题名

Analysis of a Double-stage Encryption Scheme Using Hybrid Cryptography to Enhance Data Security in Cloud Computing Systems

并列篇名

於雲端運算系統中使用混合密碼學與兩階段加密方法之分析

DOI

10.6182/jlis.202312_21(2).001

作者

Moses Kazeem Abiodun;Agbotiname Lucky Imoize;Joseph Bamidele Awotunde;Cheng-Chi Lee;Abidemi Emmanuel Adeniyi;Ugbaja Chioma;Chun-Ta Li

关键词

Cloud Computing ; Cryptography ; Security and Privacy ; Rivest-Shamir-Adleman ; Advanced Encryption Standard ; 雲端運算 ; 密碼學 ; 安全與隱私 ; RSA加密演算法 ; 進階加密標準

期刊名称

圖書資訊學刊

卷期/出版年月

21卷2期(2023 / 12 / 01)

页次

1 - 26

内容语文

英文;繁體中文
中文摘要

Recently, network users have been scared of storing sensitive information, such as bank details, health records, and other vital information, on the Internet because it is vulnerable to attack by a third party. Several threat models are impacting the security of the cloud. Having a secure cloud system will help to be at ease in using cloud computing facilities. This study aims at providing a cryptography approach to eliminating the vulnerabilities in the cloud-based system, and making access and data storage in the cloud very safe. The system uses Rivest-Shamir-Adleman (RSA) to encrypt files and the Advanced Encryption Standard (AES) key to encrypt the encrypted files. The hash function is used for extra key security, and Python programming language was used to implement the system, and for cloud storage, MongoDB was used. Generally, results indicate that the Double Stage Encryption (DSE) takes an average time for encryption of 83% and decryption of 75% compared to RSA and AES singly. The RSA is 68% faster than AES during the encryption process, but there is no significant difference between the two during decryption. The Avalanche effect testing showed the DSE to be 17% higher than singly testing AES and RSA, which implies it is more secure than RSA and AES as single encryption schemes. Therefore, the study recommends using DSE to secure valuable data on the cloud.
英文摘要

最近,網路使用者對於將其個人敏感資訊(例如銀行帳戶資料、健康紀錄和其他重要資訊)儲存在雲端空間會感到擔憂,因這些資訊在雲端很容易受到第三方的攻擊且現今多種威脅模式亦影響到雲端的安全性。本研究將提出一使用混合密碼學之兩階段加密方法,以消除基於雲端系統中的弱點並使其在雲端環境之資料存取變得更安全。本系統先使用RSA對檔案進行加密後,再使用AES金鑰對已加密之檔案進行加密,並透過雜湊函式以確保加密金鑰之安全性。本雲端系統透過Python及MongoDB進行實作並藉由雪崩效應測試進行分析,其分析結果顯示本系統所提出之兩階段加密方法比單獨使用AES和RSA單一加密方法之安全性高出17%,這也意味著本研究所提出之方法會讓雲端系統變得更加安全。
主题分类 人文學 > 圖書資訊學
参考文献
  1. Abd Elminaam, D. S., Mousa, M. A. W., & Abd El Fattah, M. (2022). Secure data storage in the cloud by using DNA and chaos cryptography. In A. Bahaa-Eldin, A. AbdelRaouf, N. Shorim, S. Refaat, & S. E. Elbohy (Eds.), 2022 2nd International Mobile, Intelligent, and Ubiquitous Computing Conference (MIUCC) (pp. 175-182). IEEE. https://doi.org/10.1109/MIUCC55081.2022.9781704
    連結:
  2. AbdulRaheem, M., Balogun, G. B., Abiodun, M. K., Taofeek-Ibrahim, F. A., Tomori, A. R., Oladipo, I. D., & Awotunde, J. B. (2021). An enhanced lightweight speck system for cloud-based smart healthcare. In H. Florez & M. F. Pollo-Cattaneo (Eds.), Communications in Computer and Information Science: Vol. 1455. Applied Informatics. ICAI 2021 (pp. 363-376). Springer, Cham. https://doi.org/10.1007/978-3-030-89654-6_26
    連結:
  3. AbdulRaheem, M., Oladipo, I. D., González-Briones, A., Awotunde, J. B., Tomori, A. R., & Jimoh, R. G. (2022). An efficient lightweight speck technique for edge-IoT-based smart healthcare systems. In A. K. Bhoi, V. H. C. de Albuquerque, S. Nath Sur, & P. Barsocchi (Eds.), 5G IoT and Edge Computing for Smart Healthcare (pp. 139-162). Academic Press. https://doi.org/10.1016/B978-0-323-90548-0.00005-X
    連結:
  4. Abdulraheem, M., Awotunde, J. B., Jimoh, R. G., & Oladipo, I. D. (2021). An efficient lightweight cryptographic algorithm for IoT security. In S. Misra & B. Muhammad-Bello (Eds), Communications in Computer and Information Science: Vol. 1350. International Conference on Information and Communication Technology and Applications. (pp. 444-456). Springer, Cham. https://doi.org/10.1007/978-3-030-69143-1_34
    連結:
  5. Abiodun, M. K., Adeniyi, E. A., Awotunde, J. B., Bhoi, A. K., AbdulRaheem, M., & Oladipo, I. D. (2022a). A framework for the actualization of green cloud-based design for smart cities. In S. Nath Sur, B. E. Balas, A. K. Bhoi, & A. Nayyar (Eds.), EAI/Springer Innovations in Communication and Computing. IoT and IoE Driven Smart Cities (pp. 163-182). Springer, Cham. https://doi.org/10.1007/978-3-030-82715-1_8
    連結:
  6. Abiodun, M. K., Awotunde, J. B., Adeniyi, A. E., Ademuagun, D., & Aremu, D. R. (2022b). Securing digital transaction using a three-level authentication system. In O. Gervasi, B. Murgante, S. Misra, A. M. A. C. Rocha, & C. Garau, Lecture Notes in Computer Science: Vol. 13380. International Conference on Computational Science and Its Applications 2022 (pp. 135-148). Springer, Cham. https://doi.org/10.1007/978-3-031-10542-5_10
    連結:
  7. Bansal, A., & Agrawal, A. (2017). Providing security, integrity and authentication using ECC algorithm in cloud storage. In 2017 International Conference on Computer Communication and Informatics (ICCCI) (pp. 1-5). IEEE. https://doi.org/10.1109/ICCCI.2017.8117749
    連結:
  8. Chakrabarti, S., & Suresh Babu, G. N. K. (2021). The security enhancement of symmetric key crypto mechanism based on double stage secret model. Information Security Journal: A Global Perspective, 30(6), 325-341. https://doi.org/10.1080/19393555.2020.1842945
    連結:
  9. Chueh, J. S., & Sun, M. T. (2017). Design and implementation of security system for cloud storage. In 2017 19th Asia-Pacific Network Operations and Management Symposium (APNOMS) (pp. 129-134). IEEE. https://doi.org/10.1109/APNOMS.2017.8094191
    連結:
  10. Erondu, U. I., Adebayo, N., Arowolo, M. O., & Abiodun, M. K. (2022). A review on different encryption and decryption approaches for securing data. In A. M. Tyagi (Ed), Handbook of Research on Technical, Privacy, and Security Challenges in a Modern World (pp. 357-370). https://doi.org/10.4018/978-1-6684-5250-9.ch019
    連結:
