Data Security in Cloud Storage Using Elliptical Curve Cryptography

Home , Cloud storage

International Journal of Pure and Applied Mathematics Volume 120 No. 6 2018, 27-38 ISSN: 1314-3395 (on-line version) url: http://www.acadpubl.eu/hub/ Special Issue http://www.acadpubl.eu/hub/

DATA SECURITY IN CLOUD STORAGE USING ELLIPTICAL CURVE CRYPTOGRAPHY

1S. Arun, M.E., 2N. R. Shanker 1Research Scholar, 2Ph.D, Professor/ Supervisor-Aalim Muhammed Salegh College of Engineering Department of Computer and Science Engineering PRIST University, Thanjavur, Tamilnadu

Abstract: Computational applications and data cloud computing. The elements of the cloud architecture processing are increasing rapidly that large servers and were interfaced through the application programs. The data centre is required for quick processing within the application program was divided into two segments specified time. A major shift in the way Information namely front end and back end. Providing an example for Technology (IT) and computing services is that the a cloud computing, the user stores the data and program results are delivered and purchased results in the cloud in the cloud memory, the cloud agent provides the link computing development. The out of control power cost between the data and program components in such a way that includes personal hardware, electricity generation that the program codes do not know the location of the and data centre's limited space have promoted a specific stored data. The users gain profit by reducing its work of number of enterprises to transfer many infrastructures scheduling their workload, and the cloud agents provide into a third-party cloud. However, Cloud computing the interfaces between different users interfaced with the needs that organisations should prove that the platforms cloud infrastructure. This process of providing maximum of a service provider are secured and should provide control to the cloud agents generate many security enough level of integrity for the client's data. Elliptical concerns in maintaining integrity and confidentiality in curve cryptography is a public key encryption method accessing the workload by cloud users. that is based on elliptical curve theory, and this method The main advantage of the cloud computing is can be applied for creating faster, smaller and efficient providing virtualisation. The virtualisation can be cryptographic keys. A critical factor is the strength of the generated for hardware’s, application programs and also key that is the problem in key and acquiring the plain for middlewares. A security system is required to text. overcome the security threat in the virtualisation environment. Many researches are taking place to Keyword: ECC, RSS, Honey Algorithms, Symmetric, improve the security in virtual environments. The Asymmetric algorithm, cloud computing. research in the cloud security provides the knowledge that existing security schemes will not be perfect for 1. Introduction securing the cloud systems. The security requirement and the threat models are unique for the cloud system. The The origin of grid computing promoted the development security in the cloud system was implemented in two of cloud computing, providing security for the cloud data layers. First layer is to isolate the workloads from each is a major issue faced by Information Technology user and second is to provide security for their Community. Cloud computing is a new concept which workloads. Many solutions are provided to generate becomes a rising technology that increasing the attentions isolation of workloads were virtualisation based security of industrial organisations and educational institutions. mechanism is promoted for providing isolation between The limitations in the maintenance of storage devices the users. promote the enterprises to move to cloud computing, Securing an individual workload is a harder task were the cloud storages are maintained by the third party were the cloud computing provides the support for grid providers. Cloud computing provides a link between the computing which provides the link between physical and central remote servers and the network to handle data and virtual servers. The network framework of the cloud remote services. This technology provides flexibility in computing is represented in figure 1. handling the applications and data from the cloud without installing any additional software in their computers only need is to connect their computers with the internet. Handling the data in the cloud provides more advantages on maintaining the hardware system. The Cloud architecture comprises of client systems which provide the data and applications to the cloud storage and the cloud components which provides the

