Identity-based data storage scheme with anonymous key generation in fog computing

Abstract

Identity-based proxy pre-encryption is a good candidate to achieve data sharing. When it is deployed to fog computing scenarios, it can provide more flexible access control service than being deployed to cloud computing for end-users since fog nodes are physically close to end-users. However, the existing IB-PRE schemes exist several security flaws. First, all IB-PRE schemes exist key escrow problem, which makes that the PKG can decrypt all ciphertexts of the users. Second, one re-encryption key can transform all ciphertexts of the delegator into all ciphertexts of the delegatee, which makes the scheme cannot provide fine-grained access control. Third, most of IB-PRE schemes cannot provide the user revocation and prevent collusion attacks. To overcome the above problems, in the paper, we propose an identity-based data storage scheme with anonymous key generation which is applied to fog computing. And then it is shown to provably secure in the random oracle model. By comparing with other existing schemes, our scheme has some advantages over the other schemes in terms of security properties. Finally, by experiment analysis, the result shows our scheme is efficient with respect to computational cost and communication overhead.