Design of Mutual Authentication Method for Deep Learning Based Hybrid Cryptography to Secure Data in Cloud Computing

Data and information security in the context of today's electronic communication system is a major obstacle. There are three objectives that must be met in order to keep the data safe. Data, information, and computer services need to have three things in place: privacy, security, and availability [1]. For this reason, information security aims to prevent data from falling into the wrong hands (through confidentiality), prevent data from being tampered with (through integrity), and make data accessible (through availability) to the appropriate parties [2]. Multimedia distribution is becoming a crucial technique for global service delivery because of the prevalence of the internet. The frontiers of commerce, science, and pleasure, as well as social possibilities, have been expanded. Strong copyright protection mechanisms [3] have been developed due to the ease with which digital content may be parallelized and transmitted. The internet is now widely used for the rapid dissemination of vast volumes of crucial information. As a result, it can be damaged by a wide range of threats. This data is therefore vulnerable to unauthorised access and other privacy and security breaches. When it comes to computer security, tried-and-true methods of data protection include cryptography and steganography [4]. Research has been done to enhance the aforementioned data security measures, but there are still certain caveats that show how important it is to find a solution to this problem.

Cyberattacks, as seen in Figure 1, can damage the IoT cloud networks [5] or disrupt the channel connection between sensors and the gateway. When compared to other cryptographic solutions, the conventional methods (such as RSA, AES, and DES) are prohibitively resource-intensive. As a result, they can't be used with low-power sensors or technologies like the Internet of Things right away [6]. It is so challenging to develop efficient, fast, compact, and secure cryptographic algorithms for the Internet of Things. In addition, IoT networks should have a basic cybersecurity system to prevent sensitive data from falling into the wrong hands and to verify that users have the proper authorization to make use of IoT services (through authentication and access control) [7-9].

1.jpg

Figure 1. Scenario of cyberattacks on the IoT network

Protecting the Internet of Things (IoT) from cyberattacks requires three main solutions: cryptography, digital signatures, and authentication. IoT Cryptography can make use of either symmetric (using a private key) or asymmetric (using a public key) encryption [10]. In symmetric encryption, both the sender and the receiver use the same key to perform the cryptographic operation. The security of symmetric encryption relies on how well the private key is disseminated among IoT nodes. In contrast to symmetric encryptions, which only require one key [11], asymmetric encryptions require two keys. The private key remains secret and is never divulged to any unauthorised devices, while the public key can be transmitted through a safe channel.

Device Authentication: In an IoT ecosystem, numerous devices communicate with each other and with central servers. Symmetric and asymmetric encryption can be used for device authentication. Symmetric keys can be used for initial authentication, ensuring that only trusted devices are allowed to join the network. Asymmetric encryption can be employed for more secure and ongoing authentication, enabling devices to verify each other's identities without sharing sensitive information.

Secure Data Transfer: IoT devices collect and transmit data, which often includes sensitive information. Symmetric encryption is well-suited for securing data in transit. IoT devices can encrypt data using a shared symmetric key before sending it to the cloud or another device. Only authorised recipients with access to the key can decrypt and read the data.

Public Key Infrastructure (PKI): Asymmetric encryption, specifically public-private key pairs, can be used to establish a public key infrastructure (PKI) in the IoT. IoT devices can have their own unique public keys, which are distributed widely, while the private keys are kept secure. This enables secure, end-to-end communication between devices without the need for shared secrets.

Secure Firmware Updates: IoT devices often require firmware updates for security enhancements and bug fixes. Asymmetric encryption can be used to sign firmware updates with a private key. Devices can verify the authenticity of updates using the corresponding public key, ensuring that updates come from trusted sources and have not been tampered with during transit.

Data Integrity: Both symmetric and asymmetric encryption methods can be used to ensure data integrity. Asymmetric signatures can confirm that data hasn't changed since the sender signed it, while symmetric encryption can prevent data tampering during transit.

