Attribute Based Encryption with Privacy Protection in Clouds

Similar documents
Attribute Based Encryption with Privacy Preserving In Clouds

A Procedural Based Encryption Technique for Accessing Data on Cloud

Multi Attribute Based Security and Key Distribution for Secure Storage in Clouds

ISSN Vol.04,Issue.05, May-2016, Pages:

Decentralized Access Control of Data Stored In Cloud Using Encryption

A Novel Distributed Access Control of Data Stored Clouds through Anonymous Authentication

Implementation of Decentralized Access Control with Anonymous Authentication in Cloud

Decentralized Anonymous Authentication of Data Stored in Clouds Praveen.N, Krishna Kumar.P.R, Vinitha V Yadav

Secure Data Storage in Clouds by Using Decentralized Access Control Scheme

ISSN: (Online) Volume 3, Issue 6, June 2015 International Journal of Advance Research in Computer Science and Management Studies

Decentralized Access Control Based Crime Analysis

A New Distributed Access Control Schema For Secure Data Stored In Clouds

Secure Cloud Storage Using Decentralized Access Control with Anonymous Authentication

DECENTRALIZED ATTRIBUTE-BASED ENCRYPTION AND DATA SHARING SCHEME IN CLOUD STORAGE

Decentralized Access Control with Anonymous Authentication of Data Stored in Cloud

Enhancing Reliability and Scalability in Dynamic Group System Using Three Level Security Mechanisms

Decentralized Access Control scheme for secure Data Stored in Clouds. Vel Tech High Tech Dr. Rangarajan Dr. Sakunthala Engineering College

DATA SECURITY IN CLOUDS USING DECENTRALIZED ACCESS CONTROL, ANONYMOUS AUTHENTICATION AND RSA BASED ENCRYPTION

A compact Aggregate key Cryptosystem for Data Sharing in Cloud Storage systems.

An Efficient Verifiable Multi-Authority Secret Access control scheme in Cloud Storage M.Sreelakshmi & P.Gangadhara

Session Based Ciphertext Policy Attribute Based Encryption Method for Access Control in Cloud Storage

Abstract. Asia-pacific Journal of Convergent Research Interchange Vol.2, No.2, June 30 (2016), pp

Decentralized Access Control with Anonymous Authentication of Data Stored in Clouds

AES and DES Using Secure and Dynamic Data Storage in Cloud

EFFICIENT DATA SHARING WITH ATTRIBUTE REVOCATION FOR CLOUD STORAGE

User Revocation And Fine Grained Access Control Of Phr In Cloud Using Hasbe

Attribute-based encryption with encryption and decryption outsourcing

EFFICIENT REVOCATION AND SECURE ATTRIBUTE-BASED PROXY RE-ENCRYPTION SCHEME

Security Weaknesses of an Anonymous Attribute Based Encryption appeared in ASIACCS 13

HIGH LEVEL SECURITY IMPLEMENTATION IN DATA SHARING ON SOCIAL WEBSITES

IMPROVING DATA SECURITY USING ATTRIBUTE BASED BROADCAST ENCRYPTION IN CLOUD COMPUTING

Secure Data Storage and Data Retrieval in Cloud Storage using Cipher Policy Attribute based Encryption

A Review: Data Security in Cloud via Decentralized Access Control Technique

Fine-Grained Data Sharing Supporting Attribute Extension in Cloud Computing

Improving data integrity on cloud storage services

DAC-MACS: Effective Data Access Control for Multiauthority Cloud Storage Systems

Fortified and Revocable Access Control for Multi- Authority Cloud Storage using CPABE

ROBUST AND ANONYMOUS AUTHENTICATION OF DATA STORED IN CLOUDS WITH DECENTRALIZED ACCESS CONTROL

Secure Data Deduplication with Dynamic Ownership Management in Cloud Storage

FINE-GRAINED QUERY RESULTS VERIFICATION FOR SECURE SEARCH SCHEME OVER ENCRYPTED CLOUD DATA

Secure Auditing For Outsourced Data in Cloud Using Homomorphic Token and Erasure Code

A New Symmetric Key Algorithm for Modern Cryptography Rupesh Kumar 1 Sanjay Patel 2 Purushottam Patel 3 Rakesh Patel 4

Assistant Professor, Dept of CSE, Vasireddy Venkatadri Institute of Technology (VVIT), Nambur (v), Guntur, Andhra Pradesh, India

