Efficient Data Sharing With Privacy Preservation Over Lattices for Secure Cloud Storage

Data sharing is a basic data processing mechanism in the cloud storage. Data confidentiality and the receiver privacy are two important requirements of data-sharing systems. Because the data owner does not wish anyone who is not authorized to access the shared data and the authenticated data receiver also does not wish anyone else to know that he/she has accessed the shared data from the data owner. Broadcast encryption gives a possible solution to these requirements of data-sharing systems. This article constructs a data-sharing system over lattice by designing an efficient identity-based broadcast encryption (IBBE) scheme which achieves the data confidentiality and the identity privacy simultaneously. Besides the data owner, no one knows the identities of the authenticated data receivers in the proposed data-sharing system. Data confidentiality is achieved by the indistinguishability under the selective identity and the chosen ciphertext attacks (IND-sID-CCA) of the proposed IBBE scheme. It is proven in the random oracle model that the IND-sID-CCA security is based on the hardness of the learning with errors problem which can resist the quantum attacks. Inherited from the proposed IBBE scheme, the proposed data-sharing system also has several other characters which are suitable to the practical application. The most important feature is that all the public parameters size, private key size, and the ciphertext length are constant for any data receivers set in the proposed system. Hence, the proposed system adapts to the situation of large receiver group. Moreover, the proposed data-sharing system supports efficient member joining. When a new user asks to access the uploaded data, the existing receiver does not need to update his/her private key. The decryption cost of the existing receiver will remain unchanged when the outsourced data have been updated. Detailed performance analysis and a simulated experiment of the designed core algorithm are given by using Java program on a personal computer Intel Core i7-8700 K (3.7 GHz), 32 G RAM which verifies the design results in this article.