Paper 2021/140

Practical and Scalable Access Control Mechanism for the Internet of Things

Clémentine Gritti, Emanuel Regnath, and Sebastian Steinhorst


Internet of Things (IoT) promises a strong world connecting digital and physical enviromments. Nevertheless, such a framework comes with huge security and privacy vulnerabilities, due to the heterogeneous nature of devices and of the diversity of their provenance. Other noticeable, technical challenges in IoT are brought with the constrained resources of devices, forcing to design protocol as lightweight as possible. In this paper, we present a new system with access control key updates and direct user revocation, that are beneficial features in IoT. Access control is done using Ciphertext-Policy Attribute-Based Encryption where attributes represent roles of devices within their networks. Moreover, we devise a novel approach, based on a binary tree, to append time credentials. This allows us to find an interesting trade-off between key update frequency and user revocation list length, as well as stressing time-sensitive data exchanged in IoT environments. The security of our scheme is proved under the Decisional Bilinear Diffie-Hellman Exponent assumption. Future work will focus on the implementation and analysis of our solution, in order to confirm that the latter is fully deployable in IoT networks.

Available format(s)
Cryptographic protocols
Publication info
Preprint. MINOR revision.
time-based key updateuser revocation
Contact author(s)
clementine gritti @ canterbury ac nz
2021-02-10: received
Short URL
Creative Commons Attribution


      author = {Clémentine Gritti and Emanuel Regnath and Sebastian Steinhorst},
      title = {Practical and Scalable Access Control Mechanism for the Internet of Things},
      howpublished = {Cryptology ePrint Archive, Paper 2021/140},
      year = {2021},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.