As cloud service providers are not completely trusted, people are increasingly concerned about security issues such as data confidentiality and user privacy. In many existing schemes, the private key generator (PKG) generates a full private key for each user, which means that the PKG can forge a valid signature or decrypt the ciphertext. To address the issue, we first present a novel certificateless hybrid signcryption (CL-HSC) scheme without pairing, in which the PKG only generates the partial private keys for users. It is provably secure under the Elliptic Curve Computational Diffie-Hellman (EC-CDH) assumption in the random oracle model. Then, we propose a key derivation method by which the data owner only needs to maintain the master key to get rid of the complex key management. By combining our proposed CL-HSC scheme and the key derivation method, we present a secure and efficient data-sharing scheme for cloud storage, which can resist collusion attacks, spoofing attacks, and replay attacks and makes user revocation easier. In addition, compared with some existing schemes, our scheme has a lower computational complexity.
This is an open access article distributed under the Creative Commons Attribution License
which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited