The capability of selectively sharing encrypted data with different users via public cloud storage may greatly ease security concerns over inadvertent data leaks in the cloud. A key challenge to designing such encryption schemes lies in the efficient management of encryption keys. The desired flexibility of sharing any group of selected documents with any group of users demands different encryption keys to be used for different documents. However, this also implies the necessity of securely distributing to users a large number of keys for both encryption and search, and those users will have to securely store the received keys, and submit an equally large number of keyword trapdoors to the cloud in order to perform search over the shared data. The implied need for secure communication, storage, and complexity clearly renders the approach impractical. In this project,the novel concept of key-aggregate searchable encryption instantiated through a concrete KASE scheme, in which a data owner only needs to distribute a single key to a user for sharing a large number of documents, and the user only needs to submit a single trapdoor to the cloud for querying the shared documents.
1
TABLE OF CONTENTS
CHAPTER TITLE PAGE
Abstract 1
List of abbreviations 4
1 INTRODUCTION 5
1.1 Overview 5
1.2 Searchable encryption 10
1.3 Objective 11
1.4 Problem definition 12
1.5 Summary 13
2 LITERATURE SURVEY 14
2.1 Survey 14
3 PROPOSED SYSTEM 17
3.1 KASE Architecture 17
3.2 KASE Algorithm 18
3.3 Time cost of KASE Algorithms 20
2
4 IMPLEMENTATION OF PROPOSED 21
SYSTEM
4.1 Implementation tool 21
4.2 Java pairing based cryptographic library 22
4.3 Bouncy castle library 24
5 CONCLUSION AND FUTURE WORK 25
5.1 Conclusion 25
5.2 Future work 25
6 REFERENCES 26
3
LIST OF ABBREVIATIONS
S. NO. NOTATIONS EXPANSIONS
1. SE Searchable Encryption
2. MUSE Multi User Searchable Encryption
3. SSE Symmetric Searchable Encryption
4. KA Key Aggregate
4
Chapter 1
Introduction
1.1 OVERVIEW
The ability to search through personalized data seamlessly has become a major requirement for the usability of a cloud computing infrastructure.And with the assumption that cloud storage servers remain “honest-but-curious” due to the posiblity of information theft, there is the ever present need to employ cryptographic means to encrypt data in the cloud.However,in the midst of these requirements,it is also difficult to search through data once it has been encrypted and sent to a remote server for storage. The ability to search through personalized data seamlessly has become a major requirement for the usability of a cloud computinh infrastructure.And with the assumption that cloud storage servers remain “honest-but-curious” due to the posiblity of information theft, there is the ever present need to employ cryptographic means to encrypt data in the cloud. However,in the midst of these requirements,it is also difficult to search through data once it has been encrypted and sent to a remote server for storage.
NEED FOR CRYPTOGRAPHY:
On-demand accesses to large amounts of data shared over the Internet.
Millions of users are sharing personal data, such as photos and videos, with their friends through social network applications based on cloud storage on a daily basis.
To address users concerns over potential data leaks in cloud storage while uploading the data in the cloud.
5
SEARCHABLE ENCRYPTION:
A common solution is to employ a searchable encryption (SE) scheme in which the data owner is required to encrypt potential keywords and upload them to the cloud
together with encrypted data, such that, for retrieving data matching a keyword, the user will send the corresponding keyword trapdoor to the cloud for performing search over the encrypted data. Combining a searchable encryption scheme with cryptographic cloud storage can achieve the basic security requirements of a cloud storage. The encryption of data makes it challenging for users to search and then selectively retrieve only the data containing given keywords.
KASE SCHEME:
A key-aggregate searchable encryption scheme under which any subset of the keyword ciphertexts (produced by the SE.Encrypt algorithm ) from any set of documents is searchable (performed by the SE.Test algorithm) with a constant-size trapdoor (produced by SE.Trpdr algorithm) generated by a constant-size aggregate key.
The KASE framework is composed of seven algorithms.Specifically, to set up the scheme, the cloud server would generate public parameters of the system through the Setup algorithm, and these public parameters can be reused by different data owners to share their files.
This framework is summarized in the following.
Setup(1^ ,n):
This algorithm is run by the cloud service provider to set up the scheme. On input of a security parameter 1 and the maximum possible number n of documents which belongs to a data owner, it outputs the public system parameter params.
Keygen:
This algorithm is run by the data owner to generate a random key pair (pk,msk).
