Phase Report

7/31/2019 Phase Report

1/22

Implementing Digital Signature with RSA to the Data on Cloud

1. PROBLEM DEFINITION

Cloud computing doesnt yet have a standard definition, but a good working description of

it is to say that clouds, or clusters of distributed computers, provide on-demand resources

and services over a network, usually the Internet, with the scale and reliability of a data

center. Cloud computing is the Concept Implemented to decipher the Daily Computing

Problems, likes of Hardware Software and Resource Availability unhurried by Computer

users. The prevalent Problem Associated with Cloud Computing is the Cloud security and

the appropriate Implementation of Cloud over the Network. This project is aimed to assess

Data Security in cloud through Public Key Cryptography Technique by the Implementation

of digital signature with RSA algorithm. The need for implementing cloud computing

technology is rising every day after day because of its unmatching benefits but the only

thing that is hindering the process is the security. This project is a step towards filling this

void area so as to increase performance and power of cloud computing. The future ahead

for cloud computing is wide open and so vast that we cant end up its applicative areas at

this moment as its applications go on increasing day by day by breaking challenging

hindrances coming its way. As the data in a cloud is an amalgum of data of its users and

clients, so it becomes the primary problem for us to resolve the confidentiality and integrity

issues of the data in cloud. Cloud computing doesn't exactly introduce new data security

concerns; in most cases, it just amplifies them. Putting data in the cloud potentially exposes

it to a larger audience, which is usually a good thing. But if the data exposed is meant to be

private, or only conditionally accessed, then the results could be catastrophic. The

fundamental issue with cloud computing is that it removes entrusted data from a developer

or system-admin's immediate control. Rather than being stored and managed locally, data in

the cloud is stored on distributed devices that could be located anywhere, and conceivably

accessed by anyone.

Even if your company can live with the fact of a decentralized, far away datastore, you'll

want your applications in the cloud to proceed with a modicum of data security. When you

start to think about data security, two important questions arise:

Is the data secured during transit?

Dept of PG Studies (CNE) VTU, Belgaum.

Page 1


2/22


Is the data secured at rest?

Data in transitrelates to how data passes from one location to another one; that is, which

communication technology and infrastructure you're using. Data at restrelates to how

and how well your data is stored. If, for example, you store user names and passwords in

a database without encrypting them, then your data at rest is not secure.


Page 2


3/22


2. SYNOPSIS

2.1 INTRODUCTION

What is cloud computing?

Cloud computing is the access to computers and their functionality via the Internet or a

local area network. Users of a cloud request this access from a set of web services that

manage a pool of computing resources (i.e., machines, network, storage, operating systems,

application development environments, application programs). When granted, a fraction of

the resources in the pool is dedicated to the requesting user until he or she releases them. It

is called cloud computing because the user cannot actually see or specify the physical

location and organization of the equipment hosting the resources they are ultimately

allowed to use. That is, the resources are drawn from a cloud of resources when they are

granted to a user and returned to the cloud when they are released. A cloud is a set of

machines and web services that implement cloud computing. Cloud computing, as the name

suggests, is a style of computing where dynamically scalable and often visualized resources

are provided as a service over the internet. These services can be consumed by any user

over a standard HTTP medium. The user doesn't need to have the knowledge, expertise, orcontrol over the technology infrastructure in the "cloud" that supports them. The name

cloud computing was inspired by the cloud symbol that's often used to represent the

Internet inflow charts and diagrams. The clouds denote the abstraction of the complex

infrastructure it conceals.

The diagram below displays the basic high-level layout of cloud computing, where the

provider would create their solution (software, infrastructure, or platform) on the internet

and one or more users can consume that service "on demand".


Page 3


4/22


How are clouds classified?

Given the broad definition of the term cloud, the current taxonomy differentiates clouds

both in terms of cloud service offerings and cloud types. When categorizing cloud service

offerings we often refer to clouds in terms of service style depending on the portion of

the software stack delivered as a service. Here we discuss the most common service styles

referred to by the acronyms IaaS, PaaS, and SaaS. Cloud types (including public,

private, and hybrid) refer to the nature of access and control with respect to use and

provisioning of virtual and physical resources.

