INTRODUCTION
Identity (ID)-based public key system (ID-PKS) [1], [2] is an attractive alternative for public key cryptography.ID-PKS setting eliminates the demands of public key infra structure (PKI) and certificate administration in conventional public key settings. An ID-PKS setting consists of users and a trusted third party (i.e. private key generator, PKG). The PKG is responsible to generate each user’s private key by using the associated ID information (e.g. e-mail address, name or social security number). Therefore, no certificate and PKI are required in the associated cryptographic mechanisms under ID-PKS settings. In such a case, ID-based encryption (IBE) allows a sender to encrypt message directly by using a receiver’s ID without checking the validation of public key certificate. Accordingly, the receiver uses the private key associated with her/his ID to decrypt such cipher text. Since a public key setting has to provide a user revocation mechanism, the research issue on how to revoke misbehaving/compromised users in an ID-PKS setting is naturally raised.
In conventional public key settings, certificate revocation list (CRL) [3] is a well-known revocation approach. In the CRL approach, if a party receives a public key and its associated certificate, she/he first validates them and then looks up the CRL to ensure that the public key has not been revoked. In such a case, the procedure requires the online.
ABSTRACT
Identity-based encryption (IBE) is a public key cryptosystem and eliminates the demands of public key infrastructure (PKI) and certificate administration in conventional public key settings. Due to the absence of PKI, the revocation problem is a critical issue in IBE settings. Several revocable IBE schemes have been proposed regarding this issue. Quite recently, by embedding an outsourcing computation technique into IBE, Li et al. proposed a revocable IBE scheme with a key-update cloud service provider (KU-CSP).However, their scheme has two shortcomings. One is that the computation and communication costs are higher than previous revocable IBE schemes. The other shortcoming is lack of scalability in the sense that the KU-CSP must keep a secret value for each user.
In the project, we propose a new revocable IBE scheme with a cloud revocation authority (CRA) to solve the two short comings namely, the performance is significantly improved and the CRA holds only a system secret for all the users. For security analysis, we demonstrate that the proposed scheme is semantically secure under the decisional bilinear Diffie-Hellman (DBDH) assumption. Finally, we extend the proposed revocable IBE scheme to present a CRA-aided authentication scheme with period-limited privileges for managing a large number of various cloud services.
EXISTING SYSTEM
Li et al. introduced an outsourcing computation technique into IBE to propose a revocable IBE scheme with a key-update cloud service provider (KU-CSP). They shifts the key-update procedures to a KU-CSP to alleviate the load of PKG. Li et al. also used the similar technique adopted in Tseng and Tsai’s scheme, which partitions a user’s private key into an identity key and a time update key.
The PKG sends a user the corresponding identity key via a secure channel. Mean while, the PKG must generate a random secret value (time key) for each user and send it to the KU-CSP. Then the KUCSP generates the current time update key of a user by using the associated time key and sends it to the user via a public channel.
DISADVANTAGES OF EXISTING SYSTEM
ID-based encryption (IBE) allows a sender to encrypt message directly by using a receiver’s ID without checking the validation of public key certificate.
In existing system misbehaving/compromised users in an ID-PKS setting is naturally raised.
Immediate revocation method employs a designated semi-trusted and online authority (i.e. mediator) to mitigate the management load of the PKG and assist users to decrypt cipher text.
The computation and communication costs are higher than previous revocable IBE schemes.
The other shortcoming is un-scalability in the sense that the KU-CSP must keep a time key for each user so that it will incur the management load.
PROPOSED SYSTEM
In order to solve both the un-scalability and the inefficiency in Li et al.’s scheme, we propose a new revocable IBE scheme with cloud revocation authority (CRA).In particular, each user’s private key still consists of an identity key and a time update key. We introduce a cloud revocation authority (CRA) to replace the role of the KU-CSP in Li et al.’s scheme.
The CRA only needs to hold a random secret value (master time key) for all the users without affecting the security of revocable IBE scheme. The CRA uses the master time key to generate the current time update key periodically for each non-revoked user and sends it to the user via a public channel. It is evident that our scheme solves the un-scalability problem of the KU-CSP. We construct a CRA-aided authentication scheme with period-limited privileges for managing a large number of various cloud services.
ADVANTAGES OF PROPOSED SYSTEM
The proposed scheme possesses the advantages of both Tseng and Tsai’s revocable IBE scheme and Li et al.’s scheme.
The proposed present the framework of our revocable IBE scheme with CRA and define its security notions to model possible threats and attacks
CRA-aided authentication scheme with period-limited privileges for managing a large number of various cloud services.
SYSTEM ARCHITECTURE
SYSTEM REQUIREMENTS
HARDWARE REQUIREMENTS
System : Pentium Dual Core.
Hard Disk : 120 GB.
Monitor : 15’’LED
Input Devices : Keyboard, Mouse
Ram : 1GB.
SOFTWARE REQUIREMENTS
Operating system : Windows 7.
Coding Language : JAVA/J2EE
Tool : Net beans 7.2.1
Database : MYSQL
CONCLUSION
In this article, we proposed a new revocable IBE scheme with a cloud revocation authority (CRA), in which the revocation procedure is performed by the CRA to alleviate the load of the PKG. This outsourcing computation technique with other authorities has been employed in Li et al.’s revocable IBE scheme with KU-CSP. However, their scheme requires higher computational and communicational costs than previously proposed IBE schemes. For the time key update procedure, the KU-CSP in Li et al.’s scheme must keep a secret value for each user so that it is lack of scalability. In our revocable IBE scheme with CRA, the CRA holds only a master time key to perform the time key update procedures for all the users without affecting security. As compared with Li et al.’s scheme, the performances of computation and communication are significantly improved. By experimental results and performance analysis, our scheme is well suited for mobile devices. For security analysis, we have demonstrated that our scheme is semantically secure against adaptive-ID attacks under the decisional bilinear Diffie-Hellman assumption. Finally, based on the proposed revocable IBE scheme with CRA, we constructed a CRA-aided authentication scheme with period-limited privileges for managing a large number of various cloud services.