Key Management: Managing encryption keys in an IoT environment is crucial. Discussing how symmetric and asymmetric keys are generated, distributed, and managed within IoT networks would provide insight into the practical challenges of IoT security.

In the same way that encryption may provide secrecy, message authentication can ensure that what was sent was indeed what was received. However, authentication and secrecy are essential for IoT systems. Although it's tempting to combine encryption and authentication into a single process, not all such schemes are secure [12]. Although it is possible to create a safe combination of cryptographic tools, doing so is notoriously challenging, and occasionally even excellent cryptographic tools are integrated in a way that creates an insecure combination [13]. To overcome these restrictions on online data exchange, our research integrates cryptography and deep learning methods at a trusted to provide a mutual authentication protocol with increased security and efficiency. For safe online communication, we suggest adequate registration, followed by correct session formation and password change phases, during which key agreement are implemented. The following is a brief summary of the main results of the planned effort.

• To facilitate the safe transfer of information between users in a federated cloud server situation, a new deep learning approach is presented.
• To protect against DDoS assaults and other security breaches, a reliable cloud server has created an online danger detector based on a pre-trained CNN model.
• The effectiveness of the suggested protocol was confirmed by formal verification utilising the ProVerif security analysis tool and a comparison to state-of-the-art solutions.

The remaining parts of the paper have the following layouts: In Section 2, we describe the relevant literature, and in Section 3, we offer a brief summary of the suggested model. Section 4 compares the suggested model's experimental analysis to the state-of-the-art methods. Finally, the study is summarised in Section 5.

3.1 Phase 1: Modified and improved lattice-based cryptography

Partitioning plaintext, creating encryption keys, encrypting data, re-encrypting data, and decrypting data are all components of the improved lattice-based cryptography.

3.1.1 Plaintext partitioning procedure

The following are the procedures of the projected Plaintext Partitioning Procedure (PPA):

Plaintext Partitioning Procedure

The use of plain text partitioning is crucial to the proposed approach. Part 1 of the plaintext (PT1) and Part 2 (PT2) make up the entirety of the plaintext. The first using the improved, then the cypher text format of PT1 is encrypted once again using the same technique and key-value, $k_{R e}$.

3.1.2 MELBC Encryption process ($M E L B C_{\mathrm{enc}}$)

The Multi-Element Lattice-Based Cryptosystem (MELBC) is a public-key cryptosystem. Providing efficiency is what drives MELBC, and compared to other public key cryptosystems, it offers a superior method to ward off quantum assaults. The quotient ring is used to communicate with MELBC. The projected MELBC-Key Generation Procedure (MELBC-KGA) may be broken down into the following phases:

MELBC Key Generation Procedure

System and security characteristics such as row and column dimensions, vector, and error vector are used to derive the corresponding public and private keys. Due to their large computational and communication costs, the conventional public key cryptography techniques are inadequate. Public key cryptosystems vulnerable to quantum computers are those based on the integer factorization problem or the discrete logarithm problematic. Secure constructions against attacks from classical and quantum computers are only possible using Adapted Enhanced Lattice-Based Cryptography (MELBC).

3.1.3 Encryption phase

Plaintext divider (p1), ID, public key (PU') → Cipher text (c1)

Cipher text (Cip1) = Encryption (c1)

Plaintext (p1) → Cipher text (Cip1)

Plaintext (p2) → Cipher text (c2)

Cipher text (C) → combine (cip1, c2)

Step1 Sender’s public key

$M \in Z_p^{a \times b}, F: Z_p^a \rightarrow Z_p^b, R_v \in Z_p^a, E_n \in Z_p^{a \times 1}=P U^{\prime}$     (9)

Phase 2 Plaintext partition $p_{-1}=l / 2-1$ (1)

Phase 3 Encryption

$c_1=p_1 \cdot P U^{\prime}+e_r$        (10)

Phase 4 Re-key generation

$R_k=\left(P U^{\prime}+P R\right) X O R \,\,P U^{\prime}$      (11)

