A Survey for Comparative Analysis of various Cryptographic Algorithms used to Secure Data on Cloud

--Cloud computing is the recent trend for the growth in IT industry. We are able to store any amount of data on cloud today whether it is text, image, audio, and video and many more. Storing data on cloud is easy but it is very important that the data which we store on store is also secure. Many cryptographic algorithms have been implemented to maintain the privacy of data over cloud. In this paper, we will make a comparative analysis of various cryptographic algorithms used over cloud to secure data. This analysis will be made using various performance metrics.


I. INTRODUCTION
Data is a small unit of information. It is a critical aspect from which information is created. Data can be any text, image, audio or video. It is very important to manage and store this data. Today, data is mainly stored on cloud. Data on cloud can be stored in various ways. But it is more important that data stored on cloud should be secure.
NIST defined cloud computing as "Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction" [1]. Cloud computing has become one of the most emerging trend. This is because it provides many services to its customers and at a very low cost. The only issue with cloud computing is security of cloud. Security of data can be achieved by applying the principles of confidentiality, authentication, integrity, nonrepudiation, access control and availability.
To maintain the privacy of data, principle of confidentiality is most important. Confidentiality ensures that the data is shared only by the sender and the intended recipient. This means, it is important that the sender uses some technique in which the data can be identified only by the receiver and not by any unauthorized user. The process of converting a readable message in a non-readable form is called encryption. The reverse process of converting back the non-readable message in the readable form is called decryption. Cryptography is defined as study of techniques to form a secure communication.
There are three ways of using cryptography: by converting plain text to cipher text, symmetric key algorithms and asymmetric key algorithms. Converting of plain text into cipher text can be done using substitution techniques in which a character in plain text can be replaced by any other character, number or symbol and using transposition techniques in which some permutations and combinations are used to encrypt the plain text characters.
Symmetric key algorithms are one in which same key is used for both encryption and decryption. There are many symmetric key algorithms like DES, triple DES, AES, Blowfish and IDEA. These algorithms works on different input size blocks and different input size keys.
Asymmetric key algorithms use two keys, one for encryption and another different key for decryption. Various asymmetric algorithms like RSA and Diffie-Hellman are used.
II. LITERATURE REVIEW P. Mell and T. Grance [1], defined cloud computing as a model of providing access to shared resources. They defined five characteristics of cloud as on-demand selfservice, broad access network, resource pooling, rapid elasticity and measured service. They identified that a cloud model is based upon the three service models as Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS) and infrastructure-as-a-Service (IaaS). They also proposed that cloud basically works on any of the four deployment models-private cloud, public cloud, hybrid cloud or community cloud.
L. Alhenaki et al. [2] made a study on security in cloud computing. The study identified various security issues on cloud related to applications, data storage, management of client, operating systems used. The study also identified threats and attacks on cloud related to data loss, data breach, insider and API's. Solutions and countermeasures for the attacks were analyzed. D. Dhaivat et al. [3] discussed various issues and threats on cloud based upon deployment model and service models. management's risks over public cloud, private cloud and hybrid cloud. Risks related to data security, network security, data integrity, data place, data outflow were identified in IaaS, SaaS and PaaS service models.
S. Chaudhary et al. [4] made a comparative study of cryptographic algorithms like DES, 3DES, AES, RSA, DH and hybrid techniques like dual RSA, AES-RSA, RSA-AES-DS on the basis of efficiency. The study concluded that efficiency of symmetric algorithms are more than asymmetric algorithms and efficiency of hybrid techniques is average but is more secure.
S. Sharma et al. [5] proposed a hybrid algorithm takes input data file, splits it into three equal parts, encrypts each part with AES, RC4 and DES algorithms, merges the encrypted parts and then uploads the file to cloud. Comparative analysis of AES and hybrid algorithm was done on the basis of various file sizes, encryption time and decryption time. The study concluded that hybrid algorithm has better execution time and results compared to AES.
K. Sajay et al. [6] proposed a new hybrid algorithm using Homographic and Blowfish algorithms. In this, the input text is first encrypted using homomorphic algorithm. The output obtained is then encrypted using Blowfish algorithm. The output obtained is the final resulted cipher text. The study concludes that the new proposed algorithm is better than traditional algorithms. K. Patel [7] made a comparative analysis of AES, DES and Blowfish algorithms on 10 small files and large file respectively based on execution time and memory usage. The study concludes that DES is better in terms of execution time, Blowfish is better in terms of memory usage; DES is good for small data files. All algorithms performance is equal on large data files.
A. Yusufzai et al. [9] made a study of various security issues and challenges and RSA, DES and AES algorithms based on block size, key length, speed and key used. The study concluded that AES takes less execution time, DES takes less time for encryption, and RSA uses large memory size and longest time for encryption.
A. R. Wani et al. [10] made a comparative analysis of AES, DES, Blowfish, 3DES, RC4, IDEA, TEA algorithms on 10 different file sizes on the basis of encryption time, decryption time, memory usage, security and performance. The study concluded that encryption time for RC4 is minimum and that for 3DES is maximum, decryption time for RC4 and AES is minimum and 3DES is maximum and memory usage of IDEA and TEA is less and RC4 is more. AES is best in terms of security, performance and memory usage.
N. Anwar et al. [11] the authors made a study of various cryptographic algorithms like AES, Blowfish, DES, 3DES, RSA, DSA, ECC based on performance metrics such as key size, block size, number of rounds, efficiency, vulnerability and applications of algorithms. The study concluded that symmetric algorithms were suitable for image processing, wireless and e-commerce applications whereas asymmetric algorithms were suitable for internet banking, web and mobile applications. security, data encryption capacity, authentication type, memory usage and execution time.
P. Semwal and M. K. Sharma [18] made a comparative analysis of DES, 3DES, AES, Blowfish and RSA cryptographic algorithms based on encryption time, decryption time and memory usage. The study concluded that Blowfish is best in memory requirement, good for small applications and requires less execution time. RSA requires large memory and more execution time. AES has high avalanche effect and is good for privacy and security.
R. G. Saranya and A. Kousalya [19] made a comparative analysis on study of cryptographic algorithms DES, Blowfish, RC2, RC5, RC6, 3DES, AES, RSA, DSA, Twofish, IDEA, El-Gamal, D-H, Homomorphic. The study stated that single algorithm cannot be trusted and security could be increased by applying multilevel algorithms.
T. Ramaporkalai [20], author studied various security algorithms in cloud computing like DES, AES, 3DES, Blowfish, IDEA, Homomorphic, RSA and D-H and concluded that a more efficient algorithm was required to enhance the security of data.
O. K. J. Mohammad et al. [21], made a study of cryptographic algorithms based on key size, performance and output size. The study concluded that symmetric algorithms are faster and efficient and AES is most efficient algorithm followed by DES, 3DES, RC4 and Blowfish.
III. COMPARATIVE ANALYSIS OF SECURITY ALGORITHMS The Table 01 shows the comparison of various cryptographic algorithms for securing data over cloud based on various parameters made in the survey. The parameters considered are key size, block size, number of rounds, execution time, key used and memory usage. The advantages and disadvantages are also stated. AES algorithm is important for electronic sensitive data, cyber security and government computer security. AES has been created for and implemented by U.S government to protect sensitive information [22]. Blowfish algorithm has been implemented on various formats of files like image, audio, video, text, document and portable document format [23]. The result has proved to be stable.
IV. CONCLUSION Cloud computing is important and effective service to provide various resources to the customers especially for storing data. Sensitive data are prone to be more vulnerable. It is important that sensitive data should be stored confidentially. So, security of data is the most essential and crucial aspect. The security can be achieved by applying cryptographic algorithms. The most important aspect of algorithm depends upon input block size and input key size used. Comparative analysis using different parameters of various cryptographic algorithms used to secure data over cloud was made to identify the pros and cons. The survey concludes that symmetric algorithms are more effective and efficient. AES and Blowfish algorithms requires less encryption time. Blowfish algorithm is best in terms of memory utilization.