Secure Framework Enhancing AES Algorithm in Cloud
Secure Framework Enhancing AES Algorithm in Cloud
Research Article
Secure Framework Enhancing AES Algorithm in
Cloud Computing
Received 17 June 2020; Revised 4 August 2020; Accepted 7 August 2020; Published 1 September 2020
Copyright © 2020 Ijaz Ahmad Awan et al. This is an open access article distributed under the Creative Commons Attribution License,
which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
The tremendous growth of computational clouds has attracted and enabled intensive computation on resource-constrained client
devices. Predominantly, smart mobiles are enabled to deploy data and computational intensive applications by leveraging on the
demand service model of remote data centres. However, outsourcing personal and confidential data to the remote data servers is
challenging for the reason of new issues involved in data privacy and security. Therefore, the traditional advanced encryption
standard (AES) algorithm needs to be enhanced in order to cope with the emerging security threats in the cloud environment. This
research presents a framework with key features including enhanced security and owner’s data privacy. It modifies the 128 AES
algorithm to increase the speed of the encryption process, 1000 blocks per second, by the double round key feature. However,
traditionally, there is a single round key with 800 blocks per second. The proposed algorithm involves less power consumption,
better load balancing, and enhanced trust and resource management on the network. The proposed framework includes de-
ployment of AES with 16, 32, 64, and 128 plain text bytes. Simulation results are visualized in a way that depicts suitability of the
algorithm while achieving particular quality attributes. Results show that the proposed framework minimizes energy consumption
by 14.43%, network usage by 11.53%, and delay by 15.67%. Hence, the proposed framework enhances security, minimizes
resource utilization, and reduces delay while deploying services of computational clouds.
1. Introduction and security issues with cloud service providers and (ii)
customer-related security issues [4]. In the literature, various
It is observed that cloud technology is used in a number of types of attacks related to the strength of the AES (advanced
architectures, services with further technologies, and various encryption standard) algorithm have been proposed [5], for
software design approaches [1]. Cloud service models include instance, different fault analyses which attack and introduce
platform as a service (PaaS), software as a service (SaaS), and faults into the AES (advanced encryption standard) structure
infrastructure as a service (IaaS). Architecture solutions for with the target to retrieving the secret information [6].
the public, private, community, and hybrid system depend on Furthermore, cloud computing standard can propose some
four cloud platform deployment models [2]. Advantages of feasible practices of service area, by means of computational
cloud computing include flexibility, accessibility, and capacity resources on behalf of extraordinary performance in com-
when linked to traditional online computing or storage puting applications, telecommunication services, social net-
method [3]. However, a number of security concerns are working, and web services [7, 8]. In addition, cloud storage in
associated with computational clouds including (i) privacy data centres is very valuable for users just before storing and
2 Security and Communication Networks
accessing their data distantly at any time without any further 2. Literature Review
load [9, 10]. On the contrary, the main problem of cloud data
storage is security. As a result, cloud data centres must have Several modifications were introduced in AES in order to
some mechanisms which are capable to ensure storage per- enhance the performance speed and security by introducing
fection and integrity of data that are stored on cloud [11]. some complexities in algorithms. These modifications are
Existing security systems employ one or two attributes at implemented on different software and hardware designs.
a time, i.e., low security and more time consumption to However, preview framework security is always a concern
encrypt/decrypt the data. This makes the process more time- due to some security constraints and problems with cloud
consuming and therefore increases the network use, power computing. The security is provided to the information
consumption, and delay in the network [12–16]. Cloud which is stored on the cloud by using cryptography algo-
computing is that kind of platform which shares the data and rithms. There are extensive security frameworks for cloud
resources efficiently, and therefore, security must be provided computing that uses enormous encryption techniques. Out
to the users as security is an important aspect of cloud of these, a few of them are presented here.
computing. So, this is the responsibility of the cloud service The security framework is based on the multicloud en-
providers to provide security with all attributes, such as less vironment to store digital data at all. In order to prevent data
power consumption, delay of network, and time consumption disclosure, they practiced a segmentation approach to frag-
[17–23]. Already, traditionally available methods are not able ment the input appearance into several areas. The integrity of
to quantify the security of cloud services effectively. Secure the outsourced clients’ data helps to verify watermarking
framework in cloud computing is a method that provides technique. Any accidental change to outsourced clients’ data
simplified management and accessing of computing re- can be detected by the digital signature and watermarking
sources, and a cost-effective approach is the need of the hour. methods [24]. This paper focuses on the computation of
The framework should use low power, time, and delay of different methods which explain how to increase data security
network consumption with encryption and decryption that so that prevention from different security attacks and
enhance the security of data in cloud computing. breaches can be made. Mitigation approaches used in this
The paper contributes towards the design of the security research on the HMAC (Hashed Message Authentication
framework by implementing a new scheme of encryption/ Code) were ECC and MD5. This proposed solution is based
decryption. It also determines the serious components of the on different security levels; as a result, access control, au-
security framework within the cloud computing community. thentication, confidentiality, integrity, and encryption are
It would be helpful for those cloud users and cloud service achieved in this work. The authors performed and checked the
providers who have similar requirements in terms of security security solution in real-time as well as in real cloud com-
during implementation. The framework helps in faster puting environment and also concluded that the solution that
computing with lesser power consumption, network usage, is been provided has very low overhead for upload and
and reduced network delay due to the smart algorithm. The download service time [17]. The framework presented in this
framework employs a symmetrical encryption method to study is more secure, and it provides more privacy to the data.
