Contact at or 8097636691
Responsive Ads Here

Thursday, 22 February 2018

Audit-Free Cloud Storage via Deniable Attribute-based Encryption2(2015)

Audit-Free Cloud Storage via Deniable 

Attribute-based Encryption2(2015)

Cloud storage services have become increasingly popular. Because of the importance of privacy, many cloud storage encryption schemes have been proposed to protect data from those who do not have access. All such schemes assumed that cloud storage providers are safe and cannot be hacked; however, in practice, some authorities (i.e., coercers) may force cloud storage providers to reveal user secrets or confidential data on the cloud, thus altogether circumventing storage encryption schemes. In this paper, we present our design for a new cloud storage encryption scheme that enables cloud storage providers to create convincing fake user secrets to protect user privacy. Since coercers cannot tell if obtained secrets are true or not, the cloud storage providers ensure that user privacy is still securely protected.
  1.  There are numerous ABE schemes that have been proposed. Most of the proposed schemes assume cloud storage service providers or trusted third parties handling key management are trusted and cannot be hacked; however, in practice, some entities may intercept communications between users and cloud storage providers and then compel storage providers to release user secrets by using government power or other means. In this case, encrypted data are assumed to be known and storage providers are requested to release user secrets.
  2.  Sahai and Waters first introduced the concept of ABE in which data owners can embed how they want to share data in terms of encryption.
  3.  There are two types of ABE, CP-ABE and Key-Policy ABE (KP-ABE). Goyal et al. proposed the first KPABE. They constructed an expressive way to relate any monotonic formula as the policy for user secret keys. Bethencourt et al. proposed the first CP-ABE. This scheme used a tree access structure to express any monotonic formula over attributes as the policy in the ciphertext.

  1.  It is also impractical to encrypt data many times for many people. With ABE, data owners decide only which kind of users can access their encrypted data. Users who satisfy the conditions are able to decrypt the encrypted data.
  2.  Use translucent sets or simulatable public key systems to implement deniability.
  3.  Most deniable public key schemes are bitwise, which means these schemes can only process one bit a time; therefore, bitwise deniable encryption schemes are inefficient for real use, especially in the cloud storage service case.
  4.  Most of the previous deniable encryption schemes are inter-encryption independent. That is, the encryption parameters should be totally different for each encryption operation. If two deniable encryptions are performed in the same environment, the latter encryption will lose deniability after the first encryption is coerced, because each coercion will reduce flexibility.
  5.  Most deniable encryption schemes have decryption error problems. These errors come from the designed decryption mechanisms.
  1.  In this work, we describe a deniable ABE scheme for cloud storage services. We make use of ABE characteristics for securing stored data with a fine-grained access control mechanism and deniable encryption to prevent outside auditing. Our scheme is based on Waters ciphertext policy-attribute based encryption (CP-ABE) scheme. We enhance the Waters scheme from prime order bilinear groups to composite order bilinear groups. By the subgroup decision problem assumption, our scheme enables users to be able to provide fake secrets that seem legitimate to outside coercers.
  2.  In this work, we construct a deniable CP-ABE scheme that can make cloud storage services secure and auditfree. In this scenario, cloud storage service providers are just regarded as receivers in other deniable schemes.

  1.  Unlike most previous deniable encryption schemes, we do not use translucent sets or simulatable public key systems to implement deniability. Instead, we adopt the idea proposed with some improvements. We construct our deniable encryption scheme through a multidimensional space. All data are encrypted into the multidimensional space.
  2.  Only with the correct composition of dimensions is the original data obtainable. With false composition, ciphertexts will be decrypted to predetermined fake data. The information defining the dimensions is kept secret. We make use of composite order bilinear groups to construct the multidimensional space. We also use chameleon hash functions to make both true and fake messages convincing.
  3.  In this work, we build a consistent environment for our deniable encryption scheme. By consistent environment, we means that one encryption environment can be used for multiple encryption times without system updates. The opened receiver proof should look convincing for all ciphertexts under this environment, regardless of whether a cipher text is normally encrypted or deniably encrypted. The deniability of our scheme comes from the secret of the subgroup assignment, which is determined only once in the system setup phase. By the canceling property and the proper subgroup assignment, we can construct the released fake key to decrypt normal ciphertexts correctly.

  •  Key Distribution center
  •  Data Owners
  •  Cloud Server
  •  User Module
  •  Search over files
Key Distribution center:
In this module, we develop the Key Distribution Center (KDC). KDC provides the accessibility of files to users. Initially User will request for a secret key pair for the selected file. The respective public and private key credentials will be sent to the Email ID of users by key distribution centre. To build an audit-free secure cloud storage service, we use a deniable CP-ABE scheme as our core technology.
Data Owners:
The proposed scheme should allow new data owners to enter this system without affecting other data owners or data users, i.e., the scheme should support data owner scalability in a plug-and-play model. To prove that our deniable encryption scheme is secure requires this scheme to be a valid encryption scheme. For a multi-distributional deniable encryption scheme, it is only necessary to prove the security from the normal algorithm set.
Cloud Server:
Then, the owner sends the encrypted data to the cloud server. They do not rely on the server to do data access control. But, the access control happens inside the cryptography. That is only when the user’s attributes satisfy the access policy defined in the cipher text; the user is able to decrypt the ciphertext. Thus, users with different attributes can decrypt different number of content keys and thus obtain different granularities of information from the same data.
User Module:
Each user has a global identity in the system. A user may be entitled a set of attributes which may come from multiple attribute authorities. The user will receive a secret key associated with its attributes entitled by the corresponding Key Distribution Centre. A user can obtain the true message with a valid secret key, regardless of whether the ciphertext is normally encrypted or deniably encrypted.
Search over files:
The proposed scheme should allow search over encrypted files which would be encrypted and stored in the cloud. This functionality provides you the facility of searching respective file with a searching text. This will leads to ask for a secret key. Then the credentials will help to achieve file download.
 System                          :         Pentium IV 2.4 GHz.
 Hard Disk                      :         40 GB.
 Floppy Drive                 :         1.44 Mb.
 Monitor                         :         15 VGA Colour.
 Mouse                            :         Logitech.
 Ram                               :         512 Mb.
 Operating system           :         Windows XP/7.
 Coding Language :         JAVA/J2EE
 IDE                      :         Netbeans 7.4
 Database              :         MYSQL
Po-Wen Chi and Chin-Laung Lei, Member, IEEE, “Audit-Free Cloud Storage via Deniable Attribute-based Encryption”, IEEE Transactions on Cloud Computing, 2015.

No comments:

Post a Comment