Final Report (1).docx

Identity-Based Encryption

Abstract Abstract Identity-based encryption (IBE) is a public key cryptosystem and eliminates the demands of public key infrastructure (PKI) and certificate administration in conventional public key settings. Due to the absence of PKI, the revocation problem is a critical issue in IBE settings. Several revocable IBE schemes have been proposed regarding this issue. Quite recently, by embedding an outsourcing computation technique into IBE, Li et al. proposed a revocable IBE scheme with a key-update cloud service provider (KU-CSP). However, their scheme has two shortcomings. One is that the computation and communication costs are higher than previous revocable IBE schemes. The other shortcoming is lack of scalability in the sense that the KU-CSP must keep a secret value for each user. In the article, we propose a new revocable IBE scheme with a cloud revocation authority (CRA) to solve the two shortcomings, namely, the performance is significantly improved and the CRA holds only a system secret for all the users. For security analysis, we demonstrate that the proposed scheme is semantically secure under the decisional bilinear Diffie-Hellman (DBDH) assumption. Finally, we extend the proposed revocable IBE scheme to present a CRA-aided authentication scheme with period-limited privileges for managing a large number of various cloud services.

B.E, VTU Regional Center

Page 1

Identity-Based Encryption

CHAPTER 1

INTRODUCTION 1.1 Introduction Identity based public key system is an attractive alternative for public key cryptography. DENTITY (ID)-based public key system (ID-PKS) [1], [2] ID-PKS setting eliminates the demands of public key infrastructure (PKI) and certificate administration in conventional public key settings. An ID-PKS setting consists of users and a trusted third party (i.e. private key generator, PKG). The PKG is responsible to generate each user’s private key by using the associated ID information (e.g. e-mail address, name or social security number). Therefore, no certificate and PKI are required in the associated cryptographic mechanisms under ID-PKS settings. In such a case, ID-based encryption (IBE) allows a sender to encrypt message directly by using a receiver’s ID without checking the validation of public key certificate. Accordingly, the receiver uses the private key associated with her/his ID to decrypt such cipher text. Since a public key setting has to provide a user revocation mechanism, the research issue on how to revoke misbehaving/compromised users in an ID-PKS setting is naturally raised. In conventional public key settings, certificate revocation list (CRL) [3] is a well-known revocation approach. In the CRL approach, if a party receives a public key and its associated certificate, she/he first validates them and then looks up the CRL to ensure that the public key has not been revoked. In such a case, the procedure requires the online assistance under PKI so that it will incur communication bottleneck. To improve the performance, several efficient revocation mechanisms [4], [5], [6], [7], [8] for conventional public key settings have been well studied for PKI. Indeed, researchers also pay attention to the revocation issue of ID-PKS settings. Several revocable IBE schemes have been proposed regarding the revocation mechanisms in ID-PKS settings.

B.E, VTU Regional Center

Page 2

Identity-Based Encryption

In 2015, by a cloud-aided service provider, Li et al. [24] introduced an outsourcing computation technique into IBE to propose a revocable IBE scheme with a key-update cloud service provider (KU-CSP). They shifts the key-update procedures to a KU-CSP to alleviate the load of PKG. Li et al. also used the similar technique adopted in Tseng and Tsai’s scheme [23], which partitions a user’s private key into an identity key and a time update key. The PKG sends a user the corresponding identity key via a secure channel. Meanwhile, the PKG must generate a random secret value (time key) for each user and send it to the KU-CSP. Then the KUCSP generates the current time update key of a user by using the associated time key and sends it to the user via a public channel. To revoke a user, the PKG just asks the KU-CSP to stop issuing the new time update key of the user. 1.2 System Architecture We introduce a cloud revocation authority (CRA) to replace the role of the KU-CSP in Li et al.’s scheme. The CRA only needs to hold a random secret value (master time key) for all the users without affecting the security of revocable IBE scheme. The CRA uses the master time key to generate the current time update key periodically for each nonrevoked user and sends it to the user via a public channel. It is evident that our scheme solves the un-scalability problem of the KU-CSP. Our system model is depicted in Fig. 2.

Figure 1 System model for revocable IBE scheme with CRA

B.E, VTU Regional Center

Page 3

Identity-Based Encryption

1.3 Organization of the Report The project report is as follows with total 9 chapters, references and appendices Chapter 1: Introduction- Brief explanations and overall information carried out in this phase. Chapter 2: Literature Survey- Surveys all the related work to the project. Chapter 3: System Requirements Specification- It describes all the functional and nonfunctional requirements of the project work. Chapter 4: System Analysis- Briefly describes the problems of existing system; to overcome that problem proposed system is efficiently sorted. Chapter 5: System Design- The task of data flow diagram and the system architecture and sequence diagrams. Chapter 6: Implementation- It describes the modules used for project and the technologies used. Chapter 7: Testing- Deals with the types of testing that are used to rectify the faults in systems and also test cases to validate the project. Chapter 8: Conclusion and Future Enhancement- it provides the brief summary of project and make sure to enhance the work in future. Bibliography: This section deals with the references with are referred to establish this work. Appendix: This section deals with related paper publication and the abbreviation of terms used in this project.

B.E, VTU Regional Center

Page 4

Identity-Based Encryption

CHAPTER 2 LITERATURE SURVEY In 2001, Boneh and Franklin [2] proposed the first practical IBE scheme from the Weil pairing and suggested a simple revocation method in which each non-revoked user receives a new private key generated by the PKG periodically. A period can be set as a day, a week, a month, etc. A sender uses a designated receiver’s ID and current period to encrypt messages while the designated receiver decrypts the ciphertext using the current private key. Hence, it is necessary for the users to update new private keys periodically. To revoke a user, the PKG simply stops providing the new private key for the user. It is obvious that a secure channel must be established between the PKG and each user to transmit the new private key and this would result in heavy load for the PKG. In order to alleviate the load of the PKG in Boneh and Franklin’s scheme, Boneh et al. [9] proposed another revocation method, called immediate revocation. Immediate revocation method employs a designated semi-trusted and online authority (i.e. mediator) to mitigate the management load of the PKG and assist users to decrypt ciphertext [10], [11], [12], [13]. In such a case, the online mediator must hold shares of all the users’ private keys. Since the decryption operation must involve both parties, neither the user nor the online mediator can cheat one another. When a user was revoked, the online mediator is instructed to stop assistingthe user. However, the online mediator must help users to decrypt each ciphertext so that it becomes a bottleneck for such schemes as the number of users grows enormously. In Boneh and Franklin’s revocation method [2], all the users must periodically update new private keys sent by the PKG. As the number of users increases, the load of key updates becomes a bottleneck for the PKG. In 2008, Boldyreva et al. [14] proposed a revocable IBE scheme to improve the key update efficiency. Their revocable IBE scheme is based on the concept of the Fuzzy IBE [35] and adopts the complete subtree method to decrease the number of key updates from linear to logarithmic in the number of users. Indeed, by binary tree data structure of users, the scheme efficiently alleviates the keyupdate load of the PKG. Furthermore, Libert and Vergnaud [16] improved the security of

B.E, VTU Regional Center

Page 5

Identity-Based Encryption

Boldyreva et al.’s revocable IBE scheme by presenting an adaptive-ID secure scheme. Nevertheless, Boldyreva et al.’s scheme still results in several problems: (1) Each user’s private key size is 3log n points in an elliptic curve, where n is the number of leaf nodes (users) in the binary tree. (2) The scheme also results in enormous computation workload for encryption and decryption procedures. (3) It is enormous load for PKG to maintain the binary tree with a large amount of users. Moreover, Seo and Emura [17] refined the security model of Boldyreva et al.’s revocable IBE scheme [14] by considering a new threat, called decryption key exposure attacks. Based on the idea of Libert and Vergnaud’s scheme [16], they also proposed a revocable IBE scheme with decryption key exposure resistance. In order to reduce the sizes of both private keys and update keys, Park et al. [18] proposed a new revocable IBE scheme by using multilinear maps, but the size of the public parameters is dependent to the number of users. For achieving constant the size of the public parameters, Wang et al. [19] employed both the dual system encryption methodology [20] and the complete subtree method [14] to propose a new revocable IBE scheme. Furthermore, Seo and Emura [21] extended the concept of revocable IBE scheme to propose the first revocable HIBE scheme. In Seo and Emura’s scheme, for each period, each user generates a secret key by multiplying some of the partial keys, which depends on the partial keys used by ancestors in the hierarchy tree. In such a case, the secret key size of each user increases quadratically in the hierarchy tree wherein a low-level user must know the history of key updates performed by ancestors in the current time period, and it renders the scheme very complex. In 2015, Seo and Emura [22] proposed a new method to construct a novel revocable HIBE scheme with history-free updates. Nevertheless, the mentioned revocable IBE and HIBE schemes above [17], [18], [19], [21], [22] employed the complete subtree method to decrease the number of key updates from linear to logarithmic in the number of users. However, these schemes also suffered from the same disadvantages of Boldyreva et al.’s revocable IBE scheme [14] and still used a secure channel to transmit periodic private keys. In 2012, Tseng and Tsai [23] proposed a new revocable IBE scheme to remove the usage of secure channel between each user and the authority and use a public channel instead to transmit users’ periodic

B.E, VTU Regional Center

Page 6

Identity-Based Encryption

private keys. They partition a user’s private key into two components, namely, an identity key and a time update key. The identity key is a secret key associated with user’s ID, which is sent to the user via a secure channel and remains fixed since being issued. The time update key is a key associated with user’s ID and time period, which is changed along with time. The PKG periodically generates current time update keys for nonrevoked users and sends them to these users via a public channel. A user is able to decrypt the ciphertext if she/he possesses both the identity key and the legitimate time update key. In other words, to revoke a particular user, the PKG simply stops issuing the new time update key for the user. However, the key-update efficiency is linear in the number of users so that the computation burden of PKG is still enormous.

B.E, VTU Regional Center

Page 7

Identity-Based Encryption

CHAPTER 3 SYSTEM REQUIREMENTS SPECIFICATIONS System Requirement Specification is used for the programming contexture that are basically being for the functionality of the system can do, and also for the work behind the organization for describing and to understand the client’s needs. The purpose of SRS gives the requirement to be master planed of a system or sub-system. It generally provides for the capable clients needful conditions at a particular instance of time before the work is finalize. 3.1 System Overview A software requirements specification is a complete that describes the behavior of system to be developed. Use case techniques can be used to find the product of functional requirements or supplementary requirements. A non functional requirement performs the engineering requirements, quality of standards. Purpose: The purpose of SRS document is to list the user requirements in the organized manner. It defines all the constraints and software requirements needed to understand the application and documents. The user should be able to understand the purposed system after going through the SRS documents and should be in position to incorporate some changes required. 3.1.1 Functional Requirement Specification The functional requirements are designed to carry out to the clients. The requirements used by the clients should be very well defined for the operation of the system. The clients understand what the services to be provided, objectives to be defined and how the system will react with particular input. The development of functional requirement leads to the specific operations, major requirements to develop project, the types of software to be tested and what does the system need to be specified. The input and output data should be taken to the use with characteristics of clients data. The specified task of functional

B.E, VTU Regional Center

Page 8

Identity-Based Encryption

requirement of system should understand the brief description of clients needs. The resources those are very essential to estimate the operations, costs, analysis and the information to be carried.

Functional Requirements  Implementation of novel approach of Cloud revocation authority in cloud.  The scalability problem which is not solved in Existing approach between the cloud and users needs to be resolved.  Reduction of the outsourced computation of authority proposed approach compared to the KU-CSP approach.  Mitigate the workload of the PKG.

3.1.2 Non Functional Requirement Specification Non-Functional requirements are indirectly specified for the structure of project. The requirements with the specified function may carry different constraints to perform the system. The quality of the system are presides to measure the constraints of the system capabilities. The measure of Non-Functional requirements allows the clients to indirectly concentrate on the system analysis. Qualities of Non-Functional Requirements are o Security o Usability o Maintainability o Scalability o Portability

B.E, VTU Regional Center

Page 9

Identity-Based Encryption

3.1.3 Hardware Requirements o Processor

:

Pentium IV 2.4 GHz

o Hard Disk

:

500 GB.

o Monitor

:

15 VGA Colour.

o Mouse

:

Logitech.

o Ram

:

4GB

o Keyboard

:

Standard 102 Keys

o Operating system

:

Windows 7

o

:

Java2EE

:

MYSQL

3.1.4 Software Requirements

Coding Language

o Database

3.2 Software Description 3.2.1 Java Java is a multi-paradigm with the object-oriented of class based and structure data. Java is designed by James Gosling. It is object-oriented programming language with similar to C++. Java is originated at Sun Micro system and it is designed to have a implementation dependencies. Java is the one of the most recommended programming language in the web applications for client-server development. The Java technologies are mainly under General Public License (GNU). The java compliers, virtual machines and class libraries are developed by Sun Micro systems. The latest version of Java 8, it is the only version supported by Oracle There are five goals in the creation of Java Programming o

Java is simple and object-oriented.

o

Java should be robust and secure.

o

It is architecture-neutral and portable.

o

It must execute with the high performance.

B.E, VTU Regional Center

Page 10

Identity-Based Encryption

o

It is dynamic in nature.

3.2.2 MySQL MySQL mainly deals with the storing and retrieving the databases. The databases are mainly in the form of RDBMS (Relational Database Management System). The database provides and used to the open sources for the client-server model. The database that allows constraints with the implementation of tables, indexes, columns and also for the update the indexes simultaneously. MySQL is a open source software with the license specified, so it is free to use for user. The language that used in MySQL standards is SQL Data. MySQL is very effective and quickly access the database in the traditional business areas. It is a very powerful program to handles the packages. The language that supports the MySQL is PHP, PERL, C, C++ etc. It is user friendly with the license provided to modify to fit the user environment.

B.E, VTU Regional Center

Page 11

Identity-Based Encryption

CHAPTER 4

SYSTEM ANALYSIS The software development is generally carried out with the System Analysis and Design. The system analysis provides various detailed information of existing performance that may lead to the configuration of the new system. The problem in the existing system will be the drawbacks and to overcome this problem, the proposed system may raise with the improvement with the solutions for existing system. The process of studying the system analysis in order to identify the goals and objectives of system

4.1 Problem statement and objectives of the Research In the proposed approach Each user’s private key consists of an identity key and a time update key. We introduce a cloud revocation authority (CRA) to replace the role of the KU-CSP in Li et al.’s scheme. The CRA only needs to hold a random secret value (master time key) for all the users without affecting the security of revocable IBE scheme. The CRA uses the master time key to generate the current time update key periodically for each non-revoked user and sends it to the user via a public channel. It is evident that our scheme solves the un-scalability problem of the KU-CS

4.1.1 Objectives:  To implement novel approach of Cloud revocation authority in cloud.  To address the scalability problem between the cloud and users.  Reduce the Outsourced computation of authority.  Mitigate the workload of the PKG .

4.2 System Study

B.E, VTU Regional Center

Page 12

Identity-Based Encryption

4.2.1 Feasibility Study The Feasibility of project provides the various constraints to the quality of being weak or strong to plan the purpose of the business needs. To estimate the costs, performance, the designed implementation and the resource being defined for the environment. The various accepts that perform through the description of project, the operation of technical knowledge, managing the resources and mainly capable for the success. It is carried out during the proposed system, the future requirements may also includes the level of system resources. The feasibility study contains the three key: o Economic Feasibility o Technical Feasibility o Social Feasibility 4.2.2 Economic Feasibility The Economic Feasibility provides the constraints that determine the quality and identifying the purpose of project. It provides the estimation for possible technical requirements; the investment offered by organizer to develop a system and the technologies is often used for the customer needs. 4.1.3 Technical Feasibility The study of technical feasibility provides the aspects of technical knowledge to determine the system requirements and also designing the system resources. The modernized development of system is implemented for attracting the customers to define the project. The technicality provides a highly quality of service for the client’s satisfactions. 4.2.4 Social Feasibility The study of social feasibility defines how the outside environment will accepts the system requirements. It is designed in such a way that how confidently and convincingly reaches to the user, the level of accepting the project and the defined requirement of

