International Journal of Engineering Trends and Technology (IJETT) – Volume17 Number6–Nov2014
A Framework for Secure Data Sharing over Cloud Based on Group Key
Management
1
GinjupalliUmamaheswari , Behara Vineela2
1
Final M.Tech Student, 2Assistant Professor
1,2
Dept of CSE,Sarada Institute of Science, Technology And Management(SISTAM), Srikakulam, Andhra Pradesh
Abstract:Now a day’s cloud storage gaining more
popularity for sharing of data.The sharing of data with
more securely, efficiently and flexible through others in the
cloud storage. So that by providing security of sharing data
we using cryptography technique. In this paper we are
using new public key cryptography technique for provide
security of data. This paper basically contains two concepts
i.e. key generation, encryption and decryption of data. First
one is the key generation we are using improved Diffe
Hellman key exchange technique. The second one is
advanced cryptography technique for data encryption and
decryption. So that by proposing those techniques we can
provide more secure, efficient and flexible of sharing data.
I.INTRODUCTION
Information offering is an essential usefulness in
cloud capacity. Case in point, bloggers can let their
companions view a subset of their private pictures; a
venture might award her representatives access to a parcel
of delicate information. The testing issue is the manner by
which to adequately offer scrambled information.
Obviously clients can download the scrambled information
from the stockpiling, unscramble them, then send them to
others for offering, yet it loses the estimation of distributed
storage. Clients ought to have the capacity to delegate the
right to gain entrance privileges of the imparting
information to others with the goal that they can get to this
information from the server straightforwardly. On the other
hand, discovering an productive and secure approach to
impart incomplete information in cloud capacity is not
minor. Beneath we will take Dropbox1 as an sample for
representation [1,2].
Accept that Alice puts all her private photographs
on Drop box, and she would like to open her photographs
to everybody. Because of different information spillage
plausibility Alice can't feel calmed by simply depending on
the security assurance instruments gave by Drop box, so
she encodes all the photographs utilizing her own particular
keys before transferring. One day, Alice's companion, Bob,
requests that her impart the photographs assumed control
all these years which Bob showed up in. Alice can then
utilization the offer capacity of Drop box, yet the issue now
is the way to delegate the unscrambling rights for these
photographs to Bob. A conceivable choice Alice can pick
is to safely send Bob the assumed control over all these
years which Bob showed up in. Alice can then utilize the
offer capacity of Drop box, yet the issue now is the manner
by which to delegate the unscrambling rights for these
ISSN: 2231-5381
Photographs to Bob. A conceivable alternative
Alice can pick is to safely send Bob the mystery keys
included. Commonly, there are two great routes for her
under the conventional encryption standard [3,4]
Alice scrambles all documents with a solitary
encryption key what's more gives Bob the comparing
mystery key straightforwardly.
Alice scrambles documents with different keys
and sends Bob the comparing mystery keys. Clearly, the
first system is lacking since all unchosen information may
be additionally spilled to Bob. For the second system, there
are useful concerns on proficiency. The number of such
keys is the same number of as the quantity of the imparted
photographs, say, a thousand. Exchanging these mystery
keys characteristically obliges a protected channel, and
putting away these keys obliges rather extravagant secure
stockpiling. The expenses and complexities included for
the most part increment with the quantity of the
unscrambling keys to be imparted. In short, it is
overwhelming and unreasonable to do that.
II. RELATED WORK
Encryption keys also come with two flavors —
symmetric key or asymmetric (public) key. Using
symmetric encryption, when Alice wants the data to be
originated from a third party, she has to give the encryptor
her secret key; obviously, this is not always desirable.
Bycontrast, the encryption key and decryption key are
different in public-key encryption. The use of public-key
encryption gives more flexibility for our applications.
Forexample, in enterprise settings, every employee can
uploadencrypted data on the cloud storage server
withoutthe knowledge of the company’s master-secret
key.Therefore, the best solution for the above problem
isthat Alice encrypts files with distinct public-keys, butonly
sends Bob a single (constant-size) decryption key.Since the
decryption key should be sent via a securechannel and kept
secret, small key size is always desirable. For example, we
cannot expect large storage for decryption keys in the
resource-constraint deviceslike smart phones, smart cards
or wireless sensor nodes.Especially; these secret keys are
usually stored in thetamper-proof memory, which is
relatively expensive [6].
A key-aggregate encryption scheme consists of
five polynomial-time algorithms as follows. The data
owner establishes the public system parameter via Setup
and generates a public/master-secret3 key pair via KeyGen.
