Cloud Cryptography

https://www.google.com/url?sa=i&url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DY12b1WkIAXQ&psig=AOvVaw0opWEGYZEDEoTZsLrJA0Ou&ust=1679332551807000&source=images&cd=vfe&ved=0CBAQjRxqFwoTCLCn_cS_6P0CFQAAAAAdAAAAABAX

Cloud and Cryptography — not just words but immersive technologies that have proven to be very important in coming era.

In this blog, we talk about the role of cryptography in cloud computing. The encryption of data kept in a cloud service is known as cryptography in cloud computing. But first, let’s understand what encryption means.

Encryption — It is simply the process of converting plain , readable text into cipher text or non-readable text. This is done using algorithms like SHA, RSA, MD-5 and many more. Encryption helps us to securely transfer data from one place to another.

Cloud Cryptography is a widely used method for making sure that user data is protected and secured. Encryption techniques are used to protect data utilised or stored on the cloud. Users can securely access shared cloud services since all data saved by cloud providers is secured. Cloud cryptography safeguards confidential data without obstructing information sharing. Using end-to-end encrypted cloud storage, cloud cryptography brings the same level of security to cloud services. Without affecting data transfer, it can protect important cloud data. For cloud computing, several companies create a variety of cryptographic protocols to strike a balance between efficiency and security.

The current cryptographic tools are inappropriate for cloud :

1. Due to assumptions about how the tools will be used.
2. Results in loss of efficiency.

Therefore, some new tools are designed for cloud cryptography :

1. Homomorphic encryption : Homomorphic encryption is a type of encryption that enables certain computations to be conducted on ciphertext and produce an encrypted result that, when decrypted, is identical to the outcome of operations on the plaintext. Homomorphic encryption is crucial in cloud computing, allowing businesses to keep encrypted data on a public cloud to use the analytic services of the cloud provider.
2. Searchable/Structured encryption : Authorized users can search encrypted material using searchable encryption without having to first decode it. This is accomplished by indexing the data so that it can be searched without jeopardising its security.
3. Proofs of Storage : Using Proof of Storage, we can efficiently verify the integrity of remotely stored data. Tamper detection is done without knowing original file.

Cryptography Algorithms used by Google :

Cloud giant Google Cloud Platform (GCP) uses Advanced Encryption Standard (AES-256) algorithm for storing data on the cloud. Encryption at rest is a component of Google’s all-encompassing security approach, which helps to defend user content from intruders. Using one or more encryption algorithms, they automatically encrypt all Google customer content while it is at rest. Tink which is a common cryptographic library, is used to implement consistent encryption across GCP. For storage, data is divided into subfile pieces, each of which can hold up to several gigabytes. At the storage level, each chunk is encrypted using a unique data encryption key (DEK). Even if they are stored on the same machine or belong to the same client, two chunks won’t have the same DEK. Data is encrypted before being written to a physical disc or database storage system. All storage systems already include encryption rather than adding afterwards.

https://cloud.google.com/docs/security/encryption/default-encryption#:~:text=All%20data%20that%20is%20stored,)%20algorithm%2C%20AES%2D256.

DEKs are kept close to the data they encrypt because of the enormous amount of keys used by Google as well as the demand for low latency and high availability. A key encryption key (KEK) and envelope encryption (technique by which a key is encrypted with another key) are used to encrypt DEKs. One or more KEKs are available for each service; these KEKs are not particular to consumers. These KEKs are stored centrally in Keystore which is a repository built specifically for storing keys.

pCloud :

One example of encrypted cloud is pCloud. It is a private cloud storage where the user may keep all of their files and folders. It has an intuitive user interface that makes it clear where everything is and what it accomplishes. Client-side encryption is offered by pCloud Encryption, meaning that it is done on our device. Your files are uploaded to the servers in their encrypted form, but they never leave our computer in plain text. What kind of data we keep in our account is a secret even to the service provider. Only our Crypto Pass will unlock the encryption on our files. With the Crypto Pass, we establish restrict access to our files using pCloud Encryption is a string of letters and/or numbers. In terms of usability, a Crypto Pass is comparable to a password. In this situation, we enter this Crypto Pass to encrypt and decode the data in our Crypto Folder.

Advantages of Cloud Cryptography :

1. The user’s information is private. As a result, hacker crime declines.
2. If an unauthorised person tries to make modifications, someone immediately alerts the organisation. Cryptographic key holders are granted access.
3. Data is shielded from compromise while it is transferred between devices thanks to encryption.
4. In today’s data-driven society, cloud encryption is now essential since it gives organisations control over their security against cyberattacks and data breaches.
5. Encryption is one of the safest ways to store and send data since it abides by the defined guidelines of the companies using it. Those who receive the data can tell if it’s corrupted, allowing for immediate feedback and a solution to the attack.

Disadvantages of Cloud Cryptography :

1. Highly advanced systems are needed for encrypted data.
2. The required costs increase since the systems need to be upgradeable.
3. Organisations may encounter challenges while trying to recover data due to overprotective measures.

Hope you found this information useful !!

References :

1. https://cs.brown.edu/~seny/slides/cc-RCLE11.pdf
2. https://www.ijert.org/cloud-cryptography-a-security-aspect
3. https://cloud.google.com/docs/security/encryption/default-encryption#:~:text=All%20data%20that%20is%20stored,)%20algorithm%2C%20AES%2D256.
4. https://www.geeksforgeeks.org/an-overview-of-cloud-cryptography/
5. https://www.pcloud.com/help/general-help-center/

Authors :

Maitri Vibhute

Vineeth Naitam

Dakshata Wasnik

Pratik Yeole