6
Encrypt(pk,i):
This algorithm is run by the dataowner to encrypt the ith document and generate its keywords ciphertexts. For each document, this algorithm will create a delta Di for its searchable encryption key ki. On input of the owner s public key pk and the file index i, this algorithm outputs data ciphertext and keyword ciphertexts Ci.
Extract(msk,S):
This algorithm is run by the data owner to generate an aggregate searchable encryption key for delegating the keyword search right for a certain set of documents to other users. It takes as input the owner s master-secret key msk and a set S which contains the indices of documents, then outputs the aggregate key kagg.
Trapdoor(kagg,w):
This algorithm is run by the user who has the aggregate key to perform a search. It takes as input the aggregate searchable encryption key kagg and a keyword w, then outputs only one trapdoor Tr.
Adjust(params,i,S,Tr):
This algorithm is run by cloud server to adjust the aggregate trapdoor to generate the right trapdoor for each different document.It takes as input the system public parameters params, the set S of documents indices, the index i of target document and the aggregate trapdoor Tr, then outputs each trapdoor Tri for the ith target document in S.
Test(Tri,i):
This algorithm is run by the cloud server to perform keyword search over an encrypted document. It takes as input the trapdoor Tri and the document index i, then outputs true or false to denote whether the document doci contains the keyword w.
7
REQUIREMENTS FOR DESIGNING KASE SCHEMES:
A KASE scheme should satisfy three functional requirements
as follows:
Compactness. This requirement demands a KASE scheme to ensure the size of the aggregate key to be independent of the number of files to be shared. Formally,for a set of keys, it requires that kagg Extract(msk, S). How to aggregate the set of keys into a single key without invalidating later steps is a key challenge in designing KASE schemes.
Searchability. This requirement is central to all KASE schemes since it enables users to generate desired trapdoors for any given keyword for searching encrypted documents. In another word, reducing the number of keys should preserve the search capability. Formally, for each document containing the keyword w with index i to S, the searchability requires that if (Trapdoor(kagg,w) and Tr Adjust(params, i, S, Tr)), then Test.
Delegation. The main goal of KASE is to delegate the keyword search right to a user through an aggregate key. To ensure any user with the delegated key can perform keyword search, this requirement requires that the inputs of the adjustment algorithm must not be public, i.e., these inputs should not rely on any user s private information. This is the second key challenge in designing KASE schemes.
8
CHALLENGES IN KASE SCHEMES:
Controlled searching: Meaning that the attackers cannot search for an arbitrary word without the data owner s authorization. That is, the attacker cannot perform keyword search over the documents which are not relevant to the known aggregate key, and he/she cannot generate new aggregate searchable encryption keys for other set of documents from the known keys.
Query privacy: Meaning that the attackers cannot determine the keyword used in a query, apart from the information that can be acquired via observation and the information derived from it. That is, the user may ask an untrusted cloud server to search for a sensitive word without revealing the word to the server.
BILINEAR MAPPING:
A bilinear map is a map e : G X G G_1 with the following properties:
Bilinearity:
For all u, v G and a, b Z, we have
e(u^a,v^b )=e(u,v)^ab
Non-degeneracy:
e(g,g) 1
Computability:
There is an efficient algorithm to compute e(u,v) for any u,v G.
9
DISADVANTAGES OF EXISTING SYSTEM:
Generating multiple keys for multiple files is a long process.
Transferring the multiple keys via an insecure method of communication.
Third party can easily intercept the data and gain access to the key.
Search over the those files encrypted with different keys seems to be difficult.
It may return a wrong set of documents for a query.
1.3 PROBLEM STATEMENT:
To design a key-aggregate searchable encryption scheme for multi owner scenario,under which any subset of the keyword ciphertexts from any set of documents is searchable with a constant-size trapdoor generated by a constant-size aggregate key.
To ensure whether the retrieved documents matches the keyword based on the relevance score function.
To provide a resourceful solution to simplify practical data sharing system through public data storage.
To accomplish a system with well-organised management of encryption keys.
10
1.4 SUMMARY:
The design of our KASE scheme draws its insights from both the multi-key searchable encryption scheme and the key-aggregate data sharing scheme .
Specifically, in order to create an aggregate searchable encryption key instead of many independent keys.
Each searchable encryption key is associated with a particular index of document, and the aggregate key is created by embedding the owner s master-secret key into the product of public keys associated with the documents.