provide trust to users and enables trusted gateways. The This framework splits data into different blocks of bit. On
proposed framework includes the key features including every two blocks of bits, genetic algorithm is applied. Con-
enhanced security and owner’s data privacy. It modifies the cluding output of each genomic algorithm procedure is a
128 AES algorithm to increase the speed of the encryption ciphertext along with two blocks of bits. Each ciphertext is
process 1000 blocks per second by the double round key stored on the cloud at a distinct location, and the location of
feature. However, traditionally, there is a single round key the ciphertext is not secure. What makes it more secure from
with 800 blocks per second. The proposed algorithm in- attackers to find the exact location of the ciphertext? The
volves less power consumption, better load balancing, and innovative security framework puts on a genetic algorithm on
enhanced trust and resource management on the network. minor block size that increases the security. Furthermore, the
The proposed framework includes deployment of AES with framework uses the proficiency list aiming to secure and to
16, 32, 64, and 128 plain text bytes. Simulation results are access data [18].
visualized in a way that depicts suitability of the algorithm In this paper, authors proposed a new framework that
while achieving particular quality attributes. Results show ensures the data security and integrity and also focused on
that the proposed framework minimizes energy consump- the encryption and decryption approaches facilitating the
tion by 14.43%, network usage by 11.53%, and delay by cloud user with data security assurance. The proposed so-
15.67%. Hence, the proposed framework enhances security, lution talked about the increased security along with the
minimizes resource utilization, and reduces delay while performance. Their solution has also included functioning of
deploying services of computational clouds. the forensic virtual machine, malware detection, and real-
The remainder of this paper is configured as the fol- time monitoring of the system [25]. In this paper, the au-
lowing sections: Section 2 details the literature review. thors suggested a framework such that the objective is to
Section 3 defines the framework architecture. Section 4 store data in various clouds. The given framework is found
includes the experimental environment. Section 5 presents based on 3DES and RSA encryption. On the contrary, this
the performance results of both existing and proposed methodology is lacking in efficiency, privacy, and overload
frameworks. Section 6 defines the forthcoming features middleware through multiple functions [26]. In this paper,
associated with this paper exertion. the authors studied, multilevel licensing framework approval
Security and Communication Networks 3
preservation cloud penetrating data. Safeguarding the fa- verification, approval, and privacy along with observing in
miliar and delicate cloud data is obtainable by the three suspension. Cloud computing plans a different technique for
covers’ framework. Those restrictions are being the security obtaining cloud data in the actual environment. 128 bit AES
and privacy strategies, safety and approval policies which encryption is recycled for privacy, genuineness, and contact
outcomes from the three films’ security framework [19]. In controller [32]. In the future work, load balancer by means of
this paper, the authors proposed quality metrics and details My Load Balancer optimization method has been compared
probe on instance cloud service broker frameworks are with the two greatest well-known weight balancer tech-
provided. These streak metrics help in enforcing standards niques, i.e., Round-Robin and Supper Present Imple-
on cloud service providers by using quality-based cloud mentation Freight, also recognized as Active Monitoring
service broker framework (QCSB). The algorithm and Load Balancer. All such Java-based virtual techniques are
implementation of QCSB have been obsessing. At last, the used to create Cloud analyst toolkit. Graph procedures have
authors concluded that the proposed material QCSB not been recycling to prove the comparative analysis [33]. The
only assists cloud computing to locate optimal CSP (cloud procedure of cryptography involves two main methods
service provider) for cloud services but also affiliates can- which are encryption and decryption. In the encryption
didate CSPs according to user quality preferences [20]. method, a basic manuscript is converted to an innovative
The complexity detects were an effect of dismiss logical text which the others cannot deliver and understand ad-
purposes in the MixColumn conversion of AES. These ditional than the receiver. Blowfish and AES procedures are
reasonable tasks were eradicating in the modified version of exploited for executing a hybrid approach connected to
AES. Afterward,on utilizing the modified AES, a 13.6% cryptography. This consequence in a cryptograph text which
reduction in LUTs, 10.93% share discount, and a 1.19% can merely be decrypted by the receiver this one [34]. In this
reduction in interruption eating was attained. Likewise, the paper, obtainable low-control AES architecture by exploiting
small dispersal rate met through the conservative AES at the humble shift catalogues and variation for key/data stored to
initial nonentity, and important agenda sequences are decrease journey magnitude and control consumption. A
spoken in [27]. In this research, they examined five metrics low-power method, called clock gating is used to control
specifically: the graphic study, file size, radiance histogram, exchangeable on S-box[35]. In the present study, Abikoye
assessment by pixel, and show distance. In the file scopes, et al.’s modified AES algorithm [13] is presented which is
there were differences wherever it displays the regular worth also used in applications to make a comparison. K-L Tsai
of the fraction variations to −23.85% from the unique to the et al. presented the modified AES-based algorithm for power
encrypt duplicate and −1.45% percentage worth from the reduction in IoT using cloud computing applications [14]. In
innovative to the decrypt duplicate [28]. This paper showed this paper, similarly, VM (virtual machine) allocation policy
an overview of the latest research studies that are going on in is used for security which is almost similar to the technique
fog computing and the IoT and its uses; it also enlightened used in the previous work [36].
