Implementing Location-Based Cryptography on Mobile Application Design to Secure Data in Cloud Storage

Abstract

Abstract This paper aims to identify security issues and existing solutions for cloud storage protection and to propose a mobile application design for securing data in cloud storage using the location-based cryptographic technique. In the proposed mobile application design, the user is required to perform the encryption before sending the data into the cloud storage. This paper provides a novel technique using location-based cryptography, secret keyword and hash function in order to further enhance the security of data in cloud storage that is currently only using either asymmetric or symmetric encryption algorithm. Asymmetric encryption’s has high security but due to the complexity in its computing, the performance rate is low while symmetric encryption’s performance is much faster as its implementation is easy. However, the attacker can still hack the data in cloud storage when either one of this encryption methods being used alone without any additional security layer. In this paper, location-based cryptography technique used consists of Advanced Encryption Standard (AES) algorithm and location information which are longitude and latitude coordinates. Those coordinates will be employed in the encryption and decryption process as additional security mechanism on top of existing cryptography method by generating supplementary encryption key called geo-lock key. Dynamic Toleration Distance (DTD) protocol will also be implemented with those coordinates to improve its practicality before it will be converted into the geo-lock key. AES algorithm will handle encryption and decryption process using the geo-lock key while secret keyword which defined by the user before starting the process will be used to authenticate the upload and downloading process. Both geo-lock key and secret keyword will be hashed using Secure Hash Algorithm 2 (SHA 2) and stored together with encrypted file in the cloud storage. The purpose of using location information is to ensure the encrypted file can be decrypted at intended location only while hash function is employed to protect the keys when they are stored in cloud storage. As a result, any unauthorized access to the file in cloud storage will not be allowed since each stored file was encrypted by the high performance of AES algorithm together with the decryption’s location restriction and the non-reversable hashed keys. The proposed mobile application design will serve an improvement in protecting stored data at cloud storage by using AES algorithm with location information as data encryption method and SHA 2 function for hashing the keys.