A new lightweight cryptographic algorithm for

enhancing data security in cloud computing

Raounek Arif
November 2022

Abstract
A new lightweight cryptographic algorithm for improving data security
was suggested. This algorithm may be utilized to protect cloud computing
applications. A 16 byte (128 bit) key is required to encrypt the data
using the 128 bit block cipher technique. Comparing the experimental
findings of the proposed method to the commonly used cloud computing
cryptographic systems revealed a strong security level.

1 Introduction
This growth has led to the creation of several distributed network models, archi-
tectures, and infrastructures, including network, pervasive, autonomous, cloud,
etc. A computing network that is generally connected through the Internet
and shares a decentralized selection of services provided by an organization to
meet customer demands is referred to as the ”cloud.” The personal journal
The NIST idea of cloud computing is a framework for delivering all-pervasive,
quick, and on-demand network access to a shared set of reconfigurable com-
puting resources.These tools may be used by a cloud client upon request to
create, maintain, and host services and applications that may be customized
anywhere and on any device. The NIST ”concept” places a focus on the three
different service models of infrastructure-as-a-service, platform-as-a-service, and
software-as-a-service that also deliver cloud services to the customer through a
cloud service provider client.
Sharing cloud computing services actually makes it more difficult to keep
them safe and protected from unauthorized access or use. One of the main
security concerns with cloud computing is network security, which has to do
with both internal and external assaults.

2 Cloud computing security overview

The ElasticaQ2 2015 and CSA further look at how to create viable cloud ap-
plication security engineering that gives control, deceivability, and remediation.

1
According to (ISO), describes Data Security concerns which can likewise be
guided in regards to the cloud computing essential security requirements for a
successful and secure innovation technology solution.

2.1 Key security requirements in cloud computing

Availability denotes that the customer’s information requested or services are
always available wherever they are required. Authorization ensures that access
choices are given to customers who have provided certain information.

3 Related work
This section consists of two sub-sections: one presents cloud computing security-
related work, and the other presents available lightweight cryptographic systems-
related work.

3.1 Cloud computing security

The security concerns of cloud computing have been the subject of several stud-
ies. This section presents some research findings that looked at cloud computing
cryptography. The research focused on not employing third parties to encrypt
customer data, but rather on giving consumers the power to choose how to en-
crypt their data. The authors conducted a survey and found prior research on
cloud data security. To boost security on the cloud server, they recommended
a hybrid encryption technique employing Blowfish and MD5. It consists of
data encoding and decoding done on-site. This technique provides considerably
better safety and speed for both large and small data files.

3.2 Lightweight cryptographic systems

HIGHT, PRESENT, DESL, CLEFIA, TWINE, RECTANGLE, SIT, and more
terms DESXL, on the other hand, uses a single S-Box u to increase security
by employing a 184-bit key in place of distinct ones with no start and final
permutations as in DESL y DESL. As they claimed, DESL and DESXL were
not the targets of any assault. The work discovered the ”TWINE” universal
multi-platform Feistel structure.
In the lightweight, stable IoT encryption scheme. The data must be en-
crypted using a 64-bit address since it is a 64-bit block cipher. The design of
the method is a hybrid of a uniform substitution permutation network and a
Feistel network. This article describes a lightweight encryption technique that
uses an 80-bit key and a 64-bit block cipher to encrypt data on Internet of
Things devices.

2
4 Powerful encryption algorithm prerequisites
Any encryption algorithm must satisfy some set of specifications to provide
high security. The following criteria have been defined, based on the current
literature, that should be fulfilled by the newly developed algorithm:
• Encryption of the entire character set as an item

• Encrypting each plain-text character into a special sequence.

• There should be strong encoding.
• The encryption approach should be complex.

5 The proposed algorithm

The basic goal of the NLCA is to encrypt data using a 16-byte (128-bit) block
cipher and a 16-byte (128-bit) key. In order to increase the difficulty of the
encryption, the proposed algorithm—a symmetric key block cipher—combines
Feistel and SP architectural techniques. A symmetric-key approach is used to
encrypt data, and each cycle of the operation uses mathematical functions to
create diffusion and confusion. To maintain the strength of the encryption pro-
cess, encryption methods are often tuned to last 10 to 20 rounds on average.
Additionally, additional well-known block ciphers like ”3-Way [25], Grasshopper
[26], AES (Rijndael) These blocks will be thoroughly explained in the subsec-
tions that follow, and some of the key notes that were used in the interpretation
are shown in Table 1. The suggested approach provides a simple structure that
works well in a cloud setting. The encryption and decryption techniques are
straightforward and very safe. Too many overlapping rounds of substitution,
transposition, and diffusion of Shannon’s characteristics result in confusion and
guarantee that the cipher text is changed in a pseudorandom way.

1. Key Generation Block

2. Encryption Block
3. Decryption Block

5.1 Key Generation Block

The algorithm is a 16-byte (128-bit) block cipher that enables the user to pro-
vide a 16-byte (128-bit) key as input, which is then utilized as the input to the
Generation Block key. Different procedures are carried out to avoid the possibil-
ity of a weak key as well as to improve key strength in order to avoid confusion
and dissemination. Feistel-based encryption techniques rely on different rounds,
each requiring a unique key. Most crucial element in encryption and decryption
processes is the key.

3
5.2 Encryption Block
The encryption process takes place after producing the sub-keys (KK1, KK2
. . . KKK) from the key generation process. Easy processes, like, XOR, XNOR,
AND, OR, left shift (LS), swapping, and substitution (S boxes), are conducted
throughout the encryption process to create confusion and diffusion. These
operations increase complexity and create confusion for the attackers.
• (Initial state steps): Each sub-block is addressed using working key sub-
keys (KK1, KK2,... KKK) by combining operations from various algebraic
groups, which are AND, OR, XOR, and XNOR operations.
• Ro11 is the output of XNOR between P0–31 and K1, The product (Ro11)
feeds F-Function to produce EFL1
• Ro14 is the output of XNOR between P96–127 and K1, The product
(Ro14) feeds F-Function to produce EFR1.

5.3 Decryption
The computational procedure used for the decryption of the cipher-text block
is exactly the same as the Mi block encryption method. The 128-bit-long Ci
block is first split into 4 sub-blocks, and then handled with the same working
keys using mixed XOR and Sub operations. And since they are the reverse of
the encryption operation, the precise steps for the procedure would not need to
be written.

6 Implementation and results discussion

This section described the implementation and results discussion for the pro-
posed algorithm an d other algorithms.

6.1 Experimental environment

A variety of symmetric cryptographic methods are employed to assess the effec-
tiveness of the suggested technique. The test environment is a cloud network
made up of the Xen Server hypervisor (6.1an Open stack middleware and a
client that uses Citrix Desktop [30] to access the Xen-Server-hosted virtual ma-
chine). The client PC uses a Core I5 with 8 GB of RAM, while the cloud server
has a Core I7 (4.8 GHz) processor.

6.2 Experimental results

This section shows how experiments are carried out to show and evaluate the
viability of the NLCA algorithm. The experiment uses a text data type with
a block size of 128 bits and a key size of 128 bits. Based on the key creation
process, the 128-bit key, which is represented as a 4 by 4 matrix, is created.

4
6.3 Comparative analysis of parameters
The NLCA algorithm reduces computational complexity and decreases the power
of processing. It has a clear architecture that includes five rounds of encryp-
tion; each round requires simple mathematical procedures. This is because
most mathematical operations are based on 4-bit data, and S-boxes are only
4-by-4 sizes. The NLCA algorithm allows various block and key lengths that
are not provided by most. symmetric algorithms, such as ”AES, LED, DES,
3DES,B̊lowfish.” The data processing time generated by the encryption and the
key generation time for the new algorithm are also faster than other algorithms
with secure key generation.

7 Conclusion
The NLCA algorithm has proven to have strong security levels and a definite
improvement in encryption/decryption, offering high security and cheap com-
puting cost, according to experimental data. A 16-byte (128-bit) key is required
to encrypt the data using the 16 byte (128-bit) block cipher technique. A new
lightweight cryptographic algorithm (NLCA) was used to improve data security
in the context of cloud computing. Other factors were block size, key length,
potential key, mathematical operations, cipher type, and security power. Cloud
computing security has emerged as one of the primary problems with the tech-
nology. In the world of cloud computing, it is much more useful because of
its quick data collection and processing. Numerous procedures and methods,
including cryptography—the most successful—have been suggested.