Available under a Creative Commons Attribution Non-Commercial Share Alike 4.0 International Licence
Electrical and electronic engineering
There is no secrecy without randomness, and we address poor cloud security using an analogue chaotic onetime pad encryption system to achieve perfect secrecy. Local encoding returns control to the client and makes stored cloud data unreadable to an adversary. Most cloud service providers encode client data using public encryption algorithms, but ultimately businesses and organisations are responsible for encoding data locally before uploading to the Cloud. As recommended by the Cloud Security Alliance, companies employing authentication and local encryption will reduce or eliminate, EU fines for late data breach discoveries when the EU implements the new general data protection regulations in 2018. Companies failing to detect data breaches within a 72-hour limit will be fined up to four percent of their global annual turnover and estimates of several hundred billion euros could be levied in fines based on the present 146 days average EU breach discovery. The proposed localised encryption system is additional to public encryption, and obeying the rules of one-time pad encryption will mean intercepted encrypted data will be meaningless to an adversary. Furthermore, the encoder has no key distribution problem because applications for it are of “one-to-cloud” type.
Blackledge, J. et al. (2018) Secrecy and Randomness: Encoding Cloud data Locally using a One-Time Pad, International Journal on Advances in Security, vol 10 no 3 & 4, 2017, http://www.iariajournals.org/security/