highly secured confidential data … efficient certificateless encryption was intended in [5] for...
TRANSCRIPT
International Journal of Computer Engineering and Applications,
Volume XI, Issue XII, Dec. 17, www.ijcea.com ISSN 2321-3469
Densy John V. and Dr. Agnise Kalarani X. 112
HIGHLY SECURED CONFIDENTIAL DATA TRANSFER USING BLOOM BASED ELLIPTIC CURVE ATTRIBUTE ENCRYPTION IN
CLOUD ENVIRONMENT 1, Densy John V., 2Dr. Agnise Kalarani, X.
1Research Scholar, Department of Computer Science, Karpagam Academy of Higher Education, Coimbatore, India
2 Associate Professor, Department of Computer Applications, Karpagam Academy of Higher Education,
Coimbatore, India
ABSTRACT:
Cloud Computing provides significant way for sharing data over Internet. Security plays a vital role in cloud during data sharing due to the increasing of attacks and potential unauthorized access within the service providers. Many research works have been designed for securely transmitting the data in cloud environment by using the encryption techniques. However, existing encryption techniques require more computational time and also highly secured confidential data transfer which is remained unaddressed. In order to overcome such limitation, A Bloom Hash Based Elliptic Curve Attribute Encryption and Decryption (BH-ECAED) technique is proposed. Initially, the cloud users sent data (i.e. attributes) request to cloud server. Then, Elliptic Curve Attribute Encryption is performed to encrypt the user requested data to be transmitted over an internet with aiming at improving the confidentiality of data in cloud. After performing the encryption process, bloom hashing function is used for generating the hash value for encrypted data and storing it into the cloud server. This generated hash value of encrypted data is transmitted to the corresponding users in cloud with the objective of improving the security of data transfer. Finally, Elliptic Curve Attribute Decryption is performed to obtain the data from the cloud server requested by the original user. The BH-ECAED technique conducts the experimental works on the parameters such as data security rate, execution time, memory utilization and data confidentiality level. The experimental result shows that the BH-ECAED technique is able to improve the security rate and confidentiality level of data transfer in cloud environment when compared to the state-of-the-art works.
Keywords: Cloud Computing, Security, Cloud Users, Attributes, Attribute-Set-Based Encryption, Elliptic
Curve Attribute Encryption, Bloom Hashing Function, Cloud Server
International Journal of Computer Engineering and Applications,
Volume XI, Issue XII, Dec. 17, www.ijcea.com ISSN 2321-3469
Densy John V. and Dr. Agnise Kalarani X. 113
[1] INTRODUCTION
A Cloud computing is an important technology in the Information Technology (IT) and
Educational sectors. Cloud computing is a parallel and distributed computing and service-oriented
architecture depends on the virtualization. The considerable features of the cloud computing are high
operational efficiency, scalability, flexibility and low capital cost. But, security, confidentiality, and
regularity grave the problems in the cloud computing. The most important security concern in cloud is
data security and privacy owing to its web-based data storage and management. Users afford data to the
cloud service provider for storage or business operations.
In addition, a lot of data security techniques are designed to lessen the security issues in the cloud.
Current data security approaches concentrate only on cryptographic approaches in which the solutions are
gained through the random key generation processes. However, the existing security technique presents
minimum data confidentiality while performing the data transmission. Therefore, there is a need for new
techniques to improve the security and confidentiality rate of data transfer in cloud.
Recently, few encryption techniques have been designed for data security during the transmission.
For example, A Key-Policy Attribute-Based Encryption (KP-ABE) scheme was employed in [1] with
constant-size cipher texts with the aid of identity-based broadcast encryption scheme. The KP-ABE scheme
improved the data security in cloud. But, the confidentiality of data transfer was remained unsolved. A
Secure Data Sharing in Clouds (SeDaSC) method was designed in [2] that ensure the confidentiality of the
data on the cloud with the aid of symmetric encryption. However, the time taken for securing the data was
more.
A Revocable-Storage Identity-Based Encryption (RS-IBE) was developed in [3] for the secure
data sharing in cloud computing that improves the cloud data security. But, the cloud data security was
not at required level. An attribute-based data sharing scheme was presented in [4] for enhancing the data
confidentiality and privacy in cloud and to reduce the storage cost of cipher text and computation
complexity in encryption.
An Efficient Certificateless Encryption was intended in [5] for the Secured Data Sharing and
assuring the confidentiality of data stored in the public clouds. Though, it consumes more memory for
storing the encrypted data. A Novel architecture was designed in [6] to enhance the data confidentiality
level and the flexibility in cloud. But, the data confidentiality level was not sufficient.
A Hierarchical Attribute-Set-Based Encryption (HASBE) was introduced in [7] using the cipher
text-policy Attribute-Set-Based Encryption (ASBE) with a hierarchical structure of users. The HASBE
efficient and flexible for accessing the outsourced data in the cloud computing. However, the performance
of encryption was not efficient which lacks in security of data in cloud. An attribute-based secure data
sharing scheme was developed in [8] with efficient revocation in cloud computing for improving the data
security. But, time complexity was higher.
A new encrypting algorithm was presented in [9] with the support of symmetric key cryptography
for secure communication in cloud computing which resulting in the improved security and privacy of data.
However, the performance of encryption is not efficient. An Efficient Flexible and Anonymous Data
Sharing (EFADS) protocol was intended in [10] for cloud computing with the aid of proxy re-encryption.
The EFADS protocol allows the data holder to efficiently share with other cloud consumers through semi-
trusted cloud servers. However, the computation complexity was higher.
International Journal of Computer Engineering and Applications,
Volume XI, Issue XII, Dec. 17, www.ijcea.com ISSN 2321-3469
Densy John V. and Dr. Agnise Kalarani X. 114
In order to solve the existing issues in cloud data transfer, A Bloom Hash Based Elliptic Curve
Attribute Encryption and Decryption (BH-ECAED) technique is designed. The main objective of BH-
ECAED technique is to achieve highly secured confidential data transmission in the cloud computing
environment. The research objective of BH-ECAED technique is formulated as follows,
To improve the confidentiality of data transmission with minimum computational time in cloud
environment, Elliptic Curve Attribute Encryption and Decryption is performed in BH-ECAED technique.
To improve the security of data transmission in cloud environment, Bloom Hashing Function is
used in BH-ECAED technique.
To reduce the space complexity in cloud service provisioning, Bloom Hashing is employed in BH-
ECAED technique.
The rest of this paper is organized as follows. Section 2 explains Bloom Hash Based Elliptic Curve
Attribute Encryption and Decryption (BH-ECAED) technique with the aid of architecture diagram. Section
3 and Section 4 presents the experimental section with detailed performance analysis. Section 5 explains
the related works. Finally, Section 6 concludes the paper.
[2] BLOOM HASH BASED ELLIPTIC CURVE ATTRIBUTE ENCRYPTION /
DECRYPTION TECHNIQUE
The Bloom Hash Based Elliptic Curve Attribute Encryption/Decryption technique is developed
with the objective of achieving the highly secured confidential data transmission in cloud environment. The
elliptic curve attribute cryptography is used in BH-ECAED technique for improving the security and
confidentiality rate of data transfer in cloud computing environment. Elliptic curve attribute cryptograph is
an approach to public-key cryptography that depends on the algebraic formation of elliptic curves over the
limited fields. The Elliptic curve attribute cryptograph requires smaller keys to achieve the security in cloud
service provisioning. In elliptic curve attribute cryptograph, elliptic curves are employed for encryption,
digital signatures, pseudo-random generators and other tasks.
The elliptic curve attribute cryptography is a public-key encryption where the secret key of a cloud
user and the cipher texts are based on the attributes. In elliptic curve attribute cryptography, the decryption
of a cipher text is potential only if the set of attributes of the user key matches the attributes of the cipher
text. An elliptic curve attribute encryption is collusion-resistance. Therefore, BH-ECAED technique avoid
the illegal data access which resulting in the improved data confidential level in cloud. Besides, BH-
ECAED technique employs bloom Hashing function for improving the security of data communication in
cloud environment. The overall architecture diagram of Bloom Hash Based Elliptic Curve Attribute
Encryption/Decryption technique is shown in the Figure 1.
International Journal of Computer Engineering and Applications,
Volume XI, Issue XII, Dec. 17, www.ijcea.com ISSN 2321-3469
Densy John V. and Dr. Agnise Kalarani X. 115
Figure 1 Architecture of the Bloom Hash Based Elliptic Curve Attribute Encryption/Decryption Technique
Figure 1 shows the architecture diagram of the Bloom Hash Based Elliptic Curve Attribute
Encryption/Decryption technique for presenting the secured response from the server to client. At first, the
client request is the number of attributes which is transmitted to cloud server. As demonstrated in the Figure,
the attribute 1 2, 3. . . 𝑛 are requested from the cloud users. Then, the elliptic curve attribute encryption is
accomplished in order to attain the higher data confidentiality while performing the cloud service
provisioning. Afterwards, bloom hash function is applied to evaluate the hash value for the encrypted data
in order to achieve the security during transmission. As a result, BH-ECAED technique improves the
confidentiality and security of data in cloud service provisioning. The brief explanation about the BH-
ECAED technique is described in the forth coming sections.
[2.1] BLOOM HASHING FUNCTION
The Bloom Hashing Function is used in BH-ECAED technique for achieving the secured cloud
service provisioning. A Bloom hashing is a space-efficient probabilistic data structure for storing the cloud
data. The bloom hashing function generates hash value for storing the input data. A bloom hash function
takes any input string as input and then generates a fixed output length string which is termed as hash value.
The bloom hashing function employed SHA-256 (Secure Hash Algorithm) for producing the hash value.
The SHA-256 is a cryptographic hash function with the length of 256 bits. The SHA-256 is a keyless hash
function. An input data is processed through the message blocks of 512 = 16 × 32 bits in which every block
entails 64 rounds. The SHA-256 used Boolean operations such as AND, XOR and OR for generating hash
value. The structure of Bloom Hashing Function for generation of hash value is shown in the Figure 2.
Cloud user
Attribute 1
Attribute 2
………
Attribute n
Cloud
Server
Elliptic Curve
Attribute
Encryption
Bloom Hashing
Elliptic Curve
Attribute Decryption
Improves Security and
Confidentiality of Data
in Cloud Computing
Environment
International Journal of Computer Engineering and Applications,
Volume XI, Issue XII, Dec. 17, www.ijcea.com ISSN 2321-3469
Densy John V. and Dr. Agnise Kalarani X. 116
Figure 2 Structures of the Bloom Hash Function
As shown in the Figure 2, bloom hashing function initially takes the message block (i.e. attributes
file size) as input. The bloom hashing function is a one-way function. The property of bloom hashing
function is collision resistance where the attackers are avoided to access the cloud data. Hence, the bloom
hashing function is also called as collision free hash function. The output of the bloom hashing function is
a fixed size. The BH-ECAED technique used bloom hashing function to generate the hash value for the
encrypted data for improving the security of data communication in cloud.
[2.2] ELLIPTIC CURVE ATTRIBUTE ENCRYPTION / DECRYPTION TECHNIQUE
The BH-ECAED technique performs Elliptic Curve Attribute Encryption with the aim of
enhancing the confidentiality of data while performing the transmission through internet. In BH-ECAED
technique, the original data is to be encrypted is considered as plaintext. During the elliptic curve attribute
encryption process, the original data is converted into cipher text. Then, the encrypted cipher text is
decrypted in order to get the plaintext by using the elliptic curve attribute decryption. The encryption and
decryption process is performed based upon the Elliptic Curve Attribute Encryption/Decryption and using
bloom hashing function. The BH-ECAED technique is employed in the bloom hashing function for
producing the hash value for encrypted data in order to enhance the data security in the cloud environment.
The security indicates confidentiality and availability of data which is stored in clouds and the significant
issues to be solved for improving the performance of cloud service provisioning. The process of Elliptic
Curve Attribute Encryption is shown in the Figure 3.
Message block
Message block
Message block
Bloom Hash Function
Hash value (fixed length
string)
Input
Output
International Journal of Computer Engineering and Applications,
Volume XI, Issue XII, Dec. 17, www.ijcea.com ISSN 2321-3469
Densy John V. and Dr. Agnise Kalarani X. 117
Figure 3 Process of Elliptic Curve Attribute Encryption using the Bloom Hashing
As shown in the Figure 3, initially the cloud sender sends the user requested data which is to be
encrypted. Then, elliptic curve attribute encryption is carried out to obtain the cipher text. After that, hash
value is generated for encrypted cipher text using bloom hash function to achieve higher data security.
Finally, the generated hash value is transmitted to the cloud service provider. The cloud service provider
obtains the hash value of encrypted data and transmitted to into appropriate cloud users in the cloud
environment.
The BH-ECAED technique used elliptic curve attribute cryptography algorithm for the attribute
encryption and decryption. The elliptic curve attribute cryptography is an algorithm for encrypting and
decrypting data and exchanging cryptographic keys. The Elliptic curve attribute cryptography is an
approach to public key cryptography and depends on the algebraic formation of elliptic curves over the
limited fields. The elliptic curve attribute cryptography depends on equation derived from the mathematical
group obtained from the points in which the line intersects the axes. The equations based on the elliptic
curves have a certain characteristic for utilizing cryptography purposes. An elliptic curve is the set of points
that satisfy a specific mathematical equation. For performing cryptographic process, an elliptic curve is a
plane curve over a finite field which consists of the points satisfying the equation which is mathematically
formulated as,
𝑦3 = 𝑥3 + 𝑎𝑥 + 𝑏 (1)
From the equation (1), the equation of an elliptic curve is obtained. The elliptic curve structure for
cryptography is shown in the below Figure 4.
Cloud service
provider
Encrypted data
+Hash value
Cipher text
Compute Hash Value
(H1) for Encrypted data
using Bloom Hashing
Function
Elliptic Curve
Attribute
Encryption
Data
Cloud
Sender
International Journal of Computer Engineering and Applications,
Volume XI, Issue XII, Dec. 17, www.ijcea.com ISSN 2321-3469
Densy John V. and Dr. Agnise Kalarani X. 118
Figure 4 Elliptic Curves for Cryptography
In elliptic curve attribute encryption, key generation is a significant part in which the both public
key and private key is created. An elliptic curve attribute encryption is a kind of symmetric encryption in
which the secret key of a sender and the cipher text are based on the attributes. In elliptic curve attribute
encryption and decryption, the secret key is created for the data in every attributes. The attributes includes
of user data for example user location, payment plan of the user and occupation of the user. The sender
encrypts the data with the receiver’s public key and then receiver decrypts the data with its private key. For
the key generation, elliptic curve attribute cryptography selects a number ‘𝑑’ within the range of ‘𝑛’. The
elliptic curve attribute cryptography employed the following equation for the generation of key,
𝑄 = 𝑑 ∗ 𝑃 (2)
From the equation (2), 𝑑 is the random number that chosen in the range of (1 𝑡𝑜 𝑛 − 1 ). Here, 𝑃
is the point on the curve whereas ‘𝑄’ is the public key and‘𝑑’ is the private key.
Let us assume ‘𝑚’ be the message to be encrypted and which has the point ‘𝑀’ on the curve
‘𝐸’and randomly select ‘𝑘’ from [1 – (𝑛 − 1)]. The elliptic curve attribute encryption process generates
two cipher texts 𝐶1 and 𝐶2 which is mathematically formulated as below,
𝐶1 = k ∗ P (3)
𝐶2 = 𝑚 + k ∗ Q (4)
From the equation (3) and (4), two cipher texts 𝐶1 and 𝐶2 is obtained. After performing the
encryption, the hash value is computed with the aid of bloom hashing function and it is stored in the cloud
server which is transmitted through internet to the appropriate cloud users in cloud environment. Let
consider the two cipher texts 𝐶1 and 𝐶2 are 𝐶 which is represented as,
𝐶 = (𝐶1, 𝐶2) (5)
The bloom hash function (𝐵𝐻𝐹) provides a variable-length block of input cipher text (𝐶) and
hence it affords the fixed size of the output hash value.
