A Variable Length Key Based Cryptographic Approach on Cloud Data

Categories: Science Technology

Essay, Pages 12 (2919 words)

Views

Abstract

Security by performing message encryption-decryption in cloud computing is very much demanding issues for secured message data transactions. A variable length key based security process has been designed, developed and implemented by using the Advanced Encryption Standard (AES) for the cloud data message and worked as SaaS (Software as a Services).

The length of the used key is inputted by the user, then a secret key is selected that is fed in to the AEScryptographic system with the desired cloud data message and the cipher text is produced that are to be transmitted to the destination.

Don't use plagiarized sources. Get your custom paper on

“ A Variable Length Key Based Cryptographic Approach on Cloud Data ”

Get high-quality paper

NEW! smart matching with writer

In the receiver end, the reverse process is performed with the same key on the received Cipher text and retrieved the plaintext. In this process, Python programming language has been used to develop the system because of its simplicity, better computational complexity and capability of the large cloud data handling. Several cloud data messages are applied that produces different outputs and all are analyzed.

With the two existing approaches, a comparative study has been performed and analyzed and presented as Tabular form that clearly shows the betterment of the proposed system.

WriterBelle

Verified writer

Proficient in: Science

4.7 (657)

“ Really polite, and a great writer! Task done as described and better, responded to all my questions promptly too! ”

+84 relevant experts are online

Hire writer

This can be applied in any secured electronic message transactions for cloud computing environments.

Introduction

Cloud computing is shared pools of configurable computer system resources and higher-level services that can be rapidly provisioned with minimal management effort, often over the Internet. It relies on sharing of resources to achieve coherence, confidentiality, authentication, integrity based security services and economies of scale, similar to a public utility.

Get to Know The Price Estimate For Your Paper

Topic

Deadline: 10 days left

Number of pages

Email Invalid email

By clicking “Check Writers’ Offers”, you agree to our terms of service and privacy policy. We’ll occasionally send you promo and account related email

"You must agree to out terms of services and privacy policy"

Write my paper

You won’t be charged yet!

The goal of the security services of data in cloud computing is to allow users to take benefit from all of these technologies, without the need for deep knowledge about or expertise with each one of them.

The cloud environment aims to cut costs and aids the users to concentrate on their interior business instead of being prevented by IT obstacles observing better security services. The primary occupying terminology for cloud computing is virtualization. Virtualization software separates a physical computing device into one or more 'virtual' devices, each of which can be easily used and managed to perform computing tasks. Cloud computing exhibits the following key characteristics:

Agility for organizations may be improved, as cloud computing may increase users' flexibility with re-provisioning, adding, or expanding technological infrastructure resources.
Cost reductions are claimed by cloud providers. A public-cloud allotment model changes capital expenses (e.g., buying servers) to operational expenditure. This purportedly lowers the barrier to entry, as is the basis of a third party and need to be purchased for one-time or infrequent intensive computing tasks. Pricing on a utility computing basis is 'fine-grained', with usage-based billing options. As well, less in-house IT skills are required for the implementation of projects that use cloud computing.
Device and location freedom qualify users to access systems using a web browser irrespective of their location or what device they conduct (e.g., PC, mobile phone). As substructure is off-site (typically provided by a third-party) and grasped via the Internet, users can associate to it from anywhere.

Cryptographic mechanics are the most trusted sector that communicates two parties in such a way that no one other than the communicants can understand their communication. The Only recipient can understand what he has got and converts it into the original text without any obstacles. To establish a cryptographic process, two procedures like one is encoding and another is decoding are needed.

Here, the original text is termed as a clear text and the encoded text is termed as cipher text and the communication process between clear texts to cipher text is called encoding or enciphering, and the opposite procedure is called decoding or deciphering. If one sends a data within the insecure channel such as social media or the Internet then by doing the confidentiality, integrity, authenticity and non-repudiation processes on the data, the communicating cloud data treats more secure and reliable among the communicants [1]. Because, the security concern is about cloud computing and based on network traffic, end-user data protection, host machine protection, and file systems which can resolve cryptography [2].