Phase 5 Re-Encryption

$\operatorname{Cip} 1=R e_{-E n c}\left(R_k\left(C_1\right)\right)$    (12)

Phase 6 Plaintext partition $p_2=l / 2-1(3)$

Phase 7 Encryption

$c_2=p_2 \cdot P U^{\prime}+e r$        (13)

Phase 8 Cipher Text C Combine (Cip1, c2)

Using the public key PU′ and the error vector er, we encrypt the plaintext partition p_1 to create the ciphertext c_1. Input is the ciphertext c_1 and the regeneration key R_k, which is computed using Eq. (11). Ciphertext Cip1 is the result of the re-encryption procedure and may be written using the formula (12). In this case, the ciphertext c_2 is formed by the encryption using Eq. (13), with the inputs of public key. Send the ciphertext C to the recipient by combining Cip1 and c_2 and then framing it.

Plaintext Partition:

Define what a "plaintext partition" is within the context of your research. Is it a data segmentation technique, and if so, how is it applied?

Explain the purpose of plaintext partitioning in your system and its significance in achieving your research goals.

Re-Encryption Key:

Define the term "re-encryption key" and its role in your proposed system. Is it used for secure data transmission or other cryptographic operations?

Clarify how re-encryption keys are generated or distributed in your system.

Other Key Concepts:

If there are additional terms or concepts unique to your research, provide clear and concise definitions for each of them.

Illustrative Examples:

Whenever possible, consider including illustrative examples or diagrams to help readers visualize how these concepts are applied in your system.

3.1.4 Decryption phase

It accepts the cypher text C, the identifier ID, the private key PR, the public key PU′, and the Re-generation key R_k as inputs during decryption, and returns the plaintext message p as an output.

Cipher text (C), ID, secluded key (PR), (PU′), Re-generation key R_k → plain text (p)

Step 1 Decryption process cipher text c2

$p 2=\operatorname{decrpt}_{P R}\left(c_2 \cdot P U^{\prime}+e_r\right)$    (14)

$p 2=\operatorname{decrpt}_{P R}\left(c_2 \cdot P U^{\prime}+e r\right) P U^{\prime-1}$     (15)

Step 3 Where, U is a unimodular matrix

$p_2=p_2 \cdot P U^{\prime} \cdot P U^{\prime-1}+e r \cdot P U^{\prime-1}$      (16)

Step 4 The Babai rounding procedure will be used to eliminate the term er. PU′ − 1

$p_2=p_2+e r \cdot P U^{\prime-1}$      (17)

Step 5 Total the plaintext partition $p_1$ $p_2$

Step 6 Decryption procedure cipher text Cip1

$p_1=\operatorname{decrpt}(\operatorname{cip} 1) p_1=\operatorname{decrpt}\left(\operatorname{Re}_{-\operatorname{decrpt}} R_k\left(c_1\right)\right)$        (18)

Step 7 Decryption process cipher text c1

$p_1=\operatorname{decrptPR}\left(c_1 \cdot P U^{\prime}+e r\right)$   (19)

Step 8

$p_1=\operatorname{decrpt}_{P R}\left(c_1 \cdot P U^{\prime}+e_r\right) P U^{\prime-1}$    (20)

Step 9

$p_1=p_1 \cdot P U^{\prime} \cdot P U^{\prime}-1+e r \cdot P U^{\prime-1}$     (21)

Step 10 The Babai rounding procedure to remove the term

er. $P U^{\prime-1} p_1=p_1+$ er. $P U^{\prime-1}$        (22)

Step 11 Compute the plaintext partition p1 1

Step 12 Finally combine the Plaintext (p) → syndicate $\left(p_1, p_2\right)$

Eqns. (18) and (22) represent the results of the decryption procedure. The plaintext p can be received by the receiver without a quantum attack if we merge the plaintext partitions p1 and p2.

3.2 Phase 2: Mutual authentication protocol

A Trusted Authentication (TA) scheme implemented at middleware linked to many cloud servers is used by a company that employs the services of numerous cloud servers. This middleware interface is hosted on a reliable, centralised server. The TA system combines encryption and deep learning to provide the safest possible session establishment between parties involved in the conversation. The mutual key agreement phase is demonstrated using a hybrid cryptography approach, and a deep learning based pre-trained model of CNN is used to identify and mitigate any threat or abnormality during the session setup phase. In the parts that follow, we'll go through each individual part in greater depth.

3.2.1 Deep Learning classifier-based anomaly detector

The TA server incorporates a deep learning classifier, in the form of a Capsule Network model (discussed in more detail in Section 3.2.3.) that learns to predict a target output (class) with high precision. P_final is the projected output and there are n characteristics, such as Cl_1, Cl_2, ..., Cl_n, that go into making this prediction. Classifiers are continually trained using both archived data and real-time information from the session setup phase (or key agreement). If an abnormality is found in the input, the anticipated output will read "malware," and otherwise, "benign". The TA server uses the key parameters and all the characteristics (received from the sender) to determine the likelihood of malicious intent behind session set-up when it gets a request from an entity (user/data owner). Only if the danger likelihood is 0% is the session setup allowed.

One-time passwords, security questions, access restrictions, and even full access to the material may be implemented in response to a detected anomaly.

In a federated cloud server setup, mutual key agreement demonstrates the recommended paradigm for mutual authentication and safe common session key (CSK) calculation. Here, we have two entities—the data owner (Ea) and the data receiver (Eb)—and a third, TA, which is a Trusted Authentication System implemented on middleware using cloud server federation. All of the company's personnel information is safely saved in TA's database.

The full procedure for authentication and session key agreements looks like this:

1. First, entity A (Ea) submits a login request to entity B (TA), including a secret identity parameter; TA checks this parameter against its record in its database of legitimate entities; TA then provides OTP back to Ea after successful authentication.
2. After inputting the OTP start parameters (i.e., the secret identities of the sender and recipient), Ea will issue a session establishment request.
3. Third, the criteria for establishing the session, such as the hidden identities of Ea and Eb and the nonce, are sent to TA. If an anomaly or danger is detected, TA will activate the voting classifier (described in the next section). If no danger is found, the session is set up by applying a Schnorr's signature and calculating masked IDs for both the sender and the recipient.
4. The fourth receiver, Eb, logs on to TA in the same way. Masked identifiers and other security settings are sent to Eb from TA.
5. Then, in a secure environment, Eb does certain computations to confirm that TA is a legitimate server and to generate common shared session keys (CSK). In response to TA, Eb generates a new nonce value but does not send the CSK.
6. Six, after some computational effort, TA checks Eb and sends Ea, Eb's answer and other security settings.
7. After some computational effort, Ea checks TA and Eb and accepts the reply in order to compute its mutual shared sitting key CSK.

Successfully completing the authentication process and setting up a secure session among Ea and Eb through TA and computing CSK without disclosing it on the public channel is achieved in this manner.

3.2.2 Phases of mutual authentication

The projected authentication arrangement works in three stages:

1. Registration stage

2. Login phase

3. Password renewal stage

Registration phase. To use the trusted authentication system TA, the entity selects a password (Pwd) and provides his unique employee (ID) details, including his official registered mail-ID, usb fingerprint as a usb-key, over a secure channel. Here, TA determines a secret numeral for each subscriber using the following formula:

$C=H(I D)\|P w d\|$ PhoneNumber $\|p\|$ UsbLogin $\|$ Email $\|$

where, p is TA selects large prime sum p, and elliptic curve E over finite field F_P as $a, b: y^2=x^2+a x+b$ where $a, b \in F p$ and $4_1^3+27 b^2(mod p) \neq 0, E(F p)$ is set of all points on curve E. After that, TA sends Ea the public key y and the entity's secret number c, which it derives from the private key p using the formula y=H(cp). For further security, TA keeps a record of each user's p,c, and UsbLogin key in a central repository.

Login and authentication phase. 1. E_a initiates a login with a password of c'. The TA gets it, checks to see whether c'=c in the repository, and then drops the session if the two don't match. If not, it will send a temporary OTP (good for only 5 minutes) to E_a.

2. E_a User provides one-time password and USB key; TA verifies successful mutual authentication. Encrypts the sender's ID (Ea) and the recipient's ID (Eb) using the following key exchange:

3. $a a=\operatorname{Hash} 1\left(I D_a, t 1, y\right)$

4. $a b=\operatorname{Hash} 1\left(I D_b, t 1, y\right)$

5. E_a then directs aa, ab and nonce t1 (freshly shaped time stamp that can never be recurrent) to TA.

6. TA then computes masked independences for E_a and E_b to setup current meeting, by smearing Schnorr’s signature as shadows:

7. mid_a $=$ Mult $(a a, H a s h 2(y, x t 1)$

8. mid_b $=\operatorname{Mult}(a b, \operatorname{Hash} 2(y, t 2)$

9. TA sends mid_a, mid_ $b, t 1, t 2, a a, a b$ to $E b$. Then, E_b applies adapted Schnorr’s signature verifying scheme to figure x1 and x2 as shadows:

10. $x 1=\operatorname{Mult}(a b, \operatorname{Hash}(y, t 2))$

11. $x 2=\operatorname{Mult}(a a, \operatorname{Hash}(y, t 1))$

12. If (x1=mid_b and x2=mid_a) then dismiss the session, then, TA is confirmed as trusted server and E_b generates new common shared session key CSK.

13. $r=\operatorname{Hash}(\operatorname{Hash}(t 1, t 2), t 3)$

14. $c s k=H a s h\left(r\right.$, mid $\_a$, mid $\left.\_b\right)$

15. E_b replies TA with security parameters rand t3 TA receives r and new nonce t3, TA calculates cc to verify E_b as follows:

16. $c c=\operatorname{Hash}(\operatorname{Hash}(t 1, t 2), t 3)$

17. Using its before known nonce value (i.e., t1 and t2) and newly conventional nonce t3. If cc= r then E_b by TA) to E_b.

18. E a receives masked ID from TA and confirms TA and Eb as shadows:

Login and authentication phase. 1. E_a initiates a login with a password of c'. The TA gets it, checks to see whether c'=c in the repository, and then drops the session if the two don't match. If not, it will send a temporary OTP (good for only 5 minutes) to E_a.

19. $x \operatorname{mid} a=\operatorname{Mult}(a a, \operatorname{Hash}(y, t 1))$

20. $x \operatorname{mid} b=\operatorname{Mult}(a b, \operatorname{Hash}(y, t 2))$

21. If xmid a$\neq$mid a and xmid b$\neq$mid b then terminates the session, then, compute common key (CSK) as follows:

22. $c s k=\operatorname{Hash}(c c$, mid $a$, mid $b)$

Password renewal phase. Every customer is required to change his password at regular intervals (every week, every two weeks, every month, etc.). However, the user has the option to change their password at any moment. Since the secret number c, in addition to ID, mailID, etc., is dependent on the password Pwd, if the Pwd changes, c, mechanically vicissitudes; hence, the secret numeral is refreshed weekly or at the user's discretion.

Anomaly detection model. Incorporating CAL and the Adagrad optimizer, the CapsNet model is put to use as a classifier. In the suggested study, entropy is utilised to rank uncertain data and expose the signal's unpredictability by visualising the chaos in the system.

CapsNet construction. The CapsNet perfect is designed to model the hierarchical relationships and preserve the picture objects' locations and characteristics. In the CNN approach, the pooling layer receives the most relevant information first. It's possible that the network won't be able to learn fine-grained information when the data is passed on to the next pooling layer. In addition, the CNN approach produces a numeric number for neural output. The CapsNets' multi-neuron capsules create similarly sized vector output with different routing. The CNN uses activation functions on the input vector such as the Tangent, ReLU, and Sigmoid. The CapsNet, on the other hand, makes use of a vector activation function called squashing, which is described by Eq. (23).

$v_j=\frac{\left\|s_j\right\|^2}{1+\left\|s_j\right\|^2} \frac{s_j}{\left\|s_j\right\|}$   (23)

where, v_j is the final output of capsule j. When an item is present in the image, the length of the vector v_j is reduced to one, and when none is present, the vector is truncated to zero.

In CapsNet layers beyond the first, the predictive vector's weights are used to estimate capsule S_j's input values.

($U_{\mathrm{j} \mid \mathrm{i}}$) in the capsule as layer. The prognostic vector ($U_{\mathrm{j} \mid \mathrm{i}}$) is projected by the produce of a capsule layer with their output ($O_{\mathrm{i}}$) and weight matrix ($W_{\mathrm{ij}}$).

$S_j=\sum_i b_{i j} u_{j \mid i}$  (24)

$u_{j \mid i}=W_{i j} O_i$       (25)

where, $b_{i j}$ signifies constant distinct by lively routing process and it is assumed by,

$b_{i j}=\frac{\exp \left(a_{i j}\right)}{\sum_k \exp \left(a_{i k}\right)}$   (26)

where, $a_{i j}$ represents a logarithmic probability. Log prior likelihood is specified by Softmax, and the number of correlation coefficients between capsules i in the top layer is one. Margin loss for estimating the number of objects in a given class is as follows in CapsNet.

$\begin{gathered}L_k=T_k \max \left(O, m^{+}-\left\|v_k\right\|^2+\lambda(1-\right. \left.\left.T_k \max \left(O,\left\|v_k\right\|-m\right)\right)\right)^2\end{gathered}$   (27)

When element k of class k is present, T_k has a value of 1. In addition, the hyper variables are represented by m+ = 0.9 and the weight of the loss by m- = 0.1. CapsNet, which represents the probability in the picture region, provides an estimate of the vector length.

Class attention layer apparatus. It is unable to learn the probabilistic dependence by recurrent eating with comparable features, even however the extracted features are at a higher level and are fed directly into FC layer to prediction. Therefore, defining class dependence and properly linking CapsNet for multi-label classification processes relies heavily on the extraction of discriminative class wise features. Feature discovery across all domains is thus conducted using CAL. First, a class attention map is generated using an 11 convolution layer with a stride of 1, and then, in a second step, each class attention map is vectorized to extract characteristics unique to that class. In model, the size of a feature map X is defined as W W K, where 1v_l is the l-th filter in the CAL layer. Class l's care mapping Ml may be calculated using the formula:

$M_l=X * w_l$       (28)

where, l is an arbitrary number between one and several classes and is a convolution function. To illustrate, a class care mapping M_l is just a linear integration of the entire channel in X, given a convolution filter of size 1 1. The provided CAL may be implemented in this way to develop separate mapping [21]. In Eq. (28), for instance, feature mapping X is considered to be the output of the model's convolutional block after input data is processed. Therefore, vectorization is used to transform the class mapping M_l into a class wise feature vector vl with W2 dimensions.

Adagrad optimizer The CapsNet model's hyperparameters are fine-tuned using the Adam optimizer. The Adagrad optimizer [22] is a gradient-oriented optimisation method that performs well on sparse gradients. Hyperparameter optimisation, also known as tuning, is the procedure of determining the optimal values for a learning algorithm's hyperparameters. A hyperparameter is a variable whose value is adjusted to affect training. Concurrently, we learn about other factors like the weight of nodes. The rate at which it learns would be automatically modified. Eq. (29) is the primary formula used in parameter updates.

$\theta_{t+1}=\theta_t-\frac{a}{\sqrt{\varepsilon+\sum g_t^2}} \odot g_t$       (29)

where, $\theta_t$ signifies the mutable at time t, $\alpha$ designates the learning rate, $g_t$ means gradient estimation and ⊙ signifies multiplication.