highly secured confidential data … efficient certificateless encryption was intended in [5] for...

International Journal of Computer Engineering and Applications,

Volume XI, Issue XII, Dec. 17, www.ijcea.com ISSN 2321-3469

Densy John V. and Dr. Agnise Kalarani X. 112

HIGHLY SECURED CONFIDENTIAL DATA TRANSFER USING BLOOM BASED ELLIPTIC CURVE ATTRIBUTE ENCRYPTION IN

CLOUD ENVIRONMENT 1, Densy John V., 2Dr. Agnise Kalarani, X.

1Research Scholar, Department of Computer Science, Karpagam Academy of Higher Education, Coimbatore, India

2 Associate Professor, Department of Computer Applications, Karpagam Academy of Higher Education,

Coimbatore, India

ABSTRACT:

Cloud Computing provides significant way for sharing data over Internet. Security plays a vital role in cloud during data sharing due to the increasing of attacks and potential unauthorized access within the service providers. Many research works have been designed for securely transmitting the data in cloud environment by using the encryption techniques. However, existing encryption techniques require more computational time and also highly secured confidential data transfer which is remained unaddressed. In order to overcome such limitation, A Bloom Hash Based Elliptic Curve Attribute Encryption and Decryption (BH-ECAED) technique is proposed. Initially, the cloud users sent data (i.e. attributes) request to cloud server. Then, Elliptic Curve Attribute Encryption is performed to encrypt the user requested data to be transmitted over an internet with aiming at improving the confidentiality of data in cloud. After performing the encryption process, bloom hashing function is used for generating the hash value for encrypted data and storing it into the cloud server. This generated hash value of encrypted data is transmitted to the corresponding users in cloud with the objective of improving the security of data transfer. Finally, Elliptic Curve Attribute Decryption is performed to obtain the data from the cloud server requested by the original user. The BH-ECAED technique conducts the experimental works on the parameters such as data security rate, execution time, memory utilization and data confidentiality level. The experimental result shows that the BH-ECAED technique is able to improve the security rate and confidentiality level of data transfer in cloud environment when compared to the state-of-the-art works.

Keywords: Cloud Computing, Security, Cloud Users, Attributes, Attribute-Set-Based Encryption, Elliptic

Curve Attribute Encryption, Bloom Hashing Function, Cloud Server




[1] INTRODUCTION

A Cloud computing is an important technology in the Information Technology (IT) and

Educational sectors. Cloud computing is a parallel and distributed computing and service-oriented

architecture depends on the virtualization. The considerable features of the cloud computing are high

operational efficiency, scalability, flexibility and low capital cost. But, security, confidentiality, and

regularity grave the problems in the cloud computing. The most important security concern in cloud is

data security and privacy owing to its web-based data storage and management. Users afford data to the

cloud service provider for storage or business operations.

In addition, a lot of data security techniques are designed to lessen the security issues in the cloud.

Current data security approaches concentrate only on cryptographic approaches in which the solutions are

gained through the random key generation processes. However, the existing security technique presents

minimum data confidentiality while performing the data transmission. Therefore, there is a need for new

techniques to improve the security and confidentiality rate of data transfer in cloud.

Recently, few encryption techniques have been designed for data security during the transmission.

For example, A Key-Policy Attribute-Based Encryption (KP-ABE) scheme was employed in [1] with

constant-size cipher texts with the aid of identity-based broadcast encryption scheme. The KP-ABE scheme

improved the data security in cloud. But, the confidentiality of data transfer was remained unsolved. A

Secure Data Sharing in Clouds (SeDaSC) method was designed in [2] that ensure the confidentiality of the

data on the cloud with the aid of symmetric encryption. However, the time taken for securing the data was

more.

A Revocable-Storage Identity-Based Encryption (RS-IBE) was developed in [3] for the secure

data sharing in cloud computing that improves the cloud data security. But, the cloud data security was

not at required level. An attribute-based data sharing scheme was presented in [4] for enhancing the data

confidentiality and privacy in cloud and to reduce the storage cost of cipher text and computation

complexity in encryption.

An Efficient Certificateless Encryption was intended in [5] for the Secured Data Sharing and

assuring the confidentiality of data stored in the public clouds. Though, it consumes more memory for

storing the encrypted data. A Novel architecture was designed in [6] to enhance the data confidentiality

level and the flexibility in cloud. But, the data confidentiality level was not sufficient.

A Hierarchical Attribute-Set-Based Encryption (HASBE) was introduced in [7] using the cipher

text-policy Attribute-Set-Based Encryption (ASBE) with a hierarchical structure of users. The HASBE

efficient and flexible for accessing the outsourced data in the cloud computing. However, the performance

of encryption was not efficient which lacks in security of data in cloud. An attribute-based secure data

sharing scheme was developed in [8] with efficient revocation in cloud computing for improving the data

security. But, time complexity was higher.

A new encrypting algorithm was presented in [9] with the support of symmetric key cryptography

for secure communication in cloud computing which resulting in the improved security and privacy of data.

