Resilient and Verifiable Outsourced Attribute-Based Non-Interactive Oblivious Transfer Protocol for Tactical Edge Networks

Tactical Edge Networks (TENs) serve as critical infrastructure for disseminating time-sensitive intelligence under resource-constrained and hostile conditions such as Network-Centric Warfare (NCW) and the Internet of Battlefield Things (IoBT), where secure and efficient data sharing is a core requirement. To ensure security and privacy in such environments, strict adherence to the "need-to-know" principle is imperative, requiring that sensitive mission data are accessible only to entities with specific authorization attributes. Ciphertext-Policy Attribute-Based Encryption (CP-ABE) binds fine-grained access policies to ciphertexts and permits decryption only for attribute-satisfying users, rendering it inherently suitable for need-to-know control in these settings. However, the prohibitive computational overhead of bilinear pairings in CP-ABE is often impractical for lightweight frontline terminals in tactical edge networks. While outsourcing decryption to Tactical Cloud Nodes (TCNs) can alleviate this burden, it brings critical vulnerabilities in zero-trust deployments, including key exposure upon node capture, incorrect computation results, and the leakage of query intent to an honest-but-curious Command Center (CC). To address these issues, we present a novel resilient and verifiable outsourced attribute-based non-interactive oblivious transfer protocol. The proposed framework balances system efficiency with security and privacy, as well as addresses the inherent computational asymmetry between resource-constrained tactical edge devices and powerful cloud nodes. We integrate Non-Interactive Oblivious Transfer (NIOT) into an offline/online encryption pipeline to cryptographically conceal the user’s query index from the CC to prevent traffic analysis and maintain operational efficiency at the edge. In addition, we incorporate a user-held blinding factor into the transformation keys to decouple the outsourcing capability from final decryption to ensure resilience against TCN compromise. A novel lightweight hash-based verification mechanism is designed to guarantee the correctness of outsourced computations. Detailed security and efficiency analysis show that the proposed protocol achieves resilience and data confidentiality as well as other security objectives at a cost of constant online terminal overhead independent of access policy size, making it highly suitable for latency-sensitive tactical applications.