1.
Securely Outsoure Attribute-Based
Encryption with Checkability
Name: Lingeswaran.M
E-mail: linges_waran@hotmail.com
Twitter Id: lingeswaran_
University: Anna University
Year/Semester: 4th year / 8th semester
Branch: Computer science & engineering

2.
Introduction
• In ABE system, users private keys and cipher text are labeled with sets of
descriptive attributes and access policies respectively, and a particular key
can decrypt a particular cipher text only if associated attributes and policy
are matched.
• In key-policy attribute-based encryption, the access policy is assigned in
private key, whereas, in cipher text-policy attribute-based encryption, it is
specified in cipher text.
•As the development of cloud computing users concerns about data security
are the main obstacles that impedes cloud computing from wide adoption.
•These concerns are originated from the fact that sensitive data resides in
public cloud, which is maintained and operated by un trusted cloud service
provider (CSP).
•ABE provides a secure way that allows data owner to share outsourced data
on un trusted storage server instead of trusted server with specified group of
users.

3.
• The main efficiency drawbacks of ABE is that the computational cost during
decryption phase grows with the complexity of the access formula.
• Outsourced ABE allows user to perform heavy decryption through ‘‘borrowing’’
the computation resources from CSP.
• Beyond the heavy decryption outsourced, we observe that the attribute authority
has to deal with a lot of heavy computation in a scalable system.
• The attribute authority has to issue private keys to all users, but yet generation of
private key typically requires large modular exponentiation.
• When a large number of users call for their private keys, it may overload the
attribute authority.
• In most of existing ABE schemes, the revocation of any single private key requires
key-update at attribute authority for the remaining unrevoked keys which share
common attributes with the one to be revoked.
• All of these heavy tasks centralized at authority side would make it an efficiency
bottleneck in the access control system.

4.
Trends
 Key Generation Service Provider is maintained as a private cloud with high trust to deal
with sensitive information, but leaving Storage Service Provider and Decryption Service
Provider as public cloud to provide public storage and computation service respectively.
 Actually, this type of hybrid setting has become more and more attractive as many
organizations are moving to the public cloud due to its benefit of highly available and
scalable resources but still want to store and process the critical data in the private cloud.
 In the outsourced decryption, user firstly fetches cipher text from Storage Service Provider
and computes the intersection subset locally.
 Only a partial cipher text, blinded transformation key and intersection subset need to be
delivered to DSP to perform partial decryption.
 It allows another scenario, in which after key generation user directly sends his attribute set
and corresponding blinded transformation key to Decryption Service Provider to be stored.
 In this case, the Decryption Service Provider performs a role as proxy, who can
automatically retrieve cipher texts that user is interested in and forward to him partially
decrypted one.

5.
 The Decryption Service Provider could be the user’s mail server, or the same entity
along with Storage Service Provider in cloud environment.
IMPACT ON FUTURE
 All the uploaded files are maintained by cloud manager. If another user logged into the
application they requesting the file for download. For download user has to enter the
correct attribute set and signature for the particular content.
 If the user entered correct attribute set and signature means, cloud allowed to
download the file. Otherwise cloud doesn’t allow user for download.
 So every user has to enter the correct signature and attribute set name for content
download. Signature has been generated by Attribute Authority based on the attribute
partial key.
So for any outsource the content in the cloud , here
we provide the security. For every outsource here we specified the service provider for
checkability.

6.
Interest Areas
• Registration and Authority key generation
user will register their details into the cloud manager. User has to fill
all their own personal details, based on the user attributes only key will be generated. The Attribute
Authority is to provide partial key transformation based on users attribute. Based on the user
attributes Attribute Authority provide key. Here ABE scheme will be applied for key generation.
After key generation, then only user can login and do their further process without attribute key
user can’t login.
• Apply Privilege and KGSP key Generation
In this module user has to set the access policy for their own
content. After user got permission from Attribute Authority they login into the application for
setting privilege.
• Verification using ABE Scheme
Module user upload own content and other authorized user will
download the content. Once user got private key from cloud, they encrypt the upload content
based on their own private key. Once content encrypted, the cipher text content must be stored in
the cloud database.
With the aid of Key Generation Service(KGSP) Provider and
Decryption Service Provider, I will achieve constant efficiency at both authority and user sides. It
will also provide a trust-reduced construction with two KGSP which is secure under recently
formulized Refereed Delegation of Computation model.