In order to implement keyword search over different documents using the aggregate trapdoor, we employ a similar process.
The cloud server can use this process to produce an adjusted trapdoor for every documents.
11
Chapter 2
Literature survey
2.1 SURVEY:
Data leaks caused by a malicious adversary or a misbehaving cloud operator, can usually lead to serious breaches of personal privacy or business secrets.To address users concerns over potential data leaks in cloud storage, a common approach is for the data owner to encrypt all the data before uploading them to the cloud, such that later the encrypted data may be retrieved and decrypted by those who have the decryption keys.This scheme has been proposed in [1] by Baojiang Cui.
It is also important to support ranked search on the cloud server side. Such ranked search allows the cloud server to sort out the search results according to the relevance between documents and the queried keyword, and send back the ranking results. It not only improves the user experience, but also reduces the bandwidth cost.The enhanced verifiable scheme has been proposed called Verifiable Multi Keyword Searchable Encryption(VMRS) in [9] by Xiuxiu Jiang.
The deniable searchable encryption algorithm has been proposed to overcome keyword guessing attacks. It is very important to introduce coercer to existing SSE schemes, which is a new type of adversary in SSE scheme that we should consider. If we still use the existing construction of SSE to resist this adversary, the confidentiality cannot be guaranteed fully. After the adversary got a trapdoor value, he wants to know the corresponding keyword. When he coerces some one of participants to disclose the keyword, the coerced participant either honestly opens or refuses. For the former, the data confidentiality cannot be ensured, for the latter the adversary may continue to threaten with gun until the participant cooperates with him. If the coerced party uses
12
deniable algorithm to generate trapdoor and ciphertext, the situation mentioned above will not happen, the privacy still can be ensured.It uses “Coercer-resilient algorithm” to avoid keyword guessing attacks as given in [6].
Xuefeng Liu, Yuqing Zhang, Member, IEEE, Boyang Wang, and Jingbo Yan said with the character of low maintenance, cloud computing provides an economical and efficient solution for sharing group resource among cloud users. Unfortunately, sharing data in a multi-owner manner while preserving data and identity privacy from an untrusted cloud is still a challenging issue, due to the frequent change of the membership. In this paper, we propose a secure multiowner data sharing scheme, named Mona, for dynamic groups in the cloud. By leveraging group signature and dynamic broadcast encryption techniques, any cloud user can anonymously share data with others. Meanwhile, the storage overhead and encryption computation cost of our scheme are independent with the number of revoked users. In addition, we analyze the security of our scheme with rigorous proofs, and demonstrate the efficiency of our scheme in experiments.
Anitha Letchumi B, Mr Pandia Raj proposed that cloud computing, also on-demand computing, is a kind of Internet-based computing that provides shared processing resources and data to computers and other devices on demand. Cloud computing has revolutionized in general, and having profound impact on document management. The cloud ensures that documents are available at anytime, anywhere. With cloud computing, no need of a specific computer or within a closed network in order to access files; all we need is an Internet connection. Web-based doc management also allows for scalability, making it a solution for businesses both small and large. Since it offers ease of access and reduced costs, cloud computing drives the best document management systems. Convenience of data sharing via cloud storage
13
increases the probability of data leakage. Encryption & Decryption mechanism is followed in general to avoid data leakage. But storage of Keys is again a nightmare, so reducing number of keys is the required approach which is proposed in MOSTKASE that ensures data protection as well as decrease of trapdoors and keys
Baojiang Cui, Zheli Liu, and LingyuWang combining a searchable encryption scheme with cryptographic cloud storage can achieve the basic security requirements of a cloud storage, implementing such a system for large scale applications involving millions of users and billions of files may still be hindered by practical issues involving the efficient management of encryption keys, which, to the best of our knowledge, are largely ignored in the literature. First of all, the need for selectively sharing encrypted data with different users (e.g., sharing a photo with certain friends in a social network application, or sharing a business document with certain colleagues on a cloud drive) usually demands different encryption keys to be used for different files. However, this implies the number of keys that need to be distributed to users, both for them to search over the encrypted files and to decrypt the files, will be proportional to the number of such files. Such a large number of keys must not only be distributed to users via secure channels, but also be securely stored and managed by the users in their devices. In addition, a large number of trapdoors must be generated by users and submitted to the cloud in order to perform a keyword search over many files.
