Upload
mahmuda-rahman
View
167
Download
3
Embed Size (px)
Citation preview
Presented By:1. Rafiq, Fatema Binta (13-
23447-1)2. Rahman, Mahmuda (13-
22990-1)3. Rabbi, Md. Fazla (13-23679-1)4. Ali, Nafis (13-24925-3)5. Hossain, F.M. Tanvir (13-
23513-1)
Analysis of Security Algorithms in Cloud Computing
Instructor: Shahrin
Chowdhury
INTRODUCTION CHALLENGE DATA STORAGE & SECURITY IN
CLOUDE COMPUTING Data Security Issues in
Cloud Computing EXISTING ALGORITHM FOR
SECURITY AES RSA
Further development proposal CONCLUSION
Index
INRODUCTION
Security system in cloud for storing data is not safe enough. When data is valuable specially in the cloud computing, it's security considered to be the key requirement. Also it is get more important when it is hard to make it safe. It becomes hard to keep data safe due to lack of strong data encryption system. Cloud possesses the security problem in Data segregation, Data theft, unauthorized access, Uncleaned Owner and responsibility of Data Protection, Data Loss conditions.
Monday, May 1, 2023
3
CHALLENGEThe following are some of the notable challenges associated with cloud computing, and although some of these may cause a slowdown when delivering more services in the cloud, most also can provide opportunities, if resolved with due care and attention in the planning stages.
• Security and Privacy• Lack of Standards• Continuously Evolving
Monday, May 1, 2023
4
Data Storage & Security in Cloud Computing
Cloud storage services may be accessed through a web service application programming interface (API), a cloud storage gateway or through a Web-based user interface. Cloud storage is: made up of many distributed resources, but still acts as
one highly fault tolerant through redundancy and
distribution of data highly durable through the creation of versioned copies typically eventually consistent with regard to data
replicas.
Monday, May 1, 2023
5
Data Security Issues in Cloud Computing
Transmit and store user’s information as little as possible. After systemic analysis, the cloud computing applications will collect and store the most necessary information only.
Security measures will be adopted to prevent unauthorized access, copying, using or modifying personal information.
Achieve user’s control to the greatest degree. Firstly, it is necessary to allow the user to control the most critical and important personal information. Secondly, it is available to manage personal information by a trusted third party.
Monday, May 1, 2023
6
Data Security Issues in Cloud Computing
Allow users to make choice. Users have the right to select the use of personal information. Besides, they can join or leave freely.
Make clear and limit the purpose of use of data. Personal information must be used and handled by the person with specific identification for specific purpose and owner of information should be notified before using.
Establish feedback mechanism to ensure that safety tips and detailed measures of the service will be provided to the user timely.
It can maximize the security of user’s data after introducing principles above
Monday, May 1, 2023 7
Pseudo code of AES Algorithm
The AES algorithm performs a number Nr of cryptographic rounds depending on the actual key length. It has variable key length of 128, 192, or 256 bits.
Each round consists of four byte-oriented cryptographic transformations
Byte Substitution Shifting rows of state array Mixing data within a column of
the state array Round key addition to the state
array
Cipher(byte[] input, byte[] output){
byte[4,4] State;copy input[] into State[] AddRoundKeyfor (round = 1; round < Nr-1; ++round){
SubBytes ShiftRows MixColumns AddRoundKey }
SubBytes ShiftRows AddRoundKeycopy State[] to output[]
}
Monday, May 1, 2023 8
Activity Diagram of AES Algorithm
Monday, May 1, 2023
9
Advantage:
Extremely SecureWhen it uses a secure algorithm, symmetric key encryption can be extremely secure. When you use it with its most secure 256-bit key length, it would take about a billion years for a 10 petaflop computer to guess the key through a brute-force attack.
Relatively FastEncrypting and decrypting symmetric key data is relatively easy to do, giving you very good reading and writing performance.
Disadvantage:
Sharing the KeyThe biggest problem with symmetric key encryption is that you need to have a way to get the key to the party with whom you are sharing data. Encryption keys aren't simple strings of text like passwords.
More Damage if CompromisedWhen someone gets their hands on a symmetric key, they can decrypt everything encrypted with that key. When you're using symmetric encryption for two-way communications, this means that both sides of the conversation get compromised.
Monday, May 1, 2023
10
Pseudo Code for RSA Algorithm Key Generation Algorithm
1. Choose two very large random prime integers:
p and q
2. Compute n and φ(n):n = pq and φ(n) =
(p-1)(q-1)
3. Choose an integer e, 1 < e < φ(n) such
that:gcd(e, φ(n)) = 1(where gcd means greatest common denominator)
4. Compute d, 1 < d < φ(n) such that:
ed ≡ 1 (mod φ(n))
the public key is (n, e) and the private key is (n, d)
the values of p, q and φ(n) are private
e is the public or encryption exponent
d is the private or decryption exponent
EncryptionThe cyphertext C is found by the equation 'C = Me mod n' where M is the original message.
DecryptionThe message M can be found form the cyphertext C by the equation 'M = Cd mod n'.
Monday, May 1, 2023 11
Activity Diagram of RSA Algorithm
Encryption
Public Key
Private Key
Decryption
Sender Receiver
Generate Key
To the public
Cipher text
Transmission Medium
Plain text
Plain text
Monday, May 1, 2023 12
Advantage:
Increased security and convenience
Private keys never need to be transmitted or revealed to anyone.
Digital signatures that cannot be repudiated
Authentication via secret-key systems requires the sharing of some secret and sometimes requires trust of a third party as well. As a result, a sender can repudiate a previously authenticated message by claiming the shared secret was somehow compromised) by one of the parties sharing the secret.
Disadvantage:
Encryption speed SlowFor encryption, the best solution is to combine public- and secret-key systems in order to get both the security advantages of public-key systems and the speed advantages of secret-key systems. Such a protocol is called a digital envelope.
Vulnerability riskA successful attack on a certification authority will allow an adversary to impersonate whomever he or she chooses by using a public-key certificate from the compromised authority to bind a key of the adversary's choice to the name of another user.
Monday, May 1, 2023
13
Further development proposal
Multiple encryption
Data storage method
Biometric security
Monday, May 1, 2023
14
ConclusionCloud computing is changing the way IT departments buy IT. Businesses have a range of paths to the cloud, including infrastructure, platforms and applications that are available from cloud providers as online services. Security is a major requirement in cloud computing while we talk about data storage. There are number of existing techniques used to implement security in cloud. We discussed one symmetric and asymmetric algorithm. Our future will be considering some problems related to existing security algorithms and implement a better version of AES & RSA.
Monday, May 1, 2023
15
Left the world…Trapped me to answer the question of unknown Answers…
Left silently *sigh*..
Don’t Ask Questions Please.
Monday, May 1, 2023 16
References Randeep Kaur ,Supriya Kinger, “Analysis of
Security Algorithms in Cloud Computing“, International Journal of Application or Innovation in Engineering & Management (IJAIEM), Volume 3, Issue 3, March 2014 .
http://www.emc.com/emc-plus/rsa-labs/standards-initiatives/advantages-and-disadvantages.htm
http://science.opposingviews.com/advantages-disadvantages-symmetric-key-encryption-2609.html
Monday, May 1, 2023 17