Content uploaded by Ali Kadhim Bermani
Author content
All content in this area was uploaded by Ali Kadhim Bermani on Jul 09, 2021
Content may be subject to copyright.
Full Terms & Conditions of access and use can be found at
https://www.tandfonline.com/action/journalInformation?journalCode=tdmc20
Journal of Discrete Mathematical Sciences and
Cryptography
ISSN: (Print) (Online) Journal homepage: https://www.tandfonline.com/loi/tdmc20
A hybrid cryptography technique for data storage
on cloud computing
Ali Kadhim Bermani, Tariq A. K. Murshedi & Zaid A. Abod
To cite this article: Ali Kadhim Bermani, Tariq A. K. Murshedi & Zaid A. Abod (2021): A hybrid
cryptography technique for data storage on cloud computing, Journal of Discrete Mathematical
Sciences and Cryptography, DOI: 10.1080/09720529.2020.1859799
To link to this article: https://doi.org/10.1080/09720529.2020.1859799
Published online: 26 Mar 2021.
Submit your article to this journal
View related articles
View Crossmark data
©
A hybrid cryptography technique for data storage on cloud computing
Ali Kadhim Bermani *
Tariq A. K. Murshedi †
Department of Information Networks
College of Information Technology
University of Babylon
Babylon
Iraq
Zaid A. Abod §
Department of Dairy Science and Technology
College of Food Science
University of Al-Qasim Green
Al Qasi
Iraq
Abstract
Cloud computing security has received great attention by researchers in the past few
years due to the importance of the data used and the increasing use of cloud computing,
which has become the provision of many services and in various fields. So, data Security
is a major issue in storing data on clouds. Cryptography techniques are among the most
important ways to provide data security on cloud. This paper presents a data protection
model where data is encrypted using a hybrid cryptographic algorithm which is composed
of Advanced Encryption Standard (AES), Blowfish and Message-Digest algorithm (MD5).
Thus, this model provides speed and robust data encryption.
Subject Classification: Primary 13A17, Secondary 17D20.
Keywords: Cloud computing, Cryptography, Hybrid algorithm, Data security.
*E-mail: ali.k.bermani@gmail.com, ali.k.bermani @uobabylon.edu.iq
(Corresponding Author)
†E-mail: tariq.murshedi@uobabylon.edu.iq
§E-mail: zaid@uoqasim.edu.iq
Journal of Discrete Mathematical Sciences & Cr yptography
ISSN 0972-0529 (Print), ISSN 2169-0065 (Online)
DOI : 10.1080/09720529.2020.1859799
2 A. K. BERMANI, T. A. K. MURSHEDI AND Z. A. ABOD
1. Introduction
After the use of cloud computing it becomes part of our daily life
utilization and in many fields, including health, financial, real estate,
military and many others, the interest of researchers in data security in
cloud computing has increased and ways to encrypt that data and how to
increase the speed of its encryption.
Cloud computing is an internet-based concept where cloud
computing provides a variety of services over the Internet, including
programs, systems, data storage and many more programs[1]. Cloud
computing provides different services; these services put forward three
models (i)Software as Service (SaaS): In this type of cloud service, the use
cannot manage the component, services, memory and operating system
in the cloud network. There are partial settings that can be managed by
the user[2] (ii) Platform as service (PaaS): enables users to build many
applications using different programming languages. These applications
can be created by various services, tools and libraries that are supported
by service provider. For example, Python language is one of programming
language to build applications in Google App engine. (iii)Infrastructure as
service (IaaS): This type considers the core engine for the cloud virtually.
It includes the virtual servers, limited storage and processing capacity.
