Implementation
5.1 Client Application
The client application is used by users to connect and transmit messages with the Server running on EC2. Each user has a 1024 bit RSA Key-pair that is stored in a key-store file.
Each file owner has Searchable Key Store file that is used to generate search capabilities as described in Section 4.5. This file stores two keys, one is the SecureFileObject keyword key which is used to symmetrically encrypt the list of keywords attached to an SFO so that they may be later read. This key is a standard DES key. The next key is an HMAC-Sha1 and is used to generate searchable encrypted keyword lists that will be used by the server to respond to user queries. The system uses the Java KeyGenerator class to generate the specific keys.
The client application also contains a settings file that is needed to specify the location of the users key-store file, the UserID, the EC2 secret and access keys and the address of the
Ihttp://jets3t.s3.amazonaws.com/toolkit/toolkit.html
University
of Cape
Town
EC2 inst.:Ul'-" to ,,·hich the diem. must conned,
Communicat.ion i)(,tw"pu lite dienl und the s.'rver is adliel'<,d by serializing the N~twork
"iec.sage, ~~ure file Ollje"t ami Se"urc Fill' Obj('<:\, K(,yWOld~ da1.a ~1.CllC1.11r"" and sencli,jg those o,w a TCP socket using
,lIt ·
Java ObjectStreamWriter or ObjtttStff'amHe8!ier.5. 1.1 Clie nt Al g orithm s a nd
Procedure~The following seCl.ion \l'ill <,xplaiu S<Jme of the COrl' procednrl's of the client application and how the client· sy~tem Wi).\; broken lip in t<> yariou~ ('()JllpOll"nl.8
Figure 3.1' Sy~l.€m Components
Figuff' 5. j shows t h~ "ariou~ components and claSS<.'s thai an' llsed by ill(' diP,,1 appli-cation, The system C"Il ~ broke'n lip into two major ('omponellt~: the Security Component and the Communications Component, The inl<Tfa", is w;ed hy the user 1-0 interact with the systl'm. l~p()n S1.ml.iu!-\ l.l", applicalion til(' Settings file ib read by the application nnd
University
of Cape
Town
the RSA Key-store along with the Secure File Objects Key-store are loaded. The RSA class is used to extract the Public and Private keys from the RSA Key-store, similarly the Secure File Keywords Key-store class is used to extract the encryption keys from the Secure File Objects Key-store file. The Secure File Object Processor is used by the system to perform various security operations on a Secure File Object. The Cryptography class is used to preform cryptographic operations on data, this includes encrypting a byte array using asymmetric encryption or symmetric encryption and generating message digests from byte arrays.
Security Operations
The Secure File Object Processor class, as is shown in Appendix A.2, is llsed to perform Cryptographic operations on an SFO instance, the implementation of 'which is shown in Appendix A.I. It makes use of the cryptographic operations exposed by the Cryptography class. The SFO Processor provides a set of high level operations to the interface such as shown in Table 5.1
The Create SFO Object command creates an SFO object in memory. This function takes the file's owner's UserID and RSA key-pair. This function creates the File Encryption Key and encrypts it using the owner's public key.
The Add Read User command adds a new entry to the Read List. This function takes the user's ID, user's public key and the owner's private key, encrypts the file encryption key with the user's public key. The function also adds a new entry to the Public Key list 'with the Is- Writer flag set to False. It then creates a digest of the object aIld signs it with the owner's private key.
University
of Cape
Town
Table 5.1: Secure File Object Processor Functionality Create SFO Object Add Read User
Add \Vrite User Remove Read User Remove Write User Hash Secure File Object Hash Encrypted Data Sign Digests
Verify Secure File Object Set Data From File Integrity
Get Data Save Data to File
List User Rights
All block encryption was performed using the DES encryption algorithm 2 , with a default Java, key size of 64 bits as specified in FIPS PUB 46-2 :3. The creation of hashes for both the data fields and the secure file object was performed using the l\ID5 algorithm.
