International Conference on Energy, Communication, Data Analytics and Soft Computing (ICECDS-2017)

Analyzing Storage and Time Delay by Hybrid

Blowfish-Md5 Technique
Anushka Gaur Dr. Anurag Jain
M. Tech. Student, Computer Science Department, Assistant Professor (SG), Virtualization Department
Chandigarh Engineering college, Landran Mohali School of Computer Science and Engineering
meanushkagaur@gmail.com University of Petroleum & Energy Studies, Dehradun
anurag.jain@ddn.upes.ac.in

Dr. Amit Verma

Professor & Head, Computer Science Department
Chandigarh Engineering College, Landran, Mohali
hodcse@cecmohali.org

Abstract— In the field of networking, one of the emergent
technologies is cloud computing whose popularity is increasing
day by day. Various types of cloud services are provided by many
software companies(such as Salesforces, Microsoft, Amazon, etc)
to their users. The cloud employment is reduced as the encrypted
data storage and time increases. As the encrypted data is not
sliced or distributed form which increases its possibility of being
hacked or attacked. In this research paper, the hybrid
cryptographic algorithm is used to enhance data security by
using an encryption algorithm in the cloud and the results are
analyzed on the basis of parameters like storage space and time (
both encryption and decryption time). This paper consists of the
combination of Blowfish algorithm and MD5 hashing algorithm
and comparison with EDS-AES cryptographic algorithm is
shown.
Keywords— Cloud Computing, Virtualization, Data Security,
Encryption algorithms.
I. INTRODUCTION
On-demand computing is recognized as cloud computing
considering as computing which is based on the internet in
which processing resources and computers are shared by
administering and other devices on the internet. In cloud
computing processing and storage of data can be done in data
centers which may belong to a third party. In the present
scenario, cloud computing is seen as a fast developing area
that can instantly supply extensible services by using internet
with the help of hardware and software virtualization. The
biggest advantage of cloud computing is flexible lease and
release of resources as per the requirement of the user. Other
benefits encompass betterment in efficiency, compensating the
costs in operations. It curtails down the high prices of
hardware and software.
From user’s perspective, the burden on users such as
installation and maintenance of the software, framework,
storage capacity etc. are transferred to the cloud service
provider. The responsibility such as installation and
maintenance of hardware of the cloud is shifted away from the
customer. However, the application at a higher level of stack
and administration remain intact and client’s duty. Some of
the attractive points associated with cloud are given as:
Resource Outsourcing: In cloud computing model, the
cloud vendor is responsible for acquisition and maintenance of
hardware devices. The consumers are not required to provide
their own hardware devices.
Utility computing: In case additional resources are
requested by the consumer or if there is no more need of the
resources then they can be allotted or released anytime.
Large numbers of machines: A large number of
inexpensive machines construct a cloud. As a result, more
capacity can be added easily using cloud vendor and failing
machines are replaced instantly.
Automated resource management: The system
administrator is responsible for managing all the typical
configuration work. For an instance, the backup and retrieval
options are being provided by many clouds. Malicious activity
offered, are monitored by some clouds.
Pay-per-use: Because the cloud computing allows its
customers to use resources as per their requirement so this
makes it cost efficient up to some extent as it cuts the need to
purchase a software.
Virtualization: In clouds, usually there are virtual hardware
resources because multiple users are sharing them for
efficiency improvement. Virtualization is responsible for
enhancing the utilization of hardware as it makes it possible to
share resources among multiple consumers [16].
Although, there are numerous benefits of adopting the
latest cloud technology still there are privacy issues involved
in cloud computing because in the cloud at any time the data
can outbreak the service provider and the information is
deleted purposely.
There are security issues of various kinds related with
cloud computing falling into two broader categories: First, the
issues related to the cloud security that the cloud providers
face (like software provided to the organizations,

978-1-5386-1887-5/17/$31.00 ©2017 IEEE

2985
 International Conference on Energy, Communication, Data Analytics and Soft Computing (ICECDS-2017)
infrastructure as a service). Secondly, the issues related to the
cloud security that the customers experience (organizations
who store data on the cloud).The secure infrastructure and
applications protection are ensured by the service provider
although their applications reinforced as the dimensions are
taken by the user and using strong passwords and
authentication measures. A hybrid cryptographic algorithm is
proposed using Blowfish and MD5 schemes, which also
ensures the security.
Fig 1: Cloud Computing Security model
Symmetric block cryptographic algorithm weakness is
overcome by using a hybrid Blowfish-MD5 cryptographic
algorithm. Hybrid Blowfish-MD5 algorithm efficiency and
effectiveness are demonstrated in the performance analysis
and experimental outcome obtained by showing its
comparison with EDS-AES cryptographic algorithm.
II. LITERATURE REVIEW
Li et al. in [4] have described how many cloud applications
has been restricted because of the critical issues of data
security and privacy. As sensitive data is reachable to the
cloud operators so an intelligent cryptography approach is
proposed. Data is not directly reachable to the cloud service
operators. The distributed cloud servers is used to store the
data after dividing the data file and the approach used is
Security-Aware Efficient Distributed Storage (SA-EDS)
model, including Alternative Data Distribution (AD2)
Algorithm, Secure Efficient Data Distributions (SED2)
Algorithm and Efficient Data Conflation (EDCon) Algorithm.
Zhao et al. in [5] have proposed a security model for G-
Hadoop which depends upon security methods such as SSL
protocol and public key cryptography. The job submission
process and users authentications are simplified by this
security framework. The traditional attacks protection is
provided to the G-Hadoop system by different security
mechanisms in the designed security framework.
Manogaran et al. in [6] have proposed a Meta Cloud Data
Storage Architecture in Cloud Computing Environment for big
data protection. The user’s number that logged into the cloud
data center are found by using Map Reduce framework and
the various data elements map to providers is protected by
using the proposed framework that is a Meta Cloud Data
Sortage interface. High implementation effort is required by
this proposed approach providing cloud computing
environment valuable information.
2986
Liu, Chang et al. in [7]have proposed a big structure which
provides an analysis on cloud authentication-based data
verification methods. In a simple aspect, a research problem is
analyzed. First, the research motivations and methodologies
are summarized for illustrating the research problem.
Secondly, the representative approaches several current
achievements are summarized and compared. Finally, future
developments view possibilities are introduced.
Jain, Anurag et al. in [8] have analyzed different public
key cryptosystem and their respective homomorphic
properties. As people store their sensitive data on the cloud
which raise the risk of data confidentiality and integrity.
Although security can be enhanced by encryption that creates
a problem in searching the encrypted data and updating it. In
their work authors have used homomorphic encryption
techniques and have proposed a security model to enhance the
confidentiality and integrity of data.
Baek, Joonsang et al. in [9] have introduced smart grids for
big data information management and a safe cloud computing
based model called as Smart Frame. Cloud computing
hierarchical structure is built in their framework which
provides cloud services of a different type for managing all the
information and doing analysis of the big data. By addressing
critical security issues in the proposed framework, a security
solution is provided which is planted on identity-based
encryption, signature and proxy re-encryption.
Sookhak et al. in [10] proposed an efficient Remote Data
Auditing (RDA) technique for cloud storage system which is
based on algebraic signature properties that incur minimum
computational and communication costs. Divide and Conquer
table (DCT), a new data structure is also presented which can
support dynamic data structure efficiently such as append,
insert, modify and delete. In comparison between another state
of art RDA techniques and their proposed approach shows
their approach is highly efficient and secure which helps in
reducing the communication and computational costs on the
server and auditor.
Gai, Keke et al. in [11] focuses on big data issues and its
practical implementation is considered in cloud computing. To
maximize the privacy protections efficiently, the approach
designed is Dynamic Data Encryption Strategy (D2ES). DED
algorithm is what mainly support D2ES model that was
developed for encryptions of the dynamically alternative data
package having different time constraints. The main aim of
this approach is maximizing the privacy protection with the
use of selective encryption strategy with the specific execution
time requirements.
Pasupuleti et al. in [12] described an effective way for
preserving the privacy of data which is used for mobile objects
data outsourcing and encrypting the data in the cloud
environment by using probabilistic public key encryption
algorithm. To retrieve an encrypted file from the cloud, the
ranked keyword search is invoked. The aim of this approach is
to achieve a data encryption system that is efficient without
data privacy sacrifice.
Sood, Sandeep K. in [13] have given a specialized
procedure and different techniques in a framework in which
 International Conference on Energy, Communication, Data Analytics and Soft Computing (ICECDS-2017)
from beginning to end the data is being protected efficiently.
The three cryptographic parameters that the user presented are
based on the data classification i.e., Confidentiality (C),
Availability (A) and Integrity (I). Also follows method for
information protection which involves the SSL (Secure Socket
Layer) 128-bit encryption and which can be brought upto 256-
bit as per the requirement, for integrity data check MAC
(Message Authentication Code) is used.
Shaikh, Rizwana et al. in [14] describe that how in cloud
computing, the active area of experimentations and research is
data security and privacy. A classification technique is
proposed in which on various dimensions basis, parameters
are defined. On the level bases, data security is provided in
which protection is required and on data set classification
bases at the storage security provisions is applied according to
their dimensions. The classification scheme that is proposed
having sample dataset collected on the bases of which its
efficiency is analyzed.
Li, Yibin, et al. in [15] proposed an approach for secure
financial services in cloud computing on multimedia big data
that novel approach is Semantic-Based Control (SBAC). The
entitled proposed approach is Intercrossed Secure Big
Multimedia Model (2SBM). This approach is basically
designed for secure accesses of the various media through
multiple platforms provided by the cloud. The proposed model
is supported by the main algorithms which include Ontology-
Based Access Recognition (OBAR) Algorithm and the
Semantic Information Matching(SIM) Algorithm.
Tripathi, Abhuday et al. in [16] have explored many
frameworks related to cloud computing and explained that
their security requirements are different from traditional
computing model. They have made an analysis of various
methods to get rid of security risks and demerits of present
cryptographic techniques. They have also compared elliptic
curve cryptographic technique for applications that are linked
to the cloud to RSA associated techniques.
Jensen, Meiko et al. in [17] tried to find out the current risk
factors related with XML application Signature and the Web
Services security models, they have also highlighted the
advantages of securing the browser with respect to Software as
a service aspect of cloud computing, tried to boost attention
regarding the integrity of data and problems related to (PaaS),
and presented the fear of attacks like flood attack on the
Cloud.
Buyya et al. in [18] stated cloud computing system a
variety of both parallel as well as distributed system which is
made up of interconnected and virtual computers and which
are being provisioned dynamically and are given with more
than one linked computing resources that are established on
various levels of services which lie between the service
provider and the customers.
III. PROPOSED FRAMEWORK
The proposed framework involves the combination of two
algorithms Blowfish and MD5. Blowfish algorithm is used at
the client side and other on the cloud side. The designed
framework encrypts the text files by dividing them into small
2987
chunks. Generally, the storage of encrypted files increases the
amount of space utilization which limits down the
employment of cloud environment. So the proposed
framework helps to overcome this problem and also reduce the
encryption as well as decryption time.The aim is to lessen the
storage requirement of the encrypted information and reduce
the cracking probability of any data segment by employing the
method of encryption by blowfish algorithm.
A. Blowfish Algorithm
Blowfish algorithm is a true robust symmetric key based
cryptographic algorithm. It is mainly used for encrypting the
original data former to uploading the actual data to the cloud.
Blowfish algorithm has a changeable key length of 332-448
bits and it is a 64-bit block cipher[1]. There are two
procedures that construct the blowfish algorithm: initializing
the key and the phase in which data is encrypted. A user
variable key is expended in the first phase to subkey arrays of
4168/8336-byte, which is presented with element arrays size
of 4-byte or format arrays element size of 8-byte. The subkey
arrays (P entry-18 and four S arrays entry-256) generation
process is user key dependent. There is an increase in the
security level with the complexity enhancement of sub-keys
and user key relation. In encryption process lately, instead of a
user key, sub-keys that are updated are used. The input of 32-
bit is divided into an input of 4 eight-bit quarters to S-boxes.
The modular 232 is added to output and for producing the
final output of 32-bit, XOR operation is used. Feistel network
is adopted by the blowfish for iterating the 16 (rounds) times a
simple function of encryption[2]. Similarly, for Blowfish
decryption, cipher text is used as input. The same process is
followed but in reverse order which is the main difference.
The Blowfish algorithm is preferred universally because of the
below mentioned reasons:
• Quick: It is capable to encode the data on 32-bit
microprocessors at a speed of 26 clock cycles per
byte.
• More compress: It requires a very small memory
space to run nearly 5KB.
• Easy: Blowfish uses very simple and easy operations,
such as addition, XOR with 32-bit operands, which
makes its framework easy to understand and manage.
• Safe: As the length of key is changeable, which
ranges from 32-448 bits, forming it flexible and safe.
B. Message Digest-5 algorithm ( MD-5)
MD5 is a message digest algorithm which is applied at the
cloud side to produce a hash value after the data has been
uploaded to the cloud server. Hash values can also be
considered as fingerprints of the original data[3]. A
cryptographic algorithm is used to process the data that is
included in a file and a different numeric value which is also
known as the hash value is obtained that is used to identify the
content present in the file. However, if the contents are
changed in any way, the corresponding hash value will also
get changed accordingly. For recovery purpose the calculated
hash value is often resend to the owner. In Message-Digest
 International Conference on Energy, Communication, Data Analytics and Soft Computing (ICECDS-2017)
algorithm 5, the 512-bit blocks as input message are broken
down into sub-blocks of sixteen 32-bit. Later an operational
series, a message digest of 128-bit along with four blocks of
32-bit concatenated are produced by MD5 for file integrity.
MD5 is a file authentication protocol which is used to verify
the content of the original file. It is essentially a mapping that
is generally from a random text to a string that has a fixed bit
length of 128 bits which satisfy a couple of criteria such as
• Almost 50% of the hash can be changed by altering
even a single bit in the source text.
• To obtain the original text from the hash is
computationally not possible.
Flowchart: Figure 2 shows the step by step flow of the
proposed framework.
Fig 2: Flowchart of proposed framework
For message digest computation, firstly appending the
padding bits for making congruent the length of the message
to 448, 512 modulo and afterwards the length of bits. The real
2988
message length is indicated by appending the portion of 64-
bit. The state of 128-bit on which the MD5 algorithm operates
that divides into four 32-bit words referred to as A, B, C and D
are initialized. In turn, message block of 512-bit each is
applied for state modification. The message block processing
comprises of four rounds that are similar, each one of these
rounds consist of similar 16 operations on the basis of F non-
linear function, left rotation, and modular addition. Finally,
after final round completion, A, B, C, and D are cascaded
producing the MD5 output.
The seven steps involved are:
Step 1: Input the text and the input text is pre-processed.
Step 2: On the client side, the encryption key is generated
using Blowfish algorithm.
Step 3: Block symmetric algorithm is used for data
encryption (32-bit block).
Step 4: The encrypted data is being uploaded to the cloud.
Step 5: Message digest of the encrypted text is created by
using the MD5 algorithm and stored in the cloud.
Step 6: The client downloads the text from the cloud and
decrypts by using Blowfish and MD5 algorithm.
Step 7: Finally, the execution time and storage size is
being analyzed and compared with EDS-AES algorithm.
Working of proposed framework:
The flow chart of the proposed framework is shown in the
above figure. The working is explained by the following
points:
• The proposed approach is meant for encryption of the
text files only. Initially, the input text is applied to the
algorithm for encryption. Then input text file is pre
proceed. The method of data pre-processing includes
conversion of raw data into a format that is easy to
understand. The data present in the real-world can be
incorrect, difficult to understand, insufficient,
uncertain or may show different behavior. So, pre-
processing of data is a very effective method that is
capable to remove all such kind of problems. Further
processing is done once the data has been pre-
processed.
• At the client side blowfish algorithm will generate a
key for encryption of the text file. The role of ‘F’
function used in blowfish algorithm is to divide a 32-
bits input into four bytes which are supposed to be
used as indices into an S-array. To produce the output
the results are went through the addition and XOR
operation respectively.
• At the cloud side the MD5 algorithm will generate a
hash value that is added with the encrypted text file.
Then the file is stored in the cloud .The hash value is
send back to the client.
• When the file is downloaded from the cloud then to
decrypt it key generated by the blowfish algorithm is
 International Conference on Energy, Communication, Data Analytics and Soft Computing (ICECDS-2017)

