Performance Evaluation of RSA-based Secure Cloud Storage Protocol using OpenStack

In this paper, the implementation of the General Secure Cloud Storage Protocol is carried out and instantiated by a multiplicatively Homomorphic Encryption Scheme (HES). The protocol provides a system for secure storage of data over the cloud, thereby allowing the client to carry out the operational tasks on it efficiently. The work focuses on the execution of five major modules of the protocol. We also evaluate the performance of the protocol with respect to the computation cost of these modules on the basis of different security parameters and datasets by conducting a series of experiments. The cloud was built using OpenStack and the data were outsourced from the client’s system to the cloud to study the security features and performance metrics when adopting the cloud environment. Keywords-cloud computing; OpenStack; RSA; homomorphic encryption; privacy


INTRODUCTION
Cloud computing has become an evolving field in research and development because it can considerably lower computation cost. It has become a demanding and tempting technology that provides various services of storage, computation, and availability of data from anywhere and at any time [1]. As cloud computing is used to store a huge amount of data that reside on servers that are not physically in the reach of the users and they are transferred to and from the servers, security has therefore become an issue that obstructs the deployment of the cloud environment in an affirmative way [2][3]. The advancements in cloud computing are taking place at a very fast pace as the majority of the IT firms have either already developed IT products aligned with the cloud computing paradigm or are planning to move their infrastructure over it. This leads to a greater emphasis on improving security policies and measures. Thus, there has been a rapid emergence in the security domain of cloud computing. Storage facilities are provided by the cloud to store the data on the servers, but users are not able to verify whether their data are kept secure. Detailed overviews of the core issues concerning privacy and security in cloud computing can be seen in [4][5][6][7].
To perform operations on the encrypted data stored on the cloud requires the cloud to send data to the client. The client then needs to decrypt them and perform the required operations. Next, the data must then be encrypted again by the client before they are outsourced to the cloud. Obviously, this increases the overhead at the client and the cloud side as well and is neither a feasible nor an efficient system. It implies the need for such a system that allows the client to directly perform operations on the outsourced data without decryption. This is what we call Homomorphic Encryption Schemes (HESs) [8]. Simply encrypting the data using HESs does not cater to the demands of data security. Besides, maintaining the integrity of data sent over to the cloud, it must also allow the client to detect any forgery and recover the original data. In this paper, the implementation of the General Secure Cloud Storage Protocol instantiated by RSA-based HES has been carried out and evaluated. The cloud was built using OpenStack and data from the client's system were outsourced to the cloud. Also, the performance of the protocol was evaluated with respect to the computation cost of these modules on the basis of different security parameters and datasets by conducting a series of experiments. This work also gives an overview to understand the practicality of the RSA-SCS protocol to overcome the threats and issues posed to the data stored on the cloud. Authors in [9], studied the execution of gradient-based algorithms that belong to a class of distributed projected algorithms. They proposed HE-based schemes that can attain accuracy by concurrently maintaining the state and coefficient of the respective member. Authors in [10], dealt with a privacypreserving distributed big data analytics framework for cloudbased applications that performs analysis tasks on encrypted data with end-to-end data protection. The framework employs BGV as a fully HES. Authors in [11] reviewed HESs and also presented an implementation of the Paillier PHE using Python Library for Paillier's PHE. The extension module Gmpy2 was used for carrying out the arithmetic operations and calculations. Authors in [12] discussed the enhanced FHE with a focus on the dynamic structure of Fully HESs that are symmetric in nature. Regarding secure outsourced calculations using HE, the authors in [13] discussed the encrypted data processing protocols by applying HE over addition and proxy cryptography. Their system aimed to attain the secrecy of the user data while preserving the intermediary and final results security under the semi-honest model. To process encrypted data, non-interactive protocols were designed. Authors in [14] discussed the security of multiparty computations. Sometimes, the users of cloud infrastructure have to sustain the computation overheads although these must be outsourced.
II. RSA BASED SECURE CLOUD STORAGE PROTOCOL To work out on the performance evaluation of the protocol, we have used RSA-based HES to instantiate the General Cloud Storage Protocol discussed in [15]. The G-SCS System Model RSA-based HES is partially homomorphic over multiplication [16].