Messages can be encrypted via Encrypt by anyone who
http://www.ijettjournal.org
Page 276
International Journal of Engineering Trends and Technology (IJETT) – Volume17 Number6–Nov2014
also decides what cipher text class is associated with the
plaintext message to be encrypted. The data owner can use
the master-secret to generate an aggregate decryption key
for a set of cipher text classes via Extract. The generated
keys can be passed to delegates securely (via secure emails or secure devices) finally; any user with an aggregate
key can decrypt any cipher text provided that the cipher
text’s class is contained in the aggregate key via Decrypt4.
Setup (1; n): executed by the data owner to setup
an account on an untrusted server. On input a security level
parameter 1 and the number of cipher text classes n (i.e.,
class index should be an integer bounded by 1 and n), it
outputs the public system parameter param, which is
omitted from the input of the other algorithms for brevity
[8][9].
KeyGen: executed by the data owner to randomly
generate a public/master-secret key pair (pk; msk).
Encrypt (pk; i;m): executed by anyone who wants
to encrypt data. On input a public-key pk, an index I
denoting the cipher text class, and a message m, it outputs a
cipher text C.
Extract (msk; S): executed by the data owner for
delegating the decrypting power for a certain set of cipher
text classes to a delegate. On input the master secret key
msk and a set S of indices corresponding to different
classes, it outputs the aggregate key for set S denoted by
KS.
Decrypt (KS; S; i; C): executed by a delegate who
received an aggregate key KS generated by Extract. On
input KS, the set S, an index i denoting the cipher text class
the cipher text C belongs to, and C, it outputs the decrypted
result m if i 2 S.
cryptography technique for the data encryption and
decryption.The procedure of improved diffiehellman key
exchange is as follows.
III. PROPOSED SYSTEM
In this module each user will encrypt and decrypt the
shared data using this process. The process of advanced xor
cryptograph technique is as follows.
In recent days cloud computing will gaining more
popularity for the sharing of data. For the sharing data in
the cloud we can also provide security of data. We can
provide security of we are using cryptography technique. In
this paper we are using concept for key aggregate
cryptosystem for the aggregation of secret key.For the key
aggregate cryptosystem we are using improved
diffiehellman key exchange algorithm and advance xor
ISSN: 2231-5381
Shared key Generation process:
In this module each user will generate secret key and
send to KGC (key generation center). The KGC center will
retrieve all secret key and compact make the as single
secret key and send to each user. The procedure of
improved diffiehellman key exchange protocol as follows.
1. Each user select prime number p, g and private key a.
2. Using those values the user will calculate public key
using pub=gamod p.
3. After calculating each user will send his public keys to
KGC.
4. The KGC will retrieve public key from the each users
and generate new private for the each users and calculate
another public for individual users.
5. After generating each public of users and send to it.
6. Each user will retrieve public key coming from the KGC
will generate shared key using shared key=gpub mod p.
7. After generating shared keys of each uses and send to
KGC.
8. The KGC will retrieve all shared key from the users and
xor with those key to form one secret key.
9. After generating secret key the KGC will send to all
users.
Each user will use this secret key and encrypt shared
data stored into cloud. If any user wants to retrieve that he
can decrypt the data using secret key.
Advanced xor Cryptography Technique:
i)Encryption Process:
1. Generate the ascii value of each character of Data.
2. After converting ascii format we can xor with secret key.
3. The resulted xor data will convert into binary format i.e.
each character length of should be 8 bits.
4. The 8 bit binary format of should be reversed.
http://www.ijettjournal.org
Page 277
International Journal of Engineering Trends and Technology (IJETT) – Volume17 Number6–Nov2014
1.Calculatepublc key
USER1
3.Generatepublc keys
5.
2. Sent
7. Sent to User
3. Sent to User
2. Sent
4. Calculate secret key
1.Calculatepublc key
USER2
4. Calculate secret key
5. sent 3. Sent to User3.
S
7. Sent to
e
nt
to
2. Sent
5. sent
1. Calculate publc key 7. Sent to
USERn
9.Retrive and decrypt
8.
En
cry
pt
an
d
sto
red
int
o
clo
Improved
diffiehellman key
exchange
6. Generate secret key
Cloud Database
4. Calculate secret key
5. we choose the four bit as divisor will treat as key(1000).
6. The reversed number can be devised by divisor and get
first three digit as remainder and next five digits are
quotient. If any digits will less than three or five digit the
we add required number of zero in the left hand side.So
that this is cipher text.
This process will repeat until the total data can converted
into cipher format. After converting cipher format that data
can be stored into cloud. If any user will perform
decryption process as follows.
II) Decryption process:
1. Retrieve the cipher data and multiply last five digits
with divisor.