used. It means that the same key is used for Table 3: Comparison of decryption time.
encryption as well as for decryption. Decryption Decryptio
Input File
• Finally analyze the encryption time, decryption time Time By n time By
Input File Size
Blowfish-Md5 EDS-AES
and encrypted file size (storage space). Name (in bytes)
(in ms) (in bytes)

IV. RESULT AND DISCUSSION Text file 1 32360268' 286 643

In this paper, a comparative study has been done on EDS- 11028459

Text file 2 97 197
AES (efficient data storage-advance encryption standard) ’
algorithm and blowfishmd5 hybrid approach on the basis on 21710563
Text file 3 184 391
different parameters like file sizes formed after encrypting ’
files, encryption time required to encrypt files and time Text file 4 3377065’ 28 63
involved while decrypting text files of different sizes. For each
parameter, a different table is made to show the results in a Text file 5 1631779’ 11
clear way and corresponding to each table a bar graph is made 31
for better understanding. The results achieved are shown as:
Table 1: Comparison of encrypted file size The above table shows the time taken by two different
algorithms (blowfish-md5 and EDS-AES) while decrypting
Encrypted File Encrypted text files of different sizes. The lesser the decryption time the
Input File
Input File Size By File Size By
Name
Size
Blowfish-Md5 EDS-AES more efficient the algorithm would be.
(in bytes)
(in bytes) (in bytes)

Text file 1 32360268' 2 32491024

Text file 2 11028459’ 9190386 11073232

Text file 3 21710563’ 1 21797168
Text file 4 3377065’ 2814226 3390752
Text file 5 1631779’ 1359820 1638096

In the above table, the experimental results between

Blowfish-MD5 and EDS-AES encryption algorithm are
shown. This table shows the size of different text files formed
by encrypting them with the above two mentioned algorithms.
Table 2: Comparison of encryption time.
Encryption Encryption Fig 3: Comparison graph of encrypted file size
Input File
Time By time By
Input File Size
Blowfish-Md5 EDS-AES This graph shows the size of input file after applying the
Name (in bytes)
(in ms) (in bytes) encryption algorithm. In this graph it is clearly visible that the
Text file 1 32360268' 512 648
file size is less when it is encrypted by applying the
blowfishmd5 algorithm.
Text file 2 11028459’ 516 194

Text file 3 21710563’ 302 391

Text file 4 3377065’ 47 63

Text file 5 1631779’ 21

31

In table 2, the parameter used for comparison is encryption

time (the time involved while encrypting the text files of
different sizes by applying the hybrid blowfish-md5 algorithm
and EDS-AES algorithm)

