Proceedings International Conference On Advances In Engineering And Technology
www.iaetsd.in
A Survey on Cloud Storage Security with Signcryption B.Pradeep Kumar1, Dr.N.DuraiPandiyan2 1,
2,
PG scholar, Department of Computer Science and Engineering, Velammal Engineering College, Chennai vbpradeep@live.com, Tamilnadu, India.
The Principal, Department of Computer Science and Engineering, Velammal Engineering College, Chennai emailpandiandurai@gmail.com, Tamilnadu, India.
ABSTRACT—Cloud
is Internet based computing. Important Functionality in cloud is Data Sharing. We show how to securely share data with others. We introduce new public key cryptography called Signcryption. Signcryption is a public key cryptographic method that achieves unforgeability and confidentiality simultaneously with significantly smaller overhead than that required by digital signature followed by public key encryption. For doing this security algorithm we provide high Security for Sharing Data through Internet
index terms-Cloud Storage, data distribution, Signcryption.
I. INTRODUCTION The primary motivation for Signcryption was the gain in efficiency when both encryption and signing need to be performed. Signcryption is a cryptographic primitive that fulfills both the functions of digital signature and public key encryption in a same step, more importantly however is that these efficiency gains are complemented by gains in security. It is possible to send a message of arbitrary length with cost less than that required by signature-thenencryption The data transferred from one system to another over public network can be protected by the method of encryption. On encryption the data is encrypted by any encryption algorithm using the ‘key’. Only the user having the access to the same ‘key’ can decrypt the encrypted data. This method of algorithm is known as private key or symmetric key cryptography. ISBN NO: 978 - 1503304048
These standard symmetric algorithms defined are proven to be highly secured and time tested. But the main problem of data sharing is key exchange. The communicating agents should require a shared, ‘key’, to be exchanged between them to have a secured secret communication. The security of the secured symmetric key algorithm depends on the secrecy of the key… cloud computing: Cloud computing us and type of computing that relies on sharing computer resources rather than having local servers or personal devices to handle application. Cloud services made available to users on demand via the internet from a cloud computing provider's servers are designed to provide easy, reliable, scalable access to applications resources and services and are fully managed by cloud service providers. There are different services such as, infrastructure as a service (iaas): It involves offering hardware related services using the principles of cloud computing. These could include some kind of hardware resources such as storage services (Database) or Virtual Servers. platform as a service (paas): It involves offering a development platform in the cloud. Platforms provided by different vendors are typically not compatible. software as a service (saas); It includes complete software offerings on the cloud. Users can able to access a software application through cloud hosted by the cloud
International Association of Engineering & Technology for Skill Development 1
Proceedings International Conference On Advances In Engineering And Technology
www.iaetsd.in
are mathematically related. The public key is used to verify a digital signature or to encrypt plaintext; whereas the private key is used to decrypt cipher key agreement: Key agreement is a method in text or to create a digital signature. The term which the device communicating in the network "asymmetric" is from the use of different keys to establishes a shared secret between them without make these reverse functions, each the inverse of exchanging any secret restricted data. In this method the devices that need to establish shared the other – as contrasted with conventional secret between them exchange their generated ("Symmetric") cryptography which depend on public keys. Both the devices on receiving the the same key to perform both. other device’s public key perform key generation operation using its private key to obtain the shared Public-key algorithms are based on mathematical problems which currently admit no efficient secret. solution that are inherent in certain integer digital signature: Using Digital signature a factorization, and elliptic curve relationships. It is message can be signed by a device using its computationally easy one for a user to generate private key to ensure authenticity of the message. Any device that has got the contact to the public their own public and private key-pair and to use key of the signed device can verify the signature. them for encryption and decryption. The asset lies Thus the receiver receiving the message can in the detail that it is "impossible" ensure that the message is indeed signed by the (computationally infeasible) for a properly intended device and is not modified during the generated private key to be determined from its transit. In verification if any the data or signature matching public key. Thus the public key may be is changed, the signature verification fails. Digital issued without co-operating security, whereas the signatures are used for Evidence to provenance, identity, and in other cases where it is important private key must not be known to anyone not authorized to read messages or perform digital to detect forgery or tampering. A digital signature system contains of three signatures. Public key algorithms, dissimilar different algorithms: symmetric key algorithms, do not require a secure exchange of one (or more) secret keys between the parties. A key generation algorithm that selects a private key uniformly at random from a set of possible private keys. Output of the algorithm is the private key and a II.RELATED WORKS corresponding public key. A signing procedure that, given a private address and position based cryptography key and a message, produces signature. algorithm [1]: A signature verification algorithm that, given a message, public key and a This Algorithm focuses both encryption and signature, either accepts or rejects the decryption not only depends on key but also the storage order of key elements. The algorithm used message’s claim to authenticity. provides the security to key. Hence it prevents the illegitimate user to hack the data. The algorithm proposed is designed with the objective of data public-key cryptography: confidentiality. This algorithm follows stream It is also Known as asymmetric cryptography, cipher, i.e. operations will be done in the basis of cryptographic algorithms which requires two byte by byte encryption. Each byte consists of different secret keys, one of which is secret (or different key. In this algorithm both encryption and decryption not only depends on key but also private) and one of which is open public. the order of the key in which it is stored in Although different, the two parts of this key pair memory. This algorithm provides security to the provider on pay-per-use basis. This is well established sector.
ISBN NO: 978 - 1503304048
International Association of Engineering & Technology for Skill Development 2
Proceedings International Conference On Advances In Engineering And Technology
www.iaetsd.in
privacy-preserving public auditing[4]: Cloud Storage Users can access and Store their confidential data any where. In this users should be able to just use the cloud storage as if it is local, without worrying about the integrity. Just verify its integrity. To securely introduce an effective TPA, process should bring in no new vulnerabilities toward user data privacy, and key aggregate cryptography[2]: key aggregate Cryptography is a special type introduce no additional online problem to user. of public key cryptography.in KAC sender Thus, enabling public auditability for cloud encrypts a message using public key than also storage is of critical importance so that users can make class. That class uses to identifier of resort to a third party auditor (TPA) to check the ciphertext. That means chipertext are further integrity of outsourced data and be worry-free. So categorized into different classes. Sender having a that we go for privacy-public auditing. A public maser-secret key, Which is used to extract secret auditing scheme consists of four algorithms keys for different classes. Extracted key have can (keyGen, siggen, genproof, and verifyproof). be an aggregate key which is as compact as a keygen is a key generation algorithm that is run secret key for a single class.aggregats can have a by the user to setup the scheme. power of many such keys. The decryption power for any subset of ciphertext class. In this sender siggen is used by the user to generate embeddable can simply send receiver a single aggregate key code to verification metadata, which may consist via a secure e-mail. Receiver can download the of MAC, signatures, or other related information encrypted files from senders cloud storage and that will be used for auditing. then use this aggregate key to decrypt these genproof is run by the cloud server to generate a encrypted files. proof of stored data correctness, while Verify time-bound hierarchical key assignment Proof was run in TPA to audit the immune from the cloud server. scheme[3]: A time-bound hierarchical key assignment scheme [2] is a method to assign time-dependent Running a public auditing system consists of two encryption keys to a set of classes in a partially phases, Setup phase and Audit phase: ordered hierarchical assignment, in such a way setup: The user prepares the public and secret that the key of the class can be used to derive the parameters of the system by performing KeyGen, keys of all classes lower down in the hierarchy, and pre-processes the data file F by using SigGen according to temporal constraints. We first to make the substantiation metadata. The user consider an information-theoretic approach to then stores the data file F and the verification time-bound hierarchical key assignment schemes. metadata at the cloud server, and erase its native We prove a tight lower bound on the size of the copy. As part of pre-processing, the user may alter private information distributed to each class. the data file F by growing it or including Afterwards, this algorithm prove that a recently additional metadata to be deposited at server. proposed scheme is insecure against collusive defense attacks. Finally, we propose two different audit: The TPA issues an audit message or constructions for time bound key assignment challenge to the cloud server to make sure that the schemes. The first one technique is based on cloud server has engaged the data file F properly symmetric encryption schemes, whereas, the at the time of the audit. The cloud server will second technique makes use of bilinear maps. derive a answer message from a function of the These appear to be the first constructions of this warehoused data file F and its verification key assignment schemes which are metadata by implementing GenProof. The TPA simultaneously practical and provably-secure. then validates the response via verifyproof. Our framework undertakes the TPA is stateless, which key. This algorithm a double encryption and double decryption. Two keys are used in this algorithm. First encryption will be done by one key and the second encryption will be done by other key. Two character storages are there for encryption and decryption.
ISBN NO: 978 - 1503304048
International Association of Engineering & Technology for Skill Development 3
Proceedings International Conference On Advances In Engineering And Technology
a necessary property is reached by our proposed solution. It is easy to spread out the framework above to capture a stateful auditing system, in essence by splitting the authentication metadata into two parts which are stored by the TPA and the cloud server respectively. Major weakness of the system is we can’t archive to assist the TPA to perform audits for several users instantaneously and proficiently. chosen-ciphertext encryption[5]:
secure
proxy
re-
In a proxy re-encryption scheme, a proxy is given special value that allows it to convert a ciphertext under one key into a ciphertext of the same message under a different key. In this algorithm is secure against for chosen ciphertext attacks. In this Scheme consists of three definitions: a gamebased definition and two simulation-based definitions that guarantee universally composable security. We then demonstrate that the gamebased definition lies in between the two simulation-based definitions. Proxy re-encryption scheme presents a secure against chosen-ciphertext attacks. To make sense to define the game so as to disallow the decryption queries not only on the
www.iaetsd.in
challenge ciphertext (as usual), but also on any trivial derivative of the challenge ciphertext (e.g., derivatives obtained from a re-encryption).The simulation-based definitions are formulated within the universally composable (UC) framework. They extend the ideal functionality for CCA-secure encryption to the case of encryption, using ideas from the UC definition of replay able CCA (RCCA) security. The need to provide two separate UC formulations (one that implies the game-based definition and one that follows from it) stems from the difficulty in capturing the adaptive nature of re-encryption.
III. CONTRIBUTION. We proposed new Security algorithm for efficient authentication, Confidentiality, Identity and computation Time for Encryption and Decryption. All are satisfied in Signcryption Security algorithm. If signcryption of entire network traffic is considered, then computational power as well as savings in bandwidth is major factors. Signcryption was the gain in efficiency when both encryption and signing need to be performed. Signcryption is a cryptographic primitive that fulfills both the functions of digital signature and public key encryption in a same step.
Existing Algorithm
Advantage
Disadvantages
Key-Aggregate Cryptography
Data Confidential
This algorithm does not have a strong decryption key for decryption, length of the key is very long
Address and Position Based Cryptography Algorithm Time-bound hierarchical key assignment scheme.
Strong Encryption Based on Address , Secure and computationally secure setting
Does not provide security things. Unconditionally Secure.
Privacy-Preserving Auditing:
Public no new vulnerabilities toward user data privacy, and introduce no additional online burden to user Chosen-Ciphertext Secure Proxy security against chosen Re-Encryption: ciphertext attacks
ISBN NO: 978 - 1503304048
Confidential
we can’t archive to enable the TPA to perform audits for multiple users simultaneously and efficiently.. achieved only semantic security
International Association of Engineering & Technology for Skill Development 4
Proceedings International Conference On Advances In Engineering And Technology
Type Of Algorithm
Algorithm Usage
Digital Signature
ElGamal’s Shortened Signature Scheme (SDSS)
Encryption & Decryption
Signcryption
www.iaetsd.in
Advantages Digital ensures the contents of the message are confidential High Data Confidential. Digital Signature and Encryption are done in same time. Time Efficiency is done
[3]. W.-G. Tzeng, “A Time-Bound Cryptographic Key Assignment Scheme for Access Control in a Hierarchy,” IEEE Transactions on Knowledge In this Paper Concentrate Data Privacy and Data Engineering (TKDE), vol. 14, no. 1, pp. and Confidentiality of user's personal 182–188, 2002. Data.Signcrytion provides better security for data protection and identity of valid Data. In Cloud authentication and confidentiality are required as [4]. C. Wang, S. S. M. Chow, Q. Wang, K. Ren, simultaneous key requirements in many and W. Lou, “Privacy- Preserving Public Auditing Cryptographic applications. Signcryption for Secure Cloud Storage,” IEEE Trans. Effectively implements both things Computers, vol. 62, no. 2, pp. 362–375, 2013. Simultaniously.It having a less computational time when comparing signature followed by encryption and encryption followed by signature. [5]. R. Canetti and S. Hohenberger, “ChosenCiphertext Secure Proxy Re-Encryption,” in Computation involved when applying the Proceedings of the 14th ACM Conference on Signcryption, Unsigncryption algorithms and Computer and Communications Security (CCS communication overhead is much smaller than ’07). ACM, 2007, pp. 185–194. signature-then-encryption schemes. It’s Really Hard to predict the relation between the security algorithm.so trapping of data is really difficult.it takes many years to break the algorithm. So this algorithm provides high data confidentiality.
IV. CONCLUSION.
V. REFERENCE: [1]. L. Hardesty, “Secure computers aren’t so secure,” MIT press, 2009, http://www.physorg.com/news176107396.html. [2]. Cheng-Kang Chu, Sherman S. M. Chow, Wen-Guey Tzeng, Jianying Zhou, and Robert H. Deng,"Key-Aggregate Cryptosystem for Scalable Data Sharing in Cloud Storage", IEEE Transactions on Parallel and Distributed Systems. Volume: 25, Issue: 2. Year: 2014.
ISBN NO: 978 - 1503304048
International Association of Engineering & Technology for Skill Development 5