COIRS: Cost Optimized Identity based Ring Signature with Forward Secrecy in Cloud Computing

COIRS: Cost Optimized Identity based Ring
Signature with Forward Secrecy in Cloud
Computing
Muthi Reddy P #1
, Rekha Rangappa Dasar #2
, Tanuja R #3
, Manjula S H #4
, Venugopal K R #5
#1,2,3,4,5
Department of Computer Science and Engineering,
University Visvesvaraya College of Engineering, Bangalore University,
Bengaluru-560001, Karnataka, India
1
muthireddy2016@gmail.com
Abstract—In recent days Cloud computing is a rising technique
which offers data sharing with more efficient, effective and
economical approaches between group members. To create an
authentic and anonymous data sharing, IDentity based Ring
Signature (ID-RS) is one of the promising technique between
the groups. Ring signature scheme permits the manager or data
owner to authenticate into the system in anonymous manner.
In conventional Public Key Infrastructure (PKI) data sharing
scheme contains certificate authentication process, which is a
bottleneck because of its high cost. To avoid this problem, we
proposed Cost Optimized Identity based Ring Signature with
forward secrecy (COIRS) scheme. This scheme helps to remove
the traditional certificate verification process. Only once the user
needs to be verified by the manager giving his public details. The
cost and time required for this process is comparatively less than
traditional public key infrastructure. If the secret key holder has
been compromised, all early generated signatures remains valid
(Forward Secrecy). This paper discuss about how to optimize the
time and cost when sharing the files to the cloud. We provide a
protection from collision attack, which means revoked users will
not get the original documents. In general better efficiency and
secrecy can be provided for group sharing by applying above
approaches.
Index Terms—Anonymity, Authenticity, Forward secrecy,
Group sharing, Ring signature
I. INTRODUCTION
Cloud computing is an Internet based technology because
of its widespread and popular use. It enables both users and
enterprises to keep their information in cloud storage and
allows resource sharing [1], [2], [3], [4]. Cloud computing is
widely used because of its two main applications, which are as
follows: i) Vast amount of information storage: Cloud storage
allows the users to store the files on users request. Cloud stor-
age provides benefit to store huge amount of storage facility.
ii) Allows users to easily share their data: Cloud computing
technology provides another facility that is to easily share
files to the public and to the individual. It allows sharing of
data through a third party which becomes more economically
useful. Privacy of both the data and group members identities
are most significant notion in cloud computing. Consider a
Smart Grid example as shown in fig. 1, users in smart grid
may get their data usage file without any encrypted format and
they get encouraged to share their private information with
others. Consider an example, if the user wants to upload their
files to the cloud platform like Microsoft Azure, from that
gathered copy of energy data files several statistical copies
are created. Anyone could match the data files about energy
consumption with others. This may lead to critical problems to
energy usage while accessing, analyzing and responding back
to the cloud. Because of its openness, deployment of data
sharing took place in a standalone background, it is open to
several secrecy problems [5], [6], [7]. There are many secrecy
criteria to be reached in order to achieve data efficiency and
secrecy, i.e.,
i) Authenticity of Data: The signed data usage file would
be confusing in the example of smart grid, if that data file
is copied by the adversaries. At the same time this type
of problems can be solved by using some cryptographic
techniques such as digital signatures, hash functions, en-
cryption or decryption techniques or message authentication
techniques. User might face other issues in smart grid system
like anonymity and efficiency.
ii) Data Anonymity: The signed energy usage file is enclosed
with huge amount of information of consumers, sharing in the
smart grid is processed in fine grained fashion.Then the signed
energy file anyone can copy the information of consumers
from the system. The copied information may be of electrical
utilities used for a particular time etc., therefore, it is not easily
possible to hold the anonymity condition of consumers.
iii) Data Efficiency: The smart grid (it is an electric grid
consisting a variety of operational, vitality measures, smart
apparatuses, sustainable power source assets, smart meters)
for data sharing system contains a large number of users,
to save the consumption of energy from such smart grid
systems. A realistic system must decrease its communication
cost and computation as less as possible or else it would
lead to energy wastage, this is against to the aim of smart
grid. To overcome above metrics and provide more secure
in data sharing COIRS model is introduced and it reduces
group accessing time and cost of the files. We dedicate this
paper to examining essential goals for understanding the three
properties as described above.
1) Data Authenticity
2) Anonymity
3) Efficiency
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 16, No. 3, March 2018
71 https://sites.google.com/site/ijcsis/
ISSN 1947-5500

