Review of Secure File Storage on Cloud using Hybrid Cryptography

— The Digital Revolution has brought with it an exponential growth in the usage of digital computation and along with it, the start of the Information Era. Furthermore, companies are expanding globally and opening offices at various locations across the globe. This has brought the need to make access to data from any location possible and feasible. This is where Cloud Computing and Storage comes into the picture. But with cloud storage comes security risks and data leak possibilities. Hence data security is a very important component of cloud storage. This paper presents a review of a system which stores data on the cloud after encrypting it. Hence even if a security breach were to take place, the attacker would get access to encrypted data, which would still ensure data confidentiality. In this system, the user uploads a file to the portal, it gets encrypted and then uploaded onto the cloud. The user can then download their files from the cloud through the portal, which results in the decrypted (or original) file getting downloaded to their local computer. The system also uses two different hybrid approaches for encryption and decryption, namely AES and RSA algorithms, and AES and Blowfish algorithms, and shows a comparative study on the difference between the two approaches.


I. INTRODUCTION
Traditional storage devices such as flash drives, hard disks and other kinds of physical storage devices are slowly becoming obsolete. The reason for this is that, on the business front, global expansion of companies require data to be shared amongst employees for collaborative working. On the user's personal usage front, many users nowadays have multiple devices, such as one or more mobile/cell phones, tabs, laptops, desktop PCs et cetera. Hence cloud storage provides a way to access one's personal data across all of one's personal devices. Hence more and more people are shifting towards the more convenient option of cloud for storing their data. The ability to access files from remote locations using just a stable internet connection gives cloud an edge over other storage options.
How cloud storage works is that it stores the users' confidential files on the storage servers, and users have the freedom of accessing their files from any location. All of a user's devices such as tablets, laptops, mobile phones, desktop PCs and other technology gadgets can be used to store and access files stored on the cloud. Businesses can also benefit from cloud storage by being able to improve productivity considerably with the help of cloud storage. Cloud storage thus eliminates the need for carrying physical storage devices.
Another advantage of cloud storage is that users can store all kinds of files, such as text documents, images, spreadsheets, videos, PDFs et cetera. Various types of features are provided by different cloud storage providers. Additionally, cloud storage provides a backup option as well. If data on one's local storage gets deleted accidentally, or if one loses the physical storage device such as a hard disk, then one's data can be permanently lost. Also, physical storage devices have a fixed storage capacity, and more the storage capacity, the more it costs. Compatibility or detection issues could possibly arise with physical storage devices. Another issue is that a virus that could inhabit one's computer can move to the flash drive and infect its digital data, or loss due to server failures, employee mistakes, natural disasters are also possible. From the infrastructure point of view, the cost of buying new servers, installing them, and maintaining them is also much higher than the alternative of cloud storage. Buying new servers, installing them, and maintaining them. Additionally, this helps in cutting back on one's energy bill and becoming eco-friendlier.
Cloud storage also help in immediate data exchange, thus giving access to multiple people. This makes this service a perfect tool for both distant and in-house work. Thus, online cloud storage and is beneficial for all types of businesses. Cloud storage is a more cost-efficient platform that does not require a huge investment and it can be actively used for connecting and collaborating with clients and employees. Hence more and more users are turning to cloud storage, making it a very popular alternative to traditional storage options.
II. RELATED WORK Hybrid Cryptography concept is used for securing storage system of cloud. Two different approaches are used to show the difference between less secure and more secure systems. The first approach uses RSA and AES algorithms; RSA is used for key encryption and AES is used for text or data encryption. In the second or we can say more secured approach, AES and Blowfish algorithms are used. In this approach, these two algorithms provide double encryption over data and key which provides high security compared to the first one. [1]. To make the centralised cloud storage secure ECC(Elliptic Curve Cryptography) algorithm is implemented. This approach uses single key for encryption and decryption and complete process takes place at the client side. This methodology performs steps such as: a.Authentication, b.Key generation operation, c.Encryption, d.Decryption. Vol. 9 Issue 02, February-2020 [2]. In this proposed system three step procedure is used. Firstly, Diffie Hellman is used for exchanging keys. Thereafter authentication is performed using digital signature scheme. Finally data is encrypted using AES and then uploaded to the required cloud system. For decryption reverse procedure is implemented. [3]. Combination of RSA algorithm and MD5 to assure various security measures such as confidentiality, data integrity, nonrepudiation etc. It uses RSA key generation algorithm for generation of encrypted key for encryption and decryption process. MD5 digest is used for accepting an input of length up to 128 bit and processing it and generating an output of padded length for encryption and decryption process. [4]. Implementation of Trusted Storage System using Encrypted File System (EFS) and NTFS file system drive with help of cache manager for securing data files. EFS encrypts stored files by automatically using cryptographic systems. The process takes place as follows, firstly application writes files to NTFS which in turn places in cache and return backs to NTFS. After this NTFS asks EFS to encrypt files and heads them towards the disk.
[5]. Cloud Storage Security Service is provided by using separate servers viz. User Input, Data Storage and User Output. Three different servers are used to ensure that failure of any of the servers doesn't harm the data. User Input server is used for storing user files and input data by providing user authentication and making sure the data is not accessed by any of the unauthorized means. Data storage server is the place where the encryption using AES is performed to secure user input and then the encrypted files are transferred to User Output server. User Output Server is the place from where user gets the output file or the decrypted file and use it for further use. the need to invest in hardware, 5. Cloud storage also helps developers collaborate and share their work in a more efficient and speedy manner.
Another advantage of cloud storage could be additional security. The proposed system aims to make the cloud storage system secure using data encryption. Thus, the aim of the proposed system is to increase security of data uploaded onto the cloud by using encryption algorithms to make the system more secure.
The system is designed such that it works in the following way: 1. The user signs in if already registered, or signs up to register themselves by providing their details such as name, email id, phone number, password for account et cetera. 2. The user then selects the file that is to be uploaded by browsing from local storage. 3. The user then selects the encryption algorithm that they want to use. The proposed system provides the choice between using a combination of AES and RSA or AES and Blowfish. 4. The selected file gets uploaded after getting encrypted using the selected encryption algorithm combination. 5. The user also has the option of viewing the files that they have uploaded or have access to and downloading them. 6. On selecting a file to download it, the user is sent the decryption key on their email id that was entered on registration or sign-up. 7. Using this key, the user can download the decrypted or original file. 8. The system also provides a comparison with respect to security between the two hybrid encryption algorithm combinations i.e. AES and RSA hybrid combination and AES and Blowfish combination. The system is thus secure, as it provides a double layer of security. Confidential user login credentials are the first layer of security. The second layer is the encrypted file. Since the file is encrypted and then stored on the cloud, even if an attacker gains access to the cloud, they would only have access to the encrypted files. The file can be decrypted using only the decryption key, which is only sent to the user's email id which was entered during registration/sign-up time.
Therefore, the proposed system is designed to provide cloud storage features to users of the portal such as uploading and downloading files to the cloud, wherein the selected files are first encrypted and then uploaded to the file, and can be downloaded using only secret decryption key. An additional feature is the comparative study between the two hybrid algorithm approaches, namely AES and RSA combination and AES and Blowfish combination.

