INDUSTRIAL TRAINING FROM “FINNLOGIC IT-SERVICES”

ON
TITLE
“ENCRYPTED CLOUD STORAGE”

A report submitted in partial fulfillment of the requirements for award of the degree of Bachelor
of Engineering in Information Technology.

Submitted by:
NAME: SIMRANJEET SINGH
ROLL NO : 57/19
UNIVERSITY ROLL NO : 191303017

DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING

M.B.S. COLLEGE OF ENGINEERING AND TECHNOLOGY
BABLIANA, JAMMU– 181101
2023
 ACKNOWLEDGEMENT

This report is an outstanding prospect to convey my gratitude to those many people

whose timely help and guidance went a long way in finishing my Industrial Training
from commencement to achievement. I would like to express my sincere thanks to
Finnlogic IT-Services Pvt. Ltd. for their guidance and for providing a platform to
explore the practical knowledge. I am also very grateful to respect to Dr. DS Pundhir,
Principal of M.B.S.C.E.T. Jammu, Dr. Amrik Singh and Ms Ridhika Sharma, H.O.D of
computer science department for granting me permission to fulfil our Industrial
Training.
Last but not the least I would like to thank my friends, family and all those who helped
me for the completion and deeper understanding of the concept of performance
appraisal. Working on this project has been an enlightening experience for me.

Finally, I would like to thank God almighty for showering endless blessings on me, and
knowledge and strength to make this work a success. I would also like to thank my
family for their support throughout the course and for serving as an inspiration always.

INDERPAL SINGH (19/19)

 DECLARATION

I INDERPAL SINGH (19/19) hereby declare that this Industrial Training

Report on “ENCRYPTED CLOUD STORAGE” submitted to the

Department of Computer Science & Engineering in Mahant Bachittar Singh

College of Engineering & Technology is prepared by me and was not

submitted to any other institution for award of any other degree.

INDERPAL SINGH

19/19

1913030 05
Abstract
Cloud is used in various fields like industry, military, college, etc. for various services
and storage of huge amount of data. Data stored in this cloud can be accessed or
retrieved on the users request without direct access to the server computer. But the
major concern regarding storage of data online that is on the cloud is the Security. This
Security concern can be solved using various ways, the most commonly used
techniques are cryptography and steganography. But sometimes a single technique or
algorithm alone cannot provide high-level security. So we have introduces a new
security mechanism that uses a combination of multiple cryptographic algorithms of
symmetric key and steganography. In this proposed system 3DES (Triple Data
Encryption Standard), RC6 (Rivest Cipher 6) and AES (Advanced Encryption Standard)
algorithms are used to provide security to data. All the algorithms use 128-bit keys.
LSB steganography technique is used to securely store the key information. Key
information will contain the information regarding the encrypted part of the file, the
algorithm and the key for the algorithm. File during encryption is split into three parts.
These individual parts of the file will be encrypted using different encryption algorithm
simultaneously with the help of multithreading technique. The key information is
inserted into an image using the LSB technique. Our methodology guarantees better
security and protection of customer data by storing encrypted data on a single cloud
server, using AES, DES and RC6 algorithm.In the cloud environment, resources are
shared among all of the servers, users and individuals. So it is difficult for the cloud
provider to ensure file security.

