On the Analysis of the Revocable-Storage Identity-Based Encryption Scheme
This work addresses a critical flaw in a cryptographic scheme for cloud data security, which is incremental as it fixes an existing method rather than introducing a new one.
The paper identifies that a previously proposed revocable-storage identity-based encryption (RS-IBE) scheme fails to meet correctness requirements for secure data sharing in cloud computing, and provides a method to correct and secure the scheme.
Cloud computing can provide a flexible way to effectively share data among multiple users since it can overcome the time and location constraints of computing resource usage. However, the users of cloud computing are still reluctant to share sensitive data to a cloud server since the cloud server should be treated as an untrusted entity. In order to support secure and efficient data sharing in cloud computing environment, Wei et al. recently extended the concept of identity-based encryption (IBE) to support key revocation and ciphertext update functionalities, and proposed a revocable-storage identity-based encryption (RS-IBE) scheme. In this paper, we show that the RS-IBE scheme of Wei et al. does not satisfy the correctness property of RS-IBE. In addition, we propose a method to modify the existing RS-IBE scheme to be a correct and secure scheme.