Securing Data in Cloud using an Efficient Inner-Product Proxy Re-Encryption Scheme

Download Full-Text PDF Cite this Publication

Text Only Version

Securing Data in Cloud using an Efficient Inner-Product Proxy Re-Encryption Scheme

B. Bindulatha

MCA Year Department of Computer Science

S.V.U. CM&CS, Tirupati

Dr. E. Kesavulu Reddy

Asst. Professor Department of Computer Science

      1. CM&CS, Tirupati

        Abstract :Public key encryption with equality take a look at (known as PKE-ET) permits each person to carry out equivalence take a look at between two messages encrypted under awesome public keys. Attribute-hiding predicate encryption is a paradigm for public key encryption that supports each characteristic-hiding and great-grained get admission to control. In this paper, we first initialize the idea of attribute-hiding predicate encryption with equality test (shorten as AH-PE-ET) through incorporating the notions of PKE-ET and PE, after which propose a concrete AH-PE-ET scheme. Inheriting the merits of predicate encryption, flexible access manage can be executed such that the cipher texts and the name of the game key are respectively associated with the descriptive attributes x and the Boolean functions f and decryption can only be performed if f(x) returns proper. In the AH-PE-ET scheme, one records receiver can calculate a trapdoor using his/her non-public key and supplies this trapdoor to an untrusted cloud server, who in turn compares the cipher texts from this receiver with different receivers cipher texts. During the comparison, the facts about the trapdoor in addition to the attributes associated with the cipher texts will not be disclosed to this cloud server. Furthermore, it is also established to be selectively at ease in opposition to the selected plaintext attack within the fashionable version below the decisional bilinear Diffie- Hellman assumption. Finally, the theoretical overall performance evaluation and experimental simulation suggest the feasibility and practicability of our advised scheme.

        Keywords: Cloud computing, flexible data search, privacy- preservation, predicate encryption with equality test, standard model.


          Cloud computing is the on-call for availability of laptop device assets, mainly records garage and computing energy, without direct active control by the person. The term is generally used to explain information centers to be had to many customers over the Internet. Large clouds, main today, regularly have capabilities dispensed over a couple of locations from important servers. If the connection to the consumer is highly near, it could be distinct a part server. Clouds may be restrained to a single employer business enterprise clouds, or be available to many corporations (public cloud).

          Cloud computing is predicated on sharing of sources to gain coherence and scale. Advocates of public and hybrid clouds note that cloud computing allows businesses to keep away from or limit up-front IT

          infrastructure fees. Proponents also claim that cloud computing allows organizations to get their applications up and walking faster, with progressed manageability and much less protection, and that it allows IT groups to greater hastily adjust sources to meet fluctuating and unpredictable demand. Cloud carriers generally use a pay-as-you-cross version, which may result in sudden working charges if directors aren't familiarized with cloud-pricing models.

          To give valuable data to the individual and the general public, the capacity and preparing of mass information have become a basic task. Fortunately, distributed computing is a novel processing worldview which empowers universal access to boundless stockpiling and figuring assets at the cost of negligible administration cost. By thinking about the promising capability of distributed computing, people and ventures are progressively disposed to remotely store and process their information with the help of distributed computing as of late. In spite of the colossal advantages of distributed computing, it is reasonable to reconsider the conventional ways to deal with keep up information protection, uprightness and unwavering quality on the grounds that the cloud server is normally given by the untrusted business association or enterprise .Encryption-then re-appropriating is a typical strategy to guarantee the privacy of the information put away in the cloud server. Especially, open key encryption (PKE) has been generally used to guarantee the privacy of the re-appropriated information. To impart touchy information to explicit clients safely, an information holder can scramble these information under the general population key of the ideal recipient and convey the relating figure content to the cloud server. Thusly, just the assigned beneficiary can get to the information by performing decoding with his/her very own private key. Notwithstanding, the information proprietor needs to play out the general population key encryption calculation a few times if the information should be imparted to numerous clients. To give one-to-numerous encryption, the crude of property based encryption (ABE) was proposed by and Waters as the augmentation of ordinary PKE. In the ABE instrument, client's mystery key and the figure content are separately named with the engaging properties and the entrance arrangement. The client can decode the cipher text furnished the traits related with this client fulfill the entrance approach identified with the figure content. With the help of ABE, the safe and adaptable information

