Exploring Different Encryption Techniques

in Cloud Storage
Piyush Verma Utkarsh Gupta
School of Computer Science and Engineering School of Computer Science and Engineering
(SCOPE) (SCOPE)
Vellore Institute of Technology, Chennai, Vellore Institute of Technology, Chennai,
India [email protected] India
[email protected]

Abstract— Cloud computing offers a scalable II. LITERATURE SURVEY

and cost-effective platform for data storage and
Soofi et al. discuss the role of encryption in
processing. However, entrusting sensitive data
safeguarding cloud data confidentiality. They
to third-party cloud providers raises significant
categorize encryption techniques into symmetric,
concerns regarding data confidentiality and
asymmetric, and hashing methods, proposing a
privacy. Encryption plays a crucial role in
hybrid approach to address trade-offs between
addressing these concerns by safeguarding data
performance and security. The paper emphasizes
in an unreadable format, preventing
key management, access control, and secure data
unauthorized access and ensuring data
deletion as crucial components of holistic cloud
integrity. This survey delves into various
data protection.
encryption techniques employed for cloud data
security, analyzing their strengths, weaknesses,
and suitability for different scenarios.
Yang et al. conduct a comprehensive literature
survey on data security and privacy issues in cloud
Keywords—Cloud computing, data security, storage. The paper provides an overview of cloud
encryption, confidentiality, privacy, symmetric storage, analyzes challenges and requirements, and
encryption, asymmetric encryption, discusses data encryption technologies and
homomorphic encryption, attribute-based protection methods. Privacy-preserving solutions
encryption, proxy re-encryption. are proposed, including the use of a chameleon
hash algorithm to conceal data owner public keys.
I. INTRODUCTION
Shen et al. present a literature survey on an
The widespread reliance on cloud
enhanced identity-based proxy re-encryption
environments for data storage and processing
(PRE) algorithm within a multi-security-level
necessitates rigorous security measures to protect
cloud storage system. The authors distinguish
sensitive information. Encryption plays a
between symmetric and public key encryption,
fundamental role in addressing these concerns,
advocating for attribute-based encryption (ABE)
transforming data into an unreadable format and
and PRE to achieve secure storage and access
mitigating the risks associated with data breaches
control. The paper also discusses the application of
and unauthorized access. This survey
homomorphic encryption and hardware-based
comprehensively examines ten significant research
solutions for dynamic data privacy.
papers exploring various encryption techniques
employed for cloud data security, providing a
Potey et al. focus on the application of fully
critical analysis of their functionalities, advantages,
homomorphic encryption for securing data in the
and limitations..
cloud. They reference Gentry's foundational work Rawal and Manogaran conduct a comprehensive
and highlight the critical need to address various literature review focused on various cloud file-
security issues in cloud computing, including data sharing systems. The paper emphasizes the
security, privacy, confidentiality, integrity, and importance of secure cloud storage, utilizing
authentication.. asymmetric key distribution management
processes and encryption algorithms.
The paper addresses challenges of data integrity Homomorphic token keys, hybrid cryptographic
and privacy preservation in cloud storage. A techniques, and attribute-based encryption are
solution involving a Third Party Auditor (TPA) and explored to enhance data security and manage
homomorphic authenticators with random masking access control in cloud storage.
is proposed. Bilinear aggregate signatures are used
for batch auditing, demonstrating effectiveness in Cayirci et al. offer insights into various standards,
ensuring data integrity and preventing frameworks, and methodologies related to risk
unauthorized data disclosure. assessment in cloud computing. The paper
references contributions from large standardization
Kumar and Alphonse conduct a thorough literature bodies, introducing tools like Microsoft's Cloud
survey on key policy and ciphertext policy Decision Framework and CSA Cloud Assessment
attribute-based encryption (ABE) schemes. The Initiative Questionnaire. Different risk assessment
paper evaluates different ABE schemes based on models, including qualitative inductive risk
features, security, and efficiency, providing assessment and quantitative models, are discussed.
insights into their respective strengths and
weaknesses. The survey also identifies research Fan et al. provide a concise literature survey on
gaps and challenges, contributing to the diverse approaches to enhancing the security and
understanding of attribute-based encryption. integrity of data in various computing
environments. The paper presents methodologies
Chatterjee et al. undertake a comprehensive and protocols contributing to the overarching goal
literature survey addressing challenges in cloud- of improving data security, integrity, and access
based Learning Management Systems (LMS). The control. Various schemes, such as provable data
paper systematically reviews various articles and possession, privacy-preserving public auditing,
studies, proposing privacy measures based on and identity-based auditing, are discussed for
cryptosystems and steganography. Advanced efficient key management and secure cloud
approaches, including hybrid encryption, storage.
multithreading, and chaos-based probabilistic map
encryption, are explored to bolster data security in
cloud storage systems.

Paper Technique Strengths Weaknesses Suitability

Symmetric, Key Management, Bulk Data
Soofi et al. Asymmetric, Efficient, Fast, Computational Encryption, Key
(2014) Hashing Strong Security Overhead Distribution
Open Research
Various Comprehensive Challenges, Data Security
Yang et al. Encryption Analysis, Privacy- Malicious Cloud Surveys, Privacy
(2020) Techniques Preserving Solutions Providers Concerns
Multi-security
Improved Proxy Secure Storage, Cloud Storage,
Shen et al. Re-encryption Access Control, Complexity, Security Dynamic Data
(2019) (PRE) Fine-grained Access Vulnerabilities Sharing
 Secure Data High Computational Secure Cloud
Fully Analysis, Privacy Overhead, Limited Analytics,
Potey et al. Homomorphic Preserving Practical Sensitive Data
(2016) Encryption (FHE) Computations Applications Processing
Data Integrity
Homomorphic Verification, Cloud Data
Authenticators, Privacy Public Key Auditing, Secure
Fd et al. Bilinear Aggregate Preservation, Infrastructure, Storage
(2019) Signatures Efficient Auditing Complexity Verification
Fine-grained Access Complex Attribute Secure Data
Control, Reduced Policies, Sharing,
Kumar et al. Attribute-Based Key Management, Computationally Collaborative
(2018) Encryption (ABE) Scalability Expensive Environments
Limited Security Cloud-based
AES, RSA, DES, Familiar against Advanced Learning
Chatterjee et Image Algorithms, Attacks, Complexity Management
al. (2023) Steganography Efficient Encryption of Steganography Systems (LMS)
Secure Multi-cloud
Next-generation Storage, Dynamic Increased Secure File
Rawal and Cryptography, Access Control, Complexity, Sharing,
Manogaran PRE, Data Split Protocol Management Collaborative
(2021) Splitting Security Overhead Cloud Storage
Cloud Service
Risk Assessment Limited Guidance Provider
Standards, Comprehensive for Specific Selection, Risk
Cayirci et al. Frameworks, Analysis, Encryption Management
(2016) Methodologies Standardized Tools Techniques Strategies
Data Security
Provable Data Varied Focus, Surveys,
Diverse Data Possession (PDP), Limited Scope on Comparative
Fan et al. Security Public Auditing, Specific Encryption Analysis of
(2019) Approaches Data Access Control Techniques Methodologies

Cloud Data Security Encryption Techniques 2. Asymmetric Encryption:

1. Symmetric Encryption: Imagine two padlocks: one with a keyhole for the
sender (public key) and another with a key (private
key) for the receiver. The sender encrypts with the
public key, and only the private key can decrypt.
Think of a secure lock with identical keys for both
This offers strong security for key distribution and
sender and receiver. This is symmetric encryption,
sensitive data. RSA is a popular example.
using the same key to encrypt and decrypt data.
It's fast and efficient, ideal for bulk data
encryption. Examples include AES and DES.
3. Hashing:
Picture a funnel transforming data into a unique Imagine calculations performed on locked boxes
"fingerprint" called a hash. Any change in the data (encrypted data) without unlocking them.
alters the hash, making it ideal for verifying data Homomorphic encryption allows computations on
integrity. SHA-256 is a widely used hashing encrypted data while preserving privacy. It's ideal
algorithm. for secure cloud analytics but can be
computationally expensive.

4. Homomorphic Encryption:
5. Proxy Re-encryption (PRE):

Think of a trusted intermediary changing the lock

on a box (data) without knowing its contents. PRE
allows delegating decryption rights without
revealing the decryption key, enabling dynamic
access control in cloud storage.

6. Attribute-Based Encryption (ABE):

Imagine a tree where users gain access based on

specific attributes (e.g., department, clearance
level). ABE encrypts data based on attributes,
allowing access only to authorized users with
matching attributes, enhancing fine-grained access
control.

7. Image Steganography:

Think of hiding a secret message within another

image. Steganography conceals data within
seemingly harmless files like images or audio,
offering an extra layer of security for sensitive
information in cloud-based environments like
Learning Management Systems.

8. Next-generation Cryptography:

Imagine a futuristic lock with multiple layers of

security. Next-generation cryptography refers to
advanced encryption algorithms constantly
evolving to stay ahead of emerging threats, • Development of more efficient and scalable
offering robust protection for sensitive cloud data. homomorphic encryption schemes.
• Enhancing the security and robustness of
ABE and PRE schemes.
• Integrating encryption with other cloud
9. Data Splitting: security mechanisms for holistic data
protection.
• Addressing privacy concerns associated
Think of slicing a file into pieces and storing them with cloud data encryption and auditing.
in different safes. Data splitting divides sensitive Continued research and development efforts are
data into smaller chunks and distributes them crucial to refine existing encryption methods and
across multiple cloud providers, enhancing explore novel approaches to ensure the robust
security and redundancy. protection of data in the cloud.

V. CONCLUSION

10. Risk Assessment Frameworks and

Methodologies: This survey comprehensively analyzes ten research
papers, revealing a diverse landscape of encryption
techniques employed for cloud data security.
Traditional methods like symmetric and
Imagine a roadmap for identifying and mitigating asymmetric encryption offer efficiency and robust
security risks. Risk assessment frameworks and security, respectively. Advanced techniques like
methodologies provide standardized tools and homomorphic encryption and attribute-based
guidelines for selecting appropriate encryption encryption provide enhanced privacy and fine-
techniques and other security measures based on grained access control. The choice of technique
specific cloud data security needs. depends on specific security requirements,
performance considerations, and access control
needs. The provided table further facilitates
comparison based on key features and suitability
III. RESULTS AND DISCUSSION for different scenarios.
This survey comprehensively analyzes ten
research papers, revealing a diverse landscape of
REFERENCES
encryption techniques employed for cloud data
security. Traditional methods like symmetric and
1. Soofi, Aized Amin, and M. Irfan Khan.
asymmetric encryption offer efficiency and robust "Encryption techniques for cloud data
security, respectively. Advanced techniques like confidentiality." International Journal of
Grid and Distributed Computing 7.4
homomorphic encryption and attribute-based (2014): 11-20.
encryption provide enhanced privacy and fine- 2. Yang, Pan, Naixue Xiong, and Jingli Ren.
"Data security and privacy protection for
grained access control. The choice of technique cloud storage: A survey." IEEE Access 8
depends on specific security requirements, (2020): 131723-131740.
performance considerations, and access control 3. Shen, Jinan, Xuejian Deng, and Zhenwu
Xu. "Multi-security-level cloud storage
needs. The provided table further facilitates system based on improved proxy re-
comparison based on key features and suitability encryption." EURASIP Journal on
Wireless Communications and
for different scenarios. Networking 2019.1 (2019): 1-12.
4. Mr, Manish M. Potey, Chandrashekhar A.
Dhote, and Deepak H. Sharma Mr.
"Homomorphic encryption for security of
IV. CHALLENGES AND FUTURE WORK cloud data." Procedia Computer Science 79
(2016): 175-181.
Despite significant advancements, several 5. Phalke, Tushar, et al. "Cloud Storage
open challenges remain in the domain of cloud data Security and Privacy Preservation."
International Journal of Scientific &
security encryption. These include:. Engineering Research, vol. 4, no. 12, 2013,
pp.ISSN 2229-5518. S.V.P.M’s COE
 Malegaon(Bk). Department Of Computer encryption scheme for cloud
Engg. storage." IEEE Access 7 (2019): 66655-
6. Kumar, Praveen, and P. J. A. Alphonse. 66667.
"Attribute based encryption in cloud 12. Luo, Hong-Shan, Rui Jiang, and Bei Pei.
computing: A survey, gap analysis, and "Cryptanalysis and Countermeasures on
future directions." Journal of Network and Dynamic-Hash-Table Based Public
Computer Applications 108 (2018): 37-52. Auditing for Secure Cloud Storage." 2017
7. Chatterjee, Paramita, et al. "Enhancing 10th International Symposium on
Data Security of Cloud Based Computational Intelligence and Design
LMS." Wireless Personal (ISCID). Vol. 1. IEEE, 2017.
Communications 130.2 (2023): 1123-1139. 13. Podschwadt, Robert, et al. "A survey of
8. Rawal, Bharat S., and Gunasekaran deep learning architectures for privacy-
Manogaran. "Implementation of a secure preserving machine learning with fully
multi-cloud storage framework with next- homomorphic encryption." IEEE
generation cryptosystems and split- Access 10 (2022): 117477-117500.
protocol." 2021 International Symposium 14. Hur, Junbeom, et al. "Secure data
on Networks, Computers and deduplication with dynamic ownership
Communications (ISNCC). IEEE, 2021. management in cloud storage." IEEE
9. Cayirci, Erdal, et al. "A risk assessment Transactions on Knowledge and Data
model for selecting cloud service Engineering 28.11 (2016): 3113-3125.
providers." Journal of Cloud 15. Liu, Hongwei, et al. "Attribute-based
Computing 5.1 (2016): 14. encryption scheme supporting decryption
10. Fan, Yongkai, et al. "One secure data outsourcing and attribute revocation in
integrity verification scheme for cloud cloud storage." 2017 IEEE International
storage." Future Generation Computer Conference on Computational Science and
Systems 96 (2019): 376-385. Engineering (CSE) and IEEE International
11. Sun, Jin, et al. "Multi-keyword searchable Conference on Embedded and Ubiquitous
and data verifiable attribute-based Computing (EUC). Vol. 1. IEEE, 2017.