NETWORKS & SECURITY

Secured Cloud Data Migration Technique by

Competent Probabilistic Public Key Encryption
M. G. Aruna1,*, K. G. Mohan2
1
Associate Professor, Department of Computer Science and Engineering, M S Engineering College,
Affiliated to VTU, Bengaluru, Karnataka, 562110, India
2
Professor and Head, Department of Computer Science and Engineering, Presidency University, Bengaluru, Karnataka, 560064, India
The corresponding author, email: [email protected]

Abstract: Cloud computing, a recently I. INTRODUCTION

emerged paradigm faces major challenges in
achieving the privacy of migrated data, net- Cloud computing, the recent technology has its
work security, etc. Too many cryptographic primary goal as to enable security, information
technologies are raised to solve these issues accumulation and net processing, administra-
based on identity, attributes and prediction tion, with all registering resources envisioned
algorithms yet; these techniques are highly as administrations and finally conveyed over
prone to attackers. This would raise a need the Internet [1] [2]. . In order to maximize the
of an effective encryption technique, which potentiality of cloud computing, top comput-
would ensure secure data migration. With this ing cloud service providers initiate the global
scenario, our proposed methodology Efficient association. Thereby it enhances the energy
Probabilistic Public Key Encryption (EPPKE) efficiency of data centers by minimizing the
is optimized with Covariance Matrix Adap- environmental impact caused with high energy
tation Evolution Strategies (CMA-ES). It consumption of cloud infrastructures [3].
ensures data integrity through the Luhn algo- End-users utilize the services offered by the
rithm with BLAKE 2b encapsulation. This en- cloud service providers without exact knowl-
ables an optimized security to the data which edge about where the resources of such ser-
is migrated through cloud. The proposed vices are located, possibly in other legislative
methodology is implemented in Open Stack domains. This becomes the root-cause for sev-
with Java Language. It achieves better results eral issues when disputes occurs [4]. To deal
by providing security compared to other exist- with these issues, cloud computing provides
ing techniques like RSA, IBA, ABE, PBE, etc. three delivery models, such as SaaS (Software
Keywords: Luhn algorithm; encryption; ef- as a Service), Paas (Platform as a Service) and
ficient probabilistic public key encryption IaaS (Information as a Service). Amid SaaS is
(EPPKE); covariance matrix adaptation evolu- a dominant delivery model to meet with the
Received: Dec. 17, 2018
tion strategies (CMA-ES); trusted third party requirements of enterprise IT services. Yet,
Revised: Sep. 6, 2019
Editor: Bo Cheng (TTP) lack of visibility made the enterprises to feel

168 China Communications • May 2020

Authorized licensed use limited to: UNIVERSITY PUTRA MALAYSIA. Downloaded on July 12,2021 at 18:28:23 UTC from IEEE Xplore. Restrictions apply.
uncomfortable with the SaaS model [5]. Com- signed SLAs between consumers and service
panies that deal with cloud computing hand providers [12]. When considering the medical The paper presented
over their data to third-party service providers, field, due to the availability of high valued a secure data migra-
who store and process such data in the cloud sensitive Personal Health Information (PHI), tion technique called
EPPKE optimized with
and whose physical location is hidden and is the third-party storage servers are often the
CMA-ES.
placed anywhere in the world. This becomes targets of various malicious behaviors which
possibly a problem [6]. In order to appropri- may lead to exposure of the PHI [13]. Con-
ately identify and assess the risks which are versely, the encryption schemes used with
introduced to an organization while on using cloud services made cloud storage more prone
cloud computing, the Economist’s Business to attackers. As the issues with encryption are
Risk model uses four key things: access, avail- overwhelmed with homomorphic encryption
ability, infrastructure, and integrity [7]. strategy, the fully homomorphic encryption
In cloud federation, the restrictions on data schemes too becomes inefficient due to its
storage and its access differs by states within complexity in limiting the data size of a pro-
the same country, or between countries. Hence gram [14].
it is an impossible task to fully harmonize A vulnerability is cloud specific if it is nat-
the privacy and data protection rules inter- ural or common in a central cloud computing
nationally [8]. A trusted third party, tasked innovation or has its main driver in one of
with assured specific security characteristics NIST’s key cloud qualities or is brought about
within a cloud environment is deployed with when cloud developments make attempted
the integration of Public Key Infrastructure and tested security controls troublesome or
(PKI), Lightweight Directory Access Protocol difficult to execute, or is predominant in set-
(LDAP) and Single-Sign-On (SSO) mecha- ting up the best in class cloud offerings [15].
nisms to ensure the authentication, integrity Conventional security systems, for example,
and confidentiality of involved data and com- personality, validation, and approval are no
munications [8]. more enough for mists in their present struc-
Dealing such issues during distribution of ture [16]. Be that as it may, a need of trust
information to web users in an efficient and between cloud clients and suppliers has upset
cost-effective manner is a challenging task [9]. the widespread acknowledgment of the mists
In order to deal with the challenges faced with as outsourced registering administrations. To
cloud computing, a polynomial-time optimal advance multi-tenancy, we must outline the
offline algorithm is used. It reduces the cost cloud computing system to be secure, reliable,
required for the migration of geo-dispersed big and tried and true [17]. Shared and conveyed
data to the cloud [10]. assets in the cloud frameworks make it diffi-
Moreover, heterogeneities caused with cult to build up a security model for guaran-
resource mapping are considered as another teeing the information security and protection
challenging issue while dealing with the Virtu- [18]. But the security and protection assurance
al Machines (VMs) and the Physical Machines administrations can be accomplished with the
(PMs). The deployment of skewness concept assistance of secure cloud application admin-
offer several solutions to avoid the hetero- istrations [19].
geneity problem by measuring the uneven Thus several characteristics of cloud com-
utilization of multi-dimensional resources of a puting has its impact on security and privacy
server [11]. Deploying an autonomous system of data during migration which leads to some
in a cloud infrastructure to effectively provi- potential concerns. Prior methodologies have
sion the resource is a challenging task because deployed many cryptographic techniques to
of the unpredictable consumer demands, soft- prevent the data from outsider attacks and
ware and hardware failures, heterogeneity of leakage. But all the efforts get fail, due to
services, power management, and conflicting the weak encryption process. Moreover, the

China Communications • May 2020 169

Authorized licensed use limited to: UNIVERSITY PUTRA MALAYSIA. Downloaded on July 12,2021 at 18:28:23 UTC from IEEE Xplore. Restrictions apply.
 user-cloud registration process allows the at- a real world platform. They stated that their
tacker to leverage the data by offensive cloud method enabled numerous migrations of
models such as Platform as a Service (PaaS) conventional streaming systems. They also
and Infrastructure as a Service (IaaS). Simi- developed some practical solutions for pur-
larly, the threat is also considered to be issue poses such as user redirection and cloud server
or threat occurs while migrating a data from organization etc. They performed the simu-
cloud to cloud. The data migrated being the lation experiments on real data traces from
application data or any other data and this is both cloud service providers (Amazon EC2
done for reasons such as data center reloca- and Spot Cloud) and a live media streaming
tion, server updating, etc. Hence it is essential service provider (PPTV). They showed that
to develop an effective computing infrastruc- the framework tackles the cost associated with
ture with enhanced data encryption techniques complete system deployment but still some
ensuring secured data migration within the latency occurred.
cloud environment. Hence in this paper a Xuanjia Qiu et al. [21] had depicted a dy-
novel methodology for secure data migration namic control algorithm for the perfect place-
in cloud computing infrastructure with a cryp- ment of contents and dispatch requests in a
tographic method called Randomized Optimal hybrid cloud infrastructure comprises public
Cryptographic Technique (ROCT) is innovat- cloud and private cloud which minimized
ed. Moreover, the key for encryption is gener- the operational cost of the overall process by
ated with an Efficient Probabilistic Public Key means of joint content placement and load
Encryption (EPPKE) algorithm using CMA- distribution algorithm. They achieved this by
ES. To check the authenticity of the cloud efficient scheduling of the content Migration
user, the algorithm called Luhn algorithm with and dispatching with Lyapunov optimization
BLAKE 2b is run to retrieve or modify the up- theory. They have showed the ideality of their
loaded data by the user verifying the user ID. algorithm based on some theoretical analysis
and with some prototype model. The results
1.1 Structure of paper
showed that the response times were elegantly
The remaining of the paper is structured as bounded by the optimization algorithm. This
follows: Section 2 discuss about the literature process provides lacking in providing security.
review of the secure data migration in cloud Michael Menzel et al. [22] had claimed a
computing. Our proposed methodology is framework to facilitate the migration of multi
detailed in Section 3 while in Section 4 the component web applications by extending the
implementation of our method and the exper- Cloud Genious framework. They identified
imental results are discussed and finally the the most important selection criteria, selection
Section 5 concludes the paper. goals, and cloud service alternatives, consid-
ering the use case of migration on a web ap-
II. RELATED WORK plication cluster to public cloud services such
as Amazon EC2 and Go Grid. They explained
The very recent works related to secure data a hybrid decision making approach that com-
Migration are discussed as follows: bines multi-criteria decision making (AHP)
Feng Wang et al. [20] had explained and evolutionary optimization techniques
a Cloud-Assisted Live Media Streaming (genetic algorithms (GAs)) for selecting best
(CALMS) framework for the migration pur- computation service and VM image. They
poses in a cost efficient manner in the cloud. also carried out a comprehensive experimental
The framework was allowed the cloud servers evaluation based on a realistic scenario for
to house different dynamics of the user re- verifying the performance of the proposed
quests. They provided best solutions for the decision making technique. They conducted
processes performed by the cloud servers in experiments by implementing Cumulus Ge-

170 China Communications • May 2020

Authorized licensed use limited to: UNIVERSITY PUTRA MALAYSIA. Downloaded on July 12,2021 at 18:28:23 UTC from IEEE Xplore. Restrictions apply.
nius, a prototype of the selection algorithm host one share of the key by each of the man-
and the GA deployable on Hadoop clusters. agers. The need for the multiple key managers
Experiments with Cumulus Genius give time is that the cryptographic key failure at any sin-
complexities of the GA. gle points is avoided. Leakage of data occurs.
Yan Zhu et al. [23] had explained a meth- Alsalhi [25] described a novel scheme for
od to construct an RBAC-compatible at- QuBits steganography based on adaptive neu-
tribute-based data access control for cloud ral networks. Steganography based on qubits
storage service to provide a user-friendly and string along with the adaptive neural networks
easy-to-manage secure Attribute-Based Ac- with the recycling of the modified particle
cess Control (ABAC) mechanism. Similar to swarm optimization algorithm, and using the
role hierarchies in RBAC, attribute hierarchies enhanced general controlled NOT gate and
were introduced by using Attribute-Based NEQR representation model with the optimal
Encryption (ABE) in order to define a senior- target of the quantum ANNS (QANNs). In this
ity relation among all values of an attribute, scheme, the cover image is trained to be more
whereby a user holding senior attribute values accrued. Then in the obtained stego file, co-
acquired permissions of his/her juniors. Based efficients are classified based on their XORs.
on these notations, they presented a new ABE The suggested scheme avoids attacking of the
scheme called Attribute-based Encryption with sensitive data in a way that receiver can ex-
Attribute Hierarchies (ABE-AH) to provide an tract the information without any errors. Con-
efficient approach to implement comparison sidering the preformed classification, secret
operations between attribute values on a pos- qubits will not be revealed in the transferring
set derived from an attribute lattice. By using process and then with the use of inverse ex-
bilinear groups of a composite order, they tracting, stego file will be obtained. The most
presented a practical construction of ABE-AH important features that our work obtained are
based on forward and backward derivation good adaptation with human vision system
functions. Compared with prior solutions, their and retrieval of data without getting error.
scheme offered a compact policy representa- By the overall analysis, the work of Feng
tion approach that could significantly reduce Wang et al. [20] and Xuanjia Qiu et al. [21]
the size of private-keys and cipher texts. To depicted the ideal solutions to minimize the
demonstrate how to use the presented solution, cost for the processes performed by the cloud
they illustrate how to provide richer expres- servers, but at the same time it fails to ensure
sive access policies to facilitate flexible access security. Michael Menzel et al. [22] and Yan
control for data access services in clouds. The Zhu et al. [23] explained a framework to
process is less expressive of security ensure- facilitate the migration of multi component
ment. web applications that illustrates about the ac-
Mazhar Ali et al. [24] had depicted a cess policies to facilitate flexible data access
Data Security for Cloud Environment with control in clouds. Though it ensures data ac-
Semi-Trusted third party (DaSCE) which cess control, it generates time complexities.
was the system developed to secure the data Finally Mazhar Ali et al. [24] had depicted
when the problem of leakage of data arouse. a Data Security for Cloud Environment with
The system developed by them gives some Semi-Trusted third party (DaSCE) which was
functions such as (i) Management of key (ii) the system developed to secure the data, still
access control and (iii) file certain deletion. the problem of leakage of data arouse here.
For the management of key they employed However all these works focus on various de-
the Shamir’s (k , n) threshold scheme and they mands, data security and time complexities are
generated the key with k out of n shares where still questionable with data migration process.
they utilized more number of key managers to Thus a need for efficient and enhanced novel
technology remains stable in the field of data

China Communications • May 2020 171

Authorized licensed use limited to: UNIVERSITY PUTRA MALAYSIA. Downloaded on July 12,2021 at 18:28:23 UTC from IEEE Xplore. Restrictions apply.
 migration in cloud computing. ation of cipher texts for a single plain text.
From amid the generated cipher text, the
III. SECURE DATA MIGRATION WITH best cipher text pattern is chosen preferably
RANDOM OPTIMIZED CRYPTOGRAPHIC with CMA-ES algorithm. Moreover the
TECHNIQUE encryption process is carried out by con-
sidering the encryption quality, correlation
Secured data Migration is considered as the coefficient and the different types of attack.
major concern during when transmitting the • Ensuing with the process of encryption,
data/information between the cloud computing digest encapsulation is to be done with the
infrastructures. To deal with the security issues hash function called BLAKE 2b, which is
an enhanced novel randomized ideal cryp- superior than the other types of hash func-
tographic technique is proposed in this work. tions. Having those selected cipher text
It includes three major phases such as data and encapsulated digest, data migration is
encryption, authentication, and data retrieval, carried out as the third stage to the Cloud
in order to ensure secured data migration. Service Provider (CSP) and the data will
With authentication phase, the cloud user be stored there itself. Afterwards the CSP
is authenticated by the Trusted Third Party confirms the user by providing an ID to the
(TTP) using the Luhn algorithm [26]. In the cloud user through TTP.
second stage, data encryption is performed • At last, the data is retrieved from the cloud
with the Randomized Optimal Cryptographic by using the user ID and the required
Technique (ROCT) using Efficient Probabilis- modifications are made by the cloud user
tic Public Key Encryption (EPPKE) scheme. through CSP based on user authentication.
Finally optimization is achieved with the Co- In addition, BLAKE 2b algorithm and the
variance matrix Adaptation Evolution Strate- similar digests ensure the data Integrity
gies (CMA-ES). Figure 1 illustrates about the proposed
• While on migration, the EPPKE algorithm methodology in detail. Each phases in the
is used to perform data encryption between proposed work are explained briefly in the
the clouds, which is followed by the gener- upcoming sections. The main entities involved
in our proposed methodology are: cloud user,
the person who is the member of the cloud as
well the owner of data; CSP one who has large
storage space to store enough information and
Lunh Algorithm large amount of resource pool to enable them
User ID
and the trusted third party, the third party trust-
ed by both the CSP as well as the cloud user.
Confirmation

Cloud User Authentication Trusted Third

Party Cloud Service Provider
3.1 Problem formulation
The characteristics features of cloud comput-
Encapsulation by
BLAKE 2b ing rises several security and privacy concerns
of data in the cloud. Some of the major issues
CMA-ES

Data Migration caused with cloud computing are: network se-

EPPKE

curity issues, attackers, privacy issues during

Integrity Check by
data migration etc. In addition to that, threats
 
BLAKE 2

like breaches, insecure software interfaces etc.,

Data Retrieval
and Modification

leads to worsen the situations by unauthorized

and illegal access of data during encryption
Fig 1. Secure data migration in cloud computing with EPPKE and CMA-ES with causing data loss. Furthermore, the threats oc-
integrity and privacy check. curred during the user-cloud registration pro-

172 China Communications • May 2020

Authorized licensed use limited to: UNIVERSITY PUTRA MALAYSIA. Downloaded on July 12,2021 at 18:28:23 UTC from IEEE Xplore. Restrictions apply.
cess allows the attacker to leverage the data by The algorithm is based on the idea that the
offensive cloud models such as Platform as a sum of the digits in the product code should be
Service (PaaS) and Infrastructure as a Service a multiple of 10. That is, for the first process
(IaaS). – picking a check digit – the algorithm will
Prior methodologies ensure security during choose a value, that, when appended to the
data migration using some cryptographic tech- original number, will result in all of the digits
niques based on identity, attributes and predic- equally a multiple of 10. Likewise, in the sec-
tion algorithms. But all those algorithms get ond process – validation – the algorithm will
fails while performing encryption on the data/ sum all the digits to see if they are a multiple
information, which leads to the occurrence of of 10.
threats or outsider attacks. Hence in our work, What makes these processes tricky is that
an enhanced cryptographic techniques called every other digit is “doubled.” The word “dou-
EPPKE optimized with CMA-ES is proposed bled” is in quotes because it’s not a strict dou-
to ensure both data security and privacy. In bling if the result is a two-digit number. For
addition, data integrity is also achieved by the example, if we “double” the digit 7, instead of
Luhn algorithm with BLAKE 2b encapsula- simply multiplying 7 by 2 to get 14 and adding
tion and the human intervention in this process 14 into the sum, we instead put the two digits
is minimized to completely automate the sys- 1 and 4 into the sum. Thus the “doubling” of
tem. The remaining process in our proposed 7 results in adding 1 and 4, or a total of 5, into
methodology is explained through the follow- the overall sum.
ing steps. To make the check digit generation process

3.2 Cloud user authentication with

luhn algorithm
Data Insecure Abuse of
In authentication phase, the Authenticity of breach threats
Threat
cloud service
Cloud User occurrence Cloud Service
the cloud user is validated with the help of Encrypted Data
Provider
Data
Luhn algorithm. Luhn algorithm [26] is the EPPKE CMA-ES
one which is used to check the validity of the
user through checksum calculation of their
ID. Before explaining the process of the user Trusted Third

Authentication by TTP the operation of Luhn

Party

algorithm is given.
3.2.1 Luhn algorithm Fig. 2. Threat model for security.
The Luhn algorithm acts as a guard against
data entry errors in multi digit numbers for
things like product codes. It does so through
the creation of a check digit, which is an extra
digit that is computed from the digits of the
original product code and is appended to the
end of product code. Because only one val-
ue of the check digit “matches” a particular
product code, mistyping digits usually results
in a product code that doesn’t match its check
digit. Thereof are two related processes: 1.
generation of the check digit for the original
number and 2. validation of a number (with
check digit appended). Fig. 3. Luhn algorithm working diagram.

China Communications • May 2020 173

Authorized licensed use limited to: UNIVERSITY PUTRA MALAYSIA. Downloaded on July 12,2021 at 18:28:23 UTC from IEEE Xplore. Restrictions apply.
 clearer, here’s an expansion of the example Here’s the validation process on the resulting
used in the book. We’ll start with the number number, 1762483.The algorithm explanation
176248 and determine the correct check digit. for the Luhn algorithm for to generate valid
The dotted outline shows the original num- ID is given below in algorithm 1.
ber. The first thing to note is that every other The process involved in checking the Au-
digit is “doubled,” starting with the rightmost thentication of cloud user by the TTP using
digit of the original number and proceeding Luhn algorithm is as follows.
leftward. In this case, with six digits in the Step 1: User inputs an alphanumeric value
original number, the second, fourth, and sixth by employing the user name, nationality, and
digit (shown as shaded boxes) are doubled – Date of Birth (DOB) to generate his peculiar
the digits with the values 7, 2, and 8. While we key.
determine which digits to double starting with Step 2: This alphanumeric key is then
the rightmost digit of the original number, in converted into numerical value using the
this case, the 8 of 176248, we don’t have to UNICODE scheme where each alphanumeric
add the digits right-to-left; we can add them in value has a numerical value.
any order. If we know how many digits are in Step 3: Then using Luhn algorithm check
the original number, for example, we’ll know digit is added with the key and forwarded to
which digits have to be doubled. the user as her ID.
Remember the rule about doubling the dig- Step 4: Upon Authentication check the TTP
its. The 7 is doubled to become 1 and 4; the runs the Luhn algorithm and the generated
2 simply becomes 4; the 8 becomes 1 and 6. checksum from the ID is divided by 10 means
All of the digits, doubled or not, are summed then the ID is valid and Authentication is
to get 27. The only value for the check digit given to them otherwise the ID is invalid and
that results in a number that is a multiple of Authentication is prompted.
10 is 3. With a check digit of 3, the sum of the Thus Luhn algorithm is then utilized check
entire number including the check digit is 30. the validity of the user by means of verifying
the calculated checksum value of the peculiar
key value which acts as first level of security
Algorithm 1. Luhn algorithm to generate valid ID and after that each digits of the peculiar key
Input: n-integer (a1a2 a3a4 a5a6 a7) are made check sum which in turn generates
Output: n-integer with check digit, x (a1a2 a3a4 a5a6 a7 x) other level of security by converting alphanu-
//Doubling operation meric key to UNICODE which in turn provid-
From left to right double every ing ensured security. Also in addition of secu-
(2n + 1)th digit. rity providing the validity and the invalidity of
For an = ij (i-tens position, j-ones position) the ID is also be found out by Luhn algorithm
//Addition operation property by means of the mod function with
If i ≠ 0 then an = i + j 10. Thus by checking the validity of user and
Else an = j the ensured secured level process aids in up-
End coming the cryptographic security ensuring
Return Adoub ( a1a2 a3a4 a5a6 a7 ) process is done with secured and authenticated
// Adoub represents doubling and the addition operation output. In addition to that the thread type stat-
Sum = ( a1 + a2 + a3 + a4 + a5 + a6 + a7 )(1) ed as insecure interface is get rid off by luhn
M = Sum mod 10 algorithms authentication enhancement pro-
If M ≠ 0, Mark a7 as Check digit x cess. After authenticated by the TTP, the cloud
Else =
x 10 − M user then encrypts his data using a secure and
End efficient encryption technique and here we
Return a1a2 a3a4 a5a6 a7 x proposed to use the ROCT with EPPKE meth-
 od and the optimization of the cipher texts is

174 China Communications • May 2020

Authorized licensed use limited to: UNIVERSITY PUTRA MALAYSIA. Downloaded on July 12,2021 at 18:28:23 UTC from IEEE Xplore. Restrictions apply.
done with the help of CMA-ES optimization. This encryption technique was originally
This optimized encryption technique is dis- developed by T. Okamoto, S. Uchiyama, and
cussed in detail in the following section. E. Fujisaki of NTT Labs in Japan [27]. As we
have stated above the encryption technique
3.3 Data encryption with optimized
is based on random oracle model which per-
efficient probabilistic public key
forms public key encryption with the original
encryption (EPPKE)
random hash function into a secure encryp-
Once the cloud user is authenticated by TTP, tion technique. The variables and the steps
encryption is essential to perform secure data involved in the EPPKE algorithm is given and
Migration. The prime numbers must be kept are explained as follows.
secret because the encrypted data may become
3.3.1 Variables
suspect to security attacks such as chosen-ci-
pher text attack. Here the attacker will input In this section the variables associated with
the number of known cipher texts into the the EPPKE algorithm is given in table 1.
cryptographic system, which generates cor- From the table 1, it is to be noted that
responding plain texts from that results, so κ Len = ρ Len, i.e., the length of the symmetric
this will leads to the chance of predicting the key and the plaintext (message) will have
secret key. Hence to protect the data from this equal length always since the encryption is
type of attacks, the random hash function is performed as a bit-wise operation and this can
added along with the prime numbers p and q be understood in the following sections.
during the encryption process. It results with
3.3.2 Key generation
random decryption oracle, which is the core
of proposed EPPKE scheme. In RSA of OU98 The algorithm for key generation in EPPKE is
scheme encryption, the user creates a public represented as K. The input for this algorithm
key based on two large prime numbers p and is the security parameter denoted as ς whose
q, along with an auxiliary value n; where n is length become equal to ς Len and this is the
of the form p2q that provides more secured positive integer.
secrecy using the modulus switching method. The output from the algorithm is the pair
The method doesn’t fully refresh a cipher text of public and private keys denoted as (pκ , sκ).
(as the re-encryption algorithm does), but suc- In EPPKE, the public key has a tuple given as
cessfully limits the unwanted losses of data (n, g , h, G , H , ς Len , hLen , RLen , rLen ). In that tuple,
growth in the cipher text during homomorphic
n = p 2 q, g , h ∈ Z, G , H = Hash Functions, ς Len
computations. Using a technique similar to
length of ς and also for p &q and hLen is size of
“dimension reduction”, the evaluator reduces
H, RLen is session keys and rLen specifies size
the magnitude of the noise without know-
ing the secret key as in the other encryption of random elements. Similarly, the secret key
schemes of RSA. Instead, the evaluator only is represented as ( p, g p ) and g p is calculated
needs to know the cipher text size in order to as g p−1modp 2. The operation of the Key gen-
transform the cipher text, c modulo q into a eration is illustrated through following steps.
different cipher text modulo p without sacri-
ficing the correctness of the decryption pro- Table I. Encryption performance.
cedure. As a result, this technique has small
Parameter Representation
cipher text size as compared to RSA schemes.
Symmetric key κ
Hence this OU98 scheme is applied in our
Symmetric key Length κ Len
framework which provides better encryption
Plaintext ρ
with chosen-cipher text. It also avoids the
Cipher text c
threats such as data breaches and abuse to
Length of plaintext ρ Len
cloud service.

China Communications • May 2020 175

Authorized licensed use limited to: UNIVERSITY PUTRA MALAYSIA. Downloaded on July 12,2021 at 18:28:23 UTC from IEEE Xplore. Restrictions apply.
 • Pick two prime values p &q of equal size c2 = {c12 , c22 , c23 ,....c2N }.(2)
2
(size( =
p q=) k) and then calculate n as p q From this N number of cipher texts, the
where p − 1 =p′u and q − 1 =q′v. Similar to best one is obtained with the help of an opti-
p &q, the parameters p′&q′ are also prime mization technique called Covariance matrix
values and u= v= O ( logk ). Adaptation Evolution Strategies (CMA-ES)
• Pick g randomly as stated above randomly with constraint to the certain parameters.
3.3.3.1 Random optimization with covariance
like the order of g p = g p−1modp 2 is p. It
matrix adaptation evolution strategies (CMA-
is to be noticed that gcd ( p, q − 1) = 1 and ES)
gcd (q, p − 1) =1. The optimization of the cipher texts is done
•  P i c k h0 ∈ Z r a n d o m l y a n d c a l c u l a t e with the aid of the optimization technique
h = h0 n modn. called Covariance matrix Adaptation Evolu-
= 2k + c 0 where c 0 is a
• Let ς Len = k and rLen tion Strategy (CMA-ES) [28], which is similar
constant and > 0. Fix RLen as RLen ≤ k −1. to some basic concepts involved in Genetic
• C h o o s e t h e h a s h f u n c t i o n s a s Algorithm (GA) (Recombination) as well as
G :{0,1}RLen → {0,1}κ Len a n d s i m i l a r l y Particle swarm optimization (PSO) (Popula-
H :{0,1}3k + RLen + ρ Len → {0,1}hLen. tion Based). The advantage on dealing with
• The parameter h can also be calculated as CMA-ES optimization is global convergence.
g n modn by setting rLen
= 2(k + 1). CMA-ES is the recently developed evolution
Next by generating the pair of public and based optimization, commonly applied to the
private keys the encryption of the data is done problem of electromagnetic field. Since its
and we have introduced the random optimi- performance is better than GA and PSO algo-
zation in the encryption process and this is rithm in terms of convergence speed. The ran-
explained in detail as follows. dom generated cipher texts are optimized with
constraint to the parameters so called Encryp-
3.3.3 Randomly optimized encryption tion Quality. The definitions and calculation
The encryption algorithm for EPPKE is rep- of these parameters, the objective function
resented as E and the input for the algorithm formulation, and the optimization of the cipher
are the plaintext ρ, public key pκ and the sym- texts are clearly illustrated as follows.
metric encryption technique Ȅ = κ ⊕ λ .ρ (here i) Encryption Quality
λ = [ 0,1] is the random parameter) whereas The Encryption Quality is denoted as QE,
which is calculated for measuring the quality
the output is the cipher text set as given by
of Bitmap images encryption [29]. QE for the
c = ( c1 , c2 , c3 ). The process of the encryption
generated cipher texts is calculated as men-
technique is illustrated as follows.
tioned below.
• Pick r ∈{0,1}rLen also R ∈{0,1}RLen and calcu-
• Measure the deviations between the plain-
late the symmetric key κ as G ( R ).
text and the cipher text, in which how many
• Calculate c1 = g R h r modn , c2 = Ȅ ( ρ ) and places they are differing and is calculated
c3 = H (c1 , R, ρ ) using the following equation (3).
Normally in EPPKE three different cipher
| ρ c2n |, n =
d =− 1, 2,.....N.(3)
texts are generated and among them two are
• Compute the average value of bits deviation
(c1 &c3) generated with random parameters and
as given in equation (4).
to enhance more security to the cipher text c2
1
we have included a random parameter denoted d = ( d ).(4)
ρ Len
as λ varies from 0 :1 and with that parameter
• Calculate Encryption Quality QE as in equa-
N different number of cipher texts are generat-
tion (5).
ed as
QE= | d − d |.(5)

176 China Communications • May 2020

Authorized licensed use limited to: UNIVERSITY PUTRA MALAYSIA. Downloaded on July 12,2021 at 18:28:23 UTC from IEEE Xplore. Restrictions apply.
 This is the first objective of our optimiza- rρ c n =
2

tion technique and our aim is to maximize the

> 0, Strong positive relationship ρ and c2n
Encryption Quality and hence the first part of 
0, No relationship ρ andc2
n .(13)
objective function is given as in equation (6). 
f1 = max(QE ).(6) < 0, Strong negative relationship
 between ρ andc n
The second objective function called cor-  2

relation coefficient is measured and formulat- As seen from the condition (13) the objec-
ed as follows. tive is that when rρ c n should be equal to zero
2

ii) Correlation coefficient then the second part of the objective function
The correlation coefficient can be denoted is given as in equation (14).
as rρ c n and this is also one of the parameters f 2 = min(rρ c n ).(14)
2
2

used for measuring the correlation between The third objective function called Differ-
pixels of the encrypted and the original image ential Attack is formulated as given below.
[30]. Similarly, the correlation between the iii) Differential attack
cipher text and the plain text is calculated as Differential Attack is the one in which the
follows. attacker will try to observe the change in the
• Calculate the mean of both ρ and c2n using encrypted data by modifying some bit values
the equations (7) and (8) given below in the original text [31]. There are two mea-
ρ Len
1 sures, which are used to detect the impact of
E(ρ) =
ρ Len
∑ ρi,(7) the single bit value on the whole encrypted
i =1

1 ρ Len image and this also suits for our proposed

( )
E c2n =
ρ Len
∑ c2ni.(8) methodology where we analyze the impact of
i =1
single bit change in the plaintext to that of the
Measure covariance between ρ and c2n using
cipher text. The measures are (a) Information
equation (9) as given below.
Entropy factor and (b) Avalanche Effect (AE)
cov( ρ , c2n ) =
 (
E ( ρ − E ( ρ ) ) c2n − E c2n (9)
 ( )) and the calculation of these measures are giv-
en in equations (15) and (16).
Then the standard deviations of ρ and c2n is
H ( m ) =− ∑ {0 ≤ i ≤ n − 1} p (mi )log 2 p (mi ),
calculated using the equations (10) and (11) as
given below. (15)
1 where p ( mi ) represents probability of mi.
= std ( ρ ) ∑iρ=Len1 ( ρi − E ( ρ ))2,(10)
ρ Len HammingDistance
AE = .(16)
1 FileSize
std c2n
=
ρ Len
( )
∑iρ=1 (c2ni − E (c2n ))2.(11)
Len

The measures given in equations (15) and

Finally, rρ c n is calculated using equation (16) should also be maximum for information
entropy factor and should be minimum for av-
2

(12) as given below.

alanche factor to avoid the differential attack
cov( ρ , c2n ) and thus the final part of our objective func-
rρ c n = .(12)
2
std ( ρ ) std c2n ( ) tion is formulated as given in equation (17).
It is to be noted that depending on the value = f 3 max( H ( m )) + min ( AE ).(17)
of rρ c n, the relationship between ρ and c2n is The overall objective function of the pro-
2

decided for the encryption should be a suc- posed method and the optimization of the best
cessful, once if the relation is relatively low. cipher text is given in the next section.
The value of rρ c n and the relationship between iv) Objective function Formulation and ci-
2
pher text optimization
the original and encrypted texts is given by the The formation of the objective function of
following condition in (13). our proposed methodology is thus given by

China Communications • May 2020 177

Authorized licensed use limited to: UNIVERSITY PUTRA MALAYSIA. Downloaded on July 12,2021 at 18:28:23 UTC from IEEE Xplore. Restrictions apply.
 combining the equations given in (6), (14) and Evaluate the cost function as: cost m ← f m,
(17) and the overall objective function f is giv- where f m is given by f in equation (19).
en in the equation (18). If termination occurs then stop the iteration
f = f1 + f 2 + f 3  or go to the selection phase.
= f max (Q ) + min ( r ) 
E ρ c2 .(18)
n (c) Selection
 Select the parameter with the objective
+ max( H ( m )) + min( AE ) 
function and arrange xm,1:λ with respect to
Based on the objective function given in
equation (16) the optimization of cipher text cost m then select the µ best values as xm,1:λ.
is achieved with CMA-ES. Here the optimiza- (d) Recombination
tion is done to increase the quality of the text In the recombination phase, the values are
and to protect the text from the attackers. The taken to combination of the selection phase.
steps involve how CMA-ES operates in pro- Generate new mean x g =1 from xm,1:λ produced
ducing the optimum cipher text is explained as from the selection phase.
below: (e) Step size control
(a) Initialization Update the values of lσ, dσ and σ.
Based on the objective function choose the
(f) Adaptation of Covariance matrix
following parameters as λ (Number of pop-
Update the values of lc, lcov and C.
ulation (c2n)), µ (Children selected), σ (step-
Then go for next iteration at the end the op-
size), x g =0 (Mean of distribution) and where timum cipher text is produced and the cipher
g is number of iterations. Thus, the encryption text set
process initially done for 1st iteration process ( )
c = c1 , c2 opt , c3 is passed to the Decryption
and for each step size variation the values get
phase.
iterated and the encryption process continues.
Such that there is an increased need to analyze 3.3.4 Decryption
the step size, which plays an important role in After successfully encrypting ρ with randomly
encryption of the data with better encryption optimized EPPKE using CMA-ES, cipher text
and decryption quality because by using step set is decrypted in the reverse manner at the
size updating it does not misses any data as receiver side and this is illustrated as follows.
possible. The input for the Decryption phase D, is the
Set the value for each parameter as wm,1:µ
( )
cipher text set c = c1 , c2 opt , c3 and the secret
(recombination weight of the mth best child),
key sκ and the output become either the origi-
µeff (Effective number of children with weight-
nal plaintext or null string based on secret key.
ed average), lσ (learning rate for step size con-
• Calculate c p = c1p−1modp 2,
trol), lc (Learning rate for rank one update of
R′ =
( ) modp where L=
L cp
x→
x −1
for
covariance matrix), dσ (damping rate for step
L( gp ) p
size control), lcov (Learning rate of covariance
x = 1modp.
matrix update).
•  C a l c u l a t e K ′ = G ( R′ ) a s w e l l a s
Initialize B (Eigen vectors of the covariance
matrix) =I, D (Eigen values of the covariance ( )
m=′ DK ′ c2 opt= K ′ ⊕ c2 opt.
matrix) = I, C= BD2BT. • Check whether the following condition is
(b) Sampling and evaluation satisfied
For the evaluation of the parameter, assign c3 = H (c1 , R′, m′).(20)
the functions for each limit If the above condition is satisfied means the
Sample λ values from the population as: output will be the m′ as the decrypted text or
( )
xm,1:λ ← N x ,σ 2C .(19) produce null string.

178 China Communications • May 2020

Authorized licensed use limited to: UNIVERSITY PUTRA MALAYSIA. Downloaded on July 12,2021 at 18:28:23 UTC from IEEE Xplore. Restrictions apply.
3.4 Data encapsulation by BLAKE N −1
b 0 , b1 , b 2 ,....b seq and each having 16-word
2b algorithm and secure data length, after this process hashing of the pad-
migration ded blocks are performed as follows.
Followed with the encryption of data using h 0 ← IV ⊕ BP,(21)
ROCT-EPPKE with CMA-ES algorithm, the where BP=Parameter Block and this is speci-
data is encapsulated with the technique called fied as follows for our proposed methodology
BLAKE 2b [32], which is the variant of the in Table 2.
BLAKE technique to produce digest on the = For i 0,1,....N seq − 1 perform hashing as
cipher text and after encapsulation the data is
hi +1 ← compress (hi , bi , l i ) and finally return
migrated to the Cloud Service Provider. The N
background and the working principle of the the value of h seq. IV is the 64-bit words and
BLAKE 2b algorithm is as follows. can be specified as follows in Table 3.
In the compress operation in addition to the
3.4.1 BLAKE 2b Encapsulation
chain value hi and message block bi counter
Background (T = T0 , T1) as well as finalization flags (F0 , F1)
BLAKE 2 is the cryptographic hash func- are used as the input. The compress opera-
tion in which the permuted replica of the input tion is performed as follows. The finalization
is XOR-ed with some constants called IV flags F0 = ff ........ ff and processing the last
constants. There are two types of BLAKE-2 block otherwise F0 = 00........00, similarly
algorithm, they are: BLAKE 2b and BLAKE
F1 = ff ........ ff if F0 = ff ........ ff and
2s where the former produce digests of size
F1 = 00........00 if F0 = 00........00.
varied from 1 to 64 bytes and the latter one
produces digests with size equal to 1 to 32  υ0 υ1 υ 2 υ3 
υ υ6 υ7 
bytes. Similarly the first one is optimized to  4 υ5 ←
work in the 64 bit platform and the second one  υ8 υ9 υ10 υ11 
 
