Team Members: Project Guide:

1. Abhishek Kumar Prof. S. G. Pawar

2. Ankit Kumar
3. Swapnil Jain
  Motivation :
 Introduction: Introduction to your domain more
 Literature survey
 Problem statement & objectives
 System architecture
 Use Case Diagram
 System Requirements
 Algorithms implemented
 Results & discussions
 Conclusion
 Publication details
 References

Department of Computer Engg., SITS Narhe 7/14/2019 2

  1.3 billion Data Records Compromised in First Half of 2017.
|BreachLevelIndex.com
 Adversary invalidates the security of most cryptographic solutions.
 SPANStore, a key-value store that exports a unified view of storage
services in geographically distributed data centers. To tolerate
failures, SPANStore provisions more data centers to serve as
replicas. This results in higher cost
 Distributed cloud computing raises many security and dependability
concerns like increase in complexity and a lack of interoperability
between different infrastructure technologies.
 Information processed by businesses, government organizations and
individuals often comes with confidentiality and integrity
requirements that the processing party must adhere to. As a result,
data processors must deploy security controls

Department of Computer Engg., SITS Narhe 7/14/2019 3

 Cloud Computing is the use of hardware and
software to deliver a service over a network
(typically the Internet)
  Physical security is typically handled by the service provider but
Network and application-level security is Users responsibility and
one should implement the best practices as applicable to your
business.
 Coercion or backdoors in cryptographic software.
 If the encryption key is exposed, the only viable means to
guarantee confidentiality is to limit the adversary’s access to the
ciphertext.
 To counter such an adversary ,a novel and efficient scheme is
necessary which ensures that plaintext data cannot be recovered
as long as the adversary has access to at most all but two
ciphertext blocks, even when the encryption key is exposed.
 The viable means to guarantee confidentiality of data under key
leakage is to limit access to the ciphertext by spreading it across
multiple administrative domains.

7/14/2019 5
Department of Computer Engg., SITS Narhe
Sr Author Paper name Year Advantage Limitation
N
o
1 J. K. Resch AONT-RS: 2011 Describe a new dispersal An adversary which
and J. S. Plank Blending Security scheme, called AONT-RS, knows
and Performance in which blends an the encryption key can
Dispersed Storage All-Or-Nothing Transform decrypt data stored on
Systems, with Reed-Solomon coding single
to achieve high security with servers.
low computational and
storage
costs.
2 M. Dürmuth Deniable encryption 2011 Give the first public key Do not consider the
and D. M. with encryption scheme that efficiency
Freeman negligible detection satisfies the definition of
probability: An sender-deniability with a
interactive single encryption algorithm
construction, and negligible probability of
detection
Sr Author paper Year Advantage Limitation
no
3. Z. Wu, M. SPANStore: Cost- 2013 Present SPANStore, a key-value store To tolerate failures,
Butkiewicz, D. effective Geo- that exports a unified view of storage SPANStore
Perkins, E. replicated Storage services in geographically distributed provisions more data
Katz-Bassett, Spanning data centers centers to serve as
and H. V. Multiple Cloud replicas.This results
Madhyastha Services in higher cost
4. A. Bessani, M. DepSky: 2011 Presents the design and evaluation of Cost roughly double
Correia, B. Dependable and DEPSKY, a storage service that of using a single
Quaresma, F. Secure Storage in improves the availability and confi- cloud for a practical
André, and P. a Cloud-ofclouds dentiality provided by commercial scenario.
Sousa storage cloud services.
5. C. Basescu, C. Robust 2011 Provide a robust, asynchronous, and Practical KVSs may
Cachin, I. Eyal, Data Sharing with space-efficient emulation of a only provide
R. Haas, and M. Key-value Stores register over a set of KVSs eventual consistency
Vukolic
  To ensure data confidentiality against an adversary
which knows the encryption key and has access to a
large fraction of the cipher-text blocks.

7/14/2019 8
Department of Computer Engg., SITS Narhe
  To improve security, performance, and
confidentiality of data.

 To break the data into multiple chunks and

perform post-processing.

 Limit the adversary’s access to the cipher text.

 To minimize overhead to encrypt and decrypt

large files by using only one round of
encryption.

7/14/2019 9
Department of Computer Engg., SITS Narhe
Department of Computer Engg.,
SITS Narhe 7/14/2019 11
Department of Computer Engg.,
SITS Narhe 7/14/2019 12
Department of Computer Engg., SITS Narhe 7/14/2019 13
 7/14/2019 14
Department of Computer Engg., SITS Narhe
Department of Computer Engg., SITS Narhe 7/14/2019 15
 7/14/2019 16
Department of Computer Engg., SITS Narhe
 H/W System Configuration:-

Processor : Pentium –IV

RAM : 2 GB (min)
Hard Disk : 20 GB

S/W System Configuration:-

JAVA : Jdk 1.7 or above

Application Server : Apache Tomcat 7.0/8.X
IDE : Eclipse(oxygen)
Database : My Sql

Department of Computer Engg., SITS Narhe 7/14/2019 17

  Key Generation Algorithm: On input a security
parameter k, outputs a key K ∈ {0, 1}k for the
underlying block-cipher.
 Block cipher encryption in the CTR mode
 On input a plaintext bitstream x, divides it in
blocks x[1], . . . , x[m] where m is odd.
 The set of input blocks is encrypted under key K,
resulting in ciphertext y′ = y′[1], . . . , y′[m+1]
◦ where m is odd such that each block has size l.
 Compute a linear transform to y′ as y = y′ ・ A

7/14/2019 18
Department of Computer Engg., SITS Narhe
  Decryption
 Compute y′ = y ・ A−1
 Decrypt y′ using K.
◦ Where matrix A is invertible and A = A−1
◦ A is a square matrix such that:
◦ (i) all diagonal elements are set to 0, and
◦ (ii) the remaining off-diagonal elements are set to
1

7/14/2019 19
Department of Computer Engg., SITS Narhe
 7/14/2019 20
Department of Computer Engg., SITS Narhe
 7/14/2019 21
Department of Computer Engg., SITS Narhe
 Existing System Proposed System

AON encryption schemes require a Bastion first encrypts the data with
pre-processing round of block one round of block cipher
cipher encryption. encryption.

Single Key Encryption technique is Multiple Key Encryption technique

used. can be used.

Computation overhead is 2(n-1) b.c Computation overhead is n-1 b.c

and 3(n-1) XOR. and 3n-1 XOR
Low Performance as compare to Improves performance by more
Bastion. than 50%.

7/14/2019 22
Department of Computer Engg., SITS Narhe
  We introduced a security mechanism that
ensures data confidentiality against the attacker
which has the access to encryption key.
 Bastion, ensures the confidentiality of encrypted
data even when the adversary has access to one
or more cipher blocks.
 Bastion is most useful when cipher-text is stored
in Multi-cloud storage environment.
 Bastion is considered to improves (by more than
50%) the performance of existing architectures
which offer comparable security under key
exposure

7/14/2019 23
Department of Computer Engg., SITS Narhe
 7/14/2019 24
Department of Computer Engg., SITS Narhe
  A. Bessani, M. Correia, B. Quaresma, F. André, and P. Sousa, “DepSky: Dependable and
Secure Storage in a Cloud-ofclouds,” in Sixth Conference on Computer Systems
(EuroSys), 2011, pp. 31–46.
 C. Basescu, C. Cachin, I. Eyal, R. Haas, and M. Vukolic, “Robust Data Sharing with
Key-value Stores,” in ACM SIGACT- SIGOPS Symposium on Principles of Distributed
Computing (PODC), 2011, pp. 221–222.
 J. K. Resch and J. S. Plank, “AONT-RS: Blending Security and Performance in
Dispersed Storage Systems,” in USENIX Conference on File and Storage echnologies
(FAST), 2011, pp. 191–202.
 R. Canetti, C. Dwork, M. Naor, and R. Ostrovsky, “Deniable Encryption,” in
Proceedings of CRYPTO, 1997.
 Z. Wu, M. Butkiewicz, D. Perkins, E. Katz-Bassett, and H. V. Madhyastha, “SPANStore:
Cost-effective Geo-replicated Storage Spanning Multiple Cloud Services,” in ACM
Symposium on Operating Systems Principles (SOSP), 2013, pp. 292–308.
 A. Beimel, “Secret-sharing schemes: A survey,” in Interna- tional Workshop on Coding
and Cryptology (IWCC), 2011, pp. 11–46.
 H. Krawczyk, “Secret Sharing Made Short,” in Advances in Cryptology (CRYPTO),
1993, pp. 136–146.

7/14/2019 25
Department of Computer Engg., SITS Narhe
Department of Computer Engg., SITS Narhe 7/14/2019 26