Survey On Hyperelliptic Curve Cryptography To
Secure Cloud Computing
Dr. M.Gobi, G.S. Parimalam
Abstract : In this emerging technological world, cloud computing is one of the efficient technological services for storing and retrieving data & resources through the internet rather than direct service connection. This technology enables users to save resources in remote databases. However, cloud technology needs new security features in accessing the cloud. Therefore, users rely on third-party services for storing and accessing data storage that can vulnerable to attacks and other data exploitation. In addition, cloud services also offer security tools to safeguard user‘s data with some disadvantages like data leakage, denial of service, eavesdropping, lack of safety standards and so on. HyperElliptic Curve Cryptosystem (HECC) is one of the public key cryptographic techniques, and expansion of Elliptic Curve Cryptography (ECC) that offers the similar level of security compared with other cryptosystems such as RSA, ECC, and DSA. HECC supervises the ECC due to shorter operand sizes. This paper analyzes the use of HECC and studies various efficient data security schemes using HECC in Cloud computing.
Index Terms : Cloud Computing, Remote Database, Data Storage, Elliptic Curve Cryptography, HyperElliptic Curve Cryptosystem, Public Key Cryptographic Technique, Data Security.
—————————— ——————————
1
INTRODUCTION
Cloud computing is a combination of high-level servers that are virtually connected together. The cloud computing is a service that delivers over the internet. It allows users to rent and access the applications, software development, and deployment tools environment, network-accessible storage processing and so on [1]. Generally, cloud computing is convenient, on-demand network access to shared computing resources. The fundamental aspect of cloud computing is that the data is being centralized or distributed in the cloud database. The data is stored at remote locations and available on-demand that allows the users to access data without installing any additional applications at any computer through internet accessibility. Through the data outsourcing method, users get information from anywhere more efficiently and reduce the cost of buying new software, hardware, and other resources. In addition to the increasing popularity of cloud computing, the challenging factor of data sharing functionality also increases the risks of security, data integration, and confidentiality. One of the major constraints is that the user cannot confirm the security conditions of each server, where the data is deployed [2]. Cryptography is the art of science that wants to cipher and decipher information for secure communication mathematically. It provides a facility for the user to transfer information firmly while not degrading the performance of the system. Public key cryptography is one among the cryptographical techniques that contain a combination of keys called private and public keys. The general public secret is wanting cipher the info and private secret is want to decipher information [3]. Hyperelliptic curve cryptography is that the quick public key cryptographical technique with high potency and security. In 1988, Neal Koblitz recommended a new higher genus curve for cryptographical functions called Hyperelliptic Curve Cryptosystem [1,2].
HECC has a lot of advantages like shorter key size, less computational overhead, high security, needs less memory area and consume less power. These options makes simple to implement HECC each in hardware and package [4]. HECC has huge options for providing security and high potency for engineering applications. Several researchers place his effort to develop a cryptographical algorithmic program and protocol supported Hyperelliptic Curve Cryptosystem. This feature makes HECC highly regarded among the various cryptographical systems. Figure 1 shows the cloud security model.
Fig. 1 Cloud Security Model.
1.1 Cloud-Based Services
Some of the cloud services [3,4 & 5] offered are ―Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS) and Storage as a Service (SaaS)‖.
1.2 Infrastructure as a Service (IaaS)
Infrastructure as a Service provides an instant infrastructure service that helps to avoid complexities in buying the number of physical servers and data centers. In addition, IaaS supports testing and development, hosting websites, backup storage and recovery, web applications, high-performance computing, and big data analysis.
1.3 Platform as a Service (PaaS)
Platform as a service includes entire deployment service in the cloud that includes resources to deliver everything from simple cloud-based applications to enterprise applications. PaaS
————————————————
• Asst. Professor, Department of Computer Science, Chikkanna Government Arts College, Tirupur Email:[email protected] • Research Scholar, Department of ComputerScience, Chikkanna
3783
provides services like middleware, business intelligence tools and database systems in addition to infrastructure.
1.4 Software as a Service (SaaS)
Software as a Service refers to a method of accessing software provided by the cloud service provider to manage the software according to the service agreement. SaaS provides benefits such as cross-device compatibility, no hardware setup cost, scalable usage, and automatic updates.
