Data Security in Cloud Computing Using Various

International Journal of Modern Computer Science (IJMCS) Volume 4, Issue 3, June, 2016

ISSN: 2320-7868 (Online)

Data Security in Cloud Computing Using Various Encryption Techniques Shikha Rani

Shanky Rani

Department of IT Chandigarh group of Colleges Mohali, India [email protected]

Department of IT Chandigarh group of Colleges Mohali, India [email protected]

Abstract: Cloud computing is the mechanism to provide on demand self service access and providing computing resources over

the internet. It is a collection of shared pool of information, resources that makes up a cloud .So, To manage this huge amount of data it is highly recommended to ensure its security, control its access. Due to advancement in the field of technology security becomes one its major area of concern in the cloud environment. The higher the level of security is the higher the level of effectiveness will achieve. In this paper, emphasis is to provide a various encryption techniques and effective security solution and also to reduce cloud storage to reduce its overhead. Keywords: Cloud Security, Symmetric Encryption, Assymmetric Encryption, Data Privacy, Integrity

I.

INTRODUCTION

Cloud computing is the type of computing that relies on sharing computing resources rather than having local servers to personal devices handle applications. In cloud computing, the word Cloud is used as a metaphor for "the Internet," so the phrase cloud computing means “a type of internet based computing," where different services — such as servers, storage and applications —are delivered to an organization's computers and devices through the Internet. cloud computing is to apply super-computing, traditional supercomputing or high-performance computing power, to perform tens of trillions of computations per second, in consumer-oriented applications such as financial portfolios, to deliver personalized information, to provide data storage or to power large, immersive online computer games. Cloud computing use large groups of servers typically running low-cost consumer PC technology with specialized connections to spread data-processing chores across them [5]. This shared IT infrastructure contains large pools of systems that are linked together. Often, virtualization[12] techniques are used to maximize the power of cloud computing.

II. LITRATURE SURVEY Rachana Chavda, Rajanikanth Aluvalu[3] has conducted a survey on various attribute based encryption techniques and also provide the limitations of all the schemes and then provide its own solution of the encryption based access control model in which the use of hierarchical set based encryption is used to enhance the security which makes the system RES Publication © 2012 http://ijmcs.info

more flexible, scalable, expressive ,effective user revocation and fine grained access control . Priyanka Ora, P.R.Pal[6] has proposed a system to maintain data integrity and data confidentiality. To provide its finest level of security, combination of two cryptography scheme is implemented to generate a new encryption pattern before uploading it to the server. In addition to maintain its integrity and confidentiality, data backups are performed that also serves the purpose of security as well by making checks on this data backup. Mandeep Kaur, Manish Mahajan[9] has proposed a system by first highlighting the cloud types, its characteristics, background of cloud environment and also addresses some of cloud issues and challenges that are faced nowadays. Bearing in mind all these things author discuss symmetric and asymmetric encryption algorithms and then proposed a system that forms a cipher cloud to which user will not need any of the resources or software to encrypt the data. Keys are generated instantly and choice of encryption algorithm is also provided to the user to which they want. This makes the cloud environment more efficient Udit Gupta[11] has conducted a survey on various security issues in file management of cloud environment. In this various protocols like FTP on socket layer, secure shell FTP, SSH Tunneling Secure Copy(SCP), RSYNC, IPSec are used to address the problems in file Storage over the cloud. Further a brief comparison is provided to measure the performance of all these protocols in terms of time requirements and number of files transferred in seconds. Page | 163


Rachna Arora, Anshu Parashar[13] discussed some of the security issues and challenges about cloud security. Further, some security algorithms are also discussed by describing various features of them and making a comparison of all these encryption schemes and suggestions are made to make it more suitable for the area of usability of each algorithm to make it more effective. Younis A.Younis, Madjid Merabti and Kashif Kifayat[14] have conducted a survey of security for complex structural system which needs high level of security to effectively manage their high volume of data .This survey also categories some data security challenges and attacks in more detail and then a deep explanation is provided for analysis of various factors like risk, performance over the internet to provide secure cloud services like virtualization, access control mechanism etc.

III. SECURITY TECHNIQUES A. Symmetric key encryption: It is a type of encryption where the same key is used to encrypt and decrypt the plain text that results in a cipher text. 1.

Data encryption standard

The Data Encryption Standard (DES) is a symmetric-key block cipher published by the National Institute of Standards and Technology (NIST).DES is a 64 bit block cipher that means it performs encryption of data 64 bits at a single point of time. Though, the length of key is 64-bit but, DES has an effective key length of 56 bits that is being used in the process of encryption and the remaining 8 bits are used for the parity check and there is no effect on the security of data. The process of encryption starts with block of data that is being encrypted and divided into 16 rounds in four different modes by generating different cipher text for each of the block making dependency relation with its predecessor. Decryption process is opposite to the process of encryption by reversing the order of all the keys that are applied. 2.

Advanced encryption Standard

AES is a symmetric key encryption[10] that is used for the security. It requires the block size to be 128 bits, the original Rijndael cipher work with any block size that is a multiple of 32 and exceed upto128. block. Although we also have choices for the key that is 128,192,256. This provides more flexibility to its structure and security. It performs the RES Publication © 2012 http://ijmcs.info


operation of substitution and permutation which runs in parallel. AES performs all its computations on bytes rather than bits.AES uses a state array for the encryption an decryption of data where row used for permutation and a single byte substitution, column wise mixing and addition of round keys is performed, but the order of execution is not the same as specified..Hence, AES treats the 128 bits of a plaintext block as 16 bytes. 3.

Blowfish

Blowfish is a symmetric block cipher that can be effectively used for the encryption and safeguarding of data. It takes a variable-length key, from 32 bits to 448 bits, making it ideal for securing data. Blowfish was designed in 1993 by Bruce Schneier as a fast compared to other encryption algorithms. It is suitable for applications where the key does not change frequently. Blowfish is divided into two parts: a key expansion part which is used to convert a key to maximum of 448 bits into various sub-keys array and another is data encryption part that take place in a 16 round feistel network. where each round contains key and data dependent substitution and key dependent permutation. It also provides a great level of security even performing less number of iteration rounds of encryption. Its process of creating keys is based upon the current XOR operation and that feature provides more security to its structure. All the keys must be computed before any encryption and decryption process start. The keys that are not computed earlier will result in slower operations and also consume large memory space[2] but this does not mean that we cannot perform encryption on data[2]. Having a long key size makes it more strong against any attack because it is very difficult to crack the security of this algorithm. 4.

Twofish

Twofish was designed by Bruce Schneier' Counterpane Systems. It is a 128-bit block cipher that accepts a variablelength key up to 256 bits and it works well with other application and platforms like MAC. Its process of key scheduling is always computed earlier to maximize its performance and minimize the memory requirements.. It is a 16-round Feistel network with a bijective F function that is made up of four key-dependent 8-by-8-bit S-boxes, a fixed 4-by-4 maximum distance separable matrix over GF(28), a pseudoHadamard transform, bitwise rotations, and a carefully designed key schedule. The design of both the round function and the key schedule permits a wide variety of tradeoffs between speed, software size, key setup time, gate count, and memory. Page | 164



shared key still there is no chance to record and analysis the key[1] while data transmission. It is a type of encryption where one number is used that is raised to a specific power to generate its decryption key.

B. Asymmetric key encryption: Asymmetric key encryption is used where two different keys are generated for encryption and decryption process. One is used for encryption at one end and another for decryption at the other end.

IV. PROPOSED APPROACH 1.

RSA Bearing all security concerns in mind, we have opted a hybrid structure of Blowfish and MD5 as our solution to overcome the risk of data confidentiality, integrity and its security. Blowfish is having the lowest crack possibility of its data security as its key is a variable length that ranges up to 32 to 448 bits. Data is more secure than other algorithms because here data slicing is performed as a part of encryption which will not only enhance its security but also reduces its storage capacity. In addition to that we collaborate MD5 that create a digest form which makes the security of data even more strong. It generates a hash value for every data that is being uploaded and Use of Blowfish and MD5 in a distributed environment will provide better security results to our approach.

RSA is a public key encryption that was described in 1977 and named after Ron Rivest. Adi Shamir, Leonard adleman. It is an asymmetric algorithm that uses two different keys, one public and one private. The public key can be shared with everyone, whereas the private key must be kept secret. In RSA cryptography, both the public and the private keys can encrypt a message; the opposite key from the one used to encrypt a message is used to decrypt it. The process of generating its key starts by taking two large prime numbers and calculate its modulus by multiplying theses numbers. The resultant value of these prime numbers is used by both private and public keys. Public key hold two values, a modulus and a public exponent. Private key also contain two values, a modulus and a private exponent. Non transmission of its secret key makes this algorithm more secure[8] and this also control its access of key from unauthorized user[4]. Hence it becomes the reason that it is opted for many platforms and application due to the performance of its high end security systems. 2.

In this paper proposed scheme is used to provide for enhancing security on the cloud server. For this we use Blowfish and MD5 as a hybrid security mechanism. Encryption and decryption is done by Blowfish and MD5 is used for data digestion form which enhances the security.

Elliptical curve cryptography

Elliptical curve cryptography (ECC) is a public key encryption technique that was discovered by Victor Miller and Neil Koblitz in 1985. It was created by taking the consideration of elliptical curve theory that uses the elliptic equation to generate keys. Two different points over a curve is calculated to generate its keys for encryption and decryption. It makes this algorithm unique and even more secure than its successive algorithm. The keys created through ECC takes less memory space and provide better encryption results. It provides great level of security even on lower computing power resources 3.

V. CONCLUSION

Diffie-Hellman key exchange

Diffie Hellman key is a asymmetric cryptographic technique that was developed by Whitfield Diffie and Martin Hellman in 1976. It was the first practically implemented algorithm that generates the shared secret key and then sharing of data over[7] the insecure channel. Data is not exchanged during the key exchange process, so even if it is a RES Publication © 2012 http://ijmcs.info

REFERENCES [1]

N. R. Anitha Rani, S. K. Ram Kumar & P. Prem Kumar, “A Survey on Data Redundancy Check in a Hybrid Cloud by using Convergent Encryption,” In Indian Journal of Science and Technology, Vol 9, No. 4, 2016.

[2] L. Arockiam, S. Monikandan, “Data Security and Privacy in Cloud Storage using Hybrid Symmetric Encryption Algorithm,” In International Journal of Advanced Research in Computer and Communication Engineering, Vol 2, No. 8, 2013. [3] Rachana Chavda, Rajanikanth Aluvalu, “Encryption Based Access Control Model in Cloud,” In Journal of Telematics and Informatics, Vol 3, No. 1, pp. 15~21, 2015. [4] Cheng-Chi Lee, Pei-Shan Chung & Min-Shiang Hwang, “A Survey on Attribute-based Encryption Schemes of Access Control in Cloud Environments,” In International Journal of Network Security, Vol 15, No. 4, PP.231-240, 2013.

Page | 165



[5] Jin Li, Jingwei Li, Xiaofeng Chen, Chunfu Jia & Wenjing Lou, “Identity-based Encryption with Outsourced Revocation in Cloud Computing,” In IEEE TRANSACTIONS ON COMPUTERS, Vol 64, 2015. [6] Priyanka Ora, P.R.Pal, “Data Security and Integrity in Cloud Computting Based On RSA Partial Homomorphic and MD5 Cryptography,” In IEEE International Conference on Computer, Communication and Control, 2015. [7] Ming Li, Shucheng Yu, Yao Zheng, Kui Ren, Wenjing Lou, “Scalable and Secure Sharing of Personal Health Records in Cloud Computing using Attribute-based Encryption,” In IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, Vol 24, NO. 1, 2013. [8] Yuhong Liu, Yan (Lindsay) Sun, Jungwoo Ryoo and Syed Rizvi, Athanasios V. Vasilakos, “A Survey of Security and Privacy Challenges in Cloud Computing: Solutions and Future Directions,” In Journal of Computing Science and Engineering, Vol 9, No. 3, pp.119-133, 2015. [9] Mandeep Kaur, Manish Mahajan, “Using encryption Algorithms to enhance the Data Security in Cloud Computing,” In International Journal of Communication and Computer Technologies, Vol 01, No. 12, 2013. [10] Vishal R. Pancholi, Bhadrej P. Patel, “Enhancement of Cloud Computing Security with Secure Data Storage using AES,” In International Journal for Innovative Research in Science & Technology, Vol 2, No. 09, 2016. [11] Udit Gupta, “Survey on security issues in file management in cloud computing environment,” 2015. [12] Pierangela Samarati, Sabrina De Capitani di Vimercati “Cloud Security: Issues and Concerns,” 2016 [13] Rachna Arora, Anshu Parashar, “ Secure User Data in Cloud Computing Using Encryption Algorithms,” In International Journal of Engineering Research and Applications, Vol 3, No. 4, pp.19221926, 2013. [14] Younis A.Younis, Madjid Merabti and Kashif Kifayat, “ Secure Cloud Computing for Critical Infrastructure: A Survey,” 2013.

RES Publication © 2012 http://ijmcs.info

Page | 166