Forward and backward secure fuzzy encryption for data sharing in cloud computing

Abstract

The great benefits introduced by big data analysis technology motivate both individuals and enterprises to collect and share the data over the internet. Although cloud storage provides a perfect platform for data sharing, the security issue becomes the principal obstacle to preventing users from outsourcing their data to cloud servers, especially when the data involve sensitive information. As a new variant of public-key encryption scheme, attribute-based encryption (ABE) provides a fuzzy matching between the data encryptor and decryptor. That is, the encryptor ensures that all those users with attributes satisfying the defined access policy can decrypt the shared data, but cannot identify which one can do that. Thus, the ABE scheme can preserve user privacy, and is regarded as a promising solution of securing data sharing in the cloud storage system. But the original ABE scheme cannot be directly deployed for several practical issues, such as key exposure and user revocation. In this paper, we simultaneously conquer the above two issues and put forward a forward and backward secure ciphertext-policy ABE scheme such that a revealed user secret key is useless for decrypting any ciphertexts. The proposed forward and backward secure ABE scheme is proved secure under a q-type assumption in the selective model, without random oracles. The performance discussion indicates that the proposed scheme provides stronger security guarantees than other similar ABE schemes, and thus is more desirable for cloud storage systems.