the research gaps and directions for further future research In general, the main purpose of all research studies
studies in the integration of fog computing and IoT (Internet related to the subject areas is to investigate the possible ways
of Things). A modern fog computing framework was pre- to improve the security of cloud computing services.
sented [29]. The modified AES contained 10 series for Therefore, in this work, a secure framework has been pro-
encrypting, and the replacement and addition processes of posed for securing confidential tasks being stored in cloud
the columns have been substituted by the line change and systems using AES encryption methods. Finally, a com-
pixel standard summary. These processes not only decrease parison of the results obtained through this proposed
the spell complication of the algorithm but also improve the framework and traditional framework work formulated in
dispersal aptitude to the CCAES (combining the chaos and the past is made which showed significant improvement of
AES) algorithm.The encrypted descriptions by the CCAES cloud computing using the proposed framework. The dif-
algorithm remained unaffected to the variance occurrences. ferences between our modified AES and previously devel-
The project algorithm is protected alongside the entropy oped or modified AES in the JAVA cipher-based security
occurrences. The simulation consequences illuminate that framework have been discussed in this manuscript. It is
the minor deviations in the unique appearance and con- pertinent to mention here that our trust-based framework
sequences in the important fluctuations in the encrypt blocks the suspicious users from the network and maintains
duplicate and the innovative appearance cannot be retrieved a queue for such users to protect the trusted users.
[30]. This paper described the CloudSim simulator counting
its architecture, aces, convicts, and CloudSim forms. Like- 3. Architecture of the Proposed Secure
wise, it characterized exactly how to practice CloudSim Framework for Cloud Computing (SFCC)
demonstration and replication in the cloud environment.
Furthermore, it also describe the way to calculate approx- The architecture of the proposed secure framework for cloud
imate presentation limits like regular reversal time, amount, computing (SFCC) is presented in Figure 1.
implementation period, types pan and entire conclusion Framework of secure cloud computing is proposed on the
period, etc. [31]. security architecture shown in Figure 1, which describes the
This paper reported dissimilar data safety and privacy information for each component and their applications which
security concerns in a cloud calculating environment and are required for secure technologies to operate between
suggested a technique for dissimilar security services such as components in cloud computing. This framework acts in the
4 Security and Communication Networks
Security management
Service configuration
IOT/user/ customer
following conditions checking security, privacy, load balancing, model in which end users are provided software ap-
and trust. When the user directs a demand to the cloud plication (as a service). Platform as a service (PaaS): this
benefactor, it responds to the user's request and passes the data model proposed an atmosphere for requests. Devel-
through framework gateways. The proposed framework in- opment tools that are essential for advanced applica-
cludes the following components: tions are also provided in this model. Infrastructure as a
service (IaaS): this is a platform that offers compulsory
Cloud service provider (CSP) layer: the CSP controls
properties such as physical machines, virtual machines,
the important sources and ability in construction and
and virtual storage.
calculates the dispersed cloud storage servers processes
and directs the live obscure work out method. Its main Security service trust management unit: security service
component is software as a service (SaaS); this is a trust management controls all the units which include
Security and Communication Networks 5
security management; trust management gateways also or a combination of both. It is important in this
control the service configuration, respectively. Further configuration that all instances of identity server share
details of all units are described in the following. the same directory server. Service monitoring: an au-
Security management layer: the security management tomatic facility-checking system to assure an extraor-
factor offers security and privacy details and imple- dinary level of facility presentation and obtainability.
mentation functionality. Security service has the fol- User service interface layer: this layer provides different
lowing modules and their details. services to select the user via the internet: software as a
Security control unit: availability is the percentage of service (SaaS), platform as a service (PaaS), and in-
time a customer can access the service. Confidentiality frastructure as a service (IaaS).
(authentication, authorization, and identification) is an Service configuration layer: the last unit for the user,
integral component of security. It ensures that the IOT, and customer to send and receive data.
information stored on the cloud is protected against the
unintended or unauthorized access. Identification user 4. Experimental Setup and
is typically skilful by retaining usernames and pass- Implementation of SFCC
words after utilizing web browser in order to admit in
Cloud. Integrity of data security control is responsible The SFCC can be implemented in real time. The results
for maintaining the accuracy of data computation that gathered from the simulations are very accurate. These re-
is coming from the combination of different files and is sults are theoretically consistent. Everything is implemented
also responsible for its delivery. accordingly. Codes are very consistent with real-time
Attack detection unit: ultimately, slightly usual activ- mechanisms. The SFCC is developed using CloudSim and
ities that hover the cloud security necessities (e.g., iFogSim simulators on the Eclipse integrated development
integrity, confidentiality, and availability) are measured environment. CloudSim is a very well-known and popular
to be occurrences. Wrapping is when the attacker at- among simulators for cloud-based applications. It is re-
tacks by wrapping the communication between two sponsible for the simulation and events handling at cloud.
people, while the users do not know this and think data Some libraries are used for different purposes. Libraries used
are still coming from the actual root. Unethical are JavaScript object notation (Json) data saver, common
browsing is to find bad actions happening, for example, math, and JFreeChart.
phishing and spoofing and changing browser The developed simulation comprises SFCC. The pro-
certificates. posed framework is generic so that anyone could put one’s
idea or logic in this simulation and get the required results. It
Data protection unit: proposes the AES algorithm to
helps the user to test different scenarios under the proposed
enhance the data security by means of cryptography
algorithm. The simulation has the ability to store and
techniques using AES ciphers as they can encrypt 128
generate a large amount of data. It allows a user to measure
bits’ data blocks within 1000 blocks per second with the
the factors such as encryption, description, power con-
double round key feature with less power consumption,
sumption, network usage, delays, trusted devices, and service
load balancing, trust, and resource management on the
management. The advanced encryption standard for en-
network efficiently. We have used symmetric identifi-
cryption and decryption for data protection is used. The
cation for security, i.e., the same key for encryption and
comparison of the algorithm with the previous unmodified
the same key for decryption as identification of data
algorithms is discussed in later sections. The characteristics
streams in the form of security. It provides greater ef-
of the layers and devices are described in Tables 1–11.
ficiency for software as well as hardware. The advantage
of using symmetric key is to secure a large amount of
data. Data recovery: if data is lost in a disaster that ithas a 4.1. Components. Data centre refers to on-premise hard-
capability to regain it or restore it. ware, while the cloud refers to off-premise computing. The
Trust management gateway layer: for the fourth layer, cloud stores your data in the public cloud, while a data centre
trusted gateways are implemented. These gateways get stores your data on your hardware. Data centre configu-
the encrypted data and decrypt only if the trusted ration is displayed in Table 1.
source is connected with a valid internet protocol Infrastructure as a service (IaaS): this is a platform that
address of a given domain. These gateways support the offers compulsory resources such as physical machines,
issues of trust. There are three gateways in which two virtual machines, and virtual storage. Infrastructure-as-a-
are in an alternative manner. In case of the normal service configuration is displayed in Table 2.
gateway is being attacked and misused, other safe Software as a service (SaaS): this is a model in which end
gateways shall be chosen to ensure data users are provided software applications (as a service).
communication. Software-as-a-service configuration is displayed in Table 3.
Platform as a service (PaaS): this model proposed an
Service configuration layer: the service enabler makes
atmosphere for requests. Development and deployment
provision for personalized cloud service using the
tools that are essential to advance applications are also
user’s profile for integration and interoperation. Load
provided in this model. Platform-as-a-service configuration
balancing can be implemented on hardware, software,
is displayed in Table 4.
6 Security and Communication Networks
Table 1: Data centre characteristics of cloud. Table 6: Data centre characteristics of gateway1.
Name of the device Cloud Name of the device Trusted gateway1
Level 1 Level 3
Uploading bandwidth 5000 Uploading bandwidth 3000
Downloading bandwidth 12000 Downloading bandwidth 4000
Million instructions per second 130.0 Million instructions per second 30000
RAM 45000 RAM 20000
Rate per processing usage/MIPS 100000 Rate per processing usage/MIPS 1000.0
Table 2: Data centre characteristics of infrastructure as a service. Table 7: Data centre characteristics of gateway2.
Name of the device Cloud IAAS Name of the device Trusted gateway2
Level 2 Level 3
Uploading bandwidth 4000 Uploading bandwidth 3000
Downloading bandwidth 5000 Downloading bandwidth 4000
Million instructions per second 50000 Million instructions per second 30000
RAM 40000 RAM 30000
Rate per processing usage/MIPS 400.0 Rate per processing usage/MIPS 400.0
Gateway devices at the second-last level of the hierarchy If H � {H1, H2, H3, . . ., Hn } and V � {Vm1, Vm2,
gateway devices are created. These gateway devices are part Vm3,. . . Vm N}, then
of the layer responsible for communicating with proxy
∃ Vm ∈ H ∪ S: Vm ∝ β where H ∩ S ≫ Vm,
servers and cloud devices. Here are the characteristics of the
gateway devices. Gateway device configuration is displayed : Vm1, Vm2, Vm3, . . . , Vm < H1, H2, H3, . . . , H,
in Tables 6–8. · ∀ V ∃Vm1, Vm2, Vm, . . . , VmN ∈ H.
Service configuration: This facility modifies the cloud
service using the user’s profile byintegrating service enabler, (1)
load balancing, and service monitoring. Service configura- Equation (1) represents how VM creation is carried out
tion is displayed in Table 9. under various rules and conditions
Service provider: this is the last unit for users and For the fourth layer, trusted gateways are implemented.
customers to send and receive data. Service provider con- These gateways get the encrypted data and decrypt only if a
figuration is displayed in Table 10. trusted source is connected with a valid Internet protocol
Virtual machines are created and allocated to hosts to address of a given domain. These gateways support the issues
support processing and offloading the modules to support of trust [40]. There are 3 gateways in which 2 are alternate
the load balancing mechanism. These virtual machines come manner. In case of a normal gateway is being attacked and
with the proposed strong encryption algorithm to support misused, other safe gateways shall be chosen to ensure data
the security and trust feature. The virtual machine config- communication, as shown in Figure 3.
uration is displayed in Table 11 Trusted gateways put the blacklist users into the blocked
The materials and methods section should contain users’ category to ensure the security and privacy of trusted
sufficient detail to repeat all procedures. It may be divided users. The fifth layer is responsible for 3 functions. These
into headed subsections if several methods are described. functions include service monitoring, load balancing, and
service enabling/disabling. The bottom-most layer is based
on the users of cloud, and it represents the Internet-of-
4.2. Physical Topology of SFCC. The physical topology shows Things layer in the proposed system. This is how all the
the pattern of nodes and devices in the network. Physical aforementioned proposed frameworks work. The trusted
entities are created, and their competence, capability, and customer stays as long as a mediator (trustee) stays. And a
configurations are specified. These entities include sensors, mediator stays as long as the cloud service providers are
actuators, gateways, and cloud VM (virtual machines). The trustable. The chain of trust can be seen in Figure 4 [41].
links between these entities and their configuration are also
established. Physical network topology is important to
understand the pattern of the network, how various network 4.4. Changesin Traditional AES Algorithm. The high-level
devices are organized, and how they communicate with each flow of the proposed AES algorithm in a standard way is
other. These configurations and capacity determine the load presented in Figure 5.
a network can tolerate and the amount of data it can transfer.
The physical topology is shown in Figure 2.
4.4.1. Changes in the Traditional AES Algorithm vs. the
Proposed Algorithm. The cloud computing confidentiality
framework is presented in this paper. In this framework,
4.3. Explanation Topology. The computing mechanism of
data integrity mechanism is used to enhance the data se-
cloud always happens at the top. Cloud stays at the top to
curity by the means of cryptography technique. The mod-
manage the lower-level architecture [37]. The three different
ified AES (advance encryption standard) ciphers as it can
types of cloud stay below the top layer and act as CSPs [38]
encrypt 128 bit data blocks within 1000 cycles with low
according to customers’ need. For the third layer, the virtual
power, time, and delay of network consumption. The other
machine allocation policy mechanism is implemented to
work of the frameworks is load balancing, trust, and resource
support data offloading and privacy for security [39] in the
management on the network efficiently.
proposed system. Offloading the modules not only provides
We have used symmetric identification for security, i.e.,
load balancing but also solves the security issues of cloud by
the same key for encryption and decryption as identifi-
providing a new layer on the hosts. Virtual machines are
cation of data streams in the form of security. The dif-
created and allocated to the hosts to support processing and
ference between the proposed and previously developed
offloading of the modules to support the load balancing
AES is that we have also encrypted 1000 blocks per second
mechanism. These virtual machines come with a strong
with the double round key feature. Previously developed
encryption algorithm to support the security and trust
AES uses a single round key with 800 blocks per second.
feature.
The advantage of using symmetric key is to secure a large
The virtual machine requires some storage and pro-
amount of data.
cessing capabilities similar to a host H in nature. Equation
(1) represents the conditions for creating a virtual machine.
The Vm size is always smaller than the available host H and 4.5. AES Substitution Box (S-Box). The primary stage to
storage S, where the number of Vms depends on the size of around, remains to organize a byte by byte replacement
load (β). through a lookup table called a substitution box or simply
8 Security and Communication Networks
Cloud computing
Security management
Service configuration
Service provider
Synchronization Synchronization
Synchronization
Trust relationship
Synchronization
Trust relationship Synchronization
Trust relationship Users
Users
Blocked users
Legend
Provider A
(trustee) (Trust) relation
Cloud
Customer Mediator computing
(trustor) (trustee) service (Trust) relation
in study focus
Provider B
(trustee) Actor (role in
study focus)
S-box. The S-Boxescarry out one to one plotting for all byte javax.crypto.CryptoAllPermission (iv)
values from 0 to 255 in 16 × 16 arrays. Replacement is a ⟶putfieldjavax.crypto.Cipher.cryptoPerm:
nonlinear conversion which achieves misperception of bits. javax.crypto.CryptoPermission
10 Security and Communication Networks
0 1 2 3 4 5 6 7 8 9 a b c d e f
0 52 09 6a d5 30 36 a5 38 bf 40 a3 9e 81 f3 d7 fb
1 7c e3 39 82 9b 2f ff 87 34 8e 43 44 c4 de e9 cb
2 54 7b 94 32 a6 c2 23 3d ee 4c 95 0b 42 fa c3 4e
3 08 2e a1 66 28 d9 24 b2 76 5b a2 49 6d 8b d1 25
4 72 f8 f6 64 86 68 98 16 d4 a4 5c cc 5d 65 b6 92
5 6c 70 48 50 fd ed b9 da 5e 15 46 57 a7 8d 9d 84
x 6 90 d8 ab 00 8c bc d3 0a f7 e4 58 05 b8 b3 45 06
7 d0 2c 1e 8f ca 3f 0f 02 c1 af bd 03 01 13 8a 6b
8 3a 91 11 41 4f 67 dc ea 97 f2 cf ce f0 b4 e6 73
9 96 ac 74 22 e7 ad 35 85 e2 f9 37 e8 1c 75 df 6e
a 47 f1 1a 71 1d 29 c5 89 6f b7 62 0e aa 18 be 1b
b fc 56 3e 4b c6 d2 79 20 9a db c0 fe 78 cd 5a f4
c 1f dd a8 33 88 07 c7 31 b1 12 10 59 27 80 ec 5f
d 60 51 7f a9 19 b5 4a 0d 2d e5 7a 9f 93 c9 9c ef
e a0 e0 3b 4d ae 2a f5 b0 c8 eb bb 3c 83 53 99 61
f 17 2b 04 7e ba 77 d6 26 e1 69 14 63 55 21 0c 7d
0.8
0.7
Encryption time (ms)
0.6
0.5
0.4
0.3
0.2
0.1
0
16 bytes 32 bytes 64 bytes 128 bytes
0.7
0.6
Decryption time (ms)
0.5
0.4
0.3
0.2
0.1
0
16 bytes 32 bytes 64 bytes 128 bytes
5.1. Avalanche Effect. In cryptography, stuff called dispersal anticipated. Avalanche’s conclusion reproduces the pre-
reproduces the cryptographic asset of an algorithm. If there sentation of a cryptographic algorithm. The avalanche effect
is a small alteration in an input, the output changes is described in Table 14.
meaningfully. This is also called the inundation effect. Av- The avalanche effect is described in Figure 10(simulation
alanche consequence is leisurely by means of pretense re- results from Table 14)
serve. Hamming reserve in material philosophy is the
amount of variation. Playacting reserve is the amount of bit-
by-bit XOR bearing in mind ASCII value as it develops 5.2. Comparative Analysis of Computed Results with the
informal to devise programmatically. A high gradation of Existing Work. A comparative analysis of computed
dispersal, i.e., extraordinary avalanche consequence, is consequences with the current work is presented as
12 Security and Communication Networks
Table 14: Avalanche effect test result obtained after flipping a single bit in the plain text [13].
Execution Encryption and Execution
Plain text Secret key
program decryption time time
First time I Love Encryption time 0.05172414
H2 + 3S + MuePgIPK3h9SAHOtl6THtl8ak062IgB3ixEto
execution Unimorin! Decryption time 0.03448276
Second I Love 1mRVUf7lRS7W/K + BWFRkP3// Encryption time 0.06666667
execution Unimorin! KKjf0FtIaSnIGArvudY� Decryption time 0.044444446
0.5 mb 0.5 mb
2400 2300
2350
2250
2300
2200
2250
2200 2150
Existing AES avrg. Proposed AES avrg Existing AES avrg. Proposed AES avrg.
encryption time (ms) encryption time (ms) decryption time (ms) decryption time (ms)
Figure 9: Encrypting and decrypting time: existing AES vs. proposed AES.
0.08
0.07
0.06
Execution time
0.05
0.04
0.03
0.02
0.01
0
Encryption time Decryption time Encryption time Decryption time
First time execution Second time execution
Figure 10: Avalanche effect test result.
follows. However, some researchers analyzed the per- model P. The mathematical notation to represent the energy
formance of their advanced AES version. Meanwhile, consumption is described in Figure 13.
many authors used encryption and description time as
their performance metrics. The simulation environmental
comparison between proposed AES and other AES using 5.4. Average Network Usage. Network usage is the overall
the CloudSim simulator is graphically represented in network usage for the system. Network usage is repre-
Figures 11 and 12. sented in kilobytes. This parameter defines the usage of
network resources. The length is reduced and approaches
of requests to lower hierarchy by using service configu-
5.3. Average Energy Consumed. By using the same technique ration so that the request could be processed in the lower
described in [13], the energy consumption is being evalu- hierarchy rather than sending it to cloud again and again.
ated. These experiments shared that the proposed frame- This algorithm reduces 3-hop communication to single-
works have 14% less energy consumption as compared to hop communication. Thus, low network usage is obtained
[13]. Actual cost taken is given by encryption and the average through the proposed framework. The more the network
current that is used by every CPU clock cycle. Equation (5) is is used, the more the expenditure. Efficient network to-
used to calculate energy cost per byte as well as various keys pologies prefer to use minimal network. In these exper-
of AES encryption schemes: iments, the network usage is evaluated using the same
technique described in [13]. In the proposed framework,
Tc
: E � Ec + TL − –P ∗ M, (5) network resources are reduced by 11% as compared to
Tu [13]. The network while running the implemented en-
cryption schemes is calculated using the following
where C, L. and u represent the current, last, and updated,
equation:
respectively.
The energy consumption E is the amount of work done (L ∗ D ∗ B)
: Nu � Ni + , (6)
on processing Mips M under a time frame T using power T
Security and Communication Networks 13
150
128
130
Encryption time (ms)
110
87.574
90
70
50 43.58
30 17 15.5
4.027 0.239 1.22
10 2.151 0.367 0.0434
–10 2012 [44] 2015 [48] 2016 [45] 2017 [43] 2018 [15] 2018 [22] 2019 [46] 2019 [23] 2019 [16] 2019 [47] Proposed
Year
Figure 11: Encryption processing time factor in different AES.
100
88.007
80 75
Decryption time (ms)
60
40
25 21
20
4.152 0.225 0.13 0.69 0.297 0.0289
0.247
0
2012 [44] 2015 [48] 2016 [45] 2017 [43] 2018 [15] 2018 [22] 2019 [46] 2019 [23] 2019 [16] 2019 [47] Proposed
Year
Figure 12: Decryption processing time factor in different AES.
0.8
Average energy consumption (ms)
0.7
0.6
0.5
0.4
0.3
0.2
0.1
0
16 bits 32 bits 64 bits 128 bits
Proposed
Existing
Figure 13: Energy consumption for different key AES encrypting and decrypting.
where Ni is the initial network usage (Nu at 0). evaluated. In the local host cloud environment amount of
The network usage mathematical notation Nu is the consumers; the data traffic will develop tall, which will have
number of bits B communicated in a certain time frame on influence on the scheme. In a real environment, numerous
devices under sets of data D with latency L. Simulation result issues could cause delays, e.g., the size of the key and network
is clear from Figure 14. speeds, which will cause suspensions and overcrowding. The
larger numbers of key indicate increased delay due to the
time when more data encrypt generate. When the key, it is
5.5. Average Networking Delay. In the calculation of testing originally split into dissimilar blocks formerly encryption.
and evaluating whether the data are secured, delay is likewise The scope of individual block may have contingent influence
14 Security and Communication Networks
0.8
0.7
0.8
0.7
Average network delay (ms)
0.6
0.5
0.4
0.3
0.2
0.1
0
16 bits 32 bits 64 bits 128 bits
Proposed
Existing
Figure 15: Networking delay for different key AES encrypting and decrypting.
on the scope. The delay comparison of the previous It also allows security, privacy, network usage, and
methodology [13] and the research shows that the significant storage in the cloud without depending on the plausibility of
differences in the delay indicate that the proposed frame- the cloud provider. The application of the AES algorithm
work is 15% better than the previous solution [13]. provides a strong foundation that protects data stored in the
L L T cloud as well as authorizes access to data only on successful
Dn � Bs ∗ − Bd ∗ − . (7) authentication and verification. The delays that occur in the
T 1 Te
actual environment vary in different situations all of which
The delay D represents the time that the bits B take to reach are not considered in this framework. Results show that the
a processing device from an end device under a certain latency proposed framework minimizes energy consumption by
L and connection time T. The observed delay is calculated using 14.43%, network usage by 11.53%, and delay by 15.67%.
the equation. The mathematical notation to represent the delay Hence, the proposed framework enhances security, mini-
is described below and by simulation result it is clear from mizes resource utilization, and reduces delay while
figure. The delay calculation is shown in Figure 15. deploying services of computational clouds.
International Journal of Recent Technology and Engineering [48] L. R1 and H. S2 Mohan, “Implementation and performance
(IJRTE) ISSN, vol. 8, no. 2, 2019. analysis of modified AES algorithm with key-dependent
[32] V. Surya, S. Ranichandra, and R. Ranjani, “Secure cloud dynamic S-box and key multiplication,” Computer Applica-
storage using AES encryption,” International Journal of In- tions Research, vol. 5, no. 3, 2015.
novative Research in Computer and Communication Engi-
neering, vol. 6, no. 6, 2018.
[33] A. Nair and S. S. SantoshAnand, “A performance booster for
load balancing in cloud computing with my load balancer
technique,” International Journal of Recent Technology and
Engineering, vol. 8, no. 1, 2019.
[34] D. Salama and A. Elminaam, “Improving the security of cloud
computing by building new hybrid cryptography algorithms,”
IJEIE, vol. 8, no. 1, pp. 40–42, 2018.
[35] D.-H. Bui, D. Puschini, S. Bacles-Min, E. Beigné, and
X.-T. Tran, “Ultra low-power and low-energy 32-bit datapath
AES architecture for IoT applications,” in Proceedings of the
2016 International Conference on IC Design and Technology
(ICICDT), pp. 1–4, Ho Chi Minh City, Vietnam, June 2016.
[36] H. Jia, X. Liu, X. Di et al., “Security strategy for virtual
machine allocation in cloud computing,” Procedia Computer
Science, vol. 147, pp. 140–144, 2019.
[37] B. T. Spiers, M. Halas, R. A. Schimmel, and D. P. Provencher,
“Secure network cloud architecture,” U.S. Patent 8,984,610,
United States Patent (Justia Patents), 2015.
[38] E. Bertino, F. Paci, R. Ferrini, and N. Shang, “Privacy-pre-
serving digital identity management for cloud computing,”
IEEE Data Engineering Bulletin, vol. 32, no. 1, pp. 21–27, 2009.
[39] S. Yi, Li Cheng, and Q. Li, “A survey of fog computing:
concepts, applications and issues,” in Proceedings of the 2015
Workshop on Mobile Big Data, pp. 37–42, ACM, Hangzhou,
China, June 2015.
[40] M. Aazam and E.-N. Huh, “Fog computing and smart gateway
based communication for cloud of things,” in Proceedings of
the 2014 International Conference on Future Internet of Things
and Cloud, pp. 464–470, IEEE, Barcelona, Spain, August 2014.
[41] R. N. Calheiros, R. Ranjan, A. Beloglazov, C. A. De Rose, and
R. &Buyya, “CloudSim: a toolkit for modeling and simulation
of cloud computing environments and evaluation of resource
provisioning algorithms,” Software: Practice and Experience,
vol. 41, no. 1, pp. 23–50, 2011.
[42] G. N. Selimis, A. P. Kakarountas, A. P. Fournaris,
A. Milidonis, and O. Koufopavlou, “A low power design for
sbox cryptographic primitive of advanced encryption stan-
dard for mobile end-users,” Journal of Low Power Electronics,
vol. 3, no. 3, pp. 327–336, 2007.
[43] M. A. FaiqaMaqsood, M. M. Ali, and M. Ali Shah, “Cryp-
tography: a comparative analysis for modern techniques”,
(IJACSA),” International Journal of Advanced Computer
Science and Applications, vol. 8, no. 6, 2017.
[44] R. Paul, S. Saha, S. Sau, and A. Chakrabarti, “Design and
implementation of realtime AES-128 on real time operating
system for multiple fpga communication,” 2012, http://arxiv.
org/abs/1205.2153.
[45] D. Lohit Kumar, Dr.A. R. Reddy, and S. A. K. Jilani,
“Implementation of 128-bit AES algorithm in MATLAB,”
International Journal of Engineering Trends and Technology
(IJETT), vol. 33, no. 3, 2016.
[46] Dr. N. Suba Rani, Dr. A. Noble Mary Juliet, and K. Renuka
Devi, “An image encryption & decryption and comparison
with text - AES algorithm,” International Journal of Scientific
& Technology Research, vol. 8, no. 7, 2019.
[47] O. I. Omotosho, “A review on cloud computing security,”
International Journal of Computer Science and Mobile Com-
puting, IJCSMC, vol. 8, no. 9, pp. 245–257, 2019.