On the Applications of Deterministic Chaos for Encrypting Data on the Cloud
Document Type Conference Paper
Third International Conference on Evolving Internet INTERNET 2011 - Accepted for Publication, Luxembourg June 19-24, 2011
Abstract
Cloud computing is expected to grow considerably in the future because it has so many advantages with regard to sale and cost, change management, next generation architectures, choice and agility. However, one of the principal concerns for users of the Cloud is lack of control and above all, data security. This paper considers an approach to encrypting information before it is ‘placed’ on the Cloud where each user has access to their own encryption algorithm, an algorithm that is based on a set of iterated function systems that outputs a chaotic number stream, designed to produce a cryptographically secure cipher. We study cryptographic systems using finite-state approximations to chaos or ‘pseudo-chaos’ and develop an approach based on the concept of multi-algorithmic cryptography that exploits the properties of pseudo-chaos. Although such algorithms can be taken to be in the public domain in order to conform with the Kerchhoff-Shannon principal, i.e. the enemy knows the system, their combination can be used to secure data in a way that is unique to each user. This provides the potential for users of the Cloud to upload and transfer data in the knowledge that they are encrypting their data in a way that is algorithm as well key dependent, thereby defeating a known algorithm attack. This paper reports on one application of this approach called Crypstic in which the encryption engine is mounted on a USB memory stick and where the key is automatically generated by the characteristics of the plaintext/ciphertext file.