1.5 Storage as a Service (SaaS)
Storage as a Service is a model of providing storage infrastructure for managing backups, hardware, and physical space. Storage as a Service is used by organizations to deteriorate risks in disaster recovery, to provide long-term adaptability and to increase business availability and continuity. The rest of this paper is organized as follows: Section 2 details about Elliptic Curve Cryptography (ECC), Section 3 presents the features of HECC. Section 4 explains the literature review of HECC and Section 5 concludes the paper with a conclusion.
2
ELLIPTIC
CURVE
CRYPTOGRAPHY
Definition: Let K be a field of characteristic≠ 2,3, and let
𝑥 + 𝑎𝑥 + 𝑏 (where , 𝑏 ∈ 𝐾 ) be a cubic polynomial with no multiple roots. An elliptic curve over K is the set of points (𝑥, 𝑦)
that satisfy Eq. (1),
𝑦 = 𝑥 + 𝑎𝑥 + 𝑏 (1)
together with a single element denoted by 𝑂 is the ―point at infinity‖.
If K is a field of characteristic 2, then an elliptic curve over K is the set of points that satisfy the Eq. (2) or Eq. (3) of the type either
𝑦 + 𝑐𝑦 = 𝑥 + 𝑎𝑥 + 𝑏 (2)
or else
𝑦 + 𝑥𝑦 = 𝑥 + 𝑎𝑥 + 𝑏 (3)
together with a ― point at infinity‖ 𝑂.
If K is a field of characteristic 3, then an elliptic curve over K is the set of points that satisfy the Eq. (4),
𝑦 = 𝑥 + 𝑎𝑥 + 𝑏𝑥 + 𝑐 (4)
together with a ― point at infinity‖ O.
3
HYPERELLIPTIC
CURVE
CRYPTOGRAPHY
Hyperelliptic curves are similar elliptic curves and are well suitable for cryptography. These algebraic curves are a generalization of elliptic curves. The equation of a hyperelliptic curve C of ‗g‘ genus over k field is given by Eq. (5),
𝐶: 𝑦 + (𝑥)𝑦 = 𝑓 (𝑥) (5)
Where, h(x) - a polynomial of degree ≤ 𝑔 𝑜𝑣𝑒𝑟 𝐹, f(x) - a monic polynomial of degree 2𝑔 + 1 𝑂𝑣𝑒𝑟 𝐹.
The proposed model implements the encryption of the document in the side of the data owner by using hyperelliptic Curve Cryptography (HECC). There are three types of schemes based on hyperelliptic curve cryptography. They are,
Key agreement,
Encryption and
Signature schemes.
3.1 Key Agreement
The client implements the HECC algorithm to generate public and private keys. The key pair is defined as *𝑝𝑘, 𝑑+ where 𝑝𝑘 - a public key and 𝑑 -private key. The Diffie-Hellman key agreement
technique was designed for the multiplicative group of numbers, but it can adjusted easily to general groups. Let us consider 𝐺
be a group whose elements can be efficiently represented the group operation can be efficiently evaluated as well. The group is jacobians of hyperelliptic curves.
The following public parameters are considered The group 𝐺.
An element 𝑅 ∈ 𝐺 of large prime order 𝑟.
3.2 Encryption/Decryption
The data owner will encrypt the files to the cloud before sending with the public key,
𝑝𝑘 −> 𝐸. The hash value generated is stored for further
verification process and the data encrypted is uploaded to the cloud. If 𝐴 wants to send data message 𝑀 𝑡𝑜 𝐵, it does the following,
It obtains the public key 𝑝𝑘 of receiver 𝐵.
It chooses a secret number 𝑎 ∈ ,1, 𝑟 − 1-.
Computes the value 𝐶1 = 𝑎𝑅.
Compute the value 𝐶2 = 𝑀 + 𝑎(𝑝𝑘).
Send(𝐶1, 𝐶2)𝑡𝑜 𝐵.
When the data user needs to access the file, a download request will be sent to the cloud and a decryption key is used to decrypt the retrieved content. After retrieval of content, the hash value will be calculated again. The file integrity can now be verified upon the comparison. As the file is stored in the cloud, the comparison of hash value will be helpful to identify whether the file is perfect while it is stored in the cloud. The receiver B can decrypt the cloud data by doing the following:
Receive the encrypted message (𝐶1, 𝐶2) from sender 𝐴
Compute the message value 𝑀 = 𝐶2 − 𝑏𝐶1.
3.3 Signature Schemes
The Digital Signature Algorithm can be used for any group G signature generation and verification. If sender A needs to sign a message M, it has to do the following.
Choose a random integer 𝑘 ∈ ,1, 𝑟 − 1-, and compute
𝑄 = 𝑘𝑅.
Compute 𝑠 from 𝐻(𝑀) and 𝑎. Now the signature is (𝑀, 𝑄, 𝑠).
In order to verify this signature at the receiver end, the verifier B has to do the following,
Compute 𝑣1 and 𝑣2 from 𝐻(𝑀) and ∅(𝑄)
Compute 𝑉 = 𝑣1𝑅 + 𝑣2𝑃
Accept the signature when 𝑉 = 𝑄. Else reject it. The definition of HECC is,
Definition: A hyperelliptic curve 𝐶 of genus 𝑔 defined over a field 𝐹 of characteristic 𝑝 is given by Eq. (6),
𝑌 + (𝑥)𝑦 = 𝑓(𝑥) (6)
Where (𝑥) and 𝑓(𝑥) are polynomials with coefficients in Fq with a degree of (𝑥) ≤ 𝑔 and degree of 𝑓(𝑥) = 2𝑔 + 1.
An additional requirement is that the curve should not be a singular curve. The condition that is no 𝑥 any 𝑦 in the algebraic closure of 𝐹 that satisfy the equation of the curve and the two partial derivatives,
2𝑦 + (𝑥) = 0, ’(𝑥)𝑦 – 𝑓’(𝑥) = 0.
A divisor D of the curve is a formal sum ∑ ∈ ( )𝐶 ,𝑃-with 𝐶 as
an integer having finitely many 𝐶 nonzero. The set of all divisors is denoted by 𝐷𝑖𝑣(𝐿).
Given two divisors 𝐷 = ∑ 𝐶 ,𝑃- and 𝐷 = ∑ 𝐶 ,,𝑃- the sum 𝐷 + 𝐷’ is defined as
𝐷 + 𝐷’ = ∑(𝐶 + 𝐶 ),𝑃-.
This gives 𝐷𝑖𝑣(𝐿) a group structure.
The degree of a divisor 𝐷 = ∑ ∈ ( )𝐶 ,𝑃- is 𝑑𝑒𝑔(𝐷) =
∑ 𝐶 .
The group of degree zero divisor is
𝐷𝑖𝑣 (𝐿) = *𝐷𝜀 𝐷𝑖𝑣(𝐿)| deg(𝐷) = 0 +.
For any extension 𝐾 of 𝐹, consider the set
𝐶(𝐾) = *(𝑥 , 𝑦+ ɛ 𝐾 𝑋 𝐾 | 𝑦 + (𝑥)𝑦 = 𝑓(𝑥)+ 𝑈 *∞+. It is called a set of 𝐾 – rational points on 𝐶. The definition of the group 𝐽 (𝐾) can be considered as a natural generalization of the group of points on elliptic curves.
4
LITERATURE
REVIEW
Kumar & Subramanian [4] proposed an efficient and safe technique by mistreatment of ECC and Sobol sequence. This technique achieves confidentiality and that they might verify data integrity while not retrieving original data. Farajaa et al., [5] proposed a new scheme for Identity and Access Management (IAM) that depends on the blending of the Trusted Cloud (TC) with Identity-Based Cryptography (IBC) to facilitate the management and present a lot of security for cloud computing, and used AES algorithm rule for secure file encryption. A new framework suggested by Nagendra Kumar et al., [6] that provides double authentication techniques and dilate proceedings that may shield the data effectively through the amount of transmission it to the cloud computing storage. This method uses the DS (Digital Signature) based on RSA algorithmic rule for identity, access, and data security once it stores in private cloud. Nikhil Gajra et al., [7] provided the security for files and data authentication through using hybrid of AES and Blowfish for encryption, and used Elliptic Curve Cryptography (ECC) for key generation and used Diffie-Hellman (DH) for exchange of keys. These combinations of algorithms provide authentication and confidentiality for outsourced data with low cost and nominal performance. Arjun Kumar et al., [8] proposed a new technique that used ECC to permits the user to store their knowledge and retrieval it from cloud storage firmly. This proposal divided the storage into two sections the primary section is to store user private data, and therefore the second to store shared data and use PIN number with a secret key to encryption data. Sana Belguith et al., [9] proposed a new encryption algorithm that composed of merging secret key algorithm (AES) for data encryption and public key algorithm (RSA) for keys distributing. This assortment aids to urge the advantage of secret key potency and speed performance of public-key encryption, whereas keeping the rights of users to access data in a secured and authorized method. Noha et al., [10] used a hybrid of cryptographic algorithms. This combination contains (RSA and AES) algorithm to provide confidentiality and authentication and used SHA256 to come up with a signature. The proposed scheme provides the major three security primitives – authentication, confidentiality, and integrity. A new scheme to provide data confidentiality and integrity suggested by Abbas & Maryoosh [11] via victimization of Elliptic Curve Integrated Encryption
3785
module for the HEC-DSA signature and validates using the simulator Quartus II 6.0. Shaheen & Praveen [19] proposed a new scheme for securing image that stored in cloud computing. This scheme contains a combination of Chen and Liu's chaotic system. First, the mask image is divide into 8 blocks, then the shuffling method which supports a logistic map on these blocks. Finally, it applies the hyperchaotic system on the ensuing image to induce the encrypted image. The prime benefit of this proposal, the secret key is also encrypted. Some values of a generated encrypted key with the index are sent to the server & another value is distributed to the user before storing the image within the cloud, the index was created for these images. Baktir et al., [20] launches the implementation of HECC over the extension field of odd characteristic on an embedded processor and proves the implementation of genus-2 HECC over GF(281) on 32-bit ARM7TDMI processor provides an improvement of roughly 57% compared with alternative cryptographic algorithms. It additionally furnishes the software implementation of HECC over OTF victimization Microsoft‘s Visual C++ Compiler 6.0 and the Developer Studio 6 for writing the program for compilation and debugging the field of multiplication, field inversion and cluster addition and doubling. It highlights the usage of Hyperelliptic Curve Cryptography for power-constrained mobile devices and measures the performance of each RSA algorithm and HECC using PALMIII and J2ME wireless outfits‘ tool kit 2.5.1 severally. It additionally advises achieving the high-security level using ElGamal primarily based Hyper Elliptic curve cryptography and MD5 algorithm within the authentication protocol. Chatterjee & Gupta [21] explores the details of main operations like scalar multiplication, cluster operations on Jacobian, finite field operations and so on for economical implementation of ECC / HECC. It additionally compares the timing of operations like scalar multiplication, encryption, and decryption of ECC and HECC. It examined the performance of HECC on PC with Intel Core 2DUO CPU [email protected] with 4GB RAM and windows vista operating system using jdk1.6. Software implementation of ECC and HECC for unnaturally constrained devices such as smart cards, PDAs, and mobiles are processed easily. Finally, it provides a performance comparison of ECC and HECC. Jacobson et al., [22] observe the Jacobian of a Hyperelliptic curve outlined over a finite field implement the separate discrete logarithm cryptographic protocols. It urged a Weil Descent technique to resolve Hyperelliptic Curve Discrete Logarithmic Problem (HCDLP). It additionally provides detail regarding index calculus attacks on HCDLP and Weil descent attack on the ECDLP. It develops a Crypto processor to manifest the automotive access control systems to unlock the automobile. It additionally designs the hardware and software interface for automotive access control system. Zhou [23] proves that Ring signature effectively solves the matter of group managing in cluster cryptosystem and thus greatly improves the potency of signature generating and substantiate verifying. It additionally shows the development in ring signature then reinforces the security and stability of ring signature and effectively improves the efficiency of engineering application. Gampala & Malempati [24] proposed authentication and encryption schemes for secure data transmission from one cloud to another or alternative clouds with ECC. The scheme applies digital signature encryption, decryption and Signature Verification algorithms to secure the transfer of data between two public clouds victimization ECC. The major advantage of the solution is that ECC creates smaller key size than RSA that ends in faster computations, lower
et al., [31] proposed an economical signcryption scheme supports HECC. To gain popularity and take away the double expansion problem using the HECC technique. The proposed scheme reduced 40% computation and communication overheads and well appropriate for m-commerce and w-media environments. Ch, et al., [32], the proposed scheme offers lightweight and efficient signcryption supported HECC. It additionally condensed the number of communication and computation overheads as compared to other existing schemes. The proposed scheme is additionally appropriate for resource-constrained devices.
5
CONCLUSION
Cloud computing is facing many challenges concerned with security. User‘s data must remain confidential and must be authenticated whenever it is accessed. This paper introduced the hyperelliptic curve cryptography. It also offered comparisons between different types of these curves regarding their security and efficiency. Implementing HECC with the combination of software and hardware is advantages as it provides flexibility and good performance. However, this is now a deep and popular area of research. The HECC system requires less storage, bandwidth, and power when compared with other cryptosystems. In the future, the file distribution model is implemented through HECC to improve the security aspects of cloud computing.
6
REFERENCES
[1] Jouini, M., & Rabai, L. B. A. (2019). A security framework for secure cloud computing environments. In Cloud security: Concepts, methodologies, tools, and applications (pp. 249-263). IGI Global.
[2] Li, J., Zhang, Y., Chen, X., & Xiang, Y. (2018). Secure attribute-based data sharing for resource-limited users in cloud computing. Computers & Security, 72, 1-12.
[3] Luthra, T., & Malhotra, R. (2018). U.S. Patent No. 10,013,431. Washington, DC: U.S. Patent and Trademark Office.
[4] Kumar, S. P., & Subramanian, R. (2011). An efficient and secure protocol for ensuring data storage security in cloud computing. International Journal of Computer Science Issues (IJCSI), 8(6), 261.
[5] Farajaa, S. T., Jassimab, S. A., & Kifayatb, K. K. (2013). Mediated IBC-Based Management System of Identity and Access in Cloud Computing. Tikrit Journal of Engineering Sciences, 20(3), 1-9.
[6] Nagendra Kumar, Ashok Verma and Ajay Lala, ―Access, Identity and Secure Data Storage in Private Cloud using Digital Signature‖, International Journal of Innovative Research in Computer and Communication Engineering, Vol. 2, Issue 3, March 2014.
[7] Nikhil Gajra, Shamsuddin S. Khan and Pradnya Rane, ―PRIVATE CLOUD DATA SECURITY: SECURED USER AUTHENTICATION BY USING ENHANCED HYBRID ALGORITHMS‖, International Journal of Computer Engineering and Technology (IJCET), Volume 5, Issue 8, August (2014).
[8] Arjun Kumar et al, ―Secure Storage and Access of Data in Cloud Computing‖, ICT Convergence (ICTC), International Conference, Jeju Island, pp. 336 - 339, 2012.
[9] Sana Belguith, Abderrazak Jemai and Rabah Attia, ―Enhancing Data Security in Cloud Computing Using a Lightweight Cryptographic Algorithm‖, The Eleventh International Conference on Autonomic and Autonomous
Systems, 2015.
[10]Noha MM. AbdElnapi, Fatma A. Omara and Nahla F.Omran, ―A Hybrid Hashing Security Algorithm for Data Storage on Cloud Computing‖, International Journal of Computer Science and Information Security (IJCSIS), Vol. 14, No. 4,April 2016.
[11]Abbas, S. A., & Maryoosh, A. A. B. (2016). Data Security for Cloud Computing based on Elliptic Curve Integrated Encryption Scheme (ECIES) and Modified Identity based Cryptography (MIBC). International Journal of Applied Information Systems, 10(6).
[12]Sudhansu Ranjan Lenka and Biswaranjan Nayak, ―Enhancing data security in cloud computing using RSA encryption and MD5 algorithm‖, International Journal of Computer Science Trends and Technology (IJCST), Volume 2 Issue 3, June-2014.
[13]Kaur, H. (2017). A Novel Technique of Data Security in Cloud Computing based on Blowfish with MD5 method. International Journal of Advance Research, Ideas and Innovations in Technology, 3(6).
[14]Abbas, S. A., & Maryoosh, A. A. (2015). Enhancing the security of identity and access management in cloud computing using elliptic curve cryptography. Journal of College of Education, (3), 329-342.
[15]Jobandeep Kaur, Dr Vishal Bharti2 and Mr. Shamandeep Singh, ―Enhanced Hybrid Blowfish and ECC Encryption to Secure Cloud Data Access and Storage Policies‖, International Journal of Computer Science and Information Security (IJCSIS), Vol. 16, No. 5, May 2018.
[16]Divya Prathana Timothy and Ajit Kumar Santra, ―A Hybrid Cryptography Algorithm for Cloud Computing Security‖, IEEE, 2017.
[17]Zinah Raad Saeed et al., ―Improved Cloud Storage Security of Using Three Layers Cryptography Algorithms‖, International Journal of Computer Science and Information Security (IJCSIS), Vol. 16, No. 10, October 2018.
[18]Jian-zhi, D., Xiao-hui, C., & Qiong, G. (2009, July). Design of hyper elliptic curve digital signature. In 2009 International Conference on Information Technology and Computer Science (Vol. 2, pp. 45-47). IEEE.
[19]Shaheen Ayyub and Praveen Kaushik, ―Secure Searchable Image Encryption in Cloud Using Hyper Chaos‖, The International Arab Journal of Information Technology, Vol. 16, No. 2, March 2019.
[20]Baktir, S., Pelzl, J., Wollinger, T., Sunar, B., & Paar, C. (2004, November). Optimal tower fields for hyperelliptic curve cryptosystems. In Conference Record of the Thirty-Eighth Asilomar Conference on Signals, Systems and Computers, 2004. (Vol. 1, pp. 522-526). IEEE.
[21]Chatterjee, K., De, A., & Gupta, D. (2011). Software Implementation of Curve based Cryptography for Constrained Devices. International Journal of Computer Applications, 24(5), 18-23.
[22]Jacobson Jr, M. J., Rad, M. R., & Scheidler, R. (2014). Comparison of scalar multiplication on real hyperelliptic curves. Adv. in Math. of Comm., 8(4), 389-406.
[23]Zhou, X. (2009, December). Improved ring signature scheme based on hyper-elliptic curves. In 2009 Second International Conference on Future Information Technology and Management Engineering (pp. 373-376). IEEE. [24]Gampala, V., & Malempati, S. (2016). A study on privacy
3787
Journal of Computer Science and Information Security, 14(12), 294.
[25]Mukhopadhyay, D., Thakur, A., Chaudhari, N., & Nanekar, S. (2015). Architecture to Implement Secure Cloud Computing with Elliptic Curve Cryptography. SmartCR, 5(3), 201-208.
[26]Manoj, S. K. A., & Bhaskari, D. L. (2016). Cloud forensics-a framework for investigating cyber attacks in cloud environment. Procedia Computer Science, 85, 149-154. [27]Gupta, R., & Tanisha, P. (2013). Enhanced Security for
Cloud Storage using Hybrid Encryption. International Journal of Advanced Research in Computer and Communication Engineering, 2(7).
[28]Maggu, S., & Dave, M. (2015). Dual Layer security using signcryption and relocation over a cloud. JIMS8I-International Journal of Information Communication and Computing Technology, 3(2), 177-180.
[29]Enos, G., & Zheng, Y. (2015). An ID-based signcryption scheme with compartmented secret sharing for unsigncryption. Information Processing Letters, 115(2), 128-133.
[30]Premalatha, J., Vani, R., & Sathya, K. (2016). Biometric Signcryption using Hyperelliptic Curve and Cryptographically Secure Random Number. Asian Journal of Research in Social Sciences and Humanities, 6(10), 462-472.
[31]Waheed, A., Umar, A. I., Nizamuddin, N. U. A., & Iqbal, J. (2016). Cryptanalysis and Improvement of Multi Recipient Signcryption Scheme. J. Appl. Environ. Biol. Sci, 6(4S), 157-161.
