A Secure Data Encryption Mechanism in Cloud

2024 International Conference on Intelligent and Innovative Technologies in Computing, Electrical and Electronics (IITCEE) | 979-8-3503-0641-5/24/$31.00 ©2024 IEEE | DOI: 10.1109/IITCEE59897.2024.10467407

Using Elliptic Curve Cryptography

I. Sudha
Professor, Department of Computer Cecil Donald S. Navya
Science and Engineering Assistant Professor Assistant Professor
Saveetha School of Engineering, Saveetha Department of Computer Science, Department of Computer Science
Institute of Medical and Technical CHRIST (Deemed to be University) Engineering
Sciences – SIMATS , Bengaluru, India Raghu Engineering College
Chennai, India cecildonald6@gmail.com Visakhapatnam, India
sudhai.sse@saveetha.com navyasangu7@gmail.com

G. Nithya S.Saravanan
Assistant Professor, Department of Manivannan Balamurugan Professor, Department of Computer
CSE Department of Mathematics, Science and Engineering
V. S. B College of Engineering Vel Tech Rangarajan Dr. Sagunthala Saveetha School of Engineering,
Technical Campus R&D Institute of Science and Saveetha Institute of Medical and
Coimbatore, India Technology, Technical Sciences - SIMATS
nithya.june07@gmail.com Avadi, Tamil Nadu, India. Chennai, India
balamurugansvm@gmail.com saravanansiddhan@gmail.com

Abstract— Cloud computing is undergoing continuous access to them from any location over the internet[2]. This
evolution and is widely regarded as the next generation feature allows users to use their apps without the need of
architecture for computing. Cloud computing technology allows installation, and enables them to access their data over the
users to store their data and applications on a remote server internet from any distant system[3]. This technology
infrastructure known as the cloud. Cloud service providers, facilitates efficient computing via the use of centralized
such Amazon, Rackspace, VMware, iCloud, Dropbox, Google's storage, memory, processor, and bandwidth resources. Cloud
Application, and Microsoft Azure, provide customers the computing offers several service models, including Software-
opportunity to create and deploy their own applications inside a as-a-Service (SaaS), Platform-as-a-Service (PaaS), and
cloud-based environment. These providers also grant users the
Infrastructure-as-a-Service (IaaS). Cloud Computing has
ability to access and use these applications from any location
worldwide. The subject of security poses significant challenges
many key qualities that are considered vital. These include on-
in contemporary times. The primary objective of cloud security demand self-service, which allows users to access and manage
is to establish a sense of confidence between cloud service computing resources as needed[4]. Additionally, it offers wide
providers and data owners inside the cloud environment. The network access, enabling users to access the cloud services via
cloud service provider is responsible for ensuring user data's various devices and platforms. Resource pooling is another
security and integrity. Therefore, the use of several encryption crucial trait, as it allows multiple users to share and allocate
techniques may effectively ensure cloud security. Data resources dynamically[5]. Furthermore, Cloud Computing
encryption is a commonly used procedure utilised to ensure the offers fast elasticity, enabling the quick and efficient scaling
security of data. This study analyses the Elliptic Curve of resources based on demand. Lastly, it provides measured
Cryptography method, focusing on its implementation in the service, allowing for the monitoring and control of resource
context of encryption and digital signature processes. The use, facilitating accurate billing and resource allocation. The
objective is to enhance the security of cloud applications. Elliptic Cloud computer environment offers computer resources via
curve cryptography is a very effective and robust encryption several deployment strategies, including Public cloud, Private
system due to its ability to provide reduced key sizes, decreased cloud, Hybrid cloud, and Community cloud[6]. The
CPU time requirements, and lower memory utilisation. establishment of robust data security measures is of utmost
importance in the context of cloud computing. Therefore, the
Keywords— Cloud computing; data security; encryption;
security of cloud computing is contingent upon the use of
cryptography; ECC
trusted computing mechanisms and cryptographic techniques.
I. INTRODUCTION Cryptography is responsible for executing the procedures of
encryption and decryption in order to safeguard data. Cloud
Cloud computing provides simple and ubiquitous access data security encompasses many crucial areas, including
to a shared pool of programmable computing resources, availability, data protection, governance, incident response,
including networks, servers, storage, applications, and compliance, and identity and access management[7].
services, according to NIST[1]. These resources can be
rapidly provisioned and released with minimal effort or II. DATA SECURITY MODEL
reliance on service providers. This technology facilitates the
Security problems related to delivery and deployment
preservation of user data and apps on distant servers, enabling
models include data integrity, data location, data

