Enhancing Secure Cloud Storage: A Four-Tier Architecture with ChaCha20 Encryption, Blake3 Hashing, and Dynamic Chunk Allocation in Multi-Cloud Environment

Abstract

With the growing reliance on cloud computing for storing and managing data, providing security and performance for cloud storage systems has become very important and multicloud solutions offers both. Current cloud architectures suffer from scalability, security, and efficiency issues in distributed cloud systems. In this paper, we introduce a ChaCha20-encryption, a fast stream cipher and Blake3, an adaptive cryptographic hash function, and dynamic chunk allocation to an existing architecture that progressively improves data confidentiality, integrity, and redundancy. The experiment focuses on the system\'s performance relative to Four Tier Secure Cloud Storage Architecture, which utilizes AES, MD5 hashing, and static chunk allocation strategies for data storage. To ensure a balance between performance while offering the security this architecture implements ChaCha20 which is fast and resistant to side-channel attack – making it ideal for modern multi cloud deployments. Experiments show that this new architecture is faster, more lightweight and adaptable than existing model.

Introduction

1. Introduction to Cloud Computing

Cloud computing delivers computing services (like storage and servers) over the internet, allowing users and businesses to avoid owning physical infrastructure. It provides flexibility, scalability, and cost-effectiveness, especially when using a multi-cloud model, where multiple cloud providers are used for greater reliability and efficiency.

2. Security Challenges and Encryption

Cloud security is critical. Traditional encryption methods like AES are widely used but vulnerable to timing and side-channel attacks in shared environments. The ChaCha20 stream cipher is a modern, efficient, and secure alternative, resistant to such attacks and suitable for low-power and multicloud platforms.

3. Hashing for Data Integrity

Older hashing algorithms like MD5 are prone to collision attacks and are now considered insecure. Blake3 offers superior speed, security, and low memory use, outperforming SHA-256 and MD5, especially in multi-core environments, making it ideal for cloud applications.

4. Literature Review Highlights

• SHA-256 is more secure than MD5/SHA-1 for integrity checks (e.g., digital scriptures).

• Inter-cloud models require solutions for security, interoperability, and scalability.

• ChaCha20 and Blake3 are promising for secure, efficient cryptographic processing in real-world hardware environments.

• Third-Party Auditors (TPAs) and homomorphic encryption help ensure data integrity without exposing content.

5. Multi-Cloud Models

• 2X Replication: Stores duplicate data on two clouds, improving availability but doubling resource use.

• Data Partitioning: Splits encrypted data and distributes it across clouds, enhancing security and privacy.

• Cloud RAID (RAID-6): Uses parity to recover lost data in case of cloud failures but has slower write speeds.

6. Four-Tier Secure Cloud Storage Architecture (FTSCSA)

FTSCSA consists of four layers:

1. Encryption Layer: Encrypts data using AES or ChaCha20.

2. Encoding Layer: Splits data dynamically or statically.

3. Hashing Layer: Ensures integrity using MD5 or Blake3.

4. Allocation Layer: Distributes chunks using Circular Shift (CSCA) or Dynamic Chunk Allocation (DCA).

7. Proposed Enhancements

The improved FTSCSA model integrates:

• ChaCha20 for faster, more secure encryption.

• Blake3 for high-speed, secure hashing.

• Dynamic Chunk Allocation (DCA) to minimize storage inefficiency compared to static CSCA.

8. Experimental Setup & Results

• Environment: Python 3.10 on Google Colab, datasets of 10MB, 100MB, and 500MB.

• Results:

  • ChaCha20 vs AES:

    • ChaCha20 encryption was ~18% faster, and decryption was ~17% faster.

  • Blake3 vs MD5:

    • Blake3 hashing was 83.4% faster on average and significantly more secure.

Conclusion

The paper proposed a security, efficiency and scalability architecture for multi-cloud storage system. The new architecture solved the prompts of the original FTSCSA, used ChaCha20 encryption, Blake3 hashing, and dynamic chunk allocation. With it came superior encryption speed, robust data integrity, and optimized resource utilization. These results further confirm that the proposed system is a feasible solution for enterprises who new desire of improved data privacy, integrity, and performance in up to-date multi-cloud environments. Future work may investigate further optimization for various workload patterns, and other cryptographic constructs to broaden its applicability.