27 International Journal of Pure and Applied Mathematics Special Issue

Figure 1. Cloud Computing Architecture Figure 2. Symmetric Encryption

Three entities involved in the cloud computing are The Asymmetric key algorithm uses different keys users, cloud service providers and the third party to encrypt and decrypt the data bit. The keys are auditors. Securing the data in cloud service required represented as public and private keys, where the data cryptographic encryptions which isolates the users from owner handles the private key, and the public key is accessing others information or workload. The data provided to the authorised recipients. The specific private stored in the cloud server was encrypted and the user key will decrypt the data encrypted by the recipient access the data from the cloud server will decrypt the public key. Figure 3 shows the flow of the asymmetric data with the key provided for access. The encryption is algorithm. The data is more secured in transmitting using the process of converting the plain information into a asymmetric encryption. The asymmetric algorithm takes chipper text. The chipper text is an order less or much time for execution than the symmetric algorithm. meaningless information which is generated by the encryption algorithm in the certain pattern. Decryption is the process of converting the chipper text into the original plain text. The decryption algorithm reverses the process of encryption to generate the plain text. The main aim of the encryption algorithm is to generate a tough chipper text which should be ordered to decrypt without using the proper decrypt key. The size of the key proportionally toughens the decryption of chipper text without a proper key. Selecting the encryption algorithm is very important. The quality of the encryption algorithm should be maintained strictly. The algorithm looks promising may be very easy to break. A tougher encryption algorithm to be selected to secure the data from attack. The encryption algorithms are divided into two important types. They are symmetric and asymmetric encryption algorithm. The type is generated based on the type of key Figure 3. Asymmetric Encryption used to encrypt and decrypt the information bit. Symmetric encryption uses a common key for This process also provides authentication for the users. encryption and decryption process. Thus maintaining the Digital signatures are also used for authentication of security in exchanging key between sender and receiver users. Hashing is used to generate fixed length variables plays a vital role. Figure 2 shows the flow of the which are used to generate the digital signature to protect symmetric key algorithm. the data form unauthorised users. Drawbacks of the symmetric algorithm  Symmetric key cryptography needs to exchange key with the receiver before transferring the chipper text. Any mode of communication is vulnerable to attack so transferring the key through the network is vulnerable to

28 International Journal of Pure and Applied Mathematics Special Issue

attack only way to exchange the key securely is by decrypt, & sign to this number of attributes in the transferring personally. functions. [3]  Digital signatures cannot be used for authenticating Sensors integration along with cloud-based on the users in the network. analysis and data storage has the potential to increase the efficiencies, adaptability and resilience of dealing with 2. Literature Survey the smart infrastructure. A standout context application is a smart grid; it gives an electricity rescue service on an In Ciphertext-policy, attribute-based encryption (CP- ability to protect, monitor and optimise the different ABE) aim is a key management collaborative protocol. functions are connecting the components by using the Our structure makes as a distributed generation, storage service provider into a consumer. An ability to manage and issue of private keys it is not contributing extra and read smart grid evaluations are remotely by infrastructure. A quick attribute revocation and fine- employing the wireless sensors significantly that grained is allowed for key modify.[1] The known appropriate grid operators to load balance, on-demand technology is cryptography that is based on Attribute to enable services and efficiently for different entities. fine-grained access data control and guarantee data.[3] A Anywhere the cloud infrastructure adoption in smart grid fine-grained access data control system along with poses to deal with the sensor data, its important risks to computation outsourcing and ciphertext update in fog consumers privacy and data security. This data can be calculating for an Internet of Things (IoT).[3] This disclosed to unwarranted parties or malicious, on the advanced collaborative mechanism is effectively solve potential for different security attacks, its accountability, key exposure and key escrow issues. Meantime it helps to availability and may affect data integrity. In this method minimize client decoding overhead. Compare with CP- practical and secure billing model, using homomorphic ABE systems establishes that our systems have slightly encryption in a data processing cloud-based framework. better performance on mobile devices regarding based on If changing billing management to cloud securely, with cloud-sourced data sharing.[1] In this method for cloud the statistical calculations and data retrieval on-demand is storage, an encrypted data sharing system from the important strength of this framework.[4] experimental proxy broad cast re-encryption techniques In this proposed method calculate the cryptographic is presented. This system is not only attained sharing primitive, is called the Public Key Encryption along with broad cast system through the merits of encryption Keyword Search (PEKS), its effective method for cloud broadcast, but also attain dynamic sharing without storage.[5] In cloud storage for searchable secure data changing the public encryption keys an adding a user and encryption, a (PEKS) is known primitive cryptographic. an eliminating a user based on sharing groups [6] From an insecurity, the PEKS frameworks are suffers dynamically. [2] called the Keyword Guessing Attack(KGA) through a The CP-ABE is assuring cryptographic technique malicious server.[5] unfortunately, the subject it is an for access fine grains control of data outsources in the inherently to the (inside) off-line (KGA), it is for against cloud. The client's front-end devices generally the user's data privacy. For conducting with the security smartphones have privacy protection, so that if they problems, it can suffer from real applications and low apply private keys.[1] efficiency. [6] However, from re-encryption proxy technology, our This new framework PEKS to use for Security system enables the cloud server (proxy) to share directly vulnerability is named Dual Server Public key encrypted data to the target users no need data owner Encryption keyword search (DS-PEKS).[5] On this same intervention, so that the sharing performance improves security vulnerability through formalising a PEKS greatly. Meantime security and correctness proceed. scheme called a Server-Aided (SA-PEKS). This SA- Encrypted data sharing is an important demand by using PECS is to generate keyword trapdoor/ciphertext, to cloud storage, where the system designed to the demand query needs the users, called Keyword Server (KS) by satisfaction. In cloud storage, the cloud is a semi-trusted campaigning an authentification protocol & offline KGA posse, to defend data through users, besides data are could be calculated.[6] The other part is smooth encrypted being transferred to a cloud server.[2] projective hash functions (SPHF). its concerned as a The data owner sensitive data are beginning homomorphic SPHF and linear. Then secure generic encrypted utilising on attribute-based multiple policies construction DS-PEKS from SPHF. [5] with encryption, and then outsourced to cloud storage. Initialize a universal transformation through the So that whose attributes are satisfied that policy can PEKS system to secure SA-PEKS system applying for decrypt from the ciphertext. Its attribute based on the blind signature determination.[6] The encrypted data signature technique, and attributes authorised users in the with various users through the cloud storage, for security, signature to satisfy the policy could renew the ciphertext. concerns an inadvertent data leaks in this cloud. The In particularly most of the decryption, encryption & various encryption keys to used for various documents, signing computations are outsourced through the end such as securely distributing the maximum number of devices into fog nodes, such as for data owners into keys use for search and both encryption, and users would encrypt the computations, end users into re-encrypt, have to store the received keys securely and keyword