2
Fig. 1: File Data Sharing in Smart Grid.
Fig. 2: Identity Based Ring Signature.
Instead of those secrecy issues there are other secrecy tools,
such as availability (even under network attacks, service is
being provided at an acceptable level) and access control. We
discussed how our COIRS model is used in identity based
cryptosystem and advantages in big data system in next part.
A. Identity based cryptosystem
Shamir [8] has introduced the first IDentity-based cryp-
tosystem. It removes the necessity for proving the validity
of Public Key (PKey) certificates, the maintenance in con-
ventional public key infrastructure is both cost and time
consuming. By collecting the publicly known users unique
identity like address or email-id for the public key of the user
is calculated. In ID-based Cryptosystem, private keys can be
generated by a private key generator and later master-secret
for users is calculated. Identity-based cryptosystem scheme
removes the necessity of certicate validation, which is a part
of traditional PKI and links an implicit PKey to all members
inside the system. In ID-based signature, one does not require
to validate the certicates first which is a contradiction to the
conventional public key infrastructure. The removal of such
certificate verification makes the entire verification process
more effective. This would definitely lead to a major save in
both computation and communication cost when huge number
of consumers are involved (smart-grid). Here we assign some
cost value to particular file to optimize the overall cost required
for the process. One constant cost value for the file is assigned.
The file size increases then their cost value varies. RS is
a group focused signature along with secrecy assurance on
signer. The client can sign secretly in the interest of a group’s
individual choice, while individuals are absolutely ignorant of
signature generated using their identity information. Verifier
can check that a data has been signed by one of the individuals
of the group. However the real character of the signer isn’t
being shared [9]. RS could be utilized for the application of
whistle blowing [10] and an anonymous authentication for
groups [11]. Numerous different applications which don’t need
group development stage however require signer secrecy.
B. An advantage in big data system
Because of its normal structure, ID-based framework has a
positive advantage in Big Data. RS in ID-based framework has
an imperative favorable position over its partner in ordinary
open key framework, for the most part in the huge informa-
tion diagnostic scheme. Consider an event including 20,000
individuals in the group, the signature verifier of a traditional
PKI based framework should approve all 20,000 certificates
first,then one can take out the actual message verification
process along with the signature. Unlike traditional PKI, in
ID-based RS just the ring client’s information along with the
message and signature sets are required. Subsequently, we
would be able to eliminate the expensive certicate validation
process, which spares a lot of calculation time and execution
time. As the quantity of clients in the ring builds, sparing
will be more basic if a more elevated amount of secrecy
is needed. As outlined in fig. 2, ID-based RS plot is more
preferable, where huge number of individuals are involved
with the framework like smart grid framework is as following:
i) The vitality information proprietor (say, Roy), first make
a ring or group by choosing an group of clients. This stage just
requires public information of the users, similar to changeless
or private locations, and Roy does not require the relationship
between any ring individuals.
ii) Roy uploads his private details of electronic utilization,
along with a group signature and the identity details of all
group individuals.
iii) by approving the produced ring signature, one can be
ensured that the information or message is certainly conveyed
by a legitimate occupant, meanwhile we cannot find out actual
signer of the group. Anonymity of the message provider is
guaranteed along with the data or message authenticity. At the
same time the verification process is highly efficient because
it does not include any certificate verification method.
By adding more users in the ring one can achieve a
higher level protection, but the possibility of key disclosure
might increase. Key exploration is the real disadvantage of
ordinary advanced signatures. Assume the SKey of an user
is compromised, every single past signature of that client
becomes valueless: future signatures are rejected and also
already issued signatures can’t be trusted. It doesn’t resolve
the issue of forgeability for past produced signatures.
C. Motivation
1) Key Exposure: The idea of forward secrecy is proposed
to protect the legitimacy of past signatures regardless of the
possibility that the present SKey holder is compromised.
2) Big Data Key Exposure : The exposure of key in a RS
scheme is more serious issue: suppose a user’s private key is
uncovered by any unauthorized user then user can develop
a legitimate ring signatures of any records in the interest
of that ring. Indeed, even more in worst condition, the ring
can be characterized by his own choice. Even one can not
recognize whether a ring signature is created preceding the
Vol. 16, No. 3, March 2018
ISSN 1947-5500

