The document presents a project on enhancing cloud security through Attribute-Based Encryption (ABE) to ensure secure authentication. It discusses the limitations of ABE, including inefficiency and expensive decryption, and proposes an improved version with outsourced decryption and verifiability. The project also outlines the implementation of ABE algorithms and presents future scope for a multi-user attribute system in cloud environments.

1. Presented By-
Ankit Raj (1309113012)
Aqib Jamal (1309113017)
Nisha Gupta (1309113056)
Akash Prajapati (1309113008)
Authentication on Cloud using Attribute Based Encryption
Mentor-
Mrs. Archana Saxena

2. • As cloud is widely used for remote access
of information as well as transfer of
information geographically, so there is a
great need of making cloud even more
secure.
• Attribute Based Encryption can help in
increasing the security on cloud.
• ABE is a public-key based one-to-many
encryption that allows users to encrypt
and decrypt data based on user attributes.
Fig 1:Cloud Services[4]

3. Improving Cloud Security for Authentication using Attribute Based
Encryption.

4. • Design and develop attribute based encryption(ABE)
algorithm.
• Use a cloud environment and implement ABE on cloud.

5. • The concept of ABE was first proposed by Amit Sahai and Brent Waters[1]
Sahai and Waters gave two concepts
1. IBE: Concept uses Biometric Identities.
2. Attribute based Encryption: Encrypt a document to all users that have
certain set of attributes.
Contd…

6. Although ABE concept is very powerful and a promising mechanism, ABE systems suffer mainly from
two drawbacks:
• Non-efficiency.
• proposal was much expensive decryption.
Fig 2: ABE scheme[4]
OR

7. In order to reduce the cost of Decryption Lia[2] suggested to outsource the
majority of actual data without revealing private key.
Considering a new requirement of ABE with outsourced decryption: Modifying
the original model of ABE with outsourced decryption proposed by Green to
include verifiability.
A concrete ABE scheme with outsourced decryption and proved that it is secure.
Lin[3] proposed an algorithm that provided a decryption algorithm for ABE,
whose computational time and cost was half as that of traditional decryption
algorithm of ABE.
Contd…

8. If receiver wants to download the file, they have to send request to cloud proxy server.
When proxy server will verify receiver then server will ask for transformation key. This
key will be generated through the attributes of receiver.
Transformation key is used for transforming cipher text into simpler cipher text.
Now simpler cipher text is send to receiver who decrypt simpler cipher text into plain text
using receiver secret key.
Fig:3 System Architecture[2]

10. Encrypt
Cloud Authentication
Cloud
Authority
Consumer
Portal
Consumer Decrypt
Fig. 4: Architecture of ABE on cloud
Owner

11. 1. Setup: Here is the depth of key structure. Take as input a parameter. It outputs a
public key PK and master secret key MK.
2. Key-gen: Takes as input the master secret key MK, user attributes, It outputs a
secret key SK for user u.
3. Encrypt: Takes as input the public key PK, a message M, and an access tree T . It
outputs a ciphertext CT.
4. Decrypt: Take as input a ciphertext CT and a secret key SK for user u. It outputs a
message m . If the key structure A associated with the secret key SK, satisfies the
access tree T, associated with the ciphertext CT, then m is the original correct
message M.

12. Setup Algorithm

13. Key Gen Algorithm

14. Encryption Algorithm

15. Decryption Algorithm

22. Successful Decryption for Authentic User

23. Decryption Fails for Unauthentic User

24. Fig 4: Comparison with other technique[6]

25. • Files stored in cloud can be corrupted. So for this issue
using the file recovery technique to recover the corrupted
file successfully.
• Data loss may occur because replicas of file storage is not
maintained.
• The project can be extended for multi user attribute
system where if all the authorized users are present then
only file can be decrypted successfully. Less than required
authorized users can’t decrypt the file.
Implementation of Attribute Based Encryption is done with
outsource decryption Technique.
Following are the future scope for our project

26. Decrypt

27. [1] A. Sahai and B. Waters, “Fuzzy identity-based encryption,” International
Association for Cryptologic Research, Springer,2005.
[2] J. Lai, R. H. Deng, C. Guan, and J. Weng, “Attribute-based encryption
with verifiable outsourced decryption,” IEEE Trans. Inf. Forensics Security,
vol. 8, no. 8, pp. 1343–1354, Aug. 2013.
[3] Suqing Lin, Rui Zhang, Hui Ma, and Mingsheng Wang,“Revisiting
Attribute-Based Encryption With Verifiable Outsourced Decryption“, IEEE
Transactions On Information Forensics And Security, Vol. 10, No. 10, Feb
2016

28. [4] http://cloudcomputingvilla.com/how-does-cloud-computing-work/
[5] http://ualr.edu/sxyu1/cloud.htm
[6] P.Madhubala, Dr.P.Thangaraj ,” Comprehensive and Comparative Analysis of
Cryptographic Solutions in Cloud,” International Journal of Innovative Research in
Computer and Communication Engineering, Vol. 2, Issue 10, October 2014
[7] Eric Zavattoni, Luis J. Dominguez Perez, Shigeo Mitsunari, Ana H. S´anchez-
Ram´ırez, Tadanori Teruya, and Francisco Rodr´ıguez-Henr´ıquez, ”Software
implementation of an Attribute-Based Encryption scheme,” IEEE Transactions on
Computers, May 2015