An Effective Hybrid Encryption Algorithm for Ensuring Cloud Data Security

Abstract

Cloud computing is one of the most research hot topics in IT industry nowadays. A lot of startup organizations are adopting cloud eagerly due to massive cloud facilities available with minimal investment; but as every coin has two sides, so with cloud. In the cloud, the user data is stored at some off-site location. So cloud data security is one of the main concerns of any organizations, before shifting to the cloud. The data owners can ensure the data security at its premises using firewalls, VPN (Virtual Private Network) like most used security options. But as data owner stores their sensitive data to remote servers and users access required data from these remote cloud servers, which is not under their control. So storing data outside client premises, raises the issue of data security. Thus, one of the primary research areas in cloud computing is cloud data protection. In this research paper, strategies followed include categorization of the data on the basis of their sensitivity and importance, followed by the various cryptography techniques such as the AES (a Symmetric Cryptography technique), SHA-1 (a Hashing technique), and ECC (Elliptic curve Cryptography (an Asymmetric Cryptography technique). Till date, most of the authors were using a single key for both encryption and decryption which is a weak target of various identified malicious attacks. Hence, in the designed hybrid algorithm, two separate keys are used for each encryption and decryption. The cloud user who wants to access cloud data, need to first register with CSP and cloud owner. After registration, user login id, password and OTP (One Time Password) sent to the user registered mobile number, are required to access the encrypted cloud data.