Authors - Raghav, Chanchal Maurya, Sunakshi Singh Abstract - Smart home ecosystems consist of resource-constrained IoT devices that continuously generate sensitive data, making privacy protection, access control, and resilience to device compromise critical challenges. This paper proposes a privacy-preserving one-way access-control encryption scheme for cloud-assisted smart home environments, designed to enforce a strict separation between data generation and data access. In the proposed scheme, devices are granted encryption capability only, while decryption authority remains exclusively with the device owner, thereby preventing unauthorized data disclosure and eliminating key escrow risks. To protect identity privacy, devices employ periodically refreshed pseudonymous identifiers derived from ephemeral secrets, ensuring unlinkability and resistance to tracking and profiling attacks. The scheme further limits the impact of device compromise and prevents adversarial data injection. Performance evaluation demonstrates that the proposed scheme incurs lower computational and communication overhead than existing encryption schemes, making it lightweight and well suited for resource-constrained smart home IoT deployments.