However, the performance of encryption is not efficient. An Efficient Flexible and Anonymous Data

Sharing (EFADS) protocol was intended in [10] for cloud computing with the aid of proxy re-encryption.

The EFADS protocol allows the data holder to efficiently share with other cloud consumers through semi-

trusted cloud servers. However, the computation complexity was higher.




In order to solve the existing issues in cloud data transfer, A Bloom Hash Based Elliptic Curve

Attribute Encryption and Decryption (BH-ECAED) technique is designed. The main objective of BH-

ECAED technique is to achieve highly secured confidential data transmission in the cloud computing

environment. The research objective of BH-ECAED technique is formulated as follows,

To improve the confidentiality of data transmission with minimum computational time in cloud

environment, Elliptic Curve Attribute Encryption and Decryption is performed in BH-ECAED technique.

To improve the security of data transmission in cloud environment, Bloom Hashing Function is

used in BH-ECAED technique.

To reduce the space complexity in cloud service provisioning, Bloom Hashing is employed in BH-

ECAED technique.

The rest of this paper is organized as follows. Section 2 explains Bloom Hash Based Elliptic Curve

Attribute Encryption and Decryption (BH-ECAED) technique with the aid of architecture diagram. Section

3 and Section 4 presents the experimental section with detailed performance analysis. Section 5 explains

the related works. Finally, Section 6 concludes the paper.

[2] BLOOM HASH BASED ELLIPTIC CURVE ATTRIBUTE ENCRYPTION /

DECRYPTION TECHNIQUE

The Bloom Hash Based Elliptic Curve Attribute Encryption/Decryption technique is developed

with the objective of achieving the highly secured confidential data transmission in cloud environment. The

elliptic curve attribute cryptography is used in BH-ECAED technique for improving the security and

confidentiality rate of data transfer in cloud computing environment. Elliptic curve attribute cryptograph is

an approach to public-key cryptography that depends on the algebraic formation of elliptic curves over the

limited fields. The Elliptic curve attribute cryptograph requires smaller keys to achieve the security in cloud

service provisioning. In elliptic curve attribute cryptograph, elliptic curves are employed for encryption,

digital signatures, pseudo-random generators and other tasks.

The elliptic curve attribute cryptography is a public-key encryption where the secret key of a cloud

user and the cipher texts are based on the attributes. In elliptic curve attribute cryptography, the decryption

of a cipher text is potential only if the set of attributes of the user key matches the attributes of the cipher

text. An elliptic curve attribute encryption is collusion-resistance. Therefore, BH-ECAED technique avoid

the illegal data access which resulting in the improved data confidential level in cloud. Besides, BH-

ECAED technique employs bloom Hashing function for improving the security of data communication in

cloud environment. The overall architecture diagram of Bloom Hash Based Elliptic Curve Attribute

Encryption/Decryption technique is shown in the Figure 1.




Figure 1 Architecture of the Bloom Hash Based Elliptic Curve Attribute Encryption/Decryption Technique

Figure 1 shows the architecture diagram of the Bloom Hash Based Elliptic Curve Attribute

Encryption/Decryption technique for presenting the secured response from the server to client. At first, the

client request is the number of attributes which is transmitted to cloud server. As demonstrated in the Figure,

the attribute 1 2, 3. . . 𝑛 are requested from the cloud users. Then, the elliptic curve attribute encryption is

accomplished in order to attain the higher data confidentiality while performing the cloud service

provisioning. Afterwards, bloom hash function is applied to evaluate the hash value for the encrypted data

in order to achieve the security during transmission. As a result, BH-ECAED technique improves the

confidentiality and security of data in cloud service provisioning. The brief explanation about the BH-

ECAED technique is described in the forth coming sections.

[2.1] BLOOM HASHING FUNCTION

The Bloom Hashing Function is used in BH-ECAED technique for achieving the secured cloud

service provisioning. A Bloom hashing is a space-efficient probabilistic data structure for storing the cloud

data. The bloom hashing function generates hash value for storing the input data. A bloom hash function

takes any input string as input and then generates a fixed output length string which is termed as hash value.

The bloom hashing function employed SHA-256 (Secure Hash Algorithm) for producing the hash value.

The SHA-256 is a cryptographic hash function with the length of 256 bits. The SHA-256 is a keyless hash

function. An input data is processed through the message blocks of 512 = 16 × 32 bits in which every block

entails 64 rounds. The SHA-256 used Boolean operations such as AND, XOR and OR for generating hash

value. The structure of Bloom Hashing Function for generation of hash value is shown in the Figure 2.

Cloud user

Attribute 1

Attribute 2

………

Attribute n

Cloud

Server

Elliptic Curve

Attribute

Encryption

Bloom Hashing

Elliptic Curve

Attribute Decryption

Improves Security and

Confidentiality of Data

in Cloud Computing

Environment




Figure 2 Structures of the Bloom Hash Function

As shown in the Figure 2, bloom hashing function initially takes the message block (i.e. attributes

file size) as input. The bloom hashing function is a one-way function. The property of bloom hashing

function is collision resistance where the attackers are avoided to access the cloud data. Hence, the bloom

hashing function is also called as collision free hash function. The output of the bloom hashing function is

a fixed size. The BH-ECAED technique used bloom hashing function to generate the hash value for the

encrypted data for improving the security of data communication in cloud.

