Performance Enhancement For An Efficient Attribute Based Encryption and

Acces Control Scheme For Cloud Storage Environment

Abstract :

Cloud is becoming a very powerful tool for data storage. For big companies, cloud is

becoming an essential tool for data repository maintenance. Achieving unbreakable

document/outsourced data security is again a very important issue. To provide security to the

outsourced documents Attribute based encryption technique is proposed by researchers . ABE

technique is a very useful technique but having the problem of access permission

addition/modification. To overcome this issue the base paper [Extendable Access Control System

with Integrity Protection for Enhancing Collaboration in the Cloud] proposed a new technique

called as Functional Key Encapsulation with Equality Test (FKE-ET) . This technique is quite

secure but requires double space as there is a need of storing the same document again on cloud to

extend the access permission. To reduce the require space and to increase the performance of the

system, we propose a modified ABE technique in which we will maintain the access permissions of

the document in separate meta data file. Our proposed system is very secure and easy to change /

modify.

1
 Introduction

A Computing Cloud can be defined as a set of network enabled services, providing scalable,

Quality of Service (QoS) guaranteed, normally personalized, inexpensive computing platforms on

demand, which could be accessed in a simple way [7].

Cloud computing is a set of different types of hardware and software activities that work

collectively to deliver many aspects of computing to the end user as an online services.

Nowadays cloud computing become an important part of any computation due to its on demand

services [elasticity] and low cost maintenance. cloud computing is a paradigm shift from traditional

computing that relies on sharing of computer resources rather than having personal devices.[1]

The basic concept behind the cloud computing or cloud storage is virtualization , in which data is

stored in logical storage where its actual location is spans over different servers and these servers

are located across multiple location , however these servers are owned and operated by third party ,

either a hosting company or service provider [2].

The security , integrity , privacy and performance are major issue of cloud. To provide security to

outsourced data that is stored in third party access is one of the challenging problem to solve in

cloud. The current scenario is the user uploads and stores the data in plain text form in the cloud

storage server and user’s access rights are specified by an access policy that is constructed by an

data uploader . Any other user who satisfy that specific access policy will be able to access that

data. In this solution it is usually assumed that the third party cloud server is fully trusted ,but

unfortunately this assumption does not achieved because cloud provider is operated by third party

such as Amazon S3 cloud storage , Microsoft Azure, IBM cloud ,Google Cloud platform .One of

the great solution for this is to store data in the cloud in encrypted form. This solution seems

efficient if the ciphertexts are entirely used by the encryptor himself/herself. However, when

ciphertext are to be shared with others and cloud storage server has no rights to decrypt the

ciphertext the problem becomes more complex [2].

2
The cryptographic fundamental technique known as Attribute Based Encryption(ABE) is an

excellent concept to solve this problem .The Attribute Based Encryption is best way to secure data

in cloud storage when compared to other encryption methods like role based access as it has the

ability to restrict access based on roles [3][4] . Unlike other encryption methods the ABE dealt

with encrypting and decrypting the data based on user attribute to provide promising and flexible

access control by using control access structures associated with private key,master key and the

ciphertext respectively .

1.1 Classification Of Attribute Based Encryption

The term Encryption refers to transforming a plaintext data into human unrecognizable form

(ciphertext). And vice versa the process of transforming ciphertext into human readable form is

referred as Decryption. Hence Data Confidentiality is achieved by using Encryption.There are

many techniques have been proposed every technique has its own advantages but Attribute

Based Encryption is a proven algorithm for cloud computing environment [4].

Fig. : Classification Of Attribute Based Encryption.

1.1.1 Attribute Based Encryption [ABE]

ABE is public-key encryption in which the secret key of a user and the ciphertext are

dependent upon attributes (e.g. the country he lives, or the kind of subscription he has).
3
 In such a system, the decryption of a ciphertext is possible only if the set of attributes of

the user key matches the attributes of the ciphertext. The ABE scheme used an user's

identity as attributes, and a set of attributes were used to encrypt and decrypt data [6].

1.1.2 Key Policy Attribute Based Encryption [KP-ABE]

In a KP-ABE , the ciphertext is attached with a set of attributes. The decryption key,

which is issued by an authority, is associated with an access policy. The ciphertext will

be decrypted if and only if the attribute set of ciphertext satisfies the access policy of the

decryption key [2].

