Unit 30: Applied Cryptography in Cloud

1 P1: Analysis of the functions of Stream Cipher and Block

Cipher using a range of appropriate examples in practice
Protecting confidential data now relies on using cryptographic ciphers. Read on for the
explanation of two common types of symmetric ciphers which are stream ciphers and block
ciphers

Figure 1 Symmetric Branches

1.1 Stream Ciphers:

“Stream ciphers are symmetric key encryption algorithms that encrypt plaintexts by
combining them with a pseudorandom keystream bit by bit or byte by byte instead in
bigger blocks.”
While processing, they hold a changing state that is used to make a consistent stream of key
bits that is usually cross-checked with plaintext by an XOR process. How unpredictable the
keystream is and how nonce is implemented in the algorithm actually decide how secure the
stream cipher will be.
Key Components of Stream Ciphers
Following key components of stream cipher ensure that the keystream remains
unpredictable and non-repeating, both of which are critical for maintaining security;
Table 1 Key Components of Stream Ciphers

Component Description
Secret Key A shared secret key is what allows and controls encryption between
the two parties.
Nonce/ Every session receives a random value to ensure that every
Initializatio encryption has a unique key, even if all sessions use the same key.
n Vector
(IV)
Keystream There is a device that produces a chain of random-looking bits; then,
Generator the bits are XORed with the plaintext.
XOR An exclusive OR operation combines the encrypted keystream into
Operation the plain text.

1.1.1 Function Mechanism:

To work, stream ciphers take data bits or
bytes and then encode them in a
continuous stream of seemingly random
bits called keystream. We’ll cover the
steps in its process here.
1.1.1.1Initialization: Table 2 Stream Cipher

The sender and receiver start by using a shared secret key and their own unique nonce or iv.
1
 Unit 30: Applied Cryptography in Cloud

Both values get mixed together to start the system inside the cipher for each session, so the
outcome is always different.
1.1.1.2Keystream Generation:
Because of the within internal state produced from the key and nonce, the cipher keeps
generating a continuous stream of pseudorandom bits or bytes. The flow is never the same
and changes slightly for every class.
1.1.1.3Encryption:
The original message is converted one bit or one byte at a time by XOR-ing it with the
keystream. As a result, the message appears in a secure, encrypted way.
1.1.1.4Decryption:
The person receiving the message uses the same key and nonce to generate the same
keystream. If you XOR this keystream with the ciphertext, the plaintext remains.
1.1.2 Algorithms of Stream Cipher
Cloud security relies heavily on different kinds of stream cipher algorithms. The adoption
of ChaCha20 in TLS has gone up because it is fast and provides strong security. Salsa20
which is faster than AES, is still trusted for those who want to use fast encryption without
support from hardware. SNOW 3G is now responsible for protecting data transmission in
today’s virtualized telecommunications networks. AES in Counter (CTR) is designed to
use the block cipher mode for AES, turning it into a stream cipher which is widely
supported by numerous cloud systems.
1.1.3 Applications of Stream Ciphers in Cloud Security
Stream ciphers are especially suitable for cloud operations with a need for real-time, low
latency, and resource-efficient transfer of data. Their byte-by-byte encryption as well as the
negligible computational overhead make them perfect for secure communication.
In actual practice, there are several global cloud service suppliers that use stream ciphers in
various situations.
1. The reason why GCP’s TLS uses ChaCha20-Poly1305 is that not all mobile and
embedded devices can do AES encryption. Changing from AES to ChaCha20 for HTTPS
communication allows Google to offer the same level of encryption, while also making
Chrome run faster for Android users.
2. Microsoft Azure Communication Services secure live media on calls and conferences by
using stream cipher algorithms. Because stream ciphers operate quickly, secret
communications in real time work well for virtual meetings nowadays.
3. Lightweight stream ciphers are used by AWS IoT Core to secure telemetry and command
information sent from simple IoT devices. Because stream ciphers don’t use much
internal memory or CPU, they can connect thousands of sensors and endpoints at the
same time.
4. Because of the regular use of stream ciphers, companies such as Cloudflare and Akamai
are able to provide encrypted content in real-time streaming. As a result, the encrypted
stream of video/audio goes through smoothly, keeping the file smaller so that people can
access it quicker and with better quality, yet still enjoy security for their data.

1.2 Block Ciphers:

“Block ciphers are symmetric algorithms that carry out encryption processes on fixed
block size bits called blocks where they convert a whole block of plaintext into a block of
ciphertext by several rounds of substitution and permutation functions”.

2
 Unit 30: Applied Cryptography in Cloud

Block ciphers are strong because they scatter the influence of one text bit all through the
cipher and also create a highly complex link between the key and cipher.
1.2.1 Key Components of Block Ciphers
Following key components of block ciphers contributes to the cipher’s ability to confuse
and diffuse data, making it resistant to cryptanalysis.
Table 3 Key Components of Block Ciphers

Componen Description
t
Key Another pair of data, disguised inside a message which is used as the
“round key” generator.
Round The purpose it always carries out is to combine substitution and
Function reordering to disorient and mix up the message.
Key A way to take the given key and make several round keys for the
Scheduling encryption process.
Algorithm
Mode of Upon seeing texts with a length more than a single block, sets whether
Operation to chain or operate on them separately, in order to improve security.

1.2.2 Functional Mechanism:

Block ciphers work by encrypting data in fixed-size chunks (blocks), not bit-by-bit like
stream ciphers. Here's how they operate in a clear step-by-step process:
1.2.2.1Dividing the Data:
The full message is separated into
groups of fixed size such as 128
bits. If the data size isn’t exact,
padding data is filled in just
enough to finish the last block.
1.2.2.2Key Expansion: Table 4 Block Cipher
The full message is separated into groups of
fixed size such as 128 bits. If the data size isn’t exact, padding data is filled in just
enough to finish the last block.
1.2.2.3Rounds of Transformation:
The full message is separated into groups of fixed size such as 128 bits. If the data size
isn’t exact, padding data is filled in just enough to finish the last block.
1.2.2.4Mode of Operation (for multiple blocks):
In cases where the message is spread among more than one block, a type of operation
mode such as CBC, CTR or GCM chooses the method of connecting and processing the
blocks for extra protection.
1.2.2.5Encryption Output:
When all operations are performed, the result left is the ciphertext—the encrypted data.
1.2.2.6Decryption:
Reverse mathematical operations with the same secret key on ciphertext blocks return them
to plaintext.

3
 Unit 30: Applied Cryptography in Cloud

1.2.3 Algorithms of Block Cipher

Prominent ciphers utilized in cloud security include AES which is now used by most
companies as it has 128, 192 or 256-bit key options. Even if Triple DES is slower and
obsolete, it is still be used for legacy cloud systems. You can turn to Blowfish or Twofish
because they allow adjusting the key length and are fast. IDEA (International Data
Encryption Algorithm) is still used to protect certain kinds of applications, in spite of
being old (Suranjan Choudhury h Kartik Bhatnagar, 2007).
1.2.4 Applications of Block Ciphers in Cloud Security
Block ciphers are essential to cloud security because they work well to secure data while it is
not in use, records and file systems. Because they use many rounds of complex scrambing to
encrypt any size of data, they are well suited for securing information kept in the cloud and in
businesses. Because AES is strong, fast and compatible with a range of devices, current cloud
providers prefer it.
1. All data in S3 buckets are encrypted by AWS with AES-256-GCM (Galois/Counter
Mode) which is used by SSE-S3. Protecting customer data from hacking and supporting
compliance with rules such as GDPR and HIPAA are key goals of this.
2. Microsoft Azure Disk Encryption secures the whole VM disk by using AES-256-XTS, an
encryption method created for disk use, in XTS mode. Though physical access to the disk
is possible, the data cannot be accessed without the encryption key stored in Azure Key
Vault.
3. AES encryption with 256 bits is used by Transparent Data Encryption (TDE) on Google
Cloud SQL to manage encryption of database files. Using this method, there is robust
security for connections between data and still no noticeable degradation in availability or
speed while reading and writing.
4. Using block ciphers, AWS KMS, Google Cloud KMS and Azure Key Vault make sure to
encrypt and protect the master keys and other cryptographic data of customers. Hash
services provide secure storage for keys by acting on them with SHA-2 and AES.

2 M1: Analysis of the operational differences between stream

cipher and block cipher
Meaningful ways in which systems operate and are used in practical situations and each day
are called operational differences. Operationally, how each cipher works; how it manages and
utilizes resources; how, if at all, it handles errors; and how it performs and remains secure in
various environments distinguish these ciphers. How they differ decides how good they are
for cloud security jobs and how well they work in different systems.
Table 5 Operational Difference between Stream Cipher and Block Cipher

Stream Cipher Block Cipher

Sends bit-by-bit or byte-by-byte data to Uses fixed-length blocks (for example, 128 bits
another device applying a keystream. It’s per block) and transforms them multiple times to
ideal when you need to move data right make data secure. Secures rest state of data.
away.
2.1 Data Processing
They convert data instantly, applying All the information sent to a block cipher is
encryption as data moves through. This divided into fixed-size blocks, with each block
technology is efficient for real-time being worked on once for each round of
communication and data streaming, because substitution and permutation.

4
 Unit 30: Applied Cryptography in Cloud

it ensures low latency encryption. 🔹 Files are encrypted with AES-256 (a block
🔹 For Android devices that don’t support cipher) in place for server-side storage using
AES through hardware, Google Cloud uses AWS S3.
the ChaCha20 stream cipher to secure its 🔹 You can use it to secure static forms of data
TLS connections. such as documents, databases or backups in the
🔹 Usefulness: Lets you achieve quick and cloud, as encryption is key here and waiting time
secure HTTPS connections for mobile or is less important.
cloud API traffic that doesn’t overburden
your servers.

2.2 Resource Utilization

Stream ciphers are lightweight with minimal Block ciphers require more CPU cycles and
computational and memory overhead, memory due to complex rounds and key
making them suitable for resource- scheduling.
constrained environments. • Example: Azure Disk Encryption employs
• Example: AWS IoT Core uses lightweight AES-XTS, which requires higher computational
stream ciphers to secure telemetry from resources but secures entire VM disks efficiently
millions of low-power IoT devices (AWS (Microsoft Azure documentation, 2021).
IoT Core documentation, 2022). • Relevance: Suitable for cloud infrastructure
• Relevance: Enables encryption on devices where strong security justifies higher resource
with limited CPU and memory in cloud- usage.
based IoT applications.

2.3 Error Propagation

Stream ciphers generally exhibit limited Block ciphers can exhibit error propagation
error propagation; a bit error in transmission depending on the mode (e.g., CBC causes error in
usually affects only that bit upon decryption. one block to affect subsequent blocks).
• Example: Cloudflare uses stream cipher- • Example: Google Cloud Storage uses AES-
based TLS implementations for real-time GCM mode for encryption, which provides
streaming, where minimal error propagation integrity and limits error propagation (Google
ensures robustness against network noise Cloud security whitepaper, 2020).
(Cloudflare whitepapers, 2019). • Relevance: Critical for stored data integrity and
• Relevance: Important for reliable real- detection of tampering in cloud storage.
time data streaming in cloud networks.

2.4 Parallelization Capabilities

Stream ciphers typically operate Block ciphers can often be parallelized depending
sequentially, as each keystream bit depends on the mode (e.g., CTR, GCM allow parallel
on the previous internal state, limiting encryption of blocks).
parallel processing. • Example: AWS S3 uses AES-256-GCM mode
• Example: ChaCha20 used in Google which supports parallel encryption/decryption for
Cloud TLS sessions operates sequentially faster performance (AWS Security Blog, 2021).
but is optimized for software performance • Relevance: Parallelization enables efficient
(Bernstein, 2008). processing of large cloud data volumes with
• Relevance: While not fully parallelizable, strong encryption.
it still achieves high throughput on CPUs,

5
 Unit 30: Applied Cryptography in Cloud

ideal for cloud API encryption where

latency is critical.

2.5 Security Characteristics in Operation

Stream ciphers’ security depends heavily on Block ciphers provide strong diffusion and
nonce uniqueness and keystream confusion with complex transformations, resilient
unpredictability. against many attacks.
• Example: Failures in nonce reuse in stream • Example: AES-256 is the encryption standard
ciphers have led to vulnerabilities in IoT for Google Cloud Storage, providing robust data
devices using AWS IoT Core (AWS confidentiality and compliance with regulations
security advisories, 2019). like GDPR (Google Cloud security whitepaper,
• Relevance: Nonce management is critical 2020).
in cloud deployments to prevent key reuse • Relevance: Ideal for protecting sensitive data at
attacks in real-time communications. rest in cloud environments.

2.6 State Management and Synchronization

Stream ciphers maintain internal state that Block ciphers encrypt independently or via
changes with each encrypted bit/byte, modes like CBC or GCM that link blocks but
requiring synchronization of key and nonce have built-in error detection.
between sender and receiver to avoid data • Example: Google Cloud SQL uses AES-256
corruption. with Transparent Data Encryption, which applies
• Example: Microsoft Azure uses stream independent block encryption with built-in error
ciphers for live media streams, where resilience (Google Cloud, 2021).
maintaining synchronization ensures • Relevance: Easier synchronization due to block
seamless encrypted real-time independence, ideal for stored data integrity in
communication (Zhou et al., 2020). cloud environments.
• Relevance: Crucial in cloud real-time
applications to prevent stream
desynchronization and data loss.

2.7 Implementation Flexibility

Stream ciphers are typically simpler to Block ciphers have more complex structures
implement in software and hardware with requiring careful implementation of rounds, key
fewer computational demands. scheduling, and modes.
• Example: ChaCha20’s simplicity allows • Example: AES’s hardware acceleration support
implementation on mobile/cloud devices is widely available and heavily used in AWS,
lacking hardware AES acceleration, as seen Azure, and Google Cloud for disk and database
in Google Cloud’s TLS (Bernstein, 2008). encryption (NIST SP 800-38A, 2001).
• Relevance: Facilitates deployment on a • Relevance: Offers high assurance and
wide range of cloud devices and platforms performance but may be less flexible on low-end
with diverse capabilities. devices.
2.8 Operational Modes and Flexibility
Stream ciphers operate naturally in a Stream ciphers operate naturally in a continuous
continuous mode, often requiring less mode, often requiring less configuration.
configuration. • Example: Microsoft Azure’s use of stream
• Example: Microsoft Azure’s use of ciphers for live media encryption demonstrates

6
 Unit 30: Applied Cryptography in Cloud

stream ciphers for live media encryption ease of continuous data protection (Zhou et al.,
demonstrates ease of continuous data 2020).
protection (Zhou et al., 2020). • Relevance: Preferred in cloud scenarios
• Relevance: Preferred in cloud scenarios demanding uninterrupted data flows with low
demanding uninterrupted data flows with overhead.
low overhead.

3 P2: Produce code that implements

mathematical ciphers and algorithms to
encrypt and decrypt data
According to scenario, Acuity Trust, a major insurance provider, has requested Trillium
Information Security Systems to improve the security of its private cloud environment. One
key requirement is a sample cryptographic algorithm to demonstrate data encryption and
decryption that can be implemented in cloud-based systems. Trillium recommends the use of
the RSA algorithm for secure communication and key exchange.
3.1 RSA
Rather, Diffie and Hellman’s ground-breaking paper (1976) brought a new revolutionary
idea into the cryptography and basically provoked the cryptologists to invent a
cryptographic algorithm that will meet the demands of public-key systems. Since then a lot
of algorithms were proposed for public-key cryptography. Although initially promising,
they turned out susceptible or breakable eventually. One of the first solutions to this
challenge was in 1977 when Ron Rivest, Adi Shamir and Leonard Adleman at MIT
came up with the RSA scheme as it is known now and appears first in 1978. Within a few
years, the Rivest-Shamir-Adleman (RSA) scheme was established as the most broadly
accepted and applied general-purpose technique for public-key encryption (STALLINGS,
2011).
A public key to be used for the encryption or verification of signatures. One private
key for decryptions and signature creation. The secure nature of RSA lies in the issue of
factoring the product of two very large primes, which means that RSA is secure for such
environments as cloud, e-business transactions, and encrypted conversation.
3.2 RSA in Cloud Security a Real Use Cases
The RSA algorithm has found a lot of industries in different security mechanisms because
of its robustness in encryption and authentication. In the SSL/TLS certificates, RSA is
used to encrypt session keys which provide HTTPS connections between browsers and
servers with privacy of data. In cloud key management systems like AWS KMS and Azure
Key Vault, RSA is very important for encryption and decryption of the AES keys and
protection of the master key as well. In secure email system such as the ones used in
Microsoft Exchange, the RSA is used to encrypt messages as well as affix digital signatures
for confidentiality and authenticity or identity. Furthermore, authentication and login
systems make it possible for one to verify his/her identity by using the public-private key
exchanges in RSA to provide access only to the authorized users. Such are some of the use
cases that demonstrate RSA’s vital role in providing security for various digital
environments.

7
 Unit 30: Applied Cryptography in Cloud

3.3 Pseudo Code – RSA

RSA cryptosystem employs a set of mathematical procedures that provides secure
communication and authentication. In the key generation phase, each user first chooses two
large prime numbers, p and q say 1024 bits or bigger. These primes are multiplied in order
to calculate n = p × q that is a central element of both the public and private keys. Then,
Euler’s totient function is computed, i.e., φ(n) = (p − 1) (q − 1). A public exponent e with e
> 1 and e < φ(n) is then chosen, as well as e being coprime to φ(n) (i.e. gcd (e, φ(n)) = 1).
The private exponent d is calculated as above so (d × e) mod φ(n) = 1, i.e., d is the modular
multiplicative inverse of e. The public key obtained here is the pair (e, n) which can be
freely shared, while the pair of private keys (d, n) should be kept as secret from the owner
(Thomas H. Cormen, 2009) (STALLINGS, 2011).

Figure 2 Key Generation for RSA

For encryption, if Bob wants to send a secure message M to Alice, he will get Alice’s public
key (e, n) and compute the cipher text C = M e mod n and he sends to her.

Figure 3 Pseudo Code for encryption

8
 Unit 30: Applied Cryptography in Cloud

When she receives the ciphertext, Alice decodes the same using her private key which
involves computing M = C d mod n. Alice being the only one to have the private key, she is
the only one to be able to decrypt the message, hence its confidentiality.

Figure 4 Pseudo Code for decryption

4 P3: Discuss risks and issues in security of

public key encryption schemes
The foundation of modern digital security is Public Key Encryption, which makes it possible
to communicate securely, verify signatures, and authenticate people. But, no matter how
elegant the math behind it is, PKE can still run into problems that affect its security. This
section discusses the key weaknesses in public key cryptosystems, using real examples.
4.1 Risk: Key Generation
A very serious danger that exists in public key encryption schemes occurs in the form of
key generation especially in the cases where there is weaker randomness or reuse of prime
numbers. Random and decent sized primes free from duplicates are important in ensuring
the RSA keys are at all times secure from attacks. If such a process is compromised, then
the whole encryption system could be compromised.
4.1.1 Weak/Random Key Reuse
If RSA key pairs are constructed with lack of randomness or if the same prime numbers are
reused to generate different keys then the public moduli can have common prime factors.
This overlapping defines predictable mathematical ratios that allow fractioning of the
modulus efficiently and thus recovering the private keys thus breaking the encryption
(Rana, 2021).
Table 6 : Common Modulus Attack due to Weak Key Generation

Attack Description Real-World Example Consequences

Name
Common This attack takes Lenstra et al. in 2012 The attackers might
Modulus advantage of weak found thousands of RSA derive the public
Attack or reused prime public-keys on the internet modulus, obtain private
numbers in the with compounded prime keys, break

9
 Unit 30: Applied Cryptography in Cloud

RSA key factors because of poor encryption, and violate

generation process, key generation. the confidentiality.
thus making the
keys predictable.
4.2 Risk: Mathematical Weakness
While RSA relies on large numbers that are hard to factor, making changes to it can weaken
its mathematical foundation sometimes. Some approaches use short private exponents (d) to
make decryption go faster. However, as a result, the security of the scheme may be
seriously affected by known types of attacks.
4.2.1 Small Private Exponent
When the private exponent in RSA is very small, an attacker can use number theory means,
such as continued fractions, to find out the private key. The best-known use of this
vulnerability is called Wiener’s Attack, which makes it easy to break RSA if the smaller of
the numbers d and φ is less than one-third of n. This is a problem because some systems care
more about being quick than being secure.
Table 7 Wiener’s Attack on RSA with Small Private Exponent

Attack Description Real-World Example Consequences

Wiener’s Exploits RSA Even though real-world attacks on Private keys
Attack systems with public channels are rare, research has were
small private found that small private exponents in recovered,
exponents by RSA systems make them susceptible to compromising
using continued Wiener's attack. As a result, security was encrypted
fractions in order compromised to ensure high messages and
to reveal the result performance in embedded platforms for authentication.
d. these messages and authentications.
4.3 Risk: Partial Key Exposure
A little bit of information about a private key is enough to cause serious problems in public
key encryption. Hackers may take advantage of some parts of the private key being shown
and use strong mathematical techniques to get the whole private key, which is common in
lattice-based cryptanalysis (Rana, 2021).
4.3.1 Leaked Bits of Private Key
Side-channel attacks can allow an attacker to learn a part of the private key without getting
the entire key. They are able to use partial information from weak primes to reconstruct the
whole private key by using Coppersmith’s Attack. Embedded systems and smartcards are
especially at risk since attackers can use power analysis or electromagnetic emission to gain
indirect access to the data.
Table 8 Coppersmith’s Attack from Partial Key Exposure

Attack Name Description Real-World Example Consequences

Coppersmith’s Reconstructs Several studies indicate that side- All the RSA
Attack the entire channel assaults on smartcards can keys were
private key produce bits of RSA keys, which, found out,
using only a combined with Coppersmith’s meaning no
small number method make it possible to reconstruct encryption or