INTRODUCTION
Recently, a significant revolution occurred in the field of information technology,
mainly attributed to cloud computing. With the increasing use and process of data in
most organisations, governments, banks, etc, cloud storage has become one of the
most popular and indispensable services. Using cloud computing, users access and
store data and programs via the internet instead of a computer's hard drive. From any
device with internet access, users can fetch documents and use applications. Providers
of cloud computing, such as Google, Microsoft, and Amazon, deliver cloud computing
resources and services to their customers according to a business model that
dynamically utilises the resources and services to meet the customer's demand. Cloud
storage security is a big concern due to the massive amount of data which requires
service providers to ensure the confidentiality and privacy of customer and user data
when transferred, retrieved and at rest. This level of security can achieve with the
extensive use of multiple encryption algorithms and defence systems. The idea of
hybrid cryptosystems was raised with facts of the convenience of asymmetric key
cryptography as it does not require sharing the key with the recipient and the
efficiency of the symmetric key cryptography. A detailed explanation will be
represented beside a discussion of related works on hybrid storage cryptosystems.
Cloud computing is originated from earlier large-scale distributed computing
technology. NIST defines Cloud computing as a model for enabling convenient, on
demand network access to a shared pool of configurable computing resources
(e.g.,networks, storage, applications and services) that can be rapidly provisioned and
released with minimal management effort or service provider interaction”.
In Cloud computing, both files and software are not fully contained on the user’s
computer. File security concerns arise because both user’s application and program
are residing in provider premises. The cloud provider can solve this problem by
encrypting the files by using encryption algorithm. This paper presents a file security
model to provide an efficient solution for the basic problem of security in cloud
environment. In this model, hybrid encryption is used where files are encrypted by
blowfish coupled with file splitting and SRNN (modified RSA) is used for the secured
communication between users and the servers.

Aim of the project is to build an end to end encrypted secure file storage system using
which users can securely share files with other users. Users are able to store any type
of files like text file, an audio file, image etc. The system requires a file as input which is
then encrypted using cryptography techniques and then stored at a remote location.
Shared file can be viewed by the user by downloading the encrypted file from remote
locations and decrypting using decryption algorithm on users machine using the
metadata information shared with user by the owner. There are two kinds of users of
the system. The owner of files and the user with shared access to files. The system
uses different public key cryptography algorithms like RSA and Symmetric key
cryptography techniques like AES. Hashing algorithms like SHA are used to ensure
integrity of message. Users would require active internet connection to access files,
share files and download files.

SECURITY OF CLOUD STORAGE

Increasingly, businesses are moving their files to the cloud for storage. However, many
consumers and company owners who haven't made a move are concerned about
security. The most basic requirement of data security is to keep data safe against
attacks and during disasters, like a fire or a storm, through the use of encryption and
other technologies. Is it safe to save files on the cloud? If so, how secure is it? One of
the most significant benefits of putting your data on the cloud is that it is backed up
several times rather than just once. This redundancy is essential for protecting the
security of your data. If one of your servers crashes suddenly, copies of your data are
still available on another server. Even if a data centre is entirely destroyed by a natural
disaster such as a fire or an earthquake, a duplicate of your data is available on a
server in another data centre. This technology has proven to be so reliable that
Amazon Web Services believes that the chances of your data being lost in the cloud
are one in a billion. Besides the fact that cloud storage is subject to constant
monitoring and has tools to shut down intruders if necessary, however, physical
security is highly prioritized, with data being stored in locked cages to ensure it is not
stolen or accessed by unauthorized parties . It is essential that all cloud-stored data is
encrypted, and you should only know the encryption key. End-to-end encryption, often
known as zero-knowledge encryption, is a widespread technique in the cloud storage
sector. Your data is encrypted before it leaves your device using this encryption
technique. Only once the encryption procedure is complete are data delivered to your
cloud storage space through the internet. This means that no one, including your cloud
storage provider, will be able to decrypt or access your data. If your data is intercepted
while being transferred to or from the cloud, the attacker will not have the necessary
knowledge to decrypt your files.
Data Security Issues
Due to openness and multi-tenant characteristics of the cloud, the traditional security
mechanisms are no longer suitable for applications and data in cloud. Some of the
issues are as following:
 Due to dynamic scalability, service and location transparency features of cloud
computing model, all kinds of application and data of the cloud platform have no fixed
infrastructure and security boundaries. In the event of security breach, it is difficult to
isolate a particular resource that has a threat or has been compromised.

 According to service delivery models of Cloud computing, resources and cloud

services may be owned by multiple providers. As there is a conflict of interest, it is
difficult to deploy a unified security measure.

 Due to the openness of cloud and sharing virtualized resources by multitenant, user
data may be accessed by other unauthorized users.

Overview
The system overview is presented in this Section. The high level architecture of the
current secure file storage system is depicted. The current system uses symmetric key
cryptography and steganography techniques. Symmetric key algorithms like AES,
blowfish, RC6 and BRA algorithms are used to provide block wise security to data. Each
file is split into 8 blocks and every block is encrypted using a different algorithm. LSB
steganography technique is used to share secret keys between users. Using LSB
steganography keys are inserted into cover images and then cover images are shared
with the user via email. The existing system only focuses on confidentiality and does
not consider integrity and authentication.

Proposed System Architecture

The main disadvantage of the current system is it does not consider integrity and
authentication. Also it uses stenography to share secret keys between users. To
overcome these drawbacks we propose a system that provides integrity and
authentication along with confidentiality. Also our system uses asymmetric key
cryptography rather than stenography to share secret keys among users. We plan to
use asymmetric key cryptography over stenography as it would be better to use
asymmetric key cryptography as our system is using digital signature.

In our proposed system there are two main entities: an owner of file and other with
whom the owner has shared access with. The owner will upload the file that is
required to be stored at a remote location or needs to be shared with other users.
Owner gives access to other users by sharing required metadata to decrypt the file
using an asymmetric crypto system. A user with shared access can download the file
from remote storage and view the contents of the file.
High level system
Proposed system architecture
In our proposed system there are four blocks each having different functionality.

1. The file is divided into chunks and then every chunk is encrypted using AES
algorithm and digital signature for file is generated. A metadata file is created
consisting of secret keys and information about file chunks.

2. On server files are stored and a table is maintained to map hash codes with file
names.

3. A different server is maintained as a trusted center for distribution of public key.

4. Lastly there is a block for downloading the file. The file downloaded is decrypted
then it's digital signature is verified before showing the file to the user.
Hardware and Software Specifications
The experiment setup is carried out on a computer system which has the different
hardware and software specifications as given in Table 1 and Table 2 respectively.

Table 1 Hardware details

Procesor Intel i7
HDD 1TB
RAM 4GB

Table 2 Software details

Operating System Windows 10

Programming Language Java JDK 7.8

Database PgAdminIII
Hybrid Cryptosystem Scheme
The term "hybrid cryptography" refers to the integration of two cryptographic
techniques: asymmetric encryption and symmetric encryption. If you can use multiple
algorithms of different types to increase the encryption's power, you can integrate the
speed and strength of the two algorithms. This method is used to assure safe cloud
storage systems. For instance, two approaches here are used to demonstrate the
difference between less secure and more secure systems. The first method employs
the AES and RSA algorithms, with RSA utilised for key encryption and AES for
information or text encryption. Blowfish and AES algorithms are used in the second or
more secure approach. In this approach, these two algorithms provide double
encryption over data and keys, providing greater security than the first 13.

In order to ensure file security on cloud, hybrid cryptosystem is being used. We

assume that the remote server is trusted, so files are encrypted by server and finally
encrypted files are stored at the server end. The hybrid cryptosystem uses a
combination of:

-Blowfish Algorithm coupled with File Splitting and Merging mechanism

-SRNN Algorithm

In a hybrid scheme, the performance of symmetric algorithm is integrated with

security of asymmetric algorithm. The symmetric algorithm (Blowfish) used in hybrid
cryptosystem has best practice to avoid data misuse when compared with other
symmetric algorithms. Also, in terms of throughput, Blowfish has best performance.
The SRNN used serves as a good balance between speed and security. In hybrid
cryptosystem, firstly, files uploaded files are sliced and each slice is encrypted by the
corresponding key Blowfish key provided by the user. Secondly, each of the n keys are
encrypted using SRNN where n is the number of slices.

Hybrid Cryptography concept is used for securing storage system of cloud. Two
different approaches are used to show the difference between less secure and more
secure systems. The first approach uses RSA and AES algorithms; RSA is used for key
encryption and AES is used for text or data encryption. In the second or we can say
more secured approach, AES and Blowfish algorithms are used. In this approach, these
two algorithms provide double encryption over data and key which provides high
security compared to the first one.

I. In this proposed system three step procedures is used. Firstly, Diffie Hellman is used
for exchanging keys. Thereafter authentication is performed using digital signature
scheme. Finally, data is encrypted using AES and then uploaded to the required cloud
system. For decryption reverse procedure is implemented.

II. Combination of RSA algorithm and MD5 to assure various security measures such as
confidentiality, data integrity, no repudiation etc. It uses RSA key generation algorithm
for generation of encrypted key for encryption and decryption process. MD5 digest is
used for accepting an input of length up to 128 bit and processing it and generating an
output of padded length for encryption and decryption process.

III. Implementation of Trusted Storage System using Encrypted File System (EFS) and
NTFS file system drive with help of cache manager for securing data files. EFS encrypt
stored files by automatically using cryptographic systems. The process takes place as
follows, firstly application writes files to NTFS which in turn places in cache and return
backs to NTFS. After this NTFS asks EFS to encrypt files and heads them towards the
disk.

IV. Cloud Storage Security Service is provided by using separate servers viz. User Input,
Data Storage and User Output. Three different servers are used to ensure that failure
of any of the servers doesn’t harm the data. User Input server is used for storing user
files and input data by providing user authentication and making sure the data is not
accessed by any of the unauthorized means. Data storage server is the place where the
encryption using AES is performed to secure user input and then the encrypted files
are transferred to User Output server. User Output Server is the place from where user
gets the output file or the decrypted file and uses it for further use.
Hybrid Cryptosystem Phases
The hybrid cryptosystem is used to keep files secured, and it is divided into two
phases: -

-Encryption Phase

The encryption process was carried out in a series of steps. Begin by encrypting the
downloaded file and then segmenting it into three parts by employing the file system
module. Each part is encrypted using three different cryptographic techniques, such as
Blowfish (BF), Message Digest (MD5), and AES. The merged areas are then combined
into one file and re-loaded to the cloud.

-Decryption Phase
In contrast, the decryption phase follows the opposite steps of the encryption phase.
First, download the encrypted file, then it is separated into three sections, which are
allocated for decoding per the encrypted algorithm (Blowfish, MD5 and AES). The
proposed technique's decryption process is depicted in Figure.
Design and Implementation
The system is generated in such a way that it operates as follows :

1. First, users sign in if they are already registered or sign up to register by providing
information such as their email address, name, the password for their account, phone
number, and so on.

2. The user then browses from local storage to select the file to be uploaded.

3. The user then decides which encryption algorithm to use. The proposed system
offers the option of combining AES and Blowfish or AES and RSA.

4. The chosen file is uploaded after being encrypted with the selected encryption
algorithm integration.

5. The user can also view and download the files they have uploaded or accessed.

6. When a user picks a file to download, the decryption key is sent to the email address
entered during registration or sign-up.

7. Then, The user can use this key to download the decrypted or original file.
HYBRID CRYPTOSYSTEM IMPLEMENTATIONS
Based on the hybrid cryptosystems concept in cloud storage, several implementations
and approaches will be discussed as follows: With smaller chip sizes, less energy usage
power, and more performance, the ECC is used to produce cryptographic keys that are
speedier, shorter, and more powerful. Blowfish is resistant to hackers and may be
found in a variety of goods, including secure encrypted email, password management
systems, and backup software applications. Blowfish is a moderately fast block cypher
with a relatively basic structure due to the limited number of rounds. The blowfish
technique is used to store encrypted data in the cloud. And EC public 3 key is used to
encrypt the blowfish key. Blowfish use the decrypted key from EC private key to
decipher data. Blowfish encryption using to upload the process and decipher the
decrypted key of the blowfish to download approach.

A hybrid encryption approach employs the Advanced Encryption Standard using 128
bits secret key and RivestShamir-Adleman algorithms with 1024 bit keys, assuring that
the private key cannot be deduced from the public keys generated. The upload option
produces RSA public keys. The user must preserve the RSA private key and the AES
secret key. When a user attempts to upload files or data to the cloud, After activating
the AES and RSA algorithms and having the user enter the AES secret key, the data is
first saved in a temporary area before being permanently stored in the database
relating to the user account. And to download data stored in the cloud, the user has to
specify and choose a filename, and then the user has to provide the AES secret key and
RSA private key. And that will keep the data stored in the cloud secure and can’t access
by anyone.

This presented system has three security control mechanisms: authentication,

encryption, and data verification techniques combined into one system. Thus, using
the digital signature ensures authentication. And the encryption algorithm is provided
to encrypt and decrypt the user's file. Lastly, secure computing to verify the data
integrity. First, Diffie Hellman is utilised for keys exchange. After that, authentication is
conducted with the use of digital signatures. Finally, the data file is encrypted with the
AES algorithm and stored on the storage server. And to download a file, AES is used to
decrypt the stored data file.
This proposed approach provides security to the user and cloud environment by
increasing the confidentiality and authentication of data through RSA and MD5
algorithms. Data can be uploaded in encrypted form using the RSA key generation
algorithm for secure communication. It is an asymmetric algorithm since the public key
used in encrypting the message is distributed to all. In contrast, the private key used in
decrypting the message is kept secret only the intended receiver knows. For
authentication, a message digest is generated using the MD5 algorithm.
Algorithm Used
Advanced Encryption Standard (AES)-

The AES algorithm is related to Rijndael`s encryption. Rijndael is a family of encryption

algorithms with different keys and block sizes. It consists of a continue serial
operations, some of them involve the input of certain outputs (substitutions) and
others the mixing of bits (permutations). All AES calculations algorithm is executed in
bytes instead of bits. Therefore, for Advanced Encryption Standard, 128 bits of plain
data is considered as a block of 16 bytes These 16 bytes are arranged in a 4x4 matrix
for the processing. AES algorithm is of three types namely AES-128bit, AES- 192bit, and
AES-256bit. Each iteration encrypts and decrypts data in blocks using keys of either
128-bits or 192-bits or 256-bits, respectively. Rijndael method was enhanced to accept
extra block sizes and also extra key lengths, but for AES, those functions were not
inherited.

Triple Data Encryption Standard (3DES)

In cryptography, 3DES is an inherited enhanced version of DES (Data Encryption

Standard). In the Triple DES algorithm, DES is used trice to increase the security level.
Triple DES is also referred to as TDES or Triple Data Encryption Algorithm (TDEA). TDES
has following key :-

- All keys being different

- Key 1 and key 2 being different & key 1 and key 3 is the same.
- All keys being identical.

TDES is slowly invisible from use, it is maximally replaced by the AES (Advanced
Encryption Standard). A far-reaching anomaly is in the digital payments industry, which
still uses 2TDES and scatters standards on that basis (e.g. EMV, the standard for inter-
operation of "Chip cards", and IC capable POS terminals and ATM's). This guarantees
that TDES will remain as an agile cryptographic standard in the future.
Rivest Cipher 6 (RC6)

RC6 is a symmetric key block cipher. RC6 (Rivest Cipher 6) is an enhanced version of
the old RC5 algorithm. RC6 – w/r/b means that four w-bit-word plaintexts are
encrypted with r-rounds by b-bytes keys. It is a proprietary algorithm patented by RSA
Security. RC6 operators as a unit of a w-bit word using five basic operations such as an
addition, a subtraction, a bit-wise exclusive-or, a multiplication, and a data-dependent
shifting. The RC6 algorithm has a block size of 128 bits and also works with key sizes of
128-bit, 192-bit, and 256 bits and up to 2040 bits. The New features of RC6 include the
use of four working registers instead of two and the inclusion of integer multiplication
as an additional primitive operation. The use of multiplication significantly increases
the diffusion per round, which allow more security, fewer laps and greater
performance. Furthermore, like RC5, it can also support various word-lengths, key
sizes and number of rounds. RC6 algorithm is very similar in structure to the RC5
algorithm. In fact, RC6 could be considered as two parallel RC5 encryption processes,
although RC6 uses an additional multiplication operation that is not used in RC5
algorithm to make the rotation of each bit in a word dependent, not just the least
significant bits.

