Cu-Mn composite oxides: Highly efficient and reusable acid-base catalysts for the carbonylation reaction of glycerol with urea

Article abstract of DOI:10.1039/c8cy02155d

A series of Cu-Mn composite oxides were prepared by co-precipitation. Interestingly, catalysts with varied Cu/Mn molar ratios showed different catalytic performances for glycerol carbonylation. The physicochemical properties of the catalysts are characterized by X-ray diffraction (XRD), X-ray photoelectron spectroscopy (XPS), scanning electron microscopy (SEM), transmission electron microscopy (TEM), Fourier transform infrared (FT-IR) spectroscopy, temperature-programmed desorption (TPD) of CO₂ and NH₃ and temperature-programmed reduction (H₂-TPR) technology. The results showed that the Cu_1.4Mn_1.6O₄ crystal phase is the active component of the catalysts for the carbonylation of glycerol, this phase can effectively provide Mn⁴⁺ and lattice oxygen (O^2-), and the existence of the Mn⁴⁺-O^2- Lewis acid-base pair can promote the formation of glycerol carbonate. Various reaction parameters, such as reaction temperature, time, the molar ratio of glycerol to urea and the amount of catalysts, are studied. Under optimizing reaction conditions, the conversion of glycerol is 91.0% with 99.1% glycerol carbonate selectivity.

Full text of DOI:10.1039/c8cy02155d

Milcom 2018 Track 3 - Cyber Security and Trusted Computing
Attribute Based Encryption for Information Sharing
on Tactical Mobile Networks
Jim Luo^∗, Qiuxiang Dong^], Dijiang Huang^], and Myong Kang^∗
]Arizona State University, Tempe, AZ 85281, US
Naval Research Lab, Washington DC, 20375, US
∗
{qiuxiang.dong, dijiang}@asu.edu
{jim.luo, myong.kang}@nrl.navy.mil
Abstract—Security and access control for data in transit information such as troop location, imagery, sensor readings
remains a challenge for the deployment of battlefield tactical
mobile networks (TMN). Attribute based encryption (ABE) is
a promising solution that inherently satisfies many of the security
and functional requirements of the military in this context.
We present a novel ABE cryptographic algorithm with added
and mission details can directly put lives in danger and turn
the tide of battle. Considering the value of the tactical network
traffic, near-peer adversaries will invest in the capabilities
to capture, analyze, and disseminate tactical information in
capabilities for revocation, delegation, and federation. It can serve real-time. Data-in-transit on the TMN must be encrypted and
as the foundation for a security infrastructure that allows effective
and efficient information sharing on the TMN.
Index Terms—Attribute-based Encryption, Tactical Mobile Net-
work, access control
protected. Access control is necessary to enforce need-to-
know, classification levels, least privilege, risk of disclosure,
etc. Mobile devices deployed to the battlefield are subject to
capture. Moreover, insider threats are ever-present. Involvement
of less trusted coalition forces, civilian contractors, and local
allies further aggravate the problem. All-or-nothing access
is unacceptable. Information needs to be shared widely for
everyone authorized that needs it, while also restricted as much
as possible such that the impact of compromise is minimized.
I. INTRODUCTION
Large-scale tactical mobile networks (TMN) will revolution-
ize the future battlefield. Consumer smartphones are portable
and cheap enough to equip every individual soldier. Infor-
mation sharing at the lowest echelon can provide seamless
communication and coordination for the fighting unit [1]–
[4].Tactical applications on mobile devices can enable new
capabilities for warfighting [5]. Pervasive sensor networks can
saturate the battlefield to provide unprecedented situational
awareness and make it available to individual soldiers [6],
[7]. Smart devices and IoT concepts can provide even more
capabilities [8], [9]. Autonomous systems for reconnaissance as
well as offensive capabilities can be controlled by smartphones
carried by individual soldiers [10]. In the future battlefield,
information power will be as potent as firepower.
Smartphones, mobile devices, and applications rely on con-
nectivity. The civilian cellular network model is incompatible
with military and battlefield requirements. Facing near-peer
adversaries, the network infrastructure will be the first target
destroyed at the start of any conflict. Even if cellular and
Wi-Fi technologies are deployed, the TMN must be able to
fall back to fully distributed operations. Communication and
coordination inside the fighting unit is a key mission of the
TMN. Individual endpoints should be able to self-organize and
fulfill this mission without relying on network infrastructure or
other potential single points of failure. The military is currently
investing in MANet [11] and tactical radio [12] technologies
that are fully distributed, self-organizing, and highly survivable.
A. Traditional Approaches for TMN Security
Security and access control in the civilian cellular network is
relatively simple. Communication between the edge nodes and
the cellular tower is encrypted. Network traffic is always routed
through the cell towers. Fine-grained access control is mediated
by the centralized trusted servers. Trust is also managed by
centralized servers on the network infrastructure. The need for
distributed network operations in the TMN precludes the use
of centralized access control points. Encryption, access control,
and trust all have to be implemented at the edge devices. There
are several approaches for accomplishing this in the tactical
context using traditional cryptographic techniques.
Virtual private network (VPN) overlay establishes point-
to-point encryption. This is the approach currently used for
MANets. However, it creates significant inefficiencies as the
size of the network increases. Much of the communication on
the TMN will be group-based. Tactical applications, such as
blue force tracking, send information to sizable community of
interest (COI). Point-to-point channels will require rebroad-
casts in the wireless medium and result in orders of magnitude
increase in bandwidth utilization and power consumption. Fre-
quent connection, disconnection and reconnection is the norm
in the tactical context. The overhead to simply coordinating
The particular challenge for the military is security of the and maintaining the VPN network itself will be significant.
TMN. Communications capabilities cannot be used if they There will also be significant overhead in terms of security
cannot be secured. Tactical information is indeed fleeting. management. Every data-sender will need to perform authenti-
However, it does not go stale quickly enough. Highly sensitive cation and authorization for every data-recipient, and every data
978-1-5386-7185-6/18/$31.00 ©2018 IEEE
960

Milcom 2018 Track 3 - Cyber Security and Trusted Computing
stream. This will quickly become untenable when thousands of for a group of recipients. Authentication and authorization is
endpoints and large number of applications are involved.
Using pre-shared keys would allow for secure-multicasting
and take advantage of the wireless medium. This is the ap-
proach currently used for tactical radios. Secret keys are coordi-
nated and distributed to the COI at manufacturing time or in the
base. Access control is performed in the key distribution pro-
cess by loading only the appropriate keys on devices. However,
this approach is only appropriate for coarse-grained, all-or-
nothing access control. There will be scalability problems with
respect to the complexity of the access control policies where
the number of pre-shared keys required grows exponentially
with the number of attributes taken into account. The ability to
segregate data becomes a choking point. Furthermore, with pre-
shared keys, there is no way to establish or revoke trust outside
the base. Devices captured by the enemy can compromise the
entire network. Friendly units can unexpectedly move into
the same area of operation and may not be able establish
communications. Hierarchical multicasting schemes [13] can
be used to manage trust. However, it does not address the
problem with fine-grained segregation of data.
embedded in the encryption and enforced by the recipient’s
ability to decrypt. It does not rely on management nodes in the
network. Access control policies are communicated in plain-
text, and can be changed on the fly by the data sender. Every
endpoint in the battlefield carries the secret keys necessary
to communicate with everyone else. There is no handshake
or overhead for connecting and disconnecting. Data senders
do not need to keep track of the data recipients, they simply
manage security at the access control policy level. Endpoints
captured by the enemy will only compromise the minimal
amount of data due to fine-grained access control. Revocation
of captured endpoints can be done efficiently without having
to rekey other endpoints. Revocation lists can be distributed
in plaintext to data senders. Adversaries that capture and
compromise multiple endpoints are not able to gain greater
access than the individual endpoints are entitled to. Endpoints
are able to encrypt data for an access policy, but should not be
able to decrypt. For example, sensor nodes are able to encrypt
data, but do not have to keys to decrypt data. Endpoints are
also able to decrypt data anonymously. For example, special
forces units should be able to access data they are entitled to
without having to authenticate with the data sender and reveal
their identity.