10
 Unit 30: Applied Cryptography in Cloud

of its bits and the whole secret key. It points out the authentication
lattice-based need for protecting against the was safe.
math. exposure of secret keys in
cryptography.
4.4 Risk: Implementation Flaws
Even mathematically secure cryptographic algorithms can be broken due to flawed
implementations. Hardware and software that run encryption algorithms often leak
information through unintended channels, such as execution time or power consumption.
4.4.1 Timing or Fault Leakage
When cryptographic operations are executed, their timing or behavior under intentional faults
can leak sensitive data. These side-channel attacks allow adversaries to deduce private keys
without directly attacking the encryption itself. The Bellcore Fault Injection Attack and
timing attacks are prime examples, often demonstrated on smartcards and secure hardware
modules.
Table 9 Fault Injection and Timing Attacks from Implementation Flaws

Attack Description Real-World Example Consequences

Name
Bellcore Exploit faults or During the Bellcore attack, it was The attackers were
Fault timing variations proved that inducing faults during able to get into the
Injection, during RSA calculations allowed the supposedly secure
Timing cryptographic attackers to get the private keys. This devices. critical
Attacks processes to tactic was useful for overcoming cryptographic
extract private algorithms that use the Chinese secrets lost.
key material. Remainder Theorem (CRT).
4.5 Risk: Communication Security
Public key encryption depends on the assumption that the public keys are correctly
distributed and untampered. However, when public keys are intercepted and substituted
during transmission, attackers can deceive users and decrypt communications.
4.5.1 Specific Vulnerability: Public Key Interception
An attacker in the middle of a key exchange can substitute the intended public key with
their own. The recipient unknowingly encrypts sensitive data using the attacker’s key.
Known as a Man-in-the-Middle (MITM) attack, this vulnerability is especially dangerous
in unsecured or spoofed networks like rogue Wi-Fi access points (Rana, 2021).
Table 10 Man-in-the-Middle (MITM) Attack through Public Key Interception

Attack Description Real-World Example Consequences

Name
Man-in- Intercepts and In July 2024, the Australian Federal Police Attackers
the- replaces public charged an individual with operating a fake gained full
Middle keys during Wi-Fi network on a commercial flight. The control over
(MITM) exchange, attacker set up an "evil twin" access point encrypted data
allowing that mimicked the legitimate in-flight Wi- and
attackers to Fi, tricking passengers into connecting. impersonated
read or alter Once connected, the attacker could intercept trusted
communication. sensitive information, including login identities.

11
 Unit 30: Applied Cryptography in Cloud

credentials.
4.6 Risk: Certificate Trust
The public key infrastructure (PKI) is built on trust in Certificate Authorities (CAs). If a CA
is compromised, it can issue fraudulent certificates that appear legitimate to users and
browsers, thus completely undermining the security of HTTPS and other PKI-reliant systems.
4.6.1 Compromised Certificate Authorities
When a CA is compromised, an attacker can generate certificates for any domain, tricking
users into trusting malicious sites. These certificates are indistinguishable from genuine
ones without manual inspection (Rana, 2021). The Fake Certificate Attack became
widely recognized after the DigiNotar breach.
Table 11 Fake Certificate Attack from Compromised Certificate Authorities

Attack Description Real-World Example Consequences

Name
Fake Involves In 2011, Dutch certificate Users unknowingly
Certificate malicious or authority DigiNotar was hacked, exposed sensitive
Attack compromised leading to the fraudulent data; public trust in
CAs issuing issuance of over 500 certificates, digital certificates
fraudulent including for domains like eroded.
certificates to Google. This breach allowed
impersonate attackers to perform MITM
trusted domains. attacks and led to DigiNotar's
eventual bankruptcy (Meulen,
2013).

M2: Analysis of key benefits of encryption

techniques KEMs, DEMs and PKEs and the
importance of securing public key systems
5 Analyzing Benefits of PKEs, KEMs and DEMs
Public Key Encryption (PKE), Key Encapsulation Mechanisms (KEMs), and Data
Encapsulation Mechanisms (DEMs) are essential for secure communication. Each plays a
unique role PKE for key exchange, KEMs for efficient key transfer, and DEMs for fast data
encryption. This section explores their benefits and importance in public key systems.
5.1 Public Key Encryption (PKE) & its Benefits:
Public Key Encryption (PKE) is a cryptographic system that uses two different keys: a
public key for encryption and a private key for decryption. The public key can be shared
openly, while the private key must be kept secret by the owner. This setup allows anyone to
encrypt a message for the key owner, but only the owner can decrypt it. PKE enables secure
communication without the need to pre-share a secret key, making it ideal for open or
insecure networks. However, PKE is relatively slow and inefficient for encrypting large
amounts of data, which is why it's often used just for encrypting small pieces of information
like key. Following are the benefits of PKE;

12
 Unit 30: Applied Cryptography in Cloud

5.1.1 Elimination of Pre-shared Secrets

PKE allows secure communication without the need for both parties to exchange a key in
advance through a secure channel. This solves a major limitation of symmetric encryption
and enables people who have never interacted before to securely exchange information
over open, untrusted networks—laying the groundwork for secure communication across
the internet.

5.1.2 Digital Signature Capabilities

PKE supports digital signatures, which offer strong authentication and non-repudiation.
With a private key, a user can sign a message, and anyone with the public key can verify
it. This guarantees the message’s origin and integrity and plays a critical role in
applications like secure financial transactions and legally binding digital agreements.

5.1.3 Network Scalability Enhancement

In large networks, PKE makes key management much simpler compared to symmetric
encryption. Instead of needing a separate key for every pair of users, each user only needs
one key pair. This dramatically reduces the number of keys required, making PKE ideal
for scalable systems with many users.

5.1.4 Simplified Key Distribution

With PKE, each user maintains only one private key and can access others’ public keys
through trusted channels. This is much easier and safer than symmetric encryption, where
every user pair would need to securely share and store a separate key.

5.1.5 Trust Infrastructure Support

PKE enables the creation of certificate authorities and public key infrastructures (PKIs),
which form the backbone of online trust. Through PKI, a few trusted certificates can be
used to verify millions of others, supporting secure websites, encrypted emails, digital
identities, and more.
5.2 Key Encapsulation Mechanisms (KEMs) & its Benefits:
Key Encapsulation Mechanism (KEM) is a cryptographic technique used to securely
transmit a symmetric key using public key encryption principles. Instead of directly
encrypting data with the public key (as in PKE), KEM generates a random symmetric key,
encapsulates it (i.e., encrypts it) using the recipient’s public key, and sends the encapsulated
key to the receiver. The receiver uses their private key to decapsulate (decrypt) and recover
the symmetric key. This symmetric key can then be used for faster data encryption. KEM is
a core component of hybrid encryption schemes, where public-key methods are used only
to protect keys, not entire messages (Waka Nagao1, 2005). Following are the benefits of
KEMS;
5.2.1 Computational Efficiency
KEMs are built specifically for sending symmetric keys securely. They are much faster
and use fewer resources than general public key encryption because they only focus on
key transmission, not full message encryption.
5.2.2 Formal Security Frameworks
Modern KEMs are designed using strong mathematical models and follow well-known
security standards. They are tested against advanced attacks (like chosen-ciphertext
attacks) and come with proven security guarantees.

13
 Unit 30: Applied Cryptography in Cloud

5.2.3 Hybrid Cryptography Enablement

KEMs are essential in hybrid encryption systems. They allow us to combine public key
encryption (for secure key exchange) with symmetric encryption (for fast data encryption),
giving us the best of both worlds — security and speed.
5.2.4 Enhanced Performance Characteristics
KEMs are more efficient than traditional public key encryption when it comes to key
exchange. They use less bandwidth, take less processing time, and need less memory,
which makes them great for devices with limited resources, like IoT sensors.
5.2.5 Standardization Compliance
Many KEMs follow current and future standards, including post-quantum encryption
standards from NIST. These standards are tested and reviewed by experts, making sure the
algorithms are secure, fast, and work well in real-world systems.
5.3 Data Encapsulation Mechanisms (DEMs) & its Benefits:
Data Encapsulation Mechanism (DEM) is the second part of a hybrid encryption scheme,
working alongside KEM. Once a symmetric key has been securely shared using KEM,
DEM uses that key to encrypt the actual data or message. Because symmetric encryption
(like AES) is much faster and more efficient than public key encryption, DEM is ideal for
handling large or performance-sensitive data. Together, KEM and DEM form a hybrid
encryption model: KEM ensures secure key exchange using public key methods, while
DEM ensures efficient data encryption using symmetric methods (Waka Nagao1, 2005).
Following are the benefits of DEMS;
5.3.1 High-Performance Bulk Encryption
DEMs can encrypt large amounts of data very quickly. They are much faster than public
key encryption and can reach speeds of several gigabits per second on normal computers
ideal for real-time or high-volume data processing.
5.3.2 Authenticated Encryption Integration
DEMs often use encryption methods that also check the integrity of the data. This means
they make sure the data hasn’t been changed or tampered with, providing both privacy and
authenticity in one step (like AES-GCM or ChaCha20-Poly1305).
5.3.3 Format Preservation Capabilities
Some DEMs can keep the format of the original data the same after encryption. This is
useful in older systems where the encrypted data must look like the original for example,
keeping the length and character set of a credit card number.
5.3.4 Resource Optimization
DEMs use very little computing power, which makes them perfect for all kinds of device
from powerful servers to small, low-power devices like smartwatches or IoT sensors.
Strong encryption can run even on limited hardware.
5.3.5 Algorithm Agility
DEMs allow you to choose different symmetric encryption algorithms based on what’s
needed — whether it's speed, security, or compatibility. For example, you might choose
AES for hardware performance or ChaCha20 for mobile efficiency.
5.3.6 Side-Channel Resistance
Modern DEMs are built to defend against special types of attacks that try to steal
information by watching how a system behaves (like timing or power usage). These
countermeasures make encryption more secure even in advanced attack scenarios.

14
 Unit 30: Applied Cryptography in Cloud

5.4 Importance of importance of securing public key

systems
Public key systems use PKE to securely exchange keys, KEM to efficiently transfer those
keys, and DEM to quickly encrypt the actual data. Together, they balance performance and
security in communications and data. The table below summarizes their key roles.

Table 12 Roles and Key Characteristics of PKE, KEM, and DEM in Public Key Systems

Component Purpose Role in Public Key Strength Performance

Key Systems
PKE (Public Secure key Foundation for Enables secure Computationally
Key exchange & trust and secure communication intensive,
Encryption) authentication key without prior key slower for large
distribution sharing; supports data
digital signatures
KEM (Key Efficiently Bridges public Optimized key Faster and
Encapsulatio encapsulates key and transport using lighter than full
n Mechanism) symmetric symmetric public keys; PKE for key
keys encryption in reduces overhead exchange
hybrid systems
DEM (Data Fast bulk data Provides Uses symmetric High throughput
Encapsulatio encryption scalable ciphers for and low
n Mechanism) encryption for speed; supports resource use
message authenticated
payloads encryption

P4: Illustrate, using a diagram, encryption and

decryption process functions in a PKI
environment for a business scenario

6 Using Diagram to understand workflow of PKI in Securing

VPN
To visually demonstrate how secure communication is achieved within TelCo’s PKI-enabled
VPN infrastructure, the following diagram outlines the encryption and decryption process
involved in a typical Public Key Infrastructure (PKI) setup. It reflects the end-to-end flow of
digital certificate issuance, identity verification, secure key exchange, and data transmission
between TelCo’s Branch and Headquarters. This illustration highlights how PKI components
such as the Certificate Authority (CA), Registration Authority (RA), and cryptographic key
pairs work together to establish trust, encrypt data using session keys, and ensure that only
verified parties can decrypt and access the transmitted information.

