SECURE FILE STORAGE IN THE CLOUD USING HYBRID

CRYPTOGRAPHY
Kota Chandu
Student, CSED
Aurora’s Technological & Research Institute
(Affiliated to Jawaharlal Nehru Technological University, Hyderabad)
Hyderabad, India
chandukota777@gmail.com
Abstract:- Cloud is playing a major role in for the transmission of data among employees. On
industrial, educational, and personal sectors. The user usage, many users today have numerous
storage devices used earlier like CD drives, hard devices. Accordingly, cloud storage provides a
drives, floppy drives are depreciating. Cloud was secure way to store data and access the data from
introduced to all and many sectors got aware of it. their own personal devices. Therefore, cloud
Due to the rapid increase in technology storage has become one of the most beneficial and
tremendous amount of data is created every day. efficient methods to store data online. In cloud
As we know that this large amount is shared computing, the user, instead of saving the data at
among various cloud servers. servers. So, data local storage or hard disk, stores data somewhere
confidentiality becomes difficult as it is necessary at a different location, which can be accessed using
to maintain the privacy of clients' data. internet service. The cloud is basically a broadcast
Cloud computing is beneficial in idioms of low place to share and store information through
fees and accessibility of records. Cloud satellite networks. Every cloud application has a
computing offers a lot of benefits with low fees domain, and the domain of the company is
and of records accessibility via the Internet. responsible for maintaining the large data centers
Ensuring the protection of cloud computing can that provide the security, storage capacity and
be predominating. As customers regularly computing power needed to cultivate all
preserve delicate records with cloud garage information users send to the cloud. In cloud
corporations, however, the one’s corporations storage, the user, other than saving the data at local
additionally may be untrusted. In order to achieve storage or hard disk, stores data at different
security issues, Cryptography comes into the locations, which can be accessed using internet
picture to maintain confidentiality. Using a single service. In the cloud, users can store all kinds of
cryptography technique provides security, but it files, such as text documents, audio, video,
can easily be broken. So, a mechanism called spreadsheets, PDFs, etc. extensive features are
hybrid cryptography comes into the picture where provided by different cloud platforms, including
symmetric cryptographic algorithms i.e., AES, backup options. If data on one’s cloud gets deleted
and an asymmetric cryptographic algorithm i.e., by a wild card, or if the user loses the physical
RSA are used to achieve confidentiality. These storage devices such as a hard disk, then the user’s
algorithms encrypt the files into the cloud and data can be permanently lost. In that case, the
decryption is done by only the authorized user. cloud acts as a backup option.

Keywords: Storage devices, Cloud computing, 2. EXISTING METHODOLOGY :

Hybrid cryptography, Data Security,
Confidentiality. Data Security Issues are the main issue in the
existing system as there is no proper mechanism
I. INTRODUCTION defined to prevent the breaching issues. The
defined techniques i.e., Advanced Encryption
Predominant storage devices such as flash drives, System (AES), RC6 (Rivest Cipher 6), 3DES
hard disks, and other kinds of secondary storage (Triple Data Encryption Standard), and Blowfish
devices are slowly becoming old-schooled. The help to avoid security breaches and maintain data
reason for this is that many all-over elongated confidentiality. These symmetric key cryptography
managements require predictable storage devices algorithms generate a single secret key that is

Electronic copy available at: https://ssrn.com/abstract=4209511

shared among two parties through which they will
achieve confidentiality. The stored file is
completely secured, as the file is encrypted by
using symmetric key cryptography techniques. The
system is very secure and robust. Data of the users
is secured on a cloud server which helps in
avoiding unauthorized access from the outside
world. Data security is a major priority. This
system can be implemented in the banking and
corporate sectors to securely transfer confidential
data. The introduced mechanism is a hybrid
cryptography scenario to supply secure storage and
safe transmission of Confidential Data files. The
file is being encrypted not by just using one
cryptography algorithm but by three to four
encryption algorithms which are AES, 3DES, RC6,
and Blowfish which are responsible for providing
utmost security. These hybrid cryptography
achievements facilitate further by protecting files
stored on the Cloud from unwarranted access,
modification, transfer, and other potential hazards
to data security. With the help of the proposed
security mechanism high security, low delay, and
confidentiality are accomplished. These algorithms
are fast and efficient to store large amounts of data.
Symmetric key encryption can be extremely
secure. It absolutely was selected because of the
industry standard for encryption by the U.S.
National Institute of Standards and Technology
(NIST).
3. LITERATURE SURVEY:
Author - M Naveetha Krishna, T Tamilarasan
Description - The paper focuses on how files are
securely stored on a cloud platform. Also, it
discusses the problem of using only a single
algorithm to encrypt the file and how ineffective it
will be on the cloud. This paper splits the file into
blocks and each block is encrypted using AES,
blowfish, and RC6 algorithms. System
performance is evaluated by calculating the time of
encryption, time of key generation, and decryption
Electronic copy available at: https://ssrn.com/abstract=4209511
time. Performance is analyzed by calculating the
time of Encryption and upload, time of download
and Decryption, and time of key generation. With
the help of multiple sizes of files, the Performance
analysis is performed, and by taking note of the
encryption time of files having multiple sizes and
decryption time of the files, and key generation
time, the results will be attained.
Author - Punam.V.Maitri and Aruna Verma
Description – The problem of using a single
algorithm to encrypt files, the paper uses
AES,3DES, RC4 algorithms for the encryption of
files by splitting them into equal parts and
encrypting each part with the algorithm, and
storing the key in an image file using
steganography. It uses a secret key for encryption
and decryption. The key generation is done using
the random key generation technique. It provides
security to data. Cloud user request for file. Based
upon the request, the user also gets a
steganography image using email which consists of
key information. The reverse process is done for
decryption.
Author - Uttam Kumar, Jay Prakash
Description – It discusses the problem of using
only a single algorithm to encrypt the file and how
ineffective it will be
on the cloud. This paper utilizes symmetric
cryptography algorithms, which splits the file into
blocks and each block is
encrypted using AES, 3DES, blowfish, and RC6
algorithms. Less time is used for the encryption
and decryption process
using the multithreading technique. With the help
of the proposed security mechanism. AES,
Blowfish, RC6, and BRA
algorithms are included for security purposes. All
algorithms have a 128bit key size and file divided
into Eight parts and every part will be encrypted
with the help of the Multithreading technique. key
for data encryption is covered in Image using the
LSB technique. The image is sent to Valid Reviver
using mail for decryption purposes.
Author - Aishwarya S. Dashmukhe and Nilesh
Alone
Description – The problem of data security on
cloud data storage has been the most important
issue. To ensure the
correctness of client data in cloud data storage, the
proposed method encrypts data and stores it in the
cloud and the user
is allowed to modification of data. Cloud storage
issues are solved using cryptography and
stenography techniques.
Block wise Data security is achieved using AES,
RC6, Blow-fish, and BRA algorithms.
Data integrity is accomplished using the SHA1
hash algorithm. The low delay parameter is
achieved using the multithreading technique.
Whenever use makes an effort to upload data on