3
key introduction or by which client. Subsequently, forward
secrecy is a necessary prerequisite for all frameworks to share
information.
D. Contribution
A creative idea called ID-based forward secure ring signa-
ture is introduced which is an essential key for developing
a COIRS framework. It gives a formal clarification on ID-
based forward secure RS; we exhibit a solid outline of COIRS
scheme, no past ID-based RS scheme had the property of
forward secrecy, we demonstrate the secrecy of the proposed
method under the standard RSA model assumption. Use of
COIRS plan contains:
1) The disposal of expensive certicate verification process
makes it versatile and particularly reasonable for enor-
mous information explanatory condition.
2) The secret key is small in size.
3) Exponentiation is done in key update process.
4) We are calculating the energy usage required by the
data owner to upload files to the cloud and downloading
energy for the data centre for providing files to the clients.
5) We are determining the cost required by the owner to
upload the files and data centre to download the files
requested by the clients.
Organization: In section II, we give related work on forward
secrecy to provide authentication access and cost optimization.
In section III, we describe architecture of COIRS model. In
section IV, we discuss mathematical model of COIRS scheme.
In section V, we deal on experimental analysis. We concluded
our model in section VI.
II. RELATED WORK
Liu et al., [12] proposed a novel that can completely
maintain fine-grained update request and authorized auditing
by providing a proper examination for feasible forms of fine-
grained data updates. Based on the above idea enhancement is
made, that can significantly diminish communication expenses
for verifying small updates, and significantly reduce the over-
head for big-data applications. Yang et al., [13] studied first
outlined an evaluating structure for distributed storage frame-
works and proposed an efficient and protection safeguarding
inspecting convention. Then, they stretched out evaluating
algorithms to help the information dynamic operations, which
is efficient and provably secure. The examination and re-
enhancement comes about in demonstration that proposed
evaluating conventions are secure and efficient, particularly
it reducing the calculation cost. Nabeel et al., [14] proposed
a vital issue in broad daylight mists by which to specifically
share reports in view of fine-grained Access Based Control
Policy Scheme (ACPS). An approach is to scramble records
fulfilling diverse strategies with various keys utilizing an open
key cryptosystem, for example, property based encryption, as
well as intermediary re-encryption [15].
Dai et al., [16] studied inventions to decrease vitality
utilization by server farms considering the position of virtual
machines onto the servers in the server farm astutely. This
discuss as a number of programming issue, demonstrate it in
NP-hard, at that point investigate two eager guess calculations,
least vitality virtual machine and least correspondence virtual
machine planning calculation, to learn the vitality while ful-
filling the inhabitant’s administration level agreements. Bera
et al., [17] demonstrates the quick paced improvement of
energy frameworks that requires keen networks to encourage
continuous control and checking with bidirectional corre-
spondence and power flows. To concentrate on dependable,
efficient, secured and financially survey on control adminis-
tration prerequisites. Li et al., [18] worked on despite the fact
that, it recommended that a half breed cloud may spare cost
contrasted and assembling an intense private cloud, extensive
leasing expense and correspondence cost are still presented in
such a world view. The most effective method to improve such
operational cost ends up plainly one noteworthy worry for the
SaaS suppliers to receive the crossover cloud figuring world
view. Yang et al., [19] presented novel strategies in light of
compiler code investigation that viably lessen the exchanged
information measure by exchanging just the basic store objects
and the stack outlines really referenced in the server. The tests
display that the decreased size decidedly impacts the exchange
time itself as well as the general adequacy of execution
offloading and eventually, enhances the execution of versatile
distributed computing altogether as far as execution time and
vitality utilization is concerned.
Yao et al., [20] built a novel structure named cost optimiza-
tion for internet content multihoming. COMIC progressively
adjusts end-clients’ heaps among server farms and CDNs in
order to limit the substance benefit cost. To guarantee superior
for content conveying, content diministration uses an innova-
tion known as substance multihoming: substance are produced
from numerous geologically appropriated server farms and
conveyed by different dispersed substance circulation systems.
The power costs for server farms and the utilization costs
for CDNs are real supporters of the substance benefit cost.
As power costs change crosswise over server farms and use
costs fluctuate crosswise over CDNs, planning server farms
and CDNs has a huge outcome for advancing substance benefit
cost.
Trombetta et al., [21] recommended three conventions tack-
ling this issue on concealment based, speculation based k-
mysterious and secret databases. The conventions depend on
surely understood cryptographic presumptions, and we give
hypothetical investigations to evidence their soundness and
test results to represent their productivity. Zhou et al., [22]
proposed a plan that enables an association to store informa-
tion safely in an open cloud while keeping up the touchy data
identified with the association’s structure in a private cloud.
Clients of open distributed computing do not know where their
information is put away. They have a misguided judgment of
losing their information.
Amelie et al., [23] studied about the difficulties of con-
trolling administration rates and applying the N-strategy to
improve operational cost inside an execution. The cost work
has been created in which the expenses of energy utilization,
framework clock and server start-up are altogether mulled
over. Yu et al., [24] have built up an efficient id-based thresh-
old ring signature scheme. Edge ring signature empowers any
Vol. 16, No. 3, March 2018
ISSN 1947-5500

