CIPHERTEXT POLICY ATTRIBUTE BASED ENCRYPTION

ABSTRACT

In Ciphertext Policy Attribute based Encryption scheme, the encryptor can fix the policy, who can decrypt
the encrypted message. The policy can be formed with the help of attributes. In CP-ABE access policy is
sent along with the ciphertext . We propose a method in which the access policy need not be sent along
with the ciphertext. By which we are able to preserve the privacy of the encryptor. In this work we
present a system for realizing complex access control on encrypted data that we call Ciphertext-Policy
Attribute-Based Encryption. By using our techniques encrypted data can be kept confidential even if the
storage server is untrusted. The proposed construction is secure under Bilinear Diffe- hellman
assumption. Cloud computing is the significant computing which allows the users to store data in cloud.
This work implements a Attribute-Based access to the media in the cloud where it uses cipher-text
policy Attribute Based Encryption technique(C-PABE) to create an access control structure.

Keywords:

Cloud computing, Access policy, Attribute based Encryption, Ciphertext

INTRODUCTION:

In cloud data security system is implemented on Attribute Based Encryption. Attribute Based Encryption
is a new paradigm in designing a strong crypto system among the different Attribute Based Encryption
.ABE schemes comes into complementary form namely KP-ABE and CP-ABE. In KP-ABE policy structure
are associated with keys and attributes are associated with encrypted message. CP-ABE is used often. CP-
ABE is an encryption scheme where a policy structure is associated with a encrypted data and attributes
are associated with the keys. In this encryption schemes four algorithms are used for flexibility in
designing the crypto system. These are 1.setup phase, where the public(PK) and master key(MK)are
generated , 2. Key generation phase where, the session key(SK, also called private key) is generated, 3.
Encryption phase, where access structure (policy), message and public key(PK) are used to generate the
cipher message(CT) and similarly in the decryption based the cipher text , private key, public key are the
input to decipher the encrypted message (CT).

ABE is a type of public key encryption in which the secret key of the user and the cipher text are
depended upon the attributes. e.g. The country in which he lives ,or the kind of subscription he has) A
crucial security aspect a Attribute Based Encryption is collusion –Resistance. The concept of Attribute
Based Encryption was first proposed by Amit Sahai. Recently ABE has been applied in building a variety
of secure system. These systems motivate the need for ABE construction in practical. First Sahai view the
construction most natural has key policy ABE using threshold gates and later they transfer KP-ABE
system into CP-ABE system. Sahai generalize the transformation approach to show how to transform a
KP-ABE to CP-ABE using universal access tree. A complete access tree of depth d consisting of threshold
gates of input size ‘m’ where ‘m’ and ‘d’ are chosen by the set of algorithm. In many situation a user
encrypt the sensitive data, it is imperative to establish a specific access control policy on whom can
decrypt this data. This type of access control is enforced by employing an untrusted server to store the
data.
LITERATURE REVIEW

The concept related to attribute based encryption have been mentioned in the literature(Cocks 2001,
Boneh et al 2001), Sahai and Waters(2005)ABE scheme to be the first Attribute Encryption scheme with
support policies with a single threshold gate.To overcome this limitation (Pirretti et al 2006, Traynor et
al 2008) uses massive conditional access system over a single threshold gate. Bobba et al 2009 enhance
the ABE scheme to KP-ABE and CP-ABE .As the name indicate KP-ABE attribute policies(policy structure)
are embedded with the key and attributes are embedded in data.

CP-ABE scheme (Bethencourt et al 2007,Cheung & Newport 2007) work in the reverse in the sense that
in CP-ABE , policy structure are embedded in data and attribute in keys. Boneh proposed Hierarchical
Attribute based Encryption(HIBE) system which includes efficient encryption time and forward secure
encryption. The Fuzzy Attribute Based Encryption was proposed by Sahai et al. 2005. Chase at al. 2007
extended this Fuzzy Identity Based Encryption(FIBE) system with multi authority Attribute Based
Encryption. The cipher text policy attribute set Based encryption scheme proposed by Bobba et al. 2009
is the first to organize user attribute in keys and allows user to report dynamic constraint on attributes
to satisfies policies. This allow the scheme more flexible and efficiency when supported with compound
attribute.

METHODOLOGY
SECURITY ANALYSIS:

The functionalities of ideal ABE are listed as follows:

1.Data Confidentiality:

Unauthorised user is prevented from accessing the plain text of the data i.e. Unauthorised participants
can not know the information about the encrypted data. In this case the unauthorised user do not have
enough attributes satisfying the access policy. Thus, unauthorised access from KGC as well as data
storing centre to the plain text of the encrypted data should be prevented.

