An Efficient Data Protection Architecture Based on Fragmentation and Encryption
This work provides an efficient and flexible data protection solution for end-user applications, though it appears incremental with improvements over prior methods for specific formats like bitmap.
The authors tackled data protection by proposing a scheme that combines fragmentation, selective encryption, and dispersion, achieving performance comparable to full encryption with strong security, as validated through practical experiments on hardware like GPGPU.
In this thesis, a completely revisited data protection scheme based on selective encryption is presented. First, this new scheme is agnostic in term of data format, second it has a parallel architecture using GPGPU allowing performance to be at least comparable to full encryption algorithms. Bitmap, as a special uncompressed multimedia format, is addressed as a first use case. Discrete Cosine Transform (DCT) is the first transformation for splitting fragments, getting data protection, and storing data separately on local device and cloud servers. This work has largely improved the previous published ones for bitmap protection by providing new designs and practical experimentations. General purpose graphic processing unit (GPGPU) is exploited as an accelerator to guarantee the efficiency of the calculation compared with traditional full encryption algorithms. Then, an agnostic selective encryption based on lossless Discrete Wavelet Transform (DWT) is presented. This design, with practical experimentations on different hardware configurations, provides strong level of protection and good performance at the same time plus flexible storage dispersion schemes. Therefore, our agnostic data protection and transmission solution combining fragmentation, encryption, and dispersion is made available for a wide range of end-user applications. Also a complete set of security analysis are deployed to test the level of provided protection.