[2.2] ELLIPTIC CURVE ATTRIBUTE ENCRYPTION / DECRYPTION TECHNIQUE

The BH-ECAED technique performs Elliptic Curve Attribute Encryption with the aim of

enhancing the confidentiality of data while performing the transmission through internet. In BH-ECAED

technique, the original data is to be encrypted is considered as plaintext. During the elliptic curve attribute

encryption process, the original data is converted into cipher text. Then, the encrypted cipher text is

decrypted in order to get the plaintext by using the elliptic curve attribute decryption. The encryption and

decryption process is performed based upon the Elliptic Curve Attribute Encryption/Decryption and using

bloom hashing function. The BH-ECAED technique is employed in the bloom hashing function for

producing the hash value for encrypted data in order to enhance the data security in the cloud environment.

The security indicates confidentiality and availability of data which is stored in clouds and the significant

issues to be solved for improving the performance of cloud service provisioning. The process of Elliptic

Curve Attribute Encryption is shown in the Figure 3.

Message block

Message block

Message block

Bloom Hash Function

Hash value (fixed length

string)

Input

Output

https://en.wikipedia.org/wiki/One-way_function




Figure 3 Process of Elliptic Curve Attribute Encryption using the Bloom Hashing

As shown in the Figure 3, initially the cloud sender sends the user requested data which is to be

encrypted. Then, elliptic curve attribute encryption is carried out to obtain the cipher text. After that, hash

value is generated for encrypted cipher text using bloom hash function to achieve higher data security.

Finally, the generated hash value is transmitted to the cloud service provider. The cloud service provider

obtains the hash value of encrypted data and transmitted to into appropriate cloud users in the cloud

environment.

The BH-ECAED technique used elliptic curve attribute cryptography algorithm for the attribute

encryption and decryption. The elliptic curve attribute cryptography is an algorithm for encrypting and

decrypting data and exchanging cryptographic keys. The Elliptic curve attribute cryptography is an

approach to public key cryptography and depends on the algebraic formation of elliptic curves over the

limited fields. The elliptic curve attribute cryptography depends on equation derived from the mathematical

group obtained from the points in which the line intersects the axes. The equations based on the elliptic

curves have a certain characteristic for utilizing cryptography purposes. An elliptic curve is the set of points

that satisfy a specific mathematical equation. For performing cryptographic process, an elliptic curve is a

plane curve over a finite field which consists of the points satisfying the equation which is mathematically

formulated as,

𝑦3 = 𝑥3 + 𝑎𝑥 + 𝑏 (1)

From the equation (1), the equation of an elliptic curve is obtained. The elliptic curve structure for

cryptography is shown in the below Figure 4.

Cloud service

provider

Encrypted data

+Hash value

Cipher text

Compute Hash Value

(H1) for Encrypted data

using Bloom Hashing

Function

Elliptic Curve

Attribute

Encryption

Data

Cloud

Sender




Figure 4 Elliptic Curves for Cryptography

In elliptic curve attribute encryption, key generation is a significant part in which the both public

key and private key is created. An elliptic curve attribute encryption is a kind of symmetric encryption in

which the secret key of a sender and the cipher text are based on the attributes. In elliptic curve attribute

encryption and decryption, the secret key is created for the data in every attributes. The attributes includes

of user data for example user location, payment plan of the user and occupation of the user. The sender

encrypts the data with the receiver’s public key and then receiver decrypts the data with its private key. For

the key generation, elliptic curve attribute cryptography selects a number ‘𝑑’ within the range of ‘𝑛’. The

elliptic curve attribute cryptography employed the following equation for the generation of key,

𝑄 = 𝑑 ∗ 𝑃 (2)

From the equation (2), 𝑑 is the random number that chosen in the range of (1 𝑡𝑜 𝑛 − 1 ). Here, 𝑃

is the point on the curve whereas ‘𝑄’ is the public key and‘𝑑’ is the private key.

Let us assume ‘𝑚’ be the message to be encrypted and which has the point ‘𝑀’ on the curve

‘𝐸’and randomly select ‘𝑘’ from [1 – (𝑛 − 1)]. The elliptic curve attribute encryption process generates

two cipher texts 𝐶1 and 𝐶2 which is mathematically formulated as below,

𝐶1 = k ∗ P (3)

𝐶2 = 𝑚 + k ∗ Q (4)

From the equation (3) and (4), two cipher texts 𝐶1 and 𝐶2 is obtained. After performing the

encryption, the hash value is computed with the aid of bloom hashing function and it is stored in the cloud

server which is transmitted through internet to the appropriate cloud users in cloud environment. Let

consider the two cipher texts 𝐶1 and 𝐶2 are 𝐶 which is represented as,

𝐶 = (𝐶1, 𝐶2) (5)

The bloom hash function (𝐵𝐻𝐹) provides a variable-length block of input cipher text (𝐶) and

hence it affords the fixed size of the output hash value.