979-8-3503-0641-5/24/$31.00 ©2024 IEEE

Authorized licensed use limited to: ANNA UNIVERSITY. Downloaded on August 22,2024 at 13:11:40 UTC from IEEE Xplore. Restrictions apply.
confidentiality, and data access. The CIA triad is a widely include the implementation of a single sign-on procedure, the
recognized security architecture that encompasses three establishment of robust authentication and authorization
essential security goals: confidentiality, integrity, and mechanisms, the use of data encryption techniques to
availability[8]. These objectives pertain to the protection of safeguard sensitive information, ensuring data integrity via
both data and information, as well as computer services. appropriate measures, facilitating data recovery in the event
Additional security goals often seen in various systems
of system failures or data loss, reinforcing network computing security issue. Internal or third-party data centres
security to protect against unauthorized access or malicious provide security, which affects security level. Data
activities, implementing effective identity management availability guarantees constant access. Data availability is
practices, and particularly emphasizing the adoption of multi- ensured by many factors. Service level Agreement (SLA),
factor authentication for enhanced security[9]. processing overhead, recovery roles, file system, and access
A. Data Confidentiality and Privacy are these factors. Availability guarantees system efficiency
and service access for authorised users. Data storage, backup,
The cloud users store their data on several faraway servers,
and recovery are critical for data availability. As a minimum,
and they have the option to store different types of
information, such as data and movies, with either a single service providers must provide RAID-based storage
cloud provider or multiple cloud providers[10]. Ensuring data solutions.
confidentiality is a crucial need when storing user data on a D. Data location and relocation
distant server. A collection of facts, statistics, or information
is called "data". The notion of confidentiality protects private The stored cloud data in cloud computing systems exhibits a
information from unauthorised people, methods, and significant level of mobility since it undergoes migration
equipment. Information privacy and integrity depend on among virtual computers periodically. The cloud provider
confidentiality. Service providers must protect data privacy by should ensure that the appropriate degree of security is
protecting individually obtained and stored information and provided to meet the diverse requirements of various clients.
carefully controlling its distribution to appropriate parties[11]. Some individuals with less knowledge or experience may
lack awareness of the specific location of their data.
However, it is possible for major corporations or enterprises
to choose certain geographic locations for storing their data.
In instances of this kind, it is essential that a formal agreement
be executed between the cloud service provider and
organizations in order to establish and maintain a sense of
confidence.
III. SECURITY ISSUES IN CLOUD
Security concerns in cloud computing may be categorized
into several areas, including but not limited to, unauthorized
access to sensitive data, inadequate data segregation, lack of
accountability, exploitation of software vulnerabilities, data
recovery challenges, and the presence of hostile insiders.
Cloud computing security concerns typically include
regulatory compliance. Service providers may resist external
audits and security certifications. Privilege user access, which
allows authorised users to view sensitive externally controlled
data, is another major issue. Risk is inherent in this technique.
Fig. 1. Data security model Location of data: Clients may not know where their data is
B. Data Integrity hosted. Cloud data segregation separates client data from other
customers' data. Disaster recovery: Service provider
Building customer confidence with a cloud service provider
agreements are crucial. Cloud computing may hinder
requires data integrity. It requires ensuring that user data is investigative help, especially in situations of wrongdoing.
not manipulated and that the system works properly [12].
Additionally, the cloud service provider must keep thorough Clients should consider the long-term validity of their data
records of all cloud data, including its locations, storage following an event.
resources, and virtual machines[13]. Transparency and To maintain data confidentiality, integrity, and availability
accountability boost consumer-provider trust. A strong data in cloud settings, address the following security issues:
integrity architecture is essential to dependable and secure
cloud services and user data privacy[14]. 1. Key management: This pertains to the secure
generation, distribution, storage, and revocation of
C. Data Availability cryptographic keys used for encrypting and decrypting data in
Data availability requires fragmenting and dispersing data the cloud.
over several servers to ensure recovery in the case of a site 2. Access control: This involves implementing
failure or disaster [15]. Data availability is a major cloud mechanisms to regulate and restrict user access to cloud
resources and data, ensuring that only authorized 3. Searchable encryption techniques: These refer to
individuals or entities are granted appropriate privileges. cryptographic methods that enable users to search and retrieve

Authorized licensed use limited to: ANNA UNIVERSITY. Downloaded on August 22,2024 at 13:11:40 UTC from IEEE Xplore. Restrictions apply.
specific information from encrypted data stored in the cloud, Multiplication is defined by the following curve, i.e
while still preserving the secrecy of the overall dataset. 3P=P+P+P
Remote integrity checks verify system or data integrity
without physical access. Verification methods include
checksums, digital signatures, and cryptographic hashes.
However, proof of ownership establishes one's legitimate
ownership or control over an object.
IV. PROPOSED WORK
Victor Miller and Neil Koblitz developed Elliptic Curve
Cryptography (ECC). ECC implements public-key
cryptography using fast, effective cryptographic keys based
on elliptic curve theory. Elliptic Curve Cryptography (ECC)
uses elliptic curves and a mathematical group equation. The
places where a line meets the axes form this set of values that
may be operated to create a third value. Elliptic Curve
Cryptography (ECC) is more secure than other encryption Fig. 2. Elliptic Curve
systems, making assaults harder. Smart cards, pagers, and
cellular phones benefit from Elliptic Curve Cryptography
(ECC) because it provides equivalent security with less B. Method
processing power, battery, and memory. ECC is faster, Key production, encryption, decryption, and proof
making it better for mobile use. Comparatively, elliptic curves are all part of elliptic curve cryptography.
provide better cryptographic features. 1. The process of generating cryptographic keys.
A. Choice of Field Cryptographic key creation is essential. Algorithms
must generate public and private keys. The sender will encrypt
An elliptic curve, defined over a field denoted as K, is a the message using the receiver's public key, and the recipient
smooth cubic curve expressed as f(x,y) = 0 in two variables. will decode it using its private key. A random value 'd' is
This curve contains a rational point, which could represent a picked from the set of integers between 0 and n, and the public
point at infinity. The field K encompasses various key 'Q' is created using the equation: Q = d * P, where 'd' is a
mathematical domains, including complex numbers, real random number between 1 and n-1, 'P' is a curve point, 'Q' is
numbers, rational numbers, extensions of rationals, p-adic the public key, and 'd' is the private key.
numbers, or even a finite field. When it comes to Q=d*P
cryptographic applications, the study of elliptic curve groups Where d is the random number in the range of between (1to
focuses on analyzing these groups specifically over the n-1). P is the point on a curve. Q is the public key and d is the
foundational fields of Fp. The following equation private key.
representing an elliptic curve is expressed as
2. Encryption
(1) ECC-encrypt using the recipient's public key. ECC
Where, x, y is the co-ordinates and a, b are constant values. encryption requires a random number (k) and ciphertexts
Consider the elliptic curve (C1, C2).
: 1 3. Decryption
With the private key (d), the receiver may decode
(2)
the ciphertexts and get the original message.
The points P1 and P2 is added on E, by
P3 = P1 + P2 (3) 4. Proof
Where E is the elliptic curve and P is the point on the curve The receiver may decode the ciphertexts and get the
original message using the private key (d).
V. PERFORMANCE ANALYSIS
Our system is compared to the RSA scheme in this section
for block size, key size, and other characteristics. This
comparison compares two cryptographic algorithms under
the same security circumstances to evaluate them.
A. Block Size
The real RSA block sizes are expected to be as follows. Based
on key size, ECC and RSA employ the same block sizes.
Encryption process uses block size of ((ks/ 8) - 11) and
whereas ,the decryption uses block size of (ks/ 8).

Authorized licensed use limited to: ANNA UNIVERSITY. Downloaded on August 22,2024 at 13:11:40 UTC from IEEE Xplore. Restrictions apply.
B. Key Size to undertake the debugging process of the program inside the
Elliptic Curve Cryptography (ECC) and Rivest-Shamir- Google Cloud environment.
Adleman (RSA) algorithms were evaluated for key sizes and The next step involves securely storing the data by using
security levels according to NIST requirements. The table encryption techniques. In the event that the data is accessed,
below compares ECC and RSA key sizes and security levels. it should be presented in a decrypted manner.

TABLE 1. KEY SIZES WITH EQUIVALENT SECURITY LEVELS

ECC (bits) RSA (bits) Key size
A. Execution Flow
ratio The cloud user securely maintains their confidential data
128 512 1:8 inside the cloud environment facilitated by the service
164 1024 1:12 provider. After data is saved in the cloud, the system
232 2048 1:20
356 3062 1:24 generates a private and public key. The ECC mechanism then
512 6048 1:30 encrypts the technique. Therefore, it generates ciphertext.
The receiver will analyze and decipher the ciphertext. First
C. Parameters communication will be gained.
The parameters used to evaluate the properties of both RSA
and ECC algorithms include:
The time required for key generation, encryption, and
decryption are important factors to consider in cryptographic
systems. These three-time measurements play a crucial role
in evaluating and performance of such systems.
The tests may be conducted iteratively, capturing timings,
while monitoring each of these three factors individually.
Consequently, the measurement of average time is
conducted.
VI. METHODOLOGY

The following procedures for the implementation of the

Elliptic Curve Cryptography technique in a cloud
environment.
The first step in the process is the creation of a Google
application. To start the process of creating a user account, it
is necessary to go the website http://accounts.google.com/. Fig.3. Execution Flow
Once on the website, the user is required to provide their VII. CONCLUSION
name and password. Following this, the user should proceed
to Step 2, which involves selecting their own application. This research investigates the security concerns surrounding
Please access the hyperlink to see my submitted applications. user data in cloud computing and highlights the need for a
In the third step of the process, the user is required to choose resolution. The use of the Elliptic Curve Cryptography (ECC)
the option labeled "Create Application." They must then architecture ensures the security and dependability of Cloud
input the application identifier and application title before application development and deployment. The ECC
proceeding to click the "Create Application" button. The algorithm enhances security by offering higher processing
application has now started. speed and reduced computational cost compared to linear
In the fourth step, the user is required to establish a database approaches. Elliptic Curve Cryptography (ECC) offers
on Google Cloud SQL and opting for the Google Cloud SQL substantial advantages over RSA due to its ability to deliver
alternative. the same level of security with shorter key lengths. Elliptic
In the fifth step, the user is required to choose the "New Curve Cryptography (ECC) is used in many communication
instance" option and provide the name of the instance applications such as mobile computing, wireless sensor
together with a previously developed application. Next, networks, server-based encryption, and photo encryption.
choose the option labeled "Create Instance" and click on the
REFERENCES
corresponding button.
[1] Y. Chen, Y. Lin, Y. Hu, S. Member, and C. Hsia, “Distributed
Proceed to choose the instance name in order to access the
Real-Time Object Detection Based on Edge-Cloud Collaboration
corresponding properties.
for Smart Video Surveillance Applications,” IEEE Access, vol. 10,
Proceed to the "SQL Prompt" tab in order to automatically no. September, pp. 93745–93759, 2022, doi:
load all databases. 10.1109/ACCESS.2022.3203053.
In the eighth step, the database and tables are established via [2] S. S. Ali and B. J. Choi, “State-of-the-art artificial intelligence
the use of SQL queries, followed by the insertion of records. techniques for distributed smart grids: A review,” Electron., vol.
The next step involves the development of a user interface for 9, no. 6, pp. 1–28, 2020, doi: 10.3390/electronics9061030.
the program. [3] T. J. Nandhini and K. Thinakaran, “Deep Neural Network-based
In the tenth step, the task involves the composition of a Java Crime Scene Detection with Frames,” 2023 Eighth Int. Conf. Sci.
code that effectively implements the Elliptic Curve Technol. Eng. Math., pp. 1–8, doi:
Cryptography (ECC) technique. Furthermore, it is necessary 10.1109/ICONSTEM56934.2023.10142449.