B.E, VTU Regional Center

Page 13

Identity-Based Encryption

project. The goal is to satisfy the clients required outcome and also to manage how the system to be used by user for further purpose. 4.3 Existing System A revocable IBE scheme with a key-update cloud service provider (KU-CSP). In this system, which shifts the key-update procedures to a KU-CSP to alleviate the load of PKG. According to this methodology user’s private key is partitioned into an identity key and a time update key. The PKG sends a user the corresponding identity key via a secure channel. Meanwhile, the PKG must generate a random secret value (time key) for each user and send it to the KU-CSP. Then the KUCSP generates the current time update key of a user by using the associated time key and sends it to the user via a public channel. To revoke a user, the PKG just asks the KU-CSP to stop issuing the new time update key of the user. Their system model is depicted in Fig. 1. However, their scheme has two shortcomings. One is that the computation and communication costs are higher than previous revocable IBE schemes [2], [23]. The other shortcoming is un-scalability in the sense that the KU-CSP must keep a time key for each user so that it will incur the management load.

Fig 1: Proposed system of KUCSP model

B.E, VTU Regional Center

Page 14

Identity-Based Encryption

4.4 PROPOSED SYSTEM The proposed approach address the the limitations of the existing approach. In this research methodology each user’s private key still consists of an identity key and a time update key. This research introduces a cloud revocation authority (CRA) to replace the role of the KU-CSP in Li et al.’s scheme. The CRA only needs to hold a random secret value (master time key) for all the users without affecting the security of revocable IBE scheme. The CRA uses the master time key to generate the current time update key periodically for each non-revoked user and sends it to the user via a public channel. It is evident that our scheme solves the un-scalability problem of the KU-CSP. Proposed system model is depicted below.

Fig 2: IBE Revocation model

B.E, VTU Regional Center

Page 15

Identity-Based Encryption

CHAPTER 5 SYSTEM DESIGN This document gives the design of the overall project. Software development is the phase which is very important for the supernova of the software, which is called as design phase. The design phase should satisfy the functional and non-functional requirements for the effectiveness for satisfying all the constraints and objectives of the project. It mainly concentrates on the modules that needed for system. The design phase depends mainly on the specification of feasibility survey. 5.1Data Flow Diagram The information stream outline demonstrates the graphical portrayal, similar to game plans it is utilized to speak to the information through the sources of info, different sorts of information examination will be completed and the coveted yield will be produced. These parts will be utilized to demonstrate the framework and it will be displayed by to contemplate quickly regarding the info. In the framework outline the DFD will demonstrate the stream of whole parts. The stream of data will in arrangement of change utilizing this framework.

Fig 2: Data Flow diagram

B.E, VTU Regional Center

Page 16

Identity-Based Encryption

USE CASE: An utilization case in programming designing and frameworks building is a portrayal of a framework's conduct as it reacts to a demand that starts from outside of that framework. As it were, an utilization case depicts "who" can do "what" with the framework being referred to. The utilization case method is utilized to catch a framework's behavioral necessities by specifying situation driven strings through the useful prerequisites.

Utilize cases portray the connection between at least one performing artists (an on-screen character that is the initiator of the communication might be alluded to as the 'essential performer') and the framework itself, spoken to as a succession of basic strides. Performing artists are something or somebody which exists outside the framework ('black box') under review, and that partake in a grouping of exercises in a discourse with the framework to accomplish some objective. On-screen characters might be end clients, different frameworks, or equipment gadgets. Each utilization case is a total arrangement of occasions, depicted from the perspective of the on-screen character.

Fig 3: Use case Diagram

B.E, VTU Regional Center

Page 17

Identity-Based Encryption

SEQUENCE DIAGRAM A sequence diagram in Unified Modelling Language (UML) is a sort of cooperation chart that shows how forms work with each other and in what arrange. It is a develop of a Message Sequence Chart. Succession outlines are some of the time called Event-follow graphs, occasion situations, and timing charts. A succession graph appears, as parallel vertical lines ("helps"), distinctive procedures or items that live at the same time, and, as even bolts, the messages traded between them, in the request in which they happen. This permits the particular of basic runtime situations in a graphical way.

Figure 4: project Sequence diagram

B.E, VTU Regional Center

Page 18

Identity-Based Encryption

CHAPTER 6

IMPLEMENTATION Usage is a procedure of preparatory game plan of use or the execution of plan which may prompt the fruitful result of the venture. The utilization of framework must require the advances required for the setting of module to work, the thought behind the arranging, playing out the calculations as a programming execution and the product and equipment prerequisites detail of PC framework utilizing the fruitful arrangement of establishments, designs, running of venture, execution of venture. What's more, principally testing will improve the outline of venture. The execution is the acknowledgment of utilization, calculations and the product parts of the framework ought to be conveyed. The execution arranges in a system reach out to the benefit of possess right. It additionally incorporates: 

Carefully planned.



Investigation for future work.



Developers should be trained.

6.1 Module Description 

Cloud Based Revocation.



Public Key Generator.



Revocation Authourity.



Encryption Module.