References

[1] G. Garrison, S. Kim, and R. L. Wakefield, “Success factors for deploying cloud computing,” Commun. ACM, vol. 55, no. 9, pp. 62–68, Sep. 2012, doi: 10.1145/2330667.2330685. [2] L. Shao Xiong and T. Badarch, “Research on Designs of Modern Payment Systems in China,” Am. J. Comput. Sci. Technol., Mar. 2023, doi: 10.11648/j.ajcst.20230601.12. [3] C. Olive, “Cloud Computing Characteristics Are Key”. [4] J. Hong, T. Dreibholz, J. A. Schenkel, and J. A. Hu, “An Overview of Multi-cloud Computing,” in Web, Artificial Intelligence and Network Applications, vol. 927, L. Barolli, M. Takizawa, F. Xhafa, and T. Enokido, in Advances in Intelligent Systems and Computing, vol. 927. , Cham: Springer International Publishing, 2019, pp. 1055–1068. doi: 10.1007/978-3-030-15035-8_103. [5] N. Mouha, “Review of the advanced encryption standard,” National Institute of Standards and Technology (U.S.), Gaithersburg, MD, NIST IR 8319, Jul. 2021.doi: 10.6028/NIST.IR.8319. [6] D. J. Bernstein, “ChaCha, a variant of Salsa20”. [7] G. Procter, “A Security Analysis of the Composition of ChaCha20 and Poly1305”. [8] R. K. Muhammed et al., “Comparative Analysis of AES, Blowfish, Twofish, Salsa20, and ChaCha20 for Image Encryption,” Kurd. J. Appl. Res., vol. 9, no. 1, pp. 52–65, May 2024, doi: 10.24017/science.2024.1.5. [9] P. Mell, “The NIST Definition of Cloud Computing,” Recomm. Natl. Inst. Stand. Technol., 2011, Accessed: Nov. 25, 2024. [Online]. Available: https://cloudinfosec.wordpress.com/wp-content/uploads/2013/05/the-nist-definition-of-cloud-computing.pdf [10] A. E. Youssef, “Exploring Cloud Computing Services and Applications,” vol. 3, no. 6, 2012. [11] J. Broberg and A. Goscinski, “The University of Melbourne and Manjrasoft Pty Ltd., Australia”. [12] A. Rashid and A. Chaturvedi, “Cloud Computing Characteristics and Services A Brief Review,” Int. J. Comput. Sci. Eng., vol. 7, no. 2, pp. 421–426, Feb. 2019, doi: 10.26438/ijcse/v7i2.421426. [13] Z. Mahmood, “Cloud Computing: Characteristics and Deployment Approaches,” in 2011 IEEE 11th International Conference on Computer and Information Technology, Paphos, Cyprus: IEEE, Aug. 2011, pp. 121–126. doi: 10.1109/CIT.2011.75. [14] P. R. Kumar, P. H. Raj, and P. Jelciana, “Exploring Data Security Issues and Solutions in Cloud Computing,” ProcediaComput. Sci., vol. 125, pp. 691–697, 2018, doi: 10.1016/j.procs.2017.12.089. [15] A. J. Kumar, A Novel Four Tier Secure Cloud Storage Architecture for Enhanced Data Security, Ph.D. dissertation, guided by C. Columbus, 2023. [16] O. Khan, R. Burns, J. Plank, W. Pierce, and C. Huang, “Rethinking Erasure Codes for Cloud File Systems: Minimizing I/O for Recovery and Degraded Reads”. [17] P. Gupta and S. Kumar, “A Comparative Analysis of SHA and MD5 Algorithm,” vol. 5, 2014. [18] Z. Najm, D. Jap, B. Jungk, S. Picek, and S. Bhasin, “On Comparing Side-channel Properties of AES and ChaCha20 on Microcontrollers,” in 2018 IEEE Asia Pacific Conference on Circuits and Systems (APCCAS), Chengdu: IEEE, Oct. 2018, pp. 552–555. doi: 10.1109/APCCAS.2018.8605653. [19] H. S. Baqtian and N. M. Al-Aidroos, \"Three Hash Functions Comparison on Digital Holy Quran Integrity Verification,\" International Journal of Scientific Research in Network Security and Communication, vol. 11, no. 1, pp. 1–7, Feb. 2023. [20] B. K. Rani, B. P. Rani, and A. V. Babu, “Cloud Computing and Inter-Clouds – Types, Topologies and Research Issues,” ProcediaComput. Sci., vol. 50, pp. 24–29, 2015, doi: 10.1016/j.procs.2015.04.006. [21] J. Sugier, “Comparison of power consumption in pipelined implementations of the BLAKE3 cipher in FPGA devices,” Int. J. Electron.Telecommun., pp. 23–30, Mar. 2024, doi: 10.24425/ijet.2023.147710. [22] N. Aleisa, “A Comparison of the 3DES and AES Encryption Standards,” Int. J. Secur. Its Appl., vol. 9, no. 7, pp. 241–246, Jul. 2015, doi: 10.14257/ijsia.2015.9.7.21. [23] S. Kumar, D. Kumar, and H. S. Lamkuche, \"TPA Auditing to Enhance the Privacy and Security in Cloud Systems,\" Journal of Cyber Security and Mobility, vol. 10, no. 3, pp. 537–568, 2021. [24] D. Puthal, B. P. S. Sahoo, S. K. Mishra, and S. Swain, \"Cloud Computing Features, Issues and Challenges: A Big Picture,\" in Proceedings of the 2015 International Conference on Computational Intelligence & Networks (CINE), Bhubaneswar, India, Jan. 2015, pp. 116–123, doi: 10.1109/CINE.2015.31. [25] D. Puthal, B. P. S. Sahoo, S. K. Mishra, and S. Swain, \"Cloud Computing Features, Issues and Challenges: A Big Picture,\" in Proceedings of the 2015 International Conference on Computational Intelligence & Networks (CINE), Bhubaneswar, India, Jan. 2015, pp. 116–123, doi: 10.1109/CINE.2015.31

Copyright

Copyright © 2025 Gaurav Thakur, Anita Ganpati. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.