A threshold hybrid encryption method for integrity audit without trusted center

Cloud storage with sharing services is increasingly popular among data owners. However, it is difficult for the users to know if the cloud server providers (CSPs) indeed protect their data. To verify data integrity and preserve data and key privacy in the group, this paper proposes a new threshold hybrid encryption for integrity auditing method without trusted center. The proposed method is developed based on the Advanced Encryption Standard (AES) and the Elliptic Curve Cryptography (ECC) with Shamir secret sharing. In this way, the key can be distributed and managed without trusted center, preserving the privacy of the key of the AES and users' private key. Besides, we design and implement a novel integrity auditing and re-signature method which verifies the data integrity and solves the collusion question of the cloud and the revoked users. Security analysis and performance evaluation demonstrate that the proposed scheme realizes the correctness, security, and efficiency with a low communication and computation cost.

Automated summary

This paper proposes a new threshold hybrid encryption for integrity auditing method in cloud storage, using AES and ECC with Shamir secret sharing. The method distributes and manages keys without a trusted center, and also includes an integrity auditing and re-signature method to solve collusion issues. Security analysis and performance evaluation show that the scheme achieves correctness, security, and efficiency with low communication and computation cost.