Secure Key Exchange for Cloud Environment Using Cellular Automata with Triple-DES and Error-Detection



Similar documents
Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

CRYPTOGRAPHY IN NETWORK SECURITY

Forward Secrecy: How to Secure SSL from Attacks by Government Agencies

Lecture 9: Application of Cryptography

Computer Security: Principles and Practice

Cloud Security and Algorithms: A Review Divya saraswat 1, Dr. Pooja Tripathi 2 1

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

An Introduction to Cryptography as Applied to the Smart Grid

, ) I Transport Layer Security

Data Security & Privacy Protection: Primary Inhibitor for Adoption of Cloud Computing Services

IMPROVED SECURITY MEASURES FOR DATA IN KEY EXCHANGES IN CLOUD ENVIRONMENT

AN IMPLEMENTATION OF HYBRID ENCRYPTION-DECRYPTION (RSA WITH AES AND SHA256) FOR USE IN DATA EXCHANGE BETWEEN CLIENT APPLICATIONS AND WEB SERVICES

Efficient Framework for Deploying Information in Cloud Virtual Datacenters with Cryptography Algorithms

SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES

Keywords Cloud Computing, CRC, RC4, RSA, Windows Microsoft Azure

How To Encrypt Data With Encryption

DRAFT Standard Statement Encryption

CSCE 465 Computer & Network Security

Secure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213

A Secure Model for Cloud Computing Based Storage and Retrieval

An Efficient data storage security algorithm using RSA Algorithm

Lukasz Pater CMMS Administrator and Developer

Public Key Cryptography Overview

Network Security. Omer Rana

A Novel Approach to combine Public-key encryption with Symmetric-key encryption

Chapter 10. Network Security

Table of Contents. Bibliografische Informationen digitalisiert durch

EXAM questions for the course TTM Information Security May Part 1

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Hybrid Cryptographic Framework for Multimedia Data Storage over Cloud

Final Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket

Secure Socket Layer. Introduction Overview of SSL What SSL is Useful For

Software Tool for Implementing RSA Algorithm

Secure Network Communication Part II II Public Key Cryptography. Public Key Cryptography

AStudyofEncryptionAlgorithmsAESDESandRSAforSecurity

SPC5-CRYP-LIB. SPC5 Software Cryptography Library. Description. Features. SHA-512 Random engine based on DRBG-AES-128

Is Your SSL Website and Mobile App Really Secure?

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University

Authentication. Authorization. Access Control. Cloud Security Concerns. Trust. Data Integrity. Unsecure Communication

White Paper. Enhancing Website Security with Algorithm Agility

Secure File Transfer Using USB

SECURITY IN NETWORKS

Monitoring Data Integrity while using TPA in Cloud Environment

Center for Internet Security. INTEGRATED INTELLIGENCE CENTER Technical White Paper William F. Pelgrin, CIS President and CEO

A SOFTWARE COMPARISON OF RSA AND ECC

Fully homomorphic encryption equating to cloud security: An approach

NEW HORIZON COLLEGE OF ENGINEERING, BANGALORE CLOUD COMPUTING ASSIGNMENT Explain any six benefits of Software as Service in Cloud computing?

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

Cryptography and Network Security

An Efficient Data Security in Cloud Computing Using the RSA Encryption Process Algorithm

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Properties of Secure Network Communication

Analyzing Data Security for Cloud Computing Using Cryptographic Algorithms

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

I N F O R M A T I O N S E C U R I T Y

Cryptography and Network Security Chapter 10

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

As enterprises conduct more and more

Enhance data security of private cloud using encryption scheme with RBAC

Cloud Computing: A CRM Service Based on a Separate Encryption and Decryption using Blowfish algorithm

A Fully Homomorphic Encryption Implementation on Cloud Computing

Single Sign-On Secure Authentication Password Mechanism

Security Issues with Implementation of RSA and Proposed Dual Security Algorithm for Cloud Computing

Security Strength of RSA and Attribute Based Encryption for Data Security in Cloud Computing

I N F O R M A T I O N S E C U R I T Y

Keywords : audit, cloud, integrity, station to station protocol, SHA-2, third party auditor, XOR. GJCST-B Classification : C.2.4, H.2.

Wireless Local Area. Network Security

Computer System Management: Hosting Servers, Miscellaneous

Secure Data Storage in Cloud Service using RC5 Algorithm

Chapter 8. Network Security

(C) Global Journal of Engineering Science and Research Management

CLOUD COMPUTING SECURITY ARCHITECTURE - IMPLEMENTING DES ALGORITHM IN CLOUD FOR DATA SECURITY

CS 348: Computer Networks. - Security; 30 th - 31 st Oct Instructor: Sridhar Iyer IIT Bombay

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)

Network Security. Chapter 2 Basics 2.2 Public Key Cryptography. Public Key Cryptography. Public Key Cryptography

Survey on Data security Issues in Cloud Environment

Secure Socket Layer (SSL) and Transport Layer Security (TLS)

CS 758: Cryptography / Network Security

Künftige Cyber-Attacken: Risiken und Techniken. Future Cyber attacks: Risks and techniques. Prof. Dr. T. Nouri sd&m

A Factoring and Discrete Logarithm based Cryptosystem

A Survey of the Elliptic Curve Integrated Encryption Scheme

Accellion Secure File Transfer Cryptographic Module Security Policy Document Version 1.0. Accellion, Inc.

A New Efficient Digital Signature Scheme Algorithm based on Block cipher

Keywords Web Service, security, DES, cryptography.

A STUDY OF DES ALGORITHM WITH CELLULAR AUTOMATA

HYBRID ENCRYPTION FOR CLOUD DATABASE SECURITY

7! Cryptographic Techniques! A Brief Introduction

STUDY AND COMPARISON OF CRYPTOGRAPHIC METHODS FOR CLOUD SECURITY

Final Project RSA Secure Chat Server CSC 290 Warren Fong

SCAN-CA Based Image Security System

Notes on Network Security Prof. Hemant K. Soni

Strengthen Cloud Computing Security with Federal Identity Management Using Hierarchical Identity-Based Cryptography

Tufts University. Department of Computer Science. COMP 116 Introduction to Computer Security Fall 2014 Final Project. Guocui Gao

A PERFORMANCE EVALUATION OF COMMON ENCRYPTION TECHNIQUES WITH SECURE WATERMARK SYSTEM (SWS)

Journal of Mobile, Embedded and Distributed Systems, vol. I, no. 1, 2009 ISSN

Transcription:

Secure Key Exchange for Cloud Environment Using Cellular Automata with Triple-DES and Error-Detection Govinda.K 1, Sathiyamoorthy.E *2, Surbhit Agarwal 3 # SCSE,VIT University Vellore,India 1 kgovinda@vit.ac.in 3 sax@aksamity.com * SITE,VIT University Vellore,India 2 esathiyamoorthy@vit.ac.in Abstract The information housed on the cloud is often seen as valuable to individuals with malicious intent. There is a lot of personal information and potentially secure data that people store on their computers, and this information is now being transferred to the cloud. This makes it critical for you to understand the security measures that your cloud provider has in place, and it is equally important to take personal precautions to secure your data. In the world of cloud computing, security is the big issue because of open system architecture. The data transferred through cloud should be secure and there is a possible to attack the data in middle. In this paper, we deal with key exchange between cloud user s using cellular automata. It is hard to trace the key by man-in-the-middle-attack because of Strong encryption algorithm (Triple-DES) with CA (Cellular Automata) Rules. Besides CRC (Cyclic Redundancy Check) is done to ensure data integrity at the user s end. Keyword- Key Exchange, Triple-DES, Cellular Automata, Cloud, CRC I. INTRODUCTION Cloud computing become a popular taxonomy in the Internet world. Nowadays all the services are being provided by cloud computing. The term Cloud means collection of all data placed somewhere in the server. In cloud computing, everything is by means of service. There are Three main services in cloud computing which can be seen in the cloud architecture namely Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS). There services are the basic service provided to the cloud consumer. In this environment, consumers are billed as per their usage. Generally it is called as Pay-as-you-go. In other words, If you have used for an hour, you are about to pay for the used hour. It is based upon the services. Each service has its own cost. Currently, there are various cloud computing service provider such Amazon.com, Google App Engine (GAE), IBM and so on. Most of the professional companies are being shifted to cloud computing architecture environment because of Space, Speed and Resource availability. Only you need to pay the rental cost for the service you have been consumed. In addition to that, cloud computing provides you various advantages such as Virtualization, High-end systems, Scalability. Virtualization is used to run multiple Operating System (OS) in a single machine. Each and every service is pointed to business oriented view[5]. Cloud layer architecture consists of four layers. Infrastructure as a Service (Iaas), Platform as a Service (Paas), Software as a Service (Saas) and Business Process as a Service as shown in Fig1. In case of cloud computing the security is a major issue. Key is the vital part of the system, If a key is revealed to the stranger then the system would be in the insecure scenario. So overcome these kinds of problem we focus to secure the key while transmission takes place between a cloud service provider and a cloud consumer. ISSN : 0975-4024 Vol 5 No 2 Apr-May 2013 1004

