Final Report

Identity-Based Encryption
Abstract
Abstract
Identity-based encryption (IBE) is a public key cryptosystem and eliminates the

demands of public key infrastructure (PKI) and certificate administration in conventional
public key settings. Due to the absence of PKI, the revocation problem is a critical issue
in IBE settings. Several revocable IBE schemes have been proposed regarding this issue.
Quite recently, by embedding an outsourcing computation technique into IBE, Li et al.
proposed a revocable IBE scheme with a key-update cloud service provider (KU-CSP).
However, their scheme has two shortcomings. One is that the computation and
communication costs are higher than previous revocable IBE schemes. The other
shortcoming is lack of scalability in the sense that the KU-CSP must keep a secret value
for each user. In the article, we propose a new revocable IBE scheme with a cloud
revocation authority (CRA) to solve the two shortcomings, namely, the performance is
significantly improved and the CRA holds only a system secret for all the users. For
security analysis, we demonstrate that the proposed scheme is semantically secure under
the decisional bilinear Diffie-Hellman (DBDH) assumption. Finally, we extend the
proposed revocable IBE scheme to present a CRA-aided authentication scheme with
period-limited privileges for managing a large number of various cloud services.
B.E, VTU Regional Center Page 1

CHAPTER 1
INTRODUCTION
1.1 Introduction
Identity based public key system is an attractive alternative for public key cryptography.
DENTITY (ID)-based public key system (ID-PKS) [1], [2] ID-PKS setting eliminates the
demands of public key infrastructure (PKI) and certificate administration in conventional
public key settings. An ID-PKS setting consists of users and a trusted third party (i.e.
private key generator, PKG). The PKG is responsible to generate each user’s private key
by using the associated ID information (e.g. e-mail address, name or social security
number). Therefore, no certificate and PKI are required in the associated cryptographic
mechanisms under ID-PKS settings. In such a case, ID-based encryption (IBE) allows a
sender to encrypt message directly by using a receiver’s ID without checking the
validation of public key certificate.
Accordingly, the receiver uses the private key associated with her/his ID to decrypt such
cipher text. Since a public key setting has to provide a user revocation mechanism, the
research issue on how to revoke misbehaving/compromised users in an ID-PKS setting is
naturally raised. In conventional public key settings, certificate revocation list (CRL) [3]
is a well-known revocation approach. In the CRL approach, if a party receives a public
key and its associated certificate, she/he first validates them and then looks up the CRL to
ensure that the public key has not been revoked. In such a case, the procedure requires the
online assistance under PKI so that it will incur communication bottleneck. To improve
the performance, several efficient revocation mechanisms [4], [5], [6], [7], [8] for
conventional public key settings have been well studied for PKI. Indeed, researchers also
pay attention to the revocation issue of ID-PKS settings. Several revocable IBE schemes
have been proposed regarding the revocation mechanisms in ID-PKS settings.

In 2015, by a cloud-aided service provider, Li et al. [24] introduced an outsourcing

computation technique into IBE to propose a revocable IBE scheme with a key-update
cloud service provider (KU-CSP). They shifts the key-update procedures to a KU-CSP to
alleviate the load of PKG. Li et al. also used the similar technique adopted in Tseng and
Tsai’s scheme [23], which partitions a user’s private key into an identity key and a time
update key. The PKG sends a user the corresponding identity key via a secure channel.
Meanwhile, the PKG must generate a random secret value (time key) for each user and
send it to the KU-CSP. Then the KUCSP generates the current time update key of a user
by using the associated time key and sends it to the user via a public channel. To revoke a
user, the PKG just asks the KU-CSP to stop issuing the new time update key of the user.
1.2 System Architecture
We introduce a cloud revocation authority (CRA) to replace the role of the KU-CSP in Li
et al.’s scheme. The CRA only needs to hold a random secret value (master time key) for
all the users without affecting the security of revocable IBE scheme. The CRA uses the
master time key to generate the current time update key periodically for each non-
revoked user and sends it to the user via a public channel. It is evident that our scheme
solves the un-scalability problem of the KU-CSP. Our system model is depicted in Fig. 2.
Figure 1 System model for revocable IBE scheme with CRA

1.3 Organization of the Report
The project report is as follows with total 9 chapters, references and appendices
Chapter 1: Introduction- Brief explanations and overall information carried out in this
phase.
Chapter 2: Literature Survey- Surveys all the related work to the project.
Chapter 3: System Requirements Specification- It describes all the functional and non-
functional requirements of the project work.
Chapter 4: System Analysis- Briefly describes the problems of existing system; to

overcome that problem proposed system is efficiently sorted.
Chapter 5: System Design- The task of data flow diagram and the system architecture
and sequence diagrams.
Chapter 6: Implementation- It describes the modules used for project and the
technologies used.
Chapter 7: Testing- Deals with the types of testing that are used to rectify the faults in
systems and also test cases to validate the project.
Chapter 8: Conclusion and Future Enhancement- it provides the brief summary of

project and make sure to enhance the work in future.
Bibliography: This section deals with the references with are referred to establish this
work.
Appendix: This section deals with related paper publication and the abbreviation of
terms used in this project.

CHAPTER 2
LITERATURE SURVEY
In 2001, Boneh and Franklin [2] proposed the first practical IBE scheme from the Weil
pairing and suggested a simple revocation method in which each non-revoked user
receives a new private key generated by the PKG periodically. A period can be set as a
day, a week, a month, etc. A sender uses a designated receiver’s ID and current period to
encrypt messages while the designated receiver decrypts the ciphertext using the current
private key. Hence, it is necessary for the users to update new private keys periodically.
To revoke a user, the PKG simply stops providing the new private key for the user. It is
obvious that a secure channel must be established between the PKG and each user to
transmit the new private key and this would result in heavy load for the PKG.
In order to alleviate the load of the PKG in Boneh and Franklin’s scheme, Boneh et al.
[9] proposed another revocation method, called immediate revocation. Immediate
revocation method employs a designated semi-trusted and online authority (i.e. mediator)
to mitigate the management load of the PKG and assist users to decrypt ciphertext [10],
[11], [12], [13]. In such a case, the online mediator must hold shares of all the users’
private keys. Since the decryption operation must involve both parties, neither the user
nor the online mediator can cheat one another. When a user was revoked, the online
mediator is instructed to stop assistingthe user. However, the online mediator must help
users to decrypt each ciphertext so that it becomes a bottleneck for such schemes as the
number of users grows enormously.
In Boneh and Franklin’s revocation method [2], all the users must periodically update
new private keys sent by the PKG. As the number of users increases, the load of key
updates becomes a bottleneck for the PKG. In 2008, Boldyreva et al. [14] proposed a
revocable IBE scheme to improve the key update efficiency. Their revocable IBE scheme
is based on the concept of the Fuzzy IBE [35] and adopts the complete subtree method to
decrease the number of key updates from linear to logarithmic in the number of users.
Indeed, by binary tree data structure of users, the scheme efficiently alleviates the key-
update load of the PKG. Furthermore, Libert and Vergnaud [16] improved the security of

Boldyreva et al.’s revocable IBE scheme by presenting an adaptive-ID secure scheme.

Nevertheless, Boldyreva et al.’s scheme still results in several problems: (1) Each user’s
private key size is 3log n points in an elliptic curve, where n is the number of leaf nodes
(users) in the binary tree. (2) The scheme also results in enormous computation workload
for encryption and decryption procedures. (3) It is enormous load for PKG to maintain
the binary tree with a large amount of users.
Moreover, Seo and Emura [17] refined the security model of Boldyreva et al.’s revocable
IBE scheme [14] by considering a new threat, called decryption key exposure attacks.
Based on the idea of Libert and Vergnaud’s scheme [16], they also proposed a revocable
IBE scheme with decryption key exposure resistance. In order to reduce the sizes of both
private keys and update keys, Park et al. [18] proposed a new revocable IBE scheme by
using multilinear maps, but the size of the public parameters is dependent to the number
of users. For achieving constant the size of the public parameters, Wang et al. [19]
employed both the dual system encryption methodology [20] and the complete subtree
method [14] to propose a new revocable IBE scheme.
Furthermore, Seo and Emura [21] extended the concept of revocable IBE scheme to
propose the first revocable HIBE scheme. In Seo and Emura’s scheme, for each period,
each user generates a secret key by multiplying some of the partial keys, which depends
on the partial keys used by ancestors in the hierarchy tree. In such a case, the secret key
size of each user increases quadratically in the hierarchy tree wherein a low-level user
must know the history of key updates performed by ancestors in the current time period,
and it renders the scheme very complex. In 2015, Seo and Emura [22] proposed a new
method to construct a novel revocable HIBE scheme with history-free updates.
Nevertheless, the mentioned revocable IBE and HIBE schemes above [17], [18], [19],
[21], [22] employed the complete subtree method to decrease the number of key updates
from linear to logarithmic in the number of users. However, these schemes also suffered
from the same disadvantages of Boldyreva et al.’s revocable IBE scheme [14] and still
used a secure channel to transmit periodic private keys. In 2012, Tseng and Tsai [23]
proposed a new revocable IBE scheme to remove the usage of secure channel between
each user and the authority and use a public channel instead to transmit users’ periodic

private keys. They partition a user’s private key into two components, namely, an identity
key and a time update key. The identity key is a secret key associated with user’s ID,
which is sent to the user via a secure channel and remains fixed since being issued. The
time update key is a key associated with user’s ID and time period, which is changed
along with time. The PKG periodically generates current time update keys for non-
revoked users and sends them to these users via a public channel. A user is able to
decrypt the ciphertext if she/he possesses both the identity key and the legitimate time
update key. In other words, to revoke a particular user, the PKG simply stops issuing the
new time update key for the user. However, the key-update efficiency is linear in the
number of users so that the computation burden of PKG is still enormous.

CHAPTER 3
SYSTEM REQUIREMENTS SPECIFICATIONS
System Requirement Specification is used for the programming contexture that are
basically being for the functionality of the system can do, and also for the work behind
the organization for describing and to understand the client’s needs. The purpose of SRS
gives the requirement to be master planed of a system or sub-system. It generally
provides for the capable clients needful conditions at a particular instance of time before
the work is finalize.
3.1 System Overview
A software requirements specification is a complete that describes the behavior of system

to be developed. Use case techniques can be used to find the product of functional
requirements or supplementary requirements. A non functional requirement performs the
engineering requirements, quality of standards.
Purpose:
The purpose of SRS document is to list the user requirements in the organized manner. It
defines all the constraints and software requirements needed to understand the application
and documents. The user should be able to understand the purposed system after going
through the SRS documents and should be in position to incorporate some changes
required.
3.1.1 Functional Requirement Specification

The functional requirements are designed to carry out to the clients. The requirements
used by the clients should be very well defined for the operation of the system. The
clients understand what the services to be provided, objectives to be defined and how the
system will react with particular input. The development of functional requirement leads
to the specific operations, major requirements to develop project, the types of software to
be tested and what does the system need to be specified. The input and output data should
be taken to the use with characteristics of clients data. The specified task of functional

requirement of system should understand the brief description of clients needs. The
resources those are very essential to estimate the operations, costs, analysis and the
information to be carried.
Functional Requirements
 Implementation of novel approach of Cloud revocation authority in cloud.

 The scalability problem which is not solved in Existing approach between the
cloud and users needs to be resolved.
 Reduction of the outsourced computation of authority proposed approach
compared to the KU-CSP approach.
 Mitigate the workload of the PKG.
3.1.2 Non Functional Requirement Specification

Non-Functional requirements are indirectly specified for the structure of project. The
requirements with the specified function may carry different constraints to perform the
system. The quality of the system are presides to measure the constraints of the system
capabilities. The measure of Non-Functional requirements allows the clients to indirectly
concentrate on the system analysis.
Qualities of Non-Functional Requirements are
o Security
o Usability
o Maintainability
o Scalability
o Portability

3.1.3 Hardware Requirements
o Processor : Pentium IV 2.4 GHz

o Hard Disk : 500 GB.
o Monitor : 15 VGA Colour.
o Mouse : Logitech.
o Ram : 4GB
o Keyboard : Standard 102 Keys
3.1.4 Software Requirements
o Operating system : Windows 7

o Coding Language : Java2EE
o Database : MYSQL
3.2 Software Description
3.2.1 Java
Java is a multi-paradigm with the object-oriented of class based and structure data.
Java is designed by James Gosling. It is object-oriented programming language
with similar to C++. Java is originated at Sun Micro system and it is designed to
have a implementation dependencies. Java is the one of the most recommended
programming language in the web applications for client-server development. The
Java technologies are mainly under General Public License (GNU). The java
compliers, virtual machines and class libraries are developed by Sun Micro
systems. The latest version of Java 8, it is the only version supported by Oracle
There are five goals in the creation of Java Programming
o Java is simple and object-oriented.

o Java should be robust and secure.
o It is architecture-neutral and portable.
o It must execute with the high performance.

o It is dynamic in nature.
3.2.2 MySQL
MySQL mainly deals with the storing and retrieving the databases. The databases are
mainly in the form of RDBMS (Relational Database Management System). The database
provides and used to the open sources for the client-server model. The database that
allows constraints with the implementation of tables, indexes, columns and also for the
update the indexes simultaneously. MySQL is a open source software with the license
specified, so it is free to use for user. The language that used in MySQL standards is SQL
Data. MySQL is very effective and quickly access the database in the traditional business
areas. It is a very powerful program to handles the packages. The language that supports
the MySQL is PHP, PERL, C, C++ etc. It is user friendly with the license provided to
modify to fit the user environment.

CHAPTER 4
SYSTEM ANALYSIS
The software development is generally carried out with the System Analysis and Design.
The system analysis provides various detailed information of existing performance that
may lead to the configuration of the new system. The problem in the existing system will
be the drawbacks and to overcome this problem, the proposed system may raise with the
improvement with the solutions for existing system. The process of studying the system
analysis in order to identify the goals and objectives of system
4.1 Problem statement and objectives of the Research
In the proposed approach Each user’s private key consists of an identity key and a time
update key. We introduce a cloud revocation authority (CRA) to replace the role of the
KU-CSP in Li et al.’s scheme. The CRA only needs to hold a random secret value
(master time key) for all the users without affecting the security of revocable IBE
scheme. The CRA uses the master time key to generate the current time update key
periodically for each non-revoked user and sends it to the user via a public channel. It is
evident that our scheme solves the un-scalability problem of the KU-CS
4.1.1 Objectives:
 To implement novel approach of Cloud revocation authority in cloud.

 To address the scalability problem between the cloud and users.
 Reduce the Outsourced computation of authority.
 Mitigate the workload of the PKG .
4.2 System Study

4.2.1 Feasibility Study
The Feasibility of project provides the various constraints to the quality of being weak or
strong to plan the purpose of the business needs. To estimate the costs, performance, the
designed implementation and the resource being defined for the environment. The
various accepts that perform through the description of project, the operation of technical
knowledge, managing the resources and mainly capable for the success. It is carried out
during the proposed system, the future requirements may also includes the level of
system resources.
The feasibility study contains the three key:
o Economic Feasibility
o Technical Feasibility
o Social Feasibility
4.2.2 Economic Feasibility
The Economic Feasibility provides the constraints that determine the quality and
identifying the purpose of project. It provides the estimation for possible technical
requirements; the investment offered by organizer to develop a system and the
technologies is often used for the customer needs.
4.1.3 Technical Feasibility
The study of technical feasibility provides the aspects of technical knowledge to

determine the system requirements and also designing the system resources. The
modernized development of system is implemented for attracting the customers to define
the project. The technicality provides a highly quality of service for the client’s
satisfactions.
4.2.4 Social Feasibility
The study of social feasibility defines how the outside environment will accepts the
system requirements. It is designed in such a way that how confidently and convincingly
reaches to the user, the level of accepting the project and the defined requirement of

project. The goal is to satisfy the clients required outcome and also to manage how the
system to be used by user for further purpose.
4.3 Existing System
A revocable IBE scheme with a key-update cloud service provider (KU-CSP). In

this system, which shifts the key-update procedures to a KU-CSP to alleviate the load of
PKG. According to this methodology user’s private key is partitioned into an identity key
and a time update key. The PKG sends a user the corresponding identity key via a secure
channel. Meanwhile, the PKG must generate a random secret value (time key) for each
user and send it to the KU-CSP. Then the KUCSP generates the current time update key
of a user by using the associated time key and sends it to the user via a public channel. To
revoke a user, the PKG just asks the KU-CSP to stop issuing the new time update key of
the user. Their system model is depicted in Fig. 1. However, their scheme has two
shortcomings. One is that the computation and communication costs are higher than
previous revocable IBE schemes [2], [23]. The other shortcoming is un-scalability in the
sense that the KU-CSP must keep a time key for each user so that it will incur the
management load.
Fig 1: Proposed system of KUCSP model

4.4 PROPOSED SYSTEM
The proposed approach address the the limitations of the existing approach. In this
research methodology each user’s private key still consists of an identity key and a time
update key. This research introduces a cloud revocation authority (CRA) to replace the
role of the KU-CSP in Li et al.’s scheme. The CRA only needs to hold a random secret
value (master time key) for all the users without affecting the security of revocable IBE
scheme. The CRA uses the master time key to generate the current time update key
periodically for each non-revoked user and sends it to the user via a public channel. It is
evident that our scheme solves the un-scalability problem of the KU-CSP. Proposed
system model is depicted below.
Fig 2: IBE Revocation model

CHAPTER 5
SYSTEM DESIGN
This document gives the design of the overall project. Software development is the phase
which is very important for the supernova of the software, which is called as design
phase. The design phase should satisfy the functional and non-functional requirements for
the effectiveness for satisfying all the constraints and objectives of the project. It mainly
concentrates on the modules that needed for system. The design phase depends mainly on
the specification of feasibility survey.
5.1Data Flow Diagram
The information stream outline demonstrates the graphical portrayal, similar to game
plans it is utilized to speak to the information through the sources of info, different sorts
of information examination will be completed and the coveted yield will be produced.
These parts will be utilized to demonstrate the framework and it will be displayed by to
contemplate quickly regarding the info. In the framework outline the DFD will
demonstrate the stream of whole parts. The stream of data will in arrangement of change
utilizing this framework.
Fig 2: Data Flow diagram

USE CASE:
An utilization case in programming designing and frameworks building is a portrayal of a
framework's conduct as it reacts to a demand that starts from outside of that framework.
As it were, an utilization case depicts "who" can do "what" with the framework being
referred to. The utilization case method is utilized to catch a framework's behavioral
necessities by specifying situation driven strings through the useful prerequisites.
Utilize cases portray the connection between at least one performing artists (an on-screen
character that is the initiator of the communication might be alluded to as the 'essential
performer') and the framework itself, spoken to as a succession of basic strides.
Performing artists are something or somebody which exists outside the framework ('black
box') under review, and that partake in a grouping of exercises in a discourse with the
framework to accomplish some objective. On-screen characters might be end clients,
different frameworks, or equipment gadgets. Each utilization case is a total arrangement
of occasions, depicted from the perspective of the on-screen character.
Fig 3: Use case Diagram

SEQUENCE DIAGRAM
A sequence diagram in Unified Modelling Language (UML) is a sort of

cooperation chart that shows how forms work with each other and in what arrange. It is a
develop of a Message Sequence Chart. Succession outlines are some of the time called
Event-follow graphs, occasion situations, and timing charts.
A succession graph appears, as parallel vertical lines ("helps"), distinctive

procedures or items that live at the same time, and, as even bolts, the messages traded
between them, in the request in which they happen. This permits the particular of basic
runtime situations in a graphical way.
Figure 4: project Sequence diagram

CHAPTER 6
IMPLEMENTATION
Usage is a procedure of preparatory game plan of use or the execution of plan which may
prompt the fruitful result of the venture. The utilization of framework must require the
advances required for the setting of module to work, the thought behind the arranging,
playing out the calculations as a programming execution and the product and equipment
prerequisites detail of PC framework utilizing the fruitful arrangement of establishments,
designs, running of venture, execution of venture. What's more, principally testing will
improve the outline of venture. The execution is the acknowledgment of utilization,
calculations and the product parts of the framework ought to be conveyed.
The execution arranges in a system reach out to the benefit of possess right. It
additionally incorporates:
 Carefully planned.
 Investigation for future work.
 Developers should be trained.
6.1 Module Description
 Cloud Based Revocation.

 Public Key Generator.
 Revocation Authourity.
 Encryption Module.
6.1.1 Cloud Based Revocation:
Several revocable IBE schemes have been proposed regarding this issue. Quite
recently, by embedding an outsourcing computation technique into IBE, Li et al.

proposed a revocable IBE scheme with a key-update cloud service provider (KU-CSP).
However, their scheme has two shortcomings.
One is that the computation and communication costs are higher than previous
revocable IBE schemes. The other shortcoming is lack of scalability in the sense that the
KU-CSP must keep a secret value for each user.
In the article, we propose a new revocable IBE scheme with a cloud revocation
authority (CRA) to solve the two shortcomings, namely, the performance is significantly
improved and the CRA holds only a system secret for all the users. For security analysis,
we demonstrate that the proposed scheme is semantically secure under the decisional
bilinear Diffie-Hellman (DBDH) assumption.
Finally, we extend the proposed revocable IBE scheme to present a CRA-aided

authentication scheme with period-limited privileges for managing a large number of
various cloud services.
6.1.2 Public Key Generator:
Revocation method in which each non-revoked user receives a new private key
generated by the PKG periodically. A period can be set as a day, a week, a month, etc. A
sender uses a designated receiver’s ID and current period to encrypt messages while the
designated receiver decrypts the ciphertext using the current private key.
Hence, it is necessary for the users to update new private keys periodically. To
revoke a user, the PKG simply stops providing the new private key for the user. It is
obvious that a secure channel must be established between the PKG and each user to
transmit the new private key and this would result in heavy load for the PKG.
In order to alleviate the load of the PKG in Boneh and Franklin’s scheme, Boneh
et al. proposed another revocation method, called immediate revocation. Immediate
revocation method employs a designated semi-trusted and online authority (i.e. mediator)
to mitigate the management load of the PKG and assist users to decrypt ciphertext In
such a case.

the online mediator must hold shares of all the users’ private keys. Since the
decryption operation must involve both parties, neither the user nor the online mediator
can cheat one another.
6.1.3 Revocation Authority:
Key updates from linear to logarithmic in the number of users. However, each user’s
private key size is O(log n), where n is the number of users. These schemes still used a
secure channel to transmit periodic private keys while no other authority shares the
responsibility of user revocation.
In Tseng and Tsai’s revocable IBE scheme , both the identity key and time update
key are issued by the PKG. In order to alleviate the load of the PKG, Li et al. employed a
key update cloud service provider (KU-CSP) to share the responsibility of user
revocation. In our revocable IBE scheme, we employ a cloud revocation authority (CRA)
to perform user revocation.
Indeed, the PKG in Li et al.’s scheme and ours may also perform the revocation
operations. Both the KUCSP and the CRA are designated to share responsibility for
performing user revocation. For scalability, the KU-CSP in Li et al.’s scheme must keep
n various time keys for n users so that it does not possess scalability and incurs the
management load.
On the contrast, the CRA in our scheme holds only one master time key for all
the users. When the number n of users in the system is very large, the PKG may
designate multiple CRAs to share the responsibility of user revocation while each CRA
holds only the same master time key. However, in Li et al.’s scheme, each KUCSP must
also keep n time keys. Indeed, cloud computing is a ubiquitous computing environment.
so that putting multiple CRAs on clouds may provide convenient management of

user revocation while reducing the load of the single PKG. The detailed comparisons
regarding computation and communication efficiency will be given in Section .
6.1.4 Encryption Module:

Moreover, Seo and Emura refined the security model of Boldyreva et al.’s
revocable IBE scheme by considering a new threat, called decryption key exposure
attacks. Based on the idea of Libert and Vergnaud’s scheme they also proposed a
revocable IBE scheme with decryption key exposure resistance.
In order to reduce the sizes of both private keys and update keys, Park et al.
proposed a new revocable IBE scheme by using multilinear maps, but the size of the
public parameters is dependent to the number of users. For achieving constant the size of
the public parameters, Wang et al. employed both the dual system encryption
methodology and the complete subtree method to propose a new revocable IBE scheme.
Furthermore, Seo and Emura extended the concept of revocable IBE scheme to
propose the first revocable HIBE scheme. In Seo and Emura’s scheme, for each period,
each user generates a secret key by multiplying some of the partial keys, which depends
on the partial keys used by ancestors.
In such a case, the secret key size of each user increases quadratically in the
hierarchy tree wherein a low-level user must know the history of key updates performed
by ancestors in the current time period, and it renders the scheme very complex Seo and
Emura proposed a new method to construct a novel revocable HIBE scheme with history-
free updates.
Nevertheless, the mentioned revocable IBE and HIBE schemes above employed
the complete subtree method to decrease the number of key updates from linear to
logarithmic in the number of users. However, these schemes also suffered from the same
disadvantages of Boldyreva et al.’s revocable IBE scheme and still used a secure channel
to transmit periodic private keys.

CHAPTER 7
TESTING
Programming Testing is the most critical piece of the developer where the blunders or
blames or the disappointments of the framework is discernable. Programming testing is
one of the predetermined parts of planning, nature of the product and the execution of
code, where the disappointments happens the framework won't gives the legitimate yield
to clients. Disappointments are happened because of the developer's issues, so it can
simple to recognize by the software engineers. It might bring about the disappointment
for the framework, so the software engineer ought to know about outlining devices,
scraps for changing the conduct of framework. In the wake of creating stage,
programming testing is vital to break up the deficiencies rapidly. Testing is a
synchronized procedure where the data is taken care by improvement group.
The primary objective of testing is to correct the bugs, issues or blunders. To recognize
mistakes the test engineers needs to test every individual segments of the venture arrange
module. Every module is tried for the better execution and by checking the modules the
mistakes are recognized. It confirms that the frameworks achieved its prerequisites are
definitely not. By examining the every modules and mistakes are pester out of framework
to get particular yield.
Dissimilar to every module gives the required yield, the assurance of test designer
prompts the rightness of framework projects. The last module stage is intended to
maintain a strategic distance from the disappointments and to expel deficiencies. So it's
ideal to give the testing stage to the advancement of the venture.
7.1 Testing Principles
The testing goal of the framework programming is to make a point to substantiate the
framework condition by dissolving the flaws and blunders.
Some of the basic principles of testing are:

o “A successful test to be carried out which holds the capability of finding errors.”
o “Planning of testing phase may required long time.”
o “The tests are performed according to the clients need.”
o “Effective test should require for detecting all errors.”
o “Exhaustive testing is not possible”
7.2 Test Plan
The test plan is one of the essential stages in the framework testing. It serves to the
general population who are working outside the testing field. The correct arranging
makes the item to build up to customer. The test arrange gives the documentation of the
exercises performed for programming testing and its serves to approve the yield work.
7.3 Phases of Test
The phases of testing are:

o Unit Test
o Integration Test
o System Test
7.3.1 Unit Test

Unit testing as the name portrays that the testing procedure is completed with the testing
where every individual models are tried in a steady progression. The operation to perform
unit testing is to figure out where every module testing is approve or not. The
investigation of testing gives the fruitful result and to perform correct report
determination. The capacity of unit test additionally upgrades the level of testing before
the reconciliation procedure. By testing every module the blunders are recognized in
before stages and this may prompt the yearning yield of the projects. Unit testing isolates
the every individual piece of modules and redresses whether the module is executed or
not. The essential execution is to give an end-clients to enhancing the application
programming, business handle and the level of framework setup.

7.3.2 Integration Test
It is test where every one of the exhibitions are planned with the product testing
procedure and individual set programming's are coordinated to perform in a gathering to
run the one program. The fulfillment of this testing leads just when exhibitions of every
necessities, programming modules and programming design. The yield execution makes
when all reconciliation test modules are determined to play out the testing procedure with
craving input. At long last mix testing furnishes end-client with accuracy of the yield
with determined programming testing.
7.3.3 System Test

Framework Testing is one of the testing procedure where the fruition of testing stage is
for the most part relies on upon System. Framework testing gives the spine support to all
the testing stage on the grounds that once the consummation of all the testing procedure
the framework testing plays out the Hardware and Software Requirement Specifications
and the Software situated examination of framework. This depends on the desire of end-
client, where it ought to fulfilled to get crave result.
7.4 Test Cases
Test cases are the arrangement of conditions that are being utilized to mediate an
application by building up the testing of all the required things that must be tried whether
the application is working legitimately or not. It will check the target and the objective a
framework should be accomplished. At long last the info which must be given and the
normal yield from the framework are to be known the execution of the framework can be
additionally checked.

Table 7.1: Test Case 1
Name of the Test Testing for User Registration

Feature bring Tested User creation with n no of attributes
Description Creating user with specified attributes size

and values
Sample input ID, password, e mail
Expected output User will be registered with status message
Actual Output A dialogue box will open to display status
Remarks Test case Pass
Name of the Test Testing for File upload
Feature bring Tested File upload to the cloud
Description File upload to the cloud database in order to

perform key aggregation
Sample input Text file
Expected output User will be able to get file upload status

message
Actual Output A dialogue box will open to display file
upload status

Name of the Test Testing for effective search

Feature bring Tested Implementation of key Generation
Description Based on the time the keys will be
generated for the each uploaded file
Sample input Time details
Expected output N number of keys will be generated
Actual Output A page will be displayed which shows the

4 secret keys pertaining to time.
Name of the Test Testing for the file download
Feature bring Tested File download from the effective search
Description From the cloud database file can be

downloaded by providing proper secret and
private key
Sample input Private Key, secret key
Expected output File needs to be downloaded.
Actual Output List of files will be displayed , file can be

downloaded by giving its secret key and
public key

Name of the Test Testing for private key

Feature bring Tested Implementation of private key
Description Private key will be generated when user
login to the cloud.
Sample input User id and password
Expected output Private key needs to be generated
Actual Output Private key will be generated for each

successful login and key will be sent to
the registered e mail id.

CHAPTER 8
CONCLUSION
In this article, we proposed a new revocable IBE scheme with a cloud revocation
authority (CRA), in which the revocation procedure is performed by the CRA to alleviate
the load of the PKG. This outsourcing computation technique with other authorities has
been employed in Li et al.’s revocable IBE scheme with KU-CSP. However, their scheme
requires higher computational and communicational costs than previously proposed IBE
schemes. For the time key update procedure, the KU-CSP in Li et al.’s scheme must keep
a secret value for each user so that it is lack of scalability. In our revocable IBE scheme
with CRA, the CRA holds only a master time key to perform the time key update
procedures for all the users without affecting security. As compared with Li et al.’s
scheme, the performances of computation and communication are significantly improved.
By experimental results and performance analysis, our scheme is well suited for mobile
devices. For security analysis, we have demonstrated that our scheme is semantically
secure against adaptive-ID attacks under the decisional bilinear Diffie-Hellman
assumption. Finally, based on the proposed revocable IBE scheme with CRA, we
constructed a CRA aided authentication scheme with period-limited privileges for
managing a large number of various cloud services.

REFERENCES
[1] A. Shamir, “Identity-based cryptosystems and signature schemes,” Proc. Crypto’84,

LNCS, vol. 196, pp. 47-53, 1984.
[2] D. Boneh and M. Franklin, “Identity-based encryption from the Weil pairing,” Proc.
Crypto’01, LNCS, vol. 2139, pp. 213-229, 2001.
[3] R. Housley, W. Polk, W. Ford, and D. Solo, “Internet X.509 public key infrastructure
certificate and certificate revocation list (CRL) profile,” IETF, RFC 3280, 2002.
[4] W. Aiello, S. Lodha, and R. Ostrovsky, “Fast digital identity revocation,” Proc.
Crypto’98, LNCS, vol. 1462, pp. 137-152, 1998.
[5] M. Naor and K. Nissim, “Certificate revocation and certificate update,” IEEE Journal
on Selected Areas in Communications, vol.18 , no. 4, pp. 561 - 570, 2000.
[6] S. Micali, “Novomodo: Scalable certificate validation and simplified PKI

management,” Proc. 1st Annual PKI Research Workshop, pp. 15-25, 2002.
[7] F. F. Elwailly, C. Gentry, and Z. Ramzan, “QuasiModo: Efficient certificate

validation and revocation,” Proc. PKC’04, LNCS, vol. 2947, pp. 375-388, 2004.
[8] V. Goyal, “Certificate revocation using fine grained certificate space partitioning,”
Proc. Financial Cryptography, LNCS, vol. 4886, pp.247-259, 2007.
[9] D. Boneh, X. Ding, G. Tsudik, and C.-M. Wong, “A Method for fast revocation of
public key certificates and security capabilities,” Proc.10th USENIX Security Symp., pp.
297-310. 2001.
[10] X. Ding and G. Tsudik, “Simple identity-based cryptography with mediated RSA,”
Proc. CT-RSA’03, LNCS, vol. 2612, pp. 193-210, 2003.
[11] B. Libert and J. J. Quisquater, “Efficient revocation and threshold pairing based
cryptosystems,” Proc. PODC2003, pp. 163-171, 2003.

[12] J. Baek and Y. Zheng, “Identity-based threshold decryption,” Proc. PKC’04, LNCS,
vol. 2947, pp. 262-276, 2004.
[13] H.-S. Ju, D.-Y. Kim, D.-H. Lee, H. Park, and K. Chun, “Modified ID-based
threshold decryption and its application to mediated IDbased encryption,” Proc.
APWeb2006, LNCS, vol. 3841, pp. 720-725,2006.
[14] A. Boldyreva, V. Goyal, and V. Kumar, “Identity-based encryption with efficient

revocation,” Proc. CCS’08, pp. 417-426, 2008.
[15] A. Sahai and B. Waters, “Fuzzy identity-based encryption,” Proc. Eurocrypt’05,

LNCS, vol. 3494, pp. 557-557, 2005.
[16] B. Libert and D. Vergnaud, “Adaptive-ID secure revocable identity-based

encryption,” Proc. CT-RSA’09, LNCS, vol. 5473, pp. 1-15, 2009.
[17] J.-H. Seo and K. Emura, “Revocable identity-based encryption revisited: security
model and construction,” Proc. PKC’13, LNCS, vol. 7778, pp. 216-234, 2013.
[18] S. Park, K. Lee, and D.H. Lee, “New constructions of revocable identity-based
encryption from multilinear maps,” IEEE Transactions on Information Forensics and
Security, vol.10 , no. 8, pp. 1564- 1577, 2015.
[19] C. Wang, Y. Li, X. Xia, and K. Zheng, “An efficient and provable secure revocable
identity-based encryption scheme,” PLoS ONE, vol. 9, no. 9, article: e106925, 2014.
[20] A. Lewko A and B. Waters, “New techniques for dual system encryption and fully
secure hibe with short ciphertexts,” Proc. TCC’10, LNCS, vol. 5978, pp. 455-479, 2010.
[21] J.-H. Seo and K. Emura, “Efficient delegation of key generation and revocation
functionalities in identity-based encryption,” Proc.CT-RSA’13, LNCS, vol. 7779, pp.
343-358, 2013.
[22] J.-H. Seo and K. Emura, “Revocable hierarchical identity-based encryption: history-
free update, security against insiders, and short Ciphertexts,” Proc. CT-RSA’15, LNCS,
vol. 9048, pp. 106-123, 2015.

[23] Y.-M. Tseng. and T.-T. Tsai, “Efficient revocable ID-based encryption with a public
channel,” Computer Journal, vol.55, no.4, pp.475-486, 2012.
[24] J. Li, J. Li, X. Chen, C. Jia, and W. Lou, “Identity-based encryption with outsourced
revocation in cloud computing,” IEEE Trans. On Computers, vol. 64, no. 2, pp. 425-437,
2015.
[25] S. Galbraith, K. Paterson, and N. P. Smart, “Pairings for cryptographers,” Discrete

Applied Mathematics, vol. 156, no. 16, pp. 3113-3121, 2008.
[26] E. Fujisaki and T. Okamoto, “How to enhance the security of public-key encryption
at minimum Cost,” Proc. PKC’99, LNCS, vol.1560, pp. 53-68, 1999.
[27] T. Kitagawa, P. Yang, G. Hanaoka, R. Zhang, K. Matsuura, and H. Imai, “Generic

transforms to acquire CCA-security for identity based encryption: The Cases of FOPKC
and REACT,” Proc.ACISP’06, LNCS, vol. 4058, pp. 348-359, 2006.
[28] J. S. Coron, “On the exact security of full domain hash,” Proc.Crypto’00, LNCS,
vol. 1880, pp. 229-235, 2000.
[29] M. Scott, “Computing the Tate pairing,” Proc. CT-RSA’05, LNCS, vol. 3376, pp.
293-304, 2005
[30] M. Scott, N. Costigan, and W. Abdulwahab, “Implementing cryptographic pairings

on smartcards,” Proc. CHES’06, LNCS, vol. 4249,pp. 134-147, 2006.
[31] T.-Y. Wu and Y.-M. Tseng, “An efficient user authentication and key exchange
protocol for mobile client-server environment,” Computer Networks, vol. 54, no. 9, pp.
1520-1530, 2010.
[32] B. Lynn (2015), Java Pairing Based Cryptography Library (JPBC) [Online].
Available: http://gas.dia.unisa.it/projects/jpbc/benchmark.html
[33] A. Wander, N. Gura, H. Eberle, V. Gupta, and S. Shantz, ”Energy analysis of public-
key cryptography for wireless sensor networks,”Proc. 3rd IEEE International Conf.
Pervasive Computing Commun,pp. 324-328, 2005.

[34] M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. Katz, A. Konwinski, G. Lee, D.

Patterson, A. Rabkin, I. Stoica, and M. Zaharia,”A view of cloud computing,” Commun.
ACM, vol. 53, no. 4, pp.50-58, 2010.
[35] A. Sahai and B. Waters, ”Fuzzy identity-based encryption,” Proc. Eurocrypt’05,

LNCS, vol. 3493, pp. 457-473, 2005.
[36] V. Goyal, O. Pandey, A. Sahai, and B. Waters, ”Attribute-based encryption for fine-
grained access control of encrypted data,” Proc.ACM CCS, pp. 89-98, 2006.
[37] A. Sahai, H. Seyalioglu, and B. Waters, ”Dynamic credentials and ciphertext

delegation for attribute-based encryption,” Proc. Crypto’12, LNCS, vol. 7417 , pp. 199-
217, 2012.
[38] S. Hohenberger and B. Waters, ”Attribute-based encryption with fast decryption,”

Proc. PKC’13, LNCS, vol. 7778, pp. 162-179, 2013.
[39] P.-W. Chi and C.-L. Lei, ”Audit-free cloud Storage via deniable attribute-based
encryption,” IEEE Transactions on Cloud Computing, article in press (DOI:
10.1109/TCC.2015.2424882), 2015.
[40] J. Li, Y. Shi, and Y. Zhang, ”Searchable ciphertext-policy attributebased encryption

with revocation in cloud storage,” International Journal of Communication Systems,
article in press (DOI:10.1002/dac.2942), 2015.
[41] H. Qian, J. Li, Y. Zhang, and J. Han, ”Privacy preserving personal health record
using multi-authority attribute-based encryption with revocation,” International Journal
of Information Security, vol. 14, no. 6, pp. 487-497, 2015.
[42] A. Fiat and A. Shamir, “How to prove yourself: practical solutions to identification
and signature Problems,” Proc. Crypto’ 86, LNCS, vol. 263, pp. 186-194, 1987.
[43] K. Kurosawa and S. Heng, “From digital signature to ID-based

identification/signature,” Proc. PKC’04, LNCS, vol. 2947, pp 248- 261, 2004.

[44] M. Feldhofer, S. Dominikus, and J. Wolkerstorfer, “Strong authentication for RFID

systems using the AES algorithm,” Proc. CHES’04,LNCS, vol. 3156, pp. 357-370, 2004.
[45] Y.-M. Tseng, T.-Y. Wu, and J.-D. Wu, “A pairing-based user authentication scheme
for wireless clients with smart cards,” Informatica,vol. 19, no. 2, pp. 285-302, 2008.
[46] C. Kaufman, P. Hoffman, Y. Nir, P. Eronen, and T. Kivinen, “Internet key exchange
protocol version 2 (IKEv2) ,” IETF, RFC 7296,2014.
[47] A. Freier, P. Karlton, and P. Kocher, “The secure sockets layer (SSL) protocol
version 3.0,” IETF, RFC 6101, 2011.

Final Report

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Final Report

Caricato da

Copyright:

Formati disponibili

Identity-Based Encryption

Identity-based encryption (IBE) is a public key cryptosystem and eliminates the

B.E, VTU Regional Center Page 1

B.E, VTU Regional Center Page 2

In 2015, by a cloud-aided service provider, Li et al. [24] introduced an outsourcing

1.2 System Architecture

Figure 1 System model for revocable IBE scheme with CRA

B.E, VTU Regional Center Page 3

1.3 Organization of the Report

Chapter 4: System Analysis- Briefly describes the problems of existing system; to

Chapter 8: Conclusion and Future Enhancement- it provides the brief summary of

B.E, VTU Regional Center Page 4

B.E, VTU Regional Center Page 5

Boldyreva et al.’s revocable IBE scheme by presenting an adaptive-ID secure scheme.

B.E, VTU Regional Center Page 6

B.E, VTU Regional Center Page 7

SYSTEM REQUIREMENTS SPECIFICATIONS

3.1 System Overview

A software requirements specification is a complete that describes the behavior of system

3.1.1 Functional Requirement Specification

B.E, VTU Regional Center Page 8

 Implementation of novel approach of Cloud revocation authority in cloud.

3.1.2 Non Functional Requirement Specification

B.E, VTU Regional Center Page 9

3.1.3 Hardware Requirements

o Processor : Pentium IV 2.4 GHz

3.1.4 Software Requirements

o Operating system : Windows 7

3.2 Software Description

There are five goals in the creation of Java Programming

o Java is simple and object-oriented.

B.E, VTU Regional Center Page 10

B.E, VTU Regional Center Page 11

4.1 Problem statement and objectives of the Research

 To implement novel approach of Cloud revocation authority in cloud.

4.2 System Study

B.E, VTU Regional Center Page 12

4.2.1 Feasibility Study

The feasibility study contains the three key:

4.2.2 Economic Feasibility

4.1.3 Technical Feasibility

The study of technical feasibility provides the aspects of technical knowledge to

4.2.4 Social Feasibility

B.E, VTU Regional Center Page 13

4.3 Existing System

A revocable IBE scheme with a key-update cloud service provider (KU-CSP). In

Fig 1: Proposed system of KUCSP model

B.E, VTU Regional Center Page 14

4.4 PROPOSED SYSTEM

Fig 2: IBE Revocation model

B.E, VTU Regional Center Page 15

5.1Data Flow Diagram

Fig 2: Data Flow diagram

B.E, VTU Regional Center Page 16

Fig 3: Use case Diagram

B.E, VTU Regional Center Page 17

A sequence diagram in Unified Modelling Language (UML) is a sort of

A succession graph appears, as parallel vertical lines ("helps"), distinctive

Figure 4: project Sequence diagram

B.E, VTU Regional Center Page 18

6.1 Module Description

 Cloud Based Revocation.

6.1.1 Cloud Based Revocation: