An Enhanced RNS-AES Encryption Scheme with CBC Mode and HMAC for Secure and Authenticated Data Protection
Abstract
Modern cryptographic systems in cloud and IoT environments must balance strong security with real-time performance, yet existing methods often require trade-offs that sacrifice speed for security or introduce latency through conservative designs. This paper presents RNS-AES-CBC-HMAC, a hybrid framework that integrates Residue Number System (RNS) arithmetic with AES-256 and HMAC-SHA256 to deliver both performance and robust security. Using a balanced modulus set $\{2^n - 1,\, 2^n,\, 2^n + 1\}$ for constant-time, carry-free arithmetic mitigates side-channel risks, while AES-256 in Cipher Block Chaining (CBC) mode ensures confidentiality and HMAC-SHA256 provides message integrity with minimal overhead. Implemented in Python 3.10 with PyCryptodome 3.18.0 and tested on an AMD Ryzen~5~2500U, the framework achieved encryption/decryption latencies of $55$--$593\,\mu\text{s}$ for 4--15 character payloads, representing 99\% improvement over previous RNS-based hybrids. It scales linearly in time and memory $\mathcal{O}(n)$, consumes only $21\,\text{KB}$, and produces ciphertext entropy of $7.999\,\text{bits/byte}$, surpassing NIST SP~800-22 standards. This dual-layer architecture effectively counters both passive and active threats, making it suitable for low-latency IoT edge devices and high-throughput cloud systems, merging theoretical number systems with practical cryptography for real-world deployment.
References
Rabanal, F., & Martínez, C. (2020). Cryptography for big data environments: Current status, challenges, and opportunities. Computational and Mathematical Methods, 2(1), e1075. https://doi.org/10.1002/cmm4.1075
Naeem, S. (2023). Network security and cryptography challenges and trends on recent technologies. Journal of Applied and Emerging Sciences, 13(1), 1–8.
Ali, O., Ishak, M. K., Bhatti, M. K. L., Khan, I., & Kim, K. I. (2022). A comprehensive review of Internet of Things: Technology stack, middlewares, and fog/edge computing interface. Sensors, 22(3), 995. https://doi.org/10.3390/s22030995
Paar, C., & Pelzl, J. (2015). The advanced encryption standard (AES). In Understanding cryptography: A textbook for students and practitioners (pp. 87–121). Springer.
Nechvatal, J., Barker, E., Bassham, L., Burr, W., Dworkin, M., Foti, J., & Roback, E. (2001). Report on the development of the Advanced Encryption Standard (AES). Journal of Research of the National Institute of Standards and Technology, 106(3), 511. https://doi.org/10.6028/jres.106.023
Fournaris, A. P., Papachristodoulou, L., & Sklavos, N. (2017, April). Secure and efficient RNS software implementation for elliptic curve cryptography. In 2017 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) (pp. 86–93). IEEE. https://doi.org/10.1109/EuroSPW.2017.56
Pei, D., Salomaa, A., & Ding, C. (1996). Chinese remainder theorem: Applications in computing, coding, cryptography. World Scientific.
Dupré, G. (2024). Energy efficiency in AES encryption on ARM Cortex CPUs: Comparative analysis across modes of operation, data sizes, and key lengths. [Unpublished manuscript].
Zhang, J., Chen, B., Zhao, Y., Cheng, X., & Hu, F. (2018). Data security and privacy-preserving in edge computing paradigm: Survey and open issues. IEEE Access, 6, 18209–18237. https://doi.org/10.1109/ACCESS.2018.2820162
Abbas, A. P. D. S. A., & Maryoosh, A. A. B. (2015). Improving data storage security in cloud computing using elliptic curve cryptography. IOSR Journal of Computer Engineering, 17(4), 48–53.
Abbas, P. S. A., & Maryoosh, A. A. B. (2016). Data security for cloud computing based on ECIES and MIBC. International Journal of Applied Information Systems, 10, 7–13. https://doi.org/10.5120/ijais2016451517
Muthurajan, V., & Narayanasamy, B. (2016). An elliptic curve based Schnorr cloud security model in distributed environment. The Scientific World Journal, 2016, 1–8. https://doi.org/10.1155/2016/4913015
Mendonca, S. N. (2018). Data security in cloud using AES. International Journal of Engineering Research & Technology, 7, 205–208. https://doi.org/10.17577/IJERTV7IS010104
Vidya, S., & Deepa, T. (2022). Security enhancement using AES algorithm for emergency situation detection system. International Journal of Innovative Science, Engineering and Technology, 9.
