See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/345438033

Efficient Data Security Using Hybrid Cryptography on Cloud Computing

Chapter · September 2020

DOI: 10.1007/978-981-15-7345-3_46

CITATIONS READS

86 4,742

3 authors, including:

Chinnasamy Ponnusamy
Kalasalingam Academy of Research and Education
86 PUBLICATIONS 1,106 CITATIONS

SEE PROFILE

All content following this page was uploaded by Chinnasamy Ponnusamy on 09 November 2020.

The user has requested enhancement of the downloaded file.

Efficient Data Security Using Hybrid
Cryptography on Cloud Computing

P. Chinnasamy, S. Padmavathi, R. Swathy, and S. Rakesh

Abstract Services are distributed among all servers and between the users and
individuals in the cloud environment. Cloud providers have trouble guaranteeing
file protection as security is the biggest issue in data handling and transfer as it can
be accessed, misused and destroyed the original data form. Cloud security is a big
concern in the cloud computing environment. To safeguard the cloud environment,
many research works are being proposed. To overcome the security issue and achieve
the CIA property (confidentiality, integrity and availability) the cryptography is used.
Cryptography is the most useful technique to ensure a high level of data transfer and
storage security. In traditional symmetric and asymmetric has some limitations. To
solve this we are going to introducing a new hybrid technique to achieve high data
security and confidentiality. In this article, we are combing ECC and Blowfish to
implement a hybrid algorithm. The performance of the hybrid system is compared
with the existing hybrid method and shows that the proposed method provides high
security and confidentiality of patient data. The hybrid cryptography is used to defeat
the inconveniences of both symmetric and asymmetric.

Keywords Blowfish · Cloud environment · CIA property · Elliptic curve · Hybrid

cryptography · Security

P. Chinnasamy (B) · S. Padmavathi · R. Swathy · S. Rakesh

Assistant Professor, Department of Information Technology, Sri Shakthi Institute of Engineering
and Technology, Coimbatore 641062, India
e-mail: [email protected]
S. Padmavathi
e-mail: [email protected]
R. Swathy
e-mail: [email protected]
S. Rakesh
e-mail: [email protected]

© The Editor(s) (if applicable) and The Author(s), under exclusive license 537
to Springer Nature Singapore Pte Ltd. 2021
G. Ranganathan et al. (eds.), Inventive Communication and Computational
Technologies, Lecture Notes in Networks and Systems 145,
https://doi.org/10.1007/978-981-15-7345-3_46
538 P. Chinnasamy et al.

1 Introduction

Information security is the major issue in technology development, and it seems to be

the most critical and necessary to maintain data privacy while transmitting through
the network. More generally, cryptography is about building and analyzing protocols,
which prevent private messages from being read by third parties or the public. The
algorithms used for this process are known as cryptographic algorithms or ciphers
(altering data from readable form to protected form) which can be categorized into
two basic types based on the keys used as the symmetric key and asymmetric-key
algorithm.
Symmetric encryptions, such as (DES, RC2, RC4, Blowfish, RC5, RC6, or AES)
are the oldest and method of encryption in which only a single secret key is used to
encrypt and decrypt data. The sender and receiver share the key, which is a major
drawback because the key exchange channel can be searched by an intruder to decrypt
the data [1]. To turn the secret key you need a secure channel between the sender and
receiver. In comparison, asymmetric encryption, like DSA, RSA and ECC, uses two
keys for plain text ciphering, both public and private. Any entity with a public key
can use it to send a message but the private key is kept secret and used to decrypt the
message.
A hybrid cryptosystem is a system that includes many ciphers of different kinds,
each of which has its strongest strengths [2]. The sensible solution is to build a
unique encryption key for secret key cryptography and afterward encode secret key
with participant’s public key by an asymmetric cipher. The encrypted secret key and
ciphertext are then sent to the receiver.
The reason for choosing the Blowfish and Elliptic curve are as follows:
1. The data gets encrypted quickly with the help of Blowfish [3] (26 clock cycle
per byte).
2. A smaller amount of memory is needed (5 KB).
3. The default key size of Blowfish is 128 bit, but based on the length of the key
the Blowfish key size ranges from 32 to 448 bits.
4. The Elliptic curve is stronger than RSA. The standard 256 bit ECC key size is
equal to a 3072 bit RSA key, and 10,000 times more powerful than a 2048 bit
RSA key.
5. ECC requires less processing power and memory, resulting in considerably faster
response times and Web server performance when it is in operation.
6. Higher safety level [4] with a smaller key size compared to other Cryptographic
techniques.
The subjects covered in this paper are as follows: Introduction is discussed in
Sect. 1. In Sect. 2 Related works are discussed. In Sect. 3 our proposed method with
architecture explanation and flow process with methodologies and its algorithms are
explained. In Sect. 4 results and analysis are explained. Ultimately, Sect. 5 addresses
the conclusion and potential enhancement.
Efficient Data Security Using Hybrid Cryptography … 539

2 Related Works

Few of the hybrid cryptosystem algorithms are discussed below along with their
advantages and disadvantages for secure cloud storage.
Kamara and Lauter [5] have proposed a security model that works on the
public cloud, using cryptographic primitives for verifying data integrity. This paper
discussed the benefits of cloud storage such as availability, reliability, efficient
retrieval and data sharing, which combines recent and non-standard cryptographic
primitives for secure cloud storage.
A hybrid data encryption system that would use both RSA and Blowfish was
implemented in [6]. In this, they used a mathematical methodology to implement
the Field Programmable Gate Array (FPGA). This strategy is very effective given its
low cost and high level of protection. But key size (448 bits) is the primary issue.
Maitri and Verma [7] suggested the use of a hybrid cryptographic technique
to protect cloud file storage. They used steganography with LSB by which the
encryption key is covered into a picture header for key information integrity.
In [8], an innovative technique of hybrid cryptography was developed for health
records. In that, they used Blowfish and enhanced RSA algorithms to improve patient
data security and prevent false requests.
Wang et al. [9] introduced a new method to encrypt information and send encrypted
data to another user, the user creates the public key. Decryption is done through a
private key. Use of symmetric and asymmetric searchable encryption to search over
encrypted data. Wang et al. have designed a model that uses security encryption
techniques, and users should have prior knowledge of encrypted data.
In [10], he presented a hybrid technique (AES-RSA) for lightweight data.
However, it cannot be applied to multimedia data as it provides security for
lightweight data only.
In addition to Order Preserving Symmetric Encryption (OPSE), symmetric search-
able encryptions were employed. System analysis has shown its usefulness in the case
of a graded keyword search, but attacks, integrity and confidentiality are not rele-
vant information. So, it might not be appropriate to provide security. Incremental
encryption [11] enables data to be encrypted and exchanged with other authorized
users with a different encryption key before being stored in the cloud. Agarwal and
Agarwal [12] spoke about security threats in the cloud.
Dubey et al. [13] proposed to exchange data in the cloud using RSA and they
have used the MD5 algorithm for data integrity. They utilized the RSA algorithm to
encrypt large data files to enhance data security in the cloud.
Sarkar and Kumar [14] recommended a method for ensuring cloud data protection
using hybrid encryption. This strategy would also boost data protection at a high
overhead communication rate in the cloud.
Chinnasamy and Deepalakshmi [15] introduced a novel technique which produces
access control as a service using multilabel (SMBACaaS). They have used an
improved key generation scheme of RSA (IKGSR) for generating key and signature
to achieve better confidentiality and security.
540 P. Chinnasamy et al.

The different types of cryptographic algorithms are analyzed in [16] and are used
in modern cloud storage. We gave a quick summary of various security concerns,
and how we can use cryptographic methods to create stable cloud storage systems.
Singh and Kaur [17] suggested a user data encryption system before being trans-
mitted to the cloud. AES is used to encrypt user data, and the RSA algorithm encodes
the secret key. The same operation for decryption is followed, too. The hybrid strategy
had been used to combat cloud DOS attacks. Similar to other methods, the only
downside of this approach is more time-consuming. Akomolafe and Abodunrin [18]
created a new data storage architecture using the cryptographic hybrid model. Secure
data storage is obtained by using the AES, Blake2b and Schnorr Signature algorithms.
The service provider is unknown about the personal encryption method to provide a
high level of security because data encryption is performed on the client-side before
uploading to the cloud. The method is nonetheless incompatible with multimedia
files.
Karthik et al. [19] proposed the use of both symmetric key (One-Time-Pad) and
Asymmetric-key algorithm (RSA) to provide strong security. The product of this
approach offered better security. The time taken to encipher data is also faster than
the process already in use.
Rahmani et al. [20] proposed a new method for cloud services with XaaS archi-
tecture. The authors suggested Cloud Encryption as a Service (EaaS) by which the
service provider encryption security risk is reduced and client-side protection is
enhanced.
From these surveys, the cloud provider is responsible for the security of client data.
An asymmetric cryptosystem with hyper-elliptic curve cryptography is proposed for
efficient data security, which provides secure data encryption as well as protected
shield against data theft on the cloud. From the user’s point of view, he believes the
user has to access a high amount of cloud data in a protected way. However, the
complexity of the cryptographic algorithm used, with the security concern, has not
been given much importance. To resolve the complexities of the algorithm proposed
earlier, the proposed model must assist directly in knowledgeable, fast and safe access
to data.
The hybrid approach described above provides confidentiality only. Whereas our
proposed method is novel in terms of providing features such as; enhancing client-
side security through the use of hybrid cryptosystem (BLOWFISH+ECC), the effi-
ciency of the proposed method is greatly improved in comparison with existing
methods, as well as security also enhanced.

3 Proposed Method

The hybrid cryptography combines the public key cryptography with the symmetric
key cryptography. The hybrid algorithms used here are Elliptic curve cryptography
(public key cryptography) and Blowfish algorithm (symmetric key cryptography).
Elliptical curve cryptography (public key encryption) based on the Elliptic curve
Efficient Data Security Using Hybrid Cryptography … 541

theory that can be used to generate cryptographic keys that are faster, smaller and
more effective. The advantage of an Elliptic curve is smaller chip size, less power
consumption, increase in speed, etc. Blowfish is a freely available symmetric encryp-
tion algorithm, which is a very powerful weapon against hackers and cybercriminals
used in a wide range of products including some secure email encryption devices,
backup software and password. Due to the small number of rounds, Blowfish is a
relatively fast block cipher (encryption tool) very powerful with a relatively simple
structure. In this section, we are going to explain the basic functionalities of Blowfish
and Elliptic curve cryptographic algorithms.

3.1 Blowfish Algorithm

Blowfish is a symmetrical block cipher that performs a Fiesta network, which consists
of 16 rounds of functional decryption and iterative encryption.
The block size used is 64 bit and the size of the key can differ from any length to
448. Blowfish cipher uses 18 32 bit sub-arrays commonly known as P-boxes, and 4
32 bit replacement boxes each with 256 entries.
It consists of two stages: The first is Key Extension, and the other is data encryp-
tion. Key is converted into many sub-keys in the key expansion process, and encryp-
tion occurs in the data encryption phase across 16-round networks. Every round
involves a key-dependent permutation and a substitution based on key and data
(Fig. 1).

Fig. 1 The function of the

Blowfish algorithm
542 P. Chinnasamy et al.

3.2 Elliptic Curve Cryptographic Algorithm

For smaller key size, huge speed and low consumption of memory the elliptic curve
cryptography (ECC) has been choosing for instantiating schemes related to the public
key, digital encryption, bitcoin services and others. Those proven ECC reputations
are based on its algorithmically complex, discrete problem with the logarithm (DLP).
In the FP prime finite field, the Elliptic curve is about the cloud of points described
in the below equation

y2 = x3 + ax + b mod p (1)

where x, y, a and b are all elements within the FP. The points to be on the curve is
determined by the a and b coefficients.

System Model
The cloud serves as the main storage medium where data of the patient is stored
in encrypted form using the Blowfish algorithm and its key is encrypted using the
public key Elliptic curve. The ciphertext of both patient’s data and the Blowfish key
are stored in the cloud. To decrypt the Blowfish key the private key of the Elliptic
curve cryptography is used and the decrypted Blowfish key is obtained. The Blowfish
algorithm uses the decrypted Blowfish key to decipher the patient’s data (Fig. 2).
Here the patient’s data is taken into account for storage and retrieval of the data
from the cloud using the hybrid algorithms (Elliptic curve and Blowfish). The process
takes place here is
1. Upload process
2. Download process.

