TRIBHUVAN UNIVERSITY

INSTITUTE OF SCIENCE AND TECHNOLOGY

NAGARJUNA COLLEGE OF INFORMATION TECHNOLOGY

A Project Report on
“A Secure File Sharing System”
‘Using AES encryption algorithm’

Submitted To:
Department of Computer Science and Information Technology
Nagarjuna College of Information Technology

In partial fulfillment of the requirements for the bachelor’s Degree in

Computer Science and Information Technology

Submitted By:
Daniel Tamang(7684/072)
Mohammad Sarzil(7691/072)
Nilam Maharjan(7692/072)
Santosh Pyakurel (7702/072)

August, 2019

ii
 SUPERVISOR’S RECOMMENDATION

I hereby recommend that this report has been prepared under my supervision by Daniel
Tamang (TU Exam Roll No. 7684/072),Nilam Maharjan (TU Exam Roll No. 7692/072),
Mohammad Sarzil (TU Exam Roll No. 7691/072) and Santosh Pyakurel (TU Exam Roll
No. 7702/072) entitled “Secure File Sharing” in partial fulfillment of the requirements
for the degree of B.Sc. in Computer Science and Information Technology be processed
for evaluation.

………………………………
Mr. Ramesh Singh Saud
Project Supervisor
Nagarjuna College of IT
Hariharbhawan, Lalitpur

iii
 CERTIFICATE OF APPROVAL

This is to certify that this project prepared by Daniel Tamang (TU Exam Roll No.
7684/072),Nilam Maharjan (TU Exam Roll No. 7692/072), Mohammad Sarzil (TU Exam
Roll No. 7691/072) and Santosh Pyakurel (TU Exam Roll No. 7702/072) entitled “Secure
File Sharing” in partial fulfillment of the requirements for the degree of B.Sc. in Computer
Science and Information Technology has been well studied. In our opinion, it is satisfactory
in the scope and quality as a project for the required degree.

____________________
Mr. Ramesh Singh Saud
External Examiner
Project Supervisor
Department of Computer Science and
Information Technology
Nagarjuna College of IT
Tribhuvan University
Hariharbhawan, Lalitpur

iiii
 ACKNOWLEDGEMENTS

The completion of this project would not have been possible without the support and
guidance of many individuals.
We are grateful to Nagarjuna College of Information Technology for guidance and
supervision, as well as providing all the necessary support and friendly environment for the
successful completion of the project.
We would like to express our gratitude to our project supervisor Mr. Ramesh Singh Saud
who took an interest in our project and guided us through the project by providing necessary
ideas, information and knowledge for developing a Secure File Sharing System. We would
like to thank Mr. Ramesh Singh Saud for his encouragement and guidance towards the
making of this report as per the standard.
We are thankful and fortunate enough to get constant support from our colleagues and
teaching staff of B.Sc. CSIT department, which helped us, complete our project. We would
also like to extend our regards to all the non-teaching staff of B.Sc. CSIT department for
their timely support.

DanielTamang (7684/072)
Mohammad Sarzil(7691/072)
Nilam Maharjan(7692/072)
Santosh Pyakurel(7702/072)

ii
 ABSTRACT

Many Users will store the files in cloud and share to other users but the information in the
cloud is not encrypted so it cannot be secure so, we proposed this web application. In this
project we can encrypt the user’s uploaded files and we can also generate a secret key, if any
user requests for the file then we can verify and respond to their requests. Using the key, he
can access file. But the file that are uploaded as public can be downloaded directly.
A secure file sharing system using AES is an application that aims to maintain the
privacy of data and eliminate data leakage to unauthorized users. This application uses the
concept of cloud combined with the encryption of the files. Files are encrypted using AES
encryption algorithm. In the proposed system user encrypts all the files with distinct keys
before uploading them into the cloud. The user can upload the files as private or public.
However, public files can be downloaded directly, but to download the private files a user
will send a request to the file owner. Users can give authorized permission to access the files
by responding with a unique key generated by the system for individual user and individual
file. By the use of the key user can access the private file. Using the private key cipher text is
converted into plain text, and the plain text gets downloaded. This technique increases the
flexibility of sharing the files. After the completion of this project, a secure environment is
created for sharing and storing files and data with high level of security and privacy.

ii
 TABLE OF CONTENT
ACKNOWLEDGEMENTS……………………………………………………………………i
ABSTRACT…………………………………………………………………………………...ii
TABLE OF CONTENT………………………………………………………………………iii
LIST OF FIGURES…………………………………………………………………………...iv
LIST OF TABLES…………………………………………………………………………….v
LIST OF ABBREVIATIONS………………………………………………………………...vi
CHAPTER 1 INTRODUCTION….………………………………………………………...1
1.1 Introduction...................................................................................................................... 1
1.2 Problem Statement .......................................................................................................... 2
1.3 Objectives ......................................................................................................................... 2
1.4 Scope ................................................................................................................................ 2
1.5 Limitation ......................................................................................................................... 2
1.6 Literature Review ............................................................................................................. 3
CHAPTER 2 SYSTEM ANALYSIS……………..………………………………………….5
2.1 Requirement Collection and Analysis .............................................................................. 5
2.1.1 Functional Requirements ........................................................................................... 5
2.1.1.1 Use Case Diagram .................................................................................................. 5
2.1.2 Non-Functional Requirements ................................................................................... 6
2.1.3 Software Requirement ............................................................................................... 7
2.2 Feasibility Study................................................................................................................ 7
2.2.1 Technical Feasibility: ................................................................................................ 7
2.2.2 Operational Feasibility .............................................................................................. 8
2.2.3 Schedule Feasibility ................................................................................................... 8
2.2.4 Economic Feasibility ................................................................................................. 8
2.3 Data Modeling .................................................................................................................. 8
2.3.1 E-R Diagram .............................................................................................................. 8
2.4 Process Modeling ............................................................................................................. 9
2.4.1 Context Diagram........................................................................................................ 9
2.4.2 Level 1 DFD .............................................................................................................. 9
CHAPTER 3 SYSTEM DESIGN……………..……………………………………………11
3.1System Architecture ........................................................................................................ 11
3.2System Design ................................................................................................................. 12

iii
 3.3 System Flow Diagram ..................................................................................................... 14
3.3.1 System Flow Diagram for Uploading the Files ....................................................... 14
3.3.2 System Flow Diagram for Accepting/Rejecting the Request .................................. 15
3.3.3 System Flow for Downloading the Requested Files ............................................... 16
3.4 Database Schema ........................................................................................................... 17
CHAPTER4 SYSTEM IMPLEMENTATION AND TESTING……..………………….19
4.1 Environment ................................................................................................................... 19
1. Java / JSP ..................................................................................................................... 19
2. NetBeans IDE ............................................................................................................... 20
3. MYSQL ........................................................................................................................ 20
4. HTML/CSS/JS .............................................................................................................. 20
5. Apache Tomcat ............................................................................................................. 20
6.DriveHQ cloud storage .................................................................................................. 21
4.2Application Modules ....................................................................................................... 21
4.2.1 Registration/Login ................................................................................................... 21
4.2.2 Uploading Files........................................................................................................ 22
4.2.3 Requesting Files ...................................................................................................... 22
4.2.4 Sharing Files ............................................................................................................ 22
4.2.5 Downloading Files ................................................................................................... 23
4.2.6 Forgot Password / Change Password....................................................................... 23
4.2.7 Delete Files/ Change Profiles .................................................................................. 23
4.2.8 Admin ...................................................................................................................... 23
4.3 Algorithm Used............................................................................................................... 24
4.3.1 AES algorithm ......................................................................................................... 24
4.4 Testing ............................................................................................................................ 32
CHAPTER 5 CONCLUSION AND FUTURE WORK…………………………………. 38
5.1 Conclusion ...................................................................................................................... 38
5.2 Recommendation ........................................................................................................... 38
References…………………………………………………………………………………...39
Appendix

iii
 LIST OF FIGURES

2.1 Use Case Diagram of secure file sharing System………………………………....6

2.2 E-R diagram of Secure file sharing System……………………………………….9
2.3 Context Diagram of Secure File Sharing System………………………………....10
2.4 DFD level 1 of Secure File Sharing System………………………………………11
3.1 System Architecture of Secure file sharing system ………………………………12
3.2 System Design of Secure file Sharing System……………………………………14
3.3 System Flow Diagram of User Uploading Files ………………………………….15
3.4 System Flow Diagram of User for Accepting/Rejecting a Request ……………...15
3.5 System Flow Diagram of a User for Downloading the File………………………17
3.6 Sequence Diagram of Secure File Sharing System……….……………………….18
3.7 Activity Diagram of secure File Sharing System……………………………….....19
4.1 AES encryption and decryption algorithm ………………………………………..25
4.2 Key Expansion……………………………………………………………………..26
4.3AES Add Round Key ……………………………………………………………...26
4.4AES S-Box source …………………………………………………………………27
4.5 AES sub-bytes ……………………………………………………………………..27
4.6 AES Shift rows …………………………………………………………………….28
4.7 AES Mixcolumn Process …………………………………………………………..28
4.8 AES inverse S-BOX………………………………………………………………..30
4.9 AES Inverse Shift Rows……………………………………………………………31
4.10 AES Inverse Mix Column………………………………………………………...31
4.11 Encryption and Decryption process of AES……………………………………....32

iv
 LIST OF TABLES

Table 4.4.1 Sign In Test Case………………………………………………………………..32

Table 4.4.2Encryption and decryption Test Case…….……………………………………...32
Table 4.4.3 Upload File Test Case ...………………………………………………………...33
Table 4.4.4: Share File Test Case ………...………………………………………………….33
Table 4.4.5: Share File Test Case ………...………………………………………………….34
Table 4.4.6: Response File Test Case ……………………………………………………….34
Table 4.4.7: Download File Test Case ………………………………………...…………….35
Table 4.4.8: Logout Test Case ………...…………………………………………………….35

v
 LIST OF ABBREVIATIONS

AES: Advanced Encryption Standard

API: Application Programming Interface
ARPANET: Advanced Research Projects Agency Network
GUI: Graphical User Interface
IDE: Integrated Development environment
JDK: Java Development Kit
RDBMS: Relational Database Management System
RSA: Rivest ,Shamir and Adelman
SQL: Structured Query Language

