Cloud data security and various cryptographic algorithms

ABSTRACT


INTRODUCTION
Cloud computing (CC) technology has gained wide popularity due to its capability to provide enormous resources to individuals and organizations which can be accessed via the internet anytime and anywhere worldwide [1], [2]. Many information and technology (IT) companies have shifted their operations to the cloud, which provides its users with a feature-rich cloud experience, including access to shared resources, which makes resources available when needed at lower costs. These resources may also be swiftly provided and released with minimal administrative effort, and CC provides the ability to share, manage, and store data, which is actually hosted on remote servers rather than using internal resources or personal devices [1]. Clients can use the cloud services of various programs by adopting CC rather than buying or installing the software on their own computers [3]. CC provides clients with virtualized resources using various technologies, such as web services, virtualization, applications, and operating systems [1]. The main advantages of CC can be summarized as cost reduction, increased productivity, stability, scalability easy management, and availability [4], [5].
Despite the above advantages of CC, it has given rise to various problems and challenges. Security is one of the greatest hurdles that hinder the acceptance of CC among users [1], [6]. It is a major concern that must be considered, and data security issues arise because client data and software are located on the

Cloud deployment model
CC is classified into three types [9], [11], [12]: private, public, and hybrid cloud. Private clouds are managed and overseen only for a solitary organization, and the assets are not used by other clients, which indicates that they are protected from being accessed by unauthorized users. Public clouds are available to the general public and organizations. The assets are shared between every one of the clients. The clients pay the cloud owner depending on the service provided and the assets they utilize. CSPs manage the physical infrastructure, which is located away from the clients. Hybrid clouds are a mix of the above two types (public and private) [1], [10].

Service models
CC provides three key services, namely, software as a service (SaaS), platform as a service (PaaS), and infrastructure as a service (IaaS) [1], [9], [11]. − IaaS: It refers to CSP hardware infrastructure, which includes networks, storage, memory, processors, and a variety of other computing resources. The resources are provided as virtualized systems that can be accessed via the internet. The essential resources are under the control of the CSP [1]. − PaaS: It provides integrated development environments, middleware, operating systems, and platform layer resources through a third-party provider who delivers hardware and software tools to users over the Internet. PaaS does not give customers control over the underlying cloud infrastructure, but only over the applications that are moved to the cloud. − SaaS: It allows consumers to use applications as a service over the internet. Users can simply use the internet to access it rather than buy, install, and maintain software. Customers pay for usage rather than ownership of the software.
The CC system is divided into two sections: the front end and the back end. They communicate with each other through a network, usually over the internet. The front end is the side that cloud clients see. The clients do not normally see the back-end section, which includes network connection, cloud servers, and their applications. Figure 2 shows the categories of cloud services and the architecture of CC.

Characteristics of cloud computing
CC satisfies many characteristics, which are [5], [13]- [15]: − On-demand self-service: Cloud services (such as network storage, network access, and continuous monitoring of the server uptime) do not need any human managers. The clients themselves can provide, supervise, and manipulate computing resources and IT services as needed. − Resource pooling: A CSP can share CC costs and resources (such as servers, storage, database, applications, networks, and services) among a large pool of users, allowing users connected to the cloud to use data simultaneously and to share cloud services according to their requirements. − Broad network access: A user can access CC resources over the network from anywhere worldwide with an Internet connection and a device (e.g., smartphone, computer, and PDA). − Rapid elasticity: Computing services and resources can be scaled up or down quickly and flexibly as needed. − Economy: CC reduces huge IT expenses for its users. The user pays for the service used without having to invest in the computing infrastructure needed to operate and maintain the resources. No coverage or − Malicious insiders: a malicious insider is a person who has authorized access to an organization's network and data and uses these powers in a manner that compromises the organization's information and information systems' confidentiality and integrity. Most organizations are aware of this hazard because it is difficult to detect and has a remarkable effect on the organization. − Account or service hijacking: this threat arises because of fraud and software flaws. In this case, an attacker can gain access to sensitive regions on the cloud, in which he can steal permits and sensitive data. − Hypervisor vulnerabilities: a hypervisor is the most important piece of software in virtualization.
Hypervisors have obvious security vulnerabilities, and remedies are still restricted and often proprietary. − Insecure interfaces and application programming interfaces (APIs): If a poor set of interfaces and APIs are used, then organizations may face security threats, such as unknown access, reuse of passwords, the transmission of content or clear text authentication, and inflexible access management or invalid authorizations. − Cyber-attacks: hacking and cyber-attacks on networks have increasingly become a grave threat in recent years.