          sharing can be effectively accomplished in the distributed computing. Search Functionality: Nevertheless, the absence of the hunt usefulness may block the further selection of standard ABE in reasonable applications. At the point when a client expects to get to an encoded information that he/she is keen on, a potential methodology is to download all figure messages under his/her own characteristic set. Notwithstanding, this methodology is illogical and wasteful in light of the fact that enormous information are put away in the cloud server. So it is fundamental for the cloud server to give adaptable pursuit usefulness over the encoded information. To take care of this issue, defined the crude of quality based encryption with watchword search (ABE-KS). In an ABE-KS framework, a client first joins his/her very own mystery key with a catchphrase to make the watchword trapdoor. At that point, the cloud server is appointed the capacity of search usefulness to recover the ideal information scrambled under a similar access arrangement. During the inquiry procedure, cloud server couldn't get any data including the information and catchphrase. Despite the fact that the ABE-KS plan can be viewed as a fine-grained strategy to take care of the hunt issue, it isn't sufficient to give progressively adaptable inquiry usefulness to figure writings scrambled under various access strategies.

        2. RELATIVE STUDY:

          1. Towards a smart city based on cloud of things, a survey on the smart city vision and paradigms:

            Smart city speaks to one of the most encouraging, conspicuous and testing Internet of Things (IoT) applications. Over the most recent couple of years, for sure, the shrewd city idea has assumed a significant job in scholarly and industry fields, with the advancement and organization of different middleware stages and IoT-based frameworks. In any case, this extension has pursued particular methodologies making, along these lines, a divided situation, where diverse IoT biological systems are not ready to convey between them. To fill this hole, there is a need to return to the keen city IoT semantic and to offer a worldwide regular methodology.

          2. Developmnt of intelligent transportation system data management:

            This exhibits an audit of the best in class on smart transportation frameworks. ITS includes an enormous number of research regions and, subsequently, this paper center around those we accept to be the most significant. The principle reason for existing is to examine the accomplishments achieved in the most recent years and to give an outline of potential bearings towards future research

          3. Multi-modal design of an intelligent transportation system:

            This proposes a novel insightful transportation framework (ITS) utilizing the cell organize, GPS tests, and restricted ITS foundation for edge-level speed estimation under heterogeneous traffic condition. The mistaken vehicle position information taken from cell arrange are

            handled progressively to figure edge level vehicle stream, space inhabitance, and clog with a mean blunder of under 10%. For edge-level speed estimation, two models of ITS framework arrangement are proposed: the Congestion Coverage Model and the Edge Coverage Model .The GPS Probes' speed information are utilized to extrapolate speed estimations from a framework edge to the related infrastructure less edge(s).


          ABE-ET accomplishes the balance test for two figure messages under various access controls, however the two existing ABE-ET plans can't bolster characteristic stowing away. This is on the grounds that the delicate credits identified with the figure writings are effectively presented to assailants or pernicious clients in ABE-ET. For another, as an augmentation of open key encryption, PE can accomplish secure and adaptable information sharing just as trait covering up. Be that as it may, PE can't bolster search usefulness over the scrambled information.

            1. Proposed System

              Proposed a semi-conventional development of IBE-ET to give a refined security necessity that accomplishes the IND-ID-CCA security level. As of late, a productive IBE- ET development was acquainted by and demonstrated with be more effective and functional than Combined KP-ABE with correspondence test, set forward a novel KP-ABE-ET conspire. In this plan, the creators exhibited an instrument that decides if the equivalent plaintext information encoded under particular trait sets is contained in two distinctive figure writings. In the interim, CPABE conspire with fairness test (CP-ABE-ET) was recommended by to accomplish the usefulness that checks the identicalness between two information under various access arrangements. Further, the CP-ABE-ET conspire was demonstrated to be more effective than Even in this way, all the recently figured plans didn't consider the significance of trait covering up.