vi
 CHAPTER 1 INTRODUCTION

1.1 Introduction

Secure file sharing is a web application which is capable of securely storing and sharing
information by encrypting the data on the cloud. In Secure file sharing system, file uploaded
by the user is encrypted and stored on cloud and other users can request for the access of the
data. The uploader user then can generate unique key for the file. The generated unique key
stored in the local database and respond with the key after the verification of the request user.
Using the key responded with, the user can access the file. DriveHQ cloud storage is used in
the system as the cloud storage.
The user needs to be registered in cloud repository system. In the Secured File Sharing
system DriveHQ is used as the cloud repository system. Once registered he/she can login to
the system and upload their files into the cloud. The user can upload their files in two
categories,
1. Public files
2. Private files
Uploaded file names and attributes of all users can be seen by registered users. In order to get
access to files of other users, they need to be downloaded. However, files uploaded as public
can be directly downloaded and to download the private files, the user needs to request for an
Access key. The user can request private files to the file owner. The file owner can share the
Access key for requested files. Additionally, the file owner has the flexibility to accept or
reject the request made. The user can download the private files only if the file owner sends
an Access key for the requested set of private files.

In this Project, there are two modules. The user will register into the application by providing
all the necessary details and therefore he can log in into the application using username and
password and the user can upload the files to cloud and share with the other registered users.
The admin will verify the users, they are able to delete, edit the user information. User can
also view the files uploaded by him and can also view the requests for a secret key from the
other users and we can respond and the key is sent to user using RSA key exchange
technique. Using that key, he can download the file and view the information.

1
1.2 Problem Statement

Usage of cloud for storage and file sharing is rapidly increasing. With this rapid increase of
the cloud there also exist a main problem of the security since most of the file storing and
sharing application online lack the encryption of the data. Since there is rapid increase of the
users who rely on these applications for the storage and sharing of their data, they and their
information becomes venerable to lack of security.
Some data may be confidential and may be not all the users/people should have their access
on the data without proper authority. Such data if not encrypted, may be easily be accessed by
unauthorized person and result in information leakage. With internet being easy place for
sharing a data and file, it easily can be manipulated and be accessed by wrong person. Thus, a
reliable file sharing system is in the need to enhance a secure storage and sharing of the data
with the proper authority making information more secure.

1.3 Objectives

We propose this application for the safe and secure storage and access of the files and data
with minimal unauthorized access. The objective of building this system are:
1. To create a secure storage of files with encryption.
2. To create an environment to securely access data and information with authorized
users only.
3. To eliminate data leakage and maintain privacy of data.

1.4 Scope
Since there has been a necessity of a secure application that can store our files through the
process of encryption and also share them to only authorized people, it may be beneficial to
those who need high level security to their files.

1.5 Limitation
Although this application aims to reduce data leakage, it cannot control the manipulation of
data from the users and the authorized people. Although it has huge potential to control the
security of data, there is always a potential to data being manipulated to wrong use by the
carelessness of its users.

2
1.6 Literature Review

Cloud storage is a digital computer data storage system in which data is stored in logical
pools. Physical storage is distributed in multiple server the environment of which is managed
by a hosting company. These cloud providers company are responsible for the availability
and accessibility of the data and protect the physical storage. People or organization buy or
lease this storage capacity.
Cloud storage services can be utilized by the use of collocated cloud computing service, a
web service application programming interface (API) or by applications that utilize the API,
such as cloud desktop storage, a cloud storage gateway or web- based content management
systems.
Cloud computing is believed to have been invented by Joseph Carl Robnett Licklider in the
1960s with his work on ARPANET to connect people and data from anywhere at any time.
[1]In 1983, CompuServe offered its consumer users a small amount of disk space that could
be used to store any files they chose to upload.
[2]In 1994, AT&T launched PersonaLink Services, an online platform for personal and
business communication and entrepreneurship. The storage was one of the first to be all web-
based, and referenced in their commercials as, "you can think of our electronic meeting place
as the cloud."
[3] Amazon Web Services introduced their cloud storage service AWS S3 in 2006, and has
gained widespread recognition and adoption as the storage supplier to popular services such
as SmugMug, Dropbox, and Pinterest. In 2005, Box announced an online file sharing and
personal cloud content management service for businesses.
[4]Cloud storage is based on highly virtualized infrastructure and is like broader cloud
computing in terms of accessible interfaces, near-instant elasticity and scalability, multi-
tenancy, and metered resources. Cloud storage services can be utilized from an off-premises
service (Amazon S3) or deployed on-premises (ViON Capacity Services).
[5]Cloud storage typically refers to a hosted object storage service, but the term has
broadened to include other types of data storage that are now available as a service, like block
storage.
Object storage services like Amazon S3, Oracle Cloud Storage and Microsoft Azure Storage,
object storage software like Openstack Swift, object storage systems like EMC Atmos, EMC
ECS and Hitachi Content Platform, and distributed storage research projects like

3
OceanStore[6] and VISION Cloud[7] are all examples of storage that can be hosted and
deployed with cloud storage characteristics.
Cloud storage is:
 Made up of many distributed resources, but still acts as one, either in a federated [8]
or a cooperative storage cloud architecture
 Highly fault tolerant through redundancy and distribution of data
 Highly durable through the creation of versioned copies

4
 CHAPTER 2 SYSTEM ANALYSIS

2.1 Requirement Collection and Analysis

While developing a system and before implementing it is necessary to analyze the whole
system requirements. It is categorized into mainly two parts, namely: functional and
nonfunctional requirements. Having a clear idea about what the project is supposed to
deliver, at the end of the term, makes project managers and developers of the project aware of
steps to be taken for the completion of the job.

2.1.1 Functional Requirements

The requirement that the system must provide to meet the business need. Based on this, the
requirement that system must require:
 The system should provide the facilities of registrations to the system for users.
 The system should provide the facilities of upload and share files to user.
 The system provides the access to the authorized users.
 The system provides the download of files facilities to the user.
 The system should provide the facilities of sharing files to multiples users.

2.1.1.1 Use Case Diagram

Use Case Description:

Actor 1: User
Description: User must sign up to have full access to system. User are login through their
username and password. Users are prohibited to use system if they are not logged in to the
system. Authorized user can upload files with AES encryption, share the files to the multiples
users, and download the files uploaded by user with the access of the private key of that files.

Actor 2: Admin
Description: Admin are responsible for verifying user registration and are capable of user
management in the system.

5
 Fig 2.1: Use Case Diagram of secure file sharing system

2.1.2 Non-Functional Requirements

Reliability: The system should be trustworthy and reliable in providing the functionalities.
Once a user has made some changes, the changes must be made visible by the system.

Scalability: The system should be scalable enough to add new functionalities at a later stage.
There should be a common channel, which can accommodate the new functionalities.

Maintainability: The system monitoring and maintenance should be simple and objective in
its approach. There should not be too many jobs running on different machines such that it
gets difficult to monitor whether the jobs are running without errors.

6
Portability: The system should be easily portable to another system. This is required when
the web server, which is hosting the system gets stuck due to some problems, which requires
the system to be taken to another system.

Performance: The system is going to be used by many users simultaneously. Since the
system will be hosted on a single web server. The system should not succumb when many
users would be using it simultaneously. It should allow fast accessibility to all of its users.

Usability: Simple is the key here. The system must be simple that people like to use it, but
not so complex that people avoid using it. The user must be familiar with the user interfaces
and should not have problems in migrating to a new system with a new environment. The
menus, buttons and dialog boxes should be named in a manner that they provide clear
understanding of the functionality. Several users are going to use the system simultaneously,
so the usability of the system should not get affected with respect to individual users.

2.1.3 Software Requirement

Being a web application, the only dependency the system has is with the web browser. The
system however outlines the following requirements for the Operating System and Web
Browser.
Operating System: Windows, Linux, Mac OS
Web Browser: Safari, IE (8.0 or above), Edge, Mozilla Firefox (3.0 or above), Google
Chrome

2.2 Feasibility Study

2.2.1 Technical Feasibility:

This web based application is technically feasible. The software and hardware requirement
for the development of this application are not many and already available as free as open
source. The work for the project is done with the current equipment and existing software
technology. This application is supported by all.

7
2.2.2 Operational Feasibility

These days’ internet has become a part of everyone’s life thus a person with a sound
knowledge about website can simply handle our site and also the GUI is user friendly without
the requirement of any kind of technical skills for the users.

2.2.3 Schedule Feasibility

With regards to the number of resources and platforms used, the project is completed within
the estimated time period so the system is schedule feasible as per the academic schedule.

2.2.4 Economic Feasibility

The application intended to build uses all the tools that are either free or use free license key
for students. Also, the future enhancements and maintenance of the application as it is fully
software-based with these tools. All the development and the enhancement of the project has
been done by the group members with the resources already available.

2.3 Data Modeling

2.3.1 E-R Diagram

The figure below is the Entity Relationship diagram of the secure file sharing system. There
are five entities in the system they are user, files, cloud storage, private files and public files.
There are five relations on the diagram. This entity diagram shows the relationships of
entity sets stored in a database.

Fig 2.2 E-R Diagram of Secure File Sharing System

8
2.4 Process Modeling

2.4.1 Context Diagram

A context diagram of secure file sharing system shown in Figure below describes various
components and communication between those components. It defines and clarify the
boundaries of the Secure File Sharing System. It identifies the flow of information between
the Secure File Sharing System and external entities of system i.e. user and the admin. The
entire Secure File Sharing System is shown as a single process.

Fig 2.3 Context Diagram of Secure File Sharing System

2.4.2 Level 1 DFD

Figure below shows the level 1 of DFD which provides a more detailed breakout of pieces of
information of level 0 DFD. The Secure file sharing System Level 1 Data Flow Diagram
figure contains the five processes, three external entities and two data stores.

9
Based on the diagram the user can encrypt and Upload the files the files after logged in the
System. The User can download the files directly if it is uploaded as public. If the File is
uploaded as private, the File User have to request for access to the file owner. After the
positive response of the file Owner the File user can decrypt &download the file and which is
stored on the cloud where the respective private key of that files is fetch from the database of
the system.

Fig 2.4 Level 1 DFD of Secure File Sharing System

10
 CHAPTER 3 SYSTEM DESIGN

This chapter discusses about the architecture of the entire system. This chapter also discusses
about data flow diagram, sequence diagram, and activity diagram.

