Presented By:1. Rafiq, Fatema Binta (13-

23447-1)2. Rahman, Mahmuda (13-

22990-1)3. Rabbi, Md. Fazla (13-23679-1)4. Ali, Nafis (13-24925-3)5. Hossain, F.M. Tanvir (13-

23513-1)

Analysis of Security Algorithms in Cloud Computing

Instructor: Shahrin

Chowdhury

INTRODUCTION CHALLENGE DATA STORAGE & SECURITY IN

CLOUDE COMPUTING Data Security Issues in

Cloud Computing EXISTING ALGORITHM FOR

SECURITY AES RSA

Further development proposal CONCLUSION

Index

INRODUCTION

Security system in cloud for storing data is not safe enough. When data is valuable specially in the cloud computing, it's security considered to be the key requirement. Also it is get more important when it is hard to make it safe. It becomes hard to keep data safe due to lack of strong data encryption system. Cloud possesses the security problem in Data segregation, Data theft, unauthorized access, Uncleaned Owner and responsibility of Data Protection, Data Loss conditions.

Monday, May 1, 2023

3

CHALLENGEThe following are some of the notable challenges associated with cloud computing, and although some of these may cause a slowdown when delivering more services in the cloud, most also can provide opportunities, if resolved with due care and attention in the planning stages.

• Security and Privacy• Lack of Standards• Continuously Evolving

Monday, May 1, 2023

4

Data Storage & Security in Cloud Computing

Cloud storage services may be accessed through a web service application programming interface (API), a cloud storage gateway or through a Web-based user interface. Cloud storage is: made up of many distributed resources, but still acts as

one highly fault tolerant through redundancy and

distribution of data highly durable through the creation of versioned copies typically eventually consistent with regard to data

replicas.

Monday, May 1, 2023

5

Data Security Issues in Cloud Computing

Transmit and store user’s information as little as possible. After systemic analysis, the cloud computing applications will collect and store the most necessary information only.

Security measures will be adopted to prevent unauthorized access, copying, using or modifying personal information.

Achieve user’s control to the greatest degree. Firstly, it is necessary to allow the user to control the most critical and important personal information. Secondly, it is available to manage personal information by a trusted third party.

Monday, May 1, 2023

6

Data Security Issues in Cloud Computing

Allow users to make choice. Users have the right to select the use of personal information. Besides, they can join or leave freely.

Make clear and limit the purpose of use of data. Personal information must be used and handled by the person with specific identification for specific purpose and owner of information should be notified before using.

Establish feedback mechanism to ensure that safety tips and detailed measures of the service will be provided to the user timely.

It can maximize the security of user’s data after introducing principles above

Monday, May 1, 2023 7

Pseudo code of AES Algorithm

The AES algorithm performs a number Nr of cryptographic rounds depending on the actual key length. It has variable key length of 128, 192, or 256 bits.

Each round consists of four byte-oriented cryptographic transformations

Byte Substitution Shifting rows of state array Mixing data within a column of

the state array Round key addition to the state

array

Cipher(byte[] input, byte[] output){

byte[4,4] State;copy input[] into State[] AddRoundKeyfor (round = 1; round < Nr-1; ++round){

SubBytes ShiftRows MixColumns AddRoundKey }

SubBytes ShiftRows AddRoundKeycopy State[] to output[]

}

Monday, May 1, 2023 8

Activity Diagram of AES Algorithm

Monday, May 1, 2023

9

Advantage:

 Extremely SecureWhen it uses a secure algorithm, symmetric key encryption can be extremely secure. When you use it with its most secure 256-bit key length, it would take about a billion years for a 10 petaflop computer to guess the key through a brute-force attack. 

Relatively FastEncrypting and decrypting symmetric key data is relatively easy to do, giving you very good reading and writing performance.

Disadvantage:

 Sharing the KeyThe biggest problem with symmetric key encryption is that you need to have a way to get the key to the party with whom you are sharing data. Encryption keys aren't simple strings of text like passwords.

 More Damage if CompromisedWhen someone gets their hands on a symmetric key, they can decrypt everything encrypted with that key. When you're using symmetric encryption for two-way communications, this means that both sides of the conversation get compromised.

Monday, May 1, 2023

10

Pseudo Code for RSA Algorithm Key Generation Algorithm

1. Choose two very large random prime integers:

p and q

2. Compute n and φ(n):n = pq and φ(n) =

(p-1)(q-1)

3. Choose an integer e, 1 < e < φ(n) such

that:gcd(e, φ(n)) = 1(where gcd means greatest common denominator)

4. Compute d, 1 < d < φ(n) such that:

ed ≡ 1 (mod φ(n))

the public key is (n, e) and the private key is (n, d)

the values of p, q and φ(n) are private

e is the public or encryption exponent

d is the private or decryption exponent

EncryptionThe cyphertext C is found by the equation 'C = Me mod n' where M is the original message.

DecryptionThe message M can be found form the cyphertext C by the equation 'M = Cd mod n'.

Monday, May 1, 2023 11

Activity Diagram of RSA Algorithm

Encryption

Public Key

Private Key

Decryption

Sender Receiver

Generate Key

To the public

Cipher text

Transmission Medium

Plain text

Plain text

Monday, May 1, 2023 12

Advantage:

Increased security and convenience

Private keys never need to be transmitted or revealed to anyone.

Digital signatures that cannot be repudiated

Authentication via secret-key systems requires the sharing of some secret and sometimes requires trust of a third party as well. As a result, a sender can repudiate a previously authenticated message by claiming the shared secret was somehow compromised) by one of the parties sharing the secret.

Disadvantage:

 Encryption speed SlowFor encryption, the best solution is to combine public- and secret-key systems in order to get both the security advantages of public-key systems and the speed advantages of secret-key systems. Such a protocol is called a digital envelope.

Vulnerability riskA successful attack on a certification authority will allow an adversary to impersonate whomever he or she chooses by using a public-key certificate from the compromised authority to bind a key of the adversary's choice to the name of another user.

Monday, May 1, 2023

13

Further development proposal

Multiple encryption

Data storage method

Biometric security

Monday, May 1, 2023

14

ConclusionCloud computing is changing the way IT departments buy IT. Businesses have a range of paths to the cloud, including infrastructure, platforms and applications that are available from cloud providers as online services. Security is a major requirement in cloud computing while we talk about data storage. There are number of existing techniques used to implement security in cloud. We discussed one symmetric and asymmetric algorithm. Our future will be considering some problems related to existing security algorithms and implement a better version of AES & RSA.

Monday, May 1, 2023

15

Left the world…Trapped me to answer the question of unknown Answers…

Left silently *sigh*..

Don’t Ask Questions Please.

Monday, May 1, 2023 16

References Randeep Kaur ,Supriya Kinger, “Analysis of

Security Algorithms in Cloud Computing“, International Journal of Application or Innovation in Engineering & Management (IJAIEM), Volume 3, Issue 3, March 2014 .

http://www.emc.com/emc-plus/rsa-labs/standards-initiatives/advantages-and-disadvantages.htm

http://science.opposingviews.com/advantages-disadvantages-symmetric-key-encryption-2609.html

Monday, May 1, 2023 17