            2. Algorithms

              Formal definition of our PE-ET scheme our proposed AH- PE-ET scheme is constituted of six algorithms: Setup, Key Gen, Trapdoor, Encrypt, Decrypt and Test. These algorithms are described as follows:

              Setup (): Produce the grasp secret key MSK, the general public parameter PP based on a security parameter . KeyGen(PP, MSK, x ): Create the decryption mystery key DSK for users primarily based on the public parameter PP, the grasp key MSK and a predicate vector x .

              Trapdoor (PP, DSK, x): Generate the trapdoor TD for customers based on the public parameter PP, the decryption key DSK and an attribute vector x.

              Encrypt (PP, M, y): Produce the cipher text CT based totally on the public parameter PP, a plaintext message M and the predefined characteristic vector y

              Decrypt (CT, DSK): Decipher the cipher textual content CT the u se of the decryption mystery key DSK.

              Test (CTA, TDA, CTB, and TDB): Decide whether or not MA in CTA is the equal with MB in CTB the use of the trapdoor TDA and the trapdoor TDB.

              B. Encryption algorithm

              Encryption is the way toward changing over a plaintext message into cipher text which can be decoded once again into the first message. An encryption calculation alongside a key is utilized in the encryption and decoding of information. There are a few sorts of information encryptions which structure the premise of system security. Encryption plans depend on square or brook. The sort and length of the keys used rely on the encryption calculation and the measure of security required. In customary symmetric encryption a solitary key is utilized. With this key, the sender can scramble a message and a beneficiary can unscramble the message yet the security of the key gets dangerous. In awry encryption, the encryption key and the decoding key are unique. One is an open key by which the sender can scramble the message and the other is a private key by which a beneficiary can unscramble the message. These calculations utilize the equivalent cryptographic key for scrambling and unscrambling data.

              Obviously, this implies the key should be shared early between the sender and the collector. In cryptography, these individuals are called Alice and Bob, separately. Alice can send Bob a message, however Bob won't have the option to comprehend it until he has the key that Alice used to scramble it.

              The downside of these calculations is that an assailant possessing the mutual key can without much of a stretch split the encryption. Not exclusively can the aggressor unscramble Alice's messages, this individual can likewise compose a message mirroring Alice, scramble it, and send it to Bob. Sway will be not able recognize the trickiness. Therefore, Alice and Bob's shared key should be deliberately secured. The two primary sorts of encryption are symmetric encryption and kilter encryption. Awry encryption is otherwise called open key encryption.

              In symmetric encryption, there is just one key, and all conveying gatherings utilize a similar key for encryption and decoding. In lopsided, or open key, encryption, there are two keys: one key is utilized for encryption, and an alternate key is utilized for unscrambling. Either key can be utilized for either activity, yet information encoded with the principal key must be decoded with the subsequent key, and the other way around. One key is kept private, while one key is shared freely, for anybody to utilize henceforth "general society key" name. Awry encryption is a basic innovation for SSL (TLS).

              An encryption calculation is the scientific recipe used to change information into ciphertext. A calculation will utilize the key so as to adjust the information in an anticipated manner, so that despite the fact that the encoded information will seem irregular, it tends to be transformed go into plaintext by utilizing the key once more.

        4. CONCLUSION

In this, a novel AH-PE-ET conspire named attribute hiding predicate encryption with fairness test is figured to give the security protection of client qualities and adaptable inquiry capacity on cipher texts all the while. With our presented plan, information client, who highlights with a lot of qualities, can appoint the ability of proportionality test to the cloud server for deciding if two expected cipher texts contain the equivalent plaintext message without releasing any trait security and trapdoor protection. As far as we could possibly know, this proposed plan is the principal such plan which then manages these issues on both security insurance of client properties and adaptable information search. Moreover, the thorough security evidence is obviously state to demonstrate that our plan is IND-CPA secure in the standard model under decisional bilinear Diffie-Hellman presumption


      1. G. Ateniese, K. Fu, M. Green, and S. Hohenberger (2006). Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans. Inf. Syst. Secur., 9, 130.

