COLLABORATIVE KEY MANAGEMENT PROTOCOL IN CIPHERTEXT POLICY ATTRIBUTE-

BASED ENCRYPTION FOR CLOUD DATA SHARING

Shilpa S. Patode1 , Prof. P.P.Kalyankar1

Terna public charitable trust’s college of engineering,

Osmanabad, India.

Mobile no: 8421208864, shilpapatode@yahoo.com

Abstract— The demand for protection increases, if the confidentiality of the information is of very high value.
Security is very essential to avoid the unauthorised disclosure or alteration of the information. Due to the great
change in technologies nowadays, a number of multimedia data is being generated and transmitted, leaving our own
data vulnerable to be edited, modified and duplicated. Digital documents are therefore being faced by innumerable
threats as they are very easy to copy and distribute. Cryptography is an art of secret writing, which authenticates data
and important messages as well as protects the systems from valid attacks. One of the best existing security
algorithms to provide data security is Advanced Encryption Standard (AES). It comprises of encryption and
decryption process each associated with a key which is supposed to be kept secret.

Keywords : AES, Encryption, decryption.

I INTRODUCTION
Many encryption algorithms are widely available and used in information security. They can be categorized into
Symmetric (private) and Asymmetric (public) keys Encryption. In Symmetric keys encryption or secret key
encryption, only one key is used to encrypt and decrypt data. DES uses one 64-bits key. Triple DES (3DES) uses
three 64-bits keys. While AES uses various (128,192,256) bits keys. This Paper describes a design of effective
security for data communication by implementing AES algorithm for encryption and decryption. Modern
cryptography provide the confidentiality, integrity, non repudiation and authentication [1]. These days, there are a
number of algorithms have been available to encrypt and decrypt sensitive data which are typically divided into three
types. First one is symmetric cryptography that is the same key is used for encryption and decryption data. Second
one is Asymmetric cryptographic. This types of cryptography relies on two different keys for encryption and
decryption. Finally, cryptographic hash function using no key instead key it is mixed the data [2].

II.PROPOSED SYSTEM

Propose a collaborative key management protocol in cipher text policy attribute-based encryption (CKM-CPABE)
aiming to enhance security and efficiency of key management in cloud data sharing system. The main contributions
are summarized as follows: 1) A novel collaborative protocol is presented. With help of interaction among the key
authority, a cloud server and a client who tends to access data, distributed generation, issue and storage of private
keys are realized. Thus, secure key management is guaranteed without adding any extra physical infrastructure,
which is easier to deploy compared with previous multi-authority schemes. We introduce attribute groups to build the
private key update algorithm. A unique attribute group key is allocated to each attribute group that contains clients
who share the same attribute. Via updating attribute group key, a fine-grained and immediate attribute revocation is
provided. We indicate that not only key escrow problem but also key exposure is threatening the confidentiality of
private keys, which is hardly noticed in previous research. Compared to previous key management protocols for
attribute-based data sharing system in cloud, our proposed protocol effectively addresses both two problems by its
collaborative key management. Finally, we provide proof of security for the proposed protocol. The collaborative
mechanism helps markedly reduce client decryption overhead by employing a decryption server to execute most of
decryption while leave no knowledge about information to it.

 Proposed System Advantages:

1. In proposed system, novel collaborative protocol is presented. With help of interaction among the key
authority, a cloud server and client who tends to access data, We resolve the key escrow problem.
2. Resolve Key exposure problem.

III. Advanced Encryption Standard

Cryptography plays an important role in the security of data. It enables us to store sensitive information or transmit it
across insecure networks so that unauthorized persons cannot read it. The basic unit for processing in the AES
algorithm is a byte (a sequence of eight bits), so the input bit sequence is first transformed into byte sequence. In the
next step a two-dimensional array of bytes (called the State) is built. The State array consists of four rows of bytes,
each containing Nb bytes, where Nb is the block size divided by 32 (number of words). All internal operations
(Cipher and Inverse Cipher) of the AES algorithms are then performed on the State array, after which its final value is
copied to the output (State array is transformed back to the bit sequence).The input and output for the AES algorithm
each consist of sequences of 128 bits (digits with values of 0 or 1). These sequences will sometimes be referred to as
blocks and the number of bits they contain will be referred to as their length. The Cipher Key for the AES algorithm
is a sequence of 128, 192 or 256 bits. The AES algorithm consists of ten rounds of encryption, as can be seen in
Figure 1 First the 128-bit key is expanded into eleven so-called round keys, each of them 128 bits in size.

