A Survey on Attribute-Based Encryption Schemes Suitable for the Internet of Things

The Internet of Things (IoT) is an information service paradigm based on the integration of smart objects, mobile devices, and computers via the Internet. IoT technologies are key enablers for a multitude of applications in diverse fields, such as digital health, smart city, industrial automation, and supply chain. This raises new security and privacy challenges that can be addressed by advanced cryptographic methods. One of the most prominent is Attribute-Based Encryption (ABE), which allows one to encrypt data while enforcing fine-grained access control on it. ABE is advantageous in many IoT applications since it allows data to be safely stored on untrusted storage, like third-party cloud servers, hackable publish-subscribe brokers, physically accessible sensors, etc. This paper surveys the ABE literature proposing schemes and solutions that are best suited for IoT applications. To do so, it first identifies three performance indicators that are key in IoT, namely the data producer CPU efficiency, the data producer bandwidth efficiency, and the key authority bandwidth efficiency. Then, it analyzes only those schemes that are promising from the point of view of one or more indicators and, therefore, more applicable in typical IoT applications. As a further contribution, this paper selects a subset of representative schemes and assesses their efficiency by thorough simulations. Such simulations show that no scheme excels in all three performance indicators at once, but some simultaneously perform well in two indicators.