Bonfring International Journal of Software Engineering and Soft Computing, Vol. 9, No. 1, March 2019
1
Security Enhancement and Time Delay
Consumption for Cloud Computing Using AES and
RC6 Algorithm
Madava Krishnan, Haripriya, Arunadevi and Deepthi
Abstract--- Cloud computing is an Internet based
computing. It provides the services to the organizations like
storage, applications and servers. In cloud storage User can
store their data remotely without maintaining local copy of
data. So the integrity verification and time delay consumption
of the data is major problem in cloud storage. We ensure the
data not tampered with other because cloud provider is not
completely trusted. Integrity Verification and time delay
consumption can be managed by without TPA by using AES
and RC6 algorithm.
Index Term--- Cloud Computing, Security, integrity
Verification, Data Storage Correctness, Privacy, Time Delay
Consumption.
I.
INTRODUCTION
C
LOUD computing is a utility, where users can remotely
store their data into the cloud storage so as to enjoy the
high quality applications and the services. Cloud computing
involves delivering hosted services over all the internet. These
services are broadly divided into the 3 categories:
Infrastructure-as-a-Service(IaaS), Platform-as-a-Service(PaaS)
and Software-as-a-Service (SaaS).A cloud service has three
distinct characteristics that differentiate it from traditional
hosting. The advantage of cloud computing is cost savings.
Cloud computing has various security issues like data theft,
data integrity on cloud server, secure transmission of data,
integrity verification without much overhead and computation
cost, access rights management and security while sharing file
to other user. In cloud computing user can store the data
remotely on cloud storage server. Cloud provider is external
entity is not completely trusted. Data can be altered and
temper by unauthorized entity without permission of data
owner on cloud server.
How the data owner make sure that his data has not been
modified by others (or may be by the Cloud provider itself,
accidently or intentionally).
Madava Krishnan, Computer Science and Engineering,
Engineering College.
Haripriya, Computer Science and Engineering, Sree Sakthi
College.
Arunadevi, Computer Science and Engineering, Sree Sakthi
College.
Deepthi, Computer Science and Engineering, Sree Sakthi
College.
DOI:10.9756/BIJSESC.9003
Sree Sakthi
Engineering
Engineering
Engineering
Fig. 1
So data storage correctness is required for detecting such
kind of unlawful activities on data is an utmost priority issue.
Data storage correctness scheme classified in two categories
(a) without use of third party auditor (Non TPA) (b) With use
of third party auditor (TPA). In case of using TPA, an external
Third Party Auditor (TPA) that verifies the data integrity and
sends report to user, some time in form of extra hardware or
cryptographic coprocessor is required. This hardware scheme
provides better performance due to dedicated hardware for the
auditing process but has some drawbacks.
1.
Such as single TTP resulting into bottleneck in the
system, TPA is supposed to be a central, independent
& reliable component; it may become bottleneck to
the entire system. Any unusual activity in TPA may
cause entire cloud system to go down or reduction in
the performance.
2. As the data sent from cloud data owner premise is in
encrypted form and the required credentials to decrypt
the same are kept hidden from cloud service provider,
during regulatory compliance, laws which make the
data owner responsible for protection of his data can
be followed
3. Some time with the use of TPA extra hardware or
cryptographic coprocessor is needed.
4. During any legal investigation, cloud service provider
cannot handover the data to any statutory body
without consulting to data owner.
To provide data security in cloud computing we use
cryptographic techniques: Cryptography is the science of
using mathematics to encrypt and decrypt information. Once
ISSN 2277-5099 | © 2019 Bonfring
Bonfring International Journal of Software Engineering and Soft Computing, Vol. 9, No. 1, March 2019
the information has been encrypted, it can be stored on
insecure media or transmitted on an insecure network (like the
Internet) so that it cannot be read by anyone except the
intended recipient. We use Symmetric key and Asymmetric
key(AES,RC6) algorithm for encryption and decryption of
data. In data storage correction data integrity verification can
performed with use of hash function such as RC6 using this
hash function we create unique signature of data for later
verification of data integrity.
3.
4.
5.
II.
EXISTING SYSTEM
In Existing system they use Third party auditor to check the
integrity of data in this Scheme having three components:
1. Cloud User (CU)
2. Cloud Service Provider (CSP) & Cloud Server (CS)
3. Third party Auditor (TPA)
PROBLEM IN EXISTING SYSTEM
many researchers have attended the issue of data storage
security in cloud which we broadly categorize into two groups
one which make use of trusted third party auditor (TTPA) and
other that do not. Normally TTPA is a reliable independent
component which is trusted by both the cloud users and server
many researchers recommend the support of trusted third party
(TTP). By leaving the resource consuming cryptographic
operations on TTP for achieving confidentiality and integrity,
cloud users can be worry-free. But issues such as TTP
becoming bottleneck, data leakage, introduction of new
vulnerabilities, scalability, accountability, performance
overhead, dynamic data support, extra hardware cost incurred
etc. have motivated many researchers to address the data
storage security problems without using trusted third party
auditor
1.
2.
good for his data.
Some time with the use of TPA extra hardware or
cryptographic coprocessor is needed.
As the data sent from cloud data owner premise is in
encrypted form and the required credentials to
decrypt the same are kept hidden from cloud service
provider, during regulatory compliance, laws which
make the data owner responsible for protection of his
data can be followed.
During any legal investigation, cloud service provider
cannot handover the data to any statutory body
without consulting to data owner.
No file sharing mechanism between cloud user.
High Computational and communication cost in
IV.
PROPOSED SYSTEM
Without TPA in Cloud Storage
I propose a data storage security model, which intends to
solve the data security problem, time delay consumption
problem and File sharing problem.
Fig. 2: Third Party Auditor Scheme
III.
6.
7.
2
TPA is supposed to be a central, independent &
reliable component; it may become bottleneck to the
entire system. Any unusual activity in TPA may
cause entire cloud system to go down or reduction in
the performance.
Cloud data owner can directly control the
cryptographic operations to be performed on his data
stored on cloud. Cloud data owner can specify
privacy level of his data and also choose
combinations of cryptographic operations from
available options instead of TPA to decide what is
Propose System Contains three Stakeholders Like
A. Data owner, who generates and owns the data,
possessing all rights about file operation, it can pass
on the same to other Cloud data users.
B. Cloud service provider (CSP), which is the central
core component of the whole system. It also acts as a
cloud data server.
C. User, who uses the data based on credentials received
from the data owner.
1. Data owner generates key using Symmetric Key
(DES, AES) and Asymmetric key generation (RSA)
algorithm and store that key , and encrypt and
decrypt data using that key stored in database. Data
owner generate hash code (Signature) using
cryptography hash functions Blake on Encrypted file
and store that signature in database.
2. Data owner upload encrypted file on cloud Service
provider (CSP). If later data owner want to verify that
file on CSP they send request to CSP. So CSP
calculates hash code for the encrypted file which is
uploaded by the DO and sends it to DO.
3. DO compare the hash code received by CSP with the
actual hash code to check the correctness of data
which is stored on the CSP.
4. CSP decrypt file using Symmetric key (AES) and
Asymmetric key (RC6) generation algorithm and
send to DO. And DO requests for view/download the
file.
ISSN 2277-5099 | © 2019 Bonfring
Bonfring International Journal of Software Engineering and Soft Computing, Vol. 9, No. 1, March 2019
5.
6.
DO Grant file Access Rights (Sharing of file) to other
cloud user.
Propose algorithm are:
1. AES algorithm 2.RC6 algorithm
V.
1.
2.
DATA SECURITY & INTEGRITY VERIFYING
Using Cryptographic Algorithm: Cryptography is
the mathematics process to encrypt and decrypt
information. Once the information has been
encrypted, it can be stored on insecure media or
transmitted on an insecure network. so that it cannot
be read by anyone except the intended recipition. We
use Symmetric key of (AES) and Asymmetric key of
(RC6) algorithm for encryption and decryption of
data.
AES Algorithm: Advanced Encryption Standard
(AES) algorithm is one on the most common and
It comprises of a series of linked operations, some of which
involve replacing inputs by specific outputs (substitutions) and
others involve shuffling bits around (permutations).
Interestingly, AES performs all its computations on bytes
rather than bits. Hence, AES treats the 128 bits of a plaintext
block as 16 bytes. These 16 bytes are arranged in 4 columns
and 4 rows for processing as a matrix format.
Unlike DES, the number of rounds in AES is variable and
depends on the length of the key. AES uses 10 rounds for 128bit keys, 12 rounds for 192-bit keys and 14 rounds for 256-bit
keys. Each of these rounds uses a different 128-bit round key,
which is calculated from the original AES key.
1) User Registration: Each user has a unique account.
Hence, each users have to register initially before they
accessing the cloud system. The registration is done by the
user only once to create an account with username and
password. Then they can login into the system from
anywhere using the username and password and can also
3
widely symmetric block cipher algorithm used in
worldwide. This algorithm has an own particular
structure to encrypt and decrypt sensitive data and is
applied in all over the world. It is extremely difficult
to hackers to get the real data when encrypting by
AES algorithm.
Till date is not any evidence to crake this algorithm. AES
has the ability to deal with 3 different key sizes such as AES
128, 192 and 256 bit and each of this ciphers has 128 bit block
size. It will provide an overview of AES algorithm and explain
several crucial features of this algorithm in details and
demonstration some previous researches that have done on it
with comparing to other algorithms such as DES, 3DES.
VI.
BLOCK DIAGRAM OF AES
AES is an iterative rather than Faster cipher. It is based on
‘substitution– permutation network’.
upload and download files through the internet.
2) File Uploading and Downloading: User can login
from anywhere using their username and password and
upload file, using their own file key. And later they can
download the file using the same key. When uploading the
file the content will encrypted using AES encryption
before saved in to the database. Also the content will be
distributed to different blocks. So the chance for attack and
uploading time are reduced. If there occur any
unauthorized access an SMS alert will send to the
authorized user.
3) Delay Calculation: In real cloud environment due to
increase in number of users, the data traffic become high.
This will affect overall system performance. The huge data
traffic result delay and congestion. In real environment
different factors causes the delay i.e. size of uploaded file,
network speed etc. The model proposed here measure the
delay occurred when uploading files with different size at
ISSN 2277-5099 | © 2019 Bonfring
Bonfring International Journal of Software Engineering and Soft Computing, Vol. 9, No. 1, March 2019
different time in a real cloud platform. When uploading a
file initially the file split into different blocks before the
encryption. The size of each block depends on the file size.
Delay metrix is calculated as the sum of delay occurred
during block wise uploading to different location in the
cloud database.
To measure the effect of load balancing can be based on
many factors, but the most important are two factors: load and
load performance. Load is the CPU queue index and CPU
utilization. Performance is the average response time required
by the user.
The load balancing algorithm is based on input parameters
such as the configuration of virtual machines, the length of the
cloudlet tasks, the arrival time, the completion time of the
tasks, and then the expected completion time. of each task,
expected response time.
Response time is the processing time plus the cost of the
request or task transmission time, queued through the network
nodes. Expected response time is calculated according to the
following formula.
where: F: time to complete the task, A: arrival time of the
task., Tdelay: transfer time of the task .
Because the algorithm that performs load balancing is that
of Datacenter Broker, the level of the algorithm only affects
the processing time in a local environment of a data center.
Therefore the communication delay parameter can be omitted,
so Tdelay = 0. Calculate expected task completion time [4]:
The scheduling policy is Spaceshare-Spaceshare or
Timeshare-Spaceshare, then the formula is defined by the
formula (2), (3):
4
Where capacity is calculated by the formula [4]:
If the scheduling policy is Space share-Timeshare or
Timeshare- Timeshare, it is determined by the formula (4),
(5):
Where capacity is calculated by the formula [5]:
In formulas
(2), (3), (4)
and (5):
1
eft(p) is the expected completion time of the
Cloudlet p.
est is the arrival time of Cloudlet p.
rl is the total number of instructions the Cloudlet p
must execute on a processor.
capacity is the average processing power (in MIPS) of
a core for Cloudlet
ct is the current simulation time.
cores(p) is the number of cores required by Cloudlet.
Calculate average execution time and average response
time of all tasks (without TTP):
•
•
Average execution time: 284.65 (ms).
Average response time: 1686.467 (ms).
VII.
ISSN 2277-5099 | © 2019 Bonfring
WORKING STRUCTURE
Bonfring International Journal of Software Engineering and Soft Computing, Vol. 9, No. 1, March 2019
RC6 Algorithm: We proposed the RC6 block cipher. RC6
is an improvement of RC5, designed to meet the requirements
of the Advanced Encryption Standard (AES). Similar to RC5,
RC6 makes essential use of data.
Expected Response Time = F – A + Tdelay(1)
dependent rotations. New features of RC6 include the use
of 4 working registers instead of 2, and the inclusion of integer
multiplication as an additional primitive operation. The use of
multiplication greatly increases the diffusion achieved per
round, allowing for greater security, fewer rounds, and
increased throughput.
VIII.
BLOCK DIAGRAM OF RC6
In cryptography, RC6 (Rivest cipher 6) is a symmetric key
block cipher derived from RC5. It was designed by Ron
Rivets, Matt Robs haw, Ray Sidney, and Yiqun Lisa Yin to
meet the requirements of the Advanced Encryption Standard
(AES) competition. The algorithm was one of the five
finalists, and also was submitted to the NESSIE, CRYPTREC
projects. It was a patented by RSA Security.
RC6 proper has a block size of 128 bits and supports key
sizes of 128, 192, and 256 bits up to 2040-bits, but, like RC5,
it may be parameterized to support a wide variety of wordlengths, key sizes, and number of rounds.
IX.
WORKING STRUCTURE
5
Encryption Algorithm: Select a file to store in a cloud
before apply rc6 algorithm, Read a selected file and convert
data in to byte array Then perform following steps;
Key Explanation
1. A key generate according to system time in mille
second.
2. Store that key in database with file name and pass the
key expansion function.
3. Key expansion function generate key in fixed byte
Format in byte array.
Encryption Function
1. Pass data and key in the form of byte array pass in
encryption function.
2. Encryption function return encrypted data in the form
of byte array.
3. Write encrypted data in file and store them in cloud.
Decryption Algorithm: Select a file in cloud then
following step will be perform.
1. Access key from database according to file in the
cloud.
2. Pass the key in key expansion function and generate
key in the form of fixed byte array Read data from
selected file and convert encrypted data in byte array.
3. Pass data and key byte array in decryption function.
4. Decryption function returns decrypted data in the
form of byte array then write this data in temporary
file.
5. Now user can view that data from temporary file.
Delay Calculation: In real cloud environment due to
increase in number of users, the data traffic become high. This
will affect overall system performance. The huge data traffic
result delay and congestion. In real environment different
factors causes the delay i.e. size of uploaded file, network
speed etc. The model proposed here measure the delay
occurred when uploading files with different size at different
time in a real cloud platform. When uploading a file initially
the file split into different blocks before encryption. The size
of each block depends on the file size. Delay metric is
calculated as the sum of delay occurred during block wise
uploading to different location in cloud database.
The observed delay is calculated using equation, which is
the difference between time after uploading and time before
uploading. Delay is calculated using the equation 4. It is the
sum of delay occurred during the block wise upload of file in
three cloud location.
X.
CONCLUSION
In this Scheme provides encrypt and decrypt data using
Symmetric (AES) and Asymmetric (RSA) Algorithms and use
hash function for generating hash code. This system provides
high security, lightweight data integrity verification, data
hiding, time delay consumption and secure access right to
other cloud data file requester. In future this proposed scheme
should be enhance for large data style. We provide mechanism
for Cloud Data Requester to access file on Cloud Server. This
scheme work faster and secure to check integrity of data on
cloud server.
ISSN 2277-5099 | © 2019 Bonfring
Bonfring International Journal of Software Engineering and Soft Computing, Vol. 9, No. 1, March 2019
[1]
[2]
[3]
[4]
[5]
[6]
[7]
[8]
[9]
[10]
[11]
[12]
[13]
REFERENCES
Cloud Security Alliance, “Security Guidance for critical areas of focus
in Cloud ComputingV3.0”
https://cloudsecurityalliance.org/guidance/csaguide.v3.0.pdf
National Institute of Standards and Technology- Computer Security
Resource Center www.csrc.nist.gov
http://en.wikipedia.org/wiki/Cloud_computing
B. Patel Hiren, D.R. Patel, B. Borisaniya and A. Patel, “Data storage
security model for cloud computing”, In International Conference on
Advances in Communication, Network, and Computing, Pp. 37-45,
2012.
C. Wang, Student Member, IEEE, Sherman S. M. Chow, Qian Wang,
Student Member, IEEE, KuiRen, Member, IEEE, and Wenjing Lou,
Member, IEEE “Privacy-Preserving Public Auditing for Secure Cloud
Storage, IEEE-2012, 2013.
W. Cong, Q. Wang, K. Ren and W. Lou, “Privacy-preserving public
auditing for data storage security in cloud computing”, In proceedings
IEEE infocom, Pp. 1-9, 2010.
V. Moorthy and Dr.S. Sivasubramaniam, “Implementing Remote Data
Integrity Checking Protocol for Secured Storage Services with Data
Dynamics and Public Verifiability In Cloud Computing”, IOSR Journal
of Engineering, Vol. 2, No. 3, Pp. 496-500, 2012.
H. Chittaranjan, S. Sanka, M. Rajarajan and S.K. Nair, “Capabilitybased cryptographic data access control in cloud computing”,
International Journal of Advanced Networking and Applications, Vol. 3,
No. 3, Pp. 1152-1161, 2011.
G. Rosario and D. Wichs, “Fully Homomorphic Message Authenticators
IBM Research”, TJ Watson, Vol. 23, 2012.
K. Kajendran, J. Jeyaseelan and J. Joshi, “An Approach for secures Data
storage using Cloud Computing”, International Journal of Computer
Trends and Technology, 2011.
L. Wenjun and G. Bai, “Ensuring the data integrity in cloud data
storage”, IEEE International Conference on Cloud Computing and
Intelligence Systems, Pp. 240-243, 2011.
S. Sunil, C. Hota and M. Rajarajan, “Secure data access in cloud
computing”, IEEE 4th International Conference on Internet Multimedia
Services Architecture and Application, Pp. 1-6, 2010.
S. Hovav and B. Waters, “Compact proofs of retrievability”,
International Conference on the Theory and Application of Cryptology
and Information Security, Pp. 90-107, 2008.
ISSN 2277-5099 | © 2019 Bonfring
6