I. Introduction

The importance of cloud services and cloud computing continues to grow and is now an in-demand technology and an expected trend for hyperscale cloud providers in the upcoming decade of 2020. These cloud-managed services are adopted in various business fields like Big Data Platforms, designed to handle voluminous data multi-structured in real-time. Those on-demand services perform tasks for proceeding and storing data in cloud environments and other information science progressing rapidly like Artificial Intelligence (AI), Machine Learning (ML), or Deep Learning (DL). Furthermore, many embedded systems, small Advanced RISC Machine (ARM) architecture, and Internet of Things (IoT) devices connected to sensors collect sensed data and push it into a cloud-based data sink. Other smart IoT application areas such as healthcare [1], traffic [2], energy grids [3], agriculture [4], home and building automation [5] store the captured data in cloud storage environments. This cloud storage can be encrypted and decrypted by a build-in symmetric cryptography scheme, deployed and managed by a cloud-based key management service (KMS), assuring the transparent data flow for encryption and decryption. In some cases, the cloud provider KMS service breaks the privacy security policy and can even extract all data with the master secret key because the customer cannot use their own KMS [6]. However, incorrect configurations set full storage access without authentication even when the storage and containing data are encrypted. In this low-cost and easy-to-implement attack known as Store Now, Decrypt Later, the encrypted data is copied and stored until a sufficiently compute resource is available to decrypt it. However, data security and protection are a burning issue in cloud technology, which can largely impact the privacy of crucial and sensible data. A prominent attack on cloud providers is known as a data tampering attack. This attack can jeopardise the confidentiality and integrity of data. From the logical data layer view, there is a need to ensure a cloud architecture layer to cover security and performance-driven perspectives [7]. Thus attacks aim to break the current state of the security perimeter and grab the plain and native data. Due to the rapid development of quantum informatics and the possibility to store unlimited data size in cloud buckets, more cryptologists pay attention to define a quantum-safe long-term safety strategy. In this regard, useful quantum-resistant cryptography for cloud storage has been designed but has no quantum-resilient proven candidate. Some Post-Quantum Cryptography (PQC) schemes provide an algorithm and hash-based function for long-term data security with a probabilistic method [8], [9]. According to Goldwasser and Micali [10], high-secure data encryption can only be safe when it is based on a probabilistic method. However, the challenge for deterministic computers is to create a practical application of probabilistic methods to generate cryptographically secure pseudorandom numbers (PRN) and pseudorandom function (PRF). In this paper, we define a quantum-safe data-at-rest architecture framework with a block cipher method. We expect symmetric cryptography as a quantum-safe scheme and use the Feistel cipher Camellia for this purpose. On the one hand, a simplified version of Camellia seems to be resilient to differential and or linear-differential attacks. Still, on the other hand, no researchers published a proven quantum-safe concept on Camellia. In 2001, the cooperation of Nippon Telegraph and Telephone (NTT) and Mitsubishi Electric Corporation developed and submitted Camellia as a strong cryptographic primitive to NESSIE (New European Schemes for Signature, Integrity, and Encryption). Camellia is an approved cipher scheme by the Japanese CRYPTREC and Internet Engineering Task Force (IETF) [11]. We describe a general contribution to creating a quantum-safe vault.