6.1.1 Cloud Based Revocation: Several revocable IBE schemes have been proposed regarding this issue. Quite recently, by embedding an outsourcing computation technique into IBE, Li et al.

B.E, VTU Regional Center

Page 19

Identity-Based Encryption

proposed a revocable IBE scheme with a key-update cloud service provider (KU-CSP). However, their scheme has two shortcomings. One is that the computation and communication costs are higher than previous revocable IBE schemes. The other shortcoming is lack of scalability in the sense that the KU-CSP must keep a secret value for each user. In the article, we propose a new revocable IBE scheme with a cloud revocation authority (CRA) to solve the two shortcomings, namely, the performance is significantly improved and the CRA holds only a system secret for all the users. For security analysis, we demonstrate that the proposed scheme is semantically secure under the decisional bilinear Diffie-Hellman (DBDH) assumption. Finally, we extend the proposed revocable IBE scheme to present a CRA-aided authentication scheme with period-limited privileges for managing a large number of various cloud services. 6.1.2 Public Key Generator: Revocation method in which each non-revoked user receives a new private key generated by the PKG periodically. A period can be set as a day, a week, a month, etc. A sender uses a designated receiver’s ID and current period to encrypt messages while the designated receiver decrypts the ciphertext using the current private key. Hence, it is necessary for the users to update new private keys periodically. To revoke a user, the PKG simply stops providing the new private key for the user. It is obvious that a secure channel must be established between the PKG and each user to transmit the new private key and this would result in heavy load for the PKG. In order to alleviate the load of the PKG in Boneh and Franklin’s scheme, Boneh et al. proposed another revocation method, called immediate revocation. Immediate revocation method employs a designated semi-trusted and online authority (i.e. mediator) to mitigate the management load of the PKG and assist users to decrypt ciphertext In such a case.

B.E, VTU Regional Center

Page 20

Identity-Based Encryption

the online mediator must hold shares of all the users’ private keys. Since the decryption operation must involve both parties, neither the user nor the online mediator can cheat one another. 6.1.3 Revocation Authority: Key updates from linear to logarithmic in the number of users. However, each user’s private key size is O(log n), where n is the number of users. These schemes still used a secure channel to transmit periodic private keys while no other authority shares the responsibility of user revocation. In Tseng and Tsai’s revocable IBE scheme , both the identity key and time update key are issued by the PKG. In order to alleviate the load of the PKG, Li et al. employed a key update cloud service provider (KU-CSP) to share the responsibility of user revocation. In our revocable IBE scheme, we employ a cloud revocation authority (CRA) to perform user revocation. Indeed, the PKG in Li et al.’s scheme and ours may also perform the revocation operations. Both the KUCSP and the CRA are designated to share responsibility for performing user revocation. For scalability, the KU-CSP in Li et al.’s scheme must keep n various time keys for n users so that it does not possess scalability and incurs the management load. On the contrast, the CRA in our scheme holds only one master time key for all the users. When the number n of users in the system is very large, the PKG may designate multiple CRAs to share the responsibility of user revocation while each CRA holds only the same master time key. However, in Li et al.’s scheme, each KUCSP must also keep n time keys. Indeed, cloud computing is a ubiquitous computing environment. so that putting multiple CRAs on clouds may provide convenient management of user revocation while reducing the load of the single PKG. The detailed comparisons regarding computation and communication efficiency will be given in Section . 6.1.4 Encryption Module:

B.E, VTU Regional Center

Page 21

Identity-Based Encryption

Moreover, Seo and Emura refined the security model of Boldyreva et al.’s revocable IBE scheme by considering a new threat, called decryption key exposure attacks. Based on the idea of Libert and Vergnaud’s scheme they also proposed a revocable IBE scheme with decryption key exposure resistance. In order to reduce the sizes of both private keys and update keys, Park et al. proposed a new revocable IBE scheme by using multilinear maps, but the size of the public parameters is dependent to the number of users. For achieving constant the size of the public parameters, Wang et al. employed both the dual system encryption methodology and the complete subtree method to propose a new revocable IBE scheme. Furthermore, Seo and Emura extended the concept of revocable IBE scheme to propose the first revocable HIBE scheme. In Seo and Emura’s scheme, for each period, each user generates a secret key by multiplying some of the partial keys, which depends on the partial keys used by ancestors. In such a case, the secret key size of each user increases quadratically in the hierarchy tree wherein a low-level user must know the history of key updates performed by ancestors in the current time period, and it renders the scheme very complex Seo and Emura proposed a new method to construct a novel revocable HIBE scheme with historyfree updates. Nevertheless, the mentioned revocable IBE and HIBE schemes above employed the complete subtree method to decrease the number of key updates from linear to logarithmic in the number of users. However, these schemes also suffered from the same disadvantages of Boldyreva et al.’s revocable IBE scheme and still used a secure channel to transmit periodic private keys.

