International Conference on Global Trends in Engineering, Technology and Management (ICGTETM-2016)
Secure Cloud using Homomorphic Encryption for Shared
Data in Cloud
Shambhu KumarSingh1, P. P. Rewagad2, Swati Patil3
Research Scholar, Department of Computer Science and Engineering, GHRIEM, Jalgaon, Indi 1
Assistant Prof., Department of Computer Science and Engineering, GHRIEM, Jalgaon, Indi2
Assistant Prof., Department of Computer Science and Engineering, GHRIEM, Jalgaon, Indi 3
usefulness computing describe a business model for
on-demand release of computing power; customers
pay provider based on usage, like to the way in which
we now get service from conventional public utility
services such as water resource, electricity resource,
gas resource and telephony. Cloud computing has
been coined as an umbrella term to explain a grouping
of primitive on-demand computing service initially
offered by marketable providers, such as Amazon,
Google, oracle and Microsoft. It denotes a model on
which a computing communications is viewed as a
“Cloud” from which businesses and individual access
applications from anyplace from anywhere in the
world on demand [2]. The main principle behind this
model is contribution computing, storage services, and
software “as a service”. We can say that lots of
problem connected with cloud computing resources
such as traffic, security and resource supervision. We
can provide security in cloud by many ways like on
data resources, network resources and storage
resources. Homomorphic encryption method provides
more security on data because contributor is not
involving in key supervision. We have use proxy reencryption technique and unique colors combination
technique that prevents ciphertext from chosen cipher
text attack [3]. This model is more secure than
Keywords: Cloud Computing, Cloud computing existing system [11]. Cloud computing we mean: The
Security, Homomorphic Encryption, RSA based Information Technology (IT) model for computing
resources, which is collected of all the IT components
Encryption Techniques
(hardware, software, networking, storage, and services)
that are necessary to enable expansion and delivery of
I. INTRODUCTION
When plug electrical device into a passage we care cloud services via the Internet Intranet or a private
neither how electric power is generated nor how it gets network. This description has no notion of security for
to that passage. This is probable because electricity is data in the cloud computing services even if it's a very
virtualized; it is willingly available from a wall socket new concept. Different Cloud providers like: IBM,
that hides power production stations and a huge Google, Oracle, VMware and Amazon use the
allotment grid. When extended to information virtualization in their Cloud computing platform, and
technologies, these notions means deliver useful in the same machine can exist the storage space and
function while hiding how their interior works. management virtualized which belongs to concurrent
Computing technique itself, to be well thought-out enterprise [3]. Cloud computing includes; the whole
fully virtualized, must allow computers to be built thing is delivered as a Service (XaaS), commencing
from spread components such as processing, storage, testing and security, to association and Meta modeling.
The cloud was rapidly becoming a conflagration of
data, network and software resources [1].
buzzword “as a service”.
Technologies such as cluster computing, grid
There are three main service models, which are
computing, and today cloud computing, have all
approved on and defined in the NIST document [10].
meant at allow access to huge amounts of c power of
1. Software as a Service– Applications is inherent in
computing techniques that are fully virtualized manner,
on the top of the cloud stack. Application provide by
by aggregate possessions and contribution of a single
this layer can be accessed by end users throughout
machine view. In adding, an important aim of these
web portals. Hence, clients are increasingly changing
technologies has been deliver computing as usefulness.
Abstract— Computing is a assurance computing
technology where all the services are used either
offline or via Internet. Today cloud computing played
vital role in computing where all the services are
provided through Internet .Today it has seen
increasing charisma of storing and running personal
data on the cloud. So providing confidentiality of
personal data becomes one of the challenges. We all
know the demand for isolation of data of enterprise
has increased massively. For this purpose different
types data encryption methods are used. However a
serious problem arises when there is a need of
mathematical computation on encrypted data where
security is established. At that time homomorphic
encryption techniques can be used. In this paper we
propose the model that perform the operation on
encrypted data and provides the same result on
without encrypted data as well as encrypted data
when computation to be performed. We also use
additional combination of RGB value for
authentication purpose. So, this homomorphic
encryption method and RGB value we can able to
provide authentication mechanism and data security
on cloud it also for preventing chosen cipher text
attacks.
ISSN: 2231-5381
http://www.ijettjournal.org
Page 399
International Conference on Global Trends in Engineering, Technology and Management (ICGTETM-2016)
from locally install computer programs to on-line
software services that offer the same functionality.
