FILE SHARING AND CLOUD STORAGE SYSTEM WITH

ACCESS CONTROL THROUGH ENCRYPTION

A Project Report Submitted to the

SCHOOL OF PURE AND APPLIED SCIENCE

UNIVERSITY OF EMBU

For the Degree of

BACHELOR OF SCIENCE

In

COMPUTER SCIENCE

By

EDWIN NGUGI

B135/14860/2017

Project Supervisor

Dr. Boaz Too

Department of Mathematics, Computing and Information Technology

60100-06 Embu, Kenya. FEB – 2020

2.1 CHAPTER ONE: INTRODUCTION

2.1.1 Background
One of the major issues today is device storage for mobile phone users, this is because the
storage is either limited or the available space is shared among multimedia and other mobile
applications which use the storage to function. Cloud storage is an off-site, remote storage
database that is cheap, securely, and safely saves user's data, and is maintained by a third-party
organization (Basu et al., 2018). This means that you do not have to store your files and
documents on your mobile device. It is delivered on-demand and eliminates managing your own
data storage, making the data available to you anywhere in the world. Security of essential files
is another primary concern in device storage. Over the years the growth of cryptography has
facilitated an increase in the security of files and documents stored or shared between two parties
through the use of encryption. In cryptography, encryption is the process of encoding
information from plaintext to ciphertext. This means if two individuals are sharing files they are
the only ones who can view the contents of the file. Encryption uses an algorithm to scramble
data and then uses a key from the client to decryption to the appropriate information. Advanced
encryption standard (AES) is the most popular and widely adopted symmetric encryption
algorithm (Yang, Han, Huang, Ma, 2018). Since AES is a symmetric algorithm it uses the same
key to encrypt and decrypt data. AES-28 uses a 128-bit key length to encrypt and decrypt data.
Aes algorithm defines numerous transformations that are performed to the data. The initial step is
to place the data into an array, whereby the transformations are repeated several times. The first
phase of the transformation involves the substitution of the data using a substitution table, this is
followed by shifting of data rows, and finally mixing of the columns (Yang, Han, Huang, Ma,
2018).

2.1.2 Statement of the problem

The primary issues with mobile phones today are file storage and sharing of files securely. In file
storage, the device storage is usually limited or the available space is utilized by other
applications in the phone. In terms of sharing files, it has become essential for the need to
securely transfer files from one individual to another. Data stored on mobile phones are not safe
as mobile phones are easily hackable or the file may be damaged or destroyed by virus or
malicious code. This mobile application allows you to store your files securely on the cloud and
send encrypted files to other mobile users using the application. The system uses AES to encrypt
the file and send the file to the other users. The system will use google's firebase cloud storage to
store the data securely and available all around the world.

2.1.3 Justification
The most critical and single reason why individuals and businesses should emphasize security
when devising for mobile phone file storage and sharing is the continuous growth of the value of
data in recent years. The rapid growth in big data analytics and business intelligence technology
has accelerated the importance of personal and organizational data. In emphasizing the need for
secure file transfers it is essential to note that data that is in motion is vulnerable to intercept,
alteration, and manipulation than data at rest. Another essential reason for the need of developing
the system is because it is cheaper to prevent data breaches rather than paying for the
consequences of these events. In addition to this, a company that experiences these data breaches
results in a loss of confidence by its customers. In a business environment, organizations rely on
fast and secure access to essential files and documents on many devices. However, security can
become a major problem, especially when using mobile devices. Most secure file-sharing
solutions have their core in cloud technology. Cloud technology allows individuals and
organizations to collaborate and store critical documents (Basu et al., 2018). Cloud technology is
often utilized to host email systems but the most essential use is in file storage and sharing. The
primary goal of a storage platform is to offer secure access to information (Basu et al., 2018).

2.1.5 Objectives
2.1.5.1 General objectives
Today cloud storage is one of the most efficient and convenient methods to store data remotely.
The objectives of this system are to:
Enhance data security through the use of cloud storage and encryption in file transfer. Cloud
storage keeps copies of your data redundantly which makes the data safe. Encryption provides a
layer of abstraction of your data.
To provide a cost-efficient form of storage as you do not have to set up or purchase storage
equipment to store your data. The data in the cloud is powered and managed by the cloud
provider and thus providing reliability and cheap solution.
To provide security to both data in motion and data at rest. This is enabled through the use of
cloud storage and encryption of data before sharing.
To promote the privacy of personal and organizational data which eventually results in the
improved trust from your customers.
To enhance disaster recovery as cloud storage provides storage backup plans and thus limiting
data loss as the company or individual can retrieve backup data from the cloud in case they lose
their data.
To promote scalability and flexibility as the storage plan can be revised in case the storage
allocated is not enough.
Cloud storage promotes convenience as you do not need a flash drive to access or view the data
as it can all be done in an online environment.
Improved file security and authorization as only the one with a key can view the contents of an
encrypted file.
2.1.5.2 Specific objectives
The primary objective of the application is to keep the uploaded user file safe and secured and
only accessed by the appropriate registered user.
The application allows users to view and download the file uploaded to the cloud through the
application interface.
The application allows users to send and receive encrypted files through their registered email
addresses.
The application will enable users to select a file from the internal storage or any other available
external storage and upload it to the cloud.
2.1.6 Anticipated output
The anticipated product will be an android application that will run on android devices that are
running Android version 8.1 and above. The application will be a bundle application file with a
.apk extension that will be used to install the application.