Blowfish

Blowfish is a symmetric block cipher which uses a Fiestal network, 16 rounds of

iterative encryption and decryption functional design. The block size used is of 64-bits
and key size can vary from any length to 448.Blowfish cipher uses 18 sub arrays each
of 32-bit commonly known as P-boxes and four Substitution boxes each of 32-bit, each
having 256 entries. The algorithm design is shown in figure. It consists of two phases:
one is Key Expansion phase another is Data Encryption phase. In Key expansion phase,
key is converted into several sub-keys and in Data Encryption phase, encryption occurs
via 16-round networks. Each round consists of a key dependent permutation and a key
and data dependent substitution.
PROPOSED CLOUD COMPUTING SECURITY
ARCHITECTURE
In order to ensure file security on cloud, the above hybrid cryptosystem is deployed on
cloud. We assume cloud server as trusted but in order to prevent tampering/misuse of
data by intruder or data leakage or other security concerns, the data is stored at server
in the encrypted form.

We broadly classify the scheme deployed on cloud in three phases:

- Registration Phase

- Uploading Phase

- Downloading Phase

We used Open Nebula toolkit to set up cloud environment. In Open Nebula, we have
one front node and n cluster nodes. The VM’s are deployed from front node to the
corresponding cluster node. Open Nebula has been designed in such a way that it
allows integration with many different hypervisors and environments. There is a front-
end that executes all the process in OpenNebula while the cluster nodes provide the
resources that are needed by VM. There is at least one physical network joining all the
cluster nodes with the frontend.
1] Registration Phase:-

In the Registration Phase, the client registers himself in order to upload and view his
files to/from the cloud server. In the registration process, the client sends its request
to front node and in return, front node assigns the VM of the cluster node, which has
minimum load among other VM’s on the network to the client. At the end of
registration phase, the client is registered with IP address of corresponding VM.
Whenever he again issues his request, the request is transferred to its corresponding
VM. The encrypted files, encrypted blowfish keys, public SRNN keys are stored at his
registered VM.

2] Uploading Phase:-

In the Uploading Phase, steps are as follows:

Step: 1: The client will send request to front node to authenticate himself.

Step 2: On successful authentication, the front end which send the corresponding IP
address of the VM against which user was registered.

Step 3: The files are uploaded by the client to the registered server (VM).

Step 4: The encryption of uploaded files is done using the hybrid cryptosystem.

Step 5: The encrypted slices and Blowfish encrypted keys remain stored in VM’s data
store.
Step 6: The SRNN private keys are send to user and finally they are deleted form the
server so that only the authenticated user is able to view his uploaded file.

3]Downloading Phase:-

In the downloading phase, the steps are as follows:

Step 1: The client will send request to front node to authenticate himself.

Step 2: On successful authentication, the front end which send the corresponding IP
address of the VM against which user was registered

Step 3: The client will upload n SRNN private keys for the corresponding n slices.

Step 4: The SRNN private keys will decrypt the corresponding encrypted Blowfish keys
and the encrypted slices are decrypted by Blowfish keys.

Step 5: The decrypted files are merged to generate original file. Step 6: The decrypted
file is downloaded and viewed at client end.
Design and Implementation
The many advantages of using cloud storage include:

1. It eliminates the need for carrying physical storage devices.

2. Data in any format can be stored using cloud storage.

3. Cloud storage provides safe backup, as opposed to physical storage devices where
loss of device, data corruption by a computer virus, natural disasters, amongst other
causes, can lead to loss of data.

4. Cloud storage is more cost-effective as it eliminates the need to invest in hardware.

5. Cloud storage also helps developers collaborate and share their work in a more
efficient and speedy manner.

Another advantage of cloud storage could be additional security. The proposed system
aims to make the cloud storage system secure using data encryption. Thus, the aim of
the proposed system is to increase security of data uploaded onto the cloud by using
encryption algorithms to make the system more secure.