Conventional desktop applications such as word
processing, access and spreadsheet can now be
accessed as a service in the web. This representation
of delivering applications, known as Software as a
Service (SaaS) Typical examples are Google Docs and
Salesforce.com CRM [10], moodle on cloud.
2. Platform as a Service–Infrastructure-oriented
clouds that provide raw computing and storage
services, a further approach is to offer a higher level of
abstraction to make a cloud easily programmable,
acknowledged as Platform as a Service (PaaS).This
gives a client (developer) the litheness to build
(develop, test and deploy) applications on the
provider’s platform. PaaS stakeholders include the
PaaS hosted who provides the infrastructure, the PaaS
provider who provides the expansion tools and
platform and the PaaS user. Examples of PaaS are
Microsoft Azure and Google AppEngine, VMware
[10].
evidenced by correspond Technologies. The private
cloud gives an association greater control over its data
and possessions. As a result, the private cloud is more
engaging to enterprises more than ever in mission and
safety dangerous or invention [1].
3. The Hybrid Cloud
This includes of a grouping of any two (or all) of the
three models discussed above. Homogeny of APIs has
lead to easier allotment of applications crossways
different cloud services models. This enables newer
models services such as “Surge Computing” in which
workload spikes from the private cloud is offset to the
public cloud [1].
3. Infrastructure as a Service–It provides virtualized
resources on order is known as Infrastructure as a
Service (IaaS). A cloud infrastructure enables ondemand provisioning of servers running a number of
choices of operating system and customized software
stack. Infrastructure services are considered to be
bottom layer of cloud computing techniques. Amazon
Web Services techniques mainly offer IaaS, which in
the case of its EC2 examine means offering VMs with
software stack that can be tailored comparable to how
a normal physical server would be personalized [10].
In infrastructure ownership, there are four
consumption models of cloud computing each with its
qualities and demerits. This is where the security
issues start.
1. The Public Cloud
This is the traditional view of cloud computing in
every day lingua. It is typically owned by a large
association (e.g. Amazon’s EC2, Google’s AppEngine
and Microsoft’s Azure, Oracle). The ownerorganization makes its infrastructure as services
accessible to the universal public via a multi-tenant
model on a self-service basis delivered over the
Internet. This is the most commercial model leading to
significant savings for the user, albeit with assistant
privacy and security issues since the physical position
of the provider’s infrastructure as services usually
traverse frequent national limitations [10].
2. The Private Cloud
This includes cloud infrastructure as a services in a
single tenant surroundings. It defers commencing the
customary data center in its principal use of
virtualization. It may be managed by the tenant
association or by a third party within or external the
tenant location. Private cloud expenditure more than
the public cloud, but it leads to more expenditure
reserves when compared with a data center as
ISSN: 2231-5381
Fig. 1 Architecture of cloud computing techniques
II. HOMOMORPHIC ENCRYPTION
Homomorphic Encryption techniques are encryption
techniques in which we can able to perform operation
on encrypted data without knowing original plaintext
data or raw data. By this technique also allows server
to perform the operation on encrypted data without
knowing the original plaintext data or raw data. This
can also allows complex arithmetical operations to be
performed on encrypted data without using the
original plaintext data or raw data. Suppose consider
plaintexts X1 and X2 and corresponding ciphertext Y1
and Y2, then Homomorphic encryption scheme allows
the calculation of X1 Θ X2 from Y1 and Y2 without
using X1 Θ X2.The cryptosystem nature is
multiplicative or additive Homomorphic that
depending upon the function Θ which can be
multiplication or are used [12].
http://www.ijettjournal.org
Page 400
International Conference on Global Trends in Engineering, Technology and Management (ICGTETM-2016)
1.3) Hash Functions: It creates fixed size encrypted
message called hash irrespective of size of input
message. One of the best MD (Message Digest)
algorithms is an example of these techniques. Hash
functions are one way techniques [7].
Fig. 2 Protection of Data over the Cloud
computing
III. CRYPTOGRAPHY CONCEPT
The science contiguous the principles and methods of
transform a understandable message into one that is
inarticulate, and then retransforming that message
back to its original appearance is crucial design behind
of cryptography techniques. Cryptography, to most
people, is anxious with keeping interactions private.
Encryption is the transformation of data into some
unreadable form by other person cannot able to read.
