Survey Paper on CP-ABE cloud computing

In attribute based encryption (ABE) scheme, attributes plays a very important role. Attribute –based encryption provides privacy protection for the users by a set of attributes. Now a days as cloud is most widely used in mostly all fields so there is need of keeping data more secure and confidential which is outsourced on the cloud. Security of the data in cloud database server is the key area of concern in the acceptance of cloud. It is required very high degree of privacy and authentication. In existing system used hierarchical authorization structure to reduce the burden and risk of a single authority .this paper proposes a hierarchical attribute based encryption which directly provides attribute value by user as well as data stored in different types of media

Server-Aided Revocable Predicate Encryption: Formalization and Lattice-Based Instantiation

Efficient user revocation is a necessary but challenging problem in many multi-user cryptosystems. Among known approaches, server-aided revocation yields a promising solution, because it allows to outsource the major workloads of system users to a computationally powerful third party, called the server, whose only requirement is to carry out the computations correctly. Such a revocation mechanism was considered in the settings of identity-based encryption and attribute-based encryption by Qin et al. (ESORICS 2015) and Cui et al. (ESORICS 2016), respectively. In this work, we consider the server-aided revocation mechanism in the more elaborate setting of predicate encryption (PE). The latter, introduced by Katz, Sahai, and Waters (EUROCRYPT 2008), provides fine-grained and role-based access to encrypted data and can be viewed as a generalization of identity-based and attribute-based encryption. Our contribution is two-fold. First, we formalize the model of server-aided revocable predicate encryption (SR-PE), with rigorous definitions and security notions. Our model can be seen as a non-trivial adaptation of Cui et al.'s work into the PE context. Second, we put forward a lattice-based instantiation of SR-PE. The scheme employs the PE scheme of Agrawal, Freeman and Vaikuntanathan (ASIACRYPT 2011) and the complete subtree method of Naor, Naor, and Lotspiech (CRYPTO 2001) as the two main ingredients, which work smoothly together thanks to a few additional techniques. Our scheme is proven secure in the standard model (in a selective manner), based on the hardness of the Learning With Errors (LWE) problem.Comment: 24 page

Offline privacy preserving proxy re-encryption in mobile cloud computing

This paper addresses the always online behavior of the data owner in proxy re- encryption schemes for re-encryption keys issuing. We extend and adapt multi-authority ciphertext policy attribute based encryption techniques to type-based proxy re-encryption to build our solution. As a result, user authentication and user authorization are moved to the cloud server which does not require further interaction with the data owner, data owner and data users identities are hidden from the cloud server, and re-encryption keys are only issued to legitimate users. An in depth analysis shows that our scheme is secure, flexible and efficient for mobile cloud computing

A Comprehensive Study on Crypto-Algorithms

In the field of computer network and security, cryptography plays a vital role for secure data transmission as it follows the principle of data confidentiality, integrity, non-repudiation, authentication. By using several cryptographic algorithms, a user can deliver and receive the message in more convenient way. In this paper, we have collaborated on various cryptographic algorithms, several types of cryptographic techniques along with different types of security attacks prevailing in case of cryptography. During the exchanging of any sort of information, the key generation, encryption and decryption processes are examined in more details in the current paper. We have discussed regarding RSA (Ron Rives, Adi Shamir and Len Adelman), which is one of the most secure algorithm in the context of data and information sharing, that has been analysed clearly in our work along with the basic concepts of DES(Data Encryption Standard) , conventional encryption model, ECC(Elliptic curve cryptography), Digital signature, ABE(Attribute based Encryption), KP-ABE(Key policy Attribute based encryption), CP-ABE(Ciphertext policy attribute based encryption), IBE(Identity based Encryption). We have elaborated various cryptograhic concepts for keeping the message confidential and secure while considering secured data communication in case of networks

An Improved Integrity-Based Hybrid Multi-User Data Access Control for Cloud Heterogeneous Supply Chain Databases

