Secure File Storage On Cloud Using Hybrid Cryptography

Main Article Content

Jian-Foo Lai
Swee-Huay Heng

Abstract

As technology today is moving forward exponentially, data exchange over the Internet has become a daily routine. Furthermore, businesses are growing internationally and offices are being established in a variety of different places throughout the world. This has resulted in the necessity to make data accessible and practical from any place. As a result, information sent via an may lead to critical security problems involving the breach of secrecy, authentication, and data integrity. This paper introduces a cloud storage system by utilising hybrid cryptography approach that leverages both advantages of symmetric key and asymmetric key cryptographic techniques. In our proposed system, the symmetric key algorithm AES is utilised to encrypt data, whereas the asymmetric key algorithm ElGamal is employed to perform key encryption before the data upload into cloud storage. Combining both symmetric key and asymmetric key methods alleviates privacy issues while increasing data confidentiality. In addition, a hash function which is SHA-2 is executed before the encryption process and after the decryption process. Both hash values are derived through a hashing procedure and matched in order to verify the data integrity. However, if the users' accounts were lost or stolen, all encryption would be meaningless. Hence, a Two-Factor Authentication (2FA) is also employed to minimise the abovementioned risk to achieve a greater security over the cloud environment.

Article Details

How to Cite
Lai, J.-F., & Heng, S.-H. (2022). Secure File Storage On Cloud Using Hybrid Cryptography. Journal of Informatics and Web Engineering, 1(2), 1–18. https://doi.org/10.33093/jiwe.2022.1.2.1
Section
Regular issue

References

R. Kaur and J. Kaur, “Cloud computing security issues and its solution: A review”, 2nd International Conference on Computing for Sustainable Global Development (INDIACom), pp. 1198-1200, 2015.

A. J. Nathan and A. Scobell, “2020 Data Breach Investigations Report”, Verizon, 2020.

D. P. Timothy and A. K. Santra, “A hybrid cryptography algorithm for cloud computing security”, 2017 International Conference on Microelectronic Devices, Circuits and Systems (ICMDCS), pp. 1-5, 2017.

P. Loshin, “Selected FAQs on using GnuPG”, Simple Steps to Data Encryption: A Practical Guide to Secure Computing, pp. 11-21, 2013.

V. S. Mahalle and A. K. Shahade, “Enhancing the data security in cloud by implementing hybrid (RSA & AES) encryption algorithm”, 2014 International Conference on Power, Automation and Communication (INPAC), pp. 146-149, 2014.

E. Jintcharadze and M. Iavich, “Hybrid implementation of Twofish, AES, ElGamal and RSA Cryptosystems”, 2020 IEEE East-West Design and Test Symposium (EWDTS), pp. 1-5, 2020.

O. Alabi, A. Thompson, B. K. Alese and A. J. Gabriel, “Cloud application security using hybrid encryption”, Communications on Applied Electronics, vol. 7, no. 33, pp.25-31, 2020.

J. Daemen and V. Rijmen, “The Block Cipher Rijndael”, Lecture Notes in Computer Science, vol 1820. Springer, Berlin, Heidelberg, 1998. https://doi.org/10.1007/10721064_26

J. Nechvatal, E. Barker, L. Bassham, W. Burr, M. Dworkin, J. Foti and E. Roback, “Report on the development of the Advanced Encryption Standard (AES)”, Journal of Research of the National Institute of Standards and Technology, vol. 106, no.3, pp. 511-577, 2001.

T. Elgamal, “A public key cryptosystem and a signature scheme based on discrete logarithms”, IEEE Transactions on Information Theory, vol. 31, no. 4, pp. 469-472, 1985.

W. Penard and T. V. Werkhoven, “On the secure hash algorithm family”, Cryptography in Context, pp. 1-17, 2008.

P. P. Pittalia, “A comparative study of hash algorithms in cryptography”, International Journal of Computer Science and Mobile Computing, vol. 8, no. 6, pp. 147-152, 2019.

M. Stevens, E. Bursztein, P. Karpman, A. Albertini and Y. Markov, “The first collision for full SHA-1”, Lecture Notes in Computer Science, vol. 10401, pp 570–596, 2017.

C. R. Severance, “Inventing PHP: Rasmus lerdorf”, Computer, vol. 45, no. 11, pp. 6-7, 2012.

L. Moroney, “The firebase realtime database”, The Definitive Guide to Firebase, pp. 51-71, 2017.