Open in app

Sign in

Write

Sign in

Cryptography in Cloud Computing

Tejas Narnaware
7 min readMay 4, 2023

--

Introduction

Cloud Computing has become the backbone of various modern organizations, providing convenient and cost-effective access to computing resources, storage, and applications. However, the rise in cloud-based solutions has also brought about new security challenges, as data present in the cloud can be used from anywhere in the world, making it more vulnerable to cyberattacks. Cloud cryptography provides a solution to these challenges by encrypting data stored in the cloud, making it unreadable and unusable to unauthorized parties. In this article, we will explore cloud cryptography in more detail, including its benefits, drawbacks, and different methods of implementation.

What is Cloud Cryptography?

Cloud cryptography is the practice of using cryptographic techniques to protect data stored or transmitted in the cloud. The process involves encrypting data before it is stored in the cloud, as well as keeping the data encrypted while it is being transmitted or when it is at rest. Encryption guarantees that only legal parties can use the data, even if it falls into the hands of invaders. The use of cloud cryptography is vital for guaranteeing the safety of cloud-hosted solutions, mainly in industries such as healthcare, finance, and government, where data privacy and security are serious. By implementing robust cloud cryptography measures, organizations can help mitigate the risks associated with cloud computing and ensure the privacy, truthfulness, and accessibility of their data.

Types of Cloud Cryptography

Cloud cryptography can be broadly categorized into two types: public cloud cryptography and private cloud cryptography.

1. Public cloud cryptography involves the use of cryptographic techniques to secure data in public cloud environments such as Microsoft Azure, Google Cloud and Amazon Web Services (AWS).

2. Private cloud cryptography, on the other hand, involves the use of cryptographic techniques to secure data in private cloud environments, which are hosted on-premises or in a dedicated data centre.

Methods of Cloud Cryptography

There are several methods of implementing cloud cryptography, each with its own strengths and weaknesses. Some of the recorded public approaches are:

Pre-encrypted data synced with the cloud — In the proposed technique, data is encrypted before it is send to the cloud. This confirms that the data is protected from unlawful access during transmission.

End-to-end encryption — End-to-end encryption encodes data at the source and decodes it at the destination. This technique ensures that the data is encrypted throughout its drive to the cloud and is decrypted only when it reaches its destination.

File encryption — In this method, each file is encrypted individually using a unique encryption key. This method ensures that even if one file is compromised, the other files remain secure.

Full disk encryption — Full disk encryption comprises encrypting the entire disk, along with the operating system and all the data stored on it. This technique confirms that even if the physical disk is pilfered, the data remains secure.

Application-level encryption — Application-level encryption includes encrypting data at the application level, which ensures that only approved users can use that data. This method is particularly useful for applications that store sensitive data such as financial information, personal data, or medical records.

Virtual private network (VPN) — A VPN provides a safe, secure, encoded tunnel between the user’s device and the cloud, ensuring that data transmitted all over the network is secured from unauthorized access.

Also, another type of method Cloud cryptography can be implemented to defend data based on time and its location such as data in transit, data at rest, legal and regulatory issues, authentication, and customer separation.

Data-in-transit — Data-in-transit refers to data that is transmitted between devices, such as between a user’s computer and the cloud. Cloud cryptography is used to encrypt data in transit, ensuring that it is protected from interception or tampering.

Data-at-rest — Data-at-rest refers to data that is stowed in the cloud. Cloud cryptography is used to encrypt data at rest, ensuring that it is protected from unauthorized access.

Legal and regulatory issues — Cloud cryptography can help organizations comply with legal and supervisory requirements, such as the General Data Protection Regulation (GDPR) and Accountability Act (HIPAA) and the Health Insurance Portability. Encryption ensures that data is protected and that organizations are not in violation of these regulations.

Authentication — Cloud cryptography can be used to authenticate users accessing the cloud. Authentication guarantees that only authorized users can use sensitive data.

Customer Separation — Cloud cryptography can be used to ensure customer separation, which means that data from different customers is stored separately in the cloud. Customer separation ensures that one customer cannot access another customer’s data.

Cryptography Algorithms

Cloud cryptography is implemented using various cryptographic algorithms, including symmetric algorithms, asymmetric algorithms, and hashing. Symmetric algorithms use a similar key for encryption and decryption, whereas asymmetric algorithms have two different keys, a public key and a private key, for encryption and decryption. Hashing is a technique used to generate a fixed-size output from any input data, which ensures the integrity and authenticity of data stored in the cloud.let see in detail :

  • Symmetric Algorithm:

Symmetric algorithms use a single key for encryption as well as for decryption. The key is public between the source(sender) and the destination(receiver), and it is can use to encrypt and decrypt data. Cases of symmetric algorithms are Advanced Encryption Standard (AES) and Data Encryption Standard (DES).

  • Asymmetric

Algorithm: Asymmetric algorithms use two different keys one for encryption and the other for decryption, known as a public key and a private key. The public key is available to everyone, while the private key is always secret. Data is encrypted using the public key and decrypted using the private key. Examples of asymmetric algorithms include RSA and Elliptic Curve Cryptography (ECC).

  • Hashing:

Hashing is a technique used to verify the integrity of data. A hash function takes an input (such as a file) and generates a fixed-length string of characters that represents the input. If the input is changed, the hash will also change, indicating that the data has been tampered with. Hashing is used in conjunction with encryption to ensure that data has not been modified.

Advantages of Cloud Cryptography

Cloud cryptography offers several advantages, including:

1. Data confidentiality — Cloud cryptography ensures that the data kept in the cloud is protected from unauthorized access.

2. Data integrity — Cloud cryptography ensures that the data kept in the cloud is not tampered with.

3. Authentication — Cloud cryptography ensures that the data kept in the cloud is authentic.

4. Regulatory compliance — Cloud cryptography can help organizations comply with various regulations such as HIPAA, GDPR, and PCI-DSS, which require the protection of sensitive data.

5. Cost-effectiveness — Cloud cryptography is a cost-effective way to secure data in the cloud, as it eliminates the need for expensive hardware and infrastructure.

Disadvantages of Cloud Cryptography

Cloud cryptography also has some disadvantages, including:

1. Complexity — Cloud cryptography is a complex press that requires a high level of expertise.

2. Performance — Cryptographic operations can be resource-intensive, which can impact the performance of cloud applications.

3. Key Management — Key management can be challenging, particularly in large-scale cloud deployments with multiple users and devices.

Real-world examples of cloud cryptography:

Dropbox: Dropbox uses AES-256 encryption to encrypt data before it is uploaded to their servers. They also use SSL/TLS to secure the transmission of data to and from their servers. Additionally, Dropbox offers two-factor authentication for an additional coating of security.

Microsoft Office 365: Microsoft Office 365 uses BitLocker drive encryption to encrypt all data on their servers. They also use SSL/TLS for secure communication between their servers and user devices.

Amazon Web Services (AWS): AWS offers a variety of encryption options for securing data in the cloud. They support server-side encryption for S3 buckets, using either AWS-managed or customer-managed keys. AWS also offers client-side encryption for data being uploaded to S3 buckets.

Google Drive: Google Drive uses AES-128 encryption to encrypt data before it is uploaded to their servers. They also use SSL/TLS for secure communication between their servers and user devices. Additionally, Google Drive offers two-factor authentication for added security.

Salesforce: Salesforce uses TLS encryption to secure data transmission between their servers and user devices. They also offer field-level encryption for sensitive data stored in their platform, as well as encryption for data stored in transit between Salesforce and other systems.

These are just a few examples of cloud cryptography in action. Many other cloud-based solutions also utilize encryption and other cryptographic techniques to ensure the security of their users’ data.

Conclusion

cloud cryptography is a crucial aspect of securing cloud-hosted data in today’s digital landscape. With the increasing prevalence of cyberattacks, data breaches, and theft of sensitive information, cloud cryptography provides a reliable solution to protect data confidentiality, integrity, and authenticity. Various methods of implementing cloud cryptography, such as pre-encrypted data, end-to-end encryption, file encryption, and full disk encryption, provide users with a range of options for securing their data. Cloud cryptography is implemented using various cryptographic algorithms like symmetric algorithms, asymmetric algorithms, and hashing. While cloud cryptography may be complex and can sometimes affect performance, it remains an essential tool for securing cloud-based solutions. Real-world examples of cloud cryptography in action, such as Dropbox, Microsoft Office 365, AWS, Google Drive, and Salesforce, highlight its importance in ensuring the security of cloud-hosted data.

References

1.GeeksforGeeks. “An Overview of Cloud Cryptography.” GeeksforGeeks, 22 Apr. 2020, https://www.geeksforgeeks.org/an-overview-of-cloud-cryptography/.

2.Analytics Vidhya. “Cloud Cryptography: A Reliable Solution to Secure Your Cloud.” Analytics Vidhya, 20 Oct. 2022, https://www.analyticsvidhya.com/blog/2022/10/cloud-cryptography-a-reliable-solution-to-secure-your-cloud/.

3.Qadir, Abdalbasit Mohammed, and Nurhayat Varol. “A review paper on cryptography.” 2019 7th international symposium on digital forensics and security (ISDFS). IEEE, 2019.

4.Kumar, Sanjeev, et al. “Cloud security using hybrid cryptography algorithms.” 2021 2nd international conference on intelligent engineering and management (ICIEM). IEEE, 2021.

5.Thabit, Fursan, Sharaf Alhomdy, and Sudhir Jagtap. “Security analysis and performance evaluation of a new lightweight cryptographic algorithm for cloud computing.” Global Transitions Proceedings 2.1 (2021): 100–110.

Authors:-
Neha Bhavar
Saurav Deshmukh
Tejas Narnaware
Rahebar Shaikh
Suraj Rothe

Cryptography
Cloud Computing
Encryption
Decryption

--

--

Tejas Narnaware

Written by Tejas Narnaware

1 Follower

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams