This document is a project report that proposes developing a web application to securely store files on a cloud server using hybrid cryptography. It aims to address data security and privacy issues for cloud storage. The application would use a hybrid cryptography technique combining symmetric and asymmetric encryption to encrypt files before uploading them to the cloud. Only authorized users with decryption keys would be able to access and download encrypted files from the cloud server. The report outlines the problem statement, objectives, methodology, design, and implementation of the proposed application to provide secure file storage on the cloud.

1. SECURE FILE STORAGE ON CLOUD USING HYBRID
CRYPTOGRAPHY
A PROJECT REPORT
submitted by
ALIN BABU (SCT15CS007)
AKSHAY P S (SCT16CS008)
RAHUL M (SCT16CS046)
to
the APJ Abdul Kalam Technological University in the partial fulfillment of the
requirements for the award of the degree
of
Bachelor of Technology
in
Computer Science and Engineering
Department of Computer Science and Engineering
Sree Chitra Thirunal College of Engineering,
Thiruvananthapuram - 18
JUNE, 2020

2. DECLARATION
I undersigned hereby declare that the project report "Secure File Storage on Cloud
using Hybrid Cryptography", submitted for partial fulfillment of the requirements for the
award of degree of Bachelor of Technology of the APJ Abdul Kalam Technological University,
Kerala is a bonafide work done by me under supervision of Smt. Soja Salim, Assistant
Professor, Department of Computer Science and Engineering, SCT College of Engineering.
This submission represents my ideas in my own words and where ideas or words of others have
been included, I have adequately and accurately cited and referenced the original sources.
I also declare that I have adhered to ethics of academic honesty and integrity and have
not misrepresented or fabricated any data or idea or fact or source in my submission. I
understand that any violation of the above will be a cause for disciplinary action by the
institute and/or the University and can also evoke penal action from the sources which have
thus not been properly cited or from whom proper permission has not been obtained. This
report has not been previously formed the basis for the award of any degree, diploma or
similar title of any other University.
Place Signature
Date Name of the student

3. DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING
SREE CHITRA THIRUNAL COLLEGE OF ENGINEERING
THIRUVANANTHAPURAM - 18
CERTIFICATE
This is to certify that the report entitled Secure File Storage on Cloud using Hy-
brid Cryptography, submitted by Alin Babu (SCT15CS007), Akshay P S (SCT16CS008)
and Rahul M (SCT16CS046) to the APJ Abdul Kalam Technological University in partial
fulfillment of the requirements for the award of the Degree of Bachelor of Technology in
Computer Science and Engineering is a bonafide record of the project work carried out by
our guidance and supervision. This report in any form has not been submitted to any other
University or Institute for any purpose.
Internal Supervisor(s) External Supervisor(s)
UG Coordinator Head of Department

4. ACKNOWLEDGMENT
We express our sincere gratitude to all the faculty members of the Department of
Computer Science and Engineering, SCT College of Engineering, Thiruvananthapuram for
their relentless support and inspiration. We are ever-grateful to our families, friends and
well-wishers for their immense goodwill and words of motivation.
We would like to express a note of deep obligation to our guide, Smt. Soja Salim,
Assistant Professor, Department of Computer Science and Engineering, SCT College of En-
gineering, for her excellent guidance and valuable suggestions. It was indeed a privilege to
work under her during the entire duration of this preliminary study. She has immensely
helped us with her knowledge and stimulating suggestions to shape this study, refine argu-
ments and present it to the best of our abilities.
We are indebted to Dr.Subu Surendran, Professor, and Head of the Department of
Computer Science and Engineering, SCT College of Engineering, for inspiring us to strive
for perfection. We are also thankful for the support and encouragement offered by our staff
advisor Smt. Kuttymalu V K, Assistant Professor, Department of Computer Science and
Engineering, SCT College of Engineering for the successful completion of this project.

5. ABSTRACT
Cloud computing has now become a major trend, it is a new data hosting technology
that is very popular in recent years. In this project, we are developing a web application
that can securely store the files to a cloud server. We propose a system that uses a hybrid
cryptography technique to securely store the data in the cloud. The hybrid approach when
deployed in the cloud environment makes the remote server more secure and thus, helps the
users to fetch more trust of their data in the cloud. For data security and privacy protection
issues, the fundamental challenge of separation of sensitive data and access control is fulfilled.
The cryptography technique translates original data into an unreadable form. This technique
uses keys for translating data into an unreadable form. So only authorized persons can access
data from the cloud server.

6. CONTENTS
LIST OF ABBREVIATIONS iii
LIST OF FIGURES v
1 INTRODUCTION 1
1.1 Problem Statement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
1.2 Motivation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
1.3 Objective . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
1.4 Scheme of Project Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.5 Methodology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.6 Schedule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
1.7 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
2 LITERATURE SURVEY 7
2.1 Hybrid Cryptography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.2 Steganography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.3 Attribute-Based Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.4 Owner Defined Attribute Encryption . . . . . . . . . . . . . . . . . . . . . . 12
2.5 Cloud Oriented Distributed and Encrypted File Storage (CODEFS) . . . . . 13
3 METHODOLOGY 15
3.1 Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
3.2 Design . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
3.3 Implementation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
i

7. 4 RESULTS AND DISCUSSION 23
4.1 Performance Evaluation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
4.2 Testing and Validation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
4.3 Discussion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
5 CONCLUSION AND FUTURE WORK 26
5.1 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
5.2 Future work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
REFERENCES 28
APPENDIX 30
ii

8. LIST OF ABBREVIATIONS
UI User Interface
ER Entity Relationship
MB Mega Bytes
GB Giga Bytes
VD Verifiable Delegation
AES Advanced Encryption Standard Algorithm
RSA Rivest Shamir Adelman Algorithm
RC6 Rivest cipher 6 Algorithm
RC4 Rivest cipher 4 Algorithm
LSB Least Significant Bit Stenography
CSP Cloud Service Provider
CSS Cascade Style Sheet
RAM Random Access Memory
AWS Amazon Web Service
EC2 Elastic Compute Cloud
RDS Relational Database Service
iii

9. URL Uniform Resource Locator
HTML HyperText Markup Language
BLOB Binary Large Object
CPABE Cipher-text Policy Attribute Based Encryption
KPABE Key Policy Attribute Based Encryption
CODEFS Cloud Oriented Distributed and Encrypted File Storage
iv

10. LIST OF FIGURES
2.1 Uploading File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
2.2 Downloading File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
3.1 Overall System Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
3.2 Activity Diagram - Upload . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
3.3 Activity Diagram - Download . . . . . . . . . . . . . . . . . . . . . . . . . . 18
3.4 Use case diagram . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
3.5 Technology Stack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
3.6 ER Diagram . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
4.1 Test Plan 1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
4.2 Test Plan 2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
4.3 Test Plan 3. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
4.4 Test Plan 4. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
5.1 The first page of the User Interface. . . . . . . . . . . . . . . . . . . . . . . . 30
5.2 The home page of the website describing the services. . . . . . . . . . . . . . 30
5.3 The home page of the website describing about the application. . . . . . . . 31
5.4 The home page of the website with contact form. . . . . . . . . . . . . . . . 31
5.5 User registration page. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
5.6 User login page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
5.7 User account dashboard page. . . . . . . . . . . . . . . . . . . . . . . . . . . 33
5.8 User account file uploaded file lists page. . . . . . . . . . . . . . . . . . . . . 33
5.9 User account upload file page. . . . . . . . . . . . . . . . . . . . . . . . . . . 34
5.10 User account downnload uploaded files page. . . . . . . . . . . . . . . . . . . 34
v

11. 5.11 User account settings page. . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
5.12 User account information page. . . . . . . . . . . . . . . . . . . . . . . . . . 35
vi

12. CHAPTER 1
INTRODUCTION
Cloud computing is the on-demand availability of computer system resources, especially
data storage and computing power, without direct active management by the user. The
term is generally used to describe data centers available to many users over the Internet.
Large cloud predominant today, often have functions distributed over multiple locations from
central servers. If the connection to the user is relatively close, it may be designated an edge
server.
To store a huge amount of data cloud computing is used nowadays. We can retrieve
any data from the cloud, when the user requests it. Many issues are faced while storing
the data, the solution for these issues we are using a hybrid cryptography technique. In
this system, we use three cryptography algorithms for providing block-wise security to the
data. Here a file is divided into three parts and each of the three algorithms acts upon these
separately to provide more data security and confidentiality.
1.1 Problem Statement
Cloud computing has now become a major trend, it is a new data hosting technology that
is very popular in recent years. Most of the cloud is a cryptographic system that uses only
a single algorithm for encryption and decryption. This results in easier access to data and
low confidentiality. So, our aim is:
1. To develop web applications that can securely store the files to a cloud server.
1

13. 2. To propose a system that uses a hybrid cryptography technique to securely store the
data in the cloud.
3. To makes the remote server more secure.
4. To help the users to fetch more trust of their data in the cloud.
5. To provide data integrity and security.
6. To store data in a distributed manner in an encrypted format using hybrid cryptogra-
phy.
1.2 Motivation
The primary motivation of this project is to provide secure file storage in the cloud. Usually,
the cloud we are using uses only a single algorithm for encryption which provides less data
integrity and security to the system. So with the help of hybrid cryptography, we can securely
store the data and apart from that, we store these data into separate virtual nodes designed
in the cloud.
1.3 Objective
The core objectives of this project are listed below:
• Providing more secure cloud with hybrid cryptography.
• Cost and time efficient.
• Real-time monitoring.
• Increases data integrity and confidentiality of the existing system.
• Eliminates third party access of system.
• Provides more authentication.
• More reliable than existing system.
2

14. 1.4 Scheme of Project Work
The project undertaken contains an array of sub tasks and a limited time to carry out in
order to finish the project on time with the mentioned specifications. So that, managing the
various tasks by scheduling and allotting to the right person is very crucial. With various
frameworks like Django, Bootstrap are used to produce application, the cloud integration
through AWS RDS and deployment in the AWS EC2 instance, a modern project management
methodology was required for our successful completion.
1.5 Methodology
In this project, we are using mainly three algorithms to implement our system. We use AES,
DES, RC4 algorithms for cryptographic functions. Also, we use the LSB steganography
technique to implement the secret key hiding. the cryptographic function is achieved using
Python library cryptography and steganography is implemented using the stegano python
library. More details about other implementations can be seen in the chapter 3. The project
is developed using an agile development methodology. With the rising popularity of agile
development methodology, and our projects had lesser iterations to be done, we decided to
adopt the Agile-Kanban methodology for managing our project. The management of the
project was done on the open-source platform, Ora Project Management. The basic Agile-
Kanban methodology consists of four phases of a process, i.e. To-Do, In-Progress, Testing,
and Backlog. The tasks that are tested and validated are moved to the Done section. In this
methodology of project management, each process moves in like they are moving through
the assembly line and it is a methodology that has been proved to be very effective in not
only the software industry but others as well. Using the tool helps us specify various things
about tasks like a detailed description of the task, the checklist of things to ensure the task
completion, type of task, deadline, the person it is assigned to, etc. Overall, it is a very
powerful free tool that has eased project tracking and management for us. We have adopted
the idea of daily stand-ups to keep track of each of our progress. This has helped us a lot
to keep the project workflow along with other academic tasks. Also, this is very effective
3

15. in figuring out problems and hurdles in our tasks. We also record the minutes of our short
stand-up sessions.
1.6 Schedule
To estimate the time required for each of the tasks and to fix a timeline, we used Ora
Project management.Through this project management each tasks can be assigned to the
team members selected to perform the tasks. Each tasks is performed by either one or more
members together. The project is divided into different phase according to nature of the
tasks as follows:
• Project Conceptualization Phase: The entire requirement gathering, analysis of
the resources, developing the detailed problem statement for our project, etc was de-
veloped during this phase.
• Platform Finalization: During the Platform Finalization phase, we analyzed differ-
ent platforms according to our use cases. We had to decide upon various things like,
the cloud platform, the hardware requirements, the various libraries, the dataset, etc.
All this was done during this phase.
• Frontend development: The first development after the requtirment and platform
finalization is the development of the front end.In this phase we had designed and de-
veloped the User Interface of our application. The interaction between the application
and end user is through user interface, so designed a simple and clear UI is needed one.
• Backend developemt: In this phase the actual development of our application hap-
pens. the development in this phase should be the processing the input and database
interaction.The main working application part is developed in this phase.
• Database Development: This phase is the designing of database and also the cre-
ation of database system. The database server is also set up in this phase and connec-
tion to the application is also created.
4

16. • Deployment Phase: This phase deals with the deployment of the application on the
cloud web server. Here, the application will be validated by manually checking all the
functions, for correct outputs and notifications.The database was also tested in this
phase.
• Testing and Evaluation: During this phase the testing and the final evaluation
of the application was carried out.Various issues were figured out and corrected.The
project was completed successfully by April and the work was documented.
1.7 Overview
Chapter 1 provides a brief introduction about the proposed system. It also discusses mo-
tivation, background, objectives, scheme of work and all the application scenarios of the
proposed system
The literature review that we have done to implement the system functionalities has
been defined in depth in Chapter 2. This chapter will discuss various research papers and
the various concepts the team has evaluated to solve the problem. The ideas got from
these literature review is used to develop the idea behind the proposed system. The chapter
discusses details about each paper the team had studied for the project.
The different sources used to build the application,various algorithms and procedures
applied and various specifications about the end-to-end architecture(including database and
technology stack) of the system has been covered in detail in Chapter 3.
In Chapter 4 we will discuss the performance and evaluation of our application.The
performance of our system which was tested using manual testing also different test cases
and the final output and validations of the application has been covered in detail in this
chapter.
Chapter 5 discusses the various possibilities of improving the application performance
by increasing the upload file size limit and also the provision of uploading more different
5

17. kinds of files other than text files.Thus the techniques adopted by the system, its various
capabilities and drawbacks have been defined precisely in this report.
6

18. CHAPTER 2
LITERATURE SURVEY
The proposed system has been implemented after extensively studying various related works
in hybrid cryptography, steganography, attribute-base encryption and cloud-oriented dis-
tributed file storage.
2.1 Hybrid Cryptography
A hybrid cryptosystem is a protocol using multiple ciphers of different types together, each
to it’s best advantage. One common approach is to generate a random secret key for a
symmetric cipher, and then encrypt this key via an asymmentric cipher using the recipient’s
public key. The message itself is then encrypted using the symmetric cipher and the secret
key. Both the encrypted secret key and the encrypted message are then sent to the recipient.
[1] proposes the cryptography technique translates original data into an unreadable form.
The cryptography technique is divided into symmetric-key cryptography and public-key
cryptography. This technique uses keys to translate data into an unreadable form. So only
authorized persons can access data from the cloud server. Cipher-text data is visible for all
people. In the existing system, a single algorithm is used for data encryption and decoding
purposes. But the use of a single algorithm is not accomplished high-level security. If we
use a single symmetric key cryptography algorithm then we have to face a security problem
because this type of algorithm applies a single key for data encryption and decryption. So
the key transmission problem occurs while sharing key into a multi-user environment. Public
key cryptography algorithms accomplish high security but the maximum delay is needed for
data encryption and decryption.
7

19. To solve the above issues, we have introduced a new security mechanism. AES and RSA
algorithms are used in hybrid algorithms that require a single key. In the hybrid algorithm,
three keys are used. For data upload on cloud mandatory keys are AES secret key and RSA
public key. The private key of RSA and AES secret key is essential to download data from the
cloud. Whenever the user makes an effort to upload data on to the cloud, first that file will
be stored onto the directory for a short time. In the encryption process first AES algorithm is
applied on file after that RSA algorithm is applied on encrypted data. The reverse process is
followed for decryption. After applying keys that file convert into encrypted form and stored
on the cloud server. The advantages of the hybrid algorithm are data integrity, security,
confidentiality, and availability. The disadvantage of the RSA algorithm is a large amount of
time essential for data encryption and decryption. In In security model, symmetric algorithm
uses chunk level encryption and decryption of data in cloud computing. The key size is 256
bits. The key is rotated to achieve high-level security. For data integrity, purpose hash value
is generated. Hash values are garnered after encryption and before decryption. If both hash
values match than that data is incorrect form. In this security model only, valid users can
access data from the cloud. The advantages of the security model are integrity, security, and
confidentiality. Three algorithms are used for the implementation of the hybrid algorithm.
User authentication purpose digital signature is used. Blowfish algorithm is used to produce
high data confidentiality. It is a symmetric algorithm. It uses a single key. The blowfish
algorithm needs the least amount of time for encoding and decoding. The subkey array
concept is used in the blowfish algorithm. It is a block-level encryption algorithm.
The main aim of this hybrid algorithm is achieved high security to data for upload
and download from cloud. Hybrid algorithm solves the security, confidentiality and authen-
tication issues of cloud. In this proposed system AES, RC6, Blowfish and BRA algorithms
are used for block wise security to data. Proposed system is hybridization of AES, RC6,
Blowfish and BRA. All algorithms are symmetric key cryptography. These algorithms use
a single key for file encryption and decryption purpose. All algorithms key size is 128 bits.
To hide key information into cover image using LSB technique. Implementation of proposed
8

20. system is done using java language. File encoding and decoding time is calculated with the
help of java programming. File encryption and decryption time is calculated for only text
file with comparison of existing AES and Blowfish algorithms. File size is given in MB for
AES algorithm. That is 1MB, 2MB, 4MB and 8MB.For encryption and decryption time
calculation of blowfish algorithm for given file size 100KB, 200KB, 400KB and 800KB is
calculated in sec.
2.2 Steganography
Steganography is the technique of hiding secret data within an ordinary, non-secret, file or
message in order to avoid detection; the secret data is then extracted at its destination. [1]
also proposes steganography to hide the secret data existing into an envelope. In this tech-
nique existence of data is not visible to all people. Only valid receiver knows about the
data existence. Text steganography technique is used to produce high security for data.
Secret data of user hide into text cover file. After adding text into text cover file, it looks
like normal text file. If text file found by illegitimate user, then he cannot get sensitive
data. If illegitimate user tries to recover original data than large amount of time is used
for text encryption and decryption. Advantage of text steganography technique is providing
security to text. Minimum space is essential for text steganography as compare to image
steganography. [1] uses three-bit LSB technique for image steganography. Sensitive data of
user is hidden into cover image. We can hide huge amount of data/key into image using
LSB steganography technique.
2.3 Attribute-Based Encryption
Attribute-based encryption is a type of public-key encryption in which the secret key of a
user and the ciphertext are dependent upon attributes, [2] proposes this method of encryp-
tion. Distributed computing empowers pervasive access of the information assets. Remote
information stockpiling and Outsourced designation calculation and so on., these are the
9

21. information administrations which cloud servers can offer in distributed computing condi-
tions. For guaranteeing the information privacy and the unquestionable status of appoint-
ment, Cipher-text-Policy Attribute Based Encryption (CPABE) and verifiable delegation
(VD) are utilized on cloud servers. There are two sorts of characteristic based encryption.
To start with is Key Policy Attribute Based Encryption (KP-ABE) and the second is cipher-
text-approach characteristic based encryption. Amid a KP-ABE framework, the decision of
access approach is shaped by the key merchant rather than the enciphered, that restrains
the utility and incentive for the framework in sensible applications. In actuality, in a CP-
ABE framework, each cipher text is identified with relate in Nursing access structure, and
each non-open mystery is labelled with a gathering of graphic characteristics. A client is
prepared to rework a cipher-text if the keys quality set fulfils the entrance structure related
with a cipher-text. Evidently, this strategy is theoretically nearer to antiquated access ad-
ministration ways. Then again, amid an ABE framework, the entrance arrangement for
general circuits can be believed to be the most grounded kind of the strategy categorical-ion
that circuits will express any program of settled period. Assignment processing is another
fundamental administration gave by the cloud servers. The clients, who wish to get to the
information documents, decide on to not deal with the propelled technique for unscram-
bling locally because of confined assets. Rather, they are perhaps to source a piece of the
cryptography strategy to the cloud server.
While the untrusted cloud servers who can make an interpretation of the underlying
ciphertext into a direct one may take in nothing with respect to the plaintext from the assign-
ment. Specialists recommended those perfect to attribute-based encryption (ABE). With
coming about meets desires journalists focused once methodologies transversely over Differ-
ent forces and the issue from guaranteeing the thing that expressions they could accomplish.
Up until recently, journalists brought up an improvement for seeing KP-ABE for all circuits.
Previous on this method, the strongest show fate of proclamation will be Boolean formulas
done ABE systems, which might be still a long route beginning with Hosting the capacity
on express right control in the structure of whatever framework alternately circlet. Actually,
10

22. there considerably presently sit tight two issues. The individuals regardless you quit offering
on that one may be their need no improvement to understanding CP-ABE for every one
circuits, which may be conceptually closer ought widespread passage control. Those inverses
might be identifier with those efficiency, since the individuals exiting out ABE arrangement
will make simply A contact encryption representative. Thus, it may be clearly at present
sits tight a pivotal open issue for framework A proficient ring round CPABE arrangement.
The steps in uploading and downloading of files propsed in [2] are as follows -:
1. Encrypting party who upload file (i.e. .txt) his encrypted data will be stored in the
cloud and generate public and master Key.
2. Authority attribute key generator (i.e. Public, Private, Master) center (trusted third
party).
3. User’s decrypting party who download file select attribute and encrypted file.
4. User’s decrypting party who outsources the most overhead computation to the cloud
Using Public and Own Private Key.
5. System generate public, private and master key based on key attribute.
6. Decrypt file using encrypted file using public key and private key.
7. User verify file using MAC value. To check that downloaded file is correct file or not.
Figure 2.1: Uploading File
11

23. Figure 2.2: Downloading File
2.4 Owner Defined Attribute Encryption
The owner defined attribute-based encryption allows a data owner to define the access control
policy and enforce it, [3] proposes the owner defined attribute-based encryption and stores
data in different cloud servers. The phrase Cloud specifies to a Network or Internet. In
another term, we can say that Cloud is something, which is present at remote location.
Cloud computing is commonly used technology in the IT infrastructure. Cloud computing
offers more storage capacity. Use advanced computer skills to learn and solve problems.
Cloud computing is a long-dreamed vision of the usefulness of the computer, which is present
on the Internet to accumulate, store data rather than a personal computer or hard drive.
Currently, cloud computing technology is mainly used to store large amounts of data. In
this environment, cloud servers consider different types of services, such as remote processing
of information and processing of outsourced delegation data. Cloud Computing used to
controlling, aligning, and obtaining the hardware and software resources remotely. The
cloud server used to insert a wide range of information, which can only be accessed by
authorized users. In the delegation process, servers are used to manage and determine data
based on user requirements. The result shows, attribute-based encryption. However, there
are some problems and queries regarding the previous related works. For example, during
the delivering or publishing data, the cloud servers can edit the text and provide fake result.
In addition to cost savings, the cloud server can state that eligible users are not allowed
to access any of the file. Access policies are also not very flexible when converting plain
text to encrypted text. Because the circuits are used to provide a secure access structure, a
construction is provided to design the encryption based on attributes of cryptographic text
criteria with the established time interval.
12

