ISSN (Online) ISSN (Print)

Transcription

1 Public Key Encryption Using Key Aggregate Cryptosystem 1M.Siri Madhavi, 2A.Sowjanya Deepthi 1,2Dept. of CSE, Godavari Institute of Engineering & Tech., Velugubandha, Rajanagaram, E.G.dt,AP, India Abstract: Data contribution is an imperative functionality in cloud storage. For illustration bloggers can let their friends view a separation of their private pictures. An endeavour may contribution her employee s contact to a segment of sensitive data. The demanding difficulty is how to efficiently share encrypted data. Of course users can download the encrypted data from the storage, decrypt them then send them to others for sharing but it loses the worth of cloud storage. Users should be capable to hand over the access rights of the sharing data to others so that they can way in these data from the server unswervingly. Though judgment a wellorganized and protected way to divide up biased data in cloud storage is not unimportant. Keywords: Cloud storage, data sharing, keyaggregate encryption, patient-controlled encryption. 1] Introduction: Cloud users almost certainly will not grasp the burly conviction that the cloud server is doing a good job in terms of discretion. A cryptographic solution with established safety relied on numbertheoretic statements is more attractive at whatever time the user is not completely happy with trusting the safety of the VM or the truthfulness of the technical staff. These users are enthused to encrypt their data with their own keys earlier than uploading them to the server. Bearing in mind data privacy a traditional way to make certain it is to rely on the server to put in force the right to use manage after authentication which resources any unpredicted opportunity escalation will representation all data. In a shared-tenancy cloud computing environment things develop into even worse. Data from dissimilar customers can be hosted on disconnect virtual machines (VMs) but reside on a single physical machine. 2] Related Work: Guo et al. attempted to put up IBE with key aggregation. One of their methods supposes random oracles but another does not. In their schemes key aggregation is unnatural in the intelligence that all keys to be combined must come from dissimilar identity divisions. While there are an exponential number of characteristics and thus secret keys only a polynomial number of them can be summative. one solitary dense secret key can decrypt cipher texts encrypted under a lot of identities which are close in a convinced metric space but not for an uninformed set of identities and as a result it does not match with our thought of key aggregation. 3] Literature Survey: The Author, S.S.M. Chow (ET.AL), Aim one anxiety in using cloud storage is that the responsive data should be private to the servers which are exterior the trust domain of data owners. An additional issue is that the user may want to preserve his/her secrecy in the sharing or contact of the data. To completely take pleasure in the benefits of cloud storage we need a secret data sharing mechanism which is fine-grained, dynamic, scalable, accountable and secure. This paper deals with the trouble of edifice a secure cloud storage system which ropes dynamic users and data derivation. Previous system is based on precise constructions and does not tender all of the above mentioned attractive properties. Most significantly, dynamic user is not supported. We learn a variety of description offered by cryptographic anonymous authentication and encryption mechanisms and instantiate the propose with verifier-local revocable group signature and identity-based broadcast encryption with regular size cipher text and private keys. To apprehend our impression, we supply the broadcast encryption with the lively cipher text update feature and provide official safety guarantee next to adaptive chosen-cipher text decryption and inform attacks. The Author, V. Goyal (ET.Al) Aim as more responsive data is shared and stored by third-party sites on the Internet there will be a require to encrypt data stored at these sites. One drawback of encrypting data is that it can be selectively shared only at a coarse-grained level. We extend a new cryptosystem for fine-grained contribution of encrypted data that we call Key-Policy Attribute- Based Encryption (KP-ABE). In our cryptosystem, cipher texts are categorized with sets of features and private keys are connected with admittance structures that control which cipher texts a user is competent to decrypt. 4] Problem Definition: In a shared-tenancy cloud computing environment things turn out to be even worse. Concerning Page 668

2 accessibility of files there are sequences of cryptographic methods which go as far as allowing a third-party auditor to ensure the ease of use of files on behalf of the data owner devoid of leaking anything about the data or with no concession the data owners anonymity. Similarly cloud users most likely will not hold the strong belief that the cloud server is doing a good job in terms of privacy. A cryptographic solution with demonstrated security relied on number-theoretic assumptions is more advantageous whenever the user is not flawlessly happy with trusting the security of the VM or the frankness of the technical staff. The costs and complexities involved generally increase with the number of the decryption keys to be shared. 5] Proposed Approach: In KAC users encrypt a communication not only beneath a public-key but also below an identifier of cipher text called class. That means the cipher texts are auxiliary considered into different classes. The key owner clutches a master-secret called mastersecret key which can be used to remove secret keys for different classes. More decisively, the extracted key have can be a combined key which is as packed together as a secret key for a single class but amassed the power of many such keys, i.e., the decryption power for any subset of cipher ext classes. The extracted key have can be a cumulative key which is as compact as a secret key for a single class. The passing on of decryption can be capably executed with the aggregate key. In this paper we study how to create a decryption key more influential in the sense that it allows decryption of multiple cipher texts without growing its size. 6] System Architecture: In KAC users encrypt a message not only under a public-key, but also under an identifier of cipher text called class. That means the cipher texts are supplementary pigeonholed into different classes. The key owner holds a master-secret called mastersecret key which can be used to remove secret keys for different classes. More significantly the extracted key have can be a collective key which is as compact as a secret key for a single class but combined the power of many such keys i.e., the decryption power for any separation of cipher text classes. 7] Proposed Methodology: Setup Phase: The setup phase is done by data owner to setup an account on an untrusted server takes no input other than the implicit security parameter. It outputs the public parameters PK and a master key MK. Extend Phase: In this phase the public key and master key is extended from the setup phase. If a user needs to classify ciphertexts into more than n classes, user can register for additional key pairs. Encrypt Phase: This phase take input as the public parameters PK, a message M, and an access structure A over the universe of attributes. The algorithm will encrypt M and produce a ciphertext CT. Keygen Phase: The key generation phase takes input as the master key MK and a set of attributes S that describe the key. It outputs an aggregate key SK Decrypt Phase: The decryption algorithm takes as input the public parameters PK, a ciphertext CT and an aggregate key SK, which is an aggregate key for a set S of attributes. The algorithm will download the encrypted message from cloud server, decrypt the ciphertext and return a message M. 8] Algorithm: The Ekac Scheme The data owner establishes the public system parameter via Setup and generates a public/mastersecret key pair via KeyGen. Using KeyGen can extend the Public key and aggregate key. Messages can be encrypted via Encrypt by anyone who also decides what ciphertext class is associated with the plaintext message to be encrypted. The data owner can use the master-secret to generate an aggregate decryption key for a set of ciphertext classes via Extract. The generated keys can be passed to delegates securely (via secure e -mails or secure devices) finally; any user with an aggregate key can decrypt any ciphertext provided that the ciphertext s class is contained in the aggregate key via Decrypt. The EKAC Scheme consists of six polynomial time algorithm as follows: Page 669

3 Setup(1 λ,n): executed by the data owner to setup an account on an untrusted server on input a security level parameter 1λ and the number of ciphertext class n,it puts the public system parameter param. KeyGen:executed by the data owner to randomly generate a public/master-secret key pair(pk,msk) Extend(pk l,msk l ): Execute keygen() to get(v l+1, ϓ l+1 ) Є G Z p,output the extended public and master secret keys aspk l+1 =(pk l,v l+1 ),msk l+1 =(msk l, ϓ l+1 ). Encrypt(pk l,(a,b),m): Let pk l ={v 1,,v l }.For an index(a,b),1 a l, 1 b n,pick tє R Z p,output the ciphertext as C=< g t,(v a g b ) t,m. ȇ(g 1,g n ) t >. Extract (msk l,s l ) : let msk l ={ϓ 1,ϓ 2, ϓ l }. For a set S l of indices(i,j),1 i l,1 j n, get g n+1-j =g αn+1-j param, output: Decrypt(K sl,s l,(a,b),c): If (a,b) ЄS l,output. Otherwise.Let k sl =(d 1,,d l ) C=<c 1,c 2,c 3 >. Output the message: The EKAC polynomial algorithm uses elgamal encryption algorithm for encryption and decryption. Elgamal Encryption Algorithm: ElGamal encryption consists of three components: the key generator, the encryption algorithm, and the decryption algorithm. Key Generation The key generator works as follows: 1. Alice generates an efficient description of a multiplicative cyclic group of order with generator. See below for a discussion on the required properties of this group. 2. Alice chooses a random from 3. Alice computes. 4. Alice publishes, along with the description of, as her public key. Alice retains as her private key which must be kept secret. Encryption. The encryption algorithm works as follows: to encrypt a message to Alice under her public key, 1. Bob chooses a random from, then calculates. 2. Bob calculates the shared secret. 3. Bob converts his secret message into an element of. 4. Bob calculates. 5. Bob sends the ciphertext to Alice. Note that one can easily find if one knows. Therefore, a new is generated for every message to improve security. For this reason, is also called an ephemeral key. Decryption The decryption algorithm works as follows: to decrypt a ciphertext, 1. Alice calculates the shared secret with her private key 2. And then computes which she then converts back into the plaintext message, where is the inverse of in the group. (E.g. modular multiplicative inverse if is a subgroup of a multiplicative group of integers modulo n). The decryption algorithm produces the intended message, since I. Results: The allocation is erratically selected. It mocks-up the circumstances that the needs for pass on to diverse users may not be conventional as time goes by still after a vigilant early development. This provides observed confirmations to hold up our theories that hierarchical key assignment does not put aside much in all cases. With the tree-based Page 670