𝐻1 = 𝐵𝐻𝐹 (𝐶) (6)
From the equation (6), 𝐻1 provides a hash value of encrypted data. Once the hash value of
encrypted data is determined, it is stored in cloud service provider. Whenever the user access the data
P
Q R
International Journal of Computer Engineering and Applications,
Volume XI, Issue XII, Dec. 17, www.ijcea.com ISSN 2321-3469
Densy John V. and Dr. Agnise Kalarani X. 119
stored in the cloud, the hash value is recalculated using the same bloom hashing function to verify the
correctness of the received data. Therefore, the recomputed hash value is mathematically formulated as,
𝐻2 = 𝐵𝐻𝐹(𝐶′) (7)
In the receiver side, two hash values are compared to ensure the correctness of the data. If the two
hash values are equal, then decryption is performed to get the original data. Therefore, the cipher text (𝐶)
of the data is only visible to the legal users using elliptic curve attribute decryption. The elliptic curve
attribute decryption processes to obtain the original message which is mathematically expressed as,
𝑚 = 𝐶2 − 𝑑 ∗ 𝐶1 (8)
From the equation (8), original message 𝑚 is obtained. The Elliptic Curve Attribute Decryption
using Bloom Hashing Function is shown in the Figure 4.
Figure 5 Process of Elliptic Curve Attribute Decryption using the Bloom Hashing
Figure 5 shows the elliptic curve attribute decryption process. The data stored in the cloud may
initially be encrypted using elliptic curve attribute encryption to create a cipher text and then a hash value
is computed for that cipher text using bloom hashing function. Whenever the client access the data stored
in the cloud, the hash value is been regenerated using the same bloom hash function to authenticate the
correctness of data in the cloud. If the correctness is attained, then the cipher text is decrypted by using the
elliptic curve attribute decryption to obtain the original plaintext. This in turn assists for improving the data
Cloud user
Regenerate Hash Value (H2)
Elliptic Curve
Attribute
Decryption
If (H1== H2)
Data Confidentiality is achieved
Data Confidentiality is
lost
No
Yes
Obtain original message
International Journal of Computer Engineering and Applications,
Volume XI, Issue XII, Dec. 17, www.ijcea.com ISSN 2321-3469
Densy John V. and Dr. Agnise Kalarani X. 120
confidentiality level in cloud. The algorithmic process of Bloom Hash Based Elliptic Curve Attribute
Encryption/Decryption technique is shown below,
// Bloom Hash Based Elliptic Curve Attribute Encryption/Decryption Algorithm
Input: Message ‘𝑚’, set of attributes ‘𝛼’, Cloud Data Owners ‘𝐷𝑂𝑖 = 𝐷𝑂1, 𝐷𝑂2, … , 𝐷𝑂𝑛’, Cloud users
‘𝐶𝑈𝑖 = 𝐶𝑈1, 𝐶𝑈2, . . , 𝐶𝑈𝑛’, 𝑄’ is the public key, ‘𝑑’ is the private key
Output: Improves security and confidentiality of data in cloud
Step 1: Begin
Step 2: For each data and set of attributes
Step 3: Perform elliptic curve attribute encryption using (3) and (4)
Step 4: Generate hash value for encrypted data using (6) stored it on cloud server for transmitting
corresponding user.
Step 5: Whenever the client access the data stored, regenerates hash values
Step 6: If (H1==H2) then
Step 7: Data confidentiality is achieved
Step 8: Perform elliptic curve attribute decryption using (8)
Step 9: Get original data message
Step 10: else
Step 11: Data confidentiality is lost
Step 12: End if
Step 13: End for
Step 14: End
Algorithm 1 Bloom Hash Based Elliptic Curve Attribute Encryption/Decryption
By using the above algorithmic process, BH-ECAED technique performs secured data
communication thereby achieves the highly confidential data transfer in cloud service provisioning.
Therefore, the BH-ECAED technique improves the data security and confidential level for cloud service
provisioning with minimum execution time and also reduces the space complexity of data storage for
encryption process in an effective manner.
[3] EXPERIMENTAL SETTINGS
The Bloom Hash Based Elliptic Curve Attribute Encryption and Decryption (BH-ECAED)
technique is implemented using JAVA language and CloudSim simulator. The BH-ECAED technique used
Amazon Simple Storage Service (Amazon S3) dataset for conducting the experimental evaluation. The
Amazon S3 dataset preserves the data transfer and automatic encryption of data once it is uploaded in cloud.
Amazon S3 is a data warehouse that comprises of images, files and other kind of useful information. The
Amazon S3 is consistent, speedy, less expensive, and scalable for cloud service provisioning.
International Journal of Computer Engineering and Applications,
Volume XI, Issue XII, Dec. 17, www.ijcea.com ISSN 2321-3469
Densy John V. and Dr. Agnise Kalarani X. 121
The BH-ECAED technique accomplishes the experimental evaluation and compares the results
against the existing two methods namely Key-Policy Attribute-Based Encryption (KP-ABE) scheme [1]
and Secure Data Sharing in Clouds (SeDaSC) method [2]. The performance of BH-ECAED technique is
measured in terms of data security rate, execution time, memory utilization and data confidentiality level.
[4] RESULTS AND DISCUSSIONS
In this section, the result analysis of BH-ECAED technique is evaluated. The performance of BH-
ECAED technique is compared with the existing two methods namely Key-Policy Attribute-Based
Encryption (KP-ABE) scheme [1] and Secure Data Sharing in Clouds (SeDaSC) method [2]. The
performance of BH-ECAED technique is evaluated along with the metrics such as data security rate,
execution time, memory utilization and data confidentiality level.
[4.1] MEASUREMENT OF EXECUTION TIME
In BH-ECAED technique, the execution time measures the amount of time taken for encrypting
the data in order to achieve the secured data communication in cloud service provisioning. The execution
time is measured in terms of milliseconds (ms) and mathematically expressed as,
𝐸𝑥𝑒𝑐𝑢𝑡𝑖𝑜𝑛 𝑇𝑖𝑚𝑒 = 𝑒𝑛𝑑 𝑡𝑖𝑚𝑒 𝑜𝑓 𝑒𝑛𝑐𝑟𝑦𝑝𝑡𝑖𝑜𝑛 − 𝑠𝑡𝑎𝑟𝑡 𝑡𝑖𝑚𝑒 𝑜𝑓 𝑒𝑛𝑐𝑟𝑦𝑝𝑡𝑖𝑜𝑛 -- (9)
From the equation (8), encryption time taken for secure data transmission is obtained. While the
execution time is lower, the method is said to be more efficient.
Table 1 Tabulation for Execution Time
File
size
(KB)
Execution Time (ms)
KP-ABE
scheme
SSeDaSC
method
BH-ECAED
technique
10 29.7 23.5 15.3
20 31.4 26.8 17.9
30 35.9 28.2 20.1
40 38.7 31.7 25.6
50 40.2 33.4 27.9
60 42.3 39.8 29.3
70 49.8 45.1 32.7
80 56.6 47.3 35.8
90 59.2 50.5 41.2
100 61.3 56.8 45.6
Table 1 depicts the comparative result analysis of encryption time taken for the secure cloud
service provisioning based on different file sizes in the range of 10-100 KB. From the table value, it is
International Journal of Computer Engineering and Applications,
Volume XI, Issue XII, Dec. 17, www.ijcea.com ISSN 2321-3469
Densy John V. and Dr. Agnise Kalarani X. 122
illustrative that the execution time using the proposed BH-ECAED technique is lower when compared to
the existing KP-ABE scheme [1] and SeDaSC method[2].
Figure 6 Measurement of Execution Time
Figure 6 portrays the impact of time taken for encryption versus diverse file sizes in the range of
10-100 KB using three methods. As exposed in figure, proposed BH-ECAED technique provides better
execution time for encrypting the data to achieve higher cloud data security when compared to the two
existing methods namely KP-ABE scheme [1] and SeDaSC method [2]. Besides, while increasing the file
size of the data for encryption, the execution time is also gets increased using all the three methods. But
comparatively execution time using BH-ECAED technique is lower. This is owing to application of elliptic
curve attribute encryption algorithm in BH-ECAED technique where the original message is converted into
cipher text and the hash value for enhancing the security in cloud services. The attribute encryption is
performed in BH-ECAED technique which considers an attributes that comprises of user location, and
payment plan of the user. By performing the encryption, cipher text is generated with secret key to improve
the data security in cloud. Hence, BH-ECAED technique reduces the execution time by 36% when
compared to KP-ABE scheme [1] and 25 % when compared to SeDaSC method [2] respectively.
[4.2] MEASUREMENT OF DATA SECURITY RATE
In BH-ECAED technique, the cloud data security measures the amount of security offered to the
data by the cloud users and server on performing the data transmission over the networks. When the cloud
data security rate is higher, the method is said to be more efficient.
0
10
20
30
40
50
60
70
10 20 30 40 50 60 70 80 90 100
Execu
tio
n T
ime (
ms)
File size (KB)
KP-ABE scheme
SeDaSC method
BH-ECAED technique
International Journal of Computer Engineering and Applications,
Volume XI, Issue XII, Dec. 17, www.ijcea.com ISSN 2321-3469
Densy John V. and Dr. Agnise Kalarani X. 123
Table 2 Tabulation for the Data Security Rate
File size
(KB)
Data Security Rate (%)
KP-ABE
scheme
SeDaSC
method
BH-ECAED
technique
10 65.87 72.45 80.12
20 68.97 74.89 81.98
30 69.15 75.65 83.26
40 70.81 78.92 84.79
50 72.54 79.88 85.16
60 75.98 81.47 87.56
70 76.36 83.65 89.11
80 78.41 85.79 90.15
90 80.25 88.98 91.99
100 81.80 89.46 93.87
The cloud data security is obtained while performing the cloud service provisioning based on the
diverse file size in the range of 10-100 KB is presented in the Table 2. From the table value, it is clear that
the cloud data security using the proposed BH-ECAED technique is higher when compared to the existing
KP-ABE scheme [1] and SeDaSC method [2].
