A Key-Policy Attribute-Based Temporary Keyword Search scheme for Secure Cloud Storage

Abstract

Temporary keyword search on confidential data in a cloud environment is the main focus of this project. The cloud providers are not fully trusted. So, it is necessary to provide the data in the encrypted form. In the existing scheme, the authorized users can generate some search tokens and send them to the cloud for running the search operation. These search tokens can be used to extract all the cipher texts which are produced at any time and contain the corresponding keyword. Since this may lead to the leakage of some information, it is necessary to propose a scheme in which the search tokens can only extract the cipher texts generated in a specified time interval. To this end, in this project a new cryptographic primitive called key-policy attribute-based temporary keyword search (KPABTKS) was introduced. To evaluate the security of this scheme, the proposed scheme achieves the keyword secrecy property and is secure against selectively chosen keyword attack (SCKA) both in the random oracle model and under the hardness of Decisional Bilinear Diffie-Hellman (DBDH) assumption. Furthermore, it provides the complexity of the encryption algorithm is linear with respect to the number of the involved attributes.

Existing System

The novel notion of KP-ABTKS, and proposed a concrete construction for this new cryptographic service. The proposed concrete scheme is designed based on bilinear pairing. In the proposed KP-ABTKS, each user is identified with an access control policy. The data owner selects an attribute set, and runs the encryption algorithm with regard to it. If a data user’s attributes set satisfies the access tree of the data owner, then he/she can generate a valid search token. The cloud applies the generated search token to find the corresponding ciphertexts which have been encrypted in a time interval specified by the data user. The performance of the proposed construction was evaluated of KP-ABTKS in terms of both computational complexity and the execution time. The performance evaluation shows the practical aspects of this project.

Proposed System

In the proposed KP-ABTKS, each user is identified with an access control policy. The data owner selects an attribute set, and runs the encryption algorithm with regard to it. The data was mainly encrypted using the keyword and the Advanced Encryption Standard (AES). If a data user’s attributes set satisfies the access tree of the data owner, then he/she can generate a valid search token. The cloud applies the generated search token to find the corresponding ciphertexts which have been encrypted in a time interval specified by the data user. Two security definitions was generated for KPABTKS in the standard model. One of them defines its security against selectively chosen keyword attack, and the other one defines the keyword secrecy of KP-ABTKS. It formally proves that other proposed scheme satisfies these security definitions under the hardness of the Decisional Diffe-Hellman assumption. The performance of the proposed construction was evaluated of KP-ABTKS in terms of both computational complexity and the execution time. The performance evaluation shows the practical aspects of this project.

Architecture

ARCHITECTURE DIAGRAM