SlideShare ist ein Scribd-Unternehmen logo

Analysis of Security Algorithms in Cloud Computing

Als PPTX, PDF herunterladen
M
Mahmuda Rahman

This document analyzes security algorithms in cloud computing. It discusses challenges like security and privacy in cloud computing. It describes how data is stored and secured in the cloud, including issues like unauthorized access. It then explains existing security algorithms like AES and RSA. AES uses symmetric encryption with a variable key length and multiple rounds of transformations. RSA uses asymmetric encryption with a public/private key pair. The document proposes further developments in areas like multiple encryption and biometric security before concluding.

1 von 17
Presented By: 1. Rafiq, Fatema Binta (13-23447-1) 2. Rahman, Mahmuda (13-22990-1) 3. Rabbi, Md. Fazla (13-23679-1) 4. Ali, Nafis (13-24925-3) 5. Hossain, F.M. Tanvir (13-23513-1) Analysis of Security Algorithms in Cloud Computing Instructor: Shahrin Chowdhury
 INTRODUCTION  CHALLENGE  DATA STORAGE & SECURITY IN CLOUDE COMPUTING  Data Security Issues in Cloud Computing  EXISTING ALGORITHM FOR SECURITY  AES  RSA  Further development proposal  CONCLUSION Index
INRODUCTION Security system in cloud for storing data is not safe enough. When data is valuable specially in the cloud computing, it's security considered to be the key requirement. Also it is get more important when it is hard to make it safe. It becomes hard to keep data safe due to lack of strong data encryption system. Cloud possesses the security problem in Data segregation, Data theft, unauthorized access, Uncleaned Owner and responsibility of Data Protection, Data Loss conditions. Wednesday, February 3, 2016 3
CHALLENGE The following are some of the notable challenges associated with cloud computing, and although some of these may cause a slowdown when delivering more services in the cloud, most also can provide opportunities, if resolved with due care and attention in the planning stages. • Security and Privacy • Lack of Standards • Continuously Evolving Wednesday, February 3, 2016 4
Data Storage & Security in Cloud Computing Cloud storage services may be accessed through a web service application programming interface (API), a cloud storage gateway or through a Web-based user interface. Cloud storage is:  made up of many distributed resources, but still acts as one  highly fault tolerant through redundancy and distribution of data  highly durable through the creation of versioned copies  typically eventually consistent with regard to data replicas. Wednesday, February 3, 2016 5
Data Security Issues in Cloud Computing  Transmit and store user’s information as little as possible. After systemic analysis, the cloud computing applications will collect and store the most necessary information only.  Security measures will be adopted to prevent unauthorized access, copying, using or modifying personal information.  Achieve user’s control to the greatest degree. Firstly, it is necessary to allow the user to control the most critical and important personal information. Secondly, it is available to manage personal information by a trusted third party. Wednesday, February 3, 2016 6
Data Security Issues in Cloud Computing  Allow users to make choice. Users have the right to select the use of personal information. Besides, they can join or leave freely.  Make clear and limit the purpose of use of data. Personal information must be used and handled by the person with specific identification for specific purpose and owner of information should be notified before using.  Establish feedback mechanism to ensure that safety tips and detailed measures of the service will be provided to the user timely.  It can maximize the security of user’s data after introducing principles above Wednesday, February 3, 2016 7
Pseudo code of AES Algorithm  The AES algorithm performs a number Nr of cryptographic rounds depending on the actual key length. It has variable key length of 128, 192, or 256 bits.  Each round consists of four byte- oriented cryptographic transformations  Byte Substitution  Shifting rows of state array  Mixing data within a column of the state array  Round key addition to the state array Cipher(byte[] input, byte[] output) { byte[4,4] State; copy input[] into State[] AddRoundKey for (round = 1; round < Nr-1; ++round) { SubBytes ShiftRows MixColumns AddRoundKey } SubBytes ShiftRows AddRoundKey copy State[] to output[] } Wednesday, February 3, 2016 8
Activity Diagram of AES Algorithm Wednesday, February 3, 2016 9
Advantage: Extremely Secure When it uses a secure algorithm, symmetric key encryption can be extremely secure. When you use it with its most secure 256-bit key length, it would take about a billion years for a 10 petaflop computer to guess the key through a brute-force attack. Relatively Fast Encrypting and decrypting symmetric key data is relatively easy to do, giving you very good reading and writing performance. Disadvantage: Sharing the Key The biggest problem with symmetric key encryption is that you need to have a way to get the key to the party with whom you are sharing data. Encryption keys aren't simple strings of text like passwords. More Damage if Compromised When someone gets their hands on a symmetric key, they can decrypt everything encrypted with that key. When you're using symmetric encryption for two-way communications, this means that both sides of the conversation get compromised. Wednesday, February 3, 2016 10
Pseudo Code for RSA Algorithm  Key Generation Algorithm 1. Choose two very large random prime integers: p and q 2. Compute n and φ(n): n = pq and φ(n) = (p-1)(q-1) 3. Choose an integer e, 1 < e < φ(n) such that: gcd(e, φ(n)) = 1(where gcd means greatest common denominator) 4. Compute d, 1 < d < φ(n) such that: ed ≡ 1 (mod φ(n))  the public key is (n, e) and the private key is (n, d)  the values of p, q and φ(n) are private  e is the public or encryption exponent  d is the private or decryption exponent  Encryption The cyphertext C is found by the equation 'C = Me mod n' where M is the original message.  Decryption The message M can be found form the cyphertext C by the equation 'M = Cd mod n'. Wednesday, February 3, 2016 11
Activity Diagram of RSA Algorithm Encryption Public Key Private Key Decryption Sender Receiver Generate Key To the public Cipher text Transmission Medium Plain text Plain text Wednesday, February 3, 2016 12
Advantage: Increased security and convenience Private keys never need to be transmitted or revealed to anyone. Digital signatures that cannot be repudiated Authentication via secret-key systems requires the sharing of some secret and sometimes requires trust of a third party as well. As a result, a sender can repudiate a previously authenticated message by claiming the shared secret was somehow compromised) by one of the parties sharing the secret. Disadvantage: Encryption speed Slow For encryption, the best solution is to combine public- and secret-key systems in order to get both the security advantages of public-key systems and the speed advantages of secret-key systems. Such a protocol is called a digital envelope. Vulnerability risk A successful attack on a certification authority will allow an adversary to impersonate whomever he or she chooses by using a public-key certificate from the compromised authority to bind a key of the adversary's choice to the name of another user. Wednesday, February 3, 2016 13
Further development proposal  Multiple encryption  Data storage method  Biometric security Wednesday, February 3, 2016 14
Conclusion Cloud computing is changing the way IT departments buy IT. Businesses have a range of paths to the cloud, including infrastructure, platforms and applications that are available from cloud providers as online services. Security is a major requirement in cloud computing while we talk about data storage. There are number of existing techniques used to implement security in cloud. We discussed one symmetric and asymmetric algorithm. Our future will be considering some problems related to existing security algorithms and implement a better version of AES & RSA. Wednesday, February 3, 2016 15
Left the world… Trapped me to answer the question of unknown Answers… Left silently *sigh*.. Don’t Ask Questions Please. Wednesday, February 3, 2016 16
References  Randeep Kaur ,Supriya Kinger, “Analysis of Security Algorithms in Cloud Computing“, International Journal of Application or Innovation in Engineering & Management (IJAIEM), Volume 3, Issue 3, March 2014 .  http://www.emc.com/emc-plus/rsa-labs/standards- initiatives/advantages-and-disadvantages.htm  http://science.opposingviews.com/advantages- disadvantages-symmetric-key-encryption-2609.html Wednesday, February 3, 2016 17

Empfohlen

multiple encryption in clouud computing
multiple encryption in clouud computingmultiple encryption in clouud computing
multiple encryption in clouud computingRauf Wani
 
Encryption 2021
Encryption 2021Encryption 2021
Encryption 2021JoeOrlando16
 
Cloud security
Cloud securityCloud security
Cloud securityJhanvi Dattani
 
Storage on cloud using dynamic encryption
Storage on cloud using dynamic encryptionStorage on cloud using dynamic encryption
Storage on cloud using dynamic encryptionMphasis
 
1784 1788
1784 17881784 1788
1784 1788Editor IJARCET
 
Attaining data security in cloud computing
Attaining data security in cloud computingAttaining data security in cloud computing
Attaining data security in cloud computingGopinath Muthusamy
 
Analysis of classical encryption techniques in cloud computing
Analysis of classical encryption techniques in cloud computingAnalysis of classical encryption techniques in cloud computing
Analysis of classical encryption techniques in cloud computingredpel dot com
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computingAbhishek Kumar Sinha
 

Empfohlen

multiple encryption in clouud computing
multiple encryption in clouud computingmultiple encryption in clouud computing
multiple encryption in clouud computingRauf Wani
 
Encryption 2021
Encryption 2021Encryption 2021
Encryption 2021JoeOrlando16
 
Cloud security
Cloud securityCloud security
Cloud securityJhanvi Dattani
 
Storage on cloud using dynamic encryption
Storage on cloud using dynamic encryptionStorage on cloud using dynamic encryption
Storage on cloud using dynamic encryptionMphasis
 
1784 1788
1784 17881784 1788
1784 1788Editor IJARCET
 
Attaining data security in cloud computing
Attaining data security in cloud computingAttaining data security in cloud computing
Attaining data security in cloud computingGopinath Muthusamy
 
Analysis of classical encryption techniques in cloud computing
Analysis of classical encryption techniques in cloud computingAnalysis of classical encryption techniques in cloud computing
Analysis of classical encryption techniques in cloud computingredpel dot com
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computingAbhishek Kumar Sinha
 
Practice case legal for data professional
Practice case legal for data professionalPractice case legal for data professional
Practice case legal for data professionalNovita Sari
 
cloud computing encrypted
cloud computing encryptedcloud computing encrypted
cloud computing encryptedDevanandPatil6
 
Security issue in Cloud computing
Security issue in Cloud computingSecurity issue in Cloud computing
Security issue in Cloud computingSeema Kumari
 
Big data security_issues_research_paper
Big data security_issues_research_paperBig data security_issues_research_paper
Big data security_issues_research_paperLuisa Francisco
 
SecRBAC: Secure data in the Clouds
SecRBAC: Secure data in the CloudsSecRBAC: Secure data in the Clouds
SecRBAC: Secure data in the CloudsNexgen Technology
 
Aspects of data security
Aspects of data securityAspects of data security
Aspects of data securitySaranSwathi1
 
Cloud data governance, risk management and compliance ny metro joint cyber...
Cloud data governance, risk management and compliance ny metro joint cyber...Cloud data governance, risk management and compliance ny metro joint cyber...
Cloud data governance, risk management and compliance ny metro joint cyber...Ulf Mattsson
 
Mcafee data loss_prevention_11.6.x_product_guide_9-28-2021
Mcafee data loss_prevention_11.6.x_product_guide_9-28-2021Mcafee data loss_prevention_11.6.x_product_guide_9-28-2021
Mcafee data loss_prevention_11.6.x_product_guide_9-28-2021Chaitanya chandra sekhar
 
Secure Data Sharing in Cloud through Limiting Trust in Third Party/Server
Secure Data Sharing in Cloud through Limiting Trust in Third Party/ServerSecure Data Sharing in Cloud through Limiting Trust in Third Party/Server
Secure Data Sharing in Cloud through Limiting Trust in Third Party/ServerIRJET Journal
 
Protect customer's personal information eng 191018
Protect customer's personal information eng 191018Protect customer's personal information eng 191018
Protect customer's personal information eng 191018sang yoo
 
Cloud computing security
Cloud computing securityCloud computing security
Cloud computing securityAntonio Sanz Alcober
 
User Behavior based Anomaly Detection for Cyber Network Security
User Behavior based Anomaly Detection for Cyber Network SecurityUser Behavior based Anomaly Detection for Cyber Network Security
User Behavior based Anomaly Detection for Cyber Network SecurityHappiest Minds Technologies
 
2° Ciclo Microsoft Fondazione CRUI 6° Seminario: Classificazione e protezion...
2° Ciclo Microsoft Fondazione CRUI 6° Seminario: Classificazione e protezion...2° Ciclo Microsoft Fondazione CRUI 6° Seminario: Classificazione e protezion...
2° Ciclo Microsoft Fondazione CRUI 6° Seminario: Classificazione e protezion...Jürgen Ambrosi
 
2° Ciclo Microsoft Fondazione CRUI 7° Seminario: Proteggersi dai Cyber Attack...
2° Ciclo Microsoft Fondazione CRUI 7° Seminario: Proteggersi dai Cyber Attack...2° Ciclo Microsoft Fondazione CRUI 7° Seminario: Proteggersi dai Cyber Attack...
2° Ciclo Microsoft Fondazione CRUI 7° Seminario: Proteggersi dai Cyber Attack...Jürgen Ambrosi
 
Enforcing multi user access policies in cloud computing
Enforcing multi user access policies in cloud computingEnforcing multi user access policies in cloud computing
Enforcing multi user access policies in cloud computingIAEME Publication
 
Privacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsPrivacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsLeMeniz Infotech
 
Fog Computing:The Justifying Insider Data Stealing Attacks in the Cloud
Fog Computing:The Justifying Insider Data Stealing Attacks in the CloudFog Computing:The Justifying Insider Data Stealing Attacks in the Cloud
Fog Computing:The Justifying Insider Data Stealing Attacks in the CloudIJSRD
 
Inventory / Operations Manager
Inventory / Operations ManagerInventory / Operations Manager
Inventory / Operations ManagerAIM Insight
 
Implementation of Bitcoin Miner on SW and HW
Implementation of Bitcoin Miner on SW and HWImplementation of Bitcoin Miner on SW and HW
Implementation of Bitcoin Miner on SW and HWJoe Jiang
 
AES effecitve software implementation
AES effecitve software implementationAES effecitve software implementation
AES effecitve software implementationRoman Oliynykov
 
Aes 128 192_256_bits_project_report
Aes 128 192_256_bits_project_reportAes 128 192_256_bits_project_report
Aes 128 192_256_bits_project_reportsakhi rehman
 
공인인증서 크래킹 - Inc0gnito 2015
공인인증서 크래킹 - Inc0gnito 2015공인인증서 크래킹 - Inc0gnito 2015
공인인증서 크래킹 - Inc0gnito 2015Hajin Jang
 

Weitere ähnliche Inhalte

Was ist angesagt?

