Preserving Security In A Cloud By Using Group Signature

Abstract Using the eccentric of truncated preservation, cloud computing gives a reasonable and proficient result for distributing cluster resources among cloud clients. Regrettably, distributing data in a multi user fashion whereas maintaining data and individuality privacy from an unfaith cloud is quiet a puzzling concern, because of the recurrent change of the participation. The proposed system focuses a protected multi user data distributing method, for active clusters in the cloud. Using group signature and active broadcast encryption methods, any cloud client can secretly distribute data among others. Provisionally, the storage load and encryption calculation cost of the proposed method is liberated from the amount of repealed clients. Additionally, the security and performance analysis of the proposed method shows that, much more efficient and secure than all other existing methods.

Index Terms'Active Broadcast Encryption, Cloud, Data distribution, Group Signature.

Today, the people in the world are affected with so many health related problems and there are some health problems which are unknown to the doctors. In that situations the doctors need to know how to treat the patients, to cure this type of health problems. Cloud allows the doctor to share the patient health record to several doctors and ask the treatment which was known by other doctors. Patient Health record and cure method shared in a cloud should be secure. Only authorized doctors are allowed to access the data. Group of doctors those are specialized in specific domain are registered with cloud and use the cloud. Doctor who doesn't know the treatment for a sick can share the patient record to the other doctors in a cloud. The patient record should be in an encrypted form. The authorized doctors can get the patient record and specify the method, prescription and dosage level to cure the sick.
The main tricky issue in a cloud is to provide a security because of the following concerns. 1. Recognizing privacy is the most important problem in a cloud computing. 2. Any member in a group should be capable to store and share the data in a cloud. Groups are generally dynamic in nature. The changes of membership make secure data sharing trickier [9]. The system dares new users to know the content of data stored before their membership, because it is an unattainable for new users to contact with data owners, and get the decryption keys.
Cloud service providers are not fully trusted by the users. To avoid the security and privacy issues, the data stored in a cloud should be in a non-readable form and only allow authorized user to access the data. For that, many algorithms are proposed. Those are Attribute Based Encryption (ABE), Fine-grained Access Control, Asymmetric Encryption, Identity Based Encryption (IBE), Message Authentication Code (MAC), Homomorphic Linear Authentication (HLA) and etc., in those approaches, data owner store the data in an encrypted form and deliver the decryption keys only to authorized users. So the unauthorized users and third party CSP cannot know the data stored in a cloud.
Yu et al. [17] presented a secure, scalable fine grained access control in a cloud computing based on an attribute based encryption. But this scheme requires high computation. Lu et al. [10] presented a secure provenance by cipher text policy attribute based encryption which allows any user to share data with others. This scheme is failed to support the user revocation efficiently. Boneh et al. [3] presented an Identity Based Encryption from the Weil Pairing which provides the security against chosen ciphertext attack. This scheme has a problem to build chosen cipher text secure IB systems. Goyal et al. [6] presented a scheme called Attribute based encryption for fine grained access control of encrypted data which provides a security against chosen ciphertext attack, but has problem to hide the set of attributes. Erway et al. [5] presents a dynamic data possession maintains provable updates to stored data but this system slowdown the performance.
To overcome the demerits listed above, propose a secure data sharing scheme in a cloud. The main contributions of this scheme include:
1. This scheme allows user in a group can share secret data with others.
2. This scheme efficiently supports the dynamic group. New users can read the data in a cloud without asking permission from data owners. Revocation of user can be done through the revocation list generated by the group manager.
3. Private keys of the remaining users won't be changed.
The remainder of this paper is organized as follows: Section 2 gives the survey of literature. Section 3 gives the proposed system. Section 4 has the experimental setup. Performance was analyzed in section 5. Section 6 has the conclusion.
In [6], Goyal et al. proposed an Attribute Based Encryption for Fine Grained Access Control of Encrypted Data that develops a cryptosystem called Key Policy Attribute Based Encryption (KP-ABE). In that system ciphertexts are marked with the set of attributes and user private keys are related with the access control that specifies which part of encrypted data is able decrypt by the specified users. This system uses the audit log information and broadcast encryption. This system supports the allocation of private keys which includes the Hierarchical Identity Based Encryption (HIBE).This system leaves the open problem to hide the set of attributes.
Yu et al. [17] proposed a secure, scalable, and fine grained data access control in cloud computing. This system defines and enforces access policies based on attributes. Allow the data owner to hand over most of the computation tasks to the cloud without revealing the data contents. This system uses the Key Policy Attribute Based Encryption (KP-ABE) for achieving fine grained access control and new user membership. This system combines the Proxy Re-encryption and Lazy Re-encryption for user revocation. This scheme achieves confidentiality and accountability. This system requires high computation overhead of cloud.
Lu et al. [10] proposed a new secure provenance: The essential bread and butter of data forensics in cloud. Secure provenance is a method to trace the ownership and process record of data objects. This system uses the bilinear pairing techniques. This system provides the confidentiality for the user data. But computation overhead is high because it requires handling multiple keys.
Wang et al. [13] proposed a Privacy Preserving Public Auditing for Secure Cloud Storage. This paper is to enable the auditability for ensuring the integrity of data in a cloud by using the third party auditor (TPA). TPA should not learn the data in a cloud. For that homomorphic linear authenticator and masking is used. This method is safe and proficient at single user setting. It failed to support multi user environment.B. Wang et al. [16] proposed a system Knox privacy preserving auditing for shared data with large groups in the cloud. In a cloud the data is stored and exclusively shared with multiple users in a group. The quantity of data and time taken by the TPA are not concerned with the number of users in a group. But the computation cost of this system is higher.
Limitations in a cloud security can be overcome, by proposing a method which uses group signature. This successfully removes the necessity to rely on the storage server for preventing unauthorized access and this scheme efficiently supports the user revocation. Storage and encryption overhead are free from the amount of revoked users.

The proposed approach is partially related to several recent works in the cloud. Ateniese et al. [1] proposed provable data possession (PDP), which permits a user to confirm the integrity of data stored at cloud without reclaiming the entire data. However, this method is only fitting for static data. To develop the competence of verification, Ateniese et al. [2] proposed scalable and efficient provable data possession with symmetric keys. Regrettably, this method cannot maintain public verifiability and only suggests each user a limited amount of verification desires.
Juels and Kaliski [8] proposed a model called proofs of retrievability (POR), which is capable to verify the suitability of data on a cloud. The novel data is inserted with a set of casually prized test blocks called sentinels. The confirmer dares the cloud by identifying the location of a group of sentinels, and by raising the cloud to revisit the linked sentinel values. Shacham and Waters [12] proposed two developed POR mechanisms, which are fabricated on BLS signature and pseudo random function. Wang et al. [15] used the Merkle hash tree for the construction of a public auditing system with entirely dynamic data.
Hao et al. [7] proposed an active public auditing system based on RSA. Erway et al. [5] proposed an active PDP founded on the rank based valid dictionary. Zhu et al. [19] proposed index based hash tables to maintain entirely active data. To guarantee the rightness of users data stored on several servers, Wang et al. [14] proposed homomorphic tokens and cutting codes in the inspection process.
Wang et al. [13] utilized data privacy by public inspection in the cloud. In this method, the TPA is capable to verify the reliability of cloud data but cannot get any confidential data. Zhu et al. [18] proposed a method to protect the data confidentiality from the TPA. Regrettably, it was not willingly scalable to inspecting the veracity of data distributed among a bulky amount of users in the group.
Let Ga be an additive cyclic group and Gm be a multiplicative cyclic group of order p. Then bilinear map e can be Ga?? Ga' Gm. Bilinear map possess the following properties:
1. Bilinear: For all m, n ?? Z and U, V ?? Ga,
e(mU , nV) = e( U , V)mn.
2. Non degenerate: There exists a point U such that
e( U , U) ' 1.
3. Computable: For any U, V ?? Ga there is an efficient algorithm to compute e( U , V ).
q-strong Diffie Hellman Assumption (q SDH):
Given (U1, U2, ??U2, ??2U2' ??qU2), it is impossible to calculate U1, where x ?? Z.
Decision Linear Assumption (DLA):
Given U1, U2, U3, mU1, nU2, cU3, it is impossible to decide whether m + n=c mod p.
Weak Bilinear Diffie Hellman Exponent Assumption (WBDHE):
For any m ?? Z, given D, mD, m2D' mlD, U ?? Ga, it is impossible to calculate e( D, U)1/m.
(t,n) general Diffie Hellman Exponent Assumption (GDHE):
Let f(H) = ??ri=1 (H + xi) and g(H) = ??n-ri=1(H +xi') be two arbitrary univariate polynomials. For any y, ?? ?? Z, then F0, ??F0' ??t-1F0, ??f(??)F0,U0 ' ??t-1U0, yg(??)P0 ?? Ga and e(F0,P0)f2(??)g(??) ?? Gm, it is impossible to calculate e(F0,P0)yf(??)g(??)?? Gm
To reach secure data distribution for active groups in the cloud, this paper combines the group signature and active broadcast encryption methods. Specifically, the group signature method permits members to mysteriously use the cloud resources, and also the active broadcast encryption method allows the data owners to safely distribute data files among others as well as new connecting members.
Regrettably, every member has to calculate revocation factors to safe the confidentiality from the revoked members in the active broadcast encryption method, which consequences in both the calculation overhead of the encryption and the amount of the ciphertext raise with the amount of revoked members. Accordingly, the weighty overhead and bulky ciphertext range may hamper the agreement of the broadcast encryption method to capacity limited members.
To deal with this tricky issue, the group manager calculates the revocation factor and constructs the outcome openly available by moving that into the cloud.