Kartit, Z., & El Marraki, M. (2015). Applying encryption algorithm to enhance data security in cloud storage. Engineering Letters, 23(4).
Hodowu, D. K. M., Korda, D. R., & Ansong, E. D. (2020). An enhancement of data security in cloud computing with an implementation of a two-level cryptographic technique, using AES and ECC algorithm. International Journal of Engineering Research and Technology, 9, 639–650.
Schinianakis, D., & Stouraitis, T. (2016). Residue number systems in cryptography: Design, challenges, robustness. In Secure system design and trustable computing (pp. 115–161). https://doi.org/10.1007/978-3-319-14971-4_4
Baagyere, E. Y., Agbedemnab, P. A.-N., Qin, Z., Daabo, M. I., & Qin, Z. (2020). A multi-layered data encryption and decryption scheme based on genetic algorithm and residual numbers. IEEE Access, 8, 100438–100447. https://doi.org/10.1109/ACCESS.2020.2997838
Kasianchuk, M., Karpinski, M., Kochan, R., Karpinskyi, V., Litawa, G., Shylinska, I., & Yakymenko, I. (2020). Developing symmetric encryption methods based on residue number system and investigating their cryptosecurity. Cryptology ePrint Archive.
Baagyere, E. Y., Quashigah, L., Agbedemnab, P. A., Turkson, R. E., Wenya, G. E., & Aabaah, I. (2025). A novel cryptographic approach for enhanced data security in cloud computing environments using residue number system and advanced encryption standard. Earthline Journal of Mathematical Sciences, 15(5), 779–802. https://doi.org/10.34198/ejms.15525.779802
Ahmed, A., Kumar, S., Shah, A. A., & Bhutto, A. (2023). Cloud computing security issues and challenges. Tropical Scientific Journal, 2(1), 1–8.
Akbar, H., Zubair, M., & Malik, M. S. (2023). The security issues and challenges in cloud computing. International Journal for Electronic Crime Investigation, 7(1), 13–32. https://doi.org/10.54692/ijeci.2023.0701125
Thabit, F., Can, O., Alhomdy, S., Al-Gaphari, G. H., & Jagtap, S. (2022). A novel effective lightweight homomorphic cryptographic algorithm for data security in cloud computing. International Journal of Intelligent Networks, 3, 16–30. https://doi.org/10.1016/j.ijin.2022.04.001
Korda, D. R., Ansong, E. D., & Hodowu, D. K. M. (2021). Securing data in the cloud using the SDC algorithm. International Journal of Computer Applications, 183, 24–29. https://doi.org/10.5120/ijca2021921631
Wen, J. (2023). A layered encryption model PABB based on user privacy in e-commerce platforms. Frontiers in Business, Economics and Management, 9(3), 10–14. https://doi.org/10.54097/fbem.v9i3.9428
YueJuan, K., Yong, L., & Ping, L. (2020). A searchable ciphertext retrieval method based on counting bloom filter over cloud encrypted data. IAENG International Journal of Computer Science, 47(2).
El Balmany, C., Asimi, A., & Tbatou, Z. (2022). VMITLP: A security protocol towards a trusted launch process of a user generic virtual machine image on a public cloud IaaS platform. IAENG International Journal of Computer Science, 49(1).
Hu, Y., Lin, Y., Nie, Y., Peng, C., He, Y., Liu, Y., Ma, G., & Seng, D. (2024). Design and development of a BaaS system based on intelligent scheduling and operation cloud-edge platform. IAENG International Journal of Computer Science, 51(3).
Rivera, L. B., Bay, J. A., Arboleda, E. R., Pereña, M. R., & Dellosa, R. M. (2019). Hybrid cryptosystem using RSA, DSA, ElGamal, and AES. International Journal of Scientific & Technology Research, 8(10), 1777–1781.
Abdullah, A. M. (2017). Advanced encryption standard (AES) algorithm to encrypt and decrypt data. Cryptography and Network Security, 16(1), 11.
Kadri, A. F. (2023). Enhancement of Advanced Encryption Standard performance on hidden data using residue number system (Doctoral dissertation, Kwara State University, Nigeria).
This work is licensed under a Creative Commons Attribution 4.0 International License.
.jpg){kind=logo}