24. In [3] system, every time the owner uploads a file, it is labelled with a set of attributes
that include an access structure (department, work profile, experience) also time, date and
location given. Our system is adding three different locations for a time interval. For
accessing file which is uploaded by owner, user should be present in one of these locations
and within the time interval which is given by owner. If all this attribute gets matched
then file be downloaded by user. The user can decrypt the encrypted text and download
the file if all the attributes match the owner’s set of attributes. This system is combined
with a verifiable calculation, confidentiality in which only the authorized user/owner can
access the data, detailed access controls. It also gives us the guarantee of the correction of
the delegated computer results. Furthermore, this scheme achieves feasibility and efficiency.
Taking the organization’s data exchange as an example where the attributes are department,
work profile, experience, time, date, location. Owner is one who wants to send file and user
is one who will able to access the information within a file given by owner. The condition is
that the file must be accessible to the user that meets the established requirements.
When the file is stored on the cloud, it must be in a secure form, or security must
be provided. So, let’s divide a file into fragments. Each node will only store a fragment
for a single file. It gives the guarantee that even if the attacker hacked any file, no valid
information will be given to the attacker. We will get any individual fragment that does
not contain the appropriate information. The nodes that store each of the fragments are
separated from the concept of T-coloring. When using T-coloring, the attacker will not be
able to guess the position of the other fragments.
2.5 Cloud Oriented Distributed and Encrypted File Storage (CODEFS)
In the paper written by [4] found that Data outsourcing to a third-party control, as is done in
cloud computing, gives rise to security concerns. The data might get modified or be subjected
change due to frequency of attacks by other users and cloud nodes. And, so high security
measures are required to protect data within the cloud. In the proposed methodology of
paper [4], Cloud Oriented Distributed and Encrypted File Storage (CODE-FS), the file is
13

25. first encrypted and then uploaded to the server where it is divided into shards and these
shards are distributed over multiple cloud nodes. Each and every node contains only a
single shard of a particular file of any format uploaded by user which ensures that if any
attack takes place no important data is compromised. The file transfer between all entities
in the network will be end-to-end encrypted, thus ensuring that no entity will get access
to sensitive information. Moreover, the nodes storing the shards are calculated based on a
custom algorithm to fool an attacker for calculating the locations of the shards. Therefore,
to secure data in the cloud, high safety and reliable measures are required. Shards of the
same file will not be stored on consecutive or adjacent nodes, thus preventing the attacker
from guessing the location of other shards. The files that are selected for upload by the user
will be encrypted at the client side before uploading and will be decrypted after the user
downloads it, with the user’s key.
14

26. CHAPTER 3
METHODOLOGY
3.1 Data
The data in this project is the file uploaded by the user. In this project, we are considering
the text files only. The file formats like .txt and .csv are used as our input data. Also, we
had restricted the size of the file we handle to 40 MB. The reason for enforcing the restriction
is mainly because the larger file will take more time to upload. Since the file upload speed
is low, we will only consider the file size of 40 MB as maximum. The processing of text files
is more any other file. The application mainly takes text files of size less than or equal to 40
MB.
3.2 Design
3.2.1 Requirement Analysis
The project mainly uses three components for the system to be implemented. The compo-
nents like web framework, database and cloud server.
Web Framework : In this project we mainly use two web frameworks like bootstrap [5]
and Django [6]. The later one supports python which is used as our server-side scripting
language. The latest bootstrap framework is used to design user interface of our system.
Database : Database is a major part of our project to store files and login credentials. In
this project we use MySQL database in AWS RDS.We use different database servers to store
files separately and all this database will be MySQL database deployed in different locations
of AWS RDS.
15

27. Cloud Server : The relevant component of our project is a cloud server. For the cloud
server, we will be using AWS. The database is also stored in the cloud so as mentioned above
in the database we will AWS RDS. For the webserver, we had created an AWS EC2 instance
and deployed our project in that instance
3.2.2 System Architecture
A system architecture or systems architecture is the conceptual model that defines the struc-
ture, behaviour, and more views of a system. It is integral to understand the system archi-
tecture of a system in order to identify sub modules of the problem at hand and moreover,
the relationship between these components. A block diagram is a diagram of a system in
which the principal parts or functions are represented by blocks connected by lines that show
the relationships of the blocks. They are heavily used in engineering in hardware design,
electronic design, software design, and process flow diagrams. Block diagrams are typically
used for higher level, less detailed descriptions that are intended to clarify overall concepts
without concern for the details of implementation. They are typically used for higher level,
less detailed descriptions that are intended to clarify overall concepts without concern for
the details of implementation. Block diagrams rely on the principle of the black box where
the contents are hidden from view either to avoid being distracted by the details or because
the details are not known. We know what goes in, we know what goes out, but we can’t see
how the box does its work.
The figure 3.1 below shows the overall system architecture of the proposed system. It
consists of mainly two sections, user interface section and cloud server section. In the user
interface section, it consists of user login, registration, file upload option, and download. On
the cloud side, it consists of a cloud server with three different virtual nodes. When the
user first login, he can upload the file. In the upload file process, first the file is split into
three parts then each part is encrypted with three different cryptography algorithm. After
encrypting, the key is stored into an image and send to the user. Then each part is stored
in three different nodes of the cloud server. In the download phase, the encrypted parts of
16

