Updatable Hybrid Encryption Scheme with No-Directional Key Update for Cloud Storage

Updatable encryption (UE) plays an important role in mitigating the impact of key compromise on ciphertext in the scenario of cloud storage. Nevertheless, most of the existing UE schemes focus on making symmetric encryption updatable. In this paper, to give play to advantages of symmetric and asymmetric encryption, we present an updatable hybrid encryption (UHE) scheme. By setting the REACT transform as the underlying encryption scheme and using the indistinguishable obfuscation to convert the private key into a public key encryption program, the synchronous update of public/private key pair and ciphertext can be realized. More importantly, the generation and update of private key are stored locally in hybrid encryption, the update token is not used to derive the private key, and thus the no-directional key update can be achieved. Furthermore, considering for the adversarial attack behaviors, we build a reasonable security model. Finally, since the decryption ability of the punctured keys is limited at the punctured points, the adversary can be allowed to access to all oracles at the full epochs, and then under the proposed security framework the confidentiality of the proposed scheme can be proven based on the indistinguishability between pseudorandom functions, where the confidentiality can capture forward and post-compromise security.