B. Military Requirements
The high-level requirements for secure information sharing
in TMN are simple. We need to send data to the devices that
are supposed to get it while keeping it away from others. The
characteristics of the TMN and the tactical environment create
specific security and functional requirements for the security
solution:
II. ATTRIBUTE BASED ENCRYPTION
Attribute Based Encryption (ABE) is a relatively new se-
curity primitive based on bilinear maps on elliptic curves
• Support large-scale dynamic tactical networks. Efficiently [14], [15]. It will provide revolutionary capabilities that are
hande connections and disconnections. Achieve scalability especially suited for information sharing on the TMN.
in terms of network size.
Identity and access privileges are defined using a set of
attributes, e.g. nationality, rank, unit, location, clearance level,
mission, etc. Attributes are assigned by trust authorities. A
single set of master public/private keys is used in the entire
security domain. In essence, the entire system is under the
same community of trust (COT) [16], [17]. Attribute private
keys are calculated from the master private key. They are
bound together with a personal identifier to prevent collusion.
Attribute public keys are calculated from the master public key
and they are the same for the entire domain. During encryption,
the sender creates an access policy tree using attribute public
keys and Boolean operators. Recipients will be able to decrypt
the messages if and only if they have the attribute private keys
to resolve the access policy tree. Since the attribute public keys,
and therefore the ciphertext, are the same for the entire domain,
the same encrypted message can be decrypted by multiple
recipients. There is no need to specify individual recipients or
perform handshakes. This bypasses much of the management
overhead in keeping track of recipients. The sender can simply
encrypt data according to the access policy, send it out to the
network, and all the recipients who can satisfy the policy will
be able to decrypt it. Different access policies can be attached
to individual datagrams and achieve unlimited granularity. This
• Support fine-grained access control. Segregate access for
COI and take into account large number of attributes.
Achieve scalability in terms of complexity of the access
control policy.
• Support unpredictable communication needs with the abil-
ity to establish trust in the field. The security layer should
not prevent communications that otherwise should be able
to take place.
• Support efficient group-based communications over the
wireless medium. Wireless signals can be received by
multiple recipients without additional cost to the sender.
The security layer should preserve this advantage.
• Support distributed operations when disconnected from
the network infrastructure. The security layer cannot rely
on centralized control nodes. Isolated units should be able
to communicate effectively in peer-to-peer mode.
• Asymmetry in sending and receiving data. Nodes with the
privilege to send data to a COI may not necessarily have
the privilege to receive data.
• Anonymity for recipients in the COI. Data senders should
not be able to enumerate and identify recipients for their
data.
We envision the TMN concept of operation to be where each is compatible with the Object Level Protection (OLP) concept
data sender encrypts each data packet or data stream seperately [18], and the data-centric security paradigm. The sender can
961

Milcom 2018 Track 3 - Cyber Security and Trusted Computing
also change the access policy dynamically without relying on A. Federated Setup and Key Generation
the central authority.
Assume there is a trusted coalition TC= {TC₁, · · · , TC_N }
The following is a summary of ABE characteristics that
make it especially well-suited for secure information sharing
on the military TMN:
• Connectionless operations. The secret share is universal
for the entire system and distributed at setup time. Senders
and recipients are automatically able to communicate
using their version of the secret share. There is no need
to coordinate secure connections. The scalability problem
is fully addressed.
(N is the number of members in TC) who will run the setup
protocol of the ABE scheme to generate their shares of the
master secret key and the public parameters and then generate
the system-wide master secret key and public parameters by
running a secure multiple party computation protocol.
• Policy-based encryption. This allows for fine-grained poli-
cies and cryptographic enforcement of access control. The
encryption and decryption costs increase linearly with the
complexity of the access control policy. There is no need
to resolve identities and perform authorization.
• Group-based communications. All recipients that satisfy
the access policy tree will be able to decrypt.
• Distributed operations. There is no need for centralized
coordination for security or control nodes to mediate ac-
cess. Access control is cryptographically enforced through
the ability to decrypt. Senders are free to setup and change
the access policy on the fly.
• Asymmetry between sender and recipients. Data senders
are not necessarily able to decrypt data for the community
of interest of intended recipients.
