Cloud Security Using Visual Cryptography

Soumya.S.Hegde, M.Tech 4th semester and Bhaskara Rao.N, Professor, Dayananda Sagar College of Engineering, Bangalore.

Abstract This paper proposes a method of providing cloud security by using Visual Cryptography. Data access security is provided by this scheme. Visual Cryptography is applied to the confidential data like finger prints and credit card numbers in the image form and two meaningful shares are generated. One share is placed on one server and another on the other server. This scheme provides security to the stored confidential data against malicious insider, at each server site. Since the shares are meaningful, they do not attract the attention of the internal hackers. Index Terms Cloud Security, Cover images, Malicious insider threat, Meaningful shares, Visual Cryptography.

paper is organized as follows: section 2 introduces the proposed method for cloud security using visual cryptography. Section 3 gives the experimental results to show the effectiveness of this scheme and this paper is finalized in section 4. II PROPOSED METHOD In this scheme, called Visual Secret Sharing Scheme, the confidential data in the image form is hidden in the two separate meaningful shares. Each meaningful share is placed at different server locations. A single share cannot reveal the secret. Both the shares should be combined to decode the secret. The technique uses bitwise XOR operation to generate the visual shares. The generated shares are made meaningful by using the cover images. This scheme involves two phases: Share generation and storing at different locations (encoding phase) and Secret image recovery by combining the individual shares (decoding phase). Encoding Phase: The input is the confidential data in the form of a black and white Secret image represented by matrix A of size mxn. The elements of A are 0s and 1s with 0 representing the black pixel and 1 the white pixel. Initial share sh1 is generated as a random image of 0s and 1s. The Second share, sh2 is generated by performing bitwise XOR operation of sh1 with the secret image A as follows. sh1 = R1 (1) where, R1 is a random binary matrix of size mxn.

I. INTRODUCTION Cloud computing is a technology that uses the internet and central remote servers to maintain data and applications. Cloud computing allows consumers and businesses to use applications without installation and access their personal files at any computer with internet access. This technology allows for much more efficient computing by centralizing storage, memory, processing and bandwidth. We dont need software or servers to use them. All a consumer would need is just an internet connection and can start cloud computing. The server and email management software is all on the cloud ( internet) and is totally managed by the cloud service provider. The consumer gets to use the software alone and enjoys the benefits. Here, Cloud Security is a major Concern [1]. Security concerns arise because both customer data and program reside in Provider Premises. Security should be provided at the following levels: 1) Server access security. 2) Internet access security. 3)Database access security. 4)Data privacy security. 5) Program access Security. In general, text encryption/decryption methods like AES, RSA etc. are used for cloud security. In this paper we use Visual Cryptography for providing data access security. Visual Cryptography is a technique of encrypting a secret image into two or more shares [2]. The secret image can be decrypted by overlapping two or more shares. In conventional Visual Cryptographic scheme, the shares are random images having meaning less appearances. This may arouse the suspicion of hackers. Hence, in our method, nice-looking meaningful images are used as the covers to the shares. The rest of the

sh2 sh1 A
(2) where, Symbol represents bitwise XOR operation. The two shares generated are random looking shares and hence appear meaningless. Now from the property of XOR operation, it can be seen that,

sh1

sh2 sh1

sh1

(3) Thus, combining sh1 and sh2 through XOR reveals A. Selection of Cover image: Cover image is a grayscale image of the same size as that of the secret image. For some special cases the cover image can be the photograph of the owner of that confidential data. Generation of Meaningful shares The cover image is customized by mixing a random noise to

it so that it is now different in its pixel values from the original cover image. Let C be the cover image matrix of size mxn and let R2 be a random matrix of 0s and 1s of the same size as C. Then get the customized cover image D as,

stored in one server and the other share is stored in another server, not easily accessible from the first server. Decoding Phase: The decoding phase is performed by the legitimate user. He accesses the two meaningful shares from the two different servers and decodes the secret image by XORing the two meaningful shares. From Eqs.(5) and (6),

D C

R2

(4) Since each pixel of the cover image is an 8 bit unsigned integer, (because the cover image is a grayscale image having pixel values ranging from 0 to 255) and since the random matrix R2 is made of only one bit number representing either black or white (0 or 1), only the LSB of the each byte in the cover image is affected. Therefore the customized cover image looks same as the original cover image. If the cover image is used directly, then there is a chance that a hacker, after somehow getting hold of the cover image, may pose a security threat.. So, this step is provides extra security. Meaningful shares designated as msh1 and msh2 are generated by XORing the random looking shares with the customized cover image as follows.