15
 Unit 30: Applied Cryptography in Cloud

6.1 Business Scenario

TelCo is a telecommunications company with two operational sites:
1. Headquarters (HQ)
2. Branch Office
Both locations need to exchange sensitive business data over the internet. To do this,
TelCo utilizes a Virtual Private Network (VPN) that creates a secure encrypted tunnel
between the HQ and the Branch. Currently, TelCo protects its communication with basic
security protocols.
6.1.1 Existing Security Workflow
Currently, TelCo uses a conventional VPN setup with pre-shared keys for authentication.
The data transmission relies on standard encryption protocols without certificate-based
authentication or advanced key management solutions.
1. Internet connectivity allows both locations to connect to each other via the public
internet.
2. A Virtual Private Network (VPN) is used to create a secure tunnel for data
transmission.
3. Perimeter firewalls are standard firewall appliances at the headquarters used to block
unauthorized traffic flow.
4. Basic access controls involve user authentication for network access.
5. Antivirus solutions provide endpoint protection on workstations and servers.

Figure 5 Organizational Structure Before PKI

6.1.2 Security Vulnerabilities and Limitations

The existing infrastructure presents several security challenges:
1. Weak authentication mechanisms such as pre-shared keys can be compromised or
mismanaged.
2. There is limited identity verification, making it difficult to verify the authentic identity
of connecting parties.
3. Key management issues arise because manual key distribution and rotation processes
are error-prone.
4. The system lacks non-repudiation, meaning it cannot definitively prove the source of
communications.

16
 Unit 30: Applied Cryptography in Cloud

5. It is vulnerable to man-in-the-middle attacks due to insufficient protection against

advanced interception attempts.
6.2 Public Key Infrastructure (PKI):
PKI provides the core framework for a wide variety of components, applications, policies
and practices to combine and achieve the three principal security functions (integrity,
authentication and nonrepudiation). A PKI is a combination of hardware and software
products, policies and procedures. It provides the basic security required for secure
communications so that users who do not know each other or are widely distributed, can
communicate securely through a chain of trust. Digital certificates are a vital component in
the PKI infrastructure as they act as ‘digital passports’ by binding the user’s digital
signature to their public key (Ray Hunt, 2002). The components of PKI include;
6.2.1 Security Policy
A security policy defines an organization's overall approach to information security,
including rules for cryptographic key handling and risk management. It may include a
Certificate Practice Statement (CPS) detailing procedures for key generation, storage,
certificate issuance, and revocation.
6.2.2 Certification Authority (CA)
The CA is the trusted entity that issues, manages, and revokes digital certificates. It
verifies identities, digitally signs certificates, sets expiry dates, and publishes Certificate
Revocation Lists (CRLs). Organizations may use Private CAs (in-house solutions like
RSA, IBM, Entrust) and Public CAs (external services like VeriSign).
6.2.3 Registration Authority (RA)
The RA is the interface between users and the CA. It authenticates user identities before
forwarding certificate requests to the CA. The strength of this authentication impacts the
trust level of issued certificates.
6.2.4 Certificate Repository and Distribution System
This system stores and distributes certificates and CRLs, often using an LDAP-enabled
directory. It may also include key recovery services to restore lost encryption keys.
It ensures that digital certificates are available for authentication and secure
communication within the VPN. Additionally, it helps enforce security policies by
managing certificate issuance, renewal, and revocation(Ray Hunt, 2002).
6.3 Illustration of PKI Implementation Workflow for Telco
VPN
To ensure secure communication between its Headquarters and Branch Office, TelCo
integrates a Public Key Infrastructure (PKI) into its VPN architecture. This implementation
enables robust encryption and mutual authentication using digital certificates issued by a
trusted Certificate Authority (CA). The following diagram illustrates the step-by-step
workflow of how PKI is used to establish a secure VPN tunnel. It details how keys are
generated, identities are verified, certificates are issued and validated, and how encrypted
communication is achieved across the network.

17
 Unit 30: Applied Cryptography in Cloud

Figure 6 Implementation of PKI within an organization

6.4 Explanation of PKI Implementation

Following explains all the steps needed to implement PKI for Telco VPN.
6.4.1 Key Generation at Branch.
At the outset of the secure VPN communication process, the TelCo Branch PC initiates the
creation of a cryptographic key pair, consisting of a Public Key and a Private Key. The
Public Key, along with the Branch’s identity information (such as hostname, device
identifier, and possibly organizational credentials), is then securely transmitted to the
Registration Authority (RA) for validation. This step is foundational to establishing a
trusted digital identity within the PKI framework.
6.4.2 Identity Verification
Upon receiving the public key and identity details, the Registration Authority (RA)
undertakes the task of verifying the legitimacy of the Branch's identity. This process may
involve manual checks, automated authentication systems, or integration with internal
directories. Once the identity has been validated to an acceptable standard, the RA
forwards the verified credentials and public key to the Certificate Authority (CA) for
certificate issuance.
6.4.3 Certificate Signing by CA
After receiving the verified information from the RA, the Certificate Authority (CA)
generates a Digital Certificate for the Branch PC. This certificate binds the Branch's public
key to its verified identity and includes metadata such as serial number, expiration date,
and certificate usage policies. The CA then digitally signs the certificate using its own
private key, ensuring authenticity and integrity. The completed certificate is then returned
to the TelCo Branch PC for use in secure communications.
6.4.4 VPN Connection Request
With a valid digital certificate in place, the TelCo Branch PC initiates a VPN connection
request to the Headquarters’ VPN server. As part of this request, the Branch includes its

18
 Unit 30: Applied Cryptography in Cloud

digital certificate to authenticate its identity to the HQ system. This certificate allows the
HQ server to confirm that the request is coming from a trusted, verified source.
6.4.5 Certificate Validation at HQ
Upon receiving the VPN connection request and associated certificate, the HQ VPN server
verifies the certificate by checking the CA’s digital signature using the CA’s public key.
This process confirms that the certificate has not been tampered with and was indeed
issued by a trusted CA. If the certificate is valid and not expired or revoked, the VPN
server allows the connection process to continue.
6.4.6 Secure Session Key Exchange
After successful authentication, a secure session key is generated and exchanged between
the TelCo Branch and HQ. This session key will be used for encrypting all data transferred
over the VPN. The exchange may use secure key agreement protocols like Diffie-Hellman
or Elliptic Curve Diffie-Hellman (ECDH), facilitated by the trust and encryption
mechanisms established through the PKI certificates.
6.4.7 Encrypted VPN Tunnel & Secure Communication
Once the session key is in place, a PKI-secured encrypted VPN tunnel is established
between the TelCo Branch and HQ. All business-critical data is encrypted using the
session key at the Branch side and decrypted at the HQ using the same key. This setup
ensures confidentiality, integrity, and authentication, enabling TelCo to securely transmit
sensitive information over the public internet without risk of compromise.
In conclusion, by integrating a Public Key Infrastructure (PKI) into TelCo’s VPN
communication framework, the organization significantly enhances the security and
reliability of its data exchanges between the Headquarters and Branch Office. The use of
digital certificates ensures strong identity verification, allowing only authenticated devices to
participate in the communication. Through the centralized role of a Certificate Authority
(CA), TelCo benefits from automated and scalable trust management, simplifying the
distribution and validation of cryptographic credentials. This architecture not only
strengthens protection against cyber threats but also ensures that sensitive business
information remains secure while traversing the public internet. Overall, PKI integration
transforms the VPN from a basic encrypted tunnel into a comprehensive, trust-based
communication system.

M3 Assess security risks and challenges of using cloud-hosted PKI

in a private network

7 Cloud-based PKI
Cloud PKI is the implementation of Public Key Infrastructure within cloud environments,
providing a reliable framework for secure electronic data transfer. As cloud-based services
have become the new normal, with advantages like scalability, cost-effectiveness, and
flexibility, traditional security methods are no longer adequate. In this dynamic, scalable, and
distributed infrastructure, PKI plays a vital role in mitigating security risks, helping to
safeguard the virtual world and enabling secure digital interactions in the cloud era
(Cybellium, 2023).

19
 Unit 30: Applied Cryptography in Cloud

8 Security risks and challenges of using cloud-hosted PKI

Cloud-based PKI introduces unique risks due to shared infrastructure, remote key handling,
and provider dependency. Ensuring secure operations requires addressing threats across key
management, access control, and system availability. The sections below outline key risks,
their impacts, and mitigation strategies.
8.1 Private Key Exposure
The risk of private key exposure in cloud-based PKI environments represents perhaps the
most critical security concern, as private keys form the foundation of trust in any PKI
system. Distributed storage across multiple HSM (Hardware Security Models) introduces
new attack vectors at each storage location. Additionally, the process of transferring private
keys between HSMs is inherently insecure; as noted, no sufficiently secure autonomous
method exists for such transfers. Furthermore, the need to predefine the same private keys
in all HSMs to support Certificate Authority (CA) mobility increases the number of key
instances and thereby expands the attack surface (Ms. Heena Kharche, 2012).
8.1.1 Potential Impacts
If private keys are compromised, attackers can impersonate legitimate entities and issue
unauthorized certificates, resulting in a breakdown of PKI trust. This compromises the
integrity of secure communications and necessitates emergency revocation procedures.
The trust chain across all systems becomes unreliable. Such exposure can lead to
widespread security and reputational damage.
8.1.2 Mitigation Strategies
To mitigate this, use FIPS 140-2 Level 3+ certified HSMs and enforce strict key ceremony
procedures. Monitor all key usage with anomaly detection tools and employ key splitting
where feasible to minimize exposure. Avoid duplicating keys unnecessarily across
locations. Strong operational controls reduce the risk of full compromise.

8.2 Multi-Tenant Isolation Failures

In a cloud-based PKI environment, multiple tenants share the same underlying
infrastructure, which demands rigorous isolation controls. There must be clear separation
between CAs and customers to avoid cross-contamination. It is imperative that visibility is
tightly controlled so that each tenant can only see and manage its own CAs. Even with
logical separation in place, the shared nature of physical resources—such as hardware,
networking, and system management introduces a persistent risk of isolation failure (Ms.
Heena Kharche, 2012).
8.2.1 Potential Impacts
Weak tenant isolation can result in one customer accessing another’s CA or certificate data,
breaching confidentiality. This undermines trust in the provider and may violate data
protection regulations. Such incidents can lead to legal consequences and reputational loss.
Cross-tenant manipulation could also disrupt certificate issuance integrity.
8.2.2 Mitigation Strategies
Mitigation requires implementing RBAC and ACLs, and applying tenant isolation across
network, application, and data layers. Conduct regular penetration testing to evaluate
boundary protections. Independent audits should validate isolation mechanisms. Visibility
must be restricted so tenants only access their own PKI environment.

