AU2021106274A4

AU2021106274A4 - A protocol for assuring data integrity in cloud setting by using a fully homomorphic batch encryption scheme with integer and shorter public key (hbeis)

Info

Publication number: AU2021106274A4
Application number: AU2021106274A
Authority: AU
Inventors: Hariharasitaraman S.
Original assignee: S P Balakannan
Current assignee: S P Balakannan
Priority date: 2021-08-21
Filing date: 2021-08-21
Publication date: 2021-12-09
Anticipated expiration: 2029-08-21

Abstract

The present invention generally relates to a protocol for assuring data integrity in cloud setting by using a fully homomorphic batch encryption scheme with integer and shorter public key (HBEIS), the system comprises a plurality of algorithms, wherein algorithms are key Generation algorithm, Encryption algorithm, Evaluation algorithm, and Decryption algorithm; a Simple Encrypted Arithmetic Library (SEAL) homomorphic encryption library for the practical implementation of the proposed scheme, wherein the library is connected though a .NET wrappers for the public API; and an AES-256 encryption circuit for homomorphic evaluation during the implementation of the proposed scheme. 20 CJu ci ci *c.iCu C W I"~ Cu121

Description

CJu

ci

ci *c.iCu C W

I"~ Cu121

A PROTOCOL FOR ASSURING DATA INTEGRITY IN CLOUD SETTING BY USING A FULLY HOMOMORPHIC BATCH ENCRYPTION SCHEME WITH INTEGER AND SHORTER PUBLIC KEY (HBEIS) FIELD OF THE INVENTION

The present invention relates to a protocol for assuring data integrity in cloud setting by using a fully homomorphic batch encryption scheme with integer and shorter public key (HBEIS).

BACKGROUND OF THE INVENTION

Data in big data applications, such as monitoring data, internet data, and the like, is inherently dynamic. Except for some huge static data, such as libraries and electronic archives, data in large data applications is constantly updated. Data updates are frequent in many applications, such as social networking and business transactions. As a result, a critical cloud security mechanism, such as a public auditing method, is required to efficiently support dynamic data. Integrity, confidentiality, and availability are the three key characteristics of the security issue. In recent years, public auditing or cloud data auditing, that is, validating data integrity from an external entity, has become a subject that has been intensively researched. Because the user is not accessible to the data kept on the Cloud Storage Server (CSS), it is extremely desired to need auditing by the client, the data consumer, or a third-party auditor, regardless of how powerful the server-side mechanism is stated to be. As a result, a public solution that may solve the above security challenge is offered, the original method is enhanced, and a new data integrity verification scheme is proposed by summarising and summarising relevant work in recent years on the above concerns.

Existing data integrity approaches outsource data storage integrity verification, which has sparked a lot of research interest. The concept of traceable evidence and its first model was proposed by Jules and Kalisk. Their method, however, is limited to static data storage, such as archives or libraries. Atenise et al introduced a similar concept known as "provable data occupancy" the same year. Their method allows for block-free verification, meaning that the verifier can check the integrity of a partially outsourced document by checking a set of pre-computed document tags known as Homomorphic Verification Tags (HVT) or Homomorphic Linear Authentication (HLA) (HLAS). An enhanced stateless verification POR model was proposed by Shaham and Waters. Erway and colleagues present the first PDP system capable of comprehensive dynamic data update verification. Validating updates with an upgraded authentication data structure is becoming a preferred technique to allow verifiable changes in PDP and POR processes. They employ an ADS that use a level based authentication skip list (RASL). Erway et al propose the first PDP scheme that can support full dynamic data update verification. Using an improved authentication data structure to validate updates becomes a popular way to support verifiable updates later on in PDP and POR operations. They use a level-based authentication skip list (RASL) ADS. In conclusion, the existing cloud storage deduplication scheme still poses a significant security risk, particularly in terms of the secret key's protection. Furthermore, how to ensure that the various POW proof schemes are compatible with the key system and have high efficiency is a concern that needs to be addressed.

