Cryptography in Cloud Computing
Cryptography in Cloud Computing
Cryptography in Cloud Computing
\IEEEoverridecommandlockouts
% The preceding line is only needed to identify funding in the first footnote. If that is unneeded, please
comment it out.
\usepackage{cite}
\usepackage{amsmath,amssymb,amsfonts}
\usepackage{algorithmic}
\usepackage{graphicx}
\usepackage{textcomp}
\usepackage{xcolor}
T\kern-.1667em\lower.7ex\hbox{E}\kern-.125emX}}
\begin{document}
\author{\IEEEauthorblockN{Roopa H M}
\IEEEauthorblockA{\textit{Assistant professor,} \\
MCA department\\
Bangalore, India \\
roopahm@rnsit.ac.in}
\and
\IEEEauthorblockN{Lokesha S}
\IEEEauthorblockA{\textit{MCA department} \\
Bangalore, India \\
mca.lokesh24@gmail.com}
\and
\IEEEauthorblockN{Hemanth Kumar G}
\IEEEauthorblockA{\textit{Assistant professor,} \\
MCA department\\
Bangalore, India \\
\maketitle
\textbf{Abstract:}
Cloud cryptography is a field of study that focuses on developing secure and efficient cryptography
techniques for use in a cloud computing environments. The goal of cloud cryptography is to provide
strong security guarantees while minimizing the overhead associated with cryptography operation
associated in the cloud. This typically involves designing new encryption, decryption, and key
management schemes that are optimized for use in distributed computing environments. Key challenges
in cloud cryptography include protecting data confidentiality and integrity, preventing unauthorized
access to sensitive information, and ensuring the availability of cryptography resources. As cloud
computing continues to become more prevalent, the need for robust and efficient cloud cryptography
solutions will only continue to grow.
\textbf{keyword:}
Cloud computing, cloud cryptography, data security, cryptography techniques, encryption, decryption,
key management, algorithms.
\section{\textbf{Introduction}}
Cloud cryptography is an essential aspect of securing data in the cloud environment. The cloud
provides organizations with a flexible and cost-effective way to store and process data, but it also
introduces new security challenges. The shared responsibility model of cloud security means that both
the cloud service provider and the client are responsible for ensuring the security and privacy of data.
Cryptography provides a powerful set of tools for securing data in the cloud, including encryption,
decryption, and key management.
The purpose of this paper is to provide an introduction to cloud cryptography, including the basic
principles of cryptography, the different cryptography algorithms used in cloud computing, and the
challenges associated with implementing cryptography in the cloud. We will discuss the role of cloud
service providers in ensuring the security of their clients' data, as well as the need for standards and
regulations to govern the use of cryptography in the cloud. Additionally, we will explore some of the
recent developments and emerging trends in cloud cryptography, such as homomorphic encryption
and secure multi-party computation.
Overall, this paper aims to provide readers with a solid understanding of the key concepts and issues
involved in securing data in the cloud using cryptography.
\section{\textbf{Cloud Computing}}
Cloud computing is usually described in one of two ways. Either based on the deployment model,
or on the service that the cloud is offering. Based on a deployment model, we can classify cloud
as:
\begin{itemize}
\item public
\item private
\item hybrid,
\end{itemize}
\begin{figure}[h]
\centering
\includegraphics[width=
0.45\textwidth]{images.png}
\caption{}
\label{fig:my_label}
\end{figure}
\textbf{ Private Cloud :} A private cloud can be accessed by a single group or a single organization It is
managed by a third party or organization . The private cloud is highly secure and flexibility so the
private cloud is often used by larger organizations or the government sectors .
\textbf{Public Cloud:} A public cloud can be accessed by any user with an internet connection and want
to pay as per their usage the files are hosted by a third party.
\textbf{Community Cloud :} A community cloud will be accessed by two or more organization that
has similar cloud requirements
\textbf{Hybrid Cloud : }A hybrid is the combination of two or more cloud (public , private , and
community )
The numerous benefits that come with cloud computing have enticed many organizations and
governments agencies to move their sensitive data to the cloud . This avails an opportunity for attackers
to also exploit the vulnerabilities in cloud computing and breach the security of the cloud. Fuelled by
different agendas, they can hurt organizations through data theft, perform man- in-middle attacks, and
compromise the integrity of data . Cloud giants like Google, Amazon, and Microsoft have adopted
various measures to protect data stored on their cloud platforms by their clients . But data should be
protected against unauthorized access in all three data states (data at rest, data in transition, and data
being processed). Some organizations are aware of these security issues and encrypt their sensitive data
before migrating it to the cloud. And this provides another level of security from the client’s side for
their data in transit.
\section{\textbf{Cryptograph}y}
Cryptography is the practice of securing communication from third-party interference. It involves the
use of mathematical algorithms to convert plaintext (i.e., readable) information into ciphertext (i.e.,
unreadable) format. This process is called encryption. The reverse process, i.e., converting ciphertext
back to plaintext, is called decryption.
Cryptography has been used since ancient times to protect sensitive information. In modern times, it is
used extensively to protect electronic communication, such as emails, online transactions, and digital
signatures.
Cryptography is divided into two main categories: symmetric key cryptography and public key
cryptography. In symmetric key cryptography a single key is used for both encryption and decryption. In
contrast, public key cryptography uses two different keys: a public key for encryption and a private key
for decryption.
Cryptography has become increasingly important in today's digital world, as cybercrime and online
attacks have become more sophisticated. Cryptography is used in a wide range of applications, from
secure web browsing to secure messaging to secure financial transactions.
In cloud cryptography, there are two types of encryption algorithms. These are: symmetric and
asymmetric encryption algorithm.
\begin{figure}[h]
\includegraphics[width=
0.4\textwidth]{images2.png}
\label{fig:my_label}
\end{figure}
same key for both encrypting and decrypting data. This means
that the sender and the receiver of the encrypted data must have
and typically use a mathematical function, called a cipher,to transform the plaintext data into
ciphertext. The most
that the secret key must be securely shared between the sender
algorithms:
\begin{itemize}
\item \textbf{
\textbf{
\end{itemize}
level of security with relatively small key sizes. AES has been
\begin{itemize}
\end{itemize}
\begin{itemize}
\item Blowfish:
\end{itemize}
halves, each of which is processed through a series of rounds using a different subkey generated from
the main key. Blowfish
attacks against it. Blowfish has been widely adopted for use
\begin{itemize}
\item Twofish:
\end{itemize}
Twofish operateson 128-bit blocks of data and uses a Feistel network structurewith a total of 16 rounds
for encryption and decryption.
One of the unique features of Twofish is its use of a precomputed key-dependent S-boxes and a key-
dependent MDS matrix, which provides high resistance to known attacks suchas differential
cryptanalysis and linear cryptanalysis. Twofish also includes a key whitening step to increase the security
of the cipher.
encryption algorithm.
\begin{itemize}
\item RC4:
\end{itemize}
This encryption algorithm is commonly used in wireless networksand in secure web browsing. However,
it has been foundto have vulnerabilities and is no longer considered secureenough for most applications.
RC4 operates by generating apseudorandom key stream based on a secret key, which is thenXORed with
the plaintext to produce the ciphertext.
decryption.
they require that the same key be used for both encryption
compromised.
\begin{figure}[h]
\centering
\includegraphics[width=
0.4\textwidth]{images4.png}
\label{fig:my_label}
\end{figure}
uses two different but mathematically related keys: a public key and a private key.
encryption, the public key is used to encrypt the data, and the
private key is used to decrypt it. This means that anyone can
use the public key to encrypt data, but only the owner of the
encryption.
Asymmetric encryption is often used in combination with
asymmetric encryption.
encryption algorithms:
\begin{itemize}
\item RSA:
\end{itemize}
RSA (Rivest–Shamir–Adleman) is a widely-used public key encryption algorithm. It was invented in 1977
by Ron Rivest, Adi Shamir, and Leonard Adleman. RSA is based on the mathematical concepts of
modular arithmetic and the difficulty of factoring large prime numbers.
In RSA, each user has a pair of keys: a public key and a private key. The public key is used for encrypting
messages, while the private key is used for decrypting them. The security of RSA is based on the fact
that it is difficult to factor the product of two large prime numbers, which are used to generate the
public and private keys.
To use RSA encryption, the sender first obtains the recipient's public key. The sender then encrypts the
message using the public key, and sends it to the recipient. The recipient can then use their private key
to decrypt the message.
RSA is widely used for secure communication over the internet, including for secure web browsing
(HTTPS), email encryption, and secure messaging. It is also used in digital signatures, where the sender
signs a message using their private key to verify their identity, and the recipient uses the sender's public
key to verify the signature.
\begin{itemize}
\end{itemize}
ECC (Elliptic Curve Cryptography) is a type of public key cryptography that is based on the mathematics
of elliptic curves. ECC provides a way to securely encrypt data and to create digital signatures.
In ECC, each user has a pair of keys: a private key and a public key. The public key is derived from the
private key and can be shared freely, while the private key is kept secret. The security of ECC is based on
the difficulty of solving certain mathematical problems related to elliptic curves.
ECC is popular in situations where low computational power and bandwidth are important, such as in
mobile devices and wireless networks. It is often used in protocols such as TLS (Transport Layer Security)
and SSL (Secure Sockets Layer) for secure communication over the internet. It is also used in digital
signatures and in secure messaging applications.
Compared to other public key cryptography systems like RSA, ECC can provide similar levels of security
with smaller key sizes, which can lead to faster encryption and decryption times, as well as lower power
consumption on devices.
\begin{itemize}
\end{itemize}
DSA (Digital Signature Algorithm) is a public key cryptography algorithm used for digital signatures. It
was developed by the National Institute of Standards and Technology (NIST) in 1991 and is used for
authenticating the identity of a sender and ensuring the integrity of the message.
In DSA, each user has a public key and a private key. The private key is used to sign messages, and the
public key is used to verify the signature. The security of DSA is based on the difficulty of computing
discrete logarithms in a finite field.
To sign a message using DSA, the sender first generates a hash of the message using a cryptographic
hash function. They then use their private key to sign the hash, producing a digital signature. The
recipient can then use the sender's public key to verify the signature by re-computing the hash of the
message and checking that it matches the signed hash in the signature.
DSA is commonly used in applications where digital signatures are required, such as electronic
transactions and secure messaging. It is also used in combination with other cryptographic algorithms,
such as AES (Advanced Encryption Standard), for secure communication over the internet.
\begin{itemize}
\end{itemize}
This is a key exchange algorithm that is often used in conjunction with other encryption algorithms to
generate a shared secret key. It is used in secure web browsing, secure email, and other applications.
Overall, asymmetric encryption algorithms are considered more secure than symmetric encryption
algorithms, but they are typically slower and less efficient. As a result, they are often used in
combination with symmetric encryption algorithms to provide both security and efficiency.
\section{\textbf{PROPOSED ALGORITHM}}
The proposed algorithm is for encrypting data at the client- side before transmitting it for storage in the
cloud. This will convert plaintext into ciphertext and prevent data theft through man-in-the-middle
attacks. That is, even if an attacker can intercept the data, he would not be able to read the actual data
or get any reasonable meaning from it.
\subsection{Encryption Algorithm}
\begin{itemize}
\end{itemize}
\begin{itemize}
\item Convert the ASCII code to its equivalent 8-bit binary number. If it is not equal to 8 bits, add
preceding 0s.
\end{itemize}
\begin{itemize}
\end{itemize}
\begin{itemize}
\item Convert the generated binary code to an ASCII character and transmit it to the cloud.
\end{itemize}
\begin{itemize}
\item Example: Let say we want to send E over the cloud. First, we convert plain-text E to its ASCII
code i.e., 69. We then convert the 69 to its 8-bit binary number. 69 in binary is 1000101 but since it’s not
equal to 8 bits, we add 1 preceding 0 to get 01000101. We then find 1s complement of the last 4 bits.
This will give us 01001010. Finally, we convert this 8-binary number to its ASCII code character, J.
\end{itemize}
\subsection{Decryption Algorithm}
\begin{itemize}
\end{itemize}
\begin{itemize}
\item Convert the ASCII code to binary. Add preceding 0s if not equal to 8 bits.
\end{itemize}
\begin{itemize}
\item Reverse the last 4 bits of the generated 8-bit binary value.
\end{itemize}
\begin{itemize}
\end{itemize}
The original character is the character that matches the ASCII code.
First, convert the cipher-text ‘J’ to ASCII code i.e. 74. 74 is then converted to binary to get 1001010 but
since its not equal to 8 bits, we add a preceding 0 to get 01001010. We then reverse the last 4 bits to get
01000101 and convert this binary value to its ASCII equivalent. The original plain-text is the character
that matches the ASCII code generated.
\section*{\textbf{Conclusion}}
Cloud cryptography provides a range of services to ensure the security and privacy of data and
applications in cloud computing environments. These services include encryption, key management,
access control, identity and authentication, digital signatures, and tokenization. By leveraging these
services, organizations can protect their sensitive data and applications from unauthorized access and
ensure that only authorized users and devices can access cloud resources. Cloud cryptography is a
critical component of cloud computing and is essential for building secure and trustworthy cloud-based
systems
\section*{\textbf{References}}
\begin{enumerate}
\item M. Armbrust et al., "A view of cloud computing," Communications of the ACM.
\item D. Boneh and V. Shoup, "Cryptography in the cloud," Communications of the ACM.
\item NIST, "Recommendations for key management – Part 1: General (Revision 3)," NIST Special
Publication 800-57, 2016.
\item ISO/IEC, "Information technology – Security techniques – Code of practice for information
security controls.
\item C.Wang, S.Jajodia, and X. S Wang, "Privacy-preserving public auditing for data storage security in
cloud computing," IEEE Transactions on Computers.
\item A. Singh and V. Kumar, "Securing cloud computing environment using cryptography,"
International Journal of Computer Applications.
\item M. A. Vouk, “Cloud computing - Issues, research and implementations,” Proc. Int. Conf.
Inf. Technol. Interfaces, ITI, pp. 31–40, 2008.
\item P. S. Wooley, “Identifying Cloud Computing Security Risks,” Contin. Educ., vol. 1277, no.
February, 2011.
\item S. Subashini and V. Kavitha, “A survey on security issues in service delivery models of
cloud computing,” J. Netw. Comput. Appl., vol. 34, no. 1, pp. 1–11, Jan. 2011.
\item Cloud Performance Evaluation: Hybrid Load Balancing Model Based on Modified Particle
Swarm Optimization and Improved Metaheuristic Firefly AlgorithmsJune 2020International Journal of
Advanced Science and Technology 29(5):12315-12331, Advin Manhar.
\item C. Modi, D. Patel, B. Borisaniya, A. Patel, and M. Rajarajan, “A survey on security issues and
solutions at different layers of Cloud computing,” J. Supercomput., vol. 63, no. 2, pp. 561–592, 2013.
\item V. J. Winkler, “Securing the Cloud,” Cloud Comput. Secur. Tech. tactics. Elsevier., 2011.
\item A. U. Khan, M. Oriol, M. Kiran, M. Jiang, and K. Djemame, “Security risks and their
management in cloud computing,” 4th IEEE Int. Conf. Cloud Comput. Technol. Sci. Proc., pp. 121–
128, 2012.
\item T. Mather, S. Kumaraswamy, and S. Latif, “Cloud Security and Privacy,” p. 299, 2009.
\item F. Yahya, V. Chang, J. Walters, and B. Wills, “Security Challenges in Cloud Storage,” pp. 1–
6, 2014.
\end{enumerate}
\end{document}