𝐻1 = 𝐵𝐻𝐹 (𝐶) (6)

From the equation (6), 𝐻1 provides a hash value of encrypted data. Once the hash value of

encrypted data is determined, it is stored in cloud service provider. Whenever the user access the data

P

Q R




stored in the cloud, the hash value is recalculated using the same bloom hashing function to verify the

correctness of the received data. Therefore, the recomputed hash value is mathematically formulated as,

𝐻2 = 𝐵𝐻𝐹(𝐶′) (7)

In the receiver side, two hash values are compared to ensure the correctness of the data. If the two

hash values are equal, then decryption is performed to get the original data. Therefore, the cipher text (𝐶)

of the data is only visible to the legal users using elliptic curve attribute decryption. The elliptic curve

attribute decryption processes to obtain the original message which is mathematically expressed as,

𝑚 = 𝐶2 − 𝑑 ∗ 𝐶1 (8)

From the equation (8), original message 𝑚 is obtained. The Elliptic Curve Attribute Decryption

using Bloom Hashing Function is shown in the Figure 4.

Figure 5 Process of Elliptic Curve Attribute Decryption using the Bloom Hashing

Figure 5 shows the elliptic curve attribute decryption process. The data stored in the cloud may

initially be encrypted using elliptic curve attribute encryption to create a cipher text and then a hash value

is computed for that cipher text using bloom hashing function. Whenever the client access the data stored

in the cloud, the hash value is been regenerated using the same bloom hash function to authenticate the

correctness of data in the cloud. If the correctness is attained, then the cipher text is decrypted by using the

elliptic curve attribute decryption to obtain the original plaintext. This in turn assists for improving the data

Cloud user

Regenerate Hash Value (H2)

Elliptic Curve

Attribute

Decryption

If (H1== H2)

Data Confidentiality is achieved

Data Confidentiality is

lost

No

Yes

Obtain original message




confidentiality level in cloud. The algorithmic process of Bloom Hash Based Elliptic Curve Attribute

Encryption/Decryption technique is shown below,

// Bloom Hash Based Elliptic Curve Attribute Encryption/Decryption Algorithm

Input: Message ‘𝑚’, set of attributes ‘𝛼’, Cloud Data Owners ‘𝐷𝑂𝑖 = 𝐷𝑂1, 𝐷𝑂2, … , 𝐷𝑂𝑛’, Cloud users

‘𝐶𝑈𝑖 = 𝐶𝑈1, 𝐶𝑈2, . . , 𝐶𝑈𝑛’, 𝑄’ is the public key, ‘𝑑’ is the private key

Output: Improves security and confidentiality of data in cloud

Step 1: Begin

Step 2: For each data and set of attributes

Step 3: Perform elliptic curve attribute encryption using (3) and (4)

Step 4: Generate hash value for encrypted data using (6) stored it on cloud server for transmitting

corresponding user.

Step 5: Whenever the client access the data stored, regenerates hash values

Step 6: If (H1==H2) then

Step 7: Data confidentiality is achieved

Step 8: Perform elliptic curve attribute decryption using (8)

Step 9: Get original data message

Step 10: else

Step 11: Data confidentiality is lost

Step 12: End if

Step 13: End for

Step 14: End

Algorithm 1 Bloom Hash Based Elliptic Curve Attribute Encryption/Decryption

By using the above algorithmic process, BH-ECAED technique performs secured data

communication thereby achieves the highly confidential data transfer in cloud service provisioning.

Therefore, the BH-ECAED technique improves the data security and confidential level for cloud service

provisioning with minimum execution time and also reduces the space complexity of data storage for

encryption process in an effective manner.

[3] EXPERIMENTAL SETTINGS

The Bloom Hash Based Elliptic Curve Attribute Encryption and Decryption (BH-ECAED)

technique is implemented using JAVA language and CloudSim simulator. The BH-ECAED technique used

Amazon Simple Storage Service (Amazon S3) dataset for conducting the experimental evaluation. The

Amazon S3 dataset preserves the data transfer and automatic encryption of data once it is uploaded in cloud.

Amazon S3 is a data warehouse that comprises of images, files and other kind of useful information. The

Amazon S3 is consistent, speedy, less expensive, and scalable for cloud service provisioning.




The BH-ECAED technique accomplishes the experimental evaluation and compares the results

against the existing two methods namely Key-Policy Attribute-Based Encryption (KP-ABE) scheme [1]

and Secure Data Sharing in Clouds (SeDaSC) method [2]. The performance of BH-ECAED technique is

measured in terms of data security rate, execution time, memory utilization and data confidentiality level.

[4] RESULTS AND DISCUSSIONS

In this section, the result analysis of BH-ECAED technique is evaluated. The performance of BH-

ECAED technique is compared with the existing two methods namely Key-Policy Attribute-Based

Encryption (KP-ABE) scheme [1] and Secure Data Sharing in Clouds (SeDaSC) method [2]. The

performance of BH-ECAED technique is evaluated along with the metrics such as data security rate,

execution time, memory utilization and data confidentiality level.

