Vyshak Report

Public key encryption by using KAC for sharing data in cloud storage
CHAPTER-1
1.1 INTRODUCTION
1.1.1 Project Overview
Data sharing is an important functionality in cloud storage. It show how to securely,
efficiently, and flexibly share data with others in cloud storage. It describe new public-key
cryptosystems that produce constant-size cipher texts such that efficient delegation of
decryption rights for any set of cipher texts are possible. The novelty is that one can
aggregate any set of secret keys and make them as compact as a single key, but encompassing
the power of all the keys being aggregated. In other words, the secret key holder can release a
constant-size aggregate key for flexible choices of cipher text set in cloud storage, but the
other encrypted files outside the set remain confidential. This compact aggregate key can be
conveniently sent to others or be stored in a smart card with very limited secure storage. It
provide formal security analysis of our schemes in the standard model. It also describe other
application of our schemes. In particular, our schemes give the first public-key patientcontrolled encryption for flexible hierarchy, which was yet to be known.
The document can be uploaded by considering the probablilistic usage of algorithms
to encrypt the file to make sure like the algorithm used for the encrypting technique of the file
is not determined by any individual. Once the data is uploaded then the keys are generated for
each file based on the random algorithms used to encrypt the file.
The keys are generated for each and every file and it will be unique in nature based on
the algorithm used to generated that key. when the files are uploaded in the terms of batch the
keys for single file is generated and also the aggregate key is generated for the whole batch of
files.
The aggregate key is restricted to that particular batch itself and the keys are retained
with the user who upload the files. The file can be opened by the key generated for the file or
Department of MCA, PESCE, MANDYA
2016
by the aggregated key generated by that batch of file. When the user wants to share the file
with other users, he can send the file and he can provide access to that file by specifying the
keys generated with that file.
1.2 Motivation for project

The Motivation for doing this project was primarily an interest in undertaking a challenging
project in an interesting area of research. The opportunity to learn about a new area of
computing not covered in lectures was appealing. This area is possibly an area that I might
study postgraduate level. To make communication between project manager and project
members easy. To manage time or deadline of the project. Planning the work of the day. Less
time consuming.
1.3 Company profile

Teembinsys system software, global IT and telecom service provider, delivering,
ousourcing and securing as per your customization.
The leading marketing and sales partners for telecom equipment providers,
multinational software vendors and value added service providers. Provide strategic support
to its principals for sailing them through the competition in the Indian market, thereby
converting them into the marketing leaders. The company has also ventured into the
development of state of the art software and the hospitality industry.
Rapidly growing business group based in the india with significant international
presence. The group has strength of 200 people pan india.
The business operations of the group currently encompass several business sectors
such as tele-communications, information technology, mobile value added services,defense
IT application and turnkey projects.
2016
The groups has consistently endeavoured to update its skills and capabilities it is able
to provide solutions from inception of concept and planning getting regulatory and technical
approvals arranging tie ups assisting in tendering process network designing engineering
assistance in execution of projects and conceptualizing value added services as per the taste
and genius of the Indian consumer.
The company was setup an aim of providing innovative R&D solutions to various
defense and other clients. In a very short span, the company has gained advantage in the
development of IT applications in the niche areas of conventional and customized modeling
and simulation solutions. CRDC provides innovative technological modeling and simulation,
IT solutions, to clients worldwise in defense and other allied sector.
2016
Chapter-2
LITERATURE SURVEY
2.1 Introduction
Literature survey is the most important step in software development process. Before
developing the tool it is necessary to determine the time factor, economy and company
strength. Once these things are satisfied, then next step is to determine which operating
system and language can be used for developing the tool.
Constant ciphertext length in multi-authority Ciphertext Policy Attribute Based
Encryption
In Ciphertext Policy Attribute Based Encryption (CP-ABE)a previously defined association
between the attributes of a user and the ciphertext associated with these attributes is exploited
to determine the secret key of the user. However, for a user with multiple attributes, the
length of the key depends on the number of attributes. The existing methods that use
reasonably computable decryption policies produce the ciphertext of size at least linearly
varying with the number of attributes. In this paper, we propose two schemes. One scheme is
of variable length based on Bethencourt et al. construction. In second scheme, the ciphertext
remains constant in length, irrespective of the number of attributes. It works for a threshold
case: the number of attributes in a policy must be a subset of attributes in a secret key. The
security of scheme is based on Decisional Bilinear Diffie-Hellman (DBDH) problem.
Efficient Ciphertext-Policy ABE with constant ciphertext length
Following the development of promising result of Ciphertext-Policy Attribute-based

encryption (CP-ABE), in which every secret key is associated with a set of attributes, and
every ciphertext is associated with an access structure on attributes. Decryption is enabled if
and only if the user's attribute set satisfies the ciphertext access structure. Apart from the
proposed properties of CP-ABE, we propose a new construction of CP-ABE that significantly
2016
reduces the ciphertext to a very short constant size for any number of AND gate access policy
on any number of attributes. Our scheme is proven CPA and CCA-secure under the
Decisional Diffie Hellman assumption. Moreover we present the construction our CCA
scheme with public key encryption non-interactive opening(PKENO) scheme and using CHK
technique to achieve CCA secure.
2.2 EXISTING SYSTEM

Considering data privacy, a traditional way to ensure it is to rely on the server to
enforce the access control after authentication, which means any unexpected privilege
escalation will expose all data. In a shared-tenancy cloud computing environment, things
become even worse.
Regarding availability of files, there are a series of cryptographic schemes which go
as far as allowing a third-party auditor to check the availability of files on behalf of the data
owner without leaking anything about the data, or without compromising the data owners
anonymity. Likewise, cloud users probably will not hold the strong belief that the cloud
server is doing a good job in terms of confidentiality.
A cryptographic solution, with proven security relied on number-theoretic
assumptions is more desirable, whenever the user is not perfectly happy with trusting the
security of the VM or the honesty of the technical staff.
DISADVANTAGES OF EXISTING SYSTEM
The costs and complexities involved generally increase with the number of the
decryption keys to be shared.
The encryption key and decryption key are different in publickey encryption.
2.3 PROPOSED SYSTEM

In the proposed system it shows how to make a decryption key more powerful in the
sense that it allows decryption of multiple ciphertexts, without increasing its size.
Specifically, the problem statement is To design an efficient public-key encryption scheme
2016
which supports flexible delegation in the sense that any subset of the ciphertexts (produced
by the encryption scheme) is decry ptable by a constant-size decryption key (generated by the
owner of the master-secret key). To solve this problem by introducing a special type of
public-key encryption which
calls key-aggregate cryptosystem (KAC). In KAC, users
encrypt a message not only under a public-key, but also under an identifier of ciphertext
called class. That means the ciphertexts are further categorized into different classes. The key
owner holds a master-secret called master-secret key, which can be used to extract secret keys
for different classes. More importantly, the extracted key have can be an aggregate key which
is as compact as a secret key for a single class, but aggregates the power of many such keys,
i.e., the decryption power for any subset of ciphertext classes.
ADVANTAGES OF PROPOSED SYSTEM
The extracted key have can be an aggregate key which is as compact as a secret key
for a single class.
The delegation of decryption can be efficiently implemented with the aggregate key.
.
2.4 TOOLS AND TECHNOLOGY USED

2.4.1 JSP
Java server page technology used for controlling content of web pages through the use
of servlets, in the web page small programs are specified and run on the web server used to
modify the web page before it is sent the user who requested it.sun Microsystems and the
developer of java refers the jsp technology as the servlet application program interface.
Whereas a java server page calls a java program that is executed by the web server. it use
several delimiters for scripting functions.
2.4.2 HTML5
HTML 5 used for structuring and presenting content for the world wide web. Its core
aims have improve the language with the support of multimedia while it easily readable by
human and also consistently understood by computer and devices. html5 also potential
candidate for cross-platform mobile applications. It include detailed processing maodels to
2016
encourage more interoperable markup and application programming interface. In the html5
also include some new syntactic features they are video, audio and canvas elements and the
integration of scalable vector graphics content and mathml for mathematical formulas.
2.4.3 CSS3
Cascading style sheet language used for formatting of a document written in a markup
language. It used to change the style of web pages and their interface those are written in html
and xhtml and also css language can be applied to any kind of xml document, plain xml and
xul and it also used for many mobile applications. Css files reduce complexity and repetition
in the structural content. Css include some elements such as layout, colours, and fonts.The
advantages of css that aesthetic changes to the graphic design of a document can be applied
easily and quickly and by editing a few lines in one file.
.
2.4.4 JQuery
It is easier to use javascript on our website and it simplifies the lot of complicated
things in javascript. JQuery is write less, do more, light weight of javascript library. it
contain some features like DOM manipulation, css manipulation, html event methods, effect
and animation and utilities.
2.4.5 MYSQL
MySQL used for relational database managements system and open source RDBMS.
MySQL popular choice of database for use in web pages applications. It use Severalpaid
editions and additional functionality.MySQL also used in many high profile large scale
websites and also including google, facebook, twitter.
2.4.6 JAVA
Java is a general-purpose computer programming language that is concurrent, classbased, object-oriented, and specifically designed to have as few implementation dependencies
as possible. The language derives much of its syntax from C and C++, but it has fewer lowlevel facilities than either of them.The original and reference implementation Java compilers,
virtual machines, and class libraries were originally released by Sun under proprietary
licences.
2016
Chapter-3
SOFTWARE REQUIREMENT SPECIFICATION
3.1 Introduction
The software requirement Specification is to specify the requirements for the development of
the software. This document specifies the various modules required to be implemented in the
system and the constraints that in which the system is expected to work. A System
Requirement Specification (SRS) a requirements specification for a software system is a
complete description of the behaviors of a system to be developed. It include a set of use case
that describe all the interactions the users will have with the software. In addition to use case,
the SRS also contains non-functional (or supplementary) requirements. NON-Functional
requirements are requirements which impose constraints on the design or implementation
(such as performance engineering requirements, quality standards, or design constraints).
3.2 System Configuration:

3.2.1 Hardware Configuration
Processor
Speed
RAM
Hard Disk
Intel i3
2.53Ghz
2 GB
20GB
3.2.2 Software Configuration

Opearating System
Programming Language
Java version
Database
Tool
Windows 7
JAVA
JDK 1.8
MYSQL
Netbeans IDE 7.0
Table 3.2 Hardware & Software Requirements
3.3 Functional and Non-Functional requirement

3.3.1 Non-Functional Requirement
2016
Performance :This application is up 99.9% and loads fastly.
Safety : It provides safety to the users information by encoding of data.
Reliability : The system is reliable in its operations and securing the sensitive details.
Security : The main security concern is for users account hence proper login
mechanism should be used to avoid hacking.
Usability : It is a user friendly interface.
3.3.2 Functional Requirements
Login page :Forusers login is required to authenticate the user.
Login fragment :Depending upon username and password either user layout will get
open or admin layout.
User document upload :The user can upload the documents to the cloud in the
encrypted format.
User document download :The user can download the documents from the cloud in
the encrypted format and decrypt it using aggregate key.
3.4 Modules
3.4.1 Registration
In this module the user can register to the application by entering the details like
username, password, contact details, address.
3.4.2 Login Module
The user can login to the application by using username and password the purpose of
login model is authentication of user to the application.
3.4.3 File Upload Module
User able to upload text files or media files to the cloud server and a private key and
the secret key is generated for that file.
3.4.4 File Forwarder Module
Theuser will be able to forward files to the ip address with the secret key file.
3.4.5 Download File
The user allowed to download the file and apply secret key he has to open the file.
2016
10
3.4.6 Download Multiple File

The user allowed to download the multiple file and apply aggregate key he has to
open the file.
Chapter-4
SYSTEM ANALYSIS
2016
11
4.1 Introduction
System analysis is the examination of the problem. It is concerned with identifying all the
constraints and influences. It deals with the data collections and a detailed evolution of the
present system. The process of the system analysis phase in our project is composed into
following parts:
Problem Analysis
Feasibility Study
4.2 Problem Analysis

The study of existing system is the base to create a new system. For the development of the
proposed system we understand the problem of the existing system and capture the
requirements. Depending upon the user requirements appropriate performance analysis tool is
selected for the development of system. The functionality of the software is specified as per
user requirement. The proposed system also provides a simple and easy to use GUI with
customer fonts and colors.
4.3 FEASIBILITY STUDY

The feasibility of the project is analyzed in this phase and business proposal is put
forth with a very general plan for the project and some cost estimates. During system analysis
the feasibility study of the proposed system is to be carried out. This is to ensure that the
proposed system is not a burden to the company.
Three key considerations involved in the feasibility analysis are
4.3.1 ECONOMICAL FEASIBILITY
2016
12
This study is carried out to check the economic impact that the system will have on
the organization. The amount of fund that the company can pour into the research and
development of the system is limited. The expenditures must be justified. Thus the developed
system as well within the budget and this was achieved because most of the technologies
used are freely available. Only the customized products had to be purchased.
4.3.2 TECHNICAL FEASIBILITY
This study is carried out to check the technical feasibility, that is, the technical
requirements of the system. Any system developed must not have a high demand on the
available technical resources. This will lead to high demands on the available technical
resources. This will lead to high demands being placed on the client. The developed system
must have a modest requirement, as only minimal or null changes are required for
implementing this system.
4.3.3 SOCIAL FEASIBILITY
The aspect of study is to check the level of acceptance of the system by the user. Thisincludes
the process of training the user to use the system efficiently. The user must not feel threatened
by the system, instead must accept it as a necessity. The level of acceptance by the users
solely depends on the methods that are employed to educate the user about the system and to
make him familiar with it. His level of confidence must be raised so that he is also able to
make some constructive criticism, which is welcomed, as he is the final user of the system
Chapter-5
2016
13
SYSTEM DESIGN
5.1 Introduction
System desisn is the process of defining the architecture, components, modules, interfaces,
and data for a system to satisfy specified requirements, system design could be seen as the
application of system theory to product development.
5.2 System perspective

Architectural design is a process of decomposing a large complex system into small
subsystems. These subsystems are meant for providing some related services. The
architectural design is basically a layout or a framework of the system for the subsystem
sontrol and communication.
Fig 5.2 Architecture diagram