Fig.1. Secure cloud data storage system
Fig 1 shows that the overall architecture of the proposed system. Group Manager is responsible for new client membership and client repeal.

System Initialization
The group manager computers the system factors and performs the system initialization as follows:
' Creating a bilinear map system M= (p, Ga, Gm, e(.,.)).
' Choosing two arbitrary elements P, P0?? Ga beside with two arbitrary numbers ??1, ??2?? Z, and calculating A = ??1-1 P & B = ??2-1P ?? Ga such that ??1.A = ??2.B = P. Additionally, the group manager P1= ??1P0and P2 = ??2P0?? Ga.
' Arbitrarily selecting two elements U, F ?? Ga and a number ?? ?? Z, and calculating E = ??.U, D = ??.F and X = e(F,U), correspondingly.
' Publishing the system factors including (M,U,P,P0,P1,P2,A,B,E,D,X,f,f1,Enc()), where f is a one way hash function {0,1}* ' Z ; f1 is hash function {0,1}* ' Ga and Enc() is symmetric encryption algorithm.
(??, ??1, ??2, F) is a group manager master key that will be kept secret.
For member i with identity IDi the group manager arbitrarily chooses a number xi ?? Z and calculates Ii, Ji by the following
Ii = ?? Ga ______ (1)
Ji= .F ?? Ga __________ (2)
Subsequently, the group manager puts (Ii, xi, IDi) into the member list. Then member i get a (xi, Ii, Ji) as a private key.
Revocation operation is carried out by the group manager through a publicly available revocation list (RL), founded on which group users can encrypt the files and guarantee the privacy against the revoked members.
IDgroup I1 I2

Table.1. Revocation List
IDgroup is a group identity, Ii is a partial private key of user i, t is a revoked time, tRL represent the freshness of the RL, and sig(RL) = ??f1(RL). Hence the group manager moves the RL to cloud.
Data Generation
The group user performs the following activities to store and distribute the data in a cloud:
' User sends the IDgroup to the cloud. The cloud considers it a request for RL, and then cloud sends the RL to user.
' User can check the validity of RL by ensuring the signature and date of RL. If the RL is worthless then user ignores the scheme.
' Choose the unique data identity IDdata. The key can be selected by the two ways:
1. If no revoked member in RL:
C1 = k.D ?? Ga
C2 = k.U ?? Ga
K = Xk ?? Gm
2. If r revoked members in RL:
C1 = k.D ?? Ga
C2 = k.Ur ?? Ga
K = Xrk ?? Gm
' Encrypt the data M. and choose the arbitrary number ?? and calculating f(??). Adds (IDdata, ??) into local storage.
' Upload the encrypted data to cloud by signing the encrypted data.
1. Pseudo code for signature generation:
Input: Private key (A, x) system parameter (U, A, B, P, E) and data M.
Output: Group signature on M.
Choose arbitrary numbers , , , , , Z
Put = x , = x
Computes the following values
T1= .A
= .B
= + ( + ).P
= .A
= .B
= e e
= . - .A
= . - .B
Put c = f(M, )
= + c
= + c
= + cx
= + c
= + c
Return = ( )

