Abstract
Cloud computing has gained great attention among the individual user and the organization. Transitioning to the cloud platform is not simple as it involves various cybersecurity and operational issues. Due to a large amount of data storage in the cloud, ensuring the security of the data outsourced in the cloud is highly important. A Key Management System (KMS) is a secure data protection method that is commonly used in e-healthcare information systems, information security (confidentiality, integrity, authenticity), large-scale organizations, architecture security, sensor security, identity management, access control (privacy preservation), identity proofing (authentication), and legal issues. Because this approach allows the secret key information to be exchanged safely, the security level may be guaranteed to be high. Using a random prime number, a master secret key, and a parameter value, one can generate a secure key that is difficult for hackers to break. Secure data transfer with exact and consistent authentication is the goal of this new approach. This research focuses on the development of secure secret key creation and the improvement in secure key sharing. To generate the key (in the form of a QR code), we have used an asymmetric Elliptic Curve Cryptography (ECC) method, whereas encryption and decryption of data have been done by a hybrid of Advanced Encryption Standard (AES) and ECC cryptography. The hybrid ECC-AES model was found to take less amount of time than the AES model and other existing models. Current algorithms have certain security issues, such as vulnerability to plaintext attacks, brute force attacks, side-channel attacks, and computational complexity. The proposed algorithm has been able to overcome the issue of key exchange that plagues AES, simpler than ECC and more reliable than AES. As a result, KMS has been designed to provide high levels of security for healthcare information. We have proposed a Hybrid Cryptographic Approach to enhance the Mode of Key Management System (HCA-KMS) in a Cloud Environment based on authenticated encryption with AES and ECC. The proposed algorithm has been compared to existing methods concerning confidentiality, integrity, time complexity, storage overhead, resource utilization, security, and log time to demonstrate its efficacy. The proposed HCA-KMS has time complexity, encryption time (O (n)), and decryption time (O (logn)).
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Hu X et al (2021) STYX: A hierarchical key management system for elastic content delivery networks on public clouds. IEEE Trans Depend Secure Comput 18(2):843–857. https://doi.org/10.1109/TDSC.2019.2918278
Zhang Y, Xu C, Ni J, Li H, Shen XS (2021) Blockchain-assisted public-key encryption with keyword search against keyword guessing attacks for cloud storage. IEEE Trans Cloud Comput 9(4):1335–1348. https://doi.org/10.1109/TCC.2019.2923222
Ahmad S, Mehfuz S, Beg J (2022) Cloud security framework and key management services collectively for implementing DLP and IRM. Mater Today Proc 62:4828–4836. https://doi.org/10.1016/j.matpr.2022.03.420
Froelicher D, Troncoso-Pastoriza JR, Pyrgelis A, Sav S, Sousa JS, Bossuat J-P, Hubaux J-P (2021) Scalable privacy-preserving distributed learning. Proc Privacy Enhancing Technol 2021(2):323–347
Celiktas B, Celikbilek I, Ozdemir E (2021) A higher-level security scheme for key access on cloud computing. IEEE Access 9:107347–107359. https://doi.org/10.1109/ACCESS.2021.3101048
Schulze Darup M, Alexandru AB, Quevedo DE, Pappas GJ (2021) Encrypted control for networked systems-an illustrative introduction and current challenges. IEEE Control Syst 41(3):58–78
Goswami PS, Chakraborty T (2020) Design of a quantum one-way trapdoor function. In: Mandal JK, Bhattacharya D (eds) emerging technology in modelling and graphics. Springer, Singapore, pp 547–555
Alexandru AB, Gatsis K, Shoukry Y, Seshia SA, Tabuada P, Pappas GJ (2020) Cloud-based quadratic optimization with partially homomorphic encryption. IEEE Trans Automat Control 66(5):2357–2364
Zhang S, Han S, Zheng B, Han K, Pang E (2020) Group key management protocol for file sharing on cloud storage. IEEE Access 8:123614–123622. https://doi.org/10.1109/ACCESS.2019.2963782
