e-ISSN (O): 2348-4470

Scientific Journal of Impact Factor (SJIF): 4.72

p-ISSN (P): 2348-6406

International Journal of Advance Engineering and Research

Development
Volume 4, Issue 1, January -2017

Key-aggregate cryptosystem for Scalable data sharing with time

and Integrity Auditing in cloud storage
1
Miss. Rutuja Rajkumar Andhale, 2Prof. S.S. Vairagar

1
ME.Student, Dept.Of Comp.Engg, Siddhant College of Engineering, Sudumbre,Pune,Maharashtra,India
2
HOD ,Dept.Of Comp.Engg, Siddhant College of Engineering, Sudumbre,Pune,Maharashtra,India

Abstract The capability of by selection sharing encrypted knowledge with completely different users via public cloud
storage could greatly ease security issues over accidental knowledge leaks within the cloud. A key challenge to coming
up with such secret writing schemes lies within the efficient management of secret writing keys. the specified flexibility of
sharing any cluster of elect documents with any cluster of users demands completely different secret writing keys to be
used for various documents. However, this conjointly implies the requirement of firmly distributing to users an oversized
range of keys for each secret writing and search, and people users can have to be compelled to firmly store the received
keys, And submit an equally sizable amount of keyword trapdoors to the cloud so as to perform search over the shared
data. The tacit would like for secure communication, storage, and quality clearly renders the approach impractical. In
this paper, we have a tendency to address this sensible downside, that is basically neglected within the literature, by
proposing the novel thought of key aggregate searchable secret writing (KASE) and instantiating the thought through a
concrete KASE theme, during which an information owner only must distribute one key to a user for sharing an oversized
range of documents, and also the user solely must submit a single trapdoor to the cloud for querying the shared
documents. the protection analysis and performance analysis each ensure that our projected schemes square measure
incontrovertibly secure and much economical.

Keywords- Searchable encryption, data sharing, cloud storage, data privacy

I. INTRODUCTION

Cloud storage has emerged as a promising answer for providing present, convenient, and on-demand accesses to massive
amounts of information shared over the Internet. Today, uncountable users square measure sharing personal data, like
photos and videos, with their friends through social network applications supported cloud storage on a day to day.
Business users are being attracted by cloud storage because of its varied edges, including lower price, bigger
lightsomeness, and better resource utilization. However, whereas enjoying the convenience of sharing data via cloud
storage, users are more and more concerned regarding unintended information leaks within the cloud. Such information
leaks, caused by a malicious somebody or a misbehaving cloud operator, will typically cause serious breaches of non-
public privacy or business secrets (e.g., the recent status incident of celebrity photos being leaked in iCloud). to deal with
users concerns over potential information leaks in cloud storage, a common approach is for the info owner to encode.
All the information before uploading them to the cloud such that later the encrypted knowledge is also retrieved and
decrypted by those that have the cryptography keys. Such a cloud storage is usually referred to as the cryptanalytic cloud
storage . However, the encoding of knowledge makes it challenging for users to go looking and so by selection retrieve
solely the information containing given keywords. A common resolution is to use a searchable encoding (SE) theme
during which the information owner is needed to encrypt potential keywords and transfer them to the cloud along side
encrypted knowledge, such that, for retrieving knowledge matching a keyword, the user can send the corresponding
keyword trapdoor to the cloud for activity search over the encrypted knowledge.

In this paper, we have a tendency to address this challenge by proposing the novel conception of key-aggregate
searchable secret writing (KASE), and instantiating the conception through a concrete KASE theme. The planned KASE
theme applies to any cloud storage that supports the searchable cluster information sharing practicality, which implies
any user could by selection share a gaggle of elite files with a gaggle of elite users, whereas permitting the latter to
perform keyword search over the previous. To support searchable cluster information sharing the most necessities for
economical key management are twofold. First, an information owner solely must distribute one combination key
(instead of a gaggle of keys) to a user for sharing any range of files. Second, the user solely must submit one combination
@IJAERD-2017, All rights Reserved 56
 International Journal of Advance Engineering and Research Development (IJAERD)
Volume 4, Issue 1, January -2017, e-ISSN: 2348 - 4470, print-ISSN: 2348-6406

trapdoor (instead of a gaggle of trapdoors) to the cloud for acting keyword search over any range of shared files. To the
most effective of our data, the KASE theme planned during this paper is that the 1st better-known theme which will
satisfy each necessities.

II. LITERATURE SURVEY

1) Achieving Secure, Scalable, and Fine-grained DataAccess Control in Cloud Computing

AUTHORS: Shucheng Yu, Cong Wang

Cloud computing is associate rising computing paradigm during which resources of the computing infrastructure are
provided as services over the web. As promising because it is, this paradigm conjointly brings forth several new
challenges for data security and access management once users source sensitive data for sharing on cloud servers, that
don't seem to be inside identical sure domain as information homeowners. to stay sensitive user data confidential against
untrusted servers, existing solutions usually apply cryptanalytic strategies by revealing information secret writing keys
solely to approved users. However, in doing therefore, these solution sinevitably introduce a significant computation
overhead on the information owner for key distribution and information management once fine grained data access
management is desired, and so don't scalewell. the matter of at the same time achieving fine-grainedness, quantifiability,
and information confidentiality of access management truly still remains unresolved. This paper addresses this difficult
open issue by, on one hand, shaping and imposing access policies based on information attributes, and, on the opposite
hand, permitting the information owner to delegate most of the computation tasks concerned in fine grained information
access management to untrusted cloud servers while not revealing the underlying data contents. we tend to succeed this
goal by exploiting and unambiguously combining techniques of attribute-based encryption (ABE), proxy re-encryption,
and lazy re-encryption. Our planned theme conjointly has salient properties of user access privilege confidentiality and
user secret key answerability. Extensive analysis shows that our planned theme is very efficient and incontrovertibly
secure beneath existing security models.
2) Secure Provenance: The Essential of Bread and Butter of Data Forensics in Cloud Computing.

AUTHORS: Rongxing Lu
Secure beginning that records possession and method history of knowledge objects is important to the success of
information forensics in cloud computing, nonetheless it's still a difficult issue nowadays. during this paper, to tackle this
unknown space in cloud computing, we projected a replacement secure beginning theme based on the additive pairing
techniques. because the essential bread and butter of information forensics and post investigation in cloud computing, the
projected theme is characterised by providing the info confidentiality on sensitive documents keep in cloud, anonymous
authentication on user access , and beginning chase on controversial documents. With the provable security techniques,
we have a tendency to formally demonstrate the projected theme is secure within the normal model.
3) Mona: Secure Multi-Owner Data Sharingfor Dynamic Groups in the Cloud

AUTHORS: Xuefeng Liu

With the character of low maintenance, cloud computing provides a cheap and economical answer for sharing group
resource among cloud users. sadly, sharing knowledge in an exceedingly multi-owner manner whereas conserving
knowledge and identity privacy from anuntrusted cloud continues to be a difficult issue, as a result of the frequent
amendment of the membership. during this paper, we tend to propose a secure multiowner knowledge sharing theme,
named Mona, for dynamic teams within the cloud. By investing cluster signature and dynamic broadcastencryption
techniques, any cloud user will anonymously share knowledge with others. Meanwhile, the storage overhead and
encryption computation value of our theme square measure freelance with the quantity of revoked users. additionally, we
tend to analyze the safety of our theme with rigorous proofs, and demonstrate the potency of our theme in experiments.
4) Key-Aggregate Cryptosystemfor Scalable Data Sharing in Cloud Storage

AUTHORS: Cheng-Kang Chu, Sherman S. M. Chow

Data sharing is a vital practicality in cloud storage. In this article, we have a tendency to show a way to firmly, with
efficiency, and flexibly share data with others in cloud storage. we have a tendency to describe new public-key
cryptosystems that turn out constant-size cipher texts specified economical delegation of coding rights for any set of
cipher texts are attainable. The novelty is that one will combination any set of secret keys and build them as compact as
one key, however encompassing the facility of all the keys being aggregative. In alternative words, the key key holder
@IJAERD-2017, All rights Reserved 57
 International Journal of Advance Engineering and Research Development (IJAERD)
Volume 4, Issue 1, January -2017, e-ISSN: 2348 - 4470, print-ISSN: 2348-6406

will unharness a constant-size combination key for versatile selections of cipher text set in cloud storage, however the
opposite encrypted files outside the set remain confidential. This compact combination key is handily sent to others or be
hold on during a} positive identification with very restricted secure storage. we offer formal security analysis of our
schemes within the commonplace model. We additionally describe alternative application of our schemes. above all, ours
chemes offer the primary public-key patient-controlled cryptography for flexible hierarchy, that was nonetheless to be
celebrated.