Keyword Generation
As explained in Section 4.5, a random number R and a flag F are needed to generate encrypted keywords, the class definition of the Secure File Object keywords is shown in Appendix A.4. R is a 512 bit random number and F is a 128 bit random number seeded with the system time. The system receives a number of space separated keywords which are then processed as explained in Section 4.5 and stored in a list of byte arrays. These operations are performed by the Secure File Object Processor shown in Appendix A.5.
The Secure File Object Processor uses the Symmetric Searchable Encryption class, Ap-pendix A.6, to convert the keywords to searchable keywords using the algorithm specified
2 Although AES of any other block cipher could also be used 3http://www.itl.nist.gov/fipspubs/fip46-2.htm
University
of Cape
Town
in the Section 4.5.1.
Communications Operations
Communication with the compute cloud is a two step process. The client first authenticates with the server, then exchanges data.
Authentication is explained in Section 4.3, once authenticated the client can then send Network message objects to the server to instruct it what operations to perform. This is achieved by creating a Network Message object and setting the Message Type field and possibly sending additional information that is placed in the Container Field.
For example, if the user wishes to Put an object, the client will set the message type field to PUT and send that object, then send the Secure File Object and potentially the Secure File Object Keywords to the server. Should the user not have specified Keywords for a Secure File Object, then client sends a NULL value for the Secure File Object Keywords.
If a user wishes to Get a file, then client will set the Message Type field to GET and set the Container to the Object-ID that the user has requested.
Client Interface
The client application needs to provide the ability for other applications to interface with it. As mentioned in the use cases in Section 3, an application running on a users com-puter would need an interface to connect with and send instructions. This functionality was implemented with the use of sockets. The implementation has a thread running and waiting for connections from applications. The application sends a list of commands and parameters across the socket for the client which the client then processes. As an example, the application could send the following string. "-password=pass -create=secureTextFile -add=/home/Bob/TextFile -keywords=Bob TextFile -sign -put". That command passes through the key-store password, the name of the SFO instance, the location of the con-tents, the keywords that are to be attached, then a sign instruction which creates both the encrypted data hash and the SFO hash and lastly there is a put command which instructs
University
of Cape
Town
th(' di"llI, itpplicatioll 10 nploitd thc SFa to the ~Ioud. This "pproc)('h "I:ow~ ,m\" applical.]()]l to simp'" 01"'1' it sod,cl., "onllGei io the dient. PIl,'jS tJ]r(lugh "')l"~ mtll11l!l1lds ,,'hi('h I.lw client th~n process~s und pi"S(,~ t.helll olll,o I,!w EC~ server The proce~s i~ illu~trklted in
figur~ 5,2.
., ,1'
~;'Cloud
,
/(
/~ .u ~'/ ~"
0 ';~---
/ / ' I ,,:
''----~---./I ,""
''''''''0>0'
; ,~"'" '1<,'
r_"
t>; . .,.iowi"",,,,, [O<\",~i).\It'" 14, . " n. ,,""~
' " ~j
",,",'
figure 5,~: All o\'~T\'i~w o[ the Cliclltlnt(',fitcc [or Applindions. Jl:ustmt~s how !Ill up pi i, Htwn ('im CAmIl('('t to t Iw eli ~nt ,ri" ~OCkN~ !lJtd send ins1l'ucl iOIlS,
.'i.1.2 Sen r el' A 19urithllls and Procedure s
The ""rver "pplkation runs on an E-C~ hlSI.(U~·:C' imel wait,s for Ullltle~tillns from cli~nts.
\\'lwn a cli~1l1 COIlIl('CI,S, it i~ ors1 ilUtlwIlt,i""tt'd th~n th~ ""rvcr call r~cei\'" in,I,[lJctiOllS.
"lost o[ Ul<' ill,true timlS ar~ Silt1pl:-· pushed fOlward to I.lw doud SI,Onll'/' "'Tvi,,~ ,\1')' vi"
our A"lk':>:OllliS;l abstraction cinss which is ddill('d ill !\ppc11<:iix A .. 3. When a serwr r =ives 1m ~:WO Object, aiong wi1h ils kcnl'ords obj('d It, ""rillli~e~ th~s€ ob.i~cts to S3 usillg
'JeI.S:lt.
University
of Cape
Town
tll<' <l1\.IIL" s\Je<,jIi('(! 111 Ih,'
sro.
aud fm tlll' l«'\'\\(lrd~ file it appf'ncib 'ko')'wonb.' \0 Ih~lwgilmilll', of Ib" n~me
When th.' .~<T""r n','({~ to !i<-a,,-b. il will !e<-ehoe .. .va!J'od; ,I[",''''q( WJlh Ih,. Me"s",!" l"'r~
fi.M 5el to SfalTh alld Lh., ~,· .. "h '";)I'"bihl," .;;(0100 in th,.. COllt{flllfl' !kld
Ttli' ,..'r\"O'J Ih"" r"I1U"'l~ !'I lisl of all th ... fih", starlillg " itb 'k,-\'w{,rJs Then ror .,(\('h till'
U\ the list, thO' SI'rWt ""UH<'I~ t1w kevwords IU thllt tik, and rOl1l1>a1l'S th"HI 1." th" se."n,h ml)"hilih' as expJrunecl in S.,~t,ioll ·L~,2 ;H1d
, h"wn
in Fiplre :;,1.~"fLh c"p.tOJ~tr
"I><ll~,"'
,.,
I I
k."ywor.l"-r~,, 1 o(e'fW"'''!
"t-<m9t+(b nmgty'"
fl~g 12+tt.
P '" H~,'aC(r, 3t>clnl<t)
It~t~te
~O' ~~'" ~nlry I" lU>yW<l'~; Fllp[ I.<>t
~ ~ P ~Ot """'Y
,r tI,e n,sl '.; ~n&f< or.
"q"'"
n~11'"'' Ie .s a ",aocn
--- ~
~';&"l" ,~.3 sho\\-,; >LIO '':<(\1''1'1<- of hO<\' ~JI<' ,;earrhmr; algOlitbm works. AS-'UUl" tl~'n' ,LI!> lIn .. · fill:,; slOrl'd (III S3 ''ach with a li~t (,I k('}'\\ord~. If the ..en~r r"'nn'S" '·"pahilil.\'
·"I,..J2;Jz",f IlwL\ Ih,' <ltWt compulRS P IiM"dr .• .bcJZ:k'lf} for ,.,.,h k,·\''I\·., .. <I til" I'or
University
of Cape
Town
examplf a.5sume that there Ill"~ two emryptoo keywords stored in ·hywords.filel· namely:
sdfgt.+(b and bmgtva/' TIHc .,crvcr will C<JllllJULe x __ P xor .'.dfgt+(lJ aud x ,=
r
xOrhas tlw givcu kcvword aHaclwd to i1 .. This process is rflWated for ·keywonl.filf2· and 'kcvword.filc3' .
. Je ts3L
.kt.ilt. is a library 1.hat. iR lJrr>l"ided by Amaznn.comto lJlOvidc ,levdopcrR with an ~a,j~r wiW of cOllnecting to the Amazon Sim)!l~ SWrilge S~rvire. ltl unr implement.ation W{' flb.,irlldI'd
"way ccrt.:Un olJcraliou:l to make it simpler 1.0 upload files through the JctS;)t librarv.
\r{' imlJkmcllL\'d tIl(' PlltScellleFilcObjtd method whidl takes [l, Sc("tlrc File OlJject as a ps.f'lmetfr aHd uplolHb it. t.o S3 via ttl(' JdS3t. librm:y. Ilil object ('Il~ting i~ hllHdled withill in this method, Simila.rly we implfmented thc GetSl"CurcFilcObjcd method w]lidl t.alcs
,ill objed kev <is i1 lJ,u-amct,{T awl r('tilrns a S('cllI{-FIl('Objed ()] l\Ut.L If the objef't key W'b Hot, foulld ill the S3 bncket. Thf "b~tnl('liOTb t.hllt. we implemenu-d ciln be :;;cen in Appcndix A.3,