Attribute-based
secure policy enforcement in vehicular ad hoc networks,
2009
[10] A. Lewko and B. Waters, Decentralizing attributebased encryption, Cryptology ePrint Archive: Rep.
2010/351, 2010
[11] A. Sahai and B. Waters, Fuzzy identity-based
encryption, in Proc. Eurocrypt, 2005
[12] V. Goyal, O. Pandey, A. Sahai, and B. Waters,
Attribute-based encryption for fine-grained access
control of encrypted data,2006
[13] J. Bethencourt, A. Sahai, and B. Waters,
Ciphertext-policy attributebased encryption, 2007,
[14] R. Ostrovsky, A. Sahai, and B. Waters, Attributebased encryption with non-monotonic access structures,
2007.
[15] S. Yu, C. Wang, K. Ren, and W. Lou, Attribute
based data sharing with attribute revocation, 2010, pp.
[16] A. Boldyreva, V. Goyal, and V. Kumar, Identitybased encryption with efficient revocation2008,
[17] M. Pirretti, P. Traynor, P. McDaniel, and B. Waters,
Secure attribute based systems, 2006

International Association of Engineering and Technology for Skill Development


40