Achieving fuzzy matching data sharing for secure cloud-edge communication

Abstract

In this paper, we propose a novel fuzzy matching data sharing scheme named FADS for cloud-edge communications. FADS allows users to specify their access policies, and enables receivers to obtain the data transmitted by the senders if and only if the two sides meet their defined certain policies simultaneously. Specifically, we first formalize the definition and security models of fuzzy matching data sharing in cloud-edge environments. Then, we construct a concrete instantiation by pairing-based cryptosystem and the privacy-preserving set intersection on attribute sets from both sides to construct a concurrent matching over the policies. If the matching succeeds, the data can be decrypted. Otherwise, nothing will be revealed. In addition, FADS allows users to dynamically specify the policy for each time, which is an urgent demand in practice. A thorough security analysis demonstrates that FADS is of provable security under indistinguishable chosen ciphertext attack (IND-CCA) in random oracle model against probabilistic polynomial-time (PPT) adversary, and the desirable security properties of privacy and authenticity are achieved. Extensive experiments provide evidence that FADS is with acceptable efficiency.