[4.1] MEASUREMENT OF EXECUTION TIME

In BH-ECAED technique, the execution time measures the amount of time taken for encrypting

the data in order to achieve the secured data communication in cloud service provisioning. The execution

time is measured in terms of milliseconds (ms) and mathematically expressed as,

𝐸𝑥𝑒𝑐𝑢𝑡𝑖𝑜𝑛 𝑇𝑖𝑚𝑒 = 𝑒𝑛𝑑 𝑡𝑖𝑚𝑒 𝑜𝑓 𝑒𝑛𝑐𝑟𝑦𝑝𝑡𝑖𝑜𝑛 − 𝑠𝑡𝑎𝑟𝑡 𝑡𝑖𝑚𝑒 𝑜𝑓 𝑒𝑛𝑐𝑟𝑦𝑝𝑡𝑖𝑜𝑛 -- (9)

From the equation (8), encryption time taken for secure data transmission is obtained. While the

execution time is lower, the method is said to be more efficient.

Table 1 Tabulation for Execution Time

File

size

(KB)

Execution Time (ms)

KP-ABE

scheme

SSeDaSC

method

BH-ECAED

technique

10 29.7 23.5 15.3

20 31.4 26.8 17.9

30 35.9 28.2 20.1

40 38.7 31.7 25.6

50 40.2 33.4 27.9

60 42.3 39.8 29.3

70 49.8 45.1 32.7

80 56.6 47.3 35.8

90 59.2 50.5 41.2

100 61.3 56.8 45.6

Table 1 depicts the comparative result analysis of encryption time taken for the secure cloud

service provisioning based on different file sizes in the range of 10-100 KB. From the table value, it is




illustrative that the execution time using the proposed BH-ECAED technique is lower when compared to

the existing KP-ABE scheme [1] and SeDaSC method[2].

Figure 6 Measurement of Execution Time

Figure 6 portrays the impact of time taken for encryption versus diverse file sizes in the range of

10-100 KB using three methods. As exposed in figure, proposed BH-ECAED technique provides better

execution time for encrypting the data to achieve higher cloud data security when compared to the two

existing methods namely KP-ABE scheme [1] and SeDaSC method [2]. Besides, while increasing the file

size of the data for encryption, the execution time is also gets increased using all the three methods. But

comparatively execution time using BH-ECAED technique is lower. This is owing to application of elliptic

curve attribute encryption algorithm in BH-ECAED technique where the original message is converted into

cipher text and the hash value for enhancing the security in cloud services. The attribute encryption is

performed in BH-ECAED technique which considers an attributes that comprises of user location, and

payment plan of the user. By performing the encryption, cipher text is generated with secret key to improve

the data security in cloud. Hence, BH-ECAED technique reduces the execution time by 36% when

compared to KP-ABE scheme [1] and 25 % when compared to SeDaSC method [2] respectively.

[4.2] MEASUREMENT OF DATA SECURITY RATE

In BH-ECAED technique, the cloud data security measures the amount of security offered to the

data by the cloud users and server on performing the data transmission over the networks. When the cloud

data security rate is higher, the method is said to be more efficient.

0

10

20

30

40

50

60

70

10 20 30 40 50 60 70 80 90 100

Execu

tio

n T

ime (

ms)

File size (KB)

KP-ABE scheme

SeDaSC method

BH-ECAED technique




Table 2 Tabulation for the Data Security Rate

File size

(KB)

Data Security Rate (%)

KP-ABE

scheme

SeDaSC

method

BH-ECAED

technique

10 65.87 72.45 80.12

20 68.97 74.89 81.98

30 69.15 75.65 83.26

40 70.81 78.92 84.79

50 72.54 79.88 85.16

60 75.98 81.47 87.56

70 76.36 83.65 89.11

80 78.41 85.79 90.15

90 80.25 88.98 91.99

100 81.80 89.46 93.87

The cloud data security is obtained while performing the cloud service provisioning based on the

diverse file size in the range of 10-100 KB is presented in the Table 2. From the table value, it is clear that

the cloud data security using the proposed BH-ECAED technique is higher when compared to the existing

KP-ABE scheme [1] and SeDaSC method [2].

Figure 7 Measurement of Data Security Rate

Figure 7 explains the impact of data security rate versus varied file sizes in the range of 10-100

KB using three methods. As revealed in the figure, proposed BH-ECAED technique provides better data

security rate for cloud service provisioning when compared to the two existing methods namely KP-ABE

scheme [1] and SeDaSC method [2]. In addition, while increasing the file size of data for transmission, the

0

10

20

30

40

50

60

70

80

90

100

10 20 30 40 50 60 70 80 90 100

Da

ta S

ecu

rit

y R

ate

(%

)

File size (KB)

KP-ABE scheme

SeDaSC method

BH-ECAED technique




data security rate is also gets increased using all the three methods. But comparatively the data security rate

using BH-ECAED technique is higher. This is because of application of Bloom Hash Based Elliptic Curve

Attribute Encryption and Decryption algorithm in BH-ECAED technique. By using this algorithmic

process, BH-ECAED technique initially encrypts the data and then computes the hash value for encrypted

cipher text to improve the security of data transmission in the cloud environment. This in turn supports for

enhancing the data security in the cloud service provisioning. Therefore, BH-ECAED technique improves

the data security rate by 17% when compared to KP-ABE scheme [1] and 7 % when compared to SeDaSC

method [2] respectively.

