Multi tenancy cloud data with a shared privacy preserving trusted keyword search

In today's cloud computing environment, secure and efficient data sharing is paramount. This project proposes a secure cloud-based data sharing and verification system using the Verifiable yet Accountable Keyword Searchable Encryption (VAKSE) scheme. The system architecture is divided into four modules involving the Cloud Service Provider (CSP), Verifier, Data Owner, and Client, each playing a key role in secure data handling and verification. The first module focuses on the Cloud Service Provider (CSP), which manages user login, stores data owner and client details, generates cryptographic keys, and maintains file information. The CSP is also responsible for handling data requests and adding clients to the system. The second module involves the Verifier, who also logs in securely and is tasked with validating cryptographic keys. The Verifier checks whether a key is original or tampered and ensures that only valid keys are forwarded to the intended data recipients, thereby maintaining data integrity and trust. The third module introduces the Data Owner, who registers and logs in to upload files securely. Upon uploading, a key is generated to securely share data with intended clients. This ensures that the control over data remains with the owner at all times. The fourth module pertains to the Client, who registers, logs in, queries for data, and uses a generated token linked to a private key for verification and decryption. This enables clients to verify the authenticity of the data and decrypt it securely. At the core of this system lies the VAKSE scheme, which enables keyword-searchable encryption with built-in verifiability and accountability. The system utilizes four primary cryptographic algorithms: Setup, KeyGen, Encap, and Decap. The Setup algorithm generates master keys, KeyGen assigns private keys based on identities, Encap encapsulates valid keys into ciphertexts, and Decap deterministically retrieves the encapsulated key using private keys. Additionally, a mechanism is in place to detect and reject invalid ciphertexts, enhancing the robustness of the system. By integrating MAC (Message Authentication Code) encryption and VAKSE, the system ensures confidentiality, authenticity, and verifiability of cloud-stored data, offering a comprehensive solution for secure and accountable cloud-based data sharing.