A STUDY ON INFORMATION SECURITY
USING PUBLIC KEY INFORMATION AT
BRISK TECHNO CLOUD STORAGE
ABSTRACT
Data sharing is an important functionality in cloud storage. In this article, we
show how to securely, efficiently, and flexibly share data with others in cloud
storage. We describe new public-key cryptosystems which produce constant-size
cipher texts such that efficient delegation of decryption rights for any set of cipher
texts are possible. The novelty is that one can aggregate any set of secret keys and
make them as compact as a single key, but encompassing the power of all the keys
being aggregated. In other words, the secret key holder can release a constant-size
aggregate key for flexible choices of ciphertext set in cloud storage, but the other
encrypted files outside the set remain confidential. This compact aggregate key can
be conveniently sent to others or be stored in a smart card with very limited secure
storage. We provide formal security analysis of our schemes in the standard model.
We also describe other application of our schemes. In particular, our schemes give
the first public-key patient-controlled encryption for flexible hierarchy, which was
yet to be known.
EXISTING SYSTEM
� There exist several expressive ABE schemes where the decryption algorithm
only requires a constant number of pairing computations. Recently, Green et al.
proposed a remedy to this problem by introducing the notion of ABE with
outsourced decryption, which largely eliminates the decryption overhead for users.
Based on the existing ABE schemes, Green et al. also presented concrete ABE
schemes with outsourced decryption.
In these existing schemes, a user provides an untrusted server, say a proxy
operated by a cloud service provider, with a transformation key TK that allows the
latter to translate any ABE cipher text CT satisfied by that user’s attributes or
access policy into a simple cipher text CT’, and it only incurs a small overhead for
the user to recover the plaintext from the transformed cipher text CT’. The security
property of the ABE scheme with outsourced decryption guarantees that an
adversary (including the malicious cloud server) be not able to learn anything
about the encrypted message; however, the scheme provides no guarantee on the
correctness of the transformation done by the cloud server. In the cloud computing
setting, cloud service providers may have strong financial incentives to return
incorrect answers, if such answers require less work and are unlikely to be detected
by users.
PROPOSED SYSTEM:
� We considered the verifiability of the cloud’s transformation and provided a
method to check the correctness of the transformation. However, the we did not
formally define verifiability. But it is not feasible to construct ABE schemes with
verifiable outsourced decryption following the model defined in the existing.
Moreover, the method proposed in existing relies on random oracles (RO).
Unfortunately, the RO model is heuristic, and a proof of security in the RO model
does not directly imply anything about the security of an ABE scheme in the real
world. It is well known that there exist cryptographic schemes which are secure in
the RO model but are inherently insecure when the RO is instantiated with any real
hash function.
In this thesis work, firstly modify the original model of ABE with
outsourced decryption in the existing to allow for verifiability of the
transformations. After describing the formal definition of verifiability, we propose
a new ABE model and based on this new model construct a concrete ABE scheme
with verifiable outsourced decryption. Our scheme does not rely on random
oracles.
In this paper we only focus on CP-ABE with verifiable outsourced decryption. The
same approach applies to KP-ABE with verifiable outsourced decryption. To
assess the performance of our ABE scheme with verifiable outsourced decryption,
�we implement the CP-ABE scheme with verifiable outsourced decryption and
conduct experiments on both an ARM-based mobile device and an Intel-core
personal computer to model a mobile user and a proxy, respectively.
PROBLEM STATEMENT
One of the main efficiency drawbacks of the most existing ABE schemes is that
decryption is expensive for resource-limited devices due to pairing operations, and
the number of pairing operations required to decrypt a cipher text grows with the
complexity of the access policy.
The above observation motivates us to study ABE with verifiable
outsourced decryption in this thesis work. Here emphasized that an ABE scheme
with secure outsourced decryption does not necessarily guarantee verifiability (i.e.,
correctness of the transformation done by the cloud server).
ARCHITECTURE:
�METHODOLOGY
1. SETUP PHASE
2. ENCRYPT PHASE
3. KEYGEN PHASE,
4. DECRYPT PHASE
�METHODOLOGY DESCRIPTION
1 SETUP PHASE
The setup algorithm takes no input other than the implicit security
parameter. It outputs the public parameters PK and a master key MK.
2 ENCRYPT PHASE
Encrypt(PK,M, A). The encryption algorithm takes as input the public
parameters PK, a message M, and an access structure A over the universe of
attributes. The algorithm will encrypt M and produce a ciphertext CT such that
only a user that possesses a set of attributes that satisfies the access structure will
be able to decrypt the message. We will assume that the ciphertext implicitly
contains A.
3 KEY GEN PHASE
Key Generation(MK,S). The key generation algorithm takes as input the
master key MK and a set of attributes S that describe the key. It outputs a private
key SK
�4 DECRYPT PHASE
Decrypt(PK, CT, SK). The decryption algorithm takes as input the public
parameters PK, a ciphertext CT, which contains an access policy A, and a
privatekey SK, which is a private key for a set S of attributes. If the set S of
attributes satisfies the access structure A then the algorithm will decrypt the
ciphertext and
return a message M.
�System Configuration:-
H/W System Configuration:-
Processor - Pentium –III
Speed - 1.1 Ghz
RAM - 256 MB (min)
Hard Disk - 20 GB
Floppy Drive - 1.44 MB
Key Board - Standard Windows Keyboard
Mouse - Two or Three Button Mouse
Monitor - SVGA
�S/W System Configuration:-
Operating System :Windows95/98/2000/XP
Application Server : Tomcat5.0/6.X
Front End : HTML, Java, Jsp
Scripts : JavaScript.
Server side Script : Java Server Pages.
Database : Mysql
Database Connectivity : JDBC.
CONCLUSION
How to protect users’ data privacy is a central question of cloud storage.
With more mathematical tools, cryptographic schemes are getting more versatile
�and often involve multiple keys for a single application. In this article, we consider
how to “compress” secret keys in public-key cryptosystems which support
delegation of secret keys for different cipher text classes in cloud storage. No
matter which one among the power set of classes, the delegate can always get an
aggregate key of constant size. Our approach is more flexible than hierarchical key
assignment which can only save spaces if all key-holders share a similar set of
privileges.