cloud-first that file is stored in the directory for
short time. In the encryption process, the defined
algorithms are applied to the file and get uploaded
to the cloud.
Author - Bala, Bindu; Kamboj, Lovejeet; Luthra,
Pawan.
Description – It discusses the AES, blowfish, RC6,
and BRA algorithms that are used to provide
block-wise security to data. All algorithm key size
is 128 bits. LSB steganography technique is
introduced for key information security. Key the
information contains which part of the file is
encrypted using which algorithm and key. The file
is split into eight parts. Every part of the file is
encrypted using a different algorithm. All parts of
the file are encrypted simultaneously with the help
Electronic copy available at: https://ssrn.com/abstract=4209511
of the multithreading technique. Data encryption
keys are inserted into a cover image using the LSB
technique. Steganography image is sent to a valid
receiver using email. For file decryption purposes
reverse process of encryption is applied. Cloud
security is a defensive method to protect data and
there are various methods to protect data like
Deterrent controls, Preventive controls, corrective
controls, and detective controls. With the concern
of security, we should keep some points in mind
like privacy, confidentiality, integrity, and so on.
Author - M. Malarvizhi, J. Angela Jennifa Sujana,
T. Revathi.
Description – The main focus of the paper is on the
integrity of files and restoring the files if integrity
is violated. The proposed system uses the pattern
of each protected file to determine its modification.
The method used for pattern generation is
cryptographic hash functions. The system uses a
database that stores the names of files that need to
be protected and their hash codes. To check the
integrity of the file the hash code of the file is
produced and checked with one in the database. If
the file is verified positively then access is granted
otherwise the administrator is alerted and if a saved
copy is available of the same file, then the file is
restored.
Author - Bilal Habib, Bertrand Cambou, Duane
Booher, Christopher Philabaum.
Description -The paper provides a new method to
implement the public key infrastructure. The PKI
has the disadvantage that the mathematical relation
between public and private keys is maintained. The
Paper proposes a new PKI scheme with
addressable elements (PKA). The approach
proposed removes the mathematical relation
between public and private keys using addressable
cryptographic tables.
Author - Shakeeba S. Khan, Prof. R.R.Tuteja.
Description -The proposed algorithm is a
Multilevel Encryption and Decryption algorithm.
Thus, in our proposed work, only the authorized
user can access the data. Even if some intruder gets
the data, he must have to decrypt the data at each
level which is a very difficult task without a valid
key. It is time-consuming as multiple encryption
and decryption take place.
4. PROBLEM STATEMENT:
The users who store their data within the cloud are
at risk of several threats, like stealing hints and
allowing unauthorized users to access the files
within the cloud. Misconfigurations of cloud
security settings are the number one explanation
for cloud data breaches. Since cloud infrastructure
is meant to be easily usable and to enable easy data
sharing, making it's difficult for organizations to
make sure that data is barely accessible to
authorized parties. Also, organizations using
cloud-based infrastructure don't have complete
visibility and control over their infrastructure,
meaning that they have to rely on security controls
provided by their cloud service provider (CSP) to
configure and secure their cloud deployments.
Here, data is encrypted by employing a secret key,
then both the encoded message and secret key are
sent to the recipient for decryption. The leading
problem within the symmetric-key cryptographic
algorithm is critical distribution since it's just one
secret key. The disadvantage is the requirement to
stay the key secret - this might be especially
challenging where encryption and decryption
happen in numerous locations, requiring the key to
be moved safely between locations. During
encryption, the sender selects a file on which he
applies cryptographic algorithms, and thus the
Electronic copy available at: https://ssrn.com/abstract=4209511
encrypted file is shipped to the receiver. Initially,
the key secret is within the hands of the sender, but
the matter here deals with how the secret's given to
the receiver, the sender has many ideas to
