Empowering Users of Cloud Computing on Data Confidentiality Khaled M. Khan Dept. of Computer Sc. and Engineering, KINDI Computing Lab Qatar University, Qatar k.khan@qu.edu.qa Mahboob Shaheen Department of Mathematics Foundation Program Qatar University, Qatar mahboob.shaheen@qu.edu.qa Abstract—Cloud networking is an integral part of intercon- nected data centres operated in cloud environment. Cloud users heavily rely on cloud networking to transmit to and receive data from data centres. In this context, we explore how to provide cloud users with more controls so that they could ensure confidentiality of their data without using extensive public key encryption in cloud networking or sharing secret keys. We pro- pose an approach for secure transmission of matrix multiplication over cloud networking using randomisation, column-row shuffling and size alteration of matrices. The main philosophy of this approach is to equip cloud users with more controls of ensuring confidentiality of their data without using any additional overhead computation. In this approach, the cloud users hold the entire secret values, without sharing with or depending on other parties for secret key generation, sharing and storing. Keywords—Cloud networking, cloud computing, matrix multi- plication, size alteration, confidentiality, data shuffling, randomisa- tion, control. I. I NTRODUCTION One of the challenges in cloud computing is the dimin- ishing control of users over their data transmitted over cloud networking. In the current state of practice, users do not hold much control in cloud networking as well as cloud services that transmit, process and store their data [4]. It is assumed that the cloud networking is insecure, and cloud servers are untrustworthy, or honest but curious to users’ data. Cloud users, therefore, want to keep their actual data secret form the cloud network that carries their data to data centres. Not only that, they also do not trust servers of data centres which process their data. The idea is that the cloud networking should carry users’ data without knowing the actual value of the data. Similarly, data centres should process users’ data without knowing the input as well as output of the computations they perform. Matrix multiplication is an important computation in scientific community today. For larger matrices, it requires good computing power in terms of memory and input/output latency, hence it is an expensive operation that takes O(n 3 ) using the brute force approach. The cloud users with limited computing power such as hand-held devices are usually unable to perform this operation without compromising the perfor- mance. In order to get the operation efficiently, the users outsource their massive matrix multiplication tasks to data centres using cloud networking. In this context, the confidentiality of their data (actual values of matrices) along with their diminishing control on data are major concerns. The advancement of homomorphic encryption [3], multi party computation [8], [2], oblivious transfer [6], information theoretic based secure outsourcing [1], or secure tamper-proof hardware could keep users data hidden from cloud servers that process the data. However, the processing overhead, hard-to-implement of these techniques as well as overly dependent on other parties and secret key storage in cloud servers may make these techniques unattractive to most users. The cryptographic keys are stored in cloud servers if data of clients are stored in cloud machines. It is possible that the untrusted cloud servers are able to retrieve the key. For example, in Secure Sockets Layer (SSL) and Secure Shell, the cryptographic keys are stored in cloud machines. Clients do not have much control over these secret keys. Even in trusted cloud servers, the secret keys could be derived by attackers through side channel attacks [9]. Intermediate data or data residue computed by cloud servers may be accessed by attackers as well. In order to address the aforementioned issues, we extend our previous work reported in [5], and propose a technique that alters the dimension of the matrices in addition to randomisa- tion and shuffling of data. The main difference between this work and the similar approaches reported in [5] and [7] is the changing of matrix size that confuses attackers, and disguises the actual data. Our approach supports five key issues: 1) The cloud networking transmits unencrypted data without revealing the actual data values 2) Data centres learn nothing about the actual values of matrices they process and store, even they have no knowledge about the actual size of the data due to changes of dimension 3) The cost of implementing this approach is minimal for the client as well as for the cloud servers. Clients are not required to compute more than O(n 2 ) which is locally affordable at the mobile devices of the client, 4) Data centres are not required to do additional computation, and 5) No public key encryption is required to hide data. We believe that the classical approach of data obfuscation without public key encryption is more appropriate to address this problem. 2014 IEEE 3rd International Conference on Cloud Networking (CloudNet) 978-1-4799-2730-2/14/$31.00 ©2014 IEEE 286