msh1

msh2

sh1

sh2

sh1

sh2

(7) From Eqs.(7) and(3),

msh1 msh2 sh1 sh2 A

(8) The Decoding phase is given in Algorithm 2. Algorithm 2: Decoding Input: Two meaningful shares msh1 and msh2. Output: Decoded Secret image I. Procedure DECODE (msh1, msh2) 1. Decode the secret image A as,

msh1 sh1 D
(5)

msh1 msh2

msh2 sh2

The encoding and decoding phases are depicted in Fig.1 and Fig. 2 respectively.

(6) Here, sh1 and sh2 are binary images and the customized cover image D is a gray scale image. Hence only the LSB of each byte of D affected. Therefore, the meaningful shares look same as the customized cover image. For example, if a pixel value of the cover image is 255 and if a pixel value of the randomly looking share is 1, then XORing these two pixels results in a pixel value of 254 (11111111 XOR 00000001 is 11111110) which is only about 0.4 % change. Share Generation phase is given in Algorithm 1. Algorithm 1: Share generation Input: A 2-Dimensional black and white secret image A of size m x n and a grey scale cover image C of size m x n. Output: Two meaningful shares msh1 and msh2. Procedure SHARE GENERATION (A, C) 1. Get the first share sh1 as a binary random matrix as, sh1 R1 2. Generate the second share sh2 by bitwise XORing the first share with the secret image as,

Secret image Visual Cryptography using XOR

Randomly looking share1 Preprocessed Cover image Meaningful share1

Randomly looking share1

Meaningful share2

Server 1

Server 2

Fig.1. Encoding

Server 1 Meaningful share1

Server 2 Meaningful Share 2

sh2

sh1 A

Symbol represents bitwise XOR operation. 3. Mix a random noise matrix R2 to the cover image for extra security to get the customized cover image D as,

D msh1 msh2

R2

Decoded Secret Image

4. Generate meaningful shares msh1 and msh2 as,

sh1 D sh2 D

Fig.2. Decoding

Once the two meaningful shares are ready, one share is

The proposed method provides data access security to the confidential data stored at the server site in cloud computing environment. Since the shares are meaningful, the inside malicious hackers do not pay any attention to it. Even if a hacker gets to know one share, the other share is inaccessible to him because it is located on another far away secured server. With only one share, the confidential data cannot be decoded. This scheme provides good security.

Fig.3e. Meaningful Share 1

Fig.3f. Meaningful Share 2

III.

TEST RESULTS

The experimental results demonstrate an example of applying this scheme to a credit card number. Fig.3a shows the credit card number. This is the confidential data that has to be encrypted. Fig.3b shows the cover image. Here the photograph of the legitimate user Lena is taken as the cover image for easy identification. Fig.3a and Fig.3b are the inputs to encoding phase. The shares in the Fig.3c and Fig.3d are random looking shares. The meaningful shares after encoding are shown in Fig.3e and Fig.3f respectively. One meaningful share is stored at one server and the other meaningful share is stored at the other far away server. In the decoding phase, the Fig.3e and Fig.3f are inputs which are XORed to obtain the secret image given in Fig.3g. It can be seen that Fig.3a and Fig.3g are the same. From the experimental results it can be seen that there is no quality loss in the decoded image. Also the proposed scheme provides non expanded meaningful shares. These are the advantages of the proposed scheme. Another advantage is that this scheme is simple to implement (using XOR) and also robust when compared to other encryption schemes like AES, RSA etc.

Fig.3g. Decoded Secret Image

IV. CONCLUSION

In this paper a new security mechanism in the cloud using Visual Cryptography has been described. The confidential data stored at different server premises is encrypted using the basic principles of visual cryptography. This scheme makes use of simple XOR operation for encryption and decryption. This scheme can be extended for color cover images to handle multiple secrets. Here, each color channel can conceal a separate secret. REFERENCES
[1] Saurab K Prashar. Security issues in cloud computing , serl .iit.ac.in

/cs6600/saurabh.ppt
[2] M. Naor and A. Shamir, Visual cryptography, Proceedings of Advances in Cryptology: Eurocrypt94, Lecture Notes in Computer Science, Vol. 950, pp. 1 - 12, 1995.

Fig.3a.Secret Image

Fig.3b.Cover Image

Fig.3c.Random looking Share 1

Fig.3d.Random looking Share 2