A Secure Data Sharing in Cloud Storage with Independent Key Generation Centre and Certificate-less Encryption

305 Abstract— A mediated certificateless encryption (mCL-PKE) scheme which solves the certificate revocation problem and the key escrow problem and preserves the data confidentiality in the cloud. Since most of the CL-PKE schemes are based on bilinear pairing and computationally expensive. mCL-PKE scheme does not utilize pairing operation problem. The security mediator supports instantaneous revocation of compromised or malicious users and act as the policy enforcement scheme. This method is highly efficient than the bilinear pairing based scheme. The mCL-PKE scheme with the access control lists is been proposed to overcome the problem of sharing the sensitive information in the cloud storage. The access control list contains the details of the user and this list is generated to the cloud and the data owner for verification purpose. The main problem stated here is the key generation center in the cloud. This will bring vulnerabilities against the secure key generation. A new method is discovered to implement the key generation centre as an independent center which shares key independently. According to the access control, the data is being encrypted by the data owner using the symmetric encryption algorithm and uploads encrypted data items with an intermediate keys to the cloud. The user uses their private key to convert the partially decrypted data to the fully decrypted one. The cloud storage does not perform the decryption operation fully to preserve the data confidentiality as well as the keys information. The extension of the mCL-PKE approach allows the data owner to improvise the encryption operation in an efficient way and also to implement high level independent security in the cloud based system. The result of the mCL-PKE schemes is efficient and practical.