Practice case legal for data professional
Practice case legal for data professionalPractice case legal for data professional
Practice case legal for data professionalNovita Sari
 
cloud computing encrypted
cloud computing encryptedcloud computing encrypted
cloud computing encryptedDevanandPatil6
 
Security issue in Cloud computing
Security issue in Cloud computingSecurity issue in Cloud computing
Security issue in Cloud computingSeema Kumari
 
Big data security_issues_research_paper
Big data security_issues_research_paperBig data security_issues_research_paper
Big data security_issues_research_paperLuisa Francisco
 
SecRBAC: Secure data in the Clouds
SecRBAC: Secure data in the CloudsSecRBAC: Secure data in the Clouds
SecRBAC: Secure data in the CloudsNexgen Technology
 
Aspects of data security
Aspects of data securityAspects of data security
Aspects of data securitySaranSwathi1
 
Cloud data governance, risk management and compliance ny metro joint cyber...
Cloud data governance, risk management and compliance ny metro joint cyber...Cloud data governance, risk management and compliance ny metro joint cyber...
Cloud data governance, risk management and compliance ny metro joint cyber...Ulf Mattsson
 
Mcafee data loss_prevention_11.6.x_product_guide_9-28-2021
Mcafee data loss_prevention_11.6.x_product_guide_9-28-2021Mcafee data loss_prevention_11.6.x_product_guide_9-28-2021
Mcafee data loss_prevention_11.6.x_product_guide_9-28-2021Chaitanya chandra sekhar
 
Secure Data Sharing in Cloud through Limiting Trust in Third Party/Server
Secure Data Sharing in Cloud through Limiting Trust in Third Party/ServerSecure Data Sharing in Cloud through Limiting Trust in Third Party/Server
Secure Data Sharing in Cloud through Limiting Trust in Third Party/ServerIRJET Journal
 
Protect customer's personal information eng 191018
Protect customer's personal information eng 191018Protect customer's personal information eng 191018
Protect customer's personal information eng 191018sang yoo
 
User Behavior based Anomaly Detection for Cyber Network Security
User Behavior based Anomaly Detection for Cyber Network SecurityUser Behavior based Anomaly Detection for Cyber Network Security
User Behavior based Anomaly Detection for Cyber Network SecurityHappiest Minds Technologies
 
2° Ciclo Microsoft Fondazione CRUI 6° Seminario: Classificazione e protezion...
2° Ciclo Microsoft Fondazione CRUI 6° Seminario: Classificazione e protezion...2° Ciclo Microsoft Fondazione CRUI 6° Seminario: Classificazione e protezion...
2° Ciclo Microsoft Fondazione CRUI 6° Seminario: Classificazione e protezion...Jürgen Ambrosi
 
2° Ciclo Microsoft Fondazione CRUI 7° Seminario: Proteggersi dai Cyber Attack...
2° Ciclo Microsoft Fondazione CRUI 7° Seminario: Proteggersi dai Cyber Attack...2° Ciclo Microsoft Fondazione CRUI 7° Seminario: Proteggersi dai Cyber Attack...
2° Ciclo Microsoft Fondazione CRUI 7° Seminario: Proteggersi dai Cyber Attack...Jürgen Ambrosi
 
Enforcing multi user access policies in cloud computing
Enforcing multi user access policies in cloud computingEnforcing multi user access policies in cloud computing
Enforcing multi user access policies in cloud computingIAEME Publication
 
Privacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsPrivacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsLeMeniz Infotech
 
Fog Computing:The Justifying Insider Data Stealing Attacks in the Cloud
Fog Computing:The Justifying Insider Data Stealing Attacks in the CloudFog Computing:The Justifying Insider Data Stealing Attacks in the Cloud
Fog Computing:The Justifying Insider Data Stealing Attacks in the CloudIJSRD
 

Was ist angesagt? (17)

Practice case legal for data professional
Practice case legal for data professionalPractice case legal for data professional
Practice case legal for data professional
 
cloud computing encrypted
cloud computing encryptedcloud computing encrypted
cloud computing encrypted
 
Security issue in Cloud computing
Security issue in Cloud computingSecurity issue in Cloud computing
Security issue in Cloud computing
 
Big data security_issues_research_paper
Big data security_issues_research_paperBig data security_issues_research_paper
Big data security_issues_research_paper
 
SecRBAC: Secure data in the Clouds
SecRBAC: Secure data in the CloudsSecRBAC: Secure data in the Clouds
SecRBAC: Secure data in the Clouds
 
Aspects of data security
Aspects of data securityAspects of data security
Aspects of data security
 
Cloud data governance, risk management and compliance ny metro joint cyber...
Cloud data governance, risk management and compliance ny metro joint cyber...Cloud data governance, risk management and compliance ny metro joint cyber...
Cloud data governance, risk management and compliance ny metro joint cyber...
 
Mcafee data loss_prevention_11.6.x_product_guide_9-28-2021
Mcafee data loss_prevention_11.6.x_product_guide_9-28-2021Mcafee data loss_prevention_11.6.x_product_guide_9-28-2021
Mcafee data loss_prevention_11.6.x_product_guide_9-28-2021
 
Secure Data Sharing in Cloud through Limiting Trust in Third Party/Server
Secure Data Sharing in Cloud through Limiting Trust in Third Party/ServerSecure Data Sharing in Cloud through Limiting Trust in Third Party/Server
Secure Data Sharing in Cloud through Limiting Trust in Third Party/Server
 
Protect customer's personal information eng 191018
Protect customer's personal information eng 191018Protect customer's personal information eng 191018
Protect customer's personal information eng 191018
 
Cloud computing security
Cloud computing securityCloud computing security
Cloud computing security
 
User Behavior based Anomaly Detection for Cyber Network Security
User Behavior based Anomaly Detection for Cyber Network SecurityUser Behavior based Anomaly Detection for Cyber Network Security
User Behavior based Anomaly Detection for Cyber Network Security
 
2° Ciclo Microsoft Fondazione CRUI 6° Seminario: Classificazione e protezion...
2° Ciclo Microsoft Fondazione CRUI 6° Seminario: Classificazione e protezion...2° Ciclo Microsoft Fondazione CRUI 6° Seminario: Classificazione e protezion...
2° Ciclo Microsoft Fondazione CRUI 6° Seminario: Classificazione e protezion...
 
2° Ciclo Microsoft Fondazione CRUI 7° Seminario: Proteggersi dai Cyber Attack...
2° Ciclo Microsoft Fondazione CRUI 7° Seminario: Proteggersi dai Cyber Attack...2° Ciclo Microsoft Fondazione CRUI 7° Seminario: Proteggersi dai Cyber Attack...
2° Ciclo Microsoft Fondazione CRUI 7° Seminario: Proteggersi dai Cyber Attack...
 
Enforcing multi user access policies in cloud computing
Enforcing multi user access policies in cloud computingEnforcing multi user access policies in cloud computing
Enforcing multi user access policies in cloud computing
 
Privacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsPrivacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public clouds
 
Fog Computing:The Justifying Insider Data Stealing Attacks in the Cloud
Fog Computing:The Justifying Insider Data Stealing Attacks in the CloudFog Computing:The Justifying Insider Data Stealing Attacks in the Cloud
Fog Computing:The Justifying Insider Data Stealing Attacks in the Cloud
 

Andere mochten auch

Inventory / Operations Manager
Inventory / Operations ManagerInventory / Operations Manager
Inventory / Operations ManagerAIM Insight
 
Implementation of Bitcoin Miner on SW and HW
Implementation of Bitcoin Miner on SW and HWImplementation of Bitcoin Miner on SW and HW
Implementation of Bitcoin Miner on SW and HWJoe Jiang
 
AES effecitve software implementation
AES effecitve software implementationAES effecitve software implementation
AES effecitve software implementationRoman Oliynykov
 
Aes 128 192_256_bits_project_report
Aes 128 192_256_bits_project_reportAes 128 192_256_bits_project_report
Aes 128 192_256_bits_project_reportsakhi rehman
 
공인인증서 크래킹 - Inc0gnito 2015
공인인증서 크래킹 - Inc0gnito 2015공인인증서 크래킹 - Inc0gnito 2015
공인인증서 크래킹 - Inc0gnito 2015Hajin Jang
 
Image encryption using aes key expansion
Image encryption using aes key expansionImage encryption using aes key expansion
Image encryption using aes key expansionSreeda Perikamana
 
Advanced Encryption Standard (AES) Implementaion using Java
Advanced Encryption Standard (AES) Implementaion using JavaAdvanced Encryption Standard (AES) Implementaion using Java
Advanced Encryption Standard (AES) Implementaion using JavaSunil Kumar R
 

Andere mochten auch (7)

Inventory / Operations Manager
Inventory / Operations ManagerInventory / Operations Manager
Inventory / Operations Manager
 
Implementation of Bitcoin Miner on SW and HW
Implementation of Bitcoin Miner on SW and HWImplementation of Bitcoin Miner on SW and HW
Implementation of Bitcoin Miner on SW and HW
 
AES effecitve software implementation
AES effecitve software implementationAES effecitve software implementation
AES effecitve software implementation
 
Aes 128 192_256_bits_project_report
Aes 128 192_256_bits_project_reportAes 128 192_256_bits_project_report
Aes 128 192_256_bits_project_report
 
공인인증서 크래킹 - Inc0gnito 2015
공인인증서 크래킹 - Inc0gnito 2015공인인증서 크래킹 - Inc0gnito 2015
공인인증서 크래킹 - Inc0gnito 2015
 
Image encryption using aes key expansion
Image encryption using aes key expansionImage encryption using aes key expansion
Image encryption using aes key expansion
 
Advanced Encryption Standard (AES) Implementaion using Java
Advanced Encryption Standard (AES) Implementaion using JavaAdvanced Encryption Standard (AES) Implementaion using Java
Advanced Encryption Standard (AES) Implementaion using Java
 

Ähnlich wie Analysis of Security Algorithms in Cloud Computing

Analysis of-security-algorithms-in-cloud-computing [autosaved]
Analysis of-security-algorithms-in-cloud-computing [autosaved]Analysis of-security-algorithms-in-cloud-computing [autosaved]
Analysis of-security-algorithms-in-cloud-computing [autosaved]Md. Fazla Rabbi
 