Cryptography is the science that depends on preserving data from
being stolen and interpreting by unauthorized persons, and it is done by
converting that data from its readable and understandable form to a form
that is not understandable to undesirable persons. Mathematics is used
for those transfers, where the process of converting the understandable
data into the incomprehensible with help of secret key is called
“Encryption” process. The reverse process of it, which is converting the
incomprehensible data into the comprehensible with help of secret key, is
called “Decryption”. Cryptography is classified into four classes according
to the type of key used or non-key, which are symmetric encryption,
asymmetric encryption, hash function and hybrid encryption.
a) Symmetric key encryption or secret key encryption utilizes one key
for encryption and decryption process and it is the same key for
encryption and decryption. In this type of encryption, the sender
and recipient use the same key for encryption and decryption as
shown in Figure 1. The most popular algorithms that rely on the
symmetric encryption principle are: Data Encryption Standard
A HYBRID CRYPTOGRAPHY TECHNIQUE FOR DATA STORAGE 3
(DES), Advanced Encryption Standard (AES), Triple Data Encryption
Standard (3DES), Blowfish (BF), etc.
b) Asymmetric key encryption or public key encryption uses different
keys like using public key for encryption process and private key for
decryption process. As its name explains, the public key is available
to everyone while the private key is the key only for authorized
persons. Figure 2 shows asymmetric encryption. The most popular
algorithms that rely on the asymmetric encryption principle are:
Rivest, Shamir, & Adleman (RSA), Diffi- Hillman(DH), Elliptic
Curve Cryptography.
c) Hashing encryption is one of the types of encryption and is
distinguished from the rest of the types of encryption by not requiring
a key in the encryption process, but rather using the hash function
to convert the plain text into series of random characteristics with a
fixed sized of length. It is a mathematical algorithm that maps data
of arbitrary size to a hash value of a fixed size called message digest
(one way function). With a message digest, it is hopeless to get back
or find the authentic string. The most popular algorithms that rely
on hashing encryption principle are: Message Digest (MD5), Secure
Hash Algorithm (SHA).
Figure 1
Symmetric encryption.
Figure 2
Asymmetric encryption.
4 A. K. BERMANI, T. A. K. MURSHEDI AND Z. A. ABOD
d) Hybrid encryption is one of the types of encryption, which enables
us to use more than one algorithm, either of the same type of
encryption or different types. In this type, it is possible to take
advantage of the strength and speed of one algorithm with others to
increase the strength of the encryption.
The rest of the paper has been organized as follows: Section 2 presents
related works. In Section 3, we describe overview of the algorithms used
in the proposed system. In section 4, we review the proposed system.
Section 5 we describe the results. Finally, we conclude and describe goals
achieved by our technique in section 6.
2. Related works
There are many researches which focused on using hybrid algorithms
to increase the security and speed of implementation of encryption in the
cloud computing environment such as the following researches.
Shivam Sharma,[3] presented a hybrid algorithm, which includes the
algorithms (AES, AES, DES, and RC4), which works together to encrypt
files by downloading the file from the cloud, and then dividing the file
into three sections, and each of the three sections is encrypted by an
algorithm and then the three encrypted sections are combined into one
file and re-uploaded to the cloud. The best execution time was achieved
by combining AES, DES, and RC4 algorithms and it was less time than
executing the AES algorithm alone.
Ali A. Taha, et al.[4] present a hybrid cryptography algorithm where
they use more than one model and more than one algorithm, as they use
algorithms Triple DES & Krishna hybrid algorithm, and again use AES
& Krishna as hybrid algorithm, and also they use Triple DES & RSA as
another hybrid algorithm and Blowfish and Krishna hybrid algorithm.
According to the abovementioned hybrid algorithms, they have proven
that the hybrid algorithm that combines AES, Blowfish and Krishna is the
best algorithm as it has proven the speed and strength of its encoding.