2.2 CHAPTER TWO: LITERATURE REVIEW

Cloud computing is a rapidly growing technology which in recent years has drawn significant
attention from the information technology industry to academic researchers. Cloud computing
provides services over the internet, users can utilize the services instead of setting up their
implementation. Gatner (Abdullah, 2017) defined cloud computing "as a style of computing that
delivered IT capabilities 'as a service' to end-users through the internet." According to
Kalaiprasath, Elankavi, and Udayakumar, (Kalaiprasath, Elankavi, & Udayakumar, 2017),
"cloud storage is a service that maintains data, manages, and backups remotely and makes the
data available to users over the internet." There are many cloud storage providers and most
provide free space up to a certain capacity. By utilizing cloud storage service, customers do not
need to invest in storage devices and no technical support is required for maintenance, storage,
backup, and disaster recovery (Kalaiprasath, Elankavi, & Udayakumar, 2017).
Cybercriminals are always looking for links to crack and break. The need for security is
increasing for data safety. One of the most common ways to protect data is encryption.
According to Rahardjo and Shidik(Rahardjo & Shidik, 2017, October), "Encryption works by
converting plain text data into scrambled text or ciphertext." The ciphertext can only be
decrypted using a special key. One of the most common encryption algorithms is Advanced
Encryption Standard (AES). AES uses symmetric key encryption which involves the utilization
of a secret key to encrypt and decrypt data. AES can be implemented both in software and
hardware to encrypt sensitive data. According to Banik, Bogdanov, and Regazzoni (Banik,
Bogdanov, & Regazzoni, 2019), AES was developed by the United States of America
government for private and public use. AES has three block ciphers: AES-128, AES-192, and
AES-256. The AES-128 block ciphers utilize the 128-bit key length to encrypt and decrypt a
block of data, while the AES-192 block cipher uses 192-bit length and the AES-256 cipher block
uses a 256-bit key length. According to Rahardjo and Shidik(Rahardjo & Shidik, 2017,
October), "The government categorizes information in three levels, Confidential, Secret and Top
in ascending order respectively, all key lengths can be used to protect the information in a
Confidential and Secret level, but at the top level, the 192-bit and the 256-bit key length is used
at the Top-level. The data to be encrypted goes through several processing steps including:
● Storing the data.
● Substitution.
● Transposition.
● Mixing of the input.
According to Abdullah, "The first process is to store the data to be encrypted into an array." The
next phase transformation of the cipher is repeated over multiple encryption steps. The first
phase in the AES encryption cipher is the substitution of the data using a substitution table. The
second transformation the data rows, while the third transformation mixes columns (Abdullah,
2017).
AES Features
The National Institute of Standards and Technology (NIST) specified the AES algorithm as a
block cipher capable of handling 128-bit blocks, using a key length of 128, 192, and 256 bits
(Banik, Bogdanov, & Regazzoni, 2019).
1. Security
Encryption algorithms are judged on their ability to resist attacks. According to Abdullah
(Abdullah, 2017), "Security strength was considered as the most essential competing factor."
2. Cost
AES was intended to be released royalty-free, non-exclusive, and on a global scale. AES was
developed to be cost-effective in terms of computational and memory efficiency.
3. Implementation
According to Banik, Bogdanov, and Regazzoni, (Banik, Bogdanov, & Regazzoni, 2019),
"Factors to be considered include sustainability, algorithm inflexibility, simplicity, and software
implementation.”
AES Security
Security experts suggest that AES is secure but only when implemented properly. However, the
main concern is mainly protecting the encryption keys.

References
Abdullah, A. (2017). Advanced encryption standard (aes) algorithm to encrypt and decrypt data.
Cryptography and Network Security, 16.
Banik, S., Bogdanov, A., & Regazzoni, F. (2019). Compact circuits for combined AES
encryption/decryption. Journal of Cryptographic Engineering, 9(1), 69-83.
Kalaiprasath, R., Elankavi, R., & Udayakumar, R. (2017). CLOUD SECURITY AND
COMPLIANCE-A SEMANTIC APPROACH IN END TO END SECURITY. International
Journal on Smart Sensing & Intelligent Systems, 10.
Basu, S., Bardhan, A., Gupta, K., Saha, P., Pal, M., Bose, M., ... & Sarkar, P. (2018, January).
Cloud computing security challenges & solutions-A survey. In 2018 IEEE 8th Annual
Computing and Communication Workshop and Conference (CCWC) (pp. 347-356). IEEE.
Rahardjo, M. R. D., & Shidik, G. F. (2017, October). Design and implementation of self
encryption method on file security. In 2017 International Seminar on Application for Technology
of Information and Communication (iSemantic) (pp. 181-186). IEEE.
Yang, L., Han, Z., Huang, Z., & Ma, J. (2018). A remotely keyed file encryption scheme under
mobile cloud computing. Journal of Network and Computer Applications, 106, 90-99.