SDD: A Novel Technique for Enhancing Cloud Security with Self Destructing Data

384 IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 25, NO. 2, FEBRUARY 2014

A Less Weight Secure Data Sharing Scheme for Mobile Cloud Computing

Efficient Auditable Access Control Systems for Public Shared Cloud Storage

FAC-MACS: Fortified Access Control for Multi-Authority Cloud Storage Using CPABE

A LTERATURE SURVEY ON REVOCABLE MULTIAUTHORITY CIPHER TEXT-POLICY ATTRIBUTE-BASED ENCRYPTION (CP-ABE) SCHEME FOR CLOUD STORAGE

OPTIMIZING ONE FAIR DOCUMENT EXCHANGE PROTOCOL

Time-Based Proxy Re-encryption Review

ENSURING PRIVACY OF E-MEDICAL HEALTH RECORDS USING TRIPLE- DES ALGORITHM

AoT: Authentication and Access Control for the Entire IoT Device Life-Cycle

ISSN Vol.08,Issue.16, October-2016, Pages:

Introduction. CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell

A Two-Fold Authentication Mechanism for Network Security

Accumulative Privacy Preserving Data Mining Using Gaussian Noise Data Perturbation at Multi Level Trust

Keywords: Multi-authority attribute based encryption, key policy, ciphertext policy, central authority free

On the Insecurity of a Method for Providing Secure and Private Fine-Grained Access to Outsourced Data

A Survey on Secure Sharing In Cloud Computing

International Journal of Advanced Research in Computer Science and Software Engineering

Secure Data De-Duplication With Dynamic Ownership Management In Cloud Storage

CS 470 Spring Security. Mike Lam, Professor. a.k.a. Why on earth do Alice and Bob need to talk so much?!? Content taken from the following:

CS 470 Spring Security. Mike Lam, Professor. a.k.a. Why on earth do Alice and Bob need to share so many secrets?!?

UNIT - IV Cryptographic Hash Function 31.1

Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls

PRIVACY PRESERVING RANKED MULTI KEYWORD SEARCH FOR MULTIPLE DATA OWNERS. SRM University, Kattankulathur, Chennai, IN.

Result Analysis: Decentralized Access Control with Anonymous Authentication

ADVANCES in NATURAL and APPLIED SCIENCES

Three Levels of Access Control to Personal Health Records in a Healthcare Cloud

SECURE MULTI-KEYWORD TOP KEY RANKED SEARCH SCHEME OVER ENCRYPTED CLOUD DATA

LECTURE NOTES ON PUBLIC- KEY CRYPTOGRAPHY. (One-Way Functions and ElGamal System)

Public Key Cryptography and RSA

Tracing Insider Attacks in the Context of Predicate Encryption Schemes

Secure Data Sharing using Attribute Based Encryption with Revocation in Cloud Computing

Fine-grained Access Control for Cloud Computing

Insecurity of an Dynamic User Revocation and Key Refreshing for Attribute-Based Encryption Scheme

International Journal of Advance Research in Engineering, Science & Technology

Enhancing Availability Using Identity Privacy Preserving Mechanism in Cloud Data Storage

Efficient Privacy-Preserving Data Collection Scheme for Smart Grid AMI Networks

Sharing of PHR s in Cloud Computing

Public-key Cryptography: Theory and Practice

Sankalchand Patel College of Engineering, Visnagar Department of Computer Engineering & Information Technology. Question Bank

Public Key Algorithms

CloudSky: A Controllable Data Self-Destruction System for Untrusted Cloud Storage Networks

IBM i Version 7.2. Security Digital Certificate Manager IBM

T Cryptography and Data Security

Secure Cloud-based Access Control Optimization (SCACO)

Efficient Privacy-Preserving Chatting Scheme with Degree of Interest Verification for Vehicular Social Networks

On the Security of a Certificateless Public-Key Encryption

STRONGER SECURITY NOTIONS FOR DECENTRALIZED TRACEABLE ATTRIBUTE-BASED SIGNATURES AND MORE EFFICIENT CONSTRUCTIONS

Volume 6, Issue 1, January 2018 International Journal of Advance Research in Computer Science and Management Studies

Source Anonymous Message Authentication and Source Privacy using ECC in Wireless Sensor Network

Dynamic and Flexible Group Key Generation Based on User Behaviour Monitoring

CSCI 454/554 Computer and Network Security. Topic 5.2 Public Key Cryptography

ABSTRACT I. INTRODUCTION

Secure digital certificates with a blockchain protocol

1 Identification protocols

Public Auditing on Shared Data in the Cloud Using Ring Signature Mechanism

Outline. CSCI 454/554 Computer and Network Security. Introduction. Topic 5.2 Public Key Cryptography. 1. Introduction 2. RSA

Transcription:

