Implementing Digital Signature with RSA to the Data on Cloud


Cloud computing doesnt yet have a standard definition, but a good working description of it is to say that clouds, or clusters of distributed computers, provide on-demand resources and services over a network, usually the Internet, with the scale and reliability of a data center. Cloud computing is the Concept Implemented to decipher the Daily Computing Problems, likes of Hardware Software and Resource Availability unhurried by Computer users. The prevalent Problem Associated with Cloud Computing is the Cloud security and the appropriate Implementation of Cloud over the Network. This project is aimed to assess Data Security in cloud through Public Key Cryptography Technique by the Implementation of digital signature with RSA algorithm. The need for implementing cloud computing technology is rising every day after day because of its unmatching benefits but the only thing that is hindering the process is the security. This project is a step towards filling this void area so as to increase performance and power of cloud computing. The future ahead for cloud computing is wide open and so vast that we cant end up its applicative areas at this moment as its applications go on increasing day by day by breaking challenging hindrances coming its way. As the data in a cloud is an amalgum of data of its users and clients, so it becomes the primary problem for us to resolve the confidentiality and integrity issues of the data in cloud. Cloud computing doesn't exactly introduce new data security concerns; in most cases, it just amplifies them. Putting data in the cloud potentially exposes it to a larger audience, which is usually a good thing. But if the data exposed is meant to be private, or only conditionally accessed, then the results could be catastrophic. The fundamental issue with cloud computing is that it removes entrusted data from a developer or system-admin's immediate control. Rather than being stored and managed locally, data in the cloud is stored on distributed devices that could be located anywhere, and conceivably accessed by anyone. Even if your company can live with the fact of a decentralized, far away datastore, you'll want your applications in the cloud to proceed with a modicum of data security. When you start to think about data security, two important questions arise:

Is the data secured during transit?

Is the data secured at rest?

Data in transit relates to how data passes from one location to another one; that is, which communication technology and infrastructure you're using. Data at rest relates to how and how well your data is stored. If, for example, you store user names and passwords in a database without encrypting them, then your data at rest is not secure.

2.1 What is cloud computing?


Cloud computing is the access to computers and their functionality via the Internet or a local area network. Users of a cloud request this access from a set of web services that manage a pool of computing resources (i.e., machines, network, storage, operating systems, application development environments, application programs). When granted, a fraction of the resources in the pool is dedicated to the requesting user until he or she releases them. It is called cloud computing because the user cannot actually see or specify the physical location and organization of the equipment hosting the resources they are ultimately allowed to use. That is, the resources are drawn from a cloud of resources when they are granted to a user and returned to the cloud when they are released. A cloud is a set of machines and web services that implement cloud computing. Cloud computing, as the name suggests, is a style of computing where dynamically scalable and often visualized resources are provided as a service over the internet. These services can be consumed by any user over a standard HTTP medium. The user doesn't need to have the knowledge, expertise, or control over the technology infrastructure in the "cloud" that supports them. The name cloud computing was inspired by the cloud symbol that's often used to represent the Internet inflow charts and diagrams. The clouds denote the abstraction of the complex infrastructure it conceals. The diagram below displays the basic high-level layout of cloud computing, where the provider would create their solution (software, infrastructure, or platform) on the internet and one or more users can consume that service "on demand".

How are clouds classified?

Given the broad definition of the term cloud, the current taxonomy differentiates clouds both in terms of cloud service offerings and cloud types. When categorizing cloud service offerings we often refer to clouds in terms of service style depending on the portion of the software stack delivered as a service. Here we discuss the most common service styles referred to by the acronyms IaaS, PaaS, and SaaS. Cloud types (including public, private, and hybrid) refer to the nature of access and control with respect to use and provisioning of virtual and physical resources.

What are the most popular cloud service styles?

IaaS IaaS (Infrastructure as a Service) style clouds provide access to collections of virtualized computer hardware resources, including machines, network, and storage. With IaaS, users assemble their own virtual cluster on which they are responsible for installing, maintaining, and executing their own software stack.

What are cloud types?

Public cloud Public clouds provide access to computing resources for the general public over the Internet. The public cloud provider allows customers to self-provision resources typically via a web service interface. Customer's rent access to resources as needed on a pay-as-you-go basis. Public clouds offer access to large pools of scalable resources on a temporary basis without the need for capital investment in data center infrastructure. Private cloud Private clouds give users immediate access to computing resources hosted within an organization's infrastructure. Users self-provision and scale collections of resources drawn from the private cloud, typically via web service interface, just as with a
Implementing Digital Signature with RSA to the Data on Cloud public cloud. However, because it is deployed within the organization's existing data centerand behind the organization's firewalla private cloud is subject to the organization's physical, electronic, and procedural security measures and thus offers a higher degree of security over sensitive code and data. In addition, private clouds consolidate and optimize the performance of physical hardware through virtualization, and can thus markedly improve data center efficiency while reducing operational expense. Hybrid cloud A hybrid cloud combines computing resources (e.g., machines, network, storage, etc.) drawn from one or more public clouds and one or more private clouds at the behest of its users.

Why Cloud Computing?

Cloud computing is seen by some as an important forward-looking model for the distribution and access of computing resources because it offers these potential advantages:

Self-service provisioning: Allows users to deploy their own sets of computing resources (machines, network, storage, etc.) as needed without the delays and complications typically involved in resource acquisition; IT supports ongoing customization and enhancement of cloud user experience, while monitoring, managing, and expanding as required the underlying cloud infrastructure.

Scalability: Decouples the fluctuating needs of individual users from typical infrastructure constraints, thus easily accommodating rapid increases or decreases in resource demand.

Reliability and fault-tolerance: IT can focus on improving critical pieces of infrastructure to achieve pre-determined levels of reliability. Policies addressing expected levels of reliability can be continuously reassessed and updated without user involvement.

Optimization/Consolidation: Maximizes the usage and increases the efficiency of existing infrastructure resources. Extends infrastructure lifecycle. Reduces capital expenditure.

QoS (Quality of Service): Allows IT to dynamically reassess the SLA associated with users or groups of users for the resources allocated. Allows the organization to react quickly to changing conditions without unnecessary user involvement or knowledge.

Well defined API: Using a well-defined and stable industry standard API avoids lock-in and ensures interoperability with an ever-growing number of tools and cloud service providers.

As-needed availability: Aligns resource expenditure with actual resource usage thus allowing the organization to pay only for the resources required, when they are required.

Implementing Digital Signature with RSA Encryption Algorithm to Enhance the Data Security of Cloud in Cloud Computing
The cloud is a next generation platform that provides dynamic resource pools, virtualization, and high availability. Today, we have the ability to utilize scalable, distributed computing environments within the confines of the Internet, a practice known as cloud computing. Cloud computing is the Concept Implemented to decipher the Daily Computing Problems, likes of Hardware, Software and Resource Availability unhurried by Computer users. The cloud Computing provides an undemanding and Non ineffectual Solution for Daily Computing. The prevalent Problem Associated with Cloud Computing is the Cloud security and the appropriate Implementation of Cloud over the Network. Good research is being done to assess Cloud Storage Methodology and Data Security in cloud by the Implementation of digital signature with RSA algorithm. Cloud computing is the Internet based development and is used in computer technology. It has become an IT buzzword for the past a few years. Cloud computing has been often used with synonymous terms such as software as a service (SaaS), grid computing, cluster computing, autonomic computing, and utility computing . SaaS is only a special form of services that cloud computing provides. Grid computing and cluster computing are two types of underlying computer technologies for the development of cloud computing. It is often difficult to define the cloud computing. Computing is a virtual pool of computing resources. It provides computing resources in the pool for users through internet. It provides a mandatory application programming environment. It can deploy, allocate or reallocate computing resource dynamically and monitor the usage of resources at all times Cloud
Implementing Digital Signature with RSA to the Data on Cloud computing collects all the computing resources and manages them automatically through software. In the process of data analysis, it integrates the history data and present data to make the collected information more accurate and provide more intelligent service for users and enterprises. The users need not care how to buy servers, software solutions and so on. Users can buy the computing resource through internet according to their own needs. Cloud computing does not depend on special data center, but we can look it as the inevitable product of grid computing and efficiency computing. Cloud computing is easy to extend, and has a simple management style. Cloud is not only simply collecting the computer resource, but also provides a management mechanism and can provide services for millions of users simultaneously. Organizations can provide hardware for clouds internally (internal clouds), or a third party can provide it externally (hosted clouds). A cloud might be restricted to a single organization or group (private clouds), available to the general public over the Internet (public clouds), or shared by multiple groups or organizations (hybrid clouds).

Characteristics of Cloud Computing

1 Ultra large-scale: The scale of cloud is large. The cloud of Google has owned more than one million servers. Even in Amazon, IBM, Microsoft, Yahoo, they have more than hundreds of thousands servers. There are hundreds of servers in an enterprise. 2.Virtualization:Cloud computing makes user to get service anywhere, through any kind of terminal. You can complete all you want through net service using a notebook PC or a mobile phone. Users can attain or share it safely through an easy way, anytime, anywhere. Users can complete a task that cant be completed in a single computer. 3 High reliability: Cloud uses data multitranscript fault tolerant, the computation node isomorphism exchangeable and so on to ensure the high reliability of the service. Using cloud computing is more reliable than local computer. 4 Versatility: Cloud computing can produce various applications supported by cloud, and one cloud can support different applications running it at the same time. 5. High extendibility: The scale of cloud can extend dynamically to meet the increasingly requirement.

Implementing Digital Signature with RSA to the Data on Cloud 6. On demand service: Cloud is a large resource pool that you can buy according to your need; cloud is just like running water, electric, and gas that can be charged by the amount that you used. 7. Extremely inexpensive: The centered management of cloud make the enterprise neednt undertake the management cost of data center that increase very fast. The versatility can increase the utilization rate of the available resources compared with traditional system, so users can fully enjoy the low cost advantage. Various application and advantage of cloud computing are listed below: 1 Cloud computing do not need high quality equipment for user, and it is easy to use. 2 Cloud computing provides dependable and secure data storage center. You dont worry the problems such as data loss or virus 3 Cloud computing can realize data sharing between different equipments. 4 Cloud provides nearly infinite possibility for users to use internet.

RSA Algorithm
The RSA algorithm is named after Ron Rivest, Adi Shamir and Len Adleman, who invented it in 1977. The basic technique was first discovered in 1973 by Clifford Cocks of CESG (part of the British GCHQ) but this was a secret until 1997. The patent taken out by RSA Labs has expired. The RSA cryptosystem is the most widely-used public key cryptography algorithm in the world. It can be used to encrypt a message without the need to exchange a secret key separately. The RSA algorithm can be used for both public key encryption and digital signatures. Its security is based on the difficulty of factoring large integers. Party A can send an encrypted message to party B without any prior exchange of secret keys. A just uses B's public key to encrypt the message and B decrypts it using the private key, which only he knows. RSA can also be used to sign a message, so A can sign a message using their private key and B can verify it using A's public key.

In Cloud computing, we have problem like security of data, files system, backups, network traffic, host security .Here we are proposing a concept of digital signature with RSA algorithm, to encrypting the data while we are transferring it over the network. .A digital signature or digital signature scheme is a mathematical scheme for demonstrating the authenticity of a digital message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, and that it was not altered in transit. We proposed digital signature with RSA algorithm scheme to ensure the security of data in cloud. RSA is probably the most recognizable asymmetric algorithm. RSA was created by Ron Rivest, Adi Shamir, and Leonard Adleman in 1978. Till now, it is the only asymmetric (i.e. needs two different keys) algorithm used for private/public key generation and encryption. We include both digital signature scheme and public key cryptography to enhance the security of cloud computing. In Digital Signature, software will crunch down the data, document into just a few lines by a using hashing algorithm". These few lines are called a message digest. Software then encrypts the message digest with his private key. Then it will produce digital signature .Software will Decrypt the digital signature into message digest with public key of senders and his/her own private key. We are using Digital signatures so that we are able to distribute software, financial transactions, over the network and in other cases where it is important to detect forgery and tampering.

Proposed Internal Working

Steps Taken in Digital Signature with RSA Algorithm Let us assume we have two enterprises A and B. An enterprise A have a public cloud with data, softwares and applications. .Company B wants a secure data from As Cloud .We are here, trying to send a secure data to B by using Digital signature with RSA algorithm. We are taking some steps to implementing Digital signature with RSA encryption algorithm. Suppose Alice is an employee of an enterprise A and Bob is an employee of a company B. Step1.Alice takes a document from cloud, which Bob wants.

Implementing Digital Signature with RSA to the Data on Cloud Step2.The document will crunched into few lines by using some Hash function the hash value is referred as message digest. Step 3. Alice software then encrypts the message digest with his private key. The result is the digital signature. Step 4. Using RSA Algorithm, Alice will encrypt digitally signed signature with bobs public key and Bob will decrypt the cipher text to plain text with his private key and Alice public key for verification of signature.

Proposed Algorithm taken for Implementing Digital Signature with RSA Algorithm
In this algorithm, n is known as the modulus. e is known as the encryption exponent. d is known as the secret exponent or decryption exponent. Step 1. Key Generation Algorithm 1. Choose two distinct large random prime numbers p and q 2. Compute n = p q, where n is used as the modulus for both the public and private keys 3. Compute the totient: phi (n) = (p !1) (q !1) 4. Choose an integer e such that 1 < e < phi (n), and e and phi(n) share no factors other than 1 , where e is released as the public key exponent 5. Compute d to satisfy the congruence relation d e = 1 modulus phi (n); d is kept as the private key exponent 6.The public key is (n, e) and the private key is (n, d). Keep all the values d, p, q and phi secret. Step2. Digital signing Sender A does the following:A) Creates a message digest of the information to be sent by using hash function. Hash Function 1. Declare character str of unsigned long type. 2. Declare and initialize hash of unsigned integer type 3. unsigned int hash = 0; int q; while (q = str+1) hash =hash + q; B) Represents this digest as an integer m between 0 and n-1
Implementing Digital Signature with RSA to the Data on Cloud C) Uses her private key (n, d) to compute the signature, s = md mod n. D) Sends this signature s to the recipient, B. Step3. Encryption Sender A does the following:1.Obtains the recipient B's public key (n, e). 2. Represents the plaintext message as a positive integer m 3. Computes the cipher text c = me mod n. 4. Sends the cipher text c to B. Step4. Decryption Recipient B does the following:1. Uses his private key (n, d) to compute m = cd mod n. 2. Extracts the plaintext from the message representative m. Step5. Signature verification Recipient B does the following:1. Uses sender A's public key (n, e) to compute integer v = se mod n. 2. Extracts the message digest from this integer. 3. Independently computes the message digest of the information that has been signed. 4. If both message digests are identical, the signature is valid.

Cloud Security Challenges (Limitations of Cloud Computing)

Although virtualization and cloud computing can help companies accomplish more by breaking the physical bonds between an IT infrastructure and its users, heightened security threats must be overcome in order to benefit fully from this new computing paradigm. This is particularly true for the SaaS provider. Some security concerns are worth more discussion. With the cloud model, you lose control over physical security. In a public cloud, you are sharing computing resources with other companies. In a shared pool outside the enterprise, you dont have any knowledge or control of where the resources run. Exposing your data in an environment shared with other companies could give the government reasonable cause to seize your assets because another company has violated the law. Simply because you share the environment in the cloud, may put your data at risk of seizure. Storage services provided by one cloud vendor may be incompatible with another vendors services should you decide to move from one to the other. Vendors are known for creating what the hosting world calls sticky servicesservices that an end user may have difficulty transporting from one cloud vendor to another. Data integrity is assurance that the data is consistent and correct. Ensuring the integrity of the data really means that it changes only in response to authorized transactions.

Security and Responsibility

Within the cloud computing world, the virtual environment lets user access computing power that exceeds that contained within their own physical worlds. To enter this virtual environment requires them to transfer data throughout the cloud. Consequently, several data storage concerns can arise. Typically, users will know neither the exact location of their data nor the other sources of the data collectively stored with theirs. To ensure data confidentiality, integrity, and availability (CIA), the storage provider must offer capabilities that, at a minimum, include a tested encryption schema to ensure that the shared storage environment safeguards all data; stringent
Implementing Digital Signature with RSA to the Data on Cloud access controls to prevent unauthorized access to the data; and scheduled data backup and safe storage of the backup media. Legal issues arise, such as ediscovery, regulatory compliance (including privacy), and auditing .The range of these legal concerns reflects the range of interests that are currently using or could use cloud computing. These issues and their yet-to-be determined answers provide significant insight into how security plays a vital role in cloud computing continued growth and development.

Use in Cyber crime

Cyber crimes effects are felt throughout the Internet, and cloud computing offers a tempting target for many reasons. Providers such as Google and Amazon have the existing infrastructure to deflect and survive a cyber attack, but not every cloud has such capability. If a cyber criminal can identify the provider whose vulnerabilities are the easiest to exploit, then this entity becomes a highly visible target. If not all cloud providers supply adequate security measures, then these clouds will become high-priority targets for cyber criminals. By their architectures inherent nature, clouds offer the opportunity for simultaneous attacks to numerous sites, and without proper security, hundreds of sites could be comprised through a single malicious activity.

Weaknesses in RSA
Small encryption exponent If you use a small exponent like e=3 and send the same message to different recipients and just use the RSA algorithm without adding random padding to the message, then an eavesdropper could recover the plaintext. Using the same key for encryption and signing Given that the underlying mathematics is the same for encryption and signing, only in reverse, if an attacker can convince a key holder to sign an unformatted encrypted message using the same key then she gets the original. Acting as an oracle There are techniques to recover the plaintext if a user just blindly returns the RSA transformation of the input. So don't do that.

1. Don't use the same RSA key for encryption and signing.
2. If using PKCS#v1.5 encoding, use e=0x10001 for your public exponent.

3. Always format your input before encrypting or signing.

4. Always add fresh random padding - at least 8 bytes - to your message before

encrypting. 5. When decrypting, check the format of the decrypted block. If it is not as expected, return an error, not the decrypted string. 6. Similarly, when verifying a signature, if there is any error whatsoever, just respond with "Invalid Signature".

From the perspective of data security, which has always been an important aspect of quality of service, Cloud Computing inevitably poses new challenging security threats for number of reasons. 1 . Firstly, traditional cryptographic primitives for the purpose of data security protection can not be directly adopted due to the users loss control of data under Cloud Computing. Therefore, verification of correct data storage in the cloud must be conducted without explicit knowledge of the whole data. Considering various kinds of data for each user stored in the cloud and the demand of long term continuous assurance of their data safety, the problem of verifying correctness of data storage in the cloud becomes even more challenging. 2 . Secondly, Cloud Computing is not just a third party data warehouse. The data stored in the cloud may be frequently updated by the users, including insertion, deletion, modification, appending, reordering, etc. To ensure storage correctness under dynamic data update is hence of paramount importance. These techniques, while can be useful to ensure the storage correctness without having users possessing data, cannot address all the security threats in cloud data storage, since they are all focusing on single server scenario and most of them do not consider dynamic data operations. As a complementary approach, researchers have also proposed distributed protocols for ensuring storage correctness across multiple servers or peers. Again, none of these distributed schemes is aware of dynamic data operations. As a result, their applicability in cloud data storage can be drastically limited.

Hardware Requirements: PROCESSOR: RAM: HARD DISK: RESOLUTION: LAN Connection: Pentium 4 or more. 512MB 100MB 1024 X 768 GSM Modem

Software Requirement JAVA (JDK 1.6 or More) Net Beans IDE 6.1 or More

Languages Used: Java 2 Enterprise Edition Java Swing RMI (Remote Method Invocation)

Architecture Diagram:

Context level DFD:

Implementing Digital Signature with RSA to the Data on Cloud [5] (U.S.) Nicholas. Carr, fresh Yan Yu, "IT is no longer important: the Internet great change of the high ground - cloud computing," The Big Switch:Rewining the World,from Edison to Google, , CITIC Publishing House, October 2008 1-1 [6] Ya-Qin Zhang, the future of computing in the "cloud - Client", The Economic Observer reported,, 2008 Nian 07 Yue 12 Ri 14:30 [7] Wang Haopeng (Air Force Aviation University of Computer Teaching, Jilin, Changchun 130022, China); Liu strong (Air Force Air University, Research Department, Jilin, Changchun 130022, China), virtualization technology in the application of cloud computing, TP313.A ,1009-3044 (2008 ) 25- 1554-01,2008 Year 25 [8] [9] [10] Aiiad Albeshri and William Caelli, Queensland University, Brisbane (Mutual Protection in a Cloud Computing Environment).

