Revocable Attribute-Based Encryption with Data Integrity in Clouds

Abstract :  Cloud computing enables enterprises and individuals to outsource and share their data. This way, cloud computing eliminates the heavy workload of local information infrastructure. Attribute-based encryption has become a promising solution for encrypted data access control in clouds due to the ability to achieve one-to-many encrypted data sharing. Revocation is a critical requirement for encrypted data access control systems. After outsourcing the encrypted attribute-based ciphertext to the cloud, the data owner may want to revoke some recipients that were authorized previously, which means that the outsourced attribute-based ciphertext needs to be updated to a new one that is under the revoked policy.The integrity issue arises when the revocation is executed. When a new ciphertext with the revoked access policy is generated by the cloud server, the data recipient cannot be sure that the newly generated ciphertext guarantees to be decrypted to the same plaintext as the originally encrypted data, since the cloud server is provided by a third party, which is not fully trusted. In this paper, we consider a new security requirement for the revocable attribute-based encryption schemes: integrity. We introduce a formal definition and security model for the revocable attribute-based encryption with data integrity protection (RABE-DI). Then, we propose a concrete RABE-DI scheme and prove its confidentiality and integrity under the defined security model. Finally, we present an implementation result and provide performance evaluation which shows that our scheme is efficient and practical.

 EXISTING SYSTEM :

 ? Majority of the existing CP-ABE schemes, public keys and secret keys are issued by an authority. ? To safeguard the data, these data category uses RHA, HAS and existing FH-CPABE for encryption. ? ISTING SYSTEM The existing system utilizes an Identity-Based Broadcast Proxy Re-Encryption (IB-BPRE) Algorithm. ? Initially, proxy re-encryption was proposed to enable a semi-trust proxy to transform a cipher text with one’s identity to a new cipher text under a different identity. IB-PRE was introduced to simplify PKI. ? Then, the concept of broadcast proxy re-encryption (BPRE) was proposed to remove the linear computation for reencryption key generation.

 DISADVANTAGE :

 ? The solution of this problem can help users enhance their confidence in the reliability of cloud service applications and help developers better promote cloud computing services. ? So, the problem of batch processing of data integrity audit request in cloud storage environment also needs further research. ? As the demand for cloud storage services becomes more and more diverse, more and more data security problems are exposed, so we propose the following research directions as the next research content. ? Therefore, to ensure the security of cloud storage services, one of the urgent problems is to propose more efficient mechanisms to resist security threats.

 PROPOSED SYSTEM :

 • The algorithm used in the proposed system is Revocable and Decentralized Attribute-based Encryption (R-DABE) system. • To resolve the above problem numerous identity-based broadcast proxy re-encryption (IB-BPRE) schemes have recently been proposed. • Even though, the proposed scheme showed that both the private key and cipher text had a constant size it still failed to address the re-encryption key revocation issue. • The proposed system utilizes the scheme called Revocable and Decentralized Attribute-based Encryption (R-DABE). • We have proposed a tangible construction under the definition and proved that this scheme is CPA secure in the random oracle model.

 ADVANTAGE :

 ? In order to improve user’s work efficiency, improve data utilization rate, and reduce local data management and maintenance costs, the cloud storage technology has been promoted. ? Formal security analysis and experimental results show that the proposed data-auditing solution is suitable for IoT devices in the cloud storage environment with respect to security and performance. ? At this time, we can reduce the DO burden and improve the audit efficiency by dispersing the audit work. ? The computational cost of revoking a single user’s operation is constant, but when the number of users increases, the efficiency of this scheme is significantly higher than that of scheme .