A Lightweight, Blockchain-Managed CP-ABE Scheme for Fine-Grained Access Control in the Automotive-Internet-of-Things (A-IoT)
DOI:
https://doi.org/10.63282/3050-922X.AECTIC-106Keywords:
Automotive IoT (A-IoT), Attribute-Based Encryption (ABE), Ciphertext-Policy (CP-ABE), Lightweight Cryptography, Elliptic Curve Cryptography (ECC), Blockchain, Decentralized Identifiers (DIDs), Verifiable Credentials (VCs), Access Control, V2XAbstract
The Automotive-Internet-of-Things (A-IoT) ecosystem produces large amounts of sensitive data from multiple stakeholders, leading to complex access control issues that traditional centralized systems cannot handle. This paper explores Lightweight Attribute-Based Encryption for Broadcast Cryptography (L-ABE-BC), a new, lightweight cryptographic system designed for precise access control in vehicles. Its architecture combines three main technologies: (1) a lightweight, pairing-free Ciphertext-Policy Attribute-Based Encryption (PF-CP-ABE) scheme using Elliptic Curve Cryptography (ECC) to reduce overhead on resource-limited ECUs; (2) an outsourced decryption process to reduce computational load on sensors; and (3) a permissioned blockchain that manages Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs), ensuring decentralized, auditable, and quick management of attributes and revocations. This integrated system enables secure, policy-based encryption directly at the source, offering a practical approach for scalable, decentralized trust within the Automotive Internet of Things (A-IoT) environment
References
[1] S. Jadhav and D. Kshirsagar, "A Survey on Security in Automotive Networks," 2018 Fourth International Conference on Computing Communication Control and Automation (ICCUBEA), Pune, India, 2018, pp. 1-6, doi: 10.1109/ICCUBEA.2018.8697772.
[2] V. Rishiwal, U. Agarwal, A. Alotaibi, S. Tanwar, P. Yadav and M. Yadav, "Exploring Secure V2X Communication Networks for Human-Centric Security and Privacy in Smart Cities," in IEEE Access, vol. 12, pp. 138763-138788, 2024, doi: 10.1109/ACCESS.2024.3467002.
[3] J. Bethencourt, A. Sahai and B. Waters, "Ciphertext-Policy Attribute-Based Encryption," 2007 IEEE Symposium on Security and Privacy (SP '07), Berkeley, CA, USA, 2007, pp. 321-334, doi: 10.1109/SP.2007.11.
[4] K. Sowjanya, M. Dasgupta, and S. Ray, "A lightweight key management scheme for key-escrow-free ECC-based CP-ABE for IoT healthcare systems," Journal of Systems Architecture, vol. 117, p. 102108, 2021. doi: 10.1016/j.sysarc.2021.102108.
[5] Y.-F. Tseng, "Cryptanalysis to Sowjanya et al.’s ABEs from ECC," in Proceedings of the International Conference on Advanced Information Networking and Applications, 2022. doi: 10.1007/978-3-031-05491-4_29
[6] U. Waheed, S. A. Khan, M. Masud, H. Jamshed, T. A. Jumani, and N. U. Rehman Malik, "Blockchain-Based, Dynamic Attribute-Based Access Control for Smart Home Energy Systems," Energies, vol. 18, no. 8, Apr. 2025. doi: 10.3390/en18081973
[7] R. Singh, D. Kukreja, and D. K. Sharma, "Blockchain-enabled access control to prevent cyber attacks in IoT: Systematic literature review," Frontiers in Big Data, vol. 5, p. 1081770, 2023. doi: 10.3389/fdata.2022.1081770
[8] B. Xie, P. Zhou, Y. Yi, and Y. Wang, "An Improved Multi-Authority Attribute Access Control Scheme Base on Blockchain and Elliptic Curve for Efficient and Secure Data Sharing," Electronics, vol. 12, no. 7, 2023. doi: 10.3390/electronics12071691
[9] C. Zhang, Z. Wang, L. Liu, G. Li, and H. Li, "A Decentralized Multi-authority Attribute-based Encryption Scheme via Blockchain for Smart Grid," in 2023 IEEE International Conference on Electrical, Automation and Computer Engineering (ICEACE), Changchun, China, 2023, pp. 269–274. doi: 10.1109/ICEACE60673.2023.10442268.
[10] E. Abdulrahman, S. Alshehri, A. Alzubaidy, and A. Cherif, "A Distributed Blockchain-based Access Control for the Internet of Things," arXiv preprint arXiv:2503.17873, Mar. 2025. [Online]. Available: https://arxiv.org/abs/2503.17873
[11] I. Bolychevsky, "Verifiable Credentials and Decentralised Identifiers: Technical Landscape," GS1, White Paper, Feb. 03, 2025. [Online]. Available: https://ref.gs1.org/docs/2025/VCs-and-DIDs-tech-landscape
[12] C. Mazzocca, A. Acar, S. Uluagac, R. Montanari, P. Bellavista, and M. Conti, "A Survey on Decentralized Identifiers and Verifiable Credentials," IEEE Communications Surveys & Tutorials, 2025. doi: 10.1109/COMST.2025.3543197.
[13] M. Bany Taha, C. Talhi, and H. Ould-Slimane, "Performance Evaluation of CP-ABE Schemes under Constrained Devices," Procedia Computer Science, vol. 155, pp. 425–432, 2019. doi: 10.1016/j.procs.2019.08.059.
[14] M. Sporny, D. Longley, and M. Sabadello, Eds., "Decentralized Identifiers (DIDs) v1.0," W3C Recommendation, Jul. 2022. [Online]. Available: https://www.w3.org/TR/did-core/
[15] M. Sporny, G. Cohen, and D. Longley, Eds., "Verifiable Credentials Data Model v1.1," W3C Recommendation, Mar. 2022. [Online]. Available: https://www.w3.org/TR/vc-data-model/
[16] A. Sahai and B. Waters, "Fuzzy identity-based encryption," in Advances in Cryptology–EUROCRYPT 2005 (LNCS 3494), R. Cramer, Ed. Berlin, Heidelberg: Springer, 2005, pp. 457–473. doi: 10.1007/11426639_27.
[17] S. Ding, C. Li, and H. Li, "A novel efficient pairing-free CP-ABE based on elliptic curve cryptography for IoT," IEEE Access, vol. 6, pp. 27336–27345, 2018. doi: 10.1109/ACCESS.2018.2836350
[18] X. Yao, Z. Chen, and W. Tian, "A lightweight attribute-based encryption scheme for the internet of things," Future Generation Computer Systems, vol. 49, pp. 104–112, Aug. 2015. doi: 10.1016/j.future.2014.10.010
[19] M. Green, S. Hohenberger, and B. Waters, "Outsourcing the decryption of ABE ciphertexts," in Proceedings of the 20th USENIX Security Symposium, San Francisco, CA, USA, Aug. 2011. [Online]. Available: https://www.usenix.org/conference/usenixsecurity11/outsourcing-decryption-abe-ciphertexts
[20] A. Reyna, C. Martín, J. Chen, E. Soler, and M. Díaz, "On blockchain and its integration with IoT. Challenges and opportunities," Future Generation Computer Systems, vol. 88, pp. 173–190, Nov. 2018. doi: 10.1016/j.future.2018.05.046.