B.E, VTU Regional Center

Page 22

Identity-Based Encryption

CHAPTER 7

TESTING Programming Testing is the most critical piece of the developer where the blunders or blames or the disappointments of the framework is discernable. Programming testing is one of the predetermined parts of planning, nature of the product and the execution of code, where the disappointments happens the framework won't gives the legitimate yield to clients. Disappointments are happened because of the developer's issues, so it can simple to recognize by the software engineers. It might bring about the disappointment for the framework, so the software engineer ought to know about outlining devices, scraps for changing the conduct of framework. In the wake of creating stage, programming testing is vital to break up the deficiencies rapidly. Testing is a synchronized procedure where the data is taken care by improvement group. The primary objective of testing is to correct the bugs, issues or blunders. To recognize mistakes the test engineers needs to test every individual segments of the venture arrange module. Every module is tried for the better execution and by checking the modules the mistakes are recognized. It confirms that the frameworks achieved its prerequisites are definitely not. By examining the every modules and mistakes are pester out of framework to get particular yield. Dissimilar to every module gives the required yield, the assurance of test designer prompts the rightness of framework projects. The last module stage is intended to maintain a strategic distance from the disappointments and to expel deficiencies. So it's ideal to give the testing stage to the advancement of the venture. 7.1 Testing Principles The testing goal of the framework programming is to make a point to substantiate the framework condition by dissolving the flaws and blunders. Some of the basic principles of testing are:

B.E, VTU Regional Center

Page 23

Identity-Based Encryption

o “A successful test to be carried out which holds the capability of finding errors.” o “Planning of testing phase may required long time.” o “The tests are performed according to the clients need.” o “Effective test should require for detecting all errors.” o “Exhaustive testing is not possible” 7.2 Test Plan The test plan is one of the essential stages in the framework testing. It serves to the general population who are working outside the testing field. The correct arranging makes the item to build up to customer. The test arrange gives the documentation of the exercises performed for programming testing and its serves to approve the yield work. 7.3 Phases of Test The phases of testing are: o Unit Test o Integration Test o System Test 7.3.1 Unit Test Unit testing as the name portrays that the testing procedure is completed with the testing where every individual models are tried in a steady progression. The operation to perform unit testing is to figure out where every module testing is approve or not. The investigation of testing gives the fruitful result and to perform correct report determination. The capacity of unit test additionally upgrades the level of testing before the reconciliation procedure. By testing every module the blunders are recognized in before stages and this may prompt the yearning yield of the projects. Unit testing isolates the every individual piece of modules and redresses whether the module is executed or not. The essential execution is to give an end-clients to enhancing the application programming, business handle and the level of framework setup.

B.E, VTU Regional Center

Page 24

Identity-Based Encryption

7.3.2 Integration Test It is test where every one of the exhibitions are planned with the product testing procedure and individual set programming's are coordinated to perform in a gathering to run the one program. The fulfillment of this testing leads just when exhibitions of every necessities, programming modules and programming design. The yield execution makes when all reconciliation test modules are determined to play out the testing procedure with craving input. At long last mix testing furnishes end-client with accuracy of the yield with determined programming testing.

7.3.3 System Test Framework Testing is one of the testing procedure where the fruition of testing stage is for the most part relies on upon System. Framework testing gives the spine support to all the testing stage on the grounds that once the consummation of all the testing procedure the framework testing plays out the Hardware and Software Requirement Specifications and the Software situated examination of framework. This depends on the desire of endclient, where it ought to fulfilled to get crave result. 7.4 Test Cases Test cases are the arrangement of conditions that are being utilized to mediate an application by building up the testing of all the required things that must be tried whether the application is working legitimately or not. It will check the target and the objective a framework should be accomplished. At long last the info which must be given and the normal yield from the framework are to be known the execution of the framework can be additionally checked.

B.E, VTU Regional Center

Page 25

Identity-Based Encryption

Table 7.1: Test Case 1

Name of the Test

Testing for User Registration

Feature bring Tested

User creation with n no of attributes

Description

Creating user with specified attributes size and values

Sample input

ID, password, e mail

Expected output

User will be registered with status message

Actual Output

A dialogue box will open to display status

Remarks

Test case Pass

Table 7.2: Test Case 2

Name of the Test

Testing for File upload

Feature bring Tested

File upload to the cloud

Description

File upload to the cloud database in order to perform key aggregation

Sample input

Text file

Expected output

User will be able to get file upload status message

Actual Output

A dialogue box will open to display file upload status

Remarks

Test case Pass

B.E, VTU Regional Center

Page 26

Identity-Based Encryption

Table 7.3: Test Case 3 Name of the Test

Testing for effective search

Feature bring Tested

Implementation of key Generation

Description Sample input

Based on the time the keys will be generated for the each uploaded file Time details

Expected output

N number of keys will be generated

Actual Output

A page will be displayed which shows the 4 secret keys pertaining to time.

Remarks

Test case Pass

Table 7.4: Test Case 4 Name of the Test

Testing for the file download

Feature bring Tested

File download from the effective search

Description

From the cloud database file can be downloaded by providing proper secret and private key

Sample input

Private Key, secret key

Expected output

File needs to be downloaded.

Actual Output

List of files will be displayed , file can be downloaded by giving its secret key and public key

Remarks

Test case Pass

B.E, VTU Regional Center

Page 27

Identity-Based Encryption

Table 7.5: Test Case 5 Name of the Test

Testing for private key

Feature bring Tested

Implementation of private key

Description Sample input

Private key will be generated when user login to the cloud. User id and password

Expected output

Private key needs to be generated

Actual Output

Private key will be generated for each successful login and key will be sent to the registered e mail id.

