Repository logo

Browsing by Author "Mosola, Napo Nathnael."

Filter results by typing the first few letters
Now showing 1 - 2 of 2
  • Thumbnail Image
    Item
    Client-side encryption and key management: enforcing data confidentiality in the cloud.
    (2016) Mosola, Napo Nathnael.; Blackledge, Jonathan Michael.; Dlamini, Moses Thandokuhle.
    Cloud computing brings flexible, scalable and cost effective services. This is a computing paradigm whose services are driven by the concept of virtualization and multi-tenancy. These concepts bring various attractive benefits to the cloud. Among the benefits is reduction in capital costs, pay-per-use model, enormous storage capacity etc. However, there are overwhelming concerns over data confidentiality on the cloud. These concerns arise from various attacks that are directed towards compromising data confidentiality in virtual machines (VMs). The attacks may include inter-VM and VM sprawls. Moreover, weaknesses or lack of data encryption make such attacks to thrive. Hence, this dissertation presents a novel client-side cryptosystem derived from evolutionary computing concepts. The proposed solution makes use of chaotic random noise to generate a fitness function. The fitness function is used to generate strong symmetric keys. The strength of the encryption key is derived from the chaotic and randomness properties of the input noise. Such properties increase the strength of the key without necessarily increasing its length. However, having the strongest key does not guarantee confidentiality if the key management system is flawed. For example, encryption has little value if key management processes are not vigorously enforced. Hence, one of the challenges of cloud-based encryption is key management. Therefore, this dissertation also makes an attempt to address the prevalent key management problem. It uses a counter propagation neural network (CPNN) to perform key provision and revocation. Neural networks are used to design ciphers. Using both supervised and unsupervised machine learning processes, the solution incorporates a CPNN to learn a crypto key. Using this technique there is no need for users to store or retain a key which could be compromised. Furthermore, in a multi-tenant and distributed environment such as the cloud, data can be shared among multiple cloud users or even systems. Based on Shamir's secret sharing algorithm, this research proposes a secret sharing scheme to ensure a seamless and convenient sharing environment. The proposed solution is implemented on a live openNebula cloud infrastructure to demonstrate and illustrate is practicability.
  • Thumbnail Image
    Item
    Post-quantum cloud security and data exchange using artificial intelligence.
    (2023) Mosola, Napo Nathnael.; Blackledge, Jonathan Michael.; Dombeu, Jean Vincent Fonou.
    This thesis investigates the application of plausible modern-day cryptographic solutions for securing the cloud and exchanging confidential data. The context followed is such that the strength of an encryption algorithm is based on the difficulty to cryptanalyse it. This means the more difficult the crypto-system is to cryptanalyse, the stronger and more trusted it is. The success of cryptanalysis on a cryptographic algorithm has been a function of the computational power available at the time of performing the cryptanalysis, without consideration of future innovations, specifically, without careful consideration of Moore’s law. A significant number of public-key crypto-systems can and will be compromised by a quantum computer coupled with the implementation of Shor’s algorithm. This has brought a lot of focus regarding research on cryptographic solutions post quantum computing (PQC) due to the following: ˆ cryptographic algorithms are based on the intractability of prime number factorisation using a conventional computing power; ˆ a quantum computer can factorize prime numbers with relative ease. In the past, the quantum computing paradigm was a hypothetical concept. Thus, cryptanalysis using quantum resources was a theoretical idea. This is no longer the case with the loom of quantum computers eminent. Consequently, prime number based encryption is becoming increasingly irrelevant. Low Qubit quantum computers now exist. Research and development in this area is growing. Hence the existence of the post-quantum cryptography paradigm. This paradigm is based on encryption algorithms developed and considered secure enough to withstand quantum attacks. Thus, the National Institute of Standards and Technology made a call for projects clustered under the Open Quantum Safe project (OQSP), which began in 2016. The ultimate goal of this project is development of future quantum resistant cryptographic algorithms for secure communication and data exchange. The OQSP aims to gather open source libraries which can be standalone or integrated into the public key encryption schemes to improve their security against ii quantum attacks in the quest to achieve quantum resistance. The major focus is placed on quantum key exchange (QKE). It is against this background that the material presented in this thesis reports on a spectrum of algorithms that are thought to be quantum resistant based on a coherence of ideas, methods, models and software implementation, trying to meet the NIST requirements and contributing to new knowledge in the field of cryptography. The aim is to provide confidentiality guarantees on cloud-hosted data as well as secure data exchange between communicating entities, while also tackling the cumbersome key exchange and management problem. The results show that the algorithms presented in this thesis introduce new ideas in cryptography and can be tested to withstand cryptanalytic quantum attacks, while a plausible encryption key distribution and management solution is proposed. In this context, the material presented in this thesis report on a spectrum of algorithms that are proposed to be quantum resistant based on a coherence of ideas, methods and software implementation, aimed at providing security of cloud-hosted data as well as data exchange between communicating entities. The cloud has a flexible, scalable and low cost properties. This is due to two concepts which are fundamental to cloud computing: ˆ virtualization; ˆ multi-occupancy. These above concepts have brought infinitely many benefits which make the cloud an attractive paradigm. Among the benefits are reduced capital and maintenance costs, high processing power, enormous storage facilities etc. However, security concerns affecting confidentiality of cloud-hosted data still plague bring concerns when it comes to cloud adoption. Data confidentiality can be achieved through encryption, which is in turn implemented by cryptographic algorithms. Hence, this thesis proposes and puts into practice cryptographic algorithms to solve issues of confidentiality, specifically in the cloud.