Purpose is to provide privacy by maintenance the
information secreted from anyone for whom it is not
proposed. Decryption is the reverse of encryption
techniques; it is the transformation of encrypted data
back into some intelligible form or we can say that
user readable form. When in any case Encryption and
decryption require the use of some secret information
that user want to provide privacy, usually referred to
as a key or locker that prevent to other from
unauthorized access [5]. The data to be encrypted is
called as plain text or raw data. The encrypted data
obtain as a result of encryption techniques is called as
cipher text which unreadable form. Depending on the
encryption mechanism used when, why, and for what
purpose the same key might be used for encryption
and decryption techniques, while for other, the keys
used for encryption and decryption techniques might
be different [7].
1. Ways of Cryptographic Algorithms
There are many ways of classifying cryptographic
techniques. In general they are divided based on the
number of keys that are used for encryption and
decryption techniques, and further defined by their
function and use as in. There three types of algorithms
techniques are depicted as follows
1.1) Secret Key Cryptography: It Uses a single key for
both encryption and decryption techniques. Most
common algorithms techniques in use include Data
Encryption Standard (DES), It also includes Advanced
Encryption Standard (AES) [7].
1.2) Public Key Cryptography (PKC): It Uses one key
for encryption and another for decryption techniques.
One of the best RSA (Rivest, Shamir, and Adleman)
algorithms is an example of these techniques [7].
ISSN: 2231-5381
2. RGB Color Value
When we consider any color then it is the combination
of three primary colors Red, Green and Blue in fixed
quantities depends on the color will produces. Color is
stored in a computer in form of three numbers
representing the quantities of Red, Green and Blue
correspondingly. Representation of this method is
called RGB representation which is used in computers
for storing the images in BMP, JPEG and PDF
formats. When we consider this color then here each
pixel is represent as values for Red, Green and Blue.
Thus any color can be distinctively represented in the
three dimensional RGB cube as values of Red, Green
and Blue. The RGB color model is an additive model
in which Red, Green and Blue are pooled in various
ways to produce other colors. By using proper
amalgamation of Red, Green and Blue intensities,
many colors can be representing. Classically, 24 bits
are used to store a color pixel. This is usually
apportioned with 8 bits each for red, green and blue,
giving a range of 256 possible values, or intensities,
for each hue. With this system, 16 777 216 (256^ 3 or
2^24) discrete combination of hue and intensity can be
specified [5].
IV. EXISTING SYSTEM
A
Homomorphic
encryption
has
different
Homomorphic schemes according to its properties:
Security is biggest problem of cloud computing. Many
Research paper discuss about cloud and its advantage
and disadvantage. In my Literature review I found
security is major key point. From the Literature
Review I found Homomorphic encryption is the more
secure encryption scheme. In this scheme cloud server
can perform any algebraic operation on cipher data.
From literature Review I found that Chosen Cipher
text attack is major problem.
1. Additive Homomorphic Encryption
In additive Homomorphic encryption sum of
encrypted cipher text is same as sum of original plain
text. This property allows you to apply addition on
encrypted data without knowing original data. A
Homomorphic encryption is additive, if:
Enc (X+Y) = Enc(X) + Enc(Y)
Enc (+ mi) = + Enc (mi)
i=1 i=1
Suppose we have two ciphers Ci1 and Ci2 such that:
Ci1 = gm1 .R1n mod n2
Ci2 = gm2. R2n mod n2
Ci1.Ci2 = gm1.R1n.gm2.R2nmod n2 =gm1+m2
(R1R2) n mod n2
http://www.ijettjournal.org
Page 401
International Conference on Global Trends in Engineering, Technology and Management (ICGTETM-2016)
So, Pailler, Benaloh and Okamoto-Uchiyama
cryptosystems realizes the property of additive
Homomorphic encryption. An application of an
additive Homomorphic encryption is electronic voting:
Each vote is encrypted but only the "sum" is decrypted.
Cloud server contains encrypted vote it just perform
addition on encrypted data and get the encrypted result.
That encrypted result is decrypted at the client side
and get the original result.
2. Multiplicative Homomorphic Encryption
In
Multiplicative
Homomorphic
encryption
Multiplication of encrypted cipher text is same as
Multiplication of original plain text. This property
allows you to apply Multiplication on encrypted data
without knowing original data. A Homomorphic
encryption is multiplicative,
if: Enc (X*Y) = Enc(X) * Enc(Y)
Enc (*mi) = * Enc (mi)
i=1 i=1
RSA and Elgamal cryptosystems realize the properties
of the multiplicative Homomorphic encryption.
Key Generation -keygen (p,q)
1. Take two prime number such as two prime numbers
is p and q.