What are the most popular cloud service styles?

IaaS

IaaS (Infrastructure as a Service) style clouds provide access to collections of

virtualized computer hardware resources, including machines, network, and storage.

With IaaS, users assemble their own virtual cluster on which they are responsible

for installing, maintaining, and executing their own software stack.


Page 4


5/22


PaaS

PaaS (Platform as a Service) style clouds provide access to a programming or

runtime environment with scalable compute and data structures embedded in it.

With PaaS, users develop and execute their own applications within an environment

offered by the service provider.

SaaS

SaaS (Software as a Service) style clouds deliver access to collections of software

application programs. SaaS providers offer users access to specific application

programs controlled and executed on the provider's infrastructure. SaaS is often

referred to as Software on Demand.

What are cloud types?

Public cloud

Public clouds provide access to computing resources for the general public over the

Internet. The public cloud provider allows customers to self-provision resources

typically via a web service interface. Customer's rent access to resources as needed

on a pay-as-you-go basis. Public clouds offer access to large pools of scalable

resources on a temporary basis without the need for capital investment in data

center infrastructure.

Private cloud

Private clouds give users immediate access to computing resources hosted within an

organization's infrastructure. Users self-provision and scale collections of resources

drawn from the private cloud, typically via web service interface, just as with a


Page 5


6/22


public cloud. However, because it is deployed within the organization's existing

data centerand behind the organization's firewalla private cloud is subject to

the organization's physical, electronic, and procedural security measures and thus

offers a higher degree of security over sensitive code and data. In addition, private

clouds consolidate and optimize the performance of physical hardware through

virtualization, and can thus markedly improve data center efficiency while reducing

operational expense.

Hybrid cloud

A hybrid cloud combines computing resources (e.g., machines, network, storage,

etc.) drawn from one or more public clouds and one or more private clouds at the

behest of its users.

Why Cloud Computing?

Cloud computing is seen by some as an important forward-looking model for the

distribution and access of computing resources because it offers these potential advantages:

Self-service provisioning: Allows users to deploy their own sets of computing

resources (machines, network, storage, etc.) as needed without the delays and

complications typically involved in resource acquisition; IT supports ongoing

customization and enhancement of cloud user experience, while monitoring,

managing, and expanding as required the underlying cloud infrastructure.

Scalability: Decouples the fluctuating needs of individual users from typical

infrastructure constraints, thus easily accommodating rapid increases or decreases in

resource demand.

Reliability and fault-tolerance: IT can focus on improving critical pieces of

infrastructure to achieve pre-determined levels of reliability. Policies addressing

expected levels of reliability can be continuously reassessed and updated without

user involvement.

Optimization/Consolidation: Maximizes the usage and increases the efficiency of

existing infrastructure resources. Extends infrastructure lifecycle. Reduces capital

expenditure.


Page 6


7/22


QoS (Quality of Service): Allows IT to dynamically reassess the SLA associated

with users or groups of users for the resources allocated. Allows the organization to

react quickly to changing conditions without unnecessary user involvement or

knowledge.

Well defined API: Using a well-defined and stable industry standard API avoids

lock-in and ensures interoperability with an ever-growing number of tools and

cloud service providers.

As-needed availability: Aligns resource expenditure with actual resource usage thus

allowing the organization to pay only for the resources required, when they are

required.

