Rang Zhou , Yongkang He , Wanpeng Li , Yanping Wang , Xiaojun Zhang
{"title":"Subversion-resistant public-key searchable encryption for data sharing in IIoT","authors":"Rang Zhou , Yongkang He , Wanpeng Li , Yanping Wang , Xiaojun Zhang","doi":"10.1016/j.sysarc.2025.103370","DOIUrl":null,"url":null,"abstract":"<div><div>The rapid growth of the Industrial Internet of Things (IIoT) has driven companies to leverage its potential for enhancing manufacturing efficiency, relying heavily on data analysis. This has led to the collection of vast IIoT data volumes, often stored securely on encrypted cloud servers. To facilitate streamlined data retrieval, keyword search technology is widely employed. Traditional keyword searchable schemes focus on ensuring keyword privacy within the trapdoor and index structures. However, advanced backdoor attacks have emerged as a significant threat. These attacks exploit hidden backdoors in software or hardware, allowing random number manipulation that undermines the security of existing keyword-searchable encryption scheme. To mitigate these attacks, we propose a novel subversion-resistant public-key searchable encryption scheme that incorporates cryptographic reverse firewalls (CRFs). In our scheme, we designed a trust zone to deploy these CRFs. Moreover, the CRFs in the trust zone is randomly chosen to re-randomize the trapdoor and index values, thereby enhancing security against backdoor attacks. Additionally, our scheme facilitates data sharing in the model of one-to-one sending and receiving between different users. Performance testing demonstrates that our scheme requires only lightweight operations for the ReTrapdoor and RePEKS algorithms, making it well-suited for deployment on resource-constrained IIoT devices.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"161 ","pages":"Article 103370"},"PeriodicalIF":3.7000,"publicationDate":"2025-02-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Systems Architecture","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1383762125000426","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
引用次数: 0
Abstract
The rapid growth of the Industrial Internet of Things (IIoT) has driven companies to leverage its potential for enhancing manufacturing efficiency, relying heavily on data analysis. This has led to the collection of vast IIoT data volumes, often stored securely on encrypted cloud servers. To facilitate streamlined data retrieval, keyword search technology is widely employed. Traditional keyword searchable schemes focus on ensuring keyword privacy within the trapdoor and index structures. However, advanced backdoor attacks have emerged as a significant threat. These attacks exploit hidden backdoors in software or hardware, allowing random number manipulation that undermines the security of existing keyword-searchable encryption scheme. To mitigate these attacks, we propose a novel subversion-resistant public-key searchable encryption scheme that incorporates cryptographic reverse firewalls (CRFs). In our scheme, we designed a trust zone to deploy these CRFs. Moreover, the CRFs in the trust zone is randomly chosen to re-randomize the trapdoor and index values, thereby enhancing security against backdoor attacks. Additionally, our scheme facilitates data sharing in the model of one-to-one sending and receiving between different users. Performance testing demonstrates that our scheme requires only lightweight operations for the ReTrapdoor and RePEKS algorithms, making it well-suited for deployment on resource-constrained IIoT devices.
期刊介绍:
The Journal of Systems Architecture: Embedded Software Design (JSA) is a journal covering all design and architectural aspects related to embedded systems and software. It ranges from the microarchitecture level via the system software level up to the application-specific architecture level. Aspects such as real-time systems, operating systems, FPGA programming, programming languages, communications (limited to analysis and the software stack), mobile systems, parallel and distributed architectures as well as additional subjects in the computer and system architecture area will fall within the scope of this journal. Technology will not be a main focus, but its use and relevance to particular designs will be. Case studies are welcome but must contribute more than just a design for a particular piece of software.
Design automation of such systems including methodologies, techniques and tools for their design as well as novel designs of software components fall within the scope of this journal. Novel applications that use embedded systems are also central in this journal. While hardware is not a part of this journal hardware/software co-design methods that consider interplay between software and hardware components with and emphasis on software are also relevant here.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