4
group of t substances immediately recruiting discretionary n-
t elements to create an openly undeniable t-out-of-n edge
signature for the benefit of the entire gathering of the n
elements, while the genuine underwriters stay a mysterious.
Bellare et al., [25] studied a forward secure digital signature
conspires, it is a digital signature diagram in which open key
is settled yet mystery signature key is refreshed at consistent
interims in order to give a forward secrecy appropriately,
bargaining of the mystery key does not enable the oppose to
produce the signatures relating to the past. This can be helpful
to alleviate the harm caused by key introduction without
requiring the dissemination of keys [26], [27].
III. COIRS MODEL
In this section, we are discussing the mathematical assump-
tion, secrecy model and designed architecture of COIRS se-
crecy model. The different notations for efficiency comparison
is explained in table I.
A. Mathematical assumption
a) Denition: Let M = uv, where u and v are two b-
bit prime numbers where u = 2u + 1 and v = 2v + 1 for
some primes u , v . Let r be a prime, r > 2 for a some
constant parameter , where gcd(r, φ(M)) = 1. Let x is a
random element in Z∗
M . We say that an algorithm A resolve
the RSA dilemma if it accept an input the tuple (M, r, x) and
outputs an element z such that zr
= x mod M.
B. Secrecy model
Cost Optimized Id-based Ring Signature (COIRS) scheme
is a part of Probabilistic Polynomial Time (PPT) algorithms.
This PPT contains the following operations:
1) Setup:
• Input ← (1γ
, Prm, MSGG, S).
• Results ← PKG generates Master Secret key (MSkey)
and parameter list Prm.
2) Extract:
• Input ← Prm, an identity IDi ∈ {0, 1}∗
, 1γ
, MSkey.
• Results ← Users Secret Key (SKeyi,0) ∈ K such that
the secret key is valid for time t = 0. When we say
identity IDi corresponds to user secret key SKeyi,0
or vice versa, we mean the pair (IDi, SKeyi,0) is an
input-output pair of Extract with respect to Prm and
MSkey.
3) Update:
• Input ← SKeyi,t for a time period t.
• Results ← New user Secret Key SKeyi,t+1 for the
time period t+1.
4) Sign:
• Input ← Parameter list Prm, t, group size n of length
polynomial in γ, a set L = IDi ∈ {0, 1}∗
|i ∈ [1, n]
of n user identities, MSg ∈ MSGG and SKeyπ,t ∈
K, π ∈ [1, n] for time t
• Results ← signature α ∈ S.
5) Verify:
• Input ← parameter list Prm, t, group size n of length
polynomial inγ, a set L = IDi ∈ {0, 1}∗
|i ∈ [1, n]
of n user identities, MSg ∈ MSGG and a signature
α ∈ S.
• Results ← generated signature α ∈ S is valid or
invalid.
a) Correctness: A (1, n) COIRS scheme should satisfy
the verification on correctnesssignatures signed by honest
signer are veried to be invalid with negligible probability.
C. Architecture of COIRS scheme
The architecture of Cost Optimized Identity based Ring
Signature with forward secrecy (COIRS) scheme is illustrated
in fig. 3. The architecture mainly consists of four components:
1) User
2) Admin
3) Private Key Generator (PKG)
4) Public Cloud
a) User: User is the one who wants to share their
personal information to others or they wish to keep secret
or confidential data hidden from unauthorized persons. In
COIRS scheme, user registers to a cloud by filling all his
details. Admin or manager of the particular group grants
the authorization permission to users to perform the desired
upload/download operations. By agreeing terms and conditions
of the registered cloud, user can perform the upload and
download the operations. After logging in to the particular
group by getting OTP to user email id which is entered while
registering at the first time. The user becomes a group member
in addition the user has rights to perform the tasks. For every
task of a group signature is generated by a particular user on
behalf of the group to maintain secrecy and forward secrecy
to avoid unauthorized access.
b) Admin: Admin gives access to the registered users
before performing the tasks. Admin then collects all registered
user’s public details and uploads his information with users
details to maintain the users log records. Admin will keep the
information about file details of all the user details, accessing
details etc.
c) Private Key Generator (PKG): It generates the private
keys for all registered users and these key will be vary every
time while performing new task. PKG sets up the group’s
average time, to calculate the average time required by the
group to upload and download the files.
d) Public Cloud: Public cloud is the cloud infrastruc-
ture where any user can access the information from the
cloud. Here there are several cloud service providers like Mi-
crosoft Azure, Dropbox, Google+
, Amazon, etc., these service
providers provide the services to requesting users by using
some algorithms to maintain privacy and secrecy of the data.
IV. MATHEMATICAL MODEL OF COIRS SCHEME
In this section, we are going to give the description and
analysis of our COIRS scheme.
Vol. 16, No. 3, March 2018
ISSN 1947-5500

5
Fig. 3: Architecture of COIRS scheme.
A. The Design
Assume that the user private key and group member identi-
ties are valid up to T periods and do the time period intervals
as public ans set the message space MSGG = (0, 1)*
• Setup: Let γ is a secrecy parameter using as input to a
setup phase, the PKG generates two random b-bit prime
numbers u and v such that u = 2u + 1 and v = 2v + 1
for some primes u , v . It computes M=uv. For fixed
parameter , it selects a random prime number r such that
2 ≤ r ≤ 2 +1
and gcd(r, φ(M)) = 1. It selects two hash
functions HF1 : 0, 1∗
→ Z∗
N and HF2 : 0, 1∗
→ 0, 1 .
The public parameters Prm are (b, , r, M, HF1, HF2)
and the MSkey is u,v.
• Extract: The PKG generates the user secret key for user
i, with user’s identities IDi ∈ 0, 1∗
requests for a secret
key at time period t (integer), where 0 ≤ t ≤ T.
SKeyi,t = [HF1(IDi)]1/r(T +1−t)
mod M.
• Update: SKeyi,t as a input for a time period t, if t < T
the user updates the secret key as SKeyi,t+1 = SKeyr
i,t
mod N. Or else, the algorithm yields ⊥ means the secret
key has expired.
• Sign: To sign a message MSg ∈ (0, 1)∗
in time period
t where 0 ≤ t ≤ T, on behalf of a ring of identities L=
ID1, ....., IDn a user with identity IDπ ∈ L and secret
key SKeyi,t:
1) For all i ∈ 1, ....., n, choose random Ai ∈ Z∗
M
and compute Ri = Ae(T +1−t)
i mod M and hi =
HF2(L, m, t, IDi, Ri)
2) Choose random Aπ ∈ Z∗
M and compute
Rπ = Ae(T +1−t)
π mod M * Πn
i=1,i=πHF1(IDi)−hi
mod M and HFπ = HF2(L, MSg, tIDi, Rπ)
3) Compute SKeyhπ
i,t ∗ Πn
i=1Ai mod M.
4) Output the signature for the list of identities L,
the message MSg and the time period t as γ =
(R1...Rn, h1...hn, s).
• Verify: To verify a signature α for a message MSg,
a list of identities L and the time period t, check
whether hi = HF2(L, m, t, IDi, Ri) for i = 1,..., M and
γe(T +1−t)
= Πn
i=1(RiHF1(IDi)hi
) mod M. We will get
valid output if all equality’s satisfied. Otherwise the result
will be invalid.
B. Correctness
We are checking whether our secrete key is valid or not
by considering the equations on left hand side with the right
hand side. The secrete key verification becomes succuss then
LHS=RHS.
γe(T +1−t)
= Πn
i=1(RiHF1(IDi)hi
) mod M
LHS=γe(T +1−t)
= ((SKeyπ,t)hπ
∗ Πn
i=1Ai mod M) e(T +1−t)
=((HF1(IDπ)1/r(T +1−t)
)hπ
∗ Πn
i=1Ai mod M ) e(T +1−t)
=(HF1(IDπ)hπ
∗ Πn
i=1(Ai)r(T +1−t)
mod M)
RHS=Πn
i=1(Ri ∗ HF1(IDi)hi
) mod M
= (Πn
i=1,i=π(Ri ∗ HF1(IDi)hi
)) ∗ (Rπ ∗ HF1(IDπ)hπ
) mod
M
= (Πn
i=1,i=π(Ar(T +1−t)
i ∗ HF1(IDi)hi
)) ∗ (Ar(T +1−t)
π ∗
Πn
i=1,i=πHF1(IDi)−hi
∗ HF1(IDπ)hπ
) mod M
= (Πn
i=1(Ai)r(T +1−t)
) ∗ HF1(IDπ)hπ
mod M
=LHS
Therefore, LHS= RHS.
Vol. 16, No. 3, March 2018
ISSN 1947-5500