2. Calculate such as n=p.q, fi(n)=(p-1)(q-1) and
choose a way e that is calculated gcd(e,
fi(n)))=1.
3. Calculate now d such that e.d=1 mod fi(n).
4. The Proxy public key is generated such as (Rpk) is
(e, n).
5. The proxy Secret key is generated such as (Rsk) is
(d).
Encryption Techniques: Enc (c, Rpk)
1. Let us consider m be a message which is encrypted
where m Є Zn.
2. Calculate the value of ciphertext as: rc=me mod n.
Decryption Techniques: Dec (rc,Rsk)
1. Ciphertext c Є Zn.
2. Calculate the value such as message m =cd mod n.
Proxy Re-Encryption Algorithm:
In proxy Re-Encryption techniques same algorithm
will repeat again, here only choosing of two prime
numbers should be large.
VI. DESIGN AND IMPLEMENTATION
Table 1: Homomorphic Encryption Scheme
Scheme
RSA
ElGamal
Homomorphic
Properties
Multiplicative
Multiplicative
Algorithm Types
Asymmetric
Asymmetric
Goldwasser Micali XOR
Asymmetric
Benaloh
Additive
Symmetric and
Asymmetric
Paillier
OkamotoUchiyama
Additive
Additive
Asymmetric
Asymmetric
V. PROPOSED WORK AND METHODOLOGY
For preventing of cipher data from chosen ciphertext
attack and accountability, here provide Proxy ReEncryption algorithm with paillier and RSA
Cryptosystem techniques. Initially users are identified
by assigning of unique RGB value. Each RGB value is
represented with a set of three values for example
violet red color is represented in RGB format as (137,
157, 40) simultaneously user signup will done, after
then user can able to login in system, at the time of
login OTP will generated which is accessible from
registered email In next step actual data are encrypted
using RGB and Homomorphic encryption technique,
after then these data are sent on the cloud. After then
user can able to decrypt the data by using login into
system again OTP will generated, user can login into
system by providing OTP which is accessible from
registered email then user can decrypt the data by
providing RGB value and key of Homomorphic
encryption.
Algorithm of Homomorphic encryption:
ISSN: 2231-5381
Simplified Working Model
The Figure 3 is the simple working model of the
System Framework.
Fig. 3 Architecture of System model
1. First of all user signup in the system at the time of
signup unique user will be identified using RGB value.
2. For registering the user successfully OTP will sent
on verified email which is given at the time of signup.
http://www.ijettjournal.org
Page 402
International Conference on Global Trends in Engineering, Technology and Management (ICGTETM-2016)
Table 6.1: Comparison and Result Analysis Table
3. Then by proving OTP he/she will completed their
registration.
4. After then they can able to login in the system using
valid user name password and RGB value.
5. Again OTP will send on register email for
connecting and to store the data on cloud.
6. After then he/she perform the encryption on data,
here key and document id will generated, through
which later they can able to access data easily.
7. After then they can upload encrypted data on cloud.
8. Same procedure will apply at time of accessing or
decrypting the data.
Fig 4 Main System GUI
Figure 4 shows main GUI of this system user can
interact with the system perform the operation. After
then when we click on Signup page of this system user
can able perform the registration on this page. After
then user can able to login in system at Login page of
this system user can only able Login by using valid
user name password and RGB value.
VII. RESULT AND DISCUSSION
The comparison table considers the important cloud
computing security characteristics such as,
Scalability
Security
Authentication type
Key used
Comparison among the RSA, Homomorphic
encryption algorithms and The Homomorphic
encryption algorithm are scalable but RSA is not
scalable. The RSA security applied client side only
likewise Homomorphic encryption algorithm security
applied cloud itself only. The following table
characteristic precedes the insecure issues. So we are
using the effective authentication plan to provide
stronger security for both cloud providers and
consumers.
ISSN: 2231-5381
VIII. CONCLUSIONS
Combination of secret key and public key
cryptography system techniques can be applied mainly
for encryption and decryptions of the Information;
System also provides the method for to identifying the
receiver. For encryption and decryption of the
personal data we provide Homomorphic encryption
technique which is a new impression of security on the
cloud computing that enables proving results of
computation on encrypted data without knowing the
raw data. System model design uses RSA and Paillier
algorithm for Homomorphic encryption with color
(RGB) model that prevents cipher data from Choosen
Cipher text Attack (CCA). So this system is more
secure than existing system. Every time for uploading
of data, RSA algorithm is executed at the client side.
One time for encryption at the client end and one time
for decryption and encryption at the Encryption Server
end. Similarly for downloading of data each time same
procedure will be executed.