[4.3] MEASUREMENT OF SPACE COMPLEXITY

In BH-ECAED technique, space complexity measures the amount memory taken for storing the

hash value of encrypted data at the cloud server. The space complexity is measured in terms of Kilo Bytes

(KB) and mathematically formulated as given below,

𝑠𝑝𝑎𝑐𝑒 𝑐𝑜𝑚𝑝𝑙𝑒𝑥𝑖𝑡𝑦 = 𝑡𝑜𝑡𝑎𝑙 𝑚𝑒𝑚𝑜𝑟𝑦 𝑠𝑝𝑎𝑐𝑒 − 𝑢𝑛𝑢𝑠𝑒𝑑 𝑚𝑒𝑚𝑜𝑟𝑦 𝑠𝑝𝑎𝑐𝑒 --- (10)

From the equation (9), memory taken for storing the hash value of encrypted data is obtained.

When the space complexity is higher, the method is said to be more efficient.

Table 3 Tabulation for the Space Complexity

File size

(KB)

Space Complexity (KB)

KP-ABE

scheme

SeDaSC

method

BH-ECAED

technique

10 50.44 43.82 31.58

20 54.23 48.93 35.91

30 59.87 55.78 41.26

40 65.12 59.15 46.57

50 69.64 63.78 50.78

60 72.75 68.97 56.06

70 76.34 72.63 62.87

80 81.45 78.98 65.36

90 89.13 85.47 69.78

100 95.78 90.15 75.19

The result analysis of space complexity is taken for storing the hash value of encrypted data with

the respect to the different file size in the range of 10-100 KB is illustrated in the Table 3. From the table

value, it is expressive that the space complexity using the proposed BH-ECAED technique is lower when

compared to the existing KP-ABE scheme [1] and SeDaSC method.




Figure 8 Measurement of the Space Complexity

Figure 8 describes the impact of space complexity for the secured cloud service provisioning with

respect to varied file sizes in the range of 10-100 KB using three methods. As demonstrated in the figure,

proposed BH-ECAED technique provides better space complexity when compared to the two existing

methods namely KP-ABE scheme [1] and SeDaSC method [2]. Further, when increasing the file size of

data for encryption process, the space complexity is also gets increased using all the three methods. But

comparatively the space complexity using BH-ECAED technique is found lower. This is due to the

application of the bloom hash function that generates the hash value for efficiently storing the cloud data.

Bloom filter employs 𝑛 independent hash functions for storing the set of data. This in turn assists to reduce

the space complexity of the cloud service provisioning in a significant manner. As a result, BH-ECAED

technique reduces the space complexity by 26% when compared to KP-ABE scheme [1] and 21% when

compared to SeDaSC method [2] respectively.

[4.4] MEASUREMENT OF DATA CONFIDENTIALITY LEVEL

In BH-ECAED technique, the data confidentiality is attained during the secure message

communication using elliptic curve attribute cryptography. The data confidentiality level measures the

ability of the system to guard the data being transmitted and only accessed by the authorized user. The data

confidentiality level is measured in percentage (%).When the data confidentiality level is higher, the method

is said to be more efficient.

0

20

40

60

80

100

10 20 30 40 50 60 70 80 90 100

Sp

ace C

om

ple

xit

y (

KB

)

File size (KB)

KP-ABE scheme

SeDaSC method

BH-ECAED

technique




Table 4 Tabulation for the Data Confidentiality Level

File size (KB) Data Confidentiality Level (%)

KP-ABE scheme SeDaSC method BH-ECAED

technique

10 59.78 65.18 78.79

20 61.45 66.95 80.13

30 62.23 69.15 81.99

40 64.12 70.89 83.65

50 67.35 72.65 85.47

60 69.18 73.98 86.64

70 72.56 76.89 89.13

80 73.92 78.23 91.47

90 75.65 81.41 93.45

100 78.34 84.65 94.68

The data confidentiality level is obtained in the cloud service provisioning based on varied file sizes in the

range of 10-100 KB is demonstrated in the Table 4. From the table value, it is descriptive that the data

confidentiality level using the proposed BH-ECAED technique is higher when compared to the existing

KP-ABE scheme [1] and SeDaSC method [2].

Figure 9 Measurement of the Data Confidentiality Level

0

20

40

60

80

100

10 20 30 40 50 60 70 80 90

Da

ta C

on

fid

en

tia

lity

Level

(%)

File size (KB)

KP-ABE scheme

SeDaSC method

BH-ECAED

technique




Figure 9 shows the impact of data confidentiality level with respect to the varied file sizes in the

range of 10-100 KB using three methods. As illustrated in the figure, proposed BH-ECAED technique

provides the data confidentiality level for the cloud service provisioning when compared to the two existing

methods namely KP-ABE scheme [1] and SeDaSC method [2]. Furthermore, while increasing the file size

of the data for transmission, the data confidentiality level is also gets increased using all the three methods.