20
 Unit 30: Applied Cryptography in Cloud

8.3 Improper Access Controls

Access control misconfigurations—particularly in the context of administrator certificate
management—can create significant vulnerabilities in a cloud-based PKI system. Only a
limited number of predefined CAs are allowed to issue certificates to administrators, which
is designed to constrain the trust model. However, adding new CAs for this purpose
requires application server restarts, which could introduce availability and configuration
issues. The requirement that each customer have a dedicated CA for issuing administrator
certificates underscores the importance of tightly managing administrative privileges and
access boundaries (Ms. Heena Kharche, 2012).
8.3.1 Potential Impacts
Inadequate controls over administrative certificates may allow unauthorized users to
escalate privileges or issue fraudulent certificates. This opens the door to persistent threats
and hidden backdoors within the PKI. Administrative mismanagement can severely affect
the integrity of certificate operations. The trust model becomes vulnerable to insider or
external abuse.
8.3.2 Mitigation Strategies
Apply the principle of least privilege for all administrative roles and enforce multi-factor
authentication. Create separate certificate hierarchies for administrator access and use
strict lifecycle controls for admin credentials. Perform regular audits of all privileged
actions. These steps help prevent abuse and detect anomalies quickly.
8.4 Downtime / Denial of Service (DoS)
Availability is paramount in PKI services, especially since they support time-sensitive
operations such as certificate validation and issuance. Relocating CA operations to less
burdened servers is sometimes necessary but introduces complexity. The infrastructure
must be capable of handling high volumes of certificate signing requests without
degradation. Resource constraints, especially under peak load conditions, can cause
performance issues if the HSM’s processing capacity is exceeded (Ms. Heena Kharche,
2012).
8.4.1 Potential Impacts
PKI service outages can halt certificate issuance and validation, disrupting authentication
processes across systems. This may trigger application failures, delays, or cascading
service interruptions. Downtime during peak load compromises business continuity.
Dependence on PKI makes these failures highly impactful and time-sensitive
8.4.2 Mitigation Strategies
Build redundant infrastructure across multiple availability zones to ensure resilience. Use
load balancing and auto-scaling to handle high demand and avoid bottlenecks. Implement
graceful degradation and test disaster recovery procedures regularly. Certificate caching
can also reduce the strain on validation services.
8.5 Insecure Key Migration
The act of migrating private keys between systems remains a particularly insecure operation
in cloud-based PKI models. There are no fully secure automated methods to move keys
between HSMs, making such operations inherently risky. When CA operations are moved,
not only must the private key be transferred or replicated at the destination, but all
associated CA data must also migrate, amplifying the chances for error or compromise. As
a result, many implementations require that the same private keys be pre-installed at each

21
 Unit 30: Applied Cryptography in Cloud

possible operational location, which again multiplies the number of high-value secrets in
circulation (Ms. Heena Kharche, 2012).
8.5.1 Potential Impacts
Migrating private keys between systems introduces serious risk of interception,
duplication, or mishandling. Without secure methods, attackers may access or reuse key
material. Improper deletion at the source can leave keys exposed. These risks undermine
the security and trustworthiness of the CA infrastructure
8.5.2 Mitigation Strategies
Use secure key wrapping and split-knowledge techniques for manual transfers. Whenever
possible, generate keys locally to avoid risky migrations. Maintain full chain-of-custody
documentation during key movement. Alternatively, apply key derivation functions
instead of moving actual private keys

8.6 Insider Threats and Cloud Provider Dependency

In a cloud-hosted PKI setup, especially one managed by a third-party provider, a significant
risk comes from insider threats, either from your own organization or the cloud provider’s
personnel. These insiders may have privileged access to sensitive cryptographic operations,
configuration settings, or key material. Moreover, over-reliance on the cloud provider's
controls, processes, and transparency can lead to a lack of visibility and diminished ability
to independently verify the integrity of the PKI (Stallings, 2016).
8.6.1 Potential Impacts:
Insiders with elevated access—either from your team or the cloud provider—can exploit
cryptographic controls, modify logs, or leak keys. This leads to undetectable tampering
and reduced auditability. Excessive trust in providers limits independent verification.
Legal or service disruptions may further worsen security posture
8.6.2 Mitigation Strategies:
Enforce strict separation of duties and strong access controls within your organization and
the provider’s environment. Demand full audit trails with real-time alerting for all
sensitive cryptographic actions. Favor Bring Your Own Key (BYOK) or Hold Your Own
Key (HYOK) models to retain control over key material. Use trusted execution
environments to protect against insider threats.

P5 Design a security case, representative of a business scenario, to

solve a security threat

9 TelCo Security Case: Advanced Threat Scenario&

Cryptographic Défense Strategy
Following Section analyzes the attack methodology, identifies the specific vulnerabilities.
This security case presents a detailed analysis of a sophisticated cyberattack targeting TelCo's
VPN infrastructure, which connects its Headquarters and Branch offices securely using
Public Key Infrastructure (PKI). The scenario focuses on a threat actor compromising the
trusted Certificate Authority (CA) to perform a Man-in-the-Middle (MITM) attack. The
document outlines the attack method, vulnerabilities exploited, business risks, and a clear
cryptographic defense strategy to mitigate the threat.

22
 Unit 30: Applied Cryptography in Cloud

9.1 Threat Scenario: Compromised CA Leading to MITM

The security case considers a sophisticated Advanced Persistent Threat (APT) group with
extensive knowledge of PKI infrastructure and the resources to conduct long-term
reconnaissance operations. This threat actor possesses advanced technical capabilities
necessary to compromise Certificate Authority systems and is primarily motivated by
industrial espionage objectives to intercept sensitive business communications between
TelCo's headquarters and branch offices. The sophistication of this threat actor represents a
realistic adversary that could target telecommunications infrastructure for strategic
advantage.
9.2 Attack Methodology
The attack unfolds in multiple, carefully planned stages:
9.2.1 Compromise of the Certificate Authority (CA)
The attacker uses a zero-day exploit in the CA’s web administration interface to gain
unauthorized access. This allows them to establish persistent control over the CA system
without detection. Over an extended period, the attacker studies the certificate issuance
processes and the trust relationships within TelCo’s infrastructure.
9.2.2 Extraction and Use of CA Private Key
Once inside, the attacker extracts the CA’s private key, the critical credential that allows
signing of certificates. With this key, they can create certificates that appear fully
legitimate to all TelCo systems.
9.2.3 Issuance of Fraudulent Certificates
Using the stolen key, the attacker generates fake certificates that mimic the identities of
TelCo’s legitimate VPN gateways, such as the Headquarters or Branch servers. These
certificates are cryptographically valid and trusted by TelCo’s VPN clients.
9.2.4 Network Positioning for Interception
The attacker gains a strategic position on the network path between Branch and
Headquarters. This may be achieved by compromising the Branch’s Internet Service
Provider (ISP), manipulating routers through BGP hijacking, or exploiting vulnerabilities
in intermediate network devices.
9.2.5 Execution of the Man-in-the-Middle (MITM) Attack
When the Branch VPN client initiates a connection to Headquarters, the attacker intercepts
this request and presents one of the fake certificates. The Branch trusts the certificate due
to the compromised CA. The attacker simultaneously creates a valid VPN connection to
Headquarters using another forged certificate. Both endpoints believe they are connected
securely to each other, but all data passes through the attacker.
9.2.6 Transparent Decryption and Data Manipulation
The attacker decrypts the VPN traffic using the fraudulent certificates, gaining full access
to sensitive data. They can record, modify, or inject malicious information into the
communication before re-encrypting it and forwarding it. Because all cryptographic
checks pass on both ends, this interception remains undetected by normal security
monitoring.

9.3 Vulnerabilities Exploited

Several weaknesses in TelCo’s current security setup enable this attack:

23
 Unit 30: Applied Cryptography in Cloud

Table 13 Existing Vulnerabilities in Telco.

Vulnerability Description
Single CA Trust The entire system relies on one CA,
creating a single point of failure.
Inadequate Certificate Checks VPN endpoints only verify signatures, not
the legitimacy of the certificate issuer.
Lack of Certificate Pinning VPN clients accept any certificate from the
CA, without verifying specific keys.
Static Key Management Predictable key generation allows attackers
to replicate session keys.
Absence of Certificate No public logging or real-time revocation
Transparency and Revocation checks mean fraudulent certificates remain
Checking unnoticed.

9.4 Business Impact Assessment

1. Data confidentiality breaches can expose sensitive communications between
Headquarters and Branch offices to unauthorized parties. This may lead to the leakage
of business strategies, financial information, and customer data.
2. Data integrity risks arise because the attacker can modify transactional data during
transmission, potentially causing financial fraud, incorrect decisions, or operational
disruptions. Such tampering could result in service degradation and long-term
operational issues if not detected promptly.
3. Regulatory compliance violations can occur due to unauthorized access to protected
data, breaching laws and industry regulations such as GDPR, PCI-DSS, and telecom-
specific requirements. This could lead to investigations, fines, and legal challenges.
4. Reputational damage may happen when the attack is discovered, which can erode
customer and partner trust, attract negative media attention, and harm TelCo’s market
image. This damage can reduce future business opportunities and impact long-term
revenue growth.
5. Intellectual property loss is a serious threat because proprietary technologies,
business processes, and confidential R&D information could be stolen. This
compromises TelCo’s competitive advantage and innovation leadership in the
telecommunications sector.

9.5 Cryptographic Defense Strategy

To counter the identified threat and strengthen TelCo's security posture, a comprehensive
cryptographic defense strategy has been developed that addresses the fundamental
vulnerabilities while establishing multiple layers of protection.
9.5.1 Hardware Security Modules (HSMs)
Hardware Security Modules (HSMs) serve as dedicated, tamper-resistant cryptographic
devices designed to securely generate, store, and manage private keys, particularly those
of Certificate Authorities (CAs). In the context of TelCo’s PKI infrastructure,
implementing HSMs is critical because the CA's private key represents the root of trust—
its compromise can enable attackers to issue rogue certificates and perform undetectable

24
 Unit 30: Applied Cryptography in Cloud

MITM attacks. By housing the CA's private key within a FIPS 140-2 or 140-3 certified
HSM, TelCo ensures that key extraction, unauthorized usage, or tampering becomes
virtually infeasible, even in the event of a server breach. Technically, the HSM is
integrated with the CA software, enforces strict access controls, and logs all cryptographic
operations, guaranteeing the integrity and confidentiality of the CA’s core credentials.
9.5.2 Threshold Cryptography
Threshold cryptography introduces distributed control over sensitive cryptographic
operations by splitting a private key into multiple components and requiring a subset of
these parts to cooperate for signing. In TelCo's security architecture, this is implemented
as a 3-of-5 scheme across multiple, geographically and administratively isolated
Certificate Authorities, ensuring that no single CA compromise can result in rogue
certificate issuance. This tool is crucial because it eliminates the single point of failure
inherent in traditional PKI models and drastically increases the cost, complexity, and risk
of a coordinated attack. Practical implementation involves using secret-sharing algorithms
such as Shamir’s Secret Sharing, combined with threshold-aware versions of RSA or
ECDSA for certificate signing, coordinated through secure multi-party computation
protocols.
1. Certificate Transparency (CT)
Certificate Transparency (CT) was fully implemented to make certificate issuance within
TelCo's domains and subdomains more open and clear. Selected and actively sent out all
the new certificates for TelCo’s VPN endpoints, web servers and other major systems to a
variety of independent Certificate Transparency logs (such as Argon and Nimbus run by
Google and Cloudflare, respectively). This system records every TelCo domain certificate
in a transparent and append-only public log. For the CT system to respond immediately to
security issues, a modern system for observing activity was established. This infrastructure
frequently examines CT logs to see if certificates were created for any of TelCo's
registered domains or subdomains not expected or allowed by the company’s internal cert
management tools. Suites of automated verification tools were set to detect unauthorized
or "rogue" certificates. If a suspicious event is detected, an instant alert is given to the
security operations center (SOC) and incident response teams. By using a prepared
response policy, organizations can react quickly to a threat and pull the certificate as soon
as the attack is found and take supplementary actions. Watching CT logs plays an
important role in spotting fake certificates or those distributed from a compromised CA,
acting as an external defense and backing up internal security measures.