Cloud Architecture Software as a Service (SaaS) (Gmail, Salesforce) Platform as a Service (PaaS) (Amazon, Azure) Infrastructure as a Service (IaaS) (HP, Amazon, IBM) Fig 1.Layered Architecture of Cloud Computing Basically, error is happened in internet based transmission so it could be detected using the traditional method CRC (Cyclic Redundancy Check). The paper is organized as follows Chaper1 describes the introduction to service models, Cellular automata and Key generation using cellular automata rules, Chapter2 describes the literature review, Chapter3 describes the proposed method. Chapter presents results and Chapter5 describes conclusion followed by references. II. CELLULAR AUTOMATA Cellular Automata (CA) was introduced by Ulam and John Vonn Neumann. CA is collection of lattice cells and each cell is executed parallelly. By applying the function on the state, we get is called as Transition state. A function is a local rule applied on the neighbouring cells based on the radius. There are two types of CA: 1. One-dimensional Cellular Automata and 2.Two-dimensional Cellular Automata. A onedimensional cellular automaton is also said to Elementary CA because of Elementary Rules (0 to 255). Function is Boolean expression applied on the cells. Where is a completed entire of states, is the cellular vicinity, is the size of CA, and is the function (Local Rule. Eg., Rule 30, Rule 90 where Rule 30 is more random used for cryptography)[2]. Each rule is defined by a Boolean expression[7]. Figure 2. 1-D and 2-D Cellular Automata ISSN : 0975-4024 Vol 5 No 2 Apr-May 2013 1005

1-D cellular automata follows periodic boundary for the transition state where as 2-D cellular automata used four directions: North, East, West and South[5]. A. Key Generation Key generation is done with sender and receiver. Basically, key generation algorithm uses cellular automata and it will be explained as Alice and Bob. Alice acts as a sender and generates the key with CA rule 30 which is more random and Bob acts as a Receiver. A key will be generated by Alice and uses 3DES to encrypt the data as well as he computes the CRC for the data and it is sent to Bob. Bob also uses the same concept generates the key to decrypt and checks for CRC error. There are types of keys: 1. Symmetric Key (Encrypting and Decrypting with same key called Public key), 2. Asymmetric Key (A shared Public key is generates a Private Key which is used for encryption/decryption). III. RELATED WORK Presently, Key Exchange Protocols are being used to exchange the keys with a digital signature. Most of the digital signature vendors use RSA as a key exchange algorithm. DHDSA (Diffie-Hellman Digital Signature Algorithm) is a standard algorithm used with various security algorithms such as 3DES (Triple-Data Encryption Standard, RSA (Rivest, Shamir and Adleman), ECC (Elliptic Curve Cryptography)[4]. Fig 3. One-Round, Two-Round and Three-Round Protocol In the Integrated DHDSA, the proposed protocol is given for single, two and three rounds. Each round uses modulus, addition and concatenation operations. Each round protocol is used for different purposes. For Instance, One-round protocol could be used for Email application. Two-round protocol could be used for twoway secured communication such as Chat application. In addition to two-rounded protocol, third one has a key confirmation for every communication. It supports for Key exchange applications. The Figure 3 represents the different round protocols used to exchange the key between the sender and the receiver [1][6][7]. S.No. Method Example Elliptic curve Diffie Gmail.com, 1 Hellman Android Market (ECDH) with RSA 2 RSA vit.ac.in 3 DHE_RSA cpanel 4 PSK (Pre-shared VPN Mobile Key) Networks Table 1. Table Content current Key exchange methods with an example The above table shows the present key-exchange techniques. Most of the key exchange uses RSA method because of the prime number logic. RSA reveals that Prime number is most powerful mathematical concept used in cryptography. Nowadays, the key length is increased to the extend (i.e., we can see the key size 4096 bit). IV. METHODOLOGY This methodology is new model rather generating the key using existing method. Cellular Automata (CA) is the strengthen method to generate strong keys. In CA, key could be generated using Local Rule and also bit length is variable. In other words, any key bit size length could be generated using CA. Triple-DES Algorithm contains several levels and rounds. For each round, a round key is used. In the case of Encryption, three processes are done (Encrypt, Decrypt, and Encrypt). For this encryption process three Private keys are used which are generated by using CA the Public key. In the case of Decryption, three processes are done (Decrypt, ISSN : 0975-4024 Vol 5 No 2 Apr-May 2013 1006