1.1.3 Ciphertext Policy Attribute Based Encryption [CP-ABE]

In CP-ABE , the ciphertext is associated with an access policy , whereas decryption key

is attached with set of attribute [2].

1.1.4 Non-Monotonic Access

The Access Structure in KP-ABE is a monotonic access structure , means it cannot

express the negative attribute to exclude the parties with whom data owner didn’t want to

share data from subscription.Therefore Ostrovsky et al. proposed a non-monotonic

access structure [9] in 2007, and this scheme can let each attribute associate primed word

in front of them. It is different from the previous attribute-based encryption scheme.The

access structure of this scheme is similar to KP-ABE with the exception of use of

boolean formula ‘NOT’ in the access structure .for better understanding of Non-

Monotonic ABE consider following example –

If a professor in department of CSE wants to share the unit test marks data with students,

he will set a set of attributes in the encrypted data. And there is an access structure,

{ Professor ˄ Students } in student's private key. But the teacher doesn't want post

graduates to access this data, then he adds NOT post graduate to the access structure. So

the access structure is -

4
 {Professor ˄ Students ˄ NOT post graduate}. It can let data not be accessed by

graduates[5].

OR

AND Dean 2 out of 3

CSE Admission Faculty Program Student

Committee Committee

Fig. : Example of ABE with Monotonic Accesss Structure

OR

AND 2 out of 3

CSE Admission Faculty Program NOT

committee

Student

Fig. : Example of ABE with NON-Monotonic Accesss Structure

Above two figures depicted the basic difference between Monotonic and NON-Monotonic

Access Structure of Attribute Based Encryption.

Monotonic Access Structure uses ‘AND Gate’ and ‘OR Gate‘and ‘k out of n’ Threshold Gate

whereas in case of Non Monotonic it uses Monotonic Access Structure with additional NOT

Gate.

5
1.1.5 Hierarchical ABE [HABE]

Basically , HABE is a composition of hierarchical identity based encryption[HIBE] [10]

and CP-ABE schemes[11] , which provides high performance, full delegation and

scalability for documents.

1.1.6 ABE with Outsourced Decryption

In this scheme encrypted plaintext is stored in the cloud and with the use of

transformation of single key the cloud will be able to provide access to the document

who satisfies user attribute access policy. Cloud itself will be responsible to translate any

ABE ciphertext satisfied by that specific user’s attributes into a (constant-size) El Gamal-

style ciphertext, without the cloud being able to read any part of the user’s messages.

Fig. : Illustration of how ABE ciphertexts are fetched in general scenario

Fig. : Outsourcing the Decryption :

Illustration of how ABE ciphertexts could be transformed by a proxy

The difference between ABE without outsourcing the decryption and with Outsourced

Decryption is depicted in above figures [12].

1.1.7 Distributed ABE

This scheme allows a random number of authorities to independently manage attributes

by involving three types of entitities i. a master, ii. attribute authorities and iii. Users. [13]
6
  The master is subject to the distribution of secret user keys.
 Attribute authorities are responsible to verify whether a user is eligible of a

specific attribute or not. Every attribute authority has full control over the

structure and semantics of its attributes. An attribute authority generates a public

attribute key for each attribute it maintains and made available to every

participant.

 The user can encrypt and decrypt messages .To encrypt a message, a user first

for mulates his access policy in the form of a Boolean formula over some

attributes.

To decrypt a ciphertext, a user needs atleast access to some set of attributes and

their associated secret keys which satisfies the access policy. If he does not

already possess these keys, he may query the attribute authorities for the secret

keys corresponding to the attributes he is eligible for.

Distributed ABE is an extension to the CP-ABE scheme which supports the arbitrary no.

of attribute authorities and allows to dynamically add new users at any time.

1.2 The Criteria for An Ideal Attribute based Encryption Scheme

With reference to the different categories of ABE discussed above here is the summary

of the criteria that ideal attribute-based encryption schemes should retain .

A. Data confidentiality

Before uploading data to the cloud, the data was encrypted by the data owner. Therefore,

unauthorized parties including the cloud cannot know the information about the

encrypted data.

7
 B. Fine-grained access control

In the same group, the system granted the different access right to individual user. Users

are on the same group, but each user can be granted the different access right to access

data. Even for users in the same group, their access rights are not the same.

C. Scalability

When the authorized users increase, the system can work e±ciently. So the number of

authorized users cannot affect the performance of the system.