28. the file are retrieved and then decrypted. The decrypted parts are recombined to form the
original file.
Figure 3.1: Overall System Architecture
3.2.3 Activity Diagram
The activity diagram of our project consists of two phases: upload and download phase. The
figure 3.2 shows the upload phase. Before uploading a file, user must login into their account
if they are a new user, they should signup. After login the file to upload is selected and it
is split into three parts. Each part is encrypted using AES, DES and RC4.This encrypted
part are then uploaded to the cloud server.
The figure 3.3 shows the download phase, where user request a file from the server
and encrypted parts are retrieved from the server. The retrieved parts are decrypted and
combined together. The combined file can be now accessed by the user.
17

29. Figure 3.2: Activity Diagram - Upload
Figure 3.3: Activity Diagram - Download
18

30. 3.2.4 UML Use case Diagram
Our principle use case of this project is a file owner/User using our system. The user can
perform upload, download, share files. Once the user opens our application, he must specify
the login credentials and verify its authenticity. After verify the credentials he can perform
the operations mentioned earlier. The figure 3.4 shows the use case of a user using our
system. .
Figure 3.4: Use case diagram
3.3 Implementation
3.3.1 Technology Stack
The technology stack for the proposed system is illustrated in figure 3.5. The main tech-
nology we used to build our system is mainly Django. Django is a high-level Python Web
19

31. framework that encourages rapid development and clean, pragmatic design. The user in-
terface is developed using HTML5, CSS3, JavaScript, jQuery and we had also used the
Bootstrap4 framework. Python is used as a server-side scripting language. The system
uses the Apache webserver which is installed on AWS EC2 instance with Ubuntu OS on it.
MySQL is used as the database management system. The MySQL database server is hosted
from AWS RDS. A relational database Scheme is employed. The web application is light
and there is no additional overload.
Figure 3.5: Technology Stack
3.3.2 User Interface
The considerations with which the UI has been designed are discussed below:
• Make it simple.
• Users should know the details of uploaded files.
• Deliver easy to understand visualizations.
20

32. • User info and number of files a user had uploaded are to be shown.
• Easy to use.
The user interface is the main part apart from the backend. The user interacts with
a web application through the user interface. The user-interface consists of the basic home
page, login and redirect page, account dashboard page, file upload page, file download page,
uploaded files list page, account info page, and an account page.
The dashboard displays the number of files a user uploaded and also some useful info.
The uploaded file list page displays the list of uploaded files with the option to delete the
file and also regenerate a key file. The download page also consists of a list of uploaded files
with a download option. The account info page provides the details of a user account. The
settings page provides an option to change account info except for email and userid. It also
provides an option for account password changing and also account deletion.
3.3.3 Database Design
The information collected by our system and uploaded files are stored in a database. The
system uses three database tables. The user information of a user is stored in a users table.
The user table consists of user_id, username, first_name, last_name, password, email,
phone, location as attributes. The user_id is the primary key that is randomly generated by
the system using a random string generator function. The uploaded files of a user are stored
as two parts in two tables. The first part is the file information and the second part consist
of the actual file. the file information is stored in a file_info table which consists of file_id,
filename, filesize, file_key and user_id as attributes. The file_id is a randomly generated
string which is the primary key and user_id is the foreign key that relates to the users table.
The file_key consists of an encoded key for encryption and also initialization vectors.
The actual file is stored in a file_storage table with two fields. the first field is the
store_id which is a hash id generated from the file_id of a file. The store_id is the primary
key and the second field that stores the actual file as a BLOB. The file_storage a file and
21

33. other parts are stored in the file_storage table of a different database. The ER diagram in
the figure 3.6 clearly illustrates the connection between the tables used in our system.
Figure 3.6: ER Diagram
22

34. CHAPTER 4
RESULTS AND DISCUSSION
4.1 Performance Evaluation
The system we developed is a web application that is deployed in an AWS EC2 instance.
The AWS EC2 instance is the web server where we deployed the web app. The instance is
configured with Ubuntu OS with specification 8 GB RAM and 8 GB disk space. Since there
are no other files other than application files to store in the web server, we only need less
disk space. The performance of the EC2 instance is very well compatible with our system.
The network utilization is also fine. The RAM of 8 GB is capable of fast processing of our
web application.
The database server is configured by AWS RDS. The system requires three database
servers which are set up in different locations. The database is equipped with 16 GB RAM.
The performance of the database server with the 16 GB RAM is very well compatible with
our system. The database connection is also achieved at high speed. The network utilization
is also good for our system with a bandwidth of 3 Mbps.
The overall system performance is evaluated on the 8th generation i5 laptop processor.
The network we used to connect had a bandwidth with 3Mbps. The overall system is
developed using these configurations. The system performance for these configurations is
tested when its deployed and the results give that it is a better configuration to work with
it.
23

35. 4.2 Testing and Validation
Each component of the system has been tested separately. Integration testing was also
performed after the final system was built. This section discusses the various testing and
validation strategies.
4.2.1 Test Plans
A test plan is a document describing software testing scope and activities. It is the basis
for formally testing any software/product in a project.Each test plan consists of precondi-
tions, action, response and post-conditions. The project was successfully validated. It also
underwent a formal verification process which ensured that all the requirements as per the
problem statement have been met. The various test plans adopted to test the working of
the system are outlined in this section :
Figure 4.1: Test Plan 1.
Figure 4.2: Test Plan 2.
24

36. Figure 4.3: Test Plan 3.
Figure 4.4: Test Plan 4.
4.3 Discussion
The source code for our proposed system has been made available in GitHub under the open
source license [7]. The proposed system is a web application and our web application can
be viewed and also can use it for storing text files. The URL to check the web application
is at [8] .
25

37. CHAPTER 5
CONCLUSION AND FUTURE WORK
5.1 Conclusion
A hybrid cryptosystem is a convention utilizing various ciphers of diverse sorts together,
each further bolstering its best good fortune. Hybrid cryptosystem increased the difficulty
level for an unauthorized person or hacker to decrypt the encrypted data, through encrypted
key, via RSA. A new hybrid cryptography algorithm is proposed using AES, Triple DES,
Alleged RC4 algorithms. The combination of the symmetric and asymmetric algorithms
provides efficiency to the proposed system. The proposed method provides high security on
data transmission over the internet. Thus, we can provide secure cloud storage which pre-
vents unauthorized actions, services and protect it from hackers using the above-mentioned
algorithm and control techniques.
The proposed system offers a distributed storage security scheme that aggregately deals
with the uploading and downloading of user files with providing security and operation in
terms of retrieval time. The data files are encrypted and decrypted at the client-side when
the user uploads or downloads the files from the system. The data files are divided into shards
and these shards are stored on a different database server. The shard and distribution of
shards ensure that no notable information is obtainable by an opponent in case of a successful
attack. The one or more shards of the same file may or may not be stored on the same server
nodes. Thus, the attacker cannot be sure to receive multiple shards of the same file or only
one or none of the shards from the server making it difficult to intercept the user’s file. The
file uploaded at the cloud, are replicated to three levels of backup nodes. In case of failure
26

38. of any node, the file shards can be obtained from their backup nodes where the replicated
shards are stored thus the availability of the file is increased.
5.2 Future work
The proposed system provides users to upload only text file type only. The size of the
uploading file is also limited to 40 MB. The storage of files in the database as BLOB is not
at all practical for large because the fetch and upload time will be delayed. In the future,
we can enable users to upload file types other than text files. Also, we can enable large size
file uploads and store it in a separate storage server. We can improve this proposed system
more functionality as mentioned above to provide ultra-secure file storage in the cloud using
hybrid cryptography.
27

39. REFERENCES
[1] Punam V Maitri and Aruna Verma. “Secure file storage in cloud computing using
hybrid cryptography algorithm”. In 2016 International Conference on Wireless Com-
munications, Signal Processing and Networking (WiSPNET), pages 1635–1638. IEEE,
2016.
[2] Ms Snehal Rathod, SA Ubale, and Sulabha S Apte. “Attribute-Based Encryption Along
with Data Performance and Security on Cloud Storage”. In 2018 International Con-
ference on Information, Communication, Engineering and Technology (ICICET), pages
1–3. IEEE, 2018.
[3] Supriya Kute and SB Javheri. “Implementation of Secure File Storage on Cloud with
Owner-Defined Attributes for Encryption”. In 2018 Fourth International Conference on
Computing Communication Control and Automation (ICCUBEA), pages 1–6. IEEE,
2018.
[4] Mihir Manek, Aditi Chhadwa, Kinjal Shah, Manish Potey, and Mehvash Khan. “Cloud
Oriented Distributed and Encrypted File Storage (CODE-FS)”. In 2018 Fourth Interna-
tional Conference on Computing Communication Control and Automation (ICCUBEA),
pages 1–5. IEEE, 2018.
[5] https://getbootstrap.com/docs/4.4/getting-started/introduction/.
[6] https://docs.djangoproject.com/en/3.0/.
[7] https://github.com/ALINBABU/SECRY.
[8] https://secrycloud.tech.
28

40. [9] https://aws.amazon.com/.
[10] https://medium.com/saarthi-ai/ec2apachedjango-838e3f6014ab.
29

41. APPENDIX
Figure 5.1: The first page of the User Interface.
Figure 5.2: The home page of the website describing the services.
30

42. Figure 5.3: The home page of the website describing about the application.
Figure 5.4: The home page of the website with contact form.
31

43. Figure 5.5: User registration page.
Figure 5.6: User login page
32

44. Figure 5.7: User account dashboard page.
Figure 5.8: User account file uploaded file lists page.
33

45. Figure 5.9: User account upload file page.
Figure 5.10: User account downnload uploaded files page.
34

46. Figure 5.11: User account settings page.
Figure 5.12: User account information page.
35