Abstract-Cloudcomputing provides a simplest way of data sharing which gives various profitsto the users. But directly outsourcing the confidential data to the cloud willbring various security issues as the data may contain important information.Identity based encryption is a favourable technique for practical data sharingsystem in which user is removed from the system if his/her authorization isexpired. Revoked user cannot access the data shared before and after the expiryof authorization, thus IBE technique offers both forward and backward securityfor shared data. The modification of IBE called RS-IBE technique aims toprovide more security and privacy for the data in the cloud by reducing thetime complexity and improving performance. General terms-Revocation ,revocable storage-identitybased encryption, AES algorithm Keywords-KUNodealgorithm I.

INTRODUCTION Cloud computing hasrecently reached popularity and developed into a major trend in IT. We performsuch a systematic review of cloud computing and explain the technicalchallenges facing in this paper. In Public cloud the “Pay per use” model isused. In private cloud, the computing service is distributed for a singlesociety. In Hybrid cloud, the computing services is consumed both the privatecloud service and public cloud service.

Cloud computing has three types of services.Software as a Service (SaaS), in which customer prepared one service and run ona single cloud, then multiple consumer can access this service as per ondemand. Platform as a Service (PaaS), in which, it provides the platform tocreate application and maintains the application. Infrastructure as a Service(IaaS), as per term suggest to provides the data storage, Network capacity,rent storage, Data centers etc. It is also known as Hardware as a Service(HaaS).

In Cloud computing data security is prepared by theAuthentication,Encryption&Decryption, Message authentication code,Hash function, and Digital signature and so on. Diffie-Hellman algorithm isused to generate keys for key exchange step. Then digital signature is used forauthentication, thereafter AES encryption algorithm is used to encrypt ordecrypt user’s data file. Diffie- Hellman key exchange algorithm is vulnerableto main in the middle attack.

The most serious limitation is the lack of theauthentication. In final step the users send the request service to cloudservice provider for using the cloud service and also cloud service, provideservice to users. After doing this step user can used the cloud serviceprovider. But for more security they performed RSA algorithm for encryption& decryption and then they use Digital Signature for Authentication.

RSAalgorithm and Digital signature are used for secure communication. TheRevocable-Storage Identity-Based Encryption is a similar data securitymechanism in cloud.Existing system focuses only on identity based encryptionthus we the proposed modified RS-IBE technique which reduces complexity andimproves performance. II. RELATED WORKS 1Revocable IBE-KUNode algorithmNaturalrevocation way for IBE was first proposed by Boneh and Franklin. Method used bythem was to append current time period to the cipher text and each time nonrevoked users are provided with private keys by the key authority but thismethod is not scalable.

To over comeit’s drawbacks Boldyreva, Goyal and Kumarput forward a more efficient revocation strategy using binary tree to manageidentity. This RIBE scheme reduces key revocation complexity to good extent.Liang et al proposed a cloud based revocable identity based re-encryption whichutilized a broadcast encryption scheme for user revocation and cipher textupdate. The drawback with such a system is that malicious non revoked users canshare update key with revoked users and there by collapsing the system.

 2 Textencryption and decryption by AESData provider in the system uses AES algorithm forencrypting the file before uploading them to the cloud server. The uploadedfile by the client is encrypted and decrypted by AES algorithm. The input plaintext of AES algorithm is converted into a 4×4 array , called a state.Four transformations, Add RoundKey, Sub Bytes,Shift Rows and Mix Columns, perform various operations onthe state to calculate the output state (the final cipher text). Except for AddRoundKeyeach of these operations.The AddRoundKeyroutine is simple XOR addition of round key and a portion of expanded key intoplaintext.Subbyteis theSBOX for AES.

It operates on each byte inthe state and performs a non-linearsubstitution in the GF(28) field, which is what makes AES anon-linear cryptographic system. In order to be invertible each value of b’must be generated from a unique value of b. A look up table can also beimplemented for SubBytes.SubByte operation performs an affine transformation on the inverse of byte b,and adds it to 0xC6.

Shift Rowsoperates on individual rows of the state. It provides diffusionthroughout the AES algorithm. The first row is not changed. The second row isshifted one byte to the left, with the left most byte wrapping around. Thethird row shifts two bytes to the left, and the fourth row shifts three bytesto the left with appropriate wrapping to the right. This description is for AES-128, thenumber of shifts for each row changes based on the key size.Mix Columns operates on individualcolumns of the state.

It provides diffusion throughout the AES algorithm. Thecolumns are considered polynomials over GF(28) and multiplied modulox4+1 with a(x) where a(x) = {03}x3 + {01}x2 +{01}x + {02} NOTE: x4+1 is relatively prime to a(x). This can berepresented as a matrix equation. III.

PROPOSED ARCHITECTURE In the proposed system,usesa concept called revocable-storage identity-based encryption (RS-IBE) forbuilding a cost-effective data sharing systemwhich can provide the dataconfidentiality and  forward/backwardsecurity of cipher text by introducing the functionalities of user revocationand cipher text update simultaneously.The data provider decides the user group whocan access the data before uploading them in the cloud storage. The encrypteddata can be decrypted by only those users who is non revoked (authorization notexpired).

This system uses KUNodes algorithm to restrict revoked user at a timeperiod from decrypting the cipher text. Inputs to the KUNodes algorithm is therevocation list and the time period. It outputs the smallest subset Y of nodesof BT such that Y contains an ancestor for each node that is not revoked beforethe time period t. STEPS:1.Data owner upload the file in cloud with validity time                2. Data user access the data. 2.

1.If the user tries to access the data within a specified time only he is able toaccess the data           2.2. Otherwise data owner need toupdate the key.    3.Data owner update the key used by the user.             4.

Then he will update the cipher text. Thiswill provide both forward and backward security to the data stored in a cloud.  

Written by
admin
x

Hi!
I'm Colleen!

Would you like to get a custom essay? How about receiving a customized one?

Check it out