5.Practical Techniques for Searches on Encrypted Data

AUTHORS: Dawn Xiaodong Song
It is fascinating to store information on information storage servers such as mail servers and file servers in encrypted kind
to reduce security and privacy risks. however this typically implies that one needs to sacrifice practicality for security. for
instance, if a client needs to retrieve solely documents containing certain words, it had been not antecedently noted a way
to let the information storage server perform the search and answer the question while not loss of knowledge
confidentiality. during this paper, we tend to describe our crypto graphical schemes for the matter of looking out on
encrypted information and supply proofs of security for the ensuing crypto systems. Our techniques have variety of
crucial blessings. They are provably secure: they supply obvious secrecy for secret writing, within the sense that the
untrusted server cannot learn anything regarding the plaintext once solely given the cipher text; they supply question
isolation for searches, meaning that the untrusted server cannot learn something additional about the plaintext than the
search result; they supply controlled looking out, in order that the untrusted server cannot explore for an arbitrary word
while not the users authorization; they additionally support hidden queries, in order that the user could raise the
untrusted server to look for a secret word while not revealing the word to the server. The algorithms we tend to gift are
straightforward, quick (for a document of length n, the secret writing and search algorithms solely would like O(n)
stream cipher and block cipher operations), and introduce nearly no area and communication overhead, and thus are
sensible to use these days.

III. EXISTING SYSTEM

The information before transferring them to the cloud, such later the disorganized data is also recover and decoded by
the people World Health Organization have the unscrambling keys. Such distributed storage is often referred to as the
scientific discipline distributed storage. Be that because it could, the secret writing of knowledge makes it attempting for
purchasers to inquiry and then specifically recover simply the knowledge containing given essential words. A typical
arrangement is to utilize a searchable secret writing (SE) set up within which the data owner is obligated to scramble
potential decisive words and transfer them to the cloud at the side of encoded information, such that, for convalescent
data coordinative a watchword, the consumer can send the comparison magic word trapdoor to the cloud for playing hunt
over the disorganized data.

Disadvantages of Existing System:

1. The desired flexibility of sharing any group of selected documents with any group of users demands different
encryption keys to be used for different documents.
2. The necessity of securely distributing to users a large number of keys for both encryption and search, and those
users will have to securely store the received keys, and submit an equally large number of keyword trapdoors to
the cloud in order to perform search over the shared data.

IV. PROPOSED SYSTEM

We address this take a look at by proposing the novel plan of key-total hunt capable encoding (KASE), and instantiating
the concept through a solid KASE arrange. The planned KASE arrange applies to any distributed storage that backings
the searchable gathering data sharing quality, which suggests any consumer would possibly specifically impart a
gathering of selected les to a gathering of selected shoppers, whereas allowing the recent to perform essential word look
over the previous. To bolster searchable gathering data sharing the principle stipulations for efcient key administration
square measure twofold.

Integrity Auditing Protocol: It is an interactive protocol for integrity verification and allowed to be initialized by any

@IJAERD-2017, All rights Reserved 58

 International Journal of Advance Engineering and Research Development (IJAERD)
Volume 4, Issue 1, January -2017, e-ISSN: 2348 - 4470, print-ISSN: 2348-6406

entity except the cloud server. In this protocol, the cloud server plays the role of prover, while the auditor or client works
as the verifier.
Integrity Auditing: An integrity auditing protocol is sound if any cheating cloud server that convinces the verifier that it is
storing a file F is actually storing this file. To capture this spirit, we define its game based on Proof of Retriev ability
(PoR).

Advantages of Proposed System:

1. A concrete KASE scheme, in which a data owner only needs to distribute a single key to a user for sharing a
large number of documents, and the user only needs to submit a single trapdoor to the cloud for querying the
shared documents.
2. Integrity Auditing.

V. SYSTEM ARCHITECTURE

Figure 1: System Architecture.