distribute the key which are practically impossible.
The man within the middle attack also plays a vital
role in symmetric-key distribution, where an
unauthorized person comes into the image and tries
to urge access to the key. Because there's just one
key the attacker can easily get access to the
information which ends in compromising
confidentiality. While most confidentiality
breaches are unintentional, clients can still suffer
as a result. To attain the above drawback,
asymmetric cryptographic algorithms come to the
rescue to comprehend confidentiality. Asymmetric
encryption solves the matter of distributing keys
for encryption, with everyone publishing their
public keys, while private keys are kept secret. The
Asymmetric-key algorithms work similarly to
symmetric-key algorithms, where plaintext is
combined with a key, input to an algorithm, and
outputs ciphertext. the foremost difference is that
the keys used for the encryption and decryption
portions are different, thus the asymmetry of the
algorithm. The key pair is comprised of a
non-public key and a public key. because the
names imply, that the public secret is made
available to everyone, whereas the private secret is
kept secret. keys used for encryption and also the
secrets employed for decryption vary relying on
the intended use of the asymmetric-key algorithm.
In such a system, anyone can encrypt a message
using the intended receiver's public key, but that
encrypted message can only be decrypted with the
receiver's private key. Public key algorithms are
fundamental security primitives in modern
cryptosystems, including applications and
protocols which supply assurance of the
confidentiality, authenticity, and non-reputability
of electronic communications and data storage.
The hybrid cryptosystem combines the
convenience of a public-key cryptosystem with the
efficiency of a symmetric-key cryptosystem.
Public-key cryptosystems are convenient during
this they're doing not require the sender and
receiver to share a customary secret to speak
securely (among other useful properties). However,
they often rely on complicated mathematical
computations and are thus generally rather more
inefficient than comparable symmetric-key
cryptosystems. In many applications, the high cost
of encrypting long messages during a very very
public-key cryptosystem is prohibitive. this could
be often addressed by hybrid systems by
employing a mix of both. Hybrid encryption is
taken into consideration as a highly secure variety
of encryption as long as the overall public and
personal keys are fully secure. Hybrid encryption
is achieved through data transfer using unique
session keys together with symmetrical encryption.
Public key encryption is implemented for random
symmetric key encryption.
5. PROPOSED SOLUTION :
We propose a method for securely storing files in
the cloud using hybrid cryptography algorithms i.e.
AES, and RSA. We use public-key cryptography
algorithms i.e., asymmetric algorithms. With the
help of hybrid cryptography techniques, we aim in
making the data secure as the entire data is
encrypted using the public key. In our project, we
propose to use HYBRID CRYPTOGRAPHY
during which we used AES and RSA to attain data
security. One of the rationales, why we use Hybrid
Encryption, is because public-key cryptosystems
Electronic copy available at: https://ssrn.com/abstract=4209511
often depend upon complicated mathematical
computations and are thus generally far more
inefficient than comparable symmetric-key
cryptosystems. A hybrid cryptosystem is one that
mixes the convenience of a public-key
cryptosystem with the efficiency of a
symmetric-key cryptosystem. Encrypting a brief
plaintext requires only 1 asymmetric operation
while encrypting an extended message would in
theory require many RSA operations. Instead of
employing a single pair of public and personal
keys, we've got further generated separate key
pairs for every and each file that's to be encrypted.
while this is often a hefty process, this ensures that
the files are safer.
6. RESULTS
User registration: The User has to sign up for the
cloud and should register into any cloud of user
wishes. The details like username, login details,
passwords, and credentials (for paid clouds).
File upload and Download:
1. User has to interact with the GUI interface to
upload or download a file.
FIG NO 1
2. The user has to click on encrypt button and
select a file from the folder.
 5. The private key is stored in user files and
invoked when the user decrypts a specific file.

FIG NO 2

3. Then an encrypted file will be uploaded into the FIG NO 5

cloud.
6. The decrypted file is downloaded into decrypted
files folder and deleted from the temporary folder.

FIG NO 3

4. To decrypt a file the user has to click on the FIG NO 6

select file button and select a file from the menu 7. CONCLUSION AND FUTURE SCOPE
and click the decrypt button.
Asymmetric cryptography algorithm i.e., RSA, and
symmetric key cryptographic algorithm i.e., AES
together work as a Hybrid Cryptographic
Algorithm to make the file secure on the cloud.
The standard interface is provided for the user to
encrypt these files and the encrypted files are
uploaded into the cloud. Google Cloud is used as a
cloud platform to store files securely. RSA
algorithm is used because the performance speed is
faster than the other public-key cryptographic
algorithms. The key distribution problem faced
FIG NO 4 while using a symmetric-key cryptographic
algorithm is solved when the asymmetric-key

Electronic copy available at: https://ssrn.com/abstract=4209511

cryptographic algorithm is used. The combination
of the hybrid cryptographic algorithm makes it
impossible for attackers to get access to the files
because the private key is stored only in the
authorized user system. Users have the ability to
communicate through hybrid encryption. With the
help of these algorithms, Confidentiality is
achieved.
In the future, try to accomplish
authentication, integrity, and confidentiality using
public key cryptographic algorithms.
8. REFERENCES
[1]. U.Veeresh, S.P.Kumar, “ Multi-Cloud
Architecture to Provide Data Privacy and
Integrity” IJCERT, Vol. 2, Issue 9, PP 558-564,
ISSN 2349-7084, September 2015.
[2]. S. Ali Abbas, “Enhancing the Security of
Identity and Access Management in Cloud
Computing using Elliptic Curve Cryptography”,
IJERMT, Volume-4, Issue-7, ISSN: 2278-9359
pages 8-15,2015.
[3]. Kiruthika. R, Jeena. R, “Enhancing Cloud
Computing Security using AES Algorithm”,
IJARCSSE, Volume 5, Issue 3, ISSN 2277 128X,
pp 630-635, March 2015.
[4]. P. Kanchan, “Use of Digital Signature with
Diffie Hellman Key Exchange and Hybrid
Cryptographic algorithm to Enhance Data Security
in Cloud Computing”, Volume 5, Issue 6, ISSN
2250-3153, pp 1-4, June 2015.
[5]. Kranthi Kumar K, Devi T (2018). Secured
Data Transmission in Cloud Using Hybrid
Cryptography. International Journal of Pure and
Applied Mathematics, 119(16), 3257-3262.
Electronic copy available at: https://ssrn.com/abstract=4209511
[6]. Shimbre, N., & Deshpande, P. (2015).
Enhancing Distributed Data Storage Security for
Cloud Computing Using TPA and AES Algorithm.
2015 International Conference on Computing
Communication Control and Automation.
doi:10.1109/iccubea.2015.16.
[7]. Ronak Karani,Tejas Choudhari , Anindita
Bhajan , Madhu Nashipudimath 2020). Secure File
Storage Using Hybrid Cryptography.2020
INTERNATIONAL JOURNAL OF INNOVATIVE
RESEARCH IN TECHNOLOGY, 6(9).
[8]. Shakeeba S. Khan, Prof.R.R. Tuteja, “Security
in Cloud Computing using Cryptographic
Algorithms”, 2015 Anjali Patil, Nimisha Patel, Dr.
Hiren Patel “Secure data sharing using
cryptography in cloudenvironment”, 2016.
[9] Fortune Mata, Michael Kimmel, George
Okeyo, “Enhanced Secure Data Storage in Cloud
Computing Using Hybrid Cryptographic
Techniques (AES and Blowfish).
[10] Kumar, M.A., and Karthikeyan, S., 2012.
Investigating the efficiency of Blowfish and
Rejindael (AES) Algorithms. International Journal
of Computer Network & Information
Security, 4(2), p.22.
[11] Mahalle, V.S. and Shahade, A.K., 2014,
October. Enhancing the data security in Cloud by
implementing a hybrid (Rsa & Aes)
encryption algorithm. In 2014 International
Conference on Power, Automation and
Communication (INPAC) (pp. 146-149). IEEE.
[12] Bhandari, A., Gupta, A. and Das, D., 2016,
January. Secure algorithm for cloud computing and
its applications. In 2016 6th International
ConferenceCloud System and Big Data
Engineering (Confluence) (pp. 188-192). IEEE.

[13] Timilsina, S. and Gautam, S., 2019. Analysis

of Hybrid Cryptosystem Developed Using
Blowfish & ECC with Different Key Size.
Technical Journal,

[14]. Youssef Gahi, Mouhcine Guennoun, Hussein

T. Mouftah, “Big Data Analytics: Security and
Privacy Challenges”, IEEE Symposium on
Computers and Communication (ISCC), Messina,
Italy, June 2016, pp 15-17.

[15]. Laila Fetjah, Karim Benzidane, Hassan El

Alloussi, Othman El Warrak, Said Jai-
Andaloussi,” Toward a Big Data Architecture for
Security EventsAnalytic”, IEEE 3rd International
Conference on Cyber Security and Cloud
Computing, Beijing, China,2016,pp 1-7.

[16]. Natalia Miloslavskaya and Aida

Makhmudova, “Survey of Big Data Information
Security”, 4th International Conference on Future
Internet of Things and Cloud Workshops, Vienna,
Austria, Aug 2016, pp 4-.

[17]. Suliman A. Alsuhibany,” A Space-and-Time

Efficient Technique for Big Data Security
Analytics”, vol. 46, no. 2, Riyadh, Saudi Arabia,
pp.241-284, 2016.

Electronic copy available at: https://ssrn.com/abstract=4209511