This document analyzes security algorithms in cloud computing. It discusses challenges like security and privacy in cloud computing. It describes how data is stored and secured in the cloud, including issues like unauthorized access. It then explains existing security algorithms like AES and RSA. AES uses symmetric encryption with a variable key length and multiple rounds of transformations. RSA uses asymmetric encryption with a public/private key pair. The document proposes further developments in areas like multiple encryption and biometric security before concluding.
2. INTRODUCTION
CHALLENGE
DATA STORAGE & SECURITY IN
CLOUDE COMPUTING
Data Security Issues in Cloud
Computing
EXISTING ALGORITHM FOR
SECURITY
AES
RSA
Further development proposal
CONCLUSION
Index
3. INRODUCTION
Security system in cloud for storing data
is not safe enough. When data is valuable
specially in the cloud computing, it's
security considered to be the key
requirement. Also it is get more
important when it is hard to make it
safe. It becomes hard to keep data safe
due to lack of strong data encryption
system. Cloud possesses the security
problem in Data segregation, Data theft,
unauthorized access, Uncleaned Owner
and responsibility of Data Protection,
Data Loss conditions.
Wednesday, February
3, 2016
3
4. CHALLENGE
The following are some of the
notable challenges associated with
cloud computing, and although
some of these may cause a
slowdown when delivering more
services in the cloud, most also can
provide opportunities, if resolved
with due care and attention in the
planning stages.
• Security and Privacy
• Lack of Standards
• Continuously Evolving
Wednesday, February
3, 2016
4
5. Data Storage & Security in Cloud Computing
Cloud storage services may be accessed through a web service
application programming interface (API), a cloud storage
gateway or through a Web-based user interface. Cloud storage
is:
made up of many distributed resources, but still acts as one
highly fault tolerant through redundancy and distribution of
data
highly durable through the creation of versioned copies
typically eventually consistent with regard to data replicas.
Wednesday, February
3, 2016
5
6. Data Security Issues in Cloud Computing
Transmit and store user’s information as little as possible. After
systemic analysis, the cloud computing applications will collect and
store the most necessary information only.
Security measures will be adopted to prevent unauthorized access,
copying, using or modifying personal information.
Achieve user’s control to the greatest degree. Firstly, it is necessary to
allow the user to control the most critical and important personal
information. Secondly, it is available to manage personal information
by a trusted third party.
Wednesday, February
3, 2016
6
7. Data Security Issues in Cloud Computing
Allow users to make choice. Users have the right to select the use of
personal information. Besides, they can join or leave freely.
Make clear and limit the purpose of use of data. Personal information
must be used and handled by the person with specific identification
for specific purpose and owner of information should be notified
before using.
Establish feedback mechanism to ensure that safety tips and detailed
measures of the service will be provided to the user timely.
It can maximize the security of user’s data after introducing principles
above
Wednesday, February 3,
2016
7
8. Pseudo code of AES Algorithm
The AES algorithm performs a number
Nr of cryptographic rounds depending
on the actual key length. It has
variable key length of 128, 192, or
256 bits.
Each round consists of four byte-
oriented cryptographic
transformations
Byte Substitution
Shifting rows of state array
Mixing data within a column of the
state array
Round key addition to the state array
Cipher(byte[] input, byte[] output)
{
byte[4,4] State;
copy input[] into State[] AddRoundKey
for (round = 1; round < Nr-1; ++round)
{
SubBytes ShiftRows MixColumns
AddRoundKey
}
SubBytes ShiftRows AddRoundKey
copy State[] to output[]
}
Wednesday, February
3, 2016 8
10. Advantage:
Extremely Secure
When it uses a secure algorithm,
symmetric key encryption can be
extremely secure. When you use
it with its most secure 256-bit key
length, it would take about a
billion years for a 10 petaflop
computer to guess the key
through a brute-force attack.
Relatively Fast
Encrypting and decrypting
symmetric key data is relatively
easy to do, giving you very good
reading and writing performance.
Disadvantage:
Sharing the Key
The biggest problem with symmetric
key encryption is that you need to
have a way to get the key to the party
with whom you are sharing data.
Encryption keys aren't simple strings
of text like passwords.
More Damage if Compromised
When someone gets their hands on a
symmetric key, they can decrypt
everything encrypted with that key.
When you're using symmetric
encryption for two-way
communications, this means that both
sides of the conversation get
compromised.
Wednesday, February
3, 2016
10
11. Pseudo Code for RSA Algorithm
Key Generation Algorithm
1. Choose two very large random
prime integers:
p and q
2. Compute n and φ(n):
n = pq and φ(n) = (p-1)(q-1)
3. Choose an integer e,
1 < e < φ(n) such that:
gcd(e, φ(n)) = 1(where gcd means
greatest common denominator)
4. Compute d, 1 < d < φ(n) such
that:
ed ≡ 1 (mod φ(n))
the public key is (n, e) and the private
key is (n, d)
the values of p, q and φ(n) are private
e is the public or encryption exponent
d is the private or decryption exponent
Encryption
The cyphertext C is found by the
equation 'C = Me mod n' where M is
the original message.
Decryption
The message M can be found form the
cyphertext C by the equation 'M = Cd
mod n'.
Wednesday, February
3, 2016 11
12. Activity Diagram of RSA Algorithm
Encryption
Public Key
Private Key Decryption
Sender Receiver
Generate Key
To the public
Cipher text
Transmission
Medium
Plain text
Plain text
Wednesday, February
3, 2016 12
13. Advantage:
Increased security and convenience
Private keys never need to be
transmitted or revealed to anyone.
Digital signatures that cannot be
repudiated
Authentication via secret-key systems
requires the sharing of some secret
and sometimes requires trust of a
third party as well. As a result, a
sender can repudiate a previously
authenticated message by claiming
the shared secret was somehow
compromised) by one of the parties
sharing the secret.
Disadvantage:
Encryption speed Slow
For encryption, the best solution is to
combine public- and secret-key systems in
order to get both the security advantages
of public-key systems and the speed
advantages of secret-key systems. Such a
protocol is called a digital envelope.
Vulnerability risk
A successful attack on a certification
authority will allow an adversary to
impersonate whomever he or she chooses
by using a public-key certificate from the
compromised authority to bind a key of
the adversary's choice to the name of
another user.
Wednesday, February
3, 2016
13
14. Further development proposal
Multiple encryption
Data storage method
Biometric security
Wednesday, February
3, 2016
14
15. Conclusion
Cloud computing is changing the way IT departments buy IT.
Businesses have a range of paths to the cloud, including
infrastructure, platforms and applications that are available
from cloud providers as online services. Security is a major
requirement in cloud computing while we talk about data
storage. There are number of existing techniques used to
implement security in cloud. We discussed one symmetric and
asymmetric algorithm. Our future will be considering some
problems related to existing security algorithms and
implement a better version of AES & RSA.
Wednesday, February
3, 2016
15
16. Left the world…
Trapped me to answer the
question of unknown
Answers…
Left silently *sigh*..
Don’t Ask Questions
Please.
Wednesday, February
3, 2016 16
17. References
Randeep Kaur ,Supriya Kinger, “Analysis of Security
Algorithms in Cloud Computing“, International Journal
of Application or Innovation in Engineering &
Management (IJAIEM), Volume 3, Issue 3, March 2014 .
http://www.emc.com/emc-plus/rsa-labs/standards-
initiatives/advantages-and-disadvantages.htm
http://science.opposingviews.com/advantages-
disadvantages-symmetric-key-encryption-2609.html
Wednesday, February
3, 2016 17