is optimized for 32 bit platform. Among these υ12 υ13 υ14 υ15 
two types of cryptographic hash functions the ,
 h0 h1 h2  h3
first one is found to be faster than the second  4

 h h5 h6 h7 
type and thus we employed the BLAKE 2b  IV
 IV1 IV2 IV3 
hash function to calculate the message digest 0
T0 ⊕ IV4 T1 ⊕ IV5 F0 ⊕ IV6 F1 ⊕ IV7 
for the purpose of ensuring the data Integrity.
In the following section the working principle where υ0 ,υ1 ,.....υ15 are the internal states and
of BLAKE 2b algorithm and how it is applied transformed through a sequence of 12 rounds,
in our proposed methodology is explained.
Working principle of BLAKE 2b
Table II. Parameter Block, BP Specification for BLAKE 2b.
The BLAKE 2b algorithm works on any
Parameter Value
data having length in the range of 0 ≤ l ≤ 2 BL
Digest Byte Length 35
(where, l = length of c2opt and BL = 128= Block
Key Byte Length 20
Length) and hence the cipher text should also
Salt All-33 string
has length equal to or multiple of BL. If this
Personalization All-“ff” string
is not the case means then the padding opera-
tion is performed in which the null bytes are
added with c2opt and make it compatible for Table III. IV Parameter specification.
IV0 = 6a 09e667 f 3bcc908 IV4 = 510e527fade682d1
digest calculation with BLAKE 2b and hence
IV1 = bb67ae8584caa73b IV5 = 9b05688c2b3e6c1f
the number of sequences are generated as
IV2 = 3c6ef372fe94f82b IV6 = 1f83d9abfb 41bd6b
l
N seq = . The number of blocks produced are IV3 = a54ff53a5f1d36f1 IV7 = 5be0cd19137e2179
BL

China Communications • May 2020 179

Authorized licensed use limited to: UNIVERSITY PUTRA MALAYSIA. Downloaded on July 12,2021 at 18:28:23 UTC from IEEE Xplore. Restrictions apply.
 where a round does as follows: is stored at the user side and the data forward-
G0 (υ0 ,υ4 ,υ8 ,υ12 ), G1 (υ1 ,υ5 ,υ9 ,υ13 ), ( )
ed to the CSP as c = c1 , c2 opt , c3 . The Cloud
G2 (υ2 ,υ6 ,υ10 ,υ14 ), G3 (υ3 ,υ7 ,υ11 ,υ15 ), Service Provider (CSP) is the one which has
G4 (υ0 ,υ5 ,υ10 ,υ15 ), G5 (υ1 ,υ6 ,υ11 ,υ12 ), large number storage space to store the data
G6 (υ2 ,υ7 ,υ8 ,υ13 ),G7 (υ3 ,υ4 ,υ9 ,υ14 ). accessed from different sources and upon mi-
Here the G function is applied to all the grating the data to the CSP the confirmation of
columns and then all the diagonals in parallel the user is necessary and this is explained in
manner and can be defined as follows. the next section.
a ← a + b + bσ r ( 2i )(22)
3.5 Cloud user identity confirmation
d ← (d ⊕ a ) >>>> 32
The confirmation of cloud user identity is done
c ← c + d(23)
in this stage and the process of User Confir-
b ← (b ⊕ c) >>>> 24
mation is as follows.
a ← a + b + bσ r (2i +1)(24) • In this phase after the user successfully mi-
d ← (d ⊕ a ) >>>> 16 grating his data to the CSP by the user ID,
c ← c + d(25) it will generate the corresponding ID for the
b ← (b ⊕ c) >>>> 63 user and sent that ID to the TTP.
The constants used in the G function are • While receiving the user ID the TTP check
given as follows in the Table 4. that ID stored there and if the Authentica-
The calculations said above is performed tion of the user is validated means confir-
for a number of rounds (such as, 12) and then mation will be sent to CSP.
the newly formed chain values will take the • After receiving confirmation from TTP the
following form. migrated data is stored in CSP.
h '0 ← h 0 ⊕ υ0 ⊕ υ8 Thus the user data is securely migrated to
h '1 ← h1 ⊕ υ1 ⊕ υ9 the CSP after that if the user can retrieve his
data and modify it and the process associated
h '2 ← h 2 ⊕ υ2 ⊕ υ10
with this is illustrated in the next section.
h '3 ← h3 ⊕ υ3 ⊕ υ11
3.6 Data retrieval and modification
h '4 ← h 4 ⊕ υ4 ⊕ υ12
h '5 ← h5 ⊕ υ5 ⊕ υ13 After successfully storing the data to the CSP
at certain point the user may want to retrieve,
h '6 ← h 6 ⊕ υ6 ⊕ υ14
change or modify the contents of the data and
h '7 ← h 7 ⊕ υ7 ⊕ υ15 this is done in the phase of Data Retrieval and
A compressed hash function is obtained Modification. The process involved in Data
(
finally as h 'i +1 ← compress h 'i , bi , l i which ) Retrieval and Modification is given through
the following steps.
Table IV. Permutations of [0-15] used in BLAKE 2 function. • User sends request to the TTP and the Au-
σ0 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 thentication of the user is checked using the
σ1 14 10 4 8 9 15 13 6 1 12 0 2 11 7 5 3 Luhn algorithm as explained in section 3.2.
σ2 11 8 12 0 5 2 15 13 10 14 3 6 7 1 9 4 • If the authenticity of the user results in suc-
σ3 7 9 3 1 13 12 11 14 2 6 5 10 4 0 15 8 cess means the request is forwarded to the
σ4 9 0 5 7 2 4 10 15 14 1 11 12 6 8 3 13 CSP and based on the verified user ID the
σ5 2 12 6 10 0 11 8 3 4 13 7 5 15 14 1 9 data is forwarded to the user.
σ6 12 5 1 15 14 13 4 10 0 7 6 3 9 2 8 11 • After retrieved the data, the user performed
σ7 13 11 7 14 12 1 3 9 5 0 15 4 8 6 2 10 the digest calculation as done in section
σ8 6 15 14 9 11 3 0 8 12 2 13 7 1 4 10 5 3.4.1 and digest at user side and the cal-
σ9 10 2 8 4 7 6 1 5 15 11 9 14 3 12 13 0 culated digests are compared, if both are

180 China Communications • May 2020

Authorized licensed use limited to: UNIVERSITY PUTRA MALAYSIA. Downloaded on July 12,2021 at 18:28:23 UTC from IEEE Xplore. Restrictions apply.
 same means Integrity is ensured and after be calculated from c1 and m ' is calculated from
that Decryption of the data is performed as c2opt and that is possible if the adversary has
in the same manner given in section 3.3.4.
the clear distinction between the three vari-
Then the user performed corresponding
ables in the set c. Even though the distinction
modifications on the data and again per-
between those variables in the set c is possible
formed the secure data migration in the
means then the adversary try different keys to
same manner and to verify the privacy of
decrypt c2opt and to produce m ', he fails with
the data user once again sends the request
his attempt. Because, the key used for decrypt-
to access the data and based on the data
ing the message is calculated from both c p and
availability the response is provided by the
CSP as positively or either as negatively. the secret key and the produced text m ' is not
• Moreover on migrating the data from one a valid one because we have optimized c2opt
server to another there is the problem of with the optimization technique called CMA-
Software Recovery (SR) in which even ES. So in that case the user never comes to
though the data is completely removed know that the text decrypted by him is the
from the past CSP the data can be recov- correct one. Hence the privacy of our data is
ered using some SR tools and techniques. ensured and verified through this proof. This
The only solution to this problem is that the mechanism is an automated proof for security
manner in which the data is protected and scheme while data migration by the utilization
this is confirmed by our proposed encryp- of BLAKE 2b, which automatically analyses
tion technique and can be validated through the data of various size and provide high effi-
the following mathematical proof. cieny in encryption. The Overall flow chart of
3.6.1 Ensuring privacy of user data with the proposed methodology is given below in
optimized EPPKE - A mathematical proof Figure 4.

The data is retrieved from the CSP and the

Integrity check is performed with the digest
calculation as given in section 3.6. After that
Start
the privacy of the data is validated using the
mathematical proof as following from the
Cloud user access
cipher texts generated by optimized EPPKE.
The proof is initiated with the cipher text set
( )
c = c1 , c2 opt , c3 retrieved from the CSP after Authentication by Luhn’s algorithm

data Integrity verification. Consider that, the

retrieved data from the existing CSPi is now Encryption by CMA-ES and EPPKE
migrated to another Service Provider CSPj or
otherwise stored elsewhere by the user. After
Encapsulation and Integrity check by
retrieval of the data, it no longer presents in Blake 2b
CSPi but the SR tool  is capable of retrieving
( )
the data c = c1 , c2 opt , c3 . Since the user data Data Migration to Cloud Source
Provider
may be of a sensitive one then there is the
chance of attacks over the data become rising
Data Retrieval
and that would be possible from the adversar-
ies present inside CSPi.
Stop
As given in the section 3.3.4., to perform
the decryption process the adversary has to
calculate c p, R ' K ' and m ' where c p, R ' K ' is to
Fig. 4. Overall flowchart of proposed methodology.

China Communications • May 2020 181

Authorized licensed use limited to: UNIVERSITY PUTRA MALAYSIA. Downloaded on July 12,2021 at 18:28:23 UTC from IEEE Xplore. Restrictions apply.
 The implementation setup of our proposed from the medical dataset [33], which is the
methodology, the obtained results, its perfor- Drug and Health plan data of the year 2015
mance evaluation and the discussion of its ef- obtained from the official US government
ficiency compared to the existing data migra- site for medicine. The dataset contains Cost
tion techniques are given in the next section. Benefit Report Structure, Geography, Local
Contract Service Areas, Plan Cobrand Names,
IV. EXPERIMENTAL RESULTS AND Plan Drugs Cost Sharing, Plan Drug Tier Cost,
DISCUSSION Plan Services, and Regional Contract Service
Areas. Among those we used Plan Services for
The implementation of our proposed secure the migration from the cloud user side to the
data migration with optimized EPPKE cryp- CSP and in addition to that the datasets such
tographic technique is implemented in the Open “2011 American Community Survey 1-Year
Stack tool. The experimental set up used to im- PUMS Person File” which is a nationwide sur-
plement the proposed methodology, the results vey that collects information such as age, race,
produced with different performance measures income, commute time to work, home value,
and the efficiency of our proposed methodology veteran status, and other data. Data from the
on comparing with the existing techniques are American Community Survey and the Puer-
presented in this section in detail. to Rico Community Survey were collected
during calendar year 2011 and the correspond-
4.1 Experimental setup
ing experimentation results are given in the
The proposed methodology is implemented following sections.
with Open stack. In this tool there are three
4.3 Results of the proposed data
frameworks such as Horizon, Swift and key-
migration scheme
stone are used respectively to provide back-
end services, data storage and authentication In this section the results of our proposed
purposes using Java Language. The size of the methodology is taken by varying the amount
data to be migrated and the number of cloud of file size being migrated at each time from
user is considered as one in our proposed the cloud user to the CSP. The performance
methodology. Later the number is varied to measures used in our paper for the evaluation
validate the efficiency of our proposed meth- of its efficiency are the Encryption Quality,
odology on compared to other methods. The Correlation coefficient Factor, Differential
results generated by our proposed methodol- Attack Measures Information Entropy Factor
ogy with different performance measures are (IEF), Avalanche Effect (AE) and Execution
presented in the succeeding section. Time. The obtained results are tabulated as
well as given in the form of graphs.
4.2 Dataset
4.3.1 Encryption quality
The dataset for the data migration is collected
The Encryption Quality QE is calculated using
equation (3) which is one of the factors that
Table V. Encryption quality QE with different file size.
helps to generate cipher texts randomly in
Encryption Rate Decryption Rate
File Name Size (KB) CMA-ES. The results of QE obtained by the
RE RD
F1 981 1.9469 1.8765 optimization process are presented in the table
F2 14057 1.2432 1.1923 5 with different file sizes.
F3 2136 1.0848 1.0431 In the figure 5, the encryption quality of
F4 11818 4.7223 4.2341 different file size varies with encryption value.
F5 8904 1.1913 1.1256 For the increase in file size, the encryption
F6 36,051 6.0445 5.9754 quality increases. The objective function for

182 China Communications • May 2020

Authorized licensed use limited to: UNIVERSITY PUTRA MALAYSIA. Downloaded on July 12,2021 at 18:28:23 UTC from IEEE Xplore. Restrictions apply.
random calculation of CMA-CS with the help represented as the form of graph in figure 8.
of these factor shows that having the optimiza- In cryptography, the avalanche effect is
tion should be done for the different file with the desirable property of cryptographic al-
varying sizes. gorithms, typically block ciphers and cryp-
tographic hash functions, wherein if an input
4.3.2 Correlation coefficient factor
is changed slightly (for example, flipping a
The second performance measure is the cor- single bit), the output changes significantly
relation coefficient factor rρ c n, which evaluates (e.g., half the output bits flip). In the case
2

the correlation between the cipher-texts pro- of high-quality block ciphers, such a small
duced randomly. The results of rρ c n is present- change in either the key or the plaintext should
2
cause a drastic change in the cipher text. From
ed with different file sizes in the table 6.
the figure the objective function avalanche
Correlation is a measure of the relationship
effect is carried out with six different files of
between two variables of plain text and cipher
varying sizes 981, 14057, 2136, 11818, 8904
text. It is calculated based on the covariance
and 36051 KB. The average vale of avalanche
factor. From the correlation factor value, it is
factor is taken as 70.833 which is calculated in
known that there is no occurrence of strong
the evaluation of CMA-ES.
correlation and the zero correlation. Also there
is no vast difference between the plain text 4.3.5 Execution time
and cipher text in accordance with different
The Execution time is the final performance
file size. Hence for the optimization of CMA-
measure to evaluate our proposed method-
ES, it is easy to evaluate the minimum value
ology in terms of different processes and the
with less operating time.
minimum amount of time required for each of
4.3.3 Information entropy factor the processes involved in our proposed meth-
odology ensures its efficiency in migrating the
The third one among the performance mea-
data with minimum computational overhead
sures is the Information Entropy Factor(IEF)
also in a secure manner. Here the computa-
calculated using equation (13) and this mea-
tional time is calculated for the processes such
sures the number of bits differ between two
as for Authentication, Encryption, Decryption,
cipher texts, the values are tabulated in table
7 and the results also presented in the figure 7
Table VI. Correlation coefficient factor rρ c n with different file size.
with varying file size. 2

File Name Size (KB) Correlation coefficient Factor rρ c n

IEF is calculated with number the differ- 2

F1 981 0.6199
ence of information entropy and the cipher
F2 14057 0.6259
text. Hence its unit is also a integer. It is a
F3 2136 0.6744
secure value and also seen that in figure 4, in-
F4 11818 0.6559
crease in the file size assures that information
F5 8904 0.6306
entropy has higher secure value. For the eval-
uation of the CMA-ES, the objective function F6 36,051 0.6314

of information entropy is taken maximum

which indirectly gives the security. Table VII. Information entropy factor (IEF).
4.3.4 Avalanche effect File Name Size (KB) Information Entropy Factor(IEF)
F1 981 2.987
The fourth performance metric is the Ava-
F2 14057 7.684
lanche Effect (AE) percentage calculated us-
F3 2136 4.561
ing equation (14) and it gives the mean value
F4 11818 7.581
of the number of bits changing in different
F5 8904 7.364
cipher texts for different amount of file sizes.
F6 36,051 7.984
The result of AE is given in the table 8 and

China Communications • May 2020 183

Authorized licensed use limited to: UNIVERSITY PUTRA MALAYSIA. Downloaded on July 12,2021 at 18:28:23 UTC from IEEE Xplore. Restrictions apply.
 Decryption Rate
Encryption Rate 6
7

6 5

5
4

Decryption Quality
Encryption Quality

3
3

2
2

1
1
F1 F2 F3 F4 F5 F6
F1 F2 F3 F4 F5 F6
File Name
File Name

Fig. 5. Encryption Quality QE. Fig. 6. Decryption Quality QE.

Information Entropy Factor

Correlation coefficient Factor
8
0.68

0.67 7

0.66
6
Information Entropy Factor
Correlation coefficient Factor

0.65
5

0.64

4
0.63

3
0.62

0.61 2
F1 F2 F3 F4 F5 F6 F1 F2 F3 F4 F5 F6
File Name File Name

Fig. 7. Correlation coefficient Factor rρ c n. Fig. 8. Information entropy factor (IEF).

2

Table VIII. Avalanche effect (AE) percentage. It is known that the time taken for authen-
File Name Size (KB) Avalanche Effect(AE) (%) tication using the innovative Luhn algorithm
F1 981 60 takes the minimum time of 0.024secs. After
F2 14057 75 that the encryption which is carried out by
F3 2136 66 the ROCT with EPPKE takes 0.717secs with
F4 11818 71 the decryption time of 0.335secs because of
F5 8904 68 the optimizational use of CMA-ES. Finally
F6 36,051 85 the user confirmation is carried out with just
6.59secs and shows the proposed work is
worth time saving scheme.
and User Confirmation by CSP, Data Retrieval In the next section, efficiency of our system
and Modification as well as for Integrity and is validated by comparing it with other exist-
Privacy Check. The results for this Execution ing works and the obtained results are tabulat-
Time is given in table 9 and in figure 9. ed as well as plotted in graphs.

184 China Communications • May 2020

Authorized licensed use limited to: UNIVERSITY PUTRA MALAYSIA. Downloaded on July 12,2021 at 18:28:23 UTC from IEEE Xplore. Restrictions apply.
 Avalanche Effect(AE)
85 Execution Time
7

6
80

Execution Time (seconds)

75
Avalanche Effect(AE)

3
70

65
1

0
60 Authentication Encryption Decryption User Confirmation
F1 F2 F3 F4 F5 F6 Process
File Name

Fig. 9. Avalanche effect (AE) percentage. Fig. 10. Graph for execution time of different processes.

4.4 Performance evaluation Table IX. Execution time of proposed methodology.

Process Execution Time (seconds)
The efficiency of our proposed methodology
Authentication 0.024
can be proved further by comparing the re-
Encryption 0.727
sults produced by our proposed one with other
Decryption 0.335
conventional techniques. We are performing
User Confirmation 6.59
the comparison in two phases, they are the
encryption time of the data with different en-
cryption techniques also the number of valid Table X. Encryption time.
decryption time with different techniques. The Size Encryption Time(Sec)
File Name
existing techniques with which we are going (KB) Proposed ABE PBE IBE
to perform the comparison are discussed in F1 981 0.402 0.463 0.475 0.498
following manner. F2 14057 0.801 0.824 0.864 0.876
F3 2136 0.443 0.473 0.497 0.505
4.4.1 Encryption time
F4 11818 0.725 0.764 0.789 0.814
The encryption time of the data after encrypt- F5 8904 0.564 0.594 0.618 0.645
ing it by the proposed optimized EPPKE F6 36,051 0.967 0.996 1.324 1.625
technique is compared with the encryption
techniques such as Attribute Based Encryption
(ABE), Identity Based Encryption (IBE) and
Password Based Encryption (PBE). In ABE By the use of the ROCT with EPPKE, the
user data is encrypted based on his attributes, plain text is converted into cipher text for the
in IBE based on the identity information pro- encryption process. If all the plain text is con-
vided by the user encryption is performed and verted into the single cipher text then there is
similarly in PBE the encryption of the data is a chance to decrypt the text easily by the third
performed with the password as generated by party. In order to reduce that, the plain text is
the user. With the results produced by these converted into three cipher text c1,c2,c3. For
encryption techniques with varying file sizes converting the plain text into the cipher text
in our proposed one is compared and the re- usually the existing methods like ABE, PBE,
sults are given in table 10 as well as in figure IBE takes the huge time of 0.685sec, 0.76
10. and 0.82 sec. While considering the proposed

China Communications • May 2020 185

Authorized licensed use limited to: UNIVERSITY PUTRA MALAYSIA. Downloaded on July 12,2021 at 18:28:23 UTC from IEEE Xplore. Restrictions apply.
Fig. 11. Comparison graph of encryption. Fig. 12. Comparison graph of decryption time.

Execution Time Correlation coefficient Factor

8 0.7

Proposed
7 0.6
ABE
PBE
6 0.5
IBE
Correlation coefficient Factor

5
0.4
Execution Time(Secs)

4
0.3

3 Proposed
0.2
ABE
2 PBE
0.1 IBE
1
0
0 F1 F2 F3 F4 F5 F6
Authentication Encryption Decryption User Confirmation File Name

Fig. 13. Comparison of execution time. Fig. 14. Comparison of correlation coefficient factor.

Table XI. Decryption time. scheme, it takes the total encryption time for
Size Decryption Time(Sec) converting the plain text into cipher text with
File Name
(KB) Proposed ABE PBE IBE large number of files as an average of 0.65sec
F1 981 0.301 0.364 0.376 0.399 which is worth enough for fast encryption.
F2 14057 0.701 0.725 0.766 0.778
4.4.2 Decryption time
F3 2136 0.345 0.376 0.399 0.407
F4 11818 0.628 0.669 0.691 0.714 The decryption time of the data after decrypt-
F5 8904 0.464 0.494 0.521 0.549 ing it by the proposed technique is compared
F6 36,051 0.867 0.896 1.228 1.527 with the encryption techniques such as Attri-
bute Based Encryption (ABE), Identity Based
Encryption (IBE) and Password Based En-
Table XII. Comparisons with other existing schemes in terms of delay.
cryption (PBE). In ABE user data is encrypted
Delay Time(Sec) based on his attributes, in IBE based on the
Proposed ABE PBE IBE identity information provided by the user en-
0.0501 0.109 0.128 0.217 cryption is performed and similarly in PBE the

186 China Communications • May 2020

Authorized licensed use limited to: UNIVERSITY PUTRA MALAYSIA. Downloaded on July 12,2021 at 18:28:23 UTC from IEEE Xplore. Restrictions apply.
encryption of the data is performed with the Table XIII. Comparisons with other existing schemes in terms of execution time.
password as generated by the user. The results Execution Time(Secs)
Process
are given in the table 11 as well as in the fig- Proposed ABE PBE IBE
ure 11 as follows. Authentication 0.024 0.031 0.042 0.051
To break the cipher text for decryption, a Encryption 0.727 0.763 0.797 0.804
random number should be given for each ci- Decryption 0.335 0.354 0.375 0.392
pher text in encryption. This phase is carried User Confirmation 6.59 6.73 6.96 7.01
out by randomly optimized encryption meth-
ods. From the result obtained in the figure 11,
Table XIV. Comparisons with other existing schemes in terms of correlation coef-
it is clear that the proposed method performs
ficient factor.
the encryption with less time of 0.51 sec by
Size Correlation coefficient Factor
the use of the optimization algorithm. While File Name
(KB) Proposed ABE PBE IBE
other method of ABE, PBE and IBE shows
F1 981 0.6199 0.5927 0.5816 0.5734
the high decryption time of 0.58,0.66 and 0.72
F2 14057 0.6259 0.6034 0.5998 0.5821
sec.
F3 2136 0.6744 0.6543 0.6431 0.6351
By obtaining the low encryption and de-
F4 11818 0.6559 0.6462 0.6385 0.6327
cryption time with the use of ROCT-EPPKE
F5 8904 0.6306 0.6297 0.6274 0.6211
and the random selection optimization, the
F6 36,051 0.6314 0.6287 0.6034 0.5998
table 12 depicts the minor delay concern of
0.0501sec in the retrieval phase which effec-
tually lowers the communication overhead of Table XV. Comparisons with other existing schemes in terms of information entro-
our proposed system when compared to the py factor.
other techniques of ABE, PBE and IBE Size Information Entropy Factor
File Name
The comparison for the significant proposed (KB) Proposed ABE PBE IBE
parameter such as Correlation Coefficient F1 981 2.987 3.0133 3.1124 3.5671
Factor”, “Information Entropy Factor”, “Ava- F2 14057 7.684 7.874 7.945 8.013
lanche Effect”, and “Execution Time” with the F3 2136 4.561 4.742 4.876 5.043
techniques such as ABE,PBE and IBE and the F4 11818 7.581 7.765 7.976 8.084
values are show in figures and tables 13~16. F5 8904 7.364 7.543 7.653 7.872
The scheme described in [33] is suitable for F6 36,051 7.984 8.082 8.095 8.132
distributed mobile cloud services environment;
however, it does not support user anonymity Table XVI. Comparisons with other existing schemes in terms of avalanche effect.
and user un traceability. Therefore, one of the
Size Avalanche Effect(%)
design goals for the proposed scheme is to File Name
(KB) Proposed ABE PBE IBE
offer user anonymity and user un traceability
F1 981 60 65 72 75
to preserve user privacy. In order to evaluate
F2 14057 75 78 82 85
security strength of a proposed authentication
F3 2136 66 68 74 78
scheme, security analysis based on formal
F4 11818 71 74 77 80
proof technique is usually conducted. From ta-
F5 8904 68 71 75 82
ble 17, it is very obvious that only our scheme
F6 36,051 85 87 89 91
and the scheme proposed in [34] have con-
ducted formal proof process in terms of secu-
rity strength. Existing schemes introduced in chronization problem and forgery attack.
[33] , [35] are also vulnerable to several secu- By the overall comparison, it is clear that
rity threats. For example, the schemes in [36] the security gets increased in data migration
and [35] are vulnerable to replay attack, time by the use of Random Optimized Cryp-
synchronization problem, and forgery attack. tographic Technique (ROCT) with the key for
The existing scheme is vulnerable to time syn- encryption by Efficient Probabilistic Public

China Communications • May 2020 187

Authorized licensed use limited to: UNIVERSITY PUTRA MALAYSIA. Downloaded on July 12,2021 at 18:28:23 UTC from IEEE Xplore. Restrictions apply.
 Information Entropy Factor Avalanche Effect
10 100

8 80
Information Entropy Factor

6 60

Avalanche Effect(%)
4 40

Proposed Proposed

ABE ABE
2 20
PBE PBE

IBE IBE

0 0
F1 F2 F3 F4 F5 F6 F1 F2 F3 F4 F5 F6
File Name File Name

Fig. 15. Comparison of information entropy factor. Fig. 16. Comparison of avalanche effect.

Table XVII. Comparisons with other existing schemes in terms of security properties.
ECC based Bi-linear pairing IBA scheme Key agreement Proposed
S.No Security properties
scheme [33] scheme [34] [35] scheme [36] scheme
1. Resistance to reply attack     
2. Provision of user anonymity     
3. Provision of user traceability     
4. Resistance to offline password attack     
5. Resistance to time synchronization     
6. Resistance to forgery attack     
Suitability to multiple service provider
7.     
environment
8. Formal security proof     

Table XVIII. Efficiency of the proposed method. 0.217 sec. Owing to the work of EPPKE, the
Methods Time Encryption Decryption encryption time intakes in 0.61sec only by
ABE 0.109 0.68 0.58 comparing with ABE of 0.685, PBE of 0.76
PBE 0.128 0.76 0.66 and IBE of 0.82 sec proving that the method-
IBE 0.217 0.82 0.72 ology works well with better efficiency. Con-
PROPOSED 0.050 0.61 0.50 sidering the decryption time of 0.5sec showed
that the proposed method of CMA-ES opti-
mised the process with less computing time
Key Encryption (EPPKE). Also the algorithm compared to other techniques of ABE, PBE
called Luhn algorithm is run by the TTP in and IBE of 0.58, 0.66 and 0.72 sec. Along with
which the authentication of the user is verified the use of Luhn algorithm with BLAKE 2b
by means of the user ID and confirm with the encapsulation method increases the efficiency
TTP secured the data from the several attacks. of the whole process by doing as an automat-
By the performance analysis it is estab- ed system without human intervention. With
lished from table 18, on the use of cryp- the combined approach of all these shows the
tographic technique of Random optimisation, improvisation of security in data migration
the efficiency of the work get increased by with high efficiency and computational heads.
taking less delay of 0.0501sec although the Overall, the results showed that the proposed
other techniques like ABE, PBE and IBE takes Random Optimized Cryptographic Method for
varies difference in delay of 0.109, 0.128 and data migration technique has a very good per-

188 China Communications • May 2020

Authorized licensed use limited to: UNIVERSITY PUTRA MALAYSIA. Downloaded on July 12,2021 at 18:28:23 UTC from IEEE Xplore. Restrictions apply.
formance with the total execution of 7.676sec for data sovereignty in federated clouds”, IEEE
Cloud Computing, vol. 3, no.1, 2016, pp. 12-17.
considering less delay of 0.0501 and more se-
[9] D. Zissis, and D. Lekkas, “Addressing cloud com-
curity from various attacks. puting security issues”, Future Generation Com-
puter Systems, vol. 28, no.3, 2012, pp. 583-592.
V. CONCLUSION [10] B. P. Rimal et al., “Architectural requirements for
cloud computing systems: an enterprise cloud
approach”, Journal of Grid Computing, vol. 9, no.
Data migration in cloud computing is a rela- 1, 2011, pp. 3-26
tively new research due to privacy and security [11] L. Zhang et al., “Moving big data to the cloud:
issues concerned with the public clouds. The an online cost-minimizing approach”, IEEE Jour-
nal on Selected Areas In Communications, vol.
paper presented a secure data migration tech-
31, no.12,2013, pp. 2710-2721.
nique called EPPKE optimized with CMA- [12] Z. Xiao, W. Song, and Q. Chen, “Dynamic re-
ES. The multi secured attention includes in source allocation using virtual machines for
authentication check, secured encryption and cloud computing environment”, IEEE Transac-
tion on Parallel and Distributed Systems, vol. 24,
data retrieval. Evaluating the efficiency and
no. 6, 2013.
security analysis of the proposed technique [13] Chung Y et al., “Utilization of workflow man-
with the most common encryption algorithms agement system for virtual machine instance
like ABE, PBE and IBE indicates high securi- management on cloud”, Concurrency and Com-
putation: Practice and Experience, vol. 27, no.17,
ty and speed in encryption, decryption process
2015, pp. 5350-5373
with 0.61 and 0.5sec. Accordingly from the [14] M. Li, S. Yu, Y. Zheng, K. Ren, and W. Lou, “Scal-
obtained results, it is visible that this tech- able and secure sharing of personal health re-
niques paves favourable proceedings for real cords in cloud computing using attribute-based
encryption”, IEEE Transactions on Parallel and
time implementation in near future.
Distributed Systems, vol.24, no.1, 2013, pp. 131-
143.
References
[15] M. D. Ryan, “Cloud computing security: the
[1] K.V.K.M. Kumar, “Overview of cloud computing scientific challenge, and a survey of solutions”,
architecture: service delivery models, security Journal of Systems and Software, vol. 86, no.9,
& privacy issues and trust”, IJRET: International 2013, pp. 2263-2268.
Journal of Research in Engineering and Technol- [16] B. Grobauer, T. Walloschek and E. Stöcker, “Un-
ogy, vol. 2, issue 12, 2013, pp. 607-609. derstanding cloud computing vulnerabilities”,
[2] I.A.T Hashem et al., “The rise of ‘big data’ on IEEE Security & Privacy, vol.9, no. 2, 2011, pp.
cloud computing: review and open research is- 50-57.
sues”, Information Systems, vol. 47, January, 2015, [17] K. Hashizume et al., “An analysis of security is-
pp. 98-115. sues for cloud computing”, Journal Of Internet
[3] A. Beloglazov, et al., “Energy-aware resource al- Services And Applications, vol. 4, no. 1, 2013, pp.
location heuristics for efficient management of 1-13.
data centers for cloud computing”, Future Gen- [18] S. Poongodi, P. Murugan and P. Kuppusamy,
eration Computer Systems, vol. 28, no. 5, 2012, “Shared authority based privacy-preserving
pp. 755-768. authentication protocol in cloud comput-
[4] C. Rong et al., “Beyond lightning: a survey on ing”, Cloud Computing, vol. 19, 2015, pp 1-3.
security challenges in cloud computing”, Com- [19] C. Modi, D. Patel, B. Borisaniya, A. Patel and M.
puters & Electrical Engineering, vol. 39, no. 1, Rajarajan. “A survey on security issues and solu-
2013, pp. 47-54. tions at different layers of cloud computing”,
[5] S. Subashini and V. Kavitha, “A survey on secu- The Journal of Supercomputing, vol. 63, no.2,
rity issues in service delivery models of cloud 2013, pp. 561-592.
computing”, Journal of Network and Computer [20] F. Wang, J. Liu, M. Chen and H. Wang, “Migration
Applications, vol. 34, no. 1, 2011, pp. 1-11. towards cloud-assisted live media streaming”,
[6] S. Marston et al., “Cloud computing - the busi- IEEE/ACM Transactions on Networking, 2015, pp.
ness perspective”, Decision Support systems”, 1-11.
vol. 51, Issue 1, 2011, pp. 176-189. [21] X. Qiu, H. Li, C. Wu, Z. Li and F. Lau, “Cost-min-
[7] Ali O and Soar J, “Challenges and issues within imizing dynamic migration of content distribu-
cloud computing technology”, Proc. Fifth Inter- tion services into hybrid clouds”, IEEE Transac-
national Conference on Cloud Computing, Grids, tions on Parallel and Distributed Systems, 2015,
And Virtualization, 2014, pp. 55-63. vol. 26, no. 12, pp. 3330-3345.
[8] C. Espositon et. al., “Encryption-based solution [22] M. Menzel, L. Wang, S. U. Khan and J. Chen,

China Communications • May 2020 189

Authorized licensed use limited to: UNIVERSITY PUTRA MALAYSIA. Downloaded on July 12,2021 at 18:28:23 UTC from IEEE Xplore. Restrictions apply.
 “Cloudgenius: a hybrid decision support meth- [34] S. Huang and W Ding, “Cryptanalysis of three
od for automating the migration of web ap- dynamic id-based remote user authentication
plication clusters to public clouds”, IEEE Trans- schemes using smart cards”, Proc. IEEE Interna-
actions on Computers, 2015, vol. 64, no.5, pp. tional Conference of Online Analysis and Com-
1336-1348. puting Science (ICOACS), 2016, pp. 44-52.
[23] Y. Zhu, D. Huang, C. Hu and X. Wang, “From [35] H. Sun, Q. Wen, H. Zhang and Z. Jin, “A novel
Rbac To Abac: Constructing flexible data ac- remote user authentication and key agreement
cess”. IEEE Transactions on Services Computing, scheme for mobile client–server environment”,
2015, vol. 8, no. 4, pp. 601-616. Appl. Math. Inf. Sci., vol.7, no.4, 2013, pp. 1365–
[24] M. Ali, S. Malik and S. Khan, “Data security for 1374.
cloud environment with semi-trusted third [36] J. Tsai and N. Lo. “A privacy-aware authenti-
party”, IEEE Transactions On Cloud Computing, cation scheme for distributed mobile cloud
2016, pp.1-14. computing services”, IEEE Systems Journal, vo. 9,
[25] Y. Alsalhi, “An accurate and high-efficient qubits no.3, pp. 805-815.
steganography scheme based on hybrid neural
networks”,  Multimedia Tools and Applications, Biographies
2019, pp. 1-17. M. G. Aruna, is a research
[26] K. K. Tripathi and L. Ragha. “Hybrid approach for scholar of Sai Vidya Institute of
credit card fraud detection”, Parity, vol.16, no. 2, Technology, Affiliated to Vis-
2013, pp. 8-11. vesvaraya Technological Uni-
[27] T. Okamoto, S. Uchiyama and E. Fujisaki, “Effi- versity, Belagavi, India. She has
cient probabilistic public-key encryption”, Sub- completed her B.E and M.Tech
mission To IEEE P1363a, 1998 from Bangalore University and
[28] M. D. Gregory, Z. Bayraktar and D. H. Werner, Dr. MGR University in 2001 and
“Fast optimization of electromagnetic design 2006 respectively. Her research interests is in cryp-
problems using the covariance matrix adapta- tography, DBMS, IOT, Machine Learning, data securi-
tion evolutionary strategy”, IEEE Transactions ty in cloud computing. She has overall 14 years of
On Antennas And Propagation, vol. 59, no. 4, experience as an academician and 5 years of research
2011, pp. 275-1285 experience.
[29] K. Hashizume et al., “An analysis of security is-
sues for cloud computing”. Journal of Internet K. G. Mohan, has received PhD
Services and Applications, 2013, vol. 4, no. 1, pp. from Anna University in 2007 in
5. the domain of Computer Archi-
[30] M. Amin, S. Hussain et al. “Profiling-based en- tecture. His area of research in-
ergy-aware recommendation system for cloud terest includes low power ar-
platforms”, In Computer Science and Its Applica- chitecture design, Cloud Com-
tions, 2015, pp. 851-859. puting, Wireless Sensor Net-
[31] M. Abd El-Wahed, S. Mesbah and A. Shoukry, works, IoT, Network Security,
“Efficiency and security of some image encryp- etc. He has overall 30 years of experience as an aca-
tion algorithms”, Proc. The World Congress on demician and 14 years of experience in research. He
Engineering, 2008, 1, pp. 2-4. has published paper in many international journal
[32] J. P. Aumasson et. al., “Simpler, smaller, fast as and conferences of reputed.
md5”, Proc. International Conference on Ap-
plied Cryptography and Network Security, 2013,
pp.119-135.
[33] C. Tien-Ho et al., “An advanced ECC dynamic id-
based remote mutual authentication scheme
for cloud computing”, Proc. 5th FTRA Int. Conf.
Multimedia Ubiquitous Eng., 2011, pp. 155–159.

190 China Communications • May 2020

Authorized licensed use limited to: UNIVERSITY PUTRA MALAYSIA. Downloaded on July 12,2021 at 18:28:23 UTC from IEEE Xplore. Restrictions apply.