PRJ 702 jasdeep kaur

  • Published on
    12-Apr-2017

  • View
    57

  • Download
    1

Embed Size (px)

Transcript

  • 1

  • 2

    Project Title

    Cloud Data Confidentiality- Various Encryption techniques

    Graduate Diploma in Information Technology

    PRJ 702

    2016

    Submitted by -Jasdeep Kaur

    Student Id- 13466554

    Blog - https://jasdeepit.wordpress.com/

    https://jasdeepit.wordpress.com/

  • 3

    Abstract

    In the modern world, the data is growing at an exponential rate. It gives rise to the adoption of an advanced data

    storage technology, which is known as cloud-computing.

    Cloud-computing provides online access to a pool of resources including computational platform, storage,

    applications, and services. Cloud-computing is a very cost effective as you have to pay only for the resources that

    you have used. It is a user-friendly measure to handle vast amount of data. IT businesses are shifting towards the

    cloud-computing. However, cloud-computing also facing several data security challenges. Integrity,

    confidentiality and availability are the major concerns of the cloud-computing. Data integrity and confidentiality

    has a significant effect on the cloud security and performance. This research report aims at identifying various

    techniques for ensuring data confidentiality in the cloud. Encryption is widely accepted mechanism for cloud data

    confidentiality. It is used to protect data in static and dynamic form. There are various types of encryption

    techniques including Homomorphic Encryption. Identity-based encryption, Attribute based Encryption etc. Each

    technique of encryption has its own complexity and usage. This paper demonstrated each encryption techniques in

    context to its usage for cloud-data confidentiality.

    Keywords

    Cloud-Computing, Encryption, Data Confidentiality, Security, Algorithm, Cryptography, Encryption- Key

  • 4

    Acknowledgment

    I would like to show my gratitude to every person who contributed for the successful completion of my

    research report. First, I am very grateful to my research guide Mrs. Charanya Mohanakrishnan for her

    valuable guidance and encouragement. She gave me opportunity to work in my interest area. I am really

    thankful for her helpful discussions and suggestions.

    I would also like to show my gratitude towards all NMIT staff members and my colleagues who helped

    me during my research for this report.

  • 5

    Table of Contents Abstract ......................................................................................................................................................................3

    Acknowledgment ........................................................................................................................................................4

    Table of Figures ..........................................................................................................................................................7

    Abbreviations .............................................................................................................................................................8

    Introduction ................................................................................................................................................................9

    Aims and Objectives ............................................................................................................................................ 11

    Background .............................................................................................................................................................. 12

    Basics of Cloud-Computing .................................................................................................................................. 12

    Key Features Of Cloud Computing .................................................................................................................. 12

    Deployment models ........................................................................................................................................ 13

    Models of cloud-computing ............................................................................................................................ 14

    Known Cloud Service Providers ....................................................................................................................... 15

    Importance of security in cloud computing ............................................................................................................ 16

    Cloud Data Security Requirement ........................................................................................................................... 17

    Literature review ..................................................................................................................................................... 19

    Ensuring Data Confidentiality in the cloud .............................................................................................................. 21

    Cryptography fundamentals ................................................................................................................................ 22

    Introduction to Encryption .................................................................................................................................. 23

    Cryptographic techniques used in the cloud computing......................................................................................... 24

    Identity-based Encryption (IBE) ........................................................................................................................... 24

    Attribute-based Encryption ................................................................................................................................. 27

    Fully homomorphic Encryption (FHE) .................................................................................................................. 29

    AES (Sachdev & Bhansali, 2013) .......................................................................................................................... 31

    DES Algorithm ...................................................................................................................................................... 34

    3DES ..................................................................................................................................................................... 37

    RC4 (Mousa & Hamad, 2006) .............................................................................................................................. 38

    Blowfish ............................................................................................................................................................... 41

    RSA ....................................................................................................................................................................... 43

    Diffie-Hellman ...................................................................................................................................................... 45

    ElGamal ................................................................................................................................................................ 46

    Paillier Cryptosystem (Benzekki, Fergougui, & Alaoui, 2016) ............................................................................. 47

  • 6

    Goldwasser-Micali ............................................................................................................................................... 48

    Conclusion ............................................................................................................................................................... 49

    Bibliography ............................................................................................................................................................. 50

  • 7

    Table of Figures Figure 1 Unauthorized Access to Cloud Data (Maddineni & Ragi, 2011) .................................................................9

    Figure 2 Survey Graph of Cloud Computing Challenges (Whyman, 2008) .............................................................. 16

    Figure 3 Identity-based encryption scheme (Neven & Kiltz, p. 3) ........................................................................... 25

    Figure 4 AES Algorithm (Pansotra & Singh, 2015) ................................................................................................... 32

    Figure 5 Flow Diagram of DES Algorithm (T.N.Srimanyu & Singla) ......................................................................... 35

    Figure 6 TDEA Algorithm (Pansotra & Singh, 2015) ................................................................................................ 37

    Figure 7 RC4 Algorithm (Mousa & Hamad, 2006) ................................................................................................... 39

    Figure 8 Blowfish Encryption (Verma & Singh, March 2012) .................................................................................. 42

  • 8

    Abbreviations 1. CSP-Cloud service Provider

    2. NIST- National Institute of Standards and Technology

    3. USDA- United States Department of Agriculture

    4. IDC- International Data Corporation

    5. DOJ-Department of Justice

    6. ERP- Enterprise resource planning

    7. CRM- Customer relationship management

    8. AWS-Amazon Web Services

    9. RSA- Rivest-Shamir-Adleman

    10. EAP- Extensible Authentication Protocol

    11. ROM-Read Only Memory

    12. I/O- Input Output

    13. FHE- Fully Homomorphic Encryption

    14. CPU- Central Processing Unit

    15. IT- Information Technology

    16. XCP- Extensible Communications Platform

    17. CA -Certification Authority

    18. IBE-Identity-based Encryption

    19. SSL- Secure Sockets Layer

    20. ABE-Attribute-based Encryption

    21. KP-ABE - Key-Policy based ABE

    22. CP-ABE- Ciphertext-Policy based ABE

    23. AES- Advanced Encryption Standard

    24. DES-Data Encryption Standard

    25. FIPS- Federal Information Processing Standard

    26. IP-Initial Permutation

    27. TDEA- Triple Data Encryption Algorithm

    28. IV-Initialization Vector

    29. NBS- National Bureau of Standards

  • 9

    Introduction Digital content has been growing at an exponential rate with recent advances in the technical field. By

    2020 digital world will expand by the factor of 300 which will include 40 trillion gigabytes of replicated

    data. To compensate such a rapid growth, the digital arena will need new storage and network utilities.

    The demand for cost-effective data storage and high bandwidth networks will arise to store and transfer

    such a huge amount of data. In this growing data field, Cloud Computing has gained popularity over

    traditional storage models due to its numerous advantages and cost-effectiveness (Gantz & Reinsel,

    December 2012).

    Cloud Computing provides online access to a pool of resources including computational platform,

    storage, applications, and services. The main cloud service providers in the market are Google,

    Microsoft, IBM, Rackspace, Amazon etc. In the cloud computing, the major challenges are to secure,

    protect and process the stored data efficiently.

    Below, a scenario is described where whole data of a company resides in the cloud.

    UNAUTHORIZED USER

    COMPANYS DATA RESIDING ON CLOUD

    Figure 1 Unauthorized Access to Cloud Data (Maddineni & Ragi, 2011)

  • 10

    In the above figure, total data of the company has been moved to the cloud. And only the authorized of

    the company can access the data through the local network. But there also exists the possibility of

    unauthorized users to access the confidential data of the company. The employees of the company have

    allotted virtual machines with valid credentials in the cloud but these credentials can be cracked and

    sensitive data of the company can be leaked.

    Regarding this area of data confidentiality, lots of research is going on. Many efficient encryption

    techniques have been developed that minimized this threat up to a significant level. This report

    demonstrates various encryption models after a thorough literature review in the field cloud computing

    data confidentiality.

  • 11

    Aims and Objectives

    The main aim of the research paper is to understand and analyze various encryption techniques which

    improve the data confidentiality in cloud computing. Also to understand the field of cloud computing

    and its security concerns. The main objectives of the research are

    To understand the cloud computing security concern especially dealing with data

    confidentiality.

    To identify the various encryption techniques for ensuring data confidentiality.

    To understand the complexity behind each encryption technique.

    To understand how one technique of encryption differs from another.

  • 12

    Background

    Basics of Cloud-Computing As the Cloud-Computing paradigm is relatively new in the technical world, the term is overused. In

    general terms- Cloud can be described as a sharable and scalable resource pool. These resources can be

    provided on-demand by the external service providers over the Internet on the terms of pay per use.

    Cloud is defined by NIST -

    A model for enabling convenient, on-demand network access to a shared pool of configurable

    computing resources (e.g., networks, servers, storage, applications, and services) that can be

    rapidly provisioned and released with minimal management effort or service provider

    interaction

    The above NIST definition highlights key characteristics of cloud along with deployment

    models and deliverable models.

    Key Features Of Cloud Computing

    The key features of cloud-computing are as following-

    a. On demand resource availability

    The cloud resources can be accessed anywhere over the internet as per the need of

    the user without the requirement of human intervention. It is similar to autonomic

    computing due to its self -managing feature and adaptation to unpredictable

    changes by the user.

    b. Reliability

    Cloud-Computing resources are highly reliable as they are not affected by any

    unforeseen incidents such as power failure. They are available all over the world

    despite any geographical restrictions.

    c. Scalability

    The cloud resources can be easily scaled up or scaled down as per the change in

    need of the user. Therefore, users need not worry about the limited capacities and

    purchasing cost of physical machines.

  • 13

    d. Cost-effectiveness

    Usage of similar cloud resources from thousands of users aggregates to achieve

    economies of scale. Cloud works on the model of pay- as-you- go, so users need

    not to provision the resources for future need and they pay only for what they use.

    It is a measured service.

    e. Shared Resources

    Cloud works on the multi-tenant model. The cloud resources are not dedicated;

    they are shared among several users. It makes use of virtualization technology and

    users are not aware of any kind of resource limitation. Based on the demand of the

    user, resources are provisioned and de-provisioned automatically.

    ...