2. The first three digits of cipher text with result produced
by previous step.
3. The result of previous step of will not contain 8 bits
that will make into 8 bit number.
4. Reverse resulted bit of given format and convert into
ASCII format.
5. After converting into binary format we can xor with
key and result will be convert into character will get plain
text until end of cipher data.
III. CONCLUSION
In the cloud computing sharing of data through network
with secure manner. For the privacy of data we are using so
many cryptography technique are used. One of the
ISSN: 2231-5381
techniques for key aggregate cryptosystem for generation
of secret key with different set of secret keys. In this paper
we are proposed concept of improved diffie Hellman key
exchange for generation of secret with multiple set of
secret keys. Using this key the data owner or user will
encrypt and decrypt stored data into cloud. By performing
encryption and decryption of data we are using advanced
xor cryptography technique. By implementing those
technique we provide secrecy and confidentiality of data.
REFERENCES
[1] S. S. M. Chow, Y. J. He, L. C. K. Hui, and S.-M.Yiu,
“SPICE -Simple Privacy-Preserving Identity-Management
for Cloud Environment,”in Applied Cryptography and
Network Security – ACNS2012, ser. LNCS, vol. 7341.
Springer, 2012, pp. 526–543.
[2] L. Hardesty, “Secure computers aren’t so secure,” MIT
press,
2009,http://www.physorg.com/news176107396.html.
[3] C. Wang, S. S. M. Chow, Q. Wang, K. Ren, and W.
Lou, “Privacy-Preserving Public Auditing for Secure Cloud
Storage,” IEEE Trans.Computers, vol. 62, no. 2, pp. 362–
375, 2013.
[4] B. Wang, S. S. M. Chow, M. Li, and H. Li, “Storing
Shared Dataon the Cloud via Security-Mediator,” in
International Conferenceon Distributed Computing
Systems - ICDCS 2013. IEEE, 2013.
http://www.ijettjournal.org
Page 278
International Journal of Engineering Trends and Technology (IJETT) – Volume17 Number6–Nov2014
[5] S. S. M. Chow, C.-K. Chu, X. Huang, J. Zhou, and R.
H. Deng,“Dynamic Secure Cloud Storage with
Provenance,” in Cryptographyand Security: From Theory
to Applications - Essays Dedicatedto Jean-Jacques
Quisquater on the Occasion of His 65th Birthday,
ser.LNCS, vol. 6805. Springer, 2012, pp. 442–464.
[6] D. Boneh, C. Gentry, B. Lynn, and H. Shacham,
“Aggregateand Verifiably Encrypted Signatures from
Bilinear Maps,” inProceedings of Advances in Cryptology
- EUROCRYPT ’03, ser. LNCS,vol. 2656. Springer, 2003,
pp. 416–432.
[7] M. J. Atallah, M. Blanton, N. Fazio, and K. B. Frikken,
“Dynamicand Efficient Key Management for Access
Hierarchies,” ACMTransactions on Information and
System Security (TISSEC), vol. 12,no. 3, 2009.
[8] J. Benaloh, M. Chase, E. Horvitz, and K. Lauter,
“PatientControlled Encryption: Ensuring Privacy of
Electronic MedicalRecords,” in Proceedings of ACM
Workshop on Cloud ComputingSecurity (CCSW ’09).
ACM, 2009, pp. 103–114.
[9] F. Guo, Y. Mu, Z. Chen, and L. Xu, “Multi-Identity
Single-KeyDecryption without Random Oracles,” in
Proceedings of InformationSecurity and Cryptology
(Inscrypt ’07), ser. LNCS, vol. 4990.
ISSN: 2231-5381
Springer, 2007, pp. 384–398.
[10] V. Goyal, O. Pandey, A. Sahai, and B. Waters,
“Attribute-BasedEncryption for Fine-Grained Access
Control of Encrypted data,”in Proceedings of the 13th
ACM Conference on Computer and Communications
Security (CCS ’06). ACM, 2006, pp. 89–98.
BIOGRAPHIES
GinjupalliUmamaheswari is a Student
inM.Tech(CSE) in Sarada Institute ofscience
Technology
And
Management,Srikakulam.She Received her
B.Tech(CSE)Prajna Institute of Technology
and management Palasa.
BeharaVineela
is
working
as
Asst.professorinSarada Institute of Science,
TechnologyAnd Management,Srikakulam,
AndhraPradesh. He received his M.Tech
(CSE)from AITAM ,Tekkali,Srikakulam,
AndhraPradesh.JNTU Kakinada Andhra Pradesh.His
research
areas
include
Network
Security
http://www.ijettjournal.org
Page 279