The document can be uploaded by considering the probablilistic usage of algorithms
to encrypt the file to make sure like the algorithm used for the encrypting technique of the file
is not determined by any individual. Once the data is uploaded then the keys are generated for
each file based on the random algorithms used to encrypt the file.
2016
14
The keys are generated for each and every file and it will be unique in nature based on the
algorithm used to generated that key. when the files are uploaded in the terms of batch the
keys for single file is generated and also the aggregate key is generated for the whole batch of
files.The aggregate key is restricted to that particular batch itself and the keys are retained
with the user who upload the files. The file can be opened by the key generated for the file or
by the aggregated key generated by that batch of file. When the user wants to share the file
with other users, he can send the file and he can provide access to that file by specifying the
keys generated with that file.
5.3 Context Diagram
The highest level data flow diagram is the context diagram.
The context diagram shows the interaction of the system with its environment in
terms of data flows.
The entire system is represented as a single process.
Generate key and

aggregate key
Application
name
Uploading files
Download files
Fig 5.3 context diagram for KAC

2016
15
5.4 Module Design

Registration
In this module the user can register to the application by entering the details like
username, password, contact details, address.
Login Module
The user can login to the application by using username and password the purpose of
login model is authentication of user to the application.
File Upload Module
User able to upload text files or media files to the cloud server and a private key and
the secret key is generated for that file.
File Forwarder Module
The user will be able to forward files to the ip address with the secret key file.
Download File
The user allowed to download the file and apply secret key he has to open the file.
Download Multiple File
The user allowed to download the multiple file and apply aggregate key he has to
open the file.
2016
16
5.5 DETAILED DESIGN

5.5.1 BLOCK DIAGRAM
Cloud
Upload to cloud
Key generate and encrypt content
User 1
Download encrypt content
Generate Aggregate key and send
User 2
Decrypt content
Using Aggregate key
Fig 5.5.1 Block diagram for KAC
5.5 Object Oriented Design

5.6 Use case diagram
A system involves a set of use case and a set of actors. The set of use cases shows the
complete functionality of the system and the set of actors represents the complete set of
objectives that the system can serve. The use case guidelines are first we have determine the
system boundary.
2016
17
Use case diagram for admin & user:
Cloud data storage security

using ciphertext
Register
Login
Upload Document
Encrypt Document
Decrypt Document
Ciphertext Generation
Share Document
User
Admin
Manage Users
Manage Files
Logout
5.7 Sequence diagram

2016
18
A sequence diagram shows the participants in an interaction and the sequence of

message among them. A sequence diagram shows the interaction of a system with its actors to
perform all or part of a use case. It contain some guidelines they are prepare at least one
scenario per use case, abstract the scenarios into sequence diagram, divide complex
interaction and prepare a sequence diagram for each error condition.
5.7.1 Sequence diagram for user:
Fig 5.7.1 Sequence diagram for User
5.7.2 Sequence diagram for Admin:

2016
19
Fig 5.7.2 Sequence diagram for Admin
5.8 Activity diagram

2016
20
Activity diagram shows the sequence of steps that make up a complex process such as
algorithm or workflow. Activity diagram shows the flow of control but it focuses on
operation rather than on objects. An activity diagram can shows the both sequence and
concurrent flow of control.
How to Draw: Activity Diagrams
Activity diagrams show the flow of activities through the system. Diagrams are read
from top to bottom and have branches and forks to describe conditions and parallel activities.
A fork is used when multiple activities are occurring at the same time. The diagram below
shows a fork after activity1. This indicates that both activity2 and activity3 are occurring at
the same time. After activity2 there is a branch. The branch describes what activities will
take place based on a set of conditions. All branches at some point are followed by a merge
to indicate the end of the conditional behavior started by that branch. After the merge all of
the parallel activities must be combined by a join before transitioning into the final activity
state.
When to Use: Activity Diagrams
Activity diagrams should be used in conjunction with other modeling techniques such
as interaction diagrams and state diagrams. The main reason to use activity diagrams is to
model the workflow behind the system being designed. Activity Diagrams are also useful
for: analyzing a use case by describing what actions needs to take place and when they should
occur; describing a complicated sequential algorithm; and modeling applications with parallel
processes.
Activity diagrams describe the workflow behavior of a system. Activity diagrams are
similar to state diagrams because activities are the state of doing something. The diagrams
describe the state of activities by showing the sequence of activities performed. Activity
diagrams can show activities that are conditional or parallel.
2016
21
5.8.1 Activity diagram for admin:
Fig 5.8.1 Activity diagram for admin
2016
22
5.8.2 Activity diagram for user:
Fig 5.8.2 activity diagram for user

2016
23
5.9 Class Diagram
A class describes a group of objects with the same properties (attributes), behavior
(operations), kind of relationships, and semantics. Class Diagram provides a Graphic
notation for modeling classes and their relationships, thereby describing the possible objects.
Class Diagram is useful for abstract modeling and for designing actual programs.
Fig 5.9 Class diagram
2016
24
5.10 ER Diagram
Fig 5.10 ER Diagram
2016
25
5.11 Database design:

A database is a collection of interrelated data stored with minimum redundancy to serve
many users quickly and efficiently. The general objective of database design is to make the
data access easy. Inexpensive and flexible to the user. Database design is required to manage
large bodies of information.
The managements of the data involves both the definition of structures of the storage of
information and provision of mechanism for the manipulation of information. In addition the
database system must provide for the safety of information, handled despite system crashes
or due to attempts at unauthorized access. For developing an efficient database, we have to
fulfill certain condition such as:
Control Redundancy
Ease of Use
Data Independency
Accuracy and integrity
Avoiding in order delays
Recovery from failure
Privacy and security
Performance
2016
26
CHAPTER-6
IMPLEMENTATION
6.1 MODULES
Data Owner(Alice)
Network Storage
Aggregate Key Transfer
User(Bob)
6.1.1 Data Owner (Alice)

In this module we executed by the data owner to setup an account on an untrusted
server. On input a security level parameter 1 and the number of ciphertext classes n (i.e.,
class index should be an integer bounded by 1 and n), it outputs the public system parameter
param, which is omitted from the input of the other algorithms for brevity.
6.1.2 Network Storage (Drop box)

our solution, Alice can simply send Bob a single aggregate key via a secure e-mail.
Bob can download the encrypted photos from Alices Dropbox space and then use this
aggregate key to decrypt these encrypted photos. In this Network Storage is untrusted third
party server or dropbox.
6.1.3 Aggregate Key Transfer

A key-aggregate encryption scheme consists of five polynomial-time algorithms as
follows. The data owner establishes the public system parameter via Setup and generates a
public/master-secret key pair via KeyGen. Messages can be encrypted via Encrypt by anyone
who also decides what ciphertext class is asso-ciated with the plaintext message to be
encrypted. The data owner can use the master-secret to generate an aggregate decryption key
for a set of ciphertext classes via Extract. The generated keys can be passed to delegates
securely (via secure e-mails or secure devices) finally; any user with an aggregate key can
2016
27
decrypt any ciphertext provided that the ciphertexts class is contained in the aggregate key
via Decrypt
6.1.4 User (Bob)
The generated keys can be passed to delegates securely (via secure e-mails or secure devices)
finally; any user with an aggregate key can decrypt any ciphertext provided that the
ciphertexts class is contained in the aggregate key via Decrypt.
2016
28
6.2 Implementation Flowchart for Admin:
START
Enter Credentials
Validate
Credentials
Upload
Document
Encrypt
&Generate Key
Store in Server
STOP
Fig 6.2 implementation flowchart for admin
2016
29
6.3 Implementation Flowchart for User:

START
Enter Credentials
View Datafiles
Request Key
Obtain Key
Decrypt
&Download
STOP
Fig 6.3 implementation flowchart for user
2016
30
Chapter 7
SOFTWARE TESTING
7.1 Introduction
The purpose of testing is to discover errors. Testing is the process of trying to discover
every conceivable fault or weakness in a work product. It provides a way to check the
functionality of components, sub assemblies, assemblies and/or a finished product It is the
process of exercising software with the intent of ensuring that the Software system meets its
requirements and user expectations and does not fail in an unacceptable manner. There are
various types of test. Each test type addresses a specific testing requirement.
7.2 TYPES OF TESTS
7.2.1 Unit testing
Unit testing involves the design of test cases that validate that the internal program
logic is functioning properly, and that program inputs produce valid outputs. All decision
branches and internal code flow should be validated. It is the testing of individual software
units of the application .it is done after the completion of an individual unit before
integration. This is a structural testing, that relies on knowledge of its construction and is
invasive. Unit tests perform basic tests at component level and test a specific business
process, application, and/or system configuration. Unit tests ensure that each unique path of a
business process performs accurately to the documented specifications and contains clearly
defined inputs and expected results.
7.2.2 Integration testing

Integration tests are designed to test integrated software components to determine if
they actually run as one program. Testing is event driven and is more concerned with the
basic outcome of screens or fields. Integration tests demonstrate that although the
components were individually satisfaction, as shown by successfully unit testing, the
2016
31
combination of components is correct and consistent. Integration testing is specifically aimed

at exposing the problems that arise from the combination of components.
7.2.3 Functional test
Functional tests provide systematic demonstrations that functions tested are available
as specified by the business and technical requirements, system documentation, and user
manuals.
Functional testing is centred on the following items
Valid Input
: identified classes of valid input must be accepted.
Invalid Input
: identified classes of invalid input must be rejected.
Functions
: identified functions must be exercised.
Output
: identified classes of application outputs must be exercised.
Systems/Procedures: interfacing systems or procedures must be invoked.

Organization and preparation of functional tests is focused on requirements, key
functions, or special test cases. In addition, systematic coverage pertaining to identify
Business process flows; data fields, predefined processes, and successive processes must be
considered for testing. Before functional testing is complete, additional tests are identified
and the effective value of current tests is determined.
7.2.4 System Test
System testing ensures that the entire integrated software system meets requirements.
It tests a configuration to ensure known and predictable results. An example of system testing
is the configuration oriented system integration test. System testing is based on process
descriptions and flows, emphasizing pre-driven process links and integration points.
White Box Testing
White Box Testing is a testing in which in which the software tester has knowledge of
the inner workings, structure and language of the software, or at least its purpose. It is
purpose. It is used to test areas that cannot be reached from a black box level.
2016
32
Black Box Testing

Black Box Testing is testing the software without any knowledge of the inner
workings, structure or language of the module being tested. Black box tests, as most other
kinds of tests, must be written from a definitive source document, such as specification or
requirements document, such as specification or requirements document. It is a testing in
which the software under test is treated, as a black box .you cannot see into it. The test
provides inputs and responds to outputs without considering how the software works.
7.3 Text target

Unit Testing
Unit testing is usually conducted as part of a combined code and unit test phase of the
software lifecycle, although it is not uncommon for coding and unit testing to be conducted as
two distinct phases. Unit texting also known as component testing refers to tests that verify
the functionality of a specific code usually at the functional level.
Test objectives
All field entries must work properly.

Pages must be activated from the identified link.
The entry screen, messages and responses must not be delayed.
Features to be tested
Verify that the entries are of the correct format
No duplicate entries should be allowed
All links should take the user to the correct page.
2016
33
7.4 Registration Testing

TestCase
Number
Testing
Scenario
Expected result
Result
TC 01
Clicking submit
without entering
details
Alert "Please fill all details"
Pass
TC 02
Clicking submit
without entering
Username
Alert "Please fill Username"
Pass
TC 03
Clicking submit
without entering
password
Alert "Please fill Password"
Pass
TC 04
Clicking submit
without entering
email id
Alert "Please fill email id"
Pass
TC 05
Clicking submit
without entering
phone number
Alert "Please fill contact number"
Pass
TC 06
Clicking submit
entering confirm
password data
which is not
matching with
password data
Alert "Password and Confirm

Password donot match"
Pass
Table 7.4 Registration testing
2016
34
7.3 Login Testing
TestCase
Number
Testing
Scenario
Expected result
Result
TC - 07
Clicking submit
without entering
login details
Alert "Please enter the username

and password"
Pass
TC - 08
Clicking submit
without entering
password
Alert "Please enter the password"
Pass
TC - 09
Clicking submit
without entering
Username
Alert "Please enter the Username"
Pass
TC - 10
Clicking submit
entering wrong
Username
Alert "Invalid User"
Pass
TC - 11
Clicking submit
entering wrong
password
Pass
TC - 12
Clicking submit
entering wrong
Username and
password
Pass
Table 7.3 login Testing
7.4 Integration Testing

Software integration testing is the incremental integration testing of two or more
integrated software components on a single platform to produce failures caused by interface
2016
35
defects.The task of the integration test is to check that components or software applications,
e.g. components in a software system or one step up software applications at the company
level interact without error.
7.5 Acceptance Testing
User Acceptance Testing is a critical phase of any project and requires significant
participation by the end user. It also ensures that the system meets the functional
requirements.
7.6 Test Cases
Test ID
Test Cases
Expected Result
Select file path File
uploaded Message
to upload files message

TC 01
to the cloud
Select
download
Result Status
is Pass
should successfully
be displayed.
displayed.
file Should show the Successfully
download
option
Actual Result
Pass
list of files in the shows the file

to cloud
to list
the download.
for
download.
file from the

TC - 02
cloud.
Select
Key Prompts to save Successfully
download
option
download
the
Pass
encryption saved.
to file.
the
encryption key
TC 03
file
TC 04
Decryption
of Asks
for Successfully
Pass
2016
file
downloaded
cloud
file
encryption
displays
and fields
36
the
as
on
key expected result.
file and the key

value sent to the
mail
File forwarding
Select file to send Successful

with
recipient
mail ID
TC 05
If User ID is Display message * is displayed

not correct
TC 06
Pass
Fail
Enter the correct

user ID.
Table 7.6 test case for all phase
2016
37
Chapter-8
CONCLUSIONS
How to protect users data privacy is a central question of cloud storage. With more
mathematical tools, cryptographic schemes are getting more versatile and often involve
multiple keys for a single application. Itconsider how to compress secret keys in public-key
cryptosystems which support delegation of secret keys for different ciphertext classes in
cloud storage. No matter which one among the power set of classes, the delegatee can always
get an aggregate key of constant size. It is more flexible than hierarchical key assignment
which can only save spaces if all key-holders share a similar set of privileges. A limitation in
a work is the predefined bound of the number of maximum ciphertext classes. In cloud
storage, the number of ciphertexts usually grows rapidly. So
have to reserve enough
ciphertext classes for the future extension. Although the parameter can be downloaded with
ciphertexts, it would be better if its size is independent of the maximum number of ciphertext
classes.
2016
38
Chapter 9
FUTURE ENCHANCEMENT
Creation of application to which handles the cloud internal storage aspects

with respect to the ciphertext.
The combination of encryption algorithms must be checked with multiple

combinations.
2016
39
BIBLIOGRAPHY
[1] S.S.M. Chow, Y.J. He, L.C.K. Hui, and S.-M.Yiu, SPICE Simple Privacy-Preserving
Identity-Management for Cloud Environment, Proc. 10th Intl Conf. Applied Cryptography
and Network Security (ACNS), vol. 7341, pp. 526-543, 2012.
[2]
L.
Hardesty,
Secure
Computers
Arent
so
Secure.
MIT
press,
http://www.physorg.com/news176107396.html, 2009.
[3] C. Wang, S.S.M. Chow, Q. Wang, K. Ren, and W. Lou, Privacy-Preserving Public
Auditing for Secure Cloud Storage, IEEE Trans. Computers, vol. 62, no. 2, pp. 362-375,
Feb. 2013.
[4] B. Wang, S.S.M. Chow, M. Li, and H. Li, Storing Shared Data on the Cloud via
Security-Mediator, Proc. IEEE 33rd Intl Conf. Distributed Computing Systems (ICDCS),
2013.
[5] S.S.M. Chow, C.-K.Chu, X. Huang, J. Zhou, and R.H. Deng, Dynamic Secure Cloud
Storage with Provenance, Cryptography and Security, pp. 442-464, Springer, 2012.
[6] D. Boneh, C. Gentry, B. Lynn, and H. Shacham, Aggregate and Verifiably Encrypted
Signatures from Bilinear Maps, Proc. 22nd Intl Conf. Theory and Applications of
Cryptographic Techniques (EUROCRYPT 03), pp. 416-432, 2003.
2016
40
[7] M.J. Atallah, M. Blanton, N. Fazio, and K.B. Frikken, Dynamic and Efficient Key
Management for Access Hierarchies, ACM Trans. Information and System Security, vol. 12,
no. 3, pp. 18:1-18:43, 2009.
[8] J. Benaloh, M. Chase, E. Horvitz, and K. Lauter, Patient Controlled Encryption:
Ensuring Privacy of Electronic Medical Records, Proc. ACM Workshop Cloud Computing
Security (CCSW 09), pp. 103-114, 2009.
[9] F. Guo, Y. Mu, Z. Chen, and L. Xu, Multi-Identity Single-Key Decryption without
Random Oracles, Proc. Information Security and Cryptology (Inscrypt 07), vol. 4990, pp.
384-398, 2007.
[10] V. Goyal, O. Pandey, A. Sahai, and B. Waters, Attribute-Based Encryption for FineGrained Access Control of Encrypted Data, Proc. 13th ACM Conf. Computer and Comm.
Security (CCS 06), pp. 89-98, 2006.
[11] S.G. Akl and P.D. Taylor, Cryptographic Solution to a Problem of Access Control in a
Hierarchy, ACM Trans. Computer Systems, vol. 1, no. 3, pp. 239-248, 1983.
[12] G.C. Chick and S.E. Tavares, Flexible Access Control with Master Keys, Proc.
Advances in Cryptology (CRYPTO 89), vol. 435, pp. 316-322, 1989.
[13] W.-G. Tzeng, A Time-Bound Cryptographic Key Assignment Scheme for Access
Control in a Hierarchy, IEEE Trans. Knowledge and Data Eng., vol. 14, no. 1, pp. 182-188,
Jan./Feb. 2002.
[14] G. Ateniese, A.D. Santis, A.L. Ferrara, and B. Masucci, Provably-Secure Time-Bound
Hierarchical Key Assignment Schemes, J. Cryptology, vol. 25, no. 2, pp. 243-270, 2012.
[15] R.S. Sandhu, Cryptographic Implementation of a Tree Hierarchy for Access Control,
Information Processing Letters, vol. 27, no. 2, pp. 95-98, 1988.
2016
41
[16] Y. Sun and K.J.R. Liu, Scalable Hierarchical Access Control in Secure Group
Communications, Proc. IEEE INFOCOM 04, 2004.
USER MANUAL
Software installation
Application is web application so no need to install any extra software other than
browser and check for minimum hardware and software specifications.
User just needs to enter the address of the website given to user.
Reference to snapshot 10.1 the front screen will be appeared and it shows the upload
page of KAC.
Reference to snapshot 10.2 the front screen will be appeared and it shows the admin
login page it will contain username and password. here you must have to enter valid
username and password to operate the application.
Reference to snapshot 10.3 Screen showing uploading files front screen. Here you
must have to enter the public key.
Reference to snapshot 10.4 Screen showing creating public key and the screen
showing the link of dropbox.
Reference to snapshot 10.5 Screen showing private key input. Here you have to enter
the private key then the file can be uploaded in to the cloud.
Reference to snapshot 10.6 Screen showing the finish process of uploading if you
upload the file to cloud then finishing process image will be appeared.
Reference to snapshots 10.7 Screen shows aggregate key if you upload the file to
cloud then aggregate key will be appeared.
Reference to snapshot 10.8 shows the table for user login details here all the user
details can be appeared.
2016
42
Reference to snapshot 10.9 shows the sharing the files user1 to user2. Here sharing
details are appeared.
Reference to snapshot 10.10 showing the login detailes of the user. Here it will be
contain the name, user id, gmail id and the secrete key detailes appeared.
Reference to snapshot 10.11 showing the user registration page it will be containing
the user name, password, mobile number, gmail id. Here user must fill the details of all the
above.
Reference to snapshot 10.12 showing the admin login page if you operate the
application the user must containing the username and password.
Reference to snapshot 10.13 showing the download files front screen here you must
entered the file name, aggregated key and the public key.
Reference to snapshot 10.14 showing the screen public key error checking here if you
entered the wrong public key then the error page appeared.
Reference to snapshot 10.15 showing the aggregate key it will be appeared in the
gamil id it is also the secret key of the file.
2016
43
10. Screen shots
Snapshot 10.1 Upload page
2016
44
Snapshots 10.2 Admin Login page for KAC
2016
45
Snapshots 10.3 upload files
2016
46
Snapshot 10.4 Screen showing creating public key
2016
47
Snapshot 10.5 Screen shows private key input
2016
48
Snapshot 10.6 Screen shows finish process of uploading
2016
49
Snapshot 10.7 aggregate keys
2016
50
Snapshot 10.8 screen showing tables
2016
51
Snapshot 10.9 share files to another user
2016
52
Snapshot 10.10 Screen shows users
2016
53
Snapshot 10.11 user registration
2016
54
Snapshot 6.12 User login
2016
55
Snapshot 10.13 download files
2016
56
Snapshot 10.14 Screen shows error check for publickey
2016
57
Snapshot 10.15 Screen showing Aggregate keys
2016
58
2016
59
2016

Vyshak Report

Diunggah oleh

Informasi Dokumen

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

Vyshak Report

Diunggah oleh

Hak Cipta:

Format Tersedia

Public key encryption by using KAC for sharing data in cloud storage

1.2 Motivation for project

1.3 Company profile

Department of MCA, PESCE, MANDYA

Department of MCA, PESCE, MANDYA

Efficient Ciphertext-Policy ABE with constant ciphertext length

Following the development of promising result of Ciphertext-Policy Attribute-based

2.2 EXISTING SYSTEM

2.3 PROPOSED SYSTEM

calls key-aggregate cryptosystem (KAC). In KAC, users

2.4 TOOLS AND TECHNOLOGY USED

Department of MCA, PESCE, MANDYA

3.2 System Configuration:

3.2.2 Software Configuration

Table 3.2 Hardware & Software Requirements

3.3 Functional and Non-Functional requirement

Performance :This application is up 99.9% and loads fastly.

Safety : It provides safety to the users information by encoding of data.

Usability : It is a user friendly interface.

3.3.2 Functional Requirements

Login page :Forusers login is required to authenticate the user.

3.4.6 Download Multiple File

4.2 Problem Analysis

4.3 FEASIBILITY STUDY

Department of MCA, PESCE, MANDYA

5.2 System perspective

Fig 5.2 Architecture diagram

Department of MCA, PESCE, MANDYA

5.3 Context Diagram

The highest level data flow diagram is the context diagram.

The entire system is represented as a single process.

Generate key and

Fig 5.3 context diagram for KAC

5.4 Module Design

Department of MCA, PESCE, MANDYA

5.5 DETAILED DESIGN

Download encrypt content

Generate Aggregate key and send

Fig 5.5.1 Block diagram for KAC

5.5 Object Oriented Design

Department of MCA, PESCE, MANDYA

Use case diagram for admin & user:

Cloud data storage security

5.7 Sequence diagram

A sequence diagram shows the participants in an interaction and the sequence of

5.7.1 Sequence diagram for user:

Fig 5.7.1 Sequence diagram for User

5.7.2 Sequence diagram for Admin:

Fig 5.7.2 Sequence diagram for Admin

5.8 Activity diagram

Department of MCA, PESCE, MANDYA

5.8.1 Activity diagram for admin:

Fig 5.8.1 Activity diagram for admin

Department of MCA, PESCE, MANDYA

5.8.2 Activity diagram for user:

Fig 5.8.2 activity diagram for user

5.9 Class Diagram

Fig 5.9 Class diagram

Department of MCA, PESCE, MANDYA

Fig 5.10 ER Diagram

Department of MCA, PESCE, MANDYA

5.11 Database design:

Department of MCA, PESCE, MANDYA

6.1.1 Data Owner (Alice)