REFERENCES
[1]
Anjana Chaudhary, Ravinder Thakur and Manish Mann
“Security in Cloud Computing by Using Homomorphic
Encryption Scheme with Diffie-Hellman Algorithm”
http://www.ijettjournal.org
Page 403
International Conference on Global Trends in Engineering, Technology and Management (ICGTETM-2016)
[2]
[3]
[4]
[5]
[6]
[7]
[8]
[9]
[10]
[11]
[12]
[13]
[14]
[15]
[16]
Proceedings of 7th SARC-IRF International Conference, 03rd
August-2014, New Delhi, India, ISBN: 978-93-84209-41-4.
Yogita S. Pawar and Shambhu Kumar Singh” Secure Cloud
using RGB value and Homomorphic Encryption for shared
data in cloud” International Journal on Recent and Innovation
Tends in computing and communication , Volume 3 issue 6,
page 4158-4162, June 2015.
Hu Shuijing “Data Security: the Challenges of Cloud
Computing” 2014 Sixth International Conference on
Measuring Technology and Mechatronics Automation.
Sushmita Ruj, Milos Stojmenovic, and Amiya Nayak
“Decentralized
Access
Control
with
Anonymous
Authentication of Data Stored in Clouds” IEEE Transactions
On Parallel And Distributed Systems Vol: 25 NO: 2 YEAR
2014.
Bhabendu Kumar Mohanta and Debasis Gountia “Fully
homomorphic encryption equating to cloud security: An
approach” IOSR Journal of Computer Engineering (IOSRJCE) e-ISSN: 2278-0661, p- ISSN: 2278-8727Volume 9,
Issue 2 (Jan.- Feb. 2013), PP 46-50.
Shashank Bajpai and Padmija Srivastava “A Fully
Homomorphic Encryption Implementation on Cloud
Computing” International Journal of Information &
Computation Technology. ISSN 0974-2239 Volume 4,
Number 8 (2014), pp. 811-816
Iram Ahmad and ArchanaKhandekar “International Journal of
Information & Computation Technology” ISSN 0974-2239
Volume 4, Number 15 (2014), pp. 1519-1530”
S. Pavithra Deepa, S. Kannimuthu, and V. Keerthika “Security
Using Colors and Armstrong Numbers” National Conference
on Innovations in Emerging Technology Year 2011.
Maha Tebaa, Saïd El Hajji, Abdellatif El Ghazi
“Homomorphic Encryption Applied to the Cloud Computing
Security” Proceedings of the World Congress on Engineering
2012 Vol I WCE 2012, July 4 - 6, 2012, London, U.K.
Boyang Wang, Baochun Li, Member, IEEE, and Hui Li,
Member, IEEE “Oruta: Privacy-Preserving Public Auditing
for Shared Data in the Cloud” IEEE 5th International
Conference On Cloud Computing Year 2014 Rajkumar
Buyya, James Broberg and Andrzej Goscinski “Cloud
Computing Principles and Paradigms” ISBN 978-81-2654125-6
Vidya S and Vani K “Secured PHR Transactions using
Homomorphic Encryption in Cloud Computing” International
Journal of Engineering and Computer Science ISSN: 23197242 Volume 2 Issue 12 Dec, 2013 Page No. 3540-3543.
Myur Sunil Patil and Shambhu Kumar Singh “Cloud
Security using Colors and Homomorphic Encryption”
International Journal on Emerging Trends in Technology
ISSN: 2350-0808, September 2014, Volume 1 Issue 1, 182.
S. J. Patil, N. P. Jagtap and Shambhu Kumar Singh “Use of
RGB Colors and Cryptography for Cloud Security”
International Journal of Science Spirituality Business and
Technology ISSN: 2277-7261.
S. V. J. B. Rajkumar Buyya, Chee Shin Yeo and I. Brandic,
\Cloud computing and emerging it platforms: Vision, hype,
and reality for delivering computing as the 5 th utility," Future
Generation Computer Systems, pp. 599{616, 2009.
V. P. Alexandros G. Dimakis and K. Ramchandran,
\Decentralized erasure codes for distributed networked
storage," ACM, vol. 1, pp. 1{8, June 2006.
R. S. Q. W. Mahesh Kallahalla, Erik Riedel and K. Fu,
“Plutus: Scalable secure file sharing on untrusted storage," pp.
1{14, March 2003.
ISSN: 2231-5381
http://www.ijettjournal.org
Page 404