Final Report
Final Report
Final Report
SEMINAR REPORT
DEPARTMENT OF
INFORMATION TECHNOLOGY
SESSION : 2022-23
CLOUD CRYPTOGRAPHY
Submitted by
Gitesh S. Gayakwad
Guided by
CLOUD CRYTOGRAPHY
is a bonafide work and it is submitted to the Sant Gadge Baba Amravati University,
Amravati
By
Gitesh S. Gayakwad
Gitesh S. Gayakwad
ABSTRACT
Cloud Cryptography is encryption that safeguards data stored within the cloud.
Several measures are being placed within cloud cryptography which adds a strong layer
of protection to secure data to avoid being breached, hacked or affected by malware.
Any data hosted by cloud providers are secured with encryption, permitting users to
access shared cloud services securely and conveniently. Cloud Cryptography secures
sensitive data without delaying the delivery of information.
1. INTRODUCTION……………………………………..…page|1
1.1) MOTIVATION
1.2) OBJECTIVE
2. LITRATURE REVIEW…………………………...…….page|3
3. CLOUD CRYPTOGRAPHY…………………………..….….page|4
6 CONCLUSION……………………………………….…page|16
7 FUTURE SCOPE…………………………………….…page|17
8 REFERENCES…………………………………………page|18
CLOUD CRYPTOGRAPHY
CHAPTER 1
INTRODUCTION
Cloud computing may be a framework for giving on-demand network access to
a pooled pool of configurable computing resources (e.g., networks, servers,
storage, software, and services) which will be quickly provisioned and free with
limited maintenance activity or service supplier involvement [2].
In cloud computing, resources area unit abstracted and virtualized from the cloud
provider's IT infrastructure and created accessible to the client. Cloud
infrastructure provides varied benefits to cloud consumers and different core
stakeholders. a number of these benefits area unit access to knowledge hold on
the cloud despite the location, pay-on-demand basis, flexibility and elasticity,
and economic edges by saving the corporate from shopping for hardware and
different IT infrastructure [4]. Despite of these edges, cloud computing has its
honest share of issues. the most concern within the cloud computing business is
security [3]. the primary and most obvious concern is privacy considerations [1].
That is if another party is housing all of your knowledge, however does one
recognize that it’s safe and secure? Since the net powers cloud computing,
knowledge migrated to the cloud can be assessed by anyone from anyplace once
security is broken. Hackers can visit any extent so as to compromise knowledge
[3].From selling your counselling to rivals and people on the dark net to
encrypting your storage and knowledge unless you pay them off, or they'll
merely delete something to harm your company and defend their actions
supported ideological views [1]This will have an enormous result on the
company's name, in addition as depleting the interest consumers have within the
company, leading to client loss [11].
Whatever the case, hackers area unit a heavy concern for your knowledge
managed on a cloud. as a result of your knowledge is command on somebody
else's computers, you will be at the mercy of whatever security measures they
support [1]. Organizations do not have abundant management over what happens
to their knowledge as everything on the cloud as well as security is managed by
the cloud supplier.
1.1) MOTIVATION:
1.2) OBJECTIVES:
CHAPTER 2
LITRATURE REVIEW
Bleikertz et al. [10] proposed the secret key principles, which are applied to
virtual machines on the basis of unique client-controlled CaaS architecture for
cloud computing. However, these researchers emphasized the use of physical
hardware security modules, and found that architecture segregates the
management and storage of the keys of cloud clients as well as all cryptographic
operations into a secure crypto-domain called DomC, which is tightly coupled
to the workloads of clients.
While, Sanyal and Iyer [11] investigated cloud security based on public key
values. They discussed a secure, and efficient algorithm based on the multi-key
encryption AES technique, a 128/192/256 bit cipher key used to encrypt and
decrypt data. Results confirmed, that AES increases security for the cloud
computing compared with RSA. But, AES can be used in virtual machines and
in public or private clouds.
Mao [12] noted an important problem for secure network virtualization: the
negligent usage of intelligence and distributed power by hypervisors. The
research discussed how hypervisors use information boxes to gain control.
Therefore, he proposed network virtualization using modern technology with
several useful applications, including secure multitenancy for cloud computing.
Cryptography significantly affects the management of the intelligence and
distributed power of hypervisors.
Rauber [9] studied cloud computing security, which the entire system requires
or else it collapses. Rauber in fact, argued that the main components of a cloud
should be secure and discussed whether cloud computing will revolutionize the
computing experience. The researcher also examined the functions of SaaS,
homomorphic encryption, and functional encryption and their strategies for
keeping information secure. These topics were discussed in depth together with
useful results.
While, on Facebook, content may be shared on other social
networks, such as Twitter and LinkedIn, through the Share. However, Zaheng
observed that using mobile cloud computing servers when browsing social
networks remains a significant security issue.
CHAPTER 3
CLOUD CRYPTOGRAPHY
Cloud computing is the drifting innovation that uses the system to give
administration to the client. Cloud go about as a product virtualized. Huge scale
and little scale business are spending the huge measure of cash to store and keep
up their data. Cloud computing give the support of the specialists by putting
away, calculation and keeping up the data requiring little to no effort. Cloud
computing permits the business client or individual client to utilize the
application through web without introducing in their framework. For instance:
Gmail, face book, YouTube, drop box. The client will pay the sum according to
the data use. The fundamental preferred position of cloud computing is ease,
expanded capacity and adaptability. The significant hazard in cloud computing
is security and protection (for example by putting the significant data on another
person's server in an obscure area).
Depending on the user or business need the different types of cloud is available.
There are four types of clouds available, [5]
• public,
• private,
• hybrid
• community cloud
• IaaS (Infrastructure-as-a-Service)
• PaaS (Platform-as-a-Service)
• SaaS (Software-as-a-Service)
or, Storage, Database, Information, Process, Application, Integration,
Security, Management, Testing-as-a-service
3. Platform as a service: A PaaS system goes grade higher than the code as
a Service setup. A PaaS supplier offers subscriber’s access to the parts that
they need to develop and operate applications over the application [6]. A
number of examples for PaaS isJ2EE, Ruby, and LAMP.
CHAPTER 4
Cryptography
B) Asymmetric algorithms
1) Rivest Shamir Adleman (RSA) Algorithm
Symmetric Encryption Algorithm uses one key for both encryption and
decryption [8]. Symmetric key cryptography also is known as private key
cryptography, secret key cryptography, single-key, shared key cryptography
and eventually private-key encryption. In symmetric cryptography uses a
single secret key at both the side. The same key is used to encrypt the data at
the sender.
DES is a standard for data encryption that uses a secret key for both encryption and
decryption. It adopts a 64-bit secret key, of which 56 bits are randomly generated and
the other 8 bits are used for error detection. It employs a data encryption algorithm
(DEA), a secret block cipher employing a 56-bit key operating on 64-bit blocks [3]. It
is the archetypal block cipher- an algorithm that takes a fixed-length string of plaintext
bits and transforms it into a ciphertext bit string of the same length. DES design allows
users to implement it in hardware and use it for single-user encryption, such as files
stored on a hard disk in encrypted form [9].
There are several bugs in the DES algorithm and 3DES is intended to fix such
weaknesses without creating atotal new cryptosystem. DES requires a 56-bit key
so the key is not adequate to protect private data for consumers or organizations.
The algorithm of the 3DES uses a 3 key with the EDE function. 3DES increase
the key duration by3 times and the key size is 168 bit and 3 period 56 times the
algorithm. 3DES increases the key duration by 3 times.K1 is used for encrypting
documents, K2is used for decrypting documents and K3 is used for the decoding
of records again.
4) Blowfish Algorithm
In Asymmetric key cryptography, two different key (i.e. public key, private key)
is used. The public key is one which is available to the sender to encrypt the
message and the private key is one which is available to the receiver for decrypt
the message. Any sender can use the public key to encrypt the message but only
receiver or authorized can use the public key to decrypt the message. The main
feature of this cryptography is only authorized user can only read the message
and no else. Example for Asymmetric key cryptography is RSA, ECC, ElGamal.
Asymmetric key cryptography [10].
Asymmetric Encryption
Step 1: Generate the RSA modulus The first step starts with the collection and
estimation of two primary numbers, p and q and the element N, as indicated.
N=p*
Step 2: Derived Number (e) Find a number e to be more than one and less than
(p-1) and (q-1) dependent number. The prime condition is that (p-1) and (q-1)
are not normal except 1
[3] A technique to convert a plan text to a form, known as cipher text, that is
meaningless to any unkown third party.
Data-in-transit
Data-at-rest
Data-at-rest is sensitive data you store in corporate IT structures such as servers, disks,
or cloud storage services. Encrypting data while it is stored allows you to enforce
access control by only giving decryption credentials to those employees with
authorization. Anyone else trying to access your data-at-rest will see encrypted
information rather than plaintext.
b) End-to-end encryption-
Senders and receivers send messages, whereby they are the only ones who can
read them.
c) File encryption-
File encryption occurs when at rest, data is encrypted so that if an unauthorized
person tries to intercept a file, they will not be able to access the data it holds.
CHAPTER 5
1. The data remains private for the users. This reduces cybercrime from hackers.
2. Organization receive notifications immediately if an unauthorized person
tries to make modifications. The users who have cryptographic keys are
granted access.
3. The encryption prevents the data from being vulnerable when the data is
being brought over from one computer to another,
4. Cloud encryption permits organizations to be proactive in their defence
against data breaches and cyberattacks and have become a necessity in
today’s data-drivenworld.
5. Receivers of the data have the ability to identify if the data received is
corrupted, permitting an immediate response and solution to the attack.
6. Encryption is one of the safest methods to store and transfer the data as it
complies with the restrictions imposed by organizations such as FIPS,
FISMA, HIPAA or PCI/DSS.
CHAPTER 6
CONCLUSION
CHAPTER 7
FUTURE SCOPE
Cloud storage protection concerns are an ongoing study and experimental area.
Several issues, one of which is user data and software health, have been found.
Protection of various approaches and strategies is possible via cloud providers.
A framework for evaluation is introduced to tackle the problem of choosing a
cloud provider dependent on customer protection criteria. Cloud cryptography
will be a major issue in future because now a days everything like databases
software’s hardware’s runs using cloud since it takes less space time and less
cost to build and easy to manage.
CHAPTER 7
REFERENCES