A. AES Algorithm
The Advanced Encryption Standard (AES) also known as 'Rijndael' is a symmetric-key block cipher algorithm having three fixed 128-bit block ciphers with cryptographic key sizes of 128, 192 and 256 bits respectively.
The AES algorithm has maximum block size of 256 bits whereas Key size is unlimited. The AES design is based on a substitution-permutation network (SPN) and does not use the Data Encryption Standard (DES) Feistel network, thus making it stronger and faster than Triple-DES.
Step-wise description of the algorithm:

Key Expansions:
Round keys are derived from the cipher key using AES key schedule, it also requires a separate 128-bit round key block for each round plus one more. Initial Round: Add Round Key -using bitwise xor each byte of the state is combined with a block of the round key. Rounds: (a) Sub Bytes -according to a lookup table each byte is replaced with another in a non-linear substitution step.

B. Blowfish Algorithm
Blowfish is a symmetric block encryption algorithm designed which is fast, compact, simple and secure to use as: It encrypts data on large 32-bit microprocessors at a rate of 26 clock cycles per byte and can run in less than 5K of memory. It uses addition, XOR, lookup table with 32-bit operands. Also the key length is variable, it can be in the range of 32-448 bits: default 128 bits key length. It is suitable for applications where the key does not change often, like communication link or an automatic file encryptor. It is unpatented and royalty-free.

Description of Algorithm:
Blowfish symmetric block cipher algorithm encrypts block data of 64-bits at a time. It will follow the 16 rounds Feistel network and this algorithm is divided into two parts.  The Rivest-Shamir-Adleman (RSA) algorithm is one of the most popular and secure public-key (asymmetric) cryptographic methods.
Since there is no efficient way to factor very large (100-200 digit) numbers, the algorithm capitalizes on the fact.
Following is the algorithm using an encryption key as (e,n): 1. Message is represented as an integer between 0 and (n-1). Large messages are broken-up into a number of blocks which are then represented by an integer in the same range.
2. Encrypt the message by raising it to the eth power modulo n resulting in a ciphertext message C.
3. To decrypt that message, raise it to another power d modulo n.
The encryption key (e,n) is made public while the decryption key (d,n) is kept private by the user.
The Appropriate Values for e, d, and n are determined as follows: 1. Choose two very large (100+ digit) prime numbers represented as p and q.
2. Set n equal to p * q. 3. Choose any large integer d, such that GCD(d, ((p-1) * (q-1))) = 1 4. Find e such that e * d = 1 (mod ((p-1) * (q-1))) V. CONCLUSION This project implements a double stage encryption algorithm that provides high security, scalability, confidentiality and the easy accessibility of multimedia content in the cloud. The proposed algorithm is crucial in the second stage, the randomly generated key provides more security than the conventional encryption system. The ciphertext is stored in the cloud instead of original multimedia content. The cipher text is undoubtedly hard to recover the original content for random asymmetric key. Wide application of the proposed algorithm protects the information from the side channel attacker to grab the multimedia data from the cloud. Thus, the multimedia content is safe in the cloud.