• Anonymity of the recipients. Policy-based encryption and
connectionless operations means the sender do not need
to be aware of who is receiving data.
Fig. 1 Federation Setup.
III. OUR CONTRIBUTIONS
A. Additional Capabilities for Military Requirements
1) Federation Setup: Each TC member performs computa-
tion and communication as described in Protocol 1. The master
secret key and public parameters are as follows
Basic ABE characteristics are inherently a nice fit for the
TMN. However, additional capabilities are needed to make it
a practical security infrastructure solution.
• Revocation: The ability to revoke access is critical for
public key infrastructures. Ideally, the revocation list
should be distributed in plaintext and data senders can
amend the access policy tree to remove access for those
users.
• Delegation: Delegation makes it much easier to manage
the security infrastructure by allowing for hierarchical
trust authorities that follow the organizational structure
of the military. It would also allow for forward-deployed
limited trust authorities that are necessary for dynamic
attributes such as location.
• Federated operations: Coalition operations are important
for modern warfare. Coalition partners should be able to
interoperate without having to share their root of trust.
Encryption can be performed such that attributes private
keys derived from different master private keys can be
used to decrypt.
MSK = (α, b, s)
−1
−1
ꢀ
ꢁ
2
2
PK = g, g^b, g^b , e(g, g)^α, {h^b , h^b }_x∈U , {g^bs , g
}
s
ID
ID
j
j
ID_j ∈RI
x
x
P
Q
P
N
N
N
i=1
where α =
_i=1 α_i, b =
_i=1 b_i, s =
s_i, s_ID
=
j
Q
N
_i=1 s_ij and RI denotes the set of identities of the root
authorities (or organizations).
2) Federated Key Generation: As shown in Protocol 2, the
trusted coalition members generate a private key SK for the
root authority of an organization ID with attributes U_ID
.
2
b
t
bs_ID
SK = (g^αg^{b t}, g^−t, (g^bs h_x) , g
, h_x, g^bt, h^t_x, h_x^bt, s_ID
)
,
ID
x∈U_ID
P
Q
Q
N
N
N
where t = _i=1 t_i, b = _i=1 b_i, s_ID = ID^s, s = _i=1 s_i
and x is in the set of attributes managed by organization ID.
With the private component s_ID, each root authority generates
private components for the domain authorities with the rule
IV. ALGORITHM CONSTRUCTION
−1
−1
s_parent
. g^bs
and g^s
are part of the
child
child
We developed a novel ABE algorithm that incorporates these s_child = (ID_child
)
capabilities.
system public parameters.
962

Milcom 2018 Track 3 - Cyber Security and Trusted Computing
b
t_(i+1)a
b
t_ia
bs_ja
t⁰
−t⁰
(g^bs h_x)
= (g^bs h_x) ·(g
·h^b_x) , g^−t(i+1)a = g^−t ·g
,
ja
ja
ia
0
0
(g^bs
h_x)
= (g^bt · g^bt
)
· h^b_x^t · h^b_x^t
,
b
t_(i+1)a
s_(i+1)a
ia
ia
(i+1)a
0
g^bs
= (g^b)^s
, g
= g^bt · g^bt
= h^b_x^t · (h^b_x)^t .
ia
,
bt_(i+1)a
ia
(i+1)a
(i+1)a
0
0
h_x^t
= h^t_x · h^t_x , h_x
ia
bt_(i+1)a
(i+1)a
Fig. 2 Federated Key Generation.
Fig. 4 External Key Generation Delegation.
2) Delegation-External: Protocol 4 is run by a domain
authority to generate a private key for a user. The components
in the private key of the domain authority are updated as
follows where t⁰ is a random integer.
−1
s⁻_ja¹t_u
⁻¹t_a
t⁰
2
2
2
0
g^αg^{b t} = g^αg^{b t} · (g^b )^t , g
= g^s
0
· (g^s ) ,
u
a
ja
ja
0
(g^bs h_x) = (g^bs h_x) · (g^bs · h^b_x)^t , g^−t = g^−t · g^−t
,
b
t_u
b t_a
ja
ja
ja
u
a
0
0
g^bt = g^bt · g^bt , h^t_x = h^t_x · h_x^t ,
u
a
u
a
C. Data Distribution and Access
Fig. 3 Internal Key Generation Delegation.