      2. J. Bethencourt, A. Sahai, and B. Waters (2007). Ciphertext-policy attribute-based en cryption. In Proceedings of the 2007 IEEE Symposium on Security and Privacy, SP 07,(IEEE Computer Society: Washington, DC, USA), 321334.

      3. M. Blaze, G. Bleumer, and M. Strauss (1998). Divertible Protocols and Atomic Proxy Cryptography. Springer: Berlin, Heidelberg, 127144.

      4. D. Boneh, X. Boyen, and H. Shacham (2004). Short Group Signatures. Springer: Berlin, Heidelberg, pp. 4155.

      5. D. Boneh and M. Franklin (2001). Identity-Based Encryption from the Weil Pairing. Springer: Berlin, Heidelberg, 213229.

      6. M. Chase (2007). Multi-authority attribute based encryption. In Proceedings of the 4th Theory of Cryptography Conference, TCC 2007, Amsterdam, The Netherlands. (ed) Salil P. Vadhan, Theory of Cryptography, Lecture Notes in Computer Science, Vol. 4392, (Springer),pp. 515534.

      7. L. Cheung and Calvin C (2007). Newport. Provably secure ciphertext policy ABE. IACR Cryptology ePrint Archive, 2007:183.

      8. T. El Gamal (1985). A public key cryptosystem and a signature scheme based on discrete logarithms, in Proceedings of CRYPTO 84 on Advances in Cryptology, New York, NY, USA, (Springer-Verlag New York, Inc.), 1018.

      9. K. Emura, A. Miyaji, A. Nomura, K. Omote, and M. Soshi (2009). A Ciphertext-Policy Attribute-Based Encryption Scheme with Constant Ciphertext Length. Springer: Berlin, Heidelberg, 1323.

      10. V. Goyal, O. Pandey, A. Sahai, and B. Waters (2006). Attribute- based encryption for fine-grained access control of encrypted data, in Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 06, (ACM: New York, NY, USA), 8998.

      11. M. Green and G. Ateniese (2007). Identity-Based Proxy Re- encryption. Springer: Berlin, Heidelberg, 288306.

      12. H. Guo, F. Ma, Z. Li, and C. Xia (2015). Key-exposure protection in public auditing with user revocation in cloud storage, in Revised Selected Papers of the 6th International Conference on Trusted Systems, INTRUST 2014, (LNCS, Vol. 9473), 127136.

      13. S. Guo, Y. Zeng, J. Wei, and Q. Xu (2008). Attribute-based re- encryption scheme in the standard model. Wuhan University Journal of Natural Sciences, 13, 621625.

      14. J. Katz, A. Sahai, and B. Waters (2008). Predicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products. Springer: Berlin, Heidelberg, 146162.

      15. Y. Kawai and K. Takashima (2013). Fully-anonymous functional proxy-re-encryption. IACR Cryptology ePrint Archive, 2013:318.

      16. A. Lewko, T. Okamoto, A. Sahai, K. Takashima, and B. Waters (2010). Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption. Springer: Berlin, Heidelberg, 6291.

      17. H. Li and L. Pang (2016). Efficient and adaptively secure attribute-based proxy reencryption scheme. IJDSN, 12, 5235714:15235714:12.

      18. K. Li (2013). Matrix access structure policy used in attribute- based proxy re-encryption. CoRR. abs/1302.6428, eprint: arXiv:1302.6428.

      19. K. Liang, L. Fang, W. Susilo, and D. S. Wong (2013). A ciphertext-policy attribute-based proxy re-encryption with chosen-ciphertext security, in 2013 5th International Conference on Intelligent Networking and Collaborative Systems, 552559.

Leave a Reply

Your email address will not be published. Required fields are marked *