  11. Garg, P., Goel, S., & Sharma, A. (2017). Security techniques for cloud computing environment. In P. N. Astya, A. Swaroop, V. Sharma, M. Singh, & K. Gupta (Eds.), 2017 International Conference on Computing, Communication and Automation (ICCCA) (pp. 771-776). IEEE. https://doi.org/10.1109/CCAA.2017.8229900
    連結:
  12. Ghiasi, M., Niknam, T., Wang, Z., Mehrandezh, M., Dehghani, M., & Ghadimi, N. (2023). A comprehensive review of cyber-attacks and defense mechanisms for improving security in smart grid energy systems: Past, present and future. Electric Power Systems Research, 215, Part A, Article 108975. https://doi.org/10.1016/j.epsr.2022.108975
    連結:
  13. Han, K., Li, Q., & Deng, Z. (2016). Security and efficiency data sharing scheme for cloud storage. Chaos, Solitons & Fractals, 86, 107-116. https://doi.org/10.1016/j.chaos.2016.02.010
    連結:
  14. Imoize, A. L., Ben-Adeola, B. S., & Adebisi, J. A. (2020). Development of a multifactor-security-protocol system using ambient noise synthesis. EAI Endorsed Transactions on Security and Safety, 6(22), Article e4. http://doi.org/10.4108/eai.13-7-2018.163979
    連結:
  15. Jimoh, R. G., Olusanya, O. O., Awotunde, J. B., Imoize, A. L., & Lee, C.-C. (2022). Identification of risk factors using ANFIS-based security risk assessment model for SDLC phases. Future Internet, 14(11), Article 305. https://doi.org/10.3390/fi14110305
    連結:
  16. Kumar, V., Malik, N., Singla, J., Jhanjhi, N. Z., Amsaad, F., & Razaque, A. (2022). Light weight authentication scheme for smart home IoT devices. Cryptography, 6(3), Article 37. https://doi.org/10.3390/cryptography6030037
    連結:
  17. Kumbhare, A., & Thakur, P. K. (2022). Security and privacy of biomedical data in IoMT. In A. Prasanth, D. Lakshmi, R. K. Dhanaraj, B. Balusamy, & P. C. Sherimon (Eds.), Cognitive Computing for Internet of Medical Things (pp. 77-104). Chapman and Hall/CRC.
    連結:
  18. Li, Y., Gai, K., Qiu, L., Qiu, M., & Zhao, H. (2017). Intelligent cryptography approach for secure distributed big data storage in cloud computing. Information Sciences, 387, 103-115. https://doi.org/10.1016/j.ins.2016.09.005
    連結:
  19. Maitri, P. V., & Verma, A. (2016). Secure file storage in cloud computing using hybrid cryptography algorithm. In 2016 International conference on wireless communications, signal processing and networking (WiSPNET) (pp. 1635-1638). IEEE. https://doi.org/10.1109/WiSPNET.2016.7566416
    連結:
  20. Meshram, C., Ibrahim, R. W., Meshram, S. G., Imoize, A. L., Jamal, S. S., & Barve, S. K. (2022a). An efficient remote user authentication with key agreement procedure based on convolution-Chebyshev chaotic maps using biometric. The Journal of Supercomputing, 78(10), 12792-12814. https://doi.org/10.1007/s11227-021-04280-8
    連結:
  21. Meshram, C., Imoize, A. L., Jamal, S. S., Tambare, P., Alharbi, A. R., & Hussain, I. (2022b). An efficient three-factor authenticated key agreement technique using FCM under HC-IoT architectures. Computers, Materials & Continua, 72(1), 1373-1389. https://doi.org/10.32604/cmc.2022.024996
    連結:
  22. Meshram, C., Imoize, A. L., Aljaedi, A., Alharbi, A. R., Jamal, S. S., & Barve, S. K. (2021). A provably secure IBE transformation model for PKC using conformable Chebyshev chaotic maps under human-centered IoT environments. Sensors, 21(21), Article 7227. https://doi.org/10.3390/s21217227
    連結:
  23. Murad, S. H., & Rahouma, K. H. (2021). Implementation and performance analysis of hybrid cryptographic schemes applied in cloud computing environment. Procedia Computer Science, 194, 165-172. https://doi.org/10.1016/j.procs.2021.10.070
    連結:
  24. Ogundokun, R. O., Awotunde, J. B., Adeniyi, E. A., & Ayo, F. E. (2021). Crypto-Stegno based model for securing medical information on IOMT platform. Multimedia Tools and Applications, 80(21/23), 31705-31727. https://doi.org/10.1007/s11042-021-11125-2
    連結:
  25. Pavani, M., & Trinatha Rao, P. (2019). Adaptive PSO with optimised firefly algorithms for secure cluster‐based routing in wireless sensor networks. IET Wireless Sensor Systems, 9(5), 274-283. https://doi.org/10.1049/iet-wss.2018.5227
