<![CDATA[The widespread adoption of cloud storage systems has increased the demand for cryptographic mechanisms that ensure data confidentiality while limiting security risks associated with static and long-lived encryption keys. Although hybrid RSA-AES schemes are commonly employed to balance security and computational efficiency, key management-particularly autonomous and quantitatively bounded key rotation-remains insufficiently formalized. This study proposes a hybrid RSA-AES cryptosystem equipped with an autonomous auto-key rotation mechanism defined through explicit analytical constraints. AES-256 is employed for bulk data encryption, while RSA-2048 is used for secure encapsulation of symmetric session keys. Key renewal is governed by inequality-based conditions on elapsed time (Δt ≤ 30 minutes) and encryption usage (n ≤ 10 operations), yielding a mathematically bounded key lifecycle without manual intervention or external infrastructure. System performance and operational security properties are evaluated in a simulated cloud environment using file sizes ranging from 100 KB to 10 MB. Quantitative metrics include encryption and decryption time complexity, computational overhead relative to AES-only encryption, key variability measured by Hamming distance, and data integrity verification using SHA-256. Experimental results demonstrate linear scalability and a stable average overhead of approximately 12.8%, indicating a bounded constant-factor cost independent of workload size. Successive AES-256 keys exhibit a mean Hamming distance of 127.42 bits, consistent with high key variability and effective key freshness. These findings show that analytically constrained key rotation enables controlled symmetric-key exposure while preserving practical efficiency overall.]]>