Figure 7 Measurement of Data Security Rate
Figure 7 explains the impact of data security rate versus varied file sizes in the range of 10-100
KB using three methods. As revealed in the figure, proposed BH-ECAED technique provides better data
security rate for cloud service provisioning when compared to the two existing methods namely KP-ABE
scheme [1] and SeDaSC method [2]. In addition, while increasing the file size of data for transmission, the
0
10
20
30
40
50
60
70
80
90
100
10 20 30 40 50 60 70 80 90 100
Da
ta S
ecu
rit
y R
ate
(%
)
File size (KB)
KP-ABE scheme
SeDaSC method
BH-ECAED technique
International Journal of Computer Engineering and Applications,
Volume XI, Issue XII, Dec. 17, www.ijcea.com ISSN 2321-3469
Densy John V. and Dr. Agnise Kalarani X. 124
data security rate is also gets increased using all the three methods. But comparatively the data security rate
using BH-ECAED technique is higher. This is because of application of Bloom Hash Based Elliptic Curve
Attribute Encryption and Decryption algorithm in BH-ECAED technique. By using this algorithmic
process, BH-ECAED technique initially encrypts the data and then computes the hash value for encrypted
cipher text to improve the security of data transmission in the cloud environment. This in turn supports for
enhancing the data security in the cloud service provisioning. Therefore, BH-ECAED technique improves
the data security rate by 17% when compared to KP-ABE scheme [1] and 7 % when compared to SeDaSC
method [2] respectively.
[4.3] MEASUREMENT OF SPACE COMPLEXITY
In BH-ECAED technique, space complexity measures the amount memory taken for storing the
hash value of encrypted data at the cloud server. The space complexity is measured in terms of Kilo Bytes
(KB) and mathematically formulated as given below,
𝑠𝑝𝑎𝑐𝑒 𝑐𝑜𝑚𝑝𝑙𝑒𝑥𝑖𝑡𝑦 = 𝑡𝑜𝑡𝑎𝑙 𝑚𝑒𝑚𝑜𝑟𝑦 𝑠𝑝𝑎𝑐𝑒 − 𝑢𝑛𝑢𝑠𝑒𝑑 𝑚𝑒𝑚𝑜𝑟𝑦 𝑠𝑝𝑎𝑐𝑒 --- (10)
From the equation (9), memory taken for storing the hash value of encrypted data is obtained.
When the space complexity is higher, the method is said to be more efficient.
Table 3 Tabulation for the Space Complexity
File size
(KB)
Space Complexity (KB)
KP-ABE
scheme
SeDaSC
method
BH-ECAED
technique
10 50.44 43.82 31.58
20 54.23 48.93 35.91
30 59.87 55.78 41.26
40 65.12 59.15 46.57
50 69.64 63.78 50.78
60 72.75 68.97 56.06
70 76.34 72.63 62.87
80 81.45 78.98 65.36
90 89.13 85.47 69.78
100 95.78 90.15 75.19
The result analysis of space complexity is taken for storing the hash value of encrypted data with
the respect to the different file size in the range of 10-100 KB is illustrated in the Table 3. From the table
value, it is expressive that the space complexity using the proposed BH-ECAED technique is lower when
compared to the existing KP-ABE scheme [1] and SeDaSC method.
International Journal of Computer Engineering and Applications,
Volume XI, Issue XII, Dec. 17, www.ijcea.com ISSN 2321-3469
Densy John V. and Dr. Agnise Kalarani X. 125
Figure 8 Measurement of the Space Complexity
Figure 8 describes the impact of space complexity for the secured cloud service provisioning with
respect to varied file sizes in the range of 10-100 KB using three methods. As demonstrated in the figure,
proposed BH-ECAED technique provides better space complexity when compared to the two existing
methods namely KP-ABE scheme [1] and SeDaSC method [2]. Further, when increasing the file size of
data for encryption process, the space complexity is also gets increased using all the three methods. But
comparatively the space complexity using BH-ECAED technique is found lower. This is due to the
application of the bloom hash function that generates the hash value for efficiently storing the cloud data.
Bloom filter employs 𝑛 independent hash functions for storing the set of data. This in turn assists to reduce
the space complexity of the cloud service provisioning in a significant manner. As a result, BH-ECAED
technique reduces the space complexity by 26% when compared to KP-ABE scheme [1] and 21% when
compared to SeDaSC method [2] respectively.
[4.4] MEASUREMENT OF DATA CONFIDENTIALITY LEVEL
In BH-ECAED technique, the data confidentiality is attained during the secure message
communication using elliptic curve attribute cryptography. The data confidentiality level measures the
ability of the system to guard the data being transmitted and only accessed by the authorized user. The data
confidentiality level is measured in percentage (%).When the data confidentiality level is higher, the method
is said to be more efficient.
0
20
40
60
80
100
10 20 30 40 50 60 70 80 90 100
Sp
ace C
om
ple
xit
y (
KB
)
File size (KB)
KP-ABE scheme
SeDaSC method
BH-ECAED
technique
International Journal of Computer Engineering and Applications,
Volume XI, Issue XII, Dec. 17, www.ijcea.com ISSN 2321-3469
Densy John V. and Dr. Agnise Kalarani X. 126
Table 4 Tabulation for the Data Confidentiality Level
File size (KB) Data Confidentiality Level (%)
KP-ABE scheme SeDaSC method BH-ECAED
technique
10 59.78 65.18 78.79
20 61.45 66.95 80.13
30 62.23 69.15 81.99
40 64.12 70.89 83.65
50 67.35 72.65 85.47
60 69.18 73.98 86.64
70 72.56 76.89 89.13
80 73.92 78.23 91.47
90 75.65 81.41 93.45
100 78.34 84.65 94.68
The data confidentiality level is obtained in the cloud service provisioning based on varied file sizes in the
range of 10-100 KB is demonstrated in the Table 4. From the table value, it is descriptive that the data
confidentiality level using the proposed BH-ECAED technique is higher when compared to the existing
KP-ABE scheme [1] and SeDaSC method [2].
