What question did this study set out to answer?

This research aims to compare the performance of two attribute-based encryption schemes in IoT applications. It focuses on their efficiency and scalability under various network conditions.

February 8, 2026Open Access

Comparative Analysis of Attribute-Based Encryption Schemes for Special Internet of Things Applications

Key Points

This research aims to compare the performance of two attribute-based encryption schemes in IoT applications. It focuses on their efficiency and scalability under various network conditions.
Comparison of CIRCL scheme (CP-ABE) and Covercrypt scheme (KEMAC)
Assessment of key generation, message encryption, and decryption times
Evaluation of public key sizes and cipher overhead in two scenarios: corporate and tactical edge networks
Benchmarking performance data for determining feasibility and efficiency
Covercrypt demonstrates reduced ciphertext overhead in tactical environments
CIRCL achieves faster decryption throughput in large-scale corporate networks
The choice between schemes depends on specific operational constraints and user needs

Abstract

Attribute-based encryption (ABE) is an advanced public key encryption mechanism that enables the precise control of access to encrypted data based on attributes assigned to users and data. Attribute-based access control (ABAC), which is built on ABE, is crucial in providing dynamic, fine-grained, and context-aware security management in modern Internet of Things (IoT) applications. ABAC controls access based on attributes associated with users, devices, resources, and environmental conditions rather than fixed roles, making it highly adaptable to the complex and heterogeneous nature of IoT ecosystems. ABE can significantly improve the security and manageability of modern military IoT systems. Nevertheless, its practical implementation requires obtaining a range of performance data and assessing the additional overhead, particularly regarding data transmission efficiency. This paper provides a comparative analysis of the performance of two cryptographic schemes for attribute-based encryption in the context of special Internet of Things (IoT) applications. This applies to special environments, both military and civilian, where infrastructure is unreliable and dynamic and decisions must be made locally and in near-real time. From a security perspective, there is a need for strong authentication, precise access control, and a zero-trust approach at the network edge as well. The CIRCL scheme, based on traditional pairing-based ABE (CP-ABE), is compared with the newer Covercrypt scheme, a hybrid key encapsulation mechanism with access control (KEMAC) that provides quantum resistance. The main goal is to determine which scheme scales better and meets the performance requirements for two different scenarios: large corporate networks (where scalability is key) and tactical edge networks (where minimal bandwidth and post-quantum security are paramount). The benchmark results are used to compare the operating costs in detail, such as the key generation time, message encryption and decryption times, public key size, and cipher overhead, showing that Covercrypt provides a reduction in ciphertext overhead in tactical scenarios, while CIRCL offers faster decryption throughput in large-scale enterprise environments. It is concluded that the optimal choice depends on the specific constraints of the operating environment.

Bookmark

View Full Paper