The revocation is enforced directly during the encryption
phase. The data owner would first construct an attribute-
based access policy tree and then kick out the undesired data
consumers by adding their identities into a revocation identity
set. Takeing as inputs of the access policy, revoked identity
set as well as the plaintext data, the encryption algorithm
outputs the ciphertext to be distributed. In this way, only data
consumers whose attributes satisfy the access policy and are
not revoked by the data owner can decrypt the ciphertext by
running the decryption algorithm described below.
1) Encrypt(PK, (M, ρ), M, ID): This is an algorithm
that revokes both multiple users and multiple domain au-
thorities. The Encrypt algorithm takes as inputs an access
infrastructure (M, ρ), where M is an l × n matrix and the
function ρ associates each row of M to corresponding at-
tributes. ID = ID_a ∪ ID_u and |ID_a| + |ID_u| = r_a + r_u = r.
Denote the set of revoked domain authority identities as ID_a =
B. Key Generation Delegation
At the inner-organization level, the hierarchical structure
reflects the internal organizations’ authority and responsibility.
For the internal nodes in an organizational structure, the key
generation delegation privilege of the parent domain authority
could be distributed to the child domain authority. For the
external nodes (individual users) in an organizational structure,
it is the internal nodes which are the parent of the external
nodes to generate the private key for them.
1) Delegation-Internal: Protocol 3 is run between a parent
domain authority ID_ia and a child domain authority ID_(i+1)a
to generate the private key for ID_(i+1)a based on that of the
parent domain authority on level i. ANC_a denotes the ancestor
nodes of a in the organization structure.
{(ID⁰_a,j, h_a,j)}
_]. The set of revoked user identities is
j∈[1,r_a
The components in the private key of the child domain
authority are updated in the following way. The integer t⁰ is a
random integer selected by the child authority.
denoted by ID_u = {(ID⁰_a,j, ID_u⁰ _,j, h_u,j)}
_], where ID⁰
u,j
j∈[1,r_u
is managed by domain authority ID⁰_a,j. The Encrypt algorithm
first chooses a random vector v = (s, y₂, · · · , y_n) ∈ Zⁿ_p . For
−1
−1
−1
s
ja
2
2
b² t⁰
t⁰
s_ja
t
t
g^αg^{b t}
= g^αg^{b t} ·(g ) , g
ia
= g^s
·(g ) , x ∈ [1, l], it calculates λ_x = v · M_x. The Encrypt algorithm
ia
(i+1)a
(i+1)a
ja
963

Milcom 2018 Track 3 - Cyber Security and Trusted Computing
chooses random s ∈ Z_p. The algorithm chooses random µ_a, µ_u E. Complexity Analysis
such that µ = µ_a + µ_u, and µ₁, · · · , µ_r , µ⁰₁, · · · , µ⁰ ∈ Z_p
a
r_u
The complexity analysis is summarized in Table I of the
designed scheme. There are four types of time-consuming
operations: pairing, exponentiation, multiplication and inver-
sion, included in the schemes. Among them, the pairing and
exponentiation operations are the dominant costs. Therefore,
we utilize the number of pairing and exponentiation operations
as metrics for computation complexity of each scheme. The
main storage overhead comes from the setup algorithm and
key generation algorithm. Since the setup of the master secret
key and system public parameters is performed by the Trust
Coalition, we show the computation complexity for each of
the TC members. Each member will perform one pairing and
2|RI| + |U| + 2| exponents. Since each member will send
the intermediate result to the next member, there will be
2|RI| + 2|U| + 3| elements transmitted from one member
to another. All the TC members will store both the public
parameters and the share of the master secret key. The total
storage complexity will be 2|U| + 2|RI| + 7.