Upload Process
If this is a script or plain text, then the path or data to be directly encrypted is defined
by the client. The feature automatically generates a symmetric key called one key,
based on the key size. The Blowfish is used to encipher plaintext P to obtain ciphertext
C. The hidden key of Blowfish is authenticated by the Elliptic Curve cryptography
process and the key that is encrypted is stored in a secure location.

Download Function
The user gets ciphertext C from the cloud. Elliptic curve cryptography algorithm
is used for ciphertext key decryption. To obtain the plaintext P, the downloaded
ciphertext data C is decrypted with the Blowfish algorithm.

Implementation
To implement the proposed method the operating system used is Windows 10 and
Java 1.8 for the front end, as it is free and platform-independent. For the storage
purpose, i.e. for the database SQLite is used which is the commonly used database
Efficient Data Security Using Hybrid Cryptography … 543

Fig. 2 The architecture of hybrid cryptography

Table 1 Key and block size

Technique Keys (Bits) Blocks (Bits)
settings
Chinnasamy et al. 128,1024 No limit
Proposed method 128,256 No limit

as it is free and code can be available in the public domain. The IDE used here is
NetBeans 8.01 which is open-source and used for Java Desktop applications and the
cloud server is Apache Tomcat Server 8.0.27.0 as it is open source and implements
Java server pages and Java servlets. The key settings for our proposed method are
shown in Table 1.

4 Result and Analysis

In the below graph to compare the efficiency of the hybrid algorithm (Elliptic curve
and Blowfish) the parameters taken into consideration are time in terms of (seconds)
544 P. Chinnasamy et al.

Fig. 3 Encryption time comparison

Table 2 The encryption time analysis

Data AES Blowfish Chinnasamy and Deepalakshmi [8] Proposed method
1 4.377 3.654 1.823 1.523
2.5 4.466 3.754 2.012 1.572
5 4.586 3.886 2.245 1.622
7.5 5.75 4.492 2.742 2.228
10 9.142 7.963 3.128 2.483

along x-axis and data size (a record) in terms of (MB) along the y-axis and the
encryption, time is compared (Fig. 3 and Table 2).
In the below graph the algorithm (Blowfish and AES) is compared with our hybrid
algorithm. Both AES and Blowfish comes under the symmetric key cryptography.
Symmetric algorithms have the main advantage of faster execution and efficient for
large amounts of data. By the above graph, it is evident that our hybrid algorithm is
efficient than the other algorithms (Fig. 4 and Table 3).
Efficient Data Security Using Hybrid Cryptography … 545

Fig. 4 Decryption time comparison

Table 3 The decryption time analysis

Data AES Blowfish Chinnasamy and Deepalakshmi [8] Proposed method
1 4.975 4.268 1.307 1.287
2.5 5.069 4.284 2.045 1.874
5 5.18 4.288 3.045 2.53
7.5 5.207 4.788 3.45 2.551
10 7.002 5.304 4.042 2.973

5 Security Analysis

5.1 Security Against Mathematical Attack

We used two separate keys for the decryption process inside the hybrid cryptosystem.
This improved data and key protection even after lost one key. However, the attack
cannot be carried out while the data is already in an encrypted state.

5.2 Security Against Side-Channel Attack

The security of the ECC algorithm is based on the elliptic curve discrete logarithm
problem (ECDLP) is hard. ECC has many operations to compute the curve because
all the operations are based on different coordinates. Also, it provides security against
differential fault attacks.
546 P. Chinnasamy et al.

6 Conclusion and Future Enhancement

The secured data storage problem is solved by introducing our proposed hybrid
cryptography method. The drawbacks of the cloud are lack of greater security and
privacy. This model proposed is designed and implemented in Java, incorporating
the best techniques of both symmetric key (Blowfish) and asymmetric-key (ECC).
The Blowfish and ECC algorithms are used for the processes of key generation,
encryption and decryption. Elliptic curve cryptography (ECC) is implemented to
achieve an enhanced level of security in cloud computing. ECC provides a more
robust and secure model for developing and deploying a secure application in the
cloud. To solve the key distribution we can incorporate with steganography method
to hide the keys. In the future, to solve the key distribution we can incorporate with
steganography method and compare this work with the existing hybrid method.