But comparatively, the data confidentiality level using BH-ECAED technique is higher. This is because of

the application of Bloom Hash Based Elliptic Curve Attribute Encryption and Decryption algorithm in BH-

ECAED technique. By using this algorithmic process, BH-ECAED technique performs a secured data

communication in cloud and therefore attains the highly confidential data transfer in cloud service

provisioning. As a result, BH-ECAED technique improves the confidentiality level of data by 27% when

compared to KP-ABE scheme [1] and 17% when compared to SeDaSC method [2] respectively.

[5] RELATED WORKS

An efficient Key Derivation Policy (KDP) was designed in [11] for improving the data security

and integrity in the cloud in which the secret key is created from the combination of local keys with the

user attribute with the help of a hash function. But, the decryption time for low-end devices was higher. In

[12], the multiple senders and multiple user application scenarios was considered to afford a flexible search

authorization Searchable Encryption (SE) scheme to improve the security of the outsourced sensitive data

in cloud.

A High efficient key-insulated attribute based encryption scheme was explained in [13] to achieve

both the forward security and backward security. However, the secure data authentication with higher

efficiency was not considered. A Conditional Cipher Text-Policy Attribute-Based Encryption (C-CP-ABE)

scheme was presented in [14] that permit the users to add an extra access trees depends on the original

cipher text to their own cipher texts for improving the data security in cloud. But, the computation and

storage overhead was not sufficient.

An efficient multiuser searchable attribute-based encryption method was introduced in [15] to

enhance the security of cloud storage. Though, the time taken for accomplishing the encryption is remained

unaddressed. Verifiable Outsourced Decryption of Attribute-Based Encryption with Constant Cipher-text

Length was presented in [16] to decrease the communication overhead while performing the secured data

transfer in cloud. But, the space complexity for storing the encrypted data was not considered.

A data collaboration scheme was designed in [17] based on the Attribute-Based Encryption (ABE)

and Attribute-Based Signature (ABS) for improving the data security in cloud. A novel scheme was

introduced in [18] with the assist of dual system encryption technique for supporting the privacy preserving

predicate encryption with fine- grained searchable capability. However, the performance of encryption and

decryption is not effectual.

An efficient method was explained in [19] to verify the correctness of the transformed cipher text

in an attribute-based encryption system with the outsourced decryption. In [20], a secure and practical

attribute based encryption scheme without pairings (CP-ABE-WP) was developed in the cloud computing

scenarios to provide a secure data sharing.




[6] CONCLUSION

An effective Bloom Hash Based Elliptic Curve Attribute Encryption and Decryption (BH-

ECAED) technique is developed with the aim of achieving highly secured confidential data transmission

in the cloud environment. At first, the cloud user transmits requests to the cloud server. Next, the elliptic

curve attribute encryption is accomplished to encrypt the user requested data with the objective of

enhancing the confidentiality of data in cloud. After that, bloom hashing function is applied for calculating

the hash value for the encrypted data and storing it into the cloud server. This hash value is transmitted to

the consequent users in the cloud with the aim of improving the security of data transmission in the cloud.

At last, elliptic curve attribute decryption is carried out to get the original message which resulted in

improving the cloud data security. The effectiveness of the BH-ECAED Technique is tested with the

metrics such as data security rate, execution time, memory utilization and data confidentiality level. With

the experiments conducted for the BH-ECAED Technique, it is observed that the data security rate provided

more accurate results compared to the state-of-the-art works. The experimental results demonstrate that the

BH-ECAED Technique provides better performance with an improvement of data security rate and

reduction of execution time when compared to the state-of-the-art works.

REFERENCES:

[1] ChangjiWang and Jianfa Luo, “An Efficient Key-Policy Attribute-Based Encryption Scheme with Constant

Ciphertext Length”, Hindawi Publishing Corporation. Mathematical Problems in Engineering Volume

2013, Article ID 810969, Pages 1-7, 2013.

[2] Mazhar Ali, Revathi Dhamotharan, Eraj Khan, Samee U. Khan, Athanasios V. Vasilakos, Keqin Li, Albert

Y. Zomaya, “SeDaSC: Secure Data Sharing in Clouds”, IEEE Systems Journal, Volume PP, Issue 99, Pages

1 – 10, 2015.

[3] Jianghong Wei, Wenfen Liu, Xuexian Hu, “Secure Data Sharing in Cloud Computing Using Revocable-

Storage Identity-Based Encryption”, IEEE Transactions on Cloud Computing. Volume 14, Issue 8, Pages

1-13, 2015.

[4] Shulan Wang, Kaitai Liang, Joseph K. Liu, Jianyong Chen, Jianping Yu, Weixin Xie, “Attribute-Based Data

Sharing Scheme Revisited in Cloud Computing”, IEEE Transactions on Information Forensics and Security.

Volume 11, Issue 8, Pages 1661 – 1673, 2016.

[5] Seung-Hyun Seo, Mohamed Nabeel, Xiaoyu Ding, Elisa Bertino, “An Efficient Certificateless Encryption

for Secure Data Sharing in Public Clouds”, IEEE Transactions On Knowledge And Data Engineering.

Volume 26, Issue 9, Pages 2107 – 2119, 2014.

[6] Luca Ferretti, Fabio Pierazzi, Michele Colajanni, and Mirco Marchetti, “Performance and Cost Evaluation

of an Adaptive Encryption Architecture for Cloud Databases”, IEEE Transactions on Cloud Computing.

Volume 2, Issue 2, Pages 143-155, 2014.

[7] Zhiguo Wan, Jun’e Liu, and Robert H. Deng, “HASBE: A Hierarchical Attribute-Based Solution for

Flexible and Scalable Access Control in Cloud Computing”, IEEE Transactions on Information Forensics

and Security. Volume 7, Issue 2, Pages 743-754, April 2012.

[8] Qinlong Huang, Zhaofeng Ma , Yixian Yang , Jingyi Fu , Xinxin Niu, “EABDS: Attribute-Based Secure

Data Sharing with Efficient Revocation in Cloud Computing”, Chinese Journal of Electronics. Volume 24,

Issue 4, 2015, Pages 862 – 868.

http://ieeexplore.ieee.org/search/searchresult.jsp?searchWithin=%22Authors%22:.QT.Xinxin%20Niu.QT.&newsearch=true




[9] Nitika Aggarwal, Abhishek Choudhary, Maalvika Bachani, Rachna Jain, “Framework for Secure Cloud

Data Communication”, International Journal of Scientific & Technology Research Volume 4, Issue 02,

Pages 281-284, 2015.

[10] Guiyi Weia , Rongxing Lub, Jun Shaoa, EFADS: Efficient, flexible and anonymous data sharing protocol

for cloud computing with proxy re-encryption. Journal of Computer and System Sciences, Elsevier, Volume

80, Issue 8, Pages 1549–1562, 2014.

[11] P. Senthil Kumari and A. R. Nadira Banu Kamal, “Key Derivation Policy for Data Security and Data

Integrity in Cloud Computing”, Automatic Control and Computer Sciences. Springer, Volume 50, Issue 3,

Pages 165–178, 2016.

[12] Yang Yang, “Attribute-Based Data Retrieval with Semantic Keyword Search for E-Health Cloud”, Journal

of Cloud Computing Advances, Systems and Applications. Springer, Volume 4, Issue 10, Pages 1-6, 2015.

[13] Hanshu Hong, Zhixin Sun, “High Efficient Key-Insulated Attribute Based Encryption Scheme without

Bilinear Pairing Operations” SpringerPlus, Volume 5, Pages 1-12, 2016.

[14] Zhitao Guan, Jing Li, Zijian Zhang, and Liehuang Zhu, ”Conditional Ciphertext-Policy Attribute-Based

Encryption Scheme in Vehicular Cloud Computing”, Hindawi Publishing Corporation. Mobile Information

Systems Volume 2016, Article ID 1493290, Pages 1-10, 2016.

[15] Shangping Wang, Xiaoxue Zhang , Yaling Zhang, “Efficiently Multi-User Searchable Encryption Scheme

with Attribute Revocation and Grant for Cloud Storage”, PLoS ONE journal. Volume 11, Issue 11, Pages

1-23, 2016.

[16] Jiguo Li, Fengjie Sha, Yichen Zhang, Xinyi Huang, and Jian Shen, Verifiable Outsourced Decryption of

Attribute-Based Encryption with Constant Ciphertext Length. Hindawi Publishing Corporation. Security

and Communication Networks Volume 2017 Article ID 3596205, Pages 1-11, 2017.

[17] Qinlong Huang, Yixian Yang, Mansuo Shen,“Secure and efficient data collaboration with hierarchical

attribute based encryption in cloud computing”, Future Generation Computer Systems. Elsevier, Pages 1-

21, 2016.

[18] Xu An Wang, Fatos Xhafa, Weiyi Cai, Jianfeng Ma, Fushan Wei, “Efficient privacy preserving predicate

encryption with fine-grained searchable capability for Cloud storage”, Computers & Electrical Engineering.

Elsevier, Volume 56, Pages 871–883, November 2016.

[19] Baodong Qin, Robert H. Deng, Shengli Liu, and Siqi Ma, “Attribute-Based Encryption with Efficient

Verifiable Outsourced Decryption”, IEEE Transactions on Information Forensics and Security. Volume 10,

Issue 7, Pages 1384 – 1393, July 2015.

[20] Shuaishuai Zhu, Xiaoyuan Yang, “Protecting data in cloud environment with attribute-based encryption”,

International Journal of Grid and Utility Computing Volume 6, Issue 2, Pages 91-97, 2015.

highly secured confidential data … efficient certificateless encryption was intended in [5] for...

Documents