    連結:
  26. Rahardjo, M. R. D., & Shidik, G. F. (2017, October). Design and implementation of self encryption method on file security. In 2017 International Seminar on Application for Technology of Information and Communication (iSemantic) (pp. 181-186). IEEE. https://doi.org/10.1109/ISEMANTIC.2017.8251866
    連結:
  27. Rana, P., Batra, I., Malik, A., Imoize, A. L., Kim, Y., Pani, S. K., Goyal, N., Kumar, A., & Rho, S. (2022). Intrusion detection systems in cloud computing paradigm: Analysis and overview. Complexity, 2022, Article 3999039. https://doi.org/10.1155/2022/3999039
    連結:
  28. Rizk, R., & Alkady, Y. (2015). Two-phase hybrid cryptography algorithm for wireless sensor networks. Journal of Electrical Systems and Information Technology, 2(3), 296-313. https://doi.org/10.1016/j.jesit.2015.11.005
    連結:
  29. Sajay, K. R., Babu, S. S., & Vijayalakshmi, Y. (2019). Enhancing the security of cloud data using hybrid encryption algorithm. Journal of Ambient Intelligence and Humanized Computing. https://doi.org/10.1007/s12652-019-01403-1
    連結:
  30. Timothy, D. P., & Santra, A. K. (2017). A hybrid cryptography algorithm for cloud computing security. In 2017 International conference on microelectronic devices, circuits and systems (ICMDCS) (pp. 1-5). IEEE. https://doi.org/10.1109/ICMDCS.2017.8211728
    連結:
  31. Zhu, S.-H. (2011). Research of hybrid cipher algorithm application to hydraulic information transmission. In 2011 International Conference on Electronics, Communications and Control (ICECC) (pp. 3873-3876). IEEE. https://doi.org/10.1109/ICECC.2011.6066481
    連結:
  32. Abikoye, O. C., Oladipupo, E. T., Imoize, A. L., Awotunde, J. B., Lee, C.-C., & Li, C.-T. (2023). Securing critical user information over the internet of medical things platforms using a hybrid cryptography scheme. Future Internet, 15(3), Article 99. https://doi.org/10.3390/fi15030099
  33. Abod, Z. A., Abbas, M. S., & Bermani, A. K. (2020). Image security system using hybrid cryptosystem. Periodicals of Engineering and Natural Sciences (PEN), 8(4), 2007-2018.
  34. Ahmed, A. A., & Barukab, O. M. (2022). Unforgeable digital signature integrated into lightweight encryption based on effective ECDH for cybersecurity mechanism in internet of things. Processes, 10(12), Article 2631. https://doi.org/10.3390/pr10122631
  35. Ayo, F. E., Awotunde, J. B., Olalekan, O. A., Imoize, A. L., Li, C.-T., & Lee, C.-C. (2023). CBFISKD: A combinatorial-based fuzzy inference system for keylogger detection. Mathematics, 11(8), Article 1899. https://doi.org/10.3390/math11081899
  36. Meshram, C., Lee, C.-C., Bahkali, I., & Imoize, A. L. (2023). An efficient fractional chebyshev chaotic map-based three-factor session initiation protocol for the human-centered IoT architecture. Mathematics, 11(9), Article 2085. https://doi.org/10.3390/math11092085
  37. Mohammed, C. M., & Zebaree, S. R. M. (2021). Sufficient comparison among cloud computing services: IaaS, PaaS, and SaaS: A review. International Journal of Science and Business, 5(2), 17-30.
  38. Selvanayagam, J., Singh, A., Michael, J., & Jeswani, J. (2018). Secure file storage on the cloud using cryptography. International Research Journal of Engineering and Technology (IRJET), 5(3), 2044-2047.
  39. Shukla, P. K., Aljaedi, A., Pareek, P. K., Alharbi, A. R., & Jamal, S. S. (2022). AES based white box cryptography in digital signature verification.
  40. Tripathy, S. S., Imoize, A. L., Rath, M., Tripathy, N., Bebortta, S., Lee, C.-C., Chen, T.-Y., Ojo, S., Isabona, J., & Pani, S. K. (2022). A novel edge-computing-based framework for an intelligent smart healthcare system in smart cities. Sustainability, 15(1), Article 735. https://doi.org/10.3390/su15010735
  41. Ullah, S., Zheng, J., Din, N., Hussain, M. T., Ullah, F., & Yousaf, M. (2023). Elliptic curve cryptography; applications, challenges, recent advances, and future trends: A comprehensive survey. Computer Science Review, 47, Article 100530. https://doi.org/10.1016/j.cosrev.2022.100530
print cancel