Identity based proxy-oriented data uploading and

Identity based proxy-oriented data uploading and

• 1.
  Identity-Based Proxy-Oriented DataUploading and Remote Data Integrity Checking in Public Cloud. ABSTRACT More and more clients would like to store their data to PCS (public cloud servers) along with the rapid development of cloud computing. New security problems have to be solved in order to help more clients process their data in public cloud. When the client is restricted to access PCS, he will delegate its proxy to process his data and upload them. On the other hand, remote data integrity checking is also an important security problem in public cloud storage. It makes the clients check whether their outsourced data is kept intact without downloading the whole data. From the security problems, we propose a novel proxy-oriented data uploading and remote data integrity checking model in identity-based public key cryptography: IDPUIC (identity-based proxy-oriented data uploading and remote data integrity checking in public cloud). We give the formal definition, system model and security model. Then, a concrete ID-PUIC protocol is designed by using the bilinear pairings. The proposed ID-PUIC protocol is provably secure based on the hardness of CDH (computational Diffie-Hellman) problem. Our ID- PUIC protocol is also efficient and flexible. Based on the original client’s authorization, the proposed ID-PUIC protocol can realize private remote data integrity checking, delegated remote data integrity checking and public remote data integrity checking.
• 2.
  SYSTEM ANALYSIS EXISTING SYSTEM checkermust have R1,Ro,Rp. Ro,Rp are the part of original client’s private key and the proxy’s private key respectively. Their publicity cannot leak their the other part of private key, i.e., σo, σp cannot be leaked. The private key extraction phase Extract is actually a modified ElGamal signature scheme which is existentially unforgeable. For the identity ID, the extracted private key (R, σ) is a signature of ID. Since ElGamal signature is existentially unforgeable, the private key part σ will keep secret even if R is made public. On the other hand, R1 is generated by the original client in order to create the signature on the warrant m!. Thus, R1 is also known to the original client PROPOSED SYSTEM proof process is almost the same as Shacham- Waters’s protocol [20], we only give the differences. In Shacham-Waters’s protocol, u is randomly picked from G1. In our ID-PUIC protocol, u is calculated by using the hash function h. In the random oracle model, h’s output value is indistinguishable from a random value nn the group G1. In the phase TagGen, the proxy-key σ is used in ID-PUIC protocol while the data owner’s secret key a is used in Shacham- Waters’s protocol [20]. For PCS, σ and a has the same function to generate the block tags. When PCS is dishonest, since Shacham-Waters’s protocol is existentially unforgeable in random oracle model, our proposed ID-PUIC protocol is also existentially unforgeable in
• 3.
  the random oraclemodel. The detailed proof process is omitted since it is very similar to Shacham-Waters’s protocol. PROPOSED SYSTEM ALGORITHMS  Algorithm to provide efficient search In encryption Algorithm .  When the security parameter k is input, the algorithm outputs the system public parameters and the master secret key. The system public parameters are made public and the master secret key msk is made confidential by KGC.  An Atmospheric correction algorithm. MODULE DESCRIPTION MODULE  Public Cloud Server.  Security Analysis.  Remote.  Symmetric key distribution Method. MODULE DESCRIPTION
• 4.
  Public Cloud Server: Thereexist many different security problems in the cloud computing This paper is based on the research results of proxy cryptography, identity-based public key cryptography and remote data integrity checking in public cloud. In some cases, the cryptographic operation will be delegated to the third party, for example proxy. Thus, we have to use the proxy cryptography. Proxy cryptography is a very important cryptography primitive. In 1996, Mambo et al. proposed the notion of the proxy cryptosystem . When the bilinear pairings are brought into the identity- based cryptography, identitybased cryptography becomes efficient and practical. Since identity-based cryptography becomes more efficient because it avoids of the certificate management, more and more experts are apt to study identity-based proxy cryptography. In 2013, Yoon et al. proposed an ID-based proxy signature scheme with message recovery . Chen et al. proposed a proxy signature scheme and a threshold proxy signature scheme from the Weil pairing . By combining the proxy cryptography with encryption technique, some proxy re-encryption schemes are proposed. Liu et al. formalize and construct the attribute-based proxy signature . Guo et al. presented a non-interactive CPA(chosen-plaintext attack)-secure proxy reencryption scheme, which is resistant to collusion attacks in forging re- encryption keys . Many other concrete proxy re-encryption schemes and their applications are also proposed. Security Overlay: The security of our ID-PUIC protocol mainly consists of the following parts: correctness, proxy-protection and unforgeability. The correctness has been shown in the subsection III-B. In the following paragraph, we study the proxy-protection and unforgeability. Proxy-protection means that the original client cannot pass
• 5.
  himself off asthe proxy to create the tags. Unforgeability means that when some challenged blocks are modified or deleted, PCS cannot send the valid response which can pass the integrity checking.. Remote: Upload their data to PCS and check their remote data’s integrity by Internet. When the client is an individual manager, some practical problems will happen. If the manager is suspected of being involved into the commercial fraud, he will be taken away by the police. During the period of investigation, the manager will be restricted to access the network in order to guard against collusion. But, the manager’s legal business will go on during the the period of investigation. When a large of data is generated, who can help him process these data ? If these data cannot be processed just in time, the manager will face the lose of economic interest. In order to prevent the case happening, the manager has to delegate the proxy to process its data, for example, his secretary. But, the manager will not hope others have the ability to perform the remote data integrity checking. Public checking will incur some danger of leaking the privacy. For example, the stored data volume can be detected by the malicious verifiers. When the uploaded data volume is confidential, private remote data integrity checking is necessary. Although the secretary has the ability to process and upload the data for the manager, he still cannot check the manager’s remote data integrity unless he is delegated by the manager. We call the secretary as the proxy of the manager.
• 6.
  Symmetric key distributionmethod: Balanced incomplete block design (BIBD) is a combinatorial design methodology used in key pre-distribution schemes. BIBD arranges v distinct key objects of a key pool into b different blocks each block representing a key ring assigned to a node. Each BIBD design is expressed with a quintuplet where v is the number of keys, b is the number of key rings, r is the number of nodes sharing a key, and k is the number of keys in each key ring. Further, each pair of distinct keys occur together in exactly blocks. Any BIBD design can be expressed with the equivalent tuple because the relationship always holds. SYSTEM SPECIFICATION Hardware Requirements: • System : Pentium IV 2.4 GHz. • Hard Disk : 40 GB. • Floppy Drive : 1.44 Mb. • Monitor : 14’ Colour Monitor. • Mouse : Optical Mouse. • Ram : 512 Mb.
• 7.
  Software Requirements: • Operatingsystem : Windows 7 Ultimate. • Coding Language : ASP.Net with C# • Front-End : Visual Studio 2010 Professional. • Data Base : SQL Server 2008. CONCLUSION Motivated by the application needs, this paper proposes the novel security concept of ID-PUIC in public cloud. The paper formalizes ID-PUIC’s system model and security model. Then, the first concrete ID-PUIC protocol is designed by using the bilinear pairings technique. The concrete ID-PUIC protocol is provably secure and efficient by using the formal security proof and efficiency analysis. On the other hand, the proposed ID-PUIC protocol can also realize private remote data integrity checking, delegated remote data integrity checking and public remote data integrity checking based on the original client’s authorization.