Cloud Cryptography
Cloud CryptographyCloud Cryptography
Cloud Cryptographyijtsrd
 
SECURITY BASED ISSUES IN VIEW OF CLOUD BASED STORAGE SYSTEM
SECURITY BASED ISSUES IN VIEW OF CLOUD BASED STORAGE SYSTEMSECURITY BASED ISSUES IN VIEW OF CLOUD BASED STORAGE SYSTEM
SECURITY BASED ISSUES IN VIEW OF CLOUD BASED STORAGE SYSTEMJournal For Research
 
Cloud computing and a new approach in data encryption technique
Cloud computing and a new approach in data encryption techniqueCloud computing and a new approach in data encryption technique
Cloud computing and a new approach in data encryption techniqueMahmuda Rahman
 
Modified RSA-based algorithm: a double secure approach
Modified RSA-based algorithm: a double secure approachModified RSA-based algorithm: a double secure approach
Modified RSA-based algorithm: a double secure approachTELKOMNIKA JOURNAL
 
Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...IOSR Journals
 
Paper id 27201448
Paper id 27201448Paper id 27201448
Paper id 27201448IJRAT
 
Securing data at rest with encryption
Securing data at rest with encryptionSecuring data at rest with encryption
Securing data at rest with encryptionRuban Deventhiran
 
Threat Modeling of Cloud based Implementation of Homomorphic Encryption
Threat Modeling of Cloud based Implementation of Homomorphic EncryptionThreat Modeling of Cloud based Implementation of Homomorphic Encryption
Threat Modeling of Cloud based Implementation of Homomorphic Encryptionijcisjournal
 
What is cloud encryption
What is cloud encryptionWhat is cloud encryption
What is cloud encryptionPrancer Io
 
Carrying out safe exploration short of the actual data of codes and trapdoors
Carrying out safe exploration short of the actual data of codes and trapdoorsCarrying out safe exploration short of the actual data of codes and trapdoors
Carrying out safe exploration short of the actual data of codes and trapdoorsIaetsd Iaetsd
 
5.[40 44]enhancing security in cloud computing
5.[40 44]enhancing security in cloud computing5.[40 44]enhancing security in cloud computing
5.[40 44]enhancing security in cloud computingAlexander Decker
 
5.[40 44]enhancing security in cloud computing
5.[40 44]enhancing security in cloud computing5.[40 44]enhancing security in cloud computing
5.[40 44]enhancing security in cloud computingAlexander Decker
 
Improving Cloud Security Using Multi Level Encryption and Authentication
Improving Cloud Security Using Multi Level Encryption and AuthenticationImproving Cloud Security Using Multi Level Encryption and Authentication
Improving Cloud Security Using Multi Level Encryption and AuthenticationAM Publications,India
 
IRJET- Data Security in Cloud Computing using Cryptographic Algorithms
IRJET- Data Security in Cloud Computing using Cryptographic AlgorithmsIRJET- Data Security in Cloud Computing using Cryptographic Algorithms
IRJET- Data Security in Cloud Computing using Cryptographic AlgorithmsIRJET Journal
 
The Time-Consuming Task Of Preparing A Data Set For...
The Time-Consuming Task Of Preparing A Data Set For...The Time-Consuming Task Of Preparing A Data Set For...
The Time-Consuming Task Of Preparing A Data Set For...Kimberly Thomas
 
A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...
A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...
A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...Editor IJCATR
 
Accessing secured data in cloud computing environment
Accessing secured data in cloud computing environmentAccessing secured data in cloud computing environment
Accessing secured data in cloud computing environmentIJNSA Journal
 
ACCESSING SECURED DATA IN CLOUD COMPUTING ENVIRONMENT
ACCESSING SECURED DATA IN CLOUD COMPUTING ENVIRONMENTACCESSING SECURED DATA IN CLOUD COMPUTING ENVIRONMENT
ACCESSING SECURED DATA IN CLOUD COMPUTING ENVIRONMENTIJNSA Journal
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekSecurity Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekEr. rahul abhishek
 

Ähnlich wie Analysis of Security Algorithms in Cloud Computing (20)

Analysis of-security-algorithms-in-cloud-computing [autosaved]
Analysis of-security-algorithms-in-cloud-computing [autosaved]Analysis of-security-algorithms-in-cloud-computing [autosaved]
Analysis of-security-algorithms-in-cloud-computing [autosaved]
 
Cloud Cryptography
Cloud CryptographyCloud Cryptography
Cloud Cryptography
 
SECURITY BASED ISSUES IN VIEW OF CLOUD BASED STORAGE SYSTEM
SECURITY BASED ISSUES IN VIEW OF CLOUD BASED STORAGE SYSTEMSECURITY BASED ISSUES IN VIEW OF CLOUD BASED STORAGE SYSTEM
SECURITY BASED ISSUES IN VIEW OF CLOUD BASED STORAGE SYSTEM
 
Cloud computing and a new approach in data encryption technique
Cloud computing and a new approach in data encryption techniqueCloud computing and a new approach in data encryption technique
Cloud computing and a new approach in data encryption technique
 
Modified RSA-based algorithm: a double secure approach
Modified RSA-based algorithm: a double secure approachModified RSA-based algorithm: a double secure approach
Modified RSA-based algorithm: a double secure approach
 
Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...
 