Qiong Huang and Hongbo Li introduce the notion of Public-key Authenticated Encryption with Keyword Search (PAEKS) to solve the problem, in which the data sender not only encrypts a keyword, but also authenticates it, so that a verifier would be convinced that the encrypted keyword can only be generated by the sender. We
14
propose a concrete and efficient construction of PAEKS, and prove its security based on simple and static assumptions in the random oracle model under the given security models. Experimental results show that our scheme enjoys a comparable efficiency with Boneh et al. s scheme.
Huige Li , Fangguo Zhang, Chun-I Fan introduce coercer into SSE scheme. According to the role that the coercer plays, two situations are considered. In the first situation, the adversary is an inside coercer. In the second situation, the adversary is an outside coercer. The inside coercer means the server, while the outside coercer is such person that outside of the data owner, the user and the server. In view of the ability that the coercer has, we firstly construct the deniable SSE model (i.e., Den-SSE). Then we define the property what the Den-SSE should satisfy. By using the Deniable Encryption idea, we propose a scheme that can against the outside coercer, and two scheme that can resist inside coercer.
Xiuxiu Jiang , Jia Yu, Jingbo Yan , Rong Hao develop a multi- keyword ranked search scheme over encrypted cloud data, which also supports search results verification. To achieve efficient multi-keyword search, we construct a special data structure QSet based on an inverted index structure. To reduce the search complexity, we use the strategy that firstly searching the estimated least frequent keyword in the query to significantly narrow down the number of searching documents. Within this framework, to support ranked search, we utilize the common TF IDF rule to compute the relevance scores of documents matching a given search request. To resist malicious behaviors of the cloud server, we generate a binary vector for each keyword and use MAC to check the authenticity of the returned ciphertexts.
15
Sumanta Chatterjee ,Sonali Bhattacharjee , K Chandrasekaran proposed that symmetric searchable encryption implemented through trapdoor function to selectively expose keyword for search. A new method of achieving searchable encryption in the random oracle model is proposed through one way indistinguishability obfuscation. Indistinguishability obfuscation is achievable through mimicry function and one way cryptographic hash function. Security of the model is also analyzed with non adaptable indistinguishability security. Using this method an efficient idea of multi-cloud search environment is also proposed. In multi cloud searchable encryption several independent data providers collaborate in a federated way to provide search in their data through different independent cloud service provider revealing only keywords associated with the data.
16
Chapter 3
Proposed system
3.1 KASE ARCHITECTURE:
3.2 ALGORITHM :
Setup phase:
Generate a bilinear map group system B= (p, G, G1, e,.) where p is the order of G and 2 <= p < =2 +1
Type A pairing based on the curve Y2= X3 + X over the field Fp for some prime p =3 mod 4.
17
(SETUP PHASE)
Key generation phase:
pk=v=g^( );msk=
(KEYGEN PHASE)
Encryption phase:
c1=gt;c2=(v.G_i )^t
18
For a keyword w,the ciphertext will be of
cw=e(g,H(w) )^t/e(g_1,g_(n ) )^t
Extract(msk, S):
k_agg= _(j S g(n+1-j))
Trapdoor
The user uses this algorithm to generate the trapdoor to perform keyword search.
Tr=k_agg.H(p)
Search
(P, C top k (W)) Search (I, Tw) is a deterministic algorithm executed by the cloud server, which is used to search for the top- k ranked matched documents in C based on the relevance score. It takes as input an index I and a trapdoor T.
19
3.3 TIME COST OF KASE ALGORITHMS:
TIME COST OF TESTING:
The running time of algorithm increases as the number of documents increases.
TIME COST OF ENCRYPTION:
The running time of algorithm increases as the number of documents increases.
20
Chapter 4
IMPLEMENTATION OF PROPOSED SYSTEM
4.1 IMPLEMENTATION TOOL
OVERVIEW OF NETBEANS IDE
The NetBeans Platform is a framework for simplifying the development of Java Swing desktop applications. The NetBeans IDE bundle for Java SE contains what is needed to start developing NetBeans plugins and NetBeans Platform based applications; no additional SDK is required.
Applications can install modules dynamically. Any application can include the Update Center module to allow users of the application to download digitally signed upgrades and new features directly into the running application. Reinstalling an upgrade or a new release does not force users to download the entire application again.