such that µ_a = µ₁ + · · · + µ_r and µ_u = µ⁰₁ + · · · + µ⁰ . The
a
r_u
0
ˆ
ˆ
ˆ
ciphertext is CT = (C, C₀, C_a, C_u, C_a , ID), where
C = Me(g, g)^αsµ, C₀ = g^sµ
,
ꢀ
ꢁ
i∈I_nr
∗
⁻¹λ_ku⁰_j
λ_ku⁰_j
C_a = C_akj = g^bs
, C_a⁰ _k = (h^b_ρ(k)
)
ˆ
i
k∈[1,l],j∈[1,r_a
]
ꢂ
∗
_ku⁰_j
C_u = {C_ukj = g^bλ
}
,
ˆ
k∈[1,l],j∈[1,r_u
]
ꢃ
2
0
b
ρ(k)
λ_ku⁰_j
{C_ukj = (g^{b ·ID}
∗
h
)
}
u,j
k∈[1,l],j∈[1,r_u
]
ꢀ
ꢁ
⁻¹λ_kµ_j
λ_kµ_j
0
i∈I_nr
C_a = C_akj = g^bs
, C_a⁰ _kj = (h^b_ρ(k)
)
ˆ
i
k∈[1,l],j∈[1,r_a
]
2) Decrypt(CT, SK) : CT is the ciphertext with an access
structure and SK is a private key for a set S. Suppose that
S satisfies the access structure and let I ⊂ [1, l] be defined
as I = {i : ρ(i) ∈ S}. Let {ω_i ∈ Z_p}_i∈I be a set of
constants such that if {λ_i} are valid shares of any secret s
according to the access structure, then Σ_i∈Iω_iλ_i = s. For
the j^th revoked user identity, denote the identity of the non-
revoked domain authority administrating ID_u by ID_a,j, then
There are two types of key generation. Generating delegation
private keys for the domain authorities occures rarely and we
exclude it here. The computation complexity of each TC when
generating a private key is 2|U_ID| + 5, where |U_ID| is the
number of attributes of the root authority. We assume that the
height of the identity structure tree is 2, i.e., H = 1. The
complexity of generating a private key for a user is 2|U_ID |+4,
2
0
calculate e(g, g)^{b tsµ} as follows:
j

Y
1
0
[e(K_ρ(i)u, C_u^∗_ij) · e(L_u, C_u⁰ _ij)]^ω
)
⁾ , ID_u,j = ID_u,j
,
(ID −ID
i

u
j
(
i∈I
Q

[e(K_ρ⁰ _(i)aj, C_a^∗_ij) · e(L_aj, C_a⁰ _ij)]^ωi , ID_a,j = ID⁰_a,j
.
i∈I
(1)
2
where U_ID is the set of attributes assigned to the user.^u
Then we can get e(g, g)^{b tsµ} in the following way:
u
u
Y
2
2
0
One pairing computation is performed during the encryption.
The number of exponents is x((|I_nr| + 2)r_ul + r_u + 2) +
y((|I_nr| + 1)l + 2). If only multiple users are revoked then
x = 1, y = 0; if only multiple domain authorities are revoked
then x = 0, y = 1; if there are both multiple users and
multiple domain authorities revoked then x = 1, y = 1.
The communication complexity of the encryption algorithm
is x(2r_u + lr_u|I_nr| + 2lr_u) + y(r_g + l|I_nr|) + 2, where x and
y is the same as above. The computation cost of decryption
consists of 2|I|(r_u +1) pairings and x(|I|r_u)+y|I| exponents.
Fig. 5 shows the experimental performance evaluation of the
algorithms. The algorithms are implemented in C using PBC
library [19] on Ubuntu 14.04 operating system. We set the
number of revoked identities to 1 and evaluate the relationship
between the number of attributes and the computation time. We
are able to achieve reasonable computation time in the 100ms
order of magnitude for practical numbers of attributes. .
e(g, g)^{b tsµ}
=
e(g, g)^{b tsµ}
.
u
j
j∈[1,r_u
]
For the j^th revoked domain authority, denote the identity of
th
the domain authority on the h_j layer managing ID_u by ID_a,j
.
2
The decryption algorithm evaluates e(g, g)^{b tsu} as follows:
j
Y
2
e(g, g)^{b tsu}
=
[e(K_a⁰ _ρ(i)j, C_a^∗_ij) · e(L_aj, C_a⁰ _ij)]^ωi .
j
i∈I
2
Then we can get e(g, g)^{b tsµ} in the following way:
a
Y
2
2
e(g, g)^{b tsµ}
=
e(g, g)^{b tsµ}
.
a
j
j∈[1,r_a
]
If SK’s holder is not managed by any revoked domain
authority and is not among the revoked users, then we can get
e(C₀,K)
tsµ
e(g, g)^αsµ
=
. Finally get the message
2
b tsµ
a
e(g,g)^b2
·e(g,g)
u
C
M by evaluating
.
e(g,g)^αsµ
V. CONCLUSION AND FUTURE WORK
D. Security Model
The basic operational characteristics of ABE are inherently
Our scheme should be resistant against two types of unau- compatible with the TMN. We develop a novel ABE algo-
thorized access. The first one is unauthorized access from a rithm with additional combined capabilities for revocation,
single user. In particular, the user without attributes satisfying delegation, and federation. It can serve as the foundation
the access policy embedded in the ciphertext. The second one for a practical TMN information sharing security infrastruc-
is collusion attack. Two users might collude together to gain ture for the military. We intend to further develop the ABE
more access privileges. Our scheme can be proven to be secure algorithm with additional capabilities, including fine-grained
against both types of unauthorized access using the same proof attribute expiration, comparable attributes, and hierarchical
as baseline ABE [14], [15].
attributes. These capabilities will ease management, improve
964

Milcom 2018 Track 3 - Cyber Security and Trusted Computing
TABLE I Complexity Analysis.
Overhead
Computation (Pairing)
Setup
1
KeyGen-RA
0
KeyGen-U
0
Encrypt
1
Decrypt
2|I|(r_u + 1)
2|RI| + 2|U| + 2 2|U_ID | + 5 2|U_ID | + 3 x((|I_nr| + 2)r_ul + r_u + 2) x(|I|r_u) + y|I|
a
u
Computation(Exponent)
+
y((|I_nr| + 1)l + 2)
x(|I|r_u) + y|I|
2|RI| + 2|U| + 3 2|U_ID | + 5 2|U_ID | + 3
x(2r_u + lr_u|I_nr| + 2lr_u)
0
a
u
Communication
Storage
+
y(r_g + l|I_nr|) + 2
2|RI| + 2|U| + 7 2|U_ID | + 5 2|U_ID | + 3
0
0
a
u
800
700
600
500
400
300
200
100
0
[5] W. Mitchell, “Project kitae part i battlespace agility in helmand: Network
vs. hierarchy c2,” 2011.
[6] S. H. Lee, S. Lee, H. Song, and H. S. Lee, “Wireless sensor network de-
sign for tactical military applications: Remote large-scale environments,”
in Military communications conference, 2009. MILCOM 2009. IEEE.
IEEE, 2009, pp. 1–7.
[7] M. P. DJurisˇic´, Z. Tafa, G. Dimic´, and V. Milutinovic´, “A survey
of military applications of wireless sensor networks,” in Embedded
Computing (MECO), 2012 Mediterranean Conference on. IEEE, 2012,
pp. 196–199.
[8] D. Singh, G. Tripathi, A. M. Alberti, and A. Jara, “Semantic edge
computing and iot architecture for military health services in battlefield,”
in Consumer Communications & Networking Conference (CCNC), 2017
14th IEEE Annual. IEEE, 2017, pp. 185–190.
1
5
10
15
20
KeyGen-U
25
30
35
Decrypt
40
45
Setup
KeyGen-RA
Encrypt
Fig. 5 Relationship between the number of attributes and
the computation time for each operation in milliseconds
[9] A. Raglin, S. Metu, S. Russell, and P. Budulas, “Implementing internet
of things in a military command and control environment,” in Next-
Generation Analyst V, vol. 10207. International Society for Optics
and Photonics, 2017, p. 1020708.
[10] L. Young and M. Ishii, “One force tactical communications system:
Connecting the tactical edge at aewe spiral g,” in MILITARY COMMU-
NICATIONS CONFERENCE, 2012-MILCOM 2012. IEEE, 2012, pp.
1–4.