6
TABLE I: Notations for efficiency comparison
Notation Definition
Pkey Public Key
1γ Security Parameter
M Group Size
Prm Public System Parameter
L List of Identities of all Users
MSkey Master Secret Key
MSg Message
K User Secret Key Space
S Signature Space
MSSG Message Space
ID Identity of User
G Cyclic Bilinear Group
SKey Secrete Key
α Signature
t Time
Algorithm 1 Forward secrecy
1: procedure SIGNATURE
2: Variables: User, Group Signature, Time, Admin.
3: Start:
4: Ui ← User, Log in to the cloud system.
5: Ai ←Admin, Authentication permission to user Ui.
6: At time Ti, user uploads a file Fi.
7: Gs ← Group Signature, generated by the cloud au-
thority,
where Gs ∈ (Ui, Ti).
8: At Ti+1, Gs is invalid.
9: User is not able to access the data using other person’s
signature key.
10: End.
C. Algorithms
Our COIRS scheme proposed Algorithm 1 provide a better
secrecy to user’s files. In forward secrecy algorithm as name
depicts it provides one step more secrecy for being accessed
by the unauthorized users. We use asymmetric cryptographic
technology with random variables. In forward secrecy tech-
nique at each stage the group signature is being produced, it
means, if the secrete key holder compromised with others the
secrecy of current file as well as past signatures being exposed
by unauthorized users. To overcome this problem, asymmetric
cryptography technique is used to generate different signature
at every encryption and decryption process. Our cost calcu-
lation algorithm 2 calculates the overall cost required by the
Algorithm 2 Cost Calculation
1: procedure COSTCOMPUTINGN
2: Variables: Cost, File, Amount.
3: Start:
4: Fi ← File size i, bytes or kb.
5: Ai ← Amount or cost/byte or kb.
6: For upload Ai= Ai/byte or kb.
7: Cupload = Fi ∗ Ai.
8: For download Ai = Ai/byte or kb.
9: Cdownload = Fi ∗ Ai.
10: End.
user to upload as well as download the file. As the size of
the file increases the cost for that particular file is going to
increase. Let Fi is the file size in bytes, Ai is the cost value
per byte. Overall cost required to upload and download the
files is given by,
Cupload = Fi ∗ Ai (1)
Cdownload = Fi ∗ Ai (2)
Algorithm 3 Average time calculation for the file size Fi
1: procedure AVERAGETIME
2: Variables: System Time, Time periods, Amount.
3: Start:
4: Ti ← System Time in ms.
5: Time periods T are divided into four time slots like
100, 200, 300, 400
ms.
6: Ai ← Average time.
7: Ci ← Count of the group.
8: TotalTime ← = Ai / Ci.
9: Result= TotalTime * Fi, where i is an integer value
i.e F1 = 1024 kb and F2 = 2048 kb.
10: For Upload or download a file of size F1 = 1024 kb
and F2 = 2048 kb.
11: Compute Ti ← Result/Time period time slot, where i
is integer
12: End.
Algorithm 3 computes the average time required for our
COIRS model to upload the file where file sizes are 1024 kb
and 2048 kb. As the size of the file increased the time required
by the data owner to upload the files to the cloud becomes
increases. The Time period is divided into 4 time slots, 100,
200, 300 and 400 ms. Total time is calculated separately for
all time periods. It is calculated as,
TotalTime = Ai ÷ Ci (3)
Here we are considering two constant file sizes are 1024 kb
and 2048 kb. We calculate the average time to both these files
is shown in fig. 6 and fig. 7.
V. EXPERIMENTAL ANALYSIS
In this section, we are analyzing our COIRS scheme on the
bases of Time and Cost evaluation.
A. Time and Cost analysis
In our COIRS model, we evaluate the time and cost analysis
using two entities Data owner and Data center. For both time
and cost analysis, experiments were conducted by taking some
constant files to generate the accurate analysis. Our analysis
for uploading time for each file when user uploads different
file sizes. We are taking some constant file sizes i.e., 100 kb,
200 kb, 300 kb, 400 kb, 500 kb, 1000 kb, 1024 kb, 2000
kb and 2048 kb for uploading and downloading a file. In fig.
Vol. 16, No. 3, March 2018
ISSN 1947-5500

