SOURCE ANONYMITYBASED ENHANCED FRAMEWORK

IN DISRUPTION TOLERANT MILITARY NETWORKS

Guide Name : Mr. G. Senthil kumar
Vinitham R

sathishkumar R

vijay anand S.M

UG Scholars, Department of CSE

Panimalar Engineering College
vinithamramseh@gmail.com

UG Scholars, Department of CSE

Panimalar Engineering College
rssathishkumar@icloud.com

UG Scholars, Department of CSE

Panimalar Engineering College
anand825@gmail.com

Abstract In military network, connections of wireless devices carried by soldiers are

disconnected because of jamming, environmental factors, and mobility, when they operate in
hostile environments. Disruption tolerant network (DTN) technologies are becoming
successful solutions that allow nodes to communicate with each other in these extreme
networking environments. when there is no end-to-end connection between a source and a
destination pair, the messages from the source node has to wait in the intermediate nodes for
a little amount of time until the connection could be eventually established. Many military
applications require increased protection of condential data including access control
methods that are cryptographically enforced.In many cases, the concept of attribute-based
encryption (ABE) is a promising approach that fullls the requirements for secure data
retrieval in DTNs.The problem of applying the ABE to DTNs introduces several security and
privacy challenges
Index Terms Access control, attribute-based encryption (ABE), disruption-tolerant
network (DTN), multiauthority, secure data retrieval.

I.

INTRODUCTION

In military network, connections of

wireless devices carried by soldiers
are disconnected because of jamming,
environmental factors, and mobility,
when they operate in hostile
environments. Disruption tolerant
network (DTN) technologies are
becoming successful solutions that
allow nodes to communicate with
each other in these extreme
networking environments. when there
is no end-to-end connection between a
source and a destination pair, the
messages from the source node has to
wait in the intermediate nodes for a
little amount of time until the
connection could be eventually
established.
Many
military
applications
require
increased
protection of condential data
including access control methods that

are
cryptographically enforced.In
many cases, the concept of attributebased encryption (ABE) is a
promising approach that fullls the
requirements for secure data retrieval
in DTNs.The problem of applying the
ABE to DTNs introduces several
security and privacy challenges. Since
some users change their associated
attributes at some point (for example
moving their region), for each
attribute is necessary inorder
to make systems secure. In
CP-ABE, the key authority generates
private keys of users by applying the
authoritys master secret keys to users
associated set of attributes.

II.

FEASIBILITY STUDY

Existing System
The concept of attribute-based encryption
(ABE) is a promising approach that fulfills

the requirements for secure data retrieval

in DTNs. ABE offers a mechanism that
enables an access control over encrypted
data using access policies and ascribed
attributes among private keys and
ciphertexts. Especially, ciphertext-policy
ABE (CP-ABE) provides a scalable way
of encrypting data such that the encryptor
defines the attribute set that the decryptor
needs to possess in order to decrypt the
The problem of applying the ABE to
DTNs introduces several security and
privacy challenges.
Some users may
change their associated attributes at some
point or some private keys might be
compromised, key revocation (or update)
for each attribute is necessary in order to
make systems secure. Thus, different users
are allowed to decrypt different pieces of
data per the security policy.

Disadvantages
This issue is difficult, especially in ABE
systems, since each attribute is shared by
multiple users. In CP-ABE, the key
authority generates private keys of users
by applying the authoritys master secret
keys to users associated set of attributes.
The next issue is the coordination of
attributes that are issued from different
authorities. Here the multiple authorities
manage and issue their attributes keys to
users independently with their own master
secrets, the access policies issued from
different attributes could not be easily
determined.

escrow-free key protocol that exploits the

characteristic of the decentralized DTN
architecture. This can be done by
performing
a
secure
two-party
computation (2PC) protocol among the
key authorities with their own master
secrets. The 2PC protocol alters the key
authorities by obtaining any
secret
information of each other such that none of
users could generate the whole set of user
keys to protect their data to be shared.

Advantages
Data confidentiality: Unauthorized users
do not have enough credentials that satisfy
the access policy from accessing the plain
data in the storage node.The unauthorized
users from the storage node or the key
authorities should be prevented.
Collusion-resistance: When multiple
users collide with each other, they decrypt
a ciphertext by combining their attributes
even if neither of the users could not
decrypt the ciphertext.
Backward and forward Secrecy: In the
context of ABE, backward secrecy means
that any user who
holds an attribute
should be prevented from accessing the
plaintext of the previous data exchanged
before holding the attribute. On the
contrary, forward secrecy means that any
user who drops an attribute should be
prevented from accessing the plaintext of
the subsequent data exchanged after he
drops the attribute, the other valid
attributes that satisfy the access policy.