Attribute Based Encryption with Privacy Protection in Clouds Geetanjali. M 1, Saravanan. N 2 PG Student, Department of Information Technology, K.S.R College of Engineering, Tiruchengode, Tamilnadu, India 1 Guide, Department of Information Technology, K.S.R College of Engineering, Tiruchengode, Tamilnadu, India 2 ABSTRACT- I propose a new decentralized access control scheme for secure data storage in clouds, which supports anonymous authentication. In the proposed scheme, the cloud verifies the authenticity of the user without knowing the user s identity before storing data. Decentralized scheme also has the added feature of access control in which only valid users are able to decrypt the stored information. This scheme prevents replay attacks and supports creation, modification, and reading data stored in the cloud and also address user revocation. Moreover, this authentication and access control scheme is decentralized and robust, unlike other access control schemes designed for clouds which are centralized. The communication, computation, and storage overheads are comparable to centralized approaches. I.INTRODUCTION The mainstay of this is to propose a new decentralized access control scheme for secure data storage in clouds that supports anonymous authentication. The proposed scheme is resilient to replay attacks. A writer whose attributes and keys have been revoked cannot write back stale information. Distributed access control of data stored in cloud so that only authorized users with valid attributes can access them. Authentication of users who store and modify their data on the cloud. The identity of the user is protected from the cloud during authentication. The architecture is decentralized, meaning that there can be several KDCs for key management. The access control and authentication are both collusion resistant, meaning that no two users can collude and access data or authenticate themselves, if they are individually not authorized. Revoked users cannot access data after they have been revoked. The proposed scheme is resilient to replay attacks. A writer whose attributes and keys have been revoked cannot write back stale information. The protocol supports multiple read and writes on the data stored in the cloud. The costs are comparable to the existing centralized approaches, and the expensive operations are mostly done by the cloud. Proposing privacy preserving authenticated access control scheme. According to our scheme a user can create a file and store it securely in the cloud. This scheme consists of use of the two protocols ABE and ABS. The cloud verifies the authenticity of the user without knowing the user s identity before storing data. The scheme also has the added feature of access control in which only valid users are able to decrypt the stored information. The scheme prevents replay attacks and supports creation, modification, and reading data stored in the cloud. II.MPLEMENTATION TECHNIQUES A.SECURE HASH ALGORITHM Definition: SHA-1 is one of several cryptographic hash functions, most often used to verify that a file has been unaltered. SHA is short for Secure Hash Algorithm. File verification using SHA-1 is accomplished by comparing the checksums created after running the algorithm on the two files you want to compare. SHA-1 is the second iteration of this cryptographic hash function, replacing the previous SHA-0. An SHA-2 cryptographic hash function is also available and SHA-3 is being developed. Copyright @ IJIRCCE www.ijircce.com 1502

One iteration within the SHA-1 compression function. A, B, C, D and E are 32-bit words of the state. F is a nonlinear function that varies. n denotes a left bit rotation by n places. n varies for each operation. W t is the expanded message word of round t. K t is the round constant of round t. denotes addition modulo 2 32. B.Paillier Algorithm The Paillier cryptosystem, named after and invented by Pascal Paillier is a probabilistic asymmetric algorithm for public key cryptography. Key generation Choose two large prime numbers p and q randomly and independently of each other such that i.e., for security parameter.. This property is assured if both primes are of equivalent length, Compute and. Select random integer where Ensure divides the order of by checking the existence of the following modular multiplicative inverse:, where function is defined as. Note that the notation does not denote the modular multiplication of times the modular multiplicative inverse of but rather the quotient of divided by The public (encryption) key is. Copyright @ IJIRCCE www.ijircce.com 1503

ISSN(Online): 2320-9801 (An ISO 3297: 2007 Certified Organization) Vol.2, Special Issue 1, March 2014 Department of CSE, JayShriram Group of Institutions, Tirupur, Tamilnadu, India on 6th & 7th March 2014 The private (decryption) key is If using p,q of equivalent length, a simpler variant of the above key generation steps would be to set and.[1], where Encryption Let be a message to be encrypted where Select random where Compute ciphertext as: Decryption Ciphertext Compute message: As the original paper points out, decryption is "essentially one exponentiation modulo." Creation of KDC KDC Authentication Trustee and User Accessibility Creation of Access Policy File Accessing File Restoration III. CREATION OF KDC Different number of KDC's are created and to register a user details KDC name, KDC id and KDC password are given as input to create KDC. Inputs will save in a database and to register a user details given input as username and user id. Fig Creation of KDC IV. KDC AUTHENTICATION Users have an initial level Registration Process at the web end. The users provide their own personal information for this process. The server in turn stores the information in its database. Copyright @ IJIRCCE www.ijircce.com 1504

Fig User Validation V. TRUSTEE AND KEY DISTRIBUTION CENTER Users receive a token from the trustee, who is assumed to be honest. A trustee can be someone like the federal government who manages social insurance numbers etc. On presenting her id (like health/social insurance number), the trustee gives her a token. There are multiple KDCs (here 1), which can be scattered. Users on presenting the token to KDC receive keys for encryption/decryption and signing. SK are secret keys given for decryption, Kx are keys for signing. Fig: User Accessibility VI. CREATION OF ACCESS POLICY After the key was received by the User, the message MSG is encrypted under the access policies. The access policies decide who can access the data stored in the cloud. The cipher text C with signature is c, and is sent to the cloud. The cloud verifies the signature and stores the cipher text C. When a reader wants to read, the cloud sends C. If the user has attributes matching with access policy, it can decrypt and get back original message and user can upload the file after user get key from the KDC. Copyright @ IJIRCCE www.ijircce.com 1505

Token KDC Access policies C C Cloud Creation of access Policy Fig: Creation of access policy VII. FILE ACCESSING Using their access policies the users can download their files by the help of KDC s to issue the private keys for the particular users. After trustee token issuance for the users, the users produce the token to the KDC then the token verify by the KDC if it is valid then KDC will provide the public and Private key to the user. After users received the keys the files are encrypt with the public keys and set their Access policies (privileges). User Token KDC Public key Private key File Download Fig: File Accessing Copyright @ IJIRCCE www.ijircce.com 1506

VIII. FILE RESTORATION Files stored in cloud can be corrupted. So for this issue we are using the file recovery technique to recover the corrupted file successfully and to hide the access policy and the user attributes. Fig: File Restoration IX. CONCLUSION I have presented a decentralized access control technique with anonymous authentication, which provides user revocation and prevents replay attacks. The cloud does not know the identity of the user who stores information, but only verifies the user s credentials. Key distribution is done in a decentralized way. One limitation is that the cloud knows the access policy for each record stored in the cloud. In future, I would like to hide the attributes and access policy of a user. REFERENCES [1] Ruj, S, Stojmenovic, M and Nayak, A 2013, Decentralized Access Control with Anonymous Authentication of Data Stored in Clouds, IEEE transactions on parallel and distributed systems. [2] Beimel, A 1996, Secure Schemes for Secret Sharing and Key Distribution, PhD Thesis. Technion, Haifa. [3] Bethencourt, J, Sahai, A and Waters, B 2007, Ciphertext-policy attribute-based encryption, in IEEE Symposium on Security and Privacy., pp. 321 334. [4] Chase, M 2007, Multi-authority attribute based encryption, in TCC, ser. Lecture Notes in Computer Science, vol. 4392. Springer, pp. 515 534. [5] Goyal, V, Pandey, O, Sahai, A and Waters, B 2006, Attribute-based encryption for fine-grained access control of encrypted data, in ACM Conference on Computer and Communications Security, pp. 89 98. [6] Li, J, Wang, Q, Wang, C, Cao, N, Ren, K and Lou, W 2010, Fuzzy keyword search over encrypted data in cloud computing, in IEEE INFOCOM., pp. 441 445. [7] Liang, X, Cao, Z, Lin, H and Xing, D 2009, Provably Secure and Efficient Bounded Ciphertext Policy Attribute Based Encryption, in ACM ASIACCS, pp 343 352. [8] Lin, H, Cao, Z, Liang, X and Shao, J 2008, Secure Threshold Multi-authority Attribute Based Encryption without a Central Authority, in INDOCRYPT, ser. Lecture Notes in Computer Science, vol. 5365, Springer, pp. 426 436. [9] Maji, H,K, Prabhakaran, M and Rosulek, M 2008, Attribute-based signatures: Achieving attribute-privacy and collusion-resistance, IACR Cryptology Print Archive. [10] Ruj, S, Stojmenovic, M and Nayak, A 2012, Privacy Preserving Access Control with Authentication for Securing Data in Clouds, IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, pp. 556 563. [11] Sahai, A and Waters, B 2005, Fuzzy identity-based encryption, in EUROCRYPT, ser. Lecture Notes in Computer Science, vol. 3494. Springer, pp. 457 473. [12] Wang, C, Wang, Q, Ren, K, Cao, N and Lou, W 2012, Toward Secure and Dependable Storage Services in Cloud Computing, IEEE Services Computing, vol.5, no.2, pp. 220 232. Copyright @ IJIRCCE www.ijircce.com 1507

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback