Abstract

Mobile Cloud Computing (MCC) enables to overcome the constraints on storage and computational
requirements of mobile devices through the use of cloud infrastructure. Security is a major concern
when it comes to mobile devices. This is especially important when mobile applications send and
information over insecure wireless medium through cloud. In this paper, a stream cipher based
encryption/ decryption protocol called CLOAK is discussed which generates and distributes
cryptographically secure pseudo random numbers (CSPRN) through an external cloud server instead of
using the mobile device’s resources. In CLOAK all the encryption and decryption operations are
performed at the mobile device and identity verification is used to secure message exchange between
the server and the mobile. Three variations of the protocol, s-CLOAK, r-CLOAK and d-CLOAK are proposed
on the basis of key selection process. The protocol is then evaluated on different Android phones and an
attack analysis of the presented protocol is done. Results obtained show the complexity efficiency of
CSPRN generation and computation operations on the mobile device.

Introduction

Mobile Cloud Computing (MCC) is an emerging field of research dealing with the utilization of cloud
resources to supplement the computation and storage resources available on mobile devices (MD) [4].
Cloud can be used by MD to deliver services such as e-commerce [6] and healthcare. Cloud based
storage enables MD users to save and share data. By offloading tasks requiring extensive computational
requirements to cloud, MD resource limitations are overcome [4]. One concern in MCC is exchange of
information over wireless mediums (insecure) while communicating with cloud service. This is especially
the case with MD user’s personal data [8]. Thus encryption/ decryption algorithms are needed for
security in cloud environment [9]. In this paper, a protocol called CLOAK is proposed for encrypting and
decrypting files in the MD of the size 5-10 MB. This is the general size range of pdf, doc, images. CLOAK is
stream cipher based protocol that uses external server to generate cryptographically secure pseudo
random number (CSPRN). Generation of random numbers is essential in cryptography. A pseudo random
number generator [x]is an algorithm for generating number sequences satisfying the properties of
random numbers [y]. The numbers generated are not exactly random because the generator requires an
initial value called seed value. The advantage of stream cipher as compared to block cipher is the use of
lesser computation requirements [25] and therefore the ease of implementation in MD. The primary
design considerations are as follows:

- Design encryption protocol for MD.

- Encryption and decryption should not take much time. Thus design the operations efficiently.
- To establish MD user’s confidence on the protocol, he should be able to control the encryption
and decryption.
- Modifications to the plain text should be done on MD and external server should not
compromise with the protocol’s security on MD.
- Secure the communication that takes place between the MD and external server over the
wireless medium.
The generation of CSPRN and its distribution is computationally intensive and by shifting this task to
external server, the MD can save its resources. For ensuring the security of the CSPRN, a two level
modification. To secure the transmission, the ES modifies CSPRN by XORing it with a pre-shared secret
key Sk i.e C’’=C⊕Sk. This C’’ is transmitted to the MD. This overcomes the unreliability issue of
wireless medium. To ensure that only the intended user decrypts the file, original CSPRN at is
converted to C’ and this C’ is used for encrypting the file (