Preserving Privacy and Deduplication on Cloud with Attribute-Based Encryption and AES

“Cloud Computing” is a general term for the delivery of hosted services over the internet. Cloud computing is moving increasingly to a destination with no return: the consolidation as an essential tool for the future existence of the internet world.Attribute-based encryption (ABE) has been widely used in cloud computing where a data provider outsources his/her encrypted data to a cloud service provider, and can share the data with users possessing specific credentials (or attributes). However, the standard ABE system does not support secure deduplication, which is crucial for eliminating duplicate copies of identical data in order to save storage space and network bandwidth. In this paper, we present an attribute-based storage system with secure deduplication in a hybrid cloud setting, where a private cloud is responsible for duplicate detection and a public cloud manages the storage. Compared with the prior data deduplication systems, our system has two advantages. Firstly, it can be used to confidentially share data with users by specifying access policies rather than sharing decryption keys. Secondly, it achieves the standard notion of semantic security for data confidentiality while existing systems only achieve it by defining a weaker security notion. In addition, we put forth a methodology to modify a ciphertext over one access policy into ciphertexts of the same plaintext but under other access policies without revealing the underlying plaintext. But generation of ciphertext is a heavy computation in Attribute-Based Encryption (ABE) for large files. To improve the system's performance we are using the Symmetric Encryption algorithm, such as AES. The procedure of Encryption is performed by the data owner himself/herself first chooses a random number K as the symmetric key and encrypts the plaintext message M using K with the symmetric encryption algorithm. The encrypted data can be denoted as EK (M). Then the owner encrypts the symmetric key K using CP-ABE under the access policy defined by him/her.