2. Pseudo code for signature verification
Input: System factors (U, A, B, P, E, M) and signature = ( )
Output: True or False.
Compute the following values
= .A ' c.
= .B ' c.
= )ce e
= . - .A
= . - .B
If c=f (M, T1, T2, T3, , , )
Return True
Return False
3. Pseudo code for Revocation verification
Input: System factor (P0, P1, P2), a group signature ??, and a set of revocation keys I1,...,Ir
Output: legal or Illegal.
Set temp = e(T1, P1)e(T2, P2)
for i = 1 to n
if e(T3 ' Ii, P0) = temp
Return legal
end if
end for
Return Illegal

4. Pseudo code for parameter computing:
Input: The revoked user factors (U1, x1)' (Ur, xr), and user partial private key (I, x).
Output: Ir,r or Empty.
Set temp = I
for ?? = 1 to r
if x = x ??
return Empty
set temp = (U?? - temp)
return temp

Data Deletion
Either data owner or group manager can delete the file in a cloud. The data owner gets the (IDdata, ??) from the local storage. Call the group signature algorithm to calculate the signature on (IDdata, ??) and send the signature to a cloud for deletion request. Then cloud check the signature and compute the f(??). If both the hash values are equal then cloud deletes the file. Group manager can delete the file by calculating signature ??f1(IDdata), then send the signature with the IDdata to cloud. The cloud check the signature by equating e(??f1(IDdata).U) = e(E,f1(IDdata)). If both are equal then cloud will delete the file.
Data Access
To access the data stored in a cloud, user performs the following:
' User uses the partial private key (I, x) and compute the signature u on (IDgroup, IDdata,t) and send the (IDgroup, IDdata,t, u) to the cloud then cloud sends the requested data after verifying the validity of signature.
' The user verifies the validity of RL.
' Check the validity of data and compute the key without asking to the data owner. It includes the three cases:
a) If (tdata< t1) no user revoked before the data was uploaded
Then key can be
K = e(C1, I) e(C2, J)
b) If (ti< tdata< ti+1) i users revoked before the data was uploaded
Key K = e(C1, Ii,r) e(C2, J)
Ii,r = U
c) If (tr< tdata) r users are revoked before the data file was uploaded
Key K = e(C1,Ir,r) e(C2, J)
Ir,r = U
The test setup uses the 512 MB RAM, 80 GB hard disk and 2 GHz processor. Java language with miracl library is used in windows OS and java with PBC library is used in OS Ubuntu. Cloudsim is used for creating a cloud environment. The setup is simulated by using java programming language with GMP Library, Miracl Library, and PBC Library. The simulation contains three factors: 1. client side, 2. manager side, side. Together client and manager Progressions are behavioral on a laptop. The cloud process is implemented on a machine that equipped with Core 2 2.3 GHz, DDR3 RAM 2G, Ubuntu.
For simulation, elliptic curve algorithm with 160 bit is used, which delivers a reasonable security level with 1,024 bit RSA algorithm. By using the PBC Library to produce a bilinear map for system initialization. Especially, use the pbc_test.h header file with function pbc_demo and parameters a.param in the subdirectory of the PBC Library to set TypeA coupling factors. TypeA couplings express the symmetric bilinear couplings that are built on the curve y2 = x3 + x over the field Fp for some prime number q = 3 mod 4. The entrenching degree k is 2, and Gm is a subgroup of Fp2. The order p is certain prime element of q + 1. For protected usage, initialize p = 160 bit and q = 512 bit, respectively. The functions f and f1 are the hash functions constructed by the element_from_hash in the system factors. Furthermore, use the AES encryption algorithm to designate the Enc() symmetric encryption. For suitability, a distributed file factor.txt is used to store the other factors including U, P, P0, and P1...

Computation cost:
Computation cost of cloud and client is considered tolerable, even when the amount of withdrawal clients are enormous. Table 3 shows the computation cost of ABE, ODBE and group signature. From the table 3, analyzed that computation cost of group signature is very tolerable than ABE and ODBE.

