Cloud services and cryptographic cloud storage systems have gained popularity in recent years due to their availability and accessibility. The present systems are nonetheless still ineffectual. They are the best since they demand a lot of trust from the user or the provider. To ensure they are not violating any End-User License Agreement (EULA) clauses, providers typically keep the ability to examine the files that have been saved, and some even keep the ability to share the data. It is simple to create a copy of every piece of data when a provider has access to go through it, which is considered abuse. A typical user would have a very difficult time proving these claims because they have no method of finding any evidence supporting such claims. Due to the growing quantity of Machine Learning (ML) performed on personal user data for either tailoring advertisements or, in more severe cases, manipulating public opinion, this issue has only gotten worse in modern times. Due to the volume of users and files kept, cloud storage services are the ideal location for getting such information, whether personal or not. To retain complete anonymity, the user could take the simple step of adding a local layer of encryption. This will prevent the cloud provider from being able to decrypt the data. The requirement for ongoing key management, which becomes more challenging as the number of keys rises, is another drawback of this. To better understand normal behaviors and pinpoint potential weaknesses, this study aims to explore and assess the security of a few well-known existing cryptographic cloud storage options. Among the vendors investigated are Microsoft Azure, Tresorit, Amazon S3, and Google Cloud. Based on documentation particular to each service, this comparison was done. However, the majority of providers frequently provide only a limited amount of information or don't go into great detail about specific ideas or procedures (for instance, security in Google Cloud), leaving room for interpretation. The authors conclude by outlining a unique approach for encrypted cloud storage that employs Cocks Identity Based Encryption (IBE) and Advanced Encryption Standard (AES)-256 Cipher Block Chaining (CBC) to limit potential abuse by alerting the user anytime a file 1 inspection takes place. Cocks IBE will be utilized as an alternate cryptographic method for access controls, and AES-256 will be used for the Initialization Vector (IV) features' encryption. Additionally, Fiat-Shamir authentication will be zero-knowledge. A system like this might be used by companies who offer services in the actual world because it would boost customer confidence.
Read full abstract