2.Collusion Resistance:

The dishonest users can not combine their attributes to decrypt the encrypted data. Collusion
Resistance is one of the important security property required in ABE systems. If multiple users collude
,they may be able to decrypt a cipher text by combining their attributes even if each of the user’s can not
decrypt the cipher text alone.
3. User/Attribute revocation:

The schemes can revoke the access right of the person who quit the system.

PROPOSED ALGORITHM DESIGN

In this proposed model the access policy need not be sent along with the ciphertext,by which we are able
to preserve the privacy of the encryptor. By using our techniques encrypted data can be kept confidential
even if the storage server is untrusted.

CONCLUSION AND FUTURE SCOPE

In this work public key encryption schemes, RSA, Elliptic Curve cryptography are studied .Cipher text
policy attribute based Encryption solve the problem of accessing the data from the untrusted server. Data
Owner(Encryptor ) defined policy and Decryptor need to satisfies the policy to get cipher text message
from the storage node. The Cipher text policy Attribute Based Encryption Scheme is implemented in CP-
ABE toolkit and the limitation of CP-ABE public key Crypto system is summarized . A more secure an
improve CP-ABE proposed scheme is described with its system architecture and its algorithm is shown
in Chapter 5. The future scope of a proposed system can be extended to block unauthorized users and it
can also be extended to encrypt and decrypt the spatial data.
REFERENCES

1. Victor Miller and Neil Koblitz ,”Elliptic curve cryptography: invention and impact” in 1985.
2. M. Chase. Multi-authority attribute-based encryption. In (To Appear) The Fourth Theory of
Cryptography Conference (TCC 2007), 2007.
3. C. Cocks. An identity based encryption scheme based on quadratic residues. In IMA Int. Conf.,
pages 360– 363, 2001.
4. D. Boneh and M. Franklin. Identity Based Encryption from the Weil Pairing. In Advances in
Cryptology – CRYPTO, volume 2139 of LNCS, pages 213–229. Springer, 2001.
5. M. Pirretti, P. Traynor, P. McDaniel, and B. Waters. Secure Atrribute-Based Systems. In ACM
conference on Computer and Communications Security (ACM CCS), 2006.
6. A. Sahai and B. Waters. Fuzzy Identity Based Encryption. In Advances in Cryptology – Eurocrypt,
volume 3494 of LNCS, pages 457–473. Springer, 2005.
7. A. Shamir. Identity Based Cryptosystems and Signature Schemes. In Advances in Cryptology –
CRYPTO, volume 196 of LNCS, pages 37–53. Springer, 1984.
8. V. Goyal, O. Pandey, A. Sahai, and B. Waters. Attribute Based Encryption for Fine-Grained Access
Conrol of Encrypted Data. In ACM conference on Computer and Communications Security (ACM
CCS), 2006.
9. J. Bethencourt, A. Sahai, and B. Waters. The cpabe toolkit. http://acsc.csl.sri.com/cpabe/.

10. R. Bobba, H.Khurana and M.Prabhakaran,” Attribute sets: A practically motivated enhancement to
attribute-based encryption.” In proc. ESORICS, Saint Mallo, France,2009.
11. Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: IEEE
Symposium on Security and Privacy, SP 2007, pp. 321–334. IEEE (2007)
12. Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access
control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and
Communications Security, pp. 89–98. ACM (2006)
13. Waters, B.: Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably
secure realization. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol.
6571, pp. 53–70. Springer, Heidelberg (2011).
14. J. Bethencourt, A. Sahai, and B. Waters, “Ciphertext-policy attributebased encryption,” in Proc. IEEE
Symp. Security Privacy,2007, pp. 321–334.
15. [1] David F. Ferraiolo and D. Richard Kuhn,” Role-Based Access Controls” 15th National Computer
Security Conference (1992) Baltimore, Oct 13-16, 1992. pp. 554 – 563
16. V. Goyal, O. Pandey, A. Sahai, and B. Waters. Attribute Based Encryption for Fine-Grained Access
Conrol of Encrypted Data. In ACM conference on Computer and Communications Security (ACM
CCS), 2006.
17. B. Lynn. The Pairing-Based Cryptography (PBC) library. http://crypto.stanford.edu/pbc.
18. . D. Boneh and M. Franklin. Identity-based encryption from the weil pairing. In SIAM Journal of
Computing, 2003