A. The RSA-SCS Protocol
The chief aspects of the RSA-based HES are: • KeyGen ൫1 ൯ → ሺSK, PKሻ. By considering the value of λ, this module is required to generate two prime integers p and q which must be large enough [17].
• The multiplicative homomorphic property of RSA can be computed using the technique presented in [18].
• RSA can be used to evaluate the General Cloud Storage Protocol as RSA-SCS which consists of five modules each corresponding to a module as in the G-SCS but with the different parameters and Enc( ), Dec( ). [15].

B. RSA-SCS Workflow
It is evident that to validate the integrity of the data stored on the cloud, the relationship expressed in [15] can be easily used by the client. The comprehensive approach to describe the modules and the steps the in RSA-SCS are mentioned below.
• KeyGen ൫1 ൯ → ሺSK, PKሻ . This module is required to generate two integers p and q, where both of these should be prime numbers and the number of bits in the product of p and q must be ≥ λ.
• Audit ൫1 ൯ → σ. As G-SCS protocol provides two types of auditing. The client can perform either deterministic auditing, which is comparatively simpler, or randomized auditing.
• In the former, the user spawns another key K 2 whose length of bits is λ, to compute PRF using this key value. Now the auditing query σ = K 2 and it is then sent to the cloud.
• Prove ሺσ, D′; PKሻ → Г. The proof generated by the cloud is also of two types depending on the type of audit query sent by the client. This is the output of the 'verify' module.
III. OPENSTACK CLOUD IMPLEMENTATION OpenStack is one of the most popular open-source cloud ecosystems. We implemented the Openstack using 3-node architecture as depicted in Figure 1. The architecture consists of Compute, Controller, and Network nodes. These nodes are installed using the Ubuntu server 16.04. The OpenStack cloud was implemented in order to emulate the performance of the protocol in cloud environment. The data transfer and encryption for the instance running in the OpenStack cloud environment provided a realistic approach for the implementation of the protocol. Figure 2 presents the dashboard screen of the installed OpenStack Cloud. 3.00GHz and 16GB RAM. The evaluations were carried out using 3 different values for security parameter λ, i.e. 512, 1024, and 2048 bits on two data sets that are text files of 10 and 16KB. As the security of the RSA encryption scheme requires the product of two primes to be sufficiently large [17], therefore the BigInteger datatype is used to store the values for computation of the subsequent modules. AES is used as a pseudo-random function and the keys for the PRF are generated by the client. Each experiment was carried out 10 times and the average value was obtained as the result. To outsource the data, the Ubuntu machine was used and the instances were generated with the flavor m1.small having 2GB RAM and 20GB hard disk. The launched instances were accessed through the Putty software by using the key pair generated.

V. RESULTS AND DISCUSSION
We have implemented the cloud using OpenStack. The Ubuntu 16.04 system was used to carry out the experiment. The keystone service was used to establish the connection using the dashboard. The method involves creating new instances on the Compute node and then transferring the data over the cloud. The reason for the data values being larger in the results is that the experiment is carried out using the GUI of the instance created in the Openstack. The computation costs in seconds of the 5 modules of the RSA-SCS with respect to the 3 security parameter values when outsourcing a file of 16KB size are shown below. The values in Tables I and II signify that there is a direct correspondence between the outsourced data and the time cost of all the modules of the protocol. It can be seen from the results that running the KeyGen algorithm takes a longer time as the client generates 2 prime numbers initially and then other 3 integers to compute the pair of keys that are required for encryption and decryption. Also, the user has to generate a random number with a bit length of λ as the PRF key. The outsourcing time of KeyGen is much less than that of RSA and is linearly dependent on the size of the data, as we have carried out deterministic auditing. An audit is basically the time used to generate K 2 for the PRF as the audit query is equal to K 2 . The computation cost for RSA-SCS is comparatively higher than that of RSA-SCS, since it has to parse the outsourced data and generate the values of α and β using the exponential function. Referring to Table I, the cost of RSA-SCS is as large as expected. To check whether the cloud has maintained the integrity of the data that are sent to it, the client has to carry out exponentiation and modular multiplication and then a comparison of each computed result with the corresponding value of α. Therefore, the time for this module is sufficiently large. Figures 3 to 7 represent the comparative analysis of different parameters for 2 different file sizes, i.e. 10 and 16KB. As evident from these graphs, the time required for different parameters increases linearly with the increase in file size.      Table III shows the comparison of the proposed approach with the existing solutions. The proposed scheme was implemented using OpenStack cloud.

VI. G-SCS IMPLEMENTATION: SECURE AGAINST RISKS
The data stored on the cloud face threats such as insider attacks, data leakage/loss, data alteration, malicious cloud providers, and lack of data recovery [19,20]. The implemented OpenStack based G-SCS provides security against these types of risks and threats posed to the cloud data and users.

A. Loss of Data Integrity
The OpenStack based Secure Cloud Storage Protocol implementation offers its clients verification of the integrity of the data stored on the cloud through the auditing mechanism, thereby sending the proof against the audit query which can be verified as mentioned above. The cloud cannot cheat its client since a minor change in data results in a proof which when verified by the client, leads to output 0 rather than 1.

B. Malicious Cloud Provider
This is one of the major threats to cloud computing. It can include a malicious insider/employee or the provider itself [21]. The implemented GSCS-RSA outsource initially requires a pseudorandom function which must be secure enough so that the overall protocol becomes secure. As discussed in [15], if the cloud provider is malicious, it generates more than one (legitimate) proofs. Even then, the number of unknown quantities is greater than the total number of equations thus generated and hence the malicious cloud is unable to discover the secret key because of the PRF being used.

C. Lack of Data Recovery
The data recovery algorithm provides an efficient way to reconstruct the data in case of data loss. For this, the client needs to generate a special audit query for which the cloud sends the proof. If this proof is verified by the client, he then computes Encሺd ୧ ሻ by calculating β ൌ Encሺd ୧ ሻ ୣ mod t . Finally the outsourced data ሺd ଵ , d ଶ , … … , d ୫ ሻ can easily be recovered from Encሺd ୧ ሻ.

VII. CONCLUSION AND FUTURE WORK
In this paper, we have carried out an evaluation on the performance metrics and studied the security properties of the General Sloud Storage protocol under various circumstances that can occur in any HES. We have instantiated this protocol by a HES that is multiplicatively homomorphic, i.e. RSA, and thus assessed the computation cost of RSA-SCS using various parameter values and data sets in a series of experiments. The carried out analysis left us with the conclusion that although the evaluated protocol is secure and efficient, its computation costs can be lowered. As the experiments were conducted on varying bitlengths of the security parameter, it was found that, the higher the value of λ, the greater the security achieved, but the computation cost increases. On the other hand, a 1024 bitlength can help us attain more or less the same security but with a greater impact on the computation cost. The computation costs of the 5 modules with respect to different values of security There is always a door towards improvement, therefore we can further take steps to make this protocol operate more securely while maintaining its efficiency. Moreover, since RSA is a partially HES, we can further extend the protocol so that it is instantiated by an encryption scheme that is fully homomorphic. Although fully HESs are required in real-life applications and cloud infrastructure, their cost, whether that of computation or performance, is high. Therefore, as future work, we can consider this aspect and make progress in this regard that can lead us to achieve a secure as well as lightweight scheme. In the future, we will also implement the proposed scheme in a federated cloud environment.