In Greek mythology, the words "homos" and "morphos" refer to the same thing. In abstract algebra, a homomorphism is a property of a function that takes inputs from diverse algebraic sets and produces an element including the results of well-known operations such as addition and multiplication. The advantage of FHE's (Fully homomorphic encryption) property is heavily employed when constructing cryptosystems. Fully Homomorphic Encryption is a type of encryption that allows any CSP (Cloud Storage service provider) to perform specific computations on it. The proportion of data and format of encrypted data is kept using this approach, which is a remarkable quality.

In the view of the forgoing discussion, it is clearly portrayed that there is a need to have a method and system for assuring data integrity in cloud setting by using a fully homomorphic batch encryption scheme with integer and shorter public key (HBEIS).

SUMMARY OF THE INVENTION

The present disclosure relates to a protocol for assuring data integrity in cloud setting by using a fully homomorphic batch encryption scheme with integer and shorter public key (HBEIS). More particularly the present invention relates to integrity verification process in a cloud setting. Any third-party auditor can do random audit on the encrypted data for assuring the correctness of data without possessing the original data. In our experimental set up, HBEIS scheme ensures optimal space and linear computational complexity.

The present invention relates to protocol for assuring data integrity in cloud setting by using a fully homomorphic batch encryption scheme with integer and shorter public key (HBEIS). The method comprises encrypting the message using the encryption algorithm and sending it to the cloud storage. The method further comprises evaluating a query homomorphically using an evaluation function (Eval), wherein the query is received from any public auditor for a particular data on the encrypted message in the cloud storage. The method further comprises returning the results as an encrypted message to the public auditor, wherein the data is returning by could service.

In an another embodiment, a proposed Fully Homomorphic Batch Encryption Scheme using Integers with Shorter public key (HBEIS) comprises four algorithms which are key generation (Key gen), encryption (Encryp), evaluation (Eval), and decryption (Decryp), wherein the key generation algorithm is used for generating private or public key that is used for both encryption and decryption, and wherein the evaluation algorithm takes the input of cipher text message and return the cipher text of computer results after doing a computation on cipher text.

In an another embodiment, the proposed scheme is used for checking the integrity of the data is the cloud setting, wherein several primes are used thus the private key is the set of primes and co-primes.

In an another embodiment, the proposed scheme (HBEIS) is compared with the DGHV and BGV schemes, wherein the results showed that the proposed HBEIS scheme key generation algorithm runs faster in generating both private and public keys in batch mode, the proposed scheme have better computation time than BGC and DGHV schemes, and the proposed scheme execute faster than DGHV and BGV in term of time complexity.

In an another embodiment, the proposed scheme the order of growth of decryption algorithm and the parameters are constant because of the faster decryption of keys.

In an another embodiment, an optimal space and linear computational complexity is ensured by setting the homomorphic parameters below A = 62, p = 32, r = 2176, y = 4.2 *106, and p= 44, wherein a protection under GCD attack can be ensured with proper setting of the parameters.

In an another embodiment, the security of the proposed scheme depends on the hardness of integer factorization.

In an another embodiment, a system for assuring data integrity in cloud setting by using a fully homomorphic batch encryption scheme with integer and shorter public key (HBEIS) is disclosed. The system includes a plurality of algorithms, wherein algorithms are key Generation algorithm, Encryption algorithm, Evaluation algorithm, and Decryption algorithm. The system further includes a Simple Encrypted Arithmetic Library (SEAL) homomorphic encryption library for the practical implementation of the proposed scheme, wherein the library is connected though a .NET wrappers for the public API. The system further includes an AES-256 encryption circuit for homomorphic evaluation during the implementation of the proposed scheme.

An object of the present disclosure is to provide a method and a system for assuring data integrity in cloud setting by using a fully homomorphic batch encryption scheme with integer and shorter public key (HBEIS).

Another object of the present disclosure is to check the integrity of data is the modified DGHV which supports simultaneous processing of vector of plain text bits.

Yet another object of the present disclosure is to calculate the computation time for encryption algorithm, decryption algorithm, key generation algorithm and evaluation algorithm with respect to growth of parameters (A, p, rj, y, P).