D. . User accountability [14]

If the authorized user is dishonest, he would share his attribute private key with the

other unauthorized user. It causes the problem that the illegal key would share among

unauthorized users.

E. User revocation

If the user quits the system, the scheme can revoke his access right from the system

directly. The revocable user cannot access any stored data, because his access right was

revoked.

F. Collusion resistant

Users cannot combine their attributes to decipher the encrypted data. Since each

attribute is related to the polynomial or the random number, different users cannot

collude each other.

1.3

1.4

8
1.5

9
Literature Review

In cloud the information or data is transferred using the internet hence enforcing a data

security to information plays vital role. They transmit their data from server to service based

technology brought a significant change in computing. Whereas these development have arises new

security susceptibility. There are many security mechanisms have been proposed in last few

decades. Attribute Based Encryption - The notion of ABE , was first put forth by Amit Sahai and

Brent Waters [15] in 2005, which was the prototype of ABE. Then later two variants of attribute

based encryption was proposed namely KP-ABE and CP-ABE [ ] both are having their own

significance under different situations and requirements. The following literature reviews attempts

to demonstrate the different ABE schemes to provide a data security in cloud storage environment.

Attribute Based Encryption –

Amit Sahai, Brent Waters in 2005[15] , The notion of Attribute based encryption was first
proposed, which was earlier known as Fuzzy Identity Based Encryption, the variant of an
Identity Based Encryption [26]. A Fuzzy IBE scheme allows for a private key for an identity, ω,
to decrypt a cipher text encrypted with an identity, ω’, if and only if the identities ω and ω' are
close to each other as measured by the “set overlap” distance metric, there should be atleast
overlap in between attributes of ω and ω'. Also Fuzzy IBE gives two attractive applications, one
is is an Identity-Based Encryption system that uses biometric identities in which we can view a
user’s biometric, for example an iris scan, as that user’s identity described by several attributes
and then encrypt to the user by using their biometric identities. Another application of Fuzzy-
IBE is Attribute Based Encryption. In this application a user will wish to encrypt a document to
other users that have a certain set of attributes. For example, in a computer science department,
the chairperson might want to encrypt a document to all of its systems faculty on a hiring
committee. In this scenario it would encrypt to the identity {“hiring-
committee”,“faculty”,“systems”}. Any user who has an identity that contains all of these
attributes could have access to the document.
The main advantage of ABE is that user could simply store his data on untrusted server, there is
no need to rely on trusted server to perform authentication process before delivering the
decrypted data.

10
Vipul Goyal, Omkant Pandey et.al [17] , proposed new variation in attribute based encryption
known as key policy abe (KP-ABE). In this scheme the ciphertexts are enclosed with set of
descriptive attributes and private keys are associated with an access structure which in result
decides whether particular cipherext is accessible by specific user or not. Since the ciphertext is
specified in the private key, the ciphertexts are simply labeled with set of attributes. In other
words, each user’s secrete key follows a tree access structure where the leaves are associated
with attributes hence only the authorized user is able to decrypt. The decisional bilinear
DiffieHellman assumption was used for the technique.
Their scheme supports for fine grained access control (allows providing different access rights to
the set of users and specifying the access rights of individual user) by storing data on the server
in encrypted form while different users are still able to decrypt data as specified by the security
policy. The drawback of kp-abe scheme is that the encrypted data cannot choose who can
decrypt the file shared.
J.Bethencourt, Amit Sahai, Brent Water in 2007 [11] introduced new variant of attribute based
encryption to recover the limitation of kp-abe. this paper proposed Ciphertext Policy ABE in this
scheme every ciphertext is associated with an access policy on attributes, and every user’s
private key is associated with a set of attributes. A user is able to decrypt a ciphertext only if the
set of attributes associated with the user’s private key satisfies the access policy associated with
the ciphertext. CP-ABE enables the encryptor to choose the access policy to decide who is
authorized to acquire the data. and let the ciphertext i.e encrypted data in the access structure
decides which key can recover the data. Later Brent Water [18] extended this work with new
methodology for realizing CP-ABE under concrete and noninteractive cryptographic
assumptions in the standard model.
The CP-ABE has limitation with respect to the specifying access policy and managing user
attribute since the decryption keys only support user attributes that are organized logically as a
single set, hence the users can only use all possible combinations of attributes in a single set
issued in their keys to satisfy policies [11][21].
R. Ostrovsky et.al [9], Previously proposed ABE schemes were limited to expressing monotone
access structure and there is no possible way to declare negative attributes in the access structure
this problem have had addressed by the author in 2007. Author’s proposed work allows the
creation of access policy with negative attribute. In particular, this construction can handle any
access structure that can be represented by a Boolean formula involving AND, OR, NOT, and
threshold operations.