The system is designed such that it works in the following way:

1. The user signs in if already registered, or signs up to register themselves by

providing their details such as name, email id, phone number, password for account
etc.
2. The user then selects the file that is to be uploaded by browsing from local storage.

3. The user then selects the encryption algorithm that they want to use. The proposed
system provides the choice between using a combination of AES and RSA or AES and
Blowfish.

4. The selected file gets uploaded after getting encrypted using the selected
encryption algorithm combination.

5. The user also has the option of viewing the files that they have uploaded or have
access to and downloading them.

6. On selecting a file to download it, the user is sent the decryption key on their email
id that was entered on registration or sign-up.

7. Using this key, the user can download the decrypted or original file.

8. The system also provides a comparison with respect to security between the two
hybrid encryption algorithm combinations i.e. AES and RSA hybrid combination and
AES and Blowfish combination
BENEFITS OF PROPOSED MODEL
The proposed model is liable to meet the required security needs of data center of
cloud. Blowfish used for the encryption of file slices takes minimum time and has
maximum throughput for encryption and decryption from other symmetric algorithms.
Modified RSA(SRNN) has increased security than RSA. The idea of splitting and merging
adds on to meet the principle of data security. The hybrid approach when deployed in
cloud environment makes the remote server more secure and thus, helps the cloud
providers to fetch more trust of their users. For data security and privacy protection
issues, the fundamental challenge of separation of sensitive data and access control is
fulfilled. The various benefits are as summarized:

-The public key cryptography used helps to facilitate authorization of user for each file.

- The need of more light and secure encryption system for file information preserving
system on cloud is satisfied.

- The file splitting and merging makes the model unfeasible to get attacked
Proposed System
In the proposed system, a method for securely storing files in the cloud using a hybrid
cryptography algorithm is presented. In this system, the user can store the file safely in
online cloud storage as these files will be stored in encrypted form in the cloud and
only the authorized user has access to their files. As in the above figure, the files that
the user will upload on the cloud will be encrypted with a user-specific key and store
safely on the cloud.

1.User Registration-

For accessing the services the user must first register yourselves. During the
registration process various data like Name , username, password, email id, the phone
number will be requested to enter. Using this data the server will produce unique
user-specific keys that will be used for the encryption and decryption purpose. But this
key will not be stored in the database instead it will be stored using the steganography
algorithm in an image that will be used as the user’s profile picture.

2. Uploading a File on Cloud-

-When the user uploads a file on the cloud first it will be uploaded in a temporary
folder.

- Then user’s file will be split into N parts. -These all parts of file will be encrypted using
cryptographic algorithms. Every part will use a different encryption algorithm.
-These all parts of file will be encrypted using different algorithms that are AES, 3DES,
RC6. The key to these algorithms will be retrieved from the steganographic image
created during the registration.

-After the split encryption, the file reassembled and stored in the user`s specific folder.
The original file is removed from the temporary folder.

-Then Combining all Encrypted Parts of file.

3. Download a File from the Cloud-

-When the user requests a file to be downloaded first the file is split into N parts.

-Then these parts of file will be decrypted using the same algorithms with which they
were encrypted. The key to the algorithms for the decryption process will be retrieved
from the steganographic image created during the registration.

- Then these parts will be re-combined to form a fully decrypted file.

- Then file will be sent to the user for download

CONCLUSION
As cloud storage is one of the widely used services within almost every field, the
security of data stored on it is one of the most significant users' concerns. Encryption is
one of the critical security methods to maintain confidentiality, as it's exceptionally
performed before transferring data from the device to the cloud through networks.
Combining two encryption techniques, one of each type, creates a superior
cryptosystem enhancement for the cloud storage environment. The hybrid
cryptosystems provide a high level of security aside from maintaining confidentiality,
usability, and scalability. The cloud stores the data in its ciphertext form instead of its
original form. A random asymmetric key makes it difficult to recover the original
content of the ciphertext. As a result of the practical application of the 4 algorithms
discussed here, information is protected from side-channel attacks from being stolen
on the cloud. Consequently, the content of the data in the cloud is protected.