This document discusses big data security issues and encryption techniques. It begins with introducing the authors and providing an abstract about addressing security issues related to data integrity, confidentiality and availability. The main body then covers authentication, data, network and generic security challenges with big data as well as proposed solutions like encryption, logging and honeypot nodes. The document focuses on describing symmetric and asymmetric encryption algorithms including DES, AES, RSA and ECC. It compares the algorithms and concludes that encryption techniques can help secure big data stored in clouds, though current security levels may be improved.

1. Big Data Security Issues
Encryption Techniques
Dr. Manju Bala
Associate professor
Teacher-In-Charge
Department of Computer Science
Indraprastha College for Women
University of Delhi
New Delhi, India
Email: manjugpm@gmail.com
Shruti Jain
Department of Computer Science
Indraprastha College for Women
University of Delhi
New Delhi, India
Email: shrutijain0610@gmail.com
Prerna Chauhan
Department of Computer Science
Indraprastha College for Women
University of Delhi
New Delhi, India
Email: prerna.ip.21@gmail.com
Abstract— Big data deals with storing, processing and retrieval of data. The data collected can vary from sensitive
social media data to highly confidential government data. Hence, the security issues are of main concern. This paper
introduces different security issues which revolve around data integrity, confidentiality and availability along with
the existing proposed solutions.
Encryption is one of the principal means to guarantee security of information. It is the process of scrambling a
message so that only the intended audience can read it. Various organizations have deployed a set of encryption
systems to enhance security. In this paper, a description of various encryption algorithms is presented.
Keywords—Big Data, Security, Encryption, Key, RSA, ECC, DES, AES.
I. INTRODUCTION
Security of data is the biggest and the
most important challenge that Big Data
applications face. With large, scalable and flexible
infrastructure, the cloud is the ideal storage
repository for Big Data applications. In this world
of information technology, Cloud Computing and
Big Data go hand in hand. Big Data is implemented
using the cloud and its services. When this data is
managed and stored remotely in a cloud, major
privacy concerns arise. By using cloud, users may
guarantee that they can access their data anytime
and anywhere.
Despite the benefits of storing and
processing data in the cloud, the security of data
has emerged as a big concern. This challenge arose
as the data is stored on a remote machine. In
Platform-as-a-service (PaaS) and Software-as-a
service (SaaS) models, users cannot control and
audit their private data stored in the cloud
themselves. There are always the chances of data
leakage. The cloud is popular for target of attacks.
Threats may compromise data confidentiality,
integrity and users access privacy. Business
cooperates and organizations also may use Big
Data for wrong purposes.
To protect the confidentiality, various
methods like file encryption, network encryption,
logging, system testing etc. are used today. This
paper introduces the different areas of security
challenge followed by the existing approaches. The
paper is mainly focused on encryption techniques.
II. SECURITY CHALLENGES
There are four important security issues of big data.
These are authentication level, data level, network
level and generic issues.
A. Authentication level
A network is made of large number of clusters,
which in turn contain many nodes. Every node has
a different priority. Some nodes have
administrative rights and can access other nodes
and data, while other nodes have no such rights. If
a malicious node with no authenticity, gets a
administrative priority, then it can steal or
manipulate the critical user data.
Logging can be used to maintain security at
authentication level.
B. Data level
Data is information processed or stored by a
computer. This information may be in the form of
text documents, images, audio clips etc.[5] Data

2. level issues deals with data integrity and
availability such as data protection and distributed
data. For faster access, data is sometimes stored
without encryption. In such case, hacker can easily
manipulate the data. If the data is replicated and
stored at different locations, and any information
from the node is deleted or manipulated by hacker
then it will be difficult to recover that data.
C. Network level
It is difficult to find on which node data is
processing because it can be done anywhere among
the nodes in cluster. Hence, determining that which
node should be secured is difficult. To
communicate in a network, many times RPC
(Remote Procedure Call) is used. To ensure its
security, RPC should be encrypted.
D. Generic level
Technology has been changing at rapid rates. Big
data uses different technologies for data storing,
data processing and data retrieval. Due to this, there
can be some complexities. These issues come under
generic level issues.
III. PROPOSED APPROACHES
Following security measures should be taken to
ensure the security in a cloud environment. [6]
A. File Encryption
Since the data is present in the machines in a
cluster, a hacker can steal all the critical
information. Therefore, all the data stored should
be encrypted. Different encryption keys should
be used on different machines and the key
information should be stored centrally behind
strong
firewalls. Different file encryption methods are
shown in figure 1.
Figure 1: File Encryption Techniques
B. Network Encryption
All the network communication should be
encrypted as per industry standards. The RPC
procedure calls which take place should happen
over SSL so that even if a hacker can tap into
network communication packets, he cannot extract
useful information or manipulate packets.
C. Nodes Authentication
Whenever a node joins a cluster, it should be
authenticated. In case of a malicious node, it should
not be allowed to join the cluster. Authentication
techniques like Kerberos can be used to validate
the authorized nodes from malicious ones.
D. Logging
This approach is for authentication level issues.
Logging is very important to record the logs for
maintaining the changes in data. So if we maintain
the logs then any changes, manipulation, deletion
of data is recorded. If every node have separate log
then whatever activity it performs is maintained
and malicious node can be detected easily. These
logs should be audited regularly to find if any,
malicious operations are performed or any
malicious user is manipulating the data in the
nodes.
E. Honeypot Nodes
Honeypots are computers which masquerade as
unprotected. The honeypot records all actions and
interactions with users. Since honeypots don't
provide any legitimate services, all activity is
unauthorized (and possibly malicious)[7]. Honey
pot nodes should be present in the cluster, which
appear like a regular node but is a trap. These
honeypots trap the hackers and necessary actions
would be taken to eliminate hackers.
IV. ENCRYPTION TECHNIQUES
The problem of storing data is resolved
considerably but security and privacy concerns still
persist. Privacy concerns continue to restrain those
who try to outsource their data into the clouds. Data
mining and analytics sometimes require personal
information of the users for producing results to
provide them personalized services. The data which
is stored at clouds, which is under very limited user
control, is highly vulnerable to security breaches
where a malicious user impersonating a legitimate
user, there by infecting the entire cloud, therefore,
this issue needs our attention.[8]
File
Encryption
RSA
DES
AES
ECC

3. Taking into account the importance of
cloud security, various encryption algorithms are
used. There are many algorithms like
AES,RSA,DES etc. These algorithms use private
keys to encrypt data, hence, making it difficult for
the hacker to extract the valuable information
stored in it even if he gets the access of this data.
So, if the data is encrypted it becomes difficult for
the hacker to steal it.
Two types of encryption/decryption
algorithms are used these days viz., Symmetric key
cryptography and Asymmetric key cryptography as
shown in figure.2.
Figure 2: Encryption/Decryption Algorithms
A. Symmetric-key
In these algorithms, the same key is used for both
encryption and decryption. For eg. Data Encryption
Standard (DES), Advanced Encryption
Standard(AES), Triple DES.
 DES
It was developed in the early 1975 at IBM labs by
Horst Fiestel. It is a symmetric key algorithm,
hence, uses the same private key for both
encryption and decryption. So both sender and
receiver must know this key in order to
decode/encode a message.
As with most encryption schemes, DES expects
two inputs - the plain text to be encrypted and the
secret key. DES is therefore a symmetric, 64 bit
block cipher as it uses the same key for both
encryption and decryption and only operates on 64
bit blocks of data at a time.
Some operations, such as permutation and
substitution, are performed on the block of bits
based on a key (a secret number) to produce
another block of bits.
In the decryption process, operations are performed
in the reverse order based on the same key to get
back the original block of bits. This algorithm has
16 rounds, so these permutations and substitutions
are performed 16 times to produce the cipher text
which is to be send to the receiver. More rounds
ensure more security.
There is no strong limitation found rather than its
small key size which offers less security. The only
successful attack on DES is Brute force attack. It’s
another weak point is its encryption speed which is
very slow.
 AES
This encryption technique was recommended by
NIST to replace DES in 2001 [2]. Like DES, AES
is a symmetric block cipher. This means it also uses
same key for both encryption and decryption.
Unlike DES, this algorithm allows three different
key lengths: 128,192 and 256 bits. However, DES
standard states that it can only accept the block size
of 128 bits.Here encryption use 10 rounds in case
of 128 bit keys, 12 rounds with 192 bit keys and 14
rounds for 256 bit keys.Internally, the AES
algorithm’s operations are performed on 4x4
column-order matrix of bytes known as State [3].
B. Asymmetric-key
Asymmetric-key algorithms are those where
different keys (Public and Private) are used for
encryption and decryption.The public key can be
shared with everyone, whereas the private key must
be kept secret. For eg Rivest-Shamir-
Adleman(RSA) and Elliptic curve
cryptography(ECC).
 RSA
This algorithm is designed by Ron Rivest, Adi
Shamir, and Leonard Adleman in 1978 [2]. This is
an asymmetric algorithm. In RSA cryptography,
both the public and the private keys can encrypt a
message; the opposite key from the one used to
encrypt a message is used to decrypt it. This
attribute is one reason why RSA has become the
most widely used asymmetric algorithm. It
provides a method of assuring the confidentiality,
integrity, authenticity and non-reputability of
electronic communications and data storage. It uses
Encryption/Decryption
Algorithms
Symmetric key
cryptography
Assymmetric key
cryptography