Encrypt, and Decrypt). For this decryption process three Private keys are used which are generated by using CA the Public key. The encrypted data is sent over the network and the data is decrypted at the receiver s end. CRC (Cyclic Redundancy Check) is used to check the error-detection. It is generally checked at the receiver side. A long Integer CRC value is obtained for the original data and it is padded with the encrypted message. The stream is sent over the network. At the receiver side, the encrypted message is decrypted and the CRC value decrypted message is obtained. If the CRC value of decrypted message and given CRC value is same then the data is error-free. We used in-built CRC java packages for the error detection A. Mathematical Model The methodology could be give mathematically as follows. Generally, a security algorithm has two processes: 1. Encryption, 2. Decryption. For the both process we need a key (Public Key or Private Key depend upon the process method). Let PUB K be the Public Key shared by both sender and receiver which is generated by the Random Number R Sender Let CA be the Cellular Automata, which generated three Private Keys applying the Local Rule (Eg., 30 or 90) on the PUB K. The three Private Keys are: PRI K1, PRI K2, and PRI K3. Let P T Plain text, by applying the Encryption process and the final outcome would be the Cipher Text C T. Receiver Using the same Public Key PUB K, the decryption process is done as follows: Let C T be the Cipher Text, to perform deciphering we need three Private keys which could be generated using Cellular Automata (CA). The three Private Keys are: PRI K1, PRI K2, and PRI K3. Keys are generated using CA Rules. It has a specific window size and initial condition. Based on the initial condition values the randomness is depended. In addition that, java inbuilt CRC package is used for generating CRC value and check over at receiver end. V. IMPLEMENTATION The proposed model is implemented in Java TCP Socket Programming. Besides CRC values is checked in the receiver s side. Figure 2 represents the layered architecture of implemented design. The proposed methodology is implemented in Java using Java Socket Programming. We are considering the cloud environment; sender has the key to share with the receiver. The sharing key is encrypted using Triple-DES with CA and the corresponding CRC value is obtained. Which is padded as stream, the stream consists of encrypted ISSN : 0975-4024 Vol 5 No 2 Apr-May 2013 1007

data, CRC value and Public Key. This stream is sent over the network. While the receiver check the CRC value and decrypt the cipher to obtain the original data. Fig 4. Layered Architecture of Secure Key-exchnage model VI. RESULTS The Fig5 shown the input screen where user is generating the key using CA rule and encrypts using Triple DES. The Fig6 shows the data encryption using Triple DES. Fig 5. Shows Input String with Key generation and Encryption Fig 6. Shows Data Encryption ISSN : 0975-4024 Vol 5 No 2 Apr-May 2013 1008

Fig 7. Shows the Key generated using CA Fig 7. Decryption using CA VII. CONCLUSION Nowadays security in the cloud environment is the open issue. Even though we have strengthened the key size and powerful security algorithms, it is hard to communicate in the case of public/private cloud. Presently, all the data communications are migrating to cloud based computing. In that case, a private/public cloud can generate the key in a secure manner using this methodology. In addition to that, the system checks the errordetection in the receiver s end.in future, this methodology could be enhanced with different algorithms such AES, Blowfish and so on. The key size could be extended to higher size using CA (Cellular Automata) as well as the data could be compressed using CA and sent over the network. However, the same ideology could be implemented as web-service so that it could be used in different platform. Rather than using existing security algorithm some of the CA rules are inheritably random, this could be used for encryption and decryption of data in a light-weight manner. REFERENCES [1] Benkiniouar, M. and Benmohamed, M. "Cellular automata for cryptography "'Information and Communication Technologies: From Theory to Applications, 2004. Proceedings. 2004 International Conference on', 2004, pp. 423-424. [2] Gage, D., Mcgarry, B., Ken, D. and Adviser, S. F. "Cellular Automata : Is Rule 30 Random?", SUSQUEHANNA UNIVERSITY. [3] Harn, L., Mehta, M. and Hsin, W.-J. "Integrating Diffie-Hellman key exchange into the digital signature algorithm DSA), Communications Letters, IEEE (8:3), 2004, pp. 198 200. [4] Jing, X. and jun, Z. J. "A Brief Survey on the Security Model of Cloud Computing, "'Distributed Computing and Applications to Business Engineering and Science (DCABES), 2010 Ninth International Symposium on', 2010, pp. 475-478. [5] Rimal, B. P., Choi, E. and Lumb, I. "A Taxonomy and Survey of Cloud Computing Systems," Networked Computing and Advanced Information Management, International Conference on (0), 2009, pp. 44-51. [6] Schiff, J. L. Cellular Automata: A Discrete View of the World (Wiley Series in Discrete Mathematics & Optimization). [7] Wolfram, S. A new kind of science, Wolfram Media Inc., Champaign, Ilinois, US, United States, 2002. ISSN : 0975-4024 Vol 5 No 2 Apr-May 2013 1009

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information