Design and Evaluation of a Quantum-Resilient Cryptographic Framework for Enhancing Security and Efficiency in Distributed Cloud Environments
| International Journal of Electrical and Electronics Engineering |
| © 2024 by SSRG - IJEEE Journal |
| Volume 11 Issue 7 |
| Year of Publication : 2024 |
| Authors : K. Samunnisa, Sunil V.K. Gaddam, K. Madhavi |
10.14445/23488379/IJEEE-V11I7P101
How to Cite?
K. Samunnisa, Sunil V.K. Gaddam, K. Madhavi, "Design and Evaluation of a Quantum-Resilient Cryptographic Framework for Enhancing Security and Efficiency in Distributed Cloud Environments," SSRG International Journal of Electrical and Electronics Engineering, vol. 11, no. 7, pp. 1-22, 2024. Crossref, https://doi.org/10.14445/23488379/IJEEE-V11I7P101
Abstract:
As the digital landscape evolves, the reliance on cloud computing for critical infrastructure across various sectors highlights the need for robust security mechanisms to protect sensitive data from emerging cyber threats, particularly those posed by quantum computing. Traditional cryptographic systems, while currently effective, are vulnerable to quantum attacks, necessitating the development of quantum-resistant solutions. This research introduces the Quantum-Resilient Cryptographic Framework (QRCF), a hybrid, adaptive cryptographic framework designed to safeguard cloud environments against both classical and quantum threats. The QRCF integrates lattice-based Kyber and code-based McEliece algorithms, offering a comprehensive and scalable solution for secure data storage, management, and transmission. Key contributions include the development of a dynamic security management layer that adapts to real-time threat analysis, ensuring continuous protection against evolving threats, and the implementation of robust post-quantum cryptographic methods that maintain high performance and low computational overhead. Quantitative analysis shows that the QRCF maintains a high throughput of 420 MB/s for encryption and 400 MB/s for decryption under normal operations, with latency as low as 3.2 ms and 3.6 ms, respectively. The framework exhibited strong resistance to various attack models, with success rates of 1.0% for brute-force attacks, 1.875% for MITM attacks, 0.833% for side-channel attacks, and 1.6% for replay attacks. Against quantum threats, the QRCF showed no vulnerability to Shor’s Algorithm and a minimal success rate of 0.667% for Grover’s Algorithm. The framework’s design ensures seamless integration with existing cloud infrastructures, providing practical migration strategies to quantum-safe cryptography without disrupting operational workflows. By addressing key research gaps in quantum-safe cloud security, this study contributes significantly to the field, offering a robust, scalable, and efficient cryptographic solution that enhances the security and operational performance of cloud environments in the face of advancing quantum computational capabilities.
Keywords:
Quantum-Resilient Cryptographic Framework, Lattice-based kyber, Code-based McEliece, Quantum computing threats, Cloud security, Post-quantum cryptography.
References:
[1] Dimitra Markopoulou, and Vagelis Papakonstantinou, “The Regulatory Framework for the Protection of Critical Infrastructures against Cyber Threats: Identifying Shortcomings and Addressing Future Challenges: The Case of the Health Sector in Particular,” Computer Law & Security Review, vol. 41, pp. 1-12, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[2] Kritika, “A Deep Dive into Code Smell and Vulnerability Using Machine Learning and Deep Learning Techniques,” International Journal of Computer Engineering in Research Trends, vol. 11, no. 4, pp. 32-45, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[3] Kapil Kumar Soni, and Akhtar Rasool, “Cryptographic Attack Possibilities over RSA Algorithm through Classical and Quantum Computation,” 2018 International Conference on Smart Systems and Inventive Technology (ICSSIT), pp. 11-15, 2018.
[CrossRef] [Google Scholar] [Publisher Link]
[4] Henry Chima Ukwuoma et al., “Post-Quantum Cryptography-Driven Security Framework for Cloud Computing,” Open Computer Science, vol. 12, no. 1, pp. 142-153, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[5] J. Mukerjee, V. Uppari, and B. Maloth, “GeoFusionAI: Advancing Terrain Analysis with Hybrid AI and Multi-Dimensional Data Synthesis,” International Journal of Computer Engineering in Research Trends, vol. 11, no. 2, pp. 50-60, 2024.
[Publisher Link]
[6] Aurélie Phesso, and Jean-Pierre Tillich, “An Efficient Attack on a Code-Based Signature Scheme,” Post-Quantum Cryptography, pp. 86- 103, 2016.
[CrossRef] [Google Scholar] [Publisher Link]
[7] Daniel J. Bernstein, and Tanja Lange, “Post-Quantum Cryptography,” Nature, vol. 549, pp. 188-194, 2017.
[CrossRef] [Google Scholar] [Publisher Link]
[8] Martin R. Albrecht, Rachel Player, and Sam Scott, “On the Concrete Hardness of Learning with Errors,” Journal of Mathematical Cryptology, vol. 9, no. 3, pp. 69-203, 2018.
[CrossRef] [Google Scholar] [Publisher Link]
[9] Jeffrey Hoffstein, Jill Pipher, Joseph H. Silverman, “NTRU: A Ring-Based Public Key Cryptosystem,” Algorithmic Number Theory, vol. 1423, pp. 267-288, 2018
[CrossRef] [Google Scholar] [Publisher Link]
[10] E. Elhadj Benkhelifa, Lokhande Gaurav, and Vidya Sagar S.D., “BioShieldNet: Advanced Biologically Inspired Mechanisms for Strengthening Cybersecurity in Distributed Computing Environments,” International Journal of Computer Engineering in Research Trends, vol. 11, no. 3, pp. 1-9, 2024.
[Publisher Link]
[11] K. Samunnisa, G. Sunil Vijaya Kumar, and K. Madhavi, “Intrusion Detection System in Distributed Cloud Computing: Hybrid Clustering and Classification Methods,” Measurement: Sensors, vol. 25, pp. 1-12, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[12] Nils Von Nethen et al., “PMMP - PQC Migration Management Process,” arXiv, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[13] P. SumanPrakash et al., “Learning-driven Continuous Diagnostics and Mitigation Program for Secure Edge Management through Zero-Trust Architecture,” Computer Communications, vol. 220, pp. 94-107, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[14] K. Lakshmi, Garlapadu Jayanthi, and Jallu Hima Bindu, “EdgeMeld: An Adaptive Machine Learning Framework for Real-Time Anomaly Detection and Optimization in Industrial IoT Networks,” International Journal of Computer Engineering in Research Trends, vol. 11, no. 4, pp. 20-31, 2024.
[Publisher Link]
[15] M. Repka, and P. Zajac, “Overview of the McEliece Cryptosystem and its Security,” Atra Mountains Mathematical Publications, vol. 60, no. 1, pp. 57-83, 2014.
[CrossRef] [Google Scholar] [Publisher Link]
[16] Yufei Xing, and Shuguo Li, “A Compact Hardware Implementation of CCA-secure Key Exchange Mechanism Crystals-Kyber on FPGA,” IACR Transactions on Cryptographic Hardware and Embedded Systems, vol. 2021, no. 2, pp. 328-356, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[17] Cong Peng et al., “Isogeny-Based Cryptography: A Promising Post-Quantum Technique,” IT Professional, vol. 21, no. 6, pp. 27-32, 2019.
[CrossRef] [Google Scholar] [Publisher Link]
[18] Tomasz Bosakowski, David Hutchison, P. Radhika Raju, “CyberEcoGuard: Evolutionary Algorithms and Nature-Mimetic Defenses for Enhancing Network Resilience in Cloud Infrastructures,” International Journal of Computer Engineering in Research Trends, vol. 11, no. 3, pp. 10-18, 2024.
[Publisher Link]
[19] Chris Peikert, “Public-Key Cryptosystems from the Worst-Case Shortest Vector Problem,” Proceedings of the Forty-First Annual ACM Symposium on Theory of Computing, pp. 333-342, 2009.
[CrossRef] [Google Scholar] [Publisher Link]
[20] Yu-Li Lin, and Chien-Lung Hsu, “Secure Key Management Scheme for Dynamic Hierarchical Access Control Based on ECC,” Journal of Systems and Software, vol. 84, no. 4, pp. 679-685, 2011.
[CrossRef] [Google Scholar] [Publisher Link]
[21] Prasanta Kumar Bal et al., “A Joint Resource Allocation, Security with Efficient Task Scheduling in Cloud Computing Using Hybrid Machine Learning Techniques,” Sensors, vol. 22, no. 3, pp. 1-16, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[22] Cheng-Yu Cheng, Edward Colbert, and Hang Liu, “Experimental Study on the Detectability of Man-In-the-Middle Attacks for Cloud Applications,” 2019 IEEE Cloud Summit, pp. 52-57, 2019.
[CrossRef] [Google Scholar] [Publisher Link]
[23] Gaurav Narula et al., “Novel Defending and Prevention Technique for Man‐in‐the‐Middle Attacks in Cyber‐Physical Networks,” Cyber‐ Physical Systems: Foundations and Techniques, pp. 147-177, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[24] Venkata Ramana K. et al., “Secure and Efficient Energy Trading using Homomorphic Encryption on the Green Trade Platform,” International Journal of Intelligent Systems and Applications in Engineering, vol. 12, no. 1s, pp. 345-360, 2023.
[Google Scholar] [Publisher Link]