Devising Robust Hybrid Algorithm for Cloud Security

Nandita Senguptaa, Ramya Chinnasamya

aUniversity College of Bahrain, P.O.Box 55040, Manama, Kingdom of Bahrain,Contact: ngupta@ucb.edu.bh

Cloud computing has taken a major part in IT industry both for an individual and the organization. Thereare many reasons for adopting this. Primarily, it’s used as infrastructure as a service, platform as a service,file storage, disaster recovery and backup. In cloud computing, protection of data in server and while inmedia is a challenging issue. Our proposed encryption algorithm Hybrid DESCAST has been designed toprovide the security of huge volume of data sent through the media and the same will remain encryptedin the cloud sever. This cipher text will be decrypted only when the same is required to be used by theauthenticated user. Problems of individual DES and CAST Block Cipher Algorithm have been tackled byour proposed encryption algorithm. Complexity and Computation time for encryption and decryption forour proposed algorithm is higher than the individual DES and CAST algorithm. This paper is focused toprovide security of data in cloud server, as well as for the data while transferring from client to cloud serverand vice versa.

Keywords : Block Cipher Algorithm, Cloud Security, Encryption Algorithm, Hybrid DESCAST.

1. INTRODUCTION

Using Internet Technologies, Cloud Comput-ing is contributing a lot in the industries. Alsoas an individual, people are using cloud com-puting because of its enormous benefits. Capi-tal expenditure has been reduced substantiallyand flexibility of execution of the business pro-cesses have changed the scenario of the indus-tries. The could computing has provided manyfacilities, like Infrastructure as a Service (IaaS),Software as a Service (SaaS), Platform as aService (PaaS), Disaster Recovery, Backup tothe industries which made the cloud popular.Hence, there is no option for thinking whethercloud computing will be adopted or not. Im-portance should be given to the point when theuse of cloud computing should be started. IT-enabled business services are being delivered byCloud computing in exponential manner.

Dynamically scalable, virtualized computingenvironment can be achieved by adopting cloudtechnology with affordable cost and resources.Scalable IT resources like IT hardware, soft-ware, expertise and infrastructure managementcan be available on demand by cloud technol-

ogy which are otherwise exorbitant. Locationindependent or device independent processes,applications and services can be available ondemand. The organizations can make use of re-sources on demand without maintaining it be-cause the cloud provider is responsible for theenvironment [1], [2], [3], [4]. Section 2 depictsmotivation, Section 3 narrates contribution,Section 4 explicates literature review, Section 5describes importance of cloud security, Section6 explains the cipher algorithms, Section 7 pro-poses hybrid DESCAST algorithm, Section 8shows time complexity, Section 9 describes ex-perimental results, Section 10 explains perfor-mance analysis, Section 11 concludes our workas well as focuses future work.

2. MOTIVATION

Cloud computing is open pervasive systemsconnected by heterogeneous networks in thedistributed environment, which makes securitya big gainsay. Organizations that are movingfrom the traditional standalone environment tothe cloud are having great concern about thecloud security. The cloud provider has to offer

10

International Journal of Information Processing, 10(2), 10-22, 2016ISSN : 0973-8215IK International Publishing House Pvt. Ltd., New Delhi, India

Devising Robust Hybrid Algorithm for Cloud Security 21

and 2.50GHz processor for implementing andtesting the proposed algorithm.

10. PERFORMANCE ANALYSIS

Performance of DES and CAST are same whenapplying individually. In case of CAST algo-rithm, differential related key attack is possi-ble. DES offers better performance with halfof the memory occupied ,when compared toother symmetric key block cipher algorithmssuch as MARS, IDEA and RC6. When combin-ing CAST and DES algorithms, the possibilityof linear cryptanalysis using known plain textattack and related key attack has been averted.The hybrid algorithm is more secure than in-dividual algorithm [23]. The size of the ciphertext of plaintext using DESCAST algorithm issame as that of individual DES or CAST algo-rithm. so we can achieve more protection withthe same space. The analysis of space utilizedby each algorithm is given in Figure 18.

0

10

20

30

40

50

60

Size of DES in KB Size of CAST in KB Size of DESCAST

in KB

performance Analysis

performance Analysis

Figure 18. Cipher Text Output

11. CONCLUSION AND FUTURE

WORK

By combining 128bit key and 64 bit key cipheralgorithms, the brute-force attack and attacksvia birthday problems were averted and thealgorithm is more robust. The implementedDESCAST algorithm can be applied to anykind of data with size less than 1MB. Wehave tested the DESCAST algorithm on datafrom worldbank [22], Standard and Poor’s 500[24], Organization of the Petroleum Exporting

Countries(OPEC) [25] and World health orga-nization [26]. This algorithm can be applied in3G and 4G LTE environments. The DESCASTalgorithm is relatively slow on big data. Im-prove the performance of the algorithm so thatit can be applied on big data in 5G LTE envi-ronment for cloud security.

REFERENCES

1. J Xiong, X Liu, Z Yao, J Ma, Q Li, K Gengand P S Chen. A Secure Data Self-DestructingScheme in Cloud Computing, IEEE Transac-tions on Cloud Computing, 2(4):448–458, 2014.

2. P Jamshidi, A Ahmad and C Pahl. Cloud Mi-gration Research: A Systematic Review, IEEETransactions on Cloud Computing, 1(2):142–157, 2013.

3. M Ficco and M Rak. Stealthy Denial of ServiceStrategy in Cloud Computing, IEEE Transac-tion on Cloud Computing, 3(1):80–94, 2015.

4. Y Zhang, X Liao, H Jin and G Min. Resist-ing Skew-Accumulation for Time-Stepped Ap-plications in the Cloud via Exploiting Paral-lelism, IEEE Transactions on Cloud Comput-ing, 3(1):54–65, 2015.

5. A C Chen, M Won, R Stoleru and G G Xie.Energy-Efficient Fault-Tolerant Data Storageand Processing in Mobile Cloud, IEEE Trans-actions on Cloud Computing, 3(1):28–41, 2015.

6. Thomas Erl, P Ricardo and M Zaigham. CloudComputing: Concepts, Technology and Archi-tecture, Prentice Hall

7. S Roschke, C Feng and C Meinel. Intrusion De-tection in the Cloud, Dependable, Autonomicand Secure Computing, Proceedings of DASC09, Eighth IEEE International Conference, E-ISBN: 978-1-4244-5421-1, 729–734, 2009.

8. K P Shelke, S Sontakke and D A Gawande.Intrusion Detection System for Cloud Com-puting, International Journal of Scientific andTechnology Research, 1(4):2277-8616, 2012.

9. IBM. Security and High Availability in CloudComputing Environments, IBM Global Tech-nology Services Technical White Paper, 2011.

10. K Hashizume, G D Rosado, F E Medina and BE Fernandez. An Analysis of Security Issues forCloud Computing, in Journal of Internet Ser-vices and Applications, 4(5):doi:10.1186/1869-0238-4-5, 2013.

11. D Zissis and D Lekkas. Future Genera-tion Computer Systems, ELSEVIER The In-

22 Nandita Sengupta and Ramya Chinnasamy

ternational Journal of Grid Computing andeScience, 28:583–592, 2012.

12. N P Algorithms. Smart Key Size and Parame-ters Report, European Union Agency for Net-work and Information Security 2014.

13. T Olufon, C E A Campbell, S Hole, D KRadhakrishnan and A Sedigh. Mitigating Ex-ternal Threats in Wireless Local Area Net-works, International Journal of Communica-tion Networks and Information Security (IJC-NIS), 6(3), 2014.

14. P R Padhy, R M Patra and C S Satapa-thy. Cloud Computing: Security Issues andResearch Challenges, IRACST InternationalJournal of Computer Science and Informa-tion Technology and Security (IJCSITS), 1(2),2011.

15. F Ayoub and K Singh. Cryptographic Tech-niques and Network Security, Communica-tions, Radar and Signal Processing, IEEE Pro-ceedings F, 131(7), 2008.

16. P Schoo, V Fusenig, V Souza, M Melo, P Mur-ray, H Debar, H Medhioub and D Zeghlache.Challenges for Cloud Networking Security, HPLaboratories.

17. H Gilbert. Design and Analysis of Crypto-graphic Algorithms for Mobile CommunicationSystems, Orange Labs.

18. P D Avilar, J D Errico, K Berendsand M Peck. Authenticated Encryption,https://www.cs.jhu.edu.

19. DES. The Data Encryption Standard(DES) (Chapter 2), www.facweb.iitkgp.ernet.in/sourav/DES.pdf.

20. H M Heys and E S Tavares. On the Securityof the CAST Encryption Algorithm, Queen’sUniversity, Kingston, Ontario, Canada.

21. J Nakahara Jr and M Rasmussen. Linear Anal-ysis of Reduced-round CAST-128 and CAST-256, UNISANTOS, Brazil, LSI-TEC, PKICertification Department.

22. Data, http://data.worldbank.org/country.23. A M Mushtaque. Comparative Analysis on

Different Parameters of Encryption Algo-rithms for Information Security, JCSE Inter-

national Journal of Computer Science, 2(4), E-ISSN:2347-2693.

24. Data. http://finance.yahoo.com.25. Data. http://www.opec.org/opec- web/en/

publications/338.htm.26. Data. http://www.who.int/research/en/.

Nandita Sengupta is currentlyAssistant Professor, UniversityCollege of Bahrain, Bahrain.She obtained her Bachelor ofEngineering, Masters Degreeand Ph.D. in Engineering, Com-puter Science and Technologyfrom Indian Institute of Engine-

ering Science and Technology, Shibpur. She has 26years of working experience. 11 years she dedicatedin Design Department of Electrical Manufactur-ing Company Limited. Last 15 years she is inacademics and taught various subjects of IT. Herarea of interest is Analysis of Algorithm, Theoryof Computation, Soft Computing Techniques, Net-work Security. She achieved ”Amity Best YoungFaulty Award” on the occasion of 9th Interna-tional Business Horizon INBUSH 2007 by AmityInternational Business School, Noida in February,2007. She has around 30 publications in Nationaland International conference and journals.

Ramya chinnasamy hold-ing Master of Engineering inComputer Science, is currentlyworking as a, Lecturer in theDepartment of InformationTechnology, University Collegeof Bahrain. She has 13 yearsof experience in the field of

academics, Software Development and in Research.Her areas of Interests include Cloud Computing,Cloud Security, Image Processing and Big DataAnalytics. She has presented papers in interna-tional conferences and Symposiums.