Attribute-Based Privacy-Preserving Data Sharing for Dynamic Groups in Cloud Computing

The sharing of personal data with multiple users from different domains has been benefited considerably from the rapid advances of cloud computing, and it is highly desirable to ensure the sharing file should not be exposed to the unauthorized users or cloud providers. Unfortunately, issues such as achieving the flexible access control of the sharing file, preserving the privacy of the receivers, forming the receiver groups dynamically, and high efficiency in encryption/decryption still remain challenging. To deal with these challenges, we provide a novel anonymous attribute-based broadcast encryption (A(2) B-2 E) which features the property of hidden access policy and enables the data owner to share his/her data with multiple participants who are inside a predefined receiver set and fulfill the access policy. We first suggest a concrete A(2) B-2 E scheme together with the rigorous and formal security proof without the support of the random oracle model. Then, we design an efficient and secure data sharing system by incorporating the A(2) B-2 E scheme, verifiable outsourcing decryption technique for attribute-based encryption, and the idea of online/offline attribute-based encryption. Extensive security analysis and performance evaluation demonstrate that our data sharing system is secure and practical.