Remarks

Test case Pass

B.E, VTU Regional Center

Page 28

Identity-Based Encryption

CHAPTER 8

CONCLUSION In this article, we proposed a new revocable IBE scheme with a cloud revocation authority (CRA), in which the revocation procedure is performed by the CRA to alleviate the load of the PKG. This outsourcing computation technique with other authorities has been employed in Li et al.’s revocable IBE scheme with KU-CSP. However, their scheme requires higher computational and communicational costs than previously proposed IBE schemes. For the time key update procedure, the KU-CSP in Li et al.’s scheme must keep a secret value for each user so that it is lack of scalability. In our revocable IBE scheme with CRA, the CRA holds only a master time key to perform the time key update procedures for all the users without affecting security. As compared with Li et al.’s scheme, the performances of computation and communication are significantly improved. By experimental results and performance analysis, our scheme is well suited for mobile devices. For security analysis, we have demonstrated that our scheme is semantically secure against adaptive-ID attacks under the decisional bilinear Diffie-Hellman assumption. Finally, based on the proposed revocable IBE scheme with CRA, we constructed a CRA aided authentication scheme with period-limited privileges for managing a large number of various cloud services.

B.E, VTU Regional Center

Page 29

Identity-Based Encryption

REFERENCES [1] A. Shamir, “Identity-based cryptosystems and signature schemes,” Proc. Crypto’84, LNCS, vol. 196, pp. 47-53, 1984. [2] D. Boneh and M. Franklin, “Identity-based encryption from the Weil pairing,” Proc. Crypto’01, LNCS, vol. 2139, pp. 213-229, 2001. [3] R. Housley, W. Polk, W. Ford, and D. Solo, “Internet X.509 public key infrastructure certificate and certificate revocation list (CRL) profile,” IETF, RFC 3280, 2002. [4] W. Aiello, S. Lodha, and R. Ostrovsky, “Fast digital identity revocation,” Proc. Crypto’98, LNCS, vol. 1462, pp. 137-152, 1998. [5] M. Naor and K. Nissim, “Certificate revocation and certificate update,” IEEE Journal on Selected Areas in Communications, vol.18 , no. 4, pp. 561 - 570, 2000. [6] S. Micali, “Novomodo: Scalable certificate validation and simplified PKI management,” Proc. 1st Annual PKI Research Workshop, pp. 15-25, 2002. [7] F. F. Elwailly, C. Gentry, and Z. Ramzan, “QuasiModo: Efficient certificate validation and revocation,” Proc. PKC’04, LNCS, vol. 2947, pp. 375-388, 2004. [8] V. Goyal, “Certificate revocation using fine grained certificate space partitioning,” Proc. Financial Cryptography, LNCS, vol. 4886, pp.247-259, 2007. [9] D. Boneh, X. Ding, G. Tsudik, and C.-M. Wong, “A Method for fast revocation of public key certificates and security capabilities,” Proc.10th USENIX Security Symp., pp. 297-310. 2001. [10] X. Ding and G. Tsudik, “Simple identity-based cryptography with mediated RSA,” Proc. CT-RSA’03, LNCS, vol. 2612, pp. 193-210, 2003. [11] B. Libert and J. J. Quisquater, “Efficient revocation and threshold pairing based cryptosystems,” Proc. PODC2003, pp. 163-171, 2003.

B.E, VTU Regional Center

Page 30

Identity-Based Encryption

[12] J. Baek and Y. Zheng, “Identity-based threshold decryption,” Proc. PKC’04, LNCS, vol. 2947, pp. 262-276, 2004. [13] H.-S. Ju, D.-Y. Kim, D.-H. Lee, H. Park, and K. Chun, “Modified ID-based threshold decryption and its application to mediated IDbased encryption,” Proc. APWeb2006, LNCS, vol. 3841, pp. 720-725,2006. [14] A. Boldyreva, V. Goyal, and V. Kumar, “Identity-based encryption with efficient revocation,” Proc. CCS’08, pp. 417-426, 2008. [15] A. Sahai and B. Waters, “Fuzzy identity-based encryption,” Proc. Eurocrypt’05, LNCS, vol. 3494, pp. 557-557, 2005. [16] B. Libert and D. Vergnaud, “Adaptive-ID secure revocable identity-based encryption,” Proc. CT-RSA’09, LNCS, vol. 5473, pp. 1-15, 2009. [17] J.-H. Seo and K. Emura, “Revocable identity-based encryption revisited: security model and construction,” Proc. PKC’13, LNCS, vol. 7778, pp. 216-234, 2013. [18] S. Park, K. Lee, and D.H. Lee, “New constructions of revocable identity-based encryption from multilinear maps,” IEEE Transactions on Information Forensics and Security, vol.10 , no. 8, pp. 1564- 1577, 2015. [19] C. Wang, Y. Li, X. Xia, and K. Zheng, “An efficient and provable secure revocable identity-based encryption scheme,” PLoS ONE, vol. 9, no. 9, article: e106925, 2014. [20] A. Lewko A and B. Waters, “New techniques for dual system encryption and fully secure hibe with short ciphertexts,” Proc. TCC’10, LNCS, vol. 5978, pp. 455-479, 2010. [21] J.-H. Seo and K. Emura, “Efficient delegation of key generation and revocation functionalities in identity-based encryption,” Proc.CT-RSA’13, LNCS, vol. 7779, pp. 343-358, 2013. [22] J.-H. Seo and K. Emura, “Revocable hierarchical identity-based encryption: historyfree update, security against insiders, and short Ciphertexts,” Proc. CT-RSA’15, LNCS, vol. 9048, pp. 106-123, 2015.

