Security-Enhanced Data Transmission With Fine-Grained and Flexible Revocation for DTWNs

Abstract

The diverse properties of wireless networks are fulfilled with the assistance of digital twin (DT), which utilizes a virtual model of the physical object (PO) to provide predictions and control decisions. However, the open wireless channels and key leakage of compromised entities (including DT and PO) pose significant security issues, highlighting the need for secure data transmission schemes. Meanwhile, it is impractical to directly apply the existing works and cryptographic primitives to DT-empowered wireless networks (DTWNs) due to the absence of a solution to capture the security requirements comprehensively. Moreover, the essential characteristics for protecting historical data cannot be met. Therefore, this paper proposes a security-enhanced data transmission scheme with fine-grained and flexible revocation by customizing a novel cryptographic primitive named forward-secure puncturable signed encryption (FS-PSE). Our scheme enables confidential data dissemination/acquisition between the physical and virtual space while ensuring authentication of the real-time information and feedback results. In addition, three revocation modes are defined. Based on these modes, the entities can flexibly revoke any decryption-&-signature, decryption, and signature capability in a fine-grained approach, thereby providing security protections for the historically transmitted data even though the entity is compromised. Moreover, our scheme is instantiated with a concrete FS-PSE construction and extended to support outsourced computing to improve efficiency. Finally, the formal security proof and performance evaluation demonstrate the security and practicality of our scheme.