Cloud Computing

Cloud Computing

Cloud Computing originated from large scale distributed computing technologies. Mell, P., Grance, T. (2018), NIST describes Cloud computing as a computing model for enabling convenient on-demand network access to a shared pool of configurable computing resources that can be provisioned rapidly and released with minimal management effort. Cloud computing allows organizations to store some of their sensitive files on servers in the cloud (Selvanayagam, Singh, Michael, and Jeswani, 2020). Cloud computing enables firms to outsource their entire information technology process (Khan and Al-Yasiri, 2016). Most people utilize cloud services daily.

Cloud computing allowed many organizations to store data off-site. It brought forth a cyber-data security risk because many customers shared the same cloud. Threats or risks are anything that can cause severe harm or damage to a computer system (Imran, Aziz, and Irfan, 2018). Risks are of different types like Trojans, viruses, and hijacking. Various security threats exist in the realm of cloud computing. Some common types of risks related to public cloud computing and private cloud computing are service hijacking, data scavenging, data leakage, denial of service, customer data manipulation, VM escape, VM hopping, and Malicious VM creation system (Imran, Aziz, and Irfan, 2018). The risks that constitute cloud computing are data access control, identity management, integrity control, risk management, and auditing.

Literature Review

The impact of risks associated with the cloud is apparent in recent cybersecurity developments aimed at reducing the risk of cyber-attacks and loss of files necessary to people and organizations. One such innovation is cloud cryptography, cryptosystems, and their variations to secure file storage on the cloud against a threat. Cloud cryptography (Narang, 2020) uses encryption techniques to protect data used or stored on the cloud. Any data hosted by cloud providers is protected with encryption, hence allowing users to access shared cloud services conveniently and with security (Narang, 2020). It keeps your critical data secure even beyond your corporate IT environment(Narang, 2020).

Cryptography is one of the critical countermeasures for threats facing files stored on the cloud. Cryptography is associated with the process of converting ordinary plain text into unreadable text and vice versa. According to a publication by The Economic Times, titled: What is Cryptography?, Cryptography Meaning, Cryptography not only protects data from stealing, it is also applicable in user-to-user authentication. The publication also mentions that modern cryptography concerns itself with information confidentiality, integrity, non-repudiation, and authentication. There are two main algorithms used in cryptography, namely Symmetric Key Cryptography and Asymmetric Key Cryptography(Abood and Guirguis, 2020).

There are two types of symmetric algorithms(Smirnoff and Turner, 2019). These are block algorithms and Stream algorithms. In block algorithms, set lengths of bots are encrypted in blocks using a specific secret key. As data is being encrypted, the system stores the data in memory while it waits for complete blocks. On the other hand, stream algorithms encrypt data as it streams and does not retain it in system memory (Smirnoff and Turner, 2019). Symmetric cryptography is used for securing messaging apps and cloud storage in the form of the Advanced Encryption Standard (AES).

Asymmetric encryption or cryptography is a technique in which different keys are used for encryption and decryption and is also known as public-key encryption(Sawlikar, A.P., Khan, Z.J., and Akojwar, S.G., 2016). It was created to solve the problem brought about by Symmetric encryption. The two keys are the public and private keys. The public key is announced to the public key while the user holds the private key. The two keys are mathematically related. The public key can be revealed without compromising the system’s security (Joseph, D.P., Krishna, M. and Arun, K., 2015).RSA, MDx, and SHA are examples of algorithms under this category. It offers the advantage that digital signatures cannot be repudiated. It requires that each user be responsible for protecting their private key. With the private key encryption, it is possible for senders of data to claim the shared key was compromised by a member of the parties involved in the process (What is Public Key Cryptography? 2020). Public key cryptology has an advantage over private key cryptology since it circumvents the logistics and risks of swapping keys. It is also highly scalable, offers higher security unlike symmetric cryptography, and is therefore popular in enterprise environments today.

Symmetric encryption with algorithms such as DES, Triple DES, and AES is fast and efficient for encrypting data but weak when sharing keys (Haunts, 2019). According to Haunts, the author of Applied Cryptography in.NET and Azure Key Vault, sharing keys is tough to do securely. Haunts (2019) also criticizes the asymmetric encryption technique citing asymmetric encryption that tends to slow down the encryption process as a downside of Experts suggest that combining asymmetric encryption with symmetric encryption will gain symmetric encryption’s efficiency and the key splitting of asymmetric encryption. Here comes hybrid cryptography.

The ISO/IEC JTC1/SC27 standardization committee suggests that hybrid cryptography can be defined as the branch of asymmetric cryptography that uses convenient symmetric techniques to remove some of the problems inherent in normal asymmetric cryptosystems. One such problem associated with asymmetric cryptosystems is trying to quickly process long messages (Kapoor and Yadav, 2016). Hybrid cryptography seeks to improve on issues that faced dealer more primitive cryptography algorithms. The issues are time and space complexity and security (Kapoor and Yadav, 2016). The result of using hybrid cryptography is added security to the process of sending data along with improved system performance.

Security in the cloud computing environment is considered to be a crucial aspect because of the significance of the information that is stored in the cloud. Data can indeed be not only confidential but also sensitive. As a result, data management ought to be executed in a manner that reliably protects data from malicious attacks that could potentially compromise confidentiality, integrity and accountability (Maitri and Verma, 2016). The utility of cloud storage and its attendant services also need to be protected. So far, hybrid cryptography implements a combination of AES and RSA algorithms to ensure the protection of cloud storage facilities. A hybrid algorithm hence uses three kes. AES secret keys and RSA public keys are mandatory requirements for data uploads. Private RSA and AES, on the other hand, are essential for data downloads. When a user attempts to upload data to the cloud, the file is first stored on a directory for a short time. The RSA algorithm is applied on encrypted date before the AES algorithm. Only then can the file be encoded and stored on the server (Maitri and Verma, 2016)..

Hybrid cryptography achieve encryption through a two-stage process. During the encryption phase, on the specification of the user, the file which is to be encrypted is divided into a number of slices. Each slice of the file is then encrypted using a blowfish key (Timothy and Santra, 2017). Maitri and Verma (2016) define blowfish as a symmetric block cipher that implements 16 rounds of iterative encryption and decryption. Blowfish uses a block size of 64 bits and a key of variable length that can reach up to 448 bits. The algorithm of a blowfish encryption key consists of two phases. During the key expansion phase, the encryption key is converted into several sub-key. In the encryption phase, key-dependent permutations and data-dependent substitutions occur Timothy (and Santra, 2017). Encryption is done using the SRNN public key such that each encrypted file slice has a corresponding encrypted key. During the decryption phase, the blowfish key is decoded at the server end using the corresponding SRNN private key. File slices are then unscrambled and converged to produce unique records (Timothy and Santra, 2017).

Conclusion

Hybrid cryptography implements asymmetric cryptographic techniques to remediate some of the issues that are typical of normal symmetric cryptographic techniques such as processing long strings of data quickly. Hybrid cryptography improves time and space complexity and security as a prerequisite step in ensuring the security of files stored on the cloud. This improvement is achieved through the application of AES secret keys and RSA public keys in the data encryption and decryption phases. Blowfish algorithms are crucial in the two processes and help ensure that scrambled data slices are reassembled successfully to produce unique copies of data hence ensuring cloud security.