To further clarify advantages and features of the present disclosure, a more particular description of the invention will be rendered by reference to specific embodiments thereof, which is illustrated in the appended drawings. It is appreciated that these drawings depict only typical embodiments of the invention and are therefore not to be considered limiting of its scope. The invention will be described and explained with additional specificity and detail with the accompanying drawings.

BRIEF DESCRIPTION OF FIGURES

These and other features, aspects, and advantages of the present disclosure will become better understood when the following detailed description is read with reference to the accompanying drawings in which like characters represent like parts throughout the drawings, wherein:

Figure 1 illustrates a flow chart of a method for assuring data integrity in cloud setting by using a fully homomorphic batch encryption scheme with integer and shorter public key (HBEIS) in accordance with an embodiment of the present disclosure; Figure 2 illustrates a block diagram of a system for assuring data integrity in cloud setting by using a fully homomorphic batch encryption scheme with integer and shorter public key (HBEIS) in accordance with an embodiment of the present disclosure; Figure 3 illustrates functions of asymmetric key homomorphic encryption in accordance with an embodiment of the present disclosure; Figure 4 illustrates the architectural model of HBEIS Scheme on Cloud Scape in accordance with an embodiment of the present disclosure; Figure 5 illustrates the comparison of homomorphic parameters of key generation algorithm with DGHV and BGV schemes in accordance with an embodiment of the present disclosure; Figure 6 illustrates the comparison of homomorphic parameters of encryption algorithm with DGHV and BGV schemes in accordance with an embodiment of the present disclosure;

Figure 7 illustrates the comparison of homomorphic parameters of decryption algorithm with DGHV and BGV schemes in accordance with an embodiment of the present disclosure; and Figure 8 illustrates the comparison of homomorphic parameters of evaluate algorithm with DGHV and BGV schemes in accordance with an embodiment of the present disclosure.

Further, skilled artisans will appreciate that elements in the drawings are illustrated for simplicity and may not have necessarily been drawn to scale. For example, the flow charts illustrate the method in terms of the most prominent steps involved to help to improve understanding of aspects of the present disclosure. Furthermore, in terms of the construction of the device, one or more components of the device may have been represented in the drawings by conventional symbols, and the drawings may show only those specific details that are pertinent to understanding the embodiments of the present disclosure so as not to obscure the drawings with details that will be readily apparent to those of ordinary skill in the art having benefit of the description herein.

DETAILED DESCRIPTION:

For the purpose of promoting an understanding of the principles of the invention, reference will now be made to the embodiment illustrated in the drawings and specific language will be used to describe the same. It will nevertheless be understood that no limitation of the scope of the invention is thereby intended, such alterations and further modifications in the illustrated system, and such further applications of the principles of the invention as illustrated therein being contemplated as would normally occur to one skilled in the art to which the invention relates.

It will be understood by those skilled in the art that the foregoing general description and the following detailed description are exemplary and explanatory of the invention and are not intended to be restrictive thereof.

Reference throughout this specification to "an aspect", "another aspect" or similar language means that a particular feature, structure, or characteristic described in connection with the embodiment is included in at least one embodiment of the present disclosure. Thus, appearances of the phrase "in an embodiment", "in another embodiment" and similar language throughout this specification may, but do not necessarily, all refer to the same embodiment.

The terms "comprises", "comprising", or any other variations thereof, are intended to cover a non-exclusive inclusion, such that a process or method that comprises a list of steps does not include only those steps but may include other steps not expressly listed or inherent to such process or method. Similarly, one or more devices or sub-systems or elements or structures or components proceeded by "comprises...a" does not, without more constraints, preclude the existence of other devices or other sub-systems or other elements or other structures or other components or additional devices or additional sub-systems or additional elements or additional structures or additional components.

Unless otherwise defined, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. The system, methods, and examples provided herein are illustrative only and not intended to be limiting.

Embodiments of the present disclosure will be described below in detail with reference to the accompanying drawings.

Referring to Figure 1, a flow chart of a method for assuring data integrity in cloud setting by using a fully homomorphic batch encryption scheme with integer and shorter public key (HBEIS) is illustrated in accordance with an embodiment of the present disclosure. At step 102, the method 100 includes encrypting the message using the encryption 204 algorithm and sending it to the cloud storage.

At step 104, the method 100 includes evaluating a query homomorphically using an evaluation function (Eval), wherein the query is received from any public auditor for a particular data on the encrypted message in the cloud storage.

At step 106, the method 100 includes returning the results as an encrypted message to the public auditor, wherein the data is returning by could service.

In an another embodiment, a proposed Fully Homomorphic Batch Encryption Scheme using Integers with Shorter public key (HBEIS) comprises four algorithms which are key generation 202 (Key gen), encryption 204 (Encryp), evaluation 206 (Eval), and decryption 208 (Decryp), wherein the key generation 202 algorithm is used for generating private or public key that is used for both encryption 204 and decryption 208, and wherein the evaluation 206 algorithm takes the input of cipher text message and return the cipher text of computer results after doing a computation on cipher text.

In an another embodiment, the proposed scheme (HBEIS) is compared with the DGHV and BGV schemes, wherein the results showed that the proposed HBEIS scheme key generation 202 algorithm runs faster in generating both private and public keys in batch mode, the proposed scheme have better computation time than BGC and DGHV schemes, and the proposed scheme execute faster than DGHV and BGV in term of time complexity.

In an another embodiment, the proposed scheme the order of growth of decryption 208 algorithm and the parameters are constant because of the faster decryption 208 of keys.

Figure 2 illustrates a block diagram of a system for assuring data integrity in cloud setting by using a fully homomorphic batch encryption scheme with integer and shorter public key (HBEIS) is disclosed in accordance with an embodiment of the present disclosure. The system 200 includes a plurality of algorithms, wherein algorithms are key Generation 202 algorithm, Encryption 204 algorithm, Evaluation 206 algorithm, and Decryption 208 algorithm.

In an embodiment, a Simple Encrypted Arithmetic Library 210 (SEAL) homomorphic encryption library 212 for the practical implementation of the proposed scheme, wherein the library is connected though a .NET wrappers for the public API.

In an embodiment, an AES-256 encryption circuit 214 for homomorphic evaluation during the implementation of the proposed scheme.

Any encryption scheme C is composed of three algorithms for its operation keygene, Encrypt, Decrype that should run in a polynomial time with respect to the key size (k). In a symmetric key encryption scheme, a single key (k) that is used in both encrypt and decrypt, by the keygene algorithm. In an asymmetric encryption scheme, keygene algorithm generate key pairs a public key Pk, a private decryption key sk. In a homomorphic encryption scheme can be of symmetric key encryption or asymmetric key encryption in nature. If it is a asymmetric one, anot8

,her algorithm is added for the functioning of the scheme called evalE. For a function f in a encryption scheme and cipher texts (c1......co) with ci = encrypt (Private key and the message), outputs a cipher text which encrypts f (messages). The below diagram explains the above operation on homomorphic encryption (Figure 3).

The addition operation over an encryption scheme is given by, for any messages 'mi' and 'M 2 ' the result can be "encryption of message 1" + "encryption of message 2" is "encryption(mi + M 2 )" without reading the message mi and M 2 . In another scenario for a multiplicative operation for the set of operation 'ml' and 'm2' gives encryption (M 1 * m 2 ).

In 1978, Rivest et al. converged the homomorphic properties and cryptographic field, in short, computing without actually, decrypting the messages. In 1982, Yao designed two user communication scheme using Boolean circuits. Their works had worst computational and communication complexity. In 2009, Gentry designed a FHE scheme, which works upon on encrypted data with limited number of operations. Gentry's doctoral dissertation reveals that the evaluation of FHE based on Lattices scheme. The scheme has high computation cost and it was practically difficult to implement. Van et al., in 2010 introduced FHE over integers based on a Greatest Common Divisor problem, Brakersi et al. came up with LWE Scheme. The development of FHE schemes is broadly classified into three types, PHE-Partial Homomorphic, SWH-Some What Homomorphic, FHE Fully Homomorphic encryption scheme based on types of operations it does and number of times of operation it supports.

Figure 4 shows the simple illustration of HBEIS over cloud setting. Alice wants to send message to a cloud store, she decrypts the message using an encryption algorithm (Step1 & Step 2), if any auditor wants to do a computation with a stored message he will query to the cloud storage (Step 3). The evaluation scheme performs computation using a function called 'Eval' (Step 4) and the result is encrypted message to the auditor (Step 5).

The message space 'M' contains set of messages mi 1 , m 2 ...... mn. An encryption scheme or algorithm is denoted by the term 'encryp', an encryption scheme is said to be homomorphic in nature on an operation '+', the following conditions to be satisfied.

Encryp(mi + M 2 ) = encryp(mi + M 2 ) for allm 1 , m 2 in 'M' (1)

The operation are to be performed such as additive, multiplicative are functionally complete over finite algebraic sets, to make an encryption scheme which supports homomorphic evaluation over any functions, the above operations is sufficient. Any FHE scheme is designed to support four main operations which are key generation, encryption, and decryption and evaluation algorithm. The function of key generation algorithm is to generate private key or public key used for both encryption and decryption or to execute the scheme in symmetric mode or asymmetric mode. Working functionality of evaluation function is the innovation here; it takes inputs of cipher text message, does a computation on cipher text and returns a cipher text of computed results. Thus, the size of cipher text is constant for unlimited number of computations. Also, the practical implementation of operations can be easily implemented by using logic gates in Boolean theory.

Notations and Mathematical background m is the bit plaintext (m= or 1), q is a large random integer, r is a small random. p - Co prime numbers, b - Random binary vector, y is bit length of any integers in Pk. r - Bit length of 'P'. p - bit length of noise [distance between public key integers & nearest multiples of secret key]. T - No. of integers in the public key. A - Security parameter. C, C1, C2.. Cn-Cipher text. m, mO, ml, m2... Mn-messages, M - Message Space, Pk - Public key. Sk - Secret

key or Private Key.

The HBEIS scheme contains four algorithms namely, Key gen(1A, Qi(Osisn)), Encryp(Pk, m), Eval(Pk, C, C1, C 2 ), Decryp(Sk, C). The proposed scheme uses to check the integrity of data is the modified DGHV which supports simultaneous processing of vector of plain text bits. Instead of using single prime 'p' as their secret key, this study uses several such primes po, pi, . . , Pn-1. So, the private key is a set of primes or co primes po, P1, P2 .... Pn-1. Thus, the FHE with integers is altered as follows.

X = random integer of large size (p)* secret key (q) + 2 * random integer of small size (r) message (2)

This study uses a group of co primes to find the secret key as per Chinese Remainder Theorem [1, 18]. Each pi handles a plain text bit. The cipher text is given by:

Cipher text = CRTqo;p;p1;p2...;pn-1 (random integer large size; 2ro +

mo;...; 2rn-1 + m) (3)

The decryption of the cipher text is given by:

mi = [c mod p,]mod 2 for all O<i<n (4)

Key Generation Algorithm ( 1A, Qi(Osisn)): (a)Pick any n-bit prime numbers 'pi' such that Osisn and [ as the product value. (b)The public key is defined as follows, x = q*V where qo is a set of primes n 0, -2A/. (c)The private key is defined by Pk = xo, Qi, xi , xj. (d)The Secret key is Sk

= Pj.

Encryption Algorithm (Pk, M): (a)For any M = M 1 , M 2 , ... ma, where n P set of primes. (b)Pick any random binary vector b. (c)The cipher text is given by:

D0mo. X + !'bi. xi] (5)

Decryption Algorithm (Sk, c): (a) The decryption will yield original plain text bit. M= M 1 , M 2 , ...mo, where mi= (Ciphertext)mod(private key Pi) Qi (6) Cipher text - C; Private key - P.

Evaluate Algorithm (Pk, C, C 1 , C 2 ): (a) Choose the public key Pk and s of Cipher text 'C'. (b) Input Pk and s to a circuit C to perform addition &

multiplication over integers. (c) The addition function does XOR operation on cipher text, which is given by Input -> Addition (Pk, C1, C 2 ). Output -> [C 1 XOR C 2 ] mod xo. (d) The multiplication function does NAND operation of cipher text, which is given by Input -> Multiplication (Pk, C1 , C2 ).

Output -> [C 1XORC 2 ] mod xo.

For practical implementation of proposed scheme, this study utilizes Microsoft Corporation. The Simple Encrypted Arithmetic Library (SEAL) homomorphic encryption library, connected through .NET wrappers for the public API, Hao Chen et al. The results are measured in a hardware setup in a desktop machine with the following configuration, Intel Pentium i3-Processor, 2.2 GHZ, with 4 GB RAM. The graphs are plotted to calculate the computation time for encryption algorithm, decryption algorithm, key generation algorithm and evaluation algorithm with respect to growth of parameters (A, p, rj, y, P).

While implementing the proposed scheme, homomorphic evaluation of AES-256 encryption circuit is used. The practical implementation of such FHE scheme is seen in the following studies of Brakerski et al., Gentry et al, dos Santos et al, Coron et al, Apurva sachan and Tiago et al. In the studies of Smart et al, Naehrig et al, Gentry et al. (2012), their implementations results ends up in less communication cost under a cloud setting. Although, cipher text computation requires costly computation, data could be encrypted using AES circuit with a restriction of cipher text growth approximately equal to 1, with the public key of this scheme and AES private key is encrypted using HBEIS public key. Thus any cloud auditor executes an AES decryption scheme in a homomorphic way to obtain the plain text data which is encrypted under public of HBEIS scheme for applying the homomorphic operations in the stored data.

The Figure 5 given below shows the growth of various parameters in the key generation algorithm with respect to DGHV and BGV scheme. This proposed scheme key generation algorithm runs faster in generating private or public keys in batch mode, while comparing with the other schemes.

In Figure 6, the encryption algorithm shows computational complexity which grows constantly till the homomorphic parameters value up to 30 rounds of execution, and then it is growing linearly. Therefore, the computation time is linear which is better than the BGV and DGHV schemes. The Figure 7, shows the decryption algorithm which executes as equal to the BGV scheme, but it does faster computation than DGHV scheme. The order of growth of decryption algorithm and the parameters is constant because of the faster decryption of keys. Figure 8 shows that Evaluation algorithm takes more time for computation because, evaluation algorithm is run by third party computer, the computation time is proportionate to communication time also. Thus, the proposed system executed faster than DGHV and BGV in terms of time complexity. To address the optimum space for execution of various algorithms in the proposed scheme, homomorphic parameters are set as below A = 62; p = 32; = 2176 y = 4:2 *106 p = 44 can yield better space complexity too. Any crypto system is designed in such a way, that it should not be compromised. The DGHV scheme, BGV scheme and HBEIS scheme are designed in such a way by the toughness of the approximate integer common divisor problems. The effort required by an adversary to know the private key and finding such key says the crypto system is secure or not. In this proposed scheme, finding such private key depends on the hardness of integer factorization. By proper setting of the above values parameters, this proposed scheme ensures protection under GCD attack.

The drawings and the forgoing description give examples of embodiments. Those skilled in the art will appreciate that one or more of the described elements may well be combined into a single functional element. Alternatively, certain elements may be split into multiple functional elements. Elements from one embodiment may be added to another embodiment. For example, orders of processes described herein may be changed and are not limited to the manner described herein. Moreover, the actions of any flow diagram need not be implemented in the order shown; nor do all of the acts necessarily need to be performed. Also, those acts that are not dependent on other acts may be performed in parallel with the other acts. The scope of embodiments is by no means limited by these specific examples. Numerous variations, whether explicitly given in the specification or not, such as differences in structure, dimension, and use of material, are possible. The scope of embodiments is at least as broad as given by the following claims.

Benefits, other advantages, and solutions to problems have been described above with regard to specific embodiments. However, the benefits, advantages, solutions to problems, and any component(s) that may cause any benefit, advantage, or solution to occur or become more pronounced are not to be construed as a critical, required, or essential feature or component of any or all the claims.

Claims

1. A method for assuring data integrity in cloud setting by using a fully homomorphic batch encryption scheme with integer and shorter public key (HBEIS), the method comprises:

encrypting the message using the encryption algorithm and sending it to the cloud storage; evaluating a query homomorphically using a evaluation function (Eval), wherein the query is received from any public auditor for a particular data on the encrypted message in the cloud storage; and returning the results as an encrypted message to the public auditor, wherein the data is returning by could service.

2. The method as claimed in claim 1, wherein a proposed Fully Homomorphic Batch Encryption Scheme using Integers with Shorter public key (HBEIS) comprises four algorithms which are key generation (Key gen), encryption (Encryp), evaluation (Eval), and decryption (Decryp), wherein the key generation algorithm is used for generating private or public key that is used for both encryption and decryption, and wherein the evaluation algorithm takes the input of cipher text message and return the cipher text of computer results after doing a computation on cipher text.

3. The method as claimed in claim 1, wherein the proposed scheme is used for checking the integrity of the data is the cloud setting, wherein several primes are used thus the private key is the set of primes and co primes.

4. The method as claimed in claim 1, wherein the proposed scheme (HBEIS) is compared with the DGHV and BGV schemes, wherein the results showed that the proposed HBEIS scheme key generation algorithm runs faster in generating both private and public keys in batch mode, the proposed scheme have better computation time than BGC and DGHV schemes, and the proposed scheme execute faster than DGHV and BGV in term of time complexity.

5. The method as claimed in claim 1, wherein in the proposed scheme the order of growth of decryption algorithm and the parameters are constant because of the faster decryption of keys.

6. The method as claimed in claim 1, wherein an optimal space and linear computational complexity is ensured by setting the homomorphic parameters below A = 62, p = 32, r = 2176, y = 4.2 *106, and p= 44, wherein a protection under GCD attack can be ensured with proper setting of the parameters.

7. The method as claimed in claim 1, wherein the security of the proposed scheme depends on the hardness of integer factorization.

8. A system for assuring data integrity in cloud setting by using a fully homomorphic batch encryption scheme with integer and shorter public key (HBEIS), the system comprises:

a plurality of algorithms, wherein algorithms are key Generation algorithm, Encryption algorithm, Evaluation algorithm, and Decryption algorithm; a Simple Encrypted Arithmetic Library (SEAL) homomorphic encryption library for the practical implementation of the proposed scheme, wherein the library is connected though a .NET wrappers for the public API; and an AES-256 encryption circuit for homomorphic evaluation during the implementation of the proposed scheme.

102 encrypting the message using the encryption algorithm and sending it to the cloud storage ti th i th ti l ith d di it t th l d t

evaluating a query homomorphically using a evaluation function (Eval), wherein the query is received from any public auditor for a particular data on the encrypted message in the 104 cloud storage

returning the results as an encrypted message to the public auditor, wherein the data is 106 returning by could service

Figure 1

Key Generation 202

Encryption 204 Evaluation 206

Decryption 208 Decryption 208

Simple Encrypted Arithmetic Homomorphic Encryption Library 210 Library 212

AES‐256 encryption circuit 214

Figure 2

PLAIN TEXT

KEY GENERATION ENCRYPTION PUBLIC KEY ALGORITHM ALGORITHM

PRIVATE KEY CIPHER TEXT

DECRYPTION EVALUATION FINAL CIPHER TEXT ALGORITHM ALGORITHM

PLAIN TEXT FINAL OUTPUT

Figure 3 Figure 3

11. Ali Alice encrypts t the th message “m” using 2. Alice send encryption function Encryp€ to a cloud Encryp€, the output is storage. Encryp€(m)

The query received from 3. Any public auditor can Cloud Cl d storage t any client is query for a particular data server. homomorphically evaluated on the encrypted message using eval€ an evaluation in the cloud storage. function.

Cloud service provider return results on encrypted messages to the public auditor.

Figure 4 Figure 4

Figure 5 Figure 5

Figure 6 Figure 6

Figure 7 Figure 7

Figure 8 Figure 8