A Privacy Preserving of Composite Private/Public Key in Cloud Servers

International Journal of Computer Trends and Technology (IJCTT)          
© 2014 by IJCTT Journal
Volume-9 Number-4                          
Year of Publication : 2014
Authors : O Sri Nagesh
DOI :  10.14445/22312803/IJCTT-V9P140


O Sri Nagesh."A Privacy Preserving of Composite Private/Public Key in Cloud Servers". International Journal of Computer Trends and Technology (IJCTT) V9(4):202-208, March 2014. ISSN:2231-2803. www.ijcttjournal.org. Published by Seventh Sense Research Group.

Abstract -
Security is a term used to provide secrecy of data from the illegal entries. It is used to prevent a user that he/she should not have access to. It is a two step process. The security system in the first step identifies who the user is by requiring the user to submit some sort of identification. This is called authentication, and it means that the system is trying to find out who you are. Once the system identifies who you are, in the next step the system has to determine that you should permitted to access the recourse. This part of the process is called authorization, and it means that the system is checking to see if you have privileges to perform a certain action. OAuth and OpenID are the authentication schemes are used for authentication but they also have privacy protection problems. Here we are proposing composite private key over cloud system which is protected by splitting key into different servers which combines to form a single composite key. In this approach we are having third party key servers used public key cryptography to save public/private keys of their clients. We are using ring signatures by forming the network into ring and public keys are shared from that ring structures. We are proposing this composite private/public key pairs for privacy preserving in the facebook and other social network. We also propose homomorphic algorithm to prevent the compromised key server problem with the attacker.

[1] E. Hammer-Lahav. The OAuth 1.0 protocol, Apr.2010. RFC 5849.
[2] OpenID. http://openid.net/.
[3] R. Rivest, A. Shamir, and Y. Tauman. How to leak a secret. In ASIACRYPT, pages 552{565,Dec. 2001.
[4] J. K. Liu, V. K. Wei, and D. S. Wong. Linkable spontaneous anonymous group signature for adhoc groups. In Australian Conference on Information Security and Privacy, pages 614{623, July 2004.
[5] D. I. Wolinsky, H. Corrigan-Gibbs, B. Ford, and A. Johnson. Scalable anonymous group communication in the anytrust model. In EuroSec, Apr. 2012.
[6] R. Dingledine, N. Mathewson, and P. Syverson. Tor: the second-generation onion router. In 12th USENIX Security, Aug. 2004
[7]Crypto-Book: An Architecture for Privacy Preserving. Online Identities. John Maheswaran
[8] J.-F. Raymond. Tra_c Analysis: Protocols, Attacks, Design Issues, and Open Problems. In Design Issues in Anonymity and Unobservability, July 2000.
[9] D. Kedogan, D. Agrawal, and S. Penz. Limits of anonymity in open environments. In 5th International Workshop on Information Hiding, Oct. 2002.
[10] G. Danezis and A. Serjantov. Statistical disclosure or intersection attacks on anonymity systems. In Information Hiding Workshop, May 2004. , David Isaac Wolinsky, Bryan Ford. Yale University,. {john.maheswaran
[11]Short Linkable Ring Signatures Revisited. Man Ho Au1, Sherman S.M. Chow2, Willy Susilo1, and Patrick P. Tsang3. 1 Center for Information Security Research.
[12] Federal Information Processing Standards Publication. Digital signature standard (DSS), July 2013. FIPS 186-4.
[13] R. L. Rivest, A. Shamir, and L. Adleman. A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 1978.

Anonymity, Anonymous communication, Authentication, online social networks, Homomorphic encryption