Paper id 27201448
Paper id 27201448Paper id 27201448
Paper id 27201448
 
Securing data at rest with encryption
Securing data at rest with encryptionSecuring data at rest with encryption
Securing data at rest with encryption
 
Threat Modeling of Cloud based Implementation of Homomorphic Encryption
Threat Modeling of Cloud based Implementation of Homomorphic EncryptionThreat Modeling of Cloud based Implementation of Homomorphic Encryption
Threat Modeling of Cloud based Implementation of Homomorphic Encryption
 
What is cloud encryption
What is cloud encryptionWhat is cloud encryption
What is cloud encryption
 
Carrying out safe exploration short of the actual data of codes and trapdoors
Carrying out safe exploration short of the actual data of codes and trapdoorsCarrying out safe exploration short of the actual data of codes and trapdoors
Carrying out safe exploration short of the actual data of codes and trapdoors
 
5.[40 44]enhancing security in cloud computing
5.[40 44]enhancing security in cloud computing5.[40 44]enhancing security in cloud computing
5.[40 44]enhancing security in cloud computing
 
5.[40 44]enhancing security in cloud computing
5.[40 44]enhancing security in cloud computing5.[40 44]enhancing security in cloud computing
5.[40 44]enhancing security in cloud computing
 
Improving Cloud Security Using Multi Level Encryption and Authentication
Improving Cloud Security Using Multi Level Encryption and AuthenticationImproving Cloud Security Using Multi Level Encryption and Authentication
Improving Cloud Security Using Multi Level Encryption and Authentication
 
IRJET- Data Security in Cloud Computing using Cryptographic Algorithms
IRJET- Data Security in Cloud Computing using Cryptographic AlgorithmsIRJET- Data Security in Cloud Computing using Cryptographic Algorithms
IRJET- Data Security in Cloud Computing using Cryptographic Algorithms
 
The Time-Consuming Task Of Preparing A Data Set For...
The Time-Consuming Task Of Preparing A Data Set For...The Time-Consuming Task Of Preparing A Data Set For...
The Time-Consuming Task Of Preparing A Data Set For...
 
A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...
A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...
A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...
 
Accessing secured data in cloud computing environment
Accessing secured data in cloud computing environmentAccessing secured data in cloud computing environment
Accessing secured data in cloud computing environment
 
ACCESSING SECURED DATA IN CLOUD COMPUTING ENVIRONMENT
ACCESSING SECURED DATA IN CLOUD COMPUTING ENVIRONMENTACCESSING SECURED DATA IN CLOUD COMPUTING ENVIRONMENT
ACCESSING SECURED DATA IN CLOUD COMPUTING ENVIRONMENT
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekSecurity Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishek
 