LITERATURE REVIEW
The timely execution of encoding data is one of the most serious challenges encountered during data processing and transmission over the Internet. Focusing on privacy concerns, the researchers introduced the dynamic data encryption strategy (D2ES), a new data encryption strategy that attempts to selectively encrypt data using privacy categorization methods while adhering to time constraints. The privacy of this new method has been improved. However, concerns about maintaining the privacy of data owners are found in accordance with the report. Unencrypted data transmissions are one of the main sources of concern. The suggested method consists of two primary techniques: i) identifying data bundles in accordance with their level of privacy and ii) determining whether data bundles can be enciphered within the time constraints. The dynamic encryption determination algorithm was created to provide alternate data bundles for encipherment under varying timing constraints, and it was the fundamental algorithm underpinning the D2ES architecture. The evaluations reveal that the proposed methodology has a powerful performance [20]. users must utilize an encryption mechanism to keep their data safe in the cloud [21]. The user has no idea where their information is saved on the cloud and is concerned about its information protection. Cyber laws in every country vary. The legality and confidentiality of information are the main concerns. The researchers used homomorphic encryption, which ensures that the data is kept private. The proposed technique is tested in the public cloud of Amazon Web Services.
Vijayakumar et al. [22] mentioned that in the current period of information technology, most organizations are moving toward the cloud to save and manage information due to decreased cost, flexibility, regular access, and invigorated programming. They pointed out that healthcare service systems are modifying mechanized stages and winding up being focused on patient-centered information. These systems exhibit an arranging empowered intermediary re-encryption strategy to solve the security flaws for the protection of patient information in healthcare fields, where this method allows authorized people to access the records for a specific timeframe. The suggested framework gives the information owner the ability to select the client who will be granted permission to search directly without disclosing his private key. In an offline state, a key generation attack is a possible threat. The researchers utilized public keyword search with proxy re-encipherment to counteract this threat, which makes keyword guessing more difficult. The Diffie-Hellman algorithm was used by the researchers to produce a shared private key between two parties. It is mostly used to exchange cryptography keys for use in symmetric encryption methods, such as advanced encryption standard (AES). They created a hybrid metaheuristic algorithm to reduce the latency, processing costs, load balancing, and energy consumption of the internet of things (IoT).
Arora and Parashar [23] compared the AES, data encryption standard (DES), Blowfish, and Rivest-Shamir-Adleman (RSA) algorithms to determine the optimum security algorithm for usage in the cloud to keep cloud information safe from hackers. The AES algorithm takes the least amount of time to execute cloud information, the Blowfish algorithm requires the least amount of memory, the DES algorithm takes the least amount of encoding time, and RSA consumes the most memory and encoding time. Singh and Sharma proposed the idea of storing information on many cloud servers utilizing encryption as opposed to putting away a whole record on a single system. For the encipherment of the section of a file in the cloud, a model that combines the AES algorithm and some components of the secure hash algorithms-1 (SHA-1) algorithm was proposed. In the proposed approach, efforts are exerted to diverge the file into distinct pieces, followed by encipherment and storage on a different cloud [24]. Lee et al. [25] used Heroku as a cloud system and used the AES algorithm for information security in Heroku, which relies on a managed container framework, coordinated information services, and a strong ecological system for deploying and executing modern apps. The AES method can be utilized for data security in accordance with the performance evaluation results. They pointed out that Heroku supports the expansion of the cloud platform because it is free. Despite Heroku being free, it can integrate with information services, and developers can construct frameworks using programming languages with Heroku. Heroku supports several programming languages, including Java, PHP, and Python.
Cloud-based encryption and decryption algorithms can improve the online examination system [26]. For this process testing, they did not apply any encryption or decryption algorithms. Although online tests have been widely employed by universities and colleges at all academic levels, they do have one major drawback: the internet connection can be lost. A cutting-edge online examination system capable of overcoming the aforementioned flaw was proposed. Examinees can answer e-question papers without fear of losing Internet connection if the proposed approach is implemented. More et al. [27] suggested a crypto framework for secure cloud information, which combines attribute-based encryption (ABE) and byte rotation encryption algorithm (BREA) to provide additional security and protection to cloud information sharing and coordinated activities. The attributes of the information to be uploaded will be recognized by the ABE algorithm. These attributes will aid the BREA in determining the type of information to be enciphered. The BREA will execute single, multi, or hybrid phase encoding after determining the file's information type. Following the encoding of the data, the ABE will generate a random key that will allow the user to decode the encoded text. This proposed technique has been used in cloud-based banking systems.
