Implicit Certificate Based Signcryption for a Secure Data Sharing in Clouds

Abstract

Signcryption is a sophisticated cryptographic tool that combines the benefits of digital signature and data encryption in a single step, resulting in reduced computation and storage cost. However, the existing signcryption techniques do not account for a scenario in which a company must escrow an employee's private encryption key so that the corporation does not lose the capacity to decrypt a ciphertext when the employee or user is no longer available. To circumvent the issue of non-repudiation, the private signing key does not need to be escrowed. As a result, this paper presents an implicit certificate-based signcryption technique with private encryption key escrow, which can assist an organization in preventing the loss of private encryption. A certificate, or more broadly, a digital signature, protects users' public encryption and signature keys from man-in-the-middle attacks under our proposed approach.