29 International Journal of Pure and Applied Mathematics Special Issue

trapdoors large number an equally submit to perform the In the access control system as discussed in [10], shared data. This implied needed for storage, data access control is a difficult way to prove data communication and clearly renders a complexity security. Functional Encryption is a new cryptographic approach. In this method for address the issues, which in technique that supports encrypted data’s fine-grained the literature neglected largely, as well as proposed the access control in the cloud. In the functional encryption, novel concept of Key Aggregate Searchable Encryption every ciphertext is given with an access policy [10], a (KASE), & KASE system instantiation concept, in where decryptor can access the data, only if the decryptor’s the data owner needs to deliver a single key into a secret key is same with the access policy. However, the maximum number of documents. However, the user functional encryption cannot be implemented directly to needs only a single trapdoor into a cloud for the shared develop the access control scheme since the access document querying.[7] policy's exposure contain sensitive information. Here the For security purposes, data owners (Dos) generally policy privacy problem is addressed and a mechanism have to their encrypt data before source to the sure Cloud named multi-authority vector policy (MVP) that provides Serves (CSS). However, the encrypted data searching by expressive and hidden access policy for functional the encryption for the challenging tasks. Nowadays to encryption. At first, each access policy is encoded as a enable the searching all over encrypted data the various form of a matrix, and from the matrix, the decryptors can methods have been applied. Anywhere these systems only obtain results matching. Then based on the multi- majorities are determined to not a similarity search; it is authority spatial policy, the novel function encryption handling a demand search. However, the next level of scheme is designed [11]. future generation it is significant for real-world users. In Through integrating cloud computing and mobile this method an efficient, secure system to encrypted computing, the mobile applications range can be search cloud data, when retrieving the typographical extended, but also have several challenges in cloud errors and misspellings that frequently exists both source computing such as data privacy and data integrity. To data and search request. To use metric space into a design a safe and efficient data distribution system in concept of a tree-based index, it recovering only the mobile cloud computing, a new proxy re-encryption distance calculations minimum number with the relevant based cryptographic technique is presented that provides entries. Embedded string techniques are used to data authentication, data integrity, data privacy and applicable entries for securely and efficiently. Our index efficient data distribution with access control [12]. structure maintained the keyword trapdoors and stored To provide owners of data stored in the cloud with the data. [8] flexible access control [10][11] to their data by other As the amount of encrypted files stored in the cloud users, a role-based encryption technique is proposed for becomes large, this will affect the query processing. A secure cloud storage. The technique allows the owner to new cryptographic method called encryption technique store the data in an encrypted form in the cloud and based on an attribute with outsourcing decryption and access to the stored data is granted to users with specific outsourcing key-issuing by which the key search function roles. A set of roles are specified by the method so that can be implemented. The advanced KSF-OABE scheme the users assigned with the roles with each role having a is proved to be safe against chosen-plaintext attack [9]. set of permission. The data that is encrypted can be Secure cloud storage is an effective tool to improve decrypted only by the users with specific roles [13]. collaborations with more users with an increase in Many health organisations have begun to store productivity. Access control system [10] can be electronic health records to cloud-based storage systems. implemented with encryption based on attribute [9]. In The important security issue in storing electronic health the access control system, data is encrypted and uploaded records to cloud-based storage systems is that how to with an access policy by the user to the cloud, so that one secure and prevent unauthorised access to electronic who satisfying that access policy can decrypt the data. health record data stored in a public cloud. Many When a recipient wants to allow another person who is cryptographic access control schemes [11][13] have been unauthorised by the access policy, the recipient will have suggested to secure the data stored in the cloud by to extend the access policy by creating a new policy combining cryptographic techniques with access control including the new person and thus the concept of an models. Here a new role-based encryption technique [13] extendable access control system. The key problem in the to construct a flexible and secure large-scale electronic integrity protection while extending the access policy is health record system so that in the cloud environment, that the cloud cannot decrypt the cypher text even though role-based access control policies are implemented [14]. the extended access policy protecting the same data as Internet of things has become a unique computing the original access policy. Here to address the problem an service that requires large volumes of data storage. Due Extendable Access Control System with Integrity to unique characteristics of self-organisation resource Protection is proposed. This method is constructed on top constraints and short-range communication in IOT, it of a new cryptographic model that is the Functional Key always falls back to the cloud for computation and Encapsulation with Equality Testing [10]. outsourced storage. The architecture and privacy requirements and the unique security for the next

30 International Journal of Pure and Applied Mathematics Special Issue

generation of mobile technologies on cloud-based IOT is discussed here. This cloud-based IOT addresses the issues in forwarding the secure packet and effective privacy-preserving authentication by incorporating a new effective privacy-preserving data aggregation without using the public key homomorphic encryption [15].

3. Methodology

To overcome the disadvantage in the symmetric algorithm we propose Asymmetric Encryption based Elliptic Curve Cryptography (ECC) algorithm. The ECC algorithm uses elliptic curves to generate the cryptographic key. Miller and Koblitz introduced the grouping of points in the elliptic curve which is defined over the finite area with discrete logarithmic functions in Figure 5. Property 2 of ECC the year 1980. An elliptic curve is considered as a solution set for Two points A and B were selected and to perform the defined non-singular cubic polynomial equation with addition over these points a straight line is drawn two points on the field A. In short, the elliptic curve is intersecting these two points over the elliptic curve. The considered as a discretised set of the solution in the form lines will intersect on three points on the curve based on y2=x3+ax+b. the property 1. Consider this third point and mirror the An important property was derived using this curve; point value on the x-axis provides the addition of the two if we draw a straight line across the curve intersect at two points selected. Figure 6 shows the addition of two points points, then the line will also intersect the curve at the in the elliptic curve. third point which may on the curve or at infinity point. Figure 4 shows the description of the property.

