Resilient and verifiable outsourced attribute-based non-interactive oblivious transfer protocol for tactical edge networks
摘要
Tactical Edge Networks (TENs) serve as critical infrastructure for disseminating time-sensitive intelligence under resource-constrained and hostile conditions such as Network-Centric Warfare (NCW) and the Internet of Battlefield Things (IoBT), where secure and efficient data sharing is a core requirement. To ensure security and privacy in such environments, strict adherence to the ”need-to-know” principle is imperative, requiring that sensitive mission data are accessible only to entities with specific authorization attributes. Ciphertext-Policy Attribute-Based Encryption (CP-ABE) binds fine-grained access policies to ciphertexts and permits decryption only for attribute-satisfying users, rendering it inherently suitable for need-to-know control in these settings. However, the prohibitive computational overhead of bilinear pairings in CP-ABE is often impractical for lightweight frontline terminals in tactical edge networks. While outsourcing decryption to Tactical Cloud Nodes (TCNs) can alleviate this burden, it brings critical vulnerabilities in zero-trust deployments, including key exposure upon node capture, incorrect computation results, and the leakage of query intent to an honest-but-curious Command Center (CC). To address these issues, we present a novel resilient and verifiable outsourced attribute-based non-interactive oblivious transfer protocol. The proposed framework balances system efficiency with security and privacy, as well as addresses the inherent computational asymmetry between resource-constrained tactical edge devices and powerful cloud nodes. We integrate a receiver-privacy-only, NIOT-style index-hiding mechanism (RP-NIOT) into an offline/online encryption pipeline to conceal the user’s query index from an honest-but-curious command center (CC). We do not claim classical OT sender privacy; unauthorized-record confidentiality is enforced by the CP-ABE/KEM–DEM layer. In addition, we incorporate a user-held blinding factor into the transformation keys to decouple the outsourcing capability from final decryption to ensure resilience against TCN compromise. A novel lightweight hash-based verification mechanism is designed to guarantee the correctness of outsourced computations. Detailed security and efficiency analysis show that the proposed protocol achieves resilience and data confidentiality as well as other security objectives at a cost of constant (policy-size independent) online terminal overhead—dominated by two exponentiations (plus one