Identity-based encryption with authorized equivalence test for cloud-assisted IoT

The rising popularity of cloud computing is now widely adopted by many industries including resource-restricted data owners, i.e., with the smart sensors in the Internet of things (IoT) to store their data in the cloud. Considering the untrusted nature of cloud server, the data collected by smart sensors should be encrypted before offloading them to the cloud. This unfortunately raises a concern on how to perform search functionality on encrypted data in the cloud. To tackle this challenge, an identity-based encryption scheme with authorized equivalence test (IBE-AET) is proposed in this paper to achieve simultaneously encryption and search functionality over outsourced data in cloud-assisted IoT. In IBE-AET, an authorized cloud server is allowed to carry out the equivalence test of two messages encrypted using the same identity as well as also those messages encrypted in different identities. In addition, the authorization mechanism in IBE-AET is versatile such that it enables a user to delegate the testing capability to the cloud server in a fine-grained manner. In the random oracle model, the proposed IBE-AET is formally proved to be equivalent to the bilinear Diffie-Hellman (BDH) assumption. The practicability of the suggested scheme is demonstrated by both the theoretic analysis and experiment simulation.