Implementing Digital Signature with RSA Encryption Algorithm to

Enhance the Data Security of Cloud in Cloud Computing

The cloud is a next generation platform that provides dynamic resource pools,

virtualization, and high availability. Today, we have the ability to utilize scalable,

distributed computing environments within the confines of the Internet, a practice known as

cloud computing. Cloud computing is the Concept Implemented to decipher the Daily

Computing Problems, likes of Hardware, Software and Resource Availability unhurried by

Computer users. The cloud Computing provides an undemanding and Non ineffectual

Solution for Daily Computing. The prevalent Problem Associated with Cloud Computing is

the Cloud security and the appropriate Implementation of Cloud over the Network. Good

research is being done to assess Cloud Storage Methodology and Data Security in cloud by

the Implementation of digital signature with RSA algorithm. Cloud computing is the

Internet based development and is used in computer technology. It has become an IT

buzzword for the past a few years. Cloud computing has been often used with synonymous

terms such as software as a service (SaaS), grid computing, cluster computing, autonomic

computing, and utility computing . SaaS is only a special form of services that cloud

computing provides. Grid computing and cluster computing are two types of underlying

computer technologies for the development of cloud computing. It is often difficult to

define the cloud computing. Computing is a virtual pool of computing resources. It

provides computing resources in the pool for users through internet. It provides a

mandatory application programming environment. It can deploy, allocate or reallocate

computing resource dynamically and monitor the usage of resources at all times Cloud


Page 7


8/22


computing collects all the computing resources and manages them automatically through

software. In the process of data analysis, it integrates the history data and present data to

make the collected information more accurate and provide more intelligent service for users

and enterprises. The users need not care how to buy servers, software solutions and so on.

Users can buy the computing resource through internet according to their own needs. Cloud

computing does not depend on special data center, but we can look it as the inevitable

product of grid computing and efficiency computing. Cloud computing is easy to extend,

and has a simple management style. Cloud is not only simply collecting the computer

resource, but also provides a management mechanism and can provide services for millions

of users simultaneously. Organizations can provide hardware for clouds internally (internal

clouds), or a third party can provide it externally (hosted clouds). A cloud might be

restricted to a single organization or group (private clouds), available to the general public

over the Internet (public clouds), or shared by multiple groups or organizations (hybrid

clouds).

Characteristics of Cloud Computing

1 Ultra large-scale: The scale of cloud is large. The cloud of Google has owned more than

one million servers. Even in Amazon, IBM, Microsoft, Yahoo, they have more than

hundreds of thousands servers. There are hundreds of servers in an enterprise.

2.Virtualization:Cloud computing makes user to get service anywhere, through any kind

of terminal. You can complete all you want through net service using a notebook PC or a

mobile phone. Users can attain or share it safely through an easy way, anytime, anywhere.

Users can

complete a task that cant be completed in a single computer.

3 High reliability: Cloud uses data multitranscript fault tolerant, the computation node

isomorphism exchangeable and so on to ensure the high reliability of the service. Using

cloud computing is more reliable than local computer.

4 Versatility: Cloud computing can produce various applications supported by cloud, and

one cloud can support different applications running it at the same time.

5. High extendibility: The scale of cloud can extend dynamically to meet the increasingly

requirement.


Page 8


9/22


6. On demand service: Cloud is a large resource pool that you can buy according to your

need; cloud is just like running water, electric, and gas that can be charged by the amount

that you used.

7. Extremely inexpensive: The centered management of cloud make the enterprise neednt

undertake the management cost of data center that increase very fast. The versatility can

increase the utilization rate of the available resources compared with traditional system, so

users can fully enjoy the low cost advantage. Various application and advantage of cloud

computing are listed

below:

1 Cloud computing do not need high quality equipment for user, and it is easy to use.

2 Cloud computing provides dependable and secure data storage center. You dont worry

the problems such as data loss or virus

3 Cloud computing can realize data sharing between different equipments.

4 Cloud provides nearly infinite possibility for users to use internet.

RSA Algorithm

The RSA algorithm is named after Ron Rivest, Adi Shamir and Len Adleman, who

invented it in 1977. The basic technique was first discovered in 1973 by Clifford Cocks of

CESG (part of the British GCHQ) but this was a secret until 1997. The patent taken out by

RSA Labs has expired.