Harpreet Kaur,[5] proposed a method that is implemented for
ensuring the data security of the files being uploaded to the cloud by
different clients. This method uses hybrid algorithm of encryption using
blowfish and MD5 methods. The experimental results of the proposed
method show that size of the encrypted file is decreased by approximately
7% as compared to that of existing technique. Also, the time taken by the
proposed method of MD5 with blowfish, in encryption and decryption
A HYBRID CRYPTOGRAPHY TECHNIQUE FOR DATA STORAGE 5
of the text file, is approximately 42% lesser than that of the existing Diffie
Hellman with AES technique. With the use of MD5 method along with
blowfish, the total time for encryption and decryption of text files is
reduced by approximately 33% as compared to the existing technique,
So, the experimental results of our research work show that the proposed
technique of blowfish with MD5 outperforms the existing technique in
terms of storage space and time delay.
3. Overview of algorithms
In this study we proposed a technique by using three encryption
algorithms together. These algorithms are: Advanced Encryption Standard
(AES), Blowfish and Message-Digest algorithm (MD5). In this section we
will review the algorithms used in our proposed system.
3.1 Advanced Encryption Standard (AES)
Advanced Encryption Standard is one of the symmetric block
encryption algorithms. It presented In December 2001 by National Institute
of Standards and Technology (NIST). It encrypt blocks of plaintext, each
block Contains of 128bits and using different value of key 128 bit(16 byte),
192 bit (24 byte) or 256 bit (32 byte) depending on the number of rounds
10, 12 or 14 rounds. Advanced Encryption Standard algorithm authorizes
a 128 bit data (plain text) length, and divides into four blocks. These blocks
are patronize as array of bytes and organized as a matrix of the order of
4×4 that is called the state. To increase the protection in encryption, for
each 128 bit plain text (block) AES uses four types of transformations in
each round. These transformations are [6]:
1. Substitution bytes (SubBytes): data block in Advanced Encryption
Standard algorithm consists 128 bit; this means that each block of
data contains 16 bytes. In subbyte transformation, each 8-bit (Byte)
in a block of data transforms into another block using an 8-bit (Byte)
substitution box which is called as Rijndael S-box.
2. Permutation (Shift Rows): Each of the four rows of the matrix
is rotated to the left. After this process the outcome is a matrix
consisting of 16 bytes.
3. MxCloumns: This process is a simple substitution one. Each column
of matrix is transformed using a matrix multiplication by using
6 A. K. BERMANI, T. A. K. MURSHEDI AND Z. A. ABOD
(finite GaloisField-GF(28)). After this process, the outcome will be a
matrix consisting new matrix contains sixteen new bytes.
4. AddRoundKey: Here, the XOR process operates among state and
round key matrix.
These four stages are repeated in each round which their number 10,
12, or 14, depending on the size of the key 128, 192, and 256 bits. Figure 3
shows Advanced Encryption Standard encryption algorithm.
The AES algorithm is one of the most secure and always preferred
encryption algorithms for securing important data [8]. The AES algorithm
is characterized by flexibility and scalability and is considered the fastest
algorithm in implementation and therefore can be implemented easily
and uses less memory[6].
3.2 Blowfish (BF)
In 1993 Bruce Schneider developed algorithm called Blowfish
algorithm. Blowfish algorithm is a symmetric block cipher algorithm. It
uses the same secret key to both encryption and decryption of messages.
It is Feistel Structured algorithm and has block cipher uses 64-bit of data
with 16 round and the key length is fluctuating from 32 bits and can be
as long as 448 bits [9]. The BF algorithm contains mainly two phases: data
encryption phase and key expansion phase. in the Key expansion phase
converts a variable-length key which in common 56 bytes (448 bits) into
Figure 3
Encryption in Advanced Encryption Standard [7].
A HYBRID CRYPTOGRAPHY TECHNIQUE FOR DATA STORAGE 7
an array of sub-keys called P-array consists of eighteen 32-bit sub-keys
totaling 4168 bytes. There are also four 32-bit S-boxes. The second phase
of the Blowfish routine that is a data encryption is done through 16 Fiestel
network rounds, a swap operation and two exclusive-or operations.
The 32-bit input will be divided into four equal parts (8 bits each) by
the F function. These four values are then used for table lookup in their
corresponding S-Boxes. A graphic representation of Blowfish is given in
Figure 4.
3.3 Message-Digest algorithm (MD5)
In 1991, Ron Rivest developed Message digest 5 or MD5 which is
considered as one of hashing (message-digest) algorithm. This algorithm
takes input data of any length and outputs to be digestible with a fixed
length of 128 bits The MD algorithm uses a 512-bit block size that will be
manipulated and produced 16 subblocks, each subblock is 32 bits. The
MD5 algorithm is developed to replace its predecessor MD4.
Figure 4
Encryption in blowfish algorithm[7].
8 A. K. BERMANI, T. A. K. MURSHEDI AND Z. A. ABOD
4. Proposed approach
In this paper, one of the types of encryption is used, which is hybrid
encryption, this type combines two methods of encryption. In this type
more than one algorithm can be used, whether of the same type or of
different types, and this method is used to increase the security in the
cloud computing. In this study symmetric and hashing encryption was
used as well as more than one encryption algorithms uses Advanced
Encryption Standard (AES), Blowfish (BF) and Message-Digest algorithm
(MD5).
4.1 The Encryption Process
In the encryption process, the process was done on a set of steps
as shown in Figure 5, where it begins first with downloading the file to
be encrypted and then dividing this file into three sections using the file
system module. Each of these sections is encrypted into three types of
encryption algorithm (Advanced Encryption Standard (AES), Blowfish
(BF) and Message-Digest algorithm (MD5)). After that, the sections after
merging are combined into one file and re-loaded to cloud.
4.2 The Decryption Process
In the decryption process, it is performed with steps opposite to the
encryption process. The encrypted file is first downloaded, and then the
Figure 5
Encryption Process of the Proposed Technique.
A HYBRID CRYPTOGRAPHY TECHNIQUE FOR DATA STORAGE 9
file is divided into three sections, and these sections are distributed for
decoding according to the encrypted algorithm (AES, Blowfish and MD5).
Figure 6 shows decryption process of the proposed technique.
5. The Result and Discussion
There is no doubt that security is not the only concern of cloud
computing users, with the use of technologies that support information
security in the cloud computing may lead to reducing the speed of data
transfer as it takes time to encryption and decryption data, so the time
factor has become important when we use encryption technologies .In this
study, algorithms were chosen taking into consideration their capabilities
from encryption speed and decryption. To clarify the capabilities of the
proposed system, the encryption process was implemented for files
of different sizes and was encrypted by the AES, Blowfish and MD5
algorithms, as well as with the proposed system and table 2 shows
comparison performance of encryption execution time for files by
algorithms and the proposed technique.
In this study, we conducted the performance test on three algorithms
that are AES, blowfish and MD5 as well as hybrid algorithm proposed with
different size of files. We tested files of sizes 1, 3, 5, 7,9 and10 Megabyte on
the mentioned algorithms to gauge the execution speed of the algorithms.
Figure 6
Decryption Process of the Proposed Technique.
10 A. K. BERMANI, T. A. K. MURSHEDI AND Z. A. ABOD
The hybrid algorithm and other algorithms were implemented through the
Java language and tests were on following computer core i5 as processor
with speed of 2.50 GHz and 8GB RAM.
While the decryption process was implemented for files which
encrypted in encryption process of different sizes by the AES, Blowfish and
MD5 algorithms, as well as with the proposed system and table 3 shows
comparison performance of decryption execution time for encrypted files
by algorithms and proposed technique.
Table 2
Comparison performance of encryption execution time for files by algorithms
and proposed technique.
File Size
(MB)
Times in second
AES Blowfish MD5 Hybrid
1 1.263 1.225 1.213 1.24
3 1.28 1.24 1.244 1.259
5 1.289 1.277 1.275 1.26
7 1.295 1.31 1.282 1.27
9 1.309 1.325 1.291 1.29
10 1.322 1.361 1.308 1.30
Table 3
Comparison performance of decryption execution time for encrypted files by
algorithms and proposed technique.
File Size
(MB)
Times in second
AES Blowfish MD5 Hybrid
1 1.001 0.967 0.998 0.97
31.016 0.981 1.013 0.99
51.021 1.02 1.014 1.001
71.032 1.045 1.016 1.012
91.047 1.066 1.03 1.028
10 1.052 1.1 1.038 1.036
A HYBRID CRYPTOGRAPHY TECHNIQUE FOR DATA STORAGE 11
6. Conclusions
Security is a very important issue in the data storage of cloud
computing, which has increased the interest of researchers to provide
many technologies that can help increase the speed and strength of data
encryption in the cloud. In this paper hybrid cryptography is proposed
using Advanced Encryption Standard (AES), Blowfish, and Message-
Digest algorithm (MD5) algorithms. This hybrid cryptography is a
combination of symmetric encryption and hashing encryption provides
efficiency and speed to encryption process.
References
[1] AbdElnapi, N. M., Omara, F. A., & Omran, N. F. (2016). A
hybrid hashing security algorithm for data storage on cloud
computing.International Journal of Computer Science and Information
Security (IJCSIS),14(4).
[2] Jassem, Yasser Hassen, And Alharith Abdulkareem Abdullah.
“Enhancement Of Quantum Key Distribution Protocol For Data
Security In Cloud Environment.”, Icic International, Volume 11,
Number 3, March 2020.
[3] Sharma, S., Singla, K., Rathee, G., & Saini, H. (2020). A Hybrid
Cryptographic Technique for File Storage Mechanism Over Cloud.
In First International Conference on Sustainable Technologies for
Computational Intelligence (pp. 241-256). Springer, Singapore.
[4] Taha, Ali Abdulridha, Diaa Salama AbdElminaam, and Khalid M.
Hosny. (2017). “NHCA: Developing New Hybrid Cryptography
Algorithm for Cloud Computing Environment.” (IJACSA)
International Journal of Advanced Computer Science and Applications
8.11.
[5] Harpreet Kaur. (2017) “A Novel Technique of Data Security in Cloud
Computing based on Blowfish with MD5 method”, International
Journal of Advance Research, Ideas and Innovations in Technology,
Volume 3, Issue 6.
[6] Tamilselvi.S, (2017). “Data Storage Security in Cloud Computing
Using AES”, International Journal of Advanced Networking & Applications
(IJANA) Volume: 08, Issue: 05 Pages: 124-127.
12 A. K. BERMANI, T. A. K. MURSHEDI AND Z. A. ABOD
[7] kadhim Bermani, A., Manaa, M. E., & Al-Salih, A. (2020).
Efficient cryptography techniques for image encryption in cloud
storage.Periodicals of Engineering and Natural Sciences,8(3), 1359-1373.
[8] Mote, Rutuja, Ambika Pawar, and Ajay Dani. (2016). “Review of
security and privacy techniques in cloud computing environment.”
In Proceedings of First International Conference on Information and
Communication Technology for Intelligent Systems: Volume 1, pp. 543-
551. Springer, Cham.
[9] Manaa, M. E., & Jwdha, R. H. (2019). A Robust Documents Secure
Approach Using Blowfish Algorithm in the Cloud Computing.Journal
of Computational and Theoretical Nanoscience,16(3), 823-830.
[10] Shubham Sharma & Ahmed J. Obaid (2020) Mathematical
modelling, analysis and design of fuzzy logic controller for
the control of ventilation systems using MATLAB fuzzy logic
toolbox, Journal of Interdisciplinary Mathematics, 23:4, 843-849, DOI:
10.1080/09720502.2020.1727611.
Received November, 2020
Revised January, 2021