Figure 6. Elliptic curve addition

Figure 4. Property 1 of ECC Considering the figure 6 the point B on the elliptic curve is the resultant value of Point A by adding itself. Then the second property explains that the curve is Based on figure 6 the property was derived as follows in symmetric form, i.e., The point P is placed as P(a, b) A ⊕ A=B then -P will be marked at -P(a,-b). Figure 5 shows the A ⊕B= A ⊕ A ⊕ A=C representation of property 2. A ⊕C=A ⊕ A ⊕ A ⊕ A=D These properties can be used to define algorithms to frame public and private keys in the asymmetric A ⊕ D= A ⊕ A ⊕ A ⊕ A ⊕ A=E cryptography algorithms. Point selection over the elliptic The elliptic curve cryptography is defined as curve is made, and the key is generated using the selected follows point over the elliptic curve. D = (q, Fr, S, a, b, P, n, h) Were q is the prime number or power 2 of k, Fr be the field representation, S is optional and represents the bit string of size 160 bits, a and b are the coefficients on the selected curve, P is the base point on the elliptic curve represented as (Px, Py), n is the order of point P, and h is

31 International Journal of Pure and Applied Mathematics Special Issue

the cofactor of the coefficients a and b. The steps to of generating the key is 1000 time faster than the RSA generate key and validation of the key is represented algorithm. below. Application of ECC algorithm in Cloud Algorithm 1: Key generation  Select variable d which should be d ϵ [1,n−1] ECC algorithm undergoes the four-step procedure to  Compute variable Q provide security in cloud architecture. The four steps Q = dP include Connection generation, account creation,  Return Q and d authentication and data exchange. Two initial steps were Were Q is assigned as public key and d are assigned as a undergone for the first time connection. Connection private key for current communication. generation and account creation were performed by the Algorithm 2: Validation of Public key user to generate a cloud application interface. HTTPS  Check Q ≠ d. and SSL protocols are used to generate communication  Check Qx and Qy are elements of Fq. with the cloud systems. The third process is  Check Q satisfies the elliptic curve equation with authentication. The authentication is performed by input parameters a and b. applying the connection ID which is generated during the  Check nQ = ∞. account creation process. And the ECC algorithm plays  If any validation fails at the data exchange process. The Data was encrypted Then return invalid and shared with the cloud storage, and the user who Else downloads the data from the cloud should decrypt the Return valid. downloaded data with the appropriate private key. The sender encrypts the data with the public key, and the user Advantages of ECC Algorithm decrypts it using the private key. The data in the middle (in cloud storage) is in the form of chipper data. This Many cryptographic algorithms are introduced to perform provides the security in handling cloud storage or asymmetric key generation for encryption and decryption virtualisation. process. In that RSS algorithm is a widely used method The method was tested by generating an embedded for cryptographic function. But the RSS algorithm needs system using cc3200 launchpad. The sensors like more powerful processors and the memory unit. To temperatureand accelerometer connected with the overcome these limitations ECC based algorithm is CC3200 launchpad and the recorded sensor data was developed to provide the tighter encryption technique encrypted using the ECC algorithm, and the encrypted which challenges the hackers technologies. In 2010 the data was then stored in the think speak cloud storage. researchers in cryptosystem concluded that the keys with And the data was retrieved back from the thingspeak longer size would provide maximum security over the cloud storage and decrypted back with the private key. attack, but the theory is no longer succeed. Lengthening The performance of the system was measured using the of key size results to the undesirable effects on NS2 simulator. A cloud architecture was designed using encryption. In the case of RSA algorithm doubling the NS2 simulator, and the performance metrics for the size of the key decreased the performance of the framed architecture is measured and plotted as a graph. algorithm. The advantage of the ECC algorithm based on the key size is analysed to better than the RSS algorithm. 4. Result and Discussion Table 1 shows the performance of the RSS and the ECC algorithm based on the key size. The ECC based secured cloud system was developed using the NS2 simulator with the set parameters Key Size of The key size The ratio of represented in table 2. ECC of RSS the key size 160 1024 1:6 Propagation Two Ray Ground 224 2048 1:9 MAC Type 802.11 256 3072 1:12 Queue Type Drop Tail/Pri Queue 384 7680 1:20 Antenna Type Omni Antenna 512 15360 1:30 Queue Length 500 No of nodes 50 Table 1 clearly shows that the performance of the Routing Protocol DSDV ECC algorithm is higher than the RSS algorithm even in Plotting Area 1000*1000 smaller key size. Increasing the key size of ECC Simulation Time 16s increases the performance of it, but the RSS needs to Packet Size 100 bytes increase more than double the value of it to match the Interval 0.05s performance of the ECC algorithm. Moreover, the speed

32 International Journal of Pure and Applied Mathematics Special Issue

The performance metrics like throughput, packet were calculated in the packet loss ratio. Figure 8 shows delivery ratio, packet loss ratio, the end to end delay, the packet delivery ratio, and Figure 9 shows the packet residual energy is measured and plotted as the graph. The loss ratio compared for the algorithms like ECC, RSS and performance metrics of the ECC algorithm is compared Honey. The packet loss increases in RSS algorithm with the RSS algorithm and symmetric key algorithm because the size of the chipper text is more compared to namely Honey encryption. the ECC algorithm. So, loss in single packet results in The Throughput is the maximum speed achieved by loss of more bytes of data. the network. It also refers to the bandwidth consumed by the nodes in the network. Figure 7 represents the throughput plot of ECC algorithm compared with RSS and Honey encryption. The Throughput of the ECC algorithm provides the maximum throughput level of 350 kb/s.

Figure 9. Packet Loss Ratio

Residual energy is the amount of energy consumed by the network during the simulated time. The energy consumption of the network varies based on the Figure 7. Throughput performance of the implemented algorithms and the amount of data transferred between each node and the The RSS algorithm takes more time to execute and distance travelled by the packet from sender to requires larger packet size increases the network delay destination node. Figure 10 shows the residual energy this leads to decrease in throughput which is made very consumed by the network for different encryption closer to the performance of symmetric Honey algorithms. The initial energy is set as 1000 Joules. encryption technique. From the figure 10, it shows that RSS algorithm consumes more power than the symmetric Honey cryptography and ECC consumes very less energy than RSS and Honey. The RSS posses more complex algorithm procedures which makes the nodes controller unit process heavily this results in consumption of higher energy in the network. Honey encryption needs the bigger key to produce higher performance compared to the ECC algorithm.

Figure 8. Packet Delivery Ratio

Packet delivery ratio is the amount of data transmitted successfully between the sender and receiver nodes. Packet loss ratio is inversely proportional to the packet delivery ratio. The dropped packets or lost packets

33 International Journal of Pure and Applied Mathematics Special Issue

encrypted using the ECC algorithm and uploaded to the thingspeak cloud storage. And the stored value is retrieved from the thingspeak cloud storage, and ECC decryption is applied over it, and the original data is retrieved back. A chipper text is stored in the cloud memory thus the unauthorised user cannot retrieve the original data from the cloud storage which provides security for the stored data in the cloud memory. Figure 12 and 13 shows the commands used to upload and download the data from the thingspeak cloud storage. Figure 14 shows the graphical representation of the stored data in the thingspeak cloud storage.

Figure 10. Residual Energy

End to end delay is the measure of time taken in packet transmission between the sender and receiver in the unidirectional fashion. The delay was measured for every successful transmission in the network. The packet loss in the network increases the delay, and higher delay will affect the throughput of the network. Figure 11shows the end to end delay measured for ECC, RSS and Honey encryption algorithm.

Figure 12. Sending chipper text to cloud

Figure 13. Received data from the cloud

Figure 11. End to End Delay

From all the parameters measured from network simulator proofs that the ECC algorithm is more effective in using for cloud based wireless sensor network. ECC provides less complex algorithm with higher security rate which increases the performance of the network. The algorithm is implemented as a hardware model to check the performance of the system in real time environmental scenario. The CC3200 launchpad comprises of the inbuilt temperature sensor and MEMS Accelerometer. The sensor values were collected and

34 International Journal of Pure and Applied Mathematics Special Issue

[1] G. Lin, H. Hong, and Z. Sun, “A Collaborative Key Management Protocol in Ciphertext Policy Attribute-Based Encryption for Cloud Data Sharing,” IEEE Access, vol. 5, no. 3, pp. 9464–9475, 2017.

[2] D. of E. E. Jiang, Linmei; Xiamen University, School of Information Science and Engineering; Huaqiao University, School of Computer Science and Technology Guo, Dong-Hui; Xiamen University, “Dynamic Encrypted Data Sharing Scheme Based on Conditional Proxy Broadcast Re-Encryption for Cloud Storage,” IEEE Access Manuscr., vol. 5, no. 2, pp. 13336–13345, 2017.

[3] Q. Huang, Y. Yang, and L. Wang, “Secure Data Figure 14. Representation of stored value in cloud Access Control with Ciphertext Update and Computation storage Outsourcing in Fog Computing for Internet of Things,” IEEE Access, vol. 5, no. 3, pp. 12941–12950, 2017. The time delay taken by the CC3200 launchpad is measured and plotted as a graph and shown in figure 15. [4] A. Alabdulatif, H. Kumarage, I. Khalil, M. The total time taken to collect the sensor data, encrypt the Atiquzzaman, and X. Yi, “Privacy-preserving cloud- data with the ECC algorithm and upload to the based billing with lightweight homomorphic encryption thingspeak cloud storage and download the stored data, for sensor-enabled smart grid infrastructure,” IET Wirel. decrypt using the private key is measured Sens. Syst., vol. 7, no. 6, pp. 182–190, 2017. [5] [6] R. Chen, Y. Mu, G. Yang, F. Guo, and X. Wang, “Dual-server public-key encryption with keyword Search for secure cloud storage,” IEEE Trans. Inf. Forensics Secur., vol. 11, no. 4, pp. 789–798, 2016.

[7] R. Chen et al., “Server-aided public key encryption with keyword search,” IEEE Trans. Inf. Forensics Secur., vol. 11, no. 12, pp. 2833–2842, 2016.

[8] B. Cui, Z. Liu, and L. Wang, “Key-Aggregate Searchable Encryption (KASE) for Group Data Sharing via Cloud Storage,” IEEE Trans. Comput., vol. 65, no. 8, pp. 2374–2385, 2016.

[9] A. Ibrahim, H. Jin, A. A. Yassin, D. Zou, and P. Xu, “Towards EfficientYet Privacy-Preserving Figure 15. Delay measured in CC3200 Approximate Search in Cloud Computing,” Comput. J., vol. 57, no. 2, pp. 241–254, 2014. 5. Conclusion [10] J. Li, X. Lin, Y. Zhang, and J. Han, “KSF- Even though many chances had been created at OABE: Outsourced Attribute-Based Encryption with delivering a secured environment for cloud activities, Keyword Search Function for Cloud Storage,” IEEE Elliptical Curve Cryptography gives solutions for a Trans. Serv. Comput., vol. 10, no. 5, pp. 715–725, 2017. secured cloud environment with enhanced performance in battery resource usage and computing power. Also, it [11] W. Susilo, P. Jiang, F. Guo, G. Yang, Y. Yu, and uses a short encryption key that is faster and needs less Y. Mu, “EACSIP: Extendable Access Control System computing power. Elliptical Curve Cryptography had with Integrity Protection for Enhancing Collaboration in provided a strong and safe model for the incorporation the Cloud,” IEEE Trans. Inf. Forensics Secur., vol. 12, and development of secured application in the cloud. no. 12, pp. 3110–3122, 2017.

Reference [12] J. Wang, C. Huang, K. Yang, J. Wang, X. Wang, and X. Chen, “MAVP-FE: Multi-authority vector policy functional encryption with efficient encryption and

35 International Journal of Pure and Applied Mathematics Special Issue

decryption,” China Commun., vol. 12, no. 6, pp. 126– 140, 2015.

[13] J. Zhang, Z. Zhang, and H. Guo, “Towards Secure Data Distribution Systems in Mobile Cloud Computing,” IEEE Trans. Mob. Comput., vol. 16, no. 11, pp. 3222–3235, 2017.

[14] L. Zhou, V. Varadharajan, and M. Hitchens, “Enforcing role-based access control for secure data storage in the cloud,” Comput. J., vol. 54, no. 10, pp. 1675–1687, 2011.

[15] L. Zhou, V. Varadharajan, and K. Gopinath, “A secure role-based cloud storage system for encrypted patient-centric health records,” Comput. J., vol. 59, no. 11, pp. 1593–1611, 2016. [16] J. Zhou, Z. Cao, X. Dong, and A. V. Vasilakos, “Security and Privacy for Cloud-Based IoT: Challenges, Countermeasures, and Future Directions,” IEEE Commun. Mag., vol. 55, no. 1, pp. 26–33, 2017.

36 International Journal of Pure and Applied Mathematics Special Issue

37 38