7
TABLE II: Average time for the PKG to setup in COIRS
system.
| M | (in kb) Time (in ms)
1024 80
2048 1040
Fig. 4: The different file size upload cost using COIRS and
ID-RS schemes.
Fig. 5: The different file size download cost using COIRS and
ID-RS schemes.
4, we depicts the cost required by the data owner to upload
his different file sizes using COIRS and ID-RS model, as the
size of the file increases, the cost of that file is going to
increase and vice versa. At certain file size like 50 TB the
cost value becomes threshold value. Above this threshold, the
cost is depends upon slab values of the different file sizes. In
fig. 5, illustrated the cost required for the data center using
COIRS and ID-RS model to download the files for the user.
The experiments were conducted on DELL i5 workstation
inbuilt with 2.0 GHz, Intel Xeon dual-processor with 8 GB
RAM and running on Windows 8 Professional 64-bit OS.
B. Implementation and Experimental Results
We calculated the analysis of our COIRS model with
respect to 3 entities: Data owner, Data center and Private
key generator. All analysis were conducted 20 times to gain
an average results. The average upload time for the data
owner using COIRS and ID-RS scheme, when F = 1024 kb is
depicted in fig. 6 and time consumption is depicted in table III.
TABLE III: The average time for the data owner to upload file
F = 1024 kb.
Group Name Count Time in
COIRS (ms)
Time in ID-RS
(ms)
Group 1 5 28 35
Group 2 10 30 40
Group 3 20 43 66
TABLE IV: The average time for the data owner to download
file F = 1024 kb.
Group Name Count Time in
COIRS (ms)
Time in ID-RS
(ms)
Group 1 5 40 52
Group 2 10 45 61
Group 3 20 55 82
The average download time for the data center using COIRS
and ID-RS scheme, when F = 1024 kb is as shown in fig. 7, for
different groups with different file sizes and time consumption
is depicted in table IV. The different users in Group 1, Group
2 and Group 3 contains 5, 10 and 20 users respectively. The
count ‘C’ increases group by group. The average time required
by the groups to upload and download their file increases as
the number of users increased in the group.
Fig. 6: The average upload time for the data owner using
COIRS and ID-RS scheme, when F = 1024 kb.
Fig. 7: The average download time for the data center using
Vol. 16, No. 3, March 2018
ISSN 1947-5500

8
Fig. 8: The average upload time for the data owner using
COIRS and ID-RS scheme, when F = 2048.
Fig. 9: The average download time for the data center using
Experiments were taken for the two constant file sizes F
= 1024 kb and F = 2048 kb. In table II shows the average
time for the private key generator to setup the system. PKG
took 80 and 1040 ms to setup the whole system for F = 1024
kb and F = 2048 kb respectively. The average upload time
for the data center to upload file with different choices of M
and T, for F = 2048 kb is as shown in fig. 8. The average
download time for the data center using COIRS and ID-RS
scheme, when F = 2048 kb is illustrated in fig. 9. This requires
authenticated users only upload or download files. The Time
slices were increased by multiples of 100 up to 400. In group
sharing decreases cost and time. The test bed for the user is a
personal computer built in with 2 GHz Intel CPU with 3 GB
RAM and running Windows 8 OS.
VI. CONCLUSIONS
In group sharing scheme, to create an authentic and anony-
mous data sharing, Ring signature is one of the promising
technique. Ring signature scheme permits the manager or data
owner to authenticate into the system in anonymous man-
ner. In conventional sharing scheme certificate authentication
becomes a bottleneck because of high cost. To avoid this
problem COIRS scheme is constructed. This scheme describes,
suppose, the secret key holder has been compromised, all
generated past signatures still remain valid. Discussed about
how to optimize the time and cost when sharing the files to
the cloud. Provide a protection to this scheme from collision
attack, it means that revoked users cannot get the original
documents and to reach high efficiency, implies that previous
users not necessary to update their secret keys for the condition
while new user enters the group or exit from the group. In
generally high secrecy can be provided for group sharing, by
applying all these approaches. COIRS scheme reduces cost of
file sharing, time of file upload or download and provides high
security using Ring signature.
REFERENCES
[1] P. Muthi Reddy, S. H. Manjula, and K. R. Venugopal, “Secure data
sharing in cloud computing: A comprehensive review,” International
Journal of Computer (IJC), vol. 25, no. 1, pp. 80–115, 2017.
[2] C. Wang, S. S. Chow, Q. Wang, K. Ren, and W. Lou, “Privacy-
preserving public auditing for secure cloud storage,” IEEE transactions
on computers, vol. 62, no. 2, pp. 362–375, 2013.
[3] X. Liu, Y. Zhang, B. Wang, and J. Yan, “Mona: Secure multi-owner data
sharing for dynamic groups in the cloud,” ieee transactions on parallel
and distributed systems, vol. 24, no. 6, pp. 1182–1191, 2013.
[4] Z. Zhu and R. Jiang, “A secure anti-collusion data sharing scheme
for dynamic groups in the cloud,” IEEE Transactions on parallel and
distributed systems, vol. 27, no. 1, pp. 40–50, 2016.
[5] S.-H. Seo, M. Nabeel, X. Ding, and E. Bertino, “An efficient certifi-
cateless encryption for secure data sharing in public clouds,” IEEE
Transactions on Knowledge and Data Engineering, vol. 26, no. 9, pp.
2107–2119, 2014.
[6] K. Liang, M. H. Au, J. K. Liu, W. Susilo, D. S. Wong, G. Yang, T. V. X.
Phuong, and Q. Xie, “A dfa-based functional proxy re-encryption
scheme for secure public cloud data sharing,” IEEE Transactions on
Information Forensics and Security, vol. 9, no. 10, pp. 1667–1680, 2014.
[7] P. Muthi Reddy, K. Dhanakshirur, R. Tanuja, S. H. Manjula, and
K. R. Venugopal, “Security and privacy of data sharing in cloud
computing,” in in Proceedings of Fifth International Conference on
Emerging Trends in Engineering, Science and Technology (ICETEST).
CRS Press and Taylors, 2018.
[8] A. Shamir, “Identity-based cryptosystems and signature schemes,” in
Workshop on the theory and application of cryptographic techniques.
Springer, 1984, pp. 47–53.
[9] P. Muthi Reddy, S. H. Manjula, and K. R. Venugopal, “Sdspg:
Secured data sharing with privacy as a group in cloud comput-
ing,” International Journal of Current Advanced Research (IJCAR),
ISSN: 2319-6505, vol. 7, no. 2, pp. 10 036–10 043, 2018. DOI:
http://dx.doi.org/10.24327/ijcar.2018.10043.1683.
[10] X. Huang, J. K. Liu, S. Tang, Y. Xiang, K. Liang, L. Xu, and J. Zhou,
“Cost-effective authentic and anonymous data sharing with forward
security,” IEEE Transactions on computers, vol. 64, no. 4, pp. 971–983,
2015.
[11] E. Bresson, J. Stern, and M. Szydlo, “Threshold ring signatures and
applications to ad-hoc groups,” in Annual International Cryptology
Conference. Springer, 2002, pp. 465–480.
[12] C. Liu, J. Chen, L. T. Yang, X. Zhang, C. Yang, R. Ranjan, and
R. Kotagiri, “Authorized public auditing of dynamic big data storage on
cloud with efficient verifiable fine-grained updates,” IEEE Transactions
on Parallel and Distributed Systems, vol. 25, no. 9, pp. 2234–2244,
2014.
[13] K. Yang and X. Jia, “An efficient and secure dynamic auditing protocol
for data storage in cloud computing,” IEEE transactions on parallel and
distributed systems, vol. 24, no. 9, pp. 1717–1726, 2013.
[14] M. Nabeel, N. Shang, and E. Bertino, “Privacy preserving policy-based
content sharing in public clouds,” IEEE Transactions on Knowledge and
Data Engineering, vol. 25, no. 11, pp. 2602–2614, 2013.
[15] P. Muthi Reddy, S. H. Manjula, and K. R. Venugopal, “Secured privacy
data using multi key encryption in cloud storage,” in in Proceedings of
Fifth International Conference on Emerging Applications of Information
Technology (EAIT 2018). IEEE, 2018.
[16] X. Dai, J. M. Wang, and B. Bensaou, “Energy-efficient virtual machines
scheduling in multi-tenant data centers,” IEEE Transactions on Cloud
Computing, vol. 4, no. 2, pp. 210–221, 2016.
[17] S. Bera, S. Misra, and J. J. Rodrigues, “Cloud computing applications
for smart grid: A survey,” IEEE Transactions on Parallel and Distributed
Systems, vol. 26, no. 5, pp. 1477–1494, 2015.
Vol. 16, No. 3, March 2018
ISSN 1947-5500

9
[18] S. Li, Y. Zhou, L. Jiao, X. Yan, X. Wang, and M. R.-T. Lyu, “Towards
operational cost minimization in hybrid clouds for dynamic resource
provisioning with delay-aware optimization,” IEEE Transactions on
Services Computing, vol. 8, no. 3, pp. 398–409, 2015.
[19] S. Yang, D. Kwon, H. Yi, Y. Cho, Y. Kwon, and Y. Paek, “Techniques to
minimize state transfer costs for dynamic execution offloading in mobile
cloud computing,” IEEE Transactions on Mobile Computing, vol. 13,
no. 11, pp. 2648–2660, 2014.
[20] J. Yao, H. Zhou, J. Luo, X. Liu, and H. Guan, “Comic: Cost optimization
for internet content multihoming,” IEEE Transactions on Parallel and
Distributed Systems, vol. 26, no. 7, pp. 1851–1860, 2015.
[21] A. Trombetta, W. Jiang, E. Bertino, and L. Bossi, “Privacy-preserving
updates to anonymous and confidential databases,” IEEE Transactions
on Dependable and Secure Computing, vol. 8, no. 4, pp. 578–587, 2011.
[22] L. Zhou, V. Varadharajan, and M. Hitchens, “Achieving secure role-
based access control on encrypted data in cloud storage,” IEEE trans-
actions on information forensics and security, vol. 8, no. 12, pp. 1947–
1960, 2013.
[23] A. C. Zhou, B. He, and C. Liu, “Monetary cost optimizations for
hosting workflow-as-a-service in iaas clouds,” IEEE transactions on
cloud computing, vol. 4, no. 1, pp. 34–48, 2016.
[24] J. Yu, F. Kong, H. Zhao, X. Cheng, R. Hao, and X.-F. Guo, “Non-
interactive forward-secure threshold signature without random oracles,”
Journal of Information Science and Engineering, vol. 28, no. 3, pp.
571–586, 2012.
[25] M. Bellare and S. K. Miner, “A forward-secure digital signature scheme,”
in Annual International Cryptology Conference. Springer, 1999, pp.
431–448.
[26] P. Muthi Reddy, R. D. Rekha, R. Tanuja, S. H. Manjula, and K. R. Venu-
gopal, “Forward secrecy in authentic and anonymous cloud with time
optimization,” in in Proceedings of Fifteenth International Conference
on Wireless and Optical Communications Networks (WOCN 2018).
IEEE, 2018.
[27] A. Ramachandra, K. Pavithra, K. Yashasvini, K. Raja, K. Venugopal, and
L. M. Patnaik, “Offline signature authentication using cross-validated
graph matching,” in Proceedings of the 2nd Bangalore Annual Compute
Conference. ACM, 2009, p. 7.
Muthi Reddy P is a full time
Research Scholar in the Department
of Computer Science and Engineering
from University Visvesvaraya College
of Engineering, Bangalore University,
Bengaluru, India. He was awarded Master
of Technology in Computer Science and
Engineering from Davangere University,
Davangere. He obtained his Bachelor
of Engineering degree in Computer
Science and Engineering from BMS College of Engineering,
Visvesvaraya Technological University. He was received the
Diploma in Computer Science and Engineering from Govt.
Polytechnic, Board of Technical Examinations, Karnataka.
His research interests are in the field of Data Security, Data
Sharing and IOT in the Cloud Computing.
Rekha Rangappa Dasar is obtained
her ME degree from University
Visvesvaraya College of Engineering,
Bangalore University, Bengaluru, India.
She was received the BE degree in
Computer Science and Engineering
from Basaveshwar Engineering College,
Visvesvaraya Technological University.
Her areas of interests include Networking,
Data processing and Cloud Computing.
Tanuja R is currently the Assistant
Professor, Department of Computer
Science, University Visvesvaraya College
of Engineering, Bangalore University,
Bengaluru. She was obtained her
Bachelor of Engineering from BMSCE,
Bengaluru. She received her Masters
degree in Computer Science and
Engineering from UVCE, Bengaluru.
Her research interests are in the field of Wireless Sensor
Networks, Cryptography and Network security.
Manjula S H is currently
Associate Professor, Department of
Computer Science and Engineering,
UVCE, Bangalore University,
Bengaluru. She has obtained BE,
M.Tech. Ph.D. in Computer Science
and Engineering, Chennai. Her
research interests are in the field of
Wireless Sensor Networks and Data
mining.
Venugopal K R is currently the Prin-
cipal, University Visvesvaraya College of
Engineering, Bangalore University, Ban-
galore. He obtained his Bachelor of En-
gineering from University Visvesvaraya
College of Engineering. He received his
Masters degree in Computer Science and
Automation from Indian Institute of Sci-
ence Bangalore. He was awarded Ph.D
in Economics from Bangalore University
and Ph.D in Computer Science from Indian Institute of Tech-
nology, Madras. He has a distinguished academic career and
has degrees in Electronics, Economics, Law, Business Finance,
Public Relations, Communications, Industrial Relations, Com-
puter Science and Journalism. He has authored and edited 64
books on Computer Science and Economics, which include
Petrodollar and the World Economy, C Aptitude, Mastering
C, Microprocessor Programming, Mastering C++ and Digital
Circuits and Systems etc., He has filed 101 patents. During his
three decades of service at UVCE he has over 640 research
papers to his credit. His research interests include Computer
Networks, Wireless Sensor Networks, Parallel and Distributed
Systems, Digital Signal Processing and Data Mining. He is a
Fellow of IEEE, ACM and ISTE.
Vol. 16, No. 3, March 2018
ISSN 1947-5500

COIRS: Cost Optimized Identity based Ring Signature with Forward Secrecy in Cloud Computing

More Related Content

What's hot (20)

Similar to COIRS: Cost Optimized Identity based Ring Signature with Forward Secrecy in Cloud Computing (20)

Recently uploaded (20)

COIRS: Cost Optimized Identity based Ring Signature with Forward Secrecy in Cloud Computing