[11] A. Blair, T. Brown, K. M. Chugg, and M. Johnson, “Tactical mobile
mesh network system design,” in Military Communications Conference,
2007. MILCOM 2007. IEEE. IEEE, 2007, pp. 1–7.
[12] G. Henderson, W. Pase et al., “Emerging radio and manet technology
study: Research support for a survey of state-of-the-art commercial and
military hardware/software for mobile ad hoc networks,” Bell Canada
Ottawa, Ontario Canada, Tech. Rep., 2014.
[13] Y. Sun and K. R. Liu, “Hierarchical group access control for secure
multicast communications,” IEEE/ACM Transactions on Networking,
vol. 15, no. 6, pp. 1514–1526, 2007.
[14] V. Goyal, O. Pandey, A. Sahai, and B. Waters, “Attribute-based encryp-
tion for fine-grained access control of encrypted data,” in Proceedings
of the 13th ACM conference on Computer and communications security.
Acm, 2006, pp. 89–98.
[15] J. Bethencourt, A. Sahai, and B. Waters, “Ciphertext-policy attribute-
based encryption,” in Security and Privacy, 2007. SP’07. IEEE Sympo-
sium on. IEEE, 2007, pp. 321–334.
[16] A. Fongen and M. Salmanian, “Communities of trust in tactical coalition
networks,” in Military Communications Conference (MILCOM), 2014
IEEE. IEEE, 2014, pp. 67–73.
[17] M. Salmanian, J. D. Brown, S. Watson, R. Song, H. Tang, and D. Sim-
melink, “An architecture for secure interoperability between coalition
tactical manets,” in Military Communications Conference, MILCOM
2015-2015 IEEE. IEEE, 2015, pp. 37–42.
expressiveness, and enable new modes of operation. Another
challenge is in establishing the access control policy model.
Existing and new access control policies has to be translated
into ABE access trees. Integration with the application and
network layer is another challenge. We envision ABE to
provide security at the application layer to provide fine-grained
security, and interoperate with a pre-shared key scheme at the
network layer providing coarse-grained security.Performance
and computational complexity is a basic short-coming of ABE.
We are able to achieve somewhat acceptable performance
with the current implementation. We intend to develop a high
performance implementation and protocols for caching and
pre-computation that can further alleviate the computation load.
We have demonstrated the feasibility of our enhanced ABE
algorithm in sending data. The next step is to apply it to a
real-world application and network.
REFERENCES
[1] B. A. Weiss, L. Fronczek, E. Morse, Z. Kootbally, and C. Schlenoff, “Per-
formance assessments of android-powered military applications operating
on tactical handheld devices,” in Mobile Multimedia/Image Processing,
Security, and Applications 2013, vol. 8755. International Society for
Optics and Photonics, 2013, p. 875504.
[2] B. J. Ewy, M. T. Swink, S. G. Pennington, J. B. Evans, J. M. Kim,
C. Ling, S. L. Earp, and M. Maeda, “Tigr in iraq and afghanistan:
Network-adaptive distribution of media rich tactical data,” in Military
Communications Conference, 2009. MILCOM 2009. IEEE. IEEE, 2009,
pp. 1–7.
[18] A. Armando, M. Grasso, S. Oudkerk, S. Ranise, and K. Wrona, “Content-
based information protection and release in nato operations,” in Pro-
ceedings of the 18th ACM symposium on Access control models and
technologies. ACM, 2013, pp. 261–264.
[19] B. Lynn et al., “Pbc: The pairing-based cryptography library,” h
ttp://crypto. stanford. edu/pbc, 2011.
[3] J. B. Evans, B. J. Ewy, M. T. Swink, S. G. Pennington, D. J. Siquieros,
and S. L. Earp, “Tigr: the tactical ground reporting system,” IEEE
Communications Magazine, vol. 51, no. 10, pp. 42–49, 2013.
[4] M. R. Brannsten, T. H. Bloebaum, F. T. Johnsen, and B. K. Reitan,
“Kings eye: Platform independent situational awareness,” in Military
Communications and Information Systems (ICMCIS), 2017 International
Conference on. IEEE, 2017, pp. 1–5.
965