2. Public Key Pinning (PKP)

All VPN clients in use at TelCo were equipped with Public Key Pinning to make
connections to critical Headquarters and Branch VPN endpoints much more reliable. The
process moved to safely calculating hashes (SHA256) of the listed, legal, public keys that
are part of each valid certificate on these specific VPN endpoints. The VPN then gave
these cryptographic hashes to each client, rather than sending the full certificates. TelCo’s
present MDM and configuration management were used to fix the pinned hashes, ensuring
they could not be modified and would be kept up to date on clients’ devices. Once a VPN
client starts communicating with a TelCo VPN server, it gets an X.509 certificate through
the TLS/SSL process. Specifically, the client has to do more than ensure the certificate is
25
 Unit 30: Applied Cryptography in Cloud

signed by its associated CA. Rather, the client takes the server’s public key from the
certificate, computes the hash of the key and compares it to the initial hash of the URL.
After that, the computed hash is matched against a list of trusted, already installed hashes.
When a VPN client receives a valid but risky certificate from a suspicious CA, with a
public key that is different from any pinned secure hashes, the VPN will instantaneously
block the connection. Because of this system, it becomes very difficult for such an attacker
to launch a MitM attack using fraudulent certificates, despite gaining access to a trusted
CA’s genuine certificate.

3. Perfect Forward Secrecy (PFS)

Perfect Forward Secrecy (PFS) is strongly used on all VPN endpoints by TelCo to make
sure its VPN traffic stays private as new developments or future key disclosures are
discovered. Both the VPN gateways and their clients were set up to only negotiate session
keys using the ECDHE ephemeral algorithm. People might derive session keys from the
long-term private keys in traditional key exchange, but ECDHE serves up specific
ephemeral keys for each session that lasts just a few minutes. In addition, the session keys
are often renewed and rotated every few hours or every given amount of data sent or
received, depending on what the security and efficiency policies require. The main idea
behind PFS in what we built is that these session-specific keys do not relate directly to the
central static keys. This design prevents hackers from accessing old protected VPN data,
even if private keys can be stolen in the future. It greatly reduces the risks of damage from
an old key being hacked, so earlier conversations remain secure.

4. Short-Lived Certificates
Limiting the amount of time vulnerable or fake certificates could be used, TelCo made
Short-Lived Certificates their normal standard in the internal CA. The period each
certificate for internal VPN endpoints, servers and users was set to was between 24 and 48
hours. Because of the short validity period, the window open to misusing a stolen
certificate and doing cause harm is severely limited. To guarantee no interruptions and low
administrative burden, renewing certificates was fully automated and coordinated on all
VPN devices. Agents installed on endpoints and servers keep an eye on certificates and
obtain new ones automatically from the CA before the current ones expire, making sure
VPN use isn’t interrupted. Rapid renewal makes it necessary to adjust cryptography
routinely and with OCSP stapling in real-time, anomalies can be detected and a malicious
use of a certificate is curtailed to the smallest possible timeframe.

5. OCSP and OCSP Stapling

OCSP and OCSP Stapling were extensively used in all parts of TelCo’s VPN network to
confirm the revocation status of certificates on-demand. A number of OCSP responders
were put in place in many locations for balance and reliability. Ensuring the architecture
was distributed made it possible to guarantee low delay with revocation checks and keep
the system reliable, with no single failure point. Sensitive parts of both VPN clients and
servers were tightly set to ensure they close if certificates are ever revoked. For this
26
 Unit 30: Applied Cryptography in Cloud

reason, if there is a problem in verifying the certificate information or if the OCSP

responder is not answerable, the VPN client or server will reject the connection. As a
result, any certificates that have been compromised or canceled are not usable.
Additionally, wherever possible, OCSP Stapling was enabled on both our VPN gateways
and servers. Thanks to this feature, the server signs an OCSP response and links it to its
own X.509 certificate right after starting the TLS/SSL handshake. So, the client does not
have to send a separate and often delayed OCSP request; this reduces the time it takes to
connect and improves the client’s privacy by hiding the certificates the client queries from
outsiders. This automatic process ensures that any certificate used for a VPN is quickly
blocked once it is compromised and VPN connections remain trustworthy.

Feature Potential Impacts

Hardware Security - Secure private key generation and storage- Protection even
Modules (HSMs) if CA is compromised- FIPS 140-2 compliance- Tamper
resistance and full auditability
Threshold - Eliminates single point of failure in CA- Requires multiple
Cryptography parties to issue certificates- Resistant to insider/external
attacks- Increases system resilience
Certificate - Public log of all certificates issued- Immediate detection of
Transparency (CT) unauthorized certificates- Supports trust and audit
mechanisms- Enables early response to misuse
Public Key Pinning - Prevents acceptance of spoofed certificates- Blocks MitM
(PKP) attacks even with a valid rogue certificate- Ensures client-
server identity binding
Perfect Forward - Protects past VPN traffic from future key compromises-
Secrecy (PFS) Uses ephemeral keys for each session- Minimizes damage
from compromised long-term keys
Short-Lived - Limits the window for certificate misuse- Forces regular
Certificates rotation of credentials- Enables automatic renewal and quick
revocation- Reduces manual intervention
OCSP and OCSP - Real-time certificate revocation checking- Ensures revoked
Stapling certs are not used- Redundant responders ensure availability-
Enhances client trust with strict verification
2. Challenges Faced During Implementation
Because of the complexity of such a system, it required thorough preparation, plenty of
resources and ongoing effort to overcome the main technical and operational difficulties:

1. HSM Integration and Management Complexity:

Using Hardware Security Modules with the current CA environment was technically
complicated. Among the difficulties faced were ensuring all PKI tools operated together
smoothly, setting up secure remote links and safeguarding the HSMs and managing all the
keys (creating, backing up, recovering and destroying) while abiding by the rules on
exporting keys. Keys were made tamper-free by configuring HSMs to keep
comprehensive audit trails and then integrating these with established logging systems.

27
 Unit 30: Applied Cryptography in Cloud

2. Orchestration of Threshold Cryptography:

Distributing CA trust by using threshold cryptography was challenging both logistically
and technically. Each of the individual secret shares was distributed safely to a variety of
CAs that were located in remote areas. Besides, to allow MPC protocols to execute
securely across various parts of the network and to orchestrate the consensus process
required for each important CA action (including issuing or revoking certificates), solid
processes, unique cryptographic software and ample training for all involved operators
were necessary. Optimization of network latency was necessary at different places to stop
any delays in operations..
3. Certificate Transparency Monitoring Overhead:
While valuable, constantly scanning Certificate Transparency logs for rogue certificates
led to a lot of work obtaining and analyzing data. Scanning millions of CT entries to detect
unlawful certificates was possible only when advanced correlation systems were used in
order to prevent mistakenly identifying legitimate ones as threats. Providing timely
warnings and adding CT monitoring to current SIEM systems was not easy.
Managing Public Key Pinning on a large and changing number of VPN devices was
challenging and took us a while to find a good solution. A key issue was properly updating
the pinned public key hashes on all client systems each time routine key rotation or
certificate renewals are performed on VPN endpoints. Failing to update or misconfiguring
the system could result in multiple network connection losses and most services being
offline. To avoid any network disruptions, we had to design an update process that could
be controlled automatically and verified thoroughly along with a clear way to back out if
something goes wrong.

4. PFS Compatibility and Performance Tuning:

It was challenging for TelCo to make VPN clients compatible across different operating
systems due to the requirement to use Perfect Forward Secrecy with Ephemeral Elliptic
Curve Diffie-Hellman (ECDHE). Ensuring that all platforms used the same strong and
secure cryptographic setup was not easy. Also, adjusting how often secret keys are
replaced in a way that ensures maximum security and has little impact on efficiency or
resource use in gateways required an extensive testing process.
5. High-Volume Short-Lived Certificate Automation:
Issuing and renewing certificates for short periods (lasting just 24-48 hours) increased the
amount of work for internal VPN access and user authentication. Because of this, a system
had to be created and put in place that was very reliable, tolerant to errors and completely
managed automatically. It was a big challenge to make sure the corporate CA could handle
the increased workload, without affecting the reliability of the self-enrolment and self-
renewal features everywhere and not leaving the team needing to step in often.
6. OCSP Responder Resiliency and Fail-Closed Risks:

How Effective Is Reliability in OCSP Responders and Leaving Untrustworthy Content

Blocked?
Ensuring appropriate availability of OCSP responders with a mix of locations and equal
distribution was technically challenging. A major issue faced was handling the operation
28
 Unit 30: Applied Cryptography in Cloud

risk linked to the "fail-closed" OCSP setting. While this provides the best security (not
allowing the use of certificates that failed to be verified), if any problem arose with OCSP
responders or their servers, all users with working VPNs would be denied service and face
service disruptions. To deal with this risk, plans were made for extreme backup systems,
continual monitoring of all responders and quick procedures for dealing with any system
breakdowns.
3. Conclusion
The addition of these six features – Hardware Security Modules (HSMs), Threshold
Cryptography, Public Key Pinning (PKP), Perfect Forward Secrecy (PFS), Short-Lived
Certificates and OCSP/OCSP Stapling – makes TelCo’s VPN network more secure.
Employing these strategies, guided by cryptography and cryptanalysis, gives TelCo’s
important communication more confidentiality, integrity and availability. Because TelCo
is aware of vulnerabilities and ready for the next threat, the company has built a
dependable structure for its worldwide business. Ongoing verification, watching for
threats and developing future plans help TelCo keep its position as a cybersecurity leader,
protecting its assets and consumers in the face of new risks..

2. P6 Evaluate the key benefits of using a range of cryptography and hybrid

cryptosystems to improve cloud security.