Analysis of Security Algorithms in Cloud Computing

  • 1. Presented By: 1. Rafiq, Fatema Binta (13-23447-1) 2. Rahman, Mahmuda (13-22990-1) 3. Rabbi, Md. Fazla (13-23679-1) 4. Ali, Nafis (13-24925-3) 5. Hossain, F.M. Tanvir (13-23513-1) Analysis of Security Algorithms in Cloud Computing Instructor: Shahrin Chowdhury
  • 2.  INTRODUCTION  CHALLENGE  DATA STORAGE & SECURITY IN CLOUDE COMPUTING  Data Security Issues in Cloud Computing  EXISTING ALGORITHM FOR SECURITY  AES  RSA  Further development proposal  CONCLUSION Index
  • 3. INRODUCTION Security system in cloud for storing data is not safe enough. When data is valuable specially in the cloud computing, it's security considered to be the key requirement. Also it is get more important when it is hard to make it safe. It becomes hard to keep data safe due to lack of strong data encryption system. Cloud possesses the security problem in Data segregation, Data theft, unauthorized access, Uncleaned Owner and responsibility of Data Protection, Data Loss conditions. Wednesday, February 3, 2016 3
  • 4. CHALLENGE The following are some of the notable challenges associated with cloud computing, and although some of these may cause a slowdown when delivering more services in the cloud, most also can provide opportunities, if resolved with due care and attention in the planning stages. • Security and Privacy • Lack of Standards • Continuously Evolving Wednesday, February 3, 2016 4
  • 5. Data Storage & Security in Cloud Computing Cloud storage services may be accessed through a web service application programming interface (API), a cloud storage gateway or through a Web-based user interface. Cloud storage is:  made up of many distributed resources, but still acts as one  highly fault tolerant through redundancy and distribution of data  highly durable through the creation of versioned copies  typically eventually consistent with regard to data replicas. Wednesday, February 3, 2016 5
  • 6. Data Security Issues in Cloud Computing  Transmit and store user’s information as little as possible. After systemic analysis, the cloud computing applications will collect and store the most necessary information only.  Security measures will be adopted to prevent unauthorized access, copying, using or modifying personal information.  Achieve user’s control to the greatest degree. Firstly, it is necessary to allow the user to control the most critical and important personal information. Secondly, it is available to manage personal information by a trusted third party. Wednesday, February 3, 2016 6
  • 7. Data Security Issues in Cloud Computing  Allow users to make choice. Users have the right to select the use of personal information. Besides, they can join or leave freely.  Make clear and limit the purpose of use of data. Personal information must be used and handled by the person with specific identification for specific purpose and owner of information should be notified before using.  Establish feedback mechanism to ensure that safety tips and detailed measures of the service will be provided to the user timely.  It can maximize the security of user’s data after introducing principles above Wednesday, February 3, 2016 7
  • 8. Pseudo code of AES Algorithm  The AES algorithm performs a number Nr of cryptographic rounds depending on the actual key length. It has variable key length of 128, 192, or 256 bits.  Each round consists of four byte- oriented cryptographic transformations  Byte Substitution  Shifting rows of state array  Mixing data within a column of the state array  Round key addition to the state array Cipher(byte[] input, byte[] output) { byte[4,4] State; copy input[] into State[] AddRoundKey for (round = 1; round < Nr-1; ++round) { SubBytes ShiftRows MixColumns AddRoundKey } SubBytes ShiftRows AddRoundKey copy State[] to output[] } Wednesday, February 3, 2016 8
  • 9. Activity Diagram of AES Algorithm Wednesday, February 3, 2016 9
  • 10. Advantage: Extremely Secure When it uses a secure algorithm, symmetric key encryption can be extremely secure. When you use it with its most secure 256-bit key length, it would take about a billion years for a 10 petaflop computer to guess the key through a brute-force attack. Relatively Fast Encrypting and decrypting symmetric key data is relatively easy to do, giving you very good reading and writing performance. Disadvantage: Sharing the Key The biggest problem with symmetric key encryption is that you need to have a way to get the key to the party with whom you are sharing data. Encryption keys aren't simple strings of text like passwords. More Damage if Compromised When someone gets their hands on a symmetric key, they can decrypt everything encrypted with that key. When you're using symmetric encryption for two-way communications, this means that both sides of the conversation get compromised. Wednesday, February 3, 2016 10
  • 11. Pseudo Code for RSA Algorithm  Key Generation Algorithm 1. Choose two very large random prime integers: p and q 2. Compute n and φ(n): n = pq and φ(n) = (p-1)(q-1) 3. Choose an integer e, 1 < e < φ(n) such that: gcd(e, φ(n)) = 1(where gcd means greatest common denominator) 4. Compute d, 1 < d < φ(n) such that: ed ≡ 1 (mod φ(n))  the public key is (n, e) and the private key is (n, d)  the values of p, q and φ(n) are private  e is the public or encryption exponent  d is the private or decryption exponent  Encryption The cyphertext C is found by the equation 'C = Me mod n' where M is the original message.  Decryption The message M can be found form the cyphertext C by the equation 'M = Cd mod n'. Wednesday, February 3, 2016 11
  • 12. Activity Diagram of RSA Algorithm Encryption Public Key Private Key Decryption Sender Receiver Generate Key To the public Cipher text Transmission Medium Plain text Plain text Wednesday, February 3, 2016 12
  • 13. Advantage: Increased security and convenience Private keys never need to be transmitted or revealed to anyone. Digital signatures that cannot be repudiated Authentication via secret-key systems requires the sharing of some secret and sometimes requires trust of a third party as well. As a result, a sender can repudiate a previously authenticated message by claiming the shared secret was somehow compromised) by one of the parties sharing the secret. Disadvantage: Encryption speed Slow For encryption, the best solution is to combine public- and secret-key systems in order to get both the security advantages of public-key systems and the speed advantages of secret-key systems. Such a protocol is called a digital envelope. Vulnerability risk A successful attack on a certification authority will allow an adversary to impersonate whomever he or she chooses by using a public-key certificate from the compromised authority to bind a key of the adversary's choice to the name of another user. Wednesday, February 3, 2016 13
  • 14. Further development proposal  Multiple encryption  Data storage method  Biometric security Wednesday, February 3, 2016 14
  • 15. Conclusion Cloud computing is changing the way IT departments buy IT. Businesses have a range of paths to the cloud, including infrastructure, platforms and applications that are available from cloud providers as online services. Security is a major requirement in cloud computing while we talk about data storage. There are number of existing techniques used to implement security in cloud. We discussed one symmetric and asymmetric algorithm. Our future will be considering some problems related to existing security algorithms and implement a better version of AES & RSA. Wednesday, February 3, 2016 15
  • 16. Left the world… Trapped me to answer the question of unknown Answers… Left silently *sigh*.. Don’t Ask Questions Please. Wednesday, February 3, 2016 16
  • 17. References  Randeep Kaur ,Supriya Kinger, “Analysis of Security Algorithms in Cloud Computing“, International Journal of Application or Innovation in Engineering & Management (IJAIEM), Volume 3, Issue 3, March 2014 .  http://www.emc.com/emc-plus/rsa-labs/standards- initiatives/advantages-and-disadvantages.htm  http://science.opposingviews.com/advantages- disadvantages-symmetric-key-encryption-2609.html Wednesday, February 3, 2016 17