Figure1. AES Algorithm Structure

The features of AES are as follows −

 Symmetric key symmetric block cipher

 128-bit data, 128/192/256-bit keys

 Stronger and faster than Triple-DES

 Provide full specification and design details

 Software implementable in C and Java

IV. OPERATION OF AES

AES is based on ‘substitution–permutation network’. It comprises of a series of linked operations, some of which
involve replacing inputs by specific outputs (substitutions) and others involve shuffling bits around
(permutations).Interestingly, AES performs all its computations on bytes rather than bits. Hence, AES treats the 128
bits of a plaintext block as 16 bytes. These 16 bytes are arranged in four columns and four rows for processing as a
matrix −Unlike DES, the number of rounds in AES is variable and depends on the length of the key. AES uses 10
rounds for 128-bit keys, 12 rounds for 192-bit keys and 14 rounds for 256-bit keys. Each of these rounds uses a
different 128-bit round key, which is calculated from the original AES key.on using the corresponding cipher key to
ensure the security of the encryption.

The schematic of AES structure is given in the following figure2 .

Figure 2.AES Structure

  Encryption Process
Here, we restrict to description of a typical round of AES encryption. Each round comprise of four sub-
processes. The first round process is depicted below figure 3.

Figure 3.First round process

a) Byte Substitution (SubBytes)

The 16 input bytes are substituted by looking up a fixed table (S-box) given in design. The result is in a
matrix of four rows and four columns.

b) Shiftrows
Each of the four rows of the matrix is shifted to the left. Any entries that ‘fall off’ are re-inserted on the
right side of row. Shift is carried out as follows −

 First row is not shifted.

 Second row is shifted one (byte) position to the left.

 Third row is shifted two positions to the left.

 Fourth row is shifted three positions to the left.

 The result is a new matrix consisting of the same 16 bytes but shifted with respect to each other.

c) MixColumns
Each column of four bytes is now transformed using a special mathematical function. This function takes as
input the four bytes of one column and outputs four completely new bytes, which replace the original
column. The result is another new matrix consisting of 16 new bytes. It should be noted that this step is not
performed in the last round.

d) Addroundkey
The 16 bytes of the matrix are now considered as 128 bits and are XORed to the 128 bits of the round key.
If this is the last round then the output is the ciphertext. Otherwise, the resulting 128 bits are interpreted as
16 bytes and we begin another similar round.

 DECRYPTION PROCESS
The process of decryption of an AES ciphertext is similar to the encryption process in the reverse order.
Each round consists of the four processes conducted in the reverse order −

 Add round key

 Mix columns

 Shift rows

 Byte substitution

Since sub-processes in each round are in reverse manner, unlike for a Feistel Cipher, the encryption and
decryption algorithms needs to be separately implemented, although they are very closely related.

 AES Analysis

In present day cryptography, AES is widely adopted and supported in both hardware and software. Till
date, no practical cryptanalytic attacks against AES has been discovered. Additionally, AES has built-in
flexibility of key length, which allows a degree of ‘future-proofing’ against progress in the ability to
perform exhaustive key searches. However, just as for DES, the AES security is assured only if it is
correctly implemented and good key management is employed.

 COMPARISON

An aim of cryptographic algorithms is to provide authentication and confidentiality. A cryptographic

algorithm is considered to be secured if it cannot be broken with normal resources. An economical
cryptosystem can make absolute best results if key size is equivalent to the dimensions of the packet to be
transmitted over the network

In following comparison table show that the AES provide the block size 128 bits. The AES provide the
excellent security as compare to other cryptographic algorithm.
 Factors DES AES RSA ECC
Key 56-bits 128,192, based on 135
Length 256 bits no. of bits
n=p*q
64-bits 128 bits variant variant
Block
Size
Security not Excellent good less
Rate enough
Execution slow more fast slowest fastest
Time
Table 2 Comparison (Among Various Cryptographic Algorithms)

V.CONCLUSION
We created a system for Ciphertext-Policy Attribute Based Encryption. Our system allows for a new type of
encrypted access control where user’s private keys are specified by a set of attributes and a party encrypting
data can specify a policy over these attributes specifying which users are able to decrypt. In this Ciphertext-
policy attribute based encryption and time specified approach project we solve key escrow problem. There
are use the AES algorithm which provide data security. This paper was successfully completed with the
implementation of AES algorithm on 128 bit message. The encrypted cipher text and the decrypted text are
analyzed and proved to be correct. The encryption efficiency of the proposed AES algorithm was studied
and met with satisfactory results.

VI.REFERENCES
[1]Abha Sachdev, Mohit Bhansali. (2013, April 9) “Enhancing Cloud Computing Security using AES
Algorithm”,International Journal of Computer Applications
[2](2012) Ashish Maheta. “Security in Cloud Computing using File Encryption”, Int. J. Computer
Technology & Applications
[3] (2010) Douglas Selent, “Advanced Encryption Standard”,Rivier Academic Journal
[4] Manpreet Kaur, Rajbir Singh. (2013, May 18) “Implementing Encryption Algorithms toEnhance
Data Security of Cloud in Cloud Computing”, International Journal of Computer Applications
[5] Ritu Pahal, Vikas kumar. (2013, July 7) “Efficient Implementation of AES”, International Journal of
Advanced Research in Computer Science and Software Engineering