Você está na página 1de 3

International Journal on Recent and Innovation Trends in Computing and Communication ISSN: 2321-8169

Volume: 4 Issue: 5 204 - 206


___________________________________________________________________________________________________
Sharing of Data Using Key Aggregation and Searchable Encryption

V. Vignesh Kumar Dr. Sunanda Dixit Nadia Saba


Dept.Information Science and Engg Dept.of Information Science and Engg. Dept.Information Science and Engg
Dayananda Sagar College of Dayananda Sagar College of Dayananda Sagar College of
Engineering, Engineering, Engineering,
Bangalore, India. Bangalore, India. Bangalore, India.
Email: vignesh1431995@gmail.com Email: sunanda.bms@gmail.com Email: nadiasaba38@gmail.com

Priyanka Surana Viyani Sushmitha M J


Dept.of Information Science and Engg. Dept.Information Science and Engg
Dayananda Sagar College of Engineering, Dayananda Sagar College of Engineering,
Bangalore, India. Bangalore, India.
Email: priyankasurana94@gmail.com Email: chummi.viyani@gmail.com

Abstract - Sharing data with different users is an important functionality of the cloud. However, while enjoying the convenience provided by the
cloud storage, users main concern is regarding the data leakage present in cloud. A promising approach to prevent this is encryption of data
before uploading onto cloud. The desire to selectively and securely share documents with any group of users demands different documents to
have different encryption keys. This necessitates the distribution of a large number of keys to users for both encryption and search, those users
will have to securely store these keys, and submit an equally large number of keyword trapdoors to the cloud in order to perform search. In this
paper, we resolve this problem by extending the concept of Key Aggregate Searchable Encryption (KASE) scheme which employs a single
aggregate key and a single trapdoor. Here, the data owner only needs to distribute a single key to a user for sharing a large number of documents,
and the user only needs to submit a single trapdoor to the cloud for querying the documents. Also, we provide a functionality of selection of
keyword based on their rank by the Data owner in such a way that the selected keywords describe the file. Thus, this scheme makes the
management of the keys efficient and also makes the sharing of documents over the cloud more secure.