References

1. Al-Shabi MA (2019) A survey on symmetric and asymmetric cryptography algorithms in

information security. Int J Sci Res Pub 9(3). http://dx.doi.org/10.29322/IJSRP.9.03.2019.p.
8779
2. Ngwe TT, Phyo SW (2015) Hybrid cryptosystem for data security. Int J Adv Electron Comput
Sci 2(6)
3. Schenier on security. https://www.schneier.com/academic/blowfish/. Last accessed 31 Oct 2017
4. Vasundhara S (2017) The advantages of elliptic curve cryptography for security. Glob J Pure
Appl Math 13(9):4995–5011. ISSN 0973-1768
5. Kamara S, Lauter K (2010) Cryptographic cloud storage. Lect Notes Comput Sci 6054:136–149
6. Bansal VP, Singh S (205) A hybrid data encryption technique using RSA and blowfish for
cloud computing on FPGAs. In: 2nd international conference on recent advances in engineering
computational sciences (RAECS), Chandigarh, pp 1–5
7. Maitri PV, Verma A (2016) Secure file storage in cloud computing using hybrid cryptography
algorithm. In: International conference on wireless communications, signal processing and
networking (WiSPNET), Chennai, pp 1635–1638
8. Chinnasamy P, Deepalakshmi P (2018) Design of secure storage for health-care cloud using
hybrid cryptography. In: 2nd international conference on inventive communication and compu-
tational technologies (ICICCT 2018). IEEE Xplore Compliant-Part number: CFP18BAC-ART;
ISBN 978-1-5386-1974-2
9. Wang C, Cao N, Li J, Ren K, Lou W (2010) Secure ranked keyword search over encrypted
cloud data. J ACM 43(3):431–473
10. Liang C, Ye N, Malekian R, Wang R (2016) The hybrid encryption algorithm of lightweight
data in cloud storage. In: 2nd international symposium on agent, multi-agent systems and
robotics (ISAMSR), Bangi, Malaysia, pp 160–166
11. Gansen Z, Chunming R, Jin L, Feng Z, Yong T (2010) Trusted data sharing over untrusted
cloud storage providers. In: Proceedings of the 2nd IEEE international conference on cloud
computing technology and science (CloudCom), pp 97–10
12. Agarwal A, Agarwal A (2011) The security risks associated with cloud computing. Int J Comput
Appl Eng Sci I(CNS). ISSN 2231-4946
13. Dubey AK, Dubey AK, Namdev M, Shrivastava SS (2012) Cloud-user security based on RSA
and MD5 algorithm for resource attestation and sharing in Java environment. In: CSI sixth
international conference, software engineering (CONSEG)
 Efficient Data Security Using Hybrid Cryptography … 547

14. Sarkar MK, Kumar S (2016) Ensuring data storage security in cloud computing based on
hybrid encryption schemes. In: Fourth international conference on parallel, distributed and grid
computing (PDGC), Waknaghat, pp 320–325. https://doi.org/10.1109/pdgc.2016.7913169
15. Chinnasamy P, Deepalakshmi P (2018) A scalable multilabel-based access control as a service
for the cloud (SMBACaaS). Trans Emerg Telecommun Technol 29(8):e3458. https://doi.org/
10.1002/ett.3458,2018
16. Yong P, Wei Z, Feng X, Zhong-hua D, Yang G, Dongqing C (2012) A secure cloud storage
based on cryptographic techniques. J China Univ Posts Telecommun 19:182–189
17. Singh N, Kaur PD (2015) A hybrid approach for encrypting data on cloud to prevent DoS
attacks. Int J Database Theor Appl 8(3):145–154. http://dx.doi.org/10.14257/ijdta.2015.8.3.12
18. Akomolafe OP, Abodunrin MO (2017) A hybrid cryptographic model for data storage in mobile
cloud computing. Int J Comput Netw Inform Sec 6:53–60
19. Karthik, Chinnasamy, Deepalakshmi (2017) Hybrid cryptographic technique using OTP:RSA.
In: 2017 IEEE international conference on intelligent techniques in control, optimization and
signal processing (INCOS), Srivilliputhur, pp 1–4
20. Rahmani H, Sundararajan E, Zulkarnain Md, Ali AMZ (2013) Encryption as a service (EaaS)
as a solution for cryptography in cloud. Procedia Technol 11:1202–1210

View publication stats