Figure 9 Measurement of the Data Confidentiality Level
0
20
40
60
80
100
10 20 30 40 50 60 70 80 90
Da
ta C
on
fid
en
tia
lity
Level
(%)
File size (KB)
KP-ABE scheme
SeDaSC method
BH-ECAED
technique
International Journal of Computer Engineering and Applications,
Volume XI, Issue XII, Dec. 17, www.ijcea.com ISSN 2321-3469
Densy John V. and Dr. Agnise Kalarani X. 127
Figure 9 shows the impact of data confidentiality level with respect to the varied file sizes in the
range of 10-100 KB using three methods. As illustrated in the figure, proposed BH-ECAED technique
provides the data confidentiality level for the cloud service provisioning when compared to the two existing
methods namely KP-ABE scheme [1] and SeDaSC method [2]. Furthermore, while increasing the file size
of the data for transmission, the data confidentiality level is also gets increased using all the three methods.
But comparatively, the data confidentiality level using BH-ECAED technique is higher. This is because of
the application of Bloom Hash Based Elliptic Curve Attribute Encryption and Decryption algorithm in BH-
ECAED technique. By using this algorithmic process, BH-ECAED technique performs a secured data
communication in cloud and therefore attains the highly confidential data transfer in cloud service
provisioning. As a result, BH-ECAED technique improves the confidentiality level of data by 27% when
compared to KP-ABE scheme [1] and 17% when compared to SeDaSC method [2] respectively.
[5] RELATED WORKS
An efficient Key Derivation Policy (KDP) was designed in [11] for improving the data security
and integrity in the cloud in which the secret key is created from the combination of local keys with the
user attribute with the help of a hash function. But, the decryption time for low-end devices was higher. In
[12], the multiple senders and multiple user application scenarios was considered to afford a flexible search
authorization Searchable Encryption (SE) scheme to improve the security of the outsourced sensitive data
in cloud.
A High efficient key-insulated attribute based encryption scheme was explained in [13] to achieve
both the forward security and backward security. However, the secure data authentication with higher
efficiency was not considered. A Conditional Cipher Text-Policy Attribute-Based Encryption (C-CP-ABE)
scheme was presented in [14] that permit the users to add an extra access trees depends on the original
cipher text to their own cipher texts for improving the data security in cloud. But, the computation and
storage overhead was not sufficient.
An efficient multiuser searchable attribute-based encryption method was introduced in [15] to
enhance the security of cloud storage. Though, the time taken for accomplishing the encryption is remained
unaddressed. Verifiable Outsourced Decryption of Attribute-Based Encryption with Constant Cipher-text
Length was presented in [16] to decrease the communication overhead while performing the secured data
transfer in cloud. But, the space complexity for storing the encrypted data was not considered.
A data collaboration scheme was designed in [17] based on the Attribute-Based Encryption (ABE)
and Attribute-Based Signature (ABS) for improving the data security in cloud. A novel scheme was
introduced in [18] with the assist of dual system encryption technique for supporting the privacy preserving
predicate encryption with fine- grained searchable capability. However, the performance of encryption and
decryption is not effectual.
An efficient method was explained in [19] to verify the correctness of the transformed cipher text
in an attribute-based encryption system with the outsourced decryption. In [20], a secure and practical
attribute based encryption scheme without pairings (CP-ABE-WP) was developed in the cloud computing
scenarios to provide a secure data sharing.
International Journal of Computer Engineering and Applications,
Volume XI, Issue XII, Dec. 17, www.ijcea.com ISSN 2321-3469
Densy John V. and Dr. Agnise Kalarani X. 128
[6] CONCLUSION
An effective Bloom Hash Based Elliptic Curve Attribute Encryption and Decryption (BH-
ECAED) technique is developed with the aim of achieving highly secured confidential data transmission
in the cloud environment. At first, the cloud user transmits requests to the cloud server. Next, the elliptic
curve attribute encryption is accomplished to encrypt the user requested data with the objective of
enhancing the confidentiality of data in cloud. After that, bloom hashing function is applied for calculating
the hash value for the encrypted data and storing it into the cloud server. This hash value is transmitted to
the consequent users in the cloud with the aim of improving the security of data transmission in the cloud.
At last, elliptic curve attribute decryption is carried out to get the original message which resulted in
improving the cloud data security. The effectiveness of the BH-ECAED Technique is tested with the
metrics such as data security rate, execution time, memory utilization and data confidentiality level. With
the experiments conducted for the BH-ECAED Technique, it is observed that the data security rate provided
more accurate results compared to the state-of-the-art works. The experimental results demonstrate that the
BH-ECAED Technique provides better performance with an improvement of data security rate and
reduction of execution time when compared to the state-of-the-art works.
REFERENCES:
[1] ChangjiWang and Jianfa Luo, “An Efficient Key-Policy Attribute-Based Encryption Scheme with Constant
Ciphertext Length”, Hindawi Publishing Corporation. Mathematical Problems in Engineering Volume
2013, Article ID 810969, Pages 1-7, 2013.
[2] Mazhar Ali, Revathi Dhamotharan, Eraj Khan, Samee U. Khan, Athanasios V. Vasilakos, Keqin Li, Albert
Y. Zomaya, “SeDaSC: Secure Data Sharing in Clouds”, IEEE Systems Journal, Volume PP, Issue 99, Pages
1 – 10, 2015.
[3] Jianghong Wei, Wenfen Liu, Xuexian Hu, “Secure Data Sharing in Cloud Computing Using Revocable-
Storage Identity-Based Encryption”, IEEE Transactions on Cloud Computing. Volume 14, Issue 8, Pages
1-13, 2015.
[4] Shulan Wang, Kaitai Liang, Joseph K. Liu, Jianyong Chen, Jianping Yu, Weixin Xie, “Attribute-Based Data
Sharing Scheme Revisited in Cloud Computing”, IEEE Transactions on Information Forensics and Security.
Volume 11, Issue 8, Pages 1661 – 1673, 2016.
[5] Seung-Hyun Seo, Mohamed Nabeel, Xiaoyu Ding, Elisa Bertino, “An Efficient Certificateless Encryption
for Secure Data Sharing in Public Clouds”, IEEE Transactions On Knowledge And Data Engineering.
Volume 26, Issue 9, Pages 2107 – 2119, 2014.
[6] Luca Ferretti, Fabio Pierazzi, Michele Colajanni, and Mirco Marchetti, “Performance and Cost Evaluation
of an Adaptive Encryption Architecture for Cloud Databases”, IEEE Transactions on Cloud Computing.
Volume 2, Issue 2, Pages 143-155, 2014.
[7] Zhiguo Wan, Jun’e Liu, and Robert H. Deng, “HASBE: A Hierarchical Attribute-Based Solution for
Flexible and Scalable Access Control in Cloud Computing”, IEEE Transactions on Information Forensics
and Security. Volume 7, Issue 2, Pages 743-754, April 2012.
[8] Qinlong Huang, Zhaofeng Ma , Yixian Yang , Jingyi Fu , Xinxin Niu, “EABDS: Attribute-Based Secure
Data Sharing with Efficient Revocation in Cloud Computing”, Chinese Journal of Electronics. Volume 24,
Issue 4, 2015, Pages 862 – 868.
International Journal of Computer Engineering and Applications,
Volume XI, Issue XII, Dec. 17, www.ijcea.com ISSN 2321-3469
Densy John V. and Dr. Agnise Kalarani X. 129
[9] Nitika Aggarwal, Abhishek Choudhary, Maalvika Bachani, Rachna Jain, “Framework for Secure Cloud
Data Communication”, International Journal of Scientific & Technology Research Volume 4, Issue 02,
Pages 281-284, 2015.
[10] Guiyi Weia , Rongxing Lub, Jun Shaoa, EFADS: Efficient, flexible and anonymous data sharing protocol
for cloud computing with proxy re-encryption. Journal of Computer and System Sciences, Elsevier, Volume
80, Issue 8, Pages 1549–1562, 2014.
[11] P. Senthil Kumari and A. R. Nadira Banu Kamal, “Key Derivation Policy for Data Security and Data
Integrity in Cloud Computing”, Automatic Control and Computer Sciences. Springer, Volume 50, Issue 3,
Pages 165–178, 2016.
[12] Yang Yang, “Attribute-Based Data Retrieval with Semantic Keyword Search for E-Health Cloud”, Journal
of Cloud Computing Advances, Systems and Applications. Springer, Volume 4, Issue 10, Pages 1-6, 2015.
[13] Hanshu Hong, Zhixin Sun, “High Efficient Key-Insulated Attribute Based Encryption Scheme without
Bilinear Pairing Operations” SpringerPlus, Volume 5, Pages 1-12, 2016.
[14] Zhitao Guan, Jing Li, Zijian Zhang, and Liehuang Zhu, ”Conditional Ciphertext-Policy Attribute-Based
Encryption Scheme in Vehicular Cloud Computing”, Hindawi Publishing Corporation. Mobile Information
Systems Volume 2016, Article ID 1493290, Pages 1-10, 2016.
[15] Shangping Wang, Xiaoxue Zhang , Yaling Zhang, “Efficiently Multi-User Searchable Encryption Scheme
with Attribute Revocation and Grant for Cloud Storage”, PLoS ONE journal. Volume 11, Issue 11, Pages
1-23, 2016.
[16] Jiguo Li, Fengjie Sha, Yichen Zhang, Xinyi Huang, and Jian Shen, Verifiable Outsourced Decryption of
Attribute-Based Encryption with Constant Ciphertext Length. Hindawi Publishing Corporation. Security
and Communication Networks Volume 2017 Article ID 3596205, Pages 1-11, 2017.
[17] Qinlong Huang, Yixian Yang, Mansuo Shen,“Secure and efficient data collaboration with hierarchical
attribute based encryption in cloud computing”, Future Generation Computer Systems. Elsevier, Pages 1-
21, 2016.
[18] Xu An Wang, Fatos Xhafa, Weiyi Cai, Jianfeng Ma, Fushan Wei, “Efficient privacy preserving predicate
encryption with fine-grained searchable capability for Cloud storage”, Computers & Electrical Engineering.
Elsevier, Volume 56, Pages 871–883, November 2016.
[19] Baodong Qin, Robert H. Deng, Shengli Liu, and Siqi Ma, “Attribute-Based Encryption with Efficient
Verifiable Outsourced Decryption”, IEEE Transactions on Information Forensics and Security. Volume 10,
Issue 7, Pages 1384 – 1393, July 2015.
[20] Shuaishuai Zhu, Xiaoyuan Yang, “Protecting data in cloud environment with attribute-based encryption”,
International Journal of Grid and Utility Computing Volume 6, Issue 2, Pages 91-97, 2015.