Zhang Z, Zeng P, Pan B, Choo K-KR (2020) Large-universe attribute-based encryption with public traceability for cloud storage. IEEE Internet Things J 7(10):10314–10323. https://doi.org/10.1109/JIOT.2020.2986303
Alexandru AB, Tsiamis A, Pappas GJ (2020) Towards private data-driven control. In: Proceedings of the 59th conference on decision and control (CDC), pp. 5449– 5456. IEEE
Berberich J, Köhler J, Muller MA, Allgower F (2020) Data-driven model predictive control with stability and robustness guarantees. IEEE Trans Automat Control 66(4):1702–1717
Singh G, Supriya, (2013) A study of encryption algorithms (RSA, DES, 3DES, and AES) for information security. Int J Comput Appl 67(19):33–38
Burr W (2003) Selecting the advanced encryption standard. IEEE Secure Priv 1(2):43–52
Frunza M, Asachi GH (2007) Improved RSA encryption algorithm for increased security of wireless networks. In: ISSCS International Symposium, vol. 2
Kodali R, Sarma N (2013) Energy efficient ECC encryption using ECDH. Emerging research in electronics, computer science and technology Lecture Notes in Electrical Engineering, vol 248. Springer, New Delhi, pp 471–478
Johnson D, Menezes A, Vanstone S (2001) The elliptic curve digital signature algorithm (ECDSA). Int J Inf Secure 1(1):36–63
Balitanas M (2009) WiFi-protected access-pre-shared key hybrid algorithm. Int J Adv Sci Technol 12
Subramaniam N, Jeyaraj A (2018) Recent security challenges in cloud computing. Comput Electrical Eng 71:28–42
Chenthara S, Ahmed K, Wang H, Whittaker F (2019) Security and privacy-preserving challenges of e-health solutions in cloud computing. IEEE Access 7:74361–74382
Wazid M, Das AK, Vasilacos AV (2018) Authenticated key management protocol for cloud-assisted body area sensor networks. J Netw Comput Appl 123:112–126
ShanmugaPriya S, Valamathi A, Yuvaj D (2019) The personal authentication service and security enhancement for optimal strong password. Concurr Comput Practice Exp 31:e5009
Neela KL, Kavita V (2018) Enhancement of data confidentiality and secure data transaction in cloud environment. Clust Comput 21(1):115–124
Blatt M, Gusev A, Polyakov Y, Rohloff K, Vaikuntanathan V (2020) Optimized homomorphic encryption solution for secure genome-wide association studies. BMC Med Genomics 13(7):1–13
van Waarde HJ, De Persis C, Camlibel MK, Tesi P (2020) Willems’ fundamental lemma for state-space systems and its extension to multiple datasets. IEEE Control Syst Lett 4(3):602–607
Chen Y, Liu H, Wang B, Sonompil B, Ping Y, Zhang Z (2021) A threshold hybrid encryption method for integrity audit without a trusted center. J Cloud Comput 10:3
Shridharan S, Arokiassamy A (2017) Effective secure data storage in cloud by using ECC algorithm, Middle-East. J Sci Res 25:117–127
Goyal V, Kant C (2018) An effective hybrid encryption algorithm for ensuring cloud data security. Big data analytics. Springer, Singapore, pp 195–210
Kumar M, Iqbal A, Kumar P (2016) A new RGB image encryption algorithm based on DNA encoding and elliptic curve Diffie-Hellman cryptography. Signal Process 125:187–202
Amalarethinam DIG, Leena HM (2018) Asymmetric addition chaining cryptographic algorithm (ACCA) for data security in the cloud. Advances in big data and cloud computing. Springer, Singapore, pp 331–340
Askazadeh A (2016) “A novel metaheuristic method for solving constrained engineering optimization problems”, crow search algorithm. Comput Struct 169:1–12
Wazid M, Bagga P, Das AK, Shetty S, Rodrigues JJ, Park Y (2019) AKM-IoV: authenticated key management protocol in fog computing-based internet of vehicles deployment. IEEE Internet Things J 6(5):8804–8817
Miao Y, Liu X, Deng RH, Wu H, Li J, Wu D (2018) Hybrid keyword field search with efficient key management for the industrial internet of things. IEEE Trans Ind Inf 15(6):3206–3217
Park K, Park Y, Das AK, Yu S, Lee J, Park, (2019A) dynamic privacy-preserving key management protocol for V2G in social internet of things. IEEE Access 7:76812–76832
Choi Y, Lee D, Kim J, Jung J, Nam J, Won D (2014) Security enhanced user authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors 14(6):10081–10106
Nikravan M, Reza A (2020) A multi-factor user authentication and key agreement protocol based on bilinear pairing for the Internet of Things. Wireless Pers Commun 111(1):463–494
Choi Y, Lee Y, Won D (2016) Security improvement on biometric-based authentication scheme for wireless sensor networks using fuzzy extraction. Int J Distrib Sens Netw 12(1):8572410
