Presented By-
Ankit Raj (1309113012)
Aqib Jamal (1309113017)
Nisha Gupta (1309113056)
Akash Prajapati (1309113008)
Authentication on Cloud using Attribute Based Encryption
Mentor-
Mrs. Archana Saxena
• As cloud is widely used for remote access of information as well as transfer of information geographically, so there is a great need of making cloud even more secure.
• Attribute Based Encryption can help in increasing the security on cloud.
• ABE is a public-key based one-to-many encryption that allows users to encrypt and decrypt data based on user attributes.
Fig 1:Cloud Services[4]
Improving Cloud Security for Authentication using Attribute Based
Encryption.
• Design and develop attribute based encryption(ABE)
algorithm.
• Use a cloud environment and implement ABE on cloud.
• The concept of ABE was first proposed by Amit Sahai and Brent Waters[1]
Sahai and Waters gave two concepts
1. IBE: Concept uses Biometric Identities.
2. Attribute based Encryption: Encrypt a document to all users that have
certain set of attributes.
Contd…
Although ABE concept is very powerful and a promising mechanism, ABE systems suffer mainly from
two drawbacks:
• Non-efficiency.
• proposal was much expensive decryption.
Fig 2: ABE scheme[4]
OR
In order to reduce the cost of Decryption Lia[2] suggested to outsource the
majority of actual data without revealing private key.
Considering a new requirement of ABE with outsourced decryption: Modifying
the original model of ABE with outsourced decryption proposed by Green to
include verifiability.
A concrete ABE scheme with outsourced decryption and proved that it is secure.
Lin[3] proposed an algorithm that provided a decryption algorithm for ABE,
whose computational time and cost was half as that of traditional decryption
algorithm of ABE.
Contd…
If receiver wants to download the file, they have to send request to cloud proxy server.
When proxy server will verify receiver then server will ask for transformation key. This
key will be generated through the attributes of receiver.
Transformation key is used for transforming cipher text into simpler cipher text.
Now simpler cipher text is send to receiver who decrypt simpler cipher text into plain text
using receiver secret key.
Fig:3 System Architecture[2]
Encrypt
Cloud AuthenticationCloud
Authority
Consumer Portal
Consumer Decrypt
Fig. 4: Architecture of ABE on cloud
Owner
1. Setup: Here is the depth of key structure. Take as input a parameter. It outputs apublic key PK and master secret key MK.
2. Key-gen: Takes as input the master secret key MK, user attributes, It outputs asecret key SK for user u.
3. Encrypt: Takes as input the public key PK, a message M, and an access tree T . Itoutputs a ciphertext CT.
4. Decrypt: Take as input a ciphertext CT and a secret key SK for user u. It outputs amessage m . If the key structure A associated with the secret key SK, satisfies theaccess tree T, associated with the ciphertext CT, then m is the original correctmessage M.
Setup Algorithm
Key Gen Algorithm
Encryption Algorithm
Decryption Algorithm
Successful Decryption for Authentic User
Decryption Fails for Unauthentic User
Fig 4: Comparison with other technique[6]
• Files stored in cloud can be corrupted. So for this issue using the file recovery technique to recover the corrupted file successfully.
• Data loss may occur because replicas of file storage is not maintained.
• The project can be extended for multi user attribute system where if all the authorized users are present then only file can be decrypted successfully. Less than required authorized users can’t decrypt the file.
Implementation of Attribute Based Encryption is done with outsource decryption Technique.
Following are the future scope for our project
Decrypt
[1] A. Sahai and B. Waters, “Fuzzy identity-based encryption,” International
Association for Cryptologic Research, Springer,2005.
[2] J. Lai, R. H. Deng, C. Guan, and J. Weng, “Attribute-based encryption
with verifiable outsourced decryption,” IEEE Trans. Inf. Forensics Security,
vol. 8, no. 8, pp. 1343–1354, Aug. 2013.
[3] Suqing Lin, Rui Zhang, Hui Ma, and Mingsheng Wang,“Revisiting
Attribute-Based Encryption With Verifiable Outsourced Decryption“, IEEE
Transactions On Information Forensics And Security, Vol. 10, No. 10, Feb
2016
[4] http://cloudcomputingvilla.com/how-does-cloud-computing-work/
[5] http://ualr.edu/sxyu1/cloud.htm
[6] P.Madhubala, Dr.P.Thangaraj ,” Comprehensive and Comparative Analysis of
Cryptographic Solutions in Cloud,” International Journal of Innovative Research in
Computer and Communication Engineering, Vol. 2, Issue 10, October 2014
[7] Eric Zavattoni, Luis J. Dominguez Perez, Shigeo Mitsunari, Ana H. S´anchez-
Ram´ırez, Tadanori Teruya, and Francisco Rodr´ıguez-Henr´ıquez, ”Software
implementation of an Attribute-Based Encryption scheme,” IEEE Transactions on
Computers, May 2015