Dynamic Encrypted Data Sharing Scheme Based on Conditional Proxy Broadcast Re-Encryption for Cloud Storage

Since Cloud Service Provider is a semi-trusted party in cloud storage, to protect data from being disclosed, users' data are encrypted before being uploaded to a cloud server. Undoubtedly, flexible encrypted data sharing is a very important demand required by cloud storage users, whereas few schemes have being designed to satisfy this demand. In this paper, based on conditional proxy broadcast re-encryption technology, an encrypted data sharing scheme for secure cloud storage is proposed. The scheme not only achieves broadcast data sharing by taking advantage of broadcast encryption, but also achieves dynamic sharing that enables adding a user to and removing a user from sharing groups dynamically without the need to change encryption public keys. Moreover, by using proxy re-encryption technology, our scheme enables the proxy (cloud server) to directly share encrypted data to the target users without the intervention of data owner while keeping data privacy, so that greatly improves the sharing performance. Meanwhile, the correctness and the security are proved; the performance is analyzed, and the experimental results are shown to verify the feasibility and the efficiency of the proposed scheme.