International Journal of Computer Science and Information Security (IJCSIS),
Vol. 16, No. 10, October 2018
Improved Cloud Storage Security of Using Three
Layers Cryptography Algorithms
Zinah Raad Saeed
Faculty of Information and Communication Technology,
Universiti Teknikal Malaysia Melaka, Malaysia.
Email: zeina_r.saeed@yahoo.com
Abstract— Current security scheme in cloud computing applied
single encryption algorithm. However, usage of a single algorithm
is not effective for high-level security requirement towards data
processing in cloud computing. Therefore, this study proposes
combination of AES, ECC and RSA encryption method to
strengthen the security in cloud in terms of authentication and
encryption. The method for this study is the text data has been
encrypted using AES then, AES key have been encrypted by ECC
only after that RSA will encrypt both the ciphertext and the
encoding key again. Java NetBean is used to program the
evaluation tool to calculate the performance of the encryption
method. First, the tool has applied the three algorithms AES,
ECC and RSA using a dataset consisting of multiple text file with
different sizes. Evaluation has been performed using encryption
time, decryption time and secrecy measure. Results showed that
the proposed method has the ability to fulfil both efficiency and
security factors with highest secrecy value. The impact of
combination layer of encryption algorithms provides a higher
secrecy value compared to single layer encryption.
Keywords- cloud computing; AES; RSA; ECC; secrecy
I. INTRODUCTION
Cloud computing is a "new" computer model that allows
using remote services through a network using various
resources. It is meant to give maximum with the minimum
resources. Cloud computing is one of the latest technologies in
IT sector and through cloud storage; one can access data
anytime from anywhere.
Security in cloud computing includes ideas, for example,
organize security, hardware and control methodologies sent to
ensure information, applications and foundation related with
cloud computing [1].
The most famous techniques for data security are
cryptography. There are two types of cryptography first type is
symmetric encryption also called Secret Key Cryptography
(SKC) that used a single key for both encryption and
decryption and the second type is the asymmetric encryption
also called Public Key Cryptography (PKC) which used two
keys one for encryption and another one for decryption.
34
Zakiah Ayop, Nurul Azma, Mohd. Rizuan Baharon
Center for Advanced Computing Technology (C-ACT),
Faculty of Information and Communication Technology,
Universiti Teknikal Malaysia Melaka, Malaysia.
Email: zakiah@utem.edu.my, azma@utem.edu.my,
mohd.rizuan@utem.edu.my
The security concerns have been on the rise. Weaknesses in
the user authentication process and the absence of effective
security policies in cloud storage pose a challenge in cloud
computing. Some of the commonly used encryption algorithms
for ensuring data security are the AES symmetric key
algorithm, ECC and RSA asymmetric key algorithms for
various security levels. However, each of these algorithms has
weaknesses, which render them vulnerable to intruders. Related
literature on AES shows that AES has a challenge in key
distribution arising from its simplified algebraic structure and
the use of a single key for the encryption and decryption
processes. Furthermore, the computational speed of RSA and
ECC when encrypting and decrypting huge volumes of data is
slower than that of AES. The use of a single algorithm to
secure information in the cloud computing architecture does
not provide sufficient security. Providing a trade-off between a
secure and efficient algorithm is the main challenge of this
study [2, 3, 4].
II. PREVIOUS WORK
A. Advanced Encryption Standard
The Advanced Encryption Standard (AES) it was selected
from a candidate list in a multiple round selection. The first
round chose algorithms with the best performance on personal
computer systems while the second round chose algorithms
with the best performance on field programmable gate arrays.
Therefore, the AES cryptosystem has great performance and
acceleration abilities. The AES encryption includes these
functions, Sub Bytes, Shift Rows, Add Round Key, and Mix
Columns for the data manipulation. AES system goes through
10 rounds for 128-bit keys, 12 rounds for I92-bit keys, and 14
rounds for 256-bit keys depend on key size, to transfer final
ciphertext or to get back the original text [4].
The secret key distribution is considered as an issue of
AES because in which same secret key is used for data
encryption and decryption [5]. A privacy-preserving public
auditing system for data storage security in cloud computing is
intended, although the computational time is increased but the
privacy is preserved. Most popular algorithm AES is used for
https://sites.google.com/site/ijcsis/
ISSN 1947-5500
 International Journal of Computer Science and Information Security (IJCSIS),
Vol. 16, No. 10, October 2018
this purpose AES data encryption is more scientifically capable
and graceful cryptographic algorithm, but its main force rests in
the key length. Time to decrypt or break the encryption is
directly proportional to the length of the keys used, the larger
digits the key will be having, and the more time it will require
to be broken [6]. AES gives multiple options in choosing
number of bits; the available options are 128-bit, 192-bit or
256-bit key.
B. Elliptic Curve Cryptography
Elliptic curve cryptography (ECC) is asymmetric algorithm
developed in the 80's [5]. The cryptography method makes use
of the fact that points on an elliptic curve form an abelian
group. The general key size for ECC is around 160 bits,
providing the same security level as 1024 key bits of RSA.
This makes ECC’s very attractive for implementations in areas
where we have memory limitations and computational
overhead is a concern [7]. Shilpi et.al [3] proposed
authentication mode by apply an ECC algorithm that provide
same level of security as of other public key cryptosystems
with less key size and strengthens the security of the algorithm.
ECC is based on the Discrete Logarithm the ECC algorithm
logarithm therefore, it requires major time to computation also
it is more complex and more difficult to implement.
Furthermore, it increases the size of the encrypted message
significantly [7].
C. Rivest-Shamir-Adleman
In 1978, Adi Shamir, Leonard Adleman, and Ronald Rivest
had developed a public key encryption and now it has become
a de facto standard for all encryption algorithms. Pretty Good
Privacy is one of the encryption programs that have been
formed on the basis of RSA algorithm. RSA is an algorithm for
public key encryption. It was a great contribution for public
key encryption and it is suitable for both encryption and
signing. It involves three steps: key generation, encryption and
decryption it is still widely used in electronic commerce
protocols and is believed security depends on the difficulty of
decomposition of large numbers [8]. Work by Kalpana et. al.
[9] shows that RSA algorithm has improved security of data on
cloud storage by allowing only the authorized user access the
data. When user send a request to the data from the cloud
provider, cloud provider authenticates on the user then delivers
the data. However the drawback of RSA is its computational
overhead, also the large keys size which it used that make it
slow.
III. PROPOSED HYBRID CRYPTOGRAPHIC ALGORITHMS
Hybrid cryptographic algorithms is combination of two or
more encryption systems. Such as symmetric algorithm and
asymmetric algorithm. The benefit of combination is to provide
high level of security through secure transportation of data
between users and cloud. Symmetric algorithms are effective in
processing of large data set because it requires less memory
and less battery power as compared to asymmetric algorithms
that used modular exponentiation and nontrivial mathematical
functions that causes of consuming more memory and
processing power. Asymmetric encryption algorithm makes the
probability to find the symmetric secret key is minimum thus it
35
hard for invaders to read the data even if they have the public
key. Furthermore, asymmetric algorithms are relatively reliable
in exchanging of encryption-key. The combination of both the
Symmetric and Asymmetric Cryptographic Techniques provide
Integrity, Confidentiality and Authentication [8].
Kanna & Vasudevan [8] proposed to improve the security
of outsourced data in cloud computing by combining ECC and
RSA with proxy Re-encryption. The proposed work is
compared with the identity-based encryption technique. The
result shows the high security of this work.
Bokefode et al [5] proposed hybrid AES-RSA combination,
AES algorithm, known for of its higher efficiency in block,
encryption is used for data transmission and RSA algorithm is
used for the encryption of the AES key to make the data
transmission more secure. The proposed hybrid provides great
efficiency.
Based on the previous study, we can review some of the
security features that has been covered in Cloud Computing
(refer Table I) which are:
• Authentication: is a procedure of confirm one’s
identity. This means that before transforming and
receiving data in cloud computing the identity of
receiver and sender should be verified.
• Privacy: is a procedure that determine what data in
cloud computing can be shared with third parties.
• Integrity: is a process that confirm only authorized user
modifies the data in a system.
• Key Management: it used to manage of cryptographic
keys in a cryptosystem. This contain dealing with the
generation, exchange and storage of key.
TABLE I. REVIEW SOME OF THE SECURITY FEATURES IN CLOUD
COMPUTING
Ref. Authentication Privacy Integrity Key
Management
AES [1][2] 3
ECC [3][7] 3
RSA [8][5] 3 3
Our Work 3 3 3 3
IV. METHODOLOGY
Methodology includes two methodical approaches: - first
one is proposed hybrid encryption algorithm and second one is
the experimental performance evaluation method. The three
algorithms namely AES, ECC and RSA have been combined
with a unique workflow to leverage benefits of all three
encryption algorithms and increased cryptosystem security and
reduced execution time.
https://sites.google.com/site/ijcsis/
ISSN 1947-5500
 International Journal of Computer Science and Information Security (IJCSIS),
Vol. 16, No. 10, October 2018

A. Encryption Phase
1. First taking text file as input, Advance encryption
standard algorithm is applied for encrypting the text
file (T0).
2. Applying AES algorithm for encrypted the text using
has secret key that gives (T1).
3. Applying ECC for encrypted the AES key only.
4. Encrypting (T1) and ECC key by applying RSA
algorithm.
5. This gives final encrypted text (Tf) and encoding key.
B. Decryption Phase
1. Decryption algorithm will be in reverse order.
2. Apply RSA decryption ( Tf )and encoding key.
3. This gives T1 and ECC key.
4. Decrypt encoding key with ECC algorithm.
5. Decrypt T1 by using AES algorithm to get plaintext T0
back.
(1)
Secrecy it is a good measurement to get an idea about the
ciphers. Higher secrecy (numerical value) higher the security.
V. IMPLMENTATION
The application of the proposed method has been done
using Java NetBeans as a graphical user interface to articulate
the procedures of carrying out the three encryption algorithms
Where utilized key sizes 128 bit for AES, 160 bits for ECC and
1024 bits for RSA. the application helps the users to check the
encryption time decryption time and secrecy value on screen
when pressed the relevant button.
The 15 files used to test, the file content (alphanumeric
characters, special characters) the same inputs are used to test
all the algorithms.
The main interface of the application consists of multiple
buttons that are intended to perform different functions. First
button enables the user to select one or more text files from the
15 file set. Second button addresses the application of AES
encryption method. The third button will apply ECC
encryption method, as well as, the fourth button, which
intended to apply the RSA encryption method. However, the
fifth button will examine the hybrid between AES and RSA.
Sixth button will address the hybrid between ECC and RSA.
Finally, the seventh button will address the proposed hybrid
method of all the three algorithms. As show in Figure 2.

Figure 1. Encryption and Decryption Diagram for Proposed hybrid

For second methodical approaches, experimental three

parameters have been used to evaluate encryption methods
based on encryption time (the time taken to convert plaintext
to ciphertext) , decryption time (the time to recover plaintext
from ciphertext) and secrecy value (secrecy is analyzed using
theoretical definitions of Shannon Secrecy of a cipher) Figure 2. Main interface
Secrecy of a cipher is described in terms of the key
equivocation, H (K) c of a key K for a given cipher text C; that
is the amount of uncertainty in K given C. Equivocation is the
As shown in Figure 3, where the input01.txt file has been
uncertainty of a message, reduced when there is additional
selected using AES algorithm button the application has been
information; Uncertainty of a message is the number of
evaluated using three evaluation metrics including encryption
plaintext bits that must be recovered when the message is
time, decryption time and secrecy value. Repeated test are
encrypted, in order to obtain the plaintext. Its entropy
performed to get average and eliminate error.
measures the uncertainty of a message. Higher the number,
higher the uncertainty; Entropy of a message X is called H(X),
which is the minimum number of bits needed to encode all
possible meanings of the message assuming the occurrences of
all messages are equally likely.

Mathematical equation of calculate secrecy is based on

[10].

36 https://sites.google.com/site/ijcsis/
ISSN 1947-5500
 International Journal of Computer Science and Information Security (IJCSIS),
Vol. 16, No. 10, October 2018

TABLE III. DECRYPTION TIMES (MS) OF THE ALGORITHMS FOR

VARIABLE INPUT DATA SIZES

File Size AES ECC RSA AES- ECC- Proposed

(Bytes) RSA RSA Hybrid

File 1 50 4 104 11 9 114 75

File 2 100 5 197 13 12 220 83
File 3 200 6 362 14 15 374 85
File 4 500 6 937 16 18 982 86
File 5 750 8 1351 17 19 1451 87
File 6 1000 10 1864 18 20 1858 87
Figure 3. Applying the AES algorithm File 7 1500 12 2805 19 26 2947 88
File 8 2000 12 3649 21 28 3724 114
VI. RESULT File 9 2500 14 4564 22 36 4929 118
In order to evaluate encryption methods AES, ECC and File 3000 15 5647 23 45 5947 124
RSA and their possible combinations. The algorithms have 10
been tested and compared against the same input sample of File 3500 18 6363 24 60 7059 125
plaintext to record results. The evaluation will be done based 11
on the average encryption time, average decryption time and File 4000 19 7159 29 73 7956 131
12
average secrecy methods. Table II, Table III, Table IV show File 4500 22 8169 32 79 9024 150
the result. 13
File 5000 23 9114 33 103 10202 161
14
TABLE II. ENCRYPTION TIMES (MS) OF THE ALGORITHMS FOR File 6000 23 11082 35 162 12707 209
VARIABLE INPUT DATA SIZES 15

Size AES- ECC- Proposed

File AES ECC RSA
(Bytes) RSA RSA Hybrid
TABLE IV. SECRECY VALUE FOR VARIABLE INPUT DATA SIZES
File
1 50 3 40 11 15 32 40
File File Size AES ECC RSA AES- ECC Proposed
2 100 4 50 11 18 57 41 (Byt RSA - Hybrid
File es) RSA
3 200 5 65 13 22 85 53 File 50 0.996 1.04 1.01 1.042 1.08 1.552
File 1 3 8 1
4 500 6 129 14 41 216 54 File 100 0.999 1.06 1.03 1.055 1.10 1.558
File 2 1 2 1
5 750 6 166 16 47 303 62 File 200 1.002 1.08 1.04 1.068 1.12 1.564
File 3 1 3 1
6 1000 8 209 18 49 399 72 File 500 1.007 1.09 1.05 1.082 1.14 1.572
File 4 7 8 1
7 1500 9 336 21 80 718 90 File 750 1.009 1.11 1.06 1.090 1.15 1.575
File 5 0 7 0
8 2000 10 408 25 115 1107 153 File 1000 1.010 1.11 1.06 1.098 1.15 1.579
File 6 6 9 7
9 2500 12 499 48 146 1607 197 File 1500 1.012 1.12 1.08 1.104 1.16 1.583
File 7 8 1 8
10 3000 12 568 61 178 2255 224 File 2000 1.014 1.13 1.08 1.111 1.17 1.586
File 8 1 3 6
11 3500 14 651 81 213 3063 230 File 2500 1.015 1.13 1.09 1.116 1.18 1.589
File 9 6 0
12 4000 15 731 87 268 3634 296 File 3000 1.016 1.14 1.09 1.121 1.18 1.591
File 10 0 2 6
13 4500 16 864 92 318 4545 326 File 3500 1.017 1.14 1.09 1.123 1.18 1.592
File 11 4 3 8
14 5000 17 948 115 386 5492 411 File 4000 1.018 1.14 1.09 1.124 1.19 1.592
File 12 1 5 6 3
15 6000 21 1133 136 568 7650 553 File 4500 1.018 1.14 1.09 1.127 1.19 1.594
13 8 9 8 4

As show in Table II, Table III and Table IV, AES

algorithm gives high speed because it used simple algebraic

37 https://sites.google.com/site/ijcsis/
ISSN 1947-5500
 International Journal of Computer Science and Information Security (IJCSIS),
Vol. 16, No. 10, October 2018

formulations for block cipher and need low RAM for
processing [5]. Vice versa, ECC algorithm which is work based
on the elliptic curve discrete logarithm [11] shown major
difference in time taken for encryption and decryption compare
to time taken by AES and RSA algorithm. In addition, it is
clear that the secure encryption would lead to a long encryption
and decryption time. Vice versa, the less encryption and
decryption time would lead to non-secure encryption.
Table V show a comparison among all the encryption
methods used in experiments. The evaluation is based on the
average encryption time, average decryption time and average
secrecy.
millisecond. This has been followed by RSA, which has been
achieved an average time of encryption 21.8 milliseconds.
After that, the AES-RSA algorithm has achieved the third
lowest average time of encryption by obtaining 47 milliseconds
then followed by the proposed hybrid algorithm by achieving
an average decryption time of 114.8 milliseconds. Similarly,
the hybrid of ECC-RSA has achieved the highest average time
of decryption, which was 4632.9 milliseconds.

TABLE V. TABLE 4. COMPARISON AMONG ALL THE ENCRYPTION

METHODS

Encryption Average Average Averaged

method encryption decryption
time time secrecy

AES 10.5 13.13 1.012

ECC 453.1 4224.4 1.119
RSA 49.9 21.8 1.075
AES + RSA 164.2 47 1.102
ECC + RSA 2077.5 4632.9 1.162 Figure 5. Average of Decryption time for each encryption method

Proposed
hybrid
186.8 114.8 1.581 In Figure 6, in terms of secrecy, the most secure encryption
method was the proposed hybrid algorithm where the secrecy
value was the highest by obtaining 1.58. This has been
As shown in Figure 4, in terms of the encryption method, followed by the hybrid of ECC and RSA, which achieved an
AES has achieved the lowest average time by obtaining 10.5 average secrecy of 1.16. The lowest secrecy value has been
milliseconds. This has been followed by RSA which has obtained by the AES followed by RSA.
achieved an average time of 49.9 milliseconds. After that, the
AES-RSA has achieved the third lowest average time of
encryption by obtaining 164.2 milliseconds followed by
proposed hybrid has achieved time by186.8 milliseconds
However, the hybrid of ECC-RSA algorithms has obtained the
highest average time by achieving an average time of 2077.5
millisecond.

Figure 6. Average of Secrecy Value for each encryption method

VII. CONCLUSION
This paper has examined the capabilities of cryptography in
terms of providing a security in cloud storage. This has been
done by investigating the common cryptography techniques
including AES, ECC and RSA. However, regarding to the
variations in the performance of these techniques, this study
Figure 4. Average of Encryption time for each encryption method
has addressed the problem of identifying an efficient and
secure encryption method. In fact, each encryption algorithm
On the other hand, as shown in Figure 5, the lowest average
has its own advantages and disadvantages. Some encryption
time of decryption has been obtained by AES 13.13
methods have the ability to guarantee the security, but they

38 https://sites.google.com/site/ijcsis/
ISSN 1947-5500
 International Journal of Computer Science and Information Security (IJCSIS),
Vol. 16, No. 10, October 2018
consume a long time in the process of encryption and
decryption. Vice versa, other methods may provide an efficient
encryption and decryption time, but they suffer from the lack of
security. Therefore, this study aims to propose a trade-off
encryption method that has the ability to accomplish the
security issue, meanwhile, maintaining a reasonable time of
encryption and decryption. This research has applied the three
algorithms AES, ECC and RSA using a dataset consisting of
multiple text file with different sizes. A trade-off encryption
method has been applied where the three algorithms have been
combined with a unique workflow.
The experimental results showed that the proposed trade-off
encryption method has achieved a fair encryption and
decryption time compared to the other methods. AES - RSA
have outperformed the proposed method in terms of time, but
the proposed method has outperformed it in terms of secrecy
value. Similarly, in terms of the secrecy value, the proposed
method has superior performance compared to all the methods.
The hybrid of AES- RSA has outperformed the proposed
method in terms of encryption and decryption time, but again
the proposed method has encryption and decryption time less
than RSA-ECC.
Hence, this study has accomplished a trade-off encryption
method that guarantee both efficiency and security has been
conducted.
REFERENCES
[1] K. Ranjit, and R.P. Singh, "Enhanced cloud computing security and
integrity verification via novel encryption techniques," In IEEE
Advances in Computing, Communications and Informatics, pp. 1227-
1233, Sep 2014.
39
[2] P.V. Maitri, and A. Verma, “Secure file storage in cloud computing
using hybrid cryptography algorithm,” In IEEE International Conference
Wireless Communications, Signal Processing and Networking, pp. 1635-
1638, Mar 2016.
[3] S. Singh, and K. Vinod, "Secured user's authentication and private data
storage-access scheme in cloud computing using Elliptic curve
cryptography," In IEEE 2nd International Conference on Computing for
Sustainable Global Development, pp. 791-795, 2015.
[4] G. Singh, "A study of encryption algorithms (RSA, DES, 3DES and
AES) for information security." International Journal of Computer
Applications, vol. 67(19), pp. 33-38, 2013.
[5] J.D. Bokefode, A.S. Bhise, P.A. Satarkar, and D.G. Modani,
“Developing a secure cloud storage system for storing IoT data by
applying role based encryption,” Procedia Computer Science, vol. 89,
pp. 43-50, Jan 2016.
[6] T. Brindha, and R.S. Shaji. "An Efficient Framework for Providing
Secured Transaction of Data in Cloud Environment," Indian Journal of
Science and Technology, vol. 9(44), pp. 1-6, 2016.
[7] Tirthani, Neha, and R. Ganesan. "Data Security in Cloud Architecture
Based on Diffie Hellman and Elliptical Curve Cryptography." IACR
Cryptology ePrint Archive 2014 (2014): 49.
[8] G.P. Kanna, and V. Vasudevan, "Enhancing the security of user data
using the keyword encryption and hybrid cryptographic algorithm in
cloud," In IEEE International Conference on Electrical, Electronics, and
Optimization Techniques, pp. 3688-3693, 2016.
[9] P. Kalpana, and S. Sudha, "Data security in cloud computing using RSA
algorithm," International Journal of Research in Computer and
Comunication Technology, vol. 1(4), pp. 143-146, 2012.
[10] T.D.B. Weerasinghe, "Secrecy and Performance Analysis of Symmetric
Key Encryption Algorithms," IACR Cryptology ePrint Archive 2014,
pp. 175, 2014.
[11] H. Tange, and B. Andersen, “Attacks and Countermeasures on AES and
ECC,” In IEEE 16th International Symposium on Wireless Personal
Multimedia Communications, pp. 1-5, June 2013.
https://sites.google.com/site/ijcsis/
ISSN 1947-5500