Enhancing Cloud information System Security Through Dynamic Key Evolution in Hybrid AES-ECC Architecture Cryptographic

Cloud computing information systems process vast amounts of sensitive structured and unstructured textual data; therefore, scalable cryptographic architectures should be considered vital for cloud security. In addition to very efficient key establishment and high-speed data protection, hybrid AES–ECC encryption schemes involve static symmetric keys where any of the existing models are vulnerable to be exposed in entire session rather than single block ciphertext if only a single static key gets leaked. In this research, a Hybrid AES–ECC cryptosystem is proposed that addresses the issue of key lifecycle security in the environment of cloud assisted by Dynamic Key Evolution (DKE). The framework combines the use of Elliptic Curve Diffie–Hellman (ECDH) for secure key agreement, HKDF for master key derivation and AES-256-GCM for authenticated encryption with a per-chunk hash-based key evolution mechanism that achieves intra-session forward secrecy and contains compromised keys to a single chunk.\r\nExtensive experimental evaluation was performed on workloads from cloud-scale (1 MB) to order of cloud scale (100 MB). The proposed scheme provides encryption throughput up to 589.34 MB/s and decryption throughput up to 705.48 MB/s, while still achieving nearly ideal ciphertext entropy (≈8 bits/byte), avalanche effect (≈50%), and key sensitivity (~49.98%). The framework\'s robustness and predictability are validated by advanced statistical methods, including NIST randomness assessments, correlation analysis, Monte Carlo key variation experiments, and regression-based scalability modelling (R² = 0.94). Through formal threat modelling and security analysis, we show that Resistance to passive, active, replay and partial key compromise attacks is achieved using standard cryptographic assumptions.\r\n