International Journal on Future Revolution in Computer Science & Communication Engineering ISSN: 2454-4248 Volume: 4 Issue: 2 360 – 365 _______________________________________________________________________________________________ 360 IJFRCSCE | February 2018, Available @ http://www.ijfrcsce.org _______________________________________________________________________________________ Implementation of Optimized Efficient Elliptic Curve Public Key Encryption for Side Channel Attacks Allwin D #1 , G Suganthi #2 #1 Department of Computer Science, National College, Thiruvananthapuram -9, Kerala allwin_d@yahoo.com, allwindb@gmail.com #2 Department of Computer Science, Women’s Christian College, Nagercoil-1 dr_suganthi_wcc@yahoo.co.in Abstract: Cloud computing offers both services that provide resources over the Internet and economic benefits for using these resources. As Cloud services turn out to be more common place, recent works have revealed vulnerabilities connected to cloud systems. Cloud Computing presents an added level of risk because essential services are often outsourced to a third party, which makes it harder to maintain data security and privacy, support data and service availability, and demonstrate compliance. In particular, cloud paradigm advances a danger of information leakage over virtual machine through side-channels. Not at all like conventional computing, the cloud infrastructure supporting a Cloud situation permits commonly doubting customer's concurrent access to the underlying hardware, which leads to a side-channel assault. The target of this paper is to explore potential security issues related to side channel attacks and proposed an Encryption concept against side channel attacks. The proposed work introduces the Data Encryption with Optimized Efficient Elliptic Curve Public Key Encryption (EECPKE). Keywords: Cloud, Data Encryption, Side Channel Attacks, Virtual Machine __________________________________________________*****_________________________________________________ I. INTRODUCTION The side channel attack is one of the common attacks in cloud computing here attackers utilize a malicious virtual machine to retrieve data from the cloud. The existing side channel attacker detection models were affected in terms of detecting accuracy and latency. As the attacker is no longer required to increase unlawful, or generally confined access to the victim’s hardware, this basically sidesteps the first, and best safeguard against such attacks. Since a side-channel requires the misuse of a particular bit of hardware, every solution should likewise be adjusted particularly for that hardware channel. This permits us to group side-channel assaults and protections in view of the hardware medium they misuse. The CPU cache is a piece of hardware that is frequently used and deals with sensitive data. This makes it one of the most well-known targets for use in a side-channel attacks as it can all the more effortlessly be utilized to remove helpful information at a high rate. An attack made over this channel is called to as a cache based side-channel attack. Cloud computing is turning out to be more well known, however the main worry of technologists for the Cloud is security [1]. II. WAYS TO ATTACK IN CLOUD Security concerns related with cloud computing fall into two general classifications: security issues confronted by cloud suppliers (associations giving programming, stage, or framework as-an administration by means of the cloud) and security issues confronted by their clients (organizations or associations who have applications or store information on the cloud). The duty is shared, nonetheless. The supplier must guarantee that their foundation is secure and that their customers' information and applications are ensured, while the client must take measures to sustain their application and utilize solid passwords and validation measures. At the point when an association chooses to store information or host applications on the general population cloud, it loses its capacity to have physical access to the servers facilitating its data. Accordingly, conceivably touchy information is at hazard from insider assaults. As per a current Cloud Security Alliance Report, insider assaults are the 6th greatest risk in cloud computing. Therefore, Cloud Service suppliers must guarantee that careful personal investigations are led for workers who have physical access to the servers in the server farm. CPU cache based side-channel attacks are right now accepted to be the most unsafe, among side-channel attacks. As of late, there have been numerous distributions about Cloud-particular vulnerabilities and endeavors, particularly the utilization of side-channels to sidestep the virtualization innovation utilized as a part of Cloud frameworks [2]. Among different endeavors, they have as of late been utilized to concentrate private keys in a Cloud domain and yield high information leakage. The greatest attack comes from cache based attacks. Along these lines, the extent of this thesis is constrained to side-channel attacks. In response of these attacks, there have been publication works to moderate suchcircumstances. While advantageous, these arrangements require the customer utilizing them to modify their own software to work with their innovation, or the basic hardware. From understanding the Cloud, we trust that this restriction is both harmful to the client, and superfluous.