4 structure we can save a number of granted keys according to the delegation ratio. 10] Enhancement: In this we have to grow general public key. In the event that a client needs to order his ciphertexts into more Than n classes, he can enroll for extra key sets. Every class now is recorded by a 2-level list and the quantity of classes is expanded by n for each included key. For our methodology, at most 2 total keys are required. 11] Conclusion: As established by the experiment results we do not necessitate setting a very elevated and to have enhanced density than the tree-based approach. Note that group development is an extremely speedy process. To make the best out of our extended scheme i.e., to make the key size as small as possible we propose that the cipher text classes for dissimilar principles should be communicated to different public-keys. This is practical in practice and does not oppose our disparagement on hierarchical schemes that a proficient duty of hierarchy has need of a priori acquaintance on what to be shared. 12] Future Work: The impetus is to trim down the locked storage and this is a trade off between two kinds of storage. The limitation can be placed in non classified local storage or in a cache make available by the service company. They can also be gone and get on demand as not all of them are requisite in all occasions. The system parameter can also be engendered by a trusted party shared between all users and even hard-coded to the user program and can be updated via patches. In this case whilst the users need to trust the parameter-generator for strongly removing any transient values used, the entrance control is still guaranteed by a cryptographic mean in its place of relying on some server to confine the accesses frankly. 13] References: [1] S.S.M. Chow, Y.J. He, L.C.K. Hui, and S.-M. Yiu, SPICE Simple Privacy-Preserving Identity- Management for Cloud Environment, Proc. 10th Int l Conf. Applied Cryptography and Network Security (ACNS), vol. 7341, pp , [2] L. Hardesty, Secure Computers Aren t so Secure. MIT press, [3] C. Wang, S.S.M. Chow, Q. Wang, K. Ren, and W. Lou, Privacy- Preserving Public Auditing for Secure Cloud Storage, IEEE Trans. Computers, vol. 62, no. 2, pp , Feb [4] B. Wang, S.S.M. Chow, M. Li, and H. Li, Storing Shared Data on the Cloud via Security- Mediator, Proc. IEEE 33rd Int l Conf. Distributed Computing Systems (ICDCS), [5] S.S.M. Chow, C.-K. Chu, X. Huang, J. Zhou, and R.H. Deng, Dynamic Secure Cloud Storage with Provenance, Cryptography and Security, pp , Springer, [6] D. Boneh, C. Gentry, B. Lynn, and H. Shacham, Aggregate and Verifiably Encrypted Signatures from Bilinear Maps, Proc. 22 nd Int l Conf. Theory and Applications of Cryptographic Techniques (EUROCRYPT 03), pp , [7] M.J. Atallah, M. Blanton, N. Fazio, and K.B. Frikken, Dynamic and Efficient Key Management for Access Hierarchies, ACM Trans. Information and System Security, vol. 12, no. 3, pp. 18:1-18:43, [8] J. Benaloh, M. Chase, E. Horvitz, and K. Lauter, Patient Controlled Encryption: Ensuring Privacy of Electronic Medical Records, Proc. ACM Workshop Cloud Computing Security (CCSW 09), pp , [9] F. Guo, Y. Mu, Z. Chen, and L. Xu, Multi- Identity Single-Key Decryption without Random Oracles, Proc. Information Security and Cryptology (Inscrypt 07), vol. 4990, pp , [10] V. Goyal, O. Pandey, A. Sahai, and B. Waters, Attribute-Based Encryption for Fine-Grained Access Control of Encrypted Data, Proc. 13th ACM Conf. Computer and Comm. Security (CCS 06), pp , [11] S.G. Akl and P.D. Taylor, Cryptographic Solution to a Problem of Access Control in a Hierarchy, ACM Trans. Computer Systems, vol. 1, no. 3, pp , [12] G.C. Chick and S.E. Tavares, Flexible Access Control with Master Keys, Proc. Advances in Cryptology (CRYPTO 89), vol. 435, pp , [13] W.-G. Tzeng, A Time-Bound Cryptographic Key Assignment Scheme for Access Control in a Hierarchy, IEEE Trans. Knowledge and Data Eng., vol. 14, no. 1, pp , Jan./Feb Page 671

5 [14] G. Ateniese, A.D. Santis, A.L. Ferrara, and B. Masucci, Provably- Secure Time-Bound Hierarchical Key Assignment Schemes, J. Cryptology, vol. 25, no. 2, pp , [15] R.S. Sandhu, Cryptographic Implementation of a Tree Hierarchy for Access Control, Information Processing Letters, vol. 27, no. 2, pp , Authors: Ms.M.Siri Madhavi is a student of Godavari Institute of Engineering& Technology, Rajanagaram. Presently she is pursuing her M.Tech [Computer Science Engineering] from this college and she received her B.Tech from Rajahmahendri Institute of Engineering & Technology affiliated to JNT University, Kakinada in the year Her area of interest includes Cloud Computing and Object oriented Programming languages,c Programming all current trends and techniques in Computer Science. Ms.A.Sowjanya Deepthi, is a excellent teacher Received M.E (IT) from Sathya Bhama university Chennai is working as Assistant Professor, Department of Information Technology, Godavari Institute of Engineering and Technology. She has 4 years of teaching experience in various engineering colleges. She published in various international conferences /journals. Her area of Interest includes Cloud Computing, Image processing Data Warehouse and Data Mining, Information Retrieval Systems, Design Patterns and C Programming. Page 672