11
Nuttapong Attrapadung et al. [22] proposed the first keypolicy attribute-based encryption (KP-

ABE) scheme allowing for non-monotonic access structures (i.e., that may contain negated

attributes) and with constant ciphertext size. Non-monotonic structure means that the Monotonic

Access Structure with addition to negative attributes To achieve this aim, first it is showed that a

certain class of identity-based broadcast encryption schemes generically yields monotonic KP-

ABE systems in the selective set model. Then a new efficient identity-based revocation

mechanism is described, that, when combined with a particular instance of general monotonic

construction, gives rise to the first truly expressive KP-ABE realization with constant-size

ciphertexts. The drawback of suggested construction is that private keys have quadratic size in

the number of attributes. However they reduce the number of pairing evaluations to a constant.

Access Control –

A.Younis, K. Kifayat et.al [23] presents a detailed analysis of access control requirements for
cloud computing and describes important gaps which are not fulfilled by traditional access
control models. Also proposes new access control model to ensure the secure sharing of
resources among potential untrusted tenants. It facilitates the role and task principles to make
assigning privileges very dynamic and easy to support different access permission to the same
cloud user. users are assigned to security domains that relate to their roles andactual jobs. Every
role within the model is assigned the relevant tasks that allow them to practice their roles.

S. Berger, S. Garion, Y. Moatti et.al [24] , presented the concept of Cloud Security Intelligence
(CSI), which utilizes the cloud logic, management, and control plane, as well as workload
context, to provide feasible and scalable event-monitoring for cloud infrastructures, thus
improving the security and policy controls in cloud infrastructures For data protection, authors
have presented an audit system controlling access to the OpenStack Swift object storage system ,
further combined it with an analytics framework, improving the risk assessment and the audit
policies based on the information from logs. For workload protection, the information from the
cloud orchestration layer describes which images will be executed, and this can be used to
distribute the security profiles and the intrusion detection policies that are optimally suited to
the workload.

12
Adi Shamir [25] proposed novel type of cryptoscheme which enables any pair of users to
communicate securely and to verify each others signature’s without exchanging public or private
keyand without using the services of third party. They use the concept of personalized smart
card which will be provided to the user when they first join the network. The information
enclosed in this card allows the user to sign and encrypt the messages he sends.

Vijay Varadhrajan, Lan Zhou et.al [26] proposed a secure RBE-based encryption scheme which
integrates cryptographic techniques with Role Based Access Control [16]. This scheme allows
RBAC policies to be enforced for the encrypted data stored in public clouds with efficient user
revocation. based on RBE scheme they introduced hybrid cloud storage architecture which
allows an organization to store data securely in a public cloud, whereas to maintain sensitive
information related to organization’s structure in a private cloud. The encryption and decryption
computations are efficient on the client side, and decryption time at the cloud can be reduced by
having multiple processors.

Access Control is an important feature to ensure the security in cloud storage, this has receive
much attraction from industry as well as academia.IBM developed the capability-based model
and systematic approaches to improve access control in the cloud services [14].
Cloud security intelligence model have proposed by S.Berger, S.Garion et.al for collecting,
aggregating, correlating, and analyzing data from management, control, and data planes of cloud
infrastructures, using a closed-loop architecture. it sets dynamic rules with respect to what and
how to audit, adapting the logging accordingly, while comparing the data access patterns and
configurations with the desired privileges and specifications[14][15].
V. C. Hu, D. R. Kuhn et.al [16], This paper guides for the challenges in implementing Attribute
Based Access Control(ABAC) in enterprise environment rather than on balancing the cost and
effectiveness of other capabilities versus ABAC. In ABAC access decions can change between
request simply by altering attribute value without applying changes to the subject defining the
underlying rule sets. Because of less awareness on ABAC features, users can’t accurately assess
the benefits and challenges associated with the model. To address this problem, the National
Institute of Standards and Technology (NIST) released Special Publication (SP) 800-162,
“Guide to Attribute Based Access Control (ABAC) Definition and Considerations”.In this
document two solutions have been discussed. First, it provides federal agencies with a definition
of ABAC and a description of their functional components. Second, it describes planning,
design, implementation, and operational considerations for employing ABAC within an
enterprise to improve data sharing while maintaining control of that data access.
13
 Problem Statement

