This repository implements HEADS (Hybrid Encryption with AES and DNA-based Shift Protection) — a next-generation encryption algorithm designed to enhance data security across edge–cloud systems. By combining the biological principles of DNA encoding with the Advanced Encryption Standard (AES), the model provides multi-layered data protection, mitigating modern cyber threats in distributed computing environments.
As modern infrastructures like smart cities, IoT networks, and connected homes rely on edge–cloud communication, data traverses multiple nodes — increasing exposure to attacks. The HEADS algorithm introduces an additional layer of protection by incorporating DNA-based data transformation and shift-protected amino acid encoding before applying AES encryption.
This ensures:
- Stronger resistance to cryptanalysis and replay attacks
- Minimal increase in computation time
- High confidentiality and integrity in distributed systems
| Concept | Description |
|---|---|
| DNA-based Encoding | Converts binary data into DNA bases (A, C, G, T) and then into amino acid codons. |
| Shift Protection | Applies a user-defined or system-generated shift key (Ksp) to rearrange amino acid sequences, introducing data randomness. |
| AES Encryption | Performs symmetric encryption on the transformed DNA-based data for strong confidentiality. |
| Hybrid Key Generation | Uses password-based DNA transformation combined with dynamic key shifting for session-level key renewal. |
- Convert plaintext to ASCII → binary
- Map binary to DNA bases (
A=00, C=01, G=10, T=11) - Group DNA bases into codons and translate to amino acids
- Apply shift protection using
Ksp - Encrypt amino acid sequence using AES
- Transmit securely between edge and cloud nodes
- Decrypt AES ciphertext using password-based key
- Remove shift protection using
Ksp - Convert amino acids → DNA codons → binary → ASCII
- Reconstruct original plaintext
Input:
Plain text = "Hello World"
After Encryption:
Cipher Text = v3bUVeJRyJbifPdlW7j2jCs2itrxChEmUjH6J4bx2132OwZy7JHxRaGgStibaV2
After Decryption:
Plain text = "Hello World"
| Metric | AES | Blowfish | HEADS |
|---|---|---|---|
| Throughput (Kb/sec) | 158 | 200 | 164 |
| Encryption Time | Moderate | Fastest | Moderate |
| Security Strength | High | Medium | Very High |
| Resistance to Replay/Cryptanalysis | Limited | Limited | Strong |
The HEADS algorithm achieves superior security with only minimal performance trade-offs, making it suitable for edge-cloud systems, where latency and resource constraints are critical.
- Java 8 – Core language for algorithm implementation
- Apache Commons Math – Statistical computation and analysis
- CloudSim Plus 6.1.1 – Cloud and Edge simulation environment
- Amazon Top Cell Phones Dataset (Kaggle) – Dataset 1
- Vehicle Number Plate Dataset (Kaggle) – Dataset 2
+-------------+ +-------------+ +-------------+
| End User | <----> | Edge Node | <----> | Cloud Server |
| (Encrypts) | | (Processes) | | (Stores Data) |
+-------------+ +-------------+ +-------------+
Data Flow:
Plaintext → DNA Encoding → Shift Protection → AES Encryption → Cloud Storage
| Attack Type | HEADS Defense Mechanism |
|---|---|
| Man-in-the-Middle | Dual-layer encryption prevents useful data interception. |
| Dictionary Attack | DNA and shift-based encoding obscure password patterns. |
| Replay Attack | Session-specific AES keys invalidate reused packets. |
| Cryptanalysis | DNA randomization and codon shifting make pattern analysis infeasible. |
User Password → ASCII → Binary → DNA Base Conversion
↓
Random Shift Key (Ksp) applied
↓
Resulting DNA key used for AES encryption
Each encryption session generates a unique key, ensuring forward secrecy and minimizing reuse vulnerabilities.
| Parameter | Value |
|---|---|
| Simulator | CloudSim Plus 6.1.1 |
| Nodes | 5 Edge Nodes, 2 Cloud Data Centers |
| Bandwidth | 500 Mbps |
| Storage | 10 GB (Cloud), 3 GB (Edge) |
| Processor | Intel i5-8250U |
| OS | Windows 10 |
| RAM | 8 GB |
- The HEADS algorithm outperforms AES-only encryption in terms of security resilience while maintaining similar performance.
- Demonstrates resistance to replay and dictionary attacks.
- Proves feasibility of DNA-inspired cryptography for real-world edge-cloud systems.
Chandan Cherukuri, Sambit Kumar Mishra, Pavuluri Venkata Dheeraj, Deepak Puthal
- Department of Computer Science and Engineering, SRM University AP, India
- Department of EECS, Khalifa University, Abu Dhabi, UAE 📧 {chandan.cherukuri, dheeraj.krishnamohan}@srmap.edu.in, deepak.puthal@ku.ac.ae
- Implement mutual authentication between edge and cloud nodes
- Expand to multi-user asymmetric cryptography
- Integrate machine learning for adaptive trust and anomaly detection
- Support for IoT-scale deployments
This project is released under the MIT License. You are free to use, modify, and distribute it for academic and research purposes with proper citation.
IEEE Xplore: Sambit Kumar Mishra, Chandan Cherukuri, Pavuluri Venkata Dheeraj, Deepak Puthal (2023). “A Hybrid Encryption Approach using DNA-Based Shift Protected Algorithm and AES for Edge-Cloud System Security,” Proceedings of the 21st OITS International Conference on Information Technology (OCIT 2023).