We address this take a look at by proposing the novel plan of key-total hunt capable encoding (KASE), and instantiating
the concept through a solid KASE arrange. The planned KASE arrange applies to any distributed storage that backings
the searchable gathering data sharing quality, which suggests any consumer would possibly specifically impart a
gathering of selected les to a gathering of selected shoppers, whereas allowing the recent to perform essential word look
over the previous. To bolster searchable gathering data sharing the principle stipulations for efcient key administration
square measure twofold.

SecCloud introduces an auditing entity with a maintenance of a MapReduce cloud, which helps clients generate data tags
before uploading as well as audit the integrity of data having been stored in cloud. This design fixes the issue of previous
work that the computational load at user or auditor is too huge for tag generation. For completeness of fine-grained, the
functionality of auditing designed in SecCoud is supported on both block level and sector level. In addition, SecCoud
also enables secure deduplication. Notice that the security considered in SecCoud is the prevention of leakage of side
channel information. In order to prevent the leakage of such side channel information, we follow the tradition of [3][2]
and design a proof of ownership protocol between clients and cloud servers, which allows clients to prove to cloud
servers that they exactly own the target data.

@IJAERD-2017, All rights Reserved 59

 International Journal of Advance Engineering and Research Development (IJAERD)
Volume 4, Issue 1, January -2017, e-ISSN: 2348 - 4470, print-ISSN: 2348-6406

V. ALGORITHM

1) AES Algorithm:

The encryption process uses a set of specially derived keys called round keys. These are applied, along with other
operations, on an array of data that holds exactly one block of data the data to be encrypted. This array we call the state
array.

You take the following AES steps of encryption for a 128-bit block:

1. Derive the set of round keys from the cipher key.

2. Initialize the state array with the block data (plaintext).
3. Add the initial round key to the starting state array.
4. Perform nine rounds of state manipulation.
5. Perform the tenth and final round of state manipulation.
6. Copy the final state array out as the encrypted data (ciphertext).

The reason that the rounds have been listed as "nine followed by a final tenth round" is because the tenth round involves
a slightly different manipulation from the others.

These algorithm are used to file content are convert plaint text to cipher text.

2) MD5 (Message Digest) :

MD5 algorithm takes input message of arbitrary length and generates 128-bit long output hash. MD5 hash algorithm
consist of 5 steps:

Step 1. Append Padding Bits

Step 2. Append Length
Step 3. Initialize MD Buffer
Step 4. Process Message in 16-Word Blocks
Step 5. Output

VI. MATHEMATICAL MODEL

Let S be whole System,

S={I,P,O}
I-input,
P-procedure,
O- Output.
I= {S,KG,E,D,Td,A,T},
Where,
S-Whole System,
KG-KeyGen,
E-Encrypt,
D-Decrypt,
Td-Trapdore,
A-Adjust,
T-Test.
Procedure-

This framework is summarized in the following.

@IJAERD-2017, All rights Reserved 60
 International Journal of Advance Engineering and Research Development (IJAERD)
Volume 4, Issue 1, January -2017, e-ISSN: 2348 - 4470, print-ISSN: 2348-6406

Setup (1, n): this algorithm is run by the cloud service provider to set up the scheme. On input of a security parameter
1 and the maximum possible number n of documents which belongs to a data owner, it outputs the public system
parameter prams.

Keygen: this algorithm is run by the data owner to generate a random key pair (pk,msk).

Encrypt (pk, I): In this Algorithm is execute by the data owner to encrypt the ith document and its keywords stored on
cloud in cipher texts. For each document, this algorithm will create a delta i for its search- able encryption key ki. On
input of the owners public key pk and the le index i, this algorithm outputs data ciphertext and keyword ciphertexts Ci.
Using symmetric encryption AES algorithm convert the plaintext uploaded file on cloud in encrypted as securely.

Aggregate Key: after file stored on cloud in Encrypted format update theAggrregate to uploaded file group.

Integrity Auditing: In this technique using Message Digest Algorithm verify the stored file on cloud is hack or corrupt
from cloud and send the send the response to verification request data Owner.

Decrypt (msk, S): this algorithm is run by the data owner to generate an aggregate searchable encryption key for
delegating the keyword search right for a certain set of documents to other users. It takes as input the owners master-
secret key msk and a set S which contains the indices of documents, then outputs the aggregate key kagg. in this Data
user download file in Decryption format using Symmetric Algorithm Decryption technique.

Trapdoor (kagg, w): this algorithm is run by the user who has the aggregate key to perform a search. It takes as input
the aggregate searchable encryption key kagg and a keyword w, then out- puts only one trapdoor Tr.

Adjust (params, i, S, Tr): this algorithm is run by cloud server to adjust the aggregate trapdoor to generate the right
trapdoor for each different document. It takes as input the system public parameters params, the set S of documents
indices, the index i of target document and the aggregate trapdoor Tr, then outputs each trapdoor Tri for the i-th target
document in S.
Test(Tri, i): this algorithm is run by the cloud server to perform keyword search over an encrypted document. It takes
as input the trapdoor Tri and the document index i, then outputs true or false to denote whether the document doci
contains the keyword w.

Output (O)-

Key-Aggregate Searchable Encryption (KASE)

for Group Data Sharing via Cloud Storage

@IJAERD-2017, All rights Reserved 61

 International Journal of Advance Engineering and Research Development (IJAERD)
Volume 4, Issue 1, January -2017, e-ISSN: 2348 - 4470, print-ISSN: 2348-6406

IV. CONCLUSION

Considering the sensible downside of privacy preserving data sharing system supported public cloud storage
which needs an information owner to distribute a large number of keys to users to modify them to access his/her
documents, we have a tendency to for the primary time propose the conception of key-aggregate searchable secret
writing (KASE) and construct a concrete KASE theme. Both analysis and analysis results ensure that our work can give
an efficient resolution to putting together sensible data sharing system supported public cloud storage. In a KASE theme,
the owner solely must distribute a single key to a user once sharing various documents with the user, and therefore the
user solely desires to submit one trapdoor once he queries over all documents shared by constant owner. However, if a
user desires to question over documents shared by multiple house owners, he should generate multiple trapdoors to the
cloud. a way to cut back the amount of trapdoors under multi-owners setting may be a future work. Moreover, federated
clouds have attracted lots of attention nowadays, however our KASE can not be applied during this case directly. it's
additionally a future work to produce the solution for KASE within the case of united clouds.

REFERENCES

[1] [ S. Yu, C. Wang, K. Ren, and W. Lou, Achieving Secure, Scalable, and Fine-Grained Data Access Control in
Cloud Computing, Proc. IEEE INFOCOM, pp. 534-542, 2010.
[2] R. Lu, X. Lin, X. Liang, and X. Shen, Secure Provenance: The Essential of Bread and Butter of Data Forensics in
Cloud Computing, Proc. ACM Symp. Information, Computer and Comm. Security, pp. 282-292, 2010.
[3] X. Liu, Y. Zhang, B. Wang, and J. Yan. Mona: secure multiowner data sharing for dynamic groups in the cloud,
IEEE Transactions on Parallel and Distributed Systems, 2013, 24(6): 1182- 1191.
[4] C. Chu, S. Chow,W. Tzeng, et al. Key-Aggregate Cryptosystem for Scalable Data Sharing in Cloud Storage,
IEEE Transactions on Parallel and Distributed Systems, 2014, 25(2): 468-477.
[5] X. Song, D.Wagner, A. Perrig. Practical techniques for searches on encrypted data, IEEE Symposium on Security
and Privacy, IEEE Press, pp. 44C55, 2000.
[6] R. Curtmola, J. Garay, S. Kamara, R. Ostrovsky. Searchable symmetric encryption: improved definitions and
efficient constructions, In: Proceedings of the 13th ACM conference on Computer and Communications Security,
ACM Press, pp. 79-88, 2006.
[7] S. Kamara, C. Papamanthou, T. Roeder. Dynamic searchable symmetric encryption, Proceedings of the 2012
ACM conference on Computer and communications security (CCS), ACM, pp. 965- 976, 2012.
[8] C. Bosch, R. Brinkma, P. Hartel. Conjunctive wildcard search over encrypted data, Secure Data Management.
LNCS, pp. 114-127, 2011.
[9] C. Dong, G. Russello, N. Dulay. Shared and searchable encrypted data for untrusted servers, Journal of Computer
Security, pp. 367-397, 2011.
[10] J. W. Li, J. Li, X. F. Chen, et al. Efficient Keyword Search over Encrypted Data with Fine-Grained Access Control
in Hybrid Cloud, In: Network and System Security 2012, LNCS, pp. 490-502, 2012.

@IJAERD-2017, All rights Reserved 62