4. two prime numbers to generate public and private
keys. The operations of RSA are divided into 3
major categories: Key generation, Encryption and
decryption.
Using an encryption key (e,n), the algorithm is as
follows:
1. Represent the message as an integer
between 0 and (n-1). Large messages can
be broken up into a number of blocks.
Each block would then be represented by
an integer in the same range.
2. Encryption is done by raising M to the eth
power modulo n. The result is a ciphertext
message C=Me
mod n.
3. To decrypt ciphertext message C, raise it
to another power d modulo n, i.e,
M=Cd
mod n
4. The encryption key (e,n) is made public.
The decryption key (d,n) is kept private by
the user. [1]
 ECC
Elliptic Curve Cryptography (ECC) was discovered
in 1985 by Victor Miller from IBM and Neil
Koblitz from University of Washington as an
alternative mechanism for implementing public-key
cryptography.It is a technology which uses elliptic
curve theory to create faster, smaller and more
smaller cryptographic keys. Elliptic curve is a plane
curve over a finite field which consists of the points
satisfying y=x3
+ax+b .
According to some researchers, ECC can yield a
level of security with a 164-bit key that other
systems require a 1,024-bit key to achieve.
The disadvantage of ECC is that it increases the
size of encrypted text and second disadvantage is
that ECC is dependent on very complex equations
which lead to increase the complexity of encryption
algorithm.[4]
V. CONCLUSION
Although cloud computing has
considerably reduced the troubles of storing Big
data with a great ease but has made this data more
vulnerable to security breaches and unauthorized
access by non legitimate users. This paper showed
various techniques of securing Big data which is
stored at clouds with limited user control. These
techniques are unique in their own way and have
different pros and cons depending upon the
environment in which they are used as shown in
table 1. The current levels of security provided by
these algorithms can be further enhanced. Our
future work will explore the possibility of
improvising the existing techniques.
VI. ACKNOWLEDGEMENT
We would like to thank Dr. Manju Bala,
TIC, Department of Computer Science, IPCW, DU
for her valuable guidance and indispensible
suggestions during the successful completion of
this research paper. We would also like to express
our gratitude to Mr. Aniket, lab attendant for
helping us carry out this research. Constant support
and encouragement from family and friends cannot
be neglected.
REFERENCES
[1] Cryptography RSAAlgorithm:
http://courses.cs.vt.edu/~cs5204/fall00/pro
tection/rsa.html
[2] Gurpreet Singh, Supriya, "A Study of
Encryption Algorithms (RSA, DES, 3DES
and AES) for Information Security",
International Journal of Computer
Applications (0975 – 8887), Volume 67–
No.19, April 2013.
[3] Vanya Diwan, Shubhra Malhotra, Rachna
Jain, "Cloud Security Solutions:
Comparison among Various
Cryptographic Algorithms", International
Journal of Advanced Research in
Computer Science and Software
Engineering, Volume 4, Issue 4, April
2014.
[4] Vinit Gopal Savant, "Approaches to Solve
Big Data Security Issues and Comparative
Study of Cryptographic
Algorithms for Data Encryption",
International Journal of Engineering
Research and General Science Volume
3, Issue 3, May-June 2015.
[5] Data: http://techterms.com/definition/data
[6] Venkata Narasimha Inukollu , Sailaja Arsi
And Srinivasa Rao Ravuri, " Security
Issues Associated with Big Data
in Cloud Computing", International
Journal of Network Security & Its
Applications (IJNSA), Vol.6, No.3,
May 2014.
[7] A Practical Guide to Honeypots:
http://www.cse.wustl.edu/~jain/cse571-
09/ftp/honey/
[8] What is Encryption:
http://windows.microsoft.com/en-

5. in/windows/what-is-
encryption#1TC=windows-7
Table 1. Comaparison between DES,AES,RSA,and ECC
Factors DES AES RSA ECC
Contributor IBM Rijman,Joan Rivest Shamir Neal Koblitz
Key length 56 bits 128,192,or256 Depends on number
of bits in the modulus
n where n=p*q
135 bits
Block size 64 bits 128 bits Variable Variant
speed Slow fast Slowest Fastest
Cipher Type Symmetric Symmetric Asymmetric Asymmetric
security Not secure
enough
Excellent security Less secure Less secure
Rounds 16 10 for128 bit key
12 for192 bit key
14 for256 bit key
1 1
(Table 1. A comparative study between different encryption algorithms)