International Journal of Computer Trends and Technology (IJCTT) volume 5 number 3 Nov 2013

ISSN: 2231-2803 http://www.ijcttjournal.org Page118

A Secure FEC-Based Cloud Storage System With Proxy
Re-Encryption Scheme
Nagesh.M
1
, Kavitha.D
2
#1
M.Tech, Computer Science Engineering, G.Pulla Reddy Engineering College (Autonomous) Kurnool, Andhra Pradesh, India
#2
Professor, Department of CSE, G.Pullareddy Engineering College, Kurnool, Andhra Pradesh, India

Abstract Cloud storage is a model of networked
enterprise storage where data is stored not only in the
user's computer, but in virtualized pools of storage
which are generally hosted by third parties, too. In
information theory, an erasure code is a forward error
correction code for the binary erasure channel.Cloud
storage services may be accessed through a web service
application programming interface, a cloud storage
gateway or through a Web-based user interface.we
propose a brand new threshold proxy re-encryption
scheme to create a secure distributed storage system.
The distributed storage system not solely supports
secure and strong data storage and retrieval, however
conjointly lets a user forward his information within the
storage servers to a different user while not retrieving
the data back. The most technical contribution is that
the proxy re-encryption scheme supports cryptography
operations over encrypted messages yet as forwarding
operations over encoded and encrypted messages.

Index Terms: Cloud storage system, encoding, proxy re-
encryption, encrypted data.
I.INTRODUCTION
CLOUD computing is concept that treats the
resource on the internet as a unified entity. a cloud,
Users simply use services while not caring
concerning however computation is completed and
storage is managed. With cloud computing growing
in quality, tools and technologies area unit rising to
create, access, manage, and maintain the clouds.
Cloud computing offers several advantages, however
it is also susceptible to threats. Because the uses of
cloud computing increase, it's extremely seemingly
that a lot of criminals can attempt to realize new
ways that to use vulnerabilities within the system. to
assist mitigate the threat, cloud computing
stakeholders ought to invest heavily in risk
assessment to make sure that the system encrypts to
safeguard data; establishes trusty foundation to
secure the platform and infrastructure; and builds
higher assurance into auditing to strengthen
compliance.




During this paper, we tend to concentrate on
coming up with a cloud storage system[8] for
hardiness, confidentiality, and practicality. There are
a unit several underlying challenges and risks in
cloud computing that increase the threat of
knowledge being compromised. Security
considerations should be self-addressed so as to
ascertain trust in cloud computing technology.
Distributed networked storage systems[9] give the
storage service on the net. We tend to address the
privacy issue of the distributed networked servers
within the system area unit compromised.
The major challenge of coming up with
these distributed networked storage systems is to
supply an improved privacy guarantee whereas
maintaining the distributed structure. To realize this
goal, we tend to introduce secure localized erasure
code, which mixes a threshold public key
cryptography scheme and a variant of the localized
erasure code. Our secure distributed networked
storage system created by the secure localized erasure
code is localized and strong [4]. Cloud computing is
enclosed by several security problems like securing
knowledge, and examining the use of cloud by the
cloud computing vendors. Initial registration with a
cloud computing service may be a pretty
straightforward method. With shared infrastructure
resources, organizations ought to worry concerning
the service provider's authentication systems that
grant access to knowledge. When the registration
method every user are going to be given a secret key
that is generated by him. The user will store, forward
and retrieve knowledge within the cloud solely when
the key generation. Within the existing system, if the
user loses his key, he is going to be now blocked
from the system. This might lead to interference
several users. Therefore we tend to introduce a
system wherever the user is going to be given two
possibilities. So only if the user loses his secret key
for two times, he are going to be blocked from the
system. As a result of the massive quantity of
knowledge hold on by a cloud, economical process
International Journal of Computer Trends and Technology (IJCTT) volume 5 number 3 Nov 2013
ISSN: 2231-2803 http://www.ijcttjournal.org Page119

and analysis of knowledge has become a difficult
one.
One way to supply knowledge hardiness is
to duplicate a message specified every storage server
stores a replica of the message. Encryption a message
of k symbols into a code word of n symbols by
erasure committal to writing is otherwise to supply
knowledge hardiness. Every code word symbols is
hold on during a totally different storage server to
store a message.

II. IMPLEMENTATION
General encryption schemes protect data
confidentiality, but also limit the functionality of the
storage system because a few operations are
supported over encrypted data. Storing data in a third
partys cloud system causes serious concern on data
confidentiality. For the storage data ,user has to
manage his keys. Single storage server for whole
file.
There are three issues within the on top of
easy integration of encoding and cryptography.
1. The user needs to do most computation and also
the communication traffic between the user and
storage servers is high.
2. The user needs to manage his secret keys. If the
users device of storing the keys is lost or gain access
by unauthorized, the security is broken.
3. Finally, besides knowledge storing and retrieving,
it's arduous for storage servers to directly support
different functions.
In this paper, we are deal with the matter of
forwarding information unique user by storage
servers directly to the command of the data owner.
The system model that consists of distributed storage
servers and key servers. Since storing scientific
discipline keys in an exceedingly single device is
risky, a user distributes his scientific discipline key to
key servers that shall perform scientific discipline
functions on behalf of the user. These key servers
area unit extremely protected by security
mechanisms. To well fit the distributed structure of
systems, we require that servers independently
perform all operations. With this consideration, we
propose a new threshold proxy re-encryption
scheme and integrate it with a secure decentralized
code to form a secure distributed storage system. The
encryption scheme supports encoding operations over
encrypted messages and forwarding operations over
encrypted and encoded messages. Our storage servers
act as storage nodes in a content addressable storage
system for storing content addressable blocks. Our
key servers act as access nodes for providing a front-
end layer such as a traditional file system interface.

III.DESIGN ISSUES
1. User Registration and control
In this module, the user registration
process is done by the admin. Here every users
give their personal details for registration
process. After registration every user will get an
ID for accessing the cloud space. If any of the
user wants to edit their information they have
submit the details to the admin after that the
admin will do the edit and update information
process. This process is controlled by the Admin.
2. Encryption Process
After Successful login of the user, every
users share their information and datas in their own
cloud space provided by the admin. That information
may be sensitive or important data. For providing
security for their information every users storing the
information in their specific cloud. Registered users
only can store the data in cloud, after storing the data
it should not be accessed by the unauthorized
persons, for that reason encryption process is done.
Users who all are registered will be given some
specific cloud space for their storage.
Encryption process is done using Triple
DES algorithm. All the users who are storing their
data in cloud server it will be encrypted and stored in
cloud. Encryption is done using cryptographic keys,
stored data cannot be readable by the unauthorized
users, in this encryption process plain text i.e., the
users data is converted into cipher text for viewing
of that data user should contain keys so that he can
decrypt data and have access on that data.
3. Proxy RE-Encryption
In a proxy re-encryption scheme, a proxy
server can transfer a cipher text under a public key
PKA to a new one under another public key PKB by
using the re-encryption key RKA!B. The server does
not know the plaintext during transformation.
Ateniese et al.[16] proposed some proxy re-
encryption schemes and applied them to the sharing
function of secure storage systems. In their work,
messages are first encrypted by the owner and then
International Journal of Computer Trends and Technology (IJCTT) volume 5 number 3 Nov 2013
ISSN: 2231-2803 http://www.ijcttjournal.org Page120

stored in a storage server. When a user wants to share
his messages, he sends a re-encryption key to the
storage server. The storage server re-encrypts the
encrypted messages for the authorized user. Thus,
their system has data confidentiality and supports the
data forwarding function. Our work further integrates
encryption, re-encryption, and encoding such that
storage robustness is strengthened. Type-based proxy
re-encryption schemes proposed by Tang [17]
provide a better granularity on the granted right of a
re-encryption key. A user can decide which type of
messages and with whom he wants to share in this
kind of proxy re encryption schemes. Key-private
proxy re-encryption schemes are proposed by
Ateniese et al. [18]. In a key-private proxy re-
encryption scheme, given a re-encryption key, a
proxy server cannot determine the identity of the
recipient. This kind of proxy re-encryption schemes
provides higher privacy guarantee against proxy
servers. Although most proxy re-encryption schemes
use pairing operations, there exist proxy re-
encryption schemes without pairing. Proxy re-
encryption schemes are crypto systems which allow
third parties (proxies) to alter a cipher text which has
been encrypted for one user, so that it may be
decrypted by another user. By using proxy re-
encryption technique the encrypted data (cipher text)
in the cloud is again altered by the user. It provides
highly secured information stored in the cloud. Every
user will have a public key nd private key. Public key
of every user is known to everyone but private key is
known only the particular user.
4. Integrity Checking
Integrity checking is that whether the
process of encryption is done properly or not it is
going to verify i.e., encrypted message and cipher
text message if these both messages are not matched
then they conclude that encryption process was not
done properly ,user will get intimation that
encryption process was not done correctly it has to
verified.
If the encryption process was done properly
then it will further go to next step or process. Its main
intention is to check for anti-malware attacks, many
attacks are possible if we dont provide any kind of
security to the confidential data.


5. Data Forwarding, Extraction
In this module data is forwarded to another
user by public key i.e., using that key receiver can
view the data, end user will extract the data.
IV. DISCUSSIONS AND CONCLUSION
In this paper, A cloud storage system
consists of storage servers and key servers. We
integrate a recently planned threshold proxy re-
encryption scheme. The proxy re-encryption scheme
supports cryptography, forwarding, and partial
decoding operations. To decode a message of k
blocks that are encrypted and encoded to n codeword
symbols, every key server has got to partly decode
two codeword symbols in our system. By using proxy
re-encryption scheme, a secure cloud storage system
that gives secure data storage and secure data
forwarding . Every storage server severally performs
cryptography and re-encryption. Every key server
perform partial decoding. Our storage system content
available file systems and storage system are
extremely compatible. Our storage servers act as
storage nodes during a content available storage
system for storing content available blocks. Our key
servers act as access nodes for providing a front-end
layer like a conventional classification system
interface. Any study on careful cooperation is
needed.
V. FUTURE WORK
Users were able to store their information
sing a secure cloud system setup .Future work is to
proposed secured system in which the entirely
approved user can access all the knowledge among
the cloud. If the users access information without
permission they have to be blocked from the network.
A threshold proxy re-encryption scheme may be
projected that supports encoding, forwarding, etc.
Information forwarding technique could be a heap of
secured exploitation crypto logical keys.



International Journal of Computer Trends and Technology (IJCTT) volume 5 number 3 Nov 2013
ISSN: 2231-2803 http://www.ijcttjournal.org Page121

VI. REFERENCES
[1 ] J. Kubiatowicz, D. Bindel, Y. Chen, P. Eaton, D.
Geels, R. Gummadi, S. Rhea, H. Weatherspoon, W.
Weimer, C. Wells, and B. Zhao, Oceanstore: An
Architecture for Global-Scale Persistent Storage,
Proc. Ninth Intl Conf. Architectural Support for
Programming Languages and Operating Systems
(ASPLOS), pp. 190- 201, 2000.
[2 ] P. Druschel and A. Rowstron, PAST: A Large-
Scale, Persistent Peer-to-Peer Storage Utility, Proc.
Eighth Workshop Hot Topics in Operating System
(HotOS VIII), pp. 75-80, 2001.

[3 ] A. Adya, W.J. Bolosky, M. Castro, G. Cermak,
R. Chaiken, J.R. Douceur, J. Howell, J.R. Lorch, M.
Theimer, and R. Wattenhofer, Farsite: Federated,
Available, and Reliable Storage for an Incompletely
Trusted Environment, Proc. Fifth Symp. Operating
System Design and Implementation (OSDI), pp. 1-
14, 2002.

[4 ] A. Haeberlen, A. Mislove, and P. Druschel,
Glacier: Highly Durable, Decentralized Storage
Despite Massive Correlated Failures, Proc. Second
Symp. Networked Systems Design and
Implementation (NSDI), pp. 143-158, 2005.

[5 ] Z. Wilcox-OHearn and B. Warner, Tahoe: The
Least-Authority Filesystem, Proc. Fourth ACM Intl
Workshop Storage Security and Survivability
(StorageSS), pp. 21-26, 2008.

[6 ] H.-Y. Lin and W.-G. Tzeng, A Secure
Decentralized Erasure Code for Distributed Network
Storage, IEEE Trans. Parallel and Distributed
Systems, vol. 21, no. 11, pp. 1586-1594, Nov. 2010.

[7 ] A. Shamir, How to Share a Secret, ACM
Comm., vol. 22, pp. 612- 613, 1979.

[8 ] C. Dubnicki, L. Gryz, L. Heldt, M.
Kaczmarczyk, W. Kilian, P. Strzelczak, J.
Szczepkowski, C. Ungureanu, and M. Welnicki,
Hydrastor: A Scalable Secondary Storage, Proc.
Seventh Conf. File and Storage Technologies
(FAST), pp. 197-210, 2009.

[9 ] C. Ungureanu, B. Atkin, A. Aranya, S. Gokhale,
S. Rago, G. Calkowski, C. Dubnicki, and A. Bohra,
Hydrafs: A High- Throughput File System for the
Hydrastor Content-Addressable Storage System,
Proc. Eighth USENIX Conf. File and Storage
Technologies (FAST), p. 17, 2010.

[10 ] W. Dong, F. Douglis, K. Li, H. Patterson, S.
Reddy, and P. Shilane, Tradeoffs in Scalable Data
Routing for Deduplication Clusters, Proc. Ninth
USENIX Conf. File and Storage Technologies
(FAST), p. 2, 2011.

[11 ] S.C. Rhea, P.R. Eaton, D. Geels, H.
Weatherspoon, B.Y. Zhao, and J. Kubiatowicz,
Pond: The Oceanstore Prototype, Proc. Second
USENIX Conf. File and Storage Technologies
(FAST), pp. 1-14, 2003.

[12 ] R. Bhagwan, K. Tati, Y.-C. Cheng, S. Savage,
and G.M. Voelker, Total Recall: System Support for
Automated Availability Management, Proc. First
Symp. Networked Systems Design and
Implementation (NSDI), pp. 337-350, 2004.
[13 ] A.G. Dimakis, V. Prabhakaran, and K.
Ramchandran, Ubiquitous Access to Distributed
Data in Large-Scale Sensor Networks through
Decentralized Erasure Codes, Proc. Fourth Intl
Symp. Information Processing in Sensor Networks
(IPSN), pp. 111- 117, 2005.

[14 ] A.G. Dimakis, V. Prabhakaran, and K.
Ramchandran, Decentralized Erasure Codes for
Distributed Networked Storage, IEEE Trans.
Information Theory, vol. 52, no. 6 pp. 2809-2816,
June 2006.

[15 ] M. Mambo and E. Okamoto, Proxy
Cryptosystems: Delegation of the Power to Decrypt
Ciphertexts, IEICE Trans. Fundamentals of
Electronics, Comm. and Computer Sciences, vol.
E80-A, no. 1, pp. 54- 63, 1997.

[16 ] M. Blaze, G. Bleumer, and M. Strauss,
Divertible Protocols and Atomic Proxy
Cryptography, Proc. Intl Conf. Theory and
Application of Cryptographic Techniques
(EUROCRYPT), pp. 127-144, 1998.

[17 ] G. Ateniese, K. Fu, M. Green, and S.
Hohenberger, Improved Proxy Re-Encryption
Schemes with Applications to Secure Distributed
Storage, ACM Trans. Information and System
Security, vol. 9, no. 1, pp. 1-30, 2006.

[18 ] Q. Tang, Type-Based Proxy Re-Encryption
and Its Construction, Proc. Ninth Intl Conf.
Cryptology in India: Progress in Cryptology
(INDOCRYPT), pp. 130-144, 2008.

International Journal of Computer Trends and Technology (IJCTT) volume 5 number 3 Nov 2013
ISSN: 2231-2803 http://www.ijcttjournal.org Page122

[19 ] G. Ateniese, K. Benson, and S. Hohenberger,
Key-Private Proxy Re-Encryption, Proc. Topics in
Cryptology (CT-RSA), pp. 279-294, 2009.

[20 ] J. Shao and Z. Cao, CCA-Secure Proxy Re-
Encryption without Pairings, Proc. 12th Intl Conf.
Practice and Theory in Public Key Cryptography
(PKC), pp. 357-376, 2009.