direkt zum Inhalt springen

direkt zum Hauptnavigationsmenü

Sie sind hier

TU Berlin

Inhalt des Dokuments

Diploma Thesis: Attribute-based Encryption in Publish Subscribe Messaging Patterns

Attribute-based Encryption in Publish Subscribe Messaging Patterns


The communication market for Internet of Things (IoT) is expanding exponentially in all industrial segments. By 2020 a population of about 26 billion connected units is expected.
A complex example: “I define a period of +/- 30 minutes for my coffee machine to turn on; it then requests a traffic service: how long to work? Depending on the prediction, it will then turn on and send me a message to my alarm clock: coffee is ready.” - The problem is, that information will be revealed during the messaging between the coffee machine and the alarm clock: “I’m drinking coffee”; “I wake up at a time.” This information shall be protected.

On the one hand the publish/subscribe Messaging Pattern (pub/sub-MP) is the best choice for the development of dynamic large-scale applications. On the other hand, the type of the encryption sets requirements to a messaging paradigm. For example: using an asymmetric encryption type in a Public-Key Infrastructure (PKI) (i.e. GNU Privacy Guard (GPG)) requires knowing the exact recipient, technically it requires a unique identifier from the recipient (the public key).

In pub/sub-MP, each message is collected by a broker and then delivered to several recipients. The originator knows only one party in the middle, the broker. The receiver is not known. It is not required in this messaging paradigm, to know how many receivers will get the message.

In a novel asymmetric encryption type: the Attribute Based Encryption (ABE), the recipient himself does not need to be known; only his attributes are required.
In this work, the secret communication problem in pub/sub-MP is expanded to a secret conversation in a group. Extended group-secrecy requirements and the “future-secrecy” requirement of message encryption are satisfied. Different encryption methods are introduced and finally an optimized hybrid (combination from asymmetric and symmetric encryptions) method is described; finally an efficient solution, where ABE is used, is implemented.

Two technologies are brought together: the ABE and the secret key management for group conversation; the messaging is then carried out in the pub/sub-MP. This work is a security contribution for IoT, where the market is predicted to have the strongest growth in the next 5 years.



Supervisor: Dirk Thatmann, Sebastian Zickau

Type: Diploma Thesis

Duration: 6 months



Zusatzinformationen / Extras

Quick Access:

Schnellnavigation zur Seite über Nummerneingabe

Service-centric Networking
Telekom Innovation Laboratories
TEL 19
Ernst-Reuter-Platz 7
10587 Berlin, Germany
Phone: +49 30 8353 58811
Fax: +49 30 8353 58409