The RSA cryptosystem is the most widely-used public key cryptography algorithm in the

world. It can be used to encrypt a message without the need to exchange a secret key

separately. The RSA algorithm can be used for both public key encryption and digital

signatures. Its security is based on the difficulty of factoring large integers. Party A can

send an encrypted message to party B without any prior exchange of secret keys. A just

uses B's public key to encrypt the message and B decrypts it using the private key, which

only he knows. RSA can also be used to sign a message, so A can sign a message using

their private key and B can verify it using A's public key.


Page 9


10/22


2.2 DIGITAL SIGNATURE WITH RSA ENCRYPTION

ALGORITHM TO ENHANCE DATA SECURITY IN CLOUD

In Cloud computing, we have problem like security of data, files system, backups, network

traffic, host security .Here we are proposing a concept of digital signature with RSA

algorithm, to encrypting the data while we are transferring it over the network. .A digital

signature or digital signature scheme is a mathematical scheme for demonstrating the

authenticity of a digital message or document. A valid digital signature gives a recipient

reason to believe that the message was created by a known sender, and that it was not

altered in transit. We proposed digital signature with RSA algorithm scheme to ensure the

security of data in cloud. RSA is probably the most recognizable asymmetric algorithm.

RSA was created by Ron Rivest, Adi Shamir, and Leonard Adleman in 1978. Till now, it is

the only asymmetric (i.e. needs two different keys) algorithm used for private/public key

generation and encryption. We include both digital signature scheme and public key

cryptography to enhance the security of cloud computing. In Digital Signature, software

will crunch down the data, document into just a few lines by a using hashing algorithm".

These few lines are called a message digest. Software then encrypts the message digest

with his private key. Then it will produce digital signature .Software will Decrypt the

digital signature into message digest with public key of senders and his/her own private

key. We are using Digital signatures so that we are able to distribute software, financial

transactions, over the network and in other cases where it is important to detect forgery and

tampering.

Proposed Internal Working

Steps Taken in Digital Signature with RSA Algorithm

Let us assume we have two enterprises A and B. An enterprise A have a public cloud with

data, softwares and applications. .Company B wants a secure data from As Cloud .We are

here, trying to send a secure data to B by using Digital signature with RSA algorithm. We

are taking some steps to implementing Digital signature with RSA encryption algorithm.

Suppose Alice is an employee of an enterprise A and Bob is an employee of a company B.

Step1.Alice takes a document from cloud, which Bob wants.


Page 10


11/22


Step2.The document will crunched into few lines by using some Hash function the hash

value is referred as message digest.

Step 3. Alice software then encrypts the message digest with his private key. The result is

the digital signature.

Step 4. Using RSA Algorithm, Alice will encrypt digitally signed signature with bobs

public key and Bob will decrypt the cipher text to plain text with his private key and Alice

public key for verification of signature.

Proposed Algorithm taken for Implementing Digital Signature with

RSA Algorithm

In this algorithm, n is known as the modulus. e is known as the encryption exponent. d is

known as thesecret exponentordecryption exponent.

Step 1. Key Generation Algorithm

1. Choose two distinct large random prime numbersp and q

2. Compute n =p q, where n is used as the modulus for both the public and private keys

3. Compute the totient: phi (n) = (p !1) (q !1)

4. Choose an integere such that 1 < e < phi (n), and e andphi(n) share no factors other than

1 , where e is released as the public key exponent

5. Compute dto satisfy the congruence relation d e = 1 modulusphi (n); dis kept as the

private key exponent

6.The public key is (n, e) and the private key is (n, d). Keep all the values d, p, q and phi

secret.

Step2. Digital signing Sender A does the following:-

A) Creates a message digestof the information to be sent by using hash function.

Hash Function1. Declare character str of unsigned long type.

2. Declare and initialize hash of unsigned integer type

3. unsigned int hash = 0;

int q;

while (q = str+1)

hash =hash + q;

B) Represents this digest as an integermbetween 0 and n-1


Page 11


12/22


C) Uses her private key (n, d) to compute the signature, s = m d mod n.

D) Sends this signatures to the recipient, B.

Step3. Encryption

Sender A does the following:-

1.Obtains the recipient B's public key (n, e).

2. Represents the plaintext message as a positive integerm

3. Computes the cipher text c = me mod n.

4. Sends the cipher text c to B.

Step4. Decryption

Recipient B does the following:-

1. Uses his private key (n, d) to compute m = cd mod n.

2. Extracts the plaintext from the message representative m.

Step5. Signature verification

Recipient B does the following:-

1. Uses sender A's public key (n, e) to compute integer v = s e mod n.

2. Extracts the message digest from this integer.

3. Independently computes the message digest of the information that has been signed.

4. If both message digests are identical, the signature is valid.


Page 12


13/22


2.3 IMPLEMENTATION ISSUES

Cloud Security Challenges (Limitations of Cloud Computing)

Although virtualization and cloud computing can help companies accomplish more by

breaking the physical bonds between an IT infrastructure and its users, heightened security

threats must be

overcome in order to benefit fully from this new computing paradigm. This is particularly

true for the SaaS provider. Some security concerns are worth more discussion. With the

cloud model, you lose control over physical security. In a public cloud, you are sharing

computing resources

with other companies. In a shared pool outside the enterprise, you dont have any

knowledge or control of where the resources run. Exposing your data in an environment

shared with other companies could give the government reasonable cause to seize your

assets because another

company has violated the law. Simply because you share the environment in the cloud, may

put your data at risk of seizure. Storage services provided by one cloud vendor may be

incompatible with another vendors services should you decide to move from one to the

other. Vendors are

known for creating what the hosting world calls sticky servicesservices that an end

user may have difficulty transporting from one cloud vendor to another. Data integrity is

assurance that the data is consistent and correct. Ensuring the integrity of the data really

means that it changes only in response to authorized transactions.

Security and Responsibility

Within the cloud computing world, the virtual environment lets user access computing

power that exceeds that contained within their own physical worlds. To enter this virtual

environment requires them to transfer data throughout the cloud. Consequently, several

data storage concerns

can arise. Typically, users will know neither the exact location of their data nor the other

sources of the data collectively stored with theirs. To ensure data confidentiality, integrity,

and availability (CIA), the storage provider must offer capabilities that, at a minimum,

include a tested encryption schema to ensure that the shared storage environment

safeguards all data; stringent


Page 13


14/22


access controls to prevent unauthorized access to the data; and scheduled data backup and

safe storage of the backup media. Legal issues arise, such as ediscovery, regulatory

compliance (including privacy), and auditing .The range of these legal concerns reflects the

range of interests

that are currently using or could use cloud computing. These issues and their yet-to-be

determined answers provide significant insight into how security plays a vital role in cloud

computing continued growth and development.

Use in Cyber crime

Cyber crimes effects are felt throughout the Internet, and cloud computing offers a

tempting target for many reasons. Providers such as Google and Amazon have the existing

infrastructure to deflect and survive a cyber attack, but not every cloud has such capability.

If a cyber

criminal can identify the provider whose vulnerabilities are the easiest to exploit, then this

entity becomes a highly visible target. If not all cloud providers supply adequate security

measures, then these clouds will become high-priority targets for cyber criminals. By their

architectures

inherent nature, clouds offer the opportunity for simultaneous attacks to numerous sites,

and without proper security, hundreds of sites could be comprised through a single

malicious activity.

Weaknesses in RSA

Small encryption exponent

If you use a small exponent like e=3 and send the same message to different

recipients and just use the RSA algorithm without adding random padding to the

message, then an eavesdropper could recover the plaintext.

Using the same key for encryption and signing

Given that the underlying mathematics is the same for encryption and signing, only

in reverse, if an attacker can convince a key holder to sign an unformatted

encrypted message using the same key then she gets the original.

Acting as an oracle

There are techniques to recover the plaintext if a user just blindly returns the RSA

transformation of the input. So don't do that.


Page 14


15/22


Solutions

1. Don't use the same RSA key for encryption and signing.

2. If using PKCS#v1.5 encoding, use e=0x10001 for your public exponent.

3. Always format your input before encrypting or signing.

4. Always add fresh random padding - at least 8 bytes - to your message before

encrypting.

5. When decrypting, check the format of the decrypted block. If it is not as expected,

return an error, not the decrypted string.

6. Similarly, when verifying a signature, if there is any error whatsoever, just respond

with "Invalid Signature".


Page 15


16/22


2.4 EXISTING SYSTEM

From the perspective of data security, which has always been an important aspect of quality

of service, Cloud Computing inevitably poses new challenging security threats for number

of reasons.

1 . Firstly, traditional cryptographic primitives for the purpose of data security protection

can not be directly adopted due to the users loss control of data under Cloud Computing.

Therefore, verification of correct data storage in the cloud must be conducted without

explicit knowledge of the whole data. Considering various kinds of data for each user

stored in the cloud and the demand of long term continuous assurance of their data safety,

the problem of verifying correctness of data storage in the cloud becomes even more

challenging.

2 . Secondly, Cloud Computing is not just a third party data warehouse. The data stored in

the cloud may be frequently updated by the users, including insertion, deletion,

modification, appending, reordering, etc. To ensure storage correctness under dynamic data

update is hence of paramount importance.

These techniques, while can be useful to ensure the storage correctness without having

users possessing data, cannot address all the security threats in cloud data storage, since

they are all focusing on single server scenario and most of them do not consider dynamic

data operations. As a complementary approach, researchers have also proposed distributed

protocols for ensuring storage correctness across multiple servers or peers. Again, none of

these distributed schemes is aware of dynamic data operations. As a result, their

applicability in cloud data storage can be drastically limited.


Page 16


17/22


3. SYSTEM REQUIREMENTS

Hardware Requirements:

PROCESSOR: Pentium 4 or more.

RAM: 512MB

HARD DISK: 100MB

RESOLUTION: 1024 X 768

LAN Connection: GSM Modem

Software Requirement

JAVA (JDK 1.6 or More)

Net Beans IDE 6.1 or More

Languages Used:

Java 2 Enterprise Edition

Java Swing

RMI (Remote Method Invocation)


Page 17


18/22


4. DESIGN PHASE

Architecture Diagram:


Page 18


19/22


Use case Diagram:

Context level DFD:


Page 19


20/22


Top Level DFD:


Page 20


21/22


ER Diagram:

5. REFERENCES

[1]http://en.wikipedia.org/wiki/Cloud_computing

[2]http://www.cloudcomputingchina.cn/Article/luilan/200909/306.html

[3]http://searchcloudcomputing.techtarget.com/sDefinition/0, id201_gci1287881,00.html

[4]http://www.boingboing.net/2009/09/02/cloudcomputing-skep.html


Page 21


22/22


[5] (U.S.) Nicholas. Carr, fresh Yan Yu, "IT is no longer important: the Internet great

change of the high ground - cloud computing," The Big Switch:Rewining the World,from

Edison to Google, , CITIC Publishing House, October 2008 1-1

[6] Ya-Qin Zhang, the future of computing in the "cloud - Client", The Economic Observer

reported, http://www.sina.com.cn, 2008 Nian 07 Yue 12 Ri 14:30

[7] Wang Haopeng (Air Force Aviation University of Computer Teaching, Jilin,

Changchun 130022, China); Liu strong (Air Force Air University, Research Department,

Jilin, Changchun 130022, China), virtualization technology in the application of cloud

computing, TP313.A ,1009-3044 (2008 ) 25- 1554-01,2008 Year 25

[8] http://www.emc.com/digital_universe

[9] http://www.xemacit.com

[10] Aiiad Albeshri and William Caelli, Queensland University, Brisbane (Mutual

Protection in a Cloud Computing Environment).


Page 22
http://www.emc.com/digital_universehttp://www.xemacit.com/http://www.emc.com/digital_universehttp://www.xemacit.com/

Phase Report

Documents

Transcript of Phase Report