International Journal of Engineering Trends and Technology (IJETT) - Volume 35 Number 3- May 2016 Proof of Retrievable Computing System for Data Storage in Cloud Reshma A. Hegde Madhura Prakash,Assistant Professor Department of ISE, BNM Institute of Technology,Bengaluru. Email:reshmahgd@gmail.com Department of ISE, BNM Institute of Technology,Bengaluru. Email:Madhura.prakash5@gmail.com Abstract—Cloud computing moves large amount of data to the data centers. Users find cloud to be an efficient platform since it provides many services and benefits. But management of data in cloud is not completely trustworthy. The data in cloud need to be periodically verified. To reduce the burden on client side, a new cloud scheme is proposed which is called proof of retrievable computing system for data storage in cloud. It involves a cloud storage and an auditing process to periodically verify the cloud data on clients request. To reduce large computation on user side public verifiability is proposed. Also the model is more secure as it prevents the reset attacks during uploading the data in cloud.The data integrity on cloud is periodically checked by the audit process in cloud. Keywords-cloud computing, proof of retrievability, security, data integrity, verifiability I. INTRODUCTION Cloud computing moves the huge amount of client and organization data to the large data centers, where the management of the data and services may not be completely trustworthy. Though Cloud computing offers many selfservices, resources, network access it has many critical issues. One of the biggest challenges is data integrity verification in cloud since the service provider may cheat on client’s data. To ensure the integrity of the data public verifiability is proposed which reduces the burden on client side, which reduces the burden on client side as the third party auditor performs the integrity check.[1] New cloud scheme, proof of retrievable computing system for data storage in cloud is proposed which has a cloud storage to outsource large size files of clients to cloud and an auditing process which verifies the data on clients request periodically which also reduces the burden on client side. It eliminates the involvement of user and also performs data verifiability. PoR(Proof Of Retrievability) outsources and offload the heavy computation of the tag generation to the cloud audit server and eliminates the involvement of user in the auditing and in the pre-processing phases[2]. Also, proof of retrievability (PoR) model supports dynamic data operations, as well as ensures security against reset attacks during uploading of data in cloud.[3]This is an efficient scheme which contributes both public verifiability and dynamic updation while supporting security against middle man attack. ISSN: 2231-5381 II. PROBLEM STATEMENT Cloud computing helps clients to store their large amount of files in cloud. Though Cloud Computing offers plenty of advantages, it also brings with it challenging issues which hinders the overall protection and performance on the system. One of the biggest challenge for the cloud user is that of data integrity verification at untrusted servers.[4] The serious issue is that service providers might intentionally dispose rarely accessed data files which belong to an ordinary client or the service provider may hide data loss to save penny and space. The core of the problem can be generalized as how can the client find an resourceful way to perform periodical integrity check without the local copy of data files[5]. A. Design goals It can be summarized as (1) Low Computation burden on client side: Data owner does not have heavy computation overhead as an auditor performs auditing on clients behalf.(2)Public auditing: Allows auditors to verify the stored cloud data without its local copy. (3) Dynamic data operation support: Allows clients to perform dynamic updation, deletion and editing of the files. (4) Stateless auditing: Eliminates the need for original data to be maintained by auditor for verification. (5)Strengthened security model: To prevent reset attacks during uploading the data to the cloud. http://www.ijettjournal.org III. SYSTEM ARCHITECTURE Fig 1. System architecture of the model Page 115 International Journal of Engineering Trends and Technology (IJETT) - Volume 35 Number 3- May 2016 Figure 1 shows the system design of the proposed system. The registered users log in to the application. When user is uploading the file to cloud, first the file will be read in byte stream for generating the SHA1 (Secure Hash Algorithm) key using Hashing Technique. SHA1 key will be stored in users database Server. This file will be again encrypted using the RNS (Residue Number System) algorithm and will be stored in user database storage. The File content will be encrypted. The Encrypted file will be sent to the cloud storage by connecting through the file transfer protocol (ftp).Once the connection is establish with the cloud storage, encrypted file will be transferred to cloud storage . When Users wants to verify the files from the auditor, auditor going to check the integrity checking process .While auditor checking the integrity check for the file verification process he has to request for web server storage to get the digital signature of the uploaded file instead of file which is present in the cloud storage and has to get the original digital signature. Finally web server storage will compare the both digital signatures for integrity checking process. If both are identical then his file is not modified or else appropriate message will be display. the particular file using RNS(Residual Number System) algorithm it will decrypt the file to download the original file. 5)Public auditing process. Third party auditor audits the files stored in cloud. He checks for data integrity using two hash keys. He does not have original file while he performs auditing using the hash keys of files. IV. IMPLEMENTATION OF ALGORITHMS A.Pseudocode for SHA1 Algorithm for hashing In cryptography, SHA-1 (Secure Hash Algorithm 1) is a hashing function in cryptography. SHA-1 produces a 160-bit (20-byte) hash value known as a message digest. 1)Initialize variables which are unsigned 32 bits. 2)Preprocessing • Append bit 1 to the message • Append 0<=k<512 bits ‘0’,so that the resulting message length is congruent to 448=-64(mod 512) • Append length of message in bits, as 64 bit big integer A. System modules of the model 1)Hashing processing When user is uploading the File to cloud, first the File will be read in byte stream for generating the SHA1 key using Hashing Technique. The SHA1 Key will produce a message digest of size 20 bytes and SHA1 key will be generating based on the content of the uploading File. This SHA1 key will be stored in users database Server. 2)File Upload Process with Encryption User has to login to upload the File, when user wants to upload data file to the cloud storage he has to select the file from his storage. When file is uploading to the cloud, we are generating the digital signature of the file and keep a copy of the digital signature in the users database storage .The File content will be encrypted using RNS Algorithm. The Encrypted file will be sent to the cloud storage by connecting through the file transfer protocol (ftp).Once the connection is established with the cloud storage, encrypted file will be transferred to cloud storage. 3)Integrity Checking Process When users wants to verify the files from the auditor, auditor checks for the integrity of files. While auditor checking the integrity check for the file verification process he has to request for audit process to get the hash key of the uploaded file instead of file which is present in the cloud storage and has to get the original hash key. Finally audit server will compare the both digital signatures for integrity checking process. If both are identical then user’s file is not modified or else appropriate message will be display. 4)File Download Process with Decryption User wants to download the file from the cloud storage he has to select the particular file while downloading. The Cloud connection is established using File Transfer Protocol. Select ISSN: 2231-5381 3) Process the message in successive 512 bit chunks 4) Extend sixteen 32 –bit words into eighty 32 –bit words 5)Initialize hash value for this chunk and add the chunk’s value to the result so far. 6) Generating the final hash value. B.Pseudocode for RNS Algorithm for cryptography To perform efficient computation, using small set of integers residue numeral system (RNS) is used which represents a large.It is based on the Chinese remainder theorem of modular arithmetic. 1.Get Random prime numbers using random generator 2.Consider “N” to be the data.P1 and P2 are two random prime numbers. 3.Key Generation: M=P1*P2 A1=M/P1 A2=M/P2 4.Let T be anything: T1=(A1*T)mod P1 T2=(A2*T)modP2 Encryption: int r1=N%P1; int r2=N%P2; N=r1+”_”r2 return N; http://www.ijettjournal.org Page 116 International Journal of Engineering Trends and Technology (IJETT) - Volume 35 Number 3- May 2016 Decryption: int e=(A1*T1*r1)+(A2*T2*r2) int e1=e%N return e1; [1] CONCLUSION [2] REFERENCES A new proof of retrievability for cloud storage Proof of retrievable computing system for data storage in cloud is proposed in which a cloud storage manages the huge data of the clients and an auditor is introduced to preprocess and perform data integrity verification of the outsourced cloud data upon client’s request. This reduces the computation overhead on the client side significantly. It makes the auditor to verify the integrity of files using two hash keys thus eliminating the need for him to maintain the state information. This proof of retrievable model also provides enhanced security against reset attacks during the upload phase. The scheme efficiently supports public verifiability and dynamic data operations simultaneously. It is the more efficient construction requiring less storage space thus solving problem of resource constrainability. ISSN: 2231-5381 [3] [4] [5] [6] [7] [1] G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D. Song, “Provable data possession at untrusted stores,” in Proc. 14th ACM Conf. Comput. Commun. Security, 2007, pp. 598– 609. [2] A. Juels and B. S. Kaliski Jr, “Pors: Proofs of retrievability for large files,” in Proc. 14th ACM Conf. Comput. Commun. Security, 2007, pp. 584–597. [3] H. Shacham and B. Waters, “Compact proofs of retrievability,” in Proc. 14th Int. Conf. Theory Appl. Cryptol. Inf. Security, 2008, pp. 90– 107. [4] K. D. Bowers, A. Juels, and A. Oprea, “Proofs of retrievability: Theory and implementation,” in Proc. ACM Workshop Cloud Comput. Security, 2009, pp. 43–54. [5] Jinzy Zhu, “Cloud Computing Technologies and Applications,” Springer Science and Business Media, LLC 2010. [6] Pankaj Sareen, “Cloud Computing: Types, Architecture, Applications, Concerns, Virtualization and Role of IT Governance in Cloud,” IJARCSSE., Volume 3, Issue 3, March 2013. [7] M. A. Shah, R. Swaminathan, and M. Baker. (2008). Privacypreserving audit and extraction of digital contents, Cryptology ePrint Archive, Report 2008/186 [Online]. Available: http://eprint.iacr. org/ http://www.ijettjournal.org Page 117