2017 International Conference on Networks & Advances in Computational Technologies (NetACT) |20-22 July 2017| Trivandrum
A MODIFIED CRYPTOGRAPHIC APPROACH FOR
SECURING DISTRIBUTED DATA STORAGE IN CLOUD
COMPUTING
M. Rajasekhar Reddy1, Akilandeswari R1, S. Priyadarshini1, B. Karthikeyan2, E.Ponmani1,
1School of Computing, SASTRA University, Thanjavur - 613401, Tamil Nadu, India.
2Viswajyothi College of Engineering, Vazhakulam, Kerala, India.
Abstract--STaaS (STorage As a Service) is a
cloud model that gains popularity among both
private users and business enterprises ensuring
remote data storage providing giant and
scalable cloud based storage spaces. The
modified cryptographic approach makes use of
the RSA algorithm along with Diffie-Hellman
to increase the security of the encrypted data
stored in cloud. The input file is split into two,
in order to make the access of the whole data
difficult, and the split data is encrypted using
RSA and Diffie-Hellman before storing them
into two different cloud accounts. The split
data is then retrieved, and the retrieved cipher
data is decrypted to get the original data. The
split mechanism does not produce big
overheads, and also assures data retrievability.
Thus data stored in the cloud is more secured
and it prevents cloud providers from directly
reaching the cloud data.
I. INTRODUCTION
Cloud storage is a service that helps to store,
manage and backup data remotely by storing files
online to access using internet from anywhere.
Due to wide range of applications of cloud
computing it has become very popular in current
era of the computing [1, 2]. Many companies and
academies have started migrating their data from
their expensive servers to clouds. Mass storage
refers to storing the large volume of data that
involves confidential and private data when it
comes to organizations.
One among the significances of cloud, STaaS, is
the key feature in data storage [8]. It is an
architecture model offered by vendors like
Amazon S3, Dropbox, and OneDrive etc [3]. that
let users to store files and assets into the cloud.
Mass Distributed Storage (MDS) works in
increasing the volume of data storage [4, 5]. One
aspect to improve is the privacy and safety of the
978-1-5090-6590-5/17/$31.00 ©2017 IEEE
131
Authorized licensed use limited to: COMSATS INSTITUTE OF INFORMATION TECHNOLOGY. Downloaded on October 24,2024 at 09:27:05 UTC from IEEE Xplore. Restrictions apply.
data that is hosted in cloud, which may be
reachable to the cloud service providers because
there is possibility for the private data to get
leaked that makes businesses uneasy [6].
This paper improves on the attempts to avoid
cloud providers access to users’ private data. The
proposed idea uses a modified approach to store
data securely in the cloud. The data is split into
two and encrypted before storing into the cloud.
The data split avoids leakage of sensitive
information and the encryption process ensures
security to the data. Through this approach, even
the service provider will not be able to reach the
sensitive information directly.
The splitting of data takes place through the
Random Split algorithm, and the encryption
process is undergone using the RSA and Diffie-
Hellman algorithms. The data again undergoes
decryption process using both the algorithms in
the reverse order.
II.RESEARCH METHODOLOGY
The section reveals the cloud security issues,
the evolution of the security mechanism and the
recent research methodologies that laid foundation
for the background of the paper. Most solutions try
to balance the trade-off between the security and
data processing though it is difficult in finding a
solution to fit in most of the storage systems. [7]
A.CLOUD SECURITY ISSUES
Some of the security issues found in cloud are:
1. Privacy:
Once data is hosted in cloud, there should be
some security measure that ensures that it is
accessible only by that user. It should restrict any
 unauthorised user to reach the sensitive data.
Besides this, it should also restrict cloud providers
from accessing the data. That is, the user should
be assured that their data remains confidential, by
following proper policies.
2. Data availability:
The data, once decided to store in the cloud,
can reside anywhere in the cloud and in case of
any failure in the retrieval, data must be available
in another alternate cloud for the user.
B.EXISTING TECHNIQUES
a)Authorisation Mechanism
User saves data by providing credentials with
username and password. This acts as the
authorisation for the data so that any unauthorised
user cannot access the data. This mechanism is
less secure since that if the credentials are hacked,
it is very easy to reach the data. Moreover for
cloud storage, this is totally insecure for
confidential and private data because it is possible
for the cloud service provider to directly reach the
data.
1.1.1 b)No split Mechanism
This mechanism is mostly used for the cloud
storage where it follows that the data of the user,
to be stored in cloud is encrypted before storing.
The encryption is done for the whole data. This
mechanism is secure than the authorisation
technique since the cloud provider cannot reach
the data directly. But this method has its flaw that
if the encryption algorithm is hacked, it is possible
for anyone to know the data since it is saved on the
whole. Any brute-force that hacks the encryption
will be able to decrypt the whole data.
1.1.2 c)Intelligent Cryptographic Approach
This technique splits the user data into two and
encrypts the data before storing into two clouds.
This method is more secure in the way that
splitting of data into two makes sure that the data,
even if hacked, proves to be of no use for the
hacker. This mechanism of splitting data makes
sure that the sensitive data is secured so that only
the authorised user knows the location of data and
integration of the data is possible only by the
actual user. The encryption process helps in
securing data even from the cloud providers.
The flaw with this approach is that it uses XOR
mechanism for encryption process. XOR is easy
to hack in the way that the length of plain text is
132
Authorized licensed use limited to: COMSATS INSTITUTE OF INFORMATION TECHNOLOGY. Downloaded on October 24,2024 at 09:27:05 UTC from IEEE Xplore. Restrictions apply.
easy to find since the key size is usually
maintained to be the same as that of plaintext size.
The randomness in cipher text is less that results
in more easy way to trace the key. For example in
any text containing meaningful sentences, the
character that will be probably more in use is the
single space. Hence it is easy for the hacker to
trace the character that is more in use in the cipher
text. This makes it easy to match the plain and
cipher texts, using which the key value can be
found easily by XORing both of them [9]. Hence,
through brute force method, if the key is found,
then the encryption proves to be useless.
III.PROPOSED MODEL
The proposed model consists of three phases as
shown in Fig.1,
A. Before sending into cloud
This phase deals with the preparation of
data to send into the cloud. That is, it deals with
the data split and the encryption process.
1. Data split
2. Encryption
B. Cloud storage
This phase deals with the storing of data
into the cloud, that is, the data being uploaded into
and downloaded from the cloud.
1. Upload
2. Download
Retrieving from the cloud
This phase deals with the retrieval of the
data from cloud and getting the original data, the
data being downloaded from the cloud is the split
one, and hence this phase first decrypts the split
data and then it merges it.
1. Decryption
2. Data merge
Fig.1. Workflow structure of the proposed model
1.2 A.MODULES
1.2.1 1. DATA SPLIT
The module deals with splitting the
input file into two based on a random text in the
file and encrypting them before storing into the
cloud. The input text file name is provided by the
user that is taken for the split operation. A random
text is chosen from the file based on which the
split operation takes place. The file is split into
three parts containing the part of file before
random text, second as the random text and the
third part containing text after the random text.
a) Random Split
1. The input file is opened and read line by line
2. A random text is chosen from the file
3. Based on the random text, the file is split into two
and saved in two separate files.
2. ENCRYPTION
A set of prime numbers within a range is
generated and is stored in a list. This list is used
for choosing prime numbers for the algorithm.
Choose two parameters for encryption using RSA.
The set of private and public key pair is generated
using the following method:
a) RSA
An integer is chosen by multiplying
the two chosen parameters and the Euclid’s
function “phi” is calculated. A random integer ‘e’
is chosen in the range between 1 and “phi” such
that they are coprime. Multiplicative inverse‘d’ of
the random integer is chosen taking mod as “phi”.
Here d forms the private key and e, the public key.
b) Diffie-Hellman
Four other random prime integers
are chosen from the list and the keys for
encryption is generated using them. One among
them is used as public and the other is taken as the
private key.
Now both the split files are
encrypted first using the RSA algorithm and the
resulting cipher text is again encrypted using the
diffie-hellman algorithm. The resultant is the
cipher text that is stored in the respective files
created for encryption.
3. CLOUD DEPLOYMENT
133
Authorized licensed use limited to: COMSATS INSTITUTE OF INFORMATION TECHNOLOGY. Downloaded on October 24,2024 at 09:27:05 UTC from IEEE Xplore. Restrictions apply.
Two cloud accounts are created for the
storage of text files. The access key is used to link
to the cloud accounts.
a) Upload
The files generated from the
encryption process are uploaded into the cloud
accounts. The access keys of the respective
accounts are used that uploads the files into
corresponding Dropbox accounts.
b) Download
The encrypted files that are stored in
the cloud are specified with their path so that they
can be downloaded. Two files are created to store
the contents of the downloaded files.
These downloaded files are
decrypted to get the original text.
4 DECRYPTION
The two encrypted files that are downloaded from
the cloud are then decrypted separately using
diffie-hellman, and the resultant text is again
decrypted using RSA algorithm. The decryption
process makes use of the algorithms in the reverse
order of the encryption process’ order. The result
obtained is the two files that contain the original
text of the split files.
5. DATA MERGE
The two decrypted files that are created
by decrypting the corresponding downloaded files
are merged and is stored in a single file. This is the
original data requested to be secured in the cloud.
B.ALGORITHMS
1. RSA (RIVEST-SHAMIR-ADLEMAN)
RSA is an asymmetric algorithm in which
he encryption and the decryption process makes
use of different keys. It provides both
authentication and security. If the public key is
used for encryption, it is called public key
encryption process and it provides security such
that only the person with the exact private key can
decrypt the cipher text. It is an authentication
mechanism if the private key is used for the
encryption.
RSA algorithm involves three steps namely,
a) Generating the key
 b) Encryption 3. This ptext is the original text to be used by
the user.
c) Decryption
2. DIFFIE-HELLMAN
a) Key Generation Diffie-hellman algorithm is generally used
Generation of key takes place before the in key exchange process such that both the sender
encryption step. It generates both the private and and receiver can calculate the key efficiently. In
the public key pair. our model, the diffie-hellman algorithm is used
along with RSA to randomize the cipher text
Steps: achieved. It can also be used efficiently in the
future in case we include sender- receiver concept.
1. Pick two different integers x and y, both
are to be prime. They are chosen at STEPS:
random and to be of same length.
a) Key Generation
2. Calculate p = x* y.
3. Calculate t(p) = (x-1) * (y-1), where t(p) 1. Choose a,b,g,r as four random integers
is the Euler’s totient function.
4. Pick a random prime number e, such that 2. Compute x as (g^a) mod r
1 < e < Ø(n) and e and Ø(n) are coprime. 3. Compute y as (g^b) mod r
5. calculate d as follows:
6. d = e-1(mod t(p)) i.e., d is the 4. Compute k1 as (y^a) mod r and kept as public
multiplicative inverse of e mod t(p). key
7. d is the Private- Key , such that d * e = 1
mod t(p). 5. Compute k2 as (x^a) mod r and kept as private
8. The Public-Key is, (e, p). key
9. The Private-Key is (d, p)

b) Encryption
b) Encryption

Encryption process converts the plain text or The cipher text is calculated as:
the original text into the cipher text
1. C=k1^m
Steps:

1. Encryption makes use of the Public Key

c) Decryption
(n, e).
2. Our application needs no transmit of key
since the sender and receiver are the same The plaintext is obtained as: M=K2^c.
3. The input is encrypted and the resultant
cipher text C is found by m^e(mod p).
4. This cipher is then stored in the cloud
accounts.
IV. RESULT ANALYSIS
c) Decryption
This section provides the comparison
Decryption process converts the cipher
text back to its original form. It is done with the between the intelligent approach and the modified
downloaded data from the cloud. approach and the increased level of security
Steps:
provided by the proposed method.
1. Decryption makes use of the
private key.
2. The decryption is done by computing,
ptext = Cipher^d(mod p).

134

Authorized licensed use limited to: COMSATS INSTITUTE OF INFORMATION TECHNOLOGY. Downloaded on October 24,2024 at 09:27:05 UTC from IEEE Xplore. Restrictions apply.
 A. INTELLIGENT APPROACH
The data to be stored D is encrypted by XORing
it with the key 0100 as shown in Fig.2. The data to
be stored is encrypted by XORing with the key
100. Here, if the key is found through brute force
method, it is very easy for the hacker to decrypt
the text.
Fig.2. An example for the intelligent approaach
135
Authorized licensed use limited to: COMSATS INSTITUTE OF INFORMATION TECHNOLOGY. Downloaded on October 24,2024 at 09:27:05 UTC from IEEE Xplore. Restrictions apply.
B. MODIFIED APPROACH
Here the data undergoes a two level
encryption by RSA followed by diffie-hellman
before the cloud storage. It is shown from the
Fig.3. . that each of the character in the plain text
is encrypted to get a 4 digit long integer that is
difficult to predict. Further, the two step
encryption process ensures double security to the
data. Thus the method provides security to the data
stored in cloud without much difficulty in the
merging process.
 Fig.3. An example for modified cryptographic approach

V. SAMPLE RESULTS

This section provides sample snapshots of the

whole process. The Fig.4 contains the input file
that is to be encrypted, Fig.5 and Fig.6. shows the
two encrypted files namely e1 and e2, and Fig.7.
shows the output file that is generated by
decrypting and merging both e1 and e2.

136

Authorized licensed use limited to: COMSATS INSTITUTE OF INFORMATION TECHNOLOGY. Downloaded on October 24,2024 at 09:27:05 UTC from IEEE Xplore. Restrictions apply.
 Fig.4. Input file

Fig.5. Encrypted file-1

Fig.6. Encrypted file-2

137

Authorized licensed use limited to: COMSATS INSTITUTE OF INFORMATION TECHNOLOGY. Downloaded on October 24,2024 at 09:27:05 UTC from IEEE Xplore. Restrictions apply.
 Fig.7. Output file

VI. PERFORMANCE ANALYSIS

PARAMETERS XOR RSA

Type of encryption Symmetric Asymmetric

Keys used Same key for Different keys for

encryption and encryption and
decryption decryption

Confidentiality Less High

Attacks possible Brute force Timing

512 bit key cracked in 3 weeks 3.7 months

1024 bit key possible 4 months 6-7 million

to crack in months

2048 bit key possible Less than an Exponential time

to crack in year

Level of security Low High

Security equal to 3000 bit key 128 bit key

Fig.8. Performance analysis of the XOR approach and RSA

algorithm

Fig.8. shows the comparison between the

performance analyses of both the approaches. As
provided, the security with the RSA algorithm is
more when compared with the XOR approach.

138

Authorized licensed use limited to: COMSATS INSTITUTE OF INFORMATION TECHNOLOGY. Downloaded on October 24,2024 at 09:27:05 UTC from IEEE Xplore. Restrictions apply.
 [6] Parsi Kalpana,, “Data Security in Cloud
VII.CONCLUSION AND FUTURE WORK
Computing using RSA Algorithm, International
Journal of Research in Computer and
Thus through our approach, the Communication technology”, IJRCCT, Vol 1,
cloud provider cannot directly reach the data. This Issue 4, September 2012.
technique provides double security to the data
stored in cloud and it is easy to integrate, that
[7] S. Liu , Q. Qu , L. Chen , L. Ni , SMC:
defends malicious activities occurred on the cloud
“A practical schema for privacy-preserved data
server. It also ensures data retrievability.
sharing over distributed data streams”, IEEE
Distribution of data ensures security of sensitive
Trans. Big Data 1 (2) (2015) 68–81
data. Future work would address securing data
[8] Zaid Kartit, Mohamed El Marraki,”
duplications in order to increase the level of data
Applying Encryption Algorithm to Enhance Data
availability. Future work would also include
Security in Cloud Storage”, Engineering Letters,
compression of the encrypted data that is slightly
23:4
of heavier weight.
[8] Yibin Li, Keke Gai, Longfei Qiu,
REFERENCES
Meikang Qiu, Hui Zhao, “Intelligent cryptography
approach for secure distributed big data storage in
[1] V. Chang , M. Ramachandran ,
cloud computing”, Information Sciences, in press
“Towards achieving data security with the cloud
computing adoption framework”, IEEE Trans.
Serv. Comput. 9 (1) (2016) 138–151 .

[2] K. Gai , M. Qiu , L. Chen , M. Liu,”

Electronic health record error prevention
approach” using ontology in big data”, 17th
IEEE International Conference on High
Performance Computing and Communications,
New York, USA, 2015, pp. 752–757

[3] K. Gai , L. Qiu , H. Zhao , M. Qiu ,

“Cost-aware multimedia data allocation for
heterogeneous memory using genetic algorithm in
cloud computing”, IEEE Trans. Cloud
Computing. 1 (2016) 99

[4] K. Gai , M. Qiu , H. Zhao , “Security-

aware efficient mass distributed storage approach
for cloud systems in big data,
in: 2016 IEEE 2nd International Conference on
Big Data Security on Cloud (BigDataSecurity),
IEEE International Conference on High
Performance and Smart Computing (HPSC), and
IEEE International Conference on Intelligent Data
and Security (IDS)”, IEEE, New York, USA,
2016, pp. 140–145.

[5] H. Wang , Z. Xu , H. Fujita , S. Liu ,

“Towards felicitous decision making: An
overview on challenges and trends of big data”,
Inf. Sci. 367 (2016) 747–765

139

Authorized licensed use limited to: COMSATS INSTITUTE OF INFORMATION TECHNOLOGY. Downloaded on October 24,2024 at 09:27:05 UTC from IEEE Xplore. Restrictions apply.