B.E, VTU Regional Center

Page 31

Identity-Based Encryption

[23] Y.-M. Tseng. and T.-T. Tsai, “Efficient revocable ID-based encryption with a public channel,” Computer Journal, vol.55, no.4, pp.475-486, 2012. [24] J. Li, J. Li, X. Chen, C. Jia, and W. Lou, “Identity-based encryption with outsourced revocation in cloud computing,” IEEE Trans. On Computers, vol. 64, no. 2, pp. 425-437, 2015. [25] S. Galbraith, K. Paterson, and N. P. Smart, “Pairings for cryptographers,” Discrete Applied Mathematics, vol. 156, no. 16, pp. 3113-3121, 2008. [26] E. Fujisaki and T. Okamoto, “How to enhance the security of public-key encryption at minimum Cost,” Proc. PKC’99, LNCS, vol.1560, pp. 53-68, 1999. [27] T. Kitagawa, P. Yang, G. Hanaoka, R. Zhang, K. Matsuura, and H. Imai, “Generic transforms to acquire CCA-security for identity based encryption: The Cases of FOPKC and REACT,” Proc.ACISP’06, LNCS, vol. 4058, pp. 348-359, 2006. [28] J. S. Coron, “On the exact security of full domain hash,” Proc.Crypto’00, LNCS, vol. 1880, pp. 229-235, 2000. [29] M. Scott, “Computing the Tate pairing,” Proc. CT-RSA’05, LNCS, vol. 3376, pp. 293-304, 2005 [30] M. Scott, N. Costigan, and W. Abdulwahab, “Implementing cryptographic pairings on smartcards,” Proc. CHES’06, LNCS, vol. 4249,pp. 134-147, 2006. [31] T.-Y. Wu and Y.-M. Tseng, “An efficient user authentication and key exchange protocol for mobile client-server environment,” Computer Networks, vol. 54, no. 9, pp. 1520-1530, 2010. [32] B. Lynn (2015), Java Pairing Based Cryptography Library (JPBC) [Online]. Available: http://gas.dia.unisa.it/projects/jpbc/benchmark.html [33] A. Wander, N. Gura, H. Eberle, V. Gupta, and S. Shantz, ”Energy analysis of publickey cryptography for wireless sensor networks,”Proc. 3rd IEEE International Conf. Pervasive Computing Commun,pp. 324-328, 2005.

B.E, VTU Regional Center

Page 32

Identity-Based Encryption

[34] M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. Katz, A. Konwinski, G. Lee, D. Patterson, A. Rabkin, I. Stoica, and M. Zaharia,”A view of cloud computing,” Commun. ACM, vol. 53, no. 4, pp.50-58, 2010. [35] A. Sahai and B. Waters, ”Fuzzy identity-based encryption,” Proc. Eurocrypt’05, LNCS, vol. 3493, pp. 457-473, 2005. [36] V. Goyal, O. Pandey, A. Sahai, and B. Waters, ”Attribute-based encryption for finegrained access control of encrypted data,” Proc.ACM CCS, pp. 89-98, 2006. [37] A. Sahai, H. Seyalioglu, and B. Waters, ”Dynamic credentials and ciphertext delegation for attribute-based encryption,” Proc. Crypto’12, LNCS, vol. 7417 , pp. 199217, 2012. [38] S. Hohenberger and B. Waters, ”Attribute-based encryption with fast decryption,” Proc. PKC’13, LNCS, vol. 7778, pp. 162-179, 2013. [39] P.-W. Chi and C.-L. Lei, ”Audit-free cloud Storage via deniable attribute-based encryption,” IEEE Transactions on Cloud Computing, article in press (DOI: 10.1109/TCC.2015.2424882), 2015. [40] J. Li, Y. Shi, and Y. Zhang, ”Searchable ciphertext-policy attributebased encryption with revocation in cloud storage,” International Journal of Communication Systems, article in press (DOI:10.1002/dac.2942), 2015. [41] H. Qian, J. Li, Y. Zhang, and J. Han, ”Privacy preserving personal health record using multi-authority attribute-based encryption with revocation,” International Journal of Information Security, vol. 14, no. 6, pp. 487-497, 2015. [42] A. Fiat and A. Shamir, “How to prove yourself: practical solutions to identification and signature Problems,” Proc. Crypto’ 86, LNCS, vol. 263, pp. 186-194, 1987. [43]

K.

Kurosawa

and

S.

Heng,

“From

digital

signature

to

ID-based

identification/signature,” Proc. PKC’04, LNCS, vol. 2947, pp 248- 261, 2004.

B.E, VTU Regional Center

Page 33

Identity-Based Encryption

[44] M. Feldhofer, S. Dominikus, and J. Wolkerstorfer, “Strong authentication for RFID systems using the AES algorithm,” Proc. CHES’04,LNCS, vol. 3156, pp. 357-370, 2004. [45] Y.-M. Tseng, T.-Y. Wu, and J.-D. Wu, “A pairing-based user authentication scheme for wireless clients with smart cards,” Informatica,vol. 19, no. 2, pp. 285-302, 2008. [46] C. Kaufman, P. Hoffman, Y. Nir, P. Eronen, and T. Kivinen, “Internet key exchange protocol version 2 (IKEv2) ,” IETF, RFC 7296,2014. [47] A. Freier, P. Karlton, and P. Kocher, “The secure sockets layer (SSL) protocol version 3.0,” IETF, RFC 6101, 2011.

B.E, VTU Regional Center

Page 34