Security Analysis and Performance Evaluation of A New Lightweight Cryptographic Algorithm For Cloud Computing
Security Analysis and Performance Evaluation of A New Lightweight Cryptographic Algorithm For Cloud Computing
Security Analysis and Performance Evaluation of A New Lightweight Cryptographic Algorithm For Cloud Computing
a r t i c l e
i n f o
Keywords:
Security algorithm
Cloud computing security
Light weight cryptography
a b s t r a c t
Nowadays, cloud computing is rapid growth in the IT industry, which provides a new
way to manage the different information systems. The rapid development of
technology makes it essential to use this technology and
to benefit from its advantages. With raising awareness and worries about cloud
services and information security, understanding and knowledge are growing for the
usage of algorithms security into the processes and data
systems. The primary purpose of this research work is to undertake a security
analysis and performance assessment of a new lightweight cryptographic algorithm
for enhancing data security in cloud computing. It focuses
on studying the performance and security analysis algorithm architecture base on
computational time and key
sensitivity, statistical analysis, image histogram, and entropy change analysis in
cloud computing environment.
It also, provides a performance comparison of general symmetric algorithms used to
secure the cloud services:
DES, AES, Blowfish, RC4, HIGH, SF, and SIT.
1. Introduction
Cloud computing is an internet-based technological term that provides several
internet-based remote services, such as infrastructure, data
storage and applications. This involves incorporating a wide variety of
regulations, technologies and controls to preserve the properties, software and
associated resources of cloud computing technology. “The core
concepts of cloud computing are on-demand computing infrastructure,
the establishment of a pay-as-you-go business model for the services
you can use in computing and information technology, dynamic scaling,
and the reduction of upfront capital and overhead costs. With growing
concerns about cloud storage and data protection, popular security algorithms may
be commonly used in cloud application services that use
encryption techniques, especially symmetric algorithms” [1].
Cryptography is used to hide and confidentially store information
from intruders so that only certain people can access it with which it
is intended and safely share that information. Using encryption cryptographic and
authentication methods mitigate security problems [2–5].
Cryptography is the practice of generating a message that safely changes
the data to be transmitted by encrypting the plain text by taking user
data and only performing the reverse decryption procedure that returns
to the original text. Cryptography can solve the issues related to network
data and application protection in cloud computing [6]. “The primary
method to secure confidential information is encryption. Cryptography’s
purpose is to keep data protected from unauthorised uses. With the rapid
growth of encryption science, it is possible to identify an innovative field
of cryptography as symmetric-key cryptography “[6]. “A single encryption /
decryption key - known as symmetric key encryption the same
key uses in both the encryption /decryption operations. The vast volume of data
will be used for encryption due to the use of a single key to
be processed at a very rapid speed” [7]. Inside cloud service providers,
there is no defined process to safeguard and protect data from breaches
and attacks. End-user data is the object of cyber threats, and is protected
by the cloud using method of cryptography which designed to make it
hard for the attacker to decode the cipher text. When the key has a long
length makes the classified text impossible to decode, which makes it
secure relative to short keys.
The previous research “a new lightweight cryptographic algorithm
(NLCA)” showed low-complexity symmetric key comparing with latest
symmetric key algorithms based on architecture, durability, and security standard
[1]. The authors of this paper showed that, the algorithm
needs more analyzing and evaluating. Therefore, this paper is analysis
and evaluated the performance of NLCA. It’s illustrates the impact of security on
could computing, through the performed experiment analysis
using different parameters are key sensitivity (avalanche), correlation
analysis, visual assessment, statistical analysis, time complexity, execution time,
image histogram and image entropy. In addition, performance
comparisons of general symmetric algorithms DES, 3DES, AES, Blowfish,
Corresponding author.
E-mail address: [email protected] (F. Thabit).
https://doi.org/10.1016/j.gltp.2021.01.014
Available online 27 January 2021
2666-285X/© 2021 The Authors. Publishing Services by Elsevier B.V. on behalf of
KeAi Communications Co. Ltd. This is an open access article under the CC
BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
F. Thabit, S. Alhomdy and S. Jagtap
RC4, HIGH, and IDEA used to protect cloud services is given in this paper. The rest
of the paper is organized as; terms used in cryptography
review in Section 2. In Section 3, the Security Algorithm Overview
is discussed. Some of the related work is discussed in Section 4. A
new Lightweight Cryptographic Algorithm is discussed in Section 5.
In Section 6 Configuration and evaluation parameters was discussed..
In Section 7 all simulation results based on the evaluation parameters
are presented. The analytical comparisons are presented and discussed
in Section 8. Finally, the conclusion discussed in Section 9.
The cryptography used mathematical terms [8], for translating plaintext data (P)
into an unreadable cipher-text (C) format. This process
called encryption, whereas convert the cipher-text to a plaintext called
decryption with the set of techniques called cryptographic algorithms
(E) and the decryption algorithm (D) which overturns and generates.
This can be described as
Cipher-text (C= E {P, Key}
Plain-text (C = D {C, Key}
Description of some special definitions in encryption:
• Plain text is the initial input or knowledge that is entered into algorithms from
an intuitive source for the purpose of coding.
• The cipher text is the output of the mixed message as a random flow
of unintelligible coded information
• Encryption algorithm techniques are the basis of the encryption process to
replace and make changes to the plain text to generate the
encrypted text.
• Decryption algorithm is a way to reverse the encrypted text by taking
the encryption key and converting the encoded text to produce plain
text or the first input.
• Keys: They are used as inputs to perform an encryption or decryption
process
• Senders and receivers: They are individuals who interact and exchange the regular
text.
The security issues related to cloud computing are end-user data security, network
traffic security, file system security, and host system security, which can be
overcome to some extent through encryption and
thus help organizations in their temporary adoption of cloud computing
[9].
The primary purpose of the use of cryptography is to conform to the
following basic requirements for information security:
A Confidentiality “it attempts to prohibit unauthorised disclosure of
confidential information. Since cloud storage can be accessed from
multiple devices and apps, this can lead to a rise in the number of
access points, which then contributes to the danger of unauthorised
disclosure” [10].Therefore, in order to protect the security of the
data contained in the cloud computing system, certain approaches
such as encryption [11]. have to be applied.
B Integrity “it is a core component of the protection of cloud data
management, ensuring the data can be secured from unauthorised
alteration and erasure” [12] In the cloud world, this is a major problem with the
implementation of authorization mechanisms [13]. The
Authorization defines access privileges to ban unauthorised users for
each authenticated account. However, due to the rise in access points
and device entities, it is important to ensure that access to protected
data is only approved by authorized entities.
C Availability it refers to data, applications software, but also storage
in the cloud computing environment that is accessible to registered
users on demand. Efficiency requires the capacity of a cloud infrastructure to carry
on operations even though other officials are misbehaving [9].
D Authorization this involves determining who is eligible to access data
and other computer resources. Any basic processes and administrative practises
start with it. The policies propose the information and
3.2. 3DES
"Triple Data Encryption Standard (3DES)" was the first project that
was first anticipated by IBM in 1998 and was standardized in ANSI X9.17
and ISO 8732. This algorithm is based on the three main options that
were introduced from the Feistel architecture. The key is 168 bits long
allowed in 16 subkeys with 8 s blocks and is 48 bits long. It uses the
same decryption algorithm” [20] [17] as shown in Fig. (2).
3.3. AES
Due to the need for high protection and performance, the NIST
launched a call for cipher candidates to introduce a new encryption standard in
1997; it is time to replace the current DES and 3DES encryption
algorithm with new AES encryption algorithms. depend on “The Feistel
layout of the AES symmetric block cipher means that the AES algorithm
accepts a 128-bit block size and a set of three 128, 192, 256 key lengths
permitted for 10, 12, and 14 rounds using the same key for both encryption and
decryption. The vector design of Rijndael gives it considerable
protection and the main scale of up to 256 gives it resistance to possible
attacks”[18]. Fig. (3) shows AES algorithm.
101
F. Thabit, S. Alhomdy and S. Jagtap
quick speed and ease of execution. It contains the key streams combined with plain
text to output cipher - text during the encryption process. RC4 is a stream cipher
producing bits of pseudorandom streams.
Using bitwise exclusive OR, the main streams are used for encryption.
RC4′s decryption process is carried out in the same manner. In RC4, a
permutation of 256 possible keys is usable with two 8-bit index pointers. With a
variable key length, the permutation is performed using the
key scheduling algorithm [21]as shown in Fig. (5)
3.6. Tiny encryption algorithm (TEA)
The TEA Encoder Algorithm has fewer lines of code, making it easy
to create and implement. This method uses two sets of 32-bit unsigned
number / symbol blocks that can be created from a 64-bit block and
128-bit keys (k [0] - k [3]) to produce results in the form of w [0] and
w [1]. Magic number / Fixed combos are used to avoid Attacks based
on Round Ordination [24], Fig. (6) is described the TEA.
3.4. Blowfishes
A symmetric cipher with a variable key length is a blowfish depend
on A Feistel structure. It has a block size of 64-bits, and the key ranges
from 32 to 448 bits. “It uses 16 rounds and has a wide box that relies
on the key. In the Blowfish algorithm, there are four S boxes, and the
same algorithm is used for decryption in reverse” [19]. as shown in Fig.
(4) Blowfish security lies in the main size that offers a high degree of
protection. Owing to the several rounds used for the master key, it is
invincible against multiple key attacks, rendering such attacks unlikely.
4. Related work
With the spike in threats, the focus is put on making data secure by
cloud storage providers at the end of the customers. Due to the massive
discrepancy, in the option of algorithms for encryption-decryption,
the efficiency of the cloud has been provided low priority. By use the
good “cryptographic algorithm” for the end user, cloud efficiency and
data protection can be accomplished. It is necessary to conduct the algorithm
examination to verify the competence of the specific algorithm for
3.5. RC4
It is a symmetric key and a cipher for streams. To permit wireless
communication, it utilizes WPA and WEP. It is chosen because of its
102
F. Thabit, S. Alhomdy and S. Jagtap
𝑁
∑
Where “E” is the entropy, “X” is the probability of the intensity degree
in the image, and “N” is the total number of degrees of intensity.
7. Experimental analysis results
The experiments analysis is conducted on plaintext as well as on image data. The
original and encrypted images for NLCA-128 are shown
in Fig. 7. A full description of the experiments and their results are discussed
below.
A Avalanche Test (Key sensitive):
The results in Table 1 demonstrate that with changing a single bit
in the key or plain text, the new lightweight algorithm will displace
a large number of bits. Because one part of the text or key bits has
shifted like a landslide, NLCA 128 will move 51.55% and 45.70% of
the coding bits respectively. Since the avalanche results for DES-64
is “65.63%” [36] and “44.92%” for AES-128 [32].
B Image Histogram (Intensity Variation): The Intensity Variation (Histogram) is a
very helpful way to evaluate the effects on the picture of
encryption. A straight line should be the desired resulting histogram
after encryption NLCA. The 128-bit architecture shows excellent results. Tiny
variations are noticed in the histogram for a few test images; this is due to their
initial distribution of pressure. The results
of the photos chosen are seen in Fig 8.
C Image Entropy: Entropy is the measure of the information quality
of the data, the increased random the data after encryption is more
complex to identify. Modification of entropy for six popular images.
The entropy changes for four public images, namely, Baboon, Lena,
105
F. Thabit, S. Alhomdy and S. Jagtap
106
F. Thabit, S. Alhomdy and S. Jagtap
Table 1
Avalanche test results for NLCA-128.
No
KEY
plaintext
Key Cipher
cipher-text
Avalanche Analysis
01 02 04
05 06 AA BB CC 44 DD EE
88 09 04 05
06
0A 0B 0C 0D 0F 01
02 03 04
05 06 07
08 09 1A
2B
64 25 4F
99 81 32
9E 35 A6
0D A2 84 FD 67 53
50
0.0363
01 02 04
05 06 AA BB CB 44 DD EE
88 09 04 05
06
0A 0B 0C 0D 0F 01
02 03 04
05 06 07
08 09 1A
2B
FF BB
AA 00 00
00 00 00
BB 00 00
AA
0A BB CB
CC DF 22 AF AC 00 00 00
55
FF AA BB
FF
FF BB
AA 00 00
00 EE 00
BB 00 00
AA
0A BB CB
CC DF 22 AF AC 00
00 00 55
FF AA BB
FF
BB CC DD
EE FF
FF AA AB AC AD AF
FF
FF
FF AA
AA
AA
AA
FF
FF
FF AA
AA
AA
AA
BB CC DD
EE FF
FF AA AB AC AD AF
4F 29 4C
71 D3 AB
29 D0 EB
79 AC 69
A2 73 AC
7B
4F 29 4C
71 D3 AB
26 99 EB
79 AC 69
A2 73 AC
7B
42 42 29
40 4A 27
4A 27 BCE
E5 4A 27
E6 80 E6
80
42 42 29
40 4A 27
AE 29 BCE
E5 4A 27
E6 80 E6
80
26 95 E4
3B C9DA 63B4 42 42 E6 80
2A 1F B9
82
BB CC DD
EE 07 FF
FF AA AB AC AD AF
FF
FF
FF AA
AA
AA
AA
FF
FF
FF F7 AA
AA
AA
AA
Average percent value of avalanches
BB CC DD
EE FF
FF AA AB AC AD AF
26 95 E4
3B C9DA 6C46 42 42 E6 80
2A 1F B9
82
42 42 42 42 42 42 42 42
E6 80 E6 80 E6 80 36 80
38 11 DA 6A 8F 51 9A 82
86 27 75 0E A7 F2 26 78
42 42 42 42 42 42 42 40
E6 80 E6 80 E6 80 36 80
38 11 D6 AB 8F 51 8D 84
86 27 85 7B A7 F2 26 47
Table 2
Image Entropy Test for NLCA −128.