Fig 4: Comparison graph of encryption time

2989
 International Conference on Energy, Communication, Data Analytics and Soft Computing (ICECDS-2017)
The X-axis of the above graph represents the size of text
files and the Y-axis denotes the time in milliseconds. An
algorithm which saves the time while encrypting a file is
desired which in this case is blowfidh-md5 algorithm.
Fig 5: Comparison graph of decryption time
Above given graph shows the comparison between the two
hybrid encryption algorithms which clarify the time required
for decrypting the text files by the hybrid Blowfish-MD5 is
lesser in comparison to the EDS-AES algorithm.
V. CONCLUSION AND FUTURE SCOPE
This is known that simulation-based approaches in Cloud
computing systems and application behaviors offer many
significant benefits like to test the newly developed methods
and policies. In this paper, various parameters of the proposed
algorithm are evaluated and experimental results obtained
shows that the proposed algorithm has lesser encryption and
decryption time and needs less storage capacity in comparison
to EDS-AES algorithm. Future prominence is given to the
proposed framework implementation comparing with some
other different algorithms to show their effectiveness. The
work can also be extended by including an optimization
technique along with this hybrid approach to make it as
perfect, effective and functional as possible. An optimization
technique can be used to compress the encrypted file size to a
greater extent. Further, optimization technique can also detect
attacks like malware and spam both of which are greatest
security threats.
References
[1] Thakur, Jawahar, and Nagesh Kumar. "DES, AES and Blowfish:
Symmetric key cryptography algorithms simulation based performance
analysis." International journal of emerging technology and advanced
engineering 1, no. 2 (2011): 6-12.
[2] Aurora, Tanjyot, and Parul Arora. "Blowfish Algorithm." International
Journal of Computer Science and Communication Engineering IJCSCE
Special issue on “Recent Advances in Engineering & Technology”
NCRAET 3, no. 4 (2013): 238-243.
[3] Zhao Yong-Xia, Zhen Ge, “MD5 Research,” Second International
Conference on Multimedia and Information Technology, pp. 271-273,
2010
[4] Li, Yibin, Keke Gai, Longfei Qiu, Meikang Qiu, and Hui Zhao.
"Intelligent cryptography approach for secure distributed big data
storage in cloud computing." Information Sciences 387 (2017): 103-115.
2990
[5] Zhao, Jiaqi, Lizhe Wang, Jie Tao, Jinjun Chen, Weiye Sun, Rajiv
Ranjan, Joanna Koáodziej, Achim Streit, and Dimitrios Georgakopoulos.
"A security framework in G-Hadoop for big data computing across
distributed Cloud data centres." Journal of Computer and System
Sciences 80, no. 5 (2014): 994-1007.
[6] Manogaran, Gunasekaran, ChanduThota, and M. Vijay Kumar.
"MetaCloudDataStorage architecture for Big Data security in cloud
computing." Procedia Computer Science 87 (2016): 128-133.
[7] Liu, C., C. Yang, X. Zhang, and J. Chen. "External integrity verification
for outsourced big data in cloud and IoT: A big picture." Future
Generation Computer Systems (2015).
[8] Jain, Anurag, and Kumar Rajneesh. "Confidentiality enhanced security
model for cloud environment," In Proceedings of the Second
International Conference on Information and Communication
Technology for Competitive Strategies 2016 Mar 4, pp. 139-144,.
http://dl.acm.org/citation.cfm?id=2905199
[9] Baek, Joonsang, Quang Hieu Vu, Joseph K. Liu, Xinyi Huang, and Yang
Xiang. "A secure cloud computing based framework for big data
information management of smart grid." IEEE transactions on cloud
computing 3, no. 2 (2015): 233-244.
[10] Sookhak, Mehdi, Abdullah Gani, Muhammad Khurram Khan, and
Rajkumar Buyya. "Dynamic remote data auditing for securing big data
storage in cloud computing." Information Sciences 380 (2017): 101-116.
[11] Gai, Keke, Meikang Qiu, Hui Zhao, and Jian Xiong. "Privacy-aware
adaptive data encryption strategy of big data in cloud computing." In
Cyber Security and Cloud Computing (CSCloud), 2016 IEEE 3rd
International Conference on, pp. 273-278. IEEE, 2016.
[12] Pasupuleti, Syam Kumar, Subramanian Ramalingam, and Rajkumar
Buyya. "An efficient and secure privacy-preserving approach for
outsourced data of resource constrained mobile devices in cloud
computing." Journal of Network and Computer Applications 64 (2016):
12-22.
[13] Sood, Sandeep K. "A combined approach to ensure data security in
cloud computing." Journal of Network and Computer Applications 35,
no. 6 (2012): 1831-1838.
[14] Shaikh, Rizwana, and M. Sasikumar. "Data classification for achieving
security in cloud computing." Procedia computer science 45 (2015):
493-498.
[15] Li, Yibin, Keke Gai, Zhong Ming, Hui Zhao, and Meikang Qiu.
"Intercrossed Access Controls for Secure Financial Services on
Multimedia Big Data in Cloud Systems." ACM Transactions on
Multimedia Computing, Communications, and Applications (TOMM)
12, no. 4s (2016): 67.
[16] Tripathi, Abhuday, and Parul Yadav. "Enhancing security of cloud
computing using elliptic curve cryptography." International Journal of
Computer Applications 57, no. 1 (2012).
[17] Jensen, Meiko, Jörg Schwenk, Nils Gruschka, and Luigi Lo Iacono. "On
technical security issues in cloud computing." In Cloud Computing,
2009. CLOUD'09. IEEE International Conference on, pp. 109-116.
IEEE, 2009.
[18] Buyya, Rajkumar, Chee Shin Yeo, Srikumar Venugopal, James Broberg,
and Ivona Brandic. "Cloud computing and emerging IT platforms:
Vision, hype, and reality for delivering computing as the 5th utility."
Future Generation computer systems 25, no. 6 (2009): 599-616.
[19] Jain A, Kumar R. A Taxonomy of Cloud Computing. International
Journal of Scientific and Research Publications. 2014 Jul; 4(7):1-5.
http://www.ijsrp.org/research-paper-0714/ijsrp-p3128.pdf