4. Symmetric Cryptography
Symmetric cryptography uses the same key for both the process of security and its
opposite, security unravelling. It is popular because encrypting big data sets in cloud
environments requires its high speed, low use of processing power and efficiency. The
biggest problem is sharing the encryption key securely on networks and this calls for more
security measures.
1. Common Symmetric Algorithms
Below are some widely used symmetric encryption algorithms in cloud security
applications:
Table 16 Common Symmetric Algorithms
Algorithm Detailed Description
AES AES is the current industry standard for symmetric encryption and
(Advanced supports 128, 192, or 256-bit keys. It is a block cipher that operates
Encryption on 128-bit blocks and is known for its robustness against brute-
Standard) force attacks. Widely adopted in cloud services like AWS and
Azure for securing data at rest and in transit.
ChaCha20 ChaCha20 is a modern stream cipher that provides strong security
and faster performance than AES in software-based environments.
It uses a 256-bit key and a 96-bit nonce and is resistant to timing
attacks, making it ideal for mobile and cloud applications. It is
often used in TLS 1.3 as an alternative to AES-GCM.
3DES (Triple 3DES enhances the original DES algorithm by encrypting data
DES) three times using three 56-bit keys, effectively creating a 168-bit
key length. Although more secure than DES, it is slower and

29
 Unit 30: Applied Cryptography in Cloud

considered outdated for modern cloud security needs. Many

organizations are phasing it out in favour of AES.
2. Benefits of Symmetric Cryptography in Cloud
The following benefits highlight why symmetric cryptography is widely adopted for cloud
data protection:
1. Performance Efficiency happens because encrypting and decrypting data is fast with
very few resources needed for symmetric algorithms. The need for this speed is
important to ensure there is no significant wait when working with big data on the
cloud. Cloud services run smoothly when processing happens quickly.
2. Resource Optimization matters since it takes fewer CPU cycles and less room in
memory with symmetric encryption than asymmetric methods. Lower hardware
requirements for encryption mean that cloud service providers spend less on daily
operations. It makes it possible to direct more resources towards different cloud tasks.
3. Algorithms such as AES-256 make Data Protection Strength robust against any attack
that uses force or is based on studying patterns in data. Castellan’s security helps
protect any confidential cloud data while it is stored or transferred. It greatly
minimizes the chance of unauthorized people seeing your data.
4. The ability to scale and bring new services together is supported due to the nature of
symmetric cryptography with cloud services. It is designed to rapidly secure growing
volumes of information while avoiding the necessity for complex key management.
Thanks to adaptability, cloud security stays stable as the platforms develop.
5. Asymmetric Cryptography
A public-key cryptography system, also called asymmetric cryptography, relies on two
keys linked by math, one used for encryption and one for decryption. It provides safe
methods for sharing keys, signing information and preventing repudiation which are
essential for both cloud safety and following rules. Though it demands more computing
power, asymmetric encryption helps secure the first parts of a cloud connection and
confirming who is connected.
1. Common Asymmetric Algorithms:
The following asymmetric algorithms are fundamental to securing cloud communications
and identity verification:
Table 17 Common Asymmetric Algorithms
Algorithm Detailed Description
RSA (Rivest– RSA is one of the most widely used public-key algorithms,
Shamir– relying on the mathematical difficulty of factoring large prime
Adleman) numbers. It supports both encryption and digital signatures and
is commonly used in SSL/TLS, email encryption, and secure
data transmission. RSA with 2048-bit or 4096-bit keys
provides strong protection but can be slower than ECC.
ECC (Elliptic ECC offers comparable security to RSA but with significantly
Curve shorter key lengths (e.g., a 256-bit ECC key equals a 3072-bit
Cryptography) RSA key). This results in faster computation, lower power
usage, and better performance, especially in mobile and cloud
environments. ECC is commonly used in protocols like
ECDSA and ECDH.

30
 Unit 30: Applied Cryptography in Cloud

ElGamal Based on the Diffie-Hellman key exchange, ElGamal provides

semantic security and is used in some open-source tools. It
supports both encryption and digital signatures but requires
more computational resources and ciphertext expansion
compared to RSA. Its academic importance remains high,
although less used in cloud production systems.
2. Benefits of Asymmetric Cryptography in Cloud
Key benefits of asymmetric cryptography support secure cloud interactions and identity
assurance:
1. Key Exchange Security ensures that exchanging keys is secure, with no sharing of
secrets required, reducing the risk from distributing them. It is necessary to build
trusted connections automatically in cloud systems. It makes communication more
secure.

2. Using Digital Signature Authentication ensures that identification is accurate and

makes it harder for someone to deny wrongdoing which is important for following
cloud compliance rules. As a result, it stops unauthorized people from using your
information and helps provide proof if needed in legal situations.

3. Key Management Scalability makes it simple to deal with encryption keys in large
cloud settings where many people are using the system. As more users are added,
public key infrastructures relieve administrative work and help keep operations
secure.

4. Because each cloud tenant gets unique key pairs, asymmetric encryption helps keep
user data more protected by separating it from other accounts. Because tenants don’t
share resources in the same way, the chance of one tenant taking data from another is
greatly reduced
6. . Hybrid Cryptosystems
By combining symmetric and asymmetric cryptography, hybrid cryptosystems gain
considerable advantages. Normally, asymmetric encryption is used to share a symmetric
key that can be used for efficient data encryption. This way of working helps ensure
security and speed, so it’s suitable for cloud, VPN and secure file transfer services. It deals
with sharing secret keys, similar to what symmetric cryptography does, but without facing
the slowdowns of using only asymmetric cryptography.
1. Common Hybrid Implementations:
Several well-known protocols use hybrid cryptosystems to balance security and
performance in cloud applications:
Table 18 Common Hybrid Implementations
Hybrid Detailed Description
System
TLS/SSL TLS (and its predecessor SSL) is the backbone of secure internet

31
 Unit 30: Applied Cryptography in Cloud

communication. It uses asymmetric encryption (e.g., RSA, ECDHE)

to establish a session and exchange symmetric keys (e.g., AES or
ChaCha20), which are then used for fast, secure data transfer. TLS
1.3 further enhances performance and security, removing older
vulnerable algorithms.
PGP (Pretty PGP secures emails and files using a hybrid approach: asymmetric
Good encryption (RSA) protects the session key, while symmetric
Privacy) encryption (AES or IDEA) encrypts the actual message. It also
supports digital signatures, enabling message authenticity and
integrity. PGP remains a strong standard in secure communications.
IPsec IPsec uses protocols like IKE (Internet Key Exchange) to negotiate
(Internet secure symmetric keys using asymmetric cryptography. It secures
Protocol network-level communications in VPNs and enterprise cloud
Security) networks. AES is typically used for payload encryption, while RSA
or ECDH
handles key exchange.
2. Hybrid Cryptosystem Benefits in Cloud
Following are the benefits of hybrid cryptography support secure cloud interactions and
identity assurance:
1. The balance between performance and security is improved because hybrid
cryptography uses fast symmetric encryption and secure key exchange. As a result,
cloud providers can keep the system fast and secure for transfers of large amounts of
data.

2. Key Distribution Problem Solving happens because hybrid systems rely on

asymmetric encryption to securely send symmetric keys and bypass vulnerabilities
associated with sharing keys. It greatly decreases the chance of a key being
compromised in the cloud and keeps such secrets private.

3. Among the many Cloud Implementation Advantages is that basic tasks such as key
management, are simplified and less expensive. Merging private, public and hybrid
clouds through hybrid systems guarantees uniform security and better dependability.

4. Protocol Flexibility is able to run protocols like TLS and IPsec, ensuring that it can
work with many different systems. Thanks to this flexibility, cloud providers are able
to manage several types of communication and successfully combine different cloud
systems.
7. Cryptographic Hash Functions
Cryptographic hash functions process data and create a set hash value of the same size that
is always different for each input. They are applied to ensure that data cannot be altered,
protect passwords, seal digital documents and remove identical data. Hash functions used
in cloud systems should be collision-resistant, pre-image resistant, be fast and keep data
safe under large-scale or hostile attacks.
32
 Unit 30: Applied Cryptography in Cloud

1. Common Hash Algorithms:

Following are the most common hashing algorithms used for the security and for the
integrity of data.
Table 19 Common Hash Algorithms
Algorithm Detailed Description
SHA-256 Part of the SHA-2 family, SHA-256 is widely used for file
(Secure Hash integrity checks, digital signatures, and blockchain. It generates a
Algorithm 256- 256-bit hash and is resistant to collisions and pre-image attacks.
bit) It's the default standard in most secure cloud storage and
transmission services.
SHA-3 The latest NIST-approved hash standard, based on the Keccak
algorithm. SHA-3 provides a different cryptographic structure
than SHA-2 and is designed to be resistant to new attack vectors,
including some side-channel attacks. It supports the same hash
sizes but with a sponge construction.
bcrypt bcrypt is a password hashing algorithm that incorporates a salt
and adaptive cost factor. It is specifically designed to resist brute-
force attacks and can be configured to increase computation over
time. It's heavily used in cloud identity and access management
systems for securely storing credentials.

2. Hash Function Benefits for Cloud Security

1. Information remains intact as hashing makes it easy to spot when data in a block is
updated. Because of this feature, data in the cloud is not altered, helping to build trust
in distributed systems..

2. Added salt and increased calculation in storing passwords are features of adaptive
hashing algorithms like bcrypt. It greatly hinders brute-force attacks and makes user
credentials in the cloud more secure, so they are less likely to be compromised.

3. It allows cloud storage to identify and remove duplicate data blocks by using hashing.
Thanks to this, resources are used efficiently, costs are down and both customers and
providers have better security.

4. Using hash functions is how support for Digital Signatures and Blockchain ensures
that records stay unchanged. This is essential for safe protection of transactions and
records on the cloud, helping make cloud financial and legal dealings more
trustworthy.
8. Evaluation of Cryptographic Methods for Cloud Security

33
 Unit 30: Applied Cryptography in Cloud

The table below is evaluation of various cryptographic methods, comparing their

effectiveness across key security criteria to guide the selection of appropriate solutions for
enhancing cloud security.
Table 20 Evaluation of Cryptographic and Hybrid Cryptosystems methods

The analysis has found that no cryptographic technique can fully meet all of the
security requirements of the cloud on its own. It is great at handling large volumes of data,
but it faces problems distributing keys, so it usually uses asymmetric cryptography.
Although it secures identity and communication very well, asymmetric cryptography
requires additional effort to perform computations. These types of cryptosystems are the
best because they manage security and performance well in busy cloud settings. Ensuring
both the integrity of data and the security of authentication depends greatly on
cryptographic hash functions. Having these techniques together ensures more secure
protection for the assets stored in the cloud.
3. P7 Assess common factors influencing an organizations choice of cloud
solution(s) to improve security.

9. Factors influencing cloud security solution choices.

When moving to the cloud, organizations are guided by different factors when picking the
right security solutions. Examples of these factors are the cost of the solution, if the system
matches existing infrastructure, lawful use, the technology’s flexibility and how ready the
workforce is to use it. Security is important in the transition which is why safe
cryptographic methods should be chosen to store, process and protect business data. You

34
 Unit 30: Applied Cryptography in Cloud

can see in the following sections what these key aspects include.