No
Image
Dimension
Entropy (ORG)
Entropy (ENC)
Baboon
Lena
Banda
Peppers
128×128
220×220
256×256
128×128
220×220
256×256
256×256
512×512
256×256
512×512
7.2608
7.1662
7.2091
7.4810
7.4618
7.4436
7.5966
7.5217
7.5519
7.5555
7.9891
7.9958
7.9973
7.9885
7.9962
7.9970
7.9969
7.9982
7.9970
7.9992
64 25 87
52 81 32
D6 63 A6
0D CF 1D
FD 67 E5
30
B8 37 5C
CC 29 E4
98 16 F5
6B FF 3A
9A 38 90
2B
B8 37 80
38 29 E4
84 3A F5
6B 81 A2
9A 38 35
71
A3 7F 08
3F C1 EA
F9 7B 9B
7F 8C 0A
12 D5 C7
EE
A3 7F 0F 0A C1 EA F5 78
9B 7F 4D C0 12 D5 16 E9
0.0472
0.0334
0.0366
(1)
Where N is the pixels number pairs, x and y is the gray values of two
adjacent pixels, E(x) is the mean, D(x) is the variance and cov(x,
y) is the covariance. The effects of the similarity between the two
neighboring pixels of the Lena plain image and the Lena cipher image
are shown in Fig. 9 This figure shows a substantial reduction in the
108
F. Thabit, S. Alhomdy and S. Jagtap
Table 3
Results for correlation.
Image
size
Correlation original
Correlation encryption
Baboon
Lena
Banda
Peppers
256×256
256×256
256×256
256×256
0.9000
0.9576
0.9764
0.9309
0.0026
0.0055
0.0012
−0.0031
Table 4
Differential cryptanalysis.
Image
size
NPCR
UACI
Baboon
Lena
Banda
Peppers
256×256
256×256
256×256
256×256
99.5826
99.5758
99.6052
99.6231
26.3210
25.0544
23.0526
31.1101
Table 5
Execution time analysis of propose algorithm.
No
Image
Image Size
Total ENC/DEC
Baboon
Lena
Banda
Peppers
128
220
256
128
220
256
256
512
256
512
1.1810
3.7104
4.6078
1.2910
3.4531
5.0388
4.7363
19.880
6.0214
25.220
correlation of the two adjacent pixels in the Lena cipher picture. The
result of correlation shown in Fig. 9 and Table 3, respectively.
A Linear and Differential Cryptanalysis The f-function is inspired
by [1], whose cryptanalysis reveals that the complete cypher does
not succeed in differential and linear attacks. The similarity between
input and output it is very high. If the linear approximation is performed for two
Rounds. The round conversion is often kept uniform,
which in a similar way, it handles any bit and gives opposition to
differential attacks.
A secure system of encryption can be very sensitive to plain text or
images. The encryption scheme would be immune to the differential
attack if a small change of a bit in text or pixel in the plain picture
will lead to a major change in the cipher. Significant criteria for differential
attack analysis are NPCR (Number of Pixels Shift Rate) and
UACI (Unified Average Changing Intensity), as described by (26),
(27) [7]. The Table 4 presents the results of Linear and Differential
Cryptanalysis in our proposed work.
9. Conclusion
With the development of advanced technologies in cloud computing, security remains
one of the most important problems in the world
of cloud computing. Use security algorithms and ensure that these algorithms are
properly and reliably applied to protect safety of end users. In
Table 6
shows the comparison in terms avalanche, correlation, key space, information
entropy, and execution time analysis.
No
name
Avalanche
analysis
SEA [35]
Key space
analysis
48
HIGH[36]
SF [36]
0.4570
2 × 64
AES [22]
SIT [37]
DES [34]
NLCA [1]
0.3603
0.4830
0.6756
0.0363
RAM
Differential
Cryptanalysis
Correlation
analysis
entropy
analysis
Execution
time (s)
1570
176
NCPR
–
UACI
–
0.0072
7.4436
2.67
13,716
288
0.0016
7.9971
1.615
2204
22
99.762
33.161
7.9922
2.11
7.8693
7.9970
7.997
7.9891
1.61
3.006
1.89
1.1810
94
2 ,2
2 × 128
4
5
6
7
Code Size
2 × 128 ,2256
264
256 bits
2 × 128 ,2256
23,464
1574
1407
4094
14.7
18
18.2
16
0.0778
99.868
99.598
99.582
109
0.0093
33.106
33.550
31.1101
0.0012
0.0034
0.0022
0.9677
0.0012
F. Thabit, S. Alhomdy and S. Jagtap
110