Secrecy and Randomness: Encoding Cloud data Locally using a One-Time Pad

There is no secrecy without randomness, and we address poor cloud security using an analogue chaotic onetime pad encryption system to achieve perfect secrecy. Local encoding returns control to the client and makes stored cloud data unreadable to an adversary. Most cloud service providers encode client data using public encryption algorithms, but ultimately businesses and organisations are responsible for encoding data locally before uploading to the Cloud. As recommended by the Cloud Security Alliance, companies employing authentication and local encryption will reduce or eliminate, EU fines for late data breach discoveries when the EU implements the new general data protection regulations in 2018. Companies failing to detect data breaches within a 72-hour limit will be fined up to four percent of their global annual turnover and estimates of several hundred billion euros could be levied in fines based on the present 146 days average EU breach discovery. The proposed localised encryption system is additional to public encryption, and obeying the rules of one-time pad encryption will mean intercepted encrypted data will be meaningless to an adversary. Furthermore, the encoder has no key distribution problem because applications for it are of “one-to-cloud” type. Keywords—Secrecy; Local encryption; GDPR fines; one-time pad; one-to-cloud; key distribution problem; chaos.

[1]  Werner Schindler,et al.  Random Number Generators for Cryptographic Applications , 2009, Cryptographic Engineering.

[2]  S. Vaisrub,et al.  A guide for the perplexed. , 1966, Manitoba medical review.

[3]  J. B. Boyling Carnot engines and the principle of increase of entropy , 1973 .

[4]  Diya Thomas,et al.  Medical image protection in cloud system , 2016 .

[5]  Mariusz Borowski The infinite source of random sequences for classified cryptographic systems , 2016, 2016 International Conference on Military Communications and Information Systems (ICMCIS).

[6]  E. Lorenz Deterministic nonperiodic flow , 1963 .

[7]  Shrikant Tiwari,et al.  An Innovative Approach for Implementation of One-Time Pads , 2014 .

[8]  W. Bennett Secret Telephony as a Historical Example of Spread-Spectrum Communication , 1983, IEEE Trans. Commun..

[9]  Robert A. K. Duncan,et al.  Enhancing Cloud Security and Privacy: The Power and the Weakness of the Audit Trail , 2016, CLOUD 2016.

[10]  Binder,et al.  Simulating chaotic behavior with finite-state machines. , 1986, Physical review. A, General physics.

[11]  DIRK RIJMENANTS Is One-time Pad History ? , 2015 .

[12]  Jonathan Blackledge,et al.  Entropy, Information, Landauer's Limit and Moore's Law , 2014 .

[13]  P. Tobin,et al.  Chaos-based cryptography for cloud computing , 2016, 2016 27th Irish Signals and Systems Conference (ISSC).

[14]  Jan Philipp Albrecht,et al.  How the GDPR Will Change the World , 2016 .

[15]  Bernard P. Zajac Applied cryptography: Protocols, algorithms, and source code in C , 1994 .

[16]  Michael Peter Kennedy,et al.  Three steps to chaos. I. Evolution , 1993 .

[17]  Sasa Mrdovic,et al.  Kerckhoffs' principle for intrusion detection , 2008, Networks 2008 - The 13th International Telecommunications Network Strategy and Planning Symposium.

[18]  Paul Tobin PSpice for Circuit Theory and Electronic Devices , 2007, PSpice for Circuit Theory and Electronic Devices.

[19]  Vinod Patidar,et al.  A new substitution–diffusion based image cipher using chaotic standard and logistic maps , 2009 .

[20]  X. Mou,et al.  On the security of a chaotic encryption scheme: problems with computerized chaos in finite computing precision , 2003 .

[21]  John Kelsey,et al.  Recommendation for the Entropy Sources Used for Random Bit Generation , 2018 .

[22]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[23]  Steven M. Bellovin,et al.  Frank Miller: Inventor of the One-Time Pad , 2011, Cryptologia.

[24]  Michael Peter Kennedy,et al.  Robust OP Amp Realization of Chua's Circuit , 1992 .

[25]  Asish Aich,et al.  A Survey on Cloud Environment Security Risk and Remedy , 2015, 2015 International Conference on Computational Intelligence and Networks.

[26]  Lee Tobin,et al.  On the Development of a One-Time Pad Generator for Personalising Cloud Security , 2017 .

[27]  Dirk Rijmenants THE COMPLETE GUIDE TO SECURE COMMUNICATIONS WITH THE ONE TIME PAD CIPHER , 2011 .

[28]  L. Szilard On the decrease of entropy in a thermodynamic system by the intervention of intelligent beings. , 1964, Behavioral science.

[29]  R. Landauer,et al.  Irreversibility and heat generation in the computing process , 1961, IBM J. Res. Dev..

[30]  Paul Tobin PSpice for Digital Communications Engineering , 2007, PSpice for Digital Communications Engineering.

[31]  Robert Ashby Designer's Guide to the Cypress PSoC , 2005 .

[32]  Recai Kiliç,et al.  A Practical Guide for Studying Chua's Circuits , 2010 .

[33]  M. Borowski,et al.  Modern usage of “old” one-time pad , 2012, 2012 Military Communications and Information Systems Conference (MCC).

[34]  Gonzalo Álvarez,et al.  Some Basic Cryptographic Requirements for Chaos-Based Cryptosystems , 2003, Int. J. Bifurc. Chaos.

[35]  Jonathan Blackledge,et al.  Stegacryption of DICOM Metadata , 2014 .

[36]  Sang Joon Kim,et al.  A Mathematical Theory of Communication , 2006 .

[37]  Alfred Menezes,et al.  Guide to Elliptic Curve Cryptography , 2004, Springer Professional Computing.

[38]  Claude E. Shannon,et al.  Communication theory of secrecy systems , 1949, Bell Syst. Tech. J..

[39]  Fumio Sato,et al.  A New Randomness Test Based on Linear Complexity Profile , 2009, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[40]  Jonathan Blackledge,et al.  On the Applications of Deterministic Chaos for Encrypting Data on the Cloud , 2011 .

[41]  Pedro María Alcover,et al.  A New Randomness Test for Bit Sequences , 2013, Informatica.

[42]  Steven M. Bellovin Vernam, Mauborgne, and Friedman: The One-Time Pad and the Index of Coincidence , 2016, The New Codebreakers.

[43]  Dascalescu Ana Cristina,et al.  A new method to improve cryptographic properties of chaotic discrete dynamical systems , 2012, 2012 International Conference for Internet Technology and Secured Transactions.

[44]  J. Kurths,et al.  A Comparative Classification of Complexity Measures , 1994 .

[45]  Manisha J. Nene,et al.  One time pad generation using quantum superposition states , 2016, 2016 IEEE International Conference on Recent Trends in Electronics, Information & Communication Technology (RTEICT).

[46]  Schuster,et al.  Generalized dimensions and entropies from a measured time series. , 1987, Physical review. A, General physics.

[47]  Paul Tobin PSpice for Digital Signal Processing , 2007, PSpice for Digital Signal Processing.

[48]  Jacques M. Bahi,et al.  Ramdomness quality of CI chaotic generators . Application to Internet security , 2010 .

[49]  Ricardo López-Ruiz,et al.  Notions of Chaotic Cryptography: Sketch of a Chaos based Cryptosystem , 2012, ArXiv.