Security Analysis on One-to-Many Order Preserving Encryption Based Cloud Datasearch Abstract For ranked search in encrypted cloud data, order preserving encryption (OPE) is an efficient tool to encrypt relevance scores of the inverted index. When using deterministic OPE, the ciphertexts will reveal the distribution of relevance scores. Therefore, Wang et al. proposed a probabilistic OPE, called One-to-Many OPE, for applications of searchable encryption, which can flatten the distribution of the plaintexts.In this paper, we proposed a differential attack on One-to-Many OPE by exploiting the differences of the ordered ciphertexts.The experimental results show that the cloud server can get a good estimate of the distribution of relevance scores by a differential attack. Furthermore, when having some background information on the outsourced documents, the cloud server can accurately infer the encrypted keywords by using the estimated distributions. Existing System: We have proposed, implemented and evaluated an initiative data prefetching approach on the storage servers for distributed file systems, which can be employed as a backend storage system in a cloud environment that may have certain resource-limited client machines.To be specific, the storage servers are capable of predicting future disk I/O access to guide fetching data in advance after analyzing the existing logs, and then they proactively push the prefetched data to relevant client file systems for satisfying future applications’ requests. For the purpose of effectively modeling disk I/O access patterns and accurately forwarding the prefetched data. PROPOSED SYSTEM: In ranked search of encrypted cloud data, probabilistic OPE is needed to preserve the order of relevance scores and conceal their distributions at the same time. One-to-Many OPE is a scheme designed for such a purpose. However, in this paper, we demonstrate that the cloud server can estimate the distribution of relevance scores by change point analysis on the differences of ciphertexts of Oneto-Many OPE. Furthermore, the cloud server may identify what the encrypted keywords are by using the estimated distributions and some background knowledge. On the other hand, some methods can be used to resist the proposed attack. One is to improve the One-to-Many OPE itself. For instance, we can divide plaintexts having the same value into several sets and divide the corresponding bucket into several sub-buckets. By mapping each plaintext set into one subbucket, some new change points will appear in the differential attack, which will cover up the original distribution of plaintexts. Another possible method is to add noise into the inverted index by adding some dummy documents IDs and keywords, and forging corresponding relevance scores. In our future work, we will elaborate these ideas to design secure methods of probabilistic OPE and schemes for search in encrypted data. . MODULE DESCRIPTION MODULE Home Searching Module Cryptography Encryption and Decryption Module File Sharing MODULE DESCRIPTION Home Distributed file systems for mobile clouds. Moreover many studies about the storage systems for cloud environments that enable mobile client devices have been published. A new mobile distributed file system called mobile. DFS has been proposed and implemented in which aims to reduce computing in mobile devices by transferring computing requirements to servers. Hyrax, which is a infrastructure derived from Hadoop support cloud computing on mobile devices. But Hadoopis designed for general distributed computing, and the client machines are assumed to be traditional computers. In short, neither of related work targets at the clouds that have certain resource-limited client machines, for yielding attractive performance enhancements. Searching Module In practice, to realize effective data retrieval on large amount of documents, it is necessary to perform relevance ranking on the results. Ranked search can also gnificantly reduce network traffic by sending back only the most relevant data. In ranked search, the ranking function plays an important role in calculating the relevance between files and the given searching query. The most popular relevance score is defined based on the model of TF _ IDF, where term frequency (TF) is the number of times a term (keyword) appears in a file and inverse document requency (IDF) is the ratio of the total number of files to the number of files containing the term. There are many variations of TF _IDF-based ranking functions, and in [16], the following one is adopted. Score(w; Fd) = 1 jFdj _ (1 + ln fd;w) _ ln ( 1 + Nd fw ) (1) Herein, w denotes the keyword and fd;w denotes the TF of term w in file Fd; N=fw denotes IDF where fw is the number of files that contain term w and Nd is the total number of documents in the collection; and jFdj is the number of indexed terms containing in file Fd, i.e., the length of Fd. To realize fast search, the keywords, IDs of files, and the relevance scores are usually organized as an index structure named “Inverted Index”. An example on posting list of the Inverted Index is shown in TABLE I. With a complete Inverted Index, the server can complete retrieval task by simply comparing the relevance scores stored in the index which represent the importance level of each file for a certain keyword. Cryptography Module OPE is a symmetric cryptosystem, so it is also called order-preserving symmetric encryption (OPSE). The orderpreserving property means that if the plaintexts have such a relationship as x1 < x2, then the corresponding ciphertexts E(x1) and E(x2) satisfy E(x1) < E(x2). Boldyreva et al. [11] initiated the cryptographic study of OPE schemes, and they defined the security of an OPE scheme using the ideal object. Note that any orderpreserving function g from domain D = f1; 2; _ _ _ ;Mg to range R = f1; 2; _ _ _ ;Ng can be uniquely defined by a combination of M out of N ordered items. The ideal object is just a function that is randomly selected from all rder-preserving functions, which is called a random order-preserving function (ROPF). Thus, with the spirit of pseudorandom functions, an OPE scheme is defined to be secure if the adversary cannot distinguish the OPE from the ROPF. In , the authors also constructed an efficient OPE scheme satisfying this secure criterion. The construction is based on the relation between the random order-preserving function and the hyper-geometric probability distribution (HGD), and a HGD simpler is used to select an order-preserving function in a pseudorandom manner. In the OPE scheme of , the range R is divided into some non overlapping interval buckets with random sizes. The random-sized bucket is determined by a binary search based on a random HGD sampler. In , the procedure of binary search is described as Algorithm 1, where TapeGen() is a random coin generator Encryption and Decryption Module Filebench which allows generating.A large variety of workloads to assess the performance of storage systems. Besides, Filebench is quite flexible and enables to minutely specify a collection of applications, such as mail, web, file, and database servers .We chose Filebench as one of benchmarks, as it has been widely used to evaluate file systems by emulating a variety of several server-like applications. I Ozone, which is a microbenchmark that evaluates the performance of a file system by employing a collection of access workloads with regular patterns, such as sequential, random, reverse order, and strided That is why we utilized it to measure read data throughput of the file systems with various prefetching schemes, when the workload have different access patterns. File Sharing Module Applications of privacypreserving keyword search, if a deterministis used to encrypt relevance scores, the ciphertexts will share exactly the same distribution as its plain counterpart, by which the server can specify the keywords. Therefore, Wang et al. modified the original OPE to a probabilistic one, called “One-to-Many OPE”. For a given plaintext m, i.e., a relevance score, the “One-to-Many OPE” first employs Algorithm 1 to select a bucket for m, and then randomly chooses a value in the bucket as the Ciphertext. The randomly choosing procedure in the bucket is seeded by the unique file IDs together with the plaintext m, and thus the same relevance score in the Inverted Index will be encrypted as different ciphertexts. The encryption process of “One-to- Many OPE” is described in Algorithm. which is also illustrated in Picture. SYSTEM SPECIFICATION Hardware Requirements: • System : Pentium IV 2.4 GHz. • Hard Disk : 40 GB. • Floppy Drive : 1.44 Mb. • Monitor : 14’ Colour Monitor. • Mouse : Optical Mouse. • Ram : 512 Mb. Software Requirements: • Operating system : Windows 7 Ultimate. • Coding Language : ASP.Net with C# • Front-End : Visual Studio 2010 Professional. • Data Base : SQL Server 2008.