Cloud-based supply chain applications play a vital role in the multi-user data security framework for heterogeneous data types. The majority of the existing security models work effectively on small to medium-sized datasets with a homogenous data structure. In contrast, Supply Chain Management (SCM) systems in the real world utilize heterogeneous databases. The heterogeneous databases include a massive quantity of raw SCM data and a scanned image of a purchase quotation. In addition, as the size of the database grows, it becomes more challenging to provide data security on multi-user SCM databases. Multi-user datatypes are heterogeneous in structure, and it is complex to apply integrity and confidentiality models due to high computational time and resources. Traditional multi-user integrity algorithms are difficult to process heterogeneous datatypes due to computational time and variation in hash bit size. Conventional attribute-based encryption models such as "Key-policy attribute-based encryption" (KP-ABE), "Ciphertext-Policy Attribute-Based Encryption" (CP-ABE) etc., are used to provide strong data confidentiality on large textual data. Providing security for heterogeneous databases in a multi-user SCM system requires a significant computational runtime for these conventional models. An enhanced integrity-based multi-user access control security model is created for heterogeneous databases in the cloud infrastructure to address the problems with heterogeneous SCM databases. A non-linear integrity model is developed to provide strong integrity verification in the multi-user communication process. A multi-user based access control model is implemented by integrating the multi-user hash values in the encoding and decoding process. Practical results proved that the multi-user non-linear integrity-based multi-access control framework has better runtime and hash bit variation compared to the conventional models on large cloud-based SCM databases

Decentralizing Multi-Authority Attribute-based Data Sharing Scheme in Cloud computing

To maintain data integrity on the cloud, Attribute-based Encryption (ABE) with Key Policy Attribute-based Encryption (KP-ABE) and Ciphertext-Policy Attribute-based Encryption (CP-ABE) can be used with access control implementation for cloud computing. CP-ABE is a promising cryptographic primitive for secure data sharing in cloud computing. A data owner is the only charge of to define the access policy associated with his data which to be shared. In CP-ABE, each user's secret keys are associated with a set of attributes and data are encrypted with access policy on attributes. A user can decrypt a ciphertext if and only if his attributes satisfy the ciphertext access policy. In CP-ABE, the secret keys of users have to be issued by a trusted key authority that leads to key escrow problem. Besides, most of the existing CP-ABE schemes cannot support attribute with an arbitrary state. In this paper, weighted-attribute data sharing scheme is proposed to solve the key escrow problem and also improve the expressiveness of attribute, so that the resulting scheme is friendlier to cloud computing applications. An improved two-party key issuing protocol guarantees that neither key authority nor cloud service provider can compromise the whole secret key of a user individually. The concept of weighted-attribute not only enhance the expression of an attribute binary to arbitrary but also reduce the complexity of access policy, so that storage cost of ciphertext and time cost in encryption can be reduced

Ex-HABE with User Accountability for Secure Access Control in Cloud

Data outsourcing is becoming a useful and feasible paradigm with the rapid application of service-oriented technologies. Many researchers have tried combination of access control and cryptography to propose a model to protect sensitive information in this outsourcing scenario. However, these combinations in existing approaches have difficulty in key management and key distribution when fine-grained data access is required. Taking the complexity of fine-grained access control policy and the wide-reaching users of cloud in account, this issue would become extremely difficult to iron out. Various system models using attribute-based encryption (ABE) have been proposed however, most of them suffer from heavy overhead in implementing the access control policies. In this paper, a system is proposed with extended hierarchical attribute-based encryption (HABE) by using ciphertext-policy attribute-based encryption (ABE). It uses the hierarchical structure of users and bilinear mapping for generating the keys for various data handlers. Also the system focuses on user tracking by allocating an unique id to user. The system uses traitor tracing along with separation of duty made available by HABE and reduces the scope of key abuse. It is formally proved extended HABE with traitor tracing adds on to user accountability if user tracking for resource is maintained for hierarchical systems. DOI: 10.17762/ijritcc2321-8169.16042