Method The amount of repealed clients
0 20 40 60 80
File Creation (100 MB)
ABE 1.62 1.98 2.08 2.17 2.45
ODBE 1.4 1.8 1.85 2.05 2.3
Group sign 1.403 1.392 1.406 1.402 1.403

ABE File Access (100 MB)
1.8 2.02 2.35 2.54 2.95
ODBE 1.6 1.85 2.2 2.44 2.8
Group sign 1.579 1.678 1.746 1.824 1.949

ABE File Deletion (100 MB)
1.8 2.02 2.35 2.54 2.95
ODBE 1.6 1.85 2.2 2.44 2.8
Group sign 1.579 1.678 1.746 1.824 1.949

Table 3.Comparision of client computation cost among ABE, ODBE and Group signature.
Performance of the proposed system is analyzed in terms of storage and computation cost.
Without lack of simplicity, setting p = 160 and the constituents in Ga and Gm to be 161 and 1,024 bit, correspondingly. Additionally, adopting the size of the data uniqueness is 16 bits, which revenue a group ability of 216 files. Likewise, the size of clients and group originality are also fixed as 16 bits.
Group manager: In the proposed system, the major private key of the group manager is (??, ??1, ??2, F) ?? Ga ?? Zq. In addition, the client list and the distributed file list should be deposited at the group manager. Considering the system with 200 clients and assuming that each client distribute averagely 50 files, the total storage capacity of the group manager is (80.125 + 42.125 * 200 + 2 * 10000) * = 28.5 KB, which is very tolerable.
Group members: Ultimately, each client in a proposed system only requires to store their private key (Ii, Ji, xi) ?? ?? Zq, which is almost 60 bytes. There exists a balance between the storage and the calculation overhead. E.g., the four coupling process containing (e(P, E), e(P, U), e(U, U), e(Ii, U)) ?? can be precomputed one time and kept in a cloud for the group signature creation and authentication. Hence, the total storage of every clients is almost 572 bytes.
The extra storage overhead in the cloud: In a proposed system, C is the ciphertext of the data in the symmetric encryption algorithm, the additional overhead to store the data is about 248 bytes, which contains (IDgroup, IDdata, C1, C2, C, f(??), tdata, ).
Computation cost:
Assessment on calculation cost of users for file creation process between the proposed system, ABE, and the method that straightly using the original dynamic broadcast encryption algorithm (ODBE).

Fig 2. Comparison on client computation cost for file creation among ABE, ODBE and group signature.

Fig 3. Comparison on client computation cost for file access among ABE, ODBE and group signature