Normally, with the illegal information intruders will do some researches on the attack objects in

order to learn the basic framework of the encrypted information which has been send, so the illegal

information stealers may guess the repeated information's plaintext message by analyzing their

ciphertext and make tentative attacks. That is, the repeated information provide the convenience for

illegal information stealers to make a plaintext attack, illegal information stealers can deduce a

encryption key or a algorithm according to the corresponding relationship between the assumed

plaintext and the unchanged cipher text of these repeated information, resulting in that the

algorithm can decrypt any information which is encrypted by the same encryption key and then

conquer the security system. Therefore, less duplication of information in the ciphertext can

improve the whole system security. [TVES_IMP].

In existing system, ABE technique is build to forward documents easily. While forwarding the

document, ABE needs to encrypt document again which requires more computation time and

space. Therefore to manage access permissions of the documents we modified ABE technique such

that it improves efficiency of the system . In proposed system we use TVES algorithm to encrypt

document with the help of metadata file concept. It can not only resolve the problems mentioned

above effectively, but also can resist some password attack methods effectively such as differential

failure analysis, thus increasing the reliability of the whole system and provide a safer information

transmission in cloud environment.

There are some limitations of existing system as follows

 Replica documents have to generate to extend access policies, which occupies the server space

Unnecessary.
14
 Integrity checking requires extra time.

 There is no provision of access permission removal.

Proposed System

To overcome Access permission management problem we implement new ABE technique in which

the access permission will be managed in separate meta data file which is interlinked with the

document. The meta data file is very small in size and easily modified. One can perform any

operations on access permission and attributes in efficient way. It will not affect performance of the

system, as it requires negligible time for processing. Our system not only manages access

permission but also increases the security of the document. We propose TVES algorithm for

document encryption . The AES algorithm generates only one key to encrypt the document, which

may cause data loss in case of key leakage. To increase security of the documents ,we propose

approach of TVES using which the document will not be dependent on single key,hence the

security of the documents will increase.

The basic idea of Time Varying Encryption Algorithm [TVES] is -

(1) Key changes with time: obtain a new time-varying key through the operation between basic

key and a time-varying variable.

(2) Cipher text changes with time: obtain new cipher text through the operation between the

encrypted cipher text and a time-varying variable.

The feasible method is to encrypt the plaintext and time-varying variable together, and then

do the transmission operation on the document will make the system more secure.

The algorithm is explained below .

Meta Data File Generation

At the time of file upload, System will automatically create the metadata file containing

all the access permissions and document attributes which will be very helpful to generate
15
document encryption key. The metadata file is an xml file which will be stored on cloud along

with the document on cloud server. Every document will have one metadata file. The metadata

file will be divided into two sections as described below.

 Document Attributes

o Document attributes means the unique information about document related with

metadata file

o The document attributes will remain constant

o The document attributes contains

 Docid

 Metadata file id

 Upload date

 Upload time

 Access Permission Attributes

 Access permission attributes will vary depending on the access permission details of the

document

 In our system, the users having write permission of the document can update the access

permission of the document

 When any user having write permission wants to update the access permission, system

will do following operations

o Add access attributes

 If any user wants to add new access attributes into metadata file, only new

attribute will be added into the Meta data file. There is no need to decrypt

previous access attributes

o Delete Access attributes

 Access attributes will be deleted from Meta data file only. There is no

need to decrypt whole meta data file and document

16
 START

Select document to upload

and convert it into bytes

read doc id, upload date

and time of document

Get random integer : rnd,

Compute today : dd+mm+yyyy
Compute now : hh+mm+ss

Generate Key for encryption : key

Key = (rnd+(today-now))

Read Bytes from document

i =0

i < bytes[].len
concat (key,i)

Encrypt Document : Exit

Convert bytes array into integer array : data[]
Data[] = data[i] + key

Convert encrypted integer araay into

encrypted byte array

Convert encrypted bytes to char.

Store Encrypted document on server

END
17
Read constant
Meta
attributes of data file
documents. date,
time, docid, meta Meta
data file id etc data file

Generate basic
secrete key for Encrypt
document document
encryption K using TVES
TTTTTTTVE
STVES

18