Keywords- Key Aggregation, Searchable Encryption, Secure Cloud


__________________________________________________*****_________________________________________________

users, both for them to search over the encrypted files and to
I. INTRODUCTION decrypt the files, will be proportional to the number of such
Clouds are large pool of easily usable and accessible files. Such large number of keys must not only be distributed
virtualized resources which can be dynamically reconfigured to users via secure channels, but also be securely stored and
to provide optimal resource utilization. As per the definition managed by the users on their devices. In order to handle both
provided by National Institute for Standards and Technology these problems we have used a scheme where the need for
(NIST) Cloud Computing is a model for enabling sharing multiple keys with the user is eliminated by
convenient, on-demand network access to a shared pool of aggregating all the keys into one single aggregate key and also
configurable computing resources (e.g., networks, servers, made search more efficient and easy by hashing the keywords.
storage, applications, and services) that can be rapidly
provisioned and released with minimal management effort or II. RELATED WORKS
service provider interaction. Data sharing is one of the Maintenance and security of data is one of the important
important functionality in cloud storage. One among the vision of any organization. At the same time, selectively
research challenges is the data leakage present in cloud. An sharing the data has been a problem for quite some time now.
approach to deal with this challenge is, the data owner should With the advancement of Cloud Technology and adoption of
encrypt all the data before uploading them onto cloud, so that the same by various organizations has made their operations
the encrypted data may be retrieved and decrypted by only easy but, the security and privacy of Cloud still remains as one
those who have the decryption keys. Such a cloud storage is among important issues to be addressed. Sharing of data
often called the cryptographic cloud storage [1]. However, the selectively and minimizing the number of keys required to
encryption of data makes it challenging for users to search and provide access to the documents has been of interest to many.
then selectively retrieve only the data containing given Various solutions have been proposed and many analysis has
keywords. A common solution is to employ a searchable been made over the reasons for security concern in cloud.
encryption (SE) scheme in which the data owner is required to Reza Curtmola et al. addresses the problem of searchable
encrypt potential keywords and upload them to the cloud symmetric encryption by first reviewing the existing notions
together with encrypted data [6]. For retrieving data which of security and then proposed a new and stronger security
matches a keyword, the user will send the corresponding mechanism [1]. E. Seetha et al. proposes a new cryptographic
keyword trapdoor to the cloud for performing search over the method for secure Proof of Ownership (PoW), based on the
encrypted data [6]. Since each encrypted file is assigned a key, joint use of convergent encryption, for providing dynamic
implies that the number of keys that need to be distributed to sharing between users and ensuring efficient data
204
IJRITCC | May 2016, Available @ http://www.ijritcc.org
_______________________________________________________________________________________
International Journal on Recent and Innovation Trends in Computing and Communication ISSN: 2321-8169
Volume: 4 Issue: 5 204 - 206
___________________________________________________________________________________________________
deduplication [2]. Cheng-Kang Chu et al. discusses how to registered by the data owner through an e-mail. The data user
allow decryption of multiple cipher texts, without increasing receives the e-mail and logs in into the system by providing
its size and have introduced a special type of public key the username and password received. The data user then
encryption as it is more secure compared to single key submits the received aggregate key. Correct aggregate key
encryption, and termed it as key aggregate cryptosystem submitted would ensure that the user is authorized to access
(KAC) [3]. R.A. Popa et al. constructs a searchable encryption the documents. The data user then submits the keyword of
scheme that enables keyword search over data encrypted with his/her interest to carry out the search operation through all the
different keys [4]. Zheli Liu et al. proposed in their paper documents that can be accessed by them. This operation
multi-user searchable encryption using hybrid cloud with retrieves all files containing the keyword mentioned by the
coarse-grained access control [5]. Baojiang Cui et al. has data user in decreasing order of their keyword ranking. The
proposed a secure way to share data selectively by using a data user can then select the file of his/her interest from the list
scheme called Key Aggregate Searchable Encryption [6]. J.W. of decrypted files available and download it.
Li et al. tackles the challenge of searchable encryption not The implementation requirements of the KASE scheme
effectively supporting fine- grained access control, by includes-
introducing a private cloud as an access interface between A. Eclipse, which is a universal platform for integrating
users and public cloud under a hybrid architecture [7]. Peter development tools, acts as a common base for web
Van Liesdonk et al. proposes a novel symmetric searchable based projects and permits unrestricted content types.
encryption scheme that offers searching at a constant time in B. SQLYOG, which is a GUI tool for the RDBMS
the number if unique keywords stored in the server [8]. Sen MySQL.
Kamara et al. proposes a SSE( Searchable Symmetric C. Apache Tomcat Server (compatible version).
Encryption) scheme to satisfy the following properties:
sublinear search time, security against adaptive chosen- IV. RESULT
keyword attacks, compact indexes and the ability to add and The implementation of the proposed idea requires
delete files efficiently [9]. Dan Boneh et al. addresses the perfect handling of required tools and some basic Java and
problem of searching on data that is encrypted using a public J2EE programming knowledge. It takes around three months
key system and hence proposes a solution for it [10]. Changyu for the implementation of this idea. We, at the end of two
Dong et al. proposes and encryption scheme where each months were successfully able to complete a good percentage
authorized user in the system has his own keys to encrypt and of the total work. The work done so far consists of:
decrypt data [11]. C. Wang et al. utilize and uniquely combine A. Data Owner(Admin for this scenario) logging in
the public key based homomorphic authenticator with random B. Data Owner creates user accounts and assigns grades
masking to achieve the privacy preserving public cloud data C. Key generation for encryption of files.
auditing system which meets the requirements [12]. D. Grade key generation for each of the grades.
E. The uploading of file( which also includes key word
III. PROPOSED WORKS extraction and ranking)
The concept of Key Aggregate Searchable Encryption is based F. The following screenshots would give a glimpse
on the ideas presented in Multi-Key Searchable Encryption about the work completed so far.
scheme and Key-Aggregate Data Sharing scheme. In this
scheme, instead of having different encryption keys for
different documents, we create a single aggregate key with
which the user can access multiple documents and is required
to submit only a single trapdoor to the cloud for querying these
documents to perform search. In the used system, the data
owner first logs in and creates the user profile for all those
users who have access to the documents uploaded by him/her.
During the creation of the user profiles, each user is assigned a
particular grade by the data owner. Each grade is assigned a Figure 1:Data Owner Logs in
grade key using a random function. The data owner then
selects the documents to be shared and provides access control
for the files to the user. The files to be uploaded onto the cloud
are encrypted using RSA algorithm. A list of keywords are
extracted from the files and ranked on the basis of their
frequency in the file and is being displayed to the data owner.
The data owner then selects five key words on the basis of
their frequency in such a way that they describe the file
completely. These keywords are then converted into hash
codes and stored as indexes to make the search operation more Figure 2: User Account Creation
efficient. MD5 algorithm is used for hashing the keywords.
The aggregate key which is a combination of the data owners Figure 1, shows the home page where the user logs in which is
public key and the grade key is generated. This aggregate key the primary activity to be accomplished for the entire process
is encrypted for further security using DES algorithm and then to start.
sent to the user along with the username and password as
205
IJRITCC | May 2016, Available @ http://www.ijritcc.org
_______________________________________________________________________________________
International Journal on Recent and Innovation Trends in Computing and Communication ISSN: 2321-8169
Volume: 4 Issue: 5 204 - 206
___________________________________________________________________________________________________
Figure 2, has the User details entry page, filling in the also requires future work that would provide a solution for
necessary details subsequently will lead to grade assignment KASE in the case of federal clouds.
page for the user. Once a grade is assigned to a user the user
will be able to receive the documents which are uploaded by VI. CONCLUSIONS
the data owner for that particular grade. This paper aimed at flexible data sharing of any
group of selected documents with any group of users with
efficient management of large number of encryption keys. In
the extended KASE scheme this goal is been achieved by
versatile cryptographic techniques and searchable encryption
method, which enables the data owner for the distribution of
single aggregate key instead of group of keys to a user for
sharing any number of files and at the user end submission of
single aggregate trapdoor to the cloud for performing keyword
search over any number of shared files. Thus reducing the
large number of keys to a single aggregate key enhances the
key management requirements. Considering the importance of
Figure 3: User Data retrieved from Database data sharing functionality in cloud storage, the extended
KASE scheme thus provides secure, efficient and flexible
Figure 3, show the details of the user. These are retrieved from group data sharing.
the database. The data owner on completion of the task of
User account creation all of the details get inserted into the REFERENCES
database for future use. [1] Reza Curtmola, Juan Garay, Seny Kamara, Rafail Ostrovsky.
Searchable symmetric encryption: improved denitions and
efcient constructions, In: Proceedings of the 13th ACM
conference on Com- puter and Communications Security, ACM
Press, pp. 79-88, 2006.
[2] E. Seetha and D. Ponniselvi A Dynamic Authentication for
Client Side Deduplication in Cloud Storage Environment,
International Journal Of Innovative Research In Computer And
Communication Engineering, Vol:3, Issue: 8, August 2015.
[3] Cheng-Kang Chu, Sherman S. M. Chow, Wen -GueyTzeng,
Jianying Zhou and Robert H.Deng Key-Aggregate
Cryptosystem for Scalable Data Sharing in Cloud Storage,
IEEE Transactions on Parallel and Distributed Systems, 2014,
Figure 4: Key Generation 25(2): 468-477.
[4] R. A. Popa ,N. Zeldovich. Multi-key searchable encryption.
Figure 4, displays a message which indicates the generation of Cryptology e-Print Archive, Report 2013/508, 2013.
the Key which will be used for encrypting the uploaded files. [5] Z. Liu, Z. Wang, X. Cheng, Multi-user Searchable Encryption
with Coarser-Grained Access Control in Hybrid Cloud, Fourth
The remaining work would consist of:
International Conference on Emerging Intelligent Data and Web
A. Generation of aggregate key Technologies (EIDWT), IEEE, pp. 249-255, 2013.
B. Sending of the aggregate key to Users of Different [6] Baojiang Cui, Zheli Liu* and Lingyu Wang Key-Aggregate
grades Searchable Encryption (KASE) for Group Data Sharing via
C. Performing a single- and multi-keyword search over Cloud Storage, IEEE Transaction On Computers Vol:6, No:1,
the documents by Users. January 2015.
Moving ahead with the same momentum, the remaining work [7] Jingwei Li, Jin Li, Xiaofeng Chen, Chunfu Jia and Zheli Liu
will also be completed soon. Efcient Keyword Search over Encrypted Data with Fine-
The remaining work will be articulated in the next paper along Grained Access Control in Hybrid Cloud, In: Network and
System Security 2012, LNCS, pp. 490502, 2012.
with the problems being faced while development of this [8] Peter Van Liesdonk, Saeed Sedghi, Jeroen Doumen, Willem
project, the pros and cons of the project. Jonker Computationally efcient searchable symmetric
encryption, Secure Data Management, pp. 87-100, 2010.
V. LIMITATIONS
[9] Sen Kamara, Charalampos Papamanthou, Tom Roeder.
Although the KASE scheme achieved in providing an efficient Dynamic searchable symmetric encryption, Proceedings of the
mechanism for large number of keys management. With its 2012 ACM conference on Computer and communications
reduction to a single aggregate key for sharing any number of security (CCS), ACM, pp. 965976, 2012.
documents and making possible only a single trapdoor [10] Dan Boneh, Giovanni Di Creseenzo, Rafail Ostrovsky,
Giuseppe Persiano. Public Key Encryption with Keyword
submission by the user to the cloud for its retrieval operation,
Search, EUROCRYPT 2004, pp. 506C522, 2004.
its limitation in case of multiple owners gives rise to a future [11] Changyu Dong, Giovanni Russello, Naranker Dulay. Shared
work. When user submits the keyword, he at times might not and searchable encrypted data for untrusted servers,Journal of
be able to retrieve the file of his interest as the selected Computer Security, pp. 367-397, 2011.
keywords might not cover all possible ones. At the same time [12] C. Wang, Qian Wang, Kui Ren, and Wenjing Lou, Privacy-
the application of KASE scheme in the case of federal clouds Preserving Public Auditing for Data Storage Security in Cloud
Computing, Proc. IEEE INFOCOM, pp. 525-533, 2010.
206
IJRITCC | May 2016, Available @ http://www.ijritcc.org
_______________________________________________________________________________________