© April 2022 | IJIRT | Volume 8 Issue 11 | ISSN: 2349-6002

Secure File Storage Using Hybrid Cryptography

Shivani Adsule1, Sejal Agarwal2, Priya Gorade3, Yogesh Deokar4, K.G. Sawarkar5
1,2,3,4
Students Rajiv Gandhi Institute of Technology, Mumbai
5
Faculty, Rajiv Gandhi Institute of Technology, Mumbai

Abstract—Computing security is an emerging topic in authorized users with the appropriate key can access
academia right now. Many businesses are migrating data stored on the cloud storage server.
from traditional data storage to cloud storage, which Cryptography's major goal is to protect data from
allows them to access data from anywhere at any time.
hackers, online/software crackers, and other third-
However, the primary stumbling block for businesses
party users. The loss of confidentiality occurs as a
considering cloud computing is data security. This
study presented a cloud computing security strategy
result of unauthorized user access to information.
based on multilayer cryptography. The majority of Security has the characteristics to prohibit or stop this
consumers and businesses are shifting to the cloud since type of illegal access or any other malicious attacks
it is considerably cheaper and more convenient. on the data here. A private key and a public key are
Information security relies heavily on cryptography. the two types of keys. The private key is kept private,
Instead of using a single encryption algorithm, users whereas the public key is widely known. The public
employ hybrid encryption to secure cloud storage. In key is used for encryption, whereas the private key is
comparison to the present system, this approach raises
used to decrypt the encrypted communication, which
data security to the highest level possible and takes less
can only be decrypted by the private key that
time to upload and download text files.
corresponds to it.
Index Terms-Fernet, Hybrid cryptography, Security, [1]This introduced a new security technique that
Storage combines several symmetric key and steganography
cryptographic algorithms. To secure data, the
I. INTRODUCTION
suggested system employs the 3DES (Triple Data
Trends and movements are emerging as a result of Encryption Standard), RC6 (Rivest Cipher 6) and
technological developments that improve people's AES (Advanced Encryption Standard) algorithms.
quality of life. People's main concern in today's fast- are used to secure information from unauthorized
paced world, when everyone has a smartphone and access. 128-bit keys are being used in all of the
internet access, is the security of their personal algorithms. Because of the importance of the
information stored online. This security problem also information held on the cloud and the services given
extends to files that are kept on the cloud. The to users, security is seen as a critical feature in the
majority of corporations are transitioning from cloud computing environment. A hybrid encryption
traditional data storage to cloud storage, which algorithm has been developed based on a mixture of
provides an efficient way to access data anywhere, at the RSA and AES algorithms. In their system, the
any time. However, one of the major challenges in user requires and stores an RSA private key while
implementing cloud computing for businesses is data uploading data, and also an RSA public key. In the
security. This is something that cryptography can cloud, the system processes the file using the RSA
help with the technology of cryptography converts and AES algorithms before correctly storing it on the
original data into an unreadable format. server. The LSB algorithm is used for both encoding
Symmetric key cryptography and public key and decoding. The data from this approach can be
cryptography are the two types of cryptography. This placed in the title image's Least Significant Bit. Even
method uses keys to convert data into an unreadable then, the human eye is unable to detect the image's
format. As a result, only authorized individuals have hidden text.
access to data stored on the cloud server. Everyone [2]Malicious attacks are particularly prevalent when
can see the cipher text data. As a result, only one single key is used for both encryption and

IJIRT 154609 INTERNATIONAL JOURNAL OF INNOVATIVE RESEARCH IN TECHNOLOGY 739

 © April 2022 | IJIRT | Volume 8 Issue 11 | ISSN: 2349-6002

decryption. This difficulty is overcome in the hybrid [4]There are a variety of approaches that can be used
algorithm by using three separate keys for encryption to address these difficulties. For data security,
and decryption. . In order to enforce security cryptography and steganography are becoming more
features, a hybrid encryption mechanism based on the prevalent. We have presented a new security
AES and RSA algorithms is implemented, with AES mechanism based on the symmetric key encryption
employing a 128-bit secret key and RSA using a algorithm in this paper. Whatever part of the file is
1024-bit key. This study suggested a hybrid encrypted with which algorithm and key is mentioned
encryption algorithm that combines the RSA and in key information. The file is divided into eight
AES algorithms to provide data security to Cloud sections. Each section of the file is encrypted with a
users. The most significant benefit is that the keys are separate algorithm. Author A. Shahade presents a
produced based on system time, which means that no hybrid cryptography algorithm. The hybrid algorithm
intruder can guess them, providing us with greater employs the AES and RSA algorithms. The AES
security along with convenience. . The primary value algorithm only needs a single key. Three keys are
of employing the RSA and AES encryption employed in the hybrid algorithm. AES secret key
algorithms is that they supply three. After being and RSA public key are essential for data upload to
uploaded, the data is encrypted and can only be the cloud. Data integrity, security, confidentiality,
decoded with the user's private key and secret key. and availability are all advantages of the hybrid
The greatest benefit is that data in the cloud is highly algorithm. The RSA algorithm has a disadvantage in
safe. that it takes a long time to encode and decode data.
[3]There is a short synopsis of the Fernet key To achieve a high level of security, the key is rotated.
encryption in this document, as well as the A hash value is generated for the purpose of data
information that we can secure using the Fernet integrity. After encryption and before decryption,
System. Several cryptography technologies and hash values are calculated. If both hash values are the
procedures can be used to secure data. Without the same, the data is correct. The LSB method is used to
key, the Fernet network ensures that data encrypted secure key information. The SHA1 hash algorithm is
with it cannot be changed or read. Fernet is a data used to ensure data integrity. Achieve the desired
encryption technology that shields information. This outcomes is used to attain a low latency value.
guarantees that a message encryption using it cannot [5]Several businesses are migrating from traditional
be altered or read without the key. Fernet is a data storage to cloud storage, which allows them to
cryptographic implementation of symmetric access data from anywhere at any time. However, the
authentication. When passwords are kept in the primary stumbling block for businesses considering
database, we may use typical ways to safeguard cloud computing is data security. This research
them, such as firewalls and role definitions, to provided a cloud computing security strategy based
prevent unauthorized access to the database. By on multilayer cryptography. In this case, the Data
changing the password to an inaccessible (encrypted) Encryption Standard (DES) and RSA are used to
format, we may add an extra layer of protection. The enable multilevel encryption and decryption on both
password is maintained in plain text in the database the sender and recipient sides, thereby enhancing the
and is not encrypted. Because the person who got security of cloud storage. Despite the tremendous
into your database can access any account and do any benefits of cloud computing, there are still a few
tasks after logging in, these passwords are extremely barriers to its wider adoption. Since users' and
insecure. To safeguard the password, any asymmetric businesses' data is stored on a platform that can be
encryption can be used. As a result, the plaintext accessed by anybody, they have given over control of
password is saved in the database after being their data to a third party. As a result, it could be
encrypted in the registry. The Fernet system can accessed by someone who isn't permitted. proposed a
protect data by encrypting it with the Fernet key. model in which counter propagation neural (CPN)
Encryption from plaintext to ciphertext and networks are used to conduct both encryption and
decryption from ciphertext to plaintext are both decryption. It's a step forward from the standard
encompassed by cryptography. security system. It talks about how to improve
information security via using three levels of

IJIRT 154609 INTERNATIONAL JOURNAL OF INNOVATIVE RESEARCH IN TECHNOLOGY 740

 © April 2022 | IJIRT | Volume 8 Issue 11 | ISSN: 2349-6002

authentication. It makes no reference to the 2. To implement the hybrid cryptography as it relate

performance. The proposed solution also includes to securing file storage on cloud infrastructure
real-time system monitoring and the operation of the 3. Achieved double security
forensic virtual machine. . To improve the security of 4. Generated two different keys for encryption and
cloud storage, this study uses the DES and RSA description.
encryption and decryption cryptographic algorithms. 5. We can store n number of data on cloud using
In comparison to previous cryptography-based multiple login
methods, it also improves data security in cloud 6.Encrypt and decrypt confidential data like pdf,
environments. This model can be used in the future to photo, word file
improve the security of cloud services through 7. Upload and download data from cloud securely
artificial intelligence techniques.
[6]Finding enough storage capacity to preserve all of
the data that some computer owners have amassed is
a major challenge. As a result, consumers are more
likely to purchase enormous volumes of data or
larger hard drives, despite the fact that they still have
storage capacity difficulties. In order to mitigate
security vulnerabilities, this security paradigm
provides transparency to both cloud users and cloud
service providers. The suggested model uses the
cloudsim cloud simulator programme and is written
in Java. Cloud computing provides numerous
advantages, including increased flexibility, lower
capital costs, and increased accessibility.
Nonetheless, it is not widely recognized. Security is
the main reason for this. When consumers put their Fig 1. METHODOLOGY
data in the cloud, they grant a third party access to For extremely secure file storage, the project intends
their data and relinquish control. As a result, to double security. The encryption in this case is a
attackers may be able to tamper with their data. In hybrid of two symmetric algorithms, fernet. The
comparison to the present system, this approach focus of this research is on cloud file security. The
raises data security to the highest level possible and Fernet approach was applied twice for double
takes less time to upload and download text files. We security. Once for generating a public key and
present a multilevel encryption and decryption encrypting a file that has been uploaded. Encrypting
cryptography algorithm in this work, which encrypts the public key and providing the private key for the
data at the client side after uploading it to the cloud second time. The encryption of a combination of 20
server and decrypts it at the receiver side, adding an random keys and the public key is required to encrypt
extra layer of data security. In the future, this model the public key. A private key is created using the
could be used to improve the security of cloud above encryption. .To access the uploaded file, one
services utilizing artificial intelligence techniques. must have the private key and not just the public key.
To download the file one must have the name and
II.METHODOLOGY private key of that respective file. Using them the
actual file can be downloaded. The information is
The main aim of the project is to secure confidential kept in a database to which only the admin has access
data (for example- Photo, pdf, word file) by Database contains the data of login and uploaded
encrypting, converting the data into binary form and files. Login data has the information of all the details
storing it on the cloud. of admin and users whereas data collection has the
1.To achieve secure file storage on cloud using information of uploaded files like id, user type,
hybrid cryptography public keys, edata, file name and time. Login details
include user name, password and type.

IJIRT 154609 INTERNATIONAL JOURNAL OF INNOVATIVE RESEARCH IN TECHNOLOGY 741

 © April 2022 | IJIRT | Volume 8 Issue 11 | ISSN: 2349-6002

User name, password, and type are all required while JavaScript, CSS is a key component of the World
logging into the system. Wide Web. CSS isn't considered programming
languages because they simply control the structure
III.TECHNOLOGIES USED and appearance of the webpage you’re creating. Like
the other front-end languages, they don’t have any
A.PYTHON 3.7.4 instructions.
Python is a dynamic object-oriented programming
language that may be used to create a wide range of F.HTML
software. It has strong integration support for various HTML, or Hyper Text Markup Language, is the
languages and technologies, as well as huge standard standard markup language for texts that are intended
libraries and can be learnt in a matter of days. Many to be viewed on a web browser. Technologies such as
Python programmers claim that the language has Cascading Style Sheets and scripting languages like
increased their productivity and that it pushes them to JavaScript can help.HTML (Hyper Text Markup
write better, more maintainable code. Language) is the most fundamental component of the
Internet. It establishes the structure and meaning of
B.Visual Studio Code web content. Other technologies are commonly used
Microsoft’s Visual Studio Code is a source-code to describe a web page’s appearance/presentation
editor for Windows, Linux, and macOS. Debugging, (CSS) or functionality (JS) in addition to HTML
syntax highlighting, intelligent code completion,
snippets, code refactoring, and embedded Git are G.FERNET:
among the features We’re starting to see a lot of software developers
interested in cryptography, especially when it comes
C.Robo3t to testing programmes for vulnerabilities. So, when
Robo 3T is a cross-platform graphical user interface faced with RSA, AES, BCrypt, 3DES, DES, MD5,
solution for managing MongoDB workloads that is HMAC, private keys, and public keys, deciding
lightweight, open-source, and shell focused. Robo 3T which is the best route to go is quite tough.
allows user to construct databases, collections, users, Fortunately, we stumbled upon fernet, a module that
and documents, as well as run one-time queries with follows best practices. Fernet is a symmetric Q
auto-completion and display the results using a encrypted module that requires a key to process or
graphical user interface. It also keeps the track of read the data The keys are encoded using URL safe
data being edited encoding. Fernet’s authentication uses 128-bit AES
and SHA256. Fernet provides a standardized token
D.MONGODB library that is relatively easy to integrate into a
MongoDB is a cross-platform document-oriented variety of applications. The auto keying feature also
database application that is open source. MongoDB is reduces the use of brute force attacks. AES offers
a NoSQL database application that works with top-notch encryption, and SHA-256 eliminates many
JSON-like documents and optional schemas. of the issues that MD5 and SHA-1 cause (as the
MongoDB is a database that was created by length of the hash values is too small). We get an
MongoDB Inc. and is distributed under the Server output from CBC (Cipher Block Chaining) that is
Side Public License. It has a 500mb free to use based on a random value (the IV value). We can also
storage and for more storage one has to buy a give authenticated access from both sides using
premium subscription. It is popular amongst HMAC.HMAC aids in the hashing of the generated
developers of all kinds for developing scalable key, resulting in a more secure key. Because fernet is
applications with evolving data schemas. a symmetric encryption technique, it creates only one
key: the encryption key. The data decryption key is
E. CSS decrypted twice to recover the data. As a result,
Cascading Style Sheets (CSS) is a language for hybrid cryptography is available.
describing the appearance of a document written in a
markup language like HTML. Along with HTML and VI.RESULT AND DISCUSSION

IJIRT 154609 INTERNATIONAL JOURNAL OF INNOVATIVE RESEARCH IN TECHNOLOGY 742

 © April 2022 | IJIRT | Volume 8 Issue 11 | ISSN: 2349-6002

of data in comparison to other algorithms such as the

RSA algorithm.
VII. CONCLUSION

A hybrid technique of cryptography algorithms is

used in the model. The upload of files are always
done using one key and access to the file is done
using a second key. In comparison to the present
system, this approach raises data security to the
highest level possible and takes less time to upload
and download text files. The key is also safe as it is
not easily predicted and decodable.
The fundamental obstacles of handling sensitive data
have been met. If this system has a flaw, it is that it
Fig 2: Encryption time comparision requires an active internet connection to connect to
the server, despite the fact that it offers several
benefits. The image file is completely secure, and it
has been encrypted twice with Fernet.
This project can be expanded on the
industrial/corporate level by adding paid subscription
to users. So that the users can get premium service on
the space or storage basis. In the future, this model
could be used to improve the security of cloud
services utilizing artificial intelligence techniques.
ACKNOWLEDGMENT

We would like to express our gratitude to Dr. Sanjay

U. Bokade, our Principle, and Dr. Sanjay D.
Fig 3: Decryption time comparision
Deshmukh, our Head of Department, for providing
This paper presents a highly efficient model for
us with all of the lab support and resources we
encrypting huge files in a short amount of time. Here
needed for this research study. We'd also like to
we can see in fig 2 and fig 3, we have compared our
express our gratitude to our parents for their
proposed system with etal ref[6] Kartik Prajapati’s
constant support and encouragement as the project
research paper. Encryption time of Hybrid
progressed.
Cryptography using fernet significantly takes less
time than other systems. While it takes lesser time to REFERENCES
encrypt the file and decrypt the file it does not alter
the security level of the proposed system. Since the [1] A. K. Shahade, V.S. Mahalle, “Enhancing the
proposed system is hybrid the security of the file is Data Security in Cloud by Implementing Hybrid
certain. (Rsa & Aes) Encryption Algorithm”, IEEE,
The cryptosystem uses combined keys (symmetric INPAC, pg 146-149, Oct 2014.
and asymmetric) cryptography that runs continuously [2] Klaus Hofmann and S. Hesham, “High
in a hybrid algorithm. We can see that the proposed Throughput Architecture for the Advanced
cryptosystem takes less time to encode files in Encryption Standard Algorithm” IEEE,
comparison to others.. International Symposium on Design and
The methodology used in this is fernet, and it Diagnostics of Electronic Circuits & Systems,
generates keys of size (128 -256bits) which are pages 167- 170, April 2014.
smaller in size than other RSA algorithm, which is [3] A. Chauhan and J. Gupta, "A novel technique of
(1024-4096 bit). Fernet can be used for larger amount cloud security based on hybrid encryption by

IJIRT 154609 INTERNATIONAL JOURNAL OF INNOVATIVE RESEARCH IN TECHNOLOGY 743

 © April 2022 | IJIRT | Volume 8 Issue 11 | ISSN: 2349-6002

Blowfish and MD5," 2017 4th International Proceedings “A Review Paper on Cyber
Conference on Signal Processing, Computing Security” Saloni Khurana.
and Control (ISPCC), Solan, 2017, pp. 349-355. [13] 2016 Fifth International Conference on Future
doi: 10.1109/ISPCC.2017.8269702. Generation Communication Technologies
[4] Anshika Negi, Mayank Singh, Sanjeev Kumar, (FGCT), IEEE, “Data Security in Cloud
“An Efficient Security Framework Design for Computing” Ahmed Albugmi, Madini O.
Cloud Computing using Artificial Neural Alassafi ,Robert Walters, Gary Wills.
Networks” in International Journal of Computer [14] Xiaowei Yan, Xiaosong Zhang, Ting Chen,
Applications (0975 – 8887) Volume 129 – No.4, Hongtian Zhao “The Research and Design of
(2015). Cloud Computing Security Framework”
[5] herief H. Murad and Kamel Hussein Rahouma, [15] Elisa Bertino “Data Security and Privacy:
“Hybrid Cryptography for Cloud Security: Concepts, Approaches, and Research Directions”
Methodologies and Designs” 2016 IEEE 40th Annual Computer Software and
[6] International Journal of Computer Applications Applications Conference (COMPSAC).
(0975 – 8887) Volume 175 – No.18, September
2020 “Security of Fog Storage by using Hybrid
Cryptography”
[7] Kun Liu, Long-jiang Dong “Research on Cloud
Data Storage Technology and Its Architecture
Implementation” 2012 International Workshop
on Information and Electronics Engineering
(IWIEE).
[8] M.Lakshmi Neelima et al, International Journal
of Computer Science and Mobile Computing,
Vol.3 Issue.5, May- 2014, pg. 966-971 “A
STUDY ON CLOUD STORAGE”. International
Journal of Computer Science and Mobile
Computing.
[9] Isaac Odun-Ayo, Olasupo Ajayi, Boladele
Akanle, Ravin Ahuja “ An Overview of Data
Storage in Cloud Computing”. 2017
International Conference on Next Generation
Computing and Information Systems
(ICNGCIS).
[10] Shalini Bhaskar Bajaj, Aman Jatain, Sarika
Chaudhary, Pooja Nagpal “Cloud Storage
Architecture: Issues, Challenges and
Opportunities”. International Journal of
Innovative Research in Computer Science &
Technology (IJIRCST) ISSN: 2347-5552,
Volume-9, Issue-3, May 2021 https://doi.org
/10.21276/ijircst.2021.9.3.12 Article ID
IRP1164, Pages 70-73 www.ijircst.org.
[11] Nikhita Reddy Gade, Ugander G J Reddy “A
Study of Cyber Security Challenges And Its
Emerging Trends On Latest Technologies”.
[12] International Journal of Engineering Research &
Technology (IJERT) ISSN: 2278-0181 Published
by, www.ijert.org VIMPACT - 2017 Conference

IJIRT 154609 INTERNATIONAL JOURNAL OF INNOVATIVE RESEARCH IN TECHNOLOGY 744