Enabling Cloud Storage Auditing With Verifiable Outsourcing of Key Updates

ABSTRACT:

Key-exposure resistance has always been an important issue for in-depth cyber defence in many security applications. Recently, how to deal with the key exposure problem in the settings of cloud storage auditing has been proposed and studied. To address the challenge, existing solutions all require the client to update his secret keys in every time period, which may inevitably bring in new local burdens to the client, especially those with limited computation resources, such as mobile phones. In this paper, we focus on how to make the key updates as transparent as possible for the client and propose a new paradigm called cloud storage auditing with verifiable outsourcing of key updates. In this paradigm, key updates can be safely outsourced to some authorized party, and thus the key-update burden on the client will be kept minimal. In particular, we leverage the third party auditor (TPA) in many existing public auditing designs, let it play the role of authorized party in our case, and make it in charge of both the storage auditing and the secure key updates for key-exposure resistance. In our design, TPA only needs to hold an encrypted version of the client’s secret key while doing all these burdensome tasks on behalf of the client. The client only needs to download the encrypted secret key from the TPA when uploading new files to cloud. Besides, our design also equips the client with capability to further verify the validity of the encrypted secret keys provided by the TPA. All these salient features are carefully designed to make the whole auditing procedure with key exposure resistance as transparent as possible for the client. We formalize the definition and the security model of this paradigm. The security proof and the performance simulation show that our detailed design instantiations are secure and efficient.

AIM & OBJECTIVES:

• In this paper, we consider achieving goal by outsourcing key updates. However, it needs to satisfy several new requirements to achieve this goal.
• Firstly, the real client’s secret keys for cloud storage auditing should not be known by the authorized party who performs outsourcing computation for key updates.
• Secondly, because the authorized party performing outsourcing computation only knows the encrypted secret keys, key updates should be completed under the encrypted state.
• Thirdly, it should be very efficient for the client to recover the real secret key from the encrypted version that is retrieved from the authorized party.
• Lastly, the client should be able to verify the validity of the encrypted secret key after the client retrieves it from the authorized party. The goal of this paper is to design a cloud storage auditing protocol that can satisfy above requirements to achieve the outsourcing of key updates.

EXISTING SYSTEM:

• Yu et al. constructed a cloud storage auditing protocol with key-exposure resilience by updating the user’s secret keys periodically. In this way, the damage of key exposure in cloud storage auditing can be reduced. But it also brings in new local burdens for the client because the client has to execute the key update algorithm in each time period to make his secret key move forward.
• For some clients with limited computation resources, they might not like doing such extra computations by themselves in each time period. It would be obviously more attractive to make key updates as transparent as possible for the client, especially in frequent key update scenarios.
• Wang et al. proposed a public privacy-preserving auditing protocol. They used the random masking technique to make the protocol achieve privacy preserving property.

DISADVANTAGES OF EXISTING SYSTEM:

• Existing system don’t like auditing protocol with verifiable outsourcing of key updates.
• Third party has the access to see client’s secret key without encryption.
• No verification system available for client’s for to check validity of the encrypted secret keys when downloading them from the TPA
• All existing auditing protocols are all built on the assumption that the secret key of the client is absolutely secure and would not be exposed.

PROPOSED SYSTEM:

The main contributions are as follows:

(1) We propose a new paradigm called cloud storage auditing with verifiable outsourcing of key updates. In this new paradigm, key-update operations are not performed by the client, but by an authorized party. The authorized party holds an encrypted secret key of the client for cloud storage auditing and updates it under the encrypted state in each time period. The client downloads the encrypted secret key from the authorized party and decrypts it only when he would like to upload new files to cloud. In addition, the client can verify the validity of the encrypted secret key.

(2) We design the first cloud storage auditing protocol with verifiable outsourcing of key updates. In our design, the thirdparty auditor (TPA) plays the role of the authorized party who is in charge of key updates.

(3) We formalize the definition and the security model of the cloud storage auditing protocol with verifiable outsourcing of key updates. We also prove the security of our protocol in the formalized security model and justify its performance by concrete implementation.

ADVANTAGES OF PROPOSED SYSTEM:

• The TPA does not know the real secret key of the client for cloud storage auditing, but only holds an encrypted version. In the detailed protocol, we use the blinding technique with homomorphic property to form the encryption algorithm to encrypt the secret keys held by the TPA. It makes our protocol secure and the decryption operation efficient.
• Meanwhile, the TPA can complete key updates under the encrypted state. The client can verify the validity of the encrypted secret key when he retrieves it from the TPA.
• The client downloads the encrypted secret key from the authorized party and decrypts it only when he would like to upload new files to cloud. In addition, the client can verify the validity of the encrypted secret key.
• Cloud storage auditing protocol with verifiable outsourcing of key updates
• The client can verify the validity of the encrypted secret key when he retrieves it from the TPA
• The security model of the cloud storage auditing protocol with verifiable outsourcing of key updates.

SYSTEM ARCHITECTURE:

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS:

• System                           :         Pentium Dual Core.

• Hard Disk                      :         120 GB.

• Monitor                         :         15’’ LED

• Input Devices                 :         Keyboard, Mouse

• Ram                               :         1GB. 

SOFTWARE REQUIREMENTS:

• Operating system                    :         Windows 7.
• Coding Language           :         JAVA/J2EE
• Tool                               :         Netbeans 7.2.1
• Database                        :         MYSQL

REFERENCE:

Jia Yu, Kui Ren, Fellow, IEEE, and Cong Wang, Member, IEEE, “Enabling Cloud Storage Auditing With Verifiable Outsourcing of Key Updates”, IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, VOL. 11, NO. 6, JUNE 2016.