Enabling Efficient, Secure and Privacy-preserving

Mobile Cloud Storage

ABSTRACT

Mobile cloud storage (MCS) provides clients with convenient cloud storage service.
In this paper, we propose an efficient, secure and privacy-preserving mobile cloud
storage scheme, which protects the data confidentiality and privacy simultaneously,
especially the access pattern. Specifically, we propose an oblivious selection and
update (OSU) protocol as the underlying primitive of the proposed mobile cloud
storage scheme. OSU is based on onion additively homomorphic encryption with
constant encryption layers and enables the client to obliviously retrieve an encrypted
data item from the cloud and update it with a fresh value by generating a small
encrypted vector, which significantly reduces the client’s computation as well as the
communication overheads. Compared with previous works, our presented work has
valuable properties, such as fine-grained data structure (small item size), lightweight
client-side computation (a few of additively homomorphic operations) and constant
communication overhead, which make it more suitable for MCS scenario. Moreover,
by employing the “verification chunks” method, our scheme can be verifiable to
resist malicious cloud. The comparison and evaluation indicate that our scheme is
more efficient than existing oblivious storage solutions with the aspects of client and
cloud workloads, respectively.

EXISTING SYSTEM
Goldreich and Ostrovsky introduced the first concept, oblivious random access
machine (ORAM), to preserve access pattern privacy [4]. They proposed a concrete
solution, Square Root ORAM, and demonstrated a communication overhead lower-
bound blowup (logN). In their setting (passive setting), the memory, or cloud in
cloud computing application, acted as a passive storage entity and does not execute
any computation on data. Under this setting, a series of works had been improved in
terms of theory and efficiency [22]–[33]. Shi et al. first organized their construction
into a binary tree over buckets [24].

By operating blocks along tree paths, the proposed construction achieved O(log3 N)
communication worst-case cost. Path ORAM [26] was proposed by Stefanov et al.
based upon the binary tree ORAM framework. It achieved the (logN) lower-bound
blowup demonstrated by Goldreich and Ostrovsky [4] in passive setting. It was also
extremely simpler than other constructions by avoiding using complicated
cryptographic primitives and efficient with small end-to-end delay for reasonable
parameters.

Actually, the current cloud is considered to have significant computational resource

and can execute heavy computation. A series of subsequent works followed the
computation cloud setting and circumvent the lower-bound by allowing the cloud to
execute heavy computation for the client [19], [20], [34]. Although it was not the
first one to adopt cloud computation model, Apon et al. first formalized the verifiable
oblivious storage, which generalizes the notion of ORAM by allowing the storage
medium to perform computation [19].

Devadas et al. proposed a constant communication bandwidth ORAM, i.e. Onion

ORAM, with cloud computation [20]. In Onion ORAM, data blocks were encrypted
under multi-layer (forming as an “onion”) additively homomorphic encryption
scheme [35] or alternatively somewhat homomorphic encryption scheme [36], which
allowed the client to retrieve the target blocks and evict blocks through paths with
small encrypted select vectors. By combining the reverse lexicographical eviction
order method [16], Onion ORAM overflowed with negligible probability for eligible
security parameters. Moataz et al. proposed another constant communication
bandwidth ORAM named C-ORAM [34]. Compared with Onion ORAM, C-ORAM
removed layered homomorphic encryption and replaced it with an efficient oblivious
merging technique.

Disadvantages
 An existing methodology doesn’t implement Additively Homomorphic
Encryption method.
 The system not implemented Resistance to Malicious Cloud Concept.

Proposed System

In this paper, we propose an efficient, secure and privacy-preserving mobile cloud

storage scheme. The proposed scheme has the following properties: 1) protecting
data confidentiality and access pattern simultaneously, 2) constant communication
bandwidth overhead, 3) low clientside computation (a few additively homomorphic
encryption and decryption operations), 4) small minimum effective item size (several
kilobytes for reasonable data capacity), 5) taking temporal locality into consideration,
and 6) verifiable (against malicious cloud). Specifically, we highlight our
contributions of this paper in the following.
_ We define a two-party protocol, i.e. oblivious selection and update (OSU) protocol,
and present a concrete construction of OSU protocol. OSU allows a client to
obliviously retrieve its encrypted data from the cloud and update the data with a fresh
value. Compared with other methods, such as PIR-Read combined PIR-Write, OSU
requires less communication and client computation. For particular data size, the
proposed OSU has O(1) communication complexity and requires the client to
execute minimum encryption and decryption operations. Moreover, the protocol is of
independent interest for other secure multi-party computation application scenarios.

_ Based on the proposed OSU protocol, we present an efficient, secure and privacy-
preserving mobile cloud storage scheme. The scheme can simultaneously protect
data content and preserve access pattern privacy. Compared with previous works, our
scheme has small item size, low client-side computation, and constant
communication overhead. We also introduce temporal locality into our construction
to further enhance the efficiency. By combining “verification chunks” method, our
scheme can be verifiable and resist malicious cloud. Furthermore, we evaluate our
construction and other related works and the experimental performances show that
our scheme is more efficient.
Advantages
 Additively Homomorphic Encryption which is a form of public key
encryption. It allows anyone with the public key to manipulate ciphertexts to
generate a new ciphertext, which is encrypted of corresponding operation
result of original plaintexts.
 The proposed system is more efficient, secure, and privacy preserving mobile
cloud storage scheme, which is suitable for lightweight application and against
malicious cloud server.

SYSTEM REQUIREMENTS

➢ H/W System Configuration:-

➢ Processor - Pentium –IV

➢ RAM - 4 GB (min)
➢ Hard Disk - 20 GB
➢ Key Board - Standard Windows Keyboard
➢ Mouse - Two or Three Button Mouse
➢ Monitor - SVGA
Software Requirements:
 Operating System - Windows XP
 Coding Language - Java/J2EE(JSP,Servlet)
 Front End - J2EE
 Back End - MySQL