3.1 System Architecture

The System Architecture of the Secure File Sharing system shown in Figure below describes
various components and communication between those components. A user as depicted in the
system architecture, should be authorized to login to the system. The user will communicate with
the application server to store the data onto the cloud through a web browser. When the user
uploads the data it is encrypted using a key generated and thus uploaded in the cloud. Whenever
a user requests for the files stored in the cloud, the file owner provide response for key for
requested files. As soon as you get the key from the owner, key used to encrypt that file from the
local database and decrypts the file using the private key and gets downloaded.

Figure 3.1: System Architecture of Secured File Sharing System

11
3.2 System Design

Figure below shows the system design of the cloud repository system. It uses cloud to store
information about the users, files uploaded by the users, requests made, Access keys generated
for the requested files for the requesting user. The login validations check the username and
password entered with the username and password in the database and confirms or rejects login
accordingly. Upon confirmation, the application server will establish a connection with the cloud
repository system. After that it will pull all the information from the cloud and show it to the
user. This application allows the user to store or retrieve data from cloud repository system.
Whenever a user tries to upload a file, a private key will be generated and that key will be used
to encrypt the file. The key used to encrypt the file is stored in the local database and the
encrypted data is stored in the cloud. Whenever a user tries to retrieve the data the public file can
be downloaded directly whereas to retrieve the private files the user needs to request for an
Access key. Using this Access key and file name, the private key for that particular file can be
taken from the local database by the application server and file can be decrypted and
downloaded.

12
Figure 3.2: System Design of Secured File System

13
3.3 System Flow Diagram

3.3.1 System Flow Diagram for Uploading the Files

Figure below shows the flow of process between the components while uploading the files. The
user can upload either text or image files. Whenever the user uploads a file, a private key will be
generated for that uploaded file. Further, files get encrypted using the private key generated.
Here private key is stored in the local database and the encrypted content is stored in the cloud.

Figure 3.3: System Flow Diagram of User Uploading Files

14
3.3.2 System Flow Diagram for Accepting/Rejecting the Request

Figure below shows the data flow process when a user gets a request. When the user gets a
request for a file he can either accept it or reject the request. If the user rejects the request process
will be terminated otherwise, a key will be generated in the process.

Figure 3.4: System Flow Diagram of User for Accepting/Rejecting a Request

15
3.3.3 System Flow for Downloading the Requested Files

Figure below shows the data flow process of a user for downloading the file. When user
downloads the data flow process would start from downloading the encrypted content. By using
it retrieves the private key generated while data is uploaded. So with the private key and
encrypted content it decrypts the file.

Figure 3.5: System Flow Diagram of a User for Downloading the File

16
3.4 Database Schema
Database schema is the overall representation of database tables in a way that represents all the
co-relations between them. The database schema design is given below:
Admin Table
Column Name Data Type
Id(pk) Integer
Username Varchar(100)
Password Varchar(100)
Email Varchar(100)
Dob Varchar(100)
Gender Boolean
Address Varchar(100)
Mobile Varchar(100)

User Table
Column Name Data Type
Id(pk) Integer
Username Varchar(100)
Password Varchar(100)
Email(unique) Varchar(100)
Dob Varchar(100)
Gender Boolean
Address Varchar(100)
Mobile Varchar(100)
Status Varchar(100)
Cloud_username Varchar(100)
Cloud_password Varchar(100)
User_private_key Longtext
User_public_key Longtext

17
Request Table

Column Name Data Type

File Name Varchar(100)
Owner Varchar(100)
User(fk) Varchar(100)
Status Boolean
Respond_key(fk) Varchar(100)

Reset Password Table

Column Name Data Type

Profile id(fk) Integer
Hash_code Varchar(100)
Exptime Datetime
Datetimes Datetime

Share file Table

Column Name Data Type

Owner Varchar(100)
Filename Varchar(100)
User Varchar(100)

File Table

Column Name Data Type

Filename Varchar(100)
CDate Text
Email(fk) Varchar(100)
File_Description Varchar(100)
Skey LongText
Ftypes Integer

18
 CHAPTER 4 SYSTEM IMPLEMENTATION AND TESTING

The tool implemented for the programming logic of the system is Java. Front end of the system
is developed by using HTML CSS and JS.
Back end of the system is developed with java using JSP and servlets.

4.1 Environment

The following are used in developing the project:

1. Java Servlets/ JSP programming
2. NetBeans IDE
3. MySQL database
4. HTML/CSS/JS
5. Apache Tomcat
6. DriveHQ cloud storage

1. Java / JSP

In the project, J2EE is used in developing Java Servlets. Since it is platform independent and also
contains a set of services, APIs, and protocols that can be used for developing web based
applications, this technology is used for developing, building and deploying of online Web
application. Java Servlets are java programs written at server side. Whenever the application
server gets a client request, servlets are executed at server side. Additionally, these servlets
provide the following:

1. Security: Java Servlets inherits the security feature that the Web container provides.

2. Session Management: User identity and state is kept intact across more than one requests.

3. Instance persistence: Frequent disk access is prevented. This enhances server performance.

19
On the other hand, JSP is a technology used for both web designing and web developing. To put
it more clearly, we use HTML for the layout of web page and then Java code or other JSP related
tags are used to develop main logic inside the layout. For instance, these JSPs byusing special
tags can embed the java functionality into HTML page directly. Hence, lots of time and effort
can be saved.

2. NetBeans IDE

NetBeans IDE 7.2 version is used in this project. It is an integrated tool which is used in the
system for building the application with Java. The most important feature in NetBeans is that, it
has various plugins which comes handy in developing any project. It can be installed on any
operating system that supports java

3. MYSQL

MySQL Server is used as Relational database management system in the Secure File Sharing
System. Apache server uses XAMPP to store all the data like files, username and encrypted
password in MySQL database.

4. HTML/CSS/JS

Front end of the system is developed by using HTML CSS and JS in the system.HTML is used
in the system to use to structuring and creating web pages that are displayed. CSS is used to
describing the presentation of Web pages, including colors, layout, and fonts that allows to adapt
the presentation.JS is used to create responsive, interactive elements for web pages, enhancing
the user experiences.

5. Apache Tomcat

Apache Tomcat is used in the secure file sharing system to implements several java EE
specification including Java Servlet, JSP, Java EL, and Web Sockets and provides a “pure Java”
HTTP web server environment in which Java code can run. It uses MYSQL database to store

20
data using apache server which is called by tomcat. The Apache Tomcat 8.0.9.0 version is used
in the system.

6. DriveHQ cloud storage

The encrypted file is stored in the cloud storage. Then while downloading the file we
fetch the encrypted file from the cloud storage and with private key which is exchange
using RSA key exchange technique to decrypt the file.

4.2Application Modules
The Application Modules for the Secure file sharing system on cloud are as follows:

1. Registration/login
2. Uploading Files
3. Requesting Files
4. Sharing Files
5. Downloading Files
6. Forgot Password/change Password
7. Delete Files/ Change Profiles
8. Admin

4.2.1 Registration/Login

In this module for the first time login user needs to register with the system to use the
application. In the registration page form will be displayed to the user where valid information
needs to be filled in the provided fields with a generated unique user.
All the required fields need to be filled appropriately. Validations are performed on the fields
entered. If the information filled in the form are not according to the requirements the query fails
and a catch statement will be able to determine the reason and prompt error messages to the user
for resolving this issue. Once user clicks the submit button with valid information it needs to be

21
uploaded in the database of the server. If the registration is successful, the user is redirected to
the login page prompting successful registration.
The user can login with the Gmail and Facebook also without registration of user.

4.2.2 Uploading Files

In this module, a user can upload text files and image files. For each uploaded file a unique id is
generated by the application server. Additionally, he/she can upload the files as public or private.
However, both private files and public files are encrypted and stored using AES algorithm.
While uploading, the user needs to mention the file name and upload it. When the user clicks on
submit button a private key will be generated. This key is used for converting plain text into
cipher text a. The private key used for encryption is generated and is stored in the local database
and the cipher text extracted will be stored in the cloud server. If the file is uploaded, success
message is displayed as or else catch block can determine the failure and prompts the error
message to the user to resolve the issues.

4.2.3 Requesting Files

In this system, a user can see the files uploaded by all the users registered into the system.
However, files made as public can be downloaded directly. To download the private files, a user
needs to send a request to the file owner to share the private key used for encryption. To request
the file owner, a user needs to navigate to the request page. Thereafter, the user needs to select
type of the file and the file owner name. Eventually, all the private files of the selected file
owners are displayed to the user where he/she can request the private key for a files. The request
made by the user is sent to the file owner and the success message is displayed to the user. The
key is exchange between the user by using RSA key exchange technique.

4.2.4 Sharing Files

The use can share the files to the single or multiples users at a time in the system as their wish.
Here user has the flexibility to accept or reject the requests made. In order to accept/reject the
requests made he/she needs to select the requested user name. Eventually, all the files requested
by the user are displayed where he can accept/reject few or all the files requested. Whenever the

22
file owner accepts the request a single Access key is generated for the accepted file(s) and is sent
to the requesting user by RSA key exchange technique used by user at registration, and the
success message is displayed.

4.2.5 Downloading Files

A user can download his/her files directly from the “download” page and the requested files can
be downloaded with the private key received by the user on his email. If the private key of the
file match, then the file will be downloaded otherwise reject the download process.

4.2.6 Forgot Password / Change Password

If user forgot the password of the secure file sharing system. Then from the User Login Page the
user can select the Forgot Password link. Then the user should provide the valid email address
used in registration of the secure file sharing system. Then the Password reset link is send to the
email of the user from where they can reset the password.
The user can change the password of the system at frequent interval for security purpose. But the
user should provide the previous password of the system.

4.2.7 Delete Files/ Change Profiles

The user can able to delete the files that are uploaded by them. The user are able to change the
profiles of them.

4.2.8 Admin

The admin information is stored on the database. Admin is able to verify the registration process
of the user. But the user logged in with the Gmail or Facebook doesn’t need admin verification.
The admin is able to block the user. They can delete the user also .Admin can change the profile
of the user also.

23
4.3 Algorithm Used

4.3.1 AES algorithm

AES algorithms can to encrypt the file in the application for the security purpose. The more
popular and widely adopted symmetric encryption algorithm likely to be encountered nowadays
is the Advanced Encryption Standard (AES).

The features of AES are as follows:

 Symmetric key symmetric block cipher

 128-bit data, 128/192/256-bit keys

 Stronger and faster

 Provide full specification and design details

24
 Fig4.1: AES encryption and decryption algorithm

4.3.1.1 Process involved in AES Algorithm

1. Key Expansion Process
The key expansion is responsible for expanding initial 128-bit key into a larger key. For 128bit
key, there is one initial AddRoundKey operation plus there are 10 rounds and each round needs a
new 128-bit key, therefore we require 10+1 round keys 128-bit.

25
 Fig 4.2: Key Expansion
So, the key expansion takes array of 4 words initially and expands into array of 44 32-bit words.
The ‘g’ operation on key expansion involves operations shift columns, sub-bytes and add round
constant.

2. The Encryption Process

In each iteration of CBC mode, the input bits XORed with IV or Ci-1 is feed into AES
algorithm to generate cipher text. The operations involved in AES encryption rounds are:
1. Initial Round:
a) Add Round Key
Each byte of the state is combined with a block of the round key using bitwise Xor.

Fig 4.3: AES Add Round Key

26
2. Rounds
a) Sub-Bytes
In this step, each byte of input data is replaced by another byte from the substitution table(S-
box).

Fig 4.4: AES S-Box

In the Sub Byte operation, each byte in the state is replaced with its entry in a fixed 8bit lookup
table, S-Box; S’ij = S-Box (Sij)

27
 Figure 4.5: AES sub-bytes
b) Shift Rows
In the Shift Rows operation, the byte in each row of the state is shifted cyclically to the left. The
number of places each byte is shifted differs for each row.

Figure 4.6: AES Shift rows

28
c) Mix Columns
In the Mix Columns operation, each column of the state is multiplied by a constant matrix.

Fig 4.7: AES Mixcolumn Process

d) Add Round Key
In the AddRoundKey operation, each byte of the state is combined with a byte of the round
subkey using XOR operation. Same as in initial round.
3. Final Round
Final round involves only three operations:
a) Sub-Bytes
b) Shift-Rows
c) AddRoundKey

3. The Decryption Process

The decryption process is same as Encryption process but the key in the decryption rounds are
feed in reverse order as shown in figure (13). The operations involved in AES decryption process
are:
1. Rounds:
Rounds in decryption process contains inverse operation than that of encryption process. The

29
operations involved in decryption rounds are:
a) Inverse Sub Byte
This process is done in decryption process. In this step, each byte of input data is replaced by
another byte from the inverse substitution table. This operation is similar to Sub Byte operation
during encryption but only the look-up table is different.

Fig 4.8 AES inverse S-BOX

b) Inverse Shift Rows
In the InverseShiftRows operation, the byte in each row of the state is shifted cyclically to the
left. The number of places each byte is shifted differs for each row.

30
 Fig 4.9: AES Inverse Shift Rows
c) Inverse Mix Column
This is the reverse process of the mix column done during decryption. The multiplication matrix
is different than that of encryption process .it is illustrated below:

Fig 4.10: AES Inverse Mix Column

4.3.3 User Authentication for file
Unique Key is generated and shared between users to authenticate the access to a specific file.
Key for a file differs and is unique for each file depending upon owner user, requester user and
file. The key is generated in this system by the following method:
Key ⊕ Random number = unique Key (this unique key is sent to requesting user)
Where,
Key= Encryption key of the file
Random number=Owner Username⊕ Requester Username

31
 Encryption

Decryption

Fig.4.11 Encryption and Decryption process of AES

32
4.4 RSA key Exchanged Protocol:

RSA public key exchange is an asymmetric encryption algorithm. RSA is used in system to key
exchanges and for encryption of file private key which is used for the AES encryption of the
files. Providing RSA is used with a long key, it has proven to be a very secure algorithm. In the
project while registering the user by RSA library, we generated the public key and private key
for all users. Then RSA algorithm public key is used to encrypting the AES private key.
The RSA algorithm is used for key exchanged between the two users in the system. When the
one user request for the files then the user provided the public key of the user to access the
private key of the files, where each files has its own private key which is stored in database with
encryption by the file uploader user private key. When the user request for the files, the file
owner provides the access for the file, the user can decrypt the file private using the file owner
public key.

4.5 Testing

Black box testing will be used to check the features of system. Functionality of the system will
be checked by providing appropriate inputs and results will be compared with the expected
results.
Test Case 1 Sign In Test Case

Test Test Test Steps Expected

Case Scenario Result
ID
TC-1 Check sign 1) Open App and go to sign in Redirect user
in activity activity. to the main
with valid 2) Fill up the form activity of the
data 3) Click sign in button. App

TC-2 Check sign 1) Open App and go to sign up User Should

in Activity activity. get Respective

33
 with invalid 2) Fill up the form with invalid Error
data data. Messages
3) Click sign in button.

Table 4.4.1: Sign In Test Case

Test Case 2: Encryption and decryption Test Case

Plain-text Cipher-Text Encry After Decryption

ption Decryptio time
Time n

this is test O6"à 0.01 this is 0.01 sec

&È×sud‹Ã¦öã ¤åˆXQÌ1ëÆ3çt sec test

Aes 籅ᙝ⠧•溴챯헵 ﾍ졝ૃ 雾䭰봁六蚦 • 0.01se AES 0.01 sec

encryptio c encryptio
n system 峪춅ሹ 睓輔광 ” 翯嚰 n system
is a block is a block
cipher cipher
encryptio encryptio
n system n system
Lyriothe i• ŒcòªÝa¢e“ìc+¼- 0.02se Lyriothe 0.02 sec
mis "ëÞÔòHõÊb‘F¶ˆA c mis
acigastra ¾ò9þHë=ÓÃ4áñë4 acigastra
is a %W3Ç~ÇÜØGe is a
species of species of
dragonfly dragonfly
in the in the
family family
Libellulid Libellulid
ae, found ae, found
in in
India India

Table 4.4.2 Encryption and decryption Test Case

Test Case 3: Upload File Test Case

Test Test Scenario Test Steps Expected

Case ID Result

34
 TC-6 Check Upload 1.Fill up the form User should
with the valid with valid data get upload
file format. 2.Click post button successful
message and
redirected to
home activity.
TC-7 Check new post 1) Fill up form with User should
done by users invalid data get respective
with invalid 2) Click post button Error
data Messages

Table 4.4.3: Upload File Test Case

Test Case 4: Share Test Case

Test Test Scenario Test Steps Expected

Case ID Result
TC-8 Share the File 1)Select the user User should get
with selective 2)Click share button share successful
user. message and
File should be
share with
selective user
only
TC-9 Check new post 3)Select the user User should
done by users to whom we get respective
with invalid already share files Error
data 4)Click share Messages
button
Table 4.4.4: Share File Test Case
Test Case 5: Request Test Case

Test Case Test Scenario Test Steps Expected

ID Result
TC-10 User view the 1) Select the request User should get
files from user Button of respective request
home and can files successful
request the file message and File
key should be share
with selective
user only
TC-11 Check request User should get
key for already Select the request button respective Error
requested file of respective files Messages

Table 4.4.5: Share File Test Case

35
Test Case 6: Response Test Case

Test Case Test Scenario Test Steps Expected

ID Result
TC-12 User view the 1)Select the response User should
request of key button get response
in user response successful
page message and
private key of
the file is send
to the verified
email of the
user
TC-13 Check response 1)Select the response User should
with invalid Button get respective
email Error
Messages
Invalid email

Table 4.4.6: Response File Test Case

Test Case 7: Download Test Case

Test Case Test Scenario Test Steps Expected

ID Result
TC-14 User can 1)Select the download User should get
download public button response
files directly and successful
for private files message and
user should file downloaded
provides the icon will
private key of appears on the
the respective app and
files download

TC-15 Check response 1)Select the download User should get

with invalid button respective Error
private key Messages

Table 4.4.7: Download File Test Case

36
Test Case 8: Logout Test Case

Test Test Test Steps Expected

Case ID Scenario Result
TC-16 Logging 1) User press Logout button User should
out from be redirected
the App to sign in
page and
session should
be destroyed
Table 4.4.8: Logout Test Case

37
 CHAPTER 5 CONCLUSION AND FUTURE WORK

5.1 Conclusion
This project contributes to provide security to the data stored in the cloud, by encrypting the data
before uploading into the cloud. As encryption consumes more processing overhead, many cloud
service providers will have basic encryption applied only on few data fields. If cloud service
providers can encrypt data, then cloud service can providers can decrypt encrypted data. To keep
the cost low and maintain high sensitive data, it would be better to encrypt the data before
uploading. In this project, we encrypt data using Asymmetric key encryption where private keys
of the files will be stored in the local database. The system generates a single key for accessing
multiple files. Private keys that are stored in the local database.

5.2 Recommendation
In future, Access key generation can be enhanced in the system. If the Access key itself decrypts
the files requested, it would reduce maintenance of private keys in the local database. File
Modification techniques without downloading the file can be improved. The encryption
technique can be enhanced further.To keep the cost low and maintain high sensitive data, it
would be better to encrypt the data before uploading.

38
 References

[1] G. T. Mell P, "The NIST definition of cloud computing," National Institute of

Standardsand Technology, U.S. Department of Commerce., 2012.

[2] "Understanding the Cloud Computing Stack: SaaS, PaaS, IaaS," Rackspace
Support, October 22, 2013.

[3] "Software as a service,".Available: http://en.wikipedia.org/wiki/Software_as_a_service.

[4] "Cloud deployment model," 22 February 2011.
Available: http://blog.thehigheredcio.com/2011/02/22/cloud-deployment-models.

[5] E. Gorelik, "Comparison of Cloud Computing Service and Deployment Models," 2013.

[6] J. McCarthy, "CRN," 14 February 2013.

. Available: http://www.crn.com/slide-shows/cloud/240148574/6-revealing-cloud-storage-
statistics.html.
[7] "Cloud Storage,"Available: http://en.wikipedia.org/wiki/Cloud_storage.

[8] M. Stanley, "Cloud Computing Takes Off," Global Technology and, 2011.
T.-S. Chou, "Security Threats on Cloud Computing Vulnerabilities," International

39