1. 1. Compliance and Regulatory Requirements

It is very important to look at compliance when choosing a cloud service. To protect
consumer data, various industries have to comply with GDPR, HIPAA or PCI-DSS,
among other regulations. Organizations should confirm their cloud provider can handle
these regulations with certificates, set policies and check through audits. If a business does
not meet compliance rules, it may lose its reputation and face legal charges. Organizations
benefit from cloud providers that make their applications compliant with industry
standards. As a result, picking a cloud solution relies heavily on the rules for each region.
2. Data Sensitivity and Classification
The nature of the data processed by a business affects the cloud platform it should use.
Sensitive data such as financial and health records requires special precautions and fewer
people to access it. Companies usually arrange their data and pick out the proper cloud
model—public, private or hybrid. Some sensitive data might be safest when it is stored
only in a private cloud. Some businesses store less important data in the public cloud to
save money. If data sensitivity is understood, it allows for good security while keeping
things practical (Rahimli, 2013).
3. Security Capabilities of the Cloud Provider
Not all cloud providers provide the same security features for their customers. Some of
these tools are firewalls, systems for checking intrusions, encryption options and identity
access management. Organizations look into if these tools satisfy their security standards
and help decrease cyberattack risks. An automatic and thorough security system is more
appealing to most businesses. They increase safety while reducing the effort put in by IT
workers. That is why powerful cloud native tools for security are a crucial part of choosing
a cloud provider (Rahimli, 2013).
4. Shared Responsibility Model
On the cloud, both the provider and customer must fulfill different aspects of security. For
instance, the infrastructure is kept safe by the provider, but the organization controls who
can access the data. If the model is not fully understood, it may result in less effective
protection of systems. Organizations need to select providers who clearly outline the roles

35
 Unit 30: Applied Cryptography in Cloud

and give help in securing the customer’s system. Knowing this model prevents problems
from unclear lines of security. For this reason, it’s an important consideration when
switching to cloud computing (Rahimli, 2013).

5. Cost vs. Security Trade-Offs

Environmental monitoring companies must control how secure their data is compared to
the resources they plan to spend on security. To use some of the more advanced security
features on cloud services, you may have to spend more. It is important for companies to
assess if these tools are worth spending money on. In most cases, the least expensive
choice may not secure your system well and an expensive one may be unrealistic to
maintain. To succeed over time, investment should be well-balanced. Therefore, making a
decision between security and cost is very important (Rahimli, 2013).
6. Scalability and Flexibility
Security should never be missed as a business grows and its cloud solution needs to grow
with it. Scalability lets you add more users, data or services quickly and in a secure way.
When using the cloud, the business is easily able to handle new expansion, gain more
customers or handle more jobs. Security policies must not change as the chosen solution
continues to grow. Automated scaling and safety usually makes providers more attractive
to clients. That’s why, when planning for future growth, scalability is very important
(Rahimli, 2013).
7. Vendor Reputation and Trustworthiness
It is important for organizations to have complete trust in their cloud provider for all key
information and crucial activities. The levels of trust a provider can earn commonly
depend on how well known, skilled and experienced they are in dealing with security
incidents. Organizations want to see honesty, fast breach communication and quality
customer service. Since a vendor with continuous outages or security issues could be
risky, it’s best to avoid them. Alternatively, if the provider is trusted and has a spotless
reputation, it gives you more confidence. That is why thinking about a vendor’s reputation
plays a major role in assessing suppliers (Rahimli, 2013).

8. Integration with Existing Security Tools

Firewalls, antivirus programs and SIEM platforms are already being used by numerous
organizations. It is important for the cloud solution to blend well with the present tools to
guarantee uninterrupted security. When organizations fail to properly integrate systems, it
leaves them with security holes and a reduced ability to see what is going on everywhere.
It is preferred that cloud services allow access to APIs, plug-ins or outside software
programs. It makes both incident response and the enforcement of policies easier. So,
matching cloud services to current infrastructure plays a vital role in choosing the right
cloud.
9. Disaster Recovery and Business Continuity
Services offered on the cloud must let work continue if a cyberattack, system failure or
natural disaster occurs. It is better to choose providers that provide automatic backup, have
systems to automatically switch to a backup in case of failure and store data in multiple
36
 Unit 30: Applied Cryptography in Cloud

centres. Thanks to these features, organizations can bounce back fast and lose little data. A
well-thought-out disaster recovery plan can help prevent long periods of inactivity which
are both costly and dangerous for a company's image. Services on the cloud that help with
fast recovery increase feelings of peace of mind. Therefore, businesses must pay special
attention to cloud continuity when choosing their strategy (Rahimli, 2013).
10. Geographic Data Residency
A number of countries and fields need data to be safeguarded within specified
geographical areas. It happens because of privacy laws and fears that foreign governments
might access or monitor our information. It is necessary for organizations to choose cloud
providers whose data centres are in locations that are acceptable by law or policy. If data is
stored remotely, it can slow down access, lead to performance issues and make it harder to
control who can get at the data. Those that let you choose where your information goes are
more adaptable and follow rules better. Because of this, choosing the right location plays a
key role in adopting cloud services.

4. M5 Critically analyze the use of selected cryptography and hybrid cryptosystems

in protecting data within an organization.

10. Analysis of Cryptographic Approaches for E-Commerce Cloud Migration

Following is the analysis of s cryptographic algorithms and hybrid cryptosystems
specifically optimized for protecting sensitive data during an e-commerce organization's
cloud migration. The analysis examines each algorithm's strengths, weaknesses, and
implementation considerations within the context of practical business requirements.
1. Business Context: E-Commerce Cloud Migration
An e-commerce platform with approximately 500,000 customers and 5,000 daily
transactions is migrating from on-premises infrastructure to cloud architecture. Key
security requirements include:
1. Protection of customer PII and payment information
2. Secure service-to-service communications
3. Reliable authentication mechanisms
4. Data integrity assurance
5. Regulatory compliance
6. Operational efficiency within resource constraints

11. Analysis of Selected Symmetric Encryption Algorithms

1. Symmetric Encryption – AES-128 (CBC Mode)
Selected Algorithm: Advanced Encryption Standard (AES-128 in CBC Mode) AES-
128 is a symmetric block cipher that encrypts data in 128-bit blocks using a 128-bit key. It
operates through a series of transformation rounds (typically 10) involving substitution,
permutation, and key addition steps. The Cipher Block Chaining (CBC) mode introduces
an initialization vector (IV) to enhance the randomness of ciphertexts.
2. Strengths

37
 Unit 30: Applied Cryptography in Cloud

AES-128 offers high efficiency in data encryption, with performance advantages (20-40%
faster than AES-256) ideal for real-time data operations. It integrates well with all major
cloud services and benefits from hardware-level acceleration such as AES-NI. Developers
can implement it with ease using mature, well-tested libraries across programming
environments.
3. Weaknesses
Despite its practical security, AES-128 offers a smaller theoretical security margin than
AES-256, making it less resilient to emerging threats like quantum attacks. CBC mode’s
reliance on proper IV management and lack of built-in authentication introduces potential
vulnerabilities. Its security heavily depends on implementation accuracy.
4. Critical Implementation Considerations
Organizations should leverage cloud-native key management systems to maintain key
security. IVs must be randomly and uniquely generated for each encryption operation to
prevent block replay attacks. Additionally, secure padding practices are essential to avoid
oracle vulnerabilities, and key rotation policies (every 90 days) should be strictly enforced.
In regions with constrained IT expertise or tooling, automation of IV generation and
key rotation using cloud services becomes critical to prevent misconfigurations.
5. Asymmetric Encryption – RSA-2048
Selected Algorithm: Rivest–Shamir–Adleman (RSA-2048) RSA is a public-key
encryption system based on the mathematical difficulty of factoring large prime numbers.
RSA-2048 uses a 2048-bit key size for operations such as key exchange and digital
signatures. It is widely deployed in digital certificates, secure emails, and web encryption.
1. Strengths
RSA-2048 is universally supported across platforms and libraries, simplifying adoption. It
integrates well with existing PKI systems, enabling secure key exchanges and
authentication. Its maturity ensures that most potential issues are well-documented with
available solutions, making implementation relatively straightforward.
2. Weaknesses
The algorithm is computationally intensive, especially for encryption, decryption, and key
generation. Its large key sizes lead to increased transmission and storage overheads. RSA-
2048 is also vulnerable to quantum computing threats and may require migration strategies
within the next decade.
3. Critical Implementation Considerations
Private keys must be stored securely in hardware security modules or trusted execution
environments. Proper prime generation is essential to prevent factorization attacks.
Organizations should anticipate processing delays in high-volume environments and
develop a transition plan to quantum-resistant alternatives when needed.
Given that many regional enterprises lack access to HSMs or advanced
cryptographic tools, cloud-based PKI services can bridge this gap effectively.
6. Cryptographic Hash Function – SHA-256
Selected Algorithm: Secure Hash Algorithm 2 (SHA-256) SHA-256 is a member of the
SHA-2 family and generates a fixed 256-bit output from any input. It is widely used for
data integrity verification, digital signatures, and password hashing, thanks to its
cryptographic strength and computational efficiency.
1. Strengths

38
 Unit 30: Applied Cryptography in Cloud

SHA-256 offers robust collision resistance and is accepted globally for securing sensitive
data. It performs efficiently across platforms and aligns with major security standards like
FIPS and PCI-DSS. The fixed output length also simplifies integration into diverse
systems like APIs, logs, and password databases.
2. Weaknesses
Without enhancements like salting or key stretching, SHA-256 may be vulnerable to
brute-force attacks using specialized hardware. Improper implementation can lead to
susceptibility to length extension attacks. It also offers limited quantum resistance, which
may necessitate future updates.
3. Critical Implementation Considerations
To strengthen password storage, SHA-256 should be combined with key stretching
methods like PBKDF2 or bcrypt. Salting must be applied to each hash to prevent
dictionary attacks. Inputs should be validated and outputs compared using constant-time
functions to reduce timing attack risks. Since cybersecurity awareness and best
practices can be inconsistent across teams, adopting pre-configured cryptographic
libraries is essential to minimize implementation errors.
7. Hybrid Cryptosystem – Managed TLS
Selected Algorithm: Transport Layer Security (TLS) using RSA and AES TLS is a
hybrid cryptographic protocol that uses asymmetric algorithms (like RSA or ECDHE) for
secure key exchange and symmetric encryption (typically AES) for data transmission.
Managed TLS services offered by cloud providers simplify configuration and automate
certificate management.
1. Strengths
Managed TLS implementations ensure best-practice configurations, automatic protocol
updates, and patching without user intervention. They enhance security through features
like protocol negotiation, high availability, and performance tuning. Certificate lifecycles
are also automated, reducing human error.
8. Weaknesses
Cloud-managed TLS solutions reduce visibility into configuration and restrict advanced
customization. This can create over-reliance on a single vendor, leading to potential lock-
in. Organizations also surrender some control over security parameter selection, relying on
provider defaults.
1. Critical Implementation Considerations
Enterprises must retain control over their certificate private keys and enforce strong TLS
versions and cipher suites. Despite automation, continuous monitoring of TLS metrics is
crucial. A multi-provider strategy may mitigate vendor-specific vulnerabilities and ensure
consistent availability of secure communication services.
For businesses in developing markets, managed TLS reduces the operational burden
of securing data in motion without requiring deep in-house cryptographic expertise.

39