Attar and Shahin [28] mentioned that the cloud provides many benefits for businesses and customers, such as lower costs and more flexibility. Integrity, availability, confidentiality, privacy, and confidentiality are the most common security concerns in the cloud. The AES algorithm was employed. The suggested method is divided into two parts. The first part is to load data on a cloud server, and the second part is to download data from a cloud server to the client's PC. The security of the client's information was examined in the two areas. The experiments were conducted by using a machine with a dual-core Intel processor running at 2.5 GHz, 4 GB of RAM, a 500 GB hard drive, and a Linux operating system. The proposed algorithm (AES) encrypts files faster and with more security than DES and Blowfish. Abdulhamid et al. [29] pointed out that most CC apps do not provide a high level of security, such as data protection, secrecy, and integrity. Thus, users must utilize a cloud encryption system to encrypt data before storing them in the cloud. The Blowfish encryption technique was applied in their study. The suggested encryption architecture was tested on a Microsoft Azure cloud server. Secure communication protocol hypertext transfer protocol secure (HTTPS) was used to send encrypted messages to the cloud by using C# programming language. The proposed method adds an extra layer of security by encrypting data before transferring them to the cloud.
Kumar et al. [30] demonstrated that many IT firms and educational institutions are realizing that by simply switching to the cloud, they may instantly access used PC applications and effectively manage infrastructure resources at a low cost. An encryption technique for information security was enhanced to provide security to cloud users. The proposed technique uses a binary tree, where every node contains a letter, integer, or special character, and each link has a binary value of 0 or 1. Hackers will find that the proposed technique is difficult to use because numbers increase security while accessing information. Sajay et al. [31] indicated that security is the fundamental issue related to CC. In the cloud, the models of security are confidentiality, verification, information recuperation, and information integrity. The proposed technique, which is a combined algorithm to improve the security of cloud information by applying an encipherment algorithm, including homographic encipherment and Blowfish encipherment, uses Python programming and cryptography to improve the cloud security. The homographic encipherment is applied to the main layer, which is applied to the input text and is then passed to the second layer, which is the Blowfish encipherment layer. The proposed algorithm provides a security strategy and better stockpiling utilizing encipherment algorithms over the cloud architecture. The results show that if the security challenges are fixed, then small and large enterprises will be safe when storing data in the cloud.
Subashanthini and Pounambal [32] proposed a method for resolving the security issue in electronic commerce in the business world and presented a unified system for storing image data in the cloud. Integer wavelet transform (IWT), chaotic maps, and the deoxyribose nucleic acid (DNA) encoding rule were combined in a three-organize picture encoding process. The proposed method employs five degrees of protection by generating five key sequences through five different chaotic maps. A grayscale image was partitioned into 8×8 blocks, and key 1 was formed by randomly selecting 8×8 blocks using a logistic map. Key 2 was created by using a line map. A tent map was used to make key 3, and a Henon map was applied to make key 4. The resulting mixed block is decoded by selecting a DNA rule using key 5, which is generated by using a sine map. The findings of several measurements and analysis metrics on the suggested work are: entropy=7.99, PSNR=9 dB, and correlation is approximately zero. Differential and brute force attacks are likewise resistant to the proposed strategy. Xu et al. [33] stated that despite the improvement of electronic healthcare systems, issues on ensuring the accuracy and protection of doctors' recommendations to users are still found. Two algorithms based on the modified Paillier cryptosystem, truth discovery technology, and the Dirichlet distribution were proposed to protect privacy. The proposed scheme (PPMR) is a privacy-preserving online medical service recommendation schema for electronic healthcare systems that assists users in finding the right doctor. The proposed PPMR scheme is found to be secure after a security analysis. The sensitive data (for example, clients' needs and doctors' data) are protected in the proposed strategy. Client requests and doctor data are compared in ciphertext form in this approach. This method contains three steps: system initialization, doctor suggestion, and user feedback to determine the doctor's reputation. Individual health data are outsourced to be stored in the cloud to ensure that patients retain ownership over their data, and the data should be encrypted and stored in a database in accordance with the information presented. A cloud-based mobile health monitoring system was developed to ensure the privacy of users' data. The SHA 512 algorithm was used for attribute-based encoding and decoding on the basis of specific information. The proposed technology generates medicine that is appropriate for the patient. IBM-Bluemix is an IBM cloud that provides PaaS, IaaS, and SaaS to customers who want to keep their businesses running on the cloud at a cheaper cost. Bluemix provides a variety of services to keep your security up to date. ClearDb is used as a database service for storing client information [34]. Shah and Philip mentioned that authentication plays a vital role in data security. Biometrics were used for authentication to create a biometric-based cloud for online signature acknowledgment on a Windows Tablet PC, making the signature recognition system more scalable, pluggable, and faster. This process was implemented on the Microsoft Azure public cloud. Signature recognition is one of the most important study areas in the realm of biometric-based identity recognition that may be used successfully in banking applications and Internet commerce. Their study aims to promote online signature acknowledgment in banking applications, where it can be simple to reveal erroneous or fraudulent bank checks. The proposed method achieves a 90% increase in execution speed [35].