Fig 4. Comparison on client computation cost for file deletion between ODBE and group signature
From the fig 2, 3, 4 perceived that the calculation cost in proposed system is extraneous to the amount of repealed users. In contrast, the calculation cost growths with the amount of repealed clients in ODBE and ABE.
The Main application in a cloud is healthcare and stock market. This paper focuses a protected data distributing method in a cloud. For the efficient and secure data distribution, group signature and active broadcast encryption method is used. Moreover, this method maintains the proficient client withdrawal and novel client linking. In particularly, competent client withdrawal can be accomplished over a public revocation list, that is free from changing the reserved keys of the remaining clients, and new clients can openly decrypt the data's kept in the cloud before their membership. Additionally, the storage and encryption calculation costs are constant. Broad analysis shows that this proposed method fulfills the preferred security needs and guarantees proficiency as well.
This experimental was tested at the Centre for Network Troubleshooting of the Adithya Institute of Technology, Coimbatore, India.
[1] Ateniese G, Burns R, Curtmola R, Herring J, Kissner L, Peterson Z and Song D,' Provable Data Possession at Untrusted Stores' In: Proc. ACM (CCS 07). pp. 598' 610, Oct 2007.
[2] Ateniese G, Pietro R.D, Mancini L.V, Tsudik G,'Scalable and Efficient Provable Data Possession' In: Proc. ACM (Securecomm 08), pp. 1'10, Sep 2008.
[3] Boneh D and Franklin M, 'Identity Based Encryption from the Weil Pairing,' Proc. Int'l Cryptology Conf. Advances in Cryptology (CRYPTO), Volume 2139, pp. 213-229, Aug 2001.
[4] Delerablee C, Paillier P, and Pointcheval D, 'Fully Collusion Secure Dynamic Broadcast Encryption with Constant Size Ciphertexts or Decryption Keys,' Proc. First Int'l Conf. Pairing-Based Cryptography, volume 4575, pp. 39-59, July 2007.
[5] Erway C, Kupcu A, Papamanthou C, Tamassia R 'Dynamic Provable Data Possession' Proc. ACM (CCS 07), volume 2008, pp. 213'222, Jan 2008.
[6] Goyal V, Pandey O, Sahai A, and Waters B, 'Attribute Based Encryption for Fine Grained Access Control of Encrypted Data,' Proc. ACM (CCS 07), pp. 89-98, Nov 2006.
[7] Hao Z, Zhong S, Yu N,'A Privacy Preserving Remote Data Integrity Checking Protocol with Data Dynamics and Public Verifiability, IEEE Transactions on Knowledge and Data Engineering, Volume 23, Issue 9, pp.1432'1437, Sep 2011.
[8] Juels A, Kaliski B S,' PORs: Proofs of Retrievability for Large Files' Proc. ACM (CCS 07), pp. 584'597, Oct 2007.
[9] Liu X, Zhang Y and Yan J 'Mona: Secure Multi Owner data sharing for dynamic groups in the cloud' Proc. IEEE Transactions on parallel and distributed systems, volume 24, no 6, June 2013.
[10] Lu R, Lin X, Liang X, and Shen X, 'Secure Provenance: The Essential of Bread and Butter of Data Forensics in Cloud Computing,' Proc. ACM (ASIACCS 10), pp. 282-292, Apr 2010.
[11] Naor D, Naor M, and Lotspiech J B, 'Revocation and Tracing Schemes for Stateless Receivers,' Proc Springer (CRYPTO), Volume 2139, pp. 41-62, Dec 2001.
[12] Shacham H, Waters B.' Compact Proofs of Retrievability' In: Proc. Springer (ASIACRYPT), Volume 5350, pp. 90'107, Dec 2008.

[13] Wang C, Wang Q, Ren K., Lou W,' Privacy Preserving Public Auditing for Secure Cloud Storage' In: Proc. IEEE Transactions on computers, Volume 62 Issue 2, pp. 362 - 375, Feb 2013.
[14] Wang C, Wang Q, Ren K, Lou W,' Ensuring Data Storage Security in Cloud Computing' In: Proc. IEEE (IWQoS 17). pp. 1'9, July 2009.
[15] Wang Q, Wang C, Li J, Ren K., Lou W,' Enabling Public Verifiability and Data Dynamic for Storage Security in Cloud Computing' In: Proc. Springer (ESORICS), volume 5789. pp. 355'370, Sep 2009.
[16] Wang, B., Li, B., and Li, H., 'Knox: Privacy Preserving Auditing for Shared Data with Large Groups in the Cloud,' Proc. Springer (ACNS), volume 7341, pp. 507-525, June 2012.
[17] Yu S, Wang C, Ren K, and Lou W, 'Achieving Secure, Scalable, and Fine Grained Data Access Control in Cloud Computing,' Proc. IEEE conf on Information communications (INFOCOM 10), pp. 534-542, March 2010.
[18] Zhu Y, Hu H, Ahn G.J, Yau S.S,' Efficient Audit Service Outsourcing for Data Integrity in Clouds' Journal of System and Software volume 85, issue 5, pp. 1083'1095, May 2012.
[19] Zhu Y, Wang H, Hu Z, Ahn G.J, Hu H, Yau S.S,' Dynamic Audit Services for Integrity Verification of Outsourced Storage in Clouds' In Proc. IEEE Transactions on Services Computing, Volume 6 , Issue 2, pp. 227 - 238, April 2013.

Source: Essay UK -

About this resource

This Information Technology essay was submitted to us by a student in order to help you with your studies.

Search our content:

  • Download this page
  • Print this page
  • Search again

  • Word count:

    This page has approximately words.



    If you use part of this page in your own work, you need to provide a citation, as follows:

    Essay UK, Preserving Security In A Cloud By Using Group Signature. Available from: <> [28-05-20].

    More information:

    If you are the original author of this content and no longer wish to have it published on our website then please click on the link below to request removal: