Data Security in Cloud Computing With Elliptic Curve Cryptography
Data Security in Cloud Computing With Elliptic Curve Cryptography
Data Security in Cloud Computing With Elliptic Curve Cryptography
net/publication/265359508
Article
CITATIONS READS
44 1,617
3 authors, including:
Some of the authors of this publication are also working on these related projects:
All content following this page was uploaded by Veerraju Gampala on 16 January 2017.
Abstract— Cloud computing is one of today’s hottest research However there still exist many problems in cloud computing
areas due to its ability to reduce costs associated with computing today, a recent survey shows that data security and privacy
while increasing scalability and flexibility for computing services. risks have become the primary concern for people to shift to
Cloud computing is Internet based computing due to shared cloud computing.
resources, software and information are provided to consumers on
demand dynamically. Cloud computing is one of the fastest growing II. RELATED CONCEPTS ABOUT CLOUD
technology of the IT trade for business. Since cloud computing A. DEPLOYMENT CLOUD MODELS
share disseminated resources via the network in the open Public cloud: the cloud infrastructure is made available
environment, hence it makes security problems vital for us to to the general public people or a large industry group
develop the cloud computing applications. Cloud computing and provided by single service provider selling cloud
security has become the leading cause of hampering its services.
development. Cloud computing security has become a hot topic in Private cloud: the cloud infrastructure is operated solely
industry and academic research. This paper will explore data for an organization. The main advantage of this model is
security of cloud in cloud computing by implementing digital the security, compliance and QoS.
signature and encryption with elliptic curve cryptography. Community cloud: the cloud infrastructure is shared by
several organizations and supports a specific community
Index Terms— cloud computing, cloud security, data security, that has shared concerns like security requirements,
digital signature, encryption, elliptic curve cryptography. policy, and compliance considerations.
Hybrid cloud: the cloud infrastructure is a combination
I. INTRODUCTION of two or more clouds. It enables data application
A cloud typically contains a virtualized significant pool of portability through load balancing between clouds.
computing resources, which could be reallocated to different
purposes within short time frames. The entire process of B. CLOUD CHARACTERISTICS
requesting and receiving resources is typically automated and On demand service: cloud is large resource and service
is completed in minutes. The cloud in cloud computing is the pool that you can get service or resource whenever you
set of hardware, software, networks, storage, services and need by paying amount that you used.
interfaces that combines to deliver aspects of computing as a Ubiquitous network access: cloud provides services
service. Share resources, software and information are everywhere though standard terminal like mobile
provided to computers and other devices on demand. phones, laptops and personal digital assistants.
It allows people to do things they want to do on a computer Easy use: the most cloud provider’s offers internet based
without the need for them to buy and build an IT infrastructure interfaces which are simpler than application program
or to understand the underlying technology. Through cloud interfaces so user can easily use cloud services.
computing clients can access standardized IT resources to Business model: cloud is a business model because it is
deploy new applications, services or computing resources pay per use of service or resource.
quickly without reengineering their entire infrastructure, Location independent resource poling: the providers
hence making it dynamic. computing resources are pooled to serve multiple
The core concept of cloud computing is reducing the customers using multitenant model with different
processing burden on the users terminal by constantly physical and virtual resources dynamically assigned and
improving the handling ability of the cloud. All of this is reassigned according to demand.
available through a simple internet connection using a
standard browser. C. CLOUD SOLUTIONS
Infrastructure as a service: it delivers a platform
Manuscript received on May 30, 2012 virtualization environment as a service rather than
Veerraju Gampala, Information Technology, GMR Institute of purchasing servers, software, data centers.
Technology, Rajam, Andhra Pradesh ,India. Software as a service: it is software that is deployed over
Srilakshmi Inuganti, Information Technology, GMR Institute of
Technology, Rajam, Andhra Pradesh,India. internet and or is deployed to run behind a firewall in
Satish Muppidi, Department of Information Technology, GMR Institute your LAN or PC.
of Technology, Rajam, Andhra Pradesh, India. Platform as a service: this kind of cloud computing
provide development environment as a service. You can
138
Data Security in Cloud Computing with Elliptic Curve Cryptography
use the middleman’s equipment to develop your own Encryption: the sensitivity of data may require that the
program and deliver it to the users through internet and network traffic to and from the virtual machine be
servers. encrypted, using encryption at the host OS software.
Storage as a service: this is database like services billed Physical security: keep the virtual system and cloud
on a utility computing basis, e.g., gigabyte per month. management hosts safe and secure behind carded doors,
Desktop as a service: this is the provisioning of the and environmentally safe.
desktop environment either within a browser or as a Authentication and access control: the authentication
terminal server. capabilities within your virtual system should copy the
way your other physical systems authenticate. One time
III. CLOUD SECURITY CHALLENGES password and biometrics should all be implemented in the
The cloud services present many challenges to an same manner. Also authentication requires while you are
organization. When an organization mitigates to consuming sending data or message from one cloud to other cloud. To
cloud services, and especially public cloud services, much of provide message authentication we will use digital
the computing system infrastructure will now under the signatures.
control of cloud service provider. Separation of duties: as system get more complex,
Many of these challenges should be addressed through misconfiguration take place, because lack of expertise
management initiatives. These management initiatives will coupled with insufficient communication. Be sure to
requires clearly delineating the ownership and responsibility enforce least privileges with access controls and
roles of both the cloud provider and the organization accountability.
functioning in the role of customer. Configuration, change control, and patch management: this
Security managers must be able to determine what is very important and sometimes overlooked in smaller
detective and preventative controls exist to clearly define organizations. Configuration, change control, patch
security posture of the organization. Although proper security management, and updated processes need to be maintained
controls must be implement based on asset, threat, and in the virtual world as well as physical world.
vulnerability risk assessment matrices. Cloud computing Intrusion detection and prevention: what’s coming into and
security risk assessment report mainly from the vendor’s point going out of your network has to know. A host based
of view about security capabilities analyzed security risks intrusion prevention system coupled with a hypervisor
faced by the cloud. Here are security risks list. based solution could examine for virtual network traffic.
Regulatory compliance: cloud computing providers who
refuse to external audits and security certifications. Among these proposed security solutions, we consider in
this paper authentication and encryption for secure data
Privileged user access: sensitive data processed outside
transmission from one cloud to other cloud that requires
the organization brings with it an inherent level of risk.
secure and authenticated data with elliptic curve cryptography.
Data location: when you use cloud, you probably won’t
know exactly where your data hosted. V. ELLIPTIC CURVES IN CRYPTOGRAPHY
Data segregation: data in the cloud is shared environment
Elliptic Curve (EC) systems as applied to cryptography
alongside data from other customers.
were first proposed in 1985 independently by Neal Koblitz
Recovery: even if you don’t know where your data is, a and Victor Miller. An elliptic curve over a field K is a
cloud provider should tell you what will happen to your nonsingular cubic curve in two variables, f(x,y) =0 with a
data and service in case of a disaster. rational point (which may be a point at infinity). The field K is
Investigative support: investigating inappropriate or usually taken to be the complex numbers, reals, rationals, and
illegal activity may be impossible in cloud computing. algebraic extensions of rationals, p-adic numbers, or a finite
Long term viability: you must be sure your data will field. Elliptic curves groups for cryptography are examined
remain available even after such an event. with the underlying fields of Fp
139
International Journal of Soft Computing and Engineering (IJSCE)
ISSN: 2231-2307, Volume-2, Issue-3, July 2012
Key generation:
Multiplication is defined as repeated addition, for example: 1. A selects an integer dA. this is A’s private key.
3P=P+P+P. 2. A then generates a public key PA=dA*B
3. B similarly selects a private key dB and computes a
public key
PB= dB *B
4. A generates the security key K= dA *PB. B generates the
secrete key K= dB *PA.
Signature Generation:
For signing a message m by sender of cloud A, using A’s
private key dA
1. Calculate e=HASH (m), where HASH is a cryptographic
hash function, such as SHA-1
2. Select a random integer k from [1, n − 1]
3. Calculate r = x1 (mod n), where (x1, y1) = k * B. If r = 0,
go to step 2
4. Calculate s = k − 1(e + dAr)(mod n). If s = 0, go to step 2
5. The signature is the pair (r, s)
6. Send signature (r, s) to B cloud.
Elliptic curve cryptography [ECC] is a public-key Encryption algorithm:
cryptosystem. Every user has a public and a private key. Suppose A wants to send to B an encrypted message.
Public key is used for encryption/signature verification. i. A takes plaintext message M, and encodes it onto a
Private Key is used for decryption/signature generation. point, PM, from the elliptic group.
Elliptic curves are used as an extension to other current
ii. A chooses another random integer, k from the
cryptosystems. That is Elliptic Curve Diffie-Hellman Key
interval [1, p-1]
Exchange and Elliptic Curve Digital Signature Algorithm.
iii. The cipher text is a pair of points
PC = [ (kB), (PM + kPB) ]
VI. PROPOSED PROCEDURE TO ENHANCE DATA
iv. Send ciphertext PC to cloud B.
SECURITY IN CLOUD
Let us assume we have two organizations A and B. A and B Decryption algorithm:
act as public clouds with data, software and applications. A Cloud B will take the following steps to decrypt cipher text
want to send data to B’s cloud securely and data should be
PC.
authenticated. We are here trying to send a secure data from A
a. B computes the product of the first point from PC and his
to B by applying digital signature and encryption to data with
private key, dB
elliptic curve cryptography. Suppose B wants an XML
document from A’s cloud then B’s user will place a request to dB * (kB)
A’s user. A’s user select corresponding XML document from b. B then takes this product and subtracts it from the second
A’s cloud data storage and then apply the hash function, it will point from PC
give message digest. Sign the message digest with his private (PM + kPB) – [dB(kB)] = PM + k(dBB) – dB(kB) = PM
140
Data Security in Cloud Computing with Elliptic Curve Cryptography
c. B cloud then decodes PM to get the message, M. Veerraju Gampala B.tech,M.Tech is working as
an Assistant Professor in the Department of
Information Technology at GMR Institute of
Signature Verification: Technology in Rajam,Andhra Pradesh. His areas of
For B to authenticate A's signature, B must have A’s public interest are Cloud Computing and Network Security.
He has 6 years of teaching experience. He presented
key PA 1 paper in International Conference and published 1
1. Verify that r and s are integers in paper in National Conference and attended several
workshops and FDPs.
[1, n − 1]. If not, the signature is invalid
2. Calculate e = HASH (m), where HASH is the same
function used in the signature generation
I.Srilakshmi B.tech,M.Tech is working as an
3. Calculate w = s −1 (mod n)
Assistant Professor in the Department of
4. Calculate u1 = ew (mod n) and Information Technology at GMR Institute of
u2 = rw (mod n) Technology in Rajam,Andhra Pradesh. Her areas of
5. Calcúlate (x1, y1) = u1B + u2PA interest are Network Security,Image Processing
etc..She has 9 years of teaching experience. She
6. The signature is valid if x1 = r(mod n), invalid otherwise.
presented 1 paper in International Conference and
published 1 paper in National Journal and attended
VIII. CONCLUSION several workshops.
Now a day’s cloud computing facing many security
challenges. Users put their data in the cloud and transfer from
one cloud to another, the privacy of users at risk result from Satish Muppidi M.Tech., is working as an
last control of data. Users most concerned about data security, Assistant Professor in the Department of
so virtualization security and data security are the main Information Technology at GMR Institute of
problem of the cloud computing security. We concern here Technology in Rajam, Andhra Pradesh. His areas
data security with Elliptic curve cryptography to provide of interest are Cloud Computing and Soft
confidentiality and authentication of data between clouds. In Computing. He has 4 years of teaching experience.
future we will concern more security issues of cloud He presented 3 papers in International Conference,
computing and try to find better solutions using cryptography. presented 7 papers in National Conference and
published 1 paper in International journal and
attended several workshops and FDPs.
REFERENCES
[1] Liu Peng, the definition and characteristics of cloud computing,
http://blog.sina.com.cn/s/blog_5f0da5590100cmxw.html
http://www.chinacloud.cn, March 9, 2009
[2] Ya-Qin Zhang, the future of computing in the "cloud - Client", The
Economic Observer reported, http://www.sina.com.cn, 2008 Nian 07
Yue 12 Ri 14:30
[3] Jianfeng Yang and Zhibin Chen “Cloud Computing Research and
Security Issues”
[4] D. L. Ponemon, "Security of Cloud Computing Users," 2010.
[5] C.Almond, "A Practical Guide to Cloud Computing Security," 27
August 2009 2009.
[6] IBM, “Google and IBM Announced University Initiative to Address
Internet-Scale Computing Challenges,” http://www-
03.ibm.com/press/us/en/pressrelease/22414.wss.
[7] http://en.wikipedia.org/wiki/Cloud_computing
[8] http://www.cloudcomputing china.cn/Article/luilan/200909/306.html
[9] http://searchcloudcomputing.techtarget.com/sDefinition/0,,sid201_gci
1287881,00.html
[10] http://www.boingboing.net/2009/09/02/cloud-computing-skep.html
[11] Google, “Google app Engine,” http://code.google.com/appengine/.
[12] http://cloudsecurity.trendmicro.com/
141
View publication stats