Proposed System
In this paper, we propose an attributebased secure data retrieval scheme using
CP-ABE for decentralized DTNs. The
immediate attribute revocation enhances
backward or forward secrecy of
confidential data by reducing the windows
of vulnerability. Encryptors define a finegrained access policy using any monotone
access structure under attributes issued
from any chosen set of authorities. Then
the key escrow problem is resolved by an

III.

SYSTEM STUDY

FEASIBILITY STUDY

The feasibility of the project is

analyzed in this phase and business
proposal is put forth with a very
general plan for the project and
some cost estimates. During system

analysis the feasibility study of the

proposed system is to be carried out.
This is to ensure that the proposed
system is not a burden to the
company. For feasibility analysis,
some understanding of the major
requirements for the system is
essential.

This study is carried out to check

the technical feasibility, that is, the
technical

requirements

of

the

system. Any system developed must

not have a high demand on the
available technical resources. This
will lead to high demands on the
available technical resources. This

Three key considerations involved in

will lead to high demands being

the feasibility analysis are

placed on the client. The developed

system

ECONOMICAL
EASIBILITY
TECHNICAL FEASIBILITY

ECONOMICAL FEASIBILITY

This study is carried out to check

the economic impact that the system
will have on the organization. The
amount of fund that the company
can pour into the research and
development of the system is
limited. The expenditures must be
justified. Thus the developed system
as well within the budget and this
was achieved because most of the
technologies used are freely
available. Only the customized
products had to be purchased.
TECHNICAL FEASIBILITY

must

have

modest

requirement, as only minimal or null

changes

are

required

for

implementing this system.

SOCIAL FEASIBILITY

The aspect of study is to check the

level of acceptance of the system by
the user. This includes the process of
training the user to use the system
efficiently. The user must not feel
threatened by the system, instead
must accept it as a necessity. The
level of acceptance by the users
solely depends on the methods that
are employed to educate the user
about the system and to make him
familiar with it. His level of
confidence must be raised so that he
is also able to make some
constructive criticism, which is
welcomed, as he is the final user of
the system.

IV.

ARCHITECTURE

Decrypt process

Figure 1 : architecture diagram

In this paper, we propose an attributebased secure data retrieval scheme using

CP-ABE for decentralized DTNs. The
immediate attribute revocation enhances
backward or forward secrecy of
confidential data by reducing the windows
of vulnerability. Encryptors define a finegrained access policy using any monotone
access structure under attributes issued
from any chosen set of authorities. Then
the key escrow problem is resolved by an
escrow-free key protocol that exploits the
characteristic of the decentralized DTN
architecture. This can be done by
performing
a
secure
two-party
computation (2PC) protocol among the
key authorities with their own master
secrets. The 2PC protocol alters the key
authorities by obtaining any
secret
information of each other such that none of
users could generate the whole set of user
keys to protect their data to be shared.

V.

ALGORITHM

Homomorphic
encryption allows
computations
to be carried out on
ciphertext, generating an encrypted result
which, and when decrypted,it matches
the result of operations performed on
the plaintext.
This is sometimes a desirable feature in
modern
communication
system
architectures. Homomorphic encryption
would allow the chaining together of
different services without exposing the
data to each of those services, for sample
a chain of different services from
different companies could 1) calculate the
tax 2) the currency exchange rate 3)
shipping, on a transaction without
exposing the unencrypted data to each of
those services. Homomorphic encryption
schemes are malleable by design. This
enables their use in cloud computing
environment
for
ensuring
the
confidentiality of processed data. In
addition the homomorphic property of
various cryptosystems can be used to
create many other secure systems, for
example secure voting systems, collisionresistant hash
functions, private
information retrieval schemes, and many
more.
There are several partially homomorphic
cryptosystems, and also a number of fully
homomorphic cryptosystems. Although a
cryptosystem which is unintentionally
malleable can be subject to attacks on this
basis, if treated carefully homomorphism
can also be used to perform computations
securely.
In

the

following

examples,

the

notation
is used to denote the
encryption of the message x.

a blocksize of c, then the encryption of a

Unpadded RSA
If the RSA public key is modulus
and
exponent , then the encryption of a
message is
given
by
.
homomorphic property is then

The

message x is
,

for

somerandom
The homomorphic property is then

Paillier
ElGamal
In the ElGamal cryptosystem, in a cyclic
group of order with generator , if
the

public

key

is

where
, and is the secret key,
then the encryption of a message
is

In the Paillier cryptosystem, if the public

key is the modulus m and the base g, then
the
encryption
of
a
message x is
, for some
random
homomorphic property is then

. The

, for some

random
homomorphic property is then

The

VI.
GoldwasserMicali
In the GoldwasserMicali cryptosystem,
if the public key is the modulus m and
quadratic
non-residue x, then the
encryption
of
a
bit b is
some random
The homomorphic property is then

for
.

where denotes addition modulo 2,

(i.e. exclusive-or).

IMPLEMENTATION

Key Authorities
They are key generation centers that
generate public/secret parameters for CPABE. The key authorities consist of a
central authority and multiple local
authorities. We assume that there are
secure and reliable communication
channels between a central authority and
each local authority during the initial key
setup and generation phase. Each local
authority manages different attributes and
issues corresponding attribute keys to
users. They grant differential access rights
to individual users based on the users
attributes. The key authorities are assumed
to be honest-but-curious. That is, they will
honestly execute the assigned tasks in the
system; however they would like to learn
information of encrypted contents as much
as possible.

Benaloh
Storage node
In the Benaloh cryptosystem, if the public
key is the modulus m and the base g with

This is an entity that stores data from senders

and provide corresponding access to users. It

may be mobile or static. Similar to the

previous schemes, we also assume the storage
node to be semi-trusted that is honest-butcurious.

Sender
This is an entity who owns confidential
messages or data (e.g., a commander) and
wishes to store them into the external data
storage node for ease of sharing or for reliable
delivery to users in the extreme networking
environments. A sender is responsible for
defining (attribute based) access policy and
enforcing it on its own data by encrypting the
data under the policy before storing it to the
storage node.

Map Task
The executions of sets of tasks are
synchronized into a map stage followed by
a reduce stage. In the map stage, the entire
dataset is partitioned into several smaller
chunks in forms of keyvalue pairs, each
chunk being assigned to a map node for
partial computation results. The map stage
ends up with a set of intermediate keyvalue pairs on each map node, which are
further shuffled based on the intermediate
keys into a set of scheduled reduce nodes
where the received pairs are aggregated to
obtain the final results.
User
This is a mobile node who wants to access the
data stored at the storage node (e.g., a soldier).
If a user possesses a set of attributes satisfying
the access policy of the encrypted data defined
by the sender, and is not revoked in any of the
attributes, then he will be able to decrypt the
ciphertext and obtain the data.

VII. CONCLUSION AND

FUTURE ENHANCEMENT
DTN
technologies
are
becoming
successful
solutions
in
military
applications that allow wireless devices to

communicate with each other and access

the confidential information reliably by
exploiting external storage nodes. CP-ABE
is a scalable cryptographic solution to the
access control and secure data retrieval
issues. In this paper, we proposed an
efficient and secure data retrieval method
using CP-ABE for decentralized DTNs
where multiple key authorities manage
their attributes independently. The inherent
key escrow problem is resolved such that
the confidentiality of the stored data is
guaranteed even under the hostile
environment where key authorities might
be compromised or not fully trusted. In
addition, the fine-grained key revocation
can be done for each attribute group. We
demonstrate how to apply the proposed
mechanism to securely and efficiently
manage the confidential data distributed in
the disruption- tolerant military network.

REFERENCES
[1] S. Yu, C. Wang, K. Ren, and W. Lou, Attribute
based data sharing with attribute revocation, in
Proc. ASIACCS, 2010.
[2] A. Lewko and B. Waters, Decentralizing
attribute-based encryption, Cryptology ePrint
Archive: Rep. 2010/351, 2010.
[3] N. Chen, M. Gerla, D. Huang, and X. Hong,
Secure, selective group broadcast in vehicular
networks using dynamic attribute based
encryption, in Proc. Ad Hoc Netw. Workshop,
2010.
[4] S. Roy andM. Chuah, Secure data retrieval
based on ciphertext policy attribute-based
encryption (CP-ABE) system for the DTNs,
Lehigh CSE Tech. Rep., 2009.
[5] L. Ibraimi, M. Petkovic, S. Nikova, P. Hartel,
and W. Jonker, Mediated ciphertext-policy
attribute-based encryption and its application, in
Proc. WISA, 2009, LNCS 5932.
[6] D. Huang and M. Verma, ASPE: Attributebased secure policy enforcement in vehicular ad
hoc networks, Ad Hoc Netw., vol. 7, no. 8, 2009.
[7] X. Liang, Z. Cao, H. Lin, and D. Xing,
Provably secure and efficient bounded ciphertext
policy attribute based encryption, in Proc.
ASIACCS, 2009.

[8] M. Chase and S. S. M. Chow, Improving

privacy and security in multiauthority attributebased encryption, in Proc. ACM Conf. Comput.
Commun.Security, 2009.

[9] S. S.M. Chow, Removing escrow from

identity-based encryption, in Proc. PKC, 2009,
LNCS 5443.
[10] V.Goyal, A. Jain,O. Pandey, andA. Sahai,
Bounded ciphertext policy attribute-based
encryption, in Proc. ICALP, 2008.