\documentclass[conference]{IEEEtran}

\IEEEoverridecommandlockouts

% The preceding line is only needed to identify funding in the first footnote. If that is unneeded, please
comment it out.

\usepackage{cite}

\usepackage{amsmath,amssymb,amsfonts}

\usepackage{algorithmic}

\usepackage{graphicx}

\usepackage{textcomp}

\usepackage{xcolor}

\def\BibTeX{{\rm B\kern-.05em{\sc i\kern-.025em b}\kern-.08em

T\kern-.1667em\lower.7ex\hbox{E}\kern-.125emX}}

\begin{document}

\title{Cryptography in Cloud Computing\\

\author{\IEEEauthorblockN{Roopa H M}

\IEEEauthorblockA{\textit{Assistant professor,} \\

MCA department\\

\textit{RNS Institute of Technology}\\

Bangalore, India \\

roopahm@rnsit.ac.in}

\and

\IEEEauthorblockN{Lokesha S}
\IEEEauthorblockA{\textit{MCA department} \\

\textit{RNS Institute of Technology}\\

Bangalore, India \\

mca.lokesh24@gmail.com}

\and

\IEEEauthorblockN{Hemanth Kumar G}

\IEEEauthorblockA{\textit{Assistant professor,} \\

MCA department\\

\textit{RNS Institute of Technology}\\

Bangalore, India \\

\maketitle

\textbf{Abstract:}

Cloud cryptography is a field of study that focuses on developing secure and efficient cryptography
techniques for use in a cloud computing environments. The goal of cloud cryptography is to provide
strong security guarantees while minimizing the overhead associated with cryptography operation
associated in the cloud. This typically involves designing new encryption, decryption, and key
management schemes that are optimized for use in distributed computing environments. Key challenges
in cloud cryptography include protecting data confidentiality and integrity, preventing unauthorized
access to sensitive information, and ensuring the availability of cryptography resources. As cloud
computing continues to become more prevalent, the need for robust and efficient cloud cryptography
solutions will only continue to grow.
\textbf{keyword:}

Cloud computing, cloud cryptography, data security, cryptography techniques, encryption, decryption,
key management, algorithms.

\section{\textbf{Introduction}}

Cloud cryptography is an essential aspect of securing data in the cloud environment. The cloud
provides organizations with a flexible and cost-effective way to store and process data, but it also
introduces new security challenges. The shared responsibility model of cloud security means that both
the cloud service provider and the client are responsible for ensuring the security and privacy of data.
Cryptography provides a powerful set of tools for securing data in the cloud, including encryption,
decryption, and key management.

The purpose of this paper is to provide an introduction to cloud cryptography, including the basic
principles of cryptography, the different cryptography algorithms used in cloud computing, and the
challenges associated with implementing cryptography in the cloud. We will discuss the role of cloud
service providers in ensuring the security of their clients' data, as well as the need for standards and
regulations to govern the use of cryptography in the cloud. Additionally, we will explore some of the
recent developments and emerging trends in cloud cryptography, such as homomorphic encryption
and secure multi-party computation.

Overall, this paper aims to provide readers with a solid understanding of the key concepts and issues
involved in securing data in the cloud using cryptography.

\section{\textbf{Cloud Computing}}

Cloud computing is usually described in one of two ways. Either based on the deployment model,
or on the service that the cloud is offering. Based on a deployment model, we can classify cloud

as:
\begin{itemize}

\item public

\item private

\item hybrid,

\item community cloud

\end{itemize}

\begin{figure}[h]

\centering

\includegraphics[width=

0.45\textwidth]{images.png}

\caption{}

\label{fig:my_label}

\end{figure}

There are four types of clouds available .

\textbf{ Private Cloud :} A private cloud can be accessed by a single group or a single organization It is
managed by a third party or organization . The private cloud is highly secure and flexibility so the
private cloud is often used by larger organizations or the government sectors .

\textbf{Public Cloud:} A public cloud can be accessed by any user with an internet connection and want
to pay as per their usage the files are hosted by a third party.

Example Amazon , window Azure Service Platform and sales force .

\textbf{Community Cloud :} A community cloud will be accessed by two or more organization that
has similar cloud requirements
\textbf{Hybrid Cloud : }A hybrid is the combination of two or more cloud (public , private , and
community )

\section{\textbf{Data Security in Cloud}}

The numerous benefits that come with cloud computing have enticed many organizations and
governments agencies to move their sensitive data to the cloud . This avails an opportunity for attackers
to also exploit the vulnerabilities in cloud computing and breach the security of the cloud. Fuelled by
different agendas, they can hurt organizations through data theft, perform man- in-middle attacks, and
compromise the integrity of data . Cloud giants like Google, Amazon, and Microsoft have adopted
various measures to protect data stored on their cloud platforms by their clients . But data should be
protected against unauthorized access in all three data states (data at rest, data in transition, and data
being processed). Some organizations are aware of these security issues and encrypt their sensitive data
before migrating it to the cloud. And this provides another level of security from the client’s side for
their data in transit.

\section{\textbf{Cryptograph}y}

Cryptography is the practice of securing communication from third-party interference. It involves the
use of mathematical algorithms to convert plaintext (i.e., readable) information into ciphertext (i.e.,
unreadable) format. This process is called encryption. The reverse process, i.e., converting ciphertext
back to plaintext, is called decryption.

Cryptography has been used since ancient times to protect sensitive information. In modern times, it is
used extensively to protect electronic communication, such as emails, online transactions, and digital
signatures.

Cryptography is divided into two main categories: symmetric key cryptography and public key
cryptography. In symmetric key cryptography a single key is used for both encryption and decryption. In
contrast, public key cryptography uses two different keys: a public key for encryption and a private key
for decryption.
Cryptography has become increasingly important in today's digital world, as cybercrime and online
attacks have become more sophisticated. Cryptography is used in a wide range of applications, from
secure web browsing to secure messaging to secure financial transactions.

In cloud cryptography, there are two types of encryption algorithms. These are: symmetric and
asymmetric encryption algorithm.

\subsection{\textbf{Symmetric Encryption Algorithm }}

\begin{figure}[h]

\includegraphics[width=

0.4\textwidth]{images2.png}

\caption{symmetric encryption algorithm}

\label{fig:my_label}

\end{figure}

Symmetric encryption is a type of encryption that uses the

same key for both encrypting and decrypting data. This means

that the sender and the receiver of the encrypted data must have

access to the same secret key in order to decrypt the data.

Symmetric encryption algorithms operate on blocks of data

and typically use a mathematical function, called a cipher,to transform the plaintext data into
ciphertext. The most

commonly used symmetric encryption algorithms include Advanced

Encryption Standard (AES), Data Encryption Standard

(DES), and Triple DES.

The strength of symmetric encryption lies in its simplicity

and efficiency. Because the same key is used for encryption

and decryption, symmetric encryption is generally faster and

requires less processing power than asymmetric encryption,

which uses separate keys for encryption and decryption.

However, the main weakness of symmetric encryption is

that the secret key must be securely shared between the sender

and receiver. If an attacker is able to obtain the key, they

can easily decrypt the data. Therefore, it is crucial to protect

the secret key using secure key management techniques, such

as key distribution, key rotation, and key destruction.. Here

are a few examples of commonly used symmetric encryption

algorithms:

\begin{itemize}

\item \textbf{

Advanced Encryption Standard (AES):

\textbf{

\end{itemize}

Advanced Encryption Standard (AES) is a widely-used encryption

algorithm that is used to secure sensitive data. It

was developed by Belgian cryptographers Joan Daemen and

Vincent Rijmen, and it became the official encryption standard

of the United States government in 2002.

AES is a symmetric-key algorithm, which means that the

same key is used for both encryption and decryption of data.

The algorithm uses a fixed block size of 128 bits and supports

key sizes of 128, 192, and 256 bits.The AES algorithm

operates by dividing the plaintext data into 128-bit blocks and

applying a series of mathematical operations, called rounds,

to transform the data into ciphertext. The number of rounds

used depends on the key size: 10 rounds for 128-bit keys, 12

rounds for 192-bit keys, and 14 rounds for 256-bit keys.

The strength of AES lies in its ability to provide a high

level of security with relatively small key sizes. AES has been

extensively studied and tested, and it is widely considered to be

one of the most secure encryption algorithms available today.

\begin{itemize}

\item Data Encryption Standard (DES):

\end{itemize}

Data encryption algorithm is a method of encoding data to

protect it from unauthorized access.This algorithm uses a 56-

bit key and is no longer considered secure enough for most

applications. It has been replaced by the more secure Triple

DES (3DES) algorithm, which uses three separate 56-bit keys.

\begin{itemize}

\item Blowfish:

\end{itemize}

This encryption algorithm uses variable-length keys (ranging

from 32 to 448 bits) and is known for its fast encryption

and decryption speed. It is often used in password storage

and in VPNs (Virtual Private Networks).It was designed by

Bruce Schneier in 1993 as a replacement for the older Data

Encryption Standard (DES) algorithm. It uses a variablelength

key, ranging from 32 bits to 448 bits, making it highly

flexible and adaptable to a wide range of security requirements.

Blowfish operates on 64-bit blocks of data and uses a Feistel

network structure, where the input data is divided into two

halves, each of which is processed through a series of rounds using a different subkey generated from
the main key. Blowfish

uses a total of 16 rounds for encryption and decryption.

One of the key features of Blowfish is its speed. It is faster

than many other symmetric encryption algorithms, including

DES, while providing a high level of security. Blowfish is

also considered to be very secure, with no known successful

attacks against it. Blowfish has been widely adopted for use

in various applications, including in file encryption, email

encryption, and secure communication protocols. However, in

recent years, its popularity has declined due to the emergence

of newer and more advanced encryption algorithms, such as

AES. Nonetheless, Blowfish remains a strong option for those

seeking a flexible and efficient encryption algorithm.

\begin{itemize}

\item Twofish:

\end{itemize}

Twofish is a symmetric-key block cipher encryption algorithm

that was designed by Bruce Schneier, John Kelsey, Doug

Whiting, David Wagner, Chris Hall, and Niels Ferguson in

1998 as a candidate for the Advanced Encryption Standard

(AES). Although it was not selected as the AES winner,

Twofish is still considered a strong encryption algorithm.

Like Blowfish, Twofish uses a variable-length key, ranging

from 128 bits to 256 bits, making it highly flexible and

adaptable to different security requirements.

Twofish operateson 128-bit blocks of data and uses a Feistel network structurewith a total of 16 rounds
for encryption and decryption.

One of the unique features of Twofish is its use of a precomputed key-dependent S-boxes and a key-
dependent MDS matrix, which provides high resistance to known attacks suchas differential
cryptanalysis and linear cryptanalysis. Twofish also includes a key whitening step to increase the security
of the cipher.

Twofish has been widely adopted for use in various applications,

including in disk encryption, file encryption, and

network security protocols. Although it has not gained as much

popularity as other symmetric encryption algorithms such as

AES, Twofish is still considered to be a strong and secure

encryption algorithm.

\begin{itemize}

\item RC4:

\end{itemize}

This encryption algorithm is commonly used in wireless networksand in secure web browsing. However,
it has been foundto have vulnerabilities and is no longer considered secureenough for most applications.
RC4 operates by generating apseudorandom key stream based on a secret key, which is thenXORed with
the plaintext to produce the ciphertext.

The keystream is generated using a variable-length key, ranging from

40 bits to 2048 bits, making it highly flexible and adaptable

to different security requirements.

One of the key features of RC4 is its simplicity and speed.

It is a relatively fast encryption algorithm, making it wellsuited

for use in applications that require fast encryption and

decryption.

Overall, symmetric encryption algorithms are often faster

and more efficient than asymmetric encryption algorithms, but

they require that the same key be used for both encryption

and decryption, which can be a security risk if the key is

compromised.

\subsection{\textbf{Asymmetric Encryption Algorithm}}

\begin{figure}[h]

\centering

\includegraphics[width=
0.4\textwidth]{images4.png}

\caption{Asymmetric Encryption Algorithm}

\label{fig:my_label}

\end{figure}

Asymmetric encryption, also known as public-key encryption,

uses two different but mathematically related keys: a public key and a private key.

The public key is used to encrypt

data, and the private key is used to decrypt it.In asymmetric

encryption, the public key is used to encrypt the data, and the

private key is used to decrypt it. This means that anyone can

use the public key to encrypt data, but only the owner of the

private key can decrypt it.

The most commonly used asymmetric encryption algorithm

is the RSA algorithm, named after its inventors, Ron Rivest,

Adi Shamir, and Leonard Adleman. Other popular asymmetric

encryption algorithms include Diffie-Hellman, Elliptic Curve

Cryptography (ECC), and Digital Signature Algorithm (DSA).

The strength of asymmetric encryption lies in its ability to

provide secure communication without the need for a shared

secret key. However, asymmetric encryption is generally

slower and requires more processing power than symmetric

encryption.
Asymmetric encryption is often used in combination with

symmetric encryption, where the symmetric key is encrypted

using asymmetric encryption and then used to encrypt the data

using symmetric encryption. This approach is known as hybrid

encryption and provides the benefits of both symmetric and

asymmetric encryption.

Here are a few examples of commonly used asymmetric

encryption algorithms:

\begin{itemize}

\item RSA:

\end{itemize}

RSA (Rivest–Shamir–Adleman) is a widely-used public key encryption algorithm. It was invented in 1977
by Ron Rivest, Adi Shamir, and Leonard Adleman. RSA is based on the mathematical concepts of
modular arithmetic and the difficulty of factoring large prime numbers.

In RSA, each user has a pair of keys: a public key and a private key. The public key is used for encrypting
messages, while the private key is used for decrypting them. The security of RSA is based on the fact
that it is difficult to factor the product of two large prime numbers, which are used to generate the
public and private keys.

To use RSA encryption, the sender first obtains the recipient's public key. The sender then encrypts the
message using the public key, and sends it to the recipient. The recipient can then use their private key
to decrypt the message.

RSA is widely used for secure communication over the internet, including for secure web browsing
(HTTPS), email encryption, and secure messaging. It is also used in digital signatures, where the sender
signs a message using their private key to verify their identity, and the recipient uses the sender's public
key to verify the signature.
\begin{itemize}

\item Elliptic Curve Cryptography (ECC)\textbf{: }

\end{itemize}

ECC (Elliptic Curve Cryptography) is a type of public key cryptography that is based on the mathematics
of elliptic curves. ECC provides a way to securely encrypt data and to create digital signatures.

In ECC, each user has a pair of keys: a private key and a public key. The public key is derived from the
private key and can be shared freely, while the private key is kept secret. The security of ECC is based on
the difficulty of solving certain mathematical problems related to elliptic curves.

ECC is popular in situations where low computational power and bandwidth are important, such as in
mobile devices and wireless networks. It is often used in protocols such as TLS (Transport Layer Security)
and SSL (Secure Sockets Layer) for secure communication over the internet. It is also used in digital
signatures and in secure messaging applications.

Compared to other public key cryptography systems like RSA, ECC can provide similar levels of security
with smaller key sizes, which can lead to faster encryption and decryption times, as well as lower power
consumption on devices.

\begin{itemize}

\item Digital Signature Algorithm (DSA):

\end{itemize}

DSA (Digital Signature Algorithm) is a public key cryptography algorithm used for digital signatures. It
was developed by the National Institute of Standards and Technology (NIST) in 1991 and is used for
authenticating the identity of a sender and ensuring the integrity of the message.
In DSA, each user has a public key and a private key. The private key is used to sign messages, and the
public key is used to verify the signature. The security of DSA is based on the difficulty of computing
discrete logarithms in a finite field.

To sign a message using DSA, the sender first generates a hash of the message using a cryptographic
hash function. They then use their private key to sign the hash, producing a digital signature. The
recipient can then use the sender's public key to verify the signature by re-computing the hash of the
message and checking that it matches the signed hash in the signature.

DSA is commonly used in applications where digital signatures are required, such as electronic
transactions and secure messaging. It is also used in combination with other cryptographic algorithms,
such as AES (Advanced Encryption Standard), for secure communication over the internet.

\begin{itemize}

\item Diffie-Hellman (DH)\textbf{:}

\end{itemize}

This is a key exchange algorithm that is often used in conjunction with other encryption algorithms to
generate a shared secret key. It is used in secure web browsing, secure email, and other applications.

Overall, asymmetric encryption algorithms are considered more secure than symmetric encryption
algorithms, but they are typically slower and less efficient. As a result, they are often used in
combination with symmetric encryption algorithms to provide both security and efficiency.

\section{\textbf{PROPOSED ALGORITHM}}

The proposed algorithm is for encrypting data at the client- side before transmitting it for storage in the
cloud. This will convert plaintext into ciphertext and prevent data theft through man-in-the-middle
attacks. That is, even if an attacker can intercept the data, he would not be able to read the actual data
or get any reasonable meaning from it.
\subsection{Encryption Algorithm}

\begin{itemize}

\item Convert the character to its ASCII code

\end{itemize}

\begin{itemize}

\item Convert the ASCII code to its equivalent 8-bit binary number. If it is not equal to 8 bits, add
preceding 0s.

\end{itemize}

\begin{itemize}

\item Find the 1s complement of the last 4 bits.

\end{itemize}

\begin{itemize}

\item Convert the generated binary code to an ASCII character and transmit it to the cloud.

\end{itemize}

\begin{itemize}

\item Example: Let say we want to send E over the cloud. First, we convert plain-text E to its ASCII
code i.e., 69. We then convert the 69 to its 8-bit binary number. 69 in binary is 1000101 but since it’s not
equal to 8 bits, we add 1 preceding 0 to get 01000101. We then find 1s complement of the last 4 bits.
This will give us 01001010. Finally, we convert this 8-binary number to its ASCII code character, J.

\end{itemize}

\subsection{Decryption Algorithm}

\begin{itemize}

\item Find the ASCII code of the character.

\end{itemize}

\begin{itemize}

\item Convert the ASCII code to binary. Add preceding 0s if not equal to 8 bits.
\end{itemize}

\begin{itemize}

\item Reverse the last 4 bits of the generated 8-bit binary value.

\end{itemize}

\begin{itemize}

\item Convert the generated binary value to ASCII code.

\end{itemize}

The original character is the character that matches the ASCII code.

Using the above example to convert the cipher-text to plain-text.

First, convert the cipher-text ‘J’ to ASCII code i.e. 74. 74 is then converted to binary to get 1001010 but
since its not equal to 8 bits, we add a preceding 0 to get 01001010. We then reverse the last 4 bits to get
01000101 and convert this binary value to its ASCII equivalent. The original plain-text is the character
that matches the ASCII code generated.

\section*{\textbf{Conclusion}}

Cloud cryptography provides a range of services to ensure the security and privacy of data and
applications in cloud computing environments. These services include encryption, key management,
access control, identity and authentication, digital signatures, and tokenization. By leveraging these
services, organizations can protect their sensitive data and applications from unauthorized access and
ensure that only authorized users and devices can access cloud resources. Cloud cryptography is a
critical component of cloud computing and is essential for building secure and trustworthy cloud-based
systems

\section*{\textbf{References}}

\begin{enumerate}

\item M. Armbrust et al., "A view of cloud computing," Communications of the ACM.

\item D. Boneh and V. Shoup, "Cryptography in the cloud," Communications of the ACM.

\item NIST, "Recommendations for key management – Part 1: General (Revision 3)," NIST Special
Publication 800-57, 2016.

\item ISO/IEC, "Information technology – Security techniques – Code of practice for information
security controls.
 \item C.Wang, S.Jajodia, and X. S Wang, "Privacy-preserving public auditing for data storage security in
cloud computing," IEEE Transactions on Computers.

\item A. Singh and V. Kumar, "Securing cloud computing environment using cryptography,"
International Journal of Computer Applications.

\item M. A. Vouk, “Cloud computing - Issues, research and implementations,” Proc. Int. Conf.
Inf. Technol. Interfaces, ITI, pp. 31–40, 2008.

\item P. S. Wooley, “Identifying Cloud Computing Security Risks,” Contin. Educ., vol. 1277, no.
February, 2011.

\item S. Subashini and V. Kavitha, “A survey on security issues in service delivery models of
cloud computing,” J. Netw. Comput. Appl., vol. 34, no. 1, pp. 1–11, Jan. 2011.

\item Cloud Performance Evaluation: Hybrid Load Balancing Model Based on Modified Particle
Swarm Optimization and Improved Metaheuristic Firefly AlgorithmsJune 2020International Journal of
Advanced Science and Technology 29(5):12315-12331, Advin Manhar.

\item C. Modi, D. Patel, B. Borisaniya, A. Patel, and M. Rajarajan, “A survey on security issues and
solutions at different layers of Cloud computing,” J. Supercomput., vol. 63, no. 2, pp. 561–592, 2013.

\item V. J. Winkler, “Securing the Cloud,” Cloud Comput. Secur. Tech. tactics. Elsevier., 2011.

\item A. U. Khan, M. Oriol, M. Kiran, M. Jiang, and K. Djemame, “Security risks and their
management in cloud computing,” 4th IEEE Int. Conf. Cloud Comput. Technol. Sci. Proc., pp. 121–
128, 2012.

\item T. Mather, S. Kumaraswamy, and S. Latif, “Cloud Security and Privacy,” p. 299, 2009.

\item F. Yahya, V. Chang, J. Walters, and B. Wills, “Security Challenges in Cloud Storage,” pp. 1–
6, 2014.

\end{enumerate}
\end{document}