Authorized licensed use limited to: ANNA UNIVERSITY. Downloaded on August 22,2024 at 13:11:40 UTC from IEEE Xplore. Restrictions apply.
[4] G. Uganya, F. D. Shadrach, I. Sudha, P. M. Krishnammal, V. [10] N. E. El-Attar, D. S. El-Morshedy, and W. A. Awad, “A New
Lakshmanan, and T. J. Nandhini, “Crime Scene Object Detection Hybrid Automated Security Framework to Cloud Storage
from Surveillance Video by using Tiny YOLO Algorithm,” 2023 System,” Cryptography, vol. 5, no. 4, p. 37, 2021, doi:
3rd Int. Conf. Pervasive Comput. Soc. Netw., no. October, pp. 654– 10.3390/cryptography5040037.
659, 2023, doi: 10.1109/ICPCSN58827.2023.00114. [11] S. Caleb and S. J. J. Thangaraj, “Data-driven ML Approaches for
[5] N. Kaaniche and M. Laurent, “Data security and privacy the concept of Self-healing in CWN , Including its Challenges and
preservation in cloud storage environments based on Possible Solutions,” 2023 Eighth Int. Conf. Sci. Technol. Eng.
cryptographic mechanisms,” Comput. Commun., vol. 111, pp. Math., pp. 1–7, doi: 10.1109/ICONSTEM56934.2023.10142451.
120–141, 2017, doi: 10.1016/j.comcom.2017.07.006. [12] R. Latha, “Deauthentication Attack Detection in the Wi-Fi
[6] V. D. Ganesh and R. M. Bommi, “Materials Today : Proceedings network by Using ML Techniques,” 2022.
Cutting force and surface roughness measurement in turning of [13] H. Du, J. Chen, M. Chen, C. Peng, and D. He, “A Lightweight
Monel K 500 using GRA method,” Mater. Today Proc., no. xxxx, Authenticated Searchable Encryption without Bilinear Pairing for
2023, doi: 10.1016/j.matpr.2023.05.722. Cloud Computing,” Wirel. Commun. Mob. Comput., vol. 2022,
[7] A. Abdulridha, D. Salama, and K. M, “NHCA: Developing New 2022, doi: 10.1155/2022/2336685.
Hybrid Cryptography Algorithm for Cloud Computing [14] R. Rastogi and M. S. Sheela, “Enhancement of Channel Capacity
Environment,” Int. J. Adv. Comput. Sci. Appl., vol. 8, no. 11, pp. in 5G Ultra Dense Network-UDN,” 2023 2nd Int. Conf. Edge
479–486, 2017, doi: 10.14569/ijacsa.2017.081158. Comput. Appl., no. Icecaa, pp. 303–307, 2023, doi:
[8] S. Berlato, R. Carbone, A. J. Lee, and S. Ranise, “Exploring 10.1109/ICECAA58104.2023.10212363.
Architectures for Cryptographic Access Control Enforcement in [15] N. Nalini and I. Ahmed, “Network Intrusion Detection System for
the Cloud for Fun and Optimization,” Proc. 15th ACM Asia Conf. Feature Extraction based on Machine Learning Techniques,” 2023
Comput. Commun. Secur. ASIA CCS 2020, pp. 208–221, 2020, 5th Int. Conf. Inven. Res. Comput. Appl., no. Icirca, pp. 440–445,
doi: 10.1145/3320269.3384767. 2023, doi: 10.1109/ICIRCA57980.2023.10220789.
[9] A. N. Jaber and M. F. Bin Zolkipli, “Use of cryptography in cloud
computing,” Proc. - 2013 IEEE Int. Conf. Control Syst. Comput.
Eng. ICCSCE 2013, no. May 2016, pp. 179–184, 2013, doi:
10.1109/ICCSCE.2013.6719955.

Authorized licensed use limited to: ANNA UNIVERSITY. Downloaded on August 22,2024 at 13:11:40 UTC from IEEE Xplore. Restrictions apply.