Wazid M, Das AK, Kumar N, Alazab M, (2020) Designing authenticated key management scheme in the 6G-enabled network in a box deployed for industrial applications. IEEE Trans Ind Inf, 1–1
Jiang Q, Ma J, Wei F, Tian Y, Shen J, Yang Y (2016) An untraceable temporal-credential-based two-factor authentication scheme using ECC for wireless sensor networks. J Netw Comput Appl 76:37–48
Ali Z, Hussain S, Rehman RHU, Munshi A, Liaqat M, Kumar N, Chaudhry SA (2020) ITSSAKA-MS: an improved three-factor symmetric-key based secure AKA scheme for multi-server environments. IEEE Access 8:107993–108003
Jung J, Kim J, Choi Y, Won D (2016) An anonymous user authentication and key agreement scheme based on a symmetric cryptosystem in wireless sensor networks. Sensors 16(8):1299
Sadhukhan D, Ray S, Biswas G, Khan M, Dasgupta M (2020) A lightweight remote user authentication scheme for IoT communication using elliptic curve cryptography”. J Supercomput 77(2):114–1151
Moon J, Lee D, Lee Y, Won D (2017) Improving biometric-based authentication schemes with smart card revocation/reissue for wireless sensor networks. Sensors 17(5):940
Challa S, Das AK, Gope P, Kumar N, Wu F, Vasilakos AV (2020) Design and analysis of authenticated key agreement scheme in cloud-assisted cyber-physical systems. Futur Gener Comput Syst 108:1267–1286
Li X, Niu J, Bhuiyan MZA, Wu F, Karuppiah M, Kumari S (2017) A robust ECC-based provable secure authentication protocol with privacy-preserving for Industrial Internet of Things. IEEE Trans Ind Inf 14(8):3599–3609
Moghadam MF, Nikooghadam M, Al Jabban MAB, Alishahi M, Mortazavi L, Mohajerzadeh A (2020) An efficient authentication and key agreement scheme based on each for wireless sensor network. IEEE Access 8:73182–73192
Wu F, Xu L, Kumari S, Li X (2017) A privacy-preserving and provable user authentication scheme for wireless sensor networks based on Internet of Things security. J Ambient Intell Humaniz Comput 8(1):101–116
Tanveer M,.Abbas G, Abbas ZH, (2020) LAS-6LE: a lightweight authentication scheme for 6LoWPAN environments, In: 2020 14th international conference on open-source systems and technologies (ICOSST), pp. 1–6.
Li X, Niu J, Kumari S, Wu F, Sangaiah AK, Choo K-KR (2018) A three-factor anonymous authentication scheme for wireless sensor networks in the Internet of Things environments. J Netw Comput Appl 103:194–204
Shuai M, Yu N, Wang H, Xiong L (2019) Anonymous authentication scheme for the smart home environment with provable security. Comput Secur 86:132–146
Mahmood K, Li X, Chaudhry SA, Naqvi H, Kumari S, Sangaiah AK, Rodrigues JJ (2018) Pairing based anonymous and secure key agreement protocol for smart grid edge computing infrastructure. Futur Gener Comput Syst 88:491–500
Wazid M, Das AK, Kumar N, Vasilakos AV, Rodrigues JJ (2018) Design and analysis of secure lightweight remote user authentication and key agreement scheme on Internet of Drones deployment. IEEE Internet Things J 6(2):3572–3584
Jia X, He D, Li L, Choo K-KR (2018) Signature-based three-factor authenticated key exchange for Internet of Things applications. Multimed Tools Appl 77(14):18355–18382
Lu Y, Xu G, Li L, Yang Y (2019) Anonymous three-factor authenticated key agreement for wireless sensor networks. Wireless Netw 25(4):1461–1475
Chen Y, Lopez L, Martinez J-F, Castillejo P (2018) A lightweight privacy protection user authentication and key agreement scheme tailored for the Internet of Things environment: Lightpriauth. J Sens 2018:1–16
Yang Z, Lai J, Sun Y, Zhou J (2019) A novel authenticated key agreement protocol with a dynamic credential for WSNs. ACM Trans Sens Netw (TOSN) 15(2):1–27
Alotaibi M (2018) An enhanced symmetric cryptosystem and biometric-based anonymous user authentication and session key establishment scheme for WSN. IEEE Access 6:70072–70087
Shin S, Kwon T (2019) A lightweight three-factor authentication and key agreement scheme in wireless sensor networks for smart homes. Sensors 19(9):2012
Zhou L, Li X, Yeh K-H, Su C, Chiu W (2019) Lightweight IoT based authentication scheme in cloud computing circumstance. Futur Gener Comput Syst 91:244–251
Hadjicostis CN, Dominguez-Garcia AD (2020) Privacy-preserving distributed averaging via homomorphically encrypted ratio consensus. IEEE Trans Automat Control 65(9):3887–3894
Murguia C, Farokhi F, Shames I (2020) Secure and private implementation of dynamic controllers using semihomomorphic encryption. IEEE Trans Autom Control 65(9):3950–3957
van Waarde HJ, Eising J, Trentelman HL, Camlibel MK (2020) Data informativity: a new perspective on data-driven analysis and control. IEEE Trans Automat Control 65(111):4753–4768
Ye Y, Chen H, Xiao M, Skoglund M, Poor HV (2020) Privacy-preserving incremental ADMM for decentralized consensus optimization. IEEE Trans Signal Process 68:5842–5854
Alexandru AB, Pappas GJ (2020) Secure multi-party computation for cloud-based control. Privacy in dynamical systems. Springer, Singapore, pp 179–207
Mallik A (2019) Man-in-the-middle-attack: understanding in simple words. Cyberspace: Jurnal Pendidikan Teknologi Informasi 2(2):109–134
Song C et al (2019) Hierarchical edge cloud enabling network slicing for 5G optical fronthaul. J Optic Commun Netw 11(4):B60–B70. https://doi.org/10.1364/JOCN.11.000B60
Yao Y, Zhai Z, Liu J, Li Z (2019) Lattice-based key-aggregate (searchable) encryption in cloud storage. IEEE Access 7:164544–164555. https://doi.org/10.1109/ACCESS.2019.2952163
Wang S, Pei R, Zhang Y (2019) EIDM: a ethereum-based cloud user identity management protocol. IEEE Access 7:115281–115291. https://doi.org/10.1109/ACCESS.2019.2933989
Miao Y et al (2019) Hybrid keyword-field search with efficient key management for industrial internet of things. IEEE Trans Industr Inf 15(6):3206–3217. https://doi.org/10.1109/TII.2018.2877146
Ma M, Shi G, Li F (2019) Privacy-oriented blockchain-based distributed key management architecture for hierarchical access control in the IoT scenario. IEEE Access 7:34045–34059. https://doi.org/10.1109/ACCESS.2019.2904042
Wang F, Xu L, Gao W (2018) Comments on “SCLPV: secure certificateless public verification for cloud-based cyber-physical-social systems against malicious auditors.” IEEE Trans Comput Social Syst 5(3):854–857. https://doi.org/10.1109/TCSS.2018.2858805
Xu Q, Tan C, Fan Z, Zhu W, Xiao Y, Cheng F (2018) Secure multi-authority data access control scheme in cloud storage system based on attribute-based signcryption. IEEE Access 6:34051–34074. https://doi.org/10.1109/ACCESS.2018.2844829
de Ree M, Mantas G, Rodriguez J, Otung IE (2022) DECENT: decentralized and efficient key management to secure communication in dense and dynamic environments. IEEE Trans Intell Transp Syst. https://doi.org/10.1109/TITS.2022.3160068
Chen X, Ding J, Lu Z (2022) A decentralized trust management system for intelligent transportation environments. IEEE Trans Intell Transp Syst 23(1):558–571. https://doi.org/10.1109/TITS.2020.3013279
Tanveer M, Khan AU, Kumar N, Hassan MM (2022) RAMP-IoD: a Robust authenticated key management protocol for the internet of drones. IEEE Internet of Things Journal 9(2):1339–1353. https://doi.org/10.1109/JIOT.2021.3084946
Upadhyay D, Zaman M, Joshi R, Sampalli S (2022) An efficient key management and multi-layered security framework for SCADA systems. IEEE Trans Netw Serv Manag 19(1):642–660. https://doi.org/10.1109/TNSM.2021.3104531
Acknowledgements
The authors acknowledge the financial support received own, for their support and encouragement in carrying out his college work. The authors also would like to acknowledge the administration of Jamia Millia Islamia, which the authors represent.
Funding
Not applicable.
Author information
Authors and Affiliations
Contributions
Conceptualization was performed by SA and SM; data curation by SA and SM; formal analysis by SM and JB; investigation by SM and JB; methodology by SA and SM.; resources by SA and JB; supervision by SM; validation by SM and JB; visualization by SM; writing—original draft by SA; writing—review and editing—by SM and JB.
Corresponding author
Ethics declarations
Conflict of interests
The authors declare that they have no competing interests.
Consent for publication
All authors have read and agreed to the published version of the manuscript.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Ahmad, S., Mehfuz, S. & Beg, J. Hybrid cryptographic approach to enhance the mode of key management system in cloud environment. J Supercomput 79, 7377–7413 (2023). https://doi.org/10.1007/s11227-022-04964-9
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-022-04964-9