For doing encryption or decryption operations, symmetric key cryptographic techniques Advanced Encryption Standard (AES) has been applied in the proposed system with a variable length key for performing encryption and decryption on the cloud data. Cloud Providers offer services that can be grouped into three categories including Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) [3]. Fig. 1 depicts the fundamental working principles of cloud computing for more perception.

This Proposed model has been established between the sender and receiver using Software as a Service (SaaS) for a better understanding of cloud computing. According to this way, the sender and the receiver will be able to communicate with each other easily and the shared data will be also remained secured for this way no doubt will make. Above for subscribers, there is no need to invest in the server or software licenses, whereas for the supplier, the cost is reduced, only one application needs to be hosted and maintained. Now-a-day, Google, Salesforce, and Microsoft offer sausages.

In this paper, a cryptographic technique based on AES with a variable length key has been designed, developed and implemented by using Python programming language because of its simplicity, security, and clarity. The established technique of the proposed system has been analyzed and showed them as an output that also can be applied to the implementation of data mining approaches. A comparative analysis of the proposed system with the two existing approaches has been performed and presented.

Literature Review

Al-Attabetal [5] discussed in their paper the benefits of over-demand self-service, unlimited resource pooling, extensive network access, rapid installation, low cost, quick access, universal network access, greater stability, dynamic scalability, service-measuring assessment, and management. Cryptography is the process of science that helps using mathematics to encrypt and decrypt data [6]. This enables you to save sensitive data or to send it to unsafe networks (like the Internet) so that no one else can read it except the recipient [6].

The Advanced Encryption Standard (AES) algorithm is known as Rijndael algorithm [7] and it was published by the National Institute of Standards and technology. The asymmetric algorithm is a utility used by cryptography because its primary and private keys can be divided into primary and secondary key configurations to keep private key secret and out of the people's knowledge. Only for this reason the method of AES has been studied and analyzed. The procedure of encryption is different from symmetric encryption. These functions have two main uses like authentication and privacy.

Harfoushietal [8] explained into their paper that the public has the ability to encrypt the text, and the second part of the private key can hack the document. Researchers in this area were implemented based on the various AES algorithms and the benefits of cloud computing including Reduced Cost, Scalability and Flexibility, Backup and Recovery, Broad network Access, Multisharing, Collaboration and Deliver New Services have been showed[9]. In this following section, to create the proposed method had been studied a lot of papers within them just has been considered on the two relevant approaches.

SET

Secure Electronic Transaction (SET) is an electronic transactions system based on electronic credit card payments. SET is used to facilitate customer credit card information-protected transmissions through the electronic media like the Internet or any private or public networks. SET prevents credit card information in detail, thus preventing traders, hackers and electronic thieves from accessing this information.

AES

Advanced Encryption Standard (AES) is a symmetric-key cryptographic technique dependent on substitution-permutation operations and that is so much fast in both sectors like software and hardware [10]. AES doesn’t use a Feistel cipher network like DES. It has two parts. One part is cipher key and another one is plaintext. Its fixed block size like of 128-bits or 16 bytes and key size 128-, 196- and 256-bits.Cipher key has to remain 16 to 32 bytes or 128,196 and 256 bits. Somehow key greater than 32 or less than 16 than it doesn’t work. It also takes a string for doing encryption and decryption that have to do on the same text. After going to the recipient it will get the same text that sender was sent.

Cloud Data

Many cloud providers offer a broad set of policies, technologies, and controls that strengthen one’s security posture overall, helping protect the data, apps and infrastructure from potential threats. Here a sample data is used to perform encryption-decryption by using the variable key length and the cryptographic technique AES that presents cipher text data of the given input cloud data.

Process 1: Encryption and Decryption – Data Security for Cloud Computing

This paper exhibits a proposed framework for realizing the RSA and AES mix encryption handling USB gadget as a strategy. This paper additionally gives the spine structure to cloud storage frameworks where security and individual protection is profoundly expanded. The framework will identify the USB that contains the documents to be downloaded from the cloud for private-key use. Some services including peer entity authentication, access control, and data integrity were easily solved.

Process 2: Enhancing the Encryption and Decryption Method for Cloud Computing

This paper presents the proposed system for implementing the RSA and AES combination encryption process as a way to encrypt and decrypt the USB device. This paper also provides backbone structures on cloud storage systems where security and privacy are very high. Four levels are described in the waterfall system for the proposed method. This proposed system is expected to be designed to implement coordination for both encryption and decryption process using USB devices. It identifies USB containing the private key used for files downloaded from the system cloud.

In this paper, the proposed system has been planned, improvement basis on a key of variable length, and encrypted the plain text that produces a cipher text by using the AES process with Python programming language for remaining its plainness, lucidity and most important part of this like safety.

Proposed System

In the proposed method, the cryptographic system has been implemented so that users can interact with each other and data are stored in the cloud by applying the existing encryption method. Whatever the data size is, storing data is a big issue. So, the main reason behind this to keep the data in the cloud only for security purpose. To keep data secure, Advanced Encryption Standard has been applied. In this system, the user provides their valuable data as an input with an Encryption key.

One important thing is that key must be higher than 16 and lower than 32 otherwise the process of Encryption- Decryption will not be able to complete the task that has been taken from the user. After giving the key value in a proper way, the whole text will decrypt and store in the cloud.

No one will be able to see the original text without communicating users. After that, the decryption text will convert into original text for user satisfaction. According to this process, the communication data remain safe and no one will be able to see their communication. This proposed technique can also be applied to the banking system for keeping their transaction data more secure.

Technique

Program Encryption is a technique that contributes to an important role to save data from unknown. By providing the best secure data for encryption AES algorithm uses a particular structure. It maintains four sub-process to encrypt 128-bit block.

Algorithm

The proposed encryption-decryption algorithm on the cloud data is presented below.

Step 1: First, take keyboard input as a string for plain text.
Step 2: Then input variable length key as an encryption key that Must 16 to 32 bytes according to the requirement of AES.
Step 3: Perform encryption using the encryption key and Cloud data that produces cipher text that is to be transmitted to the destination.
Step 4: Send the cipher text to the intended receiver.
Step 5: In the receiver end, the opposite operations are performed using the same decryption key on the received cipher text and find the Original text as the cloud data as plaintext.

In this proposed system, sender takes cloud data as plaintext and an encryption key in the encryption algorithm AES, it produces the cipher text of cloud data, and is sent to the destination. In the receiving end, the cipher text data of the cloud with the same secret shared key are used in the AES decryption algorithm and the plaintext of the cloud data is retrieved successfully. The proposed encryption-decryption system is depicted in the Fig.2.

Here, cloud data set is used as the inputted plaintext, AES (Advanced Encryption Standard) is used as the encryption-decryption algorithm and a set variable length key is used as the encryption key and as well as the decryption key.

Encryption-Decryption Process

In this proposed method, Sender sends their cloud data as plain text with the encryption key. Then the system makes the plain text using AES to cipher text of cloud data. After a while, the receiver receives the cipher text from cloud data. Then the receiver generates the decryption key that had already given for encrypting the plain text as an input. Finally, the system provides the original text through the cloud towards the receiver. For better understanding of the whole procedure without facing any obstacles, the skeleton of the implementation of the encryption and the decryption process of the proposed system is presented in Fig.3

Implementation

The proposed cryptographic system has been implanted in Python programming language and several sets of cloud data are used in this algorithm as input data. The system builds several numbers of cipher text data. All the input data set and the corresponding data sets are observed, analyzed and are presented here.

The corresponding figures have been given datasets as user requirements to show the overall procedure of encryption–decryption process. An error must be generated when key length is given less than 16 or greater than 32 that has been shown in Fig. 9.

Comparative Analysis

A comparative study on the two existing systems has been analyzed with the proposed system based on several security features and is presented as in the tabular form.

Features	Process 1 [11]	Process 2 [12]	Proposed system
Peer Entity Authentication	Yes	Yes	Yes
Access Control	Yes	Yes	Yes
Confidentiality	Yes	Yes	Yes
Data Integrity	Yes	Yes	Yes
Non-repudiation	No	No	No
Availability	No	No	Yes

Complexity Analysis

Based on the security strength of the used encryption technique AES and the used programming language Python, the proposed system established a better-enhanced security level for the user cloud data. Here, variable length key imposed another layer of security that increases the strength of the proposed system.

Conclusions

Several approaches of secured message transactions on cloud data are studied and analyzed. A secured cloud data message transaction with variable length key has been designed, developed and applied through the use of Advanced Encryption Standard (AES) using the Python programming language.

Here, length of encryption-decryption key is inputted and then the selected key is applied to the AES for performing encryption with the cloud data that produces the Cipher text for the intended message, and is sent to the destination. In the receiving end, the reverse process is done and retrieves the plaintext with the better security services.

Here, Python programming language has been used to implement for various cloud data messages. Several input/outputs of the program has been produced from the inputted cloud data message and analyzed. A comparative study with the two existing approaches has been performed and presented. This can be applied on any secured cloud data message transactions that may be either in financial or in e-commerce sites cloud data sets.

References

Abdullah, A.M., Aziz, R.H.H.: New Approaches to Encrypt and Decrypt Data in Image using Cryptography and Steganography Algorithm. In: International Journal of Computer Applications, vol. 143, pp. 11-17(2016)
Gonzalez, N., Miers, C, Redígolo, F., Carvalho, T., Simplicio, M., Näslund, M., Pourzandi, M.: A quantitative analysis of current security concerns and solutions for cloud computing. In: Third IEEE International Conference on Cloud Computing Technology and Science (2011)
Bhandari, R.R., Mishra, N.: Cloud Computing a Crm Service Based on Separate Encryption and Decryption Using Blowfish Algorithm. In: International Journal on Recent and Innovation Trends in Computing and Communication, vol. 1, pp. 217-223(2013)
Ibrahim, A.A., Cheruiyot, W., Kimwele, M.W.: Data Security in Cloud Computing with Elliptic Curve Cryptography. In: International Journal of Computer (IJC), vol. 26, pp. 1-14(2017)
Al-Attab, B.S., Fadewar, H.S.: Hybrid Data Encryption Technique for Data Security in Cloud Computing. In: Sinhgad Institute of Management & Computer Application (2018)
Reyad, O.: Cryptography and Data Security: An Introduction (2018)
Daemen, J., Rijmen, V.: AES Proposal: Rijndael (PDF). In: National Institute of Standards and Technology, p. 1(2013)
Harfoushi, O., Obiedat, R.: Security in Cloud Computing Using Hash Algorithm: A Neural Cloud Data security model. In: Canadian Center of Science and Education, vol. 12(2018)
Islam, N.K.V., Riyas, M.K.V.: Analysis of Various Encryption Algorithms in Cloud Computing. In: International Journal of Computer Science and Mobile Computing, vol. 6, pp. 90 – 97(2017)
Schneier, B., Kelsey, J., Whiting, D., Wagner, D., Hall, C., Ferguson, N., Kohno, T.: The Twofish Team's Final Comments on AES Selection (PDF) (2000)
Teja, T., Hemalatha, V., Priyanka, K.: Encryption and Decryption – Data Security For Cloud Computing – Using Aes Algorithm. In: SSRG International Journal of Computer Trends and Technology (IJCTT), pp. 80-83(2017)
Pitchay, S.A., Alhiagem, W.A.A., Ridzuan, F., Saudi, M.M.: A Proposed System Concept on Enhancing the Encryption and Decryption Method for Cloud Computing. In: 17th UKSIM-AMSS International Conference on Modelling and Simulation, pp. 201-206(2015)

A Variable Length Key Based Cryptographic Approach on Cloud Data. (2024, Feb 14). Retrieved from https://studymoose.com/document/a-variable-length-key-based-cryptographic-approach-on-cloud-data