Malviya and Dave [36] pointed out that information trustworthiness and information privacy are two important things for open cloud environments. A secure data sharing scheme for dynamic groups in open cloud environments was developed. A customer can share information with others in the group by using the suggested system without jeopardizing cloud privacy. Admin, cryptographic server, and user are the three key components of the proposed system. A cloud is a place where safe data sharing is possible. The data owner module was enhanced to handle unexpected client panel operations and to prevent unauthorized users from gaining access to the system. The AES technique was used to encrypt the data, and the homomorphic (Paillier) algorithm was used to encrypt the key in the proposed work. JAVA was used to complete the task, and JSP was used to deploy the web application. The suggested approach is secure and efficient for exchanging data files in the public cloud among several users. Dong et al. [37] developed a framework called SecureMR that analyzes and transforms MapReduce applications to work over encoded data. Homomorphic encryption was used by SecureMR, which was assessed on a number of MapReduce benchmarks. According to Wu et al. [38] the medical IoT (mIoT), which is backed by the outstanding processing capacity of the cloud and the effective information collection of medicinal sensors, is one of the most prominent breakthroughs. Security remains a major concern in the mIoT because the information is transmitted over an open network. Although encryption techniques may help to maintain patient privacy, they may impede future retrieval of the encrypted data. Public-key encryption with keyword search was proposed to overcome this restriction. The guessing attack in information search was identified as a severe security risk. A reliable public key verified encryption method with a designated tester (CL-dPAEKS) was proposed to address these issues. This method is suitable for the mIoT and contains polynomial-time algorithms. CL-dPAEKS can withstand all types of attacks and is relatively secure. Namasudra [39] proposed an efficient and secure CC data sharing access control model based on ABE, a distributed hash table (DHT) network, and identity-based timed-release encryption (IDTRE). Information was encoded by using client characteristics, and the encoded information was divided into encapsulated and extracted ciphertexts. IDTRE was used to encrypt the decryption key, and the key's ciphertext was combined with the retrieved ciphertext to generate the ciphertext shares. The DHT network was used to distribute the ciphertext shares, and the ciphertext was stored on cloud servers. The findings indicate that the proposed method is safe, efficient, and has a remarkable effect on the IoT. Sarode and Bhalla [40] indicated that mobile CC (MCC) is a fast-developing invention at present. Data protection and security are important considerations when using a mobile device. Network security, web application security, information access, authentication, authorization, data confidentiality, and data breach are all concerns of MCC's security. Mobile devices lack sufficient storage and processing speed. Thus, a strategy that uses AES and RSA was devised to provide flawless security and to improve the security of the mobile cloud. The AES algorithm was used initially because it is faster than RSA in terms of encoding. The AES will convert the original text into a quick response (QR) code during the encoding stage. This QR code will be scanned with the help of the decipherment technique, and the cipher text will be converted to a QR code by using the RSA algorithm. The AES algorithm will then decode the QR code back to plain text. In the mobile cloud, the proposed technique ensures information security and integrity of data and applications.
Cloud-based electronic health record (EHR) technology has revolutionized health care. A secure EHR searching approach that relies on conjunctive keyword searches and proxy re-encoding for information transfer between medical organizations has been provided. It investigates public key encryption with conjunctive keyword search to encrypt the original material and store it on the cloud, ensuring information security while allowing for searchability. The identity-based access control methodology and proxy re-encoding methods are implemented to ensure the validity of access and the privacy of the original material [41]. Hiemenz and Krämer [42] presented a dynamic searchable symmetric encipherment method permitting clients to safely store geospatial information in the cloud. Geospatial information frequently includes critical data, such as urban infrastructures. The genuine geospatial records are enciphered by utilizing the AES algorithm to guarantee secrecy. Searchable symmetric encipherment is appropriate in geospatial document stockpiling, and the suggested method can protect users' information. Chauhan et al. [43] demonstrated many smart learning strategies that aid in the enhancement of the smart virtual interactive environment for work (SVIEW). The proposed method aims to increase efficiency at SRM University's workplace, improve student learning, save power, reduce considerable time, and make life easier for everyone (students, staff, and the board). SVIEW is customizable and can be used at various institutions. In the proposed work, a teacher's fingerprint is used to control the study hall's electrical equipment. The system's goals are to make the university smart and assist lecturers in resolving the concerns raised in the university. AES, which takes less time to encrypt and decrypt, is used to encrypt data.
Xiong and Shi [44] developed two new safe reversible data hiding over encrypted image techniques. The first technique is reversible data hiding by homomorphic encipherment, and the second technique is reversible data hiding in an enciphered domain. These techniques are suitable for preserving image privacy and transferring extra information in cloud data services, where the EIGamal algorithm is employed. Cybersecurity assaults have undermined clients' information privacy and protection in medical cyberphysical systems (MCPSs). Conventional standard encipherment algorithms for information protection (EHR for MCPS), were created depending on the system architecture as opposed to the viewpoint of clients. A safe methodology for data stockpiling and conveying was proposed. This method comprises a selective encipherment algorithm combined with fragmentation and dispersion to ensure information security and protection. The main idea of the SE algorithm is to splinter the digital information in a manner that makes various information parts related [45].
CC is one of the most researched topics in IT, and cloud information security is one of the top concerns for any organization that considers shifting to the cloud. Goyal and Kant [46] created and tested a variety of algorithms for securing cloud data, including AES, SHA-1 (hashing method), and elliptic curve cryptography (ECC). Every encipherment and decipherment procedure in the proposed technique uses two different keys. Kumar and Roberts [47] proposed a new architecture based on digital signatures as a means of reducing the economic denial of sustainability (EDoS) from the cloud. Kumar and Shafi [48] used a modified RSA technique to increase the security for cloud-stored data. Teng et al. [49] presented a modified AES by using master choreography and column mixing. Experiments were conducted on the Hadoop platform. Abroshan [50] combined an elliptic curve-based technique with an enhanced Blowfish algorithm. The security and performance are improved by using the two techniques to encrypt the data. Awan et al. [51] proposed an improved 128 AES method to accelerate the encryption process. The improved technique uses less power, better load balancing, and improved trust and resource management on the network. Kumar et al. [52] developed a novel approach using the autonomic resource provisioning and scheduling (ARPS) framework combined with the spider monkey optimization (SMO) algorithm. The effectiveness of the proposed approach was assessed by using the CloudSim framework. It achieves good results in terms of processing time, cost, and energy consumption.
Mata et al. [53] utilized hybrid cryptographic techniques (AES and Blowfish) in their study. Progressively introducing more complicated functions increases the security of data storage in CC. Dubey et al. [54] aimed to allocate the best possible resources for IoT applications by combining the features of two metaheuristic-based methodologies, cuckoo search optimization (CSO), and particle swarm optimization (PSO). The simulation outcomes show that the suggested hybrid algorithm may allocate the services more effectively. The computational results in [55] show that the improved binary PSO (BPSO) algorithm, which is based on a transfer function, is more effective in optimizing several quality-of-service metrics, such as makespan time, energy consumption, and execution cost. Goyal and Kant [46] devised a new hybrid algorithm for protecting cloud data and used it in practice. The proposed algorithm combines AES, SHA-1 (a hashing technique), and ECC. Khakim et al. [56] secured the password using the MD5 algorithm and ISSN: 2088-8708  Cloud data security and various cryptographic algorithms (Yahia Alemami) 1875 encrypted the data using AES with a key length of 256 bits. The proposed method prevents anyone to hack the login data in the cloud. Orobosade et al. [57] proposed a method using ECC as the following encryption technique with an AES key, and AES key as the first-level data encryption process before storing data in the cloud. The literature review is summarized in Table 1.  [20] Cloud (generally) D2ES Potey et al. [21] Amazon Web Homomorphic Vijayakumar et al. [22] Healthcare area Diffie-Hellman, AES Mathur et al. [58] Cloud (generally) SHA-1, AES Lee et al. [25] Heroku AES Biswas et al. [26] Online examination system Not used More et al. [27] Banking systems ABE and BRE algorithm Attar and Shahin [28] Cloud (generally) AES Abdulhamid [29] Microsoft Azure Blowfish Kumar et al. [30] IT organizations Binary tree Sajay [31] Organizations Homographic, Blowfish Subashanthini and Pounambal [32] Electronic commerce IWT, chaotic maps, and DNA Xu et al. [33] Electronic healthcare systems Modified Paillier cryptosystem, truth discovery technology, and the Dirichlet distribution Naidu et al. [34] Bluemix SHA 512 Philip and Shah [35] Microsoft Azure Biometrics for authentication Malviya and Dave [36] Open cloud Homomorphic, AES Dong et al. [37] SecureMR Homomorphic Wu et al. [38] mIoT Public key encipherment with keyword search Namasudra [39] IOT ABE, distributed hash network, and identity-based timed-release encryption Sarode and Bhalla [40] MCC AES, RSA, and QR code Wang et al. [41] EHR Public key encipherment with conjunctive keyword search Hiemenz and Krämer [42] Geospatial AES Chauhan et al. [43] SRM University Teacher's fingerprint, AES Qiu et al. [45] EHR Selective encipherment algorithm combined with fragmentation and dispersion Goyal and Kant [46] IT industry AES, SHA-1, and ECC Kumar and Roberts [47] CC Digital signatures Kumar and Shafi [48] CC modified RSA Teng et al. [49] Hadoop improved AES Abroshan [50] CC Elliptic curve technique and enhanced Blowfish Awan et al. [51] CC Enhanced AES (128) Kumar et al. [52] ARPS and CloudSim SMO algorithm Mata et al. [53] CC AES and Blowfish Dubey et al. [54] Fog CC CSO and PSO Kumar et al. [55] CC BPSO Goyal and Kant [46] CC AES, ECC, and SHA-1 Khakim et al. [56] CC MD5 and AES (256) Orobosade et al. [57] CC ECC and AES

RESULTS AND DISCUSSION
Encryption algorithms play an essential role in cloud data security. International data encryption algorithm (IDEA), AES, RSA, Blowfish, and DES algorithms are compared to determine the best security algorithm. The assessment results are shown in Table 2. Table 2 shows that RSA is an asymmetric algorithm, and IDEA, AES, Blowfish, and DES are symmetric algorithms. RSA and IDEA are less secure than AES, Blowfish, and DES). In this study, the AES algorithm takes the least amount of time to encipher cloud information, the Blowfish algorithm requires the least amount of memory space, and the AES algorithm can be used for encrypting huge amounts of data. The AES is faster than other algorithms and is the best algorithm in terms of authentication parameters. The RSA consumes the most memory and requires maximum encipherment time. Figure 4 shows the comparison of encryption algorithms with respect to the security level, data encipherment capacity, authentication, memory utilization, and encryption time.

CONCLUSION
CC is one of the latest trends in the IT field and provides a variety of benefits to clients. Cloud information security is one of the top concerns for any organization that considers shifting to the cloud. Therefore, researchers mostly focus on this topic. Encryption is one of the safest solutions for blocking unauthorized access. Different encryption techniques are used in cloud environments to secure cloud data, which contributes to reducing hacking to some extent. This study provided a recent review of cloud security issues, challenges to cloud adoption, and encryption algorithms that are used in cloud environments. The framework and techniques utilized in a number of previous studies were summarized. A literature review was conducted in the field of cloud data security in which the encryption algorithms of RSA, AES, DES, Blowfish, and IDEA were compared, to find the optimal security algorithm for cloud data protection. The results show that RSA is an asymmetric algorithm, and IDEA, AES, Blowfish, and DES are symmetric algorithms. RSA and IDEA are less secure than AES, Blowfish, and DES, and the Blowfish algorithm requires the least amount of memory space. The AES algorithm can be used for encrypting huge amounts of data. The AES is faster than other algorithms and is the best algorithm in terms of authentication parameters. The RSA consumes the most memory and requires maximum execution time. The researchers suggest the use of hybrid encryption algorithms, such as AES and Blowfish, to obtain more security and complexity for hackers.