The platform offers reusable services common to desktop applications, allowing developers to focus on the logic specific to their application. Among the features of the platform are:
User interface management (e.g. menus and toolbars)
User settings management
Storage management (saving and loading any kind of data)
Window management
Wizard framework (supports step-by-step dialogs)
NetBeans Visual Library
Integrated development tools
21
NETBEANS PLATFORM:
LIBRARIES USED:
JDBC database
Bouncy Castle Library
Java Pairing based cryptography library
JPBC LIBRARY:
The Java Pairing-Based Cryptography Library (JPBC) provides:
A Port of the Pairing-Based Cryptography Library (PBC), library developed by Ben Lynn, to performs the mathematical operations underlying pairing-based cryptosystems directly in Java.
A Wrapper that enables the delegation of the pairing computation to the PBC library to gain in performance.
22
An implementation of Multilinear Maps based on the paper Practical Multilinear Maps over the Integers by Coron, Lepoint, and Tibouchi. The implementation supports multithreading and uses memory mapped files to save in primary memory requirements.
BOUNCY CASTLE LIBRARY:
Bouncy Castle started when two colleagues were tired of having to re-invent a set of cryptography libraries each time they changed jobs working in server-side Java SE. One of the developers was active in Java ME (J2ME at that time) development as a hobby and a design consideration was to include the greatest range of Java VMs for the library, including those on J2ME. This design consideration led to the architecture that exists in Bouncy Castle.
The low-level, or ‘light-weight’, API is a set of APIs that implement all the underlying cryptographic algorithms. The APIs were designed to be simple enough to use if needed, but provided the basic building blocks for the JCE provider. The intent is to use the low-level API in memory constrained devices (JavaME) or when easy access to the JCE libraries is not possible (such as distribution in an applet). As the light-weight API is just Java code, the Java virtual machine (JVM) does not impose any restrictions on the operation of the code, and at early times of the Bouncy Castle history it was the only way to develop strong cryptography that was not crippled by the Jurisdiction Policy files that prevented JCE providers from performing “strong” encryption.
23
Chapter 5
CONCLUSION AND FUTURE WORK
By combining both key aggregate searchable encryption scheme with verifiable searchable encryption scheme,we build up a system not only searches for the data also verifies whether the retrieved content are true.If a user wants to query over documents shared by multiple owners, he must generate multiple trapdoors to the cloud,the next phase of the work will be reducing the number of trapdoors under multi-owners.The proposed scheme will be enhanced by implementing both outside-coercer resilient and inside -coercer resilient algorithms to overcome keyword guessing attacks.
24
Chapter 6
References
1. B. Cui, Z. Liu, L. Wang, “Key-aggregate searchable encryption (kase) for group data sharing via cloud storage”, IEEE Transactions on Computers, vol. 65, pp. 2374-2385, 2016.
2. S. Yu, C. Wang, K. Ren, W. Lou, “Achieving secure scalable and fine-grained data access control in cloud computing”, Proc. IEEE Conf. Comput. Commun., pp. 534-542, 2010.
3.R. Lu, X. Lin, X. Liang, X. Shen, “Secure provenance: The essential of bread and butter of data forensics in cloud computing”, Proc. ACM Symp. Inf. Comput. Commun. Security, pp. 282-292, 2010.
4. X. Liu, Y. Zhang, B. Wang, J. Yan, “Mona: Secure multi-owner data sharing for dynamic groups in the cloud”, IEEE Trans. Parallel Distrib. Syst., vol. 24, no. 6, pp. 1182-1191, Jun. 2013.
5. C. K. Chu, S. Chow, W. G. Tzeng, “Key-aggregate cryptosystem for scalable data sharing in cloud storage”, IEEE Trans. Parallel Distrib. Syst., vol. 25, no. 2, pp. 468-477, Feb. 2014.
25
6. S. Kamara, C. Papamanthou, T. Roeder, “Dynamic searchable symmetric encryption”, Proc. ACM Conf. Comput. Commun. Security, pp. 965-976, 2012.
7. J. Li, Q. Wang, C. Wang, “Fuzzy keyword search over encrypted data in cloud computing”, Proc. IEEE Conf. Comput. Commun., pp. 1-5, 2010.
8. F. Zhao, T. Nishide, K. Sakurai, “Multi-user keyword search scheme for secure data sharing with fine-grained access control”, Proc. Int. Conf. Inf. Security Cryptol., pp. 406-418, 2012.
9. J. W. Li, J. Li, X. F. Chen,, “Efficient keyword search